diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 50a4901c5..a07e8abd1 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,7 +4,9 @@ Please write a few sentences describing the overall goals of the pull request's -## Gatekeeper checklist +## PR checklist + +Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature") - [ ] **changelog** provided, or not required - [ ] **backport** done, or not required @@ -16,4 +18,3 @@ Please write a few sentences describing the overall goals of the pull request's Please refer to the [contributing guidelines](https://github.com/Mbed-TLS/mbedtls/blob/development/CONTRIBUTING.md), especially the checklist for PR contributors. - diff --git a/.gitignore b/.gitignore index 8824ecea0..185bd7a1d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,7 @@ # Random seed file created by test scripts and sample programs seedfile +# MBEDTLS_PSA_INJECT_ENTROPY seed file created by the test framework +00000000ffffff52.psa_its # CMake build artifacts: CMakeCache.txt @@ -28,6 +30,9 @@ massif-* .project /.settings +# Unix-like build artifacts: +*.o + # MSVC build artifacts: *.exe *.pdb @@ -57,3 +62,6 @@ massif-* /TAGS /cscope*.out /tags + +# Clangd compilation database +compile_commands.json diff --git a/.readthedocs.yaml b/.readthedocs.yaml new file mode 100644 index 000000000..72f126fa2 --- /dev/null +++ b/.readthedocs.yaml @@ -0,0 +1,32 @@ +# .readthedocs.yaml +# Read the Docs configuration file +# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details + +# Required +version: 2 + +# Set the version of Python and other tools you might need +build: + os: ubuntu-20.04 + tools: + python: "3.9" + jobs: + pre_build: + - ./scripts/apidoc_full.sh + - breathe-apidoc -o docs/api apidoc/xml + post_build: + - | + # Work around Readthedocs bug: Command parsing fails if the 'if' statement is on the first line + if [ "$READTHEDOCS_VERSION" = "development" ]; then + "$READTHEDOCS_VIRTUALENV_PATH/bin/rtd" projects "Mbed TLS API" redirects sync --wet-run -f docs/redirects.yaml + fi + +# Build documentation in the docs/ directory with Sphinx +sphinx: + builder: dirhtml + configuration: docs/conf.py + +# Optionally declare the Python requirements required to build your docs +python: + install: + - requirements: docs/requirements.txt diff --git a/.travis.yml b/.travis.yml index eaf817a7b..3b4132e05 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,100 +1,24 @@ # Declare python as our language. This way we get our chosen Python version, # and pip is available. Gcc and clang are available anyway. +dist: jammy +os: linux language: python -python: 3.5 -sudo: false +python: 3.10 + cache: ccache -jobs: - include: - - name: basic checks and reference configurations - addons: - apt: - packages: - - gnutls-bin - - doxygen - - graphviz - - gcc-arm-none-eabi - - libnewlib-arm-none-eabi - - gcc-arm-linux-gnueabi - - libc6-dev-armel-cross - script: - - tests/scripts/all.sh -k 'check_*' - - tests/scripts/all.sh -k test_default_out_of_box - - tests/scripts/all.sh -k test_ref_configs - - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus - - - name: full configuration - os: linux - dist: focal - addons: - apt: - packages: - - clang-10 - - gnutls-bin - script: - # Do a manual build+test sequence rather than using all.sh, - # because there's no all.sh component that does what we want, - # which is a build with Clang >= 10 and ASan, running all the SSL - # testing. - # - The clang executable in the default PATH is Clang 7 on - # Travis's focal instances, but we want Clang >= 10. - # - Running all the SSL testing requires a specific set of - # OpenSSL and GnuTLS versions and we don't want to bother - # with those on Travis. - # So we explicitly select clang-10 as the compiler, and we - # have ad hoc restrictions on SSL testing based on what is - # passing at the time of writing. We will remove these limitations - # gradually. - - make generated_files - - make CC=clang-10 CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all -O2' LDFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all' - - make test - - programs/test/selftest - - tests/scripts/test_psa_constant_names.py - - tests/ssl-opt.sh - # Modern OpenSSL does not support fixed ECDH or null ciphers. - - tests/compat.sh -p OpenSSL -e 'NULL\|ECDH-' - - tests/scripts/travis-log-failure.sh - # GnuTLS supports CAMELLIA but compat.sh doesn't properly enable it. - - tests/compat.sh -p GnuTLS -e 'CAMELLIA' - - tests/scripts/travis-log-failure.sh - - tests/context-info.sh - - - name: Windows - os: windows - # The language 'python' is currently unsupported on the - # Windows Build Environment. And 'generic' causes the job to get stuck - # on "Booting virtual machine". - language: c - before_install: - - choco install python --version=3.5.4 - env: - # Add the directory where the Choco packages go - - PATH=/c/Python35:/c/Python35/Scripts:$PATH - - PYTHON=python.exe - script: - - type perl; perl --version - - type python; python --version - - scripts/make_generated_files.bat - # Logs appear out of sequence on Windows. Give time to catch up. - - sleep 5 - - scripts/windows_msbuild.bat v141 # Visual Studio 2017 - -after_failure: -- tests/scripts/travis-log-failure.sh - -env: - global: - - SEED=1 - - secure: "JECCru6HASpKZ0OLfHh8f/KXhKkdrCwjquZghd/qbA4ksxsWImjR7KEPERcaPndXEilzhDbKwuFvJiQX2duVgTGoq745YGhLZIjzo1i8tySkceCVd48P8WceYGz+F/bmY7r+m6fFNuxDSoGGSVeA4Lnjvmm8PFUP45YodDV9no4=" +branches: + only: + coverity_scan install: - $PYTHON scripts/min_requirements.py +env: + global: + - SEED=1 + - secure: "GF/Fde5fkm15T/RNykrjrPV5Uh1KJ70cP308igL6Xkk3eJmqkkmWCe9JqRH12J3TeWw2fu9PYPHt6iFSg6jasgqysfUyg+W03knRT5QNn3h5eHgt36cQJiJr6t3whPrRaiM6U9omE0evm+c0cAwlkA3GGSMw8Z+na4EnKI6OFCo=" addons: - apt: - packages: - - gnutls-bin coverity_scan: project: name: "ARMmbed/mbedtls" diff --git a/.uncrustify.cfg b/.uncrustify.cfg index 7ce090533..92b8ce9cd 100644 --- a/.uncrustify.cfg +++ b/.uncrustify.cfg @@ -19,8 +19,6 @@ # limitations under the License. -# Line length options - # Wrap lines at 100 characters code_width = 100 diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt index e81ff513a..fa149bdec 100644 --- a/3rdparty/CMakeLists.txt +++ b/3rdparty/CMakeLists.txt @@ -1,5 +1,2 @@ -execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/mbedtls_config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result) - -if(${result} EQUAL 0) - add_subdirectory(everest) -endif() +add_subdirectory(everest) +add_subdirectory(p256-m) diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc index 0ed85af51..80dc12692 100644 --- a/3rdparty/Makefile.inc +++ b/3rdparty/Makefile.inc @@ -1,2 +1,3 @@ -THIRDPARTY_DIR = $(dir $(lastword $(MAKEFILE_LIST))) +THIRDPARTY_DIR = $(dir $(word 2, $(MAKEFILE_LIST))) include $(THIRDPARTY_DIR)/everest/Makefile.inc +include $(THIRDPARTY_DIR)/p256-m/Makefile.inc diff --git a/3rdparty/everest/.gitignore b/3rdparty/everest/.gitignore index 6eb25f66a..f3c7a7c5d 100644 --- a/3rdparty/everest/.gitignore +++ b/3rdparty/everest/.gitignore @@ -1,2 +1 @@ -*.o Makefile diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index 4ad367e17..e0e5adecd 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -1,9 +1,11 @@ -add_library(everest +set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") + +add_library(${everest_target} library/everest.c library/x25519.c library/Hacl_Curve25519_joined.c) -target_include_directories(everest +target_include_directories(${everest_target} PUBLIC $ $ $ @@ -11,6 +13,19 @@ target_include_directories(everest include/everest/kremlib ${MBEDTLS_DIR}/library/) +# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE +# This must be duplicated from library/CMakeLists.txt because +# everest is not directly linked against any mbedtls targets +# so does not inherit the compile definitions. +if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(${everest_target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") +endif() +if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${everest_target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") +endif() + if(INSTALL_MBEDTLS_HEADERS) install(DIRECTORY include/everest @@ -21,7 +36,7 @@ if(INSTALL_MBEDTLS_HEADERS) endif(INSTALL_MBEDTLS_HEADERS) -install(TARGETS everest +install(TARGETS ${everest_target} EXPORT MbedTLSTargets DESTINATION ${CMAKE_INSTALL_LIBDIR} PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h b/3rdparty/everest/include/everest/vs2013/Hacl_Curve25519.h similarity index 100% rename from 3rdparty/everest/include/everest/vs2010/Hacl_Curve25519.h rename to 3rdparty/everest/include/everest/vs2013/Hacl_Curve25519.h diff --git a/3rdparty/everest/include/everest/vs2010/inttypes.h b/3rdparty/everest/include/everest/vs2013/inttypes.h similarity index 94% rename from 3rdparty/everest/include/everest/vs2010/inttypes.h rename to 3rdparty/everest/include/everest/vs2013/inttypes.h index d53f87f21..77003be0b 100644 --- a/3rdparty/everest/include/everest/vs2010/inttypes.h +++ b/3rdparty/everest/include/everest/vs2013/inttypes.h @@ -17,7 +17,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _INTTYPES_H_VS2010 diff --git a/3rdparty/everest/include/everest/vs2010/stdbool.h b/3rdparty/everest/include/everest/vs2013/stdbool.h similarity index 94% rename from 3rdparty/everest/include/everest/vs2010/stdbool.h rename to 3rdparty/everest/include/everest/vs2013/stdbool.h index 5b7039c4f..dcae6d80a 100644 --- a/3rdparty/everest/include/everest/vs2010/stdbool.h +++ b/3rdparty/everest/include/everest/vs2013/stdbool.h @@ -17,7 +17,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _STDBOOL_H_VS2010 diff --git a/3rdparty/everest/include/everest/x25519.h b/3rdparty/everest/include/everest/x25519.h index 7a973dcf0..ef314d2f3 100644 --- a/3rdparty/everest/include/everest/x25519.h +++ b/3rdparty/everest/include/everest/x25519.h @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef MBEDTLS_X25519_H diff --git a/3rdparty/everest/library/Hacl_Curve25519_joined.c b/3rdparty/everest/library/Hacl_Curve25519_joined.c index 957294f64..a778160ff 100644 --- a/3rdparty/everest/library/Hacl_Curve25519_joined.c +++ b/3rdparty/everest/library/Hacl_Curve25519_joined.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #ifndef _BSD_SOURCE /* Required to get htole64() from gcc/glibc's endian.h (older systems) diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c index 9faa9ab7d..83064dc61 100644 --- a/3rdparty/everest/library/x25519.c +++ b/3rdparty/everest/library/x25519.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/3rdparty/p256-m/CMakeLists.txt b/3rdparty/p256-m/CMakeLists.txt new file mode 100644 index 000000000..2ef0d48b7 --- /dev/null +++ b/3rdparty/p256-m/CMakeLists.txt @@ -0,0 +1,40 @@ +set(p256m_target ${MBEDTLS_TARGET_PREFIX}p256m) + +add_library(${p256m_target} + p256-m_driver_entrypoints.c + p256-m/p256-m.c) + +target_include_directories(${p256m_target} + PUBLIC $ + $ + $ + $ + PRIVATE ${MBEDTLS_DIR}/library/) + +# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE +# This must be duplicated from library/CMakeLists.txt because +# p256m is not directly linked against any mbedtls targets +# so does not inherit the compile definitions. +if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(${p256m_target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") +endif() +if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${p256m_target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") +endif() + +if(INSTALL_MBEDTLS_HEADERS) + + install(DIRECTORY :${CMAKE_CURRENT_SOURCE_DIR} + DESTINATION include + FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ + DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE + FILES_MATCHING PATTERN "*.h") + +endif(INSTALL_MBEDTLS_HEADERS) + +install(TARGETS ${p256m_target} +EXPORT MbedTLSTargets +DESTINATION ${CMAKE_INSTALL_LIBDIR} +PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/3rdparty/p256-m/Makefile.inc b/3rdparty/p256-m/Makefile.inc new file mode 100644 index 000000000..fc8f73bf8 --- /dev/null +++ b/3rdparty/p256-m/Makefile.inc @@ -0,0 +1,5 @@ +THIRDPARTY_INCLUDES+=-I../3rdparty/p256-m/p256-m/include -I../3rdparty/p256-m/p256-m/include/p256-m -I../3rdparty/p256-m/p256-m_driver_interface + +THIRDPARTY_CRYPTO_OBJECTS+= \ + ../3rdparty/p256-m//p256-m_driver_entrypoints.o \ + ../3rdparty/p256-m//p256-m/p256-m.o diff --git a/3rdparty/p256-m/README.md b/3rdparty/p256-m/README.md new file mode 100644 index 000000000..89648d413 --- /dev/null +++ b/3rdparty/p256-m/README.md @@ -0,0 +1,4 @@ +The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m), which is distributed under the Apache 2.0 license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. + +The files `p256-m.c` and `.h`, along with the license, have been taken from the `p256-m` repository. +It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG function. As a result, the PSA RNG is used, with `p256_generate_random()` wrapping `psa_generate_random()`. diff --git a/3rdparty/p256-m/p256-m/LICENSE b/3rdparty/p256-m/p256-m/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/3rdparty/p256-m/p256-m/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/3rdparty/p256-m/p256-m/README.md b/3rdparty/p256-m/p256-m/README.md new file mode 100644 index 000000000..5e88f719d --- /dev/null +++ b/3rdparty/p256-m/p256-m/README.md @@ -0,0 +1,544 @@ +*This is the original README for the p256-m repository. Please note that as +only a subset of p256-m's files are present in Mbed TLS, this README may refer +to files that are not present/relevant here.* + +p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, +especially suited to constrained 32-bit environments. It's written in standard +C, with optional bits of assembly for Arm Cortex-M and Cortex-A CPUs. + +Its design is guided by the following goals in this order: + +1. correctness & security; +2. low code size & RAM usage; +3. runtime performance. + +Most cryptographic implementations care more about speed than footprint, and +some might even risk weakening security for more speed. p256-m was written +because I wanted to see what happened when reversing the usual emphasis. + +The result is a full implementation of ECDH and ECDSA in **less than 3KiB of +code**, using **less than 768 bytes of RAM**, with comparable performance +to existing implementations (see below) - in less than 700 LOC. + +_Contents of this Readme:_ + +- [Correctness](#correctness) +- [Security](#security) +- [Code size](#code-size) +- [RAM usage](#ram-usage) +- [Runtime performance](#runtime-performance) +- [Comparison with other implementations](#comparison-with-other-implementations) +- [Design overview](#design-overview) +- [Notes about other curves](#notes-about-other-curves) +- [Notes about other platforms](#notes-about-other-platforms) + +## Correctness + +**API design:** + +- The API is minimal: only 4 public functions. +- Each public function fully validates its inputs and returns specific errors. +- The API uses arrays of octets for all input and output. + +**Testing:** + +- p256-m is validated against multiple test vectors from various RFCs and + NIST. +- In addition, crafted inputs are used for negative testing and to reach + corner cases. +- Two test suites are provided: one for closed-box testing (using only the + public API), one for open-box testing (for unit-testing internal functions, +and reaching more error cases by exploiting knowledge of how the RNG is used). +- The resulting branch coverage is maximal: closed-box testing reaches all + branches except four; three of them are reached by open-box testing using a +rigged RNG; the last branch could only be reached by computing a discrete log +on P-256... See `coverage.sh`. +- Testing also uses dynamic analysis: valgrind, ASan, MemSan, UBSan. + +**Code quality:** + +- The code is standard C99; it builds without warnings with `clang + -Weverything` and `gcc -Wall -Wextra -pedantic`. +- The code is small and well documented, including internal APIs: with the + header file, it's less than 700 lines of code, and more lines of comments +than of code. +- However it _has not been reviewed_ independently so far, as this is a + personal project. + +**Short Weierstrass pitfalls:** + +Its has been [pointed out](https://safecurves.cr.yp.to/) that the NIST curves, +and indeed all Short Weierstrass curves, have a number of pitfalls including +risk for the implementation to: + +- "produce incorrect results for some rare curve points" - this is avoided by + carefully checking the validity domain of formulas used throughout the code; +- "leak secret data when the input isn't a curve point" - this is avoided by + validating that points lie on the curve every time a point is deserialized. + +## Security + +In addition to the above correctness claims, p256-m has the following +properties: + +- it has no branch depending (even indirectly) on secret data; +- it has no memory access depending (even indirectly) on secret data. + +These properties are checked using valgrind and MemSan with the ideas +behind [ctgrind](https://github.com/agl/ctgrind), see `consttime.sh`. + +In addition to avoiding branches and memory accesses depending on secret data, +p256-m also avoid instructions (or library functions) whose execution time +depends on the value of operands on cores of interest. Namely, it never uses +integer division, and for multiplication by default it only uses 16x16->32 bit +unsigned multiplication. On cores which have a constant-time 32x32->64 bit +unsigned multiplication instruction, the symbol `MUL64_IS_CONSTANT_TIME` can +be defined by the user at compile-time to take advantage of it in order to +improve performance and code size. (On Cortex-M and Cortex-A cores wtih GCC or +Clang this is not necessary, since inline assembly is used instead.) + +As a result, p256-m should be secure against the following classes of attackers: + +1. attackers who can only manipulate the input and observe the output; +2. attackers who can also measure the total computation time of the operation; +3. attackers who can also observe and manipulate micro-architectural features + such as the cache or branch predictor with arbitrary precision. + +However, p256-m makes no attempt to protect against: + +4. passive physical attackers who can record traces of physical emissions + (power, EM, sound) of the CPU while it manipulates secrets; +5. active physical attackers who can also inject faults in the computation. + +(Note: p256-m should actually be secure against SPA, by virtue of being fully +constant-flow, but is not expected to resist any other physical attack.) + +**Warning:** p256-m requires an externally-provided RNG function. If that +function is not cryptographically secure, then neither is p256-m's key +generation or ECDSA signature generation. + +_Note:_ p256-m also follows best practices such as securely erasing secret +data on the stack before returning. + +## Code size + +Compiled with +[ARM-GCC 9](https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-rm/downloads), +with `-mthumb -Os`, here are samples of code sizes reached on selected cores: + +- Cortex-M0: 2988 bytes +- Cortex-M4: 2900 bytes +- Cortex-A7: 2924 bytes + +Clang was also tried but tends to generate larger code (by about 10%). For +details, see `sizes.sh`. + +**What's included:** + +- Full input validation and (de)serialisation of input/outputs to/from bytes. +- Cleaning up secret values from the stack before returning from a function. +- The code has no dependency on libc functions or the toolchain's runtime + library (such as helpers for long multiply); this can be checked for the +Arm-GCC toolchain with the `deps.sh` script. + +**What's excluded:** + +- A secure RNG function needs to be provided externally, see + `p256_generate_random()` in `p256-m.h`. + +## RAM usage + +p256-m doesn't use any dynamic memory (on the heap), only the stack. Here's +how much stack is used by each of its 4 public functions on selected cores: + +| Function | Cortex-M0 | Cortex-M4 | Cortex-A7 | +| ------------------------- | --------: | --------: | --------: | +| `p256_gen_keypair` | 608 | 564 | 564 | +| `p256_ecdh_shared_secret` | 640 | 596 | 596 | +| `p256_ecdsa_sign` | 664 | 604 | 604 | +| `p256_ecdsa_verify` | 752 | 700 | 700 | + +For details, see `stack.sh`, `wcs.py` and `libc.msu` (the above figures assume +that the externally-provided RNG function uses at most 384 bytes of stack). + +## Runtime performance + +Here are the timings of each public function in milliseconds measured on +platforms based on a selection of cores: + +- Cortex-M0 at 48 MHz: STM32F091 board running Mbed OS 6 +- Cortex-M4 at 100 MHz: STM32F411 board running Mbed OS 6 +- Cortex-A7 at 900 MHz: Raspberry Pi 2B running Raspbian Buster + +| Function | Cortex-M0 | Cortex-M4 | Cortex-A7 | +| ------------------------- | --------: | --------: | --------: | +| `p256_gen_keypair` | 921 | 145 | 11 | +| `p256_ecdh_shared_secret` | 922 | 144 | 11 | +| `p256_ecdsa_sign` | 990 | 155 | 12 | +| `p256_ecdsa_verify` | 1976 | 309 | 24 | +| Sum of the above | 4809 | 753 | 59 | + +The sum of these operations corresponds to a TLS handshake using ECDHE-ECDSA +with mutual authentication based on raw public keys or directly-trusted +certificates (otherwise, add one 'verify' for each link in the peer's +certificate chain). + +_Note_: the above figures where obtained by compiling with GCC, which is able +to use inline assembly. Without that inline assembly (22 lines for Cortex-M0, +1 line for Cortex-M4), the code would be roughly 2 times slower on those +platforms. (The effect is much less important on the Cortex-A7 core.) + +For details, see `bench.sh`, `benchmark.c` and `on-target-benchmark/`. + +## Comparison with other implementations + +The most relevant/convenient implementation for comparisons is +[TinyCrypt](https://github.com/intel/tinycrypt), as it's also a standalone +implementation of ECDH and ECDSA on P-256 only, that also targets constrained +devices. Other implementations tend to implement many curves and build on a +shared bignum/MPI module (possibly also supporting RSA), which makes fair +comparisons less convenient. + +The scripts used for TinyCrypt measurements are available in [this +branch](https://github.com/mpg/tinycrypt/tree/measurements), based on version +0.2.8. + +**Code size** + +| Core | p256-m | TinyCrypt | +| --------- | -----: | --------: | +| Cortex-M0 | 2988 | 6134 | +| Cortex-M4 | 2900 | 5934 | +| Cortex-A7 | 2924 | 5934 | + +**RAM usage** + +TinyCrypto also uses no heap, only the stack. Here's the RAM used by each +operation on a Cortex-M0 core: + +| operation | p256-m | TinyCrypt | +| ------------------ | -----: | --------: | +| key generation | 608 | 824 | +| ECDH shared secret | 640 | 728 | +| ECDSA sign | 664 | 880 | +| ECDSA verify | 752 | 824 | + +On a Cortex-M4 or Cortex-A7 core (identical numbers): + +| operation | p256-m | TinyCrypt | +| ------------------ | -----: | --------: | +| key generation | 564 | 796 | +| ECDH shared secret | 596 | 700 | +| ECDSA sign | 604 | 844 | +| ECDSA verify | 700 | 808 | + +**Runtime performance** + +Here are the timings of each operation in milliseconds measured on +platforms based on a selection of cores: + +_Cortex-M0_ at 48 MHz: STM32F091 board running Mbed OS 6 + +| Operation | p256-m | TinyCrypt | +| ------------------ | -----: | --------: | +| Key generation | 921 | 979 | +| ECDH shared secret | 922 | 975 | +| ECDSA sign | 990 | 1009 | +| ECDSA verify | 1976 | 1130 | +| Sum of those 4 | 4809 | 4093 | + +_Cortex-M4_ at 100 MHz: STM32F411 board running Mbed OS 6 + +| Operation | p256-m | TinyCrypt | +| ------------------ | -----: | --------: | +| Key generation | 145 | 178 | +| ECDH shared secret | 144 | 177 | +| ECDSA sign | 155 | 188 | +| ECDSA verify | 309 | 210 | +| Sum of those 4 | 753 | 753 | + +_Cortex-A7_ at 900 MHz: Raspberry Pi 2B running Raspbian Buster + +| Operation | p256-m | TinyCrypt | +| ------------------ | -----: | --------: | +| Key generation | 11 | 13 | +| ECDH shared secret | 11 | 13 | +| ECDSA sign | 12 | 14 | +| ECDSA verify | 24 | 15 | +| Sum of those 4 | 59 | 55 | + +_64-bit Intel_ (i7-6500U at 2.50GHz) laptop running Ubuntu 20.04 + +Note: results in microseconds (previous benchmarks in milliseconds) + +| Operation | p256-m | TinyCrypt | +| ------------------ | -----: | --------: | +| Key generation | 1060 | 1627 | +| ECDH shared secret | 1060 | 1611 | +| ECDSA sign | 1136 | 1712 | +| ECDSA verify | 2279 | 1888 | +| Sum of those 4 | 5535 | 6838 | + +**Other differences** + +- While p256-m fully validates all inputs, Tinycrypt's ECDH shared secret + function doesn't include validation of the peer's public key, which should be +done separately by the user for static ECDH (there are attacks [when users +forget](https://link.springer.com/chapter/10.1007/978-3-319-24174-6_21)). +- The two implementations have slightly different security characteristics: + p256-m is fully constant-time from the ground up so should be more robust +than TinyCrypt against powerful local attackers (such as an untrusted OS +attacking a secure enclave); on the other hand TinyCrypt includes coordinate +randomisation which protects against some passive physical attacks (such as +DPA, see Table 3, column C9 of [this +paper](https://www.esat.kuleuven.be/cosic/publications/article-2293.pdf#page=12)), +which p256-m completely ignores. +- TinyCrypt's code looks like it could easily be expanded to support other + curves, while p256-m has much more hard-coded to minimize code size (see +"Notes about other curves" below). +- TinyCrypt uses a specialised routine for reduction modulo the curve prime, + exploiting its structure as a Solinas prime, which should be faster than the +generic Montgomery reduction used by p256-m, but other factors appear to +compensate for that. +- TinyCrypt uses Co-Z Jacobian formulas for point operation, which should be + faster (though a bit larger) than the mixed affine-Jacobian formulas +used by p256-m, but again other factors appear to compensate for that. +- p256-m uses bits of inline assembly for 64-bit multiplication on the + platforms used for benchmarking, while TinyCrypt uses only C (and the +compiler's runtime library). +- TinyCrypt uses a specialised routine based on Shamir's trick for + ECDSA verification, which gives much better performance than the generic +code that p256-m uses in order to minimize code size. + +## Design overview + +The implementation is contained in a single file to keep most functions static +and allow for more optimisations. It is organized in multiple layers: + +- Fixed-width multi-precision arithmetic +- Fixed-width modular arithmetic +- Operations on curve points +- Operations with scalars +- The public API + +**Multi-precision arithmetic.** + +Large integers are represented as arrays of `uint32_t` limbs. When carries may +occur, casts to `uint64_t` are used to nudge the compiler towards using the +CPU's carry flag. When overflow may occur, functions return a carry flag. + +This layer contains optional assembly for Cortex-M and Cortex-A cores, for the +internal `u32_muladd64()` function, as well as two pure C versions of this +function, depending on whether `MUL64_IS_CONSTANT_TIME`. + +This layer's API consists of: + +- addition, subtraction; +- multiply-and-add, shift by one limb (for Montgomery multiplication); +- conditional assignment, assignment of a small value; +- comparison of two values for equality, comparison to 0 for equality; +- (de)serialization as big-endian arrays of bytes. + +**Modular arithmetic.** + +All modular operations are done in the Montgomery domain, that is x is +represented by `x * 2^256 mod m`; integers need to be converted to that domain +before computations, and back from it afterwards. Montgomery constants +associated to the curve's p and n are pre-computed and stored in static +structures. + +Modular inversion is computed using Fermat's little theorem to get +constant-time behaviour with respect to the value being inverted. + +This layer's API consists of: + +- the curve's constants p and n (and associated Montgomery constants); +- modular addition, subtraction, multiplication, and inversion; +- assignment of a small value; +- conversion to/from Montgomery domain; +- (de)serialization to/from bytes with integrated range checking and + Montgomery domain conversion. + +**Operations on curve points.** + +Curve points are represented using either affine or Jacobian coordinates; +affine coordinates are extended to represent 0 as (0,0). Individual +coordinates are always in the Montgomery domain. + +Not all formulas associated with affine or Jacobian coordinates are complete; +great care is taken to document and satisfy each function's pre-conditions. + +This layer's API consists of: + +- curve constants: b from the equation, the base point's coordinates; +- point validity check (on the curve and not 0); +- Jacobian to affine coordinate conversion; +- point doubling in Jacobian coordinates (complete formulas); +- point addition in mixed affine-Jacobian coordinates (P not in {0, Q, -Q}); +- point addition-or-doubling in affine coordinates (leaky version, only used + for ECDSA verify where all data is public); +- (de)serialization to/from bytes with integrated validity checking + +**Scalar operations.** + +The crucial function here is scalar multiplication. It uses a signed binary +ladder, which is a variant of the good old double-and-add algorithm where an +addition/subtraction is performed at each step. Again, care is taken to make +sure the pre-conditions for the addition formulas are always satisfied. The +signed binary ladder only works if the scalar is odd; this is ensured by +negating both the scalar (mod n) and the input point if necessary. + +This layer's API consists of: + +- scalar multiplication +- de-serialization from bytes with integrated range checking +- generation of a scalar and its associated public key + +**Public API.** + +This layer builds on the others, but unlike them, all inputs and outputs are +byte arrays. Key generation and ECDH shared secret computation are thin +wrappers around internal functions, just taking care of format conversions and +errors. The ECDSA functions have more non-trivial logic. + +This layer's API consists of: + +- key-pair generation +- ECDH shared secret computation +- ECDSA signature creation +- ECDSA signature verification + +**Testing.** + +A self-contained, straightforward, pure-Python implementation was first +produced as a warm-up and to help check intermediate values. Test vectors from +various sources are embedded and used to validate the implementation. + +This implementation, `p256.py`, is used by a second Python script, +`gen-test-data.py`, to generate additional data for both positive and negative +testing, available from a C header file, that is then used by the closed-box +and open-box test programs. + +p256-m can be compiled with extra instrumentation to mark secret data and +allow either valgrind or MemSan to check that no branch or memory access +depends on it (even indirectly). Macros are defined for this purpose near the +top of the file. + +**Tested platforms.** + +There are 4 versions of the internal function `u32_muladd64`: two assembly +versions, for Cortex-M/A cores with or without the DSP extension, and two +pure-C versions, depending on whether `MUL64_IS_CONSTANT_TIME`. + +Tests are run on the following platforms: + +- `make` on x64 tests the pure-C version without `MUL64_IS_CONSTANT_TIME` + (with Clang). +- `./consttime.sh` on x64 tests both pure-C versions (with Clang). +- `make` on Arm v7-A (Raspberry Pi 2) tests the Arm-DSP assembly version (with + Clang). +- `on-target-*box` on boards based on Cortex-M0 and M4 cores test both + assembly versions (with GCC). + +In addition: + +- `sizes.sh` builds the code for three Arm cores with GCC and Clang. +- `deps.sh` checks for external dependencies with GCC. + +## Notes about other curves + +It should be clear that minimal code size can only be reached by specializing +the implementation to the curve at hand. Here's a list of things in the +implementation that are specific to the NIST P-256 curve, and how the +implementation could be changed to expand to other curves, layer by layer (see +"Design Overview" above). + +**Fixed-width multi-precision arithmetic:** + +- The number of limbs is hard-coded to 8. For other 256-bit curves, nothing to + change. For a curve of another size, hard-code to another value. For multiple +curves of various sizes, add a parameter to each function specifying the +number of limbs; when declaring arrays, always use the maximum number of +limbs. + +**Fixed-width modular arithmetic:** + +- The values of the curve's constant p and n, and their associated Montgomery + constants, are hard-coded. For another curve, just hard-code the new constants. +For multiple other curves, define all the constants, and from this layer's API +only keep the functions that already accept a `mod` parameter (that is, remove +convenience functions `m256_xxx_p()`). +- The number of limbs is again hard-coded to 8. See above, but it order to + support multiple sizes there is no need to add a new parameter to functions +in this layer: the existing `mod` parameter can include the number of limbs as +well. + +**Operations on curve points:** + +- The values of the curve's constants b (constant term from the equation) and + gx, gy (coordinates of the base point) are hard-coded. For another curve, + hard-code the other values. For multiple curves, define each curve's value and +add a "curve id" parameter to all functions in this layer. +- The value of the curve's constant a is implicitly hard-coded to `-3` by using + a standard optimisation to save one multiplication in the first step of +`point_double()`. For curves that don't have a == -3, replace that with the +normal computation. +- The fact that b != 0 in the curve equation is used indirectly, to ensure + that (0, 0) is not a point on the curve and re-use that value to represent +the point 0. As far as I know, all Short Weierstrass curves standardized so +far have b != 0. +- The shape of the curve is assumed to be Short Weierstrass. For other curve + shapes (Montgomery, (twisted) Edwards), this layer would probably look very +different (both implementation and API). + +**Scalar operations:** + +- If multiple curves are to be supported, all function in this layer need to + gain a new "curve id" parameter. +- This layer assumes that the bit size of the curve's order n is the same as + that of the modulus p. This is true of most curves standardized so far, the +only exception being secp224k1. If that curve were to be supported, the +representation of `n` and scalars would need adapting to allow for an extra +limb. +- The bit size of the curve's order is hard-coded in `scalar_mult()`. For + multiple curves, this should be deduced from the "curve id" parameter. +- The `scalar_mult()` function exploits the fact that the second least + significant bit of the curve's order n is set in order to avoid a special +case. For curve orders that don't meet this criterion, we can just handle that +special case (multiplication by +-2) separately (always compute that and +conditionally assign it to the result). +- The shape of the curve is again assumed to be Short Weierstrass. For other curve + shapes (Montgomery, (twisted) Edwards), this layer would probably have a +very different implementation. + +**Public API:** + +- For multiple curves, all functions in this layer would need to gain a "curve + id" parameter and handle variable-sized input/output. +- The shape of the curve is again assumed to be Short Weierstrass. For other curve + shapes (Montgomery, (twisted) Edwards), the ECDH API would probably look +quite similar (with differences in the size of public keys), but the ECDSA API +wouldn't apply and an EdDSA API would look pretty different. + +## Notes about other platforms + +While p256-m is standard C99, it is written with constrained 32-bit platforms +in mind and makes a few assumptions about the platform: + +- The types `uint8_t`, `uint16_t`, `uint32_t` and `uint64_t` exist. +- 32-bit unsigned addition and subtraction with carry are constant time. +- 16x16->32-bit unsigned multiplication is available and constant time. + +Also, on platforms on which 64-bit addition and subtraction with carry, or +even 64x64->128-bit multiplication, are available, p256-m makes no use of +them, though they could significantly improve performance. + +This could be improved by replacing uses of arrays of `uint32_t` with a +defined type throughout the internal APIs, and then on 64-bit platforms define +that type to be an array of `uint64_t` instead, and making the obvious +adaptations in the multi-precision arithmetic layer. + +Finally, the optional assembly code (which boosts performance by a factor 2 on +tested Cortex-M CPUs, while slightly reducing code size and stack usage) is +currently only available with compilers that support GCC's extended asm +syntax (which includes GCC and Clang). diff --git a/3rdparty/p256-m/p256-m/p256-m.c b/3rdparty/p256-m/p256-m/p256-m.c new file mode 100644 index 000000000..3f878f758 --- /dev/null +++ b/3rdparty/p256-m/p256-m/p256-m.c @@ -0,0 +1,1514 @@ +/* + * Implementation of curve P-256 (ECDH and ECDSA) + * + * Copyright The Mbed TLS Contributors + * Author: Manuel Pégourié-Gonnard. + * SPDX-License-Identifier: Apache-2.0 + */ + +#include "p256-m.h" +#include "mbedtls/platform_util.h" +#include "psa/crypto.h" +#include +#include +#include + +#if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) + +/* + * Zeroize memory - this should not be optimized away + */ +#define zeroize mbedtls_platform_zeroize + +/* + * Helpers to test constant-time behaviour with valgrind or MemSan. + * + * CT_POISON() is used for secret data. It marks the memory area as + * uninitialised, so that any branch or pointer dereference that depends on it + * (even indirectly) triggers a warning. + * CT_UNPOISON() is used for public data; it marks the area as initialised. + * + * These are macros in order to avoid interfering with origin tracking. + */ +#if defined(CT_MEMSAN) + +#include +#define CT_POISON __msan_allocated_memory +// void __msan_allocated_memory(const volatile void* data, size_t size); +#define CT_UNPOISON __msan_unpoison +// void __msan_unpoison(const volatile void *a, size_t size); + +#elif defined(CT_VALGRIND) + +#include +#define CT_POISON VALGRIND_MAKE_MEM_UNDEFINED +// VALGRIND_MAKE_MEM_UNDEFINED(_qzz_addr,_qzz_len) +#define CT_UNPOISON VALGRIND_MAKE_MEM_DEFINED +// VALGRIND_MAKE_MEM_DEFINED(_qzz_addr,_qzz_len) + +#else +#define CT_POISON(p, sz) +#define CT_UNPOISON(p, sz) +#endif + +/********************************************************************** + * + * Operations on fixed-width unsigned integers + * + * Represented using 32-bit limbs, least significant limb first. + * That is: x = x[0] + 2^32 x[1] + ... + 2^224 x[7] for 256-bit. + * + **********************************************************************/ + +/* + * 256-bit set to 32-bit value + * + * in: x in [0, 2^32) + * out: z = x + */ +static void u256_set32(uint32_t z[8], uint32_t x) +{ + z[0] = x; + for (unsigned i = 1; i < 8; i++) { + z[i] = 0; + } +} + +/* + * 256-bit addition + * + * in: x, y in [0, 2^256) + * out: z = (x + y) mod 2^256 + * c = (x + y) div 2^256 + * That is, z + c * 2^256 = x + y + * + * Note: as a memory area, z must be either equal to x or y, or not overlap. + */ +static uint32_t u256_add(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8]) +{ + uint32_t carry = 0; + + for (unsigned i = 0; i < 8; i++) { + uint64_t sum = (uint64_t) carry + x[i] + y[i]; + z[i] = (uint32_t) sum; + carry = (uint32_t) (sum >> 32); + } + + return carry; +} + +/* + * 256-bit subtraction + * + * in: x, y in [0, 2^256) + * out: z = (x - y) mod 2^256 + * c = 0 if x >=y, 1 otherwise + * That is, z = c * 2^256 + x - y + * + * Note: as a memory area, z must be either equal to x or y, or not overlap. + */ +static uint32_t u256_sub(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8]) +{ + uint32_t carry = 0; + + for (unsigned i = 0; i < 8; i++) { + uint64_t diff = (uint64_t) x[i] - y[i] - carry; + z[i] = (uint32_t) diff; + carry = -(uint32_t) (diff >> 32); + } + + return carry; +} + +/* + * 256-bit conditional assignment + * + * in: x in [0, 2^256) + * c in [0, 1] + * out: z = x if c == 1, z unchanged otherwise + * + * Note: as a memory area, z must be either equal to x, or not overlap. + */ +static void u256_cmov(uint32_t z[8], const uint32_t x[8], uint32_t c) +{ + const uint32_t x_mask = -c; + for (unsigned i = 0; i < 8; i++) { + z[i] = (z[i] & ~x_mask) | (x[i] & x_mask); + } +} + +/* + * 256-bit compare for equality + * + * in: x in [0, 2^256) + * y in [0, 2^256) + * out: 0 if x == y, unspecified non-zero otherwise + */ +static uint32_t u256_diff(const uint32_t x[8], const uint32_t y[8]) +{ + uint32_t diff = 0; + for (unsigned i = 0; i < 8; i++) { + diff |= x[i] ^ y[i]; + } + return diff; +} + +/* + * 256-bit compare to zero + * + * in: x in [0, 2^256) + * out: 0 if x == 0, unspecified non-zero otherwise + */ +static uint32_t u256_diff0(const uint32_t x[8]) +{ + uint32_t diff = 0; + for (unsigned i = 0; i < 8; i++) { + diff |= x[i]; + } + return diff; +} + +/* + * 32 x 32 -> 64-bit multiply-and-accumulate + * + * in: x, y, z, t in [0, 2^32) + * out: x * y + z + t in [0, 2^64) + * + * Note: this computation cannot overflow. + * + * Note: this function has two pure-C implementations (depending on whether + * MUL64_IS_CONSTANT_TIME), and possibly optimised asm implementations. + * Start with the potential asm definitions, and use the C definition only if + * we no have no asm for the current toolchain & CPU. + */ +static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t); + +/* This macro is used to mark whether an asm implentation is found */ +#undef MULADD64_ASM +/* This macro is used to mark whether the implementation has a small + * code size (ie, it can be inlined even in an unrolled loop) */ +#undef MULADD64_SMALL + +/* + * Currently assembly optimisations are only supported with GCC/Clang for + * Arm's Cortex-A and Cortex-M lines of CPUs, which start with the v6-M and + * v7-M architectures. __ARM_ARCH_PROFILE is not defined for v6 and earlier. + * Thumb and 32-bit assembly is supported; aarch64 is not supported. + */ +#if defined(__GNUC__) &&\ + defined(__ARM_ARCH) && __ARM_ARCH >= 6 && defined(__ARM_ARCH_PROFILE) && \ + ( __ARM_ARCH_PROFILE == 77 || __ARM_ARCH_PROFILE == 65 ) /* 'M' or 'A' */ && \ + !defined(__aarch64__) + +/* + * This set of CPUs is conveniently partitioned as follows: + * + * 1. Cores that have the DSP extension, which includes a 1-cycle UMAAL + * instruction: M4, M7, M33, all A-class cores. + * 2. Cores that don't have the DSP extension, and also lack a constant-time + * 64-bit multiplication instruction: + * - M0, M0+, M23: 32-bit multiplication only; + * - M3: 64-bit multiplication is not constant-time. + */ +#if defined(__ARM_FEATURE_DSP) + +static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t) +{ + __asm__( + /* UMAAL , , , */ + "umaal %[z], %[t], %[x], %[y]" + : [z] "+l" (z), [t] "+l" (t) + : [x] "l" (x), [y] "l" (y) + ); + return ((uint64_t) t << 32) | z; +} +#define MULADD64_ASM +#define MULADD64_SMALL + +#else /* __ARM_FEATURE_DSP */ + +/* + * This implementation only uses 16x16->32 bit multiplication. + * + * It decomposes the multiplicands as: + * x = xh:xl = 2^16 * xh + xl + * y = yh:yl = 2^16 * yh + yl + * and computes their product as: + * x*y = xl*yl + 2**16 (xh*yl + yl*yh) + 2**32 xh*yh + * then adds z and t to the result. + */ +static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t) +{ + /* First compute x*y, using 3 temporary registers */ + uint32_t tmp1, tmp2, tmp3; + __asm__( + ".syntax unified\n\t" + /* start by splitting the inputs into halves */ + "lsrs %[u], %[x], #16\n\t" + "lsrs %[v], %[y], #16\n\t" + "uxth %[x], %[x]\n\t" + "uxth %[y], %[y]\n\t" + /* now we have %[x], %[y], %[u], %[v] = xl, yl, xh, yh */ + /* let's compute the 4 products we can form with those */ + "movs %[w], %[v]\n\t" + "muls %[w], %[u]\n\t" + "muls %[v], %[x]\n\t" + "muls %[x], %[y]\n\t" + "muls %[y], %[u]\n\t" + /* now we have %[x], %[y], %[v], %[w] = xl*yl, xh*yl, xl*yh, xh*yh */ + /* let's split and add the first middle product */ + "lsls %[u], %[y], #16\n\t" + "lsrs %[y], %[y], #16\n\t" + "adds %[x], %[u]\n\t" + "adcs %[y], %[w]\n\t" + /* let's finish with the second middle product */ + "lsls %[u], %[v], #16\n\t" + "lsrs %[v], %[v], #16\n\t" + "adds %[x], %[u]\n\t" + "adcs %[y], %[v]\n\t" + : [x] "+l" (x), [y] "+l" (y), + [u] "=&l" (tmp1), [v] "=&l" (tmp2), [w] "=&l" (tmp3) + : /* no read-only inputs */ + : "cc" + ); + (void) tmp1; + (void) tmp2; + (void) tmp3; + + /* Add z and t, using one temporary register */ + __asm__( + ".syntax unified\n\t" + "movs %[u], #0\n\t" + "adds %[x], %[z]\n\t" + "adcs %[y], %[u]\n\t" + "adds %[x], %[t]\n\t" + "adcs %[y], %[u]\n\t" + : [x] "+l" (x), [y] "+l" (y), [u] "=&l" (tmp1) + : [z] "l" (z), [t] "l" (t) + : "cc" + ); + (void) tmp1; + + return ((uint64_t) y << 32) | x; +} +#define MULADD64_ASM + +#endif /* __ARM_FEATURE_DSP */ + +#endif /* GCC/Clang with Cortex-M/A CPU */ + +#if !defined(MULADD64_ASM) +#if defined(MUL64_IS_CONSTANT_TIME) +static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t) +{ + return (uint64_t) x * y + z + t; +} +#define MULADD64_SMALL +#else +static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t) +{ + /* x = xl + 2**16 xh, y = yl + 2**16 yh */ + const uint16_t xl = (uint16_t) x; + const uint16_t yl = (uint16_t) y; + const uint16_t xh = x >> 16; + const uint16_t yh = y >> 16; + + /* x*y = xl*yl + 2**16 (xh*yl + yl*yh) + 2**32 xh*yh + * = lo + 2**16 (m1 + m2 ) + 2**32 hi */ + const uint32_t lo = (uint32_t) xl * yl; + const uint32_t m1 = (uint32_t) xh * yl; + const uint32_t m2 = (uint32_t) xl * yh; + const uint32_t hi = (uint32_t) xh * yh; + + uint64_t acc = lo + ((uint64_t) (hi + (m1 >> 16) + (m2 >> 16)) << 32); + acc += m1 << 16; + acc += m2 << 16; + acc += z; + acc += t; + + return acc; +} +#endif /* MUL64_IS_CONSTANT_TIME */ +#endif /* MULADD64_ASM */ + +/* + * 288 + 32 x 256 -> 288-bit multiply and add + * + * in: x in [0, 2^32) + * y in [0, 2^256) + * z in [0, 2^288) + * out: z_out = z_in + x * y mod 2^288 + * c = z_in + x * y div 2^288 + * That is, z_out + c * 2^288 = z_in + x * y + * + * Note: as a memory area, z must be either equal to y, or not overlap. + * + * This is a helper for Montgomery multiplication. + */ +static uint32_t u288_muladd(uint32_t z[9], uint32_t x, const uint32_t y[8]) +{ + uint32_t carry = 0; + +#define U288_MULADD_STEP(i) \ + do { \ + uint64_t prod = u32_muladd64(x, y[i], z[i], carry); \ + z[i] = (uint32_t) prod; \ + carry = (uint32_t) (prod >> 32); \ + } while( 0 ) + +#if defined(MULADD64_SMALL) + U288_MULADD_STEP(0); + U288_MULADD_STEP(1); + U288_MULADD_STEP(2); + U288_MULADD_STEP(3); + U288_MULADD_STEP(4); + U288_MULADD_STEP(5); + U288_MULADD_STEP(6); + U288_MULADD_STEP(7); +#else + for (unsigned i = 0; i < 8; i++) { + U288_MULADD_STEP(i); + } +#endif + + uint64_t sum = (uint64_t) z[8] + carry; + z[8] = (uint32_t) sum; + carry = (uint32_t) (sum >> 32); + + return carry; +} + +/* + * 288-bit in-place right shift by 32 bits + * + * in: z in [0, 2^288) + * c in [0, 2^32) + * out: z_out = z_in div 2^32 + c * 2^256 + * = (z_in + c * 2^288) div 2^32 + * + * This is a helper for Montgomery multiplication. + */ +static void u288_rshift32(uint32_t z[9], uint32_t c) +{ + for (unsigned i = 0; i < 8; i++) { + z[i] = z[i + 1]; + } + z[8] = c; +} + +/* + * 256-bit import from big-endian bytes + * + * in: p = p0, ..., p31 + * out: z = p0 * 2^248 + p1 * 2^240 + ... + p30 * 2^8 + p31 + */ +static void u256_from_bytes(uint32_t z[8], const uint8_t p[32]) +{ + for (unsigned i = 0; i < 8; i++) { + unsigned j = 4 * (7 - i); + z[i] = ((uint32_t) p[j + 0] << 24) | + ((uint32_t) p[j + 1] << 16) | + ((uint32_t) p[j + 2] << 8) | + ((uint32_t) p[j + 3] << 0); + } +} + +/* + * 256-bit export to big-endian bytes + * + * in: z in [0, 2^256) + * out: p = p0, ..., p31 such that + * z = p0 * 2^248 + p1 * 2^240 + ... + p30 * 2^8 + p31 + */ +static void u256_to_bytes(uint8_t p[32], const uint32_t z[8]) +{ + for (unsigned i = 0; i < 8; i++) { + unsigned j = 4 * (7 - i); + p[j + 0] = (uint8_t) (z[i] >> 24); + p[j + 1] = (uint8_t) (z[i] >> 16); + p[j + 2] = (uint8_t) (z[i] >> 8); + p[j + 3] = (uint8_t) (z[i] >> 0); + } +} + +/********************************************************************** + * + * Operations modulo a 256-bit prime m + * + * These are done in the Montgomery domain, that is x is represented by + * x * 2^256 mod m + * Numbers need to be converted to that domain before computations, + * and back from it afterwards. + * + * Inversion is computed using Fermat's little theorem. + * + * Assumptions on m: + * - Montgomery operations require that m is odd. + * - Fermat's little theorem require it to be a prime. + * - m256_inv() further requires that m % 2^32 >= 2. + * - m256_inv() also assumes that the value of m is not a secret. + * + * In practice operations are done modulo the curve's p and n, + * both of which satisfy those assumptions. + * + **********************************************************************/ + +/* + * Data associated to a modulus for Montgomery operations. + * + * m in [0, 2^256) - the modulus itself, must be odd + * R2 = 2^512 mod m + * ni = -m^-1 mod 2^32 + */ +typedef struct { + uint32_t m[8]; + uint32_t R2[8]; + uint32_t ni; +} +m256_mod; + +/* + * Data for Montgomery operations modulo the curve's p + */ +static const m256_mod p256_p = { + { /* the curve's p */ + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, + 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF, + }, + { /* 2^512 mod p */ + 0x00000003, 0x00000000, 0xffffffff, 0xfffffffb, + 0xfffffffe, 0xffffffff, 0xfffffffd, 0x00000004, + }, + 0x00000001, /* -p^-1 mod 2^32 */ +}; + +/* + * Data for Montgomery operations modulo the curve's n + */ +static const m256_mod p256_n = { + { /* the curve's n */ + 0xFC632551, 0xF3B9CAC2, 0xA7179E84, 0xBCE6FAAD, + 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF, + }, + { /* 2^512 mod n */ + 0xbe79eea2, 0x83244c95, 0x49bd6fa6, 0x4699799c, + 0x2b6bec59, 0x2845b239, 0xf3d95620, 0x66e12d94, + }, + 0xee00bc4f, /* -n^-1 mod 2^32 */ +}; + +/* + * Modular addition + * + * in: x, y in [0, m) + * mod must point to a valid m256_mod structure + * out: z = (x + y) mod m, in [0, m) + * + * Note: as a memory area, z must be either equal to x or y, or not overlap. + */ +static void m256_add(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8], + const m256_mod *mod) +{ + uint32_t r[8]; + uint32_t carry_add = u256_add(z, x, y); + uint32_t carry_sub = u256_sub(r, z, mod->m); + /* Need to subract m if: + * x+y >= 2^256 > m (that is, carry_add == 1) + * OR z >= m (that is, carry_sub == 0) */ + uint32_t use_sub = carry_add | (1 - carry_sub); + u256_cmov(z, r, use_sub); +} + +/* + * Modular addition mod p + * + * in: x, y in [0, p) + * out: z = (x + y) mod p, in [0, p) + * + * Note: as a memory area, z must be either equal to x or y, or not overlap. + */ +static void m256_add_p(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8]) +{ + m256_add(z, x, y, &p256_p); +} + +/* + * Modular subtraction + * + * in: x, y in [0, m) + * mod must point to a valid m256_mod structure + * out: z = (x - y) mod m, in [0, m) + * + * Note: as a memory area, z must be either equal to x or y, or not overlap. + */ +static void m256_sub(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8], + const m256_mod *mod) +{ + uint32_t r[8]; + uint32_t carry = u256_sub(z, x, y); + (void) u256_add(r, z, mod->m); + /* Need to add m if and only if x < y, that is carry == 1. + * In that case z is in [2^256 - m + 1, 2^256 - 1], so the + * addition will have a carry as well, which cancels out. */ + u256_cmov(z, r, carry); +} + +/* + * Modular subtraction mod p + * + * in: x, y in [0, p) + * out: z = (x + y) mod p, in [0, p) + * + * Note: as a memory area, z must be either equal to x or y, or not overlap. + */ +static void m256_sub_p(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8]) +{ + m256_sub(z, x, y, &p256_p); +} + +/* + * Montgomery modular multiplication + * + * in: x, y in [0, m) + * mod must point to a valid m256_mod structure + * out: z = (x * y) / 2^256 mod m, in [0, m) + * + * Note: as a memory area, z may overlap with x or y. + */ +static void m256_mul(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8], + const m256_mod *mod) +{ + /* + * Algorithm 14.36 in Handbook of Applied Cryptography with: + * b = 2^32, n = 8, R = 2^256 + */ + uint32_t m_prime = mod->ni; + uint32_t a[9]; + + for (unsigned i = 0; i < 9; i++) { + a[i] = 0; + } + + for (unsigned i = 0; i < 8; i++) { + /* the "mod 2^32" is implicit from the type */ + uint32_t u = (a[0] + x[i] * y[0]) * m_prime; + + /* a = (a + x[i] * y + u * m) div b */ + uint32_t c = u288_muladd(a, x[i], y); + c += u288_muladd(a, u, mod->m); + u288_rshift32(a, c); + } + + /* a = a > m ? a - m : a */ + uint32_t carry_add = a[8]; // 0 or 1 since a < 2m, see HAC Note 14.37 + uint32_t carry_sub = u256_sub(z, a, mod->m); + uint32_t use_sub = carry_add | (1 - carry_sub); // see m256_add() + u256_cmov(z, a, 1 - use_sub); +} + +/* + * Montgomery modular multiplication modulo p. + * + * in: x, y in [0, p) + * out: z = (x * y) / 2^256 mod p, in [0, p) + * + * Note: as a memory area, z may overlap with x or y. + */ +static void m256_mul_p(uint32_t z[8], + const uint32_t x[8], const uint32_t y[8]) +{ + m256_mul(z, x, y, &p256_p); +} + +/* + * In-place conversion to Montgomery form + * + * in: z in [0, m) + * mod must point to a valid m256_mod structure + * out: z_out = z_in * 2^256 mod m, in [0, m) + */ +static void m256_prep(uint32_t z[8], const m256_mod *mod) +{ + m256_mul(z, z, mod->R2, mod); +} + +/* + * In-place conversion from Montgomery form + * + * in: z in [0, m) + * mod must point to a valid m256_mod structure + * out: z_out = z_in / 2^256 mod m, in [0, m) + * That is, z_in was z_actual * 2^256 mod m, and z_out is z_actual + */ +static void m256_done(uint32_t z[8], const m256_mod *mod) +{ + uint32_t one[8]; + u256_set32(one, 1); + m256_mul(z, z, one, mod); +} + +/* + * Set to 32-bit value + * + * in: x in [0, 2^32) + * mod must point to a valid m256_mod structure + * out: z = x * 2^256 mod m, in [0, m) + * That is, z is set to the image of x in the Montgomery domain. + */ +static void m256_set32(uint32_t z[8], uint32_t x, const m256_mod *mod) +{ + u256_set32(z, x); + m256_prep(z, mod); +} + +/* + * Modular inversion in Montgomery form + * + * in: x in [0, m) + * mod must point to a valid m256_mod structure + * such that mod->m % 2^32 >= 2, assumed to be public. + * out: z = x^-1 * 2^512 mod m if x != 0, + * z = 0 if x == 0 + * That is, if x = x_actual * 2^256 mod m, then + * z = x_actual^-1 * 2^256 mod m + * + * Note: as a memory area, z may overlap with x. + */ +static void m256_inv(uint32_t z[8], const uint32_t x[8], + const m256_mod *mod) +{ + /* + * Use Fermat's little theorem to compute x^-1 as x^(m-2). + * + * Take advantage of the fact that both p's and n's least significant limb + * is at least 2 to perform the subtraction on the flight (no carry). + * + * Use plain right-to-left binary exponentiation; + * branches are OK as the exponent is not a secret. + */ + uint32_t bitval[8]; + u256_cmov(bitval, x, 1); /* copy x before writing to z */ + + m256_set32(z, 1, mod); + + unsigned i = 0; + uint32_t limb = mod->m[i] - 2; + while (1) { + for (unsigned j = 0; j < 32; j++) { + if ((limb & 1) != 0) { + m256_mul(z, z, bitval, mod); + } + m256_mul(bitval, bitval, bitval, mod); + limb >>= 1; + } + + if (i == 7) + break; + + i++; + limb = mod->m[i]; + } +} + +/* + * Import modular integer from bytes to Montgomery domain + * + * in: p = p0, ..., p32 + * mod must point to a valid m256_mod structure + * out: z = (p0 * 2^248 + ... + p31) * 2^256 mod m, in [0, m) + * return 0 if the number was already in [0, m), or -1. + * z may be incorrect and must be discared when -1 is returned. + */ +static int m256_from_bytes(uint32_t z[8], + const uint8_t p[32], const m256_mod *mod) +{ + u256_from_bytes(z, p); + + uint32_t t[8]; + uint32_t lt_m = u256_sub(t, z, mod->m); + if (lt_m != 1) + return -1; + + m256_prep(z, mod); + return 0; +} + +/* + * Export modular integer from Montgomery domain to bytes + * + * in: z in [0, 2^256) + * mod must point to a valid m256_mod structure + * out: p = p0, ..., p31 such that + * z = (p0 * 2^248 + ... + p31) * 2^256 mod m + */ +static void m256_to_bytes(uint8_t p[32], + const uint32_t z[8], const m256_mod *mod) +{ + uint32_t zi[8]; + u256_cmov(zi, z, 1); + m256_done(zi, mod); + + u256_to_bytes(p, zi); +} + +/********************************************************************** + * + * Operations on curve points + * + * Points are represented in two coordinates system: + * - affine (x, y) - extended to represent 0 (see below) + * - jacobian (x:y:z) + * In either case, coordinates are integers modulo p256_p and + * are always represented in the Montgomery domain. + * + * For background on jacobian coordinates, see for example [GECC] 3.2.2: + * - conversions go (x, y) -> (x:y:1) and (x:y:z) -> (x/z^2, y/z^3) + * - the curve equation becomes y^2 = x^3 - 3 x z^4 + b z^6 + * - 0 (aka the origin aka point at infinity) is (x:y:0) with y^2 = x^3. + * - point negation goes -(x:y:z) = (x:-y:z) + * + * Normally 0 (the point at infinity) can't be represented in affine + * coordinates. However we extend affine coordinates with the convention that + * (0, 0) (which is normally not a point on the curve) is interpreted as 0. + * + * References: + * - [GECC]: Guide to Elliptic Curve Cryptography; Hankerson, Menezes, + * Vanstone; Springer, 2004. + * - [CMO98]: Efficient Elliptic Curve Exponentiation Using Mixed Coordinates; + * Cohen, Miyaji, Ono; Springer, ASIACRYPT 1998. + * https://link.springer.com/content/pdf/10.1007/3-540-49649-1_6.pdf + * - [RCB15]: Complete addition formulas for prime order elliptic curves; + * Renes, Costello, Batina; IACR e-print 2015-1060. + * https://eprint.iacr.org/2015/1060.pdf + * + **********************************************************************/ + +/* + * The curve's b parameter in the Short Weierstrass equation + * y^2 = x^3 - 3*x + b + * Compared to the standard, this is converted to the Montgomery domain. + */ +static const uint32_t p256_b[8] = { /* b * 2^256 mod p */ + 0x29c4bddf, 0xd89cdf62, 0x78843090, 0xacf005cd, + 0xf7212ed6, 0xe5a220ab, 0x04874834, 0xdc30061d, +}; + +/* + * The curve's conventional base point G. + * Compared to the standard, coordinates converted to the Montgomery domain. + */ +static const uint32_t p256_gx[8] = { /* G_x * 2^256 mod p */ + 0x18a9143c, 0x79e730d4, 0x5fedb601, 0x75ba95fc, + 0x77622510, 0x79fb732b, 0xa53755c6, 0x18905f76, +}; +static const uint32_t p256_gy[8] = { /* G_y * 2^256 mod p */ + 0xce95560a, 0xddf25357, 0xba19e45c, 0x8b4ab8e4, + 0xdd21f325, 0xd2e88688, 0x25885d85, 0x8571ff18, +}; + +/* + * Point-on-curve check - do the coordinates satisfy the curve's equation? + * + * in: x, y in [0, p) (Montgomery domain) + * out: 0 if the point lies on the curve and is not 0, + * unspecified non-zero otherwise + */ +static uint32_t point_check(const uint32_t x[8], const uint32_t y[8]) +{ + uint32_t lhs[8], rhs[8]; + + /* lhs = y^2 */ + m256_mul_p(lhs, y, y); + + /* rhs = x^3 - 3x + b */ + m256_mul_p(rhs, x, x); /* x^2 */ + m256_mul_p(rhs, rhs, x); /* x^3 */ + for (unsigned i = 0; i < 3; i++) + m256_sub_p(rhs, rhs, x); /* x^3 - 3x */ + m256_add_p(rhs, rhs, p256_b); /* x^3 - 3x + b */ + + return u256_diff(lhs, rhs); +} + +/* + * In-place jacobian to affine coordinate conversion + * + * in: (x:y:z) must be on the curve (coordinates in Montegomery domain) + * out: x_out = x_in / z_in^2 (Montgomery domain) + * y_out = y_in / z_in^3 (Montgomery domain) + * z_out unspecified, must be disregarded + * + * Note: if z is 0 (that is, the input point is 0), x_out = y_out = 0. + */ +static void point_to_affine(uint32_t x[8], uint32_t y[8], uint32_t z[8]) +{ + uint32_t t[8]; + + m256_inv(z, z, &p256_p); /* z = z^-1 */ + + m256_mul_p(t, z, z); /* t = z^-2 */ + m256_mul_p(x, x, t); /* x = x * z^-2 */ + + m256_mul_p(t, t, z); /* t = z^-3 */ + m256_mul_p(y, y, t); /* y = y * z^-3 */ +} + +/* + * In-place point doubling in jacobian coordinates (Montgomery domain) + * + * in: P_in = (x:y:z), must be on the curve + * out: (x:y:z) = P_out = 2 * P_in + */ +static void point_double(uint32_t x[8], uint32_t y[8], uint32_t z[8]) +{ + /* + * This is formula 6 from [CMO98], cited as complete in [RCB15] (table 1). + * Notations as in the paper, except u added and t ommited (it's x3). + */ + uint32_t m[8], s[8], u[8]; + + /* m = 3 * x^2 + a * z^4 = 3 * (x + z^2) * (x - z^2) */ + m256_mul_p(s, z, z); + m256_add_p(m, x, s); + m256_sub_p(u, x, s); + m256_mul_p(s, m, u); + m256_add_p(m, s, s); + m256_add_p(m, m, s); + + /* s = 4 * x * y^2 */ + m256_mul_p(u, y, y); + m256_add_p(u, u, u); /* u = 2 * y^2 (used below) */ + m256_mul_p(s, x, u); + m256_add_p(s, s, s); + + /* u = 8 * y^4 (not named in the paper, first term of y3) */ + m256_mul_p(u, u, u); + m256_add_p(u, u, u); + + /* x3 = t = m^2 - 2 * s */ + m256_mul_p(x, m, m); + m256_sub_p(x, x, s); + m256_sub_p(x, x, s); + + /* z3 = 2 * y * z */ + m256_mul_p(z, y, z); + m256_add_p(z, z, z); + + /* y3 = -u + m * (s - t) */ + m256_sub_p(y, s, x); + m256_mul_p(y, y, m); + m256_sub_p(y, y, u); +} + +/* + * In-place point addition in jacobian-affine coordinates (Montgomery domain) + * + * in: P_in = (x1:y1:z1), must be on the curve and not 0 + * Q = (x2, y2), must be on the curve and not P_in or -P_in or 0 + * out: P_out = (x1:y1:z1) = P_in + Q + */ +static void point_add(uint32_t x1[8], uint32_t y1[8], uint32_t z1[8], + const uint32_t x2[8], const uint32_t y2[8]) +{ + /* + * This is formula 5 from [CMO98], with z2 == 1 substituted. We use + * intermediates with neutral names, and names from the paper in comments. + */ + uint32_t t1[8], t2[8], t3[8]; + + /* u1 = x1 and s1 = y1 (no computations) */ + + /* t1 = u2 = x2 z1^2 */ + m256_mul_p(t1, z1, z1); + m256_mul_p(t2, t1, z1); + m256_mul_p(t1, t1, x2); + + /* t2 = s2 = y2 z1^3 */ + m256_mul_p(t2, t2, y2); + + /* t1 = h = u2 - u1 */ + m256_sub_p(t1, t1, x1); /* t1 = x2 * z1^2 - x1 */ + + /* t2 = r = s2 - s1 */ + m256_sub_p(t2, t2, y1); + + /* z3 = z1 * h */ + m256_mul_p(z1, z1, t1); + + /* t1 = h^3 */ + m256_mul_p(t3, t1, t1); + m256_mul_p(t1, t3, t1); + + /* t3 = x1 * h^2 */ + m256_mul_p(t3, t3, x1); + + /* x3 = r^2 - 2 * x1 * h^2 - h^3 */ + m256_mul_p(x1, t2, t2); + m256_sub_p(x1, x1, t3); + m256_sub_p(x1, x1, t3); + m256_sub_p(x1, x1, t1); + + /* y3 = r * (x1 * h^2 - x3) - y1 h^3 */ + m256_sub_p(t3, t3, x1); + m256_mul_p(t3, t3, t2); + m256_mul_p(t1, t1, y1); + m256_sub_p(y1, t3, t1); +} + +/* + * Point addition or doubling (affine to jacobian, Montgomery domain) + * + * in: P = (x1, y1) - must be on the curve and not 0 + * Q = (x2, y2) - must be on the curve and not 0 + * out: (x3, y3) = R = P + Q + * + * Note: unlike point_add(), this function works if P = +- Q; + * however it leaks information on its input through timing, + * branches taken and memory access patterns (if observable). + */ +static void point_add_or_double_leaky( + uint32_t x3[8], uint32_t y3[8], + const uint32_t x1[8], const uint32_t y1[8], + const uint32_t x2[8], const uint32_t y2[8]) +{ + + uint32_t z3[8]; + u256_cmov(x3, x1, 1); + u256_cmov(y3, y1, 1); + m256_set32(z3, 1, &p256_p); + + if (u256_diff(x1, x2) != 0) { + // P != +- Q -> generic addition + point_add(x3, y3, z3, x2, y2); + point_to_affine(x3, y3, z3); + } + else if (u256_diff(y1, y2) == 0) { + // P == Q -> double + point_double(x3, y3, z3); + point_to_affine(x3, y3, z3); + } else { + // P == -Q -> zero + m256_set32(x3, 0, &p256_p); + m256_set32(y3, 0, &p256_p); + } +} + +/* + * Import curve point from bytes + * + * in: p = (x, y) concatenated, fixed-width 256-bit big-endian integers + * out: x, y in Mongomery domain + * return 0 if x and y are both in [0, p) + * and (x, y) is on the curve and not 0 + * unspecified non-zero otherwise. + * x and y are unspecified and must be discarded if returning non-zero. + */ +static int point_from_bytes(uint32_t x[8], uint32_t y[8], const uint8_t p[64]) +{ + int ret; + + ret = m256_from_bytes(x, p, &p256_p); + if (ret != 0) + return ret; + + ret = m256_from_bytes(y, p + 32, &p256_p); + if (ret != 0) + return ret; + + return (int) point_check(x, y); +} + +/* + * Export curve point to bytes + * + * in: x, y affine coordinates of a point (Montgomery domain) + * must be on the curve and not 0 + * out: p = (x, y) concatenated, fixed-width 256-bit big-endian integers + */ +static void point_to_bytes(uint8_t p[64], + const uint32_t x[8], const uint32_t y[8]) +{ + m256_to_bytes(p, x, &p256_p); + m256_to_bytes(p + 32, y, &p256_p); +} + +/********************************************************************** + * + * Scalar multiplication and other scalar-related operations + * + **********************************************************************/ + +/* + * Scalar multiplication + * + * in: P = (px, py), affine (Montgomery), must be on the curve and not 0 + * s in [1, n-1] + * out: R = s * P = (rx, ry), affine coordinates (Montgomery). + * + * Note: as memory areas, none of the parameters may overlap. + */ +static void scalar_mult(uint32_t rx[8], uint32_t ry[8], + const uint32_t px[8], const uint32_t py[8], + const uint32_t s[8]) +{ + /* + * We use a signed binary ladder, see for example slides 10-14 of + * http://ecc2015.math.u-bordeaux1.fr/documents/hamburg.pdf but with + * implicit recoding, and a different loop initialisation to avoid feeding + * 0 to our addition formulas, as they don't support it. + */ + uint32_t s_odd[8], py_neg[8], py_use[8], rz[8]; + + /* + * Make s odd by replacing it with n - s if necessary. + * + * If s was odd, we'll have s_odd = s, and define P' = P. + * Otherwise, we'll have s_odd = n - s and define P' = -P. + * + * Either way, we can compute s * P as s_odd * P'. + */ + u256_sub(s_odd, p256_n.m, s); /* no carry, result still in [1, n-1] */ + uint32_t negate = ~s[0] & 1; + u256_cmov(s_odd, s, 1 - negate); + + /* Compute py_neg = - py mod p (that's the y coordinate of -P) */ + u256_set32(py_use, 0); + m256_sub_p(py_neg, py_use, py); + + /* Initialize R = P' = (x:(-1)^negate * y:1) */ + u256_cmov(rx, px, 1); + u256_cmov(ry, py, 1); + m256_set32(rz, 1, &p256_p); + u256_cmov(ry, py_neg, negate); + + /* + * For any odd number s_odd = b255 ... b1 1, we have + * s_odd = 2^255 + 2^254 sbit(b255) + ... + 2 sbit(b2) + sbit(b1) + * writing + * sbit(b) = 2 * b - 1 = b ? 1 : -1 + * + * Use that to compute s_odd * P' by repeating R = 2 * R +- P': + * s_odd * P' = 2 * ( ... (2 * P' + sbit(b255) P') ... ) + sbit(b1) P' + * + * The loop invariant is that when beginning an iteration we have + * R = s_i P' + * with + * s_i = 2^(255-i) + 2^(254-i) sbit(b_255) + ... + * where the sum has 256 - i terms. + * + * When updating R we need to make sure the input to point_add() is + * neither 0 not +-P'. Since that input is 2 s_i P', it is sufficient to + * see that 1 < 2 s_i < n-1. The lower bound is obvious since s_i is a + * positive integer, and for the upper bound we distinguish three cases. + * + * If i > 1, then s_i < 2^254, so 2 s_i < 2^255 < n-1. + * Otherwise, i == 1 and we have 2 s_i = s_odd - sbit(b1). + * If s_odd <= n-4, then 2 s_1 <= n-3. + * Otherwise, s_odd = n-2, and for this curve's value of n, + * we have b1 == 1, so sbit(b1) = 1 and 2 s_1 <= n-3. + */ + for (unsigned i = 255; i > 0; i--) { + uint32_t bit = (s_odd[i / 32] >> i % 32) & 1; + + /* set (px, py_use) = sbit(bit) P' = sbit(bit) * (-1)^negate P */ + u256_cmov(py_use, py, bit ^ negate); + u256_cmov(py_use, py_neg, (1 - bit) ^ negate); + + /* Update R = 2 * R +- P' */ + point_double(rx, ry, rz); + point_add(rx, ry, rz, px, py_use); + } + + point_to_affine(rx, ry, rz); +} + +/* + * Scalar import from big-endian bytes + * + * in: p = p0, ..., p31 + * out: s = p0 * 2^248 + p1 * 2^240 + ... + p30 * 2^8 + p31 + * return 0 if s in [1, n-1], + * -1 otherwise. + */ +static int scalar_from_bytes(uint32_t s[8], const uint8_t p[32]) +{ + u256_from_bytes(s, p); + + uint32_t r[8]; + uint32_t lt_n = u256_sub(r, s, p256_n.m); + + u256_set32(r, 1); + uint32_t lt_1 = u256_sub(r, s, r); + + if (lt_n && !lt_1) + return 0; + + return -1; +} + +/* Using RNG functions from Mbed TLS as p256-m does not come with a + * cryptographically secure RNG function. + */ +int p256_generate_random(uint8_t *output, unsigned output_size) +{ + int ret; + ret = psa_generate_random(output, output_size); + + if (ret != 0){ + return P256_RANDOM_FAILED; + } + return P256_SUCCESS; +} + +/* + * Scalar generation, with public key + * + * out: sbytes the big-endian bytes representation of the scalar + * s its u256 representation + * x, y the affine coordinates of s * G (Montgomery domain) + * return 0 if OK, -1 on failure + * sbytes, s, x, y must be discarded when returning non-zero. + */ +static int scalar_gen_with_pub(uint8_t sbytes[32], uint32_t s[8], + uint32_t x[8], uint32_t y[8]) +{ + /* generate a random valid scalar */ + int ret; + unsigned nb_tried = 0; + do { + if (nb_tried++ >= 4) + return -1; + + ret = p256_generate_random(sbytes, 32); + CT_POISON(sbytes, 32); + if (ret != 0) + return -1; + + ret = scalar_from_bytes(s, sbytes); + CT_UNPOISON(&ret, sizeof ret); + } + while (ret != 0); + + /* compute and ouput the associated public key */ + scalar_mult(x, y, p256_gx, p256_gy, s); + + /* the associated public key is not a secret */ + CT_UNPOISON(x, 32); + CT_UNPOISON(y, 32); + + return 0; +} + +/* + * ECDH/ECDSA generate pair + */ +int p256_gen_keypair(uint8_t priv[32], uint8_t pub[64]) +{ + uint32_t s[8], x[8], y[8]; + int ret = scalar_gen_with_pub(priv, s, x, y); + zeroize(s, sizeof s); + if (ret != 0) + return P256_RANDOM_FAILED; + + point_to_bytes(pub, x, y); + return 0; +} + +/********************************************************************** + * + * ECDH + * + **********************************************************************/ + +/* + * ECDH compute shared secret + */ +int p256_ecdh_shared_secret(uint8_t secret[32], + const uint8_t priv[32], const uint8_t peer[64]) +{ + CT_POISON(priv, 32); + + uint32_t s[8], px[8], py[8], x[8], y[8]; + int ret; + + ret = scalar_from_bytes(s, priv); + CT_UNPOISON(&ret, sizeof ret); + if (ret != 0) { + ret = P256_INVALID_PRIVKEY; + goto cleanup; + } + + ret = point_from_bytes(px, py, peer); + if (ret != 0) { + ret = P256_INVALID_PUBKEY; + goto cleanup; + } + + scalar_mult(x, y, px, py, s); + + m256_to_bytes(secret, x, &p256_p); + CT_UNPOISON(secret, 32); + +cleanup: + zeroize(s, sizeof s); + return ret; +} + +/********************************************************************** + * + * ECDSA + * + * Reference: + * [SEC1] SEC 1: Elliptic Curve Cryptography, Certicom research, 2009. + * http://www.secg.org/sec1-v2.pdf + **********************************************************************/ + +/* + * Reduction mod n of a small number + * + * in: x in [0, 2^256) + * out: x_out = x_in mod n in [0, n) + */ +static void ecdsa_m256_mod_n(uint32_t x[8]) +{ + uint32_t t[8]; + uint32_t c = u256_sub(t, x, p256_n.m); + u256_cmov(x, t, 1 - c); +} + +/* + * Import integer mod n (Montgomery domain) from hash + * + * in: h = h0, ..., h_hlen + * hlen the length of h in bytes + * out: z = (h0 * 2^l-8 + ... + h_l) * 2^256 mod n + * with l = min(32, hlen) + * + * Note: in [SEC1] this is step 5 of 4.1.3 (sign) or step 3 or 4.1.4 (verify), + * with obvious simplications since n's bit-length is a multiple of 8. + */ +static void ecdsa_m256_from_hash(uint32_t z[8], + const uint8_t *h, size_t hlen) +{ + /* convert from h (big-endian) */ + /* hlen is public data so it's OK to branch on it */ + if (hlen < 32) { + uint8_t p[32]; + for (unsigned i = 0; i < 32; i++) + p[i] = 0; + for (unsigned i = 0; i < hlen; i++) + p[32 - hlen + i] = h[i]; + u256_from_bytes(z, p); + } else { + u256_from_bytes(z, h); + } + + /* ensure the result is in [0, n) */ + ecdsa_m256_mod_n(z); + + /* map to Montgomery domain */ + m256_prep(z, &p256_n); +} + +/* + * ECDSA sign + */ +int p256_ecdsa_sign(uint8_t sig[64], const uint8_t priv[32], + const uint8_t *hash, size_t hlen) +{ + CT_POISON(priv, 32); + + /* + * Steps and notations from [SEC1] 4.1.3 + * + * Instead of retrying on r == 0 or s == 0, just abort, + * as those events have negligible probability. + */ + int ret; + + /* Temporary buffers - the first two are mostly stable, so have names */ + uint32_t xr[8], k[8], t3[8], t4[8]; + + /* 1. Set ephemeral keypair */ + uint8_t *kb = (uint8_t *) t4; + /* kb will be erased by re-using t4 for dU - if we exit before that, we + * haven't read the private key yet so we kb isn't sensitive yet */ + ret = scalar_gen_with_pub(kb, k, xr, t3); /* xr = x_coord(k * G) */ + if (ret != 0) + return P256_RANDOM_FAILED; + m256_prep(k, &p256_n); + + /* 2. Convert xr to an integer */ + m256_done(xr, &p256_p); + + /* 3. Reduce xr mod n (extra: output it while at it) */ + ecdsa_m256_mod_n(xr); /* xr = int(xr) mod n */ + + /* xr is public data so it's OK to use a branch */ + if (u256_diff0(xr) == 0) + return P256_RANDOM_FAILED; + + u256_to_bytes(sig, xr); + + m256_prep(xr, &p256_n); + + /* 4. Skipped - we take the hash as an input, not the message */ + + /* 5. Derive an integer from the hash */ + ecdsa_m256_from_hash(t3, hash, hlen); /* t3 = e */ + + /* 6. Compute s = k^-1 * (e + r * dU) */ + + /* Note: dU will be erased by re-using t4 for the value of s (public) */ + ret = scalar_from_bytes(t4, priv); /* t4 = dU (integer domain) */ + CT_UNPOISON(&ret, sizeof ret); /* Result of input validation */ + if (ret != 0) + return P256_INVALID_PRIVKEY; + m256_prep(t4, &p256_n); /* t4 = dU (Montgomery domain) */ + + m256_inv(k, k, &p256_n); /* k^-1 */ + m256_mul(t4, xr, t4, &p256_n); /* t4 = r * dU */ + m256_add(t4, t3, t4, &p256_n); /* t4 = e + r * dU */ + m256_mul(t4, k, t4, &p256_n); /* t4 = s = k^-1 * (e + r * dU) */ + zeroize(k, sizeof k); + + /* 7. Output s (r already outputed at step 3) */ + CT_UNPOISON(t4, 32); + if (u256_diff0(t4) == 0) { + /* undo early output of r */ + u256_to_bytes(sig, t4); + return P256_RANDOM_FAILED; + } + m256_to_bytes(sig + 32, t4, &p256_n); + + return P256_SUCCESS; +} + +/* + * ECDSA verify + */ +int p256_ecdsa_verify(const uint8_t sig[64], const uint8_t pub[64], + const uint8_t *hash, size_t hlen) +{ + /* + * Steps and notations from [SEC1] 4.1.3 + * + * Note: we're using public data only, so branches are OK + */ + int ret; + + /* 1. Validate range of r and s : [1, n-1] */ + uint32_t r[8], s[8]; + ret = scalar_from_bytes(r, sig); + if (ret != 0) + return P256_INVALID_SIGNATURE; + ret = scalar_from_bytes(s, sig + 32); + if (ret != 0) + return P256_INVALID_SIGNATURE; + + /* 2. Skipped - we take the hash as an input, not the message */ + + /* 3. Derive an integer from the hash */ + uint32_t e[8]; + ecdsa_m256_from_hash(e, hash, hlen); + + /* 4. Compute u1 = e * s^-1 and u2 = r * s^-1 */ + uint32_t u1[8], u2[8]; + m256_prep(s, &p256_n); /* s in Montgomery domain */ + m256_inv(s, s, &p256_n); /* s = s^-1 mod n */ + m256_mul(u1, e, s, &p256_n); /* u1 = e * s^-1 mod n */ + m256_done(u1, &p256_n); /* u1 out of Montgomery domain */ + + u256_cmov(u2, r, 1); + m256_prep(u2, &p256_n); /* r in Montgomery domain */ + m256_mul(u2, u2, s, &p256_n); /* u2 = r * s^-1 mod n */ + m256_done(u2, &p256_n); /* u2 out of Montgomery domain */ + + /* 5. Compute R (and re-use (u1, u2) to store its coordinates */ + uint32_t px[8], py[8]; + ret = point_from_bytes(px, py, pub); + if (ret != 0) + return P256_INVALID_PUBKEY; + + scalar_mult(e, s, px, py, u2); /* (e, s) = R2 = u2 * Qu */ + + if (u256_diff0(u1) == 0) { + /* u1 out of range for scalar_mult() - just skip it */ + u256_cmov(u1, e, 1); + /* we don't care about the y coordinate */ + } else { + scalar_mult(px, py, p256_gx, p256_gy, u1); /* (px, py) = R1 = u1 * G */ + + /* (u1, u2) = R = R1 + R2 */ + point_add_or_double_leaky(u1, u2, px, py, e, s); + /* No need to check if R == 0 here: if that's the case, it will be + * caught when comparating rx (which will be 0) to r (which isn't). */ + } + + /* 6. Convert xR to an integer */ + m256_done(u1, &p256_p); + + /* 7. Reduce xR mod n */ + ecdsa_m256_mod_n(u1); + + /* 8. Compare xR mod n to r */ + uint32_t diff = u256_diff(u1, r); + if (diff == 0) + return P256_SUCCESS; + + return P256_INVALID_SIGNATURE; +} + +/********************************************************************** + * + * Key management utilities + * + **********************************************************************/ + +int p256_validate_pubkey(const uint8_t pub[64]) +{ + uint32_t x[8], y[8]; + int ret = point_from_bytes(x, y, pub); + + return ret == 0 ? P256_SUCCESS : P256_INVALID_PUBKEY; +} + +int p256_validate_privkey(const uint8_t priv[32]) +{ + uint32_t s[8]; + int ret = scalar_from_bytes(s, priv); + zeroize(s, sizeof(s)); + + return ret == 0 ? P256_SUCCESS : P256_INVALID_PRIVKEY; +} + +int p256_public_from_private(uint8_t pub[64], const uint8_t priv[32]) +{ + int ret; + uint32_t s[8]; + + ret = scalar_from_bytes(s, priv); + if (ret != 0) + return P256_INVALID_PRIVKEY; + + /* compute and ouput the associated public key */ + uint32_t x[8], y[8]; + scalar_mult(x, y, p256_gx, p256_gy, s); + + /* the associated public key is not a secret, the scalar was */ + CT_UNPOISON(x, 32); + CT_UNPOISON(y, 32); + zeroize(s, sizeof(s)); + + point_to_bytes(pub, x, y); + return P256_SUCCESS; +} + +#endif diff --git a/3rdparty/p256-m/p256-m/p256-m.h b/3rdparty/p256-m/p256-m/p256-m.h new file mode 100644 index 000000000..28d319f39 --- /dev/null +++ b/3rdparty/p256-m/p256-m/p256-m.h @@ -0,0 +1,135 @@ +/* + * Interface of curve P-256 (ECDH and ECDSA) + * + * Copyright The Mbed TLS Contributors + * Author: Manuel Pégourié-Gonnard. + * SPDX-License-Identifier: Apache-2.0 + */ +#ifndef P256_M_H +#define P256_M_H + +#include +#include + +/* Status codes */ +#define P256_SUCCESS 0 +#define P256_RANDOM_FAILED -1 +#define P256_INVALID_PUBKEY -2 +#define P256_INVALID_PRIVKEY -3 +#define P256_INVALID_SIGNATURE -4 + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * RNG function - must be provided externally and be cryptographically secure. + * + * in: output - must point to a writable buffer of at least output_size bytes. + * output_size - the number of random bytes to write to output. + * out: output is filled with output_size random bytes. + * return 0 on success, non-zero on errors. + */ +extern int p256_generate_random(uint8_t * output, unsigned output_size); + +/* + * ECDH/ECDSA generate key pair + * + * [in] draws from p256_generate_random() + * [out] priv: on success, holds the private key, as a big-endian integer + * [out] pub: on success, holds the public key, as two big-endian integers + * + * return: P256_SUCCESS on success + * P256_RANDOM_FAILED on failure + */ +int p256_gen_keypair(uint8_t priv[32], uint8_t pub[64]); + +/* + * ECDH compute shared secret + * + * [out] secret: on success, holds the shared secret, as a big-endian integer + * [in] priv: our private key as a big-endian integer + * [in] pub: the peer's public key, as two big-endian integers + * + * return: P256_SUCCESS on success + * P256_INVALID_PRIVKEY if priv is invalid + * P256_INVALID_PUBKEY if pub is invalid + */ +int p256_ecdh_shared_secret(uint8_t secret[32], + const uint8_t priv[32], const uint8_t pub[64]); + +/* + * ECDSA sign + * + * [in] draws from p256_generate_random() + * [out] sig: on success, holds the signature, as two big-endian integers + * [in] priv: our private key as a big-endian integer + * [in] hash: the hash of the message to be signed + * [in] hlen: the size of hash in bytes + * + * return: P256_SUCCESS on success + * P256_RANDOM_FAILED on failure + * P256_INVALID_PRIVKEY if priv is invalid + */ +int p256_ecdsa_sign(uint8_t sig[64], const uint8_t priv[32], + const uint8_t *hash, size_t hlen); + +/* + * ECDSA verify + * + * [in] sig: the signature to be verified, as two big-endian integers + * [in] pub: the associated public key, as two big-endian integers + * [in] hash: the hash of the message that was signed + * [in] hlen: the size of hash in bytes + * + * return: P256_SUCCESS on success - the signature was verified as valid + * P256_INVALID_PUBKEY if pub is invalid + * P256_INVALID_SIGNATURE if the signature was found to be invalid + */ +int p256_ecdsa_verify(const uint8_t sig[64], const uint8_t pub[64], + const uint8_t *hash, size_t hlen); + +/* + * Public key validation + * + * Note: you never need to call this function, as all other functions always + * validate their input; however it's availabe if you want to validate the key + * without performing an operation. + * + * [in] pub: the public key, as two big-endian integers + * + * return: P256_SUCCESS if the key is valid + * P256_INVALID_PUBKEY if pub is invalid + */ +int p256_validate_pubkey(const uint8_t pub[64]); + +/* + * Private key validation + * + * Note: you never need to call this function, as all other functions always + * validate their input; however it's availabe if you want to validate the key + * without performing an operation. + * + * [in] priv: the private key, as a big-endian integer + * + * return: P256_SUCCESS if the key is valid + * P256_INVALID_PRIVKEY if priv is invalid + */ +int p256_validate_privkey(const uint8_t priv[32]); + +/* + * Compute public key from private key + * + * [out] pub: the associated public key, as two big-endian integers + * [in] priv: the private key, as a big-endian integer + * + * return: P256_SUCCESS on success + * P256_INVALID_PRIVKEY if priv is invalid + */ +int p256_public_from_private(uint8_t pub[64], const uint8_t priv[32]); + +#ifdef __cplusplus +} +#endif + +#endif /* P256_M_H */ diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.c b/3rdparty/p256-m/p256-m_driver_entrypoints.c new file mode 100644 index 000000000..61310a87b --- /dev/null +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.c @@ -0,0 +1,324 @@ +/* + * Driver entry points for p256-m + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "mbedtls/platform.h" +#include "p256-m_driver_entrypoints.h" +#include "p256-m/p256-m.h" +#include "psa/crypto.h" +#include +#include +#include "psa_crypto_driver_wrappers_no_static.h" + +#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) + +/* INFORMATION ON PSA KEY EXPORT FORMATS: + * + * PSA exports SECP256R1 keys in two formats: + * 1. Keypair format: 32 byte string which is just the private key (public key + * can be calculated from the private key) + * 2. Public Key format: A leading byte 0x04 (indicating uncompressed format), + * followed by the 64 byte public key. This results in a + * total of 65 bytes. + * + * p256-m's internal format for private keys matches PSA. Its format for public + * keys is only 64 bytes: the same as PSA but without the leading byte (0x04). + * Hence, when passing public keys from PSA to p256-m, the leading byte is + * removed. + * + * Shared secret and signature have the same format between PSA and p256-m. + */ +#define PSA_PUBKEY_SIZE 65 +#define PSA_PUBKEY_HEADER_BYTE 0x04 +#define P256_PUBKEY_SIZE 64 +#define PRIVKEY_SIZE 32 +#define SHARED_SECRET_SIZE 32 +#define SIGNATURE_SIZE 64 + +#define CURVE_BITS 256 + +/* Convert between p256-m and PSA error codes */ +static psa_status_t p256_to_psa_error(int ret) +{ + switch (ret) { + case P256_SUCCESS: + return PSA_SUCCESS; + case P256_INVALID_PUBKEY: + case P256_INVALID_PRIVKEY: + return PSA_ERROR_INVALID_ARGUMENT; + case P256_INVALID_SIGNATURE: + return PSA_ERROR_INVALID_SIGNATURE; + case P256_RANDOM_FAILED: + default: + return PSA_ERROR_GENERIC_ERROR; + } +} + +psa_status_t p256_transparent_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits) +{ + /* Check the key size */ + if (*bits != 0 && *bits != CURVE_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } + + /* Validate the key (and its type and size) */ + psa_key_type_t type = psa_get_key_type(attributes); + if (type == PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)) { + if (data_length != PSA_PUBKEY_SIZE) { + return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT; + } + /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */ + if (p256_validate_pubkey(data + 1) != P256_SUCCESS) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else if (type == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + if (data_length != PRIVKEY_SIZE) { + return *bits == 0 ? PSA_ERROR_NOT_SUPPORTED : PSA_ERROR_INVALID_ARGUMENT; + } + if (p256_validate_privkey(data) != P256_SUCCESS) { + return PSA_ERROR_INVALID_ARGUMENT; + } + } else { + return PSA_ERROR_NOT_SUPPORTED; + } + *bits = CURVE_BITS; + + /* We only support the export format for input, so just copy. */ + if (key_buffer_size < data_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(key_buffer, data, data_length); + *key_buffer_length = data_length; + + return PSA_SUCCESS; +} + +psa_status_t p256_transparent_export_public_key(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + /* Is this the right curve? */ + size_t bits = psa_get_key_bits(attributes); + psa_key_type_t type = psa_get_key_type(attributes); + if (bits != CURVE_BITS || type != PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)) { + return PSA_ERROR_NOT_SUPPORTED; + } + + /* Validate sizes, as p256-m expects fixed-size buffers */ + if (key_buffer_size != PRIVKEY_SIZE) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (data_size < PSA_PUBKEY_SIZE) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */ + data[0] = PSA_PUBKEY_HEADER_BYTE; + int ret = p256_public_from_private(data + 1, key_buffer); + if (ret == P256_SUCCESS) { + *data_length = PSA_PUBKEY_SIZE; + } + + return p256_to_psa_error(ret); +} + +psa_status_t p256_transparent_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length) +{ + /* We don't use this argument, but the specification mandates the signature + * of driver entry-points. (void) used to avoid compiler warning. */ + (void) attributes; + + /* Validate sizes, as p256-m expects fixed-size buffers */ + if (key_buffer_size != PRIVKEY_SIZE) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + /* + * p256-m's keypair generation function outputs both public and private + * keys. Allocate a buffer to which the public key will be written. The + * private key will be written to key_buffer, which is passed to this + * function as an argument. */ + uint8_t public_key_buffer[P256_PUBKEY_SIZE]; + + int ret = p256_gen_keypair(key_buffer, public_key_buffer); + if (ret == P256_SUCCESS) { + *key_buffer_length = PRIVKEY_SIZE; + } + + return p256_to_psa_error(ret); +} + +psa_status_t p256_transparent_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) +{ + /* We don't use these arguments, but the specification mandates the + * sginature of driver entry-points. (void) used to avoid compiler + * warning. */ + (void) attributes; + (void) alg; + + /* Validate sizes, as p256-m expects fixed-size buffers */ + if (key_buffer_size != PRIVKEY_SIZE || peer_key_length != PSA_PUBKEY_SIZE) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (shared_secret_size < SHARED_SECRET_SIZE) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */ + const uint8_t *peer_key_p256m = peer_key + 1; + int ret = p256_ecdh_shared_secret(shared_secret, key_buffer, peer_key_p256m); + if (ret == P256_SUCCESS) { + *shared_secret_length = SHARED_SECRET_SIZE; + } + + return p256_to_psa_error(ret); +} + +psa_status_t p256_transparent_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length) +{ + /* We don't use these arguments, but the specification mandates the + * sginature of driver entry-points. (void) used to avoid compiler + * warning. */ + (void) attributes; + (void) alg; + + /* Validate sizes, as p256-m expects fixed-size buffers */ + if (key_buffer_size != PRIVKEY_SIZE) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (signature_size < SIGNATURE_SIZE) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + int ret = p256_ecdsa_sign(signature, key_buffer, hash, hash_length); + if (ret == P256_SUCCESS) { + *signature_length = SIGNATURE_SIZE; + } + + return p256_to_psa_error(ret); +} + +/* This function expects the key buffer to contain a PSA public key, + * as exported by psa_export_public_key() */ +static psa_status_t p256_verify_hash_with_public_key( + const uint8_t *key_buffer, + size_t key_buffer_size, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ + /* Validate sizes, as p256-m expects fixed-size buffers */ + if (key_buffer_size != PSA_PUBKEY_SIZE || *key_buffer != PSA_PUBKEY_HEADER_BYTE) { + return PSA_ERROR_INVALID_ARGUMENT; + } + if (signature_length != SIGNATURE_SIZE) { + return PSA_ERROR_INVALID_SIGNATURE; + } + + /* See INFORMATION ON PSA KEY EXPORT FORMATS near top of file */ + const uint8_t *public_key_p256m = key_buffer + 1; + int ret = p256_ecdsa_verify(signature, public_key_p256m, hash, hash_length); + + return p256_to_psa_error(ret); +} + +psa_status_t p256_transparent_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length) +{ + /* We don't use this argument, but the specification mandates the signature + * of driver entry-points. (void) used to avoid compiler warning. */ + (void) alg; + + psa_status_t status; + uint8_t public_key_buffer[PSA_PUBKEY_SIZE]; + size_t public_key_buffer_size = PSA_PUBKEY_SIZE; + + size_t public_key_length = PSA_PUBKEY_SIZE; + /* As p256-m doesn't require dynamic allocation, we want to avoid it in + * the entrypoint functions as well. psa_driver_wrapper_export_public_key() + * requires size_t*, so we use a pointer to a stack variable. */ + size_t *public_key_length_ptr = &public_key_length; + + /* The contents of key_buffer may either be the 32 byte private key + * (keypair format), or 0x04 followed by the 64 byte public key (public + * key format). To ensure the key is in the latter format, the public key + * is exported. */ + status = psa_driver_wrapper_export_public_key( + attributes, + key_buffer, + key_buffer_size, + public_key_buffer, + public_key_buffer_size, + public_key_length_ptr); + if (status != PSA_SUCCESS) { + goto exit; + } + + status = p256_verify_hash_with_public_key( + public_key_buffer, + public_key_buffer_size, + hash, + hash_length, + signature, + signature_length); + +exit: + return status; +} + +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.h b/3rdparty/p256-m/p256-m_driver_entrypoints.h new file mode 100644 index 000000000..d92a8f00b --- /dev/null +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.h @@ -0,0 +1,231 @@ +/* + * Driver entry points for p256-m + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef P256M_DRIVER_ENTRYPOINTS_H +#define P256M_DRIVER_ENTRYPOINTS_H + +#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) +#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT +#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ + +#include "psa/crypto_types.h" + +/** Import SECP256R1 key. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] data The raw key material. For private keys + * this must be a big-endian integer of 32 + * bytes; for public key this must be an + * uncompressed ECPoint (65 bytes). + * \param[in] data_length The size of the raw key material. + * \param[out] key_buffer The buffer to contain the key data in + * output format upon successful return. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[out] key_buffer_length The length of the data written in \p + * key_buffer in bytes. + * \param[out] bits The bitsize of the key. + * + * \retval #PSA_SUCCESS + * Success. Keypair generated and stored in buffer. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The input is not supported by this driver (not SECP256R1). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is invalid. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p key_buffer_size is too small. + */ +psa_status_t p256_transparent_import_key(const psa_key_attributes_t *attributes, + const uint8_t *data, + size_t data_length, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length, + size_t *bits); + +/** Export SECP256R1 public key, from the private key. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The private key in the export format. + * \param[in] key_buffer_size The size of the private key in bytes. + * \param[out] data The buffer to contain the public key in + * the export format upon successful return. + * \param[in] data_size The size of the \p data buffer in bytes. + * \param[out] data_length The length written to \p data in bytes. + * + * \retval #PSA_SUCCESS + * Success. Keypair generated and stored in buffer. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The input is not supported by this driver (not SECP256R1). + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is invalid. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p key_buffer_size is too small. + */ +psa_status_t p256_transparent_export_public_key(const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/** Generate SECP256R1 ECC Key Pair. + * Interface function which calls the p256-m key generation function and + * places it in the key buffer provided by the caller (Mbed TLS) in the + * correct format. For a SECP256R1 curve this is the 32 bit private key. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[out] key_buffer The buffer to contain the key data in + * output format upon successful return. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[out] key_buffer_length The length of the data written in \p + * key_buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. Keypair generated and stored in buffer. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p key_buffer_size is too small. + * \retval #PSA_ERROR_GENERIC_ERROR + * The internal RNG failed. + */ +psa_status_t p256_transparent_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length); + +/** Perform raw key agreement using p256-m's ECDH implementation + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the private key + * in the format specified by PSA. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A key agreement algorithm that is + * compatible with the type of the key. + * \param[in] peer_key The buffer containing the peer's public + * key in format specified by PSA. + * \param[in] peer_key_length Size of the \p peer_key buffer in + * bytes. + * \param[out] shared_secret The buffer to which the shared secret + * is to be written. + * \param[in] shared_secret_size Size of the \p shared_secret buffer in + * bytes. + * \param[out] shared_secret_length On success, the number of bytes that + * make up the returned shared secret. + * \retval #PSA_SUCCESS + * Success. Shared secret successfully calculated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is invalid. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p shared_secret_size is too small. + */ +psa_status_t p256_transparent_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length); + +/** Sign an already-calculated hash with a private key using p256-m's ECDSA + * implementation + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the private key + * in the format specified by PSA. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A signature algorithm that is compatible + * with the type of the key. + * \param[in] hash The hash to sign. + * \param[in] hash_length Size of the \p hash buffer in bytes. + * \param[out] signature Buffer where signature is to be written. + * \param[in] signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval #PSA_SUCCESS + * Success. Hash was signed successfully. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is invalid. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \p signature_size is too small. + * \retval #PSA_ERROR_GENERIC_ERROR + * The internal RNG failed. + */ +psa_status_t p256_transparent_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length); + +/** Verify the signature of a hash using a SECP256R1 public key using p256-m's + * ECDSA implementation. + * + * \note p256-m expects a 64 byte public key, but the contents of the key + buffer may be the 32 byte keypair representation or the 65 byte + public key representation. As a result, this function calls + psa_driver_wrapper_export_public_key() to ensure the public key + can be passed to p256-m. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * + * \param[in] key_buffer The buffer containing the key + * in the format specified by PSA. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A signature algorithm that is compatible with + * the type of the key. + * \param[in] hash The hash whose signature is to be + * verified. + * \param[in] hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param[in] signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was performed successfully, but the passed + * signature is not a valid signature. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The input is invalid. + */ +psa_status_t p256_transparent_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length); + +#endif /* P256M_DRIVER_ENTRYPOINTS_H */ diff --git a/BRANCHES.md b/BRANCHES.md index c7a6082ec..d3bd75eff 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -23,6 +23,11 @@ the API of 3.(x+1) is backward compatible with 3.x). We only break API compatibility on major version changes (e.g. from 3.x to 4.0). We also maintain ABI compatibility within LTS branches; see the next section for details. +Every major version will become an LTS branch when the next major version is +released. We may occasionally create LTS branches from other releases at our +discretion. +When a new LTS branch is created, it usually remains supported for three years. + ## Backwards Compatibility for application code We maintain API compatibility in released versions of Mbed TLS. If you have @@ -101,6 +106,6 @@ The following branches are currently maintained: - [`development`](https://github.com/Mbed-TLS/mbedtls/) - [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) maintained until at least the end of 2024, see - . + . Users are urged to always use the latest version of a maintained branch. diff --git a/CMakeLists.txt b/CMakeLists.txt index 519604b50..cbe57486f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -34,14 +34,14 @@ cmake_policy(SET CMP0011 NEW) cmake_policy(SET CMP0012 NEW) if(TEST_CPP) - project("mbed TLS" C CXX) + project("Mbed TLS" LANGUAGES C CXX) else() - project("mbed TLS" C) + project("Mbed TLS" LANGUAGES C) endif() include(GNUInstallDirs) -# Determine if mbed TLS is being built as a subproject using add_subdirectory() +# Determine if Mbed TLS is being built as a subproject using add_subdirectory() if(NOT DEFINED MBEDTLS_AS_SUBPROJECT) set(MBEDTLS_AS_SUBPROJECT ON) if(CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_SOURCE_DIR) @@ -52,12 +52,15 @@ endif() # Set the project root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) -option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) +option(ENABLE_PROGRAMS "Build Mbed TLS programs." ON) option(UNSAFE_BUILD "Allow unsafe builds. These builds ARE NOT SECURE." OFF) option(MBEDTLS_FATAL_WARNINGS "Compiler warnings treated as errors" ON) if(CMAKE_HOST_WIN32) - option(GEN_FILES "Generate the auto-generated files as needed" OFF) + # N.B. The comment on the next line is significant! If you change it, + # edit the sed command in prepare_release.sh that modifies + # CMakeLists.txt. + option(GEN_FILES "Generate the auto-generated files as needed" OFF) # off in development else() option(GEN_FILES "Generate the auto-generated files as needed" ON) endif() @@ -71,9 +74,9 @@ string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}") # the test suites currently have compile errors with MSVC if(CMAKE_COMPILER_IS_MSVC) - option(ENABLE_TESTING "Build mbed TLS tests." OFF) + option(ENABLE_TESTING "Build Mbed TLS tests." OFF) else() - option(ENABLE_TESTING "Build mbed TLS tests." ON) + option(ENABLE_TESTING "Build Mbed TLS tests." ON) endif() # Warning string - created as a list for compatibility with CMake 2.8 @@ -118,6 +121,10 @@ if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) FORCE) endif() +# Make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs +set(MBEDTLS_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS config file (overrides default).") +set(MBEDTLS_USER_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS user config file (appended to default).") + # Create a symbolic link from ${base_name} in the binary directory # to the corresponding path in the source directory. # Note: Copies the file(s) on Windows. @@ -222,7 +229,9 @@ if(CMAKE_COMPILER_IS_CLANG) endif(CMAKE_COMPILER_IS_CLANG) if(CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts -Ohz") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts") + set(CMAKE_C_FLAGS_RELEASE "-Ohz") + set(CMAKE_C_FLAGS_DEBUG "--debug -On") endif(CMAKE_COMPILER_IS_IAR) if(CMAKE_COMPILER_IS_MSVC) @@ -245,7 +254,7 @@ if(MBEDTLS_FATAL_WARNINGS) endif(CMAKE_COMPILER_IS_CLANG OR CMAKE_COMPILER_IS_GNU) if (CMAKE_COMPILER_IS_IAR) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warning_are_errors") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warnings_are_errors") endif(CMAKE_COMPILER_IS_IAR) endif(MBEDTLS_FATAL_WARNINGS) @@ -280,12 +289,37 @@ add_subdirectory(library) # to define the test executables. # if(ENABLE_TESTING OR ENABLE_PROGRAMS) - file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) + file(GLOB MBEDTLS_TEST_FILES + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/drivers/*.c) add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES}) target_include_directories(mbedtls_test PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library) + + file(GLOB MBEDTLS_TEST_HELPER_FILES + ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/test_helpers/*.c) + add_library(mbedtls_test_helpers OBJECT ${MBEDTLS_TEST_HELPER_FILES}) + target_include_directories(mbedtls_test_helpers + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include) + + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() endif() if(ENABLE_PROGRAMS) @@ -343,7 +377,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) write_basic_package_version_file( "cmake/MbedTLSConfigVersion.cmake" COMPATIBILITY SameMajorVersion - VERSION 3.3.0) + VERSION 3.5.0) install( FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index fc79e49d2..8454fb8ea 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -14,8 +14,8 @@ More details on all of these points may be found in the sections below. Coding Standards ---------------- -- We would ask that contributions conform to [our coding standards](https://mbed-tls.readthedocs.io/en/latest/kb/development/mbedtls-coding-standards/), and that contributions are fully tested before submission, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. -- The code should be written in a clean and readable style. +- Contributions should include tests, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. Please check that your contribution passes basic tests before submission, and check the CI results after making a pull request. +- The code should be written in a clean and readable style, and must follow [our coding standards](https://mbed-tls.readthedocs.io/en/latest/kb/development/mbedtls-coding-standards/). - The code should be written in a portable generic way, that will benefit the whole community, and not only your own needs. - The code should be secure, and will be reviewed from a security point of view as well. @@ -24,7 +24,7 @@ Making a Contribution 1. [Check for open issues](https://github.com/Mbed-TLS/mbedtls/issues) or [start a discussion](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org) around a feature idea or a bug. 1. Fork the [Mbed TLS repository on GitHub](https://github.com/Mbed-TLS/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/Mbed-TLS/mbedtls/tree/development) as a basis. 1. Write a test which shows that the bug was fixed or that the feature works as expected. -1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :) +1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. See our [review process guidelines](https://mbed-tls.readthedocs.io/en/latest/reviews/review-for-contributors/). 1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it. Backwards Compatibility @@ -84,8 +84,14 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out License and Copyright --------------------- -All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. For licensing details, please see the [License section of the README](README.md#License). +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. + +Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses. + +All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors". -When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and be subject to the same Apache 2.0 license. This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line. +When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and is submitted under both the Apache-2.0 AND GPL-2.0-or-later licenses. + +This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line. diff --git a/ChangeLog b/ChangeLog index 1404d3647..85f3665c2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,512 @@ Mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 3.5.0 branch released 2023-10-05 + +API changes + * Mbed TLS 3.4 introduced support for omitting the built-in implementation + of ECDSA and/or EC J-PAKE when those are provided by a driver. However, + their was a flaw in the logic checking if the built-in implementation, in + that if failed to check if all the relevant curves were supported by the + accelerator. As a result, it was possible to declare no curves as + accelerated and still have the built-in implementation compiled out. + Starting with this release, it is necessary to declare which curves are + accelerated (using MBEDTLS_PSA_ACCEL_ECC_xxx macros), or they will be + considered not accelerated, and the built-in implementation of the curves + and any algorithm possible using them will be included in the build. + * Add new millisecond time type `mbedtls_ms_time_t` and `mbedtls_ms_time()` + function, needed for TLS 1.3 ticket lifetimes. Alternative implementations + can be created using an ALT interface. + +Requirement changes + * Officially require Python 3.8 now that earlier versions are out of support. + * Minimum required Windows version is now Windows Vista, or + Windows Server 2008. + +New deprecations + * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR and + MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR, where xxx is either ECC or RSA, + are now being deprecated in favor of PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy and + MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR_yyy. Here yyy can be: BASIC, + IMPORT, EXPORT, GENERATE, DERIVE. The goal is to have a finer detail about + the capabilities of the PSA side for either key. + * MBEDTLS_CIPHER_BLKSIZE_MAX is deprecated in favor of + MBEDTLS_MAX_BLOCK_LENGTH (if you intended what the name suggests: + maximum size of any supported block cipher) or the new name + MBEDTLS_CMAC_MAX_BLOCK_SIZE (if you intended the actual semantics: + maximum size of a block cipher supported by the CMAC module). + * mbedtls_pkcs5_pbes2() and mbedtls_pkcs12_pbe() functions are now + deprecated in favor of mbedtls_pkcs5_pbes2_ext() and + mbedtls_pkcs12_pbe_ext() as they offer more security by checking + for overflow of the output buffer and reporting the actual length + of the output. + +Features + * All modules that use hashes or HMAC can now take advantage of PSA Crypto + drivers when MBEDTLS_PSA_CRYPTO_C is enabled and psa_crypto_init() has + been called. Previously (in 3.3), this was restricted to a few modules, + and only in builds where MBEDTLS_MD_C was disabled; in particular the + entropy module was not covered which meant an external RNG had to be + provided - these limitations are lifted in this version. A new set of + feature macros, MBEDTLS_MD_CAN_xxx, has been introduced that can be used + to check for availability of hash algorithms, regardless of whether + they're provided by a built-in implementation, a driver or both. See + docs/driver-only-builds.md. + * When a PSA driver for ECDH is present, it is now possible to disable + MBEDTLS_ECDH_C in the build in order to save code size. For TLS 1.2 + key exchanges based on ECDH(E) to work, this requires + MBEDTLS_USE_PSA_CRYPTO. Restartable/interruptible ECDHE operations in + TLS 1.2 (ECDHE-ECDSA key exchange) are not supported in those builds yet, + as PSA does not have an API for restartable ECDH yet. + * When all of ECDH, ECDSA and EC J-PAKE are either disabled or provided by + a driver, it is possible to disable MBEDTLS_ECP_C (and MBEDTLS_BIGNUM_C + if not required by another module) and still get support for ECC keys and + algorithms in PSA, with some limitations. See docs/driver-only-builds.txt + for details. + * Add parsing of directoryName subtype for subjectAltName extension in + x509 certificates. + * Add support for server-side TLS version negotiation. If both TLS 1.2 and + TLS 1.3 protocols are enabled, the TLS server now selects TLS 1.2 or + TLS 1.3 depending on the capabilities and preferences of TLS clients. + Fixes #6867. + * X.509 hostname verification now supports IPAddress Subject Alternate Names. + * Add support for reading and writing X25519 and X448 + public and private keys in RFC 8410 format using the existing PK APIs. + * When parsing X.509 certificates, support the extensions + SignatureKeyIdentifier and AuthorityKeyIdentifier. + * Don't include the PSA dispatch functions for PAKEs (psa_pake_setup() etc) + if no PAKE algorithms are requested + * Add support for the FFDH algorithm and DH key types in PSA, with + parameters from RFC 7919. This includes a built-in implementation based + on MBEDTLS_BIGNUM_C, and a driver dispatch layer enabling alternative + implementations of FFDH through the driver entry points. + * It is now possible to generate certificates with SubjectAltNames. + Currently supported subtypes: DnsName, UniformResourceIdentifier, + IP address, OtherName, and DirectoryName, as defined in RFC 5280. + See mbedtls_x509write_crt_set_subject_alternative_name for + more information. + * X.509 hostname verification now partially supports URI Subject Alternate + Names. Only exact matching, without any normalization procedures + described in 7.4 of RFC5280, will result in a positive URI verification. + * Add function mbedtls_oid_from_numeric_string() to parse an OID from a + string to a DER-encoded mbedtls_asn1_buf. + * Add SHA-3 family hash functions. + * Add support to restrict AES to 128-bit keys in order to save code size. + A new configuration option, MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH, can be + used to enable this feature. + * AES performance improvements. Uplift varies by platform, + toolchain, optimisation flags and mode. + Aarch64, gcc -Os and CCM, GCM and XTS benefit the most. + On Aarch64, uplift is typically around 20 - 110%. + When compiling with gcc -Os on Aarch64, AES-XTS improves + by 4.5x. + * Add support for PBKDF2-HMAC through the PSA API. + * New symbols PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy and + MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR_yyy (where xxx is either ECC, RSA + or DH) were introduced in order to have finer accuracy in defining the + PSA capabilities for each key. These capabilities, named yyy above, can be + any of: BASIC, IMPORT, EXPORT, GENERATE, DERIVE. + - DERIVE is only available for ECC keys, not for RSA or DH ones. + - implementations are free to enable more than what it was strictly + requested. For example BASIC internally enables IMPORT and EXPORT + (useful for testing purposes), but this might change in the future. + * Add support for FFDH key exchange in TLS 1.3. + This is automatically enabled as soon as PSA_WANT_ALG_FFDH + and the ephemeral or psk-ephemeral key exchange mode are enabled. + By default, all groups are offered; the list of groups can be + configured using the existing API function mbedtls_ssl_conf_groups(). + * Improve mbedtls_x509_time performance and reduce memory use. + * Reduce syscalls to time() during certificate verification. + * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by + setting the CMake variable of the same name at configuration time. + * Add getter (mbedtls_ssl_cache_get_timeout()) to access + `mbedtls_ssl_cache_context.timeout`. + * Add getter (mbedtls_ssl_get_hostname()) to access + `mbedtls_ssl_context.hostname`. + * Add getter (mbedtls_ssl_conf_get_endpoint()) to access + `mbedtls_ssl_config.endpoint`. + * Support for "opaque" (PSA-held) ECC keys in the PK module has been + extended: it is now possible to use mbedtls_pk_write_key_der(), + mbedtls_pk_write_key_pem(), mbedtls_pk_check_pair(), and + mbedtls_pk_verify() with opaque ECC keys (provided the PSA attributes + allow it). + * The documentation of mbedtls_ecp_group now describes the optimized + representation of A for some curves. Fixes #8045. + * Add a possibility to generate CSR's with RCF822 and directoryName subtype + of subjectAltName extension in x509 certificates. + * Add support for PBKDF2-CMAC through the PSA API. + * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When + using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option + disables the plain C implementation and the run-time detection for the + CPU feature, which reduces code size and avoids the vulnerability of the + plain C implementation. + * Accept arbitrary AttributeType and AttributeValue in certificate + Distinguished Names using RFC 4514 syntax. + * Applications using ECC over secp256r1 through the PSA API can use a + new implementation with a much smaller footprint, but some minor + usage restrictions. See the documentation of the new configuration + option MBEDTLS_PSA_P256M_DRIVER_ENABLED for details. + +Security + * Fix a case where potentially sensitive information held in memory would not + be completely zeroized during TLS 1.2 handshake, in both server and client + configurations. + * In configurations with ARIA or Camellia but not AES, the value of + MBEDTLS_CIPHER_BLKSIZE_MAX was 8, rather than 16 as the name might + suggest. This did not affect any library code, because this macro was + only used in relation with CMAC which does not support these ciphers. + This may affect application code that uses this macro. + * Developers using mbedtls_pkcs5_pbes2() or mbedtls_pkcs12_pbe() should + review the size of the output buffer passed to this function, and note + that the output after decryption may include CBC padding. Consider moving + to the new functions mbedtls_pkcs5_pbes2_ext() or mbedtls_pkcs12_pbe_ext() + which checks for overflow of the output buffer and reports the actual + length of the output. + * Improve padding calculations in CBC decryption, NIST key unwrapping and + RSA OAEP decryption. With the previous implementation, some compilers + (notably recent versions of Clang and IAR) could produce non-constant + time code, which could allow a padding oracle attack if the attacker + has access to precise timing measurements. + * Updates to constant-time C code so that compilers are less likely to use + conditional instructions, which can have an observable difference in + timing. (Clang has been seen to do this.) Also introduce assembly + implementations for 32- and 64-bit Arm and for x86 and x86-64, which are + guaranteed not to use conditional instructions. + * Fix definition of MBEDTLS_MD_MAX_BLOCK_SIZE, which was too + small when MBEDTLS_SHA384_C was defined and MBEDTLS_SHA512_C was + undefined. Mbed TLS itself was unaffected by this, but user code + which used MBEDTLS_MD_MAX_BLOCK_SIZE could be affected. The only + release containing this bug was Mbed TLS 3.4.0. + * Fix a buffer overread when parsing short TLS application data records in + null-cipher cipher suites. Credit to OSS-Fuzz. + * Fix a remotely exploitable heap buffer overflow in TLS handshake parsing. + In TLS 1.3, all configurations are affected except PSK-only ones, and + both clients and servers are affected. + In TLS 1.2, the affected configurations are those with + MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled, + and only servers are affected, not clients. + Credit to OSS-Fuzz. + +Bugfix + * Fix proper sizing for PSA_EXPORT_[KEY_PAIR/PUBLIC_KEY]_MAX_SIZE and + PSA_SIGNATURE_MAX_SIZE buffers when at least one accelerated EC is bigger + than all built-in ones and RSA is disabled. + Resolves #6622. + * Add missing md.h includes to some of the external programs from + the programs directory. Without this, even though the configuration + was sufficient for a particular program to work, it would only print + a message that one of the required defines is missing. + * Fix declaration of mbedtls_ecdsa_sign_det_restartable() function + in the ecdsa.h header file. There was a build warning when the + configuration macro MBEDTLS_ECDSA_SIGN_ALT was defined. + Resolves #7407. + * Fix an error when MBEDTLS_ECDSA_SIGN_ALT is defined but not + MBEDTLS_ECDSA_VERIFY_ALT, causing ecdsa verify to fail. Fixes #7498. + * Fix missing PSA initialization in sample programs when + MBEDTLS_USE_PSA_CRYPTO is enabled. + * Fix the J-PAKE driver interface for user and peer to accept any values + (previously accepted values were limited to "client" or "server"). + * Fix clang and armclang compilation error when targeting certain Arm + M-class CPUs (Cortex-M0, Cortex-M0+, Cortex-M1, Cortex-M23, + SecurCore SC000). Fixes #1077. + * Fix "unterminated '#pragma clang attribute push'" in sha256/sha512.c when + built with MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT but don't have a + way to detect the crypto extensions required. A warning is still issued. + * Fixed an issue that caused compile errors when using CMake and the IAR + toolchain. + * Fix very high stack usage in SSL debug code. Reported by Maximilian + Gerhardt in #7804. + * Fix a compilation failure in the constant_time module when + building for arm64_32 (e.g., for watchos). Reported by Paulo + Coutinho in #7787. + * Fix crypt_and_hash decryption fail when used with a stream cipher + mode of operation due to the input not being multiple of block size. + Resolves #7417. + * Fix a bug in which mbedtls_x509_string_to_names() would return success + when given a invalid name string if it did not contain '=' or ','. + * Fix compilation warnings in aes.c, which prevented the + example TF-M configuration in configs/ from building cleanly: + tfm_mbedcrypto_config_profile_medium.h with + crypto_config_profile_medium.h. + * In TLS 1.3, fix handshake failure when a client in its ClientHello + proposes an handshake based on PSK only key exchange mode or at least + one of the key exchange modes using ephemeral keys to a server that + supports only the PSK key exchange mode. + * Fix CCM* with no tag being not supported in a build with CCM as the only + symmetric encryption algorithm and the PSA configuration enabled. + * Fix the build with MBEDTLS_PSA_INJECT_ENTROPY. Fixes #7516. + * Fix a compilation error on some platforms when including mbedtls/ssl.h + with all TLS support disabled. Fixes #6628. + * Fix x509 certificate generation to conform to RFC 5480 / RFC 5758 when + using ECC key. The certificate was rejected by some crypto frameworks. + Fixes #2924. + * Fix a potential corruption of the passed-in IV when mbedtls_aes_crypt_cbc() + is called with zero length and padlock is not enabled. + * Fix compile failure due to empty enum in cipher_wrap.c, when building + with a very minimal configuration. Fixes #7625. + * Fix some cases where mbedtls_mpi_mod_exp, RSA key construction or ECDSA + signature can silently return an incorrect result in low memory conditions. + * Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when + MBEDTLS_PSA_CRYPTO_CONFIG is disabled. + * Fix IAR compiler warnings. + * Fix an issue when parsing an otherName subject alternative name into a + mbedtls_x509_san_other_name struct. The type-id of the otherName was not + copied to the struct. This meant that the struct had incomplete + information about the otherName SAN and contained uninitialized memory. + * Fix the detection of HardwareModuleName otherName SANs. These were being + detected by comparing the wrong field and the check was erroneously + inverted. + * Fix a build error in some configurations with MBEDTLS_PSA_CRYPTO_CONFIG + enabled, where some low-level modules required by requested PSA crypto + features were not getting automatically enabled. Fixes #7420. + * Fix undefined symbols in some builds using TLS 1.3 with a custom + configuration file. + * Fix log level for the got supported group message. Fixes #6765 + * Functions in the ssl_cache module now return a negative MBEDTLS_ERR_xxx + error code on failure. Before, they returned 1 to indicate failure in + some cases involving a missing entry or a full cache. + * mbedtls_pk_parse_key() now rejects trailing garbage in encrypted keys. + * Fix the build with CMake when Everest or P256-m is enabled through + a user configuration file or the compiler command line. Fixes #8165. + +Changes + * Enable Arm / Thumb bignum assembly for most Arm platforms when + compiling with gcc, clang or armclang and -O0. + * Enforce minimum RSA key size when generating a key + to avoid accidental misuse. + * Use heap memory to allocate DER encoded RSA private key. + This reduces stack usage significantly for RSA signature + operations when MBEDTLS_PSA_CRYPTO_C is defined. + * Update Windows code to use BCryptGenRandom and wcslen, and + ensure that conversions between size_t, ULONG, and int are + always done safely. Original contribution by Kevin Kane #635, #730 + followed by Simon Butcher #1453. + * Users integrating their own PSA drivers should be aware that + the file library/psa_crypto_driver_wrappers.c has been renamed + to psa_crypto_driver_wrappers_no_static.c. + * When using CBC with the cipher module, the requirement to call + mbedtls_cipher_set_padding_mode() is now enforced. Previously, omitting + this call accidentally applied a default padding mode chosen at compile + time. + += Mbed TLS 3.4.1 branch released 2023-08-04 + +Bugfix + * Fix builds on Windows with clang + +Changes + * Update test data to avoid failures of unit tests after 2023-08-07. + += Mbed TLS 3.4.0 branch released 2023-03-28 + +Default behavior changes + * The default priority order of TLS 1.3 cipher suites has been modified to + follow the same rules as the TLS 1.2 cipher suites (see + ssl_ciphersuites.c). The preferred cipher suite is now + TLS_CHACHA20_POLY1305_SHA256. + +New deprecations + * mbedtls_x509write_crt_set_serial() is now being deprecated in favor of + mbedtls_x509write_crt_set_serial_raw(). The goal here is to remove any + direct dependency of X509 on BIGNUM_C. + * PSA to mbedtls error translation is now unified in psa_util.h, + deprecating mbedtls_md_error_from_psa. Each file that performs error + translation should define its own version of PSA_TO_MBEDTLS_ERR, + optionally providing file-specific error pairs. Please see psa_util.h for + more details. + +Features + * Added partial support for parsing the PKCS #7 Cryptographic Message + Syntax, as defined in RFC 2315. Currently, support is limited to the + following: + - Only the signed-data content type, version 1 is supported. + - Only DER encoding is supported. + - Only a single digest algorithm per message is supported. + - Certificates must be in X.509 format. A message must have either 0 + or 1 certificates. + - There is no support for certificate revocation lists. + - The authenticated and unauthenticated attribute fields of SignerInfo + must be empty. + Many thanks to Daniel Axtens, Nayna Jain, and Nick Child from IBM for + contributing this feature, and to Demi-Marie Obenour for contributing + various improvements, tests and bug fixes. + * General performance improvements by accessing multiple bytes at a time. + Fixes #1666. + * Improvements to use of unaligned and byte-swapped memory, reducing code + size and improving performance (depending on compiler and target + architecture). + * Add support for reading points in compressed format + (MBEDTLS_ECP_PF_COMPRESSED) with mbedtls_ecp_point_read_binary() + (and callers) for Short Weierstrass curves with prime p where p = 3 mod 4 + (all mbedtls MBEDTLS_ECP_DP_SECP* and MBEDTLS_ECP_DP_BP* curves + except MBEDTLS_ECP_DP_SECP224R1 and MBEDTLS_ECP_DP_SECP224K1) + * SHA224_C/SHA384_C are now independent from SHA384_C/SHA512_C respectively. + This helps in saving code size when some of the above hashes are not + required. + * Add parsing of V3 extensions (key usage, Netscape cert-type, + Subject Alternative Names) in x509 Certificate Sign Requests. + * Use HOSTCC (if it is set) when compiling C code during generation of the + configuration-independent files. This allows them to be generated when + CC is set for cross compilation. + * Add parsing of uniformResourceIdentifier subtype for subjectAltName + extension in x509 certificates. + * Add an interruptible version of sign and verify hash to the PSA interface, + backed by internal library support for ECDSA signing and verification. + * Add parsing of rfc822Name subtype for subjectAltName + extension in x509 certificates. + * The configuration macros MBEDTLS_PSA_CRYPTO_PLATFORM_FILE and + MBEDTLS_PSA_CRYPTO_STRUCT_FILE specify alternative locations for + the headers "psa/crypto_platform.h" and "psa/crypto_struct.h". + * When a PSA driver for ECDSA is present, it is now possible to disable + MBEDTLS_ECDSA_C in the build in order to save code size. For PK, X.509 + and TLS to fully work, this requires MBEDTLS_USE_PSA_CRYPTO to be enabled. + Restartable/interruptible ECDSA operations in PK, X.509 and TLS are not + supported in those builds yet, as driver support for interruptible ECDSA + operations is not present yet. + * Add a driver dispatch layer for EC J-PAKE, enabling alternative + implementations of EC J-PAKE through the driver entry points. + * Add new API mbedtls_ssl_cache_remove for cache entry removal by + its session id. + * Add support to include the SubjectAltName extension to a CSR. + * Add support for AES with the Armv8-A Cryptographic Extension on + 64-bit Arm. A new configuration option, MBEDTLS_AESCE_C, can + be used to enable this feature. Run-time detection is supported + under Linux only. + * When a PSA driver for EC J-PAKE is present, it is now possible to disable + MBEDTLS_ECJPAKE_C in the build in order to save code size. For the + corresponding TLS 1.2 key exchange to work, MBEDTLS_USE_PSA_CRYPTO needs + to be enabled. + * Add functions mbedtls_rsa_get_padding_mode() and mbedtls_rsa_get_md_alg() + to read non-public fields for padding mode and hash id from + an mbedtls_rsa_context, as requested in #6917. + * AES-NI is now supported with Visual Studio. + * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM + is disabled, when compiling with GCC or Clang or a compatible compiler + for a target CPU that supports the requisite instructions (for example + gcc -m32 -msse2 -maes -mpclmul). (Generic x86 builds with GCC-like + compilers still require MBEDTLS_HAVE_ASM and a 64-bit target.) + * It is now possible to use a PSA-held (opaque) password with the TLS 1.2 + ECJPAKE key exchange, using the new API function + mbedtls_ssl_set_hs_ecjpake_password_opaque(). + +Security + * Use platform-provided secure zeroization function where possible, such as + explicit_bzero(). + * Zeroize SSL cache entries when they are freed. + * Fix a potential heap buffer overread in TLS 1.3 client-side when + MBEDTLS_DEBUG_C is enabled. This may result in an application crash. + * Add support for AES with the Armv8-A Cryptographic Extension on 64-bit + Arm, so that these systems are no longer vulnerable to timing side-channel + attacks. This is configured by MBEDTLS_AESCE_C, which is on by default. + Reported by Demi Marie Obenour. + * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on + builds that couldn't compile the GCC-style assembly implementation + (most notably builds with Visual Studio), leaving them vulnerable to + timing side-channel attacks. There is now an intrinsics-based AES-NI + implementation as a fallback for when the assembly one cannot be used. + +Bugfix + * Fix possible integer overflow in mbedtls_timing_hardclock(), which + could cause a crash in programs/test/benchmark. + * Fix IAR compiler warnings. Fixes #6924. + * Fix a bug in the build where directory names containing spaces were + causing generate_errors.pl to error out resulting in a build failure. + Fixes issue #6879. + * In TLS 1.3, when using a ticket for session resumption, tweak its age + calculation on the client side. It prevents a server with more accurate + ticket timestamps (typically timestamps in milliseconds) compared to the + Mbed TLS ticket timestamps (in seconds) to compute a ticket age smaller + than the age computed and transmitted by the client and thus potentially + reject the ticket. Fix #6623. + * Fix compile error where MBEDTLS_RSA_C and MBEDTLS_X509_CRT_WRITE_C are + defined, but MBEDTLS_PK_RSA_ALT_SUPPORT is not defined. Fixes #3174. + * List PSA_WANT_ALG_CCM_STAR_NO_TAG in psa/crypto_config.h so that it can + be toggled with config.py. + * The key derivation algorithm PSA_ALG_TLS12_ECJPAKE_TO_PMS cannot be + used on a shared secret from a key agreement since its input must be + an ECC public key. Reject this properly. + * mbedtls_x509write_crt_set_serial() now explicitly rejects serial numbers + whose binary representation is longer than 20 bytes. This was already + forbidden by the standard (RFC5280 - section 4.1.2.2) and now it's being + enforced also at code level. + * Fix potential undefined behavior in mbedtls_mpi_sub_abs(). Reported by + Pascal Cuoq using TrustInSoft Analyzer in #6701; observed independently by + Aaron Ucko under Valgrind. + * Fix behavior of certain sample programs which could, when run with no + arguments, access uninitialized memory in some cases. Fixes #6700 (which + was found by TrustInSoft Analyzer during REDOCS'22) and #1120. + * Fix parsing of X.509 SubjectAlternativeName extension. Previously, + malformed alternative name components were not caught during initial + certificate parsing, but only on subsequent calls to + mbedtls_x509_parse_subject_alt_name(). Fixes #2838. + * Make the fields of mbedtls_pk_rsassa_pss_options public. This makes it + possible to verify RSA PSS signatures with the pk module, which was + inadvertently broken since Mbed TLS 3.0. + * Fix bug in conversion from OID to string in + mbedtls_oid_get_numeric_string(). OIDs such as 2.40.0.25 are now printed + correctly. + * Reject OIDs with overlong-encoded subidentifiers when converting + them to a string. + * Reject OIDs with subidentifier values exceeding UINT_MAX. Such + subidentifiers can be valid, but Mbed TLS cannot currently handle them. + * Reject OIDs that have unterminated subidentifiers, or (equivalently) + have the most-significant bit set in their last byte. + * Silence warnings from clang -Wdocumentation about empty \retval + descriptions, which started appearing with Clang 15. Fixes #6960. + * Fix the handling of renegotiation attempts in TLS 1.3. They are now + systematically rejected. + * Fix an unused-variable warning in TLS 1.3-only builds if + MBEDTLS_SSL_RENEGOTIATION was enabled. Fixes #6200. + * Fix undefined behavior in mbedtls_ssl_read() and mbedtls_ssl_write() if + len argument is 0 and buffer is NULL. + * Allow setting user and peer identifiers for EC J-PAKE operation + instead of role in PAKE PSA Crypto API as described in the specification. + This is a partial fix that allows only "client" and "server" identifiers. + * Fix a compilation error when PSA Crypto is built with support for + TLS12_PRF but not TLS12_PSK_TO_MS. Reported by joerchan in #7125. + * In the TLS 1.3 server, select the preferred client cipher suite, not the + least preferred. The selection error was introduced in Mbed TLS 3.3.0. + * Fix TLS 1.3 session resumption when the established pre-shared key is + 384 bits long. That is the length of pre-shared keys created under a + session where the cipher suite is TLS_AES_256_GCM_SHA384. + * Fix an issue when compiling with MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + enabled, which required specifying compiler flags enabling SHA3 Crypto + Extensions, where some compilers would emit EOR3 instructions in other + modules, which would then fail if run on a CPU without the SHA3 + extensions. Fixes #5758. + +Changes + * Install the .cmake files into CMAKE_INSTALL_LIBDIR/cmake/MbedTLS, + typically /usr/lib/cmake/MbedTLS. + * Mixed-endian systems are explicitly not supported any more. + * When MBEDTLS_USE_PSA_CRYPTO and MBEDTLS_ECDSA_DETERMINISTIC are both + defined, mbedtls_pk_sign() now use deterministic ECDSA for ECDSA + signatures. This aligns the behaviour with MBEDTLS_USE_PSA_CRYPTO to + the behaviour without it, where deterministic ECDSA was already used. + * Visual Studio: Rename the directory containing Visual Studio files from + visualc/VS2010 to visualc/VS2013 as we do not support building with versions + older than 2013. Update the solution file to specify VS2013 as a minimum. + * programs/x509/cert_write: + - now it accepts the serial number in 2 different formats: decimal and + hex. They cannot be used simultaneously + - "serial" is used for the decimal format and it's limted in size to + unsigned long long int + - "serial_hex" is used for the hex format; max length here is + MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN*2 + * The C code follows a new coding style. This is transparent for users but + affects contributors and maintainers of local patches. For more + information, see + https://mbed-tls.readthedocs.io/en/latest/kb/how-to/rewrite-branch-for-coding-style/ + * Changed the default MBEDTLS_ECP_WINDOW_SIZE from 6 to 2. + As tested in issue 6790, the correlation between this define and + RSA decryption performance has changed lately due to security fixes. + To fix the performance degradation when using default values the + window was reduced from 6 to 2, a value that gives the best or close + to best results when tested on Cortex-M4 and Intel i7. + * When enabling MBEDTLS_SHA256_USE_A64_CRYPTO_* or + MBEDTLS_SHA512_USE_A64_CRYPTO_*, it is no longer necessary to specify + compiler target flags on the command line; the library now sets target + options within the appropriate modules. + = Mbed TLS 3.3.0 branch released 2022-12-14 Default behavior changes @@ -106,11 +613,11 @@ Security * Fix potential heap buffer overread and overwrite in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. - * An adversary with access to precise enough information about memory - accesses (typically, an untrusted operating system attacking a secure - enclave) could recover an RSA private key after observing the victim - performing a single private-key operation if the window size used for the - exponentiation was 3 or smaller. Found and reported by Zili KOU, + * Fix an issue where an adversary with access to precise enough information + about memory accesses (typically, an untrusted operating system attacking + a secure enclave) could recover an RSA private key after observing the + victim performing a single private-key operation if the window size used + for the exponentiation was 3 or smaller. Found and reported by Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation and Test in Europe 2023. @@ -969,16 +1476,17 @@ Security signature, allowing the recovery of the private key after observing a large number of signature operations. This completes a partial fix in Mbed TLS 2.20.0. - * An adversary with access to precise enough information about memory - accesses (typically, an untrusted operating system attacking a secure - enclave) could recover an RSA private key after observing the victim - performing a single private-key operation. Found and reported by + * Fix an issue where an adversary with access to precise enough information + about memory accesses (typically, an untrusted operating system attacking + a secure enclave) could recover an RSA private key after observing the + victim performing a single private-key operation. Found and reported by Zili KOU, Wenjian HE, Sharad Sinha, and Wei ZHANG. - * An adversary with access to precise enough timing information (typically, a - co-located process) could recover a Curve25519 or Curve448 static ECDH key - after inputting a chosen public key and observing the victim performing the - corresponding private-key operation. Found and reported by Leila Batina, - Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe. + * Fix an issue where an adversary with access to precise enough timing + information (typically, a co-located process) could recover a Curve25519 + or Curve448 static ECDH key after inputting a chosen public key and + observing the victim performing the corresponding private-key operation. + Found and reported by Leila Batina, Lukas Chmielewski, Björn Haase, Niels + Samwel and Peter Schwabe. Bugfix * Fix premature fopen() call in mbedtls_entropy_write_seed_file which may diff --git a/ChangeLog.d/00README.md b/ChangeLog.d/00README.md index d2ea73d1c..2fbc989de 100644 --- a/ChangeLog.d/00README.md +++ b/ChangeLog.d/00README.md @@ -21,6 +21,9 @@ We generally don't include changelog entries for: * Performance improvements, unless they are particularly significant. * Changes to parts of the code base that users don't interact with directly, such as test code and test data. +* Fixes for compiler warnings. Releases typically contain a number of fixes + of this kind, so we will only mention them in the Changelog if they are + particularly significant. Until Mbed TLS 2.24.0, we required changelog entries in more cases. Looking at older changelog entries is good practice for how to write a diff --git a/ChangeLog.d/add-psa-example-program-hash.txt b/ChangeLog.d/add-psa-example-program-hash.txt new file mode 100644 index 000000000..ba4da20d3 --- /dev/null +++ b/ChangeLog.d/add-psa-example-program-hash.txt @@ -0,0 +1,2 @@ +Features + * Added an example program showing how to hash with the PSA API. diff --git a/ChangeLog.d/alignment-perf.txt b/ChangeLog.d/alignment-perf.txt deleted file mode 100644 index 7a8e6fb4a..000000000 --- a/ChangeLog.d/alignment-perf.txt +++ /dev/null @@ -1,8 +0,0 @@ -Features - * General performance improvements by accessing multiple bytes at a time. - Fixes #1666. - * Improvements to use of unaligned and byte-swapped memory, reducing code - size and improving performance (depending on compiler and target - architecture). -Changes - * Mixed-endian systems are explicitly not supported any more. diff --git a/ChangeLog.d/cmake-install.txt b/ChangeLog.d/cmake-install.txt deleted file mode 100644 index d8eb72e1e..000000000 --- a/ChangeLog.d/cmake-install.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Install the .cmake files into CMAKE_INSTALL_LIBDIR/cmake/MbedTLS, - typically /usr/lib/cmake/MbedTLS. diff --git a/ChangeLog.d/fix-3rdparty-target-prefix.txt b/ChangeLog.d/fix-3rdparty-target-prefix.txt new file mode 100644 index 000000000..db8ed07ee --- /dev/null +++ b/ChangeLog.d/fix-3rdparty-target-prefix.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules + in CMake. diff --git a/ChangeLog.d/fix-cmake-3rdparty-custom-config.txt b/ChangeLog.d/fix-cmake-3rdparty-custom-config.txt new file mode 100644 index 000000000..ec543aafc --- /dev/null +++ b/ChangeLog.d/fix-cmake-3rdparty-custom-config.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix the build with CMake when Everest or P256-m is enabled through + a user configuration file or the compiler command line. Fixes #8165. diff --git a/ChangeLog.d/fix-cpp-compilation-error.txt b/ChangeLog.d/fix-cpp-compilation-error.txt new file mode 100644 index 000000000..32d86dced --- /dev/null +++ b/ChangeLog.d/fix-cpp-compilation-error.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix compilation error in C++ programs when MBEDTLS_ASN1_PARSE_C is + disabled. diff --git a/ChangeLog.d/fix-gettimeofday-overflow.txt b/ChangeLog.d/fix-gettimeofday-overflow.txt deleted file mode 100644 index b7e10d2b0..000000000 --- a/ChangeLog.d/fix-gettimeofday-overflow.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix possible integer overflow in mbedtls_timing_hardclock(), which - could cause a crash in programs/test/benchmark. diff --git a/ChangeLog.d/fix-iar-warnings.txt b/ChangeLog.d/fix-iar-warnings.txt deleted file mode 100644 index 244e8630d..000000000 --- a/ChangeLog.d/fix-iar-warnings.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bugfix - * Fix IAR compiler warnings. Contributed by Glenn Strauss in #3835. diff --git a/ChangeLog.d/fix_build_for_directory_names_containing_spaces.txt b/ChangeLog.d/fix_build_for_directory_names_containing_spaces.txt deleted file mode 100644 index e7643b703..000000000 --- a/ChangeLog.d/fix_build_for_directory_names_containing_spaces.txt +++ /dev/null @@ -1,4 +0,0 @@ -Bugfix - * Fix a bug in the build where directory names containing spaces were - causing generate_errors.pl to error out resulting in a build failure. - Fixes issue #6879. diff --git a/ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt b/ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt deleted file mode 100644 index d2c9b35dd..000000000 --- a/ChangeLog.d/make_sha224_sha384_independent_from_sha256_sha512.txt +++ /dev/null @@ -1,4 +0,0 @@ -Features - * SHA224_C/SHA384_C are now independent from SHA384_C/SHA512_C respectively. - This helps in saving code size when some of the above hashes are not - required. diff --git a/ChangeLog.d/mbedtls_ecp_point_read_binary-compressed-fmt.txt b/ChangeLog.d/mbedtls_ecp_point_read_binary-compressed-fmt.txt deleted file mode 100644 index 44253dd3b..000000000 --- a/ChangeLog.d/mbedtls_ecp_point_read_binary-compressed-fmt.txt +++ /dev/null @@ -1,6 +0,0 @@ -Features - * Add support for reading points in compressed format - (MBEDTLS_ECP_PF_COMPRESSED) with mbedtls_ecp_point_read_binary() - (and callers) for Short Weierstrass curves with prime p where p = 3 mod 4 - (all mbedtls MBEDTLS_ECP_DP_SECP* and MBEDTLS_ECP_DP_BP* curves - except MBEDTLS_ECP_DP_SECP224R1 and MBEDTLS_ECP_DP_SECP224K1) diff --git a/ChangeLog.d/pk-sign-restartable.txt b/ChangeLog.d/pk-sign-restartable.txt deleted file mode 100644 index 35da2be13..000000000 --- a/ChangeLog.d/pk-sign-restartable.txt +++ /dev/null @@ -1,5 +0,0 @@ -Changes - * When MBEDTLS_USE_PSA_CRYPTO and MBEDTLS_ECDSA_DETERMINISTIC are both - defined, mbedtls_pk_sign() now use deterministic ECDSA for ECDSA - signatures. This aligns the behaviour with MBEDTLS_USE_PSA_CRYPTO to - the behaviour without it, where deterministic ECDSA was already used. diff --git a/ChangeLog.d/pkwrite-pem-use-heap.txt b/ChangeLog.d/pkwrite-pem-use-heap.txt new file mode 100644 index 000000000..11db7b6b0 --- /dev/null +++ b/ChangeLog.d/pkwrite-pem-use-heap.txt @@ -0,0 +1,4 @@ +Changes + * Use heap memory to allocate DER encoded public/private key. + This reduces stack usage significantly for writing a public/private + key to a PEM string. diff --git a/ChangeLog.d/workaround_gnutls_anti_replay_fail.txt b/ChangeLog.d/workaround_gnutls_anti_replay_fail.txt deleted file mode 100644 index cebc2b7ef..000000000 --- a/ChangeLog.d/workaround_gnutls_anti_replay_fail.txt +++ /dev/null @@ -1,7 +0,0 @@ -Bugfix - * In TLS 1.3, when using a ticket for session resumption, tweak its age - calculation on the client side. It prevents a server with more accurate - ticket timestamps (typically timestamps in milliseconds) compared to the - Mbed TLS ticket timestamps (in seconds) to compute a ticket age smaller - than the age computed and transmitted by the client and thus potentially - reject the ticket. Fix #6623. diff --git a/DartConfiguration.tcl b/DartConfiguration.tcl index dfa0f0718..af0578a58 100644 --- a/DartConfiguration.tcl +++ b/DartConfiguration.tcl @@ -1,4 +1,4 @@ Site: localhost -BuildName: mbed TLS-test +BuildName: Mbed TLS-test CoverageCommand: /usr/bin/gcov MemoryCheckCommand: /usr/bin/valgrind diff --git a/Makefile b/Makefile index 2f1be6528..885948c11 100644 --- a/Makefile +++ b/Makefile @@ -36,8 +36,31 @@ generated_files: programs/generated_files generated_files: tests/generated_files generated_files: visualc_files +# Set GEN_FILES to the empty string to disable dependencies on generated +# source files. Then `make generated_files` will only build files that +# are missing, it will not rebuilt files that are present but out of date. +# This is useful, for example, if you have a source tree where +# `make generated_files` has already run and file timestamps reflect the +# time the files were copied or extracted, and you are now in an environment +# that lacks some of the necessary tools to re-generate the files. +# If $(GEN_FILES) is non-empty, the generated source files' dependencies +# are treated ordinarily, based on file timestamps. +GEN_FILES ?= yes + +# In dependencies where the target is a configuration-independent generated +# file, use `TARGET: $(gen_file_dep) DEPENDENCY1 DEPENDENCY2 ...` +# rather than directly `TARGET: DEPENDENCY1 DEPENDENCY2 ...`. This +# enables the re-generation to be turned off when GEN_FILES is disabled. +ifdef GEN_FILES +gen_file_dep = +else +# Order-only dependency: generate the target if it's absent, but don't +# re-generate it if it's present but older than its dependencies. +gen_file_dep = | +endif + .PHONY: visualc_files -VISUALC_FILES = visualc/VS2010/mbedTLS.sln visualc/VS2010/mbedTLS.vcxproj +VISUALC_FILES = visualc/VS2013/mbedTLS.sln visualc/VS2013/mbedTLS.vcxproj # TODO: $(app).vcxproj for each $(app) in programs/ visualc_files: $(VISUALC_FILES) @@ -45,10 +68,10 @@ visualc_files: $(VISUALC_FILES) # present before it runs. It doesn't matter if the files aren't up-to-date, # they just need to be present. $(VISUALC_FILES): | library/generated_files -$(VISUALC_FILES): scripts/generate_visualc_files.pl -$(VISUALC_FILES): scripts/data_files/vs2010-app-template.vcxproj -$(VISUALC_FILES): scripts/data_files/vs2010-main-template.vcxproj -$(VISUALC_FILES): scripts/data_files/vs2010-sln-template.sln +$(VISUALC_FILES): $(gen_file_dep) scripts/generate_visualc_files.pl +$(VISUALC_FILES): $(gen_file_dep) scripts/data_files/vs2013-app-template.vcxproj +$(VISUALC_FILES): $(gen_file_dep) scripts/data_files/vs2013-main-template.vcxproj +$(VISUALC_FILES): $(gen_file_dep) scripts/data_files/vs2013-sln-template.sln # TODO: also the list of .c and .h source files, but not their content $(VISUALC_FILES): echo " Gen $@ ..." @@ -124,10 +147,10 @@ neat: clean_more_on_top $(MAKE) -C programs neat $(MAKE) -C tests neat ifndef WINDOWS - rm -f visualc/VS2010/*.vcxproj visualc/VS2010/mbedTLS.sln + rm -f visualc/VS2013/*.vcxproj visualc/VS2013/mbedTLS.sln else - if exist visualc\VS2010\*.vcxproj del /Q /F visualc\VS2010\*.vcxproj - if exist visualc\VS2010\mbedTLS.sln del /Q /F visualc\VS2010\mbedTLS.sln + if exist visualc\VS2013\*.vcxproj del /Q /F visualc\VS2013\*.vcxproj + if exist visualc\VS2013\mbedTLS.sln del /Q /F visualc\VS2013\mbedTLS.sln endif check: lib tests diff --git a/README.md b/README.md index cc70f5610..a3fcd2e15 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ You need the following tools to build the library with the provided makefiles: * GNU Make 3.82 or a build tool that CMake supports. * A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR 8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work. -* Python 3.6 to generate the test code, and to generate sample programs in the development branch. +* Python 3.8 to generate the test code. Python is also needed to integrate PSA drivers and to build the development branch (see next section). * Perl to run the tests, and to generate some source files in the development branch. * CMake 3.10.2 or later (if using CMake). * Microsoft Visual Studio 2013 or later (if using Visual Studio). @@ -61,10 +61,11 @@ The source code of Mbed TLS includes some files that are automatically generated The following tools are required: * Perl, for some library source files and for Visual Studio build files. -* Python 3 and some Python packages, for some library source files, sample programs and test data. To install the necessary packages, run +* Python 3.8 and some Python packages, for some library source files, sample programs and test data. To install the necessary packages, run: ``` - python -m pip install -r scripts/basic.requirements.txt + python3 -m pip install --user -r scripts/basic.requirements.txt ``` + Depending on your Python installation, you may need to invoke `python` instead of `python3`. To install the packages system-wide, omit the `--user` option. * A C compiler for the host platform, for some test data. If you are cross-compiling, you must set the `CC` environment variable to a C compiler for the host platform when generating the configuration-independent files. @@ -220,7 +221,7 @@ subproject. ### Microsoft Visual Studio -The build files for Microsoft Visual Studio are generated for Visual Studio 2010. +The build files for Microsoft Visual Studio are generated for Visual Studio 2013. The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need Python and perl environments as well. However, the selftest program in `programs/test/` is still available. @@ -264,6 +265,7 @@ Mbed TLS is mostly written in portable C99; however, it has a few platform requi - `int` and `size_t` must be at least 32 bits wide. - The types `uint8_t`, `uint16_t`, `uint32_t` and their signed equivalents must be available. - Mixed-endian platforms are not supported. +- SIZE_MAX must be at least as big as INT_MAX and UINT_MAX. PSA cryptography API -------------------- @@ -291,19 +293,28 @@ However, it does not aim to implement the whole specification; in particular it The X.509 and TLS code can use PSA cryptography for most operations. To enable this support, activate the compilation option `MBEDTLS_USE_PSA_CRYPTO` in `mbedtls_config.h`. Note that TLS 1.3 uses PSA cryptography for most operations regardless of this option. See `docs/use-psa-crypto.md` for details. -### Upcoming features +### PSA drivers -Future releases of this library will include: +Mbed TLS supports drivers for cryptographic accelerators, secure elements and random generators. This is work in progress. Please note that the driver interfaces are not fully stable yet and may change without notice. We intend to preserve backward compatibility for application code (using the PSA Crypto API), but the code of the drivers may have to change in future minor releases of Mbed TLS. -* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms. -* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor. -* A configuration mechanism to compile only the algorithms you need for your application. -* A wider set of cryptographic algorithms. +Please see the [PSA driver example and guide](docs/psa-driver-example-and-guide.md) for information on writing a driver. + +When using drivers, you will generally want to enable two compilation options (see the reference manual for more information): + +* `MBEDTLS_USE_PSA_CRYPTO` is necessary so that the X.509 and TLS code calls the PSA drivers rather than the built-in software implementation. +* `MBEDTLS_PSA_CRYPTO_CONFIG` allows you to enable PSA cryptographic mechanisms without including the code of the corresponding software implementation. This is not yet supported for all mechanisms. License ------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 OR GPL-2.0-or-later licenses. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. + +### Third-party code included in Mbed TLS + +This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below: + +* `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. +* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is also used by Mbed TLS under the Apache 2.0 license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. Contributing ------------ diff --git a/SECURITY.md b/SECURITY.md index 33bbc2ff3..7ed72de92 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -18,3 +18,129 @@ goes public. Only the maintained branches, as listed in [`BRANCHES.md`](BRANCHES.md), get security fixes. Users are urged to always use the latest version of a maintained branch. + +## Threat model + +We classify attacks based on the capabilities of the attacker. + +### Remote attacks + +In this section, we consider an attacker who can observe and modify data sent +over the network. This includes observing the content and timing of individual +packets, as well as suppressing or delaying legitimate messages, and injecting +messages. + +Mbed TLS aims to fully protect against remote attacks and to enable the user +application in providing full protection against remote attacks. Said +protection is limited to providing security guarantees offered by the protocol +being implemented. (For example Mbed TLS alone won't guarantee that the +messages will arrive without delay, as the TLS protocol doesn't guarantee that +either.) + +**Warning!** Block ciphers do not yet achieve full protection against attackers +who can measure the timing of packets with sufficient precision. For details +and workarounds see the [Block Ciphers](#block-ciphers) section. + +### Local attacks + +In this section, we consider an attacker who can run software on the same +machine. The attacker has insufficient privileges to directly access Mbed TLS +assets such as memory and files. + +#### Timing attacks + +The attacker is able to observe the timing of instructions executed by Mbed TLS +by leveraging shared hardware that both Mbed TLS and the attacker have access +to. Typical attack vectors include cache timings, memory bus contention and +branch prediction. + +Mbed TLS provides limited protection against timing attacks. The cost of +protecting against timing attacks widely varies depending on the granularity of +the measurements and the noise present. Therefore the protection in Mbed TLS is +limited. We are only aiming to provide protection against **publicly +documented attack techniques**. + +As attacks keep improving, so does Mbed TLS's protection. Mbed TLS is moving +towards a model of fully timing-invariant code, but has not reached this point +yet. + +**Remark:** Timing information can be observed over the network or through +physical side channels as well. Remote and physical timing attacks are covered +in the [Remote attacks](remote-attacks) and [Physical +attacks](physical-attacks) sections respectively. + +**Warning!** Block ciphers do not yet achieve full protection. For +details and workarounds see the [Block Ciphers](#block-ciphers) section. + +#### Local non-timing side channels + +The attacker code running on the platform has access to some sensor capable of +picking up information on the physical state of the hardware while Mbed TLS is +running. This could for example be an analogue-to-digital converter on the +platform that is located unfortunately enough to pick up the CPU noise. + +Mbed TLS doesn't make any security guarantees against local non-timing-based +side channel attacks. If local non-timing attacks are present in a use case or +a user application's threat model, they need to be mitigated by the platform. + +#### Local fault injection attacks + +Software running on the same hardware can affect the physical state of the +device and introduce faults. + +Mbed TLS doesn't make any security guarantees against local fault injection +attacks. If local fault injection attacks are present in a use case or a user +application's threat model, they need to be mitigated by the platform. + +### Physical attacks + +In this section, we consider an attacker who has access to physical information +about the hardware Mbed TLS is running on and/or can alter the physical state +of the hardware (e.g. power analysis, radio emissions or fault injection). + +Mbed TLS doesn't make any security guarantees against physical attacks. If +physical attacks are present in a use case or a user application's threat +model, they need to be mitigated by physical countermeasures. + +### Caveats + +#### Out-of-scope countermeasures + +Mbed TLS has evolved organically and a well defined threat model hasn't always +been present. Therefore, Mbed TLS might have countermeasures against attacks +outside the above defined threat model. + +The presence of such countermeasures don't mean that Mbed TLS provides +protection against a class of attacks outside of the above described threat +model. Neither does it mean that the failure of such a countermeasure is +considered a vulnerability. + +#### Block ciphers + +Currently there are four block ciphers in Mbed TLS: AES, CAMELLIA, ARIA and +DES. The pure software implementation in Mbed TLS implementation uses lookup +tables, which are vulnerable to timing attacks. + +These timing attacks can be physical, local or depending on network latency +even a remote. The attacks can result in key recovery. + +**Workarounds:** + +- Turn on hardware acceleration for AES. This is supported only on selected + architectures and currently only available for AES. See configuration options + `MBEDTLS_AESCE_C`, `MBEDTLS_AESNI_C` and `MBEDTLS_PADLOCK_C` for details. +- Add a secure alternative implementation (typically hardware acceleration) for + the vulnerable cipher. See the [Alternative Implementations +Guide](docs/architecture/alternative-implementations.md) for more information. +- Use cryptographic mechanisms that are not based on block ciphers. In + particular, for authenticated encryption, use ChaCha20/Poly1305 instead of + block cipher modes. For random generation, use HMAC\_DRBG instead of CTR\_DRBG. + +#### Everest + +The HACL* implementation of X25519 taken from the Everest project only protects +against remote timing attacks. (See their [Security +Policy](https://github.com/hacl-star/hacl-star/blob/main/SECURITY.md).) + +The Everest variant is only used when `MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED` +configuration option is defined. This option is off by default. diff --git a/configs/README.txt b/configs/README.txt index 9e5a243f8..86496db01 100644 --- a/configs/README.txt +++ b/configs/README.txt @@ -21,4 +21,4 @@ them, you can pick one of the following methods: make Note that the second method also works if you want to keep your custom -configuration file outside the mbed TLS tree. +configuration file outside the Mbed TLS tree. diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 31fab4e91..1964e8e55 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -33,7 +33,7 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_PADDING_PKCS7 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED @@ -47,7 +47,7 @@ #define MBEDTLS_SELF_TEST #define MBEDTLS_VERSION_FEATURES -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 89898b33a..56a700f74 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -37,13 +37,13 @@ #define MBEDTLS_HAVE_ASM #define MBEDTLS_HAVE_TIME -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_SSL_PROTO_TLS1_2 -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 6aff42f1c..a014b5273 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -25,7 +25,7 @@ #define MBEDTLS_HAVE_TIME #define MBEDTLS_HAVE_TIME_DATE -/* Mbed Crypto feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_MODE_CFB #define MBEDTLS_CIPHER_MODE_CTR @@ -42,7 +42,7 @@ #define MBEDTLS_USE_PSA_CRYPTO #define MBEDTLS_VERSION_FEATURES -/* Mbed Crypto modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 0652136a5..e05b557ed 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -35,7 +35,7 @@ /* System support */ #define MBEDTLS_HAVE_ASM -/* mbed TLS feature support */ +/* Mbed TLS feature support */ #define MBEDTLS_AES_ROM_TABLES #define MBEDTLS_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_NIST_OPTIM @@ -46,7 +46,7 @@ #define MBEDTLS_SSL_DTLS_ANTI_REPLAY #define MBEDTLS_SSL_DTLS_HELLO_VERIFY -/* mbed TLS modules */ +/* Mbed TLS modules */ #define MBEDTLS_AES_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C diff --git a/configs/crypto-config-ccm-aes-sha256.h b/configs/crypto-config-ccm-aes-sha256.h new file mode 100644 index 000000000..6c12bd7b6 --- /dev/null +++ b/configs/crypto-config-ccm-aes-sha256.h @@ -0,0 +1,37 @@ +/** + * \file configs/crypto-config-ccm-aes-sha256.h + * + * \brief PSA crypto configuration with only symmetric cryptography: CCM-AES, + * SHA-256, HMAC and key derivation + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_CONFIG_H +#define PSA_CRYPTO_CONFIG_H + +#define PSA_WANT_ALG_CCM 1 +#define PSA_WANT_ALG_HMAC 1 +#define PSA_WANT_ALG_SHA_256 1 +#define PSA_WANT_ALG_TLS12_PRF 1 +#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 +#define PSA_WANT_KEY_TYPE_DERIVE 1 +#define PSA_WANT_KEY_TYPE_HMAC 1 +#define PSA_WANT_KEY_TYPE_AES 1 +#define PSA_WANT_KEY_TYPE_RAW_DATA 1 + +#endif /* PSA_CRYPTO_CONFIG_H */ diff --git a/configs/crypto_config_profile_medium.h b/configs/crypto_config_profile_medium.h new file mode 100644 index 000000000..3fa8552c9 --- /dev/null +++ b/configs/crypto_config_profile_medium.h @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ +/** + * \file psa/crypto_config.h + * \brief PSA crypto configuration options (set of defines) + * + */ +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +/** + * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h, + * this file determines which cryptographic mechanisms are enabled + * through the PSA Cryptography API (\c psa_xxx() functions). + * + * To enable a cryptographic mechanism, uncomment the definition of + * the corresponding \c PSA_WANT_xxx preprocessor symbol. + * To disable a cryptographic mechanism, comment out the definition of + * the corresponding \c PSA_WANT_xxx preprocessor symbol. + * The names of cryptographic mechanisms correspond to values + * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead + * of \c PSA_. + * + * Note that many cryptographic mechanisms involve two symbols: one for + * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm + * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve + * additional symbols. + */ +#else +/** + * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in mbedtls_config.h, + * this file is not used, and cryptographic mechanisms are supported + * through the PSA API if and only if they are supported through the + * mbedtls_xxx API. + */ +#endif + +#ifndef PROFILE_M_PSA_CRYPTO_CONFIG_H +#define PROFILE_M_PSA_CRYPTO_CONFIG_H + +/* + * CBC-MAC is not yet supported via the PSA API in Mbed TLS. + */ +//#define PSA_WANT_ALG_CBC_MAC 1 +//#define PSA_WANT_ALG_CBC_NO_PADDING 1 +//#define PSA_WANT_ALG_CBC_PKCS7 1 +#define PSA_WANT_ALG_CCM 1 +//#define PSA_WANT_ALG_CMAC 1 +//#define PSA_WANT_ALG_CFB 1 +//#define PSA_WANT_ALG_CHACHA20_POLY1305 1 +//#define PSA_WANT_ALG_CTR 1 +#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 +//#define PSA_WANT_ALG_ECB_NO_PADDING 1 +#define PSA_WANT_ALG_ECDH 1 +#define PSA_WANT_ALG_ECDSA 1 +//#define PSA_WANT_ALG_GCM 1 +#define PSA_WANT_ALG_HKDF 1 +#define PSA_WANT_ALG_HMAC 1 +//#define PSA_WANT_ALG_MD5 1 +//#define PSA_WANT_ALG_OFB 1 +/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. + * Note: when adding support, also adjust include/mbedtls/config_psa.h */ +//#define PSA_WANT_ALG_PBKDF2_HMAC 1 +//#define PSA_WANT_ALG_RIPEMD160 1 +//#define PSA_WANT_ALG_RSA_OAEP 1 +//#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 +//#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 +//#define PSA_WANT_ALG_RSA_PSS 1 +//#define PSA_WANT_ALG_SHA_1 1 +#define PSA_WANT_ALG_SHA_224 1 +#define PSA_WANT_ALG_SHA_256 1 +//#define PSA_WANT_ALG_SHA_384 1 +//#define PSA_WANT_ALG_SHA_512 1 +//#define PSA_WANT_ALG_STREAM_CIPHER 1 +#define PSA_WANT_ALG_TLS12_PRF 1 +#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 +/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. + * Note: when adding support, also adjust include/mbedtls/config_psa.h */ +//#define PSA_WANT_ALG_XTS 1 + +//#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 +//#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 +//#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 +//#define PSA_WANT_ECC_MONTGOMERY_255 1 +//#define PSA_WANT_ECC_MONTGOMERY_448 1 +//#define PSA_WANT_ECC_SECP_K1_192 1 +/* + * SECP224K1 is buggy via the PSA API in Mbed TLS + * (https://github.com/Mbed-TLS/mbedtls/issues/3541). Thus, do not enable it by + * default. + */ +//#define PSA_WANT_ECC_SECP_K1_224 1 +//#define PSA_WANT_ECC_SECP_K1_256 1 +//#define PSA_WANT_ECC_SECP_R1_192 1 +//#define PSA_WANT_ECC_SECP_R1_224 1 +#define PSA_WANT_ECC_SECP_R1_256 1 +//#define PSA_WANT_ECC_SECP_R1_384 1 +//#define PSA_WANT_ECC_SECP_R1_521 1 + +#define PSA_WANT_KEY_TYPE_DERIVE 1 +#define PSA_WANT_KEY_TYPE_HMAC 1 +#define PSA_WANT_KEY_TYPE_AES 1 +//#define PSA_WANT_KEY_TYPE_ARIA 1 +//#define PSA_WANT_KEY_TYPE_CAMELLIA 1 +//#define PSA_WANT_KEY_TYPE_CHACHA20 1 +//#define PSA_WANT_KEY_TYPE_DES 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define PSA_WANT_KEY_TYPE_RAW_DATA 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 +//#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 + +/*********************************************************************** + * Local edits below this delimiter + **********************************************************************/ + +/* Between Mbed TLS 3.4 and 3.5, the PSA_WANT_KEY_TYPE_RSA_KEY_PAIR macro + * (commented-out above) has been replaced with the following new macros: */ +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */ + +/* Between Mbed TLS 3.4 and 3.5, the following macros have been added: */ +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 // Not supported + +#endif /* PROFILE_M_PSA_CRYPTO_CONFIG_H */ diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/tfm_mbedcrypto_config_profile_medium.h new file mode 100644 index 000000000..88736b54b --- /dev/null +++ b/configs/tfm_mbedcrypto_config_profile_medium.h @@ -0,0 +1,623 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +/* + * Copyright (C) 2006-2022, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PROFILE_M_MBEDTLS_CONFIG_H +#define PROFILE_M_MBEDTLS_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/** + * \name SECTION: System support + * + * This section sets system specific settings. + * \{ + */ + +/** + * \def MBEDTLS_HAVE_ASM + * + * The compiler has support for asm(). + * + * Requires support for asm() in compiler. + * + * Used in: + * library/aria.c + * library/timing.c + * include/mbedtls/bn_mul.h + * + * Required by: + * MBEDTLS_AESNI_C + * MBEDTLS_PADLOCK_C + * + * Comment to disable the use of assembly code. + */ +#define MBEDTLS_HAVE_ASM + +/** + * \def MBEDTLS_PLATFORM_MEMORY + * + * Enable the memory allocation layer. + * + * By default mbed TLS uses the system-provided calloc() and free(). + * This allows different allocators (self-implemented or provided) to be + * provided to the platform abstraction layer. + * + * Enabling MBEDTLS_PLATFORM_MEMORY without the + * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide + * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and + * free() function pointer at runtime. + * + * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the + * alternate function at compile time. + * + * Requires: MBEDTLS_PLATFORM_C + * + * Enable this layer to allow use of alternative memory allocators. + */ +#define MBEDTLS_PLATFORM_MEMORY + +/* \} name SECTION: System support */ + +/** + * \name SECTION: mbed TLS feature support + * + * This section sets support for features that are or are not needed + * within the modules that are enabled. + * \{ + */ + +/** + * \def MBEDTLS_MD2_PROCESS_ALT + * + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * alternate core implementation of symmetric crypto or hash function. Keep in + * mind that function prototypes should remain the same. + * + * This replaces only one function. The header file from mbed TLS is still + * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * no longer provide the mbedtls_sha1_process() function, but it will still provide + * the other function (using your mbedtls_sha1_process() function) and the definition + * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible + * with this definition. + * + * \note Because of a signature change, the core AES encryption and decryption routines are + * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, + * respectively. When setting up alternative implementations, these functions should + * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt + * must stay untouched. + * + * \note If you use the AES_xxx_ALT macros, then is is recommended to also set + * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES + * tables. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * function. + * + * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use + * constitutes a security risk. If possible, we recommend avoiding + * dependencies on them, and considering stronger message digests + * and ciphers instead. + * + */ +#define MBEDTLS_AES_SETKEY_DEC_ALT +#define MBEDTLS_AES_DECRYPT_ALT + +/** + * \def MBEDTLS_AES_ROM_TABLES + * + * Use precomputed AES tables stored in ROM. + * + * Uncomment this macro to use precomputed AES tables stored in ROM. + * Comment this macro to generate AES tables in RAM at runtime. + * + * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb + * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the + * initialization time before the first AES operation can be performed. + * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c + * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded + * performance if ROM access is slower than RAM access. + * + * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. + * + */ +#define MBEDTLS_AES_ROM_TABLES + +/** + * \def MBEDTLS_AES_FEWER_TABLES + * + * Use less ROM/RAM for AES tables. + * + * Uncommenting this macro omits 75% of the AES tables from + * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES) + * by computing their values on the fly during operations + * (the tables are entry-wise rotations of one another). + * + * Tradeoff: Uncommenting this reduces the RAM / ROM footprint + * by ~6kb but at the cost of more arithmetic operations during + * runtime. Specifically, one has to compare 4 accesses within + * different tables to 4 accesses with additional arithmetic + * operations within the same table. The performance gain/loss + * depends on the system and memory details. + * + * This option is independent of \c MBEDTLS_AES_ROM_TABLES. + * + */ +#define MBEDTLS_AES_FEWER_TABLES + +/** + * \def MBEDTLS_ECP_NIST_OPTIM + * + * Enable specific 'modulo p' routines for each NIST prime. + * Depending on the prime and architecture, makes operations 4 to 8 times + * faster on the corresponding curve. + * + * Comment this macro to disable NIST curves optimisation. + */ +#define MBEDTLS_ECP_NIST_OPTIM + +/** + * \def MBEDTLS_ERROR_STRERROR_DUMMY + * + * Enable a dummy error function to make use of mbedtls_strerror() in + * third party libraries easier when MBEDTLS_ERROR_C is disabled + * (no effect when MBEDTLS_ERROR_C is enabled). + * + * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're + * not using mbedtls_strerror() or error_strerror() in your application. + * + * Disable if you run into name conflicts and want to really remove the + * mbedtls_strerror() + */ +#define MBEDTLS_ERROR_STRERROR_DUMMY + +/** + * \def MBEDTLS_NO_PLATFORM_ENTROPY + * + * Do not use built-in platform entropy functions. + * This is useful if your platform does not support + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. + */ +#define MBEDTLS_NO_PLATFORM_ENTROPY + +/** + * \def MBEDTLS_ENTROPY_NV_SEED + * + * Enable the non-volatile (NV) seed file-based entropy source. + * (Also enables the NV seed read/write functions in the platform layer) + * + * This is crucial (if not required) on systems that do not have a + * cryptographic entropy source (in hardware or kernel) available. + * + * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C + * + * \note The read/write functions that are used by the entropy source are + * determined in the platform layer, and can be modified at runtime and/or + * compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used. + * + * \note If you use the default implementation functions that read a seedfile + * with regular fopen(), please make sure you make a seedfile with the + * proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at + * least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from + * and written to or you will get an entropy source error! The default + * implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE + * bytes from the file. + * + * \note The entropy collector will write to the seed file before entropy is + * given to an external source, to update it. + */ +// This macro is enabled in TFM Medium but is disabled here because it is +// incompatible with baremetal builds in Mbed TLS. +//#define MBEDTLS_ENTROPY_NV_SEED + +/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER + * + * Enable key identifiers that encode a key owner identifier. + * + * This is only meaningful when building the library as part of a + * multi-client service. When you activate this option, you must provide an + * implementation of the type mbedtls_key_owner_id_t and a translation from + * mbedtls_svc_key_id_t to file name in all the storage backends that you + * you wish to support. + * + * Note that while this define has been removed from TF-M's copy of this config + * file, TF-M still passes this option to Mbed TLS during the build via CMake. + * Therefore we keep it in our copy. See discussion on PR #7426 for more info. + * + */ +#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER + +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +#define MBEDTLS_PSA_CRYPTO_SPM + +/** + * \def MBEDTLS_SHA256_SMALLER + * + * Enable an implementation of SHA-256 that has lower ROM footprint but also + * lower performance. + * + * The default implementation is meant to be a reasonnable compromise between + * performance and size. This version optimizes more aggressively for size at + * the expense of performance. Eg on Cortex-M4 it reduces the size of + * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about + * 30%. + * + * Uncomment to enable the smaller implementation of SHA256. + */ +#define MBEDTLS_SHA256_SMALLER + +/** + * \def MBEDTLS_PSA_CRYPTO_CONFIG + * + * This setting allows support for cryptographic mechanisms through the PSA + * API to be configured separately from support through the mbedtls API. + * + * When this option is disabled, the PSA API exposes the cryptographic + * mechanisms that can be implemented on top of the `mbedtls_xxx` API + * configured with `MBEDTLS_XXX` symbols. + * + * When this option is enabled, the PSA API exposes the cryptographic + * mechanisms requested by the `PSA_WANT_XXX` symbols defined in + * include/psa/crypto_config.h. The corresponding `MBEDTLS_XXX` settings are + * automatically enabled if required (i.e. if no PSA driver provides the + * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols + * in mbedtls_config.h. + * + * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies + * an alternative header to include instead of include/psa/crypto_config.h. + * + * This feature is still experimental and is not ready for production since + * it is not completed. + */ +#define MBEDTLS_PSA_CRYPTO_CONFIG + +/* \} name SECTION: mbed TLS feature support */ + +/** + * \name SECTION: mbed TLS modules + * + * This section enables or disables entire modules in mbed TLS + * \{ + */ + +/** + * \def MBEDTLS_AES_C + * + * Enable the AES block cipher. + * + * Module: library/aes.c + * Caller: library/cipher.c + * library/pem.c + * library/ctr_drbg.c + * + * This module is required to support the TLS ciphersuites that use the AES + * cipher. + * + * PEM_PARSE uses AES for decrypting encrypted keys. + */ +#define MBEDTLS_AES_C + +/** + * \def MBEDTLS_CIPHER_C + * + * Enable the generic cipher layer. + * + * Module: library/cipher.c + * + * Uncomment to enable generic cipher wrappers. + */ +#define MBEDTLS_CIPHER_C + +/** + * \def MBEDTLS_CTR_DRBG_C + * + * Enable the CTR_DRBG AES-based random generator. + * The CTR_DRBG generator uses AES-256 by default. + * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below. + * + * Module: library/ctr_drbg.c + * Caller: + * + * Requires: MBEDTLS_AES_C + * + * This module provides the CTR_DRBG AES random number generator. + */ +#define MBEDTLS_CTR_DRBG_C + +/** + * \def MBEDTLS_ENTROPY_C + * + * Enable the platform-specific entropy code. + * + * Module: library/entropy.c + * Caller: + * + * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C + * + * This module provides a generic entropy pool + */ +#define MBEDTLS_ENTROPY_C + +/** + * \def MBEDTLS_ERROR_C + * + * Enable error code to error string conversion. + * + * Module: library/error.c + * Caller: + * + * This module enables mbedtls_strerror(). + */ +#define MBEDTLS_ERROR_C + +/** + * \def MBEDTLS_HKDF_C + * + * Enable the HKDF algorithm (RFC 5869). + * + * Module: library/hkdf.c + * Caller: + * + * Requires: MBEDTLS_MD_C + * + * This module adds support for the Hashed Message Authentication Code + * (HMAC)-based key derivation function (HKDF). + */ +#define MBEDTLS_HKDF_C /* Used for HUK deriviation */ + +/** + * \def MBEDTLS_MD_C + * + * Enable the generic layer for message digest (hashing) and HMAC. + * + * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, + * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, + * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least + * one hash. + * Module: library/md.c + * Caller: library/constant_time.c + * library/ecdsa.c + * library/ecjpake.c + * library/hkdf.c + * library/hmac_drbg.c + * library/pk.c + * library/pkcs5.c + * library/pkcs12.c + * library/psa_crypto_ecp.c + * library/psa_crypto_rsa.c + * library/rsa.c + * library/ssl_cookie.c + * library/ssl_msg.c + * library/ssl_tls.c + * library/x509.c + * library/x509_crt.c + * library/x509write_crt.c + * library/x509write_csr.c + * + * Uncomment to enable generic message digest wrappers. + */ +#define MBEDTLS_MD_C + +/** + * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C + * + * Enable the buffer allocator implementation that makes use of a (stack) + * based buffer to 'allocate' dynamic memory. (replaces calloc() and free() + * calls) + * + * Module: library/memory_buffer_alloc.c + * + * Requires: MBEDTLS_PLATFORM_C + * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * + * Enable this module to enable the buffer memory allocator. + */ +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C + +/** + * \def MBEDTLS_PLATFORM_C + * + * Enable the platform abstraction layer that allows you to re-assign + * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit(). + * + * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT + * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned + * above to be specified at runtime or compile time respectively. + * + * \note This abstraction layer must be enabled on Windows (including MSYS2) + * as other module rely on it for a fixed snprintf implementation. + * + * Module: library/platform.c + * Caller: Most other .c files + * + * This module enables abstraction of common (libc) functions. + */ +#define MBEDTLS_PLATFORM_C + + +/** + * \def MBEDTLS_PSA_CRYPTO_C + * + * Enable the Platform Security Architecture cryptography API. + * + * Module: library/psa_crypto.c + * + * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C + * + */ +#define MBEDTLS_PSA_CRYPTO_C + +/** + * \def MBEDTLS_PSA_CRYPTO_STORAGE_C + * + * Enable the Platform Security Architecture persistent key storage. + * + * Module: library/psa_crypto_storage.c + * + * Requires: MBEDTLS_PSA_CRYPTO_C, + * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of + * the PSA ITS interface + */ +// This macro is enabled in TFM Medium but is disabled here because it is +// incompatible with baremetal builds in Mbed TLS. +//#define MBEDTLS_PSA_CRYPTO_STORAGE_C + +/* \} name SECTION: mbed TLS modules */ + +/** + * \name SECTION: General configuration options + * + * This section contains Mbed TLS build settings that are not associated + * with a particular module. + * + * \{ + */ + +/** + * \def MBEDTLS_CONFIG_FILE + * + * If defined, this is a header which will be included instead of + * `"mbedtls/mbedtls_config.h"`. + * This header file specifies the compile-time configuration of Mbed TLS. + * Unlike other configuration options, this one must be defined on the + * compiler command line: a definition in `mbedtls_config.h` would have + * no effect. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_CONFIG_FILE "mbedtls/mbedtls_config.h" + +/** + * \def MBEDTLS_USER_CONFIG_FILE + * + * If defined, this is a header which will be included after + * `"mbedtls/mbedtls_config.h"` or #MBEDTLS_CONFIG_FILE. + * This allows you to modify the default configuration, including the ability + * to undefine options that are enabled by default. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_USER_CONFIG_FILE "/dev/null" + +/** + * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE + * + * If defined, this is a header which will be included instead of + * `"psa/crypto_config.h"`. + * This header file specifies which cryptographic mechanisms are available + * through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and + * is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" + +/** + * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE + * + * If defined, this is a header which will be included after + * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. + * This allows you to modify the default configuration, including the ability + * to undefine options that are enabled by default. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" + +/** \} name SECTION: General configuration options */ + +/** + * \name SECTION: Module configuration options + * + * This section allows for the setting of module specific sizes and + * configuration options. The default values are already present in the + * relevant header files and should suffice for the regular use cases. + * + * Our advice is to enable options and change their values here + * only if you have a good reason and know the consequences. + * + * Please check the respective header file for documentation on these + * parameters (to prevent duplicate documentation). + * \{ + */ + +/* ECP options */ +#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Disable fixed-point speed-up */ + +/* \} name SECTION: Customisation configuration options */ + +#if CRYPTO_NV_SEED +#include "tfm_mbedcrypto_config_extra_nv_seed.h" +#endif /* CRYPTO_NV_SEED */ + +#if !defined(CRYPTO_HW_ACCELERATOR) && defined(MBEDTLS_ENTROPY_NV_SEED) +#include "mbedtls_entropy_nv_seed_config.h" +#endif + +#ifdef CRYPTO_HW_ACCELERATOR +#include "mbedtls_accelerator_config.h" +#endif + +#endif /* PROFILE_M_MBEDTLS_CONFIG_H */ diff --git a/docs/.gitignore b/docs/.gitignore index 23f832b73..11f197bc3 100644 --- a/docs/.gitignore +++ b/docs/.gitignore @@ -1,2 +1,4 @@ *.html *.pdf +_build/ +api/ diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 000000000..47510f984 --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,40 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line, and also +# from the environment for the first two. +SPHINXOPTS ?= +SPHINXBUILD ?= sphinx-build +SOURCEDIR = . +BUILDDIR = _build + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +.PHONY: help clean apidoc breathe_apidoc Makefile + +# Intercept the 'clean' target so we can do the right thing for apidoc as well +clean: + @# Clean the apidoc + $(MAKE) -C .. apidoc_clean + @# Clean the breathe-apidoc generated files + rm -rf ./api + @# Clean the sphinx docs + @$(SPHINXBUILD) -M clean "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +apidoc: + @# Generate doxygen from source using the main Makefile + $(MAKE) -C .. apidoc + +breathe_apidoc: apidoc + @# Remove existing files - breathe-apidoc skips them if they're present + rm -rf ./api + @# Generate RST file structure with breathe-apidoc + breathe-apidoc -o ./api ../apidoc/xml + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile breathe_apidoc + @# Build the relevant target with sphinx + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/docs/architecture/Makefile b/docs/architecture/Makefile index d8db2e067..6252ab0f9 100644 --- a/docs/architecture/Makefile +++ b/docs/architecture/Makefile @@ -3,10 +3,18 @@ PANDOC = pandoc default: all all_markdown = \ - mbed-crypto-storage-specification.md \ - testing/driver-interface-test-strategy.md \ - testing/invasive-testing.md \ - testing/test-framework.md \ + alternative-implementations.md \ + mbed-crypto-storage-specification.md \ + psa-crypto-implementation-structure.md \ + psa-migration/psa-limitations.md \ + psa-migration/strategy.md \ + psa-migration/tasks-g2.md \ + psa-migration/testing.md \ + testing/driver-interface-test-strategy.md \ + testing/invasive-testing.md \ + testing/psa-storage-format-testing.md \ + testing/test-framework.md \ + tls13-support.md \ # This line is intentionally left blank html: $(all_markdown:.md=.html) diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md index 60203a0aa..3c8370d22 100644 --- a/docs/architecture/mbed-crypto-storage-specification.md +++ b/docs/architecture/mbed-crypto-storage-specification.md @@ -1,7 +1,9 @@ -Mbed Crypto storage specification +Mbed TLS storage specification ================================= -This document specifies how Mbed Crypto uses storage. +This document specifies how Mbed TLS uses storage. +Key storage was originally introduced in a product called Mbed Crypto, which was re-distributed via Mbed TLS and has since been merged into Mbed TLS. +This document contains historical information both from before and after this merge. Mbed Crypto may be upgraded on an existing device with the storage preserved. Therefore: @@ -354,7 +356,7 @@ Supported features: * [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner](#key-names-for-mbed-tls-2.25.0). Keys can be: * Transparent, stored in the export format. - * Opaque, using the unified driver interface with statically registered drivers (`MBEDTLS_PSA_CRYPTO_DRIVERS`). The driver determines the content of the opaque key blob. + * Opaque, using the PSA driver interface with statically registered drivers. The driver determines the content of the opaque key blob. * Opaque, using the deprecated secure element interface with dynamically registered drivers (`MBEDTLS_PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key material. * [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0) on ITS only. diff --git a/docs/architecture/psa-crypto-implementation-structure.md b/docs/architecture/psa-crypto-implementation-structure.md index 6a0a0953c..d7e4f9c48 100644 --- a/docs/architecture/psa-crypto-implementation-structure.md +++ b/docs/architecture/psa-crypto-implementation-structure.md @@ -49,7 +49,7 @@ psa_status_t psa_api( ... ) ``` The code of most PSA APIs is expected to match precisely the above layout. However, it is likely that the code structure of some APIs will be more complicated with several calls to the driver interface, mainly to encompass a larger variety of hardware designs. For example, to encompass hardware accelerators that are capable of verifying a MAC and those that are only capable of computing a MAC, the psa_mac_verify() API could call first psa_driver_wrapper_mac_verify() and then fallback to psa_driver_wrapper_mac_compute(). -The implementations of `psa_driver_wrapper_` functions are generated by the build system based on the JSON driver description files of the various PSA drivers making up the Mbed TLS PSA Cryptography API implementation. The implementations are generated in a psa_crypto_driver_wrappers.c C file and the function prototypes declared in a psa_crypto_driver_wrappers.h header file. +The implementations of `psa_driver_wrapper_` functions are generated by the build system based on the JSON driver description files of the various PSA drivers making up the Mbed TLS PSA Cryptography API implementation. The implementations are splited into two parts. The static ones are generated in a psa_crypto_driver_wrappers.h header file, the non-static ones are generated in a psa_crypto_driver_wrappers_no_static.c C file and the function prototypes declared in a psa_crypto_driver_wrappers_no_static.h header file. The psa_driver_wrapper_() functions dispatch cryptographic operations to accelerator drivers, secure element drivers as well as to the software implementations of cryptographic operations. @@ -71,3 +71,105 @@ In case of any error occurring at step 3 or 4, psa_fail_key_creation() is called A driver of the Mbed TLS PSA Cryptography API implementation (Mbed TLS PSA driver in the following) is a driver in the sense that it is compliant with the PSA driver interface specification. But it is not an actual driver that drives some hardware. It implements cryptographic operations purely in software. An Mbed TLS PSA driver C file is named psa_crypto_.c and its associated header file psa_crypto_.h. The functions implementing a driver entry point as defined in the PSA driver interface specification are named as mbedtls_psa__(). As an example, the psa_crypto_rsa.c and psa_crypto_rsa.h are the files containing the Mbed TLS PSA driver implementing RSA cryptographic operations. This RSA driver implements among other entry points the "import_key" entry point. The function implementing this entry point is named mbedtls_psa_rsa_import_key(). + +## How to implement a new cryptographic mechanism + +Summary of files to modify when adding a new algorithm or key type: + +* [ ] PSA Crypto API draft, if not already done — [PSA standardization](#psa-standardization) +* [ ] `include/psa/crypto_values.h` or `include/psa/crypto_extra.h` — [New functions and macros](#new-functions-and-macros) +* [ ] `include/psa/crypto_config.h`, `tests/include/test/drivers/crypto_config_test_driver_extension.h` — [Preprocessor symbols](#preprocessor-symbols) +* Occasionally `library/check_crypto_config.h` — [Preprocessor symbols](#preprocessor-symbols) +* [ ] `include/mbedtls/config_psa.h` — [Preprocessor symbols](#preprocessor-symbols) +* [ ] `library/psa_crypto.c`, `library/psa_crypto_*.[hc]` — [Implementation of the mechanisms](#implementation-of-the-mechanisms) +* [ ] `include/psa/crypto_builtin_*.h` — [Translucent data structures](#translucent-data-structures) +* [ ] `tests/suites/test_suite_psa_crypto_metadata.data` — [New functions and macros](#new-functions-and-macros) +* (If adding `PSA_IS_xxx`) `tests/suites/test_suite_psa_crypto_metadata.function` — [New functions and macros](#new-functions-and-macros) +* [ ] `tests/suites/test_suite_psa_crypto*.data`, `tests/suites/test_suite_psa_crypto*.function` — [Unit tests](#unit-tests) +* [ ] `scripts/mbedtls_dev/crypto_knowledge.py`, `scripts/mbedtls_dev/asymmetric_key_data.py` — [Unit tests](#unit-tests) +* [ ] `ChangeLog.d/*.txt` — changelog entry + +Summary of files to modify when adding new API functions: + +* [ ] `include/psa/crypto.h` and `include/psa/crypto_sizes.h`, or `include/psa/crypto_extra.h` — [New functions and macros](#new-functions-and-macros) +* [ ] `library/psa_crypto.c`, `scripts/data_files/driver_templates/*.jinja` — [Implementation of the mechanisms](#implementation-of-the-mechanisms) +* [ ] If adding stateful functions: `include/psa/crypto_struct.h`, `include/psa/crypto_builtin_*.h`, `include/psa/crypto_driver_contexts_*.h` — [Translucent data structures](#translucent-data-structures) +* [ ] `tests/suites/test_suite_psa_crypto.data`, `tests/suites/test_suite_psa_crypto.function`, `tests/suites/test_suite_psa_crypto_driver_wrappers.*` — [Unit tests](#unit-tests) + +Note that this is just a basic guide. In some cases, you won't need to change all the files listed here. In some cases, you may need to change other files. + +### PSA standardization + +Typically, if there's enough demand for a cryptographic mechanism in Mbed TLS, there's enough demand for it to be part of the official PSA Cryptography specification. Therefore the first step before implementing a new mechanism should be to approach the PSA Cryptography working group in Arm for standardization. + +At the time of writing, all cryptographic mechanisms that are accessible through `psa_xxx` APIs in in Mbed TLS are current or upcoming PSA standards. Mbed TLS implements some extensions to the PSA API that offer extra integration customization or extra key policies. + +Mbed TLS routinely implements cryptographic mechanisms that are not yet part of a published PSA standard, but that are scheduled to be part of a future version of the standard. The Mbed TLS implementation validates the feasibility of the upcoming PSA standard. The PSA Cryptography working group and the Mbed TLS development team communicate during the elaboration of the new interfaces. + +### New functions and macros + +If a mechanism requires new functions, they should follow the design guidelines in the PSA Cryptography API specification. + +Functions that are part of the current or upcoming API are declared in `include/psa/crypto.h`, apart from structure accessors defined in `include/psa/crypto_struct.h`. Functions that have output buffers have associated sufficient-output-size macros in `include/psa/crypto_sizes.h`. + +Constants (algorithm identifiers, key type identifiers, etc.) and associated destructor macros (e.g. `PSA_IS_xxx()`) are defined in `include/psa/crypto_values.h`. + +Functions and macros that are not intended for standardization, or that are at a stage where the draft standard might still evolve significantly, are declared in `include/psa/crypto_extra.h`. + +The PSA Cryptography API specification defines both names and values for certain kinds of constants: algorithms (`PSA_ALG_xxx`), key types (`PSA_KEY_TYPE_xxx`), ECC curve families (`PSA_ECC_FAMILY_xxx`), DH group families (`PSA_DH_FAMILY_xxx`). If Mbed TLS defines an algorithm or a key type that is not part of a current or upcoming PSA standard, pick a value with the `VENDOR` flag set. If Mbed TLS defines an ECC curve or DH group family that is not part of a current or upcoming PSA standard, define a vendor key type and use the family identifier only with this vendor key type. + +New constants must have a test case in `tests/suites/test_suite_psa_crypto_metadata.data` that verifies that `PSA_IS_xxx` macros behave properly with the new constant. New `PSA_IS_xxx` macros must be declared in `tests/suites/test_suite_psa_crypto_metadata.function`. + +### Preprocessor symbols + +Each cryptographic mechanism is optional and can be selected by the application at build time. For each feature `PSA_ttt_xxx`: + +* The feature is available to applications when the preprocessor symbol `PSA_WANT_ttt_xxx` is defined. These symbols are set: + * If `MBEDTLS_PSA_CRYPTO_CONFIG` is disabled: based on the available mechanisms in Mbed TLS, deduced from `mbedtls/mbedtls_config.h` by code in `include/mbedtls/config_psa.h`. + * if `MBEDTLS_PSA_CRYPTO_CONFIG` is enabled: in the application configuration file `include/psa/crypto_config.h` (or `MBEDTLS_PSA_CRYPTO_CONFIG_FILE`, plus `MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE`), with code in `include/mbedtls/config_psa.h` deducing the necessary underlying `MBEDTLS_xxx` symbols. +* For transparent keys (keys that are not in a secure element), the feature is implemented by Mbed TLS if `MBEDTLS_PSA_BUILTIN_ttt_xxx` is defined, and by an accelerator driver if `MBEDTLS_PSA_ACCEL_ttt_xxx` is defined. `MBEDTLS_PSA_BUILTIN_ttt_xxx` constants are set in `include/mbedtls/config_psa.h` based on the application requests `PSA_WANT_ttt_xxx` and the accelerator driver declarations `MBEDTLS_PSA_ACCEL_ttt_xxx`. +* For the testing of the driver dispatch code, `tests/include/test/drivers/crypto_config_test_driver_extension.h` sets additional `MBEDTLS_PSA_ACCEL_xxx` symbols. + +For more details, see *[Conditional inclusion of cryptographic mechanism through the PSA API in Mbed TLS](../proposed/psa-conditional-inclusion-c.html)*. + +Some mechanisms require other mechanisms. For example, you can't do GCM without a block cipher, or RSA-PSS without RSA keys. When mechanism A requires mechanism B, `include/mbedtls/config_psa.h` ensures that B is enabled whenever A is enabled. When mechanism A requires at least one of a set {B1, B2, B3, ...} but there is no particular reason why enabling A would enable any of the specific Bi's, it's up to the application to choose Bi's and the file `library/check_crypto_config.h` contains compile-time constraints to ensure that at least one Bi is enabled. + +### Implementation of the mechanisms + +The general structure of a cryptographic operation function is: + +1. API function defined in `library/psa_crypto.c`. The entry point performs generic checks that don't depend on whether the mechanism is implemented in software or in a driver and looks up keys in the key store. +2. Driver dispatch code in `scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja`, `scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja` or files included from there. +3. Built-in implementation in `library/psa_crypto_*.c` (with function declarations in the corresponding `.h` file). These files typically contain the implementation of modes of operation over basic building blocks that are defined elsewhere. For example, HMAC is implemented in `library/psa_crypto_mac.c` but the underlying hash functions are implemented in `library/sha*.c` and `library/md*.c`. +4. Basic cryptographic building blocks in `library/*.c`. + +When implementing a new algorithm or key type, there are typically things to change in `library/crypto.c` (e.g. buffer size calculations, algorithm/key-type compatibility) and in the built-in implementation, but not in the driver dispatch code. + +### Translucent data structures + +Some mechanisms require state to be kept between function calls. Keys and key-like data is kept in the key store, which PSA manages internally. Other state, for example the state of multipart operations, is kept in structures allocated by the caller. + +The size of operation structures needs to be known at compile time, since callers may allocate them on the stack. Therefore these structures are defined in a public header: `include/psa/crypto_struct.h` for the parts that are independent of the underlying implementation, `include/psa/crypto_builtin_*` for parts that are specific to the Mbed TLS built-in implementation, `include/psa/crypto_driver_*.h` for structures implemented by drivers. + +### Unit tests + +A number of unit tests are automatically generated by `tests/scripts/generate_psa_tests.py` based on the algorithms and key types declared in `include/psa/crypto_values.h` and `include/psa/crypto_extra.h`: + +* Attempt to create a key with a key type that is not supported. +* Attempt to perform an operation with a combination of key type and algorithm that is not valid or not supported. +* Storage and retrieval of a persistent key. + +When adding a new key type or algorithm: + +* `scripts/mbedtls_dev/crypto_knowledge.py` contains knowledge about the compatibility of key types, key sizes and algorithms. +* `scripts/mbedtls_dev/asymmetric_key_data.py` contains valid key data for asymmetric key types. + +Other things need to be tested manually, either in `tests/suites/test_sutie_psa_crypto.data` or in another file. For example (this is not an exhaustive list): + +* Known answer tests. +* Potential edge cases (e.g. data less/equal/more than the block size, number equal to zero in asymmetric cryptography). +* Tests with invalid keys (e.g. wrong size or format). +* Tests with invalid data (e.g. wrong size or format, output buffer too small, invalid padding). +* For new functions: incorrect function call sequence, driver dispatch (in `tests/suites/test_suite_psa_crypto_driver_wrappers.*`). +* For key derivation algorithms: variation on the sequence of input steps, variation on the output size. + diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md new file mode 100644 index 000000000..355f5618d --- /dev/null +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -0,0 +1,479 @@ +PSA migration strategy for hashes and ciphers +============================================= + +## Introduction + +This document discusses a migration strategy for code that is not subject to `MBEDTLS_USE_PSA_CRYPTO`, is currently using legacy cryptography APIs, and should transition to PSA, without a major version change. + +### Relationship with the main strategy document + +This is complementary to the main [strategy document](strategy.html) and is intended as a refinement. However, at this stage, there may be contradictions between the strategy proposed here and some of the earlier strategy. + +A difference between the original strategy and the current one is that in this work, we are not treating PSA as a black box. We can change experimental features, and we can call internal interfaces. + +## Requirements + +### User stories + +#### Backward compatibility user story + +As a developer of an application that uses Mbed TLS's interfaces (including legacy crypto), +I want Mbed TLS to preserve backward compatibility, +so that my code keeps working in new minor versions of Mbed TLS. + +#### Interface design user story + +As a developer of library code that uses Mbed TLS to perform cryptographic operations, +I want to know which functions to call and which feature macros to check, +so that my code works in all Mbed TLS configurations. + +Note: this is the same problem we face in X.509 and TLS. + +#### Hardware accelerator vendor user stories + +As a vendor of a platform with hardware acceleration for some crypto, +I want to build Mbed TLS in a way that uses my hardware wherever relevant, +so that my customers maximally benefit from my hardware. + +As a vendor of a platform with hardware acceleration for some crypto, +I want to build Mbed TLS without software that replicates what my hardware does, +to minimize the code size. + +#### Maintainer user stories + +As a maintainer of Mbed TLS, +I want to have clear rules for when to use which interface, +to avoid bugs in “unusual” configurations. + +As a maintainer of Mbed TLS, +I want to avoid duplicating code, +because this is inefficient and error-prone. + +### Use PSA more + +In the long term, all code using cryptography should use PSA interfaces, to benefit from PSA drivers, allow eliminating legacy interfaces (less code size, less maintenance). However, this can't be done without breaking [backward compatibility](#backward-compatibility). + +The goal of this work is to arrange for more non-PSA interfaces to use PSA interfaces under the hood, without breaking code in the cases where this doesn't work. Using PSA interfaces has two benefits: + +* Where a PSA driver is available, it likely has better performance, and sometimes better security, than the built-in software implementation. +* In many scenarios, where a PSA driver is available, this allows removing the software implementation altogether. +* We may be able to get rid of some redundancies, for example the duplication between the implementations of HMAC in `md.c` and in `psa_crypto_mac.c`, and HKDF in `hkdf.c` and `psa_crypto.c`. + +### Correct dependencies + +Traditionally, to determine whether a cryptographic mechanism was available, you had to check whether the corresponding Mbed TLS module or submodule was present: `MBEDTLS_SHA256_C` for SHA256, `MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC` for AES-CBC, etc. In code that uses the PSA interfaces, this needs to change to `PSA_WANT_xxx` symbols. + +### Backward compatibility + +All documented behavior must be preserved, except for interfaces currently described as experimental or unstable. Those interfaces can change, but we should minimize disruption by providing a transition path for reasonable use cases. + +#### Changeable configuration options + +The following configuration options are described as experimental, and are likely to change at least marginally: + +* `MBEDTLS_PSA_CRYPTO_CLIENT`: “This interface is experimental and may change or be removed without notice.” In practice we don't want to remove this, but we may constrain how it's used. +* `MBEDTLS_PSA_CRYPTO_DRIVERS`: “This interface is experimental. We intend to maintain backward compatibility with application code that relies on drivers, but the driver interfaces may change without notice.” In practice, this may mean constraints not only on how to write drivers, but also on how to integrate drivers into code that is platform code more than application code. +* `MBEDTLS_PSA_CRYPTO_CONFIG`: “This feature is still experimental and is not ready for production since it is not completed.” We may want to change this, for example, to automatically enable more mechanisms (although this wouldn't be considered a backward compatibility break anyway, since we don't promise that you will not get a feature if you don't enable its `PSA_WANT_xxx`). + +### Non-goals + +It is not a goal at this stage to make more code directly call `psa_xxx` functions. Rather, the goal is to make more code call PSA drivers where available. How dispatch is done is secondary. + +## Problem analysis + +### Scope analysis + +#### Limitations of `MBEDTLS_USE_PSA_CRYPTO` + +The option `MBEDTLS_USE_PSA_CRYPTO` causes parts of the library to call the PSA API instead of legacy APIs for cryptographic calculations. `MBEDTLS_USE_PSA_CRYPTO` only applies to `pk.h`, X.509 and TLS. When this option is enabled, applications must call `psa_crypto_init()` before calling any of the functions in these modules. + +In this work, we want two things: + +* Make non-covered modules call PSA, but only [when this will actually work](#why-psa-is-not-always-possible). This effectively brings those modules to a partial use-PSA behavior (benefiting from PSA accelerators when they're usable) regardless of whether the option is enabled. +* Call PSA when a covered module calls a non-covered module which calls another module, for example X.509 calling pk for PSS verification which calls RSA which calculates a hash ([see issue \#6497](https://github.com/Mbed-TLS/mbedtls/issues/6497)). This effectively extends the option to modules that aren't directly covered. + +#### Classification of callers + +We can classify code that implements or uses cryptographic mechanisms into several groups: + +* Software implementations of primitive cryptographic mechanisms. These are not expected to change. +* Software implementations of constructed cryptographic mechanisms (e.g. HMAC, CTR_DRBG, RSA (calling a hash for PSS/OAEP, and needing to know the hash length in PKCS1v1.5 sign/verify), …). These need to keep working whenever a legacy implementation of the auxiliary mechanism is available, regardless of whether a PSA implementation is also available. +* Code implementing the PSA crypto interface. This is not expected to change, except perhaps to expose some internal functionality to overhauled glue code. +* Code that's subject to `MBEDTLS_USE_PSA_CRYPTO`: `pk.h`, X.509, TLS (excluding TLS 1.3). +* Code that always uses PSA for crypto: TLS 1.3, LMS. + +For the purposes of this work, three domains emerge: + +* **Legacy domain**: does not interact with PSA. Implementations of hashes, of cipher primitives, of arithmetic. +* **Mixed domain**: does not currently use PSA, but should [when possible](#why-psa-is-not-always-possible). This consists of the constructed cryptographic primitives (except LMS), as well as pk, X.509 and TLS when `MBEDTLS_USE_PSA_CRYPTO` is disabled. +* **PSA domain**: includes pk, X.509 and TLS when `MBEDTLS_USE_PSA_CRYPTO` is enabled. Also TLS 1.3, LMS. + +#### Non-use-PSA modules + +The following modules in Mbed TLS call another module to perform cryptographic operations which, in the long term, will be provided through a PSA interface, but cannot make any PSA-related assumption: + +* CCM (block cipher in ECB mode; interdependent with cipher) +* cipher (cipher and AEAD algorithms) +* CMAC (AES-ECB and DES-ECB, but could be extended to the other block ciphers; interdependent with cipher) +* CTR\_DRBG (AES-ECB, but could be extended to the other block ciphers) +* entropy (hashes via low-level) +* ECDSA (HMAC\_DRBG; `md.h` exposed through API) +* ECJPAKE (hashes via md; `md.h` exposed through API) +* GCM (block cipher in ECB mode; interdependent with cipher) +* md (hashes and HMAC) +* NIST\_KW (AES-ECB; interdependent with cipher) +* HMAC\_DRBG (hashes and HMAC via `md.h`; `md.h` exposed through API) +* PEM (AES and DES in CBC mode without padding; MD5 hash via low-level) +* PKCS12 (cipher, generically, selected from ASN.1 or function parameters; hashes via md; `cipher.h` exposed through API) +* PKCS5 (cipher, generically, selected from ASN.1; HMAC via `md.h`; `md.h` exposed through API) +* RSA (hash via md for PSS and OAEP; `md.h` exposed through API) + +### Difficulties + +#### Why PSA is not always possible + +Here are some reasons why calling `psa_xxx()` to perform a hash or cipher calculation might not be desirable in some circumstances, explaining why the application would arrange to call the legacy software implementation instead. + +* `MBEDTLS_PSA_CRYPTO_C` is disabled. +* There is a PSA driver which has not been initialized (this happens in `psa_crypto_init()`). +* For ciphers, the keystore is not initialized yet, and Mbed TLS uses a custom implementation of PSA ITS where the file system is not accessible yet (because something else needs to happen first, and the application takes care that it happens before it calls `psa_crypto_init()`). A possible workaround may be to dispatch to the internal functions that are called after the keystore lookup, rather than to the PSA API functions (but this is incompatible with `MBEDTLS_PSA_CRYPTO_CLIENT`). +* The requested mechanism is enabled in the legacy interface but not in the PSA interface. This was not really intended, but is possible, for example, if you enable `MBEDTLS_MD5_C` for PEM decoding with PBKDF1 but don't want `PSA_ALG_WANT_MD5` because it isn't supported for `PSA_ALG_RSA_PSS` and `PSA_ALG_DETERMINISTIC_ECDSA`. +* `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled, and the client has not yet activated the connection to the server (this happens in `psa_crypto_init()`). +* `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled, but the operation is part of the implementation of an encrypted communication with the crypto service, or the local implementation is faster because it avoids a costly remote procedure call. + +#### Indirect knowledge + +Consider for example the code in `rsa.c` to perform an RSA-PSS signature. It needs to calculate a hash. If `mbedtls_rsa_rsassa_pss_sign()` is called directly by application code, it is supposed to call the built-in implementation: calling a PSA accelerator would be a behavior change, acceptable only if this does not add a risk of failure or performance degradation ([PSA is impossible or undesirable in some circumstances](#why-psa-is-not-always-possible)). Note that this holds regardless of the state of `MBEDTLS_USE_PSA_CRYPTO`, since `rsa.h` is outside the scope of `MBEDTLS_USE_PSA_CRYPTO`. On the other hand, if `mbedtls_rsa_rsassa_pss_sign()` is called from X.509 code, it should use PSA to calculate hashes. It doesn't, currently, which is [bug \#6497](https://github.com/Mbed-TLS/mbedtls/issues/6497). + +Generally speaking, modules in the mixed domain: + +* must call PSA if called by a module in the PSA domain; +* must not call PSA (or must have a fallback) if their caller is not in the PSA domain and the PSA call is not guaranteed to work. + +#### Non-support guarantees: requirements + +Generally speaking, just because some feature is not enabled in `mbedtls_config.h` or `psa_config.h` doesn't guarantee that it won't be enabled in the build. We can enable additional features through `build_info.h`. + +If `PSA_WANT_xxx` is disabled, this should guarantee that attempting xxx through the PSA API will fail. This is generally guaranteed by the test suite `test_suite_psa_crypto_not_supported` with automatically enumerated test cases, so it would be inconvenient to carve out an exception. + +### Technical requirements + +Based on the preceding analysis, the core of the problem is: for code in the mixed domain (see [“Classification of callers”](#classification-of-callers)), how do we handle a cryptographic mechanism? This has several related subproblems: + +* How the mechanism is encoded (e.g. `mbedtls_md_type_t` vs `const *mbedtls_md_info_t` vs `psa_algorithm_t` for hashes). +* How to decide whether a specific algorithm or key type is supported (eventually based on `MBEDTLS_xxx_C` vs `PSA_WANT_xxx`). +* How to obtain metadata about algorithms (e.g. hash/MAC/tag size, key size). +* How to perform the operation (context type, which functions to call). + +We need a way to decide this based on the available information: + +* Who's the ultimate caller — see [indirect knowledge](#indirect-knowledge) — which is not actually available. +* Some parameter indicating which algorithm to use. +* The available cryptographic implementations, based on preprocessor symbols (`MBEDTLS_xxx_C`, `PSA_WANT_xxx`, `MBEDTLS_PSA_ACCEL_xxx`, etc.). +* Possibly additional runtime state (for example, we might check whether `psa_crypto_init` has been called). + +And we need to take care of the [the cases where PSA is not possible](#why-psa-is-not-always-possible): either make sure the current behavior is preserved, or (where allowed by backward compatibility) document a behavior change and, preferably, a workaround. + +### Working through an example: RSA-PSS + +Let us work through the example of RSA-PSS which calculates a hash, as in [see issue \#6497](https://github.com/Mbed-TLS/mbedtls/issues/6497). + +RSA is in the [mixed domain](#classification-of-callers). So: + +* When called from `psa_sign_hash` and other PSA functions, it must call the PSA hash accelerator if there is one. +* When called from user code, it must call the built-in hash implementation if PSA is not available (regardless of whether this is because `MBEDTLS_PSA_CRYPTO_C` is disabled, or because `PSA_WANT_ALG_xxx` is disabled for this hash, or because there is an accelerator driver which has not been initialized yet). + +RSA knows which hash algorithm to use based on a parameter of type `mbedtls_md_type_t`. (More generally, all mixed-domain modules that take an algorithm specification as a parameter take it via a numerical type, except HMAC\_DRBG and HKDF which take a `const mbedtls_md_info_t*` instead, and CMAC which takes a `const mbedtls_cipher_info_t *`.) + +#### Double encoding solution + +A natural solution is to double up the encoding of hashes in `mbedtls_md_type_t`. Pass `MBEDTLS_MD_SHA256` and `md` will dispatch to the legacy code, pass a new constant `MBEDTLS_MD_SHA256_USE_PSA` and `md` will dispatch through PSA. + +This maximally preserves backward compatibility, but then no non-PSA code benefits from PSA accelerators, and there's little potential for removing the software implementation. + +#### Availability of hashes in RSA-PSS + +Here we try to answer the question: As a caller of RSA-PSS via `rsa.h`, how do I know whether it can use a certain hash? + +* For a caller in the legacy domain: if e.g. `MBEDTLS_SHA256_C` is enabled, then I want RSA-PSS to support SHA-256. I don't care about negative support. So `MBEDTLS_SHA256_C` must imply support for RSA-PSS-SHA-256. It must work at all times, regardless of the state of PSA (e.g. drivers not initialized). +* For a caller in the PSA domain: if e.g. `PSA_WANT_ALG_SHA_256` is enabled, then I want RSA-PSS to support SHA-256, provided that `psa_crypto_init()` has been called. In some limited cases, such as `test_suite_psa_crypto_not_supported` when PSA implements RSA-PSS in software, we care about negative support: if `PSA_WANT_ALG_SHA_256` is disabled then `psa_verify_hash` must reject `PSA_WANT_ALG_SHA_256`. This can be done at the level of PSA before it calls the RSA module, though, so it doesn't have any implication on the RSA module. As far as `rsa.c` is concerned, what matters is that `PSA_WANT_ALG_SHA_256` implies that SHA-256 is supported after `psa_crypto_init()` has been called. +* For a caller in the mixed domain: requirements depend on the caller. Whatever solution RSA has to determine the availability of algorithms will apply to its caller as well. + +Conclusion so far: RSA must be able to do SHA-256 if either `MBEDTLS_SHA256_C` or `PSA_WANT_ALG_SHA_256` is enabled. If only `PSA_WANT_ALG_SHA_256` and not `MBEDTLS_SHA256_C` is enabled (which implies that PSA's SHA-256 comes from an accelerator driver), then SHA-256 only needs to work if `psa_crypto_init()` has been called. + +#### More in-depth discussion of compile-time availability determination + +The following combinations of compile-time support are possible: + +* `MBEDTLS_PSA_CRYPTO_CLIENT`. Then calling PSA may or may not be desirable for performance. There are plausible use cases where only the server has access to an accelerator so it's best to call the server, and plausible use cases where calling the server has overhead that negates the savings from using acceleration, if there are savings at all. In any case, calling PSA only works if the connection to the server has been established, meaning `psa_crypto_init` has been called successfully. In the rest of this case enumeration, assume `MBEDTLS_PSA_CRYPTO_CLIENT` is disabled. +* No PSA accelerator. Then just call `mbedtls_sha256`, it's all there is, and it doesn't matter (from an API perspective) exactly what call chain leads to it. +* PSA accelerator, no software implementation. Then we might as well call the accelerator, unless it's important that the call fails. At the time of writing, I can't think of a case where we would want to guarantee that if `MBEDTLS_xxx_C` is not enabled, but xxx is enabled through PSA, then a request to use algorithm xxx through some legacy interface must fail. +* Both PSA acceleration and the built-in implementation. In this case, we would prefer PSA for the acceleration, but we can only do this if the accelerator driver is working. For hashes, it's enough to assume the driver is initialized; we've [considered requiring hash drivers to work without initialization](https://github.com/Mbed-TLS/mbedtls/pull/6470). For ciphers, this is more complicated because the cipher functions require the keystore, and plausibly a cipher accelerator might want entropy (for side channel countermeasures) which might not be available at boot time. + +Note that it's a bit tricky to determine which algorithms are available. In the case where there is a PSA accelerator but no software implementation, we don't want the preprocessor symbols to indicate that the algorithm is available through the legacy domain, only through the PSA domain. What does this mean for the interfaces in the mixed domain? They can't guarantee the availability of the algorithm, but they must try if requested. + +### Designing an interface for hashes + +In this section, we specify a hash metadata and calculation for the [mixed domain](#classification-of-callers), i.e. code that can be called both from legacy code and from PSA code. + +#### Availability of hashes + +Generalizing the analysis in [“Availability of hashes in RSA-PSS”](#availability-of-hashes-in-RSA-PSS): + +A hash is available through the mixed-domain interface iff either of the following conditions is true: + +* A legacy hash interface is available and the hash algorithm is implemented in software. +* PSA crypto is enabled and the hash algorithm is implemented via PSA. + +We could go further and make PSA accelerators available to legacy callers that call any legacy hash interface, e.g. `md.h` or `shaX.h`. There is little point in doing this, however: callers should just use the mixed-domain interface. + +#### Implications between legacy availability and PSA availability + +* When `MBEDTLS_PSA_CRYPTO_CONFIG` is disabled, all legacy mechanisms are automatically enabled through PSA. Users can manually enable PSA mechanisms that are available through accelerators but not through legacy, but this is not officially supported (users are not supposed to manually define PSA configuration symbols when `MBEDTLS_PSA_CRYPTO_CONFIG` is disabled). +* When `MBEDTLS_PSA_CRYPTO_CONFIG` is enabled, there is no mandatory relationship between PSA support and legacy support for a mechanism. Users can configure legacy support and PSA support independently. Legacy support is automatically enabled if PSA support is requested, but only if there is no accelerator. + +It is strongly desirable to allow mechanisms available through PSA but not legacy: this allows saving code size when an accelerator is present. + +There is no strong reason to allow mechanisms available through legacy but not PSA when `MBEDTLS_PSA_CRYPTO_C` is enabled. This would only save at best a very small amount of code size in the PSA dispatch code. This may be more desirable when `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled (having a mechanism available only locally and not in the crypto service), but we do not have an explicit request for this and it would be entirely reasonable to forbid it. + +In this analysis, we have not found a compelling reason to require all legacy mechanisms to also be available through PSA. However, this can simplify both the implementation and the use of dispatch code thanks to some simplifying properties: + +* Mixed-domain code can call PSA code if it knows that `psa_crypto_init()` has been called, without having to inspect the specifics of algorithm support. +* Mixed-domain code can assume that PSA buffer calculations work correctly for all algorithms that it supports. + +#### Shape of the mixed-domain hash interface + +We now need to create an abstraction for mixed-domain hash calculation. (We could not create an abstraction, but that would require every piece of mixed-domain code to replicate the logic here. We went that route in Mbed TLS 3.3, but it made it effectively impossible to get something that works correctly.) + +Requirements: given a hash algorithm, + +* Obtain some metadata about it (size, block size). +* Calculate the hash. +* Set up a multipart operation to calculate the hash. The operation must support update, finish, reset, abort, clone. + +The existing interface in `md.h` is close to what we want, but not perfect. What's wrong with it? + +* It has an extra step of converting from `mbedtls_md_type_t` to `const mbedtls_md_info_t *`. +* It includes extra fluff such as names and HMAC. This costs code size. +* The md module has some legacy baggage dating from when it was more open, which we don't care about anymore. This may cost code size. + +These problems are easily solvable. + +* `mbedtls_md_info_t` can become a very thin type. We can't remove the extra function call from the source code of callers, but we can make it a very thin abstraction that compilers can often optimize. +* We can make names and HMAC optional. The mixed-domain hash interface won't be the full `MBEDTLS_MD_C` but a subset. +* We can optimize `md.c` without making API changes to `md.h`. + +## Specification + +### MD light + +https://github.com/Mbed-TLS/mbedtls/pull/6474 implements part of this specification, but it's based on Mbed TLS 3.2, so it needs to be rewritten for 3.3. + +#### Definition of MD light + +MD light is a subset of `md.h` that implements the hash calculation interface described in ”[Designing an interface for hashes](#designing-an-interface-for-hashes)”. It is activated by `MBEDTLS_MD_LIGHT` in `mbedtls_config.h`. + +The following things enable MD light automatically in `build_info.h`: + +* A [mixed-domain](#classification-of-callers) module that needs to calculate hashes is enabled. +* `MBEDTLS_MD_C` is enabled. + +MD light includes the following types: + +* `mbedtls_md_type_t` +* `mbedtls_md_info_t` +* `mbedtls_md_context_t` + +MD light includes the following functions: + +* `mbedtls_md_info_from_type` +* `mbedtls_md_init` +* `mbedtls_md_free` +* `mbedtls_md_setup` — but `hmac` must be 0 if `MBEDTLS_MD_C` is disabled. +* `mbedtls_md_clone` +* `mbedtls_md_get_size` +* `mbedtls_md_get_type` +* `mbedtls_md_starts` +* `mbedtls_md_update` +* `mbedtls_md_finish` +* `mbedtls_md` + +Unlike the full MD, MD light does not support null pointers as `mbedtls_md_context_t *`. At least some functions still need to support null pointers as `const mbedtls_md_info_t *` because this arises when you try to use an unsupported algorithm (`mbedtls_md_info_from_type` returns `NULL`). + +#### MD algorithm support macros + +For each hash algorithm, `md.h` defines a macro `MBEDTLS_MD_CAN_xxx` whenever the corresponding hash is available through MD light. These macros are only defined when `MBEDTLS_MD_LIGHT` is enabled. Per “[Availability of hashes](#availability-of-hashes)”, `MBEDTLS_MD_CAN_xxx` is enabled if: + +* the corresponding `MBEDTLS_xxx_C` is defined; or +* one of `MBEDTLS_PSA_CRYPTO_C` or `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled, and the corresponding `PSA_WANT_ALG_xxx` is enabled. + +Note that some algorithms have different spellings in legacy and PSA. Since MD is a legacy interface, we'll use the legacy names. Thus, for example: + +``` +#if defined(MBEDTLS_MD_LIGHT) +#if defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && PSA_WANT_ALG_SHA_256) +#define MBEDTLS_MD_CAN_SHA256 +#endif +#endif +``` + +Note: in the future, we may want to replace `defined(MBEDTLS_PSA_CRYPTO_C)` +with `defined(MBEDTLS_PSA_CRYTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)` but +for now this is out of scope. + +#### MD light internal support macros + +* If at least one hash has a PSA driver, define `MBEDTLS_MD_SOME_PSA`. +* If at least one hash has a legacy implementation, defined `MBEDTLS_MD_SOME_LEGACY`. + +#### Support for PSA in the MD context + +An MD context needs to contain either a legacy module's context (or a pointer to one, as is the case now), or a PSA context (or a pointer to one). + +I am inclined to remove the pointer indirection, but this means that an MD context would always be as large as the largest supported hash context. So for the time being, this specification keeps a pointer. For uniformity, PSA will also have a pointer (we may simplify this later). + +``` +enum { + MBEDTLS_MD_ENGINE_LEGACY, + MBEDTLS_MD_ENGINE_PSA, +} mbedtls_md_engine_t; // private type + +typedef struct mbedtls_md_context_t { + mbedtls_md_type_t type; +#if defined(MBEDTLS_MD_SOME_PSA) + mbedtls_md_engine_t engine; +#endif + void *md_ctx; // mbedtls_xxx_context or psa_hash_operation +#if defined(MBEDTLS_MD_C) + void *hmac_ctx; +#endif +} mbedtls_md_context_t; +``` + +All fields are private. + +The `engine` field is almost redundant with knowledge about `type`. However, when an algorithm is available both via a legacy module and a PSA accelerator, we will choose based on the runtime availability of the accelerator when the context is set up. This choice needs to be recorded in the context structure. + +#### Inclusion of MD info structures + +MD light needs to support hashes that are only enabled through PSA. Therefore the `mbedtls_md_info_t` structures must be included based on `MBEDTLS_MD_CAN_xxx` instead of just the legacy module. + +The same criterion applies in `mbedtls_md_info_from_type`. + +#### Conversion to PSA encoding + +The implementation needs to convert from a legacy type encoding to a PSA encoding. + +``` +static inline psa_algorithm_t psa_alg_of_md_info( + const mbedtls_md_info_t *md_info ); +``` + +#### Determination of PSA support at runtime + +``` +int psa_can_do_hash(psa_algorithm_t hash_alg); +``` + +The job of this private function is to return 1 if `hash_alg` can be performed through PSA now, and 0 otherwise. It is only defined on algorithms that are enabled via PSA. + +As a starting point, return 1 if PSA crypto has been initialized. This will be refined later (to return 1 if the [accelerator subsystem](https://github.com/Mbed-TLS/mbedtls/issues/6007) has been initialized). + +Usage note: for algorithms that are not enabled via PSA, calling `psa_can_do_hash` is generally safe: whether it returns 0 or 1, you can call a PSA hash function on the algorithm and it will return `PSA_ERROR_NOT_SUPPORTED`. + +#### Support for PSA dispatch in hash operations + +Each function that performs some hash operation or context management needs to know whether to dispatch via PSA or legacy. + +If given an established context, use its `engine` field. + +If given an algorithm as an `mbedtls_md_type_t type` (possibly being the `type` field of a `const mbedtls_md_info_t *`): + +* If there is a PSA accelerator for this hash and `psa_can_do_hash(alg)`, call the corresponding PSA function, and if applicable set the engine to `MBEDTLS_MD_ENGINE_PSA`. (Skip this is `MBEDTLS_MD_SOME_PSA` is not defined.) +* Otherwise dispatch to the legacy module based on the type as currently done. (Skip this is `MBEDTLS_MD_SOME_LEGACY` is not defined.) +* If no dispatch is possible, return `MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE`. + +Note that this assumes that an operation that has been started via PSA can be completed. This implies that `mbedtls_psa_crypto_free` must not be called while an operation using PSA is in progress. Document this. + +#### Error code conversion + +After calling a PSA function, call `mbedtls_md_error_from_psa` to convert its status code. This function is currently defined in `hash_info.c`. + +### Migration to MD light + +#### Migration of modules that used to call MD and now do the legacy-or-PSA dance + +Get rid of the case where `MBEDTLS_MD_C` is undefined. Enable `MBEDTLS_MD_LIGHT` in `build_info.h`. + +#### Migration of modules that used to call a low-level hash module and now do the legacy-or-PSA dance + +Switch to calling MD (light) unconditionally. Enable `MBEDTLS_MD_LIGHT` in `build_info.h`. + +#### Migration of modules that call a low-level hash module + +Switch to calling MD (light). Enable `MBEDTLS_MD_LIGHT` in `build_info.h`. + +#### Migration of use-PSA mixed code + +Instead of calling `hash_info.h` functions to obtain metadata, get it from `md.h`. + +Optionally, code that currently tests on `MBEDTLS_USE_PSA_CRYPTO` just to determine whether to call MD or PSA to calculate hashes can switch to just having the MD variant. + +#### Remove `legacy_or_psa.h` + +It's no longer used. + +### Support all legacy algorithms in PSA + +As discussed in [“Implications between legacy availability and PSA availability”](#implications-between-legacy-availability-and-psa-availability), we require the following property: + +> If an algorithm has a legacy implementation, it is also available through PSA. + +When `MBEDTLS_PSA_CRYPTO_CONFIG` is disabled, this is already the case. When is enabled, we will now make it so as well. Change `include/mbedtls/config_psa.h` accordingly. + +### MD light optimizations + +This section is not necessary to implement MD light, but will cut down its code size. + +#### Split names out of MD light + +Remove hash names from `mbedtls_md_info_t`. Use a simple switch-case or a separate list to implement `mbedtls_md_info_from_string` and `mbedtls_md_get_name`. + +#### Remove metadata from the info structure + +In `mbedtls_md_get_size` and in modules that want a hash's block size, instead of looking up hash metadata in the info structure, call the PSA macros. + +#### Optimize type conversions + +To allow optimizing conversions between `mbedtls_md_type_t` and `psa_algorithm_t`, renumber the `mbedtls_md_type_t` enum so that the values are the 8 lower bits of the PSA encoding. + +With this optimization, +``` +static inline psa_algorithm_t psa_alg_of_md_info( + const mbedtls_md_info_t *md_info ) +{ + if( md_info == NULL ) + return( PSA_ALG_NONE ); + return( PSA_ALG_CATEGORY_HASH | md_info->type ); +} +``` + +Work in progress on this conversion is at https://github.com/gilles-peskine-arm/mbedtls/tree/hash-unify-ids-wip-1 + +#### Get rid of the hash_info module + +The hash_info module is redundant with MD light. Move `mbedtls_md_error_from_psa` to `md.c`, defined only when `MBEDTLS_MD_SOME_PSA` is defined. The rest is no longer used. + +#### Unify HMAC with PSA + +PSA has its own HMAC implementation. In builds with both `MBEDTLS_MD_C` and `PSA_WANT_ALG_HMAC` not fully provided by drivers, we should have a single implementation. Replace the one in `md.h` by calls to the PSA driver interface. This will also give mixed-domain modules access to HMAC accelerated directly by a PSA driver (eliminating the need to a HMAC interface in software if all supported hashes have an accelerator that includes HMAC support). + +### Improving support for `MBEDTLS_PSA_CRYPTO_CLIENT` + +So far, MD light only dispatches to PSA if an algorithm is available via `MBEDTLS_PSA_CRYPTO_C`, not if it's available via `MBEDTLS_PSA_CRYPTO_CLIENT`. This is acceptable because `MBEDTLS_USE_PSA_CRYPTO` requires `MBEDTLS_PSA_CRYPTO_C`, hence mixed-domain code never invokes PSA. + +The architecture can be extended to support `MBEDTLS_PSA_CRYPTO_CLIENT` with a little extra work. Here is an overview of the task breakdown, which should be fleshed up after we've done the first [migration](#migration-to-md-light): + +* Compile-time dependencies: instead of checking `defined(MBEDTLS_PSA_CRYPTO_C)`, check `defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)`. +* Implementers of `MBEDTLS_PSA_CRYPTO_CLIENT` will need to provide `psa_can_do_hash()` (or a more general function `psa_can_do`) alongside `psa_crypto_init()`. Note that at this point, it will become a public interface, hence we won't be able to change it at a whim. diff --git a/docs/architecture/psa-migration/outcome-analysis.sh b/docs/architecture/psa-migration/outcome-analysis.sh index 908468548..1805a3ca0 100755 --- a/docs/architecture/psa-migration/outcome-analysis.sh +++ b/docs/architecture/psa-migration/outcome-analysis.sh @@ -1,42 +1,30 @@ #!/bin/sh -# This script runs tests in various revisions and configurations and analyses -# the results in order to highlight any difference in the set of tests skipped -# in the test suites of interest. +# This script runs tests before and after a PR and analyzes the results in +# order to highlight any difference in the set of tests skipped. # -# It can be used to ensure the testing criteria mentioned in strategy.md, +# It can be used to check the first testing criterion mentioned in strategy.md, # end of section "Supporting builds with drivers without the software -# implementation" are met, namely: +# implementation", namely: the sets of tests skipped in the default config and +# the full config must be the same before and after the PR. # -# - the sets of tests skipped in the default config and the full config must be -# the same before and after the PR that implements step 3; -# - the set of tests skipped in the driver-only build is the same as in an -# equivalent software-based configuration, or the difference is small enough, -# justified, and a github issue is created to track it. -# This part is verified by tests/scripts/analyze_outcomes.py +# USAGE: +# - First, commit any uncommited changes. (Also, see warning below.) +# - Then launch --> [SKIP_SSL_OPT=1] docs/architecture/psa-migration/outcome-analysis.sh +# - SKIP_SSL_OPT=1 can optionally be set to skip ssl-opt.sh tests # # WARNING: this script checks out a commit other than the head of the current # branch; it checks out the current branch again when running successfully, # but while the script is running, or if it terminates early in error, you # should be aware that you might be at a different commit than expected. # -# NOTE: This is only an example/template script, you should make a copy and -# edit it to suit your needs. The part that needs editing is at the top. -# -# Also, you can comment out parts that don't need to be re-done when +# NOTE: you can comment out parts that don't need to be re-done when # re-running this script (for example "get numbers before this PR"). -# ----- BEGIN edit this ----- -# Space-separated list of test suites to ignore: -# if SSS is in that list, test_suite_SSS and test_suite_SSS.* are ignored. -IGNORE="md mdx shax" # accelerated -IGNORE="$IGNORE entropy hmac_drbg random" # disabled (ext. RNG) -IGNORE="$IGNORE psa_crypto_init" # needs internal RNG -IGNORE="$IGNORE hkdf" # disabled in the all.sh component tested -# ----- END edit this ----- - set -eu +: ${SKIP_SSL_OPT:=0} + cleanup() { make clean git checkout -- include/mbedtls/mbedtls_config.h include/psa/crypto_config.h @@ -45,30 +33,45 @@ cleanup() { record() { export MBEDTLS_TEST_OUTCOME_FILE="$PWD/outcome-$1.csv" rm -f $MBEDTLS_TEST_OUTCOME_FILE + make check + + if [ $SKIP_SSL_OPT -eq 0 ]; then + make -C programs ssl/ssl_server2 ssl/ssl_client2 \ + test/udp_proxy test/query_compile_time_config + tests/ssl-opt.sh + fi } -# save current HEAD -HEAD=$(git branch --show-current) +# save current HEAD. +# Note: this can optionally be updated to +# HEAD=$(git branch --show-current) +# when using a Git version above 2.22 +HEAD=$(git rev-parse --abbrev-ref HEAD) # get the numbers before this PR for default and full cleanup git checkout $(git merge-base HEAD development) + record "before-default" cleanup + scripts/config.py full record "before-full" # get the numbers now for default and full cleanup git checkout $HEAD + record "after-default" cleanup + scripts/config.py full record "after-full" +cleanup # analysis @@ -77,15 +80,19 @@ populate_suites () { make generated_files >/dev/null data_files=$(cd tests/suites && echo *.data) for data in $data_files; do - suite=${data#test_suite_} - suite=${suite%.data} - suite_base=${suite%%.*} - case " $IGNORE " in - *" $suite_base "*) :;; - *) SUITES="$SUITES $suite";; - esac + suite=${data%.data} + SUITES="$SUITES $suite" done make neat + + if [ $SKIP_SSL_OPT -eq 0 ]; then + SUITES="$SUITES ssl-opt" + extra_files=$(cd tests/opt-testcases && echo *.sh) + for extra in $extra_files; do + suite=${extra%.sh} + SUITES="$SUITES $suite" + done + fi } compare_suite () { @@ -93,7 +100,7 @@ compare_suite () { new="outcome-$2.csv" suite="$3" - pattern_suite=";test_suite_$suite;" + pattern_suite=";$suite;" total=$(grep -c "$pattern_suite" "$ref") sed_cmd="s/^.*$pattern_suite\(.*\);SKIP.*/\1/p" sed -n "$sed_cmd" "$ref" > skipped-ref @@ -101,8 +108,9 @@ compare_suite () { nb_ref=$(wc -l %4d\n" \ - $suite $total $nb_ref $nb_new + name=${suite#test_suite_} + printf "%40s: total %4d; skipped %4d -> %4d\n" \ + $name $total $nb_ref $nb_new if diff skipped-ref skipped-new | grep '^> '; then ret=1 else diff --git a/docs/architecture/psa-migration/psa-limitations.md b/docs/architecture/psa-migration/psa-limitations.md index c3680231d..29d7c5330 100644 --- a/docs/architecture/psa-migration/psa-limitations.md +++ b/docs/architecture/psa-migration/psa-limitations.md @@ -11,11 +11,15 @@ is, of course, to actually do the migration work. Limitations relevant for G1 (performing crypto operations) ========================================================== -Restartable ECC operations --------------------------- +Restartable (aka interruptible) ECC operations +---------------------------------------------- -There is currently no support for that in PSA at all, but it will be added at -some point, see . +Support for interruptible ECDSA sign/verify was added to PSA in Mbed TLS 3.4. +However, support for interruptible ECDH is not present yet. Also, PK, X.509 and +TLS have not yet been adapted to take advantage of the new PSA APIs. See: +- ; +- ; +- . Currently, when `MBEDTLS_USE_PSA_CRYPTO` and `MBEDTLS_ECP_RESTARTABLE` are both enabled, some operations that should be restartable are not (ECDH in TLS @@ -78,6 +82,10 @@ the one that requires the most work, but it would deliver value beyond PSA migration by implementing RFC 7919. (Implementing RFC 7919 could be done any time; making it mandatory can only be done in 4.0 or another major version.) +As of early 2023, the plan is to go with option 2 in Mbed TLS 4.0, which has +been announced on the mailing-list and got no push-back, see +. + RSA-PSS parameters ------------------ @@ -321,6 +329,8 @@ probably not acceptable. in the meantime. Such an extension seems inconvenient and not motivated by strong security arguments, so it's unclear whether it would be accepted. +Since Mbed TLS 3.4, option 1 is implemented. + Limitations relevant for G2 (isolation of long-term secrets) ============================================================ diff --git a/docs/architecture/psa-migration/strategy.md b/docs/architecture/psa-migration/strategy.md index 0ad5fa0a5..b985a77fa 100644 --- a/docs/architecture/psa-migration/strategy.md +++ b/docs/architecture/psa-migration/strategy.md @@ -18,13 +18,17 @@ needs to be changed to use new APIs. For a more detailed account of what's implemented, see `docs/use-psa-crypto.md`, where new APIs are about (G2), and internal changes implement (G1). +As of early 2023, work towards G5 is in progress: Mbed TLS 3.3 and 3.4 saw +some improvements in this area, and more will be coming in future releases. + Generally speaking, the numbering above doesn't mean that each goal requires the preceding ones to be completed. + Compile-time options ==================== -We currently have two compile-time options that are relevant to the migration: +We currently have a few compile-time options that are relevant to the migration: - `MBEDTLS_PSA_CRYPTO_C` - enabled by default, controls the presence of the PSA Crypto APIs. @@ -36,7 +40,9 @@ We currently have two compile-time options that are relevant to the migration: The reasons why `MBEDTLS_USE_PSA_CRYPTO` is optional and disabled by default are: -- it's incompatible with `MBEDTLS_ECP_RESTARTABLE`; +- it's not fully compatible with `MBEDTLS_ECP_RESTARTABLE`: you can enable + both, but then you won't get the full effect of RESTARTBLE (see the +documentation of this option in `mbedtls_config.h`); - to avoid a hard/default dependency of TLS, X.509 and PK on `MBEDTLS_PSA_CRYPTO_C`, for backward compatibility reasons: - When `MBEDTLS_PSA_CRYPTO_C` is enabled and used, applications need to call @@ -71,10 +77,10 @@ Crypto does not support restartable operations, there's a clear conflict: the TLS and X.509 layers can't both use only PSA APIs and get restartable behaviour. -Supporting this in PSA is on our roadmap and currently planned for end of -2022, see . +Support for restartable (aka interruptible) ECDSA sign/verify operation was +added to PSA in Mbed TLS 3.4, but support for ECDH is not present yet. -It will then require follow-up work to make use of the new PSA API in +It will then require follow-up work to make use of the new PSA APIs in PK/X.509/TLS in all places where we currently allow restartable operations. ### Backward compatibility issues with making `MBEDTLS_USE_PSA_CRYPTO` always on @@ -137,8 +143,11 @@ crypto API. - Downside: tricky to implement if the PSA implementation is currently done on top of that layer (dependency loop). -This strategy is currently (early 2022) used for all operations in the PK -layer. +This strategy is currently (early 2023) used for all operations in the PK +layer; the MD layer uses a variant where it dispatches to PSA if a driver is +available and the driver subsystem has been initialized, regardless of whether +`USE_PSA_CRYPTO` is enabled; see `md-cipher-dispatch.md` in the same directory +for details. This strategy is not very well suited to the Cipher layer, as the PSA implementation is currently done on top of that layer. @@ -161,8 +170,9 @@ Replace calls for each operation code size. - Downside: TLS/X.509 code has to be done for each operation. -This strategy is currently (early 2022) used for the MD layer and the Cipher -layer. +This strategy is currently (early 2023) used for the MD layer and the Cipher +layer in X.509 and TLS. Crypto modules however always call to MD which may +then dispatch to PSA, see `md-cipher-dispatch.md`. Opt-in use of PSA from the abstraction layer -------------------------------------------- @@ -210,7 +220,10 @@ Strategies currently (early 2022) used with each abstraction layer: - PK (for G1): silently call PSA - PK (for G2): opt-in use of PSA (new key type) - Cipher (G1): replace calls at each call site -- MD (G1): replace calls at each call site +- MD (G1, X.509 and TLS): replace calls at each call site (depending on + `USE_PSA_CRYPTO`) +- MD (G5): silently call PSA when a driver is available, see + `md-cipher-dispatch.md`. Supporting builds with drivers without the software implementation @@ -219,10 +232,6 @@ Supporting builds with drivers without the software implementation This section presents a plan towards G5: save code size by compiling out our software implementation when a driver is available. -Additionally, we want to save code size by compiling out the -abstractions layers that we are not using when `MBEDTLS_USE_PSA_CRYPTO` is -enabled (see previous section): MD and Cipher. - Let's expand a bit on the definition of the goal: in such a configuration (driver used, software implementation and abstraction layer compiled out), we want: @@ -238,9 +247,10 @@ at feature parity with software-based builds. We can roughly divide the work needed to get there in the following steps: 0. Have a working driver interface for the algorithms we want to replace. -1. Have users of these algorithms call to PSA, not the legacy API, for all - operations. (This is G1, and for PK, X.509 and TLS this is controlled by - `MBEDTLS_USE_PSA_CRYPTO`.) This needs to be done in the library and tests. +1. Have users of these algorithms call to PSA or an abstraction layer than can + dispatch to PSA, but not the low-level legacy API, for all operations. +(This is G1, and for PK, X.509 and TLS this is controlled by +`MBEDTLS_USE_PSA_CRYPTO`.) This needs to be done in the library and tests. 2. Have users of these algorithms not depend on the legacy API for information management (getting a size for a given algorithm, etc.) 3. Adapt compile-time guards used to query availability of a given algorithm; @@ -262,50 +272,32 @@ not possible to achieve good test coverage at the end of step 1 or step 2, it is preferable to group with the next step(s) in the same PR until good test coverage can be reached. -**Status as of Mbed TLS 3.2:** +**Status as of end of March 2023 (shortly after 3.4):** - Step 0 is achieved for most algorithms, with only a few gaps remaining. - Step 1 is achieved for most of PK, X.509, and TLS when `MBEDTLS_USE_PSA_CRYPTO` is enabled with only a few gaps remaining (see docs/use-psa-crypto.md). -- Step 1 is not achieved for a lot of the crypto library including the PSA - core. For example, `entropy.c` calls the legacy API - `mbedtls_sha256` (or `mbedtls_sha512` optionally); `hmac_drbg.c` calls the - legacy API `mbedtls_md` and `ctr_drbg.c` calls the legacy API `mbedtls_aes`; - the PSA core depends on the entropy module and at least one of the DRBG - modules (unless `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is used). Further, several - crypto modules have similar issues, for example RSA PKCS#1 v2.1 calls - `mbedtls_md` directly. +- Step 1 is achieved for the crypto library regarding hashes: everything uses + MD (not low-level hash APIs), which then dispatches to PSA if applicable. +- Step 1 is not achieved for all of the crypto library when it come to + ciphers. For example,`ctr_drbg.c` calls the legacy API `mbedtls_aes`. - Step 2 is achieved for most of X.509 and TLS (same gaps as step 1) when - `MBEDTLS_USE_PSA_CRYPTO` is enabled - this was tasks like #5795, #5796, - #5797. It is being done in PK and RSA PKCS#1 v1.5 by PR #6065. -- Step 3 was mostly not started at all before 3.2; it is being done for PK by - PR #6065. + `MBEDTLS_USE_PSA_CRYPTO` is enabled. +- Step 3 is done for hashes and top-level ECC modules (ECDSA, ECDH, ECJPAKE). **Strategy for step 1:** Regarding PK, X.509, and TLS, this is mostly achieved with only a few gaps. (The strategy was outlined in the previous section.) -Regarding libmbedcrypto, outside of the RNG subsystem, for modules that -currently depend on other legacy crypto modules, this can be achieved without -backwards compatibility issues, by using the software implementation if -available, and "falling back" to PSA only if it's not. The compile-time -dependency changes from the current one (say, `MD_C` or `AES_C`) to "the -previous dependency OR PSA Crypto with needed algorithms". When building -without software implementation, users need to call `psa_crypto_init()` before -calling any function from these modules. This condition does not constitute a -break of backwards compatibility, as it was previously impossible to build in -those configurations, and in configurations were the build was possible, -application code keeps working unchanged. An work-in-progress example of -applying this strategy, for RSA PKCS#1 v2.1, is here: - - -There is a problem with the modules used for the PSA RNG, as currently the RNG -is initialized before drivers and the key store. This part will need further -study, but in the meantime we can proceed with everything that's not the -entropy module of one of the DRBG modules, and that does not depend on one of -those modules. +Regarding libmbedcrypto: +- for hashes and ciphers, see `md-cipher-dispatch.md` in the same directory; +- for ECC, we have no internal uses of the top-level algorithms (ECDSA, ECDH, + ECJPAKE), however they all depend on `ECP_C` which in turn depends on +`BIGNUM_C`. So, direct calls from TLS, X.509 and PK to ECP and Bignum will +need to be replaced; see and +linked issues for a summary of intermediate steps and open points. **Strategy for step 2:** @@ -315,14 +307,11 @@ convenient, for example in parts of the code that accept old-style identifiers (such as `mbedtls_md_type_t`) in their API and can't assume PSA to be compiled in (such as `rsa.c`). -It is suggested that, as a temporary solution until we clean this up -later when removing the legacy API including its identifiers (G4), we may -occasionally use ad-hoc internal functions, such as the ones introduced by PR -6065 in `library/hash_info.[ch]`. - -An alternative would be to have two different code paths depending on whether -`MBEDTLS_PSA_CRYPTO_C` is defined or not. However this is not great for -readability or testability. +When using an existing abstraction layer such as MD, it can provide +information management functions. In other cases, information that was in a +low-level module but logically belongs in a higher-level module can be moved +to that module (for example, TLS identifiers of curves and there conversion +to/from PSA or legacy identifiers belongs in TLS, not `ecp.c`). **Strategy for step 3:** @@ -338,35 +327,15 @@ dependencies above depending on whether `MBEDTLS_USE_PSA_CRYPTO` is defined: if it is, the code want the algorithm available in PSA, otherwise, it wants it available via the legacy API(s) is it using (MD and/or low-level). -The strategy for steps 1 and 2 above will introduce new situations: code that -currently compute hashes using MD (resp. a low-level hash module) will gain -the ability to "fall back" to using PSA if the legacy dependency isn't -available. Data related to a certain hash (OID, sizes, translations) should -only be included in the build if it is possible to use that hash in some way. +As much as possible, we're trying to create for each algorithm a single new +macro that can be used to express dependencies everywhere (except pure PSA +code that should always use `PSA_WANT`). For example, for hashes this is the +`MBEDTLS_MD_CAN_xxx` family. For ECC algorithms, we have similar +`MBEDTLS_PK_CAN_xxx` macros. -In order to cater to these new needs, new families of macros are introduced in -`legacy_or_psa.h`, see its documentation for details. - -It should be noted that there are currently: -- too many different ways of computing a hash (low-level, MD, PSA); -- too many different ways to configure the library that influence which of - these ways is available and will be used (`MBEDTLS_USE_PSA_CRYPTO`, - `MBEDTLS_PSA_CRYPTO_CONFIG`, `mbedtls_config.h` + `psa/crypto_config.h`). - -As a result, we need more families of dependency macros than we'd like to. -This is a temporary situation until we move to a place where everything is -based on PSA Crypto. In the meantime, long and explicit names where chosen for -the new macros in the hope of avoiding confusion. - -Note: the new macros supplement but do not replace the existing macros: -- code that always uses PSA Crypto (for example, code specific to TLS 1.3) - should use `PSA_WANT_xxx`; -- code that always uses the legacy API (for example, crypto modules that have - not undergone step 1 yet) should use `MBEDTLS_xxx_C`; -- code that may use one of the two APIs, either based on - `MBEDTLS_USE_PSA_CRYPTO` (X.509, TLS 1.2, shared between TLS 1.2 and 1.3), - or based on availability (crypto modules after step 1), should use one of - the new macros from `legacy_or_psa.h`. +Note that in order to achieve that goal, even for code that obeys +`USE_PSA_CRYPTO`, it is useful to impose that all algorithms that are +available via the legacy APIs are also available via PSA. Executing step 3 will mostly consist of using the right dependency macros in the right places (once the previous steps are done). @@ -386,15 +355,16 @@ are expressed (sometimes in bulk), to get things wrong in a way that would result in more tests being skipped, which is easy to miss. Care must be taken to ensure this does not happen. The following criteria can be used: -- the sets of tests skipped in the default config and the full config must be - the same before and after the PR that implements step 3; -- the set of tests skipped in the driver-only build is the same as in an - equivalent software-based configuration, or the difference is small enough, - justified, and a github issue is created to track it. - -Note that the favourable case is when the number of tests skipped is 0 in the -driver-only build. In other cases, analysis of the outcome files is needed, -see the example script `outcome-analysis.sh` in the same directory. +1. The sets of tests skipped in the default config and the full config must be + the same before and after the PR that implements step 3. This is tested +manually for each PR that changes dependency declarations by using the script +`outcome-analysis.sh` in the present directory. +2. The set of tests skipped in the driver-only build is the same as in an + equivalent software-based configuration. This is tested automatically by the +CI in the "Results analysis" stage, by running +`tests/scripts/analyze_outcomes.py`. See the +`analyze_driver_vs_reference_xxx` actions in the script and the comments above +their declaration for how to do that locally. Migrating away from the legacy API diff --git a/docs/architecture/psa-migration/syms.sh b/docs/architecture/psa-migration/syms.sh index 5c34b28d1..1e1ec8c29 100755 --- a/docs/architecture/psa-migration/syms.sh +++ b/docs/architecture/psa-migration/syms.sh @@ -17,13 +17,20 @@ # # Purpose # -# Show symbols in the X.509 and TLS libraries that are defined in another -# libmbedtlsXXX.a library. This is usually done to list Crypto dependencies. +# Show external links in built libraries (X509 or TLS) or modules. This is +# usually done to list Crypto dependencies or to check modules' +# interdependencies. # # Usage: # - build the library with debug symbols and the config you're interested in # (default, full minus MBEDTLS_USE_PSA_CRYPTO, full, etc.) -# - run this script with the name of your config as the only argument +# - launch this script with 1 or more arguments depending on the analysis' goal: +# - if only 1 argument is used (which is the name of the used config, +# ex: full), then the analysis is done on libmbedx509 and libmbedtls +# libraries by default +# - if multiple arguments are provided, then modules' names (ex: pk, +# pkparse, pkwrite, etc) are expected after the 1st one and the analysis +# will be done on those modules instead of the libraries. set -eu @@ -35,10 +42,21 @@ syms() { nm "$FILE" | sed -n "s/[0-9a-f ]*${TYPE} \(mbedtls_.*\)/\1/p" | sort -u } +# Check if the provided name refers to a module or library and return the +# same path with proper extension +get_file_with_extension() { + BASE=$1 + if [ -f $BASE.o ]; then + echo $BASE.o + elif [ -f $BASE.a ]; then + echo $BASE.a + fi +} + # create listings for the given library list() { NAME="$1" - FILE="library/libmbed${NAME}.a" + FILE=$(get_file_with_extension "library/${NAME}") PREF="${CONFIG}-$NAME" syms '[TRrD]' $FILE > ${PREF}-defined @@ -54,5 +72,14 @@ list() { CONFIG="${1:-unknown}" -list x509 -list tls +# List of modules to check is provided as parameters +if [ $# -gt 1 ]; then + shift 1 + ITEMS_TO_CHECK="$@" +else + ITEMS_TO_CHECK="libmbedx509 libmbedtls" +fi + +for ITEM in $ITEMS_TO_CHECK; do + list $ITEM +done diff --git a/docs/architecture/psa-storage-resilience.md b/docs/architecture/psa-storage-resilience.md new file mode 100644 index 000000000..2f190d3f8 --- /dev/null +++ b/docs/architecture/psa-storage-resilience.md @@ -0,0 +1,536 @@ +# PSA storage resilience design + +## Introduction + +The PSA crypto subsystem includes a persistent key store. It is possible to create a persistent key and read it back later. This must work even if the underlying storage exhibits non-nominal behavior. In this document, _resilience_ means correct behavior of the key store even under if the underlying platform behaves in a non-nominal, but still partially controlled way. + +At this point, we are only concerned about one specific form of resilience: to a system crash or power loss. That is, we assume that the underlying platform behaves nominally, except that occasionally it may restart. In the field, this can happen due to a sudden loss of power. + +This document explores the problem space, defines a library design and a test design. + +## Resilience goals for API functions + +**Goal: PSA Crypto API functions are atomic and committing.** + +_Atomic_ means that when an application calls an API function, as far as the application is concerned, at any given point in time, the system is either in a state where the function has not started yet, or in a state where the function has returned. The application never needs to worry about an intermediate state. + +_Committing_ means that when a function returns, the data has been written to the persistent storage. As a consequence, if the system restarts during a sequence of storage modifications $M_1, M_2, \ldots, M_n$, we know that when the system restarts, a prefix of the sequence has been performed. For example, there will never be a situation where $M_2$ has been performed but not $M_1$. + +The committing property is important not only for sequences of operations, but also when reporting the result of an operation to an external system. For example, if a key creation function in the PSA Crypto API reports to the application that a key has been created, and the application reports to a server that the key has been created, it is guaranteed that the key exists even if the system restarts. + +## Assumptions on the underlying file storage + +PSA relies on a PSA ITS (Internal Trusted Storage) interface, which exposes a simple API. There are two functions to modify files: + +* `set()` writes a whole file (either creating it, or replacing the previous content). +* `remove()` removes a file (returning a specific error code if the file does not exist). + +**Assumption: the underlying ITS functions are atomic and committing.** + +Since the underlying functions are atomic, the content of a file is always a version that was previously passed to `set()`. We do not try to handle the case where a file might be partially written. + +## Overview of API functions + +For a transparent key, all key management operations (creation or destruction) on persistent keys rely on a single call to the underlying storage (`set()` for a key creation, `remove()` for a key destruction). This also holds for an opaque key stored in a secure element that does not have its own key store: in this case, the core stores a wrapped (i.e. encrypted) copy of the key material, but this does not impact how the core interacts with the storage. Other API functions do not modify the storage. + +The following case requires extra work related to resilience: + +* [Key management for stateful secure element keys](#designing-key-management-for-secure-element-keys). + +As a consequence, apart from the listed cases, the API calls inherit directly from the [resilience properties of the underyling storage](#assumptions-on-the-underlying-file-storage). We do not need to take any special precautions in the library design, and we do not need to perform any testing of resilience for transparent keys. + +(This section was last updated for Mbed TLS 3.4.0 implementing PSA Crypto API 1.1.) + +## Designing key management for secure element keys + +In this section, we use “(stateful) secure element key” to mean a key stored in a stateful secure element, i.e. a secure element that stores keys. This excludes keys in a stateleess secure element for which the core stores a wrapped copy of the key. We study the problem of how key management in stateful secure elements interacts with storage and explore the design space. + +### Assumptions on stateful secure elements + +**Assumption: driver calls for key management in stateful secure elements are atomic and committing.** + +(For stateless secure elements, this assumption is vacuously true.) + +### Dual management of keys: the problem + +For a secure element key, key management requires a commitment on both sites. For example, consider a successful key creation operation: + +1. The core sends a request to the secure element to create a key. +2. The secure element modifies its key store to create the key. +3. The secure element reports to the core that the key has been created. +4. The core reports to the application that the key has been created. + +If the core loses power between steps 1 and 2, the key does not exist yet. This is fine from an application's perspective since the core has not committed to the key's existence, but the core needs to take care not to leave resources in storage that are related to the non-existent key. If the core loses power between steps 2 and 3, the key exists in the secure element. From an application's perspective, the core may either report that the key exists or that it does not exist, but in the latter case, the core needs to free the key in the secure element, to avoid leaving behind inaccessible resources. + +As a consequence, the content of the storage cannot remain the same between the end of step 1 and the end of step 3, since the core must behave differently depending on whether step 2 has taken place. + +Accomplishing a transaction across system boundaries is a well-known problem in database management, with a well-known solution: two-phase commit. + +### Overview of two-phase commit with stateful secure elements + +With a key in a stateful secure element, a successful creation process goes as follows (see [“Key management in a secure element with storage” in the driver interface specification](../../proposed/psa-driver-interface.html#key-management-in-a-secure-element-with-storage)): + +1. The core calls the driver's `"allocate_key"` entry point. +2. The driver allocates a unique identifier _D_ for the key. This is unrelated to the key identifier _A_ used by the application interface. This step must not modify the state of the secure element. +3. The core updates the storage to indicate that key identifier _A_ has the identifier _D_ in the driver, and that _A_ is in a half-created state. +4. The core calls the driver's key creation entry point, passing it the driver's chosen identifier _D_. +5. The driver creates the key in the secure element. When this happens, it concludes the voting phase of the two-phase commit: effectively, the secure element decides to commit. (It is however possible to revert this commitment by giving the secure element the order to destroy the key.) +6. The core updates the storage to indicate that _A_ is now in a fully created state. This concludes the commit phase of the two-phase commit. + +If there is a loss of power: + +* Before step 3: the system state has not changed at all. As far as the world is concerned, the key creation attempt never happened. +* Between step 3 and step 6: upon restart, the core needs to find out whether the secure element completed step 5 or not, and reconcile the state of the storage with the state of the secure element. +* After step 6: the key has been created successfully. + +Key destruction goes as follows: + +1. The core updates the storage indicating that the key is being destroyed. +2. The core calls the driver's `"destroy_key"` entry point. +3. The secure element destroys the key. +4. The core updates the storage to indicate that the key has been destroyed. + +If there is a loss of power: + +* Before step 1: the system state has not changed at all. As far as the world is concerned, the key destruction attempt never happened. +* Between step 1 and step 4: upon restart, the core needs to find out whether the secure element completed step 3 or not, and reconcile the state of the storage with the state of the secure element. +* After step 4: the key has been destroyed successfully. + +In both cases, upon restart, the core needs to perform a transaction recovery. When a power loss happens, the core decides whether to commit or abort the transaction. + +Note that the analysis in this section assumes that the driver does not update its persistent state during a key management operation (or at least not in a way that is influences the key management process — for example, it might renew an authorization token). + +### Optimization considerations for transactions + +We assume that power failures are rare. Therefore we will primarily optimize for the normal case. Transaction recovery needs to be practical, but does not have to be fully optimized. + +The main quantity we will optimize for is the number of storage updates in the nominal case. This is good for performance because storage writes are likely to dominate the runtime in some hardware configurations where storage writes are slow and communication with the secure element is fast, for key management operations that require a small amount of computation. In addition, minimizing the number of storage updates is good for the longevity of flash media. + +#### Information available during recovery + +The PSA ITS API does not support enumerating files in storage: an ITS call can only access one file identifier. Therefore transaction recovery cannot be done by traversing files whose name is or encodes the key identifier. It must start by traversing a small number of files whose names are independent of the key identifiers involved. + +#### Minimum effort for a transaction + +Per the [assumptions on the underlying file storage](#assumptions-on-the-underlying-file-storage), each atomic operation in the internal storage concerns a single file: either removing it, or setting its content. Furthermore there is no way to enumerate the files in storage. + +A key creation function must transform the internal storage from a state where file `id` does not exist, to a state where file `id` exists and has its desired final content (containing the key attributes and the driver's key identifier). The situation is similar with key destruction, except that the initial and final states are exchanged. Neither the initial state nor the final state reference `id` otherwise. + +For a key that is not in a stateful element, the transaction consists of a single write operation. As discussed previously, this is not possible with a stateful secure element because the state of the internal storage needs to change both before and after the state change in the secure element. No other single-write algorithm works. + +If there is a power failure around the time of changing the state of the secure element, there must be information in the internal storage that indicates that key `id` has a transaction in progress. The file `id` cannot be used for this purpose because there is no way to enumerate all keys (and even if there was, it would not be practical). Therefore the transaction will need to modify some other file `t` with a fixed name (a name that doesn't depend on the key). Since the final system state should be identical to the initial state except for the file `id`, the minimum number of storage operations for a transaction is 3: + +* Write (create or update) a file `t` referencing `id`. +* Write the final state of `id`. +* Restore `t` to its initial state. + +The strategies discussed in the [overview above](#overview-of-two-phase-commit-with-stateful-secure-elements) follow this pattern, with `t` being the file containing the transaction list that the recovery consults. We have just proved that this pattern is optimal. + +Note that this pattern requires the state of `id` to be modified only once. In particular, if a key management involves writing an intermediate state for `id` before modifying the secure element state and writing a different state after that, this will require a total of 4 updates to internal storage. Since we want to minimize the number of storage updates, we will not explore designs that involved updating `id` twice or more. + +### Recovery strategies + +When the core starts, it needs to know about transaction(s) that need to be resumed. This information will be stored in a persistent “transaction list”, with one entry per key. In this section, we explore recovery strategies, and we determine what the transaction list needs to contain as well as when it needs to be updated. Other sections will explore the format of the transaction list, as well as how many keys it needs to contain. + +#### Exploring the recovery decision tree + +There are four cases for recovery when a transaction is in progress. In each case, the core can either decide to commit the transaction (which may require replaying the interrupted part) or abort it (which may require a rewind in the secure element). It may call the secure element driver's `"get_key_attributes"` entry point to find out whether the key is present. + +* Key creation, key not present in the secure element: + * Committing means replaying the driver call in the key creation. This requires all the input, for example the data to import. This seems impractical in general. Also, the second driver call require a new call to `"allocate_key"` which will in general changing the key's driver identifier, which complicates state management in the core. Given the likely complexity, we exclude this strategy. + * Aborting means removing any trace of the key creation. +* Key creation, key present in the secure element: + * Committing means finishing the update of the core's persistent state, as would have been done if the transaction had not been interrupted. + * Aborting means destroying the key in the secure element and removing any local storage used for that key. +* Key destruction, key not present in the secure element: + * Committing means finishing the update of the core's persistent state, as would have been done if the transaction had not been interrupted, by removing any remaining local storage used for that key. + * Aborting would mean re-creating the key in the secure element, which is impossible in general since the key material is no longer present. +* Key destruction, key present in the secure element: + * Committing means finishing the update of the core's persistent state, as would have been done if the transaction had not been interrupted, by removing any remaining local storage used for that key and destroying the key in the secure element. + * Aborting means keeping the key. This requires no action on the secure element, and is only practical locally if the local storage is intact. + +#### Comparing recovery strategies + +From the analysis above, assuming that all keys are treated in the same way, there are 4 possible strategies. + +* [Always follow the state of the secure element](#exploring-the-follow-the-secure-element-strategy). This requires the secure element driver to have a `"get_key_attributes"` entry point. Recovery means resuming the operation where it left off. For key creation, this means that the key metadata needs to be saved before calling the secure element's key creation entry point. +* Minimize the information processing: [always destroy the key](#exploring-the-always-destroy-strategy), i.e. abort all key creations and commit all key destructions. This does not require querying the state of the secure element. This does not require any special precautions to preserve information about the key during the transaction. It simplifies recovery in that the recovery process might not even need to know whether it's recovering a key creation or a key destruction. +* Follow the state of the secure element for key creation, but always go ahead with key destruction. This requires the secure element driver to have a `"get_key_attributes"` entry point. Compared to always following the state of the secure element, this has the advantage of maximizing the chance that a command to destroy key material is effective. Compared to always destroying the key, this has a performance advantage if a key creation is interrupted. These do not seem like decisive advantages, so we will not consider this strategy further. +* Always abort key creation, but follow the state of the secure element for key destruction. I can't think of a good reason to choose this strategy. + +Requiring the driver to have a `"get_key_attributes"` entry point is potentially problematic because some secure elements don't have room to store key attributes: a key slot always exists, and it's up to the user to remember what, if anything, they put in it. The driver has to remember anyway, so that it can find a free slot when creating a key. But with a recovery strategy that doesn't involve a `"get_key_attributes"` entry point, the driver design is easier: the driver doesn't need to protect the information about slots in use against a power failure, the core takes care of that. + +#### Exploring the follow-the-secure-element strategy + +Each entry in the transaction list contains the API key identifier, the key lifetime (or at least the location), the driver key identifier (not constant-size), and an indication of whether the key is being created or destroyed. + +For key creation, we have all the information to store in the key file once the `"allocate_key"` call returns. We must store all the information that will go in the key file before calling the driver's key creation entry point. Therefore the normal sequence of operations is: + +1. Call the driver's `"allocate_key"` entry point. +2. Add the key to the transaction list, indicating that it is being created. +3. Write the key file. +4. Call the driver's key creation entry point. +5. Remove the key from the transaction list. + +During recovery, for each key in the transaction list that was being created: + +* If the key exists in the secure element, just remove it from the transaction list. +* If the key does not exist in the secure element, first remove the key file if it is present, then remove the key from the transaction list. + +For key destruction, we need to preserve the key file until after the key has been destroyed. Therefore the normal sequence of operations is: + +1. Add the key to the transaction list, indicating that it is being destroyed. +2. Call the driver's `"destroy_key"` entry point. +3. Remove the key file. +4. Remove the key from the transaction list. + +During recovery, for each key in the transaction list that was being created: + +* If the key exists in the secure element, call the driver's `"destroy_key"` entry point, then remove the key file, and finally remote the key from the transaction lits. +* If the key does not exist in the secure element, remove the key file if it is still present, then remove the key from the transaction list. + +#### Exploring the always-destroy strategy + +Each entry in the transaction list contains the API key identifier, the key lifetime (or at least the location), and the driver key identifier (not constant-size). + +For key creation, we do not need to store the key's metadata until it has been created in the secure element. Therefore the normal sequence of operations is: + +1. Call the driver's `"allocate_key"` entry point. +2. Add the key to the transaction list. +3. Call the driver's key creation entry point. +4. Write the key file. +5. Remove the key from the transaction list. + +For key destruction, we can remove the key file before contacting the secure element. Therefore the normal sequence of operations is: + +1. Add the key to the transaction list. +2. Remove the key file. +3. Call the driver's `"destroy_key"` entry point. +4. Remove the key from the transaction list. + +Recovery means removing all traces of all keys on the transaction list. This means following the destruction process, starting after the point where the key has been added to the transaction list, and ignoring any failure of a removal action if the item to remove does not exist: + +1. Remove the key file, treating `DOES_NOT_EXIST` as a success. +2. Call the driver's `"destroy_key"` entry point, treating `DOES_NOT_EXIST` as a success. +3. Remove the key from the transaction list. + +#### Always-destroy strategy with a simpler transaction file + +We can modify the [always-destroy strategy](#exploring-the-always-destroy-strategy) to make the transaction file simpler: if we ensure that the key file always exists if the key exists in the secure element, then the transaction list does not need to include the driver key identifier: it can be read from the key file. + +For key creation, we need to store the key's metadata before creating in the secure element. Therefore the normal sequence of operations is: + +1. Call the driver's `"allocate_key"` entry point. +2. Add the key to the transaction list. +3. Write the key file. +4. Call the driver's key creation entry point. +5. Remove the key from the transaction list. + +For key destruction, we need to contact the secure element before removing the key file. Therefore the normal sequence of operations is: + +1. Add the key to the transaction list. +2. Call the driver's `"destroy_key"` entry point. +3. Remove the key file. +4. Remove the key from the transaction list. + +Recovery means removing all traces of all keys on the transaction list. This means following the destruction process, starting after the point where the key has been added to the transaction list, and ignoring any failure of a removal action if the item to remove does not exist: + +1. Load the driver key identifier from the key file. If the key file does not exist, skip to step 4. +2. Call the driver's `"destroy_key"` entry point, treating `DOES_NOT_EXIST` as a success. +3. Remove the key file, treating `DOES_NOT_EXIST` as a success. +4. Remove the key from the transaction list. + +Compared with the basic always-destroy strategy: + +* The transaction file handling is simpler since its entries have a fixed size. +* The flow of information is somewhat different from transparent keys and keys in stateless secure elements: we aren't just replacing “create the key material” by “tell the secure element to create the key material”, those happen at different times. But there's a different flow for stateful secure elements anyway, since the call to `"allocate_key"` has no analog in the stateless secure element or transparent cases. + +#### Assisting secure element drivers with recovery + +The actions of the secure element driver may themselves be non-atomic. So the driver must be given a chance to perform recovery. + +To simplify the design of the driver, the core should guarantee that the driver will know if a transaction was in progress and the core cannot be sure about the state of the secure element. Merely calling a read-only entry point such as `"get_key_attributes"` does not provide enough information to the driver for it to know that it should actively perform recovery related to that key. + +This gives an advantage to the “always destroy” strategy. Under this strategy, if the key might be in a transitional state, the core will request a key destruction from the driver. This means that, if the driver has per-key auxiliary data to clean up, it can bundle that as part of the key's destruction. + +### Testing non-atomic processes + +In this section, we discuss how to test non-atomic processes that must implement an atomic and committing interface. As discussed in [“Overview of API functions”](#overview-of-api-functions), this concerns key management in stateful secure elements. + +#### Naive test strategy for non-atomic processes + +Non-atomic processes consist of a series of atomic, committing steps. + +Our general strategy to test them is as follows: every time there is a modification of persistent state, either in storage or in the (simulated) secure element, try both the nominal case and simulating a power loss. If a power loss occurs, restart the system (i.e. clean up and call `psa_crypto_init()`), and check that the system ends up in a consistent state. + +Note that this creates a binary tree of possibilities: after each state modification, there may or may not be a restart, and after that different state modifications may occur, each of which may or may not be followed by a restart. + +For example, consider testing of one key creation operation (see [“Overview of two-phase commit with stateful secure elements”](#overview-of-two-phase-commit-with-stateful-secure-elements), under the simplifying assumption that each storage update step, as well as the recovery after a restart, each make a single (atomic) storage modification and no secure element access. The nominal case consists of three state modifications: storage modification (start transaction), creation on the secure element, storage modification (commit transaction). We need to test the following sequences: + +* Start transaction, restart, recovery. +* Start transaction, secure element operation, restart, recovery. +* Start transaction, secure element operation, commit transaction. + +If, for example, recovery consists of two atomic steps, the tree of possibilities expands and may be infinite: + +* Start transaction, restart, recovery step 1, restart, recovery step 1, recovery step 2. +* Start transaction, restart, recovery step 1, restart, recovery step 1, restart, recovery step 1, recovery step 2. +* Start transaction, restart, recovery step 1, restart, recovery step 1, restart, recovery step 1, restart, recovery step 1, recovery step 2. +* etc. +* Start transaction, secure element operation, restart, ... +* Start transaction, secure element operation, commit transaction. + +In order to limit the possibilities, we need to make some assumptions about the recovery step. For example, if we have confidence that recovery step 1 is idempotent (i.e. doing it twice is the same as doing it once), we don't need to test what happens in execution sequences that take recovery step 1 more than twice in a row. + +### Splitting normal behavior and transaction recovery + +We introduce an abstraction level in transaction recovery: + +* Normal operation must maintain a certain invariant on the state of the world (internal storage and secure element). +* Transaction recovery is defined over all states of the world that satisfy this invariant. + +This separation of concerns greatly facilitates testing, since it is now split into two parts: + +* During the testing of normal operation, we can use read-only invasive testing to ensure that the invariant is maintained. No modification of normal behavior (such as simulated power failures) is necessary. +* Testing of transaction recovery is independent of how the system state was reached. We only need to artificially construct a representative sample of system states that match the invariant. Transaction recovery is itself an operation that must respect the invariant, and so we do not need any special testing for the case of an interrupted recovery. + +Another benefit of this approach is that it is easier to specify and test what happens if the library is updated on a device with leftovers from an interrupted transaction. We will require and test that the new version of the library supports recovery of the old library's states, without worrying how those states were reached. + +#### Towards an invariant for transactions + +As discussed in the section [“Recovery strategies”](#recovery-strategies), the information about active transactions is stored in a transaction list file. The name of the transaction list file does not depend on the identifiers of the keys in the list, but there may be more than one transaction list, for example one per secure element. If so, each transaction list can be considered independently. + +When no transaction is in progress, the transaction list does not exist, or is empty. The empty case must be supported because this is the initial state of the filesystem. When no transaction is in progress, the state of the secure element must be consistent with references to keys in that secure element contained in key files. More generally, if a key is not in the transaction list, then the key must be present in the secure element if and only if the key file is in the internal storage. + +For the purposes of the state invariant, it matters whether the transaction list file contains the driver key identifier, or if the driver key identifier is only stored in the key file. This is because the core needs to know the driver key id in order to access the secure element. If the transaction list does not contain the driver key identifier, and the key file does not exist, the key must not be present in the secure element. + +We thus have two scenarios, each with their own invariant: one where the transaction list contains only key identifiers, and one where it also contains the secure element's key identifier (as well as the location of the secure element if this is not encoded in the name of the transaction list file). + +#### Storage invariant if the transaction list contains application key identifiers only + +Invariants: + +* If the file `id` does not exist, then no resources corresponding to that key are in a secure element. This holds whether `id` is in the transaction list or not. +* If `id` is not in the transaction list and the file `id` exists and references a key in a stateful secure element, then the key is present in the secure element. + +If `id` is in the transaction list and the file `id` exists, the key may or may not be present in the secure element. + +The invariant imposes constraints on the [order of operations for the two-phase commit](#overview-of-two-phase-commit-with-stateful-secure-elements): key creation must create `id` before calling the secure element's key creation entry point, and key destruction must remove `id` after calling the secure element's key destruction entry point. + +For recovery: + +* If the file `id` does not exist, then nothing needs to be done for recovery, other than removing `id` from the transaction list. +* If the file `id` exists: + * It is correct to destroy the key in the secure element (treating a `DOES_NOT_EXIST` error as a success), then remove `id`. + * It is correct to check whether the key exists in the secure element, and if it does, keep it and keep `id`. If not, remove `id` from the internal storage. + +#### Storage invariant if the transaction list contains driver key identifiers + +Invariants: + +* If `id` is not in the transaction list and the file `id` does not exist, then no resources corresponding to that key are in a secure element. +* If `id` is not in the transaction list and the file `id` exists, then the key is present in the secure element. + +If `id` is in the transaction list, neither the state of `id` in the internal storage nor the state of the key in the secure element is known. + +For recovery: + +* If the file `id` does not exist, then destroy the key in the secure element (treating a `DOES_NOT_EXIST` error as a success). +* If the file `id` exists: + * It is correct to destroy the key in the secure element (treating a `DOES_NOT_EXIST` error as a success), then remove `id`. + * It is correct to check whether the key exists in the secure element, and if it does, keep it and keep `id`. If not, remove `id` from the internal storage. + +#### Coverage of states that respect the invariant + +For a given key, we have to consider three a priori independent boolean states: + +* Whether the key file exists. +* Whether the key is in the secure element. +* Whether the key is in the transaction list. + +There is full coverage for one key if we have tests of recovery for the states among these $2^3 = 8$ possibilities that satisfy the storage invariant. + +In addition, testing should adequately cover the case of multiple keys in the transaction list. How much coverage is adequate depends on the layout of the list as well as white-box considerations of how the list is manipulated. + +### Choice of a transaction design + +#### Chosen transaction algorithm + +Based on [“Optimization considerations for transactions”](#optimization-considerations-for-transactions), we choose a transaction algorithm that consists in the following operations: + +1. Add the key identifier to the transaction list. +2. Call the secure element's key creation or destruction entry point. +3. Remove the key identifier from the transaction list. + +In addition, before or after step 2, create or remove the key file in the internal storage. + +In order to conveniently support multiple transactions at the same time, we pick the simplest possible layout for the transaction list: a simple array of key identifiers. Since the transaction list does not contain the driver key identifier: + +* During key creation, create the key file in internal storage in the internal storage before calling the secure element's key creation entry point. +* During key destruction, call the secure element's key destruction entry point before removing the key file in internal storage. + +This choice of algorithm does not require the secure element driver to have a `"get_key_attributes"` entry point. + +#### Chosen storage invariant + +The [storage invariant](#storage-invariant-if-the-transaction-list-contains-application-key-identifiers-only) is as follows: + +* If the file `id` does not exist, then no resources corresponding to that key are in a secure element. This holds whether `id` is in the transaction list or not. +* If `id` is not in the transaction list and the file `id` exists and references a key in a stateful secure element, then the key is present in the secure element. +* If `id` is in the transaction list and a key exists by that identifier, the key's location is a stateful secure element. + +#### Chosen recovery process + +To [assist secure element drivers with recovery](#assisting-secure-element-drivers-with-recovery), we pick the [always-destroy recovery strategy with a simple transaction file](#always-destroy-strategy-with-a-simpler-transaction-file). The the recovery process is as follows: + +* If the file `id` does not exist, then nothing needs to be done for recovery, other than removing `id` from the transaction list. +* If the file `id` exists, call the secure element's key destruction entry point (treating a `DOES_NOT_EXIST` error as a success), then remove `id`. + +## Specification of key management in stateful secure elements + +This section only concerns stateful secure elements as discussed in [“Designing key management for secure element keys”](#designing-key-management-for-secure-element-keys), i.e. secure elements with an `"allocate_key"` entry point. The design follows the general principle described in [“Overview of two-phase commit with stateful secure elements”](#overview-of-two-phase-commit-with-stateful-secure-elements) and the specific choices justified in [“Choice of a transaction design”](choice-of-a-transaction-design). + +### Transaction list file manipulation + +The transaction list is a simple array of key identifiers. + +To add a key identifier to the list: + +1. Load the current list from the transaction list if it exists and it is not already cached in memory. +2. Append the key identifier to the array. +3. Write the updated list file. + +To remove a key identifier from the list: + +1. Load the current list if it is not already cached in memory. It is an error if the file does not exist since it must contain this identifier. +2. Remove the key identifier from the array. If it wasn't the last element in array, move array elements to fill the hole. +3. If the list is now empty, remove the transaction list file. Otherwise write the updated list to the file. + +### Key creation process in the core + +Let _A_ be the application key identifier. + +1. Call the driver's `"allocate_key"` entry point, obtaining the driver key identifier _D_ chosen by the driver. +2. Add _A_ [to the transaction list file](#transaction-list-file-manipulation). +3. Create the key file _A_ in the internal storage. Note that this is done at a different time from what happens when creating a transparent key or a key in a stateless secure element: in those cases, creating the key file happens after the actual creation of the key material. +4. Call the secure element's key creation entry point. +5. Remove _A_ [from the transaction list file](#transaction-list-file-manipulation). + +If any step fails: + +* If the secure element's key creation entry point has been called and succeeded, call the secure element's destroy entry point. +* If the key file has been created in the internal storage, remove it. +* Remove the key from the transaction list. + +Note that this process is identical to key destruction, except that the key is already in the transaction list. + +### Key destruction process in the core + +Let _A_ be the application key identifier. + +We assume that the key is loaded in a key slot in memory: the core needs to know the key's location in order to determine whether the key is in a stateful secure element, and if so to know the driver key identifier. A possible optimization would be to load only that information in local variables, without occupying a key store; this has the advantage that key destruction works even if the key store is full. + +1. Add _A_ [to the transaction list file](#transaction-list-file-manipulation). +2. Call the secure element's `"destroy_key"` entry point. +3. Remove the key file _A_ from the internal storage. +4. Remove _A_ [from the transaction list file](#transaction-list-file-manipulation). +5. Free the corresponding key slot in memory. + +If any step fails, remember the error but continue the process, to destroy the resources associated with the key as much as is practical. + +### Transaction recovery + +For each key _A_ in the transaction list file, if the file _A_ exists in the internal storage: + +1. Load the key into a key slot in memory (to get its location and the driver key identifier, although we could get the location from the transaction list). +2. Call the secure element's `"destroy_key"` entry point. +3. Remove the key file _A_ from the internal storage. +4. Remove _A_ [from the transaction list file](#transaction-list-file-manipulation). +5. Free the corresponding key slot in memory. + +The transaction list file can be processed in any order. + +It is correct to update the transaction list after recovering each key, or to only delete the transaction list file once the recovery is over. + +### Concrete format of the transaction list file + +The transaction list file contains a [fixed header](#transaction-list-header-format) followed by a list of [fixed-size elements](#transaction-list-element-format). + +The file uid is `PSA_CRYPTO_ITS_TRANSACTION_LIST_UID` = 0xffffff53. + +#### Transaction list header format + +* Version (2 bytes): 0x0003. (Chosen to differ from the first two bytes of a [dynamic secure element transaction file](#dynamic-secure-element-transaction-file), to reduce the risk of a mix-up.) +* Key name size (2 bytes): `sizeof(psa_storage_uid_t)`. Storing this size avoids reading bad data if Mbed TLS is upgraded to a different integration that names keys differently. + +#### Transaction list element format + +In practice, there will rarely be more than one active transaction at a time, so the size of an element is not critical for efficiency. Therefore, in addition to the key identifier which is required, we add some potentially useful information in case it becomes useful later. We do not put the driver key identifier because its size is not a constant. + +* Key id: `sizeof(psa_storage_uid_t)` bytes. +* Key lifetime: 4 bytes (`sizeof(psa_key_lifetime_t)`). Currently unused during recovery. +* Operation type: 1 byte. Currently unused during recovery. + * 0: destroy key. + * 1: import key. + * 2: generate key. + * 3: derive key. + * 4: import key. +* Padding: 3 bytes. Reserved for future use. Currently unused during recovery. + +#### Dynamic secure element transaction file + +Note that the code base already references a “transaction file” (`PSA_CRYPTO_ITS_TRANSACTION_UID` = 0xffffff54), used by dynamic secure elements (feature enabled with `MBEDTLS_PSA_CRYPTO_SE_C`). This is a deprecated feature that has not been fully implemented: when this feature is enabled, the transaction file gets written during transactions, but if it exists when PSA crypto starts, `psa_crypto_init()` fails because [recovery has never been implemented](https://github.com/ARMmbed/mbed-crypto/issues/218). + +For the new kind of secure element driver, we pick a different file name to avoid any mixup. + +## Testing key management in secure elements + +### Instrumentation for checking the storage invariant + +#### Test hook locations + +When `MBEDTLS_TEST_HOOKS` is enabled, each call to `psa_its_set()` or `psa_its_remove()` also calls a test hook, passing the file UID as an argument to the hook. + +When a stateful secure element driver is present in the build, we use this hook to verify that the storage respects the [storage invariant](#chosen-storage-invariant). In addition, if there is some information about key ongoing operation (set explicitly by the test function as a global variable in the test framework), the hook tests that the content of the storage is compatible with the ongoing operation. + +#### Test hook behavior + +The storage invariant check cannot check all keys in storage, and does not need to (for example, it would be pointless to check anything about transparent keys). It checks the following keys: + +* When invoked from the test hook on a key file: on that key. +* When invoked from the test hook on the transaction file: on all the keys listed in the transaction file. +* When invoked from a test secure element: on the specified key. + +#### Test hook extra data + +Some tests set global variables to indicate which persistent keys they manipulate. We instrument at least some of these tests to also indicate what operation is in progress on the key. See the GitHub issues or the source code for details. + +### Testing of transaction recovery + +When no secure element driver is present in the build, the presence of a transaction list file during initialization is an error. + +#### Recovery testing process + +When the stateful test secure element driver is present in the build, we run test cases on a representative selection of states of the internal storage and the test secure element. Each test case for transaction recovery has the following form: + +1. Create the initial state: + * Create a transaction list file with a certain content. + * Create key files that we want to have in the test. + * Call the secure element test driver to create keys without going throught the PSA API. +2. Call `psa_crypto_init()`. Expect success if the initial state satisfies the [storage invariant](#chosen-storage-invariant) and failure otherwise. +3. On success, check that the expected keys exist, and that keys that are expected to have been destroyed by recovery do not exist. +4. Clean up the storage and the secure element test driver's state. + +#### States to test recovery on + +For a given key located in a secure element, the following combination of states are possible: + +* Key file: present, absent. +* Key in secure element: present, absent. +* Key in the transaction file: no, creation (import), destruction. + +We test all $2 \times 2 \times 3 = 12$ possibilities, each in its own test case. In each case, call the test function that checks the storage invariant and check that its result is as expected. Then, if the storage invariant is met, follow the [recovery testing process](#recovery-testing-process). + +In addition, have at least one positive test case for each creation method other than import, to ensure that we don't reject a valid value. + +Note: testing of a damaged filesystem (including a filesystem that doesn't meet the invariant) is out of scope of the present document. diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md new file mode 100644 index 000000000..06bdcc056 --- /dev/null +++ b/docs/architecture/psa-thread-safety.md @@ -0,0 +1,300 @@ +Thread safety of the PSA subsystem +================================== + +## Requirements + +### Backward compatibility requirement + +Code that is currently working must keep working. There can be an exception for code that uses features that are advertised as experimental; for example, it would be annoying but ok to add extra requirements for drivers. + +(In this section, “currently” means Mbed TLS releases without proper concurrency management: 3.0.0, 3.1.0, and any other subsequent 3.x version.) + +In particular, if you either protect all PSA calls with a mutex, or only ever call PSA functions from a single thread, your application currently works and must keep working. If your application currently builds and works with `MBEDTLS_PSA_CRYPTO_C` and `MBEDTLS_THREADING_C` enabled, it must keep building and working. + +As a consequence, we must not add a new platform requirement beyond mutexes for the base case. It would be ok to add new platform requirements if they're only needed for PSA drivers, or if they're only performance improvements. + +Tempting platform requirements that we cannot add to the default `MBEDTLS_THREADING_C` include: + +* Releasing a mutex from a different thread than the one that acquired it. This isn't even guaranteed to work with pthreads. +* New primitives such as semaphores or condition variables. + +### Correctness out of the box + +If you build with `MBEDTLS_PSA_CRYPTO_C` and `MBEDTLS_THREADING_C`, the code must be functionally correct: no race conditions, deadlocks or livelocks. + +The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/overview/conventions.html#concurrent-calls) defines minimum expectations for concurrent calls. They must work as if they had been executed one at a time, except that the following cases have undefined behavior: + +* Destroying a key while it's in use. +* Concurrent calls using the same operation object. (An operation object may not be used by more than one thread at a time. But it can move from one thread to another between calls.) +* Overlap of an output buffer with an input or output of a concurrent call. +* Modification of an input buffer during a call. + +Note that while the specification does not define the behavior in such cases, Mbed TLS can be used as a crypto service. It's acceptable if an application can mess itself up, but it is not acceptable if an application can mess up the crypto service. As a consequence, destroying a key while it's in use may violate the security property that all key material is erased as soon as `psa_destroy_key` returns, but it may not cause data corruption or read-after-free inside the key store. + +### No spinning + +The code must not spin on a potentially non-blocking task. For example, this is proscribed: +``` +lock(m); +while (!its_my_turn) { + unlock(m); + lock(m); +} +``` + +Rationale: this can cause battery drain, and can even be a livelock (spinning forever), e.g. if the thread that might unblock this one has a lower priority. + +### Driver requirements + +At the time of writing, the driver interface specification does not consider multithreaded environments. + +We need to define clear policies so that driver implementers know what to expect. Here are two possible policies at two ends of the spectrum; what is desirable is probably somewhere in between. + +* Driver entry points may be called concurrently from multiple threads, even if they're using the same key, and even including destroying a key while an operation is in progress on it. +* At most one driver entry point is active at any given time. + +A more reasonable policy could be: + +* By default, each driver only has at most one entry point active at any given time. In other words, each driver has its own exclusive lock. +* Drivers have an optional `"thread_safe"` boolean property. If true, it allows concurrent calls to this driver. +* Even with a thread-safe driver, the core never starts the destruction of a key while there are operations in progress on it, and never performs concurrent calls on the same multipart operation. + +### Long-term performance requirements + +In the short term, correctness is the important thing. We can start with a global lock. + +In the medium to long term, performing a slow or blocking operation (for example, a driver call, or an RSA decryption) should not block other threads, even if they're calling the same driver or using the same key object. + +We may want to go directly to a more sophisticated approach because when a system works with a global lock, it's typically hard to get rid of it to get more fine-grained concurrency. + +### Key destruction short-term requirements + +#### Summary of guarantees in the short term + +When `psa_destroy_key` returns: + +1. The key identifier doesn't exist. Rationale: this is a functional requirement for persistent keys: the caller can immediately create a new key with the same identifier. +2. The resources from the key have been freed. Rationale: in a low-resource condition, this may be necessary for the caller to re-create a similar key, which should be possible. +3. The call must not block indefinitely, and in particular cannot wait for an event that is triggered by application code such as calling an abort function. Rationale: this may not strictly be a functional requirement, but it is an expectation `psa_destroy_key` does not block forever due to another thread, which could potentially be another process on a multi-process system. In particular, it is only acceptable for `psa_destroy_key` to block, when waiting for another thread to complete a PSA Cryptography API call that it had already started. + +When `psa_destroy_key` is called on a key that is in use, guarantee 2. might be violated. (This is consistent with the requirement [“Correctness out of the box”](#correctness-out-of-the-box), as destroying a key while it's in use is undefined behavior.) + +### Key destruction long-term requirements + +The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#key-destruction) mandates that implementations make a best effort to ensure that the key material cannot be recovered. In the long term, it would be good to guarantee that `psa_destroy_key` wipes all copies of the key material. + +#### Summary of guarantees in the long term + +When `psa_destroy_key` returns: + +1. The key identifier doesn't exist. Rationale: this is a functional requirement for persistent keys: the caller can immediately create a new key with the same identifier. +2. The resources from the key have been freed. Rationale: in a low-resource condition, this may be necessary for the caller to re-create a similar key, which should be possible. +3. The call must not block indefinitely, and in particular cannot wait for an event that is triggered by application code such as calling an abort function. Rationale: this may not strictly be a functional requirement, but it is an expectation `psa_destroy_key` does not block forever due to another thread, which could potentially be another process on a multi-process system. In particular, it is only acceptable for `psa_destroy_key` to block, when waiting for another thread to complete a PSA Cryptography API call that it had already started. +4. No copy of the key material exists. Rationale: this is a security requirement. We do not have this requirement yet, but we need to document this as a security weakness, and we would like to satisfy this security requirement in the future. + +As opposed to the short term requirements, all the above guarantees hold even if `psa_destroy_key` is called on a key that is in use. + +## Resources to protect + +Analysis of the behavior of the PSA key store as of Mbed TLS 9202ba37b19d3ea25c8451fd8597fce69eaa6867. + +### Global variables + +* `psa_crypto_slot_management::global_data.key_slots[i]`: see [“Key slots”](#key-slots). + +* `psa_crypto_slot_management::global_data.key_slots_initialized`: + * `psa_initialize_key_slots`: modification. + * `psa_wipe_all_key_slots`: modification. + * `psa_get_empty_key_slot`: read. + * `psa_get_and_lock_key_slot`: read. + +* `psa_crypto::global_data.rng`: depends on the RNG implementation. See [“Random generator”](#random-generator). + * `psa_generate_random`: query. + * `mbedtls_psa_crypto_configure_entropy_sources` (only if `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is enabled): setup. Only called from `psa_crypto_init` via `mbedtls_psa_random_init`, or from test code. + * `mbedtls_psa_crypto_free`: deinit. + * `psa_crypto_init`: seed (via `mbedtls_psa_random_seed`); setup via `mbedtls_psa_crypto_configure_entropy_sources. + +* `psa_crypto::global_data.{initialized,rng_state}`: these are bit-fields and cannot be modified independently so they must be protected by the same mutex. The following functions access these fields: + * `mbedtls_psa_crypto_configure_entropy_sources` [`rng_state`] (only if `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is enabled): read. Only called from `psa_crypto_init` via `mbedtls_psa_random_init`, or from test code. + * `mbedtls_psa_crypto_free`: modification. + * `psa_crypto_init`: modification. + * Many functions via `GUARD_MODULE_INITIALIZED`: read. + +### Key slots + +#### Key slot array traversal + +“Occupied key slot” is determined by `psa_is_key_slot_occupied` based on `slot->attr.type`. + +The following functions traverse the key slot array: + +* `psa_get_and_lock_key_slot_in_memory`: reads `slot->attr.id`. +* `psa_get_and_lock_key_slot_in_memory`: calls `psa_lock_key_slot` on one occupied slot. +* `psa_get_empty_key_slot`: calls `psa_is_key_slot_occupied`. +* `psa_get_empty_key_slot`: calls `psa_wipe_key_slot` and more modifications on one occupied slot with no active user. +* `psa_get_empty_key_slot`: calls `psa_lock_key_slot` and more modification on one unoccupied slot. +* `psa_wipe_all_key_slots`: writes to all slots. +* `mbedtls_psa_get_stats`: reads from all slots. + +#### Key slot state + +The following functions modify a slot's usage state: + +* `psa_lock_key_slot`: writes to `slot->lock_count`. +* `psa_unlock_key_slot`: writes to `slot->lock_count`. +* `psa_wipe_key_slot`: writes to `slot->lock_count`. +* `psa_destroy_key`: reads `slot->lock_count`, calls `psa_lock_key_slot`. +* `psa_wipe_all_key_slots`: writes to all slots. +* `psa_get_empty_key_slot`: writes to `slot->lock_count` and calls `psa_wipe_key_slot` and `psa_lock_key_slot` on one occupied slot with no active user; calls `psa_lock_key_slot` on one unoccupied slot. +* `psa_close_key`: reads `slot->lock_count`; calls `psa_get_and_lock_key_slot_in_memory`, `psa_wipe_key_slot` and `psa_unlock_key_slot`. +* `psa_purge_key`: reads `slot->lock_count`; calls `psa_get_and_lock_key_slot_in_memory`, `psa_wipe_key_slot` and `psa_unlock_key_slot`. + +**slot->attr access:** +`psa_crypto_core.h`: +* `psa_key_slot_set_flags` - writes to attr.flags +* `psa_key_slot_set_bits_in_flags` - writes to attr.flags +* `psa_key_slot_clear_bits` - writes to attr.flags +* `psa_is_key_slot_occupied` - reads attr.type (but see “[Determining whether a key slot is occupied](#determining-whether-a-key-slot-is-occupied)”) +* `psa_key_slot_get_flags` - reads attr.flags + +`psa_crypto_slot_management.c`: +* `psa_get_and_lock_key_slot_in_memory` - reads attr.id +* `psa_get_empty_key_slot` - reads attr.lifetime +* `psa_load_persistent_key_into_slot` - passes attr pointer to psa_load_persistent_key +* `psa_load_persistent_key` - reads attr.id and passes pointer to psa_parse_key_data_from_storage +* `psa_parse_key_data_from_storage` - writes to many attributes +* `psa_get_and_lock_key_slot` - writes to attr.id, attr.lifetime, and attr.policy.usage +* `psa_purge_key` - reads attr.lifetime, calls psa_wipe_key_slot +* `mbedtls_psa_get_stats` - reads attr.lifetime, attr.id + +`psa_crypto.c`: +* `psa_get_and_lock_key_slot_with_policy` - reads attr.type, attr.policy. +* `psa_get_and_lock_transparent_key_slot_with_policy` - reads attr.lifetime +* `psa_destroy_key` - reads attr.lifetime, attr.id +* `psa_get_key_attributes` - copies all publicly available attributes of a key +* `psa_export_key` - copies attributes +* `psa_export_public_key` - reads attr.type, copies attributes +* `psa_start_key_creation` - writes to the whole attr structure +* `psa_validate_optional_attributes` - reads attr.type, attr.bits +* `psa_import_key` - reads attr.bits +* `psa_copy_key` - reads attr.bits, attr.type, attr.lifetime, attr.policy +* `psa_mac_setup` - copies whole attr structure +* `psa_mac_compute_internal` - copies whole attr structure +* `psa_verify_internal` - copies whole attr structure +* `psa_sign_internal` - copies whole attr structure, reads attr.type +* `psa_assymmetric_encrypt` - reads attr.type +* `psa_assymetric_decrypt` - reads attr.type +* `psa_cipher_setup` - copies whole attr structure, reads attr.type +* `psa_cipher_encrypt` - copies whole attr structure, reads attr.type +* `psa_cipher_decrypt` - copies whole attr structure, reads attr.type +* `psa_aead_encrypt` - copies whole attr structure +* `psa_aead_decrypt` - copies whole attr structure +* `psa_aead_setup` - copies whole attr structure +* `psa_generate_derived_key_internal` - reads attr.type, writes to and reads from attr.bits, copies whole attr structure +* `psa_key_derivation_input_key` - reads attr.type +* `psa_key_agreement_raw_internal` - reads attr.type and attr.bits + +#### Determining whether a key slot is occupied + +`psa_is_key_slot_occupied` currently uses the `attr.type` field to determine whether a key slot is occupied. This works because we maintain the invariant that an occupied slot contains key material. With concurrency, it is desirable to allow a key slot to be reserved, but not yet contain key material or even metadata. When creating a key, determining the key type can be costly, for example when loading a persistent key from storage or (not yet implemented) when importing or unwrapping a key using an interface that determines the key type from the data that it parses. So we should not need to hold the global key store lock while the key type is undetermined. + +Instead, `psa_is_key_slot_occupied` should use the key identifier to decide whether a slot is occupied. The key identifier is always readily available: when allocating a slot for a persistent key, it's an input of the function that allocates the key slot; when allocating a slot for a volatile key, the identifier is calculated from the choice of slot. + +#### Key slot content + +Other than what is used to determine the [“key slot state”](#key-slot-state), the contents of a key slot are only accessed as follows: + +* Modification during key creation (between `psa_start_key_creation` and `psa_finish_key_creation` or `psa_fail_key_creation`). +* Destruction in `psa_wipe_key_slot`. +* Read in many functions, between calls to `psa_lock_key_slot` and `psa_unlock_key_slot`. + +**slot->key access:** +* `psa_allocate_buffer_to_slot` - allocates key.data, sets key.bytes; +* `psa_copy_key_material_into_slot` - writes to key.data +* `psa_remove_key_data_from_memory` - writes and reads to/from key data +* `psa_get_key_attributes` - reads from key data +* `psa_export_key` - passes key data to psa_driver_wrapper_export_key +* `psa_export_public_key` - passes key data to psa_driver_wrapper_export_public_key +* `psa_finish_key_creation` - passes key data to psa_save_persistent_key +* `psa_validate_optional_attributes` - passes key data and bytes to mbedtls_psa_rsa_load_representation +* `psa_import_key` - passes key data to psa_driver_wrapper_import_key +* `psa_copy_key` - passes key data to psa_driver_wrapper_copy_key, psa_copy_key_material_into_slot +* `psa_mac_setup` - passes key data to psa_driver_wrapper_mac_sign_setup, psa_driver_wrapper_mac_verify_setup +* `psa_mac_compute_internal` - passes key data to psa_driver_wrapper_mac_compute +* `psa_sign_internal` - passes key data to psa_driver_wrapper_sign_message, psa_driver_wrapper_sign_hash +* `psa_verify_internal` - passes key data to psa_driver_wrapper_verify_message, psa_driver_wrapper_verify_hash +* `psa_asymmetric_encrypt` - passes key data to mbedtls_psa_rsa_load_representation +* `psa_asymmetric_decrypt` - passes key data to mbedtls_psa_rsa_load_representation +* `psa_cipher_setup ` - passes key data to psa_driver_wrapper_cipher_encrypt_setup and psa_driver_wrapper_cipher_decrypt_setup +* `psa_cipher_encrypt` - passes key data to psa_driver_wrapper_cipher_encrypt +* `psa_cipher_decrypt` - passes key data to psa_driver_wrapper_cipher_decrypt +* `psa_aead_encrypt` - passes key data to psa_driver_wrapper_aead_encrypt +* `psa_aead_decrypt` - passes key data to psa_driver_wrapper_aead_decrypt +* `psa_aead_setup` - passes key data to psa_driver_wrapper_aead_encrypt_setup and psa_driver_wrapper_aead_decrypt_setup +* `psa_generate_derived_key_internal` - passes key data to psa_driver_wrapper_import_key +* `psa_key_derivation_input_key` - passes key data to psa_key_derivation_input_internal +* `psa_key_agreement_raw_internal` - passes key data to mbedtls_psa_ecp_load_representation +* `psa_generate_key` - passes key data to psa_driver_wrapper_generate_key + +### Random generator + +The PSA RNG can be accessed both from various PSA functions, and from application code via `mbedtls_psa_get_random`. + +With the built-in RNG implementations using `mbedtls_ctr_drbg_context` or `mbedtls_hmac_drbg_context`, querying the RNG with `mbedtls_xxx_drbg_random()` is thread-safe (protected by a mutex inside the RNG implementation), but other operations (init, free, seed) are not. + +When `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is enabled, thread safety depends on the implementation. + +### Driver resources + +Depends on the driver. The PSA driver interface specification does not discuss whether drivers must support concurrent calls. + +## Simple global lock strategy + +Have a single mutex protecting all accesses to the key store and other global variables. In practice, this means every PSA API function needs to take the lock on entry and release on exit, except for: + +* Hash function. +* Accessors for key attributes and other local structures. + +Note that operation functions do need to take the lock, since they need to prevent the destruction of the key. + +Note that this does not protect access to the RNG via `mbedtls_psa_get_random`, which is guaranteed to be thread-safe when `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is disabled. + +This approach is conceptually simple, but requires extra instrumentation to every function and has bad performance in a multithreaded environment since a slow operation in one thread blocks unrelated operations on other threads. + +## Global lock excluding slot content + +Have a single mutex protecting all accesses to the key store and other global variables, except that it's ok to access the content of a key slot without taking the lock if one of the following conditions holds: + +* The key slot is in a state that guarantees that the thread has exclusive access. +* The key slot is in a state that guarantees that no other thread can modify the slot content, and the accessing thread is only reading the slot. + +Note that a thread must hold the global mutex when it reads or changes a slot's state. + +### Slot states + +For concurrency purposes, a slot can be in one of three states: + +* UNUSED: no thread is currently accessing the slot. It may be occupied by a volatile key or a cached key. +* WRITING: a thread has exclusive access to the slot. This can only happen in specific circumstances as detailed below. +* READING: any thread may read from the slot. + +A high-level view of state transitions: + +* `psa_get_empty_key_slot`: UNUSED → WRITING. +* `psa_get_and_lock_key_slot_in_memory`: UNUSED or READING → READING. This function only accepts slots in the UNUSED or READING state. A slot with the correct id but in the WRITING state is considered free. +* `psa_unlock_key_slot`: READING → UNUSED or READING. +* `psa_finish_key_creation`: WRITING → READING. +* `psa_fail_key_creation`: WRITING → UNUSED. +* `psa_wipe_key_slot`: any → UNUSED. If the slot is READING or WRITING on entry, this function must wait until the writer or all readers have finished. (By the way, the WRITING state is possible if `mbedtls_psa_crypto_free` is called while a key creation is in progress.) See [“Destruction of a key in use”](#destruction of a key in use). + +The current `state->lock_count` corresponds to the difference between UNUSED and READING: a slot is in use iff its lock count is nonzero, so `lock_count == 0` corresponds to UNUSED and `lock_count != 0` corresponds to READING. + +There is currently no indication of when a slot is in the WRITING state. This only happens between a call to `psa_start_key_creation` and a call to one of `psa_finish_key_creation` or `psa_fail_key_creation`. This new state can be conveyed by a new boolean flag, or by setting `lock_count` to `~0`. + +### Destruction of a key in use + +Problem: a key slot is destroyed (by `psa_wipe_key_slot`) while it's in use (READING or WRITING). + +TODO: how do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock). + +Solution: after some team discussion, we've decided to rely on a new threading abstraction which mimics C11 (i.e. `mbedtls_fff` where `fff` is the C11 function name, having the same parameters and return type, with default implementations for C11, pthreads and Windows). We'll likely use condition variables in addition to mutexes. diff --git a/docs/architecture/testing/driver-interface-test-strategy.md b/docs/architecture/testing/driver-interface-test-strategy.md index a726c43eb..380fd39c4 100644 --- a/docs/architecture/testing/driver-interface-test-strategy.md +++ b/docs/architecture/testing/driver-interface-test-strategy.md @@ -1,6 +1,6 @@ -# Mbed Crypto driver interface test strategy +# Mbed TLS driver interface test strategy -This document describes the test strategy for the driver interfaces in Mbed Crypto. Mbed Crypto has interfaces for secure element drivers, accelerator drivers and entropy drivers. This document is about testing Mbed Crypto itself; testing drivers is out of scope. +This document describes the test strategy for the driver interfaces in Mbed TLS. Mbed TLS has interfaces for secure element drivers, accelerator drivers and entropy drivers. This document is about testing Mbed TLS itself; testing drivers is out of scope. The driver interfaces are standardized through PSA Cryptography functional specifications. @@ -16,9 +16,9 @@ Drivers exposing this interface need to be registered at compile time by declari #### Dynamic secure element driver interface -The dynamic secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed Crypto and one or more third-party drivers. +The dynamic secure element driver interface (SE interface for short) is defined by [`psa/crypto_se_driver.h`](../../../include/psa/crypto_se_driver.h). This is an interface between Mbed TLS and one or more third-party drivers. -The SE interface consists of one function provided by Mbed Crypto (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed Crypto, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function. +The SE interface consists of one function provided by Mbed TLS (`psa_register_se_driver`) and many functions that drivers must implement. To make a driver usable by Mbed TLS, the initialization code must call `psa_register_se_driver` with a structure that describes the driver. The structure mostly contains function pointers, pointing to the driver's methods. All calls to a driver function are triggered by a call to a PSA crypto API function. ### SE driver interface unit tests @@ -57,7 +57,7 @@ For each API function that can lead to a driver call (more precisely, for each d #### SE driver outputs -For each API function that leads to a driver call, call it with parameters that cause a driver to be invoked and check how Mbed Crypto handles the outputs. +For each API function that leads to a driver call, call it with parameters that cause a driver to be invoked and check how Mbed TLS handles the outputs. * Correct outputs. * Incorrect outputs such as an invalid output length. diff --git a/docs/architecture/testing/psa-storage-format-testing.md b/docs/architecture/testing/psa-storage-format-testing.md index 5514dfabe..a5c1fd137 100644 --- a/docs/architecture/testing/psa-storage-format-testing.md +++ b/docs/architecture/testing/psa-storage-format-testing.md @@ -47,7 +47,7 @@ The PSA subsystem provides storage on top of the PSA trusted storage interface. * [Storage transaction file](#storage-transaction-resumption). * [Driver state files](#driver-state-files). -For a more detailed description, refer to the [Mbed Crypto storage specification](../mbed-crypto-storage-specification.md). +For a more detailed description, refer to the [Mbed TLS storage specification](../mbed-crypto-storage-specification.md). In addition, Mbed TLS includes an implementation of the PSA trusted storage interface on top of C stdio. This document addresses the test strategy for [PSA ITS over file](#psa-its-over-file) in a separate section below. diff --git a/docs/architecture/testing/test-framework.md b/docs/architecture/testing/test-framework.md index 7780949e1..80667df92 100644 --- a/docs/architecture/testing/test-framework.md +++ b/docs/architecture/testing/test-framework.md @@ -30,17 +30,23 @@ Each test case has a description which succinctly describes for a human audience #### SSL test case descriptions -Each test case in `ssl-opt.sh` has a description which succinctly describes for a human audience what the test does. The test description is the first parameter to `run_tests`. +Each test case in `ssl-opt.sh` has a description which succinctly describes for a human audience what the test does. The test description is the first parameter to `run_test`. The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, the description must be written on the same line as `run_test`, in double quotes, for the sake of `check_test_cases.py`. +### SSL cipher suite tests + +Each test case in `compat.sh` has a description which succinctly describes for a human audience what the test does. The test description is `$TITLE` defined in `run_client`. + +The same rules and guidelines apply as for [unit test descriptions](#unit-test-descriptions). In addition, failure cause in `compat.sh` is not classified as `ssl-opt.sh`, so the information of failed log files are followed as prompt. + ## Running tests ### Outcome file #### Generating an outcome file -Unit tests and `ssl-opt.sh` record the outcome of each test case in a **test outcome file**. This feature is enabled if the environment variable `MBEDTLS_TEST_OUTCOME_FILE` is set. Set it to the path of the desired file. +Unit tests, `ssl-opt.sh` and `compat.sh` record the outcome of each test case in a **test outcome file**. This feature is enabled if the environment variable `MBEDTLS_TEST_OUTCOME_FILE` is set. Set it to the path of the desired file. If you run `all.sh --outcome-file test-outcome.csv`, this collects the outcome of all the test cases in `test-outcome.csv`. @@ -52,7 +58,7 @@ The outcome file has 6 fields: * **Platform**: a description of the platform, e.g. `Linux-x86_64` or `Linux-x86_64-gcc7-msan`. * **Configuration**: a unique description of the configuration (`mbedtls_config.h`). -* **Test suite**: `test_suite_xxx` or `ssl-opt`. +* **Test suite**: `test_suite_xxx`, `ssl-opt` or `compat`. * **Test case**: the description of the test case. * **Result**: one of `PASS`, `SKIP` or `FAIL`. * **Cause**: more information explaining the result. diff --git a/docs/architecture/tls13-support.md b/docs/architecture/tls13-support.md index 85482ba9e..6db0e54c3 100644 --- a/docs/architecture/tls13-support.md +++ b/docs/architecture/tls13-support.md @@ -86,17 +86,11 @@ Support description - Supported versions: - - TLS 1.2 and TLS 1.3 with version negotiation on the client side, not server - side. + - TLS 1.2 and TLS 1.3 with version negotiation on client and server side. - TLS 1.2 and TLS 1.3 can be enabled in the build independently of each other. - - If both TLS 1.3 and TLS 1.2 are enabled at build time, only one of them can - be configured at runtime via `mbedtls_ssl_conf_{min,max}_tls_version` for a - server endpoint. Otherwise, `mbedtls_ssl_setup` will raise - `MBEDTLS_ERR_SSL_BAD_CONFIG` error. - - Compatibility with existing SSL/TLS build options: The TLS 1.3 implementation is compatible with nearly all TLS 1.2 diff --git a/docs/conf.py b/docs/conf.py new file mode 100644 index 000000000..41c50c7f2 --- /dev/null +++ b/docs/conf.py @@ -0,0 +1,34 @@ +# Configuration file for the Sphinx documentation builder. +# +# For the full list of built-in configuration values, see the documentation: +# https://www.sphinx-doc.org/en/master/usage/configuration.html + +# -- Project information ----------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information +import glob + +project = 'Mbed TLS Versioned' +copyright = '2023, Mbed TLS Contributors' +author = 'Mbed TLS Contributors' + +# -- General configuration --------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration + +extensions = ['breathe', 'sphinx.ext.graphviz'] + +templates_path = ['_templates'] +exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] + +breathe_projects = { + 'mbedtls-versioned': '../apidoc/xml' +} +breathe_default_project = 'mbedtls-versioned' + +primary_domain = 'c' +highlight_language = 'c' + +# -- Options for HTML output ------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output + +html_theme = 'sphinx_rtd_theme' +html_static_path = ['_static'] diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md new file mode 100644 index 000000000..4bad2e879 --- /dev/null +++ b/docs/driver-only-builds.md @@ -0,0 +1,242 @@ +This document explains how to create builds of Mbed TLS where some +cryptographic mechanisms are provided only by PSA drivers (that is, no +built-in implementation of those algorithms), from a user's perspective. + +This is useful to save code size for people who are using either a hardware +accelerator, or an alternative software implementation that is more +aggressively optimized for code size than the default one in Mbed TLS. + +General considerations +---------------------- + +This document assumes that you already have a working driver. +Otherwise, please see the [PSA driver example and +guide](psa-driver-example-and-guide.md) for information on writing a +driver. + +In order to have some mechanism provided only by a driver, you'll want +the following compile-time configuration options enabled: +- `MBEDTLS_PSA_CRYPTO_C` (enabled by default) - this enables PSA Crypto. +- `MBEDTLS_USE_PSA_CRYPTO` (disabled by default) - this makes PK, X.509 and + TLS use PSA Crypto. You need to enable this if you're using PK, X.509 or TLS +and want them to have access to the algorithms provided by your driver. (See +[the dedicated document](use-psa-crypto.md) for details.) +- `MBEDTLS_PSA_CRYPTO_CONFIG` (disabled by default) - this enables + configuration of cryptographic algorithms using `PSA_WANT` macros in +`include/psa/crypto_config.h`. See [Conditional inclusion of cryptographic +mechanism through the PSA API in Mbed +TLS](proposed/psa-conditional-inclusion-c.md) for details. + +In addition, for each mechanism you want provided only by your driver: +- Define the corresponding `PSA_WANT` macro in `psa/crypto_config.h` - this + means the algorithm will be available in the PSA Crypto API. +- Define the corresponding `MBEDTLS_PSA_ACCEL` in your build. This could be + defined in `psa/crypto_config.h` or your compiler's command line. This +informs the PSA code that an accelerator is available for this mechanism. +- Undefine / comment out the corresponding `MBEDTLS_xxx_C` macro in + `mbedtls/mbedtls_config.h`. This ensures the built-in implementation is not +included in the build. + +For example, if you want SHA-256 to be provided only by a driver, you'll want +`PSA_WANT_ALG_SHA_256` and `MBEDTLS_PSA_ACCEL_SHA_256` defined, and +`MBEDTLS_SHA256_C` undefined. + +In addition to these compile-time considerations, at runtime you'll need to +make sure you call `psa_crypto_init()` before any function that uses the +driver-only mechanisms. Note that this is already a requirement for any use of +the PSA Crypto API, as well as for use of the PK, X.509 and TLS modules when +`MBEDTLS_USE_PSA_CRYPTO` is enabled, so in most cases your application will +already be doing this. + +Mechanisms covered +------------------ + +For now, only the following (families of) mechanisms are supported: +- hashes: SHA-3, SHA-2, SHA-1, MD5, etc. +- elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. +- finite-field Diffie-Hellman: FFDH algorithm, DH key types. + +Supported means that when those are provided only by drivers, everything +(including PK, X.509 and TLS if `MBEDTLS_USE_PSA_CRYPTO` is enabled) should +work in the same way as if the mechanisms where built-in, except as documented +in the "Limitations" sub-sections of the sections dedicated to each family +below. + +In the near future (end of 2023), we are planning to also add support for +ciphers (AES) and AEADs (GCM, CCM, ChachaPoly). + +Currently (mid-2023) we don't have plans to extend this to RSA. If +you're interested in driver-only support for RSA, please let us know. + +Hashes +------ + +It is possible to have all hash operations provided only by a driver. + +More precisely: +- you can enable `PSA_WANT_ALG_SHA_256` without `MBEDTLS_SHA256_C`, provided + you have `MBEDTLS_PSA_ACCEL_ALG_SHA_256` enabled; +- and similarly for all supported hash algorithms: `MD5`, `RIPEMD160`, + `SHA_1`, `SHA_224`, `SHA_256`, `SHA_384`, `SHA_512`, `SHA3_224`, `SHA3_256`, +`SHA3_384`, `SHA3_512`. + +In such a build, all crypto operations (via the PSA Crypto API, or non-PSA +APIs), as well as X.509 and TLS, will work as usual, except that direct calls +to low-level hash APIs (`mbedtls_sha256()` etc.) are not possible for the +modules that are disabled. + +You need to call `psa_crypto_init()` before any crypto operation that uses +a hash algorithm that is provided only by a driver, as mentioned in [General +considerations](#general-considerations) above. + +If you want to check at compile-time whether a certain hash algorithm is +available in the present build of Mbed TLS, regardless of whether it's +provided by a driver or built-in, you should use the following macros: +- for code that uses only the PSA Crypto API: `PSA_WANT_ALG_xxx` from + `psa/crypto.h`; +- for code that uses non-PSA crypto APIs: `MBEDTLS_MD_CAN_xxx` from + `mbedtls/md.h`. + +Elliptic-curve cryptography (ECC) +--------------------------------- + +It is possible to have most ECC operations provided only by a driver: +- the ECDH, ECDSA and EC J-PAKE algorithms; +- key import, export, and random generation. + +More precisely, if: +- you have driver support for ECC public and using private keys (that is, +`MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY` and +`MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC` are enabled), and +- you have driver support for all ECC curves that are enabled (that is, for + each `PSA_WANT_ECC_xxx` macro enabled, the corresponding +`MBEDTLS_PSA_ACCEL_ECC_xxx` macros is enabled as well); + +then you can: +- enable `PSA_WANT_ALG_ECDH` without `MBEDTLS_ECDH_C`, provided + `MBEDTLS_PSA_ACCEL_ALG_ECDH` is enabled +- enable `PSA_WANT_ALG_ECDSA` without `MBEDTLS_ECDSA_C`, provided + `MBEDTLS_PSA_ACCEL_ALG_ECDSA` is enabled; +- enable `PSA_WANT_ALG_JPAKE` without `MBEDTLS_ECJPAKE_C`, provided + `MBEDTLS_PSA_ACCEL_ALG_JPAKE` is enabled. + +In addition, if: +- none of `MBEDTLS_ECDH_C`, `MBEDTLS_ECDSA_C`, `MBEDTLS_ECJPAKE_C` are enabled + (see conditions above), and +- you have driver support for all enabled ECC key pair operations - that is, + for each `PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_xxx` macro enabled, the +corresponding `MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_xxx` macros is also +enabled, + +then you can also disable `MBEDTLS_ECP_C`. However, a small subset of it might +still be included in the build, see limitations sub-section below. + +In addition, if: +- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), and +- support for RSA key types and algorithms is fully disabled, and +- support for DH key types and the FFDH algorithm is either disabled, or + fully provided by a driver, + +then you can also disable `MBEDTLS_BIGNUM_C`. + +In such builds, all crypto operations via the PSA Crypto API will work as +usual, as well as the PK, X.509 and TLS modules if `MBEDTLS_USE_PSA_CRYPTO` is +enabled, with the following exceptions: +- direct calls to APIs from the disabled modules are not possible; +- PK, X.509 and TLS will not support restartable ECC operations (see + limitation sub-section below). + +If you want to check at compile-time whether a certain curve is available in +the present build of Mbed TLS, regardless of whether ECC is provided by a +driver or built-in, you should use the following macros: +- for code that uses only the PSA Crypto API: `PSA_WANT_ECC_xxx` from + `psa/crypto.h`; +- for code that may also use non-PSA crypto APIs: `MBEDTLS_ECP_HAVE_xxx` from + `mbedtls/build_info.h` where xxx can take the same values as for +`MBEDTLS_ECP_DP_xxx` macros. + +Note that for externally-provided drivers, the integrator is responsible for +ensuring the appropriate `MBEDTLS_PSA_ACCEL_xxx` macros are defined. However, +for the p256-m driver that's provided with the library, those macros are +automatically defined when enabling `MBEDTLS_PSA_P256M_DRIVER_ENABLED`. + +### Limitations regarding fully removing `ecp.c` + +A limited subset of `ecp.c` will still be automatically re-enabled if any of +the following is enabled: +- `MBEDTLS_PK_PARSE_EC_COMPRESSED` - support for parsing ECC keys where the + public part is in compressed format; +- `MBEDTLS_PK_PARSE_EC_EXTENDED` - support for parsing ECC keys where the + curve is identified not by name, but by explicit parameters; +- `PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE` - support for deterministic + derivation of an ECC keypair with `psa_key_derivation_output_key()`. + +Note: when any of the above options is enabled, a subset of `ecp.c` will +automatically be included in the build in order to support it. Therefore +you can still disable `MBEDTLS_ECP_C` in `mbedtls_config.h` and this will +result in some code size savings, but not as much as when none of the +above features are enabled. + +We do have plans to support each of these with `ecp.c` fully removed in the +future, however there is no established timeline. If you're interested, please +let us know, so we can take it into consideration in our planning. + +### Limitations regarding restartable / interruptible ECC operations + +At the moment, there is no driver support for interruptible operations +(see `psa_sign_hash_start()` + `psa_sign_hash_complete()` etc.) so as a +consequence these are not supported in builds without `MBEDTLS_ECDSA_C`. + +Similarly, there is no PSA support for interruptible ECDH operations so these +are not supported without `ECDH_C`. See also limitations regarding +restartable operations with `MBEDTLS_USE_PSA_CRYPTO` in [its +documentation](use-psa-crypto.md). + +Again, we have plans to support this in the future but not with an established +timeline, please let us know if you're interested. + +### Limitations regarding "mixed" builds (driver and built-in) + +In order for a build to be driver-only (no built-in implementation), all the +requested algorithms, key types (key operations) and curves must be +accelerated (plus a few other restrictions, see "Limitations regarding fully +removing `ecp.c`" above). However, what if you have an accelerator that only +supports some algorithms, some key types (key operations), or some curves, but +want to have more enabled in you build? + +It is possible to have acceleration for only a subset of the requested +algorithms. In this case, the built-in implementation of the accelerated +algorithms will be disabled, provided all the requested curves and key types +that can be used with this algorithm are also declared as accelerated. + +There is very limited support for having acceleration for only a subset of the +requested key type operations. The only configuration that's tested is that of +a driver accelerating `PUBLIC_KEY`, `KEY_PAIR_BASIC`, `KEY_PAIR_IMPORT`, +`KEY_PAIR_EXPORT` but not `KEY_PAIR_GENERATE`. (Note: currently the driver +interface does not support `KEY_PAIR_DERIVE`.) + +There is limited support for having acceleration for only a subset of the +requested curves. In such builds, only the PSA API is currently tested and +working; there are known issues in PK, and X.509 and TLS are untested. + +Finite-field Diffie-Hellman +--------------------------- + +Support is pretty similar to the "Elliptic-curve cryptography (ECC)" section +above. +Key management and usage can be enabled by means of the usual `PSA_WANT` + +`MBEDTLS_PSA_ACCEL` pairs: + +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_PUBLIC_KEY`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_BASIC`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_IMPORT`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_EXPORT`; +- `[PSA_WANT|MBEDTLS_PSA_ACCEL]_KEY_TYPE_DH_KEY_PAIR_GENERATE`; + +The same holds for the associated algorithm: +`[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and +removing builtin support (i.e. `MBEDTLS_DHM_C`). + +### Limitations +Support for deterministic derivation of a DH keypair +(i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported. diff --git a/docs/getting_started.md b/docs/getting_started.md deleted file mode 100644 index fdbf0e9ba..000000000 --- a/docs/getting_started.md +++ /dev/null @@ -1,894 +0,0 @@ -## Getting started with Mbed Crypto - -### What is Mbed Crypto? - -Mbed Crypto is an open source cryptographic library that supports a wide range of cryptographic operations, including: -* Key management -* Hashing -* Symmetric cryptography -* Asymmetric cryptography -* Message authentication (MAC) -* Key generation and derivation -* Authenticated encryption with associated data (AEAD) - -The Mbed Crypto library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). It is written in portable C. - -The Mbed Crypto library is distributed under the Apache License, version 2.0. - -#### Platform Security Architecture (PSA) - -Arm's Platform Security Architecture (PSA) is a holistic set of threat models, -security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that enables you to design security into both hardware and firmware consistently. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives. - -### Using Mbed Crypto - -* [Getting the Mbed Crypto library](#getting-the-mbed-crypto-library) -* [Building the Mbed Crypto library](#building-the-mbed-crypto-library) -* [Using the Mbed Crypto library](#using-the-mbed-crypto-library) -* [Importing a key](#importing-a-key) -* [Signing a message using RSA](#signing-a-message-using-RSA) -* [Encrypting or decrypting using symmetric ciphers](#encrypting-or-decrypting-using-symmetric-ciphers) -* [Hashing a message](#hashing-a-message) -* [Deriving a new key from an existing key](#deriving-a-new-key-from-an-existing-key) -* [Generating a random value](#generating-a-random-value) -* [Authenticating and encrypting or decrypting a message](#authenticating-and-encrypting-or-decrypting-a-message) -* [Generating and exporting keys](#generating-and-exporting-keys) -* [More about the Mbed Crypto library](#more-about-the-mbed-crypto-library) - -### Getting the Mbed Crypto library - -Mbed Crypto releases are available in the [public GitHub repository](https://github.com/ARMmbed/mbed-crypto). - -### Building the Mbed Crypto library - -**Prerequisites to building the library with the provided makefiles:** -* GNU Make. -* A C toolchain (compiler, linker, archiver). -* Python 2 or Python 3 (either works) to generate the test code. -* Perl to run the tests. - -If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs. - -To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`); for example: -``` -make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar -``` -The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`. - -To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine. - -### Using the Mbed Crypto library - -To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other API. This initializes the library. - -### Importing a key - -To use a key for cryptography operations in Mbed Crypto, you need to first -import it. The import operation returns the identifier of the key for use -with other function calls. - -**Prerequisites to importing keys:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -This example shows how to import a key: -```C -void import_a_key(const uint8_t *key, size_t key_len) -{ - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Import an AES key...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Set key attributes */ - psa_set_key_usage_flags(&attributes, 0); - psa_set_key_algorithm(&attributes, 0); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - - /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import key\n"); - return; - } - printf("Imported a key\n"); - - /* Free the attributes */ - psa_reset_key_attributes(&attributes); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -### Signing a message using RSA - -Mbed Crypto supports encrypting, decrypting, signing and verifying messages using public key signature algorithms, such as RSA or ECDSA. - -**Prerequisites to performing asymmetric signature operations:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* Have a valid key with appropriate attributes set: - * Usage flag `PSA_KEY_USAGE_SIGN_HASH` to allow signing. - * Usage flag `PSA_KEY_USAGE_VERIFY_HASH` to allow signature verification. - * Algorithm set to the desired signature algorithm. - -This example shows how to sign a hash that has already been calculated: -```C -void sign_a_message_using_rsa(const uint8_t *key, size_t key_len) -{ - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - uint8_t hash[32] = {0x50, 0xd8, 0x58, 0xe0, 0x98, 0x5e, 0xcc, 0x7f, - 0x60, 0x41, 0x8a, 0xaf, 0x0c, 0xc5, 0xab, 0x58, - 0x7f, 0x42, 0xc2, 0x57, 0x0a, 0x88, 0x40, 0x95, - 0xa9, 0xe8, 0xcc, 0xac, 0xd0, 0xf6, 0x54, 0x5c}; - uint8_t signature[PSA_SIGNATURE_MAX_SIZE] = {0}; - size_t signature_length; - psa_key_id_t key_id; - - printf("Sign a message...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Set key attributes */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); - psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_SIGN_RAW); - psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); - psa_set_key_bits(&attributes, 1024); - - /* Import the key */ - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import key\n"); - return; - } - - /* Sign message using the key */ - status = psa_sign_hash(key_id, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, - hash, sizeof(hash), - signature, sizeof(signature), - &signature_length); - if (status != PSA_SUCCESS) { - printf("Failed to sign\n"); - return; - } - - printf("Signed a message\n"); - - /* Free the attributes */ - psa_reset_key_attributes(&attributes); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -### Using symmetric ciphers - -Mbed Crypto supports encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers). - -**Prerequisites to working with the symmetric cipher API:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* Have a symmetric key. This key's usage flags must include `PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption. - -**To encrypt a message with a symmetric cipher:** -1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. -1. Call `psa_cipher_encrypt_setup()` to specify the algorithm and the key to be used. -1. Call either `psa_cipher_generate_iv()` or `psa_cipher_set_iv()` to generate or set the initialization vector (IV). We recommend calling `psa_cipher_generate_iv()`, unless you require a specific IV value. -1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. -1. Call `psa_cipher_finish()` to end the operation and output the encrypted message. - -This example shows how to encrypt data using an AES (Advanced Encryption Standard) key in CBC (Cipher Block Chaining) mode with no padding (assuming all prerequisites have been fulfilled): -```c -void encrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) -{ - enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), - }; - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; - uint8_t plaintext[block_size] = SOME_PLAINTEXT; - uint8_t iv[block_size]; - size_t iv_len; - uint8_t output[block_size]; - size_t output_len; - psa_key_id_t key_id; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - - printf("Encrypt with cipher...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) - { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Encrypt the plaintext */ - status = psa_cipher_encrypt_setup(&operation, key_id, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin cipher operation\n"); - return; - } - status = psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len); - if (status != PSA_SUCCESS) { - printf("Failed to generate IV\n"); - return; - } - status = psa_cipher_update(&operation, plaintext, sizeof(plaintext), - output, sizeof(output), &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to update cipher operation\n"); - return; - } - status = psa_cipher_finish(&operation, output + output_len, - sizeof(output) - output_len, &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to finish cipher operation\n"); - return; - } - printf("Encrypted plaintext\n"); - - /* Clean up cipher operation context */ - psa_cipher_abort(&operation); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -**To decrypt a message with a symmetric cipher:** -1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions. -1. Initialize the operation structure to zero or to `PSA_CIPHER_OPERATION_INIT`. -1. Call `psa_cipher_decrypt_setup()` to specify the algorithm and the key to be used. -1. Call `psa_cipher_set_iv()` with the IV for the decryption. -1. Call `psa_cipher_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. -1. Call `psa_cipher_finish()` to end the operation and output the decrypted message. - -This example shows how to decrypt encrypted data using an AES key in CBC mode with no padding -(assuming all prerequisites have been fulfilled): -```c -void decrypt_with_symmetric_ciphers(const uint8_t *key, size_t key_len) -{ - enum { - block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(PSA_KEY_TYPE_AES), - }; - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING; - psa_cipher_operation_t operation = PSA_CIPHER_OPERATION_INIT; - uint8_t ciphertext[block_size] = SOME_CIPHERTEXT; - uint8_t iv[block_size] = ENCRYPTED_WITH_IV; - uint8_t output[block_size]; - size_t output_len; - psa_key_id_t key_id; - - printf("Decrypt with cipher...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) - { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, key_len, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Decrypt the ciphertext */ - status = psa_cipher_decrypt_setup(&operation, key_id, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin cipher operation\n"); - return; - } - status = psa_cipher_set_iv(&operation, iv, sizeof(iv)); - if (status != PSA_SUCCESS) { - printf("Failed to set IV\n"); - return; - } - status = psa_cipher_update(&operation, ciphertext, sizeof(ciphertext), - output, sizeof(output), &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to update cipher operation\n"); - return; - } - status = psa_cipher_finish(&operation, output + output_len, - sizeof(output) - output_len, &output_len); - if (status != PSA_SUCCESS) { - printf("Failed to finish cipher operation\n"); - return; - } - printf("Decrypted ciphertext\n"); - - /* Clean up cipher operation context */ - psa_cipher_abort(&operation); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -} -``` - -#### Handling cipher operation contexts - -After you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`, you can terminate the operation at any time by calling `psa_cipher_abort()`. - -The call to `psa_cipher_abort()` frees any resources associated with the operation, except for the operation structure itself. - -Mbed Crypto implicitly calls `psa_cipher_abort()` when: -* A call to `psa_cipher_generate_iv()`, `psa_cipher_set_iv()` or `psa_cipher_update()` fails (returning any status other than `PSA_SUCCESS`). -* A call to `psa_cipher_finish()` succeeds or fails. - -After an implicit or explicit call to `psa_cipher_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling either `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()` again. - -You must call `psa_cipher_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_cipher_encrypt_setup()` or `psa_cipher_decrypt_setup()`). - -Making multiple sequential calls to `psa_cipher_abort()` on an operation that is terminated (either implicitly or explicitly) is safe and has no effect. - -### Hashing a message - -Mbed Crypto lets you compute and verify hashes using various hashing -algorithms. - -**Prerequisites to working with the hash APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -**To calculate a hash:** -1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions. -1. Initialize the operation structure to zero or to `PSA_HASH_OPERATION_INIT`. -1. Call `psa_hash_setup()` to specify the hash algorithm. -1. Call `psa_hash_update()` with the message to encrypt. You may call this function multiple times, passing successive fragments of the message on successive calls. -1. Call `psa_hash_finish()` to calculate the hash, or `psa_hash_verify()` to compare the computed hash with an expected hash value. - -This example shows how to calculate the SHA-256 hash of a message: -```c - psa_status_t status; - psa_algorithm_t alg = PSA_ALG_SHA_256; - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - unsigned char input[] = { 'a', 'b', 'c' }; - unsigned char actual_hash[PSA_HASH_MAX_SIZE]; - size_t actual_hash_len; - - printf("Hash a message...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Compute hash of message */ - status = psa_hash_setup(&operation, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin hash operation\n"); - return; - } - status = psa_hash_update(&operation, input, sizeof(input)); - if (status != PSA_SUCCESS) { - printf("Failed to update hash operation\n"); - return; - } - status = psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), - &actual_hash_len); - if (status != PSA_SUCCESS) { - printf("Failed to finish hash operation\n"); - return; - } - - printf("Hashed a message\n"); - - /* Clean up hash operation context */ - psa_hash_abort(&operation); - - mbedtls_psa_crypto_free(); -``` - -This example shows how to verify the SHA-256 hash of a message: -```c - psa_status_t status; - psa_algorithm_t alg = PSA_ALG_SHA_256; - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - unsigned char input[] = { 'a', 'b', 'c' }; - unsigned char expected_hash[] = { - 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, - 0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, - 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad - }; - size_t expected_hash_len = PSA_HASH_LENGTH(alg); - - printf("Verify a hash...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Verify message hash */ - status = psa_hash_setup(&operation, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin hash operation\n"); - return; - } - status = psa_hash_update(&operation, input, sizeof(input)); - if (status != PSA_SUCCESS) { - printf("Failed to update hash operation\n"); - return; - } - status = psa_hash_verify(&operation, expected_hash, expected_hash_len); - if (status != PSA_SUCCESS) { - printf("Failed to verify hash\n"); - return; - } - - printf("Verified a hash\n"); - - /* Clean up hash operation context */ - psa_hash_abort(&operation); - - mbedtls_psa_crypto_free(); -``` - -The API provides the macro `PSA_HASH_LENGTH`, which returns the expected hash length (in bytes) for the specified algorithm. - -#### Handling hash operation contexts - -After a successful call to `psa_hash_setup()`, you can terminate the operation at any time by calling `psa_hash_abort()`. The call to `psa_hash_abort()` frees any resources associated with the operation, except for the operation structure itself. - -Mbed Crypto implicitly calls `psa_hash_abort()` when: -1. A call to `psa_hash_update()` fails (returning any status other than `PSA_SUCCESS`). -1. A call to `psa_hash_finish()` succeeds or fails. -1. A call to `psa_hash_verify()` succeeds or fails. - -After an implicit or explicit call to `psa_hash_abort()`, the operation structure is invalidated; in other words, you cannot reuse the operation structure for the same operation. You can, however, reuse the operation structure for a different operation by calling `psa_hash_setup()` again. - -You must call `psa_hash_abort()` at some point for any operation that is initialized successfully (by a successful call to `psa_hash_setup()`) . - -Making multiple sequential calls to `psa_hash_abort()` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect. - -### Generating a random value - -Mbed Crypto can generate random data. - -**Prerequisites to generating random data:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -**Note:** To generate a random key, use `psa_generate_key()` instead of `psa_generate_random()`. - -This example shows how to generate ten bytes of random data by calling `psa_generate_random()`: -```C - psa_status_t status; - uint8_t random[10] = { 0 }; - - printf("Generate random...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - status = psa_generate_random(random, sizeof(random)); - if (status != PSA_SUCCESS) { - printf("Failed to generate a random value\n"); - return; - } - - printf("Generated random data\n"); - - /* Clean up */ - mbedtls_psa_crypto_free(); -``` - -### Deriving a new key from an existing key - -Mbed Crypto provides a key derivation API that lets you derive new keys from -existing ones. The key derivation API has functions to take inputs, including -other keys and data, and functions to generate outputs, such as new keys or -other data. - -You must first initialize and set up a key derivation context, -provided with a key and, optionally, other data. Then, use the key derivation context to either read derived data to a buffer or send derived data directly to a key slot. - -See the documentation for the particular algorithm (such as HKDF or the TLS1.2 PRF) for -information about which inputs to pass when, and when you can obtain which outputs. - -**Prerequisites to working with the key derivation APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* Use a key with the appropriate attributes set: - * Usage flags set for key derivation (`PSA_KEY_USAGE_DERIVE`) - * Key type set to `PSA_KEY_TYPE_DERIVE`. - * Algorithm set to a key derivation algorithm - (for example, `PSA_ALG_HKDF(PSA_ALG_SHA_256)`). - -**To derive a new AES-CTR 128-bit encryption key into a given key slot using HKDF -with a given key, salt and info:** - -1. Set up the key derivation context using the `psa_key_derivation_setup()` -function, specifying the derivation algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`. -1. Provide an optional salt with `psa_key_derivation_input_bytes()`. -1. Provide info with `psa_key_derivation_input_bytes()`. -1. Provide a secret with `psa_key_derivation_input_key()`, referencing a key that - can be used for key derivation. -1. Set the key attributes desired for the new derived key. We'll set - the `PSA_KEY_USAGE_ENCRYPT` usage flag and the `PSA_ALG_CTR` algorithm for this - example. -1. Derive the key by calling `psa_key_derivation_output_key()`. -1. Clean up the key derivation context. - -At this point, the derived key slot holds a new 128-bit AES-CTR encryption key -derived from the key, salt and info provided: -```C - psa_status_t status; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - static const unsigned char key[] = { - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b }; - static const unsigned char salt[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c }; - static const unsigned char info[] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, - 0xf7, 0xf8, 0xf9 }; - psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); - psa_key_derivation_operation_t operation = - PSA_KEY_DERIVATION_OPERATION_INIT; - size_t derived_bits = 128; - size_t capacity = PSA_BITS_TO_BYTES(derived_bits); - psa_key_id_t base_key; - psa_key_id_t derived_key; - - printf("Derive a key (HKDF)...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Import a key for use in key derivation. If such a key has already been - * generated or imported, you can skip this part. */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_DERIVE); - status = psa_import_key(&attributes, key, sizeof(key), &base_key); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Derive a key */ - status = psa_key_derivation_setup(&operation, alg); - if (status != PSA_SUCCESS) { - printf("Failed to begin key derivation\n"); - return; - } - status = psa_key_derivation_set_capacity(&operation, capacity); - if (status != PSA_SUCCESS) { - printf("Failed to set capacity\n"); - return; - } - status = psa_key_derivation_input_bytes(&operation, - PSA_KEY_DERIVATION_INPUT_SALT, - salt, sizeof(salt)); - if (status != PSA_SUCCESS) { - printf("Failed to input salt (extract)\n"); - return; - } - status = psa_key_derivation_input_key(&operation, - PSA_KEY_DERIVATION_INPUT_SECRET, - base_key); - if (status != PSA_SUCCESS) { - printf("Failed to input key (extract)\n"); - return; - } - status = psa_key_derivation_input_bytes(&operation, - PSA_KEY_DERIVATION_INPUT_INFO, - info, sizeof(info)); - if (status != PSA_SUCCESS) { - printf("Failed to input info (expand)\n"); - return; - } - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, PSA_ALG_CTR); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_key_derivation_output_key(&attributes, &operation, - &derived_key); - if (status != PSA_SUCCESS) { - printf("Failed to derive key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - printf("Derived key\n"); - - /* Clean up key derivation operation */ - psa_key_derivation_abort(&operation); - - /* Destroy the keys */ - psa_destroy_key(derived_key); - psa_destroy_key(base_key); - - mbedtls_psa_crypto_free(); -``` - -### Authenticating and encrypting or decrypting a message - -Mbed Crypto provides a simple way to authenticate and encrypt with associated data (AEAD), supporting the `PSA_ALG_CCM` algorithm. - -**Prerequisites to working with the AEAD cipher APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. -* The key attributes for the key used for derivation must have the `PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT` usage flags. - -This example shows how to authenticate and encrypt a message: -```C - psa_status_t status; - static const uint8_t key[] = { - 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; - static const uint8_t nonce[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B }; - static const uint8_t additional_data[] = { - 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, - 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; - static const uint8_t input_data[] = { - 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, - 0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43, - 0xD2, 0xD7, 0xC2 }; - uint8_t *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - size_t tag_length = 16; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Authenticate encrypt...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - output_size = sizeof(input_data) + tag_length; - output_data = (uint8_t *)malloc(output_size); - if (!output_data) { - printf("Out of memory\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, PSA_ALG_CCM); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key, sizeof(key), &key_id); - psa_reset_key_attributes(&attributes); - - /* Authenticate and encrypt */ - status = psa_aead_encrypt(key_id, PSA_ALG_CCM, - nonce, sizeof(nonce), - additional_data, sizeof(additional_data), - input_data, sizeof(input_data), - output_data, output_size, - &output_length); - if (status != PSA_SUCCESS) { - printf("Failed to authenticate and encrypt\n"); - return; - } - - printf("Authenticated and encrypted\n"); - - /* Clean up */ - free(output_data); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -``` - -This example shows how to authenticate and decrypt a message: - -```C - psa_status_t status; - static const uint8_t key_data[] = { - 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF }; - static const uint8_t nonce[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B }; - static const uint8_t additional_data[] = { - 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, - 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70 }; - static const uint8_t input_data[] = { - 0x20, 0x30, 0xE0, 0x36, 0xED, 0x09, 0xA0, 0x45, 0xAF, 0x3C, 0xBA, 0xEE, - 0x0F, 0xC8, 0x48, 0xAF, 0xCD, 0x89, 0x54, 0xF4, 0xF6, 0x3F, 0x28, 0x9A, - 0xA1, 0xDD, 0xB2, 0xB8, 0x09, 0xCD, 0x7C, 0xE1, 0x46, 0xE9, 0x98 }; - uint8_t *output_data = NULL; - size_t output_size = 0; - size_t output_length = 0; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Authenticate decrypt...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - output_size = sizeof(input_data); - output_data = (uint8_t *)malloc(output_size); - if (!output_data) { - printf("Out of memory\n"); - return; - } - - /* Import a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); - psa_set_key_algorithm(&attributes, PSA_ALG_CCM); - psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); - psa_set_key_bits(&attributes, 128); - status = psa_import_key(&attributes, key_data, sizeof(key_data), &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to import a key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - /* Authenticate and decrypt */ - status = psa_aead_decrypt(key_id, PSA_ALG_CCM, - nonce, sizeof(nonce), - additional_data, sizeof(additional_data), - input_data, sizeof(input_data), - output_data, output_size, - &output_length); - if (status != PSA_SUCCESS) { - printf("Failed to authenticate and decrypt %ld\n", status); - return; - } - - printf("Authenticated and decrypted\n"); - - /* Clean up */ - free(output_data); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -``` - -### Generating and exporting keys - -Mbed Crypto provides a simple way to generate a key or key pair. - -**Prerequisites to using key generation and export APIs:** -* Initialize the library with a successful call to `psa_crypto_init()`. - -**To generate an ECDSA key:** -1. Set the desired key attributes for key generation by calling - `psa_set_key_algorithm()` with the chosen ECDSA algorithm (such as - `PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)`). You only want to export the public key, not the key pair (or private key); therefore, do not set `PSA_KEY_USAGE_EXPORT`. -1. Generate a key by calling `psa_generate_key()`. -1. Export the generated public key by calling `psa_export_public_key()`: -```C - enum { - key_bits = 256, - }; - psa_status_t status; - size_t exported_length = 0; - static uint8_t exported[PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)]; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_id_t key_id; - - printf("Generate a key pair...\t"); - fflush(stdout); - - /* Initialize PSA Crypto */ - status = psa_crypto_init(); - if (status != PSA_SUCCESS) { - printf("Failed to initialize PSA Crypto\n"); - return; - } - - /* Generate a key */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256)); - psa_set_key_type(&attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)); - psa_set_key_bits(&attributes, key_bits); - status = psa_generate_key(&attributes, &key_id); - if (status != PSA_SUCCESS) { - printf("Failed to generate key\n"); - return; - } - psa_reset_key_attributes(&attributes); - - status = psa_export_public_key(key_id, exported, sizeof(exported), - &exported_length); - if (status != PSA_SUCCESS) { - printf("Failed to export public key %ld\n", status); - return; - } - - printf("Exported a public key\n"); - - /* Destroy the key */ - psa_destroy_key(key_id); - - mbedtls_psa_crypto_free(); -``` - -### More about the PSA Crypto API - -For more information about the PSA Crypto API, please see the [PSA Cryptography API Specification](https://armmbed.github.io/mbed-crypto/html/index.html). diff --git a/docs/index.rst b/docs/index.rst new file mode 100644 index 000000000..33a97223d --- /dev/null +++ b/docs/index.rst @@ -0,0 +1,20 @@ +.. Mbed TLS Versioned documentation master file, created by + sphinx-quickstart on Thu Feb 23 18:13:44 2023. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Mbed TLS API documentation +========================== + +.. doxygenpage:: index + :project: mbedtls-versioned + +.. toctree:: + :caption: Contents + :maxdepth: 1 + + Home + api/grouplist.rst + api/filelist.rst + api/structlist.rst + api/unionlist.rst diff --git a/docs/proposed/psa-conditional-inclusion-c.md b/docs/proposed/psa-conditional-inclusion-c.md index 50a140404..3dd5345ab 100644 --- a/docs/proposed/psa-conditional-inclusion-c.md +++ b/docs/proposed/psa-conditional-inclusion-c.md @@ -80,9 +80,18 @@ If a feature is not requested for inclusion in the PSA Crypto configuration file #### Configuration symbols for key types -For each constant or constructor macro of the form `PSA_KEY_TYPE_xxx`, the symbol **`PSA_WANT_KEY_TYPE_xxx`** indicates that support for this key type is desired. +For most constant or constructor macros of the form `PSA_KEY_TYPE_xxx`, the symbol **`PSA_WANT_KEY_TYPE_xxx`** indicates that support for this key type is desired. -For asymmetric cryptography, `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR` determines whether private-key operations are desired, and `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY` determines whether public-key operations are desired. `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR` implicitly enables `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY`: there is no way to only include private-key operations (which typically saves little code). +As an exception, starting in Mbed TLS 3.5.0, for `KEY_PAIR` types (that is, private keys for asymmetric cryptography), the feature selection is more fine-grained, with an additional suffix: +* `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` enables basic support for the key type, and in particular support for operations with a key of that type for enabled algorithms. This is automatically enabled if any of the other `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` options is enabled. +* `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_IMPORT` enables support for `psa_import_key` to import a key of that type. +* `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type. +* `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type. +* `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_EXPORT` enables support for `psa_export_key` to export a key of that type. + +For asymmetric cryptography, `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` determines whether private-key operations are desired, and `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY` determines whether public-key operations are desired. `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` implicitly enables `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY`, as well as support for `psa_export_public_key` on the private key: there is no way to only include private-key operations (which typically saves little code). + +Note: the implementation is always free to include support for more than what was explicitly requested. (For example, as of Mbed TLS 3.5.0, `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` implicitly enables import and export support for that key type, but this may not be the case in future versions.) Applications should always request support for all operations they need, rather than rely on them being implicitly enabled by the implementation. The only thing that is documented and guaranteed in the future is as follows: `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` -> `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` -> `PSA_WANT_KEY_TYPE_xxx_PUBLIC_KEY`. #### Configuration symbols for elliptic curves diff --git a/docs/proposed/psa-driver-developer-guide.md b/docs/proposed/psa-driver-developer-guide.md index b39f5599e..6b207c824 100644 --- a/docs/proposed/psa-driver-developer-guide.md +++ b/docs/proposed/psa-driver-developer-guide.md @@ -2,12 +2,13 @@ PSA Cryptoprocessor driver developer's guide ============================================ **This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.** +For a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). This document describes how to write drivers of cryptoprocessors such as accelerators and secure elements for the PSA cryptography subsystem of Mbed TLS. This document focuses on behavior that is specific to Mbed TLS. For a reference of the interface between Mbed TLS and drivers, refer to the [PSA Cryptoprocessor Driver Interface specification](psa-driver-interface.html). -The interface is not fully implemented in Mbed TLS yet and is disabled by default. You can enable the experimental work in progress by setting `MBEDTLS_PSA_CRYPTO_DRIVERS` in the compile-time configuration. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code when `MBEDTLS_PSA_CRYPTO_DRIVERS` is enabled. +The interface is not fully implemented in Mbed TLS yet. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code. ## Introduction diff --git a/docs/proposed/psa-driver-integration-guide.md b/docs/proposed/psa-driver-integration-guide.md index bfd765ea5..8b3b4041c 100644 --- a/docs/proposed/psa-driver-integration-guide.md +++ b/docs/proposed/psa-driver-integration-guide.md @@ -2,10 +2,11 @@ Building Mbed TLS with PSA cryptoprocessor drivers ================================================== **This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.** +For a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). This document describes how to build Mbed TLS with additional cryptoprocessor drivers that follow the PSA cryptoprocessor driver interface. -The interface is not fully implemented in Mbed TLS yet and is disabled by default. You can enable the experimental work in progress by setting `MBEDTLS_PSA_CRYPTO_DRIVERS` in the compile-time configuration. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code when `MBEDTLS_PSA_CRYPTO_DRIVERS` is enabled. +The interface is not fully implemented in Mbed TLS yet. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code. ## Introduction @@ -19,21 +20,14 @@ Concretely speaking, a driver consists of one or more **driver description files To build Mbed TLS with drivers: -1. Activate `MBEDTLS_PSA_CRYPTO_DRIVERS` in the library configuration. - - ``` - cd /path/to/mbedtls - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - ``` - -2. Pass the driver description files through the Make variable `PSA_DRIVERS` when building the library. +1. Pass the driver description files through the Make variable `PSA_DRIVERS` when building the library. ``` cd /path/to/mbedtls make PSA_DRIVERS="/path/to/acme/driver.json /path/to/nadir/driver.json" lib ``` -3. Link your application with the implementation of the driver functions. +2. Link your application with the implementation of the driver functions. ``` cd /path/to/application diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md index 8f02af182..1aa55b3cc 100644 --- a/docs/proposed/psa-driver-interface.md +++ b/docs/proposed/psa-driver-interface.md @@ -5,6 +5,8 @@ This document describes an interface for cryptoprocessor drivers in the PSA cryp This specification is work in progress and should be considered to be in a beta stage. There is ongoing work to implement this interface in Mbed TLS, which is the reference implementation of the PSA Cryptography API. At this stage, Arm does not expect major changes, but minor changes are expected based on experience from the first implementation and on external feedback. +For a practical guide, with a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). + ## Introduction ### Purpose of the driver interface @@ -301,25 +303,455 @@ TODO TODO -#### Operation family `"key_derivation"` +### Driver entry points for key derivation -This family requires the following type and entry points: +Key derivation is more complex than other multipart operations for several reasons: -* Type `"key_derivation_operation_t"`: the type of a key derivation operation context. -* `"key_derivation_setup"`: called by `psa_key_derivation_setup()`. -* `"key_derivation_set_capacity"`: called by `psa_key_derivation_set_capacity()`. The core will always enforce the capacity, therefore this function does not need to do anything for algorithms where the output stream only depends on the effective generated length and not on the capacity. -* `"key_derivation_input_bytes"`: called by `psa_key_derivation_input_bytes()` and `psa_key_derivation_input_key()`. For transparent drivers, when processing a call to `psa_key_derivation_input_key()`, the core always calls the applicable driver's `"key_derivation_input_bytes"` entry point. -* `"key_derivation_input_integer"`: called by `psa_key_derivation_input_integer()`. -* `"key_derivation_input_key"` (opaque drivers only) -* `"key_derivation_output_bytes"`: called by `psa_key_derivation_output_bytes()`; also by `psa_key_derivation_output_key()` for transparent drivers. -* `"key_derivation_output_key"`: called by `psa_key_derivation_output_key()` for transparent drivers when deriving an asymmetric key pair, and also for opaque drivers. -* `"key_derivation_verify_bytes"` (opaque drivers only). -* `"key_derivation_verify_key"` (opaque drivers only). -* `"key_derivation_abort"`: called by all key derivation functions of the PSA Cryptography API. +* There are multiple inputs and outputs. +* Multiple drivers can be involved. This happens when an operation combines a key agreement and a subsequent symmetric key derivation, each of which can have independent drivers. This also happens when deriving an asymmetric key, where processing the secret input and generating the key output might involve different drivers. +* When multiple drivers are involved, they are not always independent: if the secret input is managed by an opaque driver, it might not allow the core to retrieve the intermediate output and pass it to another driver. +* The involvement of an opaque driver cannot be determined as soon as the operation is set up (since `psa_key_derivation_setup()` does not determine the key input). -TODO: key input and output for opaque drivers; deterministic key generation for transparent drivers +#### Key derivation driver dispatch logic -TODO +The core decides whether to dispatch a key derivation operation to a driver based on the location associated with the input step `PSA_KEY_DERIVATION_INPUT_SECRET`. + +1. If this step is passed via `psa_key_derivation_input_key()` for a key in a secure element: + * If the driver for this secure element implements the `"key_derivation"` family for the specified algorithm, the core calls that driver's `"key_derivation_setup"` and subsequent entry points. + Note that for all currently specified algorithms, the key type for the secret input does not matter. + * Otherwise the core calls the secure element driver's [`"export_key"`](#key-management-with-opaque-drivers) entry point. +2. Otherwise ([or on fallback?](#fallback-for-key-derivation-in-opaque-drivers)), if there is a transparent driver for the specified algorithm, the core calls that driver's `"key_derivation_setup"` and subsequent entry points. +3. Otherwise, or on fallback, the core uses its built-in implementation. + +#### Summary of entry points for the operation family `"key_derivation"` + +A key derivation driver has the following entry points: + +* `"key_derivation_setup"` (mandatory): always the first entry point to be called. This entry point provides the [initial inputs](#key-derivation-driver-initial-inputs). See [“Key derivation driver setup”](#key-derivation-driver-setup). +* `"key_derivation_input_step"` (mandatory if the driver supports a key derivation algorithm with long inputs, otherwise ignored): provide an extra input for the key derivation. This entry point is only mandatory in drivers that support algorithms that have extra inputs. See [“Key derivation driver long inputs”](#key-derivation-driver-long-inputs). +* `"key_derivation_output_bytes"` (mandatory): derive cryptographic material and output it. See [“Key derivation driver outputs”](#key-derivation-driver-outputs). +* `"key_derivation_output_key"`, `"key_derivation_verify_bytes"`, `"key_derivation_verify_key"` (optional, opaque drivers only): derive key material which remains inside the same secure element. See [“Key derivation driver outputs”](#key-derivation-driver-outputs). +* `"key_derivation_set_capacity"` (mandatory for opaque drivers that implement `"key_derivation_output_key"` for “cooked”, i.e. non-raw-data key types; ignored for other opaque drivers; not permitted for transparent drivers): update the capacity policy on the operation. See [“Key derivation driver operation capacity”](#key-derivation-driver-operation-capacity). +* `"key_derivation_abort"` (mandatory): always the last entry point to be called. + +For naming purposes, here and in the following subsection, this specification takes the example of a driver with the prefix `"acme"` that implements the `"key_derivation"` entry point family with a capability that does not use the `"names"` property to declare different type and entry point names. Such a driver must implement the following type and functions, as well as the entry points listed above and described in the following subsections: +``` +typedef ... acme_key_derivation_operation_t; +psa_status_t acme_key_derivation_abort(acme_key_derivation_operation_t *operation); +``` + +#### Key derivation driver initial inputs + +The core conveys the initial inputs for a key derivation via an opaque data structure of type `psa_crypto_driver_key_derivation_inputs_t`. + +``` +typedef ... psa_crypto_driver_key_derivation_inputs_t; // implementation-specific type +``` + +A driver receiving an argument that points to a `psa_crypto_driver_key_derivation_inputs_t` can retrieve its contents by calling one of the type-specific functions below. To determine the correct function, the driver can call `psa_crypto_driver_key_derivation_get_input_type()`. + +``` +enum psa_crypto_driver_key_derivation_input_type_t { + PSA_KEY_DERIVATION_INPUT_TYPE_INVALID = 0, + PSA_KEY_DERIVATION_INPUT_TYPE_OMITTED, + PSA_KEY_DERIVATION_INPUT_TYPE_BYTES, + PSA_KEY_DERIVATION_INPUT_TYPE_KEY, + PSA_KEY_DERIVATION_INPUT_TYPE_INTEGER, + // Implementations may add other values, and may freely choose the + // numerical values for each identifer except as explicitly specified + // above. +}; +psa_crypto_driver_key_derivation_input_type_t psa_crypto_driver_key_derivation_get_input_type( + const psa_crypto_driver_key_derivation_inputs_t *inputs, + psa_key_derivation_step_t step); +``` + +The function `psa_crypto_driver_key_derivation_get_input_type()` determines whether a given step is present and how to access its value: + +* `PSA_KEY_DERIVATION_INPUT_TYPE_INVALID`: the step is invalid for the algorithm of the operation that the inputs are for. +* `PSA_KEY_DERIVATION_INPUT_TYPE_OMITTED`: the step is optional for the algorithm of the operation that the inputs are for, and has been omitted. +* `PSA_KEY_DERIVATION_INPUT_TYPE_BYTES`: the step is valid and present and is a transparent byte string. Call `psa_crypto_driver_key_derivation_get_input_size()` to obtain the size of the input data. Call `psa_crypto_driver_key_derivation_get_input_bytes()` to make a copy of the input data (design note: [why a copy?](#key-derivation-inputs-and-buffer-ownership)). +* `PSA_KEY_DERIVATION_INPUT_TYPE_KEY`: the step is valid and present and is a byte string passed via a key object. Call `psa_crypto_driver_key_derivation_get_input_key()` to obtain a pointer to the key context. +* `PSA_KEY_DERIVATION_INPUT_TYPE_INTEGER`: the step is valid and present and is an integer. Call `psa_crypto_driver_key_derivation_get_input_integer()` to retrieve the integer value. + +``` +psa_status_t psa_crypto_driver_key_derivation_get_input_size( + const psa_crypto_driver_key_derivation_inputs_t *inputs, + psa_key_derivation_step_t step, + size_t *size); +psa_status_t psa_crypto_driver_key_derivation_get_input_bytes( + const psa_crypto_driver_key_derivation_inputs_t *inputs, + psa_key_derivation_step_t step, + uint8_t *buffer, size_t buffer_size, size_t *buffer_length); +psa_status_t psa_crypto_driver_key_derivation_get_input_key( + const psa_crypto_driver_key_derivation_inputs_t *inputs, + psa_key_derivation_step_t step, + const psa_key_attributes_t *attributes, + uint8_t** p_key_buffer, size_t *key_buffer_size); +psa_status_t psa_crypto_driver_key_derivation_get_input_integer( + const psa_crypto_driver_key_derivation_inputs_t *inputs, + psa_key_derivation_step_t step, + uint64_t *value); +``` + +The get-data functions take the following parameters: + +* The first parameter `inputs` must be a pointer passed by the core to a key derivation driver setup entry point which has not returned yet. +* The `step` parameter indicates the input step whose content the driver wants to retrieve. +* On a successful invocation of `psa_crypto_driver_key_derivation_get_input_size`, the core sets `*size` to the size of the specified input in bytes. +* On a successful invocation of `psa_crypto_driver_key_derivation_get_input_bytes`, the core fills the first *N* bytes of `buffer` with the specified input and sets `*buffer_length` to *N*, where *N* is the length of the input in bytes. The value of `buffer_size` must be at least *N*, otherwise this function fails with the status `PSA_ERROR_BUFFER_TOO_SMALL`. +* On a successful invocation of `psa_crypto_driver_key_derivation_get_input_key`, the core sets `*key_buffer` to a pointer to a buffer containing the key context and `*key_buffer_size` to the size of the key context in bytes. The key context buffer remains valid for the duration of the driver entry point. If the driver needs to access the key context after the current entry point returns, it must make a copy of the key context. +* On a successful invocation of `psa_crypto_driver_key_derivation_get_input_integer`, the core sets `*value` to the value of the specified input. + +These functions can return the following statuses: + +* `PSA_SUCCESS`: the call succeeded and the requested value has been copied to the output parameter (`size`, `buffer`, `value` or `p_key_buffer`) and if applicable the size of the value has been written to the applicable parameter (`buffer_length`, `key_buffer_size`). +* `PSA_ERROR_DOES_NOT_EXIST`: the input step is valid for this particular algorithm, but it is not part of the initial inputs. This is not a fatal error. The driver will receive the input later as a [long input](#key-derivation-driver-long-inputs). +* `PSA_ERROR_INVALID_ARGUMENT`: the input type is not compatible with this function or was omitted. Call `psa_crypto_driver_key_derivation_get_input_type()` to find out the actual type of this input step. This is not a fatal error and the driver can, for example, subsequently call the appropriate function on the same step. +* `PSA_ERROR_BUFFER_TOO_SMALL` (`psa_crypto_driver_key_derivation_get_input_bytes` only): the output buffer is too small. This is not a fatal error and the driver can, for example, subsequently call the same function again with a larger buffer. Call `psa_crypto_driver_key_derivation_get_input_size` to obtain the required size. +* The core may return other errors such as `PSA_ERROR_CORRUPTION_DETECTED` or `PSA_ERROR_COMMUNICATION_FAILURE` to convey implementation-specific error conditions. Portable drivers should treat such conditions as fatal errors. + +#### Key derivation driver setup + +A key derivation driver must implement the following entry point: +``` +psa_status_t acme_key_derivation_setup( + acme_key_derivation_operation_t *operation, + psa_algorithm_t alg, + const psa_crypto_driver_key_derivation_inputs_t *inputs); +``` + +* `operation` is a zero-initialized operation object. +* `alg` is the algorithm for the key derivation operation. It does not include a key agreement component. +* `inputs` is an opaque pointer to the [initial inputs](#key-derivation-driver-initial-inputs) for the key derivation. + +#### Key derivation driver long inputs + +Some key derivation algorithms take long inputs which it would not be practical to pass in the [initial inputs](#key-derivation-driver-initial-inputs). A driver that implements a key derivation algorithm that takes such inputs must provide a `"key_derivation_input_step"` entry point. The core calls this entry point for all the long inputs after calling `"acme_key_derivation_setup"`. A long input step may be fragmented into multiple calls of `psa_key_derivation_input_bytes()`, and the core may reassemble or refragment those fragments before passing them to the driver. Calls to this entry point for different step values occur in an unspecified order and may be interspersed. + +``` +psa_status_t acme_key_derivation_input_step( + acme_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + const uint8_t *input, size_t input_length); +``` + +At the time of writing, no standard key derivation algorithm has long inputs. It is likely that such algorithms will be added in the future. + +#### Key derivation driver operation capacity + +The core keeps track of an operation's capacity and enforces it. The core guarantees that it will not request output beyond the capacity of the operation, with one exception: opaque drivers that support [`"key_derivation_output_key"`](#key-derivation-driver-outputs), i.e. for key types where the derived key material is not a direct copy of the key derivation's output stream. + +Such drivers must enforce the capacity limitation and must return `PSA_ERROR_INSUFFICIENT_CAPACITY` from any output request that exceeds the operation's capacity. Such drivers must provide the following entry point: +``` +psa_status_t acme_key_derivation_set_capacity( + acme_key_derivation_operation_t *operation, + size_t capacity); +``` +`capacity` is guaranteed to be less or equal to any value previously set through this entry point, and is guaranteed not to be `PSA_KEY_DERIVATION_UNLIMITED_CAPACITY`. + +If this entry point has not been called, the operation has an unlimited capacity. + +#### Key derivation driver outputs + +A key derivation driver must provide the following entry point: +``` +psa_status_t acme_key_derivation_output_bytes( + acme_key_derivation_operation_t *operation, + uint8_t *output, size_t length); +``` + +An opaque key derivation driver may provide the following entry points: +``` +psa_status_t acme_key_derivation_output_key( + const psa_key_attributes_t *attributes, + acme_key_derivation_operation_t *operation, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); +psa_status_t acme_key_derivation_verify_bytes( + acme_key_derivation_operation_t *operation, + const uint8_t *expected output, size_t length); +psa_status_t acme_key_derivation_verify_key( + acme_key_derivation_operation_t *operation, + uint8_t *key_buffer, size_t key_buffer_size); +``` + +The core calls a key derivation driver's output entry point when the application calls `psa_key_derivation_output_bytes()`, `psa_key_derivation_output_key()`, `psa_key_derivation_verify_bytes()` or `psa_key_derivation_verify_key()`. + +If the key derivation's `PSA_KEY_DERIVATION_INPUT_SECRET` input is in a secure element and the derivation operation is handled by that secure element, the core performs the following steps: + +* For a call to `psa_key_derivation_output_key()`: + + 1. If the derived key is in the same secure element, if the driver has an `"key_derivation_output_key"` entry point, call that entry point. If the driver has no such entry point, or if that entry point returns `PSA_ERROR_NOT_SUPPORTED`, continue with the following steps, otherwise stop. + 1. If the driver's capabilities indicate that its `"import_key"` entry point does not support the derived key, stop and return `PSA_ERROR_NOT_SUPPORTED`. + 1. Otherwise proceed as for `psa_key_derivation_output_bytes()`, then import the resulting key material. + +* For a call to `psa_key_derivation_verify_key()`: + 1. If the driver has a `"key_derivation_verify_key"` entry point, call it and stop. + 1. Call the driver's `"export_key"` entry point on the key object that contains the expected value, then proceed as for `psa_key_derivation_verify_bytes()`. + +* For a call to `psa_key_derivation_verify_bytes()`: + 1. If the driver has a `"key_derivation_verify_bytes"` entry point, call that entry point on the expected output, then stop. + 1. Otherwise, proceed as for `psa_key_derivation_output_bytes()`, and compare the resulting output to the expected output inside the core. + +* For a call to `psa_key_derivation_output_bytes()`: + 1. Call the `"key_derivation_output_bytes"` entry point. The core may call this entry point multiple times to implement a single call from the application when deriving a cooked (non-raw) key as described below, or if the output size exceeds some implementation limit. + +If the key derivation operation is not handled by an opaque driver as described above, the core calls the `"key_derivation_output_bytes"` from the applicable transparent driver (or multiple drivers in succession if fallback applies). In some cases, the core then calls additional entry points in the same or another driver: + +* For a call to `psa_key_derivation_output_key()` for some key types, the core calls a transparent driver's `"derive_key"` entry point. See [“Transparent cooked key derivation”](#transparent-cooked-key-derivation). +* For a call to `psa_key_derivation_output_key()` where the derived key is in a secure element, call that secure element driver's `"import_key"` entry point. + +#### Transparent cooked key derivation + +Key derivation is said to be *raw* for some key types, where the key material of a derived (8×*n*)-bit key consists of the next *n* bytes of output from the key derivation, and *cooked* otherwise. When deriving a raw key, the core only calls the driver's `"output_bytes"` entry point, except when deriving a key entirely inside a secure element as described in [“Key derivation driver outputs”](#key-derivation-driver-outputs). When deriving a cooked key, the core calls a transparent driver's `"derive_key"` entry point if available. + +A capability for cooked key derivation contains the following properties (this is not a subset of [the usual entry point properties](#capability-syntax)): + +* `"entry_points"` (mandatory, list of strings). Must be `["derive_key"]`. +* `"derived_types"` (mandatory, list of strings). Each element is a [key type specification](#key-type-specifications). This capability only applies when deriving a key of the specified type. +* `"derived_sizes"` (optional, list of integers). Each element is a size for the derived key, in bits. This capability only applies when deriving a key of the specified sizes. If absent, this capability applies to all sizes for the specified types. +* `"memory"` (optional, boolean). If present and true, the driver must define a type `"derive_key_memory_t"` and the core will allocate an object of that type as specified below. +* `"names"` (optional, object). A mapping from entry point names to C function and type names, as usual. +* `"fallback"` (optional, boolean). If present and true, the driver may return `PSA_ERROR_NOT_SUPPORTED` if it only partially supports the specified mechanism, as usual. + +A transparent driver with the prefix `"acme"` that implements cooked key derivation must provide the following type and function: + +``` +typedef ... acme_derive_key_memory_t; // only if the "memory" property is true +psa_status_t acme_derive_key( + const psa_key_attributes_t *attributes, + const uint8_t *input, size_t input_length, + acme_derive_key_memory_t *memory, // if the "memory" property is false: void* + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); +``` + +* `attributes` contains the attributes of the specified key. Note that only the key type and the bit-size are guaranteed to be set. +* `input` is a buffer of `input_length` bytes which contains the raw key stream, i.e. the data that `psa_key_derivation_output_bytes()` would return. +* If `"memory"` property in the driver capability is true, `memory` is a data structure that the driver may use to store data between successive calls of the `"derive_key"` entry point to derive the same key. If the `"memory"` property is false or absent, the `memory` parameter is a null pointer. +* `key_buffer` is a buffer for the output material, in the appropriate [export format](#key-format-for-transparent-drivers) for the key type. Its size is `key_buffer_size` bytes. +* On success, `*key_buffer_length` must contain the number of bytes written to `key_buffer`. + +This entry point may return the following statuses: + +* `PSA_SUCCESS`: a key was derived successfully. The driver has placed the representation of the key in `key_buffer`. +* `PSA_ERROR_NOT_SUPPORTED` (for the first call only) (only if fallback is enabled): the driver cannot fulfill this request, but a fallback driver might. +* `PSA_ERROR_INSUFFICIENT_DATA`: the core must call the `"derive_key"` entry point again with the same `memory` object and with subsequent data from the key stream. +* Any other error is a fatal error. + +The core calls the `"derive_key"` entry point in a loop until it returns a status other than `PSA_ERROR_INSUFFICIENT_DATA`. Each call has a successive fragment of the key stream. The `memory` object is guaranteed to be the same for successive calls, but note that its address may change between calls. Before the first call, `*memory` is initialized to all-bits-zero. + +For standard key types, the `"derive_key"` entry point is called with a certain input length as follows: + +* `PSA_KEY_TYPE_DES`: the length of the key. +* `PSA_KEY_TYPE_ECC_KEY_PAIR(…)`, `PSA_KEY_TYPE_DH_KEY_PAIR(…)`: $m$ bytes, where the bit-size of the key $n$ satisfies $8 (m-1) < n \le 8 m$. +* `PSA_KEY_TYPE_RSA_KEY_PAIR`: an implementation-defined length. A future version of this specification may specify a length. +* Other key types: not applicable. + +See [“Open questions around cooked key derivation”](#open-questions-around-cooked-key-derivation) for some points that may not be fully settled. + +#### Key agreement + +The core always decouples key agreement from symmetric key derivation. + +To implement a call to `psa_key_derivation_key_agreement()` where the private key is in a secure element that has a `"key_agreement_to_key"` entry point which is applicable for the given key type and algorithm, the core calls the secure element driver as follows: + +1. Call the `"key_agreement_to_key"` entry point to create a key object containing the shared secret. The key object is volatile and has the type `PSA_KEY_TYPE_DERIVE`. +2. Call the `"key_derivation_setup"` entry point, passing the resulting key object . +3. Perform the rest of the key derivation, up to and including the call to the `"key_derivation_abort"` entry point. +4. Call the `"destroy_key"` entry point to destroy the key containing the key object. + +In other cases, the core treats `psa_key_derivation_key_agreement()` as if it was a call to `psa_raw_key_agreement()` followed by a call to `psa_key_derivation_input_bytes()` on the shared secret. + +The entry points related to key agreement have the following prototypes for a driver with the prefix `"acme"`: +``` +psa_status_t acme_key_agreement(psa_algorithm_t alg, + const psa_key_attributes_t *our_attributes, + const uint8_t *our_key_buffer, + size_t our_key_buffer_length, + const uint8_t *peer_key, + size_t peer_key_length, + uint8_t *output, + size_t output_size, + size_t *output_length); +psa_status_t acme_key_agreement_to_key(psa_algorithm_t alg, + const psa_key_attributes_t *our_attributes, + const uint8_t *our_key_buffer, + size_t our_key_buffer_length, + const uint8_t *peer_key, + size_t peer_key_length, + const psa_key_attributes_t *shared_secret_attributes, + uint8_t *shared_secret_key_buffer, + size_t shared_secret_key_buffer_size, + size_t *shared_secret_key_buffer_length); +``` + +Note that unlike most other key creation entry points, in `"acme_key_agreement_to_key"`, the attributes for the shared secret are not placed near the beginning, but rather grouped with the other parameters related to the shared secret at the end of the parameter list. This is to avoid potential confusion with the attributes of the private key that is passed as an input. + +### Driver entry points for PAKE + +A PAKE operation is divided into two stages: collecting inputs and computation. Core side is responsible for keeping inputs and core set-data functions do not have driver entry points. Collected inputs are available for drivers via get-data functions for `password`, `role` and `cipher_suite`. + +### PAKE driver dispatch logic +The core decides whether to dispatch a PAKE operation to a driver based on the location of the provided password. +When all inputs are collected and `"psa_pake_output"` or `"psa_pake_input"` is called for the first time `"pake_setup"` driver entry point is invoked. + +1. If the location of the `password` is the local storage +- if there is a transparent driver for the specified ciphersuite, the core calls that driver's `"pake_setup"` and subsequent entry points. +- otherwise, or on fallback, the core uses its built-in implementation. +2. If the location of the `password` is the location of a secure element +- the core calls the `"pake_setup"` entry point of the secure element driver and subsequent entry points. + +### Summary of entry points for PAKE + +A PAKE driver has the following entry points: +* `"pake_setup"` (mandatory): always the first entry point to be called. It is called when all inputs are collected and the computation stage starts. +* `"pake_output"` (mandatory): derive cryptographic material for the specified step and output it. +* `"pake_input"` (mandatory): provides cryptographic material in the format appropriate for the specified step. +* `"pake_get_implicit_key"` (mandatory): returns implicitly confirmed shared secret from a PAKE. +* `"pake_abort"` (mandatory): always the last entry point to be called. + +For naming purposes, here and in the following subsection, this specification takes the example of a driver with the prefix `"acme"` that implements the PAKE entry point family with a capability that does not use the `"names"` property to declare different type and entry point names. Such a driver must implement the following type and functions, as well as the entry points listed above and described in the following subsections: +``` +typedef ... acme_pake_operation_t; +psa_status_t acme_pake_abort( acme_pake_operation_t *operation ); +``` + +#### PAKE driver inputs + +The core conveys the initial inputs for a PAKE operation via an opaque data structure of type `psa_crypto_driver_pake_inputs_t`. + +``` +typedef ... psa_crypto_driver_pake_inputs_t; // implementation-specific type +``` + +A driver receiving an argument that points to a `psa_crypto_driver_pake_inputs_t` can retrieve its contents by calling one of the get-data functions below. + +``` +psa_status_t psa_crypto_driver_pake_get_password_len( +    const psa_crypto_driver_pake_inputs_t *inputs, +    size_t *password_len); + +psa_status_t psa_crypto_driver_pake_get_password_bytes( +    const psa_crypto_driver_pake_inputs_t *inputs, +    uint8_t *buffer, size_t buffer_size, size_t *buffer_length); + +psa_status_t psa_crypto_driver_pake_get_password_key( +    const psa_crypto_driver_pake_inputs_t *inputs, +    uint8_t** p_key_buffer, size_t *key_buffer_size, + const psa_key_attributes_t *attributes); + +psa_status_t psa_crypto_driver_pake_get_user_len( +    const psa_crypto_driver_pake_inputs_t *inputs, +    size_t *user_len); + +psa_status_t psa_crypto_driver_pake_get_user( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *user_id, size_t user_id_size, size_t *user_id_len); + +psa_status_t psa_crypto_driver_pake_get_peer_len( +    const psa_crypto_driver_pake_inputs_t *inputs, +    size_t *peer_len); + +psa_status_t psa_crypto_driver_pake_get_peer( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length); + +psa_status_t psa_crypto_driver_pake_get_cipher_suite( +    const psa_crypto_driver_pake_inputs_t *inputs, +    psa_pake_cipher_suite_t *cipher_suite); +``` +The get-data functions take the following parameters: + +The first parameter `inputs` must be a pointer passed by the core to a PAKE driver setup entry point. +Next parameters are return buffers (must not be null pointers). + +These functions can return the following statuses: +* `PSA_SUCCESS`: value has been successfully obtained +* `PSA_ERROR_BAD_STATE`: the inputs are not ready +* `PSA_ERROR_BUFFER_TOO_SMALL` (`psa_crypto_driver_pake_get_password_bytes` and `psa_crypto_driver_pake_get_password_key` only): the output buffer is too small. This is not a fatal error and the driver can, for example, subsequently call the same function again with a larger buffer. Call `psa_crypto_driver_pake_get_password_len` to obtain the required size. + +#### PAKE driver setup + +``` +psa_status_t acme_pake_setup( acme_pake_operation_t *operation, +                              const psa_crypto_driver_pake_inputs_t *inputs ); +``` + +* `operation` is a zero-initialized operation object. +* `inputs` is an opaque pointer to the [inputs](#pake-driver-inputs) for the PAKE operation. + +The setup driver function should preserve the inputs using get-data functions. + +The pointer output by `psa_crypto_driver_pake_get_password_key` is only valid until the "pake_setup" entry point returns. Opaque drivers must copy all relevant data from the key buffer during the "pake_setup" entry point and must not store the pointer itself. + +#### PAKE driver output + +``` +psa_status_t acme_pake_output(acme_pake_operation_t *operation, +                              psa_crypto_driver_pake_step_t step, +                              uint8_t *output, +                              size_t output_size, +                              size_t *output_length); +``` + +* `operation` is an operation object. +* `step` computation step based on which driver should perform an action. +* `output` buffer where the output is to be written. +* `output_size` size of the output buffer in bytes. +* `output_length` the number of bytes of the returned output. + +For `PSA_ALG_JPAKE` the following steps are available for output operation: +`step` can be one of the following values: +* `PSA_JPAKE_X1_STEP_KEY_SHARE`     Round 1: output our key share (for ephemeral private key X1) +* `PSA_JPAKE_X1_STEP_ZK_PUBLIC`     Round 1: output Schnorr NIZKP public key for the X1 key +* `PSA_JPAKE_X1_STEP_ZK_PROOF`      Round 1: output Schnorr NIZKP proof for the X1 key +* `PSA_JPAKE_X2_STEP_KEY_SHARE`     Round 1: output our key share (for ephemeral private key X2) +* `PSA_JPAKE_X2_STEP_ZK_PUBLIC`     Round 1: output Schnorr NIZKP public key for the X2 key +* `PSA_JPAKE_X2_STEP_ZK_PROOF`      Round 1: output Schnorr NIZKP proof for the X2 key +* `PSA_JPAKE_X2S_STEP_KEY_SHARE`    Round 2: output our X2S key +* `PSA_JPAKE_X2S_STEP_ZK_PUBLIC`    Round 2: output Schnorr NIZKP public key for the X2S key +* `PSA_JPAKE_X2S_STEP_ZK_PROOF`     Round 2: output Schnorr NIZKP proof for the X2S key + +#### PAKE driver input +``` +psa_status_t acme_pake_input(acme_pake_operation_t *operation, +                            psa_crypto_driver_pake_step_t step, +                             uint8_t *input, +                             size_t input_size); +``` + +* `operation` is an operation object. +* `step` computation step based on which driver should perform an action. +* `input` buffer containing the input. +* `input_length` length of the input in bytes. + +For `PSA_ALG_JPAKE` the following steps are available for input operation: +* `PSA_JPAKE_X1_STEP_KEY_SHARE`     Round 1: input key share from peer (for ephemeral private key X1) +* `PSA_JPAKE_X1_STEP_ZK_PUBLIC`     Round 1: input Schnorr NIZKP public key for the X1 key +* `PSA_JPAKE_X1_STEP_ZK_PROOF`      Round 1: input Schnorr NIZKP proof for the X1 key +* `PSA_JPAKE_X2_STEP_KEY_SHARE`     Round 1: input key share from peer (for ephemeral private key X2) +* `PSA_JPAKE_X2_STEP_ZK_PUBLIC`     Round 1: input Schnorr NIZKP public key for the X2 key +* `PSA_JPAKE_X2_STEP_ZK_PROOF`      Round 1: input Schnorr NIZKP proof for the X2 key +* `PSA_JPAKE_X4S_STEP_KEY_SHARE`    Round 2: input X4S key from peer +* `PSA_JPAKE_X4S_STEP_ZK_PUBLIC`    Round 2: input Schnorr NIZKP public key for the X4S key +* `PSA_JPAKE_X4S_STEP_ZK_PROOF`     Round 2: input Schnorr NIZKP proof for the X4S key + +The core checks that `input_length` is not greater than `PSA_PAKE_INPUT_SIZE(alg, prim, step)` and +the driver can rely on that. + +### PAKE driver get implicit key + +``` +psa_status_t acme_pake_get_implicit_key( +                            acme_pake_operation_t *operation, +                            uint8_t *output, size_t output_size, + size_t *output_length ); +``` + +* `operation` The driver PAKE operation object to use. +* `output` Buffer where the implicit key is to be written. +* `output_size` Size of the output buffer in bytes. +* `output_length` On success, the number of bytes of the implicit key. ### Driver entry points for key management @@ -340,8 +772,9 @@ psa_status_t acme_generate_key(const psa_key_attributes_t *attributes, size_t key_buffer_size, size_t *key_buffer_length); ``` +Additionally, opaque drivers can create keys through their [`"key_derivation_output_key"`](#key-derivation-driver-outputs) and [`"key_agreement_key"`](#key-agreement) entry points. Transparent drivers can create key material through their [`"derive_key"`](#transparent-cooked-key-derivation) entry point. -TODO: derivation, copy +TODO: copy * The key attributes (`attributes`) have the same semantics as in the PSA Cryptography application interface. * For the `"import_key"` entry point, the input in the `data` buffer is either the export format or an implementation-specific format that the core documents as an acceptable input format for `psa_import_key()`. @@ -474,7 +907,7 @@ psa_status_t acme_import_key(const psa_key_attributes_t *attributes, This entry point has several roles: 1. Parse the key data in the input buffer `data`. The driver must support the export format for the key types that the entry point is declared for. It may support additional formats as specified in the description of [`psa_import_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) in the PSA Cryptography API specification. -2. Validate the key data. The necessary validation is described in the section [“Key validation with transparent drivers”](#key-validation-with-transparent-drivers) above. +2. Validate the key data. The necessary validation is described in the section [“Key validation”](#key-validation) above. 3. [Determine the key size](#key-size-determination-on-import) and output it through `*bits`. 4. Copy the validated key data from `data` to `key_buffer`. The output must be in the canonical format documented for [`psa_export_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_key) or [`psa_export_public_key()`](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#c.psa_export_public_key), so if the input is not in this format, the entry point must convert it. @@ -664,7 +1097,7 @@ If the key is stored in wrapped form outside the secure element, and the wrapped Opaque drivers may provide the following key management entry points: -* `"export_key"`: called by `psa_export_key()`, or by `psa_copy_key()` when copying a key from or to a different [location](#lifetimes-and-locations). +* `"export_key"`: called by `psa_export_key()`, or by `psa_copy_key()` when copying a key from or to a different [location](#lifetimes-and-locations), or [as a fallback for key derivation](#key-derivation-driver-dispatch-logic). * `"export_public_key"`: called by the core to obtain the public key of a key pair. The core may call this entry point at any time to obtain the public key, which can be for `psa_export_public_key()` but also at other times, including during a cryptographic operation that requires the public key such as a call to `psa_verify_message()` on a key pair object. * `"import_key"`: called by `psa_import_key()`, or by `psa_copy_key()` when copying a key from another location. * `"generate_key"`: called by `psa_generate_key()`. @@ -935,6 +1368,12 @@ Should drivers really have to cope with overlap? Should the core guarantee that the output buffer size has the size indicated by the applicable buffer size macro (which may be an overestimation)? +#### Key derivation inputs and buffer ownership + +Why is `psa_crypto_driver_key_derivation_get_input_bytes` a copy, rather than giving a pointer? + +The main reason is to avoid complex buffer ownership. A driver entry point does not own memory after the entry point return. This is generally necessary because an API function does not own memory after the entry point returns. In the case of key derivation inputs, this could be relaxed because the driver entry point is making callbacks to the core: these functions could return a pointer that is valid until the driver entry point returns, which would allow the driver to process the data immediately (e.g. hash it rather than copy it). + ### Partial computations in drivers #### Substitution points @@ -978,6 +1417,18 @@ An example use case for updating the persistent state at arbitrary times is to r `psa_crypto_driver_get_persistent_state` does not identify the calling driver, so the driver needs to remember which driver it's calling. This may require a thread-local variable in a multithreaded core. Is this ok? +#### Open questions around cooked key derivation + +`"derive_key"` is not a clear name. Can we use a better one? + +For the `"derive_key"` entry point, how does the core choose `input_length`? Doesn't the driver know better? Should there be a driver entry point to determine the length, or should there be a callback that allows the driver to retrieve the input? Note that for some key types, it's impossible to predict the amount of input in advance, because it depends on some complex calculation or even on random data, e.g. if doing a randomized pseudo-primality test. However, for all key types except RSA, the specification mandates how the key is derived, which practically dictates how the pseudorandom key stream is consumed. So it's probably ok. + +#### Fallback for key derivation in opaque drivers + +Should [dispatch to an opaque driver](#key-derivation-driver-dispatch-logic) allow fallback, so that if `"key_derivation_setup"` returns `PSA_ERROR_NOT_SUPPORTED` then the core exports the key from the secure element instead? + +Should the ["`key_derivation_output_key`"](#key-derivation-driver-outputs) capability indicate which key types the driver can derive? How should fallback work? For example, consider a secure element that implements HMAC, HKDF and ECDSA, and that can derive an HMAC key from HKDF without exporting intermediate material but can only import or randomly generate ECC keys. How does this driver convey that it can't derive an ECC key with HKDF, but it can let the core do this and import the resulting key? + ### Randomness #### Input to `"add_entropy"` diff --git a/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md b/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md index 6144aada6..8875921b2 100644 --- a/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md +++ b/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md @@ -1,11 +1,11 @@ -Migrating to an auto generated psa_crypto_driver_wrappers.c file +Migrating to an auto generated psa_crypto_driver_wrappers.h file ================================================================ -**This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.** - -This document describes how to migrate to the auto generated psa_crypto_driver_wrappers.c file. +This document describes how to migrate to the auto generated psa_crypto_driver_wrappers.h file. It is meant to give the library user migration guidelines while the Mbed TLS project tides over multiple minor revs of version 1.0, after which this will be merged into psa-driver-interface.md. +For a practical guide with a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). + ## Introduction The design of the Driver Wrappers code generation is based on the design proposal https://github.com/Mbed-TLS/mbedtls/pull/5067 @@ -27,10 +27,10 @@ While that is the larger goal, for version 1.1 here's what's changed #### What's changed -(1) psa_crypto_driver_wrappers.c will from this point on be auto generated. -(2) The auto generation is based on the template file at **scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja**. -(3) The driver JSONS to be used for generating the psa_crypto_driver_wrappers.c file can be found at **scripts/data_files/driver_jsons/** as their default location, this path includes the schemas against which the driver schemas will be validated (driver_opaque_schema.json, driver_transparent_schema.json) and a driverlist.json which specifies the drivers to be considered and the order in which they want to be called into. The default location for driverlist.json and driver JSONS can be overloaded by passing an argument --json-dir while running the script generate_driver_wrappers.py. -(4) While the complete driver wrapper templating support is yet to come in, if the library user sees a need to patch psa_crypto_driver_wrappers.c file, the user will need to patch into the template file as needed (psa_crypto_driver_wrappers.c.jinja). +(1) psa_crypto_driver_wrappers.h will from this point on be auto generated. +(2) The auto generation is based on the template file at **scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja**. +(3) The driver JSONS to be used for generating the psa_crypto_driver_wrappers.h file can be found at **scripts/data_files/driver_jsons/** as their default location, this path includes the schemas against which the driver schemas will be validated (driver_opaque_schema.json, driver_transparent_schema.json) and a driverlist.json which specifies the drivers to be considered and the order in which they want to be called into. The default location for driverlist.json and driver JSONS can be overloaded by passing an argument --json-dir while running the script generate_driver_wrappers.py. +(4) While the complete driver wrapper templating support is yet to come in, if the library user sees a need to patch psa_crypto_driver_wrappers.h file, the user will need to patch into the template file as needed (psa_crypto_driver_wrappers.h.jinja). #### How to set your driver up diff --git a/docs/psa-driver-example-and-guide.md b/docs/psa-driver-example-and-guide.md new file mode 100644 index 000000000..d041723a0 --- /dev/null +++ b/docs/psa-driver-example-and-guide.md @@ -0,0 +1,180 @@ +# PSA Cryptoprocessor driver development examples + +As of Mbed TLS 3.4.0, the PSA Driver Interface has only been partially implemented. As a result, the deliverables for writing a driver and the method for integrating a driver with Mbed TLS will vary depending on the operation being accelerated. This document describes how to write and integrate cryptoprocessor drivers depending on which operation or driver type is being implemented. + +The `docs/proposed/` directory contains three documents which pertain to the proposed, work-in-progress driver system. The [PSA Driver Interface](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-driver-interface.md) describes how drivers will interface with Mbed TLS in the future, as well as driver types, operation types, and entry points. As many key terms and concepts used in the examples in this document are defined in the PSA Driver Interface, it is recommended that developers read it prior to starting work on implementing drivers. +The PSA Driver [Developer](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-driver-developer-guide.md) Guide describes the deliverables for writing a driver that can be used with Mbed TLS, and the PSA Driver [Integration](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-driver-integration-guide.md) Guide describes how a driver can be built alongside Mbed TLS. + +## Contents: +[Background on how Mbed TLS calls drivers](#background-on-how-mbed-tls-calls-drivers)\ +[Process for Entry Points where auto-generation is implemented](#process-for-entry-points-where-auto-generation-is-implemented) \ +[Process for Entry Points where auto-generation is not implemented](#process-for-entry-points-where-auto-generation-is-not-implemented) \ +[Example: Manually integrating a software accelerator alongside Mbed TLS](#example-manually-integrating-a-software-accelerator-alongside-mbed-tls) + +## Background on how Mbed TLS calls drivers + +The PSA Driver Interface specification specifies which cryptographic operations can be accelerated by third-party drivers. Operations that are completed within one step (one function call), such as verifying a signature, are called *Single-Part Operations*. On the other hand, operations that consist of multiple steps implemented by different functions called sequentially are called *Multi-Part Operations*. Single-part operations implemented by a driver will have one entry point, while multi-part operations will have multiple: one for each step. + +There are two types of drivers: *transparent* or *opaque*. See below an excerpt from the PSA Driver Interface specification defining them: +* **Transparent** drivers implement cryptographic operations on keys that are provided in cleartext at the beginning of each operation. They are typically used for hardware **accelerators**. When a transparent driver is available for a particular combination of parameters (cryptographic algorithm, key type and size, etc.), it is used instead of the default software implementation. Transparent drivers can also be pure software implementations that are distributed as plug-ins to a PSA Cryptography implementation (for example, an alternative implementation with different performance characteristics, or a certified implementation). +* **Opaque** drivers implement cryptographic operations on keys that can only be used inside a protected environment such as a **secure element**, a hardware security module, a smartcard, a secure enclave, etc. An opaque driver is invoked for the specific [key location](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-driver-interface.md#lifetimes-and-locations) that the driver is registered for: the dispatch is based on the key's lifetime. + +Mbed TLS contains a **driver dispatch layer** (also called a driver wrapper layer). For each cryptographic operation that supports driver acceleration (or sub-part of a multi-part operation), the library calls the corresponding function in the driver wrapper. Using flags set at compile time, the driver wrapper ascertains whether any present drivers support the operation. When no such driver is present, the built-in library implementation is called as a fallback (if allowed). When a compatible driver is present, the driver wrapper calls the driver entry point function provided by the driver author. + +The long-term goal is for the driver dispatch layer to be auto-generated using a JSON driver description file provided by the driver author. +For some cryptographic operations, this auto-generation logic has already been implemented. When accelerating these operations, the instructions in the above documents can be followed. For the remaining operations which do not yet support auto-generation of the driver wrapper, developers will have to manually edit the driver dispatch layer and call their driver's entry point functions from there. + +Auto-generation of the driver wrapper is supported for the operation entry points specified in the table below. Certain operations are only permitted for opaque drivers. All other operation entry points do not support auto-generation of the driver wrapper. + +| Transparent Driver | Opaque Driver | +|---------------------|---------------------| +| `import_key` | `import_key` | +| `export_public_key` | `export_public_key` | +| | `export_key` | +| | `copy_key` | +| | `get_builtin_key` | + +### Process for Entry Points where auto-generation is implemented + +If the driver is accelerating operations whose entry points are in the above table, the instructions in the driver [developer](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-driver-developer-guide.md) and [integration](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/psa-driver-integration-guide.md) guides should be followed. + +There are three deliverables for creating such a driver. These are: + - A driver description file (in JSON format). + - C header files defining the types required by the driver description. The names of these header files are declared in the driver description file. + - An object file compiled for the target platform defining the functions required by the driver description. Implementations may allow drivers to be provided as source files and compiled with the core instead of being pre-compiled. + +The Mbed TLS driver tests for the aforementioned entry points provide examples of how these deliverables can be implemented. For sample driver description JSON files, see [`mbedtls_test_transparent_driver.json`](https://github.com/Mbed-TLS/mbedtls/blob/development/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json) or [`mbedtls_test_opaque_driver.json`](https://github.com/Mbed-TLS/mbedtls/blob/development/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json). The header file required by the driver description is [`test_driver.h`](https://github.com/Mbed-TLS/mbedtls/blob/development/tests/include/test/drivers/test_driver.h). As Mbed TLS tests are built from source, there is no object file for the test driver. However, the source for the test driver can be found under `tests/src/drivers`. + +### Process for Entry Points where auto-generation is not implemented + +If the driver is accelerating operations whose entry points are not present in the table, a different process is followed where the developer manually edits the driver dispatch layer. The following steps describe this process. Steps 1, 2, 3, and 7 only need to be done once *per driver*. Steps 4, 5, and 6 must be done *for each single-part operation* or *for each sub-part of a multi-part operation* implemented by the driver. + +**1. Choose a driver prefix and a macro name that indicates whether the driver is enabled** \ +A driver prefix is simply a word (often the name of the driver) that all functions/macros associated with the driver should begin with. This is similar to how most functions/macros in Mbed TLS begin with `PSA_XXX/psa_xxx` or `MBEDTLS_XXX/mbedtls_xxx`. The macro name can follow the form `DRIVER_PREFIX_ENABLED` or something similar; it will be used to indicate the driver is available to be called. When building with the driver present, define this macro at compile time. + +**2. Include the following in one of the driver header files:** +``` +#if defined(DRIVER_PREFIX_ENABLED) +#ifndef PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT +#define PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT +#endif + +// other definitions here + +#endif +``` + +**3. Conditionally include header files required by the driver** +Include any header files required by the driver in `psa_crypto_driver_wrappers.h`, placing the `#include` statements within an `#if defined` block which checks if the driver is available: +``` +#if defined(DRIVER_PREFIX_ENABLED) +#include ... +#endif +``` + + +**4. For each operation being accelerated, locate the function in the driver dispatch layer that corresponds to the entry point of that operation.** \ +The file `psa_crypto_driver_wrappers.h.jinja` and `psa_crypto_driver_wrappers_no_static.c.jinja` contains the driver wrapper functions. For the entry points that have driver wrapper auto-generation implemented, the functions have been replaced with `jinja` templating logic. While the file has a `.jinja` extension, the driver wrapper functions for the remaining entry points are simple C functions. The names of these functions are of the form `psa_driver_wrapper` followed by the entry point name. So, for example, the function `psa_driver_wrapper_sign_hash()` corresponds to the `sign_hash` entry point. + +**5. If a driver entry point function has been provided then ensure it has the same signature as the driver wrapper function.** \ +If one has not been provided then write one. Its name should begin with the driver prefix, followed by transparent/opaque (depending on driver type), and end with the entry point name. It should have the same signature as the driver wrapper function. The purpose of the entry point function is to take arguments in PSA format for the implemented operation and return outputs/status codes in PSA format. \ +*Return Codes:* +* `PSA_SUCCESS`: Successful Execution +* `PSA_ERROR_NOT_SUPPORTED`: Input arguments are correct, but the driver does not support the operation. If a transparent driver returns this then it allows fallback to another driver or software implementation. +* `PSA_ERROR_XXX`: Any other PSA error code, see API documentation + +**6. Modify the driver wrapper function** \ +Each driver wrapper function contains a `switch` statement which checks the location of the key. If the key is stored in local storage, then operations are performed by a transparent driver. If it is stored elsewhere, then operations are performed by an opaque driver. + * **Transparent drivers:** Calls to driver entry points go under `case PSA_KEY_LOCATION_LOCAL_STORAGE`. + * **Opaque Drivers** Calls to driver entry points go in a separate `case` block corresponding to the key location. + + +The diagram below shows the layout of a driver wrapper function which can dispatch to two transparent drivers `Foo` and `Bar`, and one opaque driver `Baz`. + + ``` +psa_driver_wrapper_xxx() +├── switch(location) +| | +| ├── case PSA_KEY_LOCATION_LOCAL_STORAGE //transparent driver +| | ├── #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +| | | ├── #if defined(FOO_DRIVER_PREFIX_ENABLED) +| | | | ├── if(//conditions for foo driver capibilities) +| | | | ├── foo_driver_transparent_xxx() //call to driver entry point +| | | | ├── if (status != PSA_ERROR_NOT_SUPPORTED) return status +| | | ├── #endif +| | | ├── #if defined(BAR_DRIVER_PREFIX_ENABLED) +| | | | ├── if(//conditions for bar driver capibilities) +| | | | ├── bar_driver_transparent_xxx() //call to driver entry point +| | | | ├── if (status != PSA_ERROR_NOT_SUPPORTED) return status +| | | ├── #endif +| | ├── #endif +| | +| ├── case SECURE_ELEMENT_LOCATION //opaque driver +| | ├── #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +| | | ├── #if defined(BAZ_DRIVER_PREFIX_ENABLED) +| | | | ├── if(//conditions for baz driver capibilities) +| | | | ├── baz_driver_opaque_xxx() //call to driver entry point +| | | | ├── if (status != PSA_ERROR_NOT_SUPPORTED) return status +| | | ├── #endif +| | ├── #endif +└── return psa_xxx_builtin() // fall back to built in implementation + ``` + +All code related to driver calls within each `case` must be contained between `#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)` and a corresponding `#endif`. Within this block, each individual driver's compatibility checks and call to the entry point must be contained between `#if defined(DRIVER_PREFIX_ENABLED)` and a corresponding `#endif`. Checks that involve accessing key material using PSA macros, such as determining the key type or number of bits, must be done in the driver wrapper. + +**7. Build Mbed TLS with the driver** +This guide assumes you are building Mbed TLS from source alongside your project. If building with a driver present, the chosen driver macro (`DRIVER_PREFIX_ENABLED`) must be defined. This can be done in two ways: +* *At compile time via flags.* This is the preferred option when your project uses Mbed TLS mostly out-of-the-box without significantly modifying the configuration. This can be done by passing the option via `CFLAGS`. + * **Make**: + ``` + make CFLAGS="-DDRIVER_PREFIX_ENABLED" + ``` + * **CMake**: CFLAGS must be passed to CMake when it is invoked. Invoke CMake with + + ``` + CFLAGS="-DDRIVER_PREFIX_ENABLED" cmake path/to/source + ``` +* *Providing a user config file.* This is the preferred option when your project requires a custom configuration that is significantly different to the default. Define the macro for the driver, along with any other custom configurations in a separate header file, then use `config.py`, to set `MBEDTLS_USER_CONFIG_FILE`, providing the path to the defined header file. This will include your custom config file after the default. If you wish to completely replace the default config file, set `MBEDTLS_CONFIG_FILE` instead. + +### Example: Manually integrating a software accelerator alongside Mbed TLS + +[p256-m](https://github.com/mpg/p256-m) is a minimalistic implementation of ECDH and ECDSA on the NIST P-256 curve, specifically optimized for use in constrained 32-bit environments. It started out as an independent project and has been integrated in Mbed TLS as a PSA transparent driver. The source code of p256-m and the driver entry points is located in the Mbed TLS source tree under `3rdparty/p256-m`. In this section, we will look at how this integration was done. + +The Mbed TLS build system includes the instructions needed to build p256-m. To build with and use p256-m, set the macro `MBEDTLS_PSA_P256M_DRIVER_ENABLED` using `config.py`, then build as usual using make/cmake. From the root of the `mbedtls/` directory, run: + + python3 scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + python3 scripts/config.py set MBEDTLS_PSA_P256M_DRIVER_ENABLED + make + +(You need extra steps if you want to disable the built-in implementation of ECC algorithms, which includes more features than p256-m. Refer to the documentation of `MBEDTLS_PSA_P256M_DRIVER_ENABLED` and [`driver-only-builds.md`](driver-only-builds.md) for more information.) + +The driver prefix for p256-m is `P256`/`p256`. +The p256-m driver implements the following entry points: `"import_key"`, `"export_public_key"`, `"generate_key"`, `"key_agreement"`, `"sign_hash"`, `"verify_hash"`. +There are no entry points for `"sign_message"` and `"verify_message"`, which are not necessary for a sign-and-hash algorithm. The core still implements these functions by doing the hashes and then calling the sign/verify-hash entry points. +The driver entry point functions can be found in `p256m_driver_entrypoints.[hc]`. These functions act as an interface between Mbed TLS and p256-m; converting between PSA and p256-m argument formats and performing sanity checks. If the driver's status codes differ from PSA's, it is recommended to implement a status code translation function. The function `p256_to_psa_error()` converts error codes returned by p256-m into PSA error codes. + +The driver wrapper functions in `psa_crypto_driver_wrappers.h.jinja` for all four entry points have also been modified. The code block below shows the additions made to `psa_driver_wrapper_sign_hash()`. In adherence to the defined process, all code related to the driver call is placed within a check for `MBEDTLS_PSA_P256M_DRIVER_ENABLED`. p256-m only supports non-deterministic ECDSA using keys based on NIST P256; these constraints are enforced through checks (see the `if` statement). Checks that involve accessing key attributes, (e.g. checking key type or bits) **must** be performed in the driver wrapper. This is because this information is marked private and may not be accessed outside the library. Other checks can be performed here or in the entry point function. The status returned by the driver is propagated up the call hierarchy **unless** the driver does not support the operation (i.e. return `PSA_ERROR_NOT_SUPPORTED`). In that case the next available driver/built-in implementation is called. + +``` +#if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) + if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) && + PSA_ALG_IS_ECDSA(alg) && + !PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) && + PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) == PSA_ECC_FAMILY_SECP_R1 && + attributes->core.bits == 256 ) + { + status = p256_transparent_sign_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + } +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ +``` +Following this, p256-m is now ready to use alongside Mbed TLS as a software accelerator. If `MBEDTLS_PSA_P256M_DRIVER_ENABLED` is set in the config, p256-m's implementations of key generation, ECDH, and ECDSA will be used where applicable. diff --git a/docs/redirects.yaml b/docs/redirects.yaml new file mode 100644 index 000000000..7ea1d9550 --- /dev/null +++ b/docs/redirects.yaml @@ -0,0 +1,11 @@ +# Readthedocs redirects +# See https://docs.readthedocs.io/en/stable/user-defined-redirects.html +# +# Changes to this file do not take effect until they are merged into the +# 'development' branch. This is because the API token (RTD_TOKEN) is not +# made available in PR jobs - preventing bad actors from crafting PRs to +# expose it. + +- type: exact + from_url: /projects/api/en/latest/$rest + to_url: /projects/api/en/development/ diff --git a/docs/requirements.in b/docs/requirements.in new file mode 100644 index 000000000..14d618c79 --- /dev/null +++ b/docs/requirements.in @@ -0,0 +1,3 @@ +breathe +readthedocs-cli +sphinx-rtd-theme diff --git a/docs/requirements.txt b/docs/requirements.txt new file mode 100644 index 000000000..a1bfd8237 --- /dev/null +++ b/docs/requirements.txt @@ -0,0 +1,82 @@ +# +# This file is autogenerated by pip-compile with Python 3.9 +# by the following command: +# +# pip-compile requirements.in +# +alabaster==0.7.13 + # via sphinx +babel==2.12.1 + # via sphinx +breathe==4.35.0 + # via -r requirements.in +certifi==2022.12.7 + # via requests +charset-normalizer==3.1.0 + # via requests +click==8.1.3 + # via readthedocs-cli +docutils==0.17.1 + # via + # breathe + # sphinx + # sphinx-rtd-theme +idna==3.4 + # via requests +imagesize==1.4.1 + # via sphinx +importlib-metadata==6.0.0 + # via sphinx +jinja2==3.1.2 + # via sphinx +markdown-it-py==2.2.0 + # via rich +markupsafe==2.1.2 + # via jinja2 +mdurl==0.1.2 + # via markdown-it-py +packaging==23.0 + # via sphinx +pygments==2.14.0 + # via + # rich + # sphinx +pyyaml==6.0 + # via readthedocs-cli +readthedocs-cli==4 + # via -r requirements.in +requests==2.28.2 + # via + # readthedocs-cli + # sphinx +rich==13.3.5 + # via readthedocs-cli +snowballstemmer==2.2.0 + # via sphinx +sphinx==4.5.0 + # via + # breathe + # sphinx-rtd-theme +sphinx-rtd-theme==1.2.0 + # via -r requirements.in +sphinxcontrib-applehelp==1.0.4 + # via sphinx +sphinxcontrib-devhelp==1.0.2 + # via sphinx +sphinxcontrib-htmlhelp==2.0.1 + # via sphinx +sphinxcontrib-jquery==2.0.0 + # via sphinx-rtd-theme +sphinxcontrib-jsmath==1.0.1 + # via sphinx +sphinxcontrib-qthelp==1.0.3 + # via sphinx +sphinxcontrib-serializinghtml==1.1.5 + # via sphinx +urllib3==1.26.15 + # via requests +zipp==3.15.0 + # via importlib-metadata + +# The following packages are considered to be unsafe in a requirements file: +# setuptools diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md index fc5317af8..92d098524 100644 --- a/docs/use-psa-crypto.md +++ b/docs/use-psa-crypto.md @@ -1,22 +1,68 @@ This document describes the compile-time configuration option `MBEDTLS_USE_PSA_CRYPTO` from a user's perspective. -This option makes the X.509 and TLS library use PSA for cryptographic -operations, and enables new APIs for using keys handled by PSA Crypto. +This option: +- makes the X.509 and TLS libraries use PSA for cryptographic operations as + much as possible, see "Internal changes" below; +- enables new APIs for using keys handled by PSA Crypto, such as + `mbedtls_pk_setup_opaque()` and `mbedtls_ssl_conf_psk_opaque()`, see +"New APIs / API extensions" below. General considerations ---------------------- **Application code:** when this option is enabled, you need to call `psa_crypto_init()` before calling any function from the SSL/TLS, X.509 or PK -module. +modules, except for the various mbedtls_xxx_init() functions which can be called +at any time. -**Scope:** `MBEDTLS_USE_PSA_CRYPTO` has no effect on the parts of the code that -are specific to TLS 1.3; those parts always use PSA Crypto. The parts of the -TLS 1.3 code that are common with TLS 1.2, however, follow this option; -currently this is the record protection code, computation of the running -handshake hash, and X.509. You need to enable `MBEDTLS_USE_PSA_CRYPTO` if you -want TLS 1.3 to use PSA everywhere. +**Why enable this option:** to fully take advantage of PSA drivers in PK, +X.509 and TLS. For example, enabling this option is what allows use of drivers +for ECDSA, ECDH and EC J-PAKE in those modules. However, note that even with +this option disabled, some code in PK, X.509, TLS or the crypto library might +still use PSA drivers, if it can determine it's safe to do so; currently +that's the case for hashes. + +**Relationship with other options:** This option depends on +`MBEDTLS_PSA_CRYPTO_C`. These two options differ in the following way: +- `MBEDTLS_PSA_CRYPTO_C` enables the implementation of the PSA Crypto API. + When it is enabled, `psa_xxx()` APIs are available and you must call +`psa_crypto_init()` before you call any other `psa_xxx()` function. Other +modules in the library (non-PSA crypto APIs, X.509, TLS) may or may not use +PSA Crypto but you're not required to call `psa_crypto_init()` before calling +non-PSA functions, unless explicitly documented (TLS 1.3). +- `MBEDTLS_USE_PSA_CRYPTO` means that X.509 and TLS will use PSA Crypto as + much as possible (that is, everywhere except for features that are not +supported by PSA Crypto, see "Internal Changes" below for a complete list of +exceptions). When it is enabled, you need to call `psa_crypto_init()` before +calling any function from PK, X.509 or TLS; however it doesn't change anything +for the rest of the library. + +**Scope:** `MBEDTLS_USE_PSA_CRYPTO` has no effect on modules other than PK, +X.509 and TLS. It also has no effect on most of the TLS 1.3 code, which always +uses PSA crypto. The parts of the TLS 1.3 code that will use PSA Crypto or not +depending on this option being set or not are: +- record protection; +- running handshake hash; +- asymmetric signature verification & generation; +- X.509 certificate chain verification. +You need to enable `MBEDTLS_USE_PSA_CRYPTO` if you want TLS 1.3 to use PSA +everywhere. + +**Historical note:** This option was introduced at a time when PSA Crypto was +still beta and not ready for production, so we made its use in X.509 and TLS +opt-in: by default, these modules would keep using the stable, +production-ready legacy (pre-PSA) crypto APIs. So, the scope of was X.509 and +TLS, as well as some of PK for technical reasons. Nowadays PSA Crypto is no +longer beta, and production quality, so there's no longer any reason to make +its use in other modules opt-in. However, PSA Crypto functions require that +`psa_crypto_init()` has been called before their use, and for backwards +compatibility reasons we can't impose this requirement on non-PSA functions +that didn't have such a requirement before. So, nowadays the main meaning of +`MBEDTLS_USE_PSA_CRYPTO` is that the user promises to call `psa_crypto_init()` +before calling any PK, X.509 or TLS functions. For the same compatibility +reasons, we can't extend its scope. However, new modules in the library, such +as TLS 1.3, can be introduced with a requirement to call `psa_crypto_init()`. New APIs / API extensions ------------------------- @@ -60,6 +106,19 @@ register a PSA key for use with a PSK key exchange. **Use in TLS:** opt-in. The application needs to register the key using one of the new APIs to get the benefits. +### PSA-held (opaque) keys for TLS 1.2 EC J-PAKE key exchange + +**New API function:** `mbedtls_ssl_set_hs_ecjpake_password_opaque()`. +Call this function from an application to register a PSA key for use with the +TLS 1.2 EC J-PAKE key exchange. + +**Benefits:** isolation of long-term secrets. + +**Limitations:** none. + +**Use in TLS:** opt-in. The application needs to register the key using one of +the new APIs to get the benefits. + ### PSA-based operations in the Cipher layer There is a new API function `mbedtls_cipher_setup_psa()` to set up a context diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index 7c6464fa9..b67237fbc 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -22,73 +22,10 @@ */ /** - * @mainpage mbed TLS v3.3.0 source code documentation + * @mainpage Mbed TLS v3.5.0 API Documentation * - * This documentation describes the internal structure of mbed TLS. It was + * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in - * mbed TLS's source code using Doxygen. (See - * http://www.stack.nl/~dimitri/doxygen/ for more information on Doxygen) - * - * mbed TLS has a simple setup: it provides the ingredients for an SSL/TLS - * implementation. These ingredients are listed as modules in the - * \ref mainpage_modules "Modules section". This "Modules section" introduces - * the high-level module concepts used throughout this documentation.\n - * Some examples of mbed TLS usage can be found in the \ref mainpage_examples - * "Examples section". - * - * @section mainpage_modules Modules - * - * mbed TLS supports TLSv1.0 up to TLSv1.2 communication by providing the - * following: - * - TCP/IP communication functions: listen, connect, accept, read/write. - * - SSL/TLS communication functions: init, handshake, read/write. - * - X.509 functions: CRT, CRL and key handling - * - Random number generation - * - Hashing - * - Encryption/decryption - * - * Above functions are split up neatly into logical interfaces. These can be - * used separately to provide any of the above functions or to mix-and-match - * into an SSL server/client solution that utilises a X.509 PKI. Examples of - * such implementations are amply provided with the source code. - * - * Note that mbed TLS does not provide a control channel or (multiple) session - * handling without additional work from the developer. - * - * @section mainpage_examples Examples - * - * Example server setup: - * - * \b Prerequisites: - * - X.509 certificate and private key - * - session handling functions - * - * \b Setup: - * - Load your certificate and your private RSA key (X.509 interface) - * - Setup the listening TCP socket (TCP/IP interface) - * - Accept incoming client connection (TCP/IP interface) - * - Initialise as an SSL-server (SSL/TLS interface) - * - Set parameters, e.g. authentication, ciphers, CA-chain, key exchange - * - Set callback functions RNG, IO, session handling - * - Perform an SSL-handshake (SSL/TLS interface) - * - Read/write data (SSL/TLS interface) - * - Close and cleanup (all interfaces) - * - * Example client setup: - * - * \b Prerequisites: - * - X.509 certificate and private key - * - X.509 trusted CA certificates - * - * \b Setup: - * - Load the trusted CA certificates (X.509 interface) - * - Load your certificate and your private RSA key (X.509 interface) - * - Setup a TCP/IP connection (TCP/IP interface) - * - Initialise as an SSL-client (SSL/TLS interface) - * - Set parameters, e.g. authentication mode, ciphers, CA-chain, session - * - Set callback functions RNG, IO - * - Perform an SSL-handshake (SSL/TLS interface) - * - Verify the server certificate (SSL/TLS interface) - * - Write/read data (SSL/TLS interface) - * - Close and cleanup (all interfaces) + * Mbed TLS's source code using Doxygen. (See + * https://www.doxygen.nl for more information on Doxygen) */ diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 0c744daaa..98b2d7973 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "mbed TLS v3.3.0" +PROJECT_NAME = "Mbed TLS v3.5.0" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES @@ -18,6 +18,7 @@ HTML_OUTPUT = . HTML_TIMESTAMP = YES SEARCHENGINE = YES GENERATE_LATEX = NO +GENERATE_XML = YES MACRO_EXPANSION = YES EXPAND_ONLY_PREDEF = YES INCLUDE_PATH = ../include @@ -27,3 +28,28 @@ HAVE_DOT = YES DOT_GRAPH_MAX_NODES = 200 MAX_DOT_GRAPH_DEPTH = 1000 DOT_TRANSPARENT = YES + +# We mostly use \retval declarations to document which error codes a function +# can return. The reader can follow the hyperlink to the definition of the +# constant to get the generic documentation of that error code. If we don't +# have anything to say about the specific error code for the specific +# function, we can leave the description part of the \retval command blank. +# This is perfectly valid as far as Doxygen is concerned. However, with +# Clang >=15, the -Wdocumentation option emits a warning for empty +# descriptions. +# https://github.com/Mbed-TLS/mbedtls/issues/6960 +# https://github.com/llvm/llvm-project/issues/60315 +# As a workaround, you can write something like +# \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription +# This avoids writing redundant text and keeps Clang happy. +ALIASES += emptydescription="" + +# Define away Mbed TLS macros that make parsing definitions difficult. +# MBEDTLS_DEPRECATED is not included in this list as it's important to +# display deprecated status in the documentation. +PREDEFINED = "MBEDTLS_CHECK_RETURN_CRITICAL=" \ + "MBEDTLS_CHECK_RETURN_TYPICAL=" \ + "MBEDTLS_CHECK_RETURN_OPTIONAL=" \ + "MBEDTLS_PRINTF_ATTRIBUTE(a,b)=" \ + "__DOXYGEN__" \ + diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index e693bc17c..e11e2715a 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -1,4 +1,4 @@ -option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON) +option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON) if(INSTALL_MBEDTLS_HEADERS) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 42e1fe855..7c92162d1 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -76,6 +76,10 @@ typedef struct mbedtls_aes_context { int MBEDTLS_PRIVATE(nr); /*!< The number of rounds. */ size_t MBEDTLS_PRIVATE(rk_offset); /*!< The offset in array elements to AES round keys in the buffer. */ +#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && !defined(MBEDTLS_PADLOCK_C) + uint32_t MBEDTLS_PRIVATE(buf)[44]; /*!< Aligned data buffer to hold + 10 round keys for 128-bit case. */ +#else uint32_t MBEDTLS_PRIVATE(buf)[68]; /*!< Unaligned data buffer. This buffer can hold 32 extra Bytes, which can be used for one of the following purposes: @@ -84,6 +88,7 @@ typedef struct mbedtls_aes_context {
  • Simplifying key expansion in the 256-bit case by generating an extra round key.
    • */ +#endif /* MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH && !MBEDTLS_PADLOCK_C */ } mbedtls_aes_context; diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 587cbf8bd..7e55df7ec 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -259,10 +259,6 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, * \brief This function performs an ARIA-CTR encryption or decryption * operation. * - * This function performs the operation defined in the \p mode - * parameter (encrypt/decrypt), on the input data buffer - * defined in the \p input parameter. - * * Due to the nature of CTR, you must use the same key schedule * for both encryption and decryption operations. Therefore, you * must use the context initialized with mbedtls_aria_setkey_enc() diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index e15aeb3f8..a044543af 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -96,15 +96,14 @@ /* Slightly smaller way to check if tag is a string tag * compared to canonical implementation. */ -#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ - ((tag) < 32u && ( \ +#define MBEDTLS_ASN1_IS_STRING_TAG(tag) \ + ((unsigned int) (tag) < 32u && ( \ ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING) | \ (1u << MBEDTLS_ASN1_UTF8_STRING) | \ (1u << MBEDTLS_ASN1_T61_STRING) | \ (1u << MBEDTLS_ASN1_IA5_STRING) | \ (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) | \ - (1u << MBEDTLS_ASN1_PRINTABLE_STRING) | \ - (1u << MBEDTLS_ASN1_BIT_STRING))) != 0)) + (1u << MBEDTLS_ASN1_PRINTABLE_STRING))) != 0)) /* * Bit masks for each of the components of an ASN.1 tag as specified in @@ -210,6 +209,7 @@ typedef struct mbedtls_asn1_named_data { } mbedtls_asn1_named_data; +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) /** * \brief Get the length of an ASN.1 element. * Updates the pointer to immediately behind the length. @@ -256,7 +256,9 @@ int mbedtls_asn1_get_len(unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag); +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_ASN1_PARSE_C) /** * \brief Retrieve a boolean ASN.1 tag and its value. * Updates the pointer to immediately behind the full tag. @@ -474,7 +476,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq); * on a successful invocation. * \param end The end of the ASN.1 SEQUENCE container. * \param tag_must_mask A mask to be applied to the ASN.1 tags found within - * the SEQUENCE before comparing to \p tag_must_value. + * the SEQUENCE before comparing to \p tag_must_val. * \param tag_must_val The required value of each ASN.1 tag found in the * SEQUENCE, after masking with \p tag_must_mask. * Mismatching tags lead to an error. @@ -483,7 +485,7 @@ void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq); * while a value of \c 0xFF for \p tag_must_mask means * that \p tag_must_val is the only allowed tag. * \param tag_may_mask A mask to be applied to the ASN.1 tags found within - * the SEQUENCE before comparing to \p tag_may_value. + * the SEQUENCE before comparing to \p tag_may_val. * \param tag_may_val The desired value of each ASN.1 tag found in the * SEQUENCE, after masking with \p tag_may_mask. * Mismatching tags will be silently ignored. @@ -642,6 +644,8 @@ void mbedtls_asn1_free_named_data_list_shallow(mbedtls_asn1_named_data *name); /** \} name Functions to parse ASN.1 data structures */ /** \} addtogroup asn1_module */ +#endif /* MBEDTLS_ASN1_PARSE_C */ + #ifdef __cplusplus } #endif diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index acfc07391..6fe57c8f0 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -35,10 +35,20 @@ (g) += ret; \ } while (0) +#define MBEDTLS_ASN1_CHK_CLEANUP_ADD(g, f) \ + do \ + { \ + if ((ret = (f)) < 0) \ + goto cleanup; \ + else \ + (g) += ret; \ + } while (0) + #ifdef __cplusplus extern "C" { #endif +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) /** * \brief Write a length field in ASN.1 format. * @@ -67,7 +77,9 @@ int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, */ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag); +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */ +#if defined(MBEDTLS_ASN1_WRITE_C) /** * \brief Write raw buffer data. * @@ -154,6 +166,27 @@ int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, const char *oid, size_t oid_len, size_t par_len); +/** + * \brief Write an AlgorithmIdentifier sequence in ASN.1 format. + * + * \note This function works backwards in data buffer. + * + * \param p The reference to the current position pointer. + * \param start The start of the buffer, for bounds-checking. + * \param oid The OID of the algorithm to write. + * \param oid_len The length of the algorithm's OID. + * \param par_len The length of the parameters, which must be already written. + * \param has_par If there are any parameters. If 0, par_len must be 0. If 1 + * and \p par_len is 0, NULL parameters are added. + * + * \return The number of bytes written to \p p on success. + * \return A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure. + */ +int mbedtls_asn1_write_algorithm_identifier_ext(unsigned char **p, + const unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len, int has_par); + /** * \brief Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value * in ASN.1 format. @@ -363,4 +396,6 @@ mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data * } #endif +#endif /* MBEDTLS_ASN1_WRITE_C */ + #endif /* MBEDTLS_ASN1_WRITE_H */ diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index e8fb2de4b..eb8446ea8 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -63,7 +63,7 @@ #if !defined(MBEDTLS_MPI_WINDOW_SIZE) /* - * Maximum window size used for modular exponentiation. Default: 6 + * Maximum window size used for modular exponentiation. Default: 2 * Minimum value: 1. Maximum value: 6. * * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used @@ -71,7 +71,7 @@ * * Reduction in size, reduces speed. */ -#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */ +#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ #endif /* !MBEDTLS_MPI_WINDOW_SIZE */ #if !defined(MBEDTLS_MPI_MAX_SIZE) @@ -129,6 +129,7 @@ #endif /* !MBEDTLS_HAVE_INT64 */ typedef int64_t mbedtls_mpi_sint; typedef uint64_t mbedtls_mpi_uint; +#define MBEDTLS_MPI_UINT_MAX UINT64_MAX #elif defined(__GNUC__) && ( \ defined(__amd64__) || defined(__x86_64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \ @@ -141,6 +142,7 @@ typedef uint64_t mbedtls_mpi_uint; #endif /* MBEDTLS_HAVE_INT64 */ typedef int64_t mbedtls_mpi_sint; typedef uint64_t mbedtls_mpi_uint; +#define MBEDTLS_MPI_UINT_MAX UINT64_MAX #if !defined(MBEDTLS_NO_UDBL_DIVISION) /* mbedtls_t_udbl defined as 128-bit unsigned int */ typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); @@ -156,6 +158,7 @@ typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); #endif /* !MBEDTLS_HAVE_INT64 */ typedef int64_t mbedtls_mpi_sint; typedef uint64_t mbedtls_mpi_uint; +#define MBEDTLS_MPI_UINT_MAX UINT64_MAX #if !defined(MBEDTLS_NO_UDBL_DIVISION) /* mbedtls_t_udbl defined as 128-bit unsigned int */ typedef __uint128_t mbedtls_t_udbl; @@ -165,6 +168,7 @@ typedef __uint128_t mbedtls_t_udbl; /* Force 64-bit integers with unknown compiler */ typedef int64_t mbedtls_mpi_sint; typedef uint64_t mbedtls_mpi_uint; +#define MBEDTLS_MPI_UINT_MAX UINT64_MAX #endif #endif /* !MBEDTLS_HAVE_INT32 */ @@ -175,12 +179,22 @@ typedef uint64_t mbedtls_mpi_uint; #endif /* !MBEDTLS_HAVE_INT32 */ typedef int32_t mbedtls_mpi_sint; typedef uint32_t mbedtls_mpi_uint; +#define MBEDTLS_MPI_UINT_MAX UINT32_MAX #if !defined(MBEDTLS_NO_UDBL_DIVISION) typedef uint64_t mbedtls_t_udbl; #define MBEDTLS_HAVE_UDBL #endif /* !MBEDTLS_NO_UDBL_DIVISION */ #endif /* !MBEDTLS_HAVE_INT64 */ +/* + * Sanity check that exactly one of MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64 is defined, + * so that code elsewhere doesn't have to check. + */ +#if (!(defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64))) || \ + (defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)) +#error "Only 32-bit or 64-bit limbs are supported in bignum" +#endif + /** \typedef mbedtls_mpi_uint * \brief The type of machine digits in a bignum, called _limbs_. * @@ -203,6 +217,12 @@ extern "C" { * \brief MPI structure */ typedef struct mbedtls_mpi { + /** Pointer to limbs. + * + * This may be \c NULL if \c n is 0. + */ + mbedtls_mpi_uint *MBEDTLS_PRIVATE(p); + /** Sign: -1 if the mpi is negative, 1 otherwise. * * The number 0 must be represented with `s = +1`. Although many library @@ -214,16 +234,19 @@ typedef struct mbedtls_mpi { * Note that this implies that calloc() or `... = {0}` does not create * a valid MPI representation. You must call mbedtls_mpi_init(). */ - int MBEDTLS_PRIVATE(s); + signed short MBEDTLS_PRIVATE(s); /** Total number of limbs in \c p. */ - size_t MBEDTLS_PRIVATE(n); - - /** Pointer to limbs. - * - * This may be \c NULL if \c n is 0. + unsigned short MBEDTLS_PRIVATE(n); + /* Make sure that MBEDTLS_MPI_MAX_LIMBS fits in n. + * Use the same limit value on all platforms so that we don't have to + * think about different behavior on the rare platforms where + * unsigned short can store values larger than the minimum required by + * the C language, which is 65535. */ - mbedtls_mpi_uint *MBEDTLS_PRIVATE(p); +#if MBEDTLS_MPI_MAX_LIMBS > 65535 +#error "MBEDTLS_MPI_MAX_LIMBS > 65535 is not supported" +#endif } mbedtls_mpi; @@ -530,7 +553,7 @@ int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, * \param X The destination MPI. This must point to an initialized MPI. * \param buf The input buffer. This must be a readable buffer of length * \p buflen Bytes. - * \param buflen The length of the input buffer \p p in Bytes. + * \param buflen The length of the input buffer \p buf in Bytes. * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. @@ -545,7 +568,7 @@ int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, * \param X The destination MPI. This must point to an initialized MPI. * \param buf The input buffer. This must be a readable buffer of length * \p buflen Bytes. - * \param buflen The length of the input buffer \p p in Bytes. + * \param buflen The length of the input buffer \p buf in Bytes. * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. @@ -594,6 +617,8 @@ int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, * \brief Perform a left-shift on an MPI: X <<= count * * \param X The MPI to shift. This must point to an initialized MPI. + * The MPI pointed by \p X may be resized to fit + * the resulting number. * \param count The number of bits to shift by. * * \return \c 0 if successful. @@ -983,8 +1008,8 @@ int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than * or equal to one. - * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse - * with respect to \p N. + * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular + * inverse with respect to \p N. */ int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N); @@ -1005,7 +1030,7 @@ int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, * This must point to an initialized MPI. * \param rounds The number of bases to perform the Miller-Rabin primality * test for. The probability of returning 0 on a composite is - * at most 2-2*\p rounds. + * at most 2-2*\p rounds . * \param f_rng The RNG function to use. This must not be \c NULL. * \param p_rng The RNG parameter to be passed to \p f_rng. * This may be \c NULL if \p f_rng doesn't use diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index bbfd5d48d..842f15c58 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -1,5 +1,5 @@ /** - * \file build_info.h + * \file mbedtls/build_info.h * * \brief Build-time configuration info * @@ -37,7 +37,7 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 3 -#define MBEDTLS_VERSION_MINOR 3 +#define MBEDTLS_VERSION_MINOR 5 #define MBEDTLS_VERSION_PATCH 0 /** @@ -45,9 +45,34 @@ * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x03030000 -#define MBEDTLS_VERSION_STRING "3.3.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 3.3.0" +#define MBEDTLS_VERSION_NUMBER 0x03050000 +#define MBEDTLS_VERSION_STRING "3.5.0" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.0" + +/* Macros for build-time platform detection */ + +#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ + (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_ARCH_IS_ARM64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ + (defined(__arm__) || defined(_M_ARM) || \ + defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_ARCH_IS_ARM32 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) +#define MBEDTLS_ARCH_IS_X64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X86) && \ + (defined(__i386__) || defined(_X86_) || \ + (defined(_M_IX86) && !defined(_M_I86))) +#define MBEDTLS_ARCH_IS_X86 +#endif #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 @@ -59,6 +84,7 @@ #define inline __inline #endif +/* X.509, TLS and non-PSA crypto configuration */ #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/mbedtls_config.h" #else @@ -80,64 +106,53 @@ #include MBEDTLS_USER_CONFIG_FILE #endif -/* The PK wrappers need pk_write functions to format RSA key objects - * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO, - * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). - * PSA crypto also needs pk_write to export RSA keys (otherwise the build - * goes through but psa_export_key() and psa_export_public_key() fail on - * RSA keys), and pk_parse to work with RSA keys in almost any way. +/* PSA crypto configuration */ +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) +#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE +#else +#include "psa/crypto_config.h" +#endif +#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) +#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE +#endif +#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */ + +/* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if + * MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined + * to ensure a 128-bit key size in CTR_DRBG. */ -#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) -#define MBEDTLS_PK_C -#define MBEDTLS_PK_WRITE_C -#define MBEDTLS_PK_PARSE_C +#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && defined(MBEDTLS_CTR_DRBG_C) +#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY #endif -/* Under MBEDTLS_USE_PSA_CRYPTO, the pk module needs pk_write functions - * to pass ECC keys to PSA. */ -#if defined(MBEDTLS_PK_C) && \ - defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECP_C) -#define MBEDTLS_PK_WRITE_C +/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it + * in a previous release, to ensure backwards compatibility. + */ +#if defined(MBEDTLS_PKCS5_C) +#define MBEDTLS_MD_C #endif -#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) -#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED -#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -#endif - -#if !defined(MBEDTLS_SSL_PROTO_TLS1_3) -#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED -#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED -#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -#undef MBEDTLS_SSL_EARLY_DATA -#endif - -#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) || \ - defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) -#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED -#endif - -#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) || \ - defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) -#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED -#endif - -/* Make sure all configuration symbols are set before including check_config.h, - * even the ones that are calculated programmatically. */ +/* PSA crypto specific configuration options + * - If config_psa.h reads a configuration option in preprocessor directive, + * this symbol should be set before its inclusion. (e.g. MBEDTLS_MD_C) + * - If config_psa.h writes a configuration option in conditional directive, + * this symbol should be consulted after its inclusion. + * (e.g. MBEDTLS_MD_LIGHT) + */ #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) /* PSA_WANT_xxx influences MBEDTLS_xxx */ || \ defined(MBEDTLS_PSA_CRYPTO_C) /* MBEDTLS_xxx influences PSA_WANT_xxx */ #include "mbedtls/config_psa.h" #endif +#include "mbedtls/config_adjust_legacy_crypto.h" + +#include "mbedtls/config_adjust_x509.h" + +#include "mbedtls/config_adjust_ssl.h" + +/* Make sure all configuration symbols are set before including check_config.h, + * even the ones that are calculated programmatically. */ #include "mbedtls/check_config.h" #endif /* MBEDTLS_BUILD_INFO_H */ diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index f4aa00299..8033c13ff 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -220,7 +220,7 @@ int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx, * *note Due to the nature of CTR mode, you should use the same * key for both encryption and decryption. In particular, calls * to this function should be preceded by a key-schedule via - * mbedtls_camellia_setkey_enc() regardless of whether \p mode + * mbedtls_camellia_setkey_enc() regardless of whether the mode * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT. * * \warning You must never reuse a nonce value with the same key. Doing so diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 6c2255281..e00e747de 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -77,7 +77,6 @@ extern "C" { typedef struct mbedtls_ccm_context { unsigned char MBEDTLS_PRIVATE(y)[16]; /*!< The Y working buffer */ unsigned char MBEDTLS_PRIVATE(ctr)[16]; /*!< The counter buffer */ - mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ size_t MBEDTLS_PRIVATE(plaintext_len); /*!< Total plaintext length */ size_t MBEDTLS_PRIVATE(add_len); /*!< Total authentication data length */ size_t MBEDTLS_PRIVATE(tag_len); /*!< Total tag length */ @@ -87,15 +86,15 @@ typedef struct mbedtls_ccm_context { and plaintext/ciphertext. This variable is set to zero after auth data input is finished. */ - unsigned char MBEDTLS_PRIVATE(q); /*!< The Q working value */ - unsigned char MBEDTLS_PRIVATE(mode); /*!< The operation to perform: + unsigned int MBEDTLS_PRIVATE(q); /*!< The Q working value */ + unsigned int MBEDTLS_PRIVATE(mode); /*!< The operation to perform: #MBEDTLS_CCM_ENCRYPT or #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or #MBEDTLS_CCM_STAR_DECRYPT. */ + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ int MBEDTLS_PRIVATE(state); /*!< Working value holding context's - state. Used for chunked data - input */ + state. Used for chunked data input */ } mbedtls_ccm_context; diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 1efabdc1f..e18e9a5fc 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -30,12 +30,12 @@ */ #include #if CHAR_BIT != 8 -#error "mbed TLS requires a platform with 8-bit chars" +#error "Mbed TLS requires a platform with 8-bit chars" #endif #include -#if defined(_WIN32) +#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900) #if !defined(MBEDTLS_PLATFORM_C) #error "MBEDTLS_PLATFORM_C is required on Windows" #endif @@ -51,7 +51,7 @@ !defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #define MBEDTLS_PLATFORM_VSNPRINTF_ALT #endif -#endif /* _WIN32 */ +#endif /* _MINGW32__ || (_MSC_VER && (_MSC_VER <= 1900)) */ #if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C) #error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS" @@ -66,10 +66,105 @@ #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense" #endif -#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM) -#error "MBEDTLS_AESNI_C defined, but not all prerequisites" +/* Check that each MBEDTLS_ECP_DP_xxx symbol has its PSA_WANT_ECC_xxx counterpart + * when PSA crypto is enabled. */ +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) || defined(MBEDTLS_PSA_CRYPTO_C) + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && !defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#error "MBEDTLS_ECP_DP_BP256R1_ENABLED defined, but not its PSA counterpart" #endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && !defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#error "MBEDTLS_ECP_DP_BP384R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && !defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#error "MBEDTLS_ECP_DP_BP512R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && !defined(PSA_WANT_ECC_MONTGOMERY_255) +#error "MBEDTLS_ECP_DP_CURVE25519_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) && !defined(PSA_WANT_ECC_MONTGOMERY_448) +#error "MBEDTLS_ECP_DP_CURVE448_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && !defined(PSA_WANT_ECC_SECP_R1_192) +#error "MBEDTLS_ECP_DP_SECP192R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && !defined(PSA_WANT_ECC_SECP_R1_224) +#error "MBEDTLS_ECP_DP_SECP224R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && !defined(PSA_WANT_ECC_SECP_R1_256) +#error "MBEDTLS_ECP_DP_SECP256R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && !defined(PSA_WANT_ECC_SECP_R1_384) +#error "MBEDTLS_ECP_DP_SECP384R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && !defined(PSA_WANT_ECC_SECP_R1_521) +#error "MBEDTLS_ECP_DP_SECP521R1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && !defined(PSA_WANT_ECC_SECP_K1_192) +#error "MBEDTLS_ECP_DP_SECP192K1_ENABLED defined, but not its PSA counterpart" +#endif + +/* SECP224K1 is buggy in PSA API so we skip this check */ +#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && !defined(PSA_WANT_ECC_SECP_K1_224) +#error "MBEDTLS_ECP_DP_SECP224K1_ENABLED defined, but not its PSA counterpart" +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && !defined(PSA_WANT_ECC_SECP_K1_256) +#error "MBEDTLS_ECP_DP_SECP256K1_ENABLED defined, but not its PSA counterpart" +#endif + +#endif /* MBEDTLS_PSA_CRYPTO_CONFIG || MBEDTLS_PSA_CRYPTO_C */ + +/* Limitations on ECC key types acceleration: if we have any of `PUBLIC_KEY`, + * `KEY_PAIR_BASIC`, `KEY_PAIR_IMPORT`, `KEY_PAIR_EXPORT` then we must have + * all 4 of them. + */ +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#error "Unsupported partial support for ECC key type acceleration, see docs/driver-only-builds.md" +#endif /* not all of public, basic, import, export */ +#endif /* one of public, basic, import, export */ + +/* Limitations on ECC curves acceleration: partial curve acceleration is only + * supported with crypto excluding PK, X.509 or TLS. + * Note: no need to check X.509 as it depends on PK. */ +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) +#if defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) +#if defined(MBEDTLS_PK_C) || \ + defined(MBEDTLS_SSL_TLS_C) +#error "Unsupported partial support for ECC curves acceleration, see docs/driver-only-builds.md" +#endif /* modules beyond what's supported */ +#endif /* not all curves accelerated */ +#endif /* some curve accelerated */ + #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" #endif @@ -162,36 +257,40 @@ #endif #if defined(MBEDTLS_PKCS5_C) && \ - ( !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) || \ - !defined(MBEDTLS_CIPHER_C) ) + !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_PKCS5_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PKCS12_C) && \ - !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) -#error "MBEDTLS_PKCS12_C defined, but not all prerequisites" +/* Helpers for hash dependencies, will be undefined at the end of the file */ +/* Do SHA-256, 384, 512 to cover Entropy and TLS. */ +#if defined(MBEDTLS_SHA256_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256)) +#define MBEDTLS_MD_HAVE_SHA256 +#endif +#if defined(MBEDTLS_SHA384_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384)) +#define MBEDTLS_MD_HAVE_SHA384 +#endif +#if defined(MBEDTLS_SHA512_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512)) +#define MBEDTLS_MD_HAVE_SHA512 #endif -#if defined(MBEDTLS_PKCS1_V21) && \ - !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) -#error "MBEDTLS_PKCS1_V21 defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \ - !defined(MBEDTLS_SHA256_C)) +#if defined(MBEDTLS_ENTROPY_C) && \ + !(defined(MBEDTLS_MD_HAVE_SHA512) || defined(MBEDTLS_MD_HAVE_SHA256)) #error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_SHA512_C) && \ +#if defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64) #error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" #endif #if defined(MBEDTLS_ENTROPY_C) && \ - ( !defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_ENTROPY_FORCE_SHA256) ) \ + (defined(MBEDTLS_ENTROPY_FORCE_SHA256) || !defined(MBEDTLS_MD_HAVE_SHA512)) \ && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32) #error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" #endif #if defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_SHA256_C) + defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_MD_HAVE_SHA256) #error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" #endif @@ -275,14 +374,37 @@ #error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" #endif +/* Helper for JPAKE dependencies, will be undefined at the end of the file */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(PSA_WANT_ALG_JPAKE) && defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define MBEDTLS_PK_HAVE_JPAKE +#endif +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_ECJPAKE_C) +#define MBEDTLS_PK_HAVE_JPAKE +#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +/* Helper for curve SECP256R1 */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(PSA_WANT_ECC_SECP_R1_256) +#define MBEDTLS_PK_HAVE_CURVE_SECP256R1 +#endif +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#define MBEDTLS_PK_HAVE_CURVE_SECP256R1 +#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \ + ( !defined(MBEDTLS_CAN_ECDH) || \ + !defined(MBEDTLS_PK_CAN_ECDSA_SIGN) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) ) #error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \ + ( !defined(MBEDTLS_CAN_ECDH) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) ) #error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" #endif @@ -292,7 +414,7 @@ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ - !defined(MBEDTLS_ECDH_C) + !defined(MBEDTLS_CAN_ECDH) #error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" #endif @@ -303,13 +425,14 @@ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \ + ( !defined(MBEDTLS_CAN_ECDH) || !defined(MBEDTLS_RSA_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) ) #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" #endif -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ - ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ + ( !defined(MBEDTLS_CAN_ECDH) || \ + !defined(MBEDTLS_PK_CAN_ECDSA_SIGN) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) ) #error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" #endif @@ -327,17 +450,14 @@ #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ - ( !defined(MBEDTLS_ECJPAKE_C) || \ - !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ) + ( !defined(MBEDTLS_PK_HAVE_JPAKE) || \ + !defined(MBEDTLS_PK_HAVE_CURVE_SECP256R1) ) #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" #endif -/* Use of EC J-PAKE in TLS requires SHA-256. - * This will be taken from MD if it is present, or from PSA if MD is absent. - * Note: MBEDTLS_ECJPAKE_C depends on MBEDTLS_MD_C || MBEDTLS_PSA_CRYPTO_C. */ +/* Use of EC J-PAKE in TLS requires SHA-256. */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ - !( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) && \ - !( !defined(MBEDTLS_MD_C) && defined(PSA_WANT_ALG_SHA_256) ) + !defined(MBEDTLS_MD_HAVE_SHA256) #error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites" #endif @@ -356,7 +476,15 @@ defined(MBEDTLS_SHA224_C) || \ defined(MBEDTLS_SHA256_C) || \ defined(MBEDTLS_SHA384_C) || \ - defined(MBEDTLS_SHA512_C) ) + defined(MBEDTLS_SHA512_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && \ + (defined(PSA_WANT_ALG_MD5) || \ + defined(PSA_WANT_ALG_RIPEMD160) || \ + defined(PSA_WANT_ALG_SHA_1) || \ + defined(PSA_WANT_ALG_SHA_224) || \ + defined(PSA_WANT_ALG_SHA_256) || \ + defined(PSA_WANT_ALG_SHA_384) || \ + defined(PSA_WANT_ALG_SHA_512)))) #error "MBEDTLS_MD_C defined, but not all prerequisites" #endif @@ -383,10 +511,6 @@ #error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM) -#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C) #error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites" #endif @@ -396,7 +520,7 @@ #endif #if defined(MBEDTLS_PK_C) && \ - !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) + !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_PK_HAVE_ECC_KEYS) #error "MBEDTLS_PK_C defined, but not all prerequisites" #endif @@ -448,6 +572,16 @@ #error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_MS_TIME_ALT) && \ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_MS_TIME_ALT defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\ ( !defined(MBEDTLS_PLATFORM_C) ||\ !defined(MBEDTLS_HAVE_TIME) ) @@ -708,41 +842,6 @@ #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) #error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -/* - * Best performance comes from most recent compilers, with intrinsics and -O3. - * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and - * can't always detect __ARM_FEATURE_SHA512 (notably clang 7-12). - * - * GCC < 8 won't work at all (lacks the sha512 instructions) - * GCC >= 8 uses intrinsics, sets __ARM_FEATURE_SHA512 - * - * Clang < 7 won't work at all (lacks the sha512 instructions) - * Clang 7-12 don't have intrinsics (but we work around that with inline - * assembler) or __ARM_FEATURE_SHA512 - * Clang == 13.0.0 same as clang 12 (only seen on macOS) - * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics - */ -#if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) - /* Test Clang first, as it defines __GNUC__ */ -# if defined(__clang__) -# if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# elif __clang_major__ < 13 || \ - (__clang_major__ == 13 && __clang_minor__ == 0 && __clang_patchlevel__ == 0) - /* We implement the intrinsics with inline assembler, so don't error */ -# else -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -# elif defined(__GNUC__) -# if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# else -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -# else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" -# endif -#endif #endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ @@ -763,9 +862,7 @@ #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) #error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*" #endif -#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) -#error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" -#endif + #endif #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \ @@ -773,43 +870,30 @@ #error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_USE_PSA_CRYPTO) && \ - !( defined(MBEDTLS_SHA1_C) || defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" -#endif - -/* TLS 1.3 requires separate HKDF parts from PSA */ +/* TLS 1.3 requires separate HKDF parts from PSA, + * and at least one ciphersuite, so at least SHA-256 or SHA-384 + * from PSA to use with HKDF. + * + * Note: for dependencies common with TLS 1.2 (running handshake hash), + * see MBEDTLS_SSL_TLS_C. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ - !( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_HKDF_EXTRACT) && defined(PSA_WANT_ALG_HKDF_EXPAND) ) + !(defined(MBEDTLS_PSA_CRYPTO_C) && \ + defined(PSA_WANT_ALG_HKDF_EXTRACT) && \ + defined(PSA_WANT_ALG_HKDF_EXPAND) && \ + (defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384))) #error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" #endif -/* TLS 1.3 requires at least one ciphersuite, so at least SHA-256 or SHA-384 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -/* We always need at least one of the hashes via PSA (for use with HKDF) */ -#if !( defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384) ) -#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" -#endif /* !(PSA_WANT_ALG_SHA_256 || PSA_WANT_ALG_SHA_384) */ -#if !defined(MBEDTLS_USE_PSA_CRYPTO) -/* When USE_PSA_CRYPTO is not defined, we also need SHA-256 or SHA-384 via the - * legacy interface, including via the MD layer, for the parts of the code - * that are shared with TLS 1.2 (running handshake hash). */ -#if !defined(MBEDTLS_MD_C) || \ - !( defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA384_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_3 defined, but not all prerequisites" -#endif /* !MBEDTLS_MD_C || !(MBEDTLS_SHA256_C || MBEDTLS_SHA384_C) */ -#endif /* !MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) -#if !( defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && \ - ( defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_PKCS1_V21) ) ) +#if !( (defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH)) && \ + defined(MBEDTLS_X509_CRT_PARSE_C) && \ + ( defined(MBEDTLS_PK_CAN_ECDSA_SIGN) || defined(MBEDTLS_PKCS1_V21) ) ) #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites" #endif #endif #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) -#if !( defined(MBEDTLS_ECDH_C) ) +#if !( defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) ) #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED defined, but not all prerequisites" #endif #endif @@ -845,10 +929,10 @@ #endif #if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \ - ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) || \ - ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0 ) || \ - ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) ) -#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(0..UINT32_MAX)" + defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) && \ + ((MBEDTLS_SSL_MAX_EARLY_DATA_SIZE < 0) || \ + (MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX)) +#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE must be in the range(0..UINT32_MAX)" #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ @@ -864,11 +948,24 @@ #error "MBEDTLS_SSL_ASYNC_PRIVATE defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \ - ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) ) +#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" #endif +/* TLS 1.2 and 1.3 require SHA-256 or SHA-384 (running handshake hash) */ +#if defined(MBEDTLS_SSL_TLS_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if !(defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384)) +#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" +#endif +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if !defined(MBEDTLS_MD_C) || \ + !(defined(MBEDTLS_MD_HAVE_SHA256) || defined(MBEDTLS_MD_HAVE_SHA384)) +#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" +#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_SSL_TLS_C */ + #if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C) #error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" #endif @@ -932,6 +1029,11 @@ #error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) && \ + !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#error "MBEDTLS_SSL_RENEGOTIATION defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_TICKET_C) && ( !defined(MBEDTLS_CIPHER_C) && \ !defined(MBEDTLS_USE_PSA_CRYPTO) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" @@ -979,15 +1081,15 @@ #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" #endif -#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ - !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \ +#if defined(MBEDTLS_X509_USE_C) && \ + (!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \ !defined(MBEDTLS_PK_PARSE_C) || \ ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) ) #error "MBEDTLS_X509_USE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ - !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \ +#if defined(MBEDTLS_X509_CREATE_C) && \ + (!defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \ !defined(MBEDTLS_PK_PARSE_C) || \ ( !defined(MBEDTLS_MD_C) && !defined(MBEDTLS_USE_PSA_CRYPTO) ) ) #error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites" @@ -1035,6 +1137,10 @@ #error "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && ( !defined(MBEDTLS_SSL_PROTO_TLS1_3) ) +#error "MBEDTLS_SSL_RECORD_SIZE_LIMIT defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif @@ -1088,12 +1194,19 @@ #if defined(MBEDTLS_PKCS7_C) && ( ( !defined(MBEDTLS_ASN1_PARSE_C) ) || \ ( !defined(MBEDTLS_OID_C) ) || ( !defined(MBEDTLS_PK_PARSE_C) ) || \ - ( !defined(MBEDTLS_X509_CRT_PARSE_C) ) ||\ - ( !defined(MBEDTLS_X509_CRL_PARSE_C) ) || ( !defined(MBEDTLS_BIGNUM_C) ) || \ + ( !defined(MBEDTLS_X509_CRT_PARSE_C) ) || \ + ( !defined(MBEDTLS_X509_CRL_PARSE_C) ) || \ ( !defined(MBEDTLS_MD_C) ) ) #error "MBEDTLS_PKCS7_C is defined, but not all prerequisites" #endif +/* Undefine helper symbols */ +#undef MBEDTLS_PK_HAVE_JPAKE +#undef MBEDTLS_MD_HAVE_SHA256 +#undef MBEDTLS_MD_HAVE_SHA384 +#undef MBEDTLS_MD_HAVE_SHA512 +#undef MBEDTLS_PK_HAVE_CURVE_SECP256R1 + /* * Avoid warning from -pedantic. This is a convenient place for this * workaround since this is included by every single file before the diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index e09bd92e7..9c8701d38 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -71,16 +71,16 @@ extern "C" { /** * \brief Supported cipher types. * - * \warning DES is considered weak cipher and its use - * constitutes a security risk. Arm recommends considering stronger + * \warning DES/3DES are considered weak ciphers and their use + * constitutes a security risk. We recommend considering stronger * ciphers instead. */ typedef enum { MBEDTLS_CIPHER_ID_NONE = 0, /**< Placeholder to mark the end of cipher ID lists. */ MBEDTLS_CIPHER_ID_NULL, /**< The identity cipher, treated as a stream cipher. */ MBEDTLS_CIPHER_ID_AES, /**< The AES cipher. */ - MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */ - MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */ + MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. \warning DES is considered weak. */ + MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. \warning 3DES is considered weak. */ MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */ MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */ MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */ @@ -89,8 +89,8 @@ typedef enum { /** * \brief Supported {cipher type, cipher mode} pairs. * - * \warning DES is considered weak cipher and its use - * constitutes a security risk. Arm recommends considering stronger + * \warning DES/3DES are considered weak ciphers and their use + * constitutes a security risk. We recommend considering stronger * ciphers instead. */ typedef enum { @@ -126,12 +126,12 @@ typedef enum { MBEDTLS_CIPHER_CAMELLIA_128_GCM, /**< Camellia cipher with 128-bit GCM mode. */ MBEDTLS_CIPHER_CAMELLIA_192_GCM, /**< Camellia cipher with 192-bit GCM mode. */ MBEDTLS_CIPHER_CAMELLIA_256_GCM, /**< Camellia cipher with 256-bit GCM mode. */ - MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. */ - MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. */ - MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. */ - MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */ - MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */ - MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */ + MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. \warning DES is considered weak. */ + MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. \warning DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. \warning 3DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. \warning 3DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. \warning 3DES is considered weak. */ + MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. \warning 3DES is considered weak. */ MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */ MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */ MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */ @@ -217,11 +217,11 @@ typedef enum { enum { /** Undefined key length. */ MBEDTLS_KEY_LENGTH_NONE = 0, - /** Key length, in bits (including parity), for DES keys. */ + /** Key length, in bits (including parity), for DES keys. \warning DES is considered weak. */ MBEDTLS_KEY_LENGTH_DES = 64, - /** Key length in bits, including parity, for DES in two-key EDE. */ + /** Key length in bits, including parity, for DES in two-key EDE. \warning 3DES is considered weak. */ MBEDTLS_KEY_LENGTH_DES_EDE = 128, - /** Key length in bits, including parity, for DES in three-key EDE. */ + /** Key length in bits, including parity, for DES in three-key EDE. \warning 3DES is considered weak. */ MBEDTLS_KEY_LENGTH_DES_EDE3 = 192, }; @@ -270,45 +270,58 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; * mbedtls_cipher_info_from_type(), * mbedtls_cipher_info_from_values(), * mbedtls_cipher_info_from_psa(). + * + * \note Some fields store a value that has been right-shifted to save + * code-size, so should not be used directly. The accessor + * functions adjust for this and return the "natural" value. */ typedef struct mbedtls_cipher_info_t { - /** Full cipher identifier. For example, - * MBEDTLS_CIPHER_AES_256_CBC. - */ - mbedtls_cipher_type_t MBEDTLS_PRIVATE(type); - - /** The cipher mode. For example, MBEDTLS_MODE_CBC. */ - mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode); - - /** The cipher key length, in bits. This is the - * default length for variable sized ciphers. - * Includes parity bits for ciphers like DES. - */ - unsigned int MBEDTLS_PRIVATE(key_bitlen); - /** Name of the cipher. */ const char *MBEDTLS_PRIVATE(name); - /** IV or nonce size, in Bytes. + /** The block size, in bytes. */ + unsigned int MBEDTLS_PRIVATE(block_size) : 5; + + /** IV or nonce size, in bytes (right shifted by #MBEDTLS_IV_SIZE_SHIFT). * For ciphers that accept variable IV sizes, * this is the recommended size. */ - unsigned int MBEDTLS_PRIVATE(iv_size); + unsigned int MBEDTLS_PRIVATE(iv_size) : 3; + + /** The cipher key length, in bits (right shifted by #MBEDTLS_KEY_BITLEN_SHIFT). + * This is the default length for variable sized ciphers. + * Includes parity bits for ciphers like DES. + */ + unsigned int MBEDTLS_PRIVATE(key_bitlen) : 4; + + /** The cipher mode (as per mbedtls_cipher_mode_t). + * For example, MBEDTLS_MODE_CBC. + */ + unsigned int MBEDTLS_PRIVATE(mode) : 4; + + /** Full cipher identifier (as per mbedtls_cipher_type_t). + * For example, MBEDTLS_CIPHER_AES_256_CBC. + * + * This could be 7 bits, but 8 bits retains byte alignment for the + * next field, which reduces code size to access that field. + */ + unsigned int MBEDTLS_PRIVATE(type) : 8; /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the * cipher supports variable IV or variable key sizes, respectively. */ - int MBEDTLS_PRIVATE(flags); + unsigned int MBEDTLS_PRIVATE(flags) : 2; - /** The block size, in Bytes. */ - unsigned int MBEDTLS_PRIVATE(block_size); - - /** Struct for base cipher information and functions. */ - const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base); + /** Index to LUT for base cipher information and functions. */ + unsigned int MBEDTLS_PRIVATE(base_idx) : 5; } mbedtls_cipher_info_t; +/* For internal use only. + * These are used to more compactly represent the fields above. */ +#define MBEDTLS_KEY_BITLEN_SHIFT 6 +#define MBEDTLS_IV_SIZE_SHIFT 2 /** * Generic cipher context. */ @@ -353,7 +366,7 @@ typedef struct mbedtls_cipher_context_t { mbedtls_cmac_context_t *MBEDTLS_PRIVATE(cmac_ctx); #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) /** Indicates whether the cipher operations should be performed * by Mbed TLS' own crypto library or an external implementation * of the PSA Crypto API. @@ -362,7 +375,7 @@ typedef struct mbedtls_cipher_context_t { * mbedtls_cipher_setup_psa(). */ unsigned char MBEDTLS_PRIVATE(psa_enabled); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ } mbedtls_cipher_context_t; @@ -439,7 +452,7 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type( if (info == NULL) { return MBEDTLS_CIPHER_NONE; } else { - return info->MBEDTLS_PRIVATE(type); + return (mbedtls_cipher_type_t) info->MBEDTLS_PRIVATE(type); } } @@ -458,7 +471,7 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode( if (info == NULL) { return MBEDTLS_MODE_NONE; } else { - return info->MBEDTLS_PRIVATE(mode); + return (mbedtls_cipher_mode_t) info->MBEDTLS_PRIVATE(mode); } } @@ -479,7 +492,7 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen( if (info == NULL) { return 0; } else { - return info->MBEDTLS_PRIVATE(key_bitlen); + return info->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT; } } @@ -492,7 +505,7 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen( * * \return The cipher name, which is a human readable string, * with static storage duration. - * \return \c NULL if \c info is \p NULL. + * \return \c NULL if \p info is \c NULL. */ static inline const char *mbedtls_cipher_info_get_name( const mbedtls_cipher_info_t *info) @@ -521,7 +534,7 @@ static inline size_t mbedtls_cipher_info_get_iv_size( return 0; } - return (size_t) info->MBEDTLS_PRIVATE(iv_size); + return ((size_t) info->MBEDTLS_PRIVATE(iv_size)) << MBEDTLS_IV_SIZE_SHIFT; } /** @@ -541,7 +554,7 @@ static inline size_t mbedtls_cipher_info_get_block_size( return 0; } - return (size_t) info->MBEDTLS_PRIVATE(block_size); + return (size_t) (info->MBEDTLS_PRIVATE(block_size)); } /** @@ -583,7 +596,7 @@ static inline int mbedtls_cipher_info_has_variable_iv_size( } /** - * \brief This function initializes a \p cipher_context as NONE. + * \brief This function initializes a \p ctx as NONE. * * \param ctx The context to be initialized. This must not be \c NULL. */ @@ -682,7 +695,7 @@ static inline unsigned int mbedtls_cipher_get_block_size( return 0; } - return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); + return (unsigned int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size); } /** @@ -702,7 +715,7 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( return MBEDTLS_MODE_NONE; } - return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); + return (mbedtls_cipher_mode_t) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode); } /** @@ -727,7 +740,8 @@ static inline int mbedtls_cipher_get_iv_size( return (int) ctx->MBEDTLS_PRIVATE(iv_size); } - return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size); + return (int) (((int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size)) << + MBEDTLS_IV_SIZE_SHIFT); } /** @@ -747,7 +761,7 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( return MBEDTLS_CIPHER_NONE; } - return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); + return (mbedtls_cipher_type_t) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type); } /** @@ -776,7 +790,7 @@ static inline const char *mbedtls_cipher_get_name( * \param ctx The context of the cipher. This must be initialized. * * \return The key length of the cipher in bits. - * \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been + * \return #MBEDTLS_KEY_LENGTH_NONE if \p ctx has not been * initialized. */ static inline int mbedtls_cipher_get_key_bitlen( @@ -788,7 +802,8 @@ static inline int mbedtls_cipher_get_key_bitlen( return MBEDTLS_KEY_LENGTH_NONE; } - return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen); + return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen) << + MBEDTLS_KEY_BITLEN_SHIFT; } /** @@ -837,7 +852,6 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, * \brief This function sets the padding mode, for cipher modes * that use padding. * - * The default passing mode is PKCS7 padding. * * \param ctx The generic cipher context. This must be initialized and * bound to a cipher information structure. @@ -975,7 +989,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, * \param ctx The generic cipher context. This must be initialized and * bound to a key. * \param output The buffer to write data to. This needs to be a writable - * buffer of at least \p block_size Bytes. + * buffer of at least block_size Bytes. * \param olen The length of the data written to the \p output buffer. * This may not be \c NULL. * diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 3125e702e..b2aca5d04 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -5,6 +5,7 @@ * * The Cipher-based Message Authentication Code (CMAC) Mode for * Authentication is defined in RFC-4493: The AES-CMAC Algorithm. + * It is supported with AES and DES. */ /* * Copyright The Mbed TLS Contributors @@ -38,12 +39,30 @@ extern "C" { #define MBEDTLS_AES_BLOCK_SIZE 16 #define MBEDTLS_DES3_BLOCK_SIZE 8 +/* We don't support Camellia or ARIA in this module */ #if defined(MBEDTLS_AES_C) -#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */ +#define MBEDTLS_CMAC_MAX_BLOCK_SIZE 16 /**< The longest block used by CMAC is that of AES. */ #else -#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */ +#define MBEDTLS_CMAC_MAX_BLOCK_SIZE 8 /**< The longest block used by CMAC is that of 3DES. */ #endif +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +/** The longest block supported by the cipher module. + * + * \deprecated + * For the maximum block size of a cipher supported by the CMAC module, + * use #MBEDTLS_CMAC_MAX_BLOCK_SIZE. + * For the maximum block size of a cipher supported by the cipher module, + * use #MBEDTLS_MAX_BLOCK_LENGTH. + */ +/* Before Mbed TLS 3.5, this was the maximum block size supported by the CMAC + * module, so it didn't take Camellia or ARIA into account. Since the name + * of the macro doesn't even convey "CMAC", this was misleading. Now the size + * is sufficient for any cipher, but the name is defined in cmac.h for + * backward compatibility. */ +#define MBEDTLS_CIPHER_BLKSIZE_MAX MBEDTLS_MAX_BLOCK_LENGTH +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + #if !defined(MBEDTLS_CMAC_ALT) /** @@ -51,11 +70,11 @@ extern "C" { */ struct mbedtls_cmac_context_t { /** The internal state of the CMAC algorithm. */ - unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char MBEDTLS_PRIVATE(state)[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; /** Unprocessed data - either data that was not block aligned and is still * pending processing, or the final block. */ - unsigned char MBEDTLS_PRIVATE(unprocessed_block)[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char MBEDTLS_PRIVATE(unprocessed_block)[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; /** The length of data pending processing. */ size_t MBEDTLS_PRIVATE(unprocessed_len); diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h new file mode 100644 index 000000000..495cd5ab3 --- /dev/null +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -0,0 +1,195 @@ +/** + * \file mbedtls/config_adjust_legacy_crypto.h + * \brief Adjust legacy configuration configuration + * + * Automatically enable certain dependencies. Generally, MBEDLTS_xxx + * configurations need to be explicitly enabled by the user: enabling + * MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a + * compilation error. However, we do automatically enable certain options + * in some circumstances. One case is if MBEDTLS_xxx_B is an internal option + * used to identify parts of a module that are used by other module, and we + * don't want to make the symbol MBEDTLS_xxx_B part of the public API. + * Another case is if A didn't depend on B in earlier versions, and we + * want to use B in A but we need to preserve backward compatibility with + * configurations that explicitly activate MBEDTLS_xxx_A but not + * MBEDTLS_xxx_B. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H +#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H + +/* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. + * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. + */ +#if defined(MBEDTLS_MD_C) +#define MBEDTLS_MD_LIGHT +#endif + +/* Auto-enable MBEDTLS_MD_LIGHT if needed by a module that didn't require it + * in a previous release, to ensure backwards compatibility. + */ +#if defined(MBEDTLS_ECJPAKE_C) || \ + defined(MBEDTLS_PEM_PARSE_C) || \ + defined(MBEDTLS_ENTROPY_C) || \ + defined(MBEDTLS_PK_C) || \ + defined(MBEDTLS_PKCS12_C) || \ + defined(MBEDTLS_RSA_C) || \ + defined(MBEDTLS_SSL_TLS_C) || \ + defined(MBEDTLS_X509_USE_C) || \ + defined(MBEDTLS_X509_CREATE_C) +#define MBEDTLS_MD_LIGHT +#endif + +/* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: + * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions + * for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for + * some reason, then MBEDTLS_ECP_LIGHT should be enabled as well. + * - MBEDTLS_PK_PARSE_EC_EXTENDED and MBEDTLS_PK_PARSE_EC_COMPRESSED because + * these features are not supported in PSA so the only way to have them is + * to enable the built-in solution. + * Both of them are temporary dependencies: + * - PK_PARSE_EC_EXTENDED will be removed after #7779 and #7789 + * - support for compressed points should also be added to PSA, but in this + * case there is no associated issue to track it yet. + * - PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE because Weierstrass key derivation + * still depends on ECP_LIGHT. + * - PK_C + USE_PSA + PSA_WANT_ALG_ECDSA is a temporary dependency which will + * be fixed by #7453. + */ +#if defined(MBEDTLS_ECP_C) || \ + defined(MBEDTLS_PK_PARSE_EC_EXTENDED) || \ + defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define MBEDTLS_ECP_LIGHT +#endif + +/* MBEDTLS_PK_PARSE_EC_COMPRESSED is introduced in Mbed TLS version 3.5, while + * in previous version compressed points were automatically supported as long + * as PK_PARSE_C and ECP_C were enabled. As a consequence, for backward + * compatibility, we auto-enable PK_PARSE_EC_COMPRESSED when these conditions + * are met. */ +#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_ECP_C) +#define MBEDTLS_PK_PARSE_EC_COMPRESSED +#endif + +/* Helper symbol to state that there is support for ECDH, either through + * library implementation (ECDH_C) or through PSA. */ +#if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_ECDH)) || \ + (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C)) +#define MBEDTLS_CAN_ECDH +#endif + +/* PK module can achieve ECDSA functionalities by means of either software + * implementations (ECDSA_C) or through a PSA driver. The following defines + * are meant to list these capabilities in a general way which abstracts how + * they are implemented under the hood. */ +#if !defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_ECDSA_C) +#define MBEDTLS_PK_CAN_ECDSA_SIGN +#define MBEDTLS_PK_CAN_ECDSA_VERIFY +#endif /* MBEDTLS_ECDSA_C */ +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(PSA_WANT_ALG_ECDSA) +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define MBEDTLS_PK_CAN_ECDSA_SIGN +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */ +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#define MBEDTLS_PK_CAN_ECDSA_VERIFY +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +#endif /* PSA_WANT_ALG_ECDSA */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) || defined(MBEDTLS_PK_CAN_ECDSA_SIGN) +#define MBEDTLS_PK_CAN_ECDSA_SOME +#endif + +/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT + * is defined as well to include all PSA code. + */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +#define MBEDTLS_PSA_CRYPTO_CLIENT +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +/* The PK wrappers need pk_write functions to format RSA key objects + * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO, + * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */ +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) +#define MBEDTLS_PK_C +#define MBEDTLS_PK_WRITE_C +#define MBEDTLS_PK_PARSE_C +#endif + +/* Helpers to state that each key is supported either on the builtin or PSA side. */ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) +#define MBEDTLS_ECP_HAVE_SECP521R1 +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#define MBEDTLS_ECP_HAVE_BP512R1 +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448) +#define MBEDTLS_ECP_HAVE_CURVE448 +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#define MBEDTLS_ECP_HAVE_BP384R1 +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) +#define MBEDTLS_ECP_HAVE_SECP384R1 +#endif +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#define MBEDTLS_ECP_HAVE_BP256R1 +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256) +#define MBEDTLS_ECP_HAVE_SECP256K1 +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) +#define MBEDTLS_ECP_HAVE_SECP256R1 +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255) +#define MBEDTLS_ECP_HAVE_CURVE25519 +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224) +#define MBEDTLS_ECP_HAVE_SECP224K1 +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224) +#define MBEDTLS_ECP_HAVE_SECP224R1 +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192) +#define MBEDTLS_ECP_HAVE_SECP192K1 +#endif +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192) +#define MBEDTLS_ECP_HAVE_SECP192R1 +#endif + +/* Helper symbol to state that the PK module has support for EC keys. This + * can either be provided through the legacy ECP solution or through the + * PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA (see pk.h for its description). */ +#if defined(MBEDTLS_ECP_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) +#define MBEDTLS_PK_HAVE_ECC_KEYS +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ + +/* Historically pkparse did not check the CBC padding when decrypting + * a key. This was a bug, which is now fixed. As a consequence, pkparse + * now needs PKCS7 padding support, but existing configurations might not + * enable it, so we enable it here. */ +#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#endif + +#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h new file mode 100644 index 000000000..e3c2ed117 --- /dev/null +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -0,0 +1,889 @@ +/** + * \file mbedtls/config_adjust_legacy_from_psa.h + * \brief Adjust PSA configuration: activate legacy implementations + * + * When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, activate legacy implementations + * of cryptographic mechanisms as needed to fulfill the needs of the PSA + * configuration. Generally speaking, we activate a legacy mechanism if + * it's needed for a requested PSA mechanism and there is no PSA driver + * for it. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H +#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H + +/* Define appropriate ACCEL macros for the p256-m driver. + * In the future, those should be generated from the drivers JSON description. + */ +#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 +#define MBEDTLS_PSA_ACCEL_ALG_ECDSA +#define MBEDTLS_PSA_ACCEL_ALG_ECDH +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE +#endif + +/* + * ECC: support for a feature is controlled by a triplet or a pair: + * (curve, key_type public/basic, alg) or (curve, key_type_). + * + * A triplet/pair is accelerated if all of is components are accelerated; + * otherwise each component needs to be built in. + * + * We proceed in two passes: + * 1. Check if acceleration is complete for curves, key types, algs. + * 2. Then enable built-ins for each thing that's either not accelerated of + * doesn't have complete acceleration of the other triplet/pair components. + * + * Note: this needs psa/crypto_adjust_keypair_types.h to have been included + * already, so that we know the full set of key types that are requested. + */ + +/* ECC: curves: is acceleration complete? */ +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_MONTGOMERY_255) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#endif + +#if defined(PSA_WANT_ECC_MONTGOMERY_448) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_192) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_224) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_256) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_384) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_521) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_192) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_224) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_256) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES +#endif + +/* ECC: algs: is acceleration complete? */ +#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS +#endif + +#if defined(PSA_WANT_ALG_ECDH) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS +#endif + +#if defined(PSA_WANT_ALG_ECDSA) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS +#endif + +#if defined(PSA_WANT_ALG_JPAKE) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS +#endif + +/* ECC: key types: is acceleration complete? */ +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#endif + +/* Special case: we don't support cooked key derivation in drivers yet */ +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE +#endif + +/* Note: the condition is always true as DERIVE can't be accelerated yet */ +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#endif + +/* ECC: curves: enable built-ins as needed. + * + * We need the curve built-in: + * - if it's not accelerated, or + * - if there's a key type with missing acceleration, or + * - if there's a alg with missing acceleration. + */ +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 +#define MBEDTLS_ECP_DP_BP256R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 +#define MBEDTLS_ECP_DP_BP384R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 +#define MBEDTLS_ECP_DP_BP512R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ + +#if defined(PSA_WANT_ECC_MONTGOMERY_255) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_MONTGOMERY_255 */ + +#if defined(PSA_WANT_ECC_MONTGOMERY_448) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 +#define MBEDTLS_ECP_DP_CURVE448_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_MONTGOMERY_448 */ + +#if defined(PSA_WANT_ECC_SECP_R1_192) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 +#define MBEDTLS_ECP_DP_SECP192R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_R1_192 */ + +#if defined(PSA_WANT_ECC_SECP_R1_224) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 +#define MBEDTLS_ECP_DP_SECP224R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_R1_224 */ + +#if defined(PSA_WANT_ECC_SECP_R1_256) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_R1_256 */ + +#if defined(PSA_WANT_ECC_SECP_R1_384) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 +#define MBEDTLS_ECP_DP_SECP384R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_R1_384 */ + +#if defined(PSA_WANT_ECC_SECP_R1_521) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 +#define MBEDTLS_ECP_DP_SECP521R1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_R1_521 */ + +#if defined(PSA_WANT_ECC_SECP_K1_192) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 +#define MBEDTLS_ECP_DP_SECP192K1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_K1_192 */ + +#if defined(PSA_WANT_ECC_SECP_K1_224) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 +#define MBEDTLS_ECP_DP_SECP224K1_ENABLED +/* https://github.com/Mbed-TLS/mbedtls/issues/3541 */ +#error "SECP224K1 is buggy via the PSA API in Mbed TLS." +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_K1_224 */ + +#if defined(PSA_WANT_ECC_SECP_K1_256) +#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 +#define MBEDTLS_ECP_DP_SECP256K1_ENABLED +#endif /* missing accel */ +#endif /* PSA_WANT_ECC_SECP_K1_256 */ + +/* ECC: algs: enable built-ins as needed. + * + * We need the alg built-in: + * - if it's not accelerated, or + * - if there's a relevant curve (see below) with missing acceleration, or + * - if there's a key type among (public, basic) with missing acceleration. + * + * Relevant curves are: + * - all curves for ECDH + * - Weierstrass curves for (deterministic) ECDSA + * - secp256r1 for EC J-PAKE + */ +#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) +#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 +#define MBEDTLS_ECDSA_DETERMINISTIC +#define MBEDTLS_HMAC_DRBG_C +#define MBEDTLS_MD_C +#define MBEDTLS_ECDSA_C +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#endif /* missing accel */ +#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ + +#if defined(PSA_WANT_ALG_ECDH) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) +#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 +#define MBEDTLS_ECDH_C +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* PSA_WANT_ALG_ECDH */ + +#if defined(PSA_WANT_ALG_ECDSA) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) +#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 +#define MBEDTLS_ECDSA_C +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#endif /* missing accel */ +#endif /* PSA_WANT_ALG_ECDSA */ + +#if defined(PSA_WANT_ALG_JPAKE) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) || \ + !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC) +#define MBEDTLS_PSA_BUILTIN_PAKE 1 +#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_ECP_C +#define MBEDTLS_ECJPAKE_C +#endif /* missing accel */ +#endif /* PSA_WANT_ALG_JPAKE */ + +/* ECC: key types: enable built-ins as needed. + * + * We need the key type built-in: + * - if it's not accelerated, or + * - if there's a curve with missing acceleration, or + * - only for public/basic: if there's an alg with missing acceleration. + */ +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define MBEDTLS_ECP_LIGHT +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#define MBEDTLS_ECP_LIGHT +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */ + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#define MBEDTLS_ECP_LIGHT +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */ + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */ + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */ + +/* Note: the condition is always true as DERIVE can't be accelerated yet */ +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ + defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#define MBEDTLS_ECP_LIGHT +#define MBEDTLS_BIGNUM_C +#endif /* missing accel */ +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ + +/* End of ECC section */ + +#if defined(PSA_WANT_ALG_FFDH) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) +#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 +#define MBEDTLS_BIGNUM_C +#endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */ +#endif /* PSA_WANT_ALG_FFDH */ + +#if defined(PSA_WANT_ALG_HKDF) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ +#endif /* PSA_WANT_ALG_HKDF */ + +#if defined(PSA_WANT_ALG_HKDF_EXTRACT) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ +#endif /* PSA_WANT_ALG_HKDF_EXTRACT */ + +#if defined(PSA_WANT_ALG_HKDF_EXPAND) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) +/* + * The PSA implementation has its own implementation of HKDF, separate from + * hkdf.c. No need to enable MBEDTLS_HKDF_C here. + */ +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ +#endif /* PSA_WANT_ALG_HKDF_EXPAND */ + +#if defined(PSA_WANT_ALG_HMAC) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ +#endif /* PSA_WANT_ALG_HMAC */ + +#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 +#define MBEDTLS_MD5_C +#endif + +#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 +#define MBEDTLS_RIPEMD160_C +#endif + +#if defined(PSA_WANT_ALG_RSA_OAEP) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 +#define MBEDTLS_RSA_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_OID_C +#define MBEDTLS_PKCS1_V21 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ +#endif /* PSA_WANT_ALG_RSA_OAEP */ + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 +#define MBEDTLS_RSA_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_OID_C +#define MBEDTLS_PKCS1_V15 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ +#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 +#define MBEDTLS_RSA_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_OID_C +#define MBEDTLS_PKCS1_V15 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ +#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ + +#if defined(PSA_WANT_ALG_RSA_PSS) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 +#define MBEDTLS_RSA_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_OID_C +#define MBEDTLS_PKCS1_V21 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ +#endif /* PSA_WANT_ALG_RSA_PSS */ + +#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 +#define MBEDTLS_SHA1_C +#endif + +#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 +#define MBEDTLS_SHA224_C +#endif + +#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 +#define MBEDTLS_SHA256_C +#endif + +#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 +#define MBEDTLS_SHA384_C +#endif + +#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 +#define MBEDTLS_SHA512_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 +#define MBEDTLS_SHA3_C +#endif + +#if defined(PSA_WANT_ALG_PBKDF2_HMAC) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC) +#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1 +#define PSA_HAVE_SOFT_PBKDF2_HMAC 1 +#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ +#endif /* !MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */ +#endif /* PSA_WANT_ALG_PBKDF2_HMAC */ + +#if defined(PSA_WANT_ALG_TLS12_PRF) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) +#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ +#endif /* PSA_WANT_ALG_TLS12_PRF */ + +#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) +#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ +#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ + +#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) +#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */ +#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#define MBEDTLS_GENPRIME +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */ + +#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 +#define MBEDTLS_BIGNUM_C +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */ +#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 +#define MBEDTLS_RSA_C +#define MBEDTLS_BIGNUM_C +#define MBEDTLS_OID_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_PK_WRITE_C +#define MBEDTLS_PK_C +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ +#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ + +/* If any of the block modes are requested that don't have an + * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking + * in the block cipher key types. */ +#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ + (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ + (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ + defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ + (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ + (defined(PSA_WANT_ALG_CBC_PKCS7) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ + (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) +#define PSA_HAVE_SOFT_BLOCK_MODE 1 +#endif + +#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \ + (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM)) +#define PSA_HAVE_SOFT_BLOCK_AEAD 1 +#endif + +#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128) +#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1 +#define PSA_HAVE_SOFT_PBKDF2_CMAC 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */ +#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */ + +#if defined(PSA_WANT_KEY_TYPE_AES) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#define PSA_HAVE_SOFT_KEY_TYPE_AES 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ +#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ + defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ + defined(PSA_HAVE_SOFT_BLOCK_AEAD) || \ + defined(PSA_HAVE_SOFT_PBKDF2_CMAC) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 +#define MBEDTLS_AES_C +#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ +#endif /* PSA_WANT_KEY_TYPE_AES */ + +#if defined(PSA_WANT_KEY_TYPE_ARIA) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) +#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ +#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ + defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ + defined(PSA_HAVE_SOFT_BLOCK_AEAD) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 +#define MBEDTLS_ARIA_C +#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ +#endif /* PSA_WANT_KEY_TYPE_ARIA */ + +#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) +#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ +#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ + defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ + defined(PSA_HAVE_SOFT_BLOCK_AEAD) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 +#define MBEDTLS_CAMELLIA_C +#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ +#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ + +#if defined(PSA_WANT_KEY_TYPE_DES) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) +#define PSA_HAVE_SOFT_KEY_TYPE_DES 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ +#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ + defined(PSA_HAVE_SOFT_BLOCK_MODE) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 +#define MBEDTLS_DES_C +#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ +#endif /* PSA_WANT_KEY_TYPE_DES */ + +#if defined(PSA_WANT_KEY_TYPE_CHACHA20) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 +#define MBEDTLS_CHACHA20_C +#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ +#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ + +/* If any of the software block ciphers are selected, define + * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these + * situations. */ +#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) +#define PSA_HAVE_SOFT_BLOCK_CIPHER 1 +#endif + +#if defined(PSA_WANT_ALG_STREAM_CIPHER) +#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 +#endif /* PSA_WANT_ALG_STREAM_CIPHER */ + +#if defined(PSA_WANT_ALG_CBC_MAC) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) +#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." +#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 +#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ +#endif /* PSA_WANT_ALG_CBC_MAC */ + +#if defined(PSA_WANT_ALG_CMAC) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || \ + defined(PSA_HAVE_SOFT_PBKDF2_CMAC) +#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 +#define MBEDTLS_CMAC_C +#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ +#endif /* PSA_WANT_ALG_CMAC */ + +#if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \ + defined(PSA_HAVE_SOFT_PBKDF2_CMAC) +#define PSA_HAVE_SOFT_PBKDF2 1 +#endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */ + +#if defined(PSA_WANT_ALG_CTR) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) +#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 +#define MBEDTLS_CIPHER_MODE_CTR +#endif +#endif /* PSA_WANT_ALG_CTR */ + +#if defined(PSA_WANT_ALG_CFB) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) +#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 +#define MBEDTLS_CIPHER_MODE_CFB +#endif +#endif /* PSA_WANT_ALG_CFB */ + +#if defined(PSA_WANT_ALG_OFB) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) +#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 +#define MBEDTLS_CIPHER_MODE_OFB +#endif +#endif /* PSA_WANT_ALG_OFB */ + +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) +#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 +#endif + +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 +#endif +#endif /* PSA_WANT_ALG_CBC_NO_PADDING */ + +#if defined(PSA_WANT_ALG_CBC_PKCS7) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) +#define MBEDTLS_CIPHER_MODE_CBC +#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 +#define MBEDTLS_CIPHER_PADDING_PKCS7 +#endif +#endif /* PSA_WANT_ALG_CBC_PKCS7 */ + +#if defined(PSA_WANT_ALG_CCM) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) +#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 +#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 +#define MBEDTLS_CCM_C +#endif +#endif /* PSA_WANT_ALG_CCM */ + +#if defined(PSA_WANT_ALG_GCM) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) +#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 +#define MBEDTLS_GCM_C +#endif +#endif /* PSA_WANT_ALG_GCM */ + +#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) +#if defined(PSA_WANT_KEY_TYPE_CHACHA20) +#define MBEDTLS_CHACHAPOLY_C +#define MBEDTLS_CHACHA20_C +#define MBEDTLS_POLY1305_C +#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 +#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ +#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ +#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ + +#endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H */ diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h new file mode 100644 index 000000000..088711d37 --- /dev/null +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -0,0 +1,346 @@ +/** + * \file mbedtls/config_adjust_psa_from_legacy.h + * \brief Adjust PSA configuration: construct PSA configuration from legacy + * + * When MBEDTLS_PSA_CRYPTO_CONFIG is disabled, we automatically enable + * cryptographic mechanisms through the PSA interface when the corresponding + * legacy mechanism is enabled. In many cases, this just enables the PSA + * wrapper code around the legacy implementation, but we also do this for + * some mechanisms where PSA has its own independent implementation so + * that high-level modules that can use either cryptographic API have the + * same feature set in both cases. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H +#define MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H + +/* + * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG + * is not defined + */ + +#if defined(MBEDTLS_CCM_C) +#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 +#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 +#define PSA_WANT_ALG_CCM 1 +#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 +#endif /* MBEDTLS_CCM_C */ + +#if defined(MBEDTLS_CMAC_C) +#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 +#define PSA_WANT_ALG_CMAC 1 +#endif /* MBEDTLS_CMAC_C */ + +#if defined(MBEDTLS_ECDH_C) +#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 +#define PSA_WANT_ALG_ECDH 1 +#endif /* MBEDTLS_ECDH_C */ + +#if defined(MBEDTLS_ECDSA_C) +#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 +#define PSA_WANT_ALG_ECDSA 1 +#define PSA_WANT_ALG_ECDSA_ANY 1 + +// Only add in DETERMINISTIC support if ECDSA is also enabled +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 +#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + +#endif /* MBEDTLS_ECDSA_C */ + +#if defined(MBEDTLS_ECP_C) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +/* Normally we wouldn't enable this because it's not implemented in ecp.c, + * but since it used to be available any time ECP_C was enabled, let's enable + * it anyway for the sake of backwards compatibility */ +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +/* See comment for PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE above. */ +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_DHM_C) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1 +#define PSA_WANT_ALG_FFDH 1 +#define PSA_WANT_DH_FAMILY_RFC7919 1 +#define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 +#endif /* MBEDTLS_DHM_C */ + +#if defined(MBEDTLS_GCM_C) +#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 +#define PSA_WANT_ALG_GCM 1 +#endif /* MBEDTLS_GCM_C */ + +/* Enable PSA HKDF algorithm if mbedtls HKDF is supported. + * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when + * PSA HKDF is enabled, so enable both algorithms together + * with PSA HKDF. */ +#if defined(MBEDTLS_HKDF_C) +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#define PSA_WANT_ALG_HMAC 1 +#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 +#define PSA_WANT_ALG_HKDF 1 +#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 +#define PSA_WANT_ALG_HKDF_EXTRACT 1 +#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 +#define PSA_WANT_ALG_HKDF_EXPAND 1 +#endif /* MBEDTLS_HKDF_C */ + +#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 +#define PSA_WANT_ALG_HMAC 1 +#define PSA_WANT_KEY_TYPE_HMAC 1 + +#if defined(MBEDTLS_MD_C) +#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 +#define PSA_WANT_ALG_TLS12_PRF 1 +#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 +#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 +#endif /* MBEDTLS_MD_C */ + +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 +#define PSA_WANT_ALG_MD5 1 +#endif + +#if defined(MBEDTLS_ECJPAKE_C) +#define MBEDTLS_PSA_BUILTIN_PAKE 1 +#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 +#define PSA_WANT_ALG_JPAKE 1 +#endif + +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 +#define PSA_WANT_ALG_RIPEMD160 1 +#endif + +#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_PKCS1_V15) +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 +#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1 +#endif /* MBEDTLS_PKCS1_V15 */ +#if defined(MBEDTLS_PKCS1_V21) +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 +#define PSA_WANT_ALG_RSA_OAEP 1 +#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 +#define PSA_WANT_ALG_RSA_PSS 1 +#endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_GENPRIME) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#endif /* MBEDTLS_GENPRIME */ +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 +#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 +#endif /* MBEDTLS_RSA_C */ + +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 +#define PSA_WANT_ALG_SHA_1 1 +#endif + +#if defined(MBEDTLS_SHA224_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 +#define PSA_WANT_ALG_SHA_224 1 +#endif + +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 +#define PSA_WANT_ALG_SHA_256 1 +#endif + +#if defined(MBEDTLS_SHA384_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 +#define PSA_WANT_ALG_SHA_384 1 +#endif + +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 +#define PSA_WANT_ALG_SHA_512 1 +#endif + +#if defined(MBEDTLS_SHA3_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1 +#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1 +#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_256 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 +#endif + +#if defined(MBEDTLS_AES_C) +#define PSA_WANT_KEY_TYPE_AES 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 +#endif + +#if defined(MBEDTLS_ARIA_C) +#define PSA_WANT_KEY_TYPE_ARIA 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 +#endif + +#if defined(MBEDTLS_CAMELLIA_C) +#define PSA_WANT_KEY_TYPE_CAMELLIA 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 +#endif + +#if defined(MBEDTLS_DES_C) +#define PSA_WANT_KEY_TYPE_DES 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 +#endif + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) +#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 +#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1 +#endif + +#if defined(MBEDTLS_CHACHA20_C) +#define PSA_WANT_KEY_TYPE_CHACHA20 1 +#define PSA_WANT_ALG_STREAM_CIPHER 1 +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 +#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 +#if defined(MBEDTLS_CHACHAPOLY_C) +#define PSA_WANT_ALG_CHACHA20_POLY1305 1 +#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 +#endif +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 +#define PSA_WANT_ALG_CBC_NO_PADDING 1 +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) +#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 +#define PSA_WANT_ALG_CBC_PKCS7 1 +#endif +#endif + +#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ + defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) +#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 +#define PSA_WANT_ALG_ECB_NO_PADDING 1 +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CFB) +#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 +#define PSA_WANT_ALG_CFB 1 +#endif + +#if defined(MBEDTLS_CIPHER_MODE_CTR) +#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 +#define PSA_WANT_ALG_CTR 1 +#endif + +#if defined(MBEDTLS_CIPHER_MODE_OFB) +#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 +#define PSA_WANT_ALG_OFB 1 +#endif + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 +#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 +#endif + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 +#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 +#endif + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 +#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 +#define PSA_WANT_ECC_MONTGOMERY_255 1 +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 +#define PSA_WANT_ECC_MONTGOMERY_448 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 +#define PSA_WANT_ECC_SECP_R1_192 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 +#define PSA_WANT_ECC_SECP_R1_224 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 +#define PSA_WANT_ECC_SECP_R1_256 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 +#define PSA_WANT_ECC_SECP_R1_384 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 +#define PSA_WANT_ECC_SECP_R1_521 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 +#define PSA_WANT_ECC_SECP_K1_192 1 +#endif + +/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ +#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 +#define PSA_WANT_ECC_SECP_K1_224 1 +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 +#define PSA_WANT_ECC_SECP_K1_256 1 +#endif + +#endif /* MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H */ diff --git a/include/mbedtls/config_adjust_psa_superset_legacy.h b/include/mbedtls/config_adjust_psa_superset_legacy.h new file mode 100644 index 000000000..3d9029b57 --- /dev/null +++ b/include/mbedtls/config_adjust_psa_superset_legacy.h @@ -0,0 +1,154 @@ +/** + * \file mbedtls/config_adjust_psa_superset_legacy.h + * \brief Adjust PSA configuration: automatic enablement from legacy + * + * To simplify some edge cases, we automatically enable certain cryptographic + * mechanisms in the PSA API if they are enabled in the legacy API. The general + * idea is that if legacy module M uses mechanism A internally, and A has + * both a legacy and a PSA implementation, we enable A through PSA whenever + * it's enabled through legacy. This facilitates the transition to PSA + * implementations of A for users of M. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H +#define MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H + +/****************************************************************/ +/* Hashes that are built in are also enabled in PSA. + * This simplifies dependency declarations especially + * for modules that obey MBEDTLS_USE_PSA_CRYPTO. */ +/****************************************************************/ + +#if defined(MBEDTLS_MD5_C) +#define PSA_WANT_ALG_MD5 1 +#endif + +#if defined(MBEDTLS_RIPEMD160_C) +#define PSA_WANT_ALG_RIPEMD160 1 +#endif + +#if defined(MBEDTLS_SHA1_C) +#define PSA_WANT_ALG_SHA_1 1 +#endif + +#if defined(MBEDTLS_SHA224_C) +#define PSA_WANT_ALG_SHA_224 1 +#endif + +#if defined(MBEDTLS_SHA256_C) +#define PSA_WANT_ALG_SHA_256 1 +#endif + +#if defined(MBEDTLS_SHA384_C) +#define PSA_WANT_ALG_SHA_384 1 +#endif + +#if defined(MBEDTLS_SHA512_C) +#define PSA_WANT_ALG_SHA_512 1 +#endif + +#if defined(MBEDTLS_SHA3_C) +#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_256 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 +#endif + +/* Ensure that the PSA's supported curves (PSA_WANT_ECC_xxx) are always a + * superset of the builtin ones (MBEDTLS_ECP_DP_xxx). */ +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#if !defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 1 +#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#if !defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 1 +#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ +#endif /*MBEDTLS_ECP_DP_BP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#if !defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 1 +#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#if !defined(PSA_WANT_ECC_MONTGOMERY_255) +#define PSA_WANT_ECC_MONTGOMERY_255 1 +#endif /* PSA_WANT_ECC_MONTGOMERY_255 */ +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#if !defined(PSA_WANT_ECC_MONTGOMERY_448) +#define PSA_WANT_ECC_MONTGOMERY_448 1 +#endif /* PSA_WANT_ECC_MONTGOMERY_448 */ +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_R1_192) +#define PSA_WANT_ECC_SECP_R1_192 1 +#endif /* PSA_WANT_ECC_SECP_R1_192 */ +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_R1_224) +#define PSA_WANT_ECC_SECP_R1_224 1 +#endif /* PSA_WANT_ECC_SECP_R1_224 */ +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_R1_256) +#define PSA_WANT_ECC_SECP_R1_256 1 +#endif /* PSA_WANT_ECC_SECP_R1_256 */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_R1_384) +#define PSA_WANT_ECC_SECP_R1_384 1 +#endif /* PSA_WANT_ECC_SECP_R1_384 */ +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_R1_521) +#define PSA_WANT_ECC_SECP_R1_521 1 +#endif /* PSA_WANT_ECC_SECP_R1_521 */ +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_K1_192) +#define PSA_WANT_ECC_SECP_K1_192 1 +#endif /* PSA_WANT_ECC_SECP_K1_192 */ +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ +#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_K1_224) +#define PSA_WANT_ECC_SECP_K1_224 1 +#endif /* PSA_WANT_ECC_SECP_K1_224 */ +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#if !defined(PSA_WANT_ECC_SECP_K1_256) +#define PSA_WANT_ECC_SECP_K1_256 1 +#endif /* PSA_WANT_ECC_SECP_K1_256 */ +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +#endif /* MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H */ diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h new file mode 100644 index 000000000..2275f3add --- /dev/null +++ b/include/mbedtls/config_adjust_ssl.h @@ -0,0 +1,88 @@ +/** + * \file mbedtls/config_adjust_ssl.h + * \brief Adjust TLS configuration + * + * Automatically enable certain dependencies. Generally, MBEDLTS_xxx + * configurations need to be explicitly enabled by the user: enabling + * MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a + * compilation error. However, we do automatically enable certain options + * in some circumstances. One case is if MBEDTLS_xxx_B is an internal option + * used to identify parts of a module that are used by other module, and we + * don't want to make the symbol MBEDTLS_xxx_B part of the public API. + * Another case is if A didn't depend on B in earlier versions, and we + * want to use B in A but we need to preserve backward compatibility with + * configurations that explicitly activate MBEDTLS_xxx_A but not + * MBEDTLS_xxx_B. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_ADJUST_SSL_H +#define MBEDTLS_CONFIG_ADJUST_SSL_H + +/* The following blocks make it easier to disable all of TLS, + * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all + * key exchanges, options and extensions related to them. */ + +#if !defined(MBEDTLS_SSL_TLS_C) +#undef MBEDTLS_SSL_CLI_C +#undef MBEDTLS_SSL_SRV_C +#undef MBEDTLS_SSL_PROTO_TLS1_3 +#undef MBEDTLS_SSL_PROTO_TLS1_2 +#undef MBEDTLS_SSL_PROTO_DTLS +#endif + +#if !defined(MBEDTLS_SSL_PROTO_DTLS) +#undef MBEDTLS_SSL_DTLS_ANTI_REPLAY +#undef MBEDTLS_SSL_DTLS_CONNECTION_ID +#undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT +#undef MBEDTLS_SSL_DTLS_HELLO_VERIFY +#undef MBEDTLS_SSL_DTLS_SRTP +#undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE +#endif + +#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) +#undef MBEDTLS_SSL_ENCRYPT_THEN_MAC +#undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET +#undef MBEDTLS_SSL_RENEGOTIATION +#undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +#undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED +#endif + +#if !defined(MBEDTLS_SSL_PROTO_TLS1_3) +#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +#undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +#undef MBEDTLS_SSL_EARLY_DATA +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)) +#define MBEDTLS_SSL_TLS1_2_SOME_ECC +#endif + +#endif /* MBEDTLS_CONFIG_ADJUST_SSL_H */ diff --git a/include/mbedtls/config_adjust_x509.h b/include/mbedtls/config_adjust_x509.h new file mode 100644 index 000000000..99a0ace2f --- /dev/null +++ b/include/mbedtls/config_adjust_x509.h @@ -0,0 +1,37 @@ +/** + * \file mbedtls/config_adjust_x509.h + * \brief Adjust X.509 configuration + * + * Automatically enable certain dependencies. Generally, MBEDLTS_xxx + * configurations need to be explicitly enabled by the user: enabling + * MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a + * compilation error. However, we do automatically enable certain options + * in some circumstances. One case is if MBEDTLS_xxx_B is an internal option + * used to identify parts of a module that are used by other module, and we + * don't want to make the symbol MBEDTLS_xxx_B part of the public API. + * Another case is if A didn't depend on B in earlier versions, and we + * want to use B in A but we need to preserve backward compatibility with + * configurations that explicitly activate MBEDTLS_xxx_A but not + * MBEDTLS_xxx_B. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONFIG_ADJUST_X509_H +#define MBEDTLS_CONFIG_ADJUST_X509_H + +#endif /* MBEDTLS_CONFIG_ADJUST_X509_H */ diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 09bc32c73..2d2397197 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -30,823 +30,38 @@ #ifndef MBEDTLS_CONFIG_PSA_H #define MBEDTLS_CONFIG_PSA_H +#include "psa/crypto_legacy.h" + +#include "psa/crypto_adjust_config_synonyms.h" + +#include "mbedtls/config_adjust_psa_superset_legacy.h" + #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) -#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE -#else -#include "psa/crypto_config.h" -#endif -#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */ -#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) -#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE -#endif - -#ifdef __cplusplus -extern "C" { -#endif - - - -/****************************************************************/ -/* De facto synonyms */ -/****************************************************************/ - -#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA) -#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY -#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA) -#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA -#endif - -#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && !defined(PSA_WANT_ALG_CCM) -#define PSA_WANT_ALG_CCM PSA_WANT_ALG_CCM_STAR_NO_TAG -#elif !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && defined(PSA_WANT_ALG_CCM) -#define PSA_WANT_ALG_CCM_STAR_NO_TAG PSA_WANT_ALG_CCM -#endif - -#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) -#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW -#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) -#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN -#endif - -#if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS) -#define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT -#elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS) -#define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS -#endif - - - -/****************************************************************/ /* Require built-in implementations based on PSA requirements */ -/****************************************************************/ -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +/* We need this to have a complete list of requirements + * before we deduce what built-ins are required. */ +#include "psa/crypto_adjust_config_key_pair_types.h" -#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) -#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 -#define MBEDTLS_ECDSA_DETERMINISTIC -#define MBEDTLS_ECDSA_C -#define MBEDTLS_HMAC_DRBG_C -#define MBEDTLS_MD_C -#endif /* !MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */ -#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ - -#if defined(PSA_WANT_ALG_ECDH) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) -#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 -#define MBEDTLS_ECDH_C -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C -#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDH */ -#endif /* PSA_WANT_ALG_ECDH */ - -#if defined(PSA_WANT_ALG_ECDSA) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) -#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 -#define MBEDTLS_ECDSA_C -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ -#endif /* PSA_WANT_ALG_ECDSA */ - -#if defined(PSA_WANT_ALG_HKDF) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) -#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 -#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF */ -#endif /* PSA_WANT_ALG_HKDF */ - -#if defined(PSA_WANT_ALG_HKDF_EXTRACT) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) -#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 -#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT */ -#endif /* PSA_WANT_ALG_HKDF_EXTRACT */ - -#if defined(PSA_WANT_ALG_HKDF_EXPAND) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) -#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 -#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND */ -#endif /* PSA_WANT_ALG_HKDF_EXPAND */ - -#if defined(PSA_WANT_ALG_HMAC) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) -#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */ -#endif /* PSA_WANT_ALG_HMAC */ - -#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5) -#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 -#define MBEDTLS_MD5_C -#endif - -#if defined(PSA_WANT_ALG_JPAKE) -#define MBEDTLS_PSA_BUILTIN_PAKE 1 -#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_ECP_C -#define MBEDTLS_ECJPAKE_C -#endif /* PSA_WANT_ALG_JPAKE */ - -#if defined(PSA_WANT_ALG_RIPEMD160) && !defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) -#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 -#define MBEDTLS_RIPEMD160_C -#endif - -#if defined(PSA_WANT_ALG_RSA_OAEP) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 -#define MBEDTLS_RSA_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_OID_C -#define MBEDTLS_PKCS1_V21 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP */ -#endif /* PSA_WANT_ALG_RSA_OAEP */ - -#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 -#define MBEDTLS_RSA_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_OID_C -#define MBEDTLS_PKCS1_V15 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT */ -#endif /* PSA_WANT_ALG_RSA_PKCS1V15_CRYPT */ - -#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 -#define MBEDTLS_RSA_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_OID_C -#define MBEDTLS_PKCS1_V15 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN */ -#endif /* PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ - -#if defined(PSA_WANT_ALG_RSA_PSS) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 -#define MBEDTLS_RSA_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_OID_C -#define MBEDTLS_PKCS1_V21 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_RSA_PSS */ -#endif /* PSA_WANT_ALG_RSA_PSS */ - -#if defined(PSA_WANT_ALG_SHA_1) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 -#define MBEDTLS_SHA1_C -#endif - -#if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 -#define MBEDTLS_SHA224_C -#endif - -#if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 -#define MBEDTLS_SHA256_C -#endif - -#if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 -#define MBEDTLS_SHA384_C -#endif - -#if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 -#define MBEDTLS_SHA512_C -#endif - -#if defined(PSA_WANT_ALG_TLS12_PRF) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) -#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF */ -#endif /* PSA_WANT_ALG_TLS12_PRF */ - -#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) -#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS */ -#endif /* PSA_WANT_ALG_TLS12_PSK_TO_MS */ - -#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) -#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS */ -#endif /* PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ - -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR */ -#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */ - -#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY */ -#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ - -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 -#define MBEDTLS_RSA_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_OID_C -#define MBEDTLS_GENPRIME -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_PK_WRITE_C -#define MBEDTLS_PK_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */ -#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ - -#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 -#define MBEDTLS_RSA_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_OID_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_PK_WRITE_C -#define MBEDTLS_PK_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ - -/* If any of the block modes are requested that don't have an - * associated HW assist, define PSA_HAVE_SOFT_BLOCK_MODE for checking - * in the block cipher key types. */ -#if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ - (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ - (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ - defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ - (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ - (defined(PSA_WANT_ALG_CBC_PKCS7) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ - (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) -#define PSA_HAVE_SOFT_BLOCK_MODE 1 -#endif - -#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \ - (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM)) -#define PSA_HAVE_SOFT_BLOCK_AEAD 1 -#endif - -#if defined(PSA_WANT_KEY_TYPE_AES) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) -#define PSA_HAVE_SOFT_KEY_TYPE_AES 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ -#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 -#define MBEDTLS_AES_C -#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ -#endif /* PSA_WANT_KEY_TYPE_AES */ - -#if defined(PSA_WANT_KEY_TYPE_ARIA) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) -#define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ -#if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 -#define MBEDTLS_ARIA_C -#endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ -#endif /* PSA_WANT_KEY_TYPE_ARIA */ - -#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) -#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ -#if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 -#define MBEDTLS_CAMELLIA_C -#endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ -#endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ - -#if defined(PSA_WANT_KEY_TYPE_DES) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) -#define PSA_HAVE_SOFT_KEY_TYPE_DES 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DES */ -#if defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 -#define MBEDTLS_DES_C -#endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ -#endif /* PSA_WANT_KEY_TYPE_DES */ - -#if defined(PSA_WANT_KEY_TYPE_CHACHA20) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 -#define MBEDTLS_CHACHA20_C -#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ -#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ - -/* If any of the software block ciphers are selected, define - * PSA_HAVE_SOFT_BLOCK_CIPHER, which can be used in any of these - * situations. */ -#if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_DES) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) -#define PSA_HAVE_SOFT_BLOCK_CIPHER 1 -#endif - -#if defined(PSA_WANT_ALG_STREAM_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 -#endif /* PSA_WANT_ALG_STREAM_CIPHER */ - -#if defined(PSA_WANT_ALG_CBC_MAC) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) -#error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." -#define MBEDTLS_PSA_BUILTIN_ALG_CBC_MAC 1 -#endif /* !MBEDTLS_PSA_ACCEL_ALG_CBC_MAC */ -#endif /* PSA_WANT_ALG_CBC_MAC */ - -#if defined(PSA_WANT_ALG_CMAC) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 -#define MBEDTLS_CMAC_C -#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ -#endif /* PSA_WANT_ALG_CMAC */ - -#if defined(PSA_WANT_ALG_CTR) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 -#define MBEDTLS_CIPHER_MODE_CTR -#endif -#endif /* PSA_WANT_ALG_CTR */ - -#if defined(PSA_WANT_ALG_CFB) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CFB) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 -#define MBEDTLS_CIPHER_MODE_CFB -#endif -#endif /* PSA_WANT_ALG_CFB */ - -#if defined(PSA_WANT_ALG_OFB) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_OFB) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 -#define MBEDTLS_CIPHER_MODE_OFB -#endif -#endif /* PSA_WANT_ALG_OFB */ - -#if defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) -#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 -#endif - -#if defined(PSA_WANT_ALG_CBC_NO_PADDING) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_CIPHER_MODE_CBC -#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 -#endif -#endif /* PSA_WANT_ALG_CBC_NO_PADDING */ - -#if defined(PSA_WANT_ALG_CBC_PKCS7) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) -#define MBEDTLS_CIPHER_MODE_CBC -#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 -#define MBEDTLS_CIPHER_PADDING_PKCS7 -#endif -#endif /* PSA_WANT_ALG_CBC_PKCS7 */ - -#if defined(PSA_WANT_ALG_CCM) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) -#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 -#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 -#define MBEDTLS_CCM_C -#endif -#endif /* PSA_WANT_ALG_CCM */ - -#if defined(PSA_WANT_ALG_GCM) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ - defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) -#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 -#define MBEDTLS_GCM_C -#endif -#endif /* PSA_WANT_ALG_GCM */ - -#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305) -#if defined(PSA_WANT_KEY_TYPE_CHACHA20) -#define MBEDTLS_CHACHAPOLY_C -#define MBEDTLS_CHACHA20_C -#define MBEDTLS_POLY1305_C -#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 -#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */ -#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ -#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ - -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) -#define MBEDTLS_ECP_DP_BP256R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 */ -#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_256 */ - -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) -#define MBEDTLS_ECP_DP_BP384R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 */ -#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_384 */ - -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) -#define MBEDTLS_ECP_DP_BP512R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 */ -#endif /* PSA_WANT_ECC_BRAINPOOL_P_R1_512 */ - -#if defined(PSA_WANT_ECC_MONTGOMERY_255) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) -#define MBEDTLS_ECP_DP_CURVE25519_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 */ -#endif /* PSA_WANT_ECC_MONTGOMERY_255 */ - -#if defined(PSA_WANT_ECC_MONTGOMERY_448) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) -#define MBEDTLS_ECP_DP_CURVE448_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 */ -#endif /* PSA_WANT_ECC_MONTGOMERY_448 */ - -#if defined(PSA_WANT_ECC_SECP_R1_192) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) -#define MBEDTLS_ECP_DP_SECP192R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 */ -#endif /* PSA_WANT_ECC_SECP_R1_192 */ - -#if defined(PSA_WANT_ECC_SECP_R1_224) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) -#define MBEDTLS_ECP_DP_SECP224R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 */ -#endif /* PSA_WANT_ECC_SECP_R1_224 */ - -#if defined(PSA_WANT_ECC_SECP_R1_256) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) -#define MBEDTLS_ECP_DP_SECP256R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 */ -#endif /* PSA_WANT_ECC_SECP_R1_256 */ - -#if defined(PSA_WANT_ECC_SECP_R1_384) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) -#define MBEDTLS_ECP_DP_SECP384R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 */ -#endif /* PSA_WANT_ECC_SECP_R1_384 */ - -#if defined(PSA_WANT_ECC_SECP_R1_521) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) -#define MBEDTLS_ECP_DP_SECP521R1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 */ -#endif /* PSA_WANT_ECC_SECP_R1_521 */ - -#if defined(PSA_WANT_ECC_SECP_K1_192) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) -#define MBEDTLS_ECP_DP_SECP192K1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 */ -#endif /* PSA_WANT_ECC_SECP_K1_192 */ - -#if defined(PSA_WANT_ECC_SECP_K1_224) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) -/* - * SECP224K1 is buggy via the PSA API in Mbed TLS - * (https://github.com/Mbed-TLS/mbedtls/issues/3541). - */ -#error "SECP224K1 is buggy via the PSA API in Mbed TLS." -#define MBEDTLS_ECP_DP_SECP224K1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 */ -#endif /* PSA_WANT_ECC_SECP_K1_224 */ - -#if defined(PSA_WANT_ECC_SECP_K1_256) -#if !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) -#define MBEDTLS_ECP_DP_SECP256K1_ENABLED -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 -#endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */ -#endif /* PSA_WANT_ECC_SECP_K1_256 */ - - - -/****************************************************************/ -/* Infer PSA requirements from Mbed TLS capabilities */ -/****************************************************************/ +#include "mbedtls/config_adjust_legacy_from_psa.h" #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ -/* - * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG - * is not defined - */ +/* Infer PSA requirements from Mbed TLS capabilities */ -#if defined(MBEDTLS_CCM_C) -#define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 -#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 -#define PSA_WANT_ALG_CCM 1 -#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 -#endif /* MBEDTLS_CCM_C */ +#include "mbedtls/config_adjust_psa_from_legacy.h" -#if defined(MBEDTLS_CMAC_C) -#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 -#define PSA_WANT_ALG_CMAC 1 -#endif /* MBEDTLS_CMAC_C */ - -#if defined(MBEDTLS_ECDH_C) -#define MBEDTLS_PSA_BUILTIN_ALG_ECDH 1 -#define PSA_WANT_ALG_ECDH 1 -#endif /* MBEDTLS_ECDH_C */ - -#if defined(MBEDTLS_ECDSA_C) -#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 -#define PSA_WANT_ALG_ECDSA 1 -#define PSA_WANT_ALG_ECDSA_ANY 1 - -// Only add in DETERMINISTIC support if ECDSA is also enabled -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) -#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 -#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - -#endif /* MBEDTLS_ECDSA_C */ - -#if defined(MBEDTLS_ECP_C) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1 -#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 -#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_GCM_C) -#define MBEDTLS_PSA_BUILTIN_ALG_GCM 1 -#define PSA_WANT_ALG_GCM 1 -#endif /* MBEDTLS_GCM_C */ - -/* Enable PSA HKDF algorithm if mbedtls HKDF is supported. - * PSA HKDF EXTRACT and PSA HKDF EXPAND have minimal cost when - * PSA HKDF is enabled, so enable both algorithms together - * with PSA HKDF. */ -#if defined(MBEDTLS_HKDF_C) -#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 -#define PSA_WANT_ALG_HMAC 1 -#define MBEDTLS_PSA_BUILTIN_ALG_HKDF 1 -#define PSA_WANT_ALG_HKDF 1 -#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT 1 -#define PSA_WANT_ALG_HKDF_EXTRACT 1 -#define MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND 1 -#define PSA_WANT_ALG_HKDF_EXPAND 1 -#endif /* MBEDTLS_HKDF_C */ - -#define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1 -#define PSA_WANT_ALG_HMAC 1 -#define PSA_WANT_KEY_TYPE_HMAC - -#if defined(MBEDTLS_MD_C) -#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF 1 -#define PSA_WANT_ALG_TLS12_PRF 1 -#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS 1 -#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_MD5_C) -#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1 -#define PSA_WANT_ALG_MD5 1 -#endif - -#if defined(MBEDTLS_ECJPAKE_C) -#define MBEDTLS_PSA_BUILTIN_PAKE 1 -#define MBEDTLS_PSA_BUILTIN_ALG_JPAKE 1 -#define PSA_WANT_ALG_JPAKE 1 -#endif - -#if defined(MBEDTLS_RIPEMD160_C) -#define MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160 1 -#define PSA_WANT_ALG_RIPEMD160 1 -#endif - -#if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_PKCS1_V15) -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT 1 -#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 -#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 -#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1 -#endif /* MBEDTLS_PKCS1_V15 */ -#if defined(MBEDTLS_PKCS1_V21) -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 -#define PSA_WANT_ALG_RSA_OAEP 1 -#define MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS 1 -#define PSA_WANT_ALG_RSA_PSS 1 -#endif /* MBEDTLS_PKCS1_V21 */ -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1 -#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 -#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_SHA1_C) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_1 1 -#define PSA_WANT_ALG_SHA_1 1 -#endif - -#if defined(MBEDTLS_SHA224_C) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 -#define PSA_WANT_ALG_SHA_224 1 -#endif - -#if defined(MBEDTLS_SHA256_C) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 -#define PSA_WANT_ALG_SHA_256 1 -#endif - -#if defined(MBEDTLS_SHA384_C) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 -#define PSA_WANT_ALG_SHA_384 1 -#endif - -#if defined(MBEDTLS_SHA512_C) -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 -#define PSA_WANT_ALG_SHA_512 1 -#endif - -#if defined(MBEDTLS_AES_C) -#define PSA_WANT_KEY_TYPE_AES 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 -#endif - -#if defined(MBEDTLS_ARIA_C) -#define PSA_WANT_KEY_TYPE_ARIA 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 -#endif - -#if defined(MBEDTLS_CAMELLIA_C) -#define PSA_WANT_KEY_TYPE_CAMELLIA 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 -#endif - -#if defined(MBEDTLS_DES_C) -#define PSA_WANT_KEY_TYPE_DES 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES 1 -#endif - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) -#define MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS 1 -#define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1 -#endif - -#if defined(MBEDTLS_CHACHA20_C) -#define PSA_WANT_KEY_TYPE_CHACHA20 1 -#define PSA_WANT_ALG_STREAM_CIPHER 1 -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 -#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 -#if defined(MBEDTLS_CHACHAPOLY_C) -#define PSA_WANT_ALG_CHACHA20_POLY1305 1 -#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 -#endif -#endif - -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#define MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING 1 -#define PSA_WANT_ALG_CBC_NO_PADDING 1 -#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) -#define MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 1 -#define PSA_WANT_ALG_CBC_PKCS7 1 -#endif -#endif - -#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ - defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) -#define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 -#define PSA_WANT_ALG_ECB_NO_PADDING 1 -#endif - -#if defined(MBEDTLS_CIPHER_MODE_CFB) -#define MBEDTLS_PSA_BUILTIN_ALG_CFB 1 -#define PSA_WANT_ALG_CFB 1 -#endif - -#if defined(MBEDTLS_CIPHER_MODE_CTR) -#define MBEDTLS_PSA_BUILTIN_ALG_CTR 1 -#define PSA_WANT_ALG_CTR 1 -#endif - -#if defined(MBEDTLS_CIPHER_MODE_OFB) -#define MBEDTLS_PSA_BUILTIN_ALG_OFB 1 -#define PSA_WANT_ALG_OFB 1 -#endif - -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_256 1 -#define PSA_WANT_ECC_BRAINPOOL_P_R1_256 -#endif - -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_384 1 -#define PSA_WANT_ECC_BRAINPOOL_P_R1_384 -#endif - -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_BRAINPOOL_P_R1_512 1 -#define PSA_WANT_ECC_BRAINPOOL_P_R1_512 -#endif - -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_255 1 -#define PSA_WANT_ECC_MONTGOMERY_255 -#endif - -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_MONTGOMERY_448 1 -#define PSA_WANT_ECC_MONTGOMERY_448 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_192 1 -#define PSA_WANT_ECC_SECP_R1_192 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_224 1 -#define PSA_WANT_ECC_SECP_R1_224 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 1 -#define PSA_WANT_ECC_SECP_R1_256 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384 1 -#define PSA_WANT_ECC_SECP_R1_384 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521 1 -#define PSA_WANT_ECC_SECP_R1_521 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_192 1 -#define PSA_WANT_ECC_SECP_K1_192 -#endif - -/* SECP224K1 is buggy via the PSA API (https://github.com/Mbed-TLS/mbedtls/issues/3541) */ -#if 0 && defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_224 1 -#define PSA_WANT_ECC_SECP_K1_224 -#endif - -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -#define MBEDTLS_PSA_BUILTIN_ECC_SECP_K1_256 1 -#define PSA_WANT_ECC_SECP_K1_256 -#endif +/* Hopefully the file above will have enabled keypair symbols in a consistent + * way, but including this here fixes them if that wasn't the case. */ +#include "psa/crypto_adjust_config_key_pair_types.h" #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ -/* These features are always enabled. */ -#define PSA_WANT_KEY_TYPE_DERIVE 1 -#define PSA_WANT_KEY_TYPE_RAW_DATA 1 - -#ifdef __cplusplus -} +#if defined(PSA_WANT_ALG_JPAKE) +#define PSA_WANT_ALG_SOME_PAKE 1 #endif +#include "psa/crypto_adjust_auto_enabled.h" + #endif /* MBEDTLS_CONFIG_PSA_H */ diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h index 91a9e7fc3..ebecf35b0 100644 --- a/include/mbedtls/constant_time.h +++ b/include/mbedtls/constant_time.h @@ -23,20 +23,22 @@ #include - /** Constant-time buffer comparison without branches. * * This is equivalent to the standard memcmp function, but is likely to be - * compiled to code using bitwise operation rather than a branch. + * compiled to code using bitwise operations rather than a branch, such that + * the time taken is constant w.r.t. the data pointed to by \p a and \p b, + * and w.r.t. whether \p a and \p b are equal or not. It is not constant-time + * w.r.t. \p n . * * This function can be used to write constant-time code by replacing branches * with bit operations using masks. * - * \param a Pointer to the first buffer. - * \param b Pointer to the second buffer. - * \param n The number of bytes to compare in the buffer. + * \param a Pointer to the first buffer, containing at least \p n bytes. May not be NULL. + * \param b Pointer to the second buffer, containing at least \p n bytes. May not be NULL. + * \param n The number of bytes to compare. * - * \return Zero if the content of the two buffer is the same, + * \return Zero if the contents of the two buffers are the same, * otherwise non-zero. */ int mbedtls_ct_memcmp(const void *a, diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 8d28150d7..0348281e4 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -45,6 +45,7 @@ #include "mbedtls/build_info.h" #include "mbedtls/aes.h" +#include "entropy.h" #if defined(MBEDTLS_THREADING_C) #include "mbedtls/threading.h" @@ -94,17 +95,14 @@ * \brief The amount of entropy used per seed by default, in bytes. */ #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) -#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) -/** This is 48 bytes because the entropy module uses SHA-512 - * (\c MBEDTLS_ENTROPY_FORCE_SHA256 is disabled). +#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) +/** This is 48 bytes because the entropy module uses SHA-512. */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 -#else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */ +#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ -/** This is 32 bytes because the entropy module uses SHA-256 - * (the SHA512 module is disabled or - * \c MBEDTLS_ENTROPY_FORCE_SHA256 is enabled). +/** This is 32 bytes because the entropy module uses SHA-256. */ #if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) /** \warning To achieve a 256-bit security strength, you must pass a nonce @@ -112,7 +110,7 @@ */ #endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 -#endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */ +#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ #endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */ #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 2b0d00e4c..d6dd15224 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -131,6 +131,10 @@ #endif \ /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#if !defined(MBEDTLS_PRINTF_MS_TIME) +#define MBEDTLS_PRINTF_MS_TIME PRId64 +#endif /* MBEDTLS_PRINTF_MS_TIME */ + #ifdef __cplusplus extern "C" { #endif @@ -276,7 +280,10 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_x509_crt *crt); #endif -#if defined(MBEDTLS_ECDH_C) +/* Note: the MBEDTLS_ECDH_C guard here is mandatory because this debug function + only works for the built-in implementation. */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \ + defined(MBEDTLS_ECDH_C) typedef enum { MBEDTLS_DEBUG_ECDH_Q, MBEDTLS_DEBUG_ECDH_QP, @@ -303,7 +310,8 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, const char *file, int line, const mbedtls_ecdh_context *ecdh, mbedtls_debug_ecdh_attr attr); -#endif +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED && + MBEDTLS_ECDH_C */ #ifdef __cplusplus } diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 5a18634f8..f445102d9 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -3,7 +3,7 @@ * * \brief DES block cipher * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -53,7 +53,7 @@ extern "C" { /** * \brief DES context structure * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -64,6 +64,10 @@ mbedtls_des_context; /** * \brief Triple-DES context structure + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ typedef struct mbedtls_des3_context { uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */ @@ -79,7 +83,7 @@ mbedtls_des3_context; * * \param ctx DES context to be initialized * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -90,7 +94,7 @@ void mbedtls_des_init(mbedtls_des_context *ctx); * * \param ctx DES context to be cleared * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -100,6 +104,10 @@ void mbedtls_des_free(mbedtls_des_context *ctx); * \brief Initialize Triple-DES context * * \param ctx DES3 context to be initialized + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ void mbedtls_des3_init(mbedtls_des3_context *ctx); @@ -107,6 +115,10 @@ void mbedtls_des3_init(mbedtls_des3_context *ctx); * \brief Clear Triple-DES context * * \param ctx DES3 context to be cleared + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ void mbedtls_des3_free(mbedtls_des3_context *ctx); @@ -118,7 +130,7 @@ void mbedtls_des3_free(mbedtls_des3_context *ctx); * * \param key 8-byte secret key * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -134,7 +146,7 @@ void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]); * * \return 0 is parity was ok, 1 if parity was not correct. * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -148,7 +160,7 @@ int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZ * * \return 0 if no weak key was found, 1 if a weak key was identified. * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -163,7 +175,7 @@ int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); * * \return 0 * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -178,7 +190,7 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE * * \return 0 * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -192,6 +204,10 @@ int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBE * \param key 16-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, @@ -204,6 +220,10 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, * \param key 16-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, @@ -216,6 +236,10 @@ int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, * \param key 24-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, @@ -228,6 +252,10 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, * \param key 24-byte secret key * * \return 0 + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, @@ -242,7 +270,7 @@ int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, * * \return 0 if successful * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -270,7 +298,7 @@ int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, * \param input buffer holding the input data * \param output buffer holding the output data * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ @@ -291,6 +319,10 @@ int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx, * \param output 64-bit output block * * \return 0 if successful + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, @@ -317,6 +349,10 @@ int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, * \param output buffer holding the output data * * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH + * + * \warning DES/3DES are considered weak ciphers and their use constitutes a + * security risk. We recommend considering stronger ciphers + * instead. */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, @@ -335,7 +371,7 @@ int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, * \param SK Round keys * \param key Base key * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers * instead. */ diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 6ffe681ca..0232a71fd 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -325,7 +325,7 @@ size_t mbedtls_dhm_get_len(const mbedtls_dhm_context *ctx); * initialized. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p field is invalid. + * \return #MBEDTLS_ERR_DHM_BAD_INPUT_DATA if \p param is invalid. * \return An \c MBEDTLS_ERR_MPI_XXX error code if the copy fails. */ int mbedtls_dhm_get_value(const mbedtls_dhm_context *ctx, diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 0a420400d..3b2b418f1 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -71,6 +71,11 @@ extern "C" { * \warning Performing multiple operations concurrently on the same * ECDSA context is not supported; objects of this type * should not be shared between multiple threads. + * + * \note pk_wrap module assumes that "ecdsa_context" is identical + * to "ecp_keypair" (see for example structure + * "mbedtls_eckey_info" where ECDSA sign/verify functions + * are used also for EC key) */ typedef mbedtls_ecp_keypair mbedtls_ecdsa_context; @@ -202,8 +207,9 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * \param md_alg The hash algorithm used to hash the original data. * \param f_rng_blind The RNG function used for blinding. This must not be * \c NULL. - * \param p_rng_blind The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng doesn't need a context parameter. + * \param p_rng_blind The RNG context to be passed to \p f_rng_blind. This + * may be \c NULL if \p f_rng_blind doesn't need a context + * parameter. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX @@ -217,6 +223,135 @@ int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, void *p_rng_blind); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ +#if !defined(MBEDTLS_ECDSA_SIGN_ALT) +/** + * \brief This function computes the ECDSA signature of a + * previously-hashed message, in a restartable way. + * + * \note The deterministic version implemented in + * mbedtls_ecdsa_sign_det_restartable() is usually + * preferred. + * + * \note This function is like \c mbedtls_ecdsa_sign() but + * it can return early and restart according to the + * limit set with \c mbedtls_ecp_set_max_ops() to + * reduce blocking. + * + * \note If the bitlength of the message hash is larger + * than the bitlength of the group order, then the + * hash is truncated as defined in Standards for + * Efficient Cryptography Group (SECG): SEC1 Elliptic + * Curve Cryptography, section 4.1.3, step 5. + * + * \see ecp.h + * + * \param grp The context for the elliptic curve to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param r The MPI context in which to store the first part + * the signature. This must be initialized. + * \param s The MPI context in which to store the second part + * the signature. This must be initialized. + * \param d The private signing key. This must be initialized + * and setup, for example through + * mbedtls_ecp_gen_privkey(). + * \param buf The hashed content to be signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context parameter. + * \param f_rng_blind The RNG function used for blinding. This must not be + * \c NULL. + * \param p_rng_blind The RNG context to be passed to \p f_rng. This may be + * \c NULL if \p f_rng doesn't need a context parameter. + * \param rs_ctx The restart context to use. This may be \c NULL + * to disable restarting. If it is not \c NULL, it + * must point to an initialized restart context. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c + * mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX, \c + * MBEDTLS_ERR_MPI_XXX or \c MBEDTLS_ERR_ASN1_XXX + * error code on failure. + */ +int mbedtls_ecdsa_sign_restartable( + mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, + const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx); + +#endif /* !MBEDTLS_ECDSA_SIGN_ALT */ + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + +/** + * \brief This function computes the ECDSA signature of a + * previously-hashed message, in a restartable way. + * + * \note This function is like \c + * mbedtls_ecdsa_sign_det_ext() but it can return + * early and restart according to the limit set with + * \c mbedtls_ecp_set_max_ops() to reduce blocking. + * + * \note If the bitlength of the message hash is larger + * than the bitlength of the group order, then the + * hash is truncated as defined in Standards for + * Efficient Cryptography Group (SECG): SEC1 Elliptic + * Curve Cryptography, section 4.1.3, step 5. + * + * \see ecp.h + * + * \param grp The context for the elliptic curve to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param r The MPI context in which to store the first part + * the signature. This must be initialized. + * \param s The MPI context in which to store the second part + * the signature. This must be initialized. + * \param d The private signing key. This must be initialized + * and setup, for example through + * mbedtls_ecp_gen_privkey(). + * \param buf The hashed content to be signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param md_alg The hash algorithm used to hash the original data. + * \param f_rng_blind The RNG function used for blinding. This must not be + * \c NULL. + * \param p_rng_blind The RNG context to be passed to \p f_rng_blind. This may be + * \c NULL if \p f_rng_blind doesn't need a context parameter. + * \param rs_ctx The restart context to use. This may be \c NULL + * to disable restarting. If it is not \c NULL, it + * must point to an initialized restart context. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c + * mbedtls_ecp_set_max_ops(). + * \return Another \c MBEDTLS_ERR_ECP_XXX, \c + * MBEDTLS_ERR_MPI_XXX or \c MBEDTLS_ERR_ASN1_XXX + * error code on failure. + */ +int mbedtls_ecdsa_sign_det_restartable( + mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx); + +#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ + /** * \brief This function verifies the ECDSA signature of a * previously-hashed message. @@ -252,6 +387,51 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s); +#if !defined(MBEDTLS_ECDSA_VERIFY_ALT) +/** + * \brief This function verifies the ECDSA signature of a + * previously-hashed message, in a restartable manner + * + * \note If the bitlength of the message hash is larger than the + * bitlength of the group order, then the hash is truncated as + * defined in Standards for Efficient Cryptography Group + * (SECG): SEC1 Elliptic Curve Cryptography, section + * 4.1.4, step 3. + * + * \see ecp.h + * + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * \param buf The hashed content that was signed. This must be a readable + * buffer of length \p blen Bytes. It may be \c NULL if + * \p blen is zero. + * \param blen The length of \p buf in Bytes. + * \param Q The public key to use for verification. This must be + * initialized and setup. + * \param r The first integer of the signature. + * This must be initialized. + * \param s The second integer of the signature. + * This must be initialized. + * \param rs_ctx The restart context to use. This may be \c NULL to disable + * restarting. If it is not \c NULL, it must point to an + * initialized restart context. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of + * operations was reached: see \c mbedtls_ecp_set_max_ops(). + * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX + * error code on failure. + */ +int mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s, + mbedtls_ecdsa_restart_ctx *rs_ctx); + +#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ + /** * \brief This function computes the ECDSA signature and writes it * to a buffer, serialized as defined in RFC-4492: @@ -280,7 +460,7 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * \param md_alg The message digest that was used to hash the message. * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. + * buffer of length \p hlen Bytes. * \param hlen The length of the hash \p hash in Bytes. * \param sig The buffer to which to write the signature. This must be a * writable buffer of length at least twice as large as the @@ -323,7 +503,7 @@ int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx, * via mbedtls_ecdsa_genkey() or mbedtls_ecdsa_from_keypair(). * \param md_alg The message digest that was used to hash the message. * \param hash The message hash to be signed. This must be a readable - * buffer of length \p blen Bytes. + * buffer of length \p hlen Bytes. * \param hlen The length of the hash \p hash in Bytes. * \param sig The buffer to which to write the signature. This must be a * writable buffer of length at least twice as large as the @@ -370,7 +550,7 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, * \param ctx The ECDSA context to use. This must be initialized * and have a group and public key bound to it. * \param hash The message hash that was signed. This must be a readable - * buffer of length \p size Bytes. + * buffer of length \p hlen Bytes. * \param hlen The size of the hash \p hash. * \param sig The signature to read and verify. This must be a readable * buffer of length \p slen Bytes. @@ -400,7 +580,7 @@ int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx, * \param ctx The ECDSA context to use. This must be initialized * and have a group and public key bound to it. * \param hash The message hash that was signed. This must be a readable - * buffer of length \p size Bytes. + * buffer of length \p hlen Bytes. * \param hlen The size of the hash \p hash. * \param sig The signature to read and verify. This must be a readable * buffer of length \p slen Bytes. diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index a63bb32f3..0008d7312 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -54,6 +54,7 @@ extern "C" { typedef enum { MBEDTLS_ECJPAKE_CLIENT = 0, /**< Client */ MBEDTLS_ECJPAKE_SERVER, /**< Server */ + MBEDTLS_ECJPAKE_NONE, /**< Undefined */ } mbedtls_ecjpake_role; #if !defined(MBEDTLS_ECJPAKE_ALT) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 18b37a947..bf95b907a 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -175,7 +175,7 @@ mbedtls_ecp_point; #if !defined(MBEDTLS_ECP_ALT) /* - * default mbed TLS elliptic curve arithmetic implementation + * default Mbed TLS elliptic curve arithmetic implementation * * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an * alternative implementation for the whole module and it will replace this @@ -197,6 +197,27 @@ mbedtls_ecp_point; * odd prime as mbedtls_ecp_mul() requires an odd number, and * mbedtls_ecdsa_sign() requires that it is prime for blinding purposes. * + * The default implementation only initializes \p A without setting it to the + * authentic value for curves with A = -3(SECP256R1, etc), in which + * case you need to load \p A by yourself when using domain parameters directly, + * for example: + * \code + * mbedtls_mpi_init(&A); + * mbedtls_ecp_group_init(&grp); + * CHECK_RETURN(mbedtls_ecp_group_load(&grp, grp_id)); + * if (mbedtls_ecp_group_a_is_minus_3(&grp)) { + * CHECK_RETURN(mbedtls_mpi_sub_int(&A, &grp.P, 3)); + * } else { + * CHECK_RETURN(mbedtls_mpi_copy(&A, &grp.A)); + * } + * + * do_something_with_a(&A); + * + * cleanup: + * mbedtls_mpi_free(&A); + * mbedtls_ecp_group_free(&grp); + * \endcode + * * For Montgomery curves, we do not store \p A, but (A + 2) / 4, * which is the quantity used in the formulas. Additionally, \p nbits is * not the size of \p N but the required size for private keys. @@ -223,8 +244,11 @@ mbedtls_ecp_point; typedef struct mbedtls_ecp_group { mbedtls_ecp_group_id id; /*!< An internal group identifier. */ mbedtls_mpi P; /*!< The prime modulus of the base field. */ - mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. For - Montgomery curves: (A + 2) / 4. */ + mbedtls_mpi A; /*!< For Short Weierstrass: \p A in the equation. Note that + \p A is not set to the authentic value in some cases. + Refer to detailed description of ::mbedtls_ecp_group if + using domain parameters in the structure. + For Montgomery curves: (A + 2) / 4. */ mbedtls_mpi B; /*!< For Short Weierstrass: \p B in the equation. For Montgomery curves: unused. */ mbedtls_ecp_point G; /*!< The generator of the subgroup used. */ @@ -303,7 +327,7 @@ mbedtls_ecp_group; /** * The maximum size of the groups, that is, of \c N and \c P. */ -#if !defined(MBEDTLS_ECP_C) +#if !defined(MBEDTLS_ECP_LIGHT) /* Dummy definition to help code that has optional ECP support and * defines an MBEDTLS_ECP_MAX_BYTES-sized array unconditionally. */ #define MBEDTLS_ECP_MAX_BITS 1 @@ -334,9 +358,9 @@ mbedtls_ecp_group; #define MBEDTLS_ECP_MAX_BITS 192 #elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) #define MBEDTLS_ECP_MAX_BITS 192 -#else +#else /* !MBEDTLS_ECP_LIGHT */ #error "Missing definition of MBEDTLS_ECP_MAX_BITS" -#endif +#endif /* !MBEDTLS_ECP_LIGHT */ #define MBEDTLS_ECP_MAX_BYTES ((MBEDTLS_ECP_MAX_BITS + 7) / 8) #define MBEDTLS_ECP_MAX_PT_LEN (2 * MBEDTLS_ECP_MAX_BYTES + 1) @@ -419,11 +443,22 @@ typedef struct mbedtls_ecp_keypair { } mbedtls_ecp_keypair; -/* - * Point formats, from RFC 4492's enum ECPointFormat +/** + * The uncompressed point format for Short Weierstrass curves + * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX). */ -#define MBEDTLS_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format. */ -#define MBEDTLS_ECP_PF_COMPRESSED 1 /**< Compressed point format. */ +#define MBEDTLS_ECP_PF_UNCOMPRESSED 0 +/** + * The compressed point format for Short Weierstrass curves + * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX). + * + * \warning While this format is supported for all concerned curves for + * writing, when it comes to parsing, it is not supported for all + * curves. Specifically, parsing compressed points on + * MBEDTLS_ECP_DP_SECP224R1 and MBEDTLS_ECP_DP_SECP224K1 is not + * supported. + */ +#define MBEDTLS_ECP_PF_COMPRESSED 1 /* * Some other constants from RFC 4492 @@ -461,6 +496,12 @@ mbedtls_ecp_keypair; * only enabled for specific sides and key exchanges * (currently only for clients and ECDHE-ECDSA). * + * \warning Using the PSA interruptible interfaces with keys in local + * storage and no accelerator driver will also call this + * function to set the values specified via those interfaces, + * overwriting values previously set. Care should be taken if + * mixing these two interfaces. + * * \param max_ops Maximum number of basic operations done in a row. * Default: 0 (unlimited). * Lower (non-zero) values mean ECC functions will block for @@ -752,6 +793,9 @@ int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, * belongs to the given group, see mbedtls_ecp_check_pubkey() * for that. * + * \note For compressed points, see #MBEDTLS_ECP_PF_COMPRESSED for + * limitations. + * * \param grp The group to which the point should belong. * This must be initialized and have group parameters * set, for example through mbedtls_ecp_group_load(). @@ -971,6 +1015,26 @@ int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, mbedtls_ecp_restart_ctx *rs_ctx); #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) +/** + * \brief This function checks if domain parameter A of the curve is + * \c -3. + * + * \note This function is only defined for short Weierstrass curves. + * It may not be included in builds without any short + * Weierstrass curve. + * + * \param grp The ECP group to use. + * This must be initialized and have group parameters + * set, for example through mbedtls_ecp_group_load(). + * + * \return \c 1 if A = -3. + * \return \c 0 Otherwise. + */ +static inline int mbedtls_ecp_group_a_is_minus_3(const mbedtls_ecp_group *grp) +{ + return grp->A.MBEDTLS_PRIVATE(p) == NULL; +} + /** * \brief This function performs multiplication and addition of two * points by integers: \p R = \p m * \p P + \p n * \p Q @@ -1063,7 +1127,7 @@ int mbedtls_ecp_muladd_restartable( * * It only checks that the point is non-zero, has * valid coordinates and lies on the curve. It does not verify - * that it is indeed a multiple of \p G. This additional + * that it is indeed a multiple of \c G. This additional * check is computationally more expensive, is not required * by standards, and should not be necessary if the group * used has a small cofactor. In particular, it is useless for @@ -1088,7 +1152,7 @@ int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt); /** - * \brief This function checks that an \p mbedtls_mpi is a + * \brief This function checks that an \c mbedtls_mpi is a * valid private key for this curve. * * \note This function uses bare components rather than an diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 2c8b75031..c2bba41d2 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -27,13 +27,17 @@ #include -#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) -#include "mbedtls/sha512.h" +#include "md.h" + +#if defined(MBEDTLS_MD_CAN_SHA512) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) #define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR +#define MBEDTLS_ENTROPY_MD MBEDTLS_MD_SHA512 +#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ #else -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR -#include "mbedtls/sha256.h" +#define MBEDTLS_ENTROPY_MD MBEDTLS_MD_SHA256 +#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ #endif #endif @@ -71,12 +75,6 @@ /** \} name SECTION: Module settings */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) -#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ -#else -#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ -#endif - #define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */ #define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES @@ -117,14 +115,10 @@ mbedtls_entropy_source_state; * \brief Entropy context structure */ typedef struct mbedtls_entropy_context { + mbedtls_md_context_t MBEDTLS_PRIVATE(accumulator); int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init. * 1 after the first update. * -1 after free. */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator); -#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR) - mbedtls_sha256_context MBEDTLS_PRIVATE(accumulator); -#endif int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */ mbedtls_entropy_source_state MBEDTLS_PRIVATE(source)[MBEDTLS_ENTROPY_MAX_SOURCES]; #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 23a83f2c8..a7454f234 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -73,6 +73,7 @@ * SHA1 1 0x0035-0x0035 0x0073-0x0073 * SHA256 1 0x0037-0x0037 0x0074-0x0074 * SHA512 1 0x0039-0x0039 0x0075-0x0075 + * SHA-3 1 0x0076-0x0076 * CHACHA20 3 0x0051-0x0055 * POLY1305 3 0x0057-0x005B * CHACHAPOLY 2 0x0054-0x0056 @@ -165,9 +166,9 @@ static inline int mbedtls_error_add(int high, int low, } /** - * \brief Translate a mbed TLS error code into a string representation, - * Result is truncated if necessary and always includes a terminating - * null byte. + * \brief Translate an Mbed TLS error code into a string representation. + * The result is truncated if necessary and always includes a + * terminating null byte. * * \param errnum error code * \param buffer buffer to place representation in diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 4ca6b0823..2e5aa6d06 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -183,8 +183,8 @@ void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx); * \param len The length of the personalization string. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * and also at most - * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len * 3 / 2 - * where \p entropy_len is the entropy length + * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2 + * where \c entropy_len is the entropy length * described above. * * \return \c 0 if successful. @@ -313,8 +313,8 @@ int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, * \param len The length of the additional data. * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT * and also at most - * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \p entropy_len - * where \p entropy_len is the entropy length + * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len + * where \c entropy_len is the entropy length * (see mbedtls_hmac_drbg_set_entropy_len()). * * \return \c 0 if successful. diff --git a/include/mbedtls/legacy_or_psa.h b/include/mbedtls/legacy_or_psa.h deleted file mode 100644 index e9bdb7783..000000000 --- a/include/mbedtls/legacy_or_psa.h +++ /dev/null @@ -1,215 +0,0 @@ -/** - * Macros to express dependencies for code and tests that may use either the - * legacy API or PSA in various builds. This whole header file is currently - * for internal use only and both the header file and the macros it defines - * may change or be removed without notice. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * Note: applications that are targeting a specific configuration do not need - * to use these macros; instead they should directly use the functions they - * know are available in their configuration. - * - * Note: code that is purely based on PSA Crypto (psa_xxx() functions) - * does not need to use these macros; instead it should use the relevant - * PSA_WANT_xxx macros. - * - * Note: code that is purely based on the legacy crypto APIs (mbedtls_xxx()) - * does not need to use these macros; instead it should use the relevant - * MBEDTLS_xxx macros. - * - * These macros are for code that wants to use and will do so - * using or PSA depending on , where: - * - will generally be an algorithm (SHA-256, ECDH) but may - * also be a key type (AES, RSA, EC) or domain parameters (elliptic curve); - * - will be either: - * - low-level module API (aes.h, sha256.h), or - * - an abstraction layer (md.h, cipher.h); - * - will be either: - * - depending on what's available in the build: - * legacy API used if available, PSA otherwise - * (this is done to ensure backwards compatibility); or - * - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined. - * - * Examples: - * - TLS 1.2 will compute hashes using either mbedtls_md_xxx() (and - * mbedtls_sha256_xxx()) or psa_aead_xxx() depending on whether - * MBEDTLS_USE_PSA_CRYPTO is defined; - * - RSA PKCS#1 v2.1 will compute hashes (for padding) using either - * `mbedtls_md()` if it's available, or `psa_hash_compute()` otherwise; - * - PEM decoding of PEM-encrypted keys will compute MD5 hashes using either - * `mbedtls_md5_xxx()` if it's available, or `psa_hash_xxx()` otherwise. - * - * Note: the macros are essential to express test dependencies. Inside code, - * we could instead just use the equivalent pre-processor condition, but - * that's not possible in test dependencies where we need a single macro. - * Hopefully, using these macros in code will also help with consistency. - * - * The naming scheme for these macros is: - * MBEDTLS_HAS_feature_VIA_legacy_OR_PSA(_condition) - * where: - * - feature is expressed the same way as in PSA_WANT_xxx macros, for example: - * KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256; - * - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER; - * - condition is omitted if it's based on availability, else it's - * BASED_ON_USE_PSA. - * - * Coming back to the examples above: - * - TLS 1.2 will determine if it can use SHA-256 using - * MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA - * for the purposes of negotiation, and in test dependencies; - * - RSA PKCS#1 v2.1 tests that used SHA-256 will depend on - * MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA - * - PEM decoding code and its associated tests will depend on - * MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA - * - * Note: every time it's possible to use, say SHA-256, via the MD API, then - * it's also possible to use it via the low-level API. So, code that wants to - * use SHA-256 via both APIs only needs to depend on the MD macro. Also, it - * just so happens that all the code choosing which API to use based on - * MBEDTLS_USE_PSA_CRYPTO (X.509, TLS 1.2/shared), always uses the abstraction - * layer (sometimes in addition to the low-level API), so we don't need the - * MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA_BASED_ON_USE_PSA macros. - * (PK, while obeying MBEDTLS_USE_PSA_CRYPTO, doesn't compute hashes itself, - * even less makes use of ciphers.) - * - * Note: the macros MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA are the minimal - * condition for being able to use at all. As such, they should be - * used for guarding data about , such as OIDs or size. For example, - * OID values related to SHA-256 are only useful when SHA-256 can be used at - * least in some way. - */ - -#ifndef MBEDTLS_OR_PSA_HELPERS_H -#define MBEDTLS_OR_PSA_HELPERS_H - -#include "mbedtls/build_info.h" -#if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa/crypto.h" -#endif /* MBEDTLS_PSA_CRYPTO_C */ - -/* - * Hashes - */ - -/* Hashes using low-level or PSA based on availability */ -#if defined(MBEDTLS_MD5_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5)) -#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA -#endif -#if defined(MBEDTLS_RIPEMD160_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160)) -#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA -#endif -#if defined(MBEDTLS_SHA1_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1)) -#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA -#endif -#if defined(MBEDTLS_SHA224_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224)) -#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA -#endif -#if defined(MBEDTLS_SHA256_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256)) -#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA -#endif -#if defined(MBEDTLS_SHA384_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384)) -#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA -#endif -#if defined(MBEDTLS_SHA512_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512)) -#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA -#endif - -/* Hashes using MD or PSA based on availability */ -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5)) -#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA -#endif -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160)) -#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA -#endif -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1)) -#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA -#endif -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224)) -#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA -#endif -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256)) -#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA -#endif -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384)) -#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA -#endif -#if (defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \ - (!defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512)) -#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA -#endif - -/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */ -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5)) -#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160)) -#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1)) -#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224)) -#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256)) -#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384)) -#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && \ - defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512)) -#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA -#endif - -#endif /* MBEDTLS_OR_PSA_HELPERS_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 11c3139bd..af0761395 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -48,11 +48,15 @@ * Requires support for asm() in compiler. * * Used in: + * library/aesni.h * library/aria.c * library/bn_mul.h + * library/constant_time.c + * library/padlock.h * * Required by: - * MBEDTLS_AESNI_C + * MBEDTLS_AESCE_C + * MBEDTLS_AESNI_C (on some platforms) * MBEDTLS_PADLOCK_C * * Comment to disable the use of assembly code. @@ -164,19 +168,51 @@ * * Enable the memory allocation layer. * - * By default mbed TLS uses the system-provided calloc() and free(). + * By default Mbed TLS uses the system-provided calloc() and free(). * This allows different allocators (self-implemented or provided) to be * provided to the platform abstraction layer. * - * Enabling MBEDTLS_PLATFORM_MEMORY without the + * Enabling #MBEDTLS_PLATFORM_MEMORY without the * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and * free() function pointer at runtime. * - * Enabling MBEDTLS_PLATFORM_MEMORY and specifying + * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the * alternate function at compile time. * + * An overview of how the value of mbedtls_calloc is determined: + * + * - if !MBEDTLS_PLATFORM_MEMORY + * - mbedtls_calloc = calloc + * - if MBEDTLS_PLATFORM_MEMORY + * - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO + * - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO): + * - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC. + * - How is MBEDTLS_PLATFORM_STD_CALLOC handled? + * - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything; + * - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present; + * - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS: + * - if MBEDTLS_PLATFORM_STD_CALLOC is present: + * - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected; + * - if !MBEDTLS_PLATFORM_STD_CALLOC: + * - MBEDTLS_PLATFORM_STD_CALLOC = calloc + * + * - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked. + * - if !MBEDTLS_PLATFORM_STD_CALLOC + * - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc + * + * - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC. + * + * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible. + * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time. + * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, + * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases. + * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. + * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. + * * Requires: MBEDTLS_PLATFORM_C * * Enable this layer to allow use of alternative memory allocators. @@ -205,10 +241,10 @@ /** * \def MBEDTLS_PLATFORM_EXIT_ALT * - * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the + * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let Mbed TLS support the * function in the platform abstraction layer. * - * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will + * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, Mbed TLS will * provide a function "mbedtls_platform_set_printf()" that allows you to set an * alternative printf function pointer. * @@ -234,6 +270,49 @@ //#define MBEDTLS_PLATFORM_VSNPRINTF_ALT //#define MBEDTLS_PLATFORM_NV_SEED_ALT //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT +//#define MBEDTLS_PLATFORM_MS_TIME_ALT + +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_gmtime_r(). This replaces the default implementation in + * platform_util.c. + * + * gmtime() is not a thread-safe function as defined in the C standard. The + * library will try to use safer implementations of this function, such as + * gmtime_r() when available. However, if Mbed TLS cannot identify the target + * system, the implementation of mbedtls_platform_gmtime_r() will default to + * using the standard gmtime(). In this case, calls from the library to + * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex + * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the + * library are also guarded with this mutex to avoid race conditions. However, + * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will + * unconditionally use the implementation for mbedtls_platform_gmtime_r() + * supplied at compile time. + */ +//#define MBEDTLS_PLATFORM_GMTIME_R_ALT + +/** + * Uncomment the macro to let Mbed TLS use your alternate implementation of + * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces + * the default implementation in platform_util.c. + * + * By default, the library uses a system function such as memset_s() + * (optional feature of C11), explicit_bzero() (BSD and compatible), or + * SecureZeroMemory (Windows). If no such function is detected, the library + * falls back to a plain C implementation. Compilers are technically + * permitted to optimize this implementation out, meaning that the memory is + * not actually wiped. The library tries to prevent that, but the C language + * makes it impossible to guarantee that the memory will always be wiped. + * + * If your platform provides a guaranteed method to wipe memory which + * `platform_util.c` does not detect, define this macro to the name of + * a function that takes two arguments, a `void *` pointer and a length, + * and wipes that many bytes starting at the specified address. For example, + * if your platform has explicit_bzero() but `platform_util.c` does not + * detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be + * `explicit_bzero` to use that function as mbedtls_platform_zeroize(). + */ +//#define MBEDTLS_PLATFORM_ZEROIZE_ALT /** * \def MBEDTLS_DEPRECATED_WARNING @@ -265,7 +344,7 @@ /** \} name SECTION: System support */ /** - * \name SECTION: mbed TLS feature support + * \name SECTION: Mbed TLS feature support * * This section sets support for features that are or are not needed * within the modules that are enabled. @@ -288,7 +367,7 @@ /** * \def MBEDTLS_AES_ALT * - * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your * alternate core implementation of a symmetric crypto, an arithmetic or hash * module (e.g. platform specific assembly optimized implementations). Keep * in mind that the function prototypes should remain the same. @@ -296,7 +375,7 @@ * This replaces the whole module. If you only want to replace one of the * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. * - * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer + * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer * provide the "struct mbedtls_aes_context" definition and omit the base * function declarations and implementations. "aes_alt.h" will be included from * "aes.h" to include the new function definitions. @@ -344,14 +423,14 @@ /** * \def MBEDTLS_SHA256_PROCESS_ALT * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you + * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you * alternate core implementation of symmetric crypto or hash function. Keep in * mind that function prototypes should remain the same. * - * This replaces only one function. The header file from mbed TLS is still + * This replaces only one function. The header file from Mbed TLS is still * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will + * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will * no longer provide the mbedtls_sha1_process() function, but it will still provide * the other function (using your mbedtls_sha1_process() function) and the definition * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible @@ -401,11 +480,11 @@ * * Expose a part of the internal interface of the Elliptic Curve Point module. * - * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your + * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use your * alternative core implementation of elliptic curve arithmetic. Keep in mind * that function prototypes should remain the same. * - * This partially replaces one function. The header file from mbed TLS is still + * This partially replaces one function. The header file from Mbed TLS is still * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation * is still present and it is used for group structures not supported by the * alternative. @@ -429,11 +508,11 @@ * implement optimized set up and tear down instructions. * * Example: In case you set MBEDTLS_ECP_INTERNAL_ALT and - * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac() + * MBEDTLS_ECP_DOUBLE_JAC_ALT, Mbed TLS will still provide the ecp_double_jac() * function, but will use your mbedtls_internal_ecp_double_jac() if the group * for the operation is supported by your implementation (i.e. your * mbedtls_internal_ecp_grp_capable() function returns 1 for this group). If the - * group is not supported by your implementation, then the original mbed TLS + * group is not supported by your implementation, then the original Mbed TLS * implementation of ecp_double_jac() is used instead, unless this fallback * behaviour is disabled by setting MBEDTLS_ECP_NO_FALLBACK (in which case * ecp_double_jac() will return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE). @@ -464,7 +543,7 @@ /** * \def MBEDTLS_ENTROPY_HARDWARE_ALT * - * Uncomment this macro to let mbed TLS use your own implementation of a + * Uncomment this macro to let Mbed TLS use your own implementation of a * hardware entropy collector. * * Your function must be called \c mbedtls_hardware_poll(), have the same @@ -491,7 +570,6 @@ * performance if ROM access is slower than RAM access. * * This option is independent of \c MBEDTLS_AES_FEWER_TABLES. - * */ //#define MBEDTLS_AES_ROM_TABLES @@ -513,10 +591,40 @@ * depends on the system and memory details. * * This option is independent of \c MBEDTLS_AES_ROM_TABLES. - * */ //#define MBEDTLS_AES_FEWER_TABLES +/** + * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + * + * Use only 128-bit keys in AES operations to save ROM. + * + * Uncomment this macro to remove support for AES operations that use 192- + * or 256-bit keys. + * + * Uncommenting this macro reduces the size of AES code by ~300 bytes + * on v8-M/Thumb2. + * + * Module: library/aes.c + * + * Requires: MBEDTLS_AES_C + */ +//#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + +/* + * Disable plain C implementation for AES. + * + * When the plain C implementation is enabled, and an implementation using a + * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime + * detection will be used to select between them. + * + * If only one implementation is present, runtime detection will not be used. + * This configuration will crash at runtime if running on a CPU without the + * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C + * and/or MBEDTLS_AESNI_C is enabled & present in the build. + */ +//#define MBEDTLS_AES_USE_HARDWARE_ONLY + /** * \def MBEDTLS_CAMELLIA_SMALL_MEMORY * @@ -635,10 +743,20 @@ /** \def MBEDTLS_CTR_DRBG_USE_128_BIT_KEY * * Uncomment this macro to use a 128-bit key in the CTR_DRBG module. - * By default, CTR_DRBG uses a 256-bit key. + * Without this, CTR_DRBG uses a 256-bit key + * unless \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. */ //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +/** + * Enable the verified implementations of ECDH primitives from Project Everest + * (currently only Curve25519). This feature changes the layout of ECDH + * contexts and therefore is a compatibility break for applications that access + * fields of a mbedtls_ecdh_context structure directly. See also + * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. + */ +//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + /** * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * @@ -702,7 +820,7 @@ * - Changes the behaviour of TLS 1.2 clients (not servers) when using the * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC * computations restartable: - * - ECDH operations from the key exchange, only for Short Weierstass + * - ECDH operations from the key exchange, only for Short Weierstrass * curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled. * - verification of the server's key exchange signature; * - verification of the server's certificate chain; @@ -729,6 +847,14 @@ */ //#define MBEDTLS_ECP_RESTARTABLE +/** + * Uncomment to enable using new bignum code in the ECC modules. + * + * \warning This is currently experimental, incomplete and therefore should not + * be used in production. + */ +//#define MBEDTLS_ECP_WITH_MPI_UINT + /** * \def MBEDTLS_ECDSA_DETERMINISTIC * @@ -797,7 +923,7 @@ * * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. * - * Requires: MBEDTLS_ECDH_C + * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) * * This enables the following ciphersuites (if other requisites are * enabled as well): @@ -895,7 +1021,9 @@ * * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS. * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15, + * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) + * MBEDTLS_RSA_C + * MBEDTLS_PKCS1_V15 * MBEDTLS_X509_CRT_PARSE_C * * This enables the following ciphersuites (if other requisites are @@ -918,7 +1046,9 @@ * * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS. * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C, + * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) + * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) + * MBEDTLS_X509_CRT_PARSE_C * * This enables the following ciphersuites (if other requisites are * enabled as well): @@ -940,7 +1070,9 @@ * * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS. * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C + * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) + * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) + * MBEDTLS_X509_CRT_PARSE_C * * This enables the following ciphersuites (if other requisites are * enabled as well): @@ -962,7 +1094,9 @@ * * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS. * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C + * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH) + * MBEDTLS_RSA_C + * MBEDTLS_X509_CRT_PARSE_C * * This enables the following ciphersuites (if other requisites are * enabled as well): @@ -988,10 +1122,14 @@ * Thread v1.0.0 specification; incompatible changes to the specification * might still happen. For this reason, this is disabled by default. * - * Requires: MBEDTLS_ECJPAKE_C - * SHA-256 (via MD if present, or via PSA, see MBEDTLS_ECJPAKE_C) + * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE) + * SHA-256 (via MBEDTLS_SHA256_C or a PSA driver) * MBEDTLS_ECP_DP_SECP256R1_ENABLED * + * \warning If SHA-256 is provided only by a PSA driver, you must call + * psa_crypto_init() before the first hanshake (even if + * MBEDTLS_USE_PSA_CRYPTO is disabled). + * * This enables the following ciphersuites (if other requisites are * enabled as well): * MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 @@ -1012,6 +1150,19 @@ */ #define MBEDTLS_PK_PARSE_EC_EXTENDED +/** + * \def MBEDTLS_PK_PARSE_EC_COMPRESSED + * + * Enable the support for parsing public keys of type Short Weierstrass + * (MBEDTLS_ECP_DP_SECP_XXX and MBEDTLS_ECP_DP_BP_XXX) which are using the + * compressed point format. This parsing is done through ECP module's functions. + * + * \note As explained in the description of MBEDTLS_ECP_PF_COMPRESSED (in ecp.h) + * the only unsupported curves are MBEDTLS_ECP_DP_SECP224R1 and + * MBEDTLS_ECP_DP_SECP224K1. + */ +#define MBEDTLS_PK_PARSE_EC_COMPRESSED + /** * \def MBEDTLS_ERROR_STRERROR_DUMMY * @@ -1172,15 +1323,10 @@ * * Enable support for PKCS#1 v2.1 encoding. * - * Requires: MBEDTLS_RSA_C and (MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C). + * Requires: MBEDTLS_RSA_C * - * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() - * before doing any PKCS#1 v2.1 operation. - * - * \warning When building with MBEDTLS_MD_C, all hashes used with this - * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, - * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by - * this module in builds where MBEDTLS_MD_C is disabled. + * \warning If using a hash that is only provided by PSA drivers, you must + * call psa_crypto_init() before doing any PKCS#1 v2.1 operation. * * This enables support for RSAES-OAEP and RSASSA-PSS operations. */ @@ -1218,18 +1364,6 @@ */ //#define MBEDTLS_PSA_CRYPTO_CLIENT -/** \def MBEDTLS_PSA_CRYPTO_DRIVERS - * - * Enable support for the experimental PSA crypto driver interface. - * - * Requires: MBEDTLS_PSA_CRYPTO_C - * - * \warning This interface is experimental. We intend to maintain backward - * compatibility with application code that relies on drivers, - * but the driver interfaces may change without notice. - */ -//#define MBEDTLS_PSA_CRYPTO_DRIVERS - /** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG * * Make the PSA Crypto module use an external random generator provided @@ -1254,8 +1388,8 @@ * ); * ``` * The \c context value is initialized to 0 before the first call. - * The function must fill the \c output buffer with \p output_size bytes - * of random data and set \c *output_length to \p output_size. + * The function must fill the \c output buffer with \c output_size bytes + * of random data and set \c *output_length to \c output_size. * * Requires: MBEDTLS_PSA_CRYPTO_C * @@ -1276,12 +1410,60 @@ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process * Environment). * + * If you enable this option, your build environment must include a header + * file `"crypto_spe.h"` (either in the `psa` subdirectory of the Mbed TLS + * header files, or in another directory on the compiler's include search + * path). Alternatively, your platform may customize the header + * `psa/crypto_platform.h`, in which case it can skip or replace the + * inclusion of `"crypto_spe.h"`. + * * Module: library/psa_crypto.c * Requires: MBEDTLS_PSA_CRYPTO_C * */ //#define MBEDTLS_PSA_CRYPTO_SPM +/** + * Uncomment to enable p256-m. This is an alternative implementation of + * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1. + * Compared to the default implementation: + * + * - p256-m has a much smaller code size and RAM footprint. + * - p256-m is only available via the PSA API. This includes the pk module + * when #MBEDTLS_USE_PSA_CRYPTO is enabled. + * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols + * over the core arithmetic, or deterministic derivation of keys. + * + * We recommend enabling this option if your application uses the PSA API + * and the only elliptic curve support it needs is ECDH and ECDSA over + * SECP256R1. + * + * If you enable this option, you do not need to enable any ECC-related + * MBEDTLS_xxx option. You do need to separately request support for the + * cryptographic mechanisms through the PSA API: + * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based + * configuration; + * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS; + * - #PSA_WANT_ECC_SECP_R1_256; + * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed; + * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT, + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed. + * + * \note To benefit from the smaller code size of p256-m, make sure that you + * do not enable any ECC-related option not supported by p256-m: this + * would cause the built-in ECC implementation to be built as well, in + * order to provide the required option. + * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than + * SECP256R1 are disabled as they are not supported by this driver. + * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or + * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of + * the built-in ECC implementation, see docs/driver-only-builds.md. + */ +//#define MBEDTLS_PSA_P256M_DRIVER_ENABLED + /** * \def MBEDTLS_PSA_INJECT_ENTROPY * @@ -1343,7 +1525,7 @@ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * * Enable sending of alert messages in case of encountered errors as per RFC. - * If you choose not to send the alert messages, mbed TLS can still communicate + * If you choose not to send the alert messages, Mbed TLS can still communicate * with other servers, only debugging of failures is harder. * * The advantage of not sending alert messages, is that no information is given @@ -1524,6 +1706,8 @@ * it has been associated with security issues in the past and is easy to * misuse/misunderstand. * + * Requires: MBEDTLS_SSL_PROTO_TLS1_2 + * * Comment this to disable support for renegotiation. * * \note Even if this option is disabled, both client and server are aware @@ -1544,19 +1728,34 @@ */ #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH +/** + * \def MBEDTLS_SSL_RECORD_SIZE_LIMIT + * + * Enable support for RFC 8449 record_size_limit extension in SSL (TLS 1.3 only). + * + * \warning This extension is currently in development and must NOT be used except + * for testing purposes. + * + * Requires: MBEDTLS_SSL_PROTO_TLS1_3 + * + * Uncomment this macro to enable support for the record_size_limit extension + */ +//#define MBEDTLS_SSL_RECORD_SIZE_LIMIT + /** * \def MBEDTLS_SSL_PROTO_TLS1_2 * * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled). * * Requires: Without MBEDTLS_USE_PSA_CRYPTO: MBEDTLS_MD_C and - * (MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C) + * (MBEDTLS_SHA256_C or MBEDTLS_SHA384_C or + * SHA-256 or SHA-512 provided by a PSA driver) * With MBEDTLS_USE_PSA_CRYPTO: - * PSA_WANT_ALG_SHA_1 or PSA_WANT_ALG_SHA_256 or - * PSA_WANT_ALG_SHA_512 + * PSA_WANT_ALG_SHA_256 or PSA_WANT_ALG_SHA_384 * - * \warning If building with MBEDTLS_USE_PSA_CRYPTO, you must call - * psa_crypto_init() before doing any TLS operations. + * \warning If building with MBEDTLS_USE_PSA_CRYPTO, or if the hash(es) used + * are only provided by PSA drivers, you must call psa_crypto_init() before + * doing any TLS operations. * * Comment this macro to disable support for TLS 1.2 / DTLS 1.2 */ @@ -1567,19 +1766,20 @@ * * Enable support for TLS 1.3. * - * \note The support for TLS 1.3 is not comprehensive yet, in particular - * pre-shared keys are not supported. - * See docs/architecture/tls13-support.md for a description of the TLS + * \note See docs/architecture/tls13-support.md for a description of the TLS * 1.3 support that this option enables. * * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE * Requires: MBEDTLS_PSA_CRYPTO_C * - * Note: even though TLS 1.3 depends on PSA Crypto, and uses it unconditionally - * for most operations, if you want it to only use PSA for all crypto - * operations, you need to also enable MBEDTLS_USE_PSA_CRYPTO; otherwise X.509 - * operations, and functions that are common with TLS 1.2 (record protection, - * running handshake hash) will still use non-PSA crypto. + * \note TLS 1.3 uses PSA crypto for cryptographic operations that are + * directly performed by TLS 1.3 code. As a consequence, you must + * call psa_crypto_init() before the first TLS 1.3 handshake. + * + * \note Cryptographic operations performed indirectly via another module + * (X.509, PK) or by code shared with TLS 1.2 (record protection, + * running handshake hash) only use PSA crypto if + * #MBEDTLS_USE_PSA_CRYPTO is enabled. * * Uncomment this macro to enable the support for TLS 1.3. */ @@ -1624,8 +1824,11 @@ * * Enable TLS 1.3 ephemeral key exchange mode. * - * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C, MBEDTLS_ECDSA_C or - * MBEDTLS_PKCS1_V21 + * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH + * MBEDTLS_X509_CRT_PARSE_C + * and at least one of: + * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA) + * MBEDTLS_PKCS1_V21 * * Comment to disable support for the ephemeral key exchange mode in TLS 1.3. * If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any @@ -1639,7 +1842,7 @@ * * Enable TLS 1.3 PSK ephemeral key exchange mode. * - * Requires: MBEDTLS_ECDH_C + * Requires: PSA_WANT_ALG_ECDH or PSA_WANT_ALG_FFDH * * Comment to disable support for the PSK ephemeral key exchange mode in * TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not @@ -1648,45 +1851,6 @@ */ #define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -/** - * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - * - * Maximum time difference in milliseconds tolerated between the age of a - * ticket from the server and client point of view. - * From the client point of view, the age of a ticket is the time difference - * between the time when the client proposes to the server to use the ticket - * (time of writing of the Pre-Shared Key Extension including the ticket) and - * the time the client received the ticket from the server. - * From the server point of view, the age of a ticket is the time difference - * between the time when the server receives a proposition from the client - * to use the ticket and the time when the ticket was created by the server. - * The server age is expected to be always greater than the client one and - * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the - * maximum difference tolerated for the server to accept the ticket. - * This is not used in TLS 1.2. - * - */ -#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 - -/** - * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH - * - * Size in bytes of a ticket nonce. This is not used in TLS 1.2. - * - * This must be less than 256. - */ -#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 - -/** - * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS - * - * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server - * after handshake completion. This is not used in TLS 1.2 and relevant only if - * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. - * - */ -#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 - /** * \def MBEDTLS_SSL_EARLY_DATA * @@ -1702,26 +1866,12 @@ * This feature is experimental, not completed and thus not ready for * production. * + * \note The maximum amount of early data can be set with + * MBEDTLS_SSL_MAX_EARLY_DATA_SIZE. + * */ //#define MBEDTLS_SSL_EARLY_DATA -/** - * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE - * - * The default maximum amount of 0-RTT data. See the documentation of - * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. - * - * It must be positive and smaller than UINT32_MAX. - * - * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not - * have any impact on the build. - * - * This feature is experimental, not completed and thus not ready for - * production. - * - */ -#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 - /** * \def MBEDTLS_SSL_PROTO_DTLS * @@ -1940,19 +2090,26 @@ /** * \def MBEDTLS_USE_PSA_CRYPTO * - * Make the X.509 and TLS library use PSA for cryptographic operations, and - * enable new APIs for using keys handled by PSA Crypto. + * Make the X.509 and TLS libraries use PSA for cryptographic operations as + * much as possible, and enable new APIs for using keys handled by PSA Crypto. * * \note Development of this option is currently in progress, and parts of Mbed * TLS's X.509 and TLS modules are not ported to PSA yet. However, these parts * will still continue to work as usual, so enabling this option should not * break backwards compatibility. * - * \note See docs/use-psa-crypto.md for a complete description of what this - * option currently does, and of parts that are not affected by it so far. - * * \warning If you enable this option, you need to call `psa_crypto_init()` - * before calling any function from the SSL/TLS, X.509 or PK modules. + * before calling any function from the SSL/TLS, X.509 or PK modules, except + * for the various mbedtls_xxx_init() functions which can be called at any time. + * + * \note An important and desirable effect of this option is that it allows + * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling + * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in + * those modules. However, note that even with this option disabled, some code + * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it + * can determine it's safe to do so; currently that's the case for hashes. + * + * \note See docs/use-psa-crypto.md for a complete description this option. * * Requires: MBEDTLS_PSA_CRYPTO_C. * @@ -1980,8 +2137,15 @@ * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies * an alternative header to include instead of include/psa/crypto_config.h. * - * This feature is still experimental and is not ready for production since - * it is not completed. + * \warning This option is experimental, in that the set of `PSA_WANT_XXX` + * symbols is not completely finalized yet, and the configuration + * tooling is not ideally adapted to having two separate configuration + * files. + * Future minor releases of Mbed TLS may make minor changes to those + * symbols, but we will endeavor to provide a transition path. + * Nonetheless, this option is considered mature enough to use in + * production, as long as you accept that you may need to make + * minor changes to psa/crypto_config.h when upgrading Mbed TLS. */ //#define MBEDTLS_PSA_CRYPTO_CONFIG @@ -2039,29 +2203,71 @@ * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT -/** \} name SECTION: mbed TLS feature support */ +/** \} name SECTION: Mbed TLS feature support */ /** - * \name SECTION: mbed TLS modules + * \name SECTION: Mbed TLS modules * - * This section enables or disables entire modules in mbed TLS + * This section enables or disables entire modules in Mbed TLS * \{ */ /** * \def MBEDTLS_AESNI_C * - * Enable AES-NI support on x86-64. + * Enable AES-NI support on x86-64 or x86-32. + * + * \note AESNI is only supported with certain compilers and target options: + * - Visual Studio 2013: supported. + * - GCC, x86-64, target not explicitly supporting AESNI: + * requires MBEDTLS_HAVE_ASM. + * - GCC, x86-32, target not explicitly supporting AESNI: + * not supported. + * - GCC, x86-64 or x86-32, target supporting AESNI: supported. + * For this assembly-less implementation, you must currently compile + * `library/aesni.c` and `library/aes.c` with machine options to enable + * SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or + * `clang -maes -mpclmul`. + * - Non-x86 targets: this option is silently ignored. + * - Other compilers: this option is silently ignored. + * + * \note + * Above, "GCC" includes compatible compilers such as Clang. + * The limitations on target support are likely to be relaxed in the future. * * Module: library/aesni.c * Caller: library/aes.c * - * Requires: MBEDTLS_HAVE_ASM + * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note) * - * This modules adds support for the AES-NI instructions on x86-64 + * This modules adds support for the AES-NI instructions on x86. */ #define MBEDTLS_AESNI_C +/** + * \def MBEDTLS_AESCE_C + * + * Enable AES cryptographic extension support on 64-bit Arm. + * + * Module: library/aesce.c + * Caller: library/aes.c + * + * Requires: MBEDTLS_AES_C + * + * \warning Runtime detection only works on Linux. For non-Linux operating + * system, Armv8-A Cryptographic Extensions must be supported by + * the CPU when this option is enabled. + * + * \note Minimum compiler versions for this feature are Clang 4.0, + * armclang 6.6, GCC 6.0 or MSVC 2019 version 16.11.2. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 + * + * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems. + */ +#define MBEDTLS_AESCE_C + /** * \def MBEDTLS_AES_C * @@ -2386,6 +2592,8 @@ * The CTR_DRBG generator uses AES-256 by default. * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. * + * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. + * * \note To achieve a 256-bit security strength with CTR_DRBG, * you must use AES-256 *and* use sufficient entropy. * See ctr_drbg.h for more details. @@ -2425,7 +2633,7 @@ * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * - * \warning DES is considered a weak cipher and its use constitutes a + * \warning DES/3DES are considered weak ciphers and their use constitutes a * security risk. We recommend considering stronger ciphers instead. */ #define MBEDTLS_DES_C @@ -2504,13 +2712,8 @@ * * Requires: MBEDTLS_ECP_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C * - * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() - * before doing any EC J-PAKE operations. - * - * \warning When building with MBEDTLS_MD_C, all hashes used with this - * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, - * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by - * this module in builds where MBEDTLS_MD_C is disabled. + * \warning If using a hash that is only provided by PSA drivers, you must + * call psa_crypto_init() before doing any EC J-PAKE operations. */ #define MBEDTLS_ECJPAKE_C @@ -2640,11 +2843,12 @@ /** * \def MBEDTLS_MD_C * - * Enable the generic message digest layer. + * Enable the generic layer for message digest (hashing) and HMAC. * * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, - * MBEDTLS_SHA512_C. + * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least + * one hash. * Module: library/md.c * Caller: library/constant_time.c * library/ecdsa.c @@ -2700,7 +2904,7 @@ * Module: library/memory_buffer_alloc.c * * Requires: MBEDTLS_PLATFORM_C - * MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS) + * MBEDTLS_PLATFORM_MEMORY (to use it within Mbed TLS) * * Enable this module to enable the buffer memory allocator. */ @@ -2775,6 +2979,10 @@ * library/x509_csr.c * * Requires: MBEDTLS_BASE64_C + * optionally MBEDTLS_MD5_C, or PSA Crypto with MD5 (see below) + * + * \warning When parsing password-protected files, if MD5 is provided only by + * a PSA driver, you must call psa_crypto_init() before the first file. * * This modules adds support for decoding / parsing PEM files. */ @@ -2850,15 +3058,11 @@ * * Module: library/pkcs5.c * - * Requires: MBEDTLS_CIPHER_C and either MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. + * Requires: MBEDTLS_CIPHER_C + * Auto-enables: MBEDTLS_MD_C * - * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() - * before doing any PKCS5 operation. - * - * \warning When building with MBEDTLS_MD_C, all hashes used with this - * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, - * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by - * this module in builds where MBEDTLS_MD_C is disabled. + * \warning If using a hash that is only provided by PSA drivers, you must + * call psa_crypto_init() before doing any PKCS5 operations. * * This module adds support for the PKCS#5 functions. */ @@ -2867,11 +3071,7 @@ /** * \def MBEDTLS_PKCS7_C * - * This feature is a work in progress and not ready for production. Testing and - * validation is incomplete, and handling of malformed inputs may not be robust. - * The API may change. - * - * Enable PKCS7 core for using PKCS7 formatted signatures. + * Enable PKCS #7 core for using PKCS #7-formatted signatures. * RFC Link - https://tools.ietf.org/html/rfc2315 * * Module: library/pkcs7.c @@ -2880,9 +3080,9 @@ * MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, * MBEDTLS_BIGNUM_C, MBEDTLS_MD_C * - * This module is required for the PKCS7 parsing modules. + * This module is required for the PKCS #7 parsing modules. */ -//#define MBEDTLS_PKCS7_C +#define MBEDTLS_PKCS7_C /** * \def MBEDTLS_PKCS12_C @@ -2896,13 +3096,8 @@ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. * - * \warning If building without MBEDTLS_MD_C, you must call psa_crypto_init() - * before doing any PKCS12 operation. - * - * \warning When building with MBEDTLS_MD_C, all hashes used with this - * need to be available as built-ins (that is, for SHA-256, MBEDTLS_SHA256_C, - * etc.) as opposed to just PSA drivers. So far, PSA drivers are only used by - * this module in builds where MBEDTLS_MD_C is disabled. + * \warning If using a hash that is only provided by PSA drivers, you must + * call psa_crypto_init() before doing any PKCS12 operations. * * This module enables PKCS#12 functions. */ @@ -2959,8 +3154,8 @@ * Enable dynamic secure element support in the Platform Security Architecture * cryptography API. * - * \deprecated This feature is deprecated. Please switch to the driver - * interface enabled by #MBEDTLS_PSA_CRYPTO_DRIVERS. + * \deprecated This feature is deprecated. Please switch to the PSA driver + * interface. * * Module: library/psa_crypto_se.c * @@ -3084,8 +3279,11 @@ * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * - * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum - * of \c -march=armv8-a+crypto. + * \note Minimum compiler versions for this feature are Clang 4.0, + * armclang 6.6 or GCC 6.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 * * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. @@ -3109,8 +3307,11 @@ * \note This allows builds with a smaller code size than with * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT * - * \note The code uses Neon intrinsics, so \c CFLAGS must be set to a minimum - * of \c -march=armv8-a+crypto. + * \note Minimum compiler versions for this feature are Clang 4.0, + * armclang 6.6 or GCC 6.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for + * armclang <= 6.9 * * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. @@ -3155,6 +3356,17 @@ */ #define MBEDTLS_SHA512_C +/** + * \def MBEDTLS_SHA3_C + * + * Enable the SHA3 cryptographic hash algorithm. + * + * Module: library/sha3.c + * + * This module adds support for SHA3. + */ +#define MBEDTLS_SHA3_C + /** * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * @@ -3165,10 +3377,11 @@ * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * - * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or - * Clang >= 7, and \c CFLAGS must be set to a minimum of - * \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the - * fastest code. + * \note Minimum compiler versions for this feature are Clang 7.0, + * armclang 6.9 or GCC 8.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for + * armclang 6.9 * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. @@ -3192,10 +3405,11 @@ * \note This allows builds with a smaller code size than with * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * - * \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or - * Clang >= 7, and \c CFLAGS must be set to a minimum of - * \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the - * fastest code. + * \note Minimum compiler versions for this feature are Clang 7.0, + * armclang 6.9 or GCC 8.0. + * + * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for + * armclang 6.9 * * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. @@ -3292,7 +3506,7 @@ * \def MBEDTLS_THREADING_C * * Enable the threading abstraction layer. - * By default mbed TLS assumes it is used in a non-threaded environment or that + * By default Mbed TLS assumes it is used in a non-threaded environment or that * contexts are not shared between threads. If you do intend to use contexts * between threads, you will need to enable this layer to prevent race * conditions. See also our Knowledge Base article about threading: @@ -3306,7 +3520,7 @@ * You will have to enable either MBEDTLS_THREADING_ALT or * MBEDTLS_THREADING_PTHREAD. * - * Enable this layer to allow use of mutexes within mbed TLS + * Enable this layer to allow use of mutexes within Mbed TLS */ //#define MBEDTLS_THREADING_C @@ -3452,7 +3666,7 @@ */ #define MBEDTLS_X509_CSR_WRITE_C -/** \} name SECTION: mbed TLS modules */ +/** \} name SECTION: Mbed TLS modules */ /** * \name SECTION: General configuration options @@ -3534,6 +3748,53 @@ */ //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" +/** + * \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE + * + * If defined, this is a header which will be included instead of + * `"psa/crypto_platform.h"`. This file should declare the same identifiers + * as the one in Mbed TLS, but with definitions adapted to the platform on + * which the library code will run. + * + * \note The required content of this header can vary from one version of + * Mbed TLS to the next. Integrators who provide an alternative file + * should review the changes in the original file whenever they + * upgrade Mbed TLS. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h" + +/** + * \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE + * + * If defined, this is a header which will be included instead of + * `"psa/crypto_struct.h"`. This file should declare the same identifiers + * as the one in Mbed TLS, but with definitions adapted to the environment + * in which the library code will run. The typical use for this feature + * is to provide alternative type definitions on the client side in + * client-server integrations of PSA crypto, where operation structures + * contain handles instead of cryptographic data. + * + * \note The required content of this header can vary from one version of + * Mbed TLS to the next. Integrators who provide an alternative file + * should review the changes in the original file whenever they + * upgrade Mbed TLS. + * + * This macro is expanded after an \#include directive. This is a popular but + * non-standard feature of the C language, so this feature is only available + * with compilers that perform macro expansion on an \#include line. + * + * The value of this symbol is typically a path in double quotes, either + * absolute or relative to a directory on the include search path. + */ +//#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h" + /** \} name SECTION: General configuration options */ /** @@ -3556,7 +3817,7 @@ * comment in the specific module. */ /* MPI / BIGNUM options */ -//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */ +//#define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */ //#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ /* CTR_DRBG options */ @@ -3586,8 +3847,29 @@ /* Platform options */ //#define MBEDTLS_PLATFORM_STD_MEM_HDR /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */ -//#define MBEDTLS_PLATFORM_STD_CALLOC calloc /**< Default allocator to use, can be undefined */ -//#define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use, can be undefined */ + +/** \def MBEDTLS_PLATFORM_STD_CALLOC + * + * Default allocator to use, can be undefined. + * It must initialize the allocated buffer memory to zeroes. + * The size of the buffer is the product of the two parameters. + * The calloc function returns either a null pointer or a pointer to the allocated space. + * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function. + * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer. + * See the description of #MBEDTLS_PLATFORM_MEMORY for more details. + * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE. + */ +//#define MBEDTLS_PLATFORM_STD_CALLOC calloc + +/** \def MBEDTLS_PLATFORM_STD_FREE + * + * Default free to use, can be undefined. + * NULL is a valid parameter, and the function must do nothing. + * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed. + * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything. + * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply). + */ +//#define MBEDTLS_PLATFORM_STD_FREE free //#define MBEDTLS_PLATFORM_STD_SETBUF setbuf /**< Default setbuf to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default exit to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_TIME time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ @@ -3601,10 +3883,10 @@ //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE "seedfile" /**< Seed file to read/write with default implementation */ -/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */ +/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */ /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */ -//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined */ -//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined */ +//#define MBEDTLS_PLATFORM_CALLOC_MACRO calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */ +//#define MBEDTLS_PLATFORM_FREE_MACRO free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */ //#define MBEDTLS_PLATFORM_EXIT_MACRO exit /**< Default exit macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_SETBUF_MACRO setbuf /**< Default setbuf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_TIME_MACRO time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */ @@ -3616,6 +3898,8 @@ //#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */ //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */ +//#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/ +//#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */ /** \def MBEDTLS_CHECK_RETURN * @@ -3664,6 +3948,9 @@ */ //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 +/* RSA OPTIONS */ +//#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ + /* SSL Cache options */ //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ @@ -3758,7 +4045,7 @@ */ //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 -//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */ +//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 or 384 bits) */ //#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ /** @@ -3775,56 +4062,64 @@ */ //#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 +/** + * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE + * + * The default maximum amount of 0-RTT data. See the documentation of + * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. + * + * It must be positive and smaller than UINT32_MAX. + * + * If MBEDTLS_SSL_EARLY_DATA is not defined, this default value does not + * have any impact on the build. + * + * This feature is experimental, not completed and thus not ready for + * production. + * + */ +//#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 + +/** + * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + * + * Maximum time difference in milliseconds tolerated between the age of a + * ticket from the server and client point of view. + * From the client point of view, the age of a ticket is the time difference + * between the time when the client proposes to the server to use the ticket + * (time of writing of the Pre-Shared Key Extension including the ticket) and + * the time the client received the ticket from the server. + * From the server point of view, the age of a ticket is the time difference + * between the time when the server receives a proposition from the client + * to use the ticket and the time when the ticket was created by the server. + * The server age is expected to be always greater than the client one and + * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the + * maximum difference tolerated for the server to accept the ticket. + * This is not used in TLS 1.2. + * + */ +//#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 + +/** + * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH + * + * Size in bytes of a ticket nonce. This is not used in TLS 1.2. + * + * This must be less than 256. + */ +//#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 + +/** + * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS + * + * Default number of NewSessionTicket messages to be sent by a TLS 1.3 server + * after handshake completion. This is not used in TLS 1.2 and relevant only if + * the MBEDTLS_SSL_SESSION_TICKETS option is enabled. + * + */ +//#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 + /* X509 options */ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ -/** - * Uncomment the macro to let mbed TLS use your alternate implementation of - * mbedtls_platform_zeroize(). This replaces the default implementation in - * platform_util.c. - * - * mbedtls_platform_zeroize() is a widely used function across the library to - * zero a block of memory. The implementation is expected to be secure in the - * sense that it has been written to prevent the compiler from removing calls - * to mbedtls_platform_zeroize() as part of redundant code elimination - * optimizations. However, it is difficult to guarantee that calls to - * mbedtls_platform_zeroize() will not be optimized by the compiler as older - * versions of the C language standards do not provide a secure implementation - * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to - * configure their own implementation of mbedtls_platform_zeroize(), for - * example by using directives specific to their compiler, features from newer - * C standards (e.g using memset_s() in C11) or calling a secure memset() from - * their system (e.g explicit_bzero() in BSD). - */ -//#define MBEDTLS_PLATFORM_ZEROIZE_ALT - -/** - * Uncomment the macro to let Mbed TLS use your alternate implementation of - * mbedtls_platform_gmtime_r(). This replaces the default implementation in - * platform_util.c. - * - * gmtime() is not a thread-safe function as defined in the C standard. The - * library will try to use safer implementations of this function, such as - * gmtime_r() when available. However, if Mbed TLS cannot identify the target - * system, the implementation of mbedtls_platform_gmtime_r() will default to - * using the standard gmtime(). In this case, calls from the library to - * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex - * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the - * library are also guarded with this mutex to avoid race conditions. However, - * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will - * unconditionally use the implementation for mbedtls_platform_gmtime_r() - * supplied at compile time. - */ -//#define MBEDTLS_PLATFORM_GMTIME_R_ALT - -/** - * Enable the verified implementations of ECDH primitives from Project Everest - * (currently only Curve25519). This feature changes the layout of ECDH - * contexts and therefore is a compatibility break for applications that access - * fields of a mbedtls_ecdh_context structure directly. See also - * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. - */ -//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - /** \} name SECTION: Module configuration options */ diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index 1a92c5761..c9a7858f3 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -1,7 +1,8 @@ /** * \file md.h * - * \brief This file contains the generic message-digest wrapper. + * \brief This file contains the generic functions for message-digest + * (hashing) and HMAC. * * \author Adriaan de Jong */ @@ -31,6 +32,120 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform_util.h" +#if defined(MBEDTLS_MD_LIGHT) + +/* + * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. + * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module may perform xxx via PSA + * (see below). + * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm may be performed + * via PSA (see below). + * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm may be performed + * via a direct legacy call (see below). + * + * The md module performs an algorithm via PSA if there is a PSA hash + * accelerator and the PSA driver subsytem is initialized at the time the + * operation is started, and makes a direct legacy call otherwise. + */ + +/* PSA accelerated implementations */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_MD5_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SHA1_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SHA224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SHA256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SHA384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SHA512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_RIPEMD160_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_SHA3_224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_SHA3_256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_SHA3_384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SHA3_512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +/* Built-in implementations */ +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA224_C) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA384_C) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA3_C) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_SOME_LEGACY +#endif + +#endif /* MBEDTLS_MD_LIGHT */ + /** The selected feature is not available. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /** Bad input parameters to function. */ @@ -52,31 +167,55 @@ extern "C" { * stronger message digests instead. * */ +/* Note: these are aligned with the definitions of PSA_ALG_ macros for hashes, + * in order to enable an efficient implementation of conversion functions. + * This is tested by md_to_from_psa() in test_suite_md. */ typedef enum { MBEDTLS_MD_NONE=0, /**< None. */ - MBEDTLS_MD_MD5, /**< The MD5 message digest. */ - MBEDTLS_MD_SHA1, /**< The SHA-1 message digest. */ - MBEDTLS_MD_SHA224, /**< The SHA-224 message digest. */ - MBEDTLS_MD_SHA256, /**< The SHA-256 message digest. */ - MBEDTLS_MD_SHA384, /**< The SHA-384 message digest. */ - MBEDTLS_MD_SHA512, /**< The SHA-512 message digest. */ - MBEDTLS_MD_RIPEMD160, /**< The RIPEMD-160 message digest. */ + MBEDTLS_MD_MD5=0x03, /**< The MD5 message digest. */ + MBEDTLS_MD_RIPEMD160=0x04, /**< The RIPEMD-160 message digest. */ + MBEDTLS_MD_SHA1=0x05, /**< The SHA-1 message digest. */ + MBEDTLS_MD_SHA224=0x08, /**< The SHA-224 message digest. */ + MBEDTLS_MD_SHA256=0x09, /**< The SHA-256 message digest. */ + MBEDTLS_MD_SHA384=0x0a, /**< The SHA-384 message digest. */ + MBEDTLS_MD_SHA512=0x0b, /**< The SHA-512 message digest. */ + MBEDTLS_MD_SHA3_224=0x10, /**< The SHA3-224 message digest. */ + MBEDTLS_MD_SHA3_256=0x11, /**< The SHA3-256 message digest. */ + MBEDTLS_MD_SHA3_384=0x12, /**< The SHA3-384 message digest. */ + MBEDTLS_MD_SHA3_512=0x13, /**< The SHA3-512 message digest. */ } mbedtls_md_type_t; -#if defined(MBEDTLS_SHA512_C) +/* Note: this should always be >= PSA_HASH_MAX_SIZE + * in all builds with both CRYPTO_C and MD_LIGHT. + * + * This is to make things easier for modules such as TLS that may define a + * buffer size using MD_MAX_SIZE in a part of the code that's common to PSA + * and legacy, then assume the buffer's size is PSA_HASH_MAX_SIZE in another + * part of the code based on PSA. + */ +#if defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA3_512) #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */ -#elif defined(MBEDTLS_SHA384_C) +#elif defined(MBEDTLS_MD_CAN_SHA384) || defined(MBEDTLS_MD_CAN_SHA3_384) #define MBEDTLS_MD_MAX_SIZE 48 /* longest known is SHA384 */ -#elif defined(MBEDTLS_SHA256_C) +#elif defined(MBEDTLS_MD_CAN_SHA256) || defined(MBEDTLS_MD_CAN_SHA3_256) #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 */ -#elif defined(MBEDTLS_SHA224_C) +#elif defined(MBEDTLS_MD_CAN_SHA224) || defined(MBEDTLS_MD_CAN_SHA3_224) #define MBEDTLS_MD_MAX_SIZE 28 /* longest known is SHA224 */ #else -#define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 */ +#define MBEDTLS_MD_MAX_SIZE 20 /* longest known is SHA1 or RIPE MD-160 + or smaller (MD5 and earlier) */ #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA3_224) +#define MBEDTLS_MD_MAX_BLOCK_SIZE 144 /* the longest known is SHA3-224 */ +#elif defined(MBEDTLS_MD_CAN_SHA3_256) +#define MBEDTLS_MD_MAX_BLOCK_SIZE 136 +#elif defined(MBEDTLS_MD_CAN_SHA512) || defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_MD_MAX_BLOCK_SIZE 128 +#elif defined(MBEDTLS_MD_CAN_SHA3_384) +#define MBEDTLS_MD_MAX_BLOCK_SIZE 104 +#elif defined(MBEDTLS_MD_CAN_SHA3_512) +#define MBEDTLS_MD_MAX_BLOCK_SIZE 72 #else #define MBEDTLS_MD_MAX_BLOCK_SIZE 64 #endif @@ -93,6 +232,16 @@ typedef enum { /* Defined internally in library/md_wrap.h. */ typedef struct mbedtls_md_info_t mbedtls_md_info_t; +/** + * Used internally to indicate whether a context uses legacy or PSA. + * + * Internal use only. + */ +typedef enum { + MBEDTLS_MD_ENGINE_LEGACY = 0, + MBEDTLS_MD_ENGINE_PSA, +} mbedtls_md_engine_t; + /** * The generic message-digest context. */ @@ -100,37 +249,20 @@ typedef struct mbedtls_md_context_t { /** Information about the associated message digest. */ const mbedtls_md_info_t *MBEDTLS_PRIVATE(md_info); - /** The digest-specific context. */ +#if defined(MBEDTLS_MD_SOME_PSA) + /** Are hash operations dispatched to PSA or legacy? */ + mbedtls_md_engine_t MBEDTLS_PRIVATE(engine); +#endif + + /** The digest-specific context (legacy) or the PSA operation. */ void *MBEDTLS_PRIVATE(md_ctx); +#if defined(MBEDTLS_MD_C) /** The HMAC part of the context. */ void *MBEDTLS_PRIVATE(hmac_ctx); +#endif } mbedtls_md_context_t; -/** - * \brief This function returns the list of digests supported by the - * generic digest module. - * - * \note The list starts with the strongest available hashes. - * - * \return A statically allocated array of digests. Each element - * in the returned list is an integer belonging to the - * message-digest enumeration #mbedtls_md_type_t. - * The last entry is 0. - */ -const int *mbedtls_md_list(void); - -/** - * \brief This function returns the message-digest information - * associated with the given digest name. - * - * \param md_name The name of the digest to search for. - * - * \return The message-digest information associated with \p md_name. - * \return NULL if the associated message-digest information is not found. - */ -const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); - /** * \brief This function returns the message-digest information * associated with the given digest type. @@ -142,19 +274,6 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); */ const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type); -/** - * \brief This function returns the message-digest information - * from the given context. - * - * \param ctx The context from which to extract the information. - * This must be initialized (or \c NULL). - * - * \return The message-digest information associated with \p ctx. - * \return \c NULL if \p ctx is \c NULL. - */ -const mbedtls_md_info_t *mbedtls_md_info_from_ctx( - const mbedtls_md_context_t *ctx); - /** * \brief This function initializes a message-digest context without * binding it to a particular message-digest algorithm. @@ -221,6 +340,10 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info * * \return \c 0 on success. * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure. + * \return #MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE if both contexts are + * not using the same engine. This can be avoided by moving + * the call to psa_crypto_init() before the first call to + * mbedtls_md_setup(). */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md_clone(mbedtls_md_context_t *dst, @@ -237,6 +360,20 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst, */ unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info); +/** + * \brief This function gives the message-digest size associated to + * message-digest type. + * + * \param md_type The message-digest type. + * + * \return The size of the message-digest output in Bytes, + * or 0 if the message-digest type is not known. + */ +static inline unsigned char mbedtls_md_get_size_from_type(mbedtls_md_type_t md_type) +{ + return mbedtls_md_get_size(mbedtls_md_info_from_type(md_type)); +} + /** * \brief This function extracts the message-digest type from the * message-digest information structure. @@ -248,17 +385,6 @@ unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info); */ mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info); -/** - * \brief This function extracts the message-digest name from the - * message-digest information structure. - * - * \param md_info The information structure of the message-digest algorithm - * to use. - * - * \return The name of the message digest. - */ -const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info); - /** * \brief This function starts a message-digest computation. * @@ -337,6 +463,54 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output); +/** + * \brief This function returns the list of digests supported by the + * generic digest module. + * + * \note The list starts with the strongest available hashes. + * + * \return A statically allocated array of digests. Each element + * in the returned list is an integer belonging to the + * message-digest enumeration #mbedtls_md_type_t. + * The last entry is 0. + */ +const int *mbedtls_md_list(void); + +/** + * \brief This function returns the message-digest information + * associated with the given digest name. + * + * \param md_name The name of the digest to search for. + * + * \return The message-digest information associated with \p md_name. + * \return NULL if the associated message-digest information is not found. + */ +const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); + +/** + * \brief This function returns the name of the message digest for + * the message-digest information structure given. + * + * \param md_info The information structure of the message-digest algorithm + * to use. + * + * \return The name of the message digest. + */ +const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info); + +/** + * \brief This function returns the message-digest information + * from the given context. + * + * \param ctx The context from which to extract the information. + * This must be initialized (or \c NULL). + * + * \return The message-digest information associated with \p ctx. + * \return \c NULL if \p ctx is \c NULL. + */ +const mbedtls_md_info_t *mbedtls_md_info_from_ctx( + const mbedtls_md_context_t *ctx); + #if defined(MBEDTLS_FS_IO) /** * \brief This function calculates the message-digest checksum @@ -471,10 +645,6 @@ int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, const unsigned char *input, size_t ilen, unsigned char *output); -/* Internal use */ -MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data); - #ifdef __cplusplus } #endif diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 14316fbed..1096d66d9 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -286,6 +286,10 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len, * \brief Closes down the connection and free associated data * * \param ctx The context to close + * + * \note This function frees and clears data associated with the + * context but does not free the memory pointed to by \p ctx. + * This memory is the responsibility of the caller. */ void mbedtls_net_close(mbedtls_net_context *ctx); @@ -293,6 +297,10 @@ void mbedtls_net_close(mbedtls_net_context *ctx); * \brief Gracefully shutdown the connection and free associated data * * \param ctx The context to free + * + * \note This function frees and clears data associated with the + * context but does not free the memory pointed to by \p ctx. + * This memory is the responsibility of the caller. */ void mbedtls_net_free(mbedtls_net_context *ctx); diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index a592e63c4..954507229 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -63,6 +63,11 @@ #define MBEDTLS_OID_X509_EXT_FRESHEST_CRL (1 << 14) #define MBEDTLS_OID_X509_EXT_NS_CERT_TYPE (1 << 16) +/* + * Maximum number of OID components allowed + */ +#define MBEDTLS_OID_MAX_COMPONENTS 128 + /* * Top level OID tuples */ @@ -90,6 +95,9 @@ #define MBEDTLS_OID_OIW_SECSIG MBEDTLS_OID_ORG_OIW "\x03" #define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02" #define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a" +#define MBEDTLS_OID_ORG_THAWTE "\x65" /* thawte(101) */ +#define MBEDTLS_OID_THAWTE MBEDTLS_OID_ISO_IDENTIFIED_ORG \ + MBEDTLS_OID_ORG_THAWTE #define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ #define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG \ MBEDTLS_OID_ORG_CERTICOM @@ -262,6 +270,15 @@ #define MBEDTLS_OID_DIGEST_ALG_RIPEMD160 MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */ +#define MBEDTLS_OID_DIGEST_ALG_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */ + +#define MBEDTLS_OID_DIGEST_ALG_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */ + + #define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ #define MBEDTLS_OID_HMAC_SHA224 MBEDTLS_OID_RSA_COMPANY "\x02\x08" /**< id-hmacWithSHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } */ @@ -272,6 +289,16 @@ #define MBEDTLS_OID_HMAC_SHA512 MBEDTLS_OID_RSA_COMPANY "\x02\x0B" /**< id-hmacWithSHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 11 } */ +#define MBEDTLS_OID_HMAC_SHA3_224 MBEDTLS_OID_NIST_ALG "\x02\x0d" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-224(13) } */ + +#define MBEDTLS_OID_HMAC_SHA3_256 MBEDTLS_OID_NIST_ALG "\x02\x0e" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-256(14) } */ + +#define MBEDTLS_OID_HMAC_SHA3_384 MBEDTLS_OID_NIST_ALG "\x02\x0f" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-384(15) } */ + +#define MBEDTLS_OID_HMAC_SHA3_512 MBEDTLS_OID_NIST_ALG "\x02\x10" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-512(16) } */ + +#define MBEDTLS_OID_HMAC_RIPEMD160 MBEDTLS_OID_INTERNET "\x05\x05\x08\x01\x04" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= {iso(1) iso-identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1) hmacRIPEMD160(4)} */ + /* * Encryption algorithms */ @@ -437,6 +464,15 @@ * ecdsa-with-SHA2(3) 4 } */ #define MBEDTLS_OID_ECDSA_SHA512 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x04" +/* + * EC key algorithms from RFC 8410 + */ + +#define MBEDTLS_OID_X25519 MBEDTLS_OID_THAWTE "\x6e" /**< id-X25519 OBJECT IDENTIFIER ::= { 1 3 101 110 } */ +#define MBEDTLS_OID_X448 MBEDTLS_OID_THAWTE "\x6f" /**< id-X448 OBJECT IDENTIFIER ::= { 1 3 101 111 } */ +#define MBEDTLS_OID_ED25519 MBEDTLS_OID_THAWTE "\x70" /**< id-Ed25519 OBJECT IDENTIFIER ::= { 1 3 101 112 } */ +#define MBEDTLS_OID_ED448 MBEDTLS_OID_THAWTE "\x71" /**< id-Ed448 OBJECT IDENTIFIER ::= { 1 3 101 113 } */ + #ifdef __cplusplus extern "C" { #endif @@ -466,6 +502,25 @@ typedef struct mbedtls_oid_descriptor_t { */ int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid); +/** + * \brief Translate a string containing a dotted-decimal + * representation of an ASN.1 OID into its encoded form + * (e.g. "1.2.840.113549" into "\x2A\x86\x48\x86\xF7\x0D"). + * On success, this function allocates oid->buf from the + * heap. It must be freed by the caller using mbedtls_free(). + * + * \param oid #mbedtls_asn1_buf to populate with the DER-encoded OID + * \param oid_str string representation of the OID to parse + * \param size length of the OID string, not including any null terminator + * + * \return 0 if successful + * \return #MBEDTLS_ERR_ASN1_INVALID_DATA if \p oid_str does not + * represent a valid OID + * \return #MBEDTLS_ERR_ASN1_ALLOC_FAILED if the function fails to + * allocate oid->buf + */ +int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid, const char *oid_str, size_t size); + /** * \brief Translate an X.509 extension OID into local values * @@ -509,7 +564,7 @@ int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_al int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg, const char **oid, size_t *olen); -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /** * \brief Translate NamedCurve OID into an EC group identifier * @@ -531,7 +586,31 @@ int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *gr */ int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id, const char **oid, size_t *olen); -#endif /* MBEDTLS_ECP_C */ + +/** + * \brief Translate AlgorithmIdentifier OID into an EC group identifier, + * for curves that are directly encoded at this level + * + * \param oid OID to use + * \param grp_id place to store group id + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_ec_grp_algid(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id); + +/** + * \brief Translate EC group identifier into AlgorithmIdentifier OID, + * for curves that are directly encoded at this level + * + * \param grp_id EC group identifier + * \param oid place to store ASN.1 OID string pointer + * \param olen length of the OID + * + * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND + */ +int mbedtls_oid_get_oid_by_ec_grp_algid(mbedtls_ecp_group_id grp_id, + const char **oid, size_t *olen); +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ /** * \brief Translate SignatureAlgorithm OID into md_type and pk_type diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 0392bd48e..aea602be7 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -40,7 +40,7 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_PSA_CRYPTO_C) #include "psa/crypto.h" #endif @@ -98,8 +98,24 @@ typedef enum { * See \c mbedtls_rsa_rsassa_pss_verify_ext() */ typedef struct mbedtls_pk_rsassa_pss_options { - mbedtls_md_type_t MBEDTLS_PRIVATE(mgf1_hash_id); - int MBEDTLS_PRIVATE(expected_salt_len); + /** The digest to use for MGF1 in PSS. + * + * \note When #MBEDTLS_USE_PSA_CRYPTO is enabled and #MBEDTLS_RSA_C is + * disabled, this must be equal to the \c md_alg argument passed + * to mbedtls_pk_verify_ext(). In a future version of the library, + * this constraint may apply whenever #MBEDTLS_USE_PSA_CRYPTO is + * enabled regardless of the status of #MBEDTLS_RSA_C. + */ + mbedtls_md_type_t mgf1_hash_id; + + /** The expected length of the salt, in bytes. This may be + * #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length. + * + * \note When #MBEDTLS_USE_PSA_CRYPTO is enabled, only + * #MBEDTLS_RSA_SALT_LEN_ANY is valid. Any other value may be + * ignored (allowing any salt length). + */ + int expected_salt_len; } mbedtls_pk_rsassa_pss_options; @@ -155,6 +171,35 @@ typedef struct mbedtls_pk_rsassa_pss_options { #endif #endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ +/* Internal helper to define which fields in the pk_context structure below + * should be used for EC keys: legacy ecp_keypair or the raw (PSA friendly) + * format. It should be noted that this only affects how data is stored, not + * which functions are used for various operations. The overall picture looks + * like this: + * - if USE_PSA is not defined and ECP_C is defined then use ecp_keypair data + * structure and legacy functions + * - if USE_PSA is defined and + * - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly + * format and use PSA functions + * - if !ECP_C then use new raw data and PSA functions directly. + * + * The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long + * as ECP_C is defined mbedtls_pk_ec() gives the user a read/write access to the + * ecp_keypair structure inside the pk_context so they can modify it using + * ECP functions which are not under PK module's control. + */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + !defined(MBEDTLS_ECP_C) +#define MBEDTLS_PK_USE_PSA_EC_DATA +#endif + +/* Helper symbol to state that the PK module has support for EC keys. This + * can either be provided through the legacy ECP solution or through the + * PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA. */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) || defined(MBEDTLS_ECP_C) +#define MBEDTLS_PK_HAVE_ECC_KEYS +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ + /** * \brief Types for interfacing with the debug module */ @@ -162,6 +207,7 @@ typedef enum { MBEDTLS_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_ECP, + MBEDTLS_PK_DEBUG_PSA_EC, } mbedtls_pk_debug_type; /** @@ -185,12 +231,59 @@ typedef struct mbedtls_pk_debug_item { */ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; +#define MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN \ + PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) /** * \brief Public key container */ typedef struct mbedtls_pk_context { const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */ + /* The following field is used to store the ID of a private key in the + * following cases: + * - opaque key when MBEDTLS_PSA_CRYPTO_C is defined + * - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case: + * - the pk_ctx above is not not used to store the private key anymore. + * Actually that field not populated at all in this case because also + * the public key will be stored in raw format as explained below + * - this ID is used for all private key operations (ex: sign, check + * key pair, key write, etc) using PSA functions + * + * Note: this private key storing solution only affects EC keys, not the + * other ones. The latters still use the pk_ctx to store their own + * context. + * + * Note: this priv_id is guarded by MBEDTLS_PSA_CRYPTO_C and not by + * MBEDTLS_PK_USE_PSA_EC_DATA (as the public counterpart below) because, + * when working with opaque keys, it can be used also in + * mbedtls_pk_sign_ext for RSA keys. */ +#if defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */ +#endif /* MBEDTLS_PSA_CRYPTO_C */ + /* The following fields are meant for storing the public key in raw format + * which is handy for: + * - easily importing it into the PSA context + * - reducing the ECP module dependencies in the PK one. + * + * When MBEDTLS_PK_USE_PSA_EC_DATA is enabled: + * - the pk_ctx above is not used anymore for storing the public key + * inside the ecp_keypair structure + * - the following fields are used for all public key operations: signature + * verify, key pair check and key write. + * Of course, when MBEDTLS_PK_USE_PSA_EC_DATA is not enabled, the legacy + * ecp_keypair structure is used for storing the public key and performing + * all the operations. + * + * Note: This new public key storing solution only works for EC keys, not + * other ones. The latters still use pk_ctx to store their own + * context. + */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + uint8_t MBEDTLS_PRIVATE(pub_raw)[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN]; /**< Raw public key */ + size_t MBEDTLS_PRIVATE(pub_raw_len); /**< Valid bytes in "pub_raw" */ + psa_ecc_family_t MBEDTLS_PRIVATE(ec_family); /**< EC family of pk */ + size_t MBEDTLS_PRIVATE(ec_bits); /**< Curve's bits of pk */ +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } mbedtls_pk_context; #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) @@ -428,7 +521,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, * * \return 0 on success (signature is valid), * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid - * signature in sig but its length is less than \p siglen, + * signature in \p sig but its length is less than \p sig_len, * or a specific error code. * * \note For RSA keys, the default padding type is PKCS#1 v1.5. @@ -482,7 +575,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, * #MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be * used for this type of signatures, * #MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if there is a valid - * signature in sig but its length is less than \p siglen, + * signature in \p sig but its length is less than \p sig_len, * or a specific error code. * * \note If hash_len is 0, then the length associated with md_alg @@ -754,6 +847,10 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk) /** * \brief Parse a private key in PEM or DER format * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param ctx The PK context to fill. It must have been initialized * but not set up. * \param key Input buffer to parse. @@ -790,6 +887,10 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *ctx, /** * \brief Parse a public key in PEM or DER format * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param ctx The PK context to fill. It must have been initialized * but not set up. * \param key Input buffer to parse. @@ -804,6 +905,9 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *ctx, * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a * specific key type, check the result with mbedtls_pk_can_do(). * + * \note For compressed points, see #MBEDTLS_ECP_PF_COMPRESSED for + * limitations. + * * \note The key is also checked for correctness. * * \return 0 if successful, or a specific PK or PEM error code @@ -816,6 +920,10 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, /** * \brief Load and parse a private key * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param ctx The PK context to fill. It must have been initialized * but not set up. * \param path filename to read the private key from diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index eb9e2d9df..ba1a2edf0 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -52,10 +52,30 @@ extern "C" { #if defined(MBEDTLS_ASN1_PARSE_C) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) /** * \brief PKCS12 Password Based function (encryption / decryption) * for cipher-based and mbedtls_md-based PBE's * + * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must + * be enabled at compile time. + * + * \deprecated This function is deprecated and will be removed in a + * future version of the library. + * Please use mbedtls_pkcs12_pbe_ext() instead. + * + * \warning When decrypting: + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile + * time, this function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile + * time, this function does not validate the CBC padding. + * * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or * #MBEDTLS_PKCS12_PBE_DECRYPT @@ -64,17 +84,78 @@ extern "C" { * \param pwd Latin1-encoded password used. This may only be \c NULL when * \p pwdlen is 0. No null terminator should be used. * \param pwdlen length of the password (may be 0) - * \param input the input data + * \param data the input data * \param len data length - * \param output the output buffer + * \param output Output buffer. + * On success, it contains the encrypted or decrypted data, + * possibly followed by the CBC padding. + * On failure, the content is indeterminate. + * For decryption, there must be enough room for \p len + * bytes. + * For encryption, there must be enough room for + * \p len + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. * * \return 0 if successful, or a MBEDTLS_ERR_XXX code */ -int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, - mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *input, size_t len, - unsigned char *output); +int MBEDTLS_DEPRECATED mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, + mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output); +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + +/** + * \brief PKCS12 Password Based function (encryption / decryption) + * for cipher-based and mbedtls_md-based PBE's + * + * + * \warning When decrypting: + * - This function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * + * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure + * \param mode either #MBEDTLS_PKCS12_PBE_ENCRYPT or + * #MBEDTLS_PKCS12_PBE_DECRYPT + * \param cipher_type the cipher used + * \param md_type the mbedtls_md used + * \param pwd Latin1-encoded password used. This may only be \c NULL when + * \p pwdlen is 0. No null terminator should be used. + * \param pwdlen length of the password (may be 0) + * \param data the input data + * \param len data length + * \param output Output buffer. + * On success, it contains the encrypted or decrypted data, + * possibly followed by the CBC padding. + * On failure, the content is indeterminate. + * For decryption, there must be enough room for \p len + * bytes. + * For encryption, there must be enough room for + * \p len + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. + * \param output_size size of output buffer. + * This must be big enough to accommodate for output plus + * padding data. + * \param output_len On success, length of actual data written to the output buffer. + * + * \return 0 if successful, or a MBEDTLS_ERR_XXX code + */ +int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output, size_t output_size, + size_t *output_len); + +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ #endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index 152b45fb1..8b086aa2e 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -25,6 +25,7 @@ #define MBEDTLS_PKCS5_H #include "mbedtls/build_info.h" +#include "mbedtls/platform_util.h" #include "mbedtls/asn1.h" #include "mbedtls/md.h" @@ -50,23 +51,95 @@ extern "C" { #if defined(MBEDTLS_ASN1_PARSE_C) +#if !defined(MBEDTLS_DEPRECATED_REMOVED) /** * \brief PKCS#5 PBES2 function * + * \note When encrypting, #MBEDTLS_CIPHER_PADDING_PKCS7 must + * be enabled at compile time. + * + * \deprecated This function is deprecated and will be removed in a + * future version of the library. + * Please use mbedtls_pkcs5_pbes2_ext() instead. + * + * \warning When decrypting: + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is enabled at compile + * time, this function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * - if #MBEDTLS_CIPHER_PADDING_PKCS7 is disabled at compile + * time, this function does not validate the CBC padding. + * * \param pbe_params the ASN.1 algorithm parameters - * \param mode either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT + * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT * \param pwd password to use when generating key * \param pwdlen length of password * \param data data to process * \param datalen length of data - * \param output output buffer + * \param output Output buffer. + * On success, it contains the encrypted or decrypted data, + * possibly followed by the CBC padding. + * On failure, the content is indeterminate. + * For decryption, there must be enough room for \p datalen + * bytes. + * For encryption, there must be enough room for + * \p datalen + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. * * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails. */ -int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, - const unsigned char *pwd, size_t pwdlen, - const unsigned char *data, size_t datalen, - unsigned char *output); +int MBEDTLS_DEPRECATED mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output); +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + +/** + * \brief PKCS#5 PBES2 function + * + * \warning When decrypting: + * - This function validates the CBC padding and returns + * #MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH if the padding is + * invalid. Note that this can help active adversaries + * attempting to brute-forcing the password. Note also that + * there is no guarantee that an invalid password will be + * detected (the chances of a valid padding with a random + * password are about 1/255). + * + * \param pbe_params the ASN.1 algorithm parameters + * \param mode either #MBEDTLS_PKCS5_DECRYPT or #MBEDTLS_PKCS5_ENCRYPT + * \param pwd password to use when generating key + * \param pwdlen length of password + * \param data data to process + * \param datalen length of data + * \param output Output buffer. + * On success, it contains the decrypted data. + * On failure, the content is indetermidate. + * For decryption, there must be enough room for \p datalen + * bytes. + * For encryption, there must be enough room for + * \p datalen + 1 bytes, rounded up to the block size of + * the block cipher identified by \p pbe_params. + * \param output_size size of output buffer. + * This must be big enough to accommodate for output plus + * padding data. + * \param output_len On success, length of actual data written to the output buffer. + * + * \returns 0 on success, or a MBEDTLS_ERR_XXX code if parsing or decryption fails. + */ +int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output, size_t output_size, + size_t *output_len); + +#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ #endif /* MBEDTLS_ASN1_PARSE_C */ diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h index 835d2c1a5..1231e3402 100644 --- a/include/mbedtls/pkcs7.h +++ b/include/mbedtls/pkcs7.h @@ -1,7 +1,7 @@ /** * \file pkcs7.h * - * \brief PKCS7 generic defines and structures + * \brief PKCS #7 generic defines and structures * https://tools.ietf.org/html/rfc2315 */ /* @@ -22,30 +22,27 @@ */ /** - * This feature is a work in progress and not ready for production. The API may - * change. Furthermore, please note that the implementation has only been - * validated with well-formed inputs, not yet with untrusted inputs (which is - * almost always the case in practice). - * - * Note: For the time being, this implementation of the PKCS7 cryptographic + * Note: For the time being, this implementation of the PKCS #7 cryptographic * message syntax is a partial implementation of RFC 2315. * Differences include: * - The RFC specifies 6 different content types. The only type currently - * supported in Mbed TLS is the signed data content type. - * - The only supported PKCS7 Signed Data syntax version is version 1 + * supported in Mbed TLS is the signed-data content type. + * - The only supported PKCS #7 Signed Data syntax version is version 1 * - The RFC specifies support for BER. This implementation is limited to * DER only. * - The RFC specifies that multiple digest algorithms can be specified * in the Signed Data type. Only one digest algorithm is supported in Mbed TLS. - * - The RFC specifies the Signed Data type can contain multiple X509 or PKCS6 + * - The RFC specifies the Signed Data type can contain multiple X.509 or PKCS #6 extended * certificates. In Mbed TLS, this list can only contain 0 or 1 certificates - * and they must be in X509 format. + * and they must be in X.509 format. * - The RFC specifies the Signed Data type can contain - * certificate-revocation lists (crls). This implementation has no support - * for crls so it is assumed to be an empty list. + * certificate-revocation lists (CRLs). This implementation has no support + * for CRLs so it is assumed to be an empty list. * - The RFC allows for SignerInfo structure to optionally contain * unauthenticatedAttributes and authenticatedAttributes. In Mbed TLS it is * assumed these fields are empty. + * - The RFC allows for the signed Data type to contain contentInfo. This + * implementation assumes the type is DATA and the content is empty. */ #ifndef MBEDTLS_PKCS7_H @@ -60,13 +57,13 @@ #include "mbedtls/x509_crt.h" /** - * \name PKCS7 Module Error codes + * \name PKCS #7 Module Error codes * \{ */ #define MBEDTLS_ERR_PKCS7_INVALID_FORMAT -0x5300 /**< The format is invalid, e.g. different type expected. */ #define MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE -0x5380 /**< Unavailable feature, e.g. anything other than signed data. */ -#define MBEDTLS_ERR_PKCS7_INVALID_VERSION -0x5400 /**< The PKCS7 version element is invalid or cannot be parsed. */ -#define MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO -0x5480 /**< The PKCS7 content info invalid or cannot be parsed. */ +#define MBEDTLS_ERR_PKCS7_INVALID_VERSION -0x5400 /**< The PKCS #7 version element is invalid or cannot be parsed. */ +#define MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO -0x5480 /**< The PKCS #7 content info is invalid or cannot be parsed. */ #define MBEDTLS_ERR_PKCS7_INVALID_ALG -0x5500 /**< The algorithm tag or value is invalid or cannot be parsed. */ #define MBEDTLS_ERR_PKCS7_INVALID_CERT -0x5580 /**< The certificate tag or value is invalid or cannot be parsed. */ #define MBEDTLS_ERR_PKCS7_INVALID_SIGNATURE -0x5600 /**< Error parsing the signature */ @@ -74,11 +71,11 @@ #define MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA -0x5700 /**< Input invalid. */ #define MBEDTLS_ERR_PKCS7_ALLOC_FAILED -0x5780 /**< Allocation of memory failed. */ #define MBEDTLS_ERR_PKCS7_VERIFY_FAIL -0x5800 /**< Verification Failed */ -#define MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID -0x5880 /**< The PKCS7 date issued/expired dates are invalid */ +#define MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID -0x5880 /**< The PKCS #7 date issued/expired dates are invalid */ /* \} name */ /** - * \name PKCS7 Supported Version + * \name PKCS #7 Supported Version * \{ */ #define MBEDTLS_PKCS7_SUPPORTED_VERSION 0x01 @@ -89,12 +86,12 @@ extern "C" { #endif /** - * Type-length-value structure that allows for ASN1 using DER. + * Type-length-value structure that allows for ASN.1 using DER. */ typedef mbedtls_asn1_buf mbedtls_pkcs7_buf; /** - * Container for ASN1 named information objects. + * Container for ASN.1 named information objects. * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.). */ typedef mbedtls_asn1_named_data mbedtls_pkcs7_name; @@ -105,7 +102,7 @@ typedef mbedtls_asn1_named_data mbedtls_pkcs7_name; typedef mbedtls_asn1_sequence mbedtls_pkcs7_sequence; /** - * PKCS7 types + * PKCS #7 types */ typedef enum { MBEDTLS_PKCS7_NONE=0, @@ -119,7 +116,7 @@ typedef enum { mbedtls_pkcs7_type; /** - * Structure holding PKCS7 signer info + * Structure holding PKCS #7 signer info */ typedef struct mbedtls_pkcs7_signer_info { int MBEDTLS_PRIVATE(version); @@ -133,22 +130,12 @@ typedef struct mbedtls_pkcs7_signer_info { } mbedtls_pkcs7_signer_info; -/** - * Structure holding attached data as part of PKCS7 signed data format - */ -typedef struct mbedtls_pkcs7_data { - mbedtls_pkcs7_buf MBEDTLS_PRIVATE(oid); - mbedtls_pkcs7_buf MBEDTLS_PRIVATE(data); -} -mbedtls_pkcs7_data; - /** * Structure holding the signed data section */ typedef struct mbedtls_pkcs7_signed_data { int MBEDTLS_PRIVATE(version); mbedtls_pkcs7_buf MBEDTLS_PRIVATE(digest_alg_identifiers); - struct mbedtls_pkcs7_data MBEDTLS_PRIVATE(content); int MBEDTLS_PRIVATE(no_of_certs); mbedtls_x509_crt MBEDTLS_PRIVATE(certs); int MBEDTLS_PRIVATE(no_of_crls); @@ -159,32 +146,33 @@ typedef struct mbedtls_pkcs7_signed_data { mbedtls_pkcs7_signed_data; /** - * Structure holding PKCS7 structure, only signed data for now + * Structure holding PKCS #7 structure, only signed data for now */ typedef struct mbedtls_pkcs7 { mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw); - mbedtls_pkcs7_buf MBEDTLS_PRIVATE(content_type_oid); mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data); } mbedtls_pkcs7; /** - * \brief Initialize pkcs7 structure. + * \brief Initialize mbedtls_pkcs7 structure. * - * \param pkcs7 pkcs7 structure. + * \param pkcs7 mbedtls_pkcs7 structure. */ void mbedtls_pkcs7_init(mbedtls_pkcs7 *pkcs7); /** - * \brief Parse a single DER formatted pkcs7 content. + * \brief Parse a single DER formatted PKCS #7 detached signature. * - * \param pkcs7 The pkcs7 structure to be filled by parser for the output. - * \param buf The buffer holding the DER encoded pkcs7. - * \param buflen The size in bytes of \p buf. + * \param pkcs7 The mbedtls_pkcs7 structure to be filled by the parser. + * \param buf The buffer holding only the DER encoded PKCS #7 content. + * \param buflen The size in bytes of \p buf. The size must be exactly the + * length of the DER encoded PKCS #7 content. * - * \note This function makes an internal copy of the PKCS7 buffer + * \note This function makes an internal copy of the PKCS #7 buffer * \p buf. In particular, \p buf may be destroyed or reused * after this call returns. + * \note Signatures with internal data are not supported. * * \return The \c mbedtls_pkcs7_type of \p buf, if successful. * \return A negative error code on failure. @@ -193,7 +181,7 @@ int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf, const size_t buflen); /** - * \brief Verification of PKCS7 signature against a caller-supplied + * \brief Verification of PKCS #7 signature against a caller-supplied * certificate. * * For each signer in the PKCS structure, this function computes @@ -204,9 +192,10 @@ int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf, * matches. * * This function does not use the certificates held within the - * PKCS7 structure itself. + * PKCS #7 structure itself, and does not check that the + * certificate is signed by a trusted certification authority. * - * \param pkcs7 PKCS7 structure containing signature. + * \param pkcs7 mbedtls_pkcs7 structure containing signature. * \param cert Certificate containing key to verify signature. * \param data Plain data on which signature has to be verified. * \param datalen Length of the data. @@ -222,26 +211,26 @@ int mbedtls_pkcs7_signed_data_verify(mbedtls_pkcs7 *pkcs7, size_t datalen); /** - * \brief Verification of PKCS7 signature against a caller-supplied + * \brief Verification of PKCS #7 signature against a caller-supplied * certificate. * - * For each signer in the PKCS structure, this function computes - * a signature over the supplied hash, using the supplied - * certificate and the same digest algorithm as specified by the - * signer. It then compares this signature against the - * signer's signature; verification succeeds if any comparison - * matches. + * For each signer in the PKCS structure, this function + * validates a signature over the supplied hash, using the + * supplied certificate and the same digest algorithm as + * specified by the signer. Verification succeeds if any + * signature is good. * * This function does not use the certificates held within the - * PKCS7 structure itself. + * PKCS #7 structure itself, and does not check that the + * certificate is signed by a trusted certification authority. * - * \param pkcs7 PKCS7 structure containing signature. + * \param pkcs7 PKCS #7 structure containing signature. * \param cert Certificate containing key to verify signature. * \param hash Hash of the plain data on which signature has to be verified. * \param hashlen Length of the hash. * * \note This function is different from mbedtls_pkcs7_signed_data_verify() - * in a way that it directly receives the hash of the data. + * in that it is directly passed the hash of the data. * * \return 0 if the signature verifies, or a negative error code on failure. */ @@ -250,10 +239,10 @@ int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7, const unsigned char *hash, size_t hashlen); /** - * \brief Unallocate all PKCS7 data and zeroize the memory. - * It doesn't free pkcs7 itself. It should be done by the caller. + * \brief Unallocate all PKCS #7 data and zeroize the memory. + * It doesn't free \p pkcs7 itself. This should be done by the caller. * - * \param pkcs7 PKCS7 structure to free. + * \param pkcs7 mbedtls_pkcs7 structure to free. */ void mbedtls_pkcs7_free(mbedtls_pkcs7 *pkcs7); diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index f65158719..3fc1fd0c1 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -130,15 +130,28 @@ extern "C" { #endif #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ +/* Enable certain documented defines only when generating doxygen to avoid + * an "unrecognized define" error. */ +#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_CALLOC) +#define MBEDTLS_PLATFORM_STD_CALLOC +#endif + +#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_FREE) +#define MBEDTLS_PLATFORM_STD_FREE +#endif /** \} name SECTION: Module settings */ /* * The function pointers for calloc and free. + * Please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE + * in mbedtls_config.h for more information about behaviour and requirements. */ #if defined(MBEDTLS_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \ defined(MBEDTLS_PLATFORM_CALLOC_MACRO) +#undef mbedtls_free +#undef mbedtls_calloc #define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO #define mbedtls_calloc MBEDTLS_PLATFORM_CALLOC_MACRO #else @@ -160,6 +173,8 @@ int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t), void (*free_func)(void *)); #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */ #else /* !MBEDTLS_PLATFORM_MEMORY */ +#undef mbedtls_free +#undef mbedtls_calloc #define mbedtls_free free #define mbedtls_calloc calloc #endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */ @@ -184,6 +199,7 @@ extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...); int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *, ...)); #else +#undef mbedtls_fprintf #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO #else @@ -208,6 +224,7 @@ extern int (*mbedtls_printf)(const char *format, ...); */ int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...)); #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */ +#undef mbedtls_printf #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO #else @@ -243,6 +260,7 @@ extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...); int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n, const char *format, ...)); #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ +#undef mbedtls_snprintf #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO #else @@ -279,6 +297,7 @@ extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list a int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n, const char *format, va_list arg)); #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ +#undef mbedtls_vsnprintf #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) #define mbedtls_vsnprintf MBEDTLS_PLATFORM_VSNPRINTF_MACRO #else @@ -320,7 +339,9 @@ extern void (*mbedtls_setbuf)(FILE *stream, char *buf); */ int mbedtls_platform_set_setbuf(void (*setbuf_func)( FILE *stream, char *buf)); -#elif defined(MBEDTLS_PLATFORM_SETBUF_MACRO) +#else +#undef mbedtls_setbuf +#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) /** * \brief Macro defining the function for the library to * call for `setbuf` functionality (changing the @@ -334,7 +355,8 @@ int mbedtls_platform_set_setbuf(void (*setbuf_func)( #define mbedtls_setbuf MBEDTLS_PLATFORM_SETBUF_MACRO #else #define mbedtls_setbuf setbuf -#endif /* MBEDTLS_PLATFORM_SETBUF_ALT / MBEDTLS_PLATFORM_SETBUF_MACRO */ +#endif /* MBEDTLS_PLATFORM_SETBUF_MACRO */ +#endif /* MBEDTLS_PLATFORM_SETBUF_ALT */ /* * The function pointers for exit @@ -353,6 +375,7 @@ extern void (*mbedtls_exit)(int status); */ int mbedtls_platform_set_exit(void (*exit_func)(int status)); #else +#undef mbedtls_exit #if defined(MBEDTLS_PLATFORM_EXIT_MACRO) #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO #else @@ -405,6 +428,8 @@ int mbedtls_platform_set_nv_seed( int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len) ); #else +#undef mbedtls_nv_seed_read +#undef mbedtls_nv_seed_write #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \ defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) #define mbedtls_nv_seed_read MBEDTLS_PLATFORM_NV_SEED_READ_MACRO diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index eae6f5f87..21b369745 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -1,7 +1,7 @@ /** * \file platform_time.h * - * \brief mbed TLS Platform time abstraction + * \brief Mbed TLS Platform time abstraction */ /* * Copyright The Mbed TLS Contributors @@ -39,6 +39,29 @@ typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t; typedef time_t mbedtls_time_t; #endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ +#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) +typedef MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO mbedtls_ms_time_t; +#else +#include +#include +typedef int64_t mbedtls_ms_time_t; +#endif /* MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO */ + +/** + * \brief Get time in milliseconds. + * + * \return Monotonically-increasing current time in milliseconds. + * + * \note Define MBEDTLS_PLATFORM_MS_TIME_ALT to be able to provide an + * alternative implementation + * + * \warning This function returns a monotonically-increasing time value from a + * start time that will differ from platform to platform, and possibly + * from run to run of the process. + * + */ +mbedtls_ms_time_t mbedtls_ms_time(void); + /* * The function pointers for time */ diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index edbde9440..3f23fef55 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -145,6 +145,11 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; #define MBEDTLS_IGNORE_RETURN(result) ((void) !(result)) #endif +/* If the following macro is defined, the library is being built by the test + * framework, and the framework is going to provide a replacement + * mbedtls_platform_zeroize() using a preprocessor macro, so the function + * declaration should be omitted. */ +#if !defined(MBEDTLS_TEST_DEFINES_ZEROIZE) //no-check-names /** * \brief Securely zeroize a buffer * @@ -168,6 +173,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t; * */ void mbedtls_platform_zeroize(void *buf, size_t len); +#endif #if defined(MBEDTLS_HAVE_TIME_DATE) /** diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index dc74ac60c..8ce15927b 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -2,9 +2,6 @@ * \file psa_util.h * * \brief Utility functions for the use of the PSA Crypto library. - * - * \warning This function is not part of the public API and may - * change at any time. */ /* * Copyright The Mbed TLS Contributors @@ -31,232 +28,6 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa/crypto.h" - -#include "mbedtls/ecp.h" -#include "mbedtls/md.h" -#include "mbedtls/pk.h" -#include "mbedtls/oid.h" -#include "mbedtls/error.h" - -#include - -/* Translations for symmetric crypto. */ - -static inline psa_key_type_t mbedtls_psa_translate_cipher_type( - mbedtls_cipher_type_t cipher) -{ - switch (cipher) { - case MBEDTLS_CIPHER_AES_128_CCM: - case MBEDTLS_CIPHER_AES_192_CCM: - case MBEDTLS_CIPHER_AES_256_CCM: - case MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG: - case MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG: - case MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG: - case MBEDTLS_CIPHER_AES_128_GCM: - case MBEDTLS_CIPHER_AES_192_GCM: - case MBEDTLS_CIPHER_AES_256_GCM: - case MBEDTLS_CIPHER_AES_128_CBC: - case MBEDTLS_CIPHER_AES_192_CBC: - case MBEDTLS_CIPHER_AES_256_CBC: - case MBEDTLS_CIPHER_AES_128_ECB: - case MBEDTLS_CIPHER_AES_192_ECB: - case MBEDTLS_CIPHER_AES_256_ECB: - return PSA_KEY_TYPE_AES; - - /* ARIA not yet supported in PSA. */ - /* case MBEDTLS_CIPHER_ARIA_128_CCM: - case MBEDTLS_CIPHER_ARIA_192_CCM: - case MBEDTLS_CIPHER_ARIA_256_CCM: - case MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG: - case MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG: - case MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG: - case MBEDTLS_CIPHER_ARIA_128_GCM: - case MBEDTLS_CIPHER_ARIA_192_GCM: - case MBEDTLS_CIPHER_ARIA_256_GCM: - case MBEDTLS_CIPHER_ARIA_128_CBC: - case MBEDTLS_CIPHER_ARIA_192_CBC: - case MBEDTLS_CIPHER_ARIA_256_CBC: - return( PSA_KEY_TYPE_ARIA ); */ - - default: - return 0; - } -} - -static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( - mbedtls_cipher_mode_t mode, size_t taglen) -{ - switch (mode) { - case MBEDTLS_MODE_ECB: - return PSA_ALG_ECB_NO_PADDING; - case MBEDTLS_MODE_GCM: - return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen); - case MBEDTLS_MODE_CCM: - return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen); - case MBEDTLS_MODE_CCM_STAR_NO_TAG: - return PSA_ALG_CCM_STAR_NO_TAG; - case MBEDTLS_MODE_CBC: - if (taglen == 0) { - return PSA_ALG_CBC_NO_PADDING; - } else { - return 0; - } - default: - return 0; - } -} - -static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation( - mbedtls_operation_t op) -{ - switch (op) { - case MBEDTLS_ENCRYPT: - return PSA_KEY_USAGE_ENCRYPT; - case MBEDTLS_DECRYPT: - return PSA_KEY_USAGE_DECRYPT; - default: - return 0; - } -} - -/* Translations for hashing. */ - -/* Note: this function should not be used from inside the library, use - * mbedtls_hash_info_psa_from_md() from the internal hash_info.h instead. - * It is kept only for compatibility in case applications were using it. */ -static inline psa_algorithm_t mbedtls_psa_translate_md(mbedtls_md_type_t md_alg) -{ - switch (md_alg) { -#if defined(MBEDTLS_MD5_C) || defined(PSA_WANT_ALG_MD5) - case MBEDTLS_MD_MD5: - return PSA_ALG_MD5; -#endif -#if defined(MBEDTLS_SHA1_C) || defined(PSA_WANT_ALG_SHA_1) - case MBEDTLS_MD_SHA1: - return PSA_ALG_SHA_1; -#endif -#if defined(MBEDTLS_SHA224_C) || defined(PSA_WANT_ALG_SHA_224) - case MBEDTLS_MD_SHA224: - return PSA_ALG_SHA_224; -#endif -#if defined(MBEDTLS_SHA256_C) || defined(PSA_WANT_ALG_SHA_256) - case MBEDTLS_MD_SHA256: - return PSA_ALG_SHA_256; -#endif -#if defined(MBEDTLS_SHA384_C) || defined(PSA_WANT_ALG_SHA_384) - case MBEDTLS_MD_SHA384: - return PSA_ALG_SHA_384; -#endif -#if defined(MBEDTLS_SHA512_C) || defined(PSA_WANT_ALG_SHA_512) - case MBEDTLS_MD_SHA512: - return PSA_ALG_SHA_512; -#endif -#if defined(MBEDTLS_RIPEMD160_C) || defined(PSA_WANT_ALG_RIPEMD160) - case MBEDTLS_MD_RIPEMD160: - return PSA_ALG_RIPEMD160; -#endif - case MBEDTLS_MD_NONE: - return 0; - default: - return 0; - } -} - -/* Translations for ECC. */ - -static inline int mbedtls_psa_get_ecc_oid_from_id( - psa_ecc_family_t curve, size_t bits, - char const **oid, size_t *oid_len) -{ - switch (curve) { - case PSA_ECC_FAMILY_SECP_R1: - switch (bits) { -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - case 192: - *oid = MBEDTLS_OID_EC_GRP_SECP192R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192R1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - case 224: - *oid = MBEDTLS_OID_EC_GRP_SECP224R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224R1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - case 256: - *oid = MBEDTLS_OID_EC_GRP_SECP256R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256R1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - case 384: - *oid = MBEDTLS_OID_EC_GRP_SECP384R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP384R1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - case 521: - *oid = MBEDTLS_OID_EC_GRP_SECP521R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP521R1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ - } - break; - case PSA_ECC_FAMILY_SECP_K1: - switch (bits) { -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - case 192: - *oid = MBEDTLS_OID_EC_GRP_SECP192K1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP192K1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - case 224: - *oid = MBEDTLS_OID_EC_GRP_SECP224K1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP224K1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - case 256: - *oid = MBEDTLS_OID_EC_GRP_SECP256K1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_SECP256K1); - return 0; -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ - } - break; - case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch (bits) { -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - case 256: - *oid = MBEDTLS_OID_EC_GRP_BP256R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP256R1); - return 0; -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - case 384: - *oid = MBEDTLS_OID_EC_GRP_BP384R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP384R1); - return 0; -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - case 512: - *oid = MBEDTLS_OID_EC_GRP_BP512R1; - *oid_len = MBEDTLS_OID_SIZE(MBEDTLS_OID_EC_GRP_BP512R1); - return 0; -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ - } - break; - } - (void) oid; - (void) oid_len; - return -1; -} - -#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ - PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) - /* Expose whatever RNG the PSA subsystem uses to applications using the * mbedtls_xxx API. The declarations and definitions here need to be * consistent with the implementation in library/psa_crypto_random_impl.h. @@ -342,5 +113,4 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ #endif /* MBEDTLS_PSA_CRYPTO_C */ - #endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index d77a53832..69f3981ed 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -85,6 +85,12 @@ extern "C" { // Regular implementation // +#if !defined(MBEDTLS_RSA_GEN_KEY_MIN_BITS) +#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 +#elif MBEDTLS_RSA_GEN_KEY_MIN_BITS < 128 +#error "MBEDTLS_RSA_GEN_KEY_MIN_BITS must be at least 128 bits" +#endif + /** * \brief The RSA context structure. */ @@ -181,6 +187,28 @@ void mbedtls_rsa_init(mbedtls_rsa_context *ctx); int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, mbedtls_md_type_t hash_id); +/** + * \brief This function retrieves padding mode of initialized + * RSA context. + * + * \param ctx The initialized RSA context. + * + * \return RSA padding mode. + * + */ +int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx); + +/** + * \brief This function retrieves hash identifier of mbedtls_md_type_t + * type. + * + * \param ctx The initialized RSA context. + * + * \return Hash identifier of mbedtls_md_type_t type. + * + */ +int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx); + /** * \brief This function imports a set of core parameters into an * RSA context. @@ -260,15 +288,15 @@ int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, * \brief This function completes an RSA context from * a set of imported core parameters. * - * To setup an RSA public key, precisely \p N and \p E + * To setup an RSA public key, precisely \c N and \c E * must have been imported. * * To setup an RSA private key, sufficient information must * be present for the other parameters to be derivable. * * The default implementation supports the following: - *
    • Derive \p P, \p Q from \p N, \p D, \p E.
      • - *
    • Derive \p N, \p D from \p P, \p Q, \p E.
    + *
    • Derive \c P, \c Q from \c N, \c D, \c E.
      • + *
    • Derive \c N, \c D from \c P, \c Q, \c E.
    * Alternative implementations need not support these. * * If this function runs successfully, it guarantees that @@ -525,7 +553,7 @@ int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, * \note This function does not handle message padding. * * \note Make sure to set \p input[0] = 0 or ensure that - * input is smaller than \p N. + * input is smaller than \c N. * * \return \c 0 on success. * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. @@ -962,8 +990,8 @@ int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, * verification. * * \note For PKCS#1 v2.1 encoding, see comments on - * mbedtls_rsa_rsassa_pss_verify() about \p md_alg and - * \p hash_id. + * mbedtls_rsa_rsassa_pss_verify() about \c md_alg and + * \c hash_id. * * \param ctx The initialized RSA public key context to use. * \param md_alg The message-digest algorithm used to hash the original data. diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 87e5cc61a..45a5f902a 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -50,11 +50,13 @@ extern "C" { * made in the call to mbedtls_sha256_starts(). */ typedef struct mbedtls_sha256_context { + unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< The number of Bytes processed. */ uint32_t MBEDTLS_PRIVATE(state)[8]; /*!< The intermediate digest state. */ - unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< The data block being processed. */ +#if defined(MBEDTLS_SHA224_C) int MBEDTLS_PRIVATE(is224); /*!< Determines which function to use: 0: Use SHA-256, or 1: Use SHA-224. */ +#endif } mbedtls_sha256_context; diff --git a/include/mbedtls/sha3.h b/include/mbedtls/sha3.h new file mode 100644 index 000000000..77748be1f --- /dev/null +++ b/include/mbedtls/sha3.h @@ -0,0 +1,184 @@ +/** + * \file sha3.h + * + * \brief This file contains SHA-3 definitions and functions. + * + * The Secure Hash Algorithms cryptographic + * hash functions are defined in FIPS 202: SHA-3 Standard: + * Permutation-Based Hash and Extendable-Output Functions . + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_SHA3_H +#define MBEDTLS_SHA3_H +#include "mbedtls/private_access.h" + +#include "mbedtls/build_info.h" + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/** SHA-3 input data was malformed. */ +#define MBEDTLS_ERR_SHA3_BAD_INPUT_DATA -0x0076 + +/** + * SHA-3 family id. + * + * It identifies the family (SHA3-256, SHA3-512, etc.) + */ + +typedef enum { + MBEDTLS_SHA3_NONE = 0, /*!< Operation not defined. */ + MBEDTLS_SHA3_224, /*!< SHA3-224 */ + MBEDTLS_SHA3_256, /*!< SHA3-256 */ + MBEDTLS_SHA3_384, /*!< SHA3-384 */ + MBEDTLS_SHA3_512, /*!< SHA3-512 */ +} mbedtls_sha3_id; + +/** + * \brief The SHA-3 context structure. + * + * The structure is used SHA-3 checksum calculations. + */ +typedef struct { + uint64_t MBEDTLS_PRIVATE(state[25]); + uint32_t MBEDTLS_PRIVATE(index); + uint16_t MBEDTLS_PRIVATE(olen); + uint16_t MBEDTLS_PRIVATE(max_block_size); +} +mbedtls_sha3_context; + +/** + * \brief This function initializes a SHA-3 context. + * + * \param ctx The SHA-3 context to initialize. This must not be \c NULL. + */ +void mbedtls_sha3_init(mbedtls_sha3_context *ctx); + +/** + * \brief This function clears a SHA-3 context. + * + * \param ctx The SHA-3 context to clear. This may be \c NULL, in which + * case this function returns immediately. If it is not \c NULL, + * it must point to an initialized SHA-3 context. + */ +void mbedtls_sha3_free(mbedtls_sha3_context *ctx); + +/** + * \brief This function clones the state of a SHA-3 context. + * + * \param dst The destination context. This must be initialized. + * \param src The context to clone. This must be initialized. + */ +void mbedtls_sha3_clone(mbedtls_sha3_context *dst, + const mbedtls_sha3_context *src); + +/** + * \brief This function starts a SHA-3 checksum + * calculation. + * + * \param ctx The context to use. This must be initialized. + * \param id The id of the SHA-3 family. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_sha3_starts(mbedtls_sha3_context *ctx, mbedtls_sha3_id id); + +/** + * \brief This function feeds an input buffer into an ongoing + * SHA-3 checksum calculation. + * + * \param ctx The SHA-3 context. This must be initialized + * and have a hash operation started. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_sha3_update(mbedtls_sha3_context *ctx, + const uint8_t *input, + size_t ilen); + +/** + * \brief This function finishes the SHA-3 operation, and writes + * the result to the output buffer. + * + * \param ctx The SHA-3 context. This must be initialized + * and have a hash operation started. + * \param output The SHA-3 checksum result. + * This must be a writable buffer of length \c olen bytes. + * \param olen Defines the length of output buffer (in bytes). For SHA-3 224, SHA-3 256, + * SHA-3 384 and SHA-3 512 \c olen must equal to 28, 32, 48 and 64, + * respectively. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_sha3_finish(mbedtls_sha3_context *ctx, + uint8_t *output, size_t olen); + +/** + * \brief This function calculates the SHA-3 + * checksum of a buffer. + * + * The function allocates the context, performs the + * calculation, and frees the context. + * + * The SHA-3 result is calculated as + * output = SHA-3(id, input buffer, d). + * + * \param id The id of the SHA-3 family. + * \param input The buffer holding the data. This must be a readable + * buffer of length \p ilen Bytes. + * \param ilen The length of the input data in Bytes. + * \param output The SHA-3 checksum result. + * This must be a writable buffer of length \c olen bytes. + * \param olen Defines the length of output buffer (in bytes). For SHA-3 224, SHA-3 256, + * SHA-3 384 and SHA-3 512 \c olen must equal to 28, 32, 48 and 64, + * respectively. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_sha3(mbedtls_sha3_id id, const uint8_t *input, + size_t ilen, + uint8_t *output, + size_t olen); + +#if defined(MBEDTLS_SELF_TEST) +/** + * \brief Checkup routine for the algorithms implemented + * by this module: SHA3-224, SHA3-256, SHA3-384, SHA3-512. + * + * \return 0 if successful, or 1 if the test failed. + */ +int mbedtls_sha3_self_test(int verbose); +#endif /* MBEDTLS_SELF_TEST */ + +#ifdef __cplusplus +} +#endif + +#endif /* mbedtls_sha3.h */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index dbc37e831..debb1cc2c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -40,11 +40,9 @@ #include "mbedtls/dhm.h" #endif -/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due - * to guards in TLS code. There is a gap in functionality that access to - * ecdh_ctx structure is needed for MBEDTLS_ECDSA_C which does not seem correct. - */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#include "mbedtls/md.h" + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) #include "mbedtls/ecdh.h" #endif @@ -110,7 +108,8 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -/* Error space gap */ +/** Cache entry not found */ +#define MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND -0x7E80 /** Memory allocation failed */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /** Hardware acceleration function returned with error */ @@ -406,6 +405,22 @@ #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 #endif +#if !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) +#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024 +#endif + +#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) +#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 +#endif + +#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH) +#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 +#endif + +#if !defined(MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS) +#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 +#endif + /** \} name SECTION: Module settings */ /* @@ -533,7 +548,8 @@ #define MBEDTLS_SSL_HS_SERVER_HELLO 2 #define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST 3 #define MBEDTLS_SSL_HS_NEW_SESSION_TICKET 4 -#define MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS 8 // NEW IN TLS 1.3 +#define MBEDTLS_SSL_HS_END_OF_EARLY_DATA 5 +#define MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS 8 #define MBEDTLS_SSL_HS_CERTIFICATE 11 #define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE 12 #define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST 13 @@ -570,6 +586,8 @@ #define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */ #define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET 0x0017 /* 23 */ +#define MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT 28 /* RFC 8449 (implemented for TLS 1.3 only) */ + #define MBEDTLS_TLS_EXT_SESSION_TICKET 35 #define MBEDTLS_TLS_EXT_PRE_SHARED_KEY 41 /* RFC 8446 TLS 1.3 */ @@ -598,11 +616,26 @@ * Size defines */ #if !defined(MBEDTLS_PSK_MAX_LEN) -#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ +/* + * If the library supports TLS 1.3 tickets and the cipher suite + * TLS1-3-AES-256-GCM-SHA384, set the PSK maximum length to 48 instead of 32. + * That way, the TLS 1.3 client and server are able to resume sessions where + * the cipher suite is TLS1-3-AES-256-GCM-SHA384 (pre-shared keys are 48 + * bytes long in that case). + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ + defined(MBEDTLS_SSL_SESSION_TICKETS) && \ + defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && \ + defined(MBEDTLS_MD_CAN_SHA384) +#define MBEDTLS_PSK_MAX_LEN 48 /* 384 bits */ +#else +#define MBEDTLS_PSK_MAX_LEN 32 /* 256 bits */ #endif +#endif /* !MBEDTLS_PSK_MAX_LEN */ /* Dummy type used only for its size */ union mbedtls_ssl_premaster_secret { + unsigned char dummy; /* Make the union non-empty even with SSL disabled */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */ #endif @@ -671,10 +704,12 @@ typedef enum { MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, MBEDTLS_SSL_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS, + MBEDTLS_SSL_END_OF_EARLY_DATA, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO, MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO, + MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO, MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST, MBEDTLS_SSL_HANDSHAKE_OVER, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET, @@ -1086,13 +1121,13 @@ typedef void mbedtls_ssl_async_cancel_t(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) && \ !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) #define MBEDTLS_SSL_PEER_CERT_DIGEST_MAX_LEN 48 -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 32 -#elif defined(MBEDTLS_SHA384_C) +#elif defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA384 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 48 -#elif defined(MBEDTLS_SHA1_C) +#elif defined(MBEDTLS_MD_CAN_SHA1) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA1 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 20 #else @@ -1590,19 +1625,21 @@ struct mbedtls_ssl_context { renego_max_records is < 0 */ #endif /* MBEDTLS_SSL_RENEGOTIATION */ - /** Server: Negotiated TLS protocol version. - * Client: Maximum TLS version to be negotiated, then negotiated TLS - * version. + /** + * Maximum TLS version to be negotiated, then negotiated TLS version. * - * It is initialized as the maximum TLS version to be negotiated in the - * ClientHello writing preparation stage and used throughout the - * ClientHello writing. For a fresh handshake not linked to any previous - * handshake, it is initialized to the configured maximum TLS version - * to be negotiated. When renegotiating or resuming a session, it is - * initialized to the previously negotiated TLS version. + * It is initialized as the configured maximum TLS version to be + * negotiated by mbedtls_ssl_setup(). * - * Updated to the negotiated TLS version as soon as the ServerHello is - * received. + * When renegotiating or resuming a session, it is overwritten in the + * ClientHello writing preparation stage with the previously negotiated + * TLS version. + * + * On client side, it is updated to the TLS version selected by the server + * for the handshake when the ServerHello is received. + * + * On server side, it is updated to the TLS version the server selects for + * the handshake when the ClientHello is received. */ mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version); @@ -1866,6 +1903,10 @@ void mbedtls_ssl_init(mbedtls_ssl_context *ssl); * Calling mbedtls_ssl_setup again is not supported, even * if no session is active. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param ssl SSL context * \param conf SSL configuration to use * @@ -1894,6 +1935,19 @@ int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl); */ void mbedtls_ssl_conf_endpoint(mbedtls_ssl_config *conf, int endpoint); +/** + * \brief Get the current endpoint type + * + * \param conf SSL configuration + * + * \return Endpoint type, either MBEDTLS_SSL_IS_CLIENT + * or MBEDTLS_SSL_IS_SERVER + */ +static inline int mbedtls_ssl_conf_get_endpoint(const mbedtls_ssl_config *conf) +{ + return conf->MBEDTLS_PRIVATE(endpoint); +} + /** * \brief Set the transport type (TLS or DTLS). * Default: TLS @@ -2133,10 +2187,10 @@ void mbedtls_ssl_set_bio(mbedtls_ssl_context *ssl, * \param own_cid The address of the readable buffer holding the CID we want * the peer to use when sending encrypted messages to us. * This may be \c NULL if \p own_cid_len is \c 0. - * This parameter is unused if \p enabled is set to + * This parameter is unused if \p enable is set to * MBEDTLS_SSL_CID_DISABLED. * \param own_cid_len The length of \p own_cid. - * This parameter is unused if \p enabled is set to + * This parameter is unused if \p enable is set to * MBEDTLS_SSL_CID_DISABLED. * * \note The value of \p own_cid_len must match the value of the @@ -3087,8 +3141,8 @@ int mbedtls_ssl_session_load(mbedtls_ssl_session *session, * * \param session The session structure to be saved. * \param buf The buffer to write the serialized data to. It must be a - * writeable buffer of at least \p len bytes, or may be \c - * NULL if \p len is \c 0. + * writeable buffer of at least \p buf_len bytes, or may be \c + * NULL if \p buf_len is \c 0. * \param buf_len The number of bytes available for writing in \p buf. * \param olen The size in bytes of the data that has been or would have * been written. It must point to a valid \c size_t. @@ -3229,7 +3283,7 @@ void mbedtls_ssl_conf_tls13_key_exchange_modes(mbedtls_ssl_config *conf, * record headers. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p own_cid_len + * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if \p len * is too large. */ int mbedtls_ssl_conf_cid(mbedtls_ssl_config *conf, size_t len, @@ -3753,13 +3807,28 @@ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, * On too long input failure, old hostname is unchanged. */ int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname); + +/** + * \brief Get the hostname that checked against the received + * server certificate. It is used to set the ServerName + * TLS extension, too, if that extension is enabled. + * (client-side only) + * + * \param ssl SSL context + * + * \return const pointer to the hostname value + */ +static inline const char *mbedtls_ssl_get_hostname(mbedtls_ssl_context *ssl) +{ + return ssl->MBEDTLS_PRIVATE(hostname); +} #endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) /** * \brief Retrieve SNI extension value for the current handshake. - * Available in \p f_cert_cb of \c mbedtls_ssl_conf_cert_cb(), - * this is the same value passed to \p f_sni callback of + * Available in \c f_cert_cb of \c mbedtls_ssl_conf_cert_cb(), + * this is the same value passed to \c f_sni callback of * \c mbedtls_ssl_conf_sni() and may be used instead of * \c mbedtls_ssl_conf_sni(). * @@ -3768,10 +3837,10 @@ int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname); * 0 if SNI extension is not present or not yet processed. * * \return const pointer to SNI extension value. - * - value is valid only when called in \p f_cert_cb + * - value is valid only when called in \c f_cert_cb * registered with \c mbedtls_ssl_conf_cert_cb(). * - value is NULL if SNI extension is not present. - * - value is not '\0'-terminated. Use \c name_len for len. + * - value is not '\0'-terminated. Use \c name_len for len. * - value must not be freed. */ const unsigned char *mbedtls_ssl_get_hs_sni(mbedtls_ssl_context *ssl, @@ -4064,7 +4133,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, i * negotiated. * * \param conf SSL configuration - * \param tls_version TLS protocol version number (\p mbedtls_ssl_protocol_version) + * \param tls_version TLS protocol version number (\c mbedtls_ssl_protocol_version) * (#MBEDTLS_SSL_VERSION_UNKNOWN is not valid) */ static inline void mbedtls_ssl_conf_max_tls_version(mbedtls_ssl_config *conf, @@ -4121,7 +4190,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, i * negotiated. * * \param conf SSL configuration - * \param tls_version TLS protocol version number (\p mbedtls_ssl_protocol_version) + * \param tls_version TLS protocol version number (\c mbedtls_ssl_protocol_version) * (#MBEDTLS_SSL_VERSION_UNKNOWN is not valid) */ static inline void mbedtls_ssl_conf_min_tls_version(mbedtls_ssl_config *conf, @@ -4542,7 +4611,7 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl); /** * \brief Return the current maximum incoming record payload in bytes. * - * \note The logic to determine the maximum outgoing record payload is + * \note The logic to determine the maximum incoming record payload is * version-specific. It takes into account various factors, such as * the mbedtls_config.h setting \c MBEDTLS_SSL_IN_CONTENT_LEN, extensions * such as the max fragment length extension or record size limit @@ -4554,7 +4623,7 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl); * * \param ssl SSL context * - * \return Current maximum payload for an outgoing record, + * \return Current maximum payload for an incoming record, * or a negative error code. */ int mbedtls_ssl_get_max_in_record_payload(const mbedtls_ssl_context *ssl); @@ -4681,6 +4750,11 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, * in which case the datagram of the underlying transport that is * currently being processed might or might not contain further * DTLS records. + * + * \note If the context is configured to allow TLS 1.3, or if + * #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. */ int mbedtls_ssl_handshake(mbedtls_ssl_context *ssl); diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index 5cd1cd3f3..7a90191c3 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -102,6 +102,11 @@ void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache); * \param session_id_len The length of \p session_id in bytes. * \param session The address at which to store the session * associated with \p session_id, if present. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND if there is + * no cache entry with specified session ID found, or + * any other negative error code for other failures. */ int mbedtls_ssl_cache_get(void *data, unsigned char const *session_id, @@ -117,12 +122,33 @@ int mbedtls_ssl_cache_get(void *data, * associated to \p session. * \param session_id_len The length of \p session_id in bytes. * \param session The session to store. + * + * \return \c 0 on success. + * \return A negative error code on failure. */ int mbedtls_ssl_cache_set(void *data, unsigned char const *session_id, size_t session_id_len, const mbedtls_ssl_session *session); +/** + * \brief Remove the cache entry by the session ID + * (Thread-safe if MBEDTLS_THREADING_C is enabled) + * + * \param data The SSL cache context to use. + * \param session_id The pointer to the buffer holding the session ID + * associated to session. + * \param session_id_len The length of \p session_id in bytes. + * + * \return \c 0 on success. This indicates the cache entry for + * the session with provided ID is removed or does not + * exist. + * \return A negative error code on failure. + */ +int mbedtls_ssl_cache_remove(void *data, + unsigned char const *session_id, + size_t session_id_len); + #if defined(MBEDTLS_HAVE_TIME) /** * \brief Set the cache timeout @@ -134,6 +160,20 @@ int mbedtls_ssl_cache_set(void *data, * \param timeout cache entry timeout in seconds */ void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout); + +/** + * \brief Get the cache timeout + * + * A timeout of 0 indicates no timeout. + * + * \param cache SSL cache context + * + * \return cache entry timeout in seconds + */ +static inline int mbedtls_ssl_cache_get_timeout(mbedtls_ssl_cache_context *cache) +{ + return cache->MBEDTLS_PRIVATE(timeout); +} #endif /* MBEDTLS_HAVE_TIME */ /** diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 17b8ff789..07f2facef 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -1,7 +1,7 @@ /** * \file ssl_ciphersuites.h * - * \brief SSL Ciphersuites for mbed TLS + * \brief SSL Ciphersuites for Mbed TLS */ /* * Copyright The Mbed TLS Contributors @@ -292,21 +292,49 @@ typedef enum { #define MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED #endif +/* Key exchanges in either TLS 1.2 or 1.3 which are using an ECDSA + * signature */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) +#define MBEDTLS_KEY_EXCHANGE_WITH_ECDSA_ANY_ENABLED +#endif + #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) || \ defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) #define MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED #endif -/* Key exchanges allowing client certificate requests */ +/* Key exchanges allowing client certificate requests. + * + * Note: that's almost the same as MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED + * above, except RSA-PSK uses a server certificate but no client cert. + * + * Note: this difference is specific to TLS 1.2, as with TLS 1.3, things are + * more symmetrical: client certs and server certs are either both allowed + * (Ephemeral mode) or both disallowed (PSK and PKS-Ephemeral modes). + */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) #define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED #endif +/* Helper to state that certificate-based client authentication through ECDSA + * is supported in TLS 1.2 */ +#if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) && \ + defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) +#define MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED +#endif + +/* ECDSA required for certificates in either TLS 1.2 or 1.3 */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) +#define MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED +#endif + /* Key exchanges involving server signature in ServerKeyExchange */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ @@ -346,11 +374,6 @@ typedef enum { #define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED #endif -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \ - defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) -#define MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED -#endif - /* Key exchanges using DHE */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) @@ -364,6 +387,62 @@ typedef enum { #define MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED #endif +/* TLS 1.2 key exchanges using ECDH or ECDHE*/ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) +#define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED +#endif + +/* TLS 1.3 PSK key exchanges */ +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) +#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED +#endif + +/* TLS 1.2 or 1.3 key exchanges with PSK */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) +#define MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED +#endif + +/* TLS 1.3 ephemeral key exchanges */ +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) +#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED +#endif + +/* TLS 1.3 key exchanges using ECDHE */ +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ + defined(PSA_WANT_ALG_ECDH) +#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_ECDHE_ENABLED +#endif + +/* TLS 1.2 or 1.3 key exchanges using ECDH or ECDHE */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_ECDHE_ENABLED) +#define MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED +#endif + +/* TLS 1.2 XXDH key exchanges: ECDH or ECDHE or FFDH */ +#if (defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)) +#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_1_2_ENABLED +#endif + +/* The handshake params structure has a set of fields called xxdh_psa which are used: + * - by TLS 1.2 with `USE_PSA` to do ECDH or ECDHE; + * - by TLS 1.3 to do ECDHE or FFDHE. + * The following macros can be used to guard their declaration and use. + */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) && \ + defined(MBEDTLS_USE_PSA_CRYPTO) +#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_1_2_ENABLED +#endif +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_1_2_ENABLED) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) +#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED +#endif + typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; #define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 1b9c7ced2..6a336c3ed 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -55,9 +55,9 @@ typedef struct mbedtls_threading_mutex_t { * \brief Set your alternate threading implementation function * pointers and initialize global mutexes. If used, this * function must be called once in the main thread before any - * other mbed TLS function is called, and + * other Mbed TLS function is called, and * mbedtls_threading_free_alt() must be called once in the main - * thread after all other mbed TLS functions. + * thread after all other Mbed TLS functions. * * \note mutex_init() and mutex_free() don't return a status code. * If mutex_init() fails, it should leave its argument (the diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 2d4a19c01..830dcee63 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -39,7 +39,7 @@ extern "C" { * \brief timer structure */ struct mbedtls_timing_hr_time { - unsigned char MBEDTLS_PRIVATE(opaque)[32]; + uint64_t MBEDTLS_PRIVATE(opaque)[4]; }; /** diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index bb1a4c3cb..073211a19 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -52,9 +52,9 @@ unsigned int mbedtls_version_get_number(void); void mbedtls_version_get_string(char *string); /** - * Get the full version string ("mbed TLS x.y.z"). + * Get the full version string ("Mbed TLS x.y.z"). * - * \param string The string that will receive the value. The mbed TLS version + * \param string The string that will receive the value. The Mbed TLS version * string will use 18 bytes AT MOST including a terminating * null byte. * (So the buffer should be at least 18 bytes to receive this @@ -64,12 +64,12 @@ void mbedtls_version_get_string_full(char *string); /** * \brief Check if support for a feature was compiled into this - * mbed TLS binary. This allows you to see at runtime if the + * Mbed TLS binary. This allows you to see at runtime if the * library was for instance compiled with or without * Multi-threading support. * * \note only checks against defines in the sections "System - * support", "mbed TLS modules" and "mbed TLS feature + * support", "Mbed TLS modules" and "Mbed TLS feature * support" in mbedtls_config.h * * \param feature The string for the define to check (e.g. "MBEDTLS_AES_C") diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index 52fadad17..a9267c791 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -148,7 +148,7 @@ /* * X.509 v3 Key Usage Extension flags - * Reminder: update x509_info_key_usage() when adding new flags. + * Reminder: update mbedtls_x509_info_key_usage() when adding new flags. */ #define MBEDTLS_X509_KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ #define MBEDTLS_X509_KU_NON_REPUDIATION (0x40) /* bit 1 */ @@ -243,6 +243,17 @@ typedef mbedtls_asn1_named_data mbedtls_x509_name; */ typedef mbedtls_asn1_sequence mbedtls_x509_sequence; +/* + * Container for the fields of the Authority Key Identifier object + */ +typedef struct mbedtls_x509_authority { + mbedtls_x509_buf keyIdentifier; + mbedtls_x509_sequence authorityCertIssuer; + mbedtls_x509_buf authorityCertSerialNumber; + mbedtls_x509_buf raw; +} +mbedtls_x509_authority; + /** Container for date and time (precision in seconds). */ typedef struct mbedtls_x509_time { int year, mon, day; /**< Date. */ @@ -250,6 +261,63 @@ typedef struct mbedtls_x509_time { } mbedtls_x509_time; +/** + * From RFC 5280 section 4.2.1.6: + * OtherName ::= SEQUENCE { + * type-id OBJECT IDENTIFIER, + * value [0] EXPLICIT ANY DEFINED BY type-id } + * + * Future versions of the library may add new fields to this structure or + * to its embedded union and structure. + */ +typedef struct mbedtls_x509_san_other_name { + /** + * The type_id is an OID as defined in RFC 5280. + * To check the value of the type id, you should use + * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. + */ + mbedtls_x509_buf type_id; /**< The type id. */ + union { + /** + * From RFC 4108 section 5: + * HardwareModuleName ::= SEQUENCE { + * hwType OBJECT IDENTIFIER, + * hwSerialNum OCTET STRING } + */ + struct { + mbedtls_x509_buf oid; /**< The object identifier. */ + mbedtls_x509_buf val; /**< The named value. */ + } + hardware_module_name; + } + value; +} +mbedtls_x509_san_other_name; + +/** + * A structure for holding the parsed Subject Alternative Name, + * according to type. + * + * Future versions of the library may add new fields to this structure or + * to its embedded union and structure. + */ +typedef struct mbedtls_x509_subject_alternative_name { + int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ + union { + mbedtls_x509_san_other_name other_name; + mbedtls_x509_name directory_name; + mbedtls_x509_buf unstructured_name; /**< The buffer for the unstructured types. rfc822Name, dnsName and uniformResourceIdentifier are currently supported. */ + } + san; /**< A union of the supported SAN types */ +} +mbedtls_x509_subject_alternative_name; + +typedef struct mbedtls_x509_san_list { + mbedtls_x509_subject_alternative_name node; + struct mbedtls_x509_san_list *next; +} +mbedtls_x509_san_list; + /** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ /** @@ -298,6 +366,31 @@ static inline mbedtls_x509_name *mbedtls_x509_dn_get_next( */ int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial); +/** + * \brief Compare pair of mbedtls_x509_time. + * + * \param t1 mbedtls_x509_time to compare + * \param t2 mbedtls_x509_time to compare + * + * \return < 0 if t1 is before t2 + * 0 if t1 equals t2 + * > 0 if t1 is after t2 + */ +int mbedtls_x509_time_cmp(const mbedtls_x509_time *t1, const mbedtls_x509_time *t2); + +#if defined(MBEDTLS_HAVE_TIME_DATE) +/** + * \brief Fill mbedtls_x509_time with provided mbedtls_time_t. + * + * \param tt mbedtls_time_t to convert + * \param now mbedtls_x509_time to fill with converted mbedtls_time_t + * + * \return \c 0 on success + * \return A non-zero return value on failure. + */ +int mbedtls_x509_time_gmtime(mbedtls_time_t tt, mbedtls_x509_time *now); +#endif /* MBEDTLS_HAVE_TIME_DATE */ + /** * \brief Check a given mbedtls_x509_time against the system time * and tell if it's in the past. @@ -326,6 +419,47 @@ int mbedtls_x509_time_is_past(const mbedtls_x509_time *to); */ int mbedtls_x509_time_is_future(const mbedtls_x509_time *from); +/** + * \brief This function parses an item in the SubjectAlternativeNames + * extension. Please note that this function might allocate + * additional memory for a subject alternative name, thus + * mbedtls_x509_free_subject_alt_name has to be called + * to dispose of this additional memory afterwards. + * + * \param san_buf The buffer holding the raw data item of the subject + * alternative name. + * \param san The target structure to populate with the parsed presentation + * of the subject alternative name encoded in \p san_buf. + * + * \note Supported GeneralName types, as defined in RFC 5280: + * "rfc822Name", "dnsName", "directoryName", + * "uniformResourceIdentifier" and "hardware_module_name" + * of type "otherName", as defined in RFC 4108. + * + * \note This function should be called on a single raw data of + * subject alternative name. For example, after successful + * certificate parsing, one must iterate on every item in the + * \c crt->subject_alt_names sequence, and pass it to + * this function. + * + * \warning The target structure contains pointers to the raw data of the + * parsed certificate, and its lifetime is restricted by the + * lifetime of the certificate. + * + * \return \c 0 on success + * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported + * SAN type. + * \return Another negative value for any other failure. + */ +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san); +/** + * \brief Unallocate all data related to subject alternative name + * + * \param san SAN structure - extra memory owned by this structure will be freed + */ +void mbedtls_x509_free_subject_alt_name(mbedtls_x509_subject_alternative_name *san); + /** \} addtogroup x509_module */ /* @@ -369,7 +503,48 @@ int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, mbedtls_asn1_named_data *first); int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, - unsigned char *sig, size_t size); + unsigned char *sig, size_t size, + mbedtls_pk_type_t pk_alg); +int mbedtls_x509_get_ns_cert_type(unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type); +int mbedtls_x509_get_key_usage(unsigned char **p, + const unsigned char *end, + unsigned int *key_usage); +int mbedtls_x509_get_subject_alt_name(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name); +int mbedtls_x509_get_subject_alt_name_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name); +int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size, + const mbedtls_x509_sequence + *subject_alt_name, + const char *prefix); +int mbedtls_x509_info_cert_type(char **buf, size_t *size, + unsigned char ns_cert_type); +int mbedtls_x509_info_key_usage(char **buf, size_t *size, + unsigned int key_usage); + +int mbedtls_x509_write_set_san_common(mbedtls_asn1_named_data **extensions, + const mbedtls_x509_san_list *san_list); + +/** + * \brief This function parses a CN string as an IP address. + * + * \param cn The CN string to parse. CN string MUST be null-terminated. + * \param dst The target buffer to populate with the binary IP address. + * The buffer MUST be 16 bytes to save IPv6, and should be + * 4-byte aligned if the result will be used as struct in_addr. + * e.g. uint32_t dst[4] + * + * \note \p cn is parsed as an IPv6 address if string contains ':', + * else \p cn is parsed as an IPv4 address. + * + * \return Length of binary IP address; num bytes written to target. + * \return \c 0 on failure to parse CN string as an IP address. + */ +size_t mbedtls_x509_crt_parse_cn_inet_pton(const char *cn, void *dst); #define MBEDTLS_X509_SAFE_SNPRINTF \ do { \ diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 49bbf6164..62694ae7f 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -107,6 +107,10 @@ mbedtls_x509_crl; /** * \brief Parse a DER-encoded CRL and append it to the chained list * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in DER format * \param buflen size of the buffer @@ -121,6 +125,10 @@ int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, * * \note Multiple CRLs are accepted only if using PEM format * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param buf buffer holding the CRL data in PEM or DER format * \param buflen size of the buffer @@ -136,6 +144,10 @@ int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, si * * \note Multiple CRLs are accepted only if using PEM format * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param path filename to read the CRLs from (in PEM or DER encoding) * diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 661f8aa7b..3f9b25075 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -24,7 +24,6 @@ #include "mbedtls/private_access.h" #include "mbedtls/build_info.h" -#include "mbedtls/legacy_or_psa.h" #include "mbedtls/x509.h" #include "mbedtls/x509_crl.h" @@ -76,7 +75,9 @@ typedef struct mbedtls_x509_crt { mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ - mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName and OtherName are listed). */ + mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension. These can be later parsed by mbedtls_x509_parse_subject_alt_name. */ + mbedtls_x509_buf subject_key_id; /**< Optional X.509 v3 extension subject key identifier. */ + mbedtls_x509_authority authority_key_id; /**< Optional X.509 v3 extension authority key identifier. */ mbedtls_x509_sequence certificate_policies; /**< Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed). */ @@ -102,56 +103,6 @@ typedef struct mbedtls_x509_crt { } mbedtls_x509_crt; -/** - * From RFC 5280 section 4.2.1.6: - * OtherName ::= SEQUENCE { - * type-id OBJECT IDENTIFIER, - * value [0] EXPLICIT ANY DEFINED BY type-id } - * - * Future versions of the library may add new fields to this structure or - * to its embedded union and structure. - */ -typedef struct mbedtls_x509_san_other_name { - /** - * The type_id is an OID as defined in RFC 5280. - * To check the value of the type id, you should use - * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf. - */ - mbedtls_x509_buf type_id; /**< The type id. */ - union { - /** - * From RFC 4108 section 5: - * HardwareModuleName ::= SEQUENCE { - * hwType OBJECT IDENTIFIER, - * hwSerialNum OCTET STRING } - */ - struct { - mbedtls_x509_buf oid; /**< The object identifier. */ - mbedtls_x509_buf val; /**< The named value. */ - } - hardware_module_name; - } - value; -} -mbedtls_x509_san_other_name; - -/** - * A structure for holding the parsed Subject Alternative Name, - * according to type. - * - * Future versions of the library may add new fields to this structure or - * to its embedded union and structure. - */ -typedef struct mbedtls_x509_subject_alternative_name { - int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */ - union { - mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */ - mbedtls_x509_buf unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */ - } - san; /**< A union of the supported SAN types */ -} -mbedtls_x509_subject_alternative_name; - /** * Build flag from an algorithm/curve identifier (pk, md, ecp) * Since 0 is always XXX_NONE, ignore it. @@ -197,7 +148,7 @@ mbedtls_x509_crt_profile; #define MBEDTLS_X509_CRT_VERSION_2 1 #define MBEDTLS_X509_CRT_VERSION_3 2 -#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32 +#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 20 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15 #if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) @@ -277,7 +228,8 @@ mbedtls_x509_crt_profile; */ typedef struct mbedtls_x509write_cert { int MBEDTLS_PRIVATE(version); - mbedtls_mpi MBEDTLS_PRIVATE(serial); + unsigned char MBEDTLS_PRIVATE(serial)[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN]; + size_t MBEDTLS_PRIVATE(serial_len); mbedtls_pk_context *MBEDTLS_PRIVATE(subject_key); mbedtls_pk_context *MBEDTLS_PRIVATE(issuer_key); mbedtls_asn1_named_data *MBEDTLS_PRIVATE(subject); @@ -289,6 +241,21 @@ typedef struct mbedtls_x509write_cert { } mbedtls_x509write_cert; +/** + * \brief Set Subject Alternative Name + * + * \param ctx Certificate context to use + * \param san_list List of SAN values + * + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + * + * \note "dnsName", "uniformResourceIdentifier", "IP address", + * "otherName", and "DirectoryName", as defined in RFC 5280, + * are supported. + */ +int mbedtls_x509write_crt_set_subject_alternative_name(mbedtls_x509write_cert *ctx, + const mbedtls_x509_san_list *san_list); + /** * Item in a verification chain: cert and flags for it */ @@ -390,6 +357,10 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none; * \brief Parse a single DER formatted certificate and add it * to the end of the provided chained list. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The pointer to the start of the CRT chain to attach to. * When parsing the first CRT in a chain, this should point * to an instance of ::mbedtls_x509_crt initialized through @@ -451,6 +422,10 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx, * \brief Parse a single DER formatted certificate and add it * to the end of the provided chained list. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The pointer to the start of the CRT chain to attach to. * When parsing the first CRT in a chain, this should point * to an instance of ::mbedtls_x509_crt initialized through @@ -501,6 +476,10 @@ int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain, * temporary ownership of the CRT buffer until the CRT * is destroyed. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The pointer to the start of the CRT chain to attach to. * When parsing the first CRT in a chain, this should point * to an instance of ::mbedtls_x509_crt initialized through @@ -541,6 +520,10 @@ int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain, * long as the certificates are enclosed in the PEM specific * '-----{BEGIN/END} CERTIFICATE-----' delimiters. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain The chain to which to add the parsed certificates. * \param buf The buffer holding the certificate data in PEM or DER format. * For certificates in PEM encoding, this may be a concatenation @@ -565,6 +548,10 @@ int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, si * of failed certificates it encountered. If none complete * correctly, the first error is returned. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param chain points to the start of the chain * \param path filename to read the certificates from * @@ -589,35 +576,6 @@ int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path); int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path); #endif /* MBEDTLS_FS_IO */ -/** - * \brief This function parses an item in the SubjectAlternativeNames - * extension. - * - * \param san_buf The buffer holding the raw data item of the subject - * alternative name. - * \param san The target structure to populate with the parsed presentation - * of the subject alternative name encoded in \p san_raw. - * - * \note Only "dnsName" and "otherName" of type hardware_module_name - * as defined in RFC 4180 is supported. - * - * \note This function should be called on a single raw data of - * subject alternative name. For example, after successful - * certificate parsing, one must iterate on every item in the - * \p crt->subject_alt_names sequence, and pass it to - * this function. - * - * \warning The target structure contains pointers to the raw data of the - * parsed certificate, and its lifetime is restricted by the - * lifetime of the certificate. - * - * \return \c 0 on success - * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported - * SAN type. - * \return Another negative value for any other failure. - */ -int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san); #if !defined(MBEDTLS_X509_REMOVE_INFO) /** @@ -698,8 +656,12 @@ int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix, * \param cn The expected Common Name. This will be checked to be * present in the certificate's subjectAltNames extension or, * if this extension is absent, as a CN component in its - * Subject name. Currently only DNS names are supported. This - * may be \c NULL if the CN need not be verified. + * Subject name. DNS names and IP addresses are fully + * supported, while the URI subtype is partially supported: + * only exact matching, without any normalization procedures + * described in 7.4 of RFC5280, will result in a positive + * URI verification. + * This may be \c NULL if the CN need not be verified. * \param flags The address at which to store the result of the verification. * If the verification couldn't be completed, the flag value is * set to (uint32_t) -1. @@ -986,15 +948,43 @@ void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx); */ void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version); +#if defined(MBEDTLS_BIGNUM_C) && !defined(MBEDTLS_DEPRECATED_REMOVED) /** * \brief Set the serial number for a Certificate. * + * \deprecated This function is deprecated and will be removed in a + * future version of the library. Please use + * mbedtls_x509write_crt_set_serial_raw() instead. + * + * \note Even though the MBEDTLS_BIGNUM_C guard looks redundant since + * X509 depends on PK and PK depends on BIGNUM, this emphasizes + * a direct dependency between X509 and BIGNUM which is going + * to be deprecated in the future. + * * \param ctx CRT context to use * \param serial serial number to set * * \return 0 if successful */ -int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial); +int MBEDTLS_DEPRECATED mbedtls_x509write_crt_set_serial( + mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial); +#endif // MBEDTLS_BIGNUM_C && !MBEDTLS_DEPRECATED_REMOVED + +/** + * \brief Set the serial number for a Certificate. + * + * \param ctx CRT context to use + * \param serial A raw array of bytes containing the serial number in big + * endian format + * \param serial_len Length of valid bytes (expressed in bytes) in \p serial + * input buffer + * + * \return 0 if successful, or + * MBEDTLS_ERR_X509_BAD_INPUT_DATA if the provided input buffer + * is too big (longer than MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) + */ +int mbedtls_x509write_crt_set_serial_raw(mbedtls_x509write_cert *ctx, + unsigned char *serial, size_t serial_len); /** * \brief Set the validity period for a Certificate @@ -1017,7 +1007,7 @@ int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char * * \brief Set the issuer name for a Certificate * Issuer names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS CA" + * e.g. "C=UK,O=ARM,CN=Mbed TLS CA" * * \param ctx CRT context to use * \param issuer_name issuer name to set @@ -1032,7 +1022,7 @@ int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, * \brief Set the subject name for a Certificate * Subject names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1" * * \param ctx CRT context to use * \param subject_name subject name to set @@ -1100,7 +1090,7 @@ int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, int is_ca, int max_pathlen); -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) /** * \brief Set the subjectKeyIdentifier extension for a CRT * Requires that mbedtls_x509write_crt_set_subject_key() has been @@ -1122,7 +1112,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx * \return 0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED */ int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx); -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ /** * \brief Set the Key Usage Extension flags diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 50998c42b..513a83edd 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -58,6 +58,12 @@ typedef struct mbedtls_x509_csr { mbedtls_pk_context pk; /**< Container for the public key context. */ + unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ + unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ + mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension. These can be later parsed by mbedtls_x509_parse_subject_alt_name. */ + + int MBEDTLS_PRIVATE(ext_types); /**< Bit string containing detected and parsed extensions */ + mbedtls_x509_buf sig_oid; mbedtls_x509_buf MBEDTLS_PRIVATE(sig); mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */ @@ -83,6 +89,10 @@ mbedtls_x509write_csr; * * \note CSR attributes (if any) are currently silently ignored. * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param csr CSR context to fill * \param buf buffer holding the CRL data * \param buflen size of the buffer @@ -97,6 +107,10 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, * * \note See notes for \c mbedtls_x509_csr_parse_der() * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * * \param csr CSR context to fill * \param buf buffer holding the CRL data * \param buflen size of the buffer @@ -166,7 +180,7 @@ void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx); * \brief Set the subject name for a CSR * Subject names should contain a comma-separated list * of OID types and values: - * e.g. "C=UK,O=ARM,CN=mbed TLS Server 1" + * e.g. "C=UK,O=ARM,CN=Mbed TLS Server 1" * * \param ctx CSR context to use * \param subject_name subject name to set @@ -214,6 +228,20 @@ void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_typ */ int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage); +/** + * \brief Set Subject Alternative Name + * + * \param ctx CSR context to use + * \param san_list List of SAN values + * + * \return 0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED + * + * \note Only "dnsName", "uniformResourceIdentifier" and "otherName", + * as defined in RFC 5280, are supported. + */ +int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ctx, + const mbedtls_x509_san_list *san_list); + /** * \brief Set the Netscape Cert Type flags * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL) diff --git a/include/psa/build_info.h b/include/psa/build_info.h new file mode 100644 index 000000000..34a138d72 --- /dev/null +++ b/include/psa/build_info.h @@ -0,0 +1,32 @@ +/** + * \file psa/build_info.h + * + * \brief Build-time PSA configuration info + * + * Include this file if you need to depend on the + * configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE + * in PSA cryptography core specific files. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_BUILD_INFO_H +#define PSA_CRYPTO_BUILD_INFO_H + +#include "mbedtls/build_info.h" + +#endif /* PSA_CRYPTO_BUILD_INFO_H */ diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 2b9b2a27e..6b06187bf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -22,7 +22,11 @@ #ifndef PSA_CRYPTO_H #define PSA_CRYPTO_H +#if defined(MBEDTLS_PSA_CRYPTO_PLATFORM_FILE) +#include MBEDTLS_PSA_CRYPTO_PLATFORM_FILE +#else #include "crypto_platform.h" +#endif #include @@ -88,16 +92,16 @@ extern "C" { * initialization may have security implications, for example due to improper * seeding of the random number generator. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ psa_status_t psa_crypto_init(void); @@ -368,14 +372,14 @@ static size_t psa_get_key_bits(const psa_key_attributes_t *attributes); * On failure, equivalent to a * freshly-initialized structure. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -486,7 +490,7 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); * identifier defined in \p attributes. * \c 0 on failure. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_HANDLE * \p source_key is invalid. * \retval #PSA_ERROR_ALREADY_EXISTS @@ -502,14 +506,14 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); * The source key does not have the #PSA_KEY_USAGE_COPY usage flag, or * the source key is not exportable and its lifetime does not * allow copying it to the target's lifetime. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -631,14 +635,14 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); * the key data is not correctly formatted, or * the size in \p attributes is nonzero and does not match the size * of the key data. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -718,22 +722,22 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes, * \param[out] data_length On success, the number of bytes * that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_EXPORT flag. - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p data buffer is too small. You can determine a * sufficient buffer size by calling * #PSA_EXPORT_KEY_OUTPUT_SIZE(\c type, \c bits) * where \c type is the key type * and \c bits is the key size in bits. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -793,22 +797,22 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key, * \param[out] data_length On success, the number of bytes * that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is neither a public key nor a key pair. - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p data buffer is too small. You can determine a * sufficient buffer size by calling * #PSA_EXPORT_KEY_OUTPUT_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(\c type), \c bits) * where \c type is the key type * and \c bits is the key size in bits. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -846,13 +850,13 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a hash algorithm. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p hash_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -884,10 +888,10 @@ psa_status_t psa_hash_compute(psa_algorithm_t alg, * \p alg is not supported or is not a hash algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT * \p input_length or \p hash_length do not match the hash size for \p alg - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -977,10 +981,10 @@ static psa_hash_operation_t psa_hash_operation_init(void); * \p alg is not a supported hash algorithm. * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a hash algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive), or * the library has not been previously initialized by psa_crypto_init(). @@ -1003,10 +1007,10 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active), or * the library has not been previously initialized by psa_crypto_init(). @@ -1049,10 +1053,10 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation, * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg) * where \c alg is the hash algorithm that is calculated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active), or * the library has not been previously initialized by psa_crypto_init(). @@ -1090,10 +1094,10 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation, * \retval #PSA_ERROR_INVALID_SIGNATURE * The hash of the message was calculated successfully, but it * differs from the expected hash. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active), or * the library has not been previously initialized by psa_crypto_init(). @@ -1120,10 +1124,10 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, * * \param[in,out] operation Initialized hash operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1146,11 +1150,11 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation); * \param[in,out] target_operation The operation object to set up. * It must be initialized but not active. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The \p source_operation state is not valid (it must be active), or * the \p target_operation state is not valid (it must be inactive), or @@ -1190,18 +1194,18 @@ psa_status_t psa_hash_clone(const psa_hash_operation_t *source_operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p mac_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE @@ -1233,16 +1237,16 @@ psa_status_t psa_mac_compute(mbedtls_svc_key_id_t key, * \retval #PSA_ERROR_INVALID_SIGNATURE * The MAC of the message was calculated successfully, but it * differs from the expected value. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE @@ -1338,16 +1342,16 @@ static psa_mac_operation_t psa_mac_operation_init(void); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE @@ -1400,16 +1404,16 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \c key is not compatible with \c alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a MAC algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The key could not be retrieved from storage. * \retval #PSA_ERROR_BAD_STATE @@ -1437,11 +1441,11 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active), or * the library has not been previously initialized by psa_crypto_init(). @@ -1485,11 +1489,11 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation, * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. You can determine a * sufficient buffer size by calling PSA_MAC_LENGTH(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active mac sign * operation), or the library has not been previously initialized @@ -1528,11 +1532,11 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation, * \retval #PSA_ERROR_INVALID_SIGNATURE * The MAC of the message was calculated successfully, but it * differs from the expected MAC. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active mac verify * operation), or the library has not been previously initialized @@ -1560,10 +1564,10 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation, * * \param[in,out] operation Initialized MAC operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1599,18 +1603,18 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1646,18 +1650,18 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_BUFFER_TOO_SMALL - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1753,17 +1757,17 @@ static psa_cipher_operation_t psa_cipher_operation_init(void); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive), or * the library has not been previously initialized by psa_crypto_init(). @@ -1816,17 +1820,17 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not a cipher algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive), or * the library has not been previously initialized by psa_crypto_init(). @@ -1859,11 +1863,11 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation, * Success. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p iv buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, with no IV set), * or the library has not been previously initialized @@ -1900,11 +1904,11 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active cipher * encrypt operation, with no IV set), or the library has not been @@ -1941,11 +1945,11 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation, * Success. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, with an IV set * if required for the algorithm), or the library has not been @@ -1993,11 +1997,11 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, * padding, and the ciphertext does not contain valid padding. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, with an IV set * if required for the algorithm), or the library has not been @@ -2026,10 +2030,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation, * * \param[in,out] operation Initialized cipher operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2082,23 +2086,23 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation); * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p ciphertext_size is too small. * #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\c key_type, \p alg, * \p plaintext_length) or * #PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(\p plaintext_length) can be used to * determine the required buffer size. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2153,25 +2157,25 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_INVALID_SIGNATURE * The ciphertext is not authentic. - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p plaintext_size is too small. * #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\c key_type, \p alg, * \p ciphertext_length) or * #PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(\p ciphertext_length) can be used * to determine the required buffer size. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2280,16 +2284,16 @@ static psa_aead_operation_t psa_aead_operation_init(void); * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive), or * the library has not been previously initialized by psa_crypto_init(). - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2344,17 +2348,17 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p key is not compatible with \p alg. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported or is not an AEAD algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive), or the * library has not been previously initialized by psa_crypto_init(). @@ -2388,11 +2392,11 @@ psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation, * Success. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p nonce buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active aead encrypt * operation, with no nonce set), or the library has not been @@ -2428,11 +2432,11 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, * Success. * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p nonce is not acceptable for the chosen algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, with no nonce * set), or the library has not been previously initialized @@ -2473,10 +2477,10 @@ psa_status_t psa_aead_set_nonce(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_ARGUMENT * At least one of the lengths is not acceptable for the chosen * algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, and * psa_aead_update_ad() and psa_aead_update() must not have been @@ -2520,11 +2524,11 @@ psa_status_t psa_aead_set_lengths(psa_aead_operation_t *operation, * \retval #PSA_ERROR_INVALID_ARGUMENT * The total input length overflows the additional data length that * was previously specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, have a nonce * set, have lengths set if required by the algorithm, and @@ -2605,11 +2609,11 @@ psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation, * specified with psa_aead_set_lengths(), or * the total input length overflows the plaintext length that * was previously specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, have a nonce * set, and have lengths set if required by the algorithm), or the @@ -2691,11 +2695,11 @@ psa_status_t psa_aead_update(psa_aead_operation_t *operation, * the total length of input to psa_aead_update() so far is * less than the plaintext length that was previously * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active encryption * operation with a nonce set), or the library has not been previously @@ -2774,11 +2778,11 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, * the total length of input to psa_aead_update() so far is * less than the plaintext length that was previously * specified with psa_aead_set_lengths(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active decryption * operation with a nonce set), or the library has not been previously @@ -2809,10 +2813,10 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation, * * \param[in,out] operation Initialized AEAD operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2858,8 +2862,8 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * \param[out] signature_length On success, the number of bytes that make up * the returned signature value. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag, * or it does not permit the requested algorithm. @@ -2869,16 +2873,16 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2914,23 +2918,23 @@ psa_status_t psa_sign_message(mbedtls_svc_key_id_t key, * \param[out] signature Buffer containing the signature to verify. * \param[in] signature_length Size of the \p signature buffer in bytes. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag, * or it does not permit the requested algorithm. * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed signature * is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -2967,23 +2971,23 @@ psa_status_t psa_verify_message(mbedtls_svc_key_id_t key, * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3023,18 +3027,18 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, * * \retval #PSA_SUCCESS * The signature is valid. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3076,23 +3080,23 @@ psa_status_t psa_verify_hash(mbedtls_svc_key_id_t key, * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3136,24 +3140,24 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_INVALID_PADDING \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3263,11 +3267,11 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void); * \c alg is not a key derivation algorithm. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive), or * the library has not been previously initialized by psa_crypto_init(). @@ -3287,10 +3291,10 @@ psa_status_t psa_key_derivation_setup( * \param[in] operation The operation to query. * \param[out] capacity On success, the capacity of the operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active), or * the library has not been previously initialized by psa_crypto_init(). @@ -3311,14 +3315,14 @@ psa_status_t psa_key_derivation_get_capacity( * It must be less or equal to the operation's * current capacity. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p capacity is larger than the operation's current capacity. * In this case, the operation object remains valid and its capacity * remains unchanged. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active), or the * library has not been previously initialized by psa_crypto_init(). @@ -3367,11 +3371,11 @@ psa_status_t psa_key_derivation_set_capacity( * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step is not compatible with the operation's algorithm, or * \c step does not allow direct inputs. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid for this input \p step, or * the library has not been previously initialized by psa_crypto_init(). @@ -3410,11 +3414,11 @@ psa_status_t psa_key_derivation_input_bytes( * \retval #PSA_ERROR_INVALID_ARGUMENT * \c step is not compatible with the operation's algorithm, or * \c step does not allow numeric inputs. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid for this input \p step, or * the library has not been previously initialized by psa_crypto_init(). @@ -3468,7 +3472,7 @@ psa_status_t psa_key_derivation_input_integer( * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The key allows neither #PSA_KEY_USAGE_DERIVE nor * #PSA_KEY_USAGE_VERIFY_DERIVATION, or it doesn't allow this @@ -3477,11 +3481,11 @@ psa_status_t psa_key_derivation_input_integer( * \c step is not compatible with the operation's algorithm, or * \c step does not allow key inputs of the given type * or does not allow key inputs at all. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid for this input \p step, or * the library has not been previously initialized by psa_crypto_init(). @@ -3536,8 +3540,8 @@ psa_status_t psa_key_derivation_input_key( * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \c private_key is not compatible with \c alg, * or \p peer_key is not valid for \c alg or not compatible with @@ -3545,11 +3549,11 @@ psa_status_t psa_key_derivation_input_key( * from a key agreement. * \retval #PSA_ERROR_NOT_SUPPORTED * \c alg is not supported or is not a key derivation algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid for this key agreement \p step, * or the library has not been previously initialized by psa_crypto_init(). @@ -3580,7 +3584,7 @@ psa_status_t psa_key_derivation_key_agreement( * \param[out] output Buffer where the output will be written. * \param output_length Number of bytes to output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * One of the inputs was a key whose policy didn't allow * #PSA_KEY_USAGE_DERIVE. @@ -3591,11 +3595,11 @@ psa_status_t psa_key_derivation_key_agreement( * The operation's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller output buffer. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps), or the library has not been previously @@ -3738,14 +3742,14 @@ psa_status_t psa_key_derivation_output_bytes( * #PSA_KEY_DERIVATION_INPUT_PASSWORD input was not provided through a * key; or one of the inputs was a key whose policy didn't allow * #PSA_KEY_USAGE_DERIVE. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps), or the library has not been previously @@ -3786,7 +3790,7 @@ psa_status_t psa_key_derivation_output_key( * \param output_length Length of the expected output; this is also the * number of bytes that will be read. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_SIGNATURE * The output was read successfully, but it differs from the expected * output. @@ -3799,11 +3803,11 @@ psa_status_t psa_key_derivation_output_key( * the operation's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller expected output. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps), or the library has not been previously @@ -3845,7 +3849,7 @@ psa_status_t psa_key_derivation_verify_bytes( * computed by a previous call to * psa_key_derivation_output_key(). * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_SIGNATURE * The output was read successfully, but if differs from the expected * output. @@ -3863,11 +3867,11 @@ psa_status_t psa_key_derivation_verify_bytes( * the operation's capacity is set to 0, thus * subsequent calls to this function will not * succeed, even with a smaller expected output. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active and completed * all required input steps), or the library has not been previously @@ -3893,10 +3897,10 @@ psa_status_t psa_key_derivation_verify_key( * * \param[in,out] operation The operation to abort. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3934,8 +3938,8 @@ psa_status_t psa_key_derivation_abort( * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a key agreement algorithm, or * \p private_key is not compatible with \p alg, @@ -3945,11 +3949,11 @@ psa_status_t psa_key_derivation_abort( * \p output_size is too small * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not a supported key agreement algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -3981,13 +3985,13 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * \param[out] output Output buffer for the generated data. * \param output_size Number of bytes to generate and output. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -4024,17 +4028,17 @@ psa_status_t psa_generate_random(uint8_t *output, * \retval #PSA_ERROR_ALREADY_EXISTS * This is an attempt to create a persistent key, and there is * already a persistent key with the given identifier. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -4045,6 +4049,631 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, /**@}*/ +/** \defgroup interruptible_hash Interruptible sign/verify hash + * @{ + */ + +/** The type of the state data structure for interruptible hash + * signing operations. + * + * Before calling any function on a sign hash operation object, the + * application must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_sign_hash_interruptible_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_sign_hash_interruptible_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer + * #PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT, for example: + * \code + * psa_sign_hash_interruptible_operation_t operation = + * PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT; + * \endcode + * - Assign the result of the function + * psa_sign_hash_interruptible_operation_init() to the structure, for + * example: + * \code + * psa_sign_hash_interruptible_operation_t operation; + * operation = psa_sign_hash_interruptible_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ +typedef struct psa_sign_hash_interruptible_operation_s psa_sign_hash_interruptible_operation_t; + +/** The type of the state data structure for interruptible hash + * verification operations. + * + * Before calling any function on a sign hash operation object, the + * application must initialize it by any of the following means: + * - Set the structure to all-bits-zero, for example: + * \code + * psa_verify_hash_interruptible_operation_t operation; + * memset(&operation, 0, sizeof(operation)); + * \endcode + * - Initialize the structure to logical zero values, for example: + * \code + * psa_verify_hash_interruptible_operation_t operation = {0}; + * \endcode + * - Initialize the structure to the initializer + * #PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT, for example: + * \code + * psa_verify_hash_interruptible_operation_t operation = + * PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT; + * \endcode + * - Assign the result of the function + * psa_verify_hash_interruptible_operation_init() to the structure, for + * example: + * \code + * psa_verify_hash_interruptible_operation_t operation; + * operation = psa_verify_hash_interruptible_operation_init(); + * \endcode + * + * This is an implementation-defined \c struct. Applications should not + * make any assumptions about the content of this structure. + * Implementation details can change in future versions without notice. */ +typedef struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interruptible_operation_t; + +/** + * \brief Set the maximum number of ops allowed to be + * executed by an interruptible function in a + * single call. + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \note The time taken to execute a single op is + * implementation specific and depends on + * software, hardware, the algorithm, key type and + * curve chosen. Even within a single operation, + * successive ops can take differing amounts of + * time. The only guarantee is that lower values + * for \p max_ops means functions will block for a + * lesser maximum amount of time. The functions + * \c psa_sign_interruptible_get_num_ops() and + * \c psa_verify_interruptible_get_num_ops() are + * provided to help with tuning this value. + * + * \note This value defaults to + * #PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED, which + * means the whole operation will be done in one + * go, regardless of the number of ops required. + * + * \note If more ops are needed to complete a + * computation, #PSA_OPERATION_INCOMPLETE will be + * returned by the function performing the + * computation. It is then the caller's + * responsibility to either call again with the + * same operation context until it returns 0 or an + * error code; or to call the relevant abort + * function if the answer is no longer required. + * + * \note The interpretation of \p max_ops is also + * implementation defined. On a hard real time + * system, this can indicate a hard deadline, as a + * real-time system needs a guarantee of not + * spending more than X time, however care must be + * taken in such an implementation to avoid the + * situation whereby calls just return, not being + * able to do any actual work within the allotted + * time. On a non-real-time system, the + * implementation can be more relaxed, but again + * whether this number should be interpreted as as + * hard or soft limit or even whether a less than + * or equals as regards to ops executed in a + * single call is implementation defined. + * + * \note For keys in local storage when no accelerator + * driver applies, please see also the + * documentation for \c mbedtls_ecp_set_max_ops(), + * which is the internal implementation in these + * cases. + * + * \warning With implementations that interpret this number + * as a hard limit, setting this number too small + * may result in an infinite loop, whereby each + * call results in immediate return with no ops + * done (as there is not enough time to execute + * any), and thus no result will ever be achieved. + * + * \note This only applies to functions whose + * documentation mentions they may return + * #PSA_OPERATION_INCOMPLETE. + * + * \param max_ops The maximum number of ops to be executed in a + * single call. This can be a number from 0 to + * #PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED, where 0 + * is the least amount of work done per call. + */ +void psa_interruptible_set_max_ops(uint32_t max_ops); + +/** + * \brief Get the maximum number of ops allowed to be + * executed by an interruptible function in a + * single call. This will return the last + * value set by + * \c psa_interruptible_set_max_ops() or + * #PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED if + * that function has never been called. + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \return Maximum number of ops allowed to be + * executed by an interruptible function in a + * single call. + */ +uint32_t psa_interruptible_get_max_ops(void); + +/** + * \brief Get the number of ops that a hash signing + * operation has taken so far. If the operation + * has completed, then this will represent the + * number of ops required for the entire + * operation. After initialization or calling + * \c psa_sign_hash_interruptible_abort() on + * the operation, a value of 0 will be returned. + * + * \note This interface is guaranteed re-entrant and + * thus may be called from driver code. + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * This is a helper provided to help you tune the + * value passed to \c + * psa_interruptible_set_max_ops(). + * + * \param operation The \c psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \return Number of ops that the operation has taken so + * far. + */ +uint32_t psa_sign_hash_get_num_ops( + const psa_sign_hash_interruptible_operation_t *operation); + +/** + * \brief Get the number of ops that a hash verification + * operation has taken so far. If the operation + * has completed, then this will represent the + * number of ops required for the entire + * operation. After initialization or calling \c + * psa_verify_hash_interruptible_abort() on the + * operation, a value of 0 will be returned. + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * This is a helper provided to help you tune the + * value passed to \c + * psa_interruptible_set_max_ops(). + * + * \param operation The \c + * psa_verify_hash_interruptible_operation_t to + * use. This must be initialized first. + * + * \return Number of ops that the operation has taken so + * far. + */ +uint32_t psa_verify_hash_get_num_ops( + const psa_verify_hash_interruptible_operation_t *operation); + +/** + * \brief Start signing a hash or short message with a + * private key, in an interruptible manner. + * + * \see \c psa_sign_hash_complete() + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \note This function combined with \c + * psa_sign_hash_complete() is equivalent to + * \c psa_sign_hash() but + * \c psa_sign_hash_complete() can return early and + * resume according to the limit set with \c + * psa_interruptible_set_max_ops() to reduce the + * maximum time spent in a function call. + * + * \note Users should call \c psa_sign_hash_complete() + * repeatedly on the same context after a + * successful call to this function until \c + * psa_sign_hash_complete() either returns 0 or an + * error. \c psa_sign_hash_complete() will return + * #PSA_OPERATION_INCOMPLETE if there is more work + * to do. Alternatively users can call + * \c psa_sign_hash_abort() at any point if they no + * longer want the result. + * + * \note If this function returns an error status, the + * operation enters an error state and must be + * aborted by calling \c psa_sign_hash_abort(). + * + * \param[in, out] operation The \c psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \param key Identifier of the key to use for the operation. + * It must be an asymmetric key pair. The key must + * allow the usage #PSA_KEY_USAGE_SIGN_HASH. + * \param alg A signature algorithm (\c PSA_ALG_XXX + * value such that #PSA_ALG_IS_SIGN_HASH(\p alg) + * is true), that is compatible with + * the type of \p key. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The operation started successfully - call \c psa_sign_hash_complete() + * with the same context to complete the operation + * + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_SIGN_HASH flag, or it does + * not permit the requested algorithm. + * \retval #PSA_ERROR_BAD_STATE + * An operation has previously been started on this context, and is + * still in progress. + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_sign_hash_start( + psa_sign_hash_interruptible_operation_t *operation, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length); + +/** + * \brief Continue and eventually complete the action of + * signing a hash or short message with a private + * key, in an interruptible manner. + * + * \see \c psa_sign_hash_start() + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \note This function combined with \c + * psa_sign_hash_start() is equivalent to + * \c psa_sign_hash() but this function can return + * early and resume according to the limit set with + * \c psa_interruptible_set_max_ops() to reduce the + * maximum time spent in a function call. + * + * \note Users should call this function on the same + * operation object repeatedly until it either + * returns 0 or an error. This function will return + * #PSA_OPERATION_INCOMPLETE if there is more work + * to do. Alternatively users can call + * \c psa_sign_hash_abort() at any point if they no + * longer want the result. + * + * \note When this function returns successfully, the + * operation becomes inactive. If this function + * returns an error status, the operation enters an + * error state and must be aborted by calling + * \c psa_sign_hash_abort(). + * + * \param[in, out] operation The \c psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first, and have + * had \c psa_sign_hash_start() called with it + * first. + * + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. This + * must be appropriate for the selected + * algorithm and key: + * - The required signature size is + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c + * key_bits, \c alg) where \c key_type and \c + * key_bits are the type and bit-size + * respectively of key. + * - #PSA_SIGNATURE_MAX_SIZE evaluates to the + * maximum signature size of any supported + * signature algorithm. + * \param[out] signature_length On success, the number of bytes that make up + * the returned signature value. + * + * \retval #PSA_SUCCESS + * Operation completed successfully + * + * \retval #PSA_OPERATION_INCOMPLETE + * Operation was interrupted due to the setting of \c + * psa_interruptible_set_max_ops(). There is still work to be done. + * Call this function again with the same operation object. + * + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \c alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \c key. + * + * \retval #PSA_ERROR_BAD_STATE + * An operation was not previously started on this context via + * \c psa_sign_hash_start(). + * + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has either not been previously initialized by + * psa_crypto_init() or you did not previously call + * psa_sign_hash_start() with this operation object. It is + * implementation-dependent whether a failure to initialize results in + * this error code. + */ +psa_status_t psa_sign_hash_complete( + psa_sign_hash_interruptible_operation_t *operation, + uint8_t *signature, size_t signature_size, + size_t *signature_length); + +/** + * \brief Abort a sign hash operation. + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \note This function is the only function that clears + * the number of ops completed as part of the + * operation. Please ensure you copy this value via + * \c psa_sign_hash_get_num_ops() if required + * before calling. + * + * \note Aborting an operation frees all associated + * resources except for the \p operation structure + * itself. Once aborted, the operation object can + * be reused for another operation by calling \c + * psa_sign_hash_start() again. + * + * \note You may call this function any time after the + * operation object has been initialized. In + * particular, calling \c psa_sign_hash_abort() + * after the operation has already been terminated + * by a call to \c psa_sign_hash_abort() or + * psa_sign_hash_complete() is safe. + * + * \param[in,out] operation Initialized sign hash operation. + * + * \retval #PSA_SUCCESS + * The operation was aborted successfully. + * + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_sign_hash_abort( + psa_sign_hash_interruptible_operation_t *operation); + +/** + * \brief Start reading and verifying a hash or short + * message, in an interruptible manner. + * + * \see \c psa_verify_hash_complete() + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \note This function combined with \c + * psa_verify_hash_complete() is equivalent to + * \c psa_verify_hash() but \c + * psa_verify_hash_complete() can return early and + * resume according to the limit set with \c + * psa_interruptible_set_max_ops() to reduce the + * maximum time spent in a function. + * + * \note Users should call \c psa_verify_hash_complete() + * repeatedly on the same operation object after a + * successful call to this function until \c + * psa_verify_hash_complete() either returns 0 or + * an error. \c psa_verify_hash_complete() will + * return #PSA_OPERATION_INCOMPLETE if there is + * more work to do. Alternatively users can call + * \c psa_verify_hash_abort() at any point if they + * no longer want the result. + * + * \note If this function returns an error status, the + * operation enters an error state and must be + * aborted by calling \c psa_verify_hash_abort(). + * + * \param[in, out] operation The \c psa_verify_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \param key Identifier of the key to use for the operation. + * The key must allow the usage + * #PSA_KEY_USAGE_VERIFY_HASH. + * \param alg A signature algorithm (\c PSA_ALG_XXX + * value such that #PSA_ALG_IS_SIGN_HASH(\p alg) + * is true), that is compatible with + * the type of \p key. + * \param[in] hash The hash whose signature is to be verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The operation started successfully - please call \c + * psa_verify_hash_complete() with the same context to complete the + * operation. + * + * \retval #PSA_ERROR_BAD_STATE + * Another operation has already been started on this context, and is + * still in progress. + * + * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_VERIFY_HASH flag, or it does + * not permit the requested algorithm. + * + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_verify_hash_start( + psa_verify_hash_interruptible_operation_t *operation, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length); + +/** + * \brief Continue and eventually complete the action of + * reading and verifying a hash or short message + * signed with a private key, in an interruptible + * manner. + * + * \see \c psa_verify_hash_start() + * + * \warning This is a beta API, and thus subject to change + * at any point. It is not bound by the usual + * interface stability promises. + * + * \note This function combined with \c + * psa_verify_hash_start() is equivalent to + * \c psa_verify_hash() but this function can + * return early and resume according to the limit + * set with \c psa_interruptible_set_max_ops() to + * reduce the maximum time spent in a function + * call. + * + * \note Users should call this function on the same + * operation object repeatedly until it either + * returns 0 or an error. This function will return + * #PSA_OPERATION_INCOMPLETE if there is more work + * to do. Alternatively users can call + * \c psa_verify_hash_abort() at any point if they + * no longer want the result. + * + * \note When this function returns successfully, the + * operation becomes inactive. If this function + * returns an error status, the operation enters an + * error state and must be aborted by calling + * \c psa_verify_hash_abort(). + * + * \param[in, out] operation The \c psa_verify_hash_interruptible_operation_t + * to use. This must be initialized first, and have + * had \c psa_verify_hash_start() called with it + * first. + * + * \retval #PSA_SUCCESS + * Operation completed successfully, and the passed signature is valid. + * + * \retval #PSA_OPERATION_INCOMPLETE + * Operation was interrupted due to the setting of \c + * psa_interruptible_set_max_ops(). There is still work to be done. + * Call this function again with the same operation object. + * + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was performed successfully, but the passed + * signature is not a valid signature. + * \retval #PSA_ERROR_BAD_STATE + * An operation was not previously started on this context via + * \c psa_verify_hash_start(). + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has either not been previously initialized by + * psa_crypto_init() or you did not previously call + * psa_verify_hash_start() on this object. It is + * implementation-dependent whether a failure to initialize results in + * this error code. + */ +psa_status_t psa_verify_hash_complete( + psa_verify_hash_interruptible_operation_t *operation); + +/** + * \brief Abort a verify hash operation. + * + * \warning This is a beta API, and thus subject to change at + * any point. It is not bound by the usual interface + * stability promises. + * + * \note This function is the only function that clears the + * number of ops completed as part of the operation. + * Please ensure you copy this value via + * \c psa_verify_hash_get_num_ops() if required + * before calling. + * + * \note Aborting an operation frees all associated + * resources except for the operation structure + * itself. Once aborted, the operation object can be + * reused for another operation by calling \c + * psa_verify_hash_start() again. + * + * \note You may call this function any time after the + * operation object has been initialized. + * In particular, calling \c psa_verify_hash_abort() + * after the operation has already been terminated by + * a call to \c psa_verify_hash_abort() or + * psa_verify_hash_complete() is safe. + * + * \param[in,out] operation Initialized verify hash operation. + * + * \retval #PSA_SUCCESS + * The operation was aborted successfully. + * + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_verify_hash_abort( + psa_verify_hash_interruptible_operation_t *operation); + + +/**@}*/ + #ifdef __cplusplus } #endif @@ -4055,7 +4684,11 @@ psa_status_t psa_generate_key(const psa_key_attributes_t *attributes, /* The file "crypto_struct.h" contains definitions for * implementation-specific structs that are declared above. */ +#if defined(MBEDTLS_PSA_CRYPTO_STRUCT_FILE) +#include MBEDTLS_PSA_CRYPTO_STRUCT_FILE +#else #include "crypto_struct.h" +#endif /* The file "crypto_extra.h" contains vendor-specific definitions. This * can include vendor-defined algorithms, extra functions, etc. */ diff --git a/include/psa/crypto_adjust_auto_enabled.h b/include/psa/crypto_adjust_auto_enabled.h new file mode 100644 index 000000000..5e18298c6 --- /dev/null +++ b/include/psa/crypto_adjust_auto_enabled.h @@ -0,0 +1,33 @@ +/** + * \file psa/crypto_adjust_auto_enabled.h + * \brief Adjust PSA configuration: enable always-on features + * + * Always enable certain features which require a negligible amount of code + * to implement, to avoid some edge cases in the configuration combinatorics. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H +#define PSA_CRYPTO_ADJUST_AUTO_ENABLED_H + +#define PSA_WANT_KEY_TYPE_DERIVE 1 +#define PSA_WANT_KEY_TYPE_PASSWORD 1 +#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 +#define PSA_WANT_KEY_TYPE_RAW_DATA 1 + +#endif /* PSA_CRYPTO_ADJUST_AUTO_ENABLED_H */ diff --git a/include/psa/crypto_adjust_config_key_pair_types.h b/include/psa/crypto_adjust_config_key_pair_types.h new file mode 100644 index 000000000..7736e752d --- /dev/null +++ b/include/psa/crypto_adjust_config_key_pair_types.h @@ -0,0 +1,103 @@ +/** + * \file psa/crypto_adjust_config_key_pair_types.h + * \brief Adjust PSA configuration for key pair types. + * + * See docs/proposed/psa-conditional-inclusion-c.md. + * - Support non-basic operations in a keypair type implicitly enables basic + * support for that keypair type. + * - Support for a keypair type implicitly enables the corresponding public + * key type. + * - Basic support for a keypair type implicilty enables import/export support + * for that keypair type. Warning: this is implementation-specific (mainly + * for the benefit of testing) and may change in the future! + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H +#define PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H + +/***************************************************************** + * ANYTHING -> BASIC + ****************************************************************/ + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#endif + +/***************************************************************** + * BASIC -> corresponding PUBLIC + ****************************************************************/ + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1 +#endif + +/***************************************************************** + * BASIC -> IMPORT+EXPORT + * + * (Implementation-specific, may change in the future.) + ****************************************************************/ + +/* Even though KEY_PAIR symbols' feature several level of support (BASIC, IMPORT, + * EXPORT, GENERATE, DERIVE) we're not planning to have support only for BASIC + * without IMPORT/EXPORT since these last 2 features are strongly used in tests. + * In general it is allowed to include more feature than what is strictly + * requested. + * As a consequence IMPORT and EXPORT features will be automatically enabled + * as soon as the BASIC one is. */ +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#endif + +#endif /* PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H */ diff --git a/include/psa/crypto_adjust_config_synonyms.h b/include/psa/crypto_adjust_config_synonyms.h new file mode 100644 index 000000000..5142ef0ae --- /dev/null +++ b/include/psa/crypto_adjust_config_synonyms.h @@ -0,0 +1,57 @@ +/** + * \file psa/crypto_adjust_config_synonyms.h + * \brief Adjust PSA configuration: enable quasi-synonyms + * + * When two features require almost the same code, we automatically enable + * both when either one is requested, to reduce the combinatorics of + * possible configurations. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H +#define PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H + +/****************************************************************/ +/* De facto synonyms */ +/****************************************************************/ + +#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA) +#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY +#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA) +#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA +#endif + +#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && !defined(PSA_WANT_ALG_CCM) +#define PSA_WANT_ALG_CCM PSA_WANT_ALG_CCM_STAR_NO_TAG +#elif !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && defined(PSA_WANT_ALG_CCM) +#define PSA_WANT_ALG_CCM_STAR_NO_TAG PSA_WANT_ALG_CCM +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW +#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN +#endif + +#if defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && !defined(PSA_WANT_ALG_RSA_PSS) +#define PSA_WANT_ALG_RSA_PSS PSA_WANT_ALG_RSA_PSS_ANY_SALT +#elif !defined(PSA_WANT_ALG_RSA_PSS_ANY_SALT) && defined(PSA_WANT_ALG_RSA_PSS) +#define PSA_WANT_ALG_RSA_PSS_ANY_SALT PSA_WANT_ALG_RSA_PSS +#endif + +#endif /* PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H */ diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index b7f0b1162..d9473ac00 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -7,10 +7,10 @@ * \note This file may not be included directly. Applications must * include psa/crypto.h. * - * \note This header and its content is not part of the Mbed TLS API and + * \note This header and its content are not part of the Mbed TLS API and * applications must not depend on it. Its main purpose is to define the * multi-part state objects of the Mbed TLS software-based PSA drivers. The - * definition of these objects are then used by crypto_struct.h to define the + * definitions of these objects are then used by crypto_struct.h to define the * implementation-defined types of PSA multi-part state objects. */ /* @@ -36,6 +36,11 @@ #include +#include "mbedtls/cmac.h" +#include "mbedtls/gcm.h" +#include "mbedtls/ccm.h" +#include "mbedtls/chachapoly.h" + /* * MAC multi-part operation definitions. */ @@ -57,8 +62,6 @@ typedef struct { #define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } } #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */ -#include "mbedtls/cmac.h" - typedef struct { psa_algorithm_t MBEDTLS_PRIVATE(alg); union { @@ -107,4 +110,113 @@ typedef struct { #define MBEDTLS_PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, { 0 } } +#include "mbedtls/ecdsa.h" + +/* Context structure for the Mbed TLS interruptible sign hash implementation. */ +typedef struct { +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + mbedtls_ecdsa_context *MBEDTLS_PRIVATE(ctx); + mbedtls_ecdsa_restart_ctx MBEDTLS_PRIVATE(restart_ctx); + + uint32_t MBEDTLS_PRIVATE(num_ops); + + size_t MBEDTLS_PRIVATE(coordinate_bytes); + psa_algorithm_t MBEDTLS_PRIVATE(alg); + mbedtls_md_type_t MBEDTLS_PRIVATE(md_alg); + uint8_t MBEDTLS_PRIVATE(hash)[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; + size_t MBEDTLS_PRIVATE(hash_length); + +#else + /* Make the struct non-empty if algs not supported. */ + unsigned MBEDTLS_PRIVATE(dummy); + +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} mbedtls_psa_sign_hash_interruptible_operation_t; + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { { 0 }, { 0 }, 0, 0, 0, 0, 0, 0 } +#else +#define MBEDTLS_PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 } +#endif + +/* Context structure for the Mbed TLS interruptible verify hash + * implementation.*/ +typedef struct { +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + mbedtls_ecdsa_context *MBEDTLS_PRIVATE(ctx); + mbedtls_ecdsa_restart_ctx MBEDTLS_PRIVATE(restart_ctx); + + uint32_t MBEDTLS_PRIVATE(num_ops); + + uint8_t MBEDTLS_PRIVATE(hash)[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; + size_t MBEDTLS_PRIVATE(hash_length); + + mbedtls_mpi MBEDTLS_PRIVATE(r); + mbedtls_mpi MBEDTLS_PRIVATE(s); + +#else + /* Make the struct non-empty if algs not supported. */ + unsigned MBEDTLS_PRIVATE(dummy); + +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ + +} mbedtls_psa_verify_hash_interruptible_operation_t; + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) +#define MBEDTLS_VERIFY_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { { 0 }, { 0 }, 0, 0, 0, 0, { 0 }, \ + { 0 } } +#else +#define MBEDTLS_VERIFY_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 } +#endif + + +/* EC-JPAKE operation definitions */ + +#include "mbedtls/ecjpake.h" + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) +#define MBEDTLS_PSA_BUILTIN_PAKE 1 +#endif + +/* Note: the format for mbedtls_ecjpake_read/write function has an extra + * length byte for each step, plus an extra 3 bytes for ECParameters in the + * server's 2nd round. */ +#define MBEDTLS_PSA_JPAKE_BUFFER_SIZE ((3 + 1 + 65 + 1 + 65 + 1 + 32) * 2) + +typedef struct { + psa_algorithm_t MBEDTLS_PRIVATE(alg); + + uint8_t *MBEDTLS_PRIVATE(password); + size_t MBEDTLS_PRIVATE(password_len); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) + mbedtls_ecjpake_role MBEDTLS_PRIVATE(role); + uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_JPAKE_BUFFER_SIZE]); + size_t MBEDTLS_PRIVATE(buffer_length); + size_t MBEDTLS_PRIVATE(buffer_offset); +#endif + /* Context structure for the Mbed TLS EC-JPAKE implementation. */ + union { + unsigned int MBEDTLS_PRIVATE(dummy); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) + mbedtls_ecjpake_context MBEDTLS_PRIVATE(jpake); +#endif + } MBEDTLS_PRIVATE(ctx); + +} mbedtls_psa_pake_operation_t; + +#define MBEDTLS_PSA_PAKE_OPERATION_INIT { { 0 } } + #endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */ diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h new file mode 100644 index 000000000..8a2143a7e --- /dev/null +++ b/include/psa/crypto_builtin_key_derivation.h @@ -0,0 +1,130 @@ +/* + * Context structure declaration of the Mbed TLS software-based PSA drivers + * called through the PSA Crypto driver dispatch layer. + * This file contains the context structures of key derivation algorithms + * which need to rely on other algorithms. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * \note This header and its content are not part of the Mbed TLS API and + * applications must not depend on it. Its main purpose is to define the + * multi-part state objects of the Mbed TLS software-based PSA drivers. The + * definitions of these objects are then used by crypto_struct.h to define the + * implementation-defined types of PSA multi-part state objects. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H +#define PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H +#include "mbedtls/private_access.h" + +#include + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) +typedef struct { + uint8_t *MBEDTLS_PRIVATE(info); + size_t MBEDTLS_PRIVATE(info_length); +#if PSA_HASH_MAX_SIZE > 0xff +#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" +#endif + uint8_t MBEDTLS_PRIVATE(offset_in_block); + uint8_t MBEDTLS_PRIVATE(block_number); + unsigned int MBEDTLS_PRIVATE(state) : 2; + unsigned int MBEDTLS_PRIVATE(info_set) : 1; + uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; + uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE]; + struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac); +} psa_hkdf_key_derivation_t; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF || + MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT || + MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) +typedef struct { + uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE]; +} psa_tls12_ecjpake_to_pms_t; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) +typedef enum { + PSA_TLS12_PRF_STATE_INIT, /* no input provided */ + PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */ + PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */ + PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */ + PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */ + PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */ +} psa_tls12_prf_key_derivation_state_t; + +typedef struct psa_tls12_prf_key_derivation_s { +#if PSA_HASH_MAX_SIZE > 0xff +#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" +#endif + + /* Indicates how many bytes in the current HMAC block have + * not yet been read by the user. */ + uint8_t MBEDTLS_PRIVATE(left_in_block); + + /* The 1-based number of the block. */ + uint8_t MBEDTLS_PRIVATE(block_number); + + psa_tls12_prf_key_derivation_state_t MBEDTLS_PRIVATE(state); + + uint8_t *MBEDTLS_PRIVATE(secret); + size_t MBEDTLS_PRIVATE(secret_length); + uint8_t *MBEDTLS_PRIVATE(seed); + size_t MBEDTLS_PRIVATE(seed_length); + uint8_t *MBEDTLS_PRIVATE(label); + size_t MBEDTLS_PRIVATE(label_length); +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) + uint8_t *MBEDTLS_PRIVATE(other_secret); + size_t MBEDTLS_PRIVATE(other_secret_length); +#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ + + uint8_t MBEDTLS_PRIVATE(Ai)[PSA_HASH_MAX_SIZE]; + + /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */ + uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; +} psa_tls12_prf_key_derivation_t; +#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || + * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ +#if defined(PSA_HAVE_SOFT_PBKDF2) +typedef enum { + PSA_PBKDF2_STATE_INIT, /* no input provided */ + PSA_PBKDF2_STATE_INPUT_COST_SET, /* input cost has been set */ + PSA_PBKDF2_STATE_SALT_SET, /* salt has been set */ + PSA_PBKDF2_STATE_PASSWORD_SET, /* password has been set */ + PSA_PBKDF2_STATE_OUTPUT /* output has been started */ +} psa_pbkdf2_key_derivation_state_t; + +typedef struct { + psa_pbkdf2_key_derivation_state_t MBEDTLS_PRIVATE(state); + uint64_t MBEDTLS_PRIVATE(input_cost); + uint8_t *MBEDTLS_PRIVATE(salt); + size_t MBEDTLS_PRIVATE(salt_length); + uint8_t MBEDTLS_PRIVATE(password)[PSA_HMAC_MAX_HASH_BLOCK_SIZE]; + size_t MBEDTLS_PRIVATE(password_length); + uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; + uint8_t MBEDTLS_PRIVATE(bytes_used); + uint32_t MBEDTLS_PRIVATE(block_number); +} psa_pbkdf2_key_derivation_t; +#endif /* PSA_HAVE_SOFT_PBKDF2 */ + +#endif /* PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H */ diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index c76bc7814..d3e069223 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -7,10 +7,10 @@ * \note This file may not be included directly. Applications must * include psa/crypto.h. * - * \note This header and its content is not part of the Mbed TLS API and + * \note This header and its content are not part of the Mbed TLS API and * applications must not depend on it. Its main purpose is to define the * multi-part state objects of the Mbed TLS software-based PSA drivers. The - * definition of these objects are then used by crypto_struct.h to define the + * definitions of these objects are then used by crypto_struct.h to define the * implementation-defined types of PSA multi-part state objects. */ /* @@ -45,6 +45,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/sha3.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \ @@ -52,7 +53,11 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) #define MBEDTLS_PSA_BUILTIN_HASH #endif @@ -76,6 +81,12 @@ typedef struct { #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) mbedtls_sha512_context sha512; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + mbedtls_sha3_context sha3; #endif } MBEDTLS_PRIVATE(ctx); } mbedtls_psa_hash_operation_t; @@ -94,7 +105,8 @@ typedef struct { defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG) #define MBEDTLS_PSA_BUILTIN_CIPHER 1 #endif diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 97e65848c..70fa14e87 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -5,7 +5,7 @@ * * This header declares alternative names for macro and functions. * New application code should not use these names. - * These names may be removed in a future version of Mbed Crypto. + * These names may be removed in a future version of Mbed TLS. * * \note This file may not be included directly. Applications must * include psa/crypto.h. @@ -105,11 +105,11 @@ static inline int psa_key_handle_is_null(psa_key_handle_t handle) * permission to access it. Note that this specification does not * define any way to create such a key, but it may be possible * through implementation-specific means. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -149,8 +149,8 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key, * \p handle was a valid handle or \c 0. It is now closed. * \retval #PSA_ERROR_INVALID_HANDLE * \p handle is not a valid handle nor \c 0. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 5ab4fdef3..d34cbf339 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -57,6 +57,7 @@ #define PSA_WANT_ALG_CBC_NO_PADDING 1 #define PSA_WANT_ALG_CBC_PKCS7 1 #define PSA_WANT_ALG_CCM 1 +#define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 #define PSA_WANT_ALG_CMAC 1 #define PSA_WANT_ALG_CFB 1 #define PSA_WANT_ALG_CHACHA20_POLY1305 1 @@ -64,6 +65,7 @@ #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 #define PSA_WANT_ALG_ECB_NO_PADDING 1 #define PSA_WANT_ALG_ECDH 1 +#define PSA_WANT_ALG_FFDH 1 #define PSA_WANT_ALG_ECDSA 1 #define PSA_WANT_ALG_JPAKE 1 #define PSA_WANT_ALG_GCM 1 @@ -73,9 +75,8 @@ #define PSA_WANT_ALG_HMAC 1 #define PSA_WANT_ALG_MD5 1 #define PSA_WANT_ALG_OFB 1 -/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. - * Note: when adding support, also adjust include/mbedtls/config_psa.h */ -//#define PSA_WANT_ALG_PBKDF2_HMAC 1 +#define PSA_WANT_ALG_PBKDF2_HMAC 1 +#define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 1 #define PSA_WANT_ALG_RIPEMD160 1 #define PSA_WANT_ALG_RSA_OAEP 1 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 @@ -86,12 +87,16 @@ #define PSA_WANT_ALG_SHA_256 1 #define PSA_WANT_ALG_SHA_384 1 #define PSA_WANT_ALG_SHA_512 1 +#define PSA_WANT_ALG_SHA3_224 1 +#define PSA_WANT_ALG_SHA3_256 1 +#define PSA_WANT_ALG_SHA3_384 1 +#define PSA_WANT_ALG_SHA3_512 1 #define PSA_WANT_ALG_STREAM_CIPHER 1 #define PSA_WANT_ALG_TLS12_PRF 1 #define PSA_WANT_ALG_TLS12_PSK_TO_MS 1 #define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS 1 -/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS. +/* XTS is not yet supported via the PSA API in Mbed TLS. * Note: when adding support, also adjust include/mbedtls/config_psa.h */ //#define PSA_WANT_ALG_XTS 1 @@ -110,21 +115,51 @@ #define PSA_WANT_ECC_SECP_K1_256 1 #define PSA_WANT_ECC_SECP_R1_192 1 #define PSA_WANT_ECC_SECP_R1_224 1 +/* For secp256r1, consider enabling #MBEDTLS_PSA_P256M_DRIVER_ENABLED + * (see the description in mbedtls/mbedtls_config.h for details). */ #define PSA_WANT_ECC_SECP_R1_256 1 #define PSA_WANT_ECC_SECP_R1_384 1 #define PSA_WANT_ECC_SECP_R1_521 1 #define PSA_WANT_KEY_TYPE_DERIVE 1 +#define PSA_WANT_KEY_TYPE_PASSWORD 1 +#define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 #define PSA_WANT_KEY_TYPE_HMAC 1 #define PSA_WANT_KEY_TYPE_AES 1 #define PSA_WANT_KEY_TYPE_ARIA 1 #define PSA_WANT_KEY_TYPE_CAMELLIA 1 #define PSA_WANT_KEY_TYPE_CHACHA20 1 #define PSA_WANT_KEY_TYPE_DES 1 -#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 +//#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 /* Deprecated */ #define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1 #define PSA_WANT_KEY_TYPE_RAW_DATA 1 -#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 /* Deprecated */ #define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 +/* + * The following symbols extend and deprecate the legacy + * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR ones. They include the usage of that key in + * the name's suffix. "_USE" is the most generic and it can be used to describe + * a generic suport, whereas other ones add more features on top of that and + * they are more specific. + */ +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 + +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */ + +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 /* Not supported */ + #endif /* PSA_CRYPTO_CONFIG_H */ diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index bcd000e70..d0188647f 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -9,10 +9,10 @@ * \note This file may not be included directly. Applications must * include psa/crypto.h. * - * \note This header and its content is not part of the Mbed TLS API and + * \note This header and its content are not part of the Mbed TLS API and * applications must not depend on it. Its main purpose is to define the * multi-part state objects of the PSA drivers included in the cryptographic - * library. The definition of these objects are then used by crypto_struct.h + * library. The definitions of these objects are then used by crypto_struct.h * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors @@ -88,6 +88,32 @@ typedef mbedtls_psa_aead_operation_t #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD */ +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + +typedef libtestdriver1_mbedtls_psa_pake_operation_t + mbedtls_transparent_test_driver_pake_operation_t; +typedef libtestdriver1_mbedtls_psa_pake_operation_t + mbedtls_opaque_test_driver_pake_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_PAKE_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_PAKE_OPERATION_INIT +#define MBEDTLS_OPAQUE_TEST_DRIVER_PAKE_OPERATION_INIT \ + LIBTESTDRIVER1_MBEDTLS_PSA_PAKE_OPERATION_INIT + +#else +typedef mbedtls_psa_pake_operation_t + mbedtls_transparent_test_driver_pake_operation_t; +typedef mbedtls_psa_pake_operation_t + mbedtls_opaque_test_driver_pake_operation_t; + +#define MBEDTLS_TRANSPARENT_TEST_DRIVER_PAKE_OPERATION_INIT \ + MBEDTLS_PSA_PAKE_OPERATION_INIT +#define MBEDTLS_OPAQUE_TEST_DRIVER_PAKE_OPERATION_INIT \ + MBEDTLS_PSA_PAKE_OPERATION_INIT + +#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE */ + #endif /* PSA_CRYPTO_DRIVER_TEST */ /* Define the context to be used for an operation that is executed through the @@ -95,7 +121,7 @@ typedef mbedtls_psa_aead_operation_t * * The union members are the driver's context structures, and the member names * are formatted as `'drivername'_ctx`. This allows for procedural generation - * of both this file and the content of psa_crypto_driver_wrappers.c */ + * of both this file and the content of psa_crypto_driver_wrappers.h */ typedef union { unsigned dummy; /* Make sure this union is always non-empty */ @@ -114,5 +140,24 @@ typedef union { #endif } psa_driver_aead_context_t; +typedef union { + unsigned dummy; /* Make sure this union is always non-empty */ + mbedtls_psa_sign_hash_interruptible_operation_t mbedtls_ctx; +} psa_driver_sign_hash_interruptible_context_t; + +typedef union { + unsigned dummy; /* Make sure this union is always non-empty */ + mbedtls_psa_verify_hash_interruptible_operation_t mbedtls_ctx; +} psa_driver_verify_hash_interruptible_context_t; + +typedef union { + unsigned dummy; /* Make sure this union is always non-empty */ + mbedtls_psa_pake_operation_t mbedtls_ctx; +#if defined(PSA_CRYPTO_DRIVER_TEST) + mbedtls_transparent_test_driver_pake_operation_t transparent_test_driver_ctx; + mbedtls_opaque_test_driver_pake_operation_t opaque_test_driver_ctx; +#endif +} psa_driver_pake_context_t; + #endif /* PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H */ /* End of automatically generated file. */ diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h new file mode 100644 index 000000000..3fb29ff7f --- /dev/null +++ b/include/psa/crypto_driver_contexts_key_derivation.h @@ -0,0 +1,64 @@ +/* + * Declaration of context structures for use with the PSA driver wrapper + * interface. This file contains the context structures for key derivation + * operations. + * + * Warning: This file will be auto-generated in the future. + * + * \note This file may not be included directly. Applications must + * include psa/crypto.h. + * + * \note This header and its content are not part of the Mbed TLS API and + * applications must not depend on it. Its main purpose is to define the + * multi-part state objects of the PSA drivers included in the cryptographic + * library. The definitions of these objects are then used by crypto_struct.h + * to define the implementation-defined types of PSA multi-part state objects. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H +#define PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H + +#include "psa/crypto_driver_common.h" + +/* Include the context structure definitions for the Mbed TLS software drivers */ +#include "psa/crypto_builtin_key_derivation.h" + +/* Include the context structure definitions for those drivers that were + * declared during the autogeneration process. */ + +typedef union { + unsigned dummy; /* Make sure this union is always non-empty */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) + psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf); +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) + psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf); +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) + psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms); +#endif +#if defined(PSA_HAVE_SOFT_PBKDF2) + psa_pbkdf2_key_derivation_t MBEDTLS_PRIVATE(pbkdf2); +#endif +} psa_driver_key_derivation_context_t; + +#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H */ +/* End of automatically generated file. */ diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index 620a4b3a7..b27a768e8 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -8,10 +8,10 @@ * \note This file may not be included directly. Applications must * include psa/crypto.h. * - * \note This header and its content is not part of the Mbed TLS API and + * \note This header and its content are not part of the Mbed TLS API and * applications must not depend on it. Its main purpose is to define the * multi-part state objects of the PSA drivers included in the cryptographic - * library. The definition of these objects are then used by crypto_struct.h + * library. The definitions of these objects are then used by crypto_struct.h * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors @@ -94,7 +94,7 @@ typedef struct { * * The union members are the driver's context structures, and the member names * are formatted as `'drivername'_ctx`. This allows for procedural generation - * of both this file and the content of psa_crypto_driver_wrappers.c */ + * of both this file and the content of psa_crypto_driver_wrappers.h */ typedef union { unsigned dummy; /* Make sure this union is always non-empty */ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index bd1b5af56..4b0cc7041 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -29,8 +29,6 @@ #define PSA_CRYPTO_EXTRA_H #include "mbedtls/private_access.h" -#include "mbedtls/platform_util.h" - #include "crypto_types.h" #include "crypto_compat.h" @@ -108,7 +106,7 @@ static inline psa_algorithm_t psa_get_key_enrollment_algorithm( * indicates the slot number that contains it. * \retval #PSA_ERROR_NOT_PERMITTED * The caller is not permitted to query the slot number. - * Mbed Crypto currently does not return this error. + * Mbed TLS currently does not return this error. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key is not located in a secure element. */ @@ -189,12 +187,12 @@ static inline void psa_clear_key_slot_number( * or the specified slot number is not valid. * \retval #PSA_ERROR_NOT_PERMITTED * The caller is not authorized to register the specified key slot. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -221,7 +219,7 @@ void mbedtls_psa_crypto_free(void); * resource consumption related to the PSA keystore. * * \note The content of this structure is not part of the stable API and ABI - * of Mbed Crypto and may change arbitrarily from version to version. + * of Mbed TLS and may change arbitrarily from version to version. */ typedef struct mbedtls_psa_stats_s { /** Number of slots containing key material for a volatile key. */ @@ -250,7 +248,7 @@ typedef struct mbedtls_psa_stats_s { /** \brief Get statistics about * resource consumption related to the PSA keystore. * - * \note When Mbed Crypto is built as part of a service, with isolation + * \note When Mbed TLS is built as part of a service, with isolation * between the application and the keystore, the service may or * may not expose this function. */ @@ -429,6 +427,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, */ #define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e) +/** PAKE operation stages. */ +#define PSA_PAKE_OPERATION_STAGE_SETUP 0 +#define PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS 1 +#define PSA_PAKE_OPERATION_STAGE_COMPUTATION 2 /** * \brief Set domain parameters for a key. @@ -491,10 +493,10 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * according to \p type as described above. * \param data_length Size of the \p data buffer in bytes. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, @@ -521,8 +523,8 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, * \param[out] data_length On success, the number of bytes * that make up the key domain parameters data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription */ psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, @@ -570,8 +572,7 @@ psa_status_t psa_get_key_domain_parameters( /** \defgroup psa_tls_helpers TLS helper functions * @{ */ - -#if defined(MBEDTLS_ECP_C) +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) #include /** Convert an ECC curve identifier from the Mbed TLS encoding to PSA. @@ -587,54 +588,8 @@ psa_status_t psa_get_key_domain_parameters( * (`PSA_ECC_FAMILY_xxx`). * \return \c 0 on failure (\p grpid is not recognized). */ -static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, - size_t *bits) -{ - switch (grpid) { - case MBEDTLS_ECP_DP_SECP192R1: - *bits = 192; - return PSA_ECC_FAMILY_SECP_R1; - case MBEDTLS_ECP_DP_SECP224R1: - *bits = 224; - return PSA_ECC_FAMILY_SECP_R1; - case MBEDTLS_ECP_DP_SECP256R1: - *bits = 256; - return PSA_ECC_FAMILY_SECP_R1; - case MBEDTLS_ECP_DP_SECP384R1: - *bits = 384; - return PSA_ECC_FAMILY_SECP_R1; - case MBEDTLS_ECP_DP_SECP521R1: - *bits = 521; - return PSA_ECC_FAMILY_SECP_R1; - case MBEDTLS_ECP_DP_BP256R1: - *bits = 256; - return PSA_ECC_FAMILY_BRAINPOOL_P_R1; - case MBEDTLS_ECP_DP_BP384R1: - *bits = 384; - return PSA_ECC_FAMILY_BRAINPOOL_P_R1; - case MBEDTLS_ECP_DP_BP512R1: - *bits = 512; - return PSA_ECC_FAMILY_BRAINPOOL_P_R1; - case MBEDTLS_ECP_DP_CURVE25519: - *bits = 255; - return PSA_ECC_FAMILY_MONTGOMERY; - case MBEDTLS_ECP_DP_SECP192K1: - *bits = 192; - return PSA_ECC_FAMILY_SECP_K1; - case MBEDTLS_ECP_DP_SECP224K1: - *bits = 224; - return PSA_ECC_FAMILY_SECP_K1; - case MBEDTLS_ECP_DP_SECP256K1: - *bits = 256; - return PSA_ECC_FAMILY_SECP_K1; - case MBEDTLS_ECP_DP_CURVE448: - *bits = 448; - return PSA_ECC_FAMILY_MONTGOMERY; - default: - *bits = 0; - return 0; - } -} +psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits); /** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. * @@ -658,7 +613,7 @@ static inline psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grp mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy); -#endif /* MBEDTLS_ECP_C */ +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ /**@}*/ @@ -954,7 +909,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( * the official PSA Crypto API yet. * * \note The content of this section is not part of the stable API and ABI - * of Mbed Crypto and may change arbitrarily from version to version. + * of Mbed TLS and may change arbitrarily from version to version. * Same holds for the corresponding macros #PSA_ALG_CATEGORY_PAKE and * #PSA_ALG_JPAKE. * @{ @@ -1081,12 +1036,12 @@ typedef uint32_t psa_pake_primitive_t; * (value of type ::psa_pake_primitive_type_t). * \param pake_family The family of the primitive * (the type and interpretation of this parameter depends - * on \p type, for more information consult the + * on \p pake_type, for more information consult the * documentation of individual ::psa_pake_primitive_type_t * constants). * \param pake_bits The bit-size of the primitive * (Value of type \c size_t. The interpretation - * of this parameter depends on \p family, for more + * of this parameter depends on \p pake_family, for more * information consult the documentation of individual * ::psa_pake_primitive_type_t constants). * @@ -1286,10 +1241,124 @@ static void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, * Implementation details can change in future versions without notice. */ typedef struct psa_pake_operation_s psa_pake_operation_t; +/** The type of input values for PAKE operations. */ +typedef struct psa_crypto_driver_pake_inputs_s psa_crypto_driver_pake_inputs_t; + +/** The type of computation stage for J-PAKE operations. */ +typedef struct psa_jpake_computation_stage_s psa_jpake_computation_stage_t; + /** Return an initial value for a PAKE operation object. */ static psa_pake_operation_t psa_pake_operation_init(void); +/** Get the length of the password in bytes from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] password_len Password length. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * Password hasn't been set yet. + */ +psa_status_t psa_crypto_driver_pake_get_password_len( + const psa_crypto_driver_pake_inputs_t *inputs, + size_t *password_len); + +/** Get the password from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] buffer Return buffer for password. + * \param buffer_size Size of the return buffer in bytes. + * \param[out] buffer_length Actual size of the password in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * Password hasn't been set yet. + */ +psa_status_t psa_crypto_driver_pake_get_password( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *buffer, size_t buffer_size, size_t *buffer_length); + +/** Get the length of the user id in bytes from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] user_len User id length. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * User id hasn't been set yet. + */ +psa_status_t psa_crypto_driver_pake_get_user_len( + const psa_crypto_driver_pake_inputs_t *inputs, + size_t *user_len); + +/** Get the length of the peer id in bytes from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] peer_len Peer id length. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * Peer id hasn't been set yet. + */ +psa_status_t psa_crypto_driver_pake_get_peer_len( + const psa_crypto_driver_pake_inputs_t *inputs, + size_t *peer_len); + +/** Get the user id from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] user_id User id. + * \param user_id_size Size of \p user_id in bytes. + * \param[out] user_id_len Size of the user id in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * User id hasn't been set yet. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p user_id is too small. + */ +psa_status_t psa_crypto_driver_pake_get_user( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *user_id, size_t user_id_size, size_t *user_id_len); + +/** Get the peer id from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] peer_id Peer id. + * \param peer_id_size Size of \p peer_id in bytes. + * \param[out] peer_id_length Size of the peer id in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * Peer id hasn't been set yet. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p peer_id is too small. + */ +psa_status_t psa_crypto_driver_pake_get_peer( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length); + +/** Get the cipher suite from given inputs. + * + * \param[in] inputs Operation inputs. + * \param[out] cipher_suite Return buffer for role. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BAD_STATE + * Cipher_suite hasn't been set yet. + */ +psa_status_t psa_crypto_driver_pake_get_cipher_suite( + const psa_crypto_driver_pake_inputs_t *inputs, + psa_pake_cipher_suite_t *cipher_suite); + /** Set the session information for a password-authenticated key exchange. * * The sequence of operations to set up a password-authenticated key exchange @@ -1352,8 +1421,8 @@ static psa_pake_operation_t psa_pake_operation_init(void); * compatible with the PAKE algorithm, or the hash algorithm in * \p cipher_suite is not supported or not compatible with the PAKE * algorithm and primitive. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid, or * the library has not been previously initialized by psa_crypto_init(). @@ -1397,11 +1466,11 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation, * \retval #PSA_ERROR_NOT_SUPPORTED * The key type or key size of \p password is not supported with the * \p operation's cipher suite. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must have been set up.), or * the library has not been previously initialized by psa_crypto_init(). @@ -1439,9 +1508,9 @@ psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, * suite. * \retval #PSA_ERROR_NOT_SUPPORTED * The value of \p user_id is not supported by the implementation. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid, or * the library has not been previously initialized by psa_crypto_init(). @@ -1476,13 +1545,13 @@ psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, * \retval #PSA_SUCCESS * Success. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p user_id is not valid for the \p operation's algorithm and cipher + * \p peer_id is not valid for the \p operation's algorithm and cipher * suite. * \retval #PSA_ERROR_NOT_SUPPORTED * The algorithm doesn't associate a second identity with the session. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * Calling psa_pake_set_peer() is invalid with the \p operation's * algorithm, the operation state is not valid, or the library has not @@ -1524,8 +1593,8 @@ psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, * The \p role is not a valid PAKE role in the \p operation’s algorithm. * \retval #PSA_ERROR_NOT_SUPPORTED * The \p role for this algorithm is not supported or is not valid. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid, or * the library has not been previously initialized by psa_crypto_init(). @@ -1558,8 +1627,8 @@ psa_status_t psa_pake_set_role(psa_pake_operation_t *operation, * \c PSA_PAKE_STEP_XXX constants for more * information. * \param output_size Size of the \p output buffer in bytes. This must - * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \p - * primitive, \p step) where \p alg and + * be at least #PSA_PAKE_OUTPUT_SIZE(\c alg, \c + * primitive, \p output_step) where \c alg and * \p primitive are the PAKE algorithm and primitive * in the operation's cipher suite, and \p step is * the output step. @@ -1575,13 +1644,13 @@ psa_status_t psa_pake_set_role(psa_pake_operation_t *operation, * \p step is not compatible with the operation's algorithm. * \retval #PSA_ERROR_NOT_SUPPORTED * \p step is not supported with the operation's algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, and fully set * up, and this call must conform to the algorithm's requirements @@ -1624,19 +1693,19 @@ psa_status_t psa_pake_output(psa_pake_operation_t *operation, * \retval #PSA_ERROR_INVALID_SIGNATURE * The verification fails for a #PSA_PAKE_STEP_ZK_PROOF input step. * \retval #PSA_ERROR_INVALID_ARGUMENT - * \p is not compatible with the \p operation’s algorithm, or the - * \p input is not valid for the \p operation's algorithm, cipher suite - * or \p step. + * \p input_length is not compatible with the \p operation’s algorithm, + * or the \p input is not valid for the \p operation's algorithm, + * cipher suite or \p step. * \retval #PSA_ERROR_NOT_SUPPORTED * \p step p is not supported with the \p operation's algorithm, or the * \p input is not supported for the \p operation's algorithm, cipher * suite or \p step. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active, and fully set * up, and this call must conform to the algorithm's requirements @@ -1675,7 +1744,7 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * * When this function returns successfully, \p operation becomes inactive. * If this function returns an error status, both \p operation - * and \p key_derivation operations enter an error state and must be aborted by + * and \c key_derivation operations enter an error state and must be aborted by * calling psa_pake_abort() and psa_key_derivation_abort() respectively. * * \param[in,out] operation Active PAKE operation. @@ -1691,12 +1760,12 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation, * \retval #PSA_ERROR_NOT_SUPPORTED * Input from a PAKE is not supported by the algorithm in the \p output * key derivation operation. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_BAD_STATE * The PAKE operation state is not valid (it must be active, but beyond * that validity is specific to the algorithm), or @@ -1728,8 +1797,8 @@ psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, * * \retval #PSA_SUCCESS * Success. - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -1805,7 +1874,10 @@ psa_status_t psa_pake_abort(psa_pake_operation_t *operation); * * This macro must expand to a compile-time constant integer. * - * See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p primitive, \p step). + * The value of this macro must be at least as large as the largest value + * returned by PSA_PAKE_OUTPUT_SIZE() + * + * See also #PSA_PAKE_OUTPUT_SIZE(\p alg, \p primitive, \p output_step). */ #define PSA_PAKE_OUTPUT_MAX_SIZE 65 @@ -1814,7 +1886,10 @@ psa_status_t psa_pake_abort(psa_pake_operation_t *operation); * * This macro must expand to a compile-time constant integer. * - * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p primitive, \p step). + * The value of this macro must be at least as large as the largest value + * returned by PSA_PAKE_INPUT_SIZE() + * + * See also #PSA_PAKE_INPUT_SIZE(\p alg, \p primitive, \p output_step). */ #define PSA_PAKE_INPUT_MAX_SIZE 65 @@ -1826,14 +1901,8 @@ psa_status_t psa_pake_abort(psa_pake_operation_t *operation); /** Returns a suitable initializer for a PAKE operation object of type * psa_pake_operation_t. */ -#if defined(MBEDTLS_PSA_BUILTIN_PAKE) -#define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, 0, 0, \ - NULL, 0, \ - PSA_PAKE_ROLE_NONE, { 0 }, 0, 0, \ - { .dummy = 0 } } -#else -#define PSA_PAKE_OPERATION_INIT { PSA_ALG_NONE, 0, 0, { 0 } } -#endif +#define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, 0, PSA_PAKE_OPERATION_STAGE_SETUP, \ + { 0 }, { { 0 } } } struct psa_pake_cipher_suite_s { psa_algorithm_t algorithm; @@ -1904,35 +1973,88 @@ static inline void psa_pake_cs_set_hash(psa_pake_cipher_suite_t *cipher_suite, } } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) -#include -/* Note: the format for mbedtls_ecjpake_read/write function has an extra - * length byte for each step, plus an extra 3 bytes for ECParameters in the - * server's 2nd round. */ -#define MBEDTLS_PSA_PAKE_BUFFER_SIZE ((3 + 1 + 65 + 1 + 65 + 1 + 32) * 2) -#endif - -struct psa_pake_operation_s { - psa_algorithm_t MBEDTLS_PRIVATE(alg); - unsigned int MBEDTLS_PRIVATE(state); - unsigned int MBEDTLS_PRIVATE(sequence); -#if defined(MBEDTLS_PSA_BUILTIN_PAKE) - unsigned int MBEDTLS_PRIVATE(input_step); - unsigned int MBEDTLS_PRIVATE(output_step); +struct psa_crypto_driver_pake_inputs_s { uint8_t *MBEDTLS_PRIVATE(password); size_t MBEDTLS_PRIVATE(password_len); - psa_pake_role_t MBEDTLS_PRIVATE(role); - uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]); - size_t MBEDTLS_PRIVATE(buffer_length); - size_t MBEDTLS_PRIVATE(buffer_offset); -#endif + uint8_t *MBEDTLS_PRIVATE(user); + size_t MBEDTLS_PRIVATE(user_len); + uint8_t *MBEDTLS_PRIVATE(peer); + size_t MBEDTLS_PRIVATE(peer_len); + psa_key_attributes_t MBEDTLS_PRIVATE(attributes); + psa_pake_cipher_suite_t MBEDTLS_PRIVATE(cipher_suite); +}; + +typedef enum psa_crypto_driver_pake_step { + PSA_JPAKE_STEP_INVALID = 0, /* Invalid step */ + PSA_JPAKE_X1_STEP_KEY_SHARE = 1, /* Round 1: input/output key share (for ephemeral private key X1).*/ + PSA_JPAKE_X1_STEP_ZK_PUBLIC = 2, /* Round 1: input/output Schnorr NIZKP public key for the X1 key */ + PSA_JPAKE_X1_STEP_ZK_PROOF = 3, /* Round 1: input/output Schnorr NIZKP proof for the X1 key */ + PSA_JPAKE_X2_STEP_KEY_SHARE = 4, /* Round 1: input/output key share (for ephemeral private key X2).*/ + PSA_JPAKE_X2_STEP_ZK_PUBLIC = 5, /* Round 1: input/output Schnorr NIZKP public key for the X2 key */ + PSA_JPAKE_X2_STEP_ZK_PROOF = 6, /* Round 1: input/output Schnorr NIZKP proof for the X2 key */ + PSA_JPAKE_X2S_STEP_KEY_SHARE = 7, /* Round 2: output X2S key (our key) */ + PSA_JPAKE_X2S_STEP_ZK_PUBLIC = 8, /* Round 2: output Schnorr NIZKP public key for the X2S key (our key) */ + PSA_JPAKE_X2S_STEP_ZK_PROOF = 9, /* Round 2: output Schnorr NIZKP proof for the X2S key (our key) */ + PSA_JPAKE_X4S_STEP_KEY_SHARE = 10, /* Round 2: input X4S key (from peer) */ + PSA_JPAKE_X4S_STEP_ZK_PUBLIC = 11, /* Round 2: input Schnorr NIZKP public key for the X4S key (from peer) */ + PSA_JPAKE_X4S_STEP_ZK_PROOF = 12 /* Round 2: input Schnorr NIZKP proof for the X4S key (from peer) */ +} psa_crypto_driver_pake_step_t; + +typedef enum psa_jpake_round { + PSA_JPAKE_FIRST = 0, + PSA_JPAKE_SECOND = 1, + PSA_JPAKE_FINISHED = 2 +} psa_jpake_round_t; + +typedef enum psa_jpake_io_mode { + PSA_JPAKE_INPUT = 0, + PSA_JPAKE_OUTPUT = 1 +} psa_jpake_io_mode_t; + +struct psa_jpake_computation_stage_s { + /* The J-PAKE round we are currently on */ + psa_jpake_round_t MBEDTLS_PRIVATE(round); + /* The 'mode' we are currently in (inputting or outputting) */ + psa_jpake_io_mode_t MBEDTLS_PRIVATE(io_mode); + /* The number of completed inputs so far this round */ + uint8_t MBEDTLS_PRIVATE(inputs); + /* The number of completed outputs so far this round */ + uint8_t MBEDTLS_PRIVATE(outputs); + /* The next expected step (KEY_SHARE, ZK_PUBLIC or ZK_PROOF) */ + psa_pake_step_t MBEDTLS_PRIVATE(step); +}; + +#define PSA_JPAKE_EXPECTED_INPUTS(round) ((round) == PSA_JPAKE_FINISHED ? 0 : \ + ((round) == PSA_JPAKE_FIRST ? 2 : 1)) +#define PSA_JPAKE_EXPECTED_OUTPUTS(round) ((round) == PSA_JPAKE_FINISHED ? 0 : \ + ((round) == PSA_JPAKE_FIRST ? 2 : 1)) + +struct psa_pake_operation_s { + /** Unique ID indicating which driver got assigned to do the + * operation. Since driver contexts are driver-specific, swapping + * drivers halfway through the operation is not supported. + * ID values are auto-generated in psa_crypto_driver_wrappers.h + * ID value zero means the context is not valid or not assigned to + * any driver (i.e. none of the driver contexts are active). */ + unsigned int MBEDTLS_PRIVATE(id); + /* Algorithm of the PAKE operation */ + psa_algorithm_t MBEDTLS_PRIVATE(alg); + /* A primitive of type compatible with algorithm */ + psa_pake_primitive_t MBEDTLS_PRIVATE(primitive); + /* Stage of the PAKE operation: waiting for the setup, collecting inputs + * or computing. */ + uint8_t MBEDTLS_PRIVATE(stage); + /* Holds computation stage of the PAKE algorithms. */ union { -#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) - mbedtls_ecjpake_context ecjpake; + uint8_t MBEDTLS_PRIVATE(dummy); +#if defined(PSA_WANT_ALG_JPAKE) + psa_jpake_computation_stage_t MBEDTLS_PRIVATE(jpake); #endif - /* Make the union non-empty even with no supported algorithms. */ - uint8_t dummy; - } MBEDTLS_PRIVATE(ctx); + } MBEDTLS_PRIVATE(computation_stage); + union { + psa_driver_pake_context_t MBEDTLS_PRIVATE(ctx); + psa_crypto_driver_pake_inputs_t MBEDTLS_PRIVATE(inputs); + } MBEDTLS_PRIVATE(data); }; static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void) diff --git a/include/psa/crypto_legacy.h b/include/psa/crypto_legacy.h new file mode 100644 index 000000000..7a038d945 --- /dev/null +++ b/include/psa/crypto_legacy.h @@ -0,0 +1,100 @@ +/** + * \file psa/crypto_legacy.h + * + * \brief Add temporary suppport for deprecated symbols before they are + * removed from the library. + * + * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR and MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR + * symbols are deprecated. + * New symols add a suffix to that base name in order to clearly state what is + * the expected use for the key (use, import, export, generate, derive). + * Here we define some backward compatibility support for uses stil using + * the legacy symbols. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_PSA_CRYPTO_LEGACY_H +#define MBEDTLS_PSA_CRYPTO_LEGACY_H + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) //no-check-names +#if !defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) //no-check-names +#if !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#endif +#if !defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) //no-check-names +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE +#endif +#endif + +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) //no-check-names +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT +#endif +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE +#endif +#endif + +#endif /* MBEDTLS_PSA_CRYPTO_LEGACY_H */ diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index e8d241bc7..8c81ded34 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -34,13 +34,14 @@ #define PSA_CRYPTO_PLATFORM_H #include "mbedtls/private_access.h" -/* Include the Mbed TLS configuration file, the way Mbed TLS does it - * in each of its header files. */ -#include "mbedtls/build_info.h" - -/* Translate between classic MBEDTLS_xxx feature symbols and PSA_xxx - * feature symbols. */ -#include "mbedtls/config_psa.h" +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" /* PSA requires several types which C99 provides in stdint.h. */ #include diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index a0527897c..f39e2294c 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -138,7 +138,7 @@ typedef psa_status_t (*psa_drv_se_init_t)(psa_drv_se_context_t *drv_context, psa_key_location_t location); #if defined(__DOXYGEN_ONLY__) || !defined(MBEDTLS_PSA_CRYPTO_SE_C) -/* Mbed Crypto with secure element support enabled defines this type in +/* Mbed TLS with secure element support enabled defines this type in * crypto_types.h because it is also visible to applications through an * implementation-specific extension. * For the PSA Cryptography specification, this type is only visible @@ -385,8 +385,8 @@ typedef struct { * \param[in] direction Indicates whether the operation is an encrypt * or decrypt * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, @@ -407,7 +407,7 @@ typedef psa_status_t (*psa_drv_se_cipher_setup_t)(psa_drv_se_context_t *drv_cont * \param[in] p_iv A buffer containing the initialization vector * \param[in] iv_length The size (in bytes) of the `p_iv` buffer * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, const uint8_t *p_iv, @@ -429,7 +429,7 @@ typedef psa_status_t (*psa_drv_se_cipher_set_iv_t)(void *op_context, * \param[out] p_output_length After completion, will contain the number * of bytes placed in the `p_output` buffer * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, const uint8_t *p_input, @@ -450,7 +450,7 @@ typedef psa_status_t (*psa_drv_se_cipher_update_t)(void *op_context, * \param[out] p_output_length After completion, will contain the number of * bytes placed in the `p_output` buffer * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_finish_t)(void *op_context, uint8_t *p_output, @@ -485,8 +485,8 @@ typedef psa_status_t (*psa_drv_se_cipher_abort_t)(void *op_context); * \param[in] output_size The allocated size in bytes of the `p_output` * buffer * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription */ typedef psa_status_t (*psa_drv_se_cipher_ecb_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -554,7 +554,7 @@ typedef struct { * \param[out] p_signature_length On success, the number of bytes * that make up the returned signature value * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_asymmetric_sign_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -618,7 +618,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_verify_t)(psa_drv_se_context_t *drv * \param[out] p_output_length On success, the number of bytes that make up * the returned output * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -658,7 +658,7 @@ typedef psa_status_t (*psa_drv_se_asymmetric_encrypt_t)(psa_drv_se_context_t *dr * \param[out] p_output_length On success, the number of bytes * that make up the returned output * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_asymmetric_decrypt_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key_slot, @@ -837,7 +837,7 @@ typedef enum { * and #PSA_ERROR_DOES_NOT_EXIST if the driver can determine that there * is no key with the specified slot number. * - * This is an Mbed Crypto extension. + * This is an Mbed TLS extension. */ PSA_KEY_CREATION_REGISTER, #endif @@ -904,8 +904,8 @@ typedef enum { * Success. * The core will record \c *key_slot as the key slot where the key * is stored and will update the persistent data in storage. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription */ typedef psa_status_t (*psa_drv_se_allocate_key_t)( psa_drv_se_context_t *drv_context, @@ -1043,13 +1043,13 @@ typedef psa_status_t (*psa_drv_se_destroy_key_t)( * \param[out] p_data_length On success, the number of bytes * that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_NOT_PERMITTED - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ typedef psa_status_t (*psa_drv_se_export_key_t)(psa_drv_se_context_t *drv_context, psa_key_slot_number_t key, @@ -1196,7 +1196,7 @@ typedef struct { * \param[in] source_key The key to be used as the source material for * the key derivation * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t *drv_context, void *op_context, @@ -1216,7 +1216,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_setup_t)(psa_drv_se_context_t * * \param[in] p_collateral A buffer containing the collateral data * \param[in] collateral_size The size in bytes of the collateral * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, uint32_t collateral_id, @@ -1231,7 +1231,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_collateral_t)(void *op_context, * \param[in] dest_key The slot where the generated key material * should be placed * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, psa_key_slot_number_t dest_key); @@ -1245,7 +1245,7 @@ typedef psa_status_t (*psa_drv_se_key_derivation_derive_t)(void *op_context, * \param[out] p_output_length Upon success, contains the number of bytes of * key material placed in `p_output` * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ typedef psa_status_t (*psa_drv_se_key_derivation_export_t)(void *op_context, uint8_t *p_output, diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 3d6bb2c1e..31e45fe6a 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -40,12 +40,19 @@ #ifndef PSA_CRYPTO_SIZES_H #define PSA_CRYPTO_SIZES_H -/* Include the Mbed TLS configuration file, the way Mbed TLS does it - * in each of its header files. */ -#include "mbedtls/build_info.h" +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" -#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8) -#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8) +#define PSA_BITS_TO_BYTES(bits) (((bits) + 7u) / 8u) +#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8u) +#define PSA_MAX_OF_THREE(a, b, c) ((a) <= (b) ? (b) <= (c) ? \ + (c) : (b) : (a) <= (c) ? (c) : (a)) #define PSA_ROUND_UP_TO_MULTIPLE(block_size, length) \ (((length) + (block_size) - 1) / (block_size) * (block_size)) @@ -64,20 +71,20 @@ */ #define PSA_HASH_LENGTH(alg) \ ( \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \ - 0) + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64u : \ + 0u) /** The input block size of a hash algorithm, in bytes. * @@ -96,20 +103,20 @@ */ #define PSA_HASH_BLOCK_LENGTH(alg) \ ( \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 64 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 128 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 128 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 128 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 128 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 144 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 136 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 104 : \ - PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 72 : \ - 0) + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 64u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 64u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 64u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 64u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 64u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 128u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 128u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 128u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 128u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 144u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 136u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 104u : \ + PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 72u : \ + 0u) /** \def PSA_HASH_MAX_SIZE * @@ -118,15 +125,41 @@ * This macro expands to a compile-time constant integer. This value * is the maximum size of a hash in bytes. */ -/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226, +/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-224, * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for * HMAC-SHA3-512. */ -#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_384) -#define PSA_HASH_MAX_SIZE 64 -#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128 -#else -#define PSA_HASH_MAX_SIZE 32 -#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64 +/* Note: PSA_HASH_MAX_SIZE should be kept in sync with MBEDTLS_MD_MAX_SIZE, + * see the note on MBEDTLS_MD_MAX_SIZE for details. */ +#if defined(PSA_WANT_ALG_SHA3_224) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 144u +#elif defined(PSA_WANT_ALG_SHA3_256) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 136u +#elif defined(PSA_WANT_ALG_SHA_512) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128u +#elif defined(PSA_WANT_ALG_SHA_384) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128u +#elif defined(PSA_WANT_ALG_SHA3_384) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 104u +#elif defined(PSA_WANT_ALG_SHA3_512) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 72u +#elif defined(PSA_WANT_ALG_SHA_256) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64u +#elif defined(PSA_WANT_ALG_SHA_224) +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64u +#else /* SHA-1 or smaller */ +#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64u +#endif + +#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA3_512) +#define PSA_HASH_MAX_SIZE 64u +#elif defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA3_384) +#define PSA_HASH_MAX_SIZE 48u +#elif defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA3_256) +#define PSA_HASH_MAX_SIZE 32u +#elif defined(PSA_WANT_ALG_SHA_224) || defined(PSA_WANT_ALG_SHA3_224) +#define PSA_HASH_MAX_SIZE 28u +#else /* SHA-1 or smaller */ +#define PSA_HASH_MAX_SIZE 20u #endif /** \def PSA_MAC_MAX_SIZE @@ -167,13 +200,13 @@ #define PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ - ((void) (key_bits), 0)) + ((void) (key_bits), 0u)) /** The maximum tag size for all supported AEAD algorithms, in bytes. * * See also #PSA_AEAD_TAG_LENGTH(\p key_type, \p key_bits, \p alg). */ -#define PSA_AEAD_TAG_MAX_SIZE 16 +#define PSA_AEAD_TAG_MAX_SIZE 16u /* The maximum size of an RSA key on this implementation, in bits. * This is a vendor-specific macro. @@ -188,38 +221,56 @@ * * Note that an implementation may set different size limits for different * operations, and does not need to accept all key sizes up to the limit. */ -#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096 +#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096u + +/* The minimum size of an RSA key on this implementation, in bits. + * This is a vendor-specific macro. + * + * Limits RSA key generation to a minimum due to avoid accidental misuse. + * This value cannot be less than 128 bits. + */ +#if defined(MBEDTLS_RSA_GEN_KEY_MIN_BITS) +#define PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS MBEDTLS_RSA_GEN_KEY_MIN_BITS +#else +#define PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS 1024 +#endif + +/* The maximum size of an DH key on this implementation, in bits. + * + * Note that an implementation may set different size limits for different + * operations, and does not need to accept all key sizes up to the limit. */ +#define PSA_VENDOR_FFDH_MAX_KEY_BITS 8192u /* The maximum size of an ECC key on this implementation, in bits. * This is a vendor-specific macro. */ -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521 -#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512 -#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448 -#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384 -#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384 -#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256 -#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256 -#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256 -#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255 -#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224 -#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224 -#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192 -#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192 +#if defined(PSA_WANT_ECC_SECP_R1_521) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521u +#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512u +#elif defined(PSA_WANT_ECC_MONTGOMERY_448) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448u +#elif defined(PSA_WANT_ECC_SECP_R1_384) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384u +#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384u +#elif defined(PSA_WANT_ECC_SECP_R1_256) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256u +#elif defined(PSA_WANT_ECC_SECP_K1_256) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256u +#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256u +#elif defined(PSA_WANT_ECC_MONTGOMERY_255) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255u +#elif defined(PSA_WANT_ECC_SECP_R1_224) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224u +#elif defined(PSA_WANT_ECC_SECP_K1_224) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224u +#elif defined(PSA_WANT_ECC_SECP_R1_192) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192u +#elif defined(PSA_WANT_ECC_SECP_K1_192) +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192u #else -#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0 +#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0u #endif /** This macro returns the maximum supported length of the PSK for the @@ -237,19 +288,23 @@ * Therefore, no implementation should define a value smaller than 64 * for #PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE. */ -#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128 +#define PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE 128u /* The expected size of input passed to psa_tls12_ecjpake_to_pms_input, * which is expected to work with P-256 curve only. */ -#define PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE 65 +#define PSA_TLS12_ECJPAKE_TO_PMS_INPUT_SIZE 65u /* The size of a serialized K.X coordinate to be used in * psa_tls12_ecjpake_to_pms_input. This function only accepts the P-256 * curve. */ -#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE 32 +#define PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE 32u + +/* The maximum number of iterations for PBKDF2 on this implementation, in bits. + * This is a vendor-specific macro. This can be configured if necessary */ +#define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 0xffffffffU /** The maximum size of a block cipher. */ -#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16 +#define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16u /** The size of the output of psa_mac_sign_finish(), in bytes. * @@ -276,7 +331,7 @@ ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \ PSA_ALG_IS_HMAC(alg) ? PSA_HASH_LENGTH(PSA_ALG_HMAC_GET_HASH(alg)) : \ PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ - ((void) (key_type), (void) (key_bits), 0)) + ((void) (key_type), (void) (key_bits), 0u)) /** The maximum size of the output of psa_aead_encrypt(), in bytes. * @@ -307,7 +362,7 @@ #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext_length) \ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 ? \ (plaintext_length) + PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ - 0) + 0u) /** A sufficient output buffer size for psa_aead_encrypt(), for any of the * supported key types and AEAD algorithms. @@ -361,7 +416,7 @@ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ (ciphertext_length) > PSA_ALG_AEAD_GET_TAG_LENGTH(alg) ? \ (ciphertext_length) - PSA_ALG_AEAD_GET_TAG_LENGTH(alg) : \ - 0) + 0u) /** A sufficient output buffer size for psa_aead_decrypt(), for any of the * supported key types and AEAD algorithms. @@ -411,12 +466,12 @@ */ #define PSA_AEAD_NONCE_LENGTH(key_type, alg) \ (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) == 16 ? \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13 : \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12 : \ - 0 : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CCM) ? 13u : \ + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_GCM) ? 12u : \ + 0u : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12 : \ - 0) + MBEDTLS_PSA_ALG_AEAD_EQUAL(alg, PSA_ALG_CHACHA20_POLY1305) ? 12u : \ + 0u) /** The maximum default nonce size among all supported pairs of key types and * AEAD algorithms, in bytes. @@ -429,7 +484,7 @@ * just the largest size that may be generated by * #psa_aead_generate_nonce(). */ -#define PSA_AEAD_NONCE_MAX_SIZE 13 +#define PSA_AEAD_NONCE_MAX_SIZE 13u /** A sufficient output buffer size for psa_aead_update(). * @@ -466,7 +521,7 @@ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), (input_length)) : \ (input_length) : \ - 0) + 0u) /** A sufficient output buffer size for psa_aead_update(), for any of the * supported key types and AEAD algorithms. @@ -506,7 +561,7 @@ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ - 0) + 0u) /** A sufficient ciphertext buffer size for psa_aead_finish(), for any of the * supported key types and AEAD algorithms. @@ -540,7 +595,7 @@ (PSA_AEAD_NONCE_LENGTH(key_type, alg) != 0 && \ PSA_ALG_IS_AEAD_ON_BLOCK_CIPHER(alg) ? \ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ - 0) + 0u) /** A sufficient plaintext buffer size for psa_aead_verify(), for any of the * supported key types and AEAD algorithms. @@ -551,8 +606,8 @@ #define PSA_RSA_MINIMUM_PADDING_SIZE(alg) \ (PSA_ALG_IS_RSA_OAEP(alg) ? \ - 2 * PSA_HASH_LENGTH(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 : \ - 11 /*PKCS#1v1.5*/) + 2u * PSA_HASH_LENGTH(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1u : \ + 11u /*PKCS#1v1.5*/) /** * \brief ECDSA signature size for a given curve bit size @@ -563,7 +618,7 @@ * \note This macro returns a compile-time constant if its argument is one. */ #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits) \ - (PSA_BITS_TO_BYTES(curve_bits) * 2) + (PSA_BITS_TO_BYTES(curve_bits) * 2u) /** Sufficient signature buffer size for psa_sign_hash(). * @@ -593,7 +648,7 @@ #define PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \ - ((void) alg, 0)) + ((void) alg, 0u)) #define PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE \ PSA_ECDSA_SIGNATURE_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) @@ -605,10 +660,18 @@ * This macro expands to a compile-time constant integer. This value * is the maximum size of a signature in bytes. */ -#define PSA_SIGNATURE_MAX_SIZE \ - (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE ? \ - PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ - PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE) +#define PSA_SIGNATURE_MAX_SIZE 1 + +#if (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)) && \ + (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE > PSA_SIGNATURE_MAX_SIZE) +#undef PSA_SIGNATURE_MAX_SIZE +#define PSA_SIGNATURE_MAX_SIZE PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE +#endif +#if (defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) || defined(PSA_WANT_ALG_RSA_PSS)) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) > PSA_SIGNATURE_MAX_SIZE) +#undef PSA_SIGNATURE_MAX_SIZE +#define PSA_SIGNATURE_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_RSA_MAX_KEY_BITS) +#endif /** Sufficient output buffer size for psa_asymmetric_encrypt(). * @@ -638,7 +701,7 @@ #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ ((void) alg, PSA_BITS_TO_BYTES(key_bits)) : \ - 0) + 0u) /** A sufficient output buffer size for psa_asymmetric_encrypt(), for any * supported asymmetric encryption. @@ -677,7 +740,7 @@ #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? \ PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) : \ - 0) + 0u) /** A sufficient output buffer size for psa_asymmetric_decrypt(), for any * supported asymmetric decryption. @@ -700,7 +763,7 @@ * - 0 to 1 bytes of leading 0 due to the sign bit. */ #define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits) \ - ((bits) / 8 + 5) + ((bits) / 8u + 5u) /* Maximum size of the export encoding of an RSA public key. * Assumes that the public exponent is less than 2^32. @@ -714,7 +777,7 @@ * - 7 bytes for the public exponent. */ #define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11) + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 11u) /* Maximum size of the export encoding of an RSA key pair. * Assumes that the public exponent is less than 2^32 and that the size @@ -739,7 +802,7 @@ * - 7 bytes for the public exponent. */ #define PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) \ - (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14) + (9u * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2u + 1u) + 14u) /* Maximum size of the export encoding of a DSA public key. * @@ -758,7 +821,7 @@ * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits). */ #define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59) + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 59u) /* Maximum size of the export encoding of a DSA key pair. * @@ -777,7 +840,7 @@ * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits). */ #define PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) \ - (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75) + (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3u + 75u) /* Maximum size of the export encoding of an ECC public key. * @@ -790,7 +853,7 @@ * - 1 byte + 2 * point size. */ #define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) \ - (2 * PSA_BITS_TO_BYTES(key_bits) + 1) + (2u * PSA_BITS_TO_BYTES(key_bits) + 1u) /* Maximum size of the export encoding of an ECC key pair. * @@ -799,6 +862,18 @@ #define PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) \ (PSA_BITS_TO_BYTES(key_bits)) +/* Maximum size of the export encoding of an DH key pair. + * + * An DH key pair is represented by the secret value. + */ +#define PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(key_bits) \ + (PSA_BITS_TO_BYTES(key_bits)) + +/* Maximum size of the export encoding of an DH public key. + */ +#define PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(key_bits) \ + (PSA_BITS_TO_BYTES(key_bits)) + /** Sufficient output buffer size for psa_export_key() or * psa_export_public_key(). * @@ -840,13 +915,14 @@ */ #define PSA_EXPORT_KEY_OUTPUT_SIZE(key_type, key_bits) \ (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ + PSA_KEY_TYPE_IS_DH(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ (key_type) == PSA_KEY_TYPE_RSA_KEY_PAIR ? PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(key_bits) : \ (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ (key_type) == PSA_KEY_TYPE_DSA_KEY_PAIR ? PSA_KEY_EXPORT_DSA_KEY_PAIR_MAX_SIZE(key_bits) : \ (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - 0) + 0u) /** Sufficient output buffer size for psa_export_public_key(). * @@ -896,7 +972,8 @@ #define PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, key_bits) \ (PSA_KEY_TYPE_IS_RSA(key_type) ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \ PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \ - 0) + PSA_KEY_TYPE_IS_DH(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \ + 0u) /** Sufficient buffer size for exporting any asymmetric key pair. * @@ -906,11 +983,29 @@ * * See also #PSA_EXPORT_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ - (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \ - PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ? \ - PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ - PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)) +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE 1 + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + (PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + PSA_EXPORT_KEY_PAIR_MAX_SIZE) +#undef PSA_EXPORT_KEY_PAIR_MAX_SIZE +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) && \ + (PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \ + PSA_EXPORT_KEY_PAIR_MAX_SIZE) +#undef PSA_EXPORT_KEY_PAIR_MAX_SIZE +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ + (PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) > \ + PSA_EXPORT_KEY_PAIR_MAX_SIZE) +#undef PSA_EXPORT_KEY_PAIR_MAX_SIZE +#define PSA_EXPORT_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_FFDH_KEY_PAIR_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** Sufficient buffer size for exporting any asymmetric public key. * @@ -921,11 +1016,29 @@ * * See also #PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ - (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \ - PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) ? \ - PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) : \ - PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)) +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE 1 + +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + (PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) +#undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ + PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) && \ + (PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) > \ + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) +#undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ + PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) +#endif +#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \ + (PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) > \ + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) +#undef PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PSA_EXPORT_PUBLIC_KEY_MAX_SIZE \ + PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** Sufficient output buffer size for psa_raw_key_agreement(). * @@ -950,11 +1063,9 @@ * If the parameters are not valid, * the return value is unspecified. */ -/* FFDH is not yet supported in PSA. */ #define PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, key_bits) \ - (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) ? \ - PSA_BITS_TO_BYTES(key_bits) : \ - 0) + ((PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type) || \ + PSA_KEY_TYPE_IS_DH_KEY_PAIR(key_type)) ? PSA_BITS_TO_BYTES(key_bits) : 0u) /** Maximum size of the output from psa_raw_key_agreement(). * @@ -963,8 +1074,18 @@ * * See also #PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(\p key_type, \p key_bits). */ -#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE \ - (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)) +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE 1 + +#if defined(PSA_WANT_ALG_ECDH) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) +#undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) +#endif +#if defined(PSA_WANT_ALG_FFDH) && \ + (PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) > PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) +#undef PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE +#define PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE PSA_BITS_TO_BYTES(PSA_VENDOR_FFDH_MAX_KEY_BITS) +#endif /** The default IV size for a cipher algorithm, in bytes. * @@ -999,15 +1120,15 @@ (alg) == PSA_ALG_CBC_NO_PADDING || \ (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ (key_type) == PSA_KEY_TYPE_CHACHA20 && \ - (alg) == PSA_ALG_STREAM_CIPHER ? 12 : \ - (alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13 : \ - 0) + (alg) == PSA_ALG_STREAM_CIPHER ? 12u : \ + (alg) == PSA_ALG_CCM_STAR_NO_TAG ? 13u : \ + 0u) /** The maximum IV size for all supported cipher algorithms, in bytes. * * See also #PSA_CIPHER_IV_LENGTH(). */ -#define PSA_CIPHER_IV_MAX_SIZE 16 +#define PSA_CIPHER_IV_MAX_SIZE 16u /** The maximum size of the output of psa_cipher_encrypt(), in bytes. * @@ -1032,15 +1153,15 @@ * recognized, or the parameters are incompatible, * return 0. */ -#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ - (alg == PSA_ALG_CBC_PKCS7 ? \ - (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ - (input_length) + 1) + \ - PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0) : \ - (PSA_ALG_IS_CIPHER(alg) ? \ - (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ - 0)) +#define PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ + (alg == PSA_ALG_CBC_PKCS7 ? \ + (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ + (input_length) + 1u) + \ + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : 0u) : \ + (PSA_ALG_IS_CIPHER(alg) ? \ + (input_length) + PSA_CIPHER_IV_LENGTH((key_type), (alg)) : \ + 0u)) /** A sufficient output buffer size for psa_cipher_encrypt(), for any of the * supported key types and cipher algorithms. @@ -1053,9 +1174,9 @@ * \param input_length Size of the input in bytes. * */ -#define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length) \ - (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \ - (input_length) + 1) + \ +#define PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input_length) \ + (PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE, \ + (input_length) + 1u) + \ PSA_CIPHER_IV_MAX_SIZE) /** The maximum size of the output of psa_cipher_decrypt(), in bytes. @@ -1077,11 +1198,11 @@ * recognized, or the parameters are incompatible, * return 0. */ -#define PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ - (PSA_ALG_IS_CIPHER(alg) && \ +#define PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_length) \ + (PSA_ALG_IS_CIPHER(alg) && \ ((key_type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC ? \ - (input_length) : \ - 0) + (input_length) : \ + 0u) /** A sufficient output buffer size for psa_cipher_decrypt(), for any of the * supported key types and cipher algorithms. @@ -1114,16 +1235,16 @@ * algorithm. If the key type or cipher algorithm is not * recognized, or the parameters are incompatible, return 0. */ -#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ - (PSA_ALG_IS_CIPHER(alg) ? \ - (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ - (((alg) == PSA_ALG_CBC_PKCS7 || \ - (alg) == PSA_ALG_CBC_NO_PADDING || \ - (alg) == PSA_ALG_ECB_NO_PADDING) ? \ - PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ - input_length) : \ - (input_length)) : 0) : \ - 0) +#define PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_length) \ + (PSA_ALG_IS_CIPHER(alg) ? \ + (PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) != 0 ? \ + (((alg) == PSA_ALG_CBC_PKCS7 || \ + (alg) == PSA_ALG_CBC_NO_PADDING || \ + (alg) == PSA_ALG_ECB_NO_PADDING) ? \ + PSA_ROUND_UP_TO_MULTIPLE(PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type), \ + input_length) : \ + (input_length)) : 0u) : \ + 0u) /** A sufficient output buffer size for psa_cipher_update(), for any of the * supported key types and cipher algorithms. @@ -1159,8 +1280,8 @@ (PSA_ALG_IS_CIPHER(alg) ? \ (alg == PSA_ALG_CBC_PKCS7 ? \ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type) : \ - 0) : \ - 0) + 0u) : \ + 0u) /** A sufficient ciphertext buffer size for psa_cipher_finish(), for any of the * supported key types and cipher algorithms. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 7a6caa2ed..6c461914d 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -35,8 +35,8 @@ * GCC and Clang initialize the whole structure to 0 (at the time of writing), * but MSVC and CompCert don't. * - * In Mbed Crypto, multipart operation structures live independently from - * the key. This allows Mbed Crypto to free the key objects when destroying + * In Mbed TLS, multipart operation structures live independently from + * the key. This allows Mbed TLS to free the key objects when destroying * a key slot. If a multipart operation needs to remember the key after * the setup function returns, the operation structure needs to contain a * copy of the key. @@ -66,14 +66,14 @@ extern "C" { #endif -/* Include the Mbed TLS configuration file, the way Mbed TLS does it - * in each of its header files. */ -#include "mbedtls/build_info.h" - -#include "mbedtls/cmac.h" -#include "mbedtls/gcm.h" -#include "mbedtls/ccm.h" -#include "mbedtls/chachapoly.h" +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" /* Include the context definition for the compiled-in drivers for the primitive * algorithms. */ @@ -177,96 +177,15 @@ static inline struct psa_aead_operation_s psa_aead_operation_init(void) return v; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) -typedef struct { - uint8_t *MBEDTLS_PRIVATE(info); - size_t MBEDTLS_PRIVATE(info_length); -#if PSA_HASH_MAX_SIZE > 0xff -#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" -#endif - uint8_t MBEDTLS_PRIVATE(offset_in_block); - uint8_t MBEDTLS_PRIVATE(block_number); - unsigned int MBEDTLS_PRIVATE(state) : 2; - unsigned int MBEDTLS_PRIVATE(info_set) : 1; - uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; - uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE]; - struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac); -} psa_hkdf_key_derivation_t; -#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF || - MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT || - MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) -typedef struct { - uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE]; -} psa_tls12_ecjpake_to_pms_t; -#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) -typedef enum { - PSA_TLS12_PRF_STATE_INIT, /* no input provided */ - PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */ - PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */ - PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */ - PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */ - PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */ -} psa_tls12_prf_key_derivation_state_t; - -typedef struct psa_tls12_prf_key_derivation_s { -#if PSA_HASH_MAX_SIZE > 0xff -#error "PSA_HASH_MAX_SIZE does not fit in uint8_t" -#endif - - /* Indicates how many bytes in the current HMAC block have - * not yet been read by the user. */ - uint8_t MBEDTLS_PRIVATE(left_in_block); - - /* The 1-based number of the block. */ - uint8_t MBEDTLS_PRIVATE(block_number); - - psa_tls12_prf_key_derivation_state_t MBEDTLS_PRIVATE(state); - - uint8_t *MBEDTLS_PRIVATE(secret); - size_t MBEDTLS_PRIVATE(secret_length); - uint8_t *MBEDTLS_PRIVATE(seed); - size_t MBEDTLS_PRIVATE(seed_length); - uint8_t *MBEDTLS_PRIVATE(label); - size_t MBEDTLS_PRIVATE(label_length); -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - uint8_t *MBEDTLS_PRIVATE(other_secret); - size_t MBEDTLS_PRIVATE(other_secret_length); -#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ - - uint8_t MBEDTLS_PRIVATE(Ai)[PSA_HASH_MAX_SIZE]; - - /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */ - uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE]; -} psa_tls12_prf_key_derivation_t; -#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || - * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ +/* Include the context definition for the compiled-in drivers for the key + * derivation algorithms. */ +#include "psa/crypto_driver_contexts_key_derivation.h" struct psa_key_derivation_s { psa_algorithm_t MBEDTLS_PRIVATE(alg); unsigned int MBEDTLS_PRIVATE(can_output_key) : 1; size_t MBEDTLS_PRIVATE(capacity); - union { - /* Make the union non-empty even with no supported algorithms. */ - uint8_t MBEDTLS_PRIVATE(dummy); -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) - psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) - psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf); -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) - psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms); -#endif - } MBEDTLS_PRIVATE(ctx); + psa_driver_key_derivation_context_t MBEDTLS_PRIVATE(ctx); }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ @@ -491,6 +410,66 @@ static inline size_t psa_get_key_bits( return attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(bits); } +/** + * \brief The context for PSA interruptible hash signing. + */ +struct psa_sign_hash_interruptible_operation_s { + /** Unique ID indicating which driver got assigned to do the + * operation. Since driver contexts are driver-specific, swapping + * drivers halfway through the operation is not supported. + * ID values are auto-generated in psa_crypto_driver_wrappers.h + * ID value zero means the context is not valid or not assigned to + * any driver (i.e. none of the driver contexts are active). */ + unsigned int MBEDTLS_PRIVATE(id); + + psa_driver_sign_hash_interruptible_context_t MBEDTLS_PRIVATE(ctx); + + unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; + + uint32_t MBEDTLS_PRIVATE(num_ops); +}; + +#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 } + +static inline struct psa_sign_hash_interruptible_operation_s +psa_sign_hash_interruptible_operation_init(void) +{ + const struct psa_sign_hash_interruptible_operation_s v = + PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT; + + return v; +} + +/** + * \brief The context for PSA interruptible hash verification. + */ +struct psa_verify_hash_interruptible_operation_s { + /** Unique ID indicating which driver got assigned to do the + * operation. Since driver contexts are driver-specific, swapping + * drivers halfway through the operation is not supported. + * ID values are auto-generated in psa_crypto_driver_wrappers.h + * ID value zero means the context is not valid or not assigned to + * any driver (i.e. none of the driver contexts are active). */ + unsigned int MBEDTLS_PRIVATE(id); + + psa_driver_verify_hash_interruptible_context_t MBEDTLS_PRIVATE(ctx); + + unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; + + uint32_t MBEDTLS_PRIVATE(num_ops); +}; + +#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 } + +static inline struct psa_verify_hash_interruptible_operation_s +psa_verify_hash_interruptible_operation_init(void) +{ + const struct psa_verify_hash_interruptible_operation_s v = + PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT; + + return v; +} + #ifdef __cplusplus } #endif diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 95bf32fd9..8d894b470 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -32,16 +32,24 @@ #ifndef PSA_CRYPTO_TYPES_H #define PSA_CRYPTO_TYPES_H + +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" + +/* Define the MBEDTLS_PRIVATE macro. */ #include "mbedtls/private_access.h" +#if defined(MBEDTLS_PSA_CRYPTO_PLATFORM_FILE) +#include MBEDTLS_PSA_CRYPTO_PLATFORM_FILE +#else #include "crypto_platform.h" - -/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT - * is defined as well to include all PSA code. - */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -#define MBEDTLS_PSA_CRYPTO_CLIENT -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif #include @@ -296,7 +304,7 @@ typedef uint32_t psa_key_id_t; typedef psa_key_id_t mbedtls_svc_key_id_t; #else /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -/* Implementation-specific: The Mbed Cryptography library can be built as +/* Implementation-specific: The Mbed TLS library can be built as * part of a multi-client service that exposes the PSA Cryptography API in each * client and encodes the client identity in the key identifier argument of * functions such as psa_open_key(). @@ -438,7 +446,7 @@ typedef struct psa_key_attributes_s psa_key_attributes_t; #ifndef __DOXYGEN_ONLY__ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -/* Mbed Crypto defines this type in crypto_types.h because it is also +/* Mbed TLS defines this type in crypto_types.h because it is also * visible to applications through an implementation-specific extension. * For the PSA Cryptography specification, this type is only visible * via crypto_se_driver.h. */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ee95745ad..241b7c80d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -335,6 +335,13 @@ */ #define PSA_ERROR_DATA_INVALID ((psa_status_t)-153) +/** The function that returns this status is defined as interruptible and + * still has work to do, thus the user should call the function again with the + * same operation context until it either returns #PSA_SUCCESS or any other + * error. This is not an error per se, more a notification of status. + */ +#define PSA_OPERATION_INCOMPLETE ((psa_status_t)-248) + /* *INDENT-ON* */ /**@}*/ @@ -2095,7 +2102,8 @@ */ #define PSA_ALG_IS_PBKDF2_HMAC(alg) \ (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_PBKDF2_HMAC_BASE) - +#define PSA_ALG_PBKDF2_HMAC_GET_HASH(pbkdf2_alg) \ + (PSA_ALG_CATEGORY_HASH | ((pbkdf2_alg) & PSA_ALG_HASH_MASK)) /** The PBKDF2-AES-CMAC-PRF-128 password hashing / key stretching algorithm. * * PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2). @@ -2107,6 +2115,10 @@ */ #define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t) 0x08800200) +#define PSA_ALG_IS_PBKDF2(kdf_alg) \ + (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) || \ + ((kdf_alg) == PSA_ALG_PBKDF2_AES_CMAC_PRF_128)) + #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t) 0xfe00ffff) #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t) 0xffff0000) @@ -2739,4 +2751,18 @@ static inline int mbedtls_svc_key_id_is_null(mbedtls_svc_key_id_t key) /**@}*/ +/**@}*/ + +/** \defgroup interruptible Interruptible operations + * @{ + */ + +/** Maximum value for use with \c psa_interruptible_set_max_ops() to determine + * the maximum number of ops allowed to be executed by an interruptible + * function in a single call. + */ +#define PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED UINT32_MAX + +/**@}*/ + #endif /* PSA_CRYPTO_VALUES_H */ diff --git a/library/.gitignore b/library/.gitignore index 18cd305eb..c6a39f5c0 100644 --- a/library/.gitignore +++ b/library/.gitignore @@ -1,10 +1,11 @@ -*.o libmbed* *.sln *.vcxproj -# Automatically generated files +###START_GENERATED_FILES### /error.c /version_features.c /ssl_debug_helpers_generated.c -/psa_crypto_driver_wrappers.c +/psa_crypto_driver_wrappers.h +/psa_crypto_driver_wrappers_no_static.c +###END_GENERATED_FILES### diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index c9714bbfb..6a4ce51b4 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -1,7 +1,7 @@ -option(USE_STATIC_MBEDTLS_LIBRARY "Build mbed TLS static library." ON) -option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." OFF) -option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF) -option(LINK_WITH_TRUSTED_STORAGE "Explicitly link mbed TLS library to trusted_storage." OFF) +option(USE_STATIC_MBEDTLS_LIBRARY "Build Mbed TLS static library." ON) +option(USE_SHARED_MBEDTLS_LIBRARY "Build Mbed TLS shared library." OFF) +option(LINK_WITH_PTHREAD "Explicitly link Mbed TLS library to pthread." OFF) +option(LINK_WITH_TRUSTED_STORAGE "Explicitly link Mbed TLS library to trusted_storage." OFF) # Set the project root directory if it's not already defined, as may happen if # the library folder is included directly by a parent project, without @@ -13,6 +13,7 @@ endif() set(src_crypto aes.c aesni.c + aesce.c aria.c asn1parse.c asn1write.c @@ -37,11 +38,11 @@ set(src_crypto ecjpake.c ecp.c ecp_curves.c + ecp_curves_new.c entropy.c entropy_poll.c error.c gcm.c - hash_info.c hkdf.c hmac_drbg.c lmots.c @@ -66,8 +67,9 @@ set(src_crypto psa_crypto_aead.c psa_crypto_cipher.c psa_crypto_client.c - psa_crypto_driver_wrappers.c + psa_crypto_driver_wrappers_no_static.c psa_crypto_ecp.c + psa_crypto_ffdh.c psa_crypto_hash.c psa_crypto_mac.c psa_crypto_pake.c @@ -76,12 +78,14 @@ set(src_crypto psa_crypto_slot_management.c psa_crypto_storage.c psa_its_file.c + psa_util.c ripemd160.c rsa.c rsa_alt_helpers.c sha1.c sha256.c sha512.c + sha3.c threading.c timing.c version.c @@ -95,6 +99,7 @@ set(src_x509 x509_crl.c x509_crt.c x509_csr.c + x509write.c x509write_crt.c x509write_csr.c ) @@ -169,14 +174,16 @@ if(GEN_FILES) add_custom_command( OUTPUT - ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers.c + ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers.h + ${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers_no_static.c COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_driver_wrappers.py ${CMAKE_CURRENT_BINARY_DIR} DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_driver_wrappers.py - ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja ) @@ -184,7 +191,7 @@ else() link_to_source(error.c) link_to_source(version_features.c) link_to_source(ssl_debug_helpers_generated.c) - link_to_source(psa_crypto_driver_wrappers.c) + link_to_source(psa_crypto_driver_wrappers_no_static.c) endif() if(CMAKE_COMPILER_IS_GNUCC) @@ -208,7 +215,7 @@ if(CMAKE_COMPILER_IS_MSVC) endif() if(WIN32) - set(libs ${libs} ws2_32) + set(libs ${libs} ws2_32 bcrypt) endif(WIN32) if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") @@ -261,13 +268,20 @@ if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) ${mbedtls_static_target}) endif() +set(p256m_target "${MBEDTLS_TARGET_PREFIX}p256m") +set(everest_target "${MBEDTLS_TARGET_PREFIX}everest") + if(USE_STATIC_MBEDTLS_LIBRARY) add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) - if(TARGET everest) - target_link_libraries(${mbedcrypto_static_target} PUBLIC everest) + if(TARGET ${everest_target}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${everest_target}) + endif() + + if(TARGET ${p256m_target}) + target_link_libraries(${mbedcrypto_static_target} PUBLIC ${p256m_target}) endif() add_library(${mbedx509_static_target} STATIC ${src_x509}) @@ -282,19 +296,23 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 13) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.0 SOVERSION 15) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) - if(TARGET everest) - target_link_libraries(${mbedcrypto_target} PUBLIC everest) + if(TARGET ${everest_target}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${everest_target}) + endif() + + if(TARGET ${p256m_target}) + target_link_libraries(${mbedcrypto_target} PUBLIC ${p256m_target}) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.3.0 SOVERSION 4) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.0 SOVERSION 6) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 19) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.0 SOVERSION 20) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) @@ -308,7 +326,18 @@ foreach(target IN LISTS target_libraries) target_include_directories(${target} PUBLIC $ $ - PRIVATE ${MBEDTLS_DIR}/library/) + PRIVATE ${MBEDTLS_DIR}/library/ + # Needed to include psa_crypto_driver_wrappers.h + ${CMAKE_CURRENT_BINARY_DIR}) + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(MBEDTLS_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() install( TARGETS ${target} EXPORT MbedTLSTargets diff --git a/library/Makefile b/library/Makefile index dd16d0615..9e2d72310 100644 --- a/library/Makefile +++ b/library/Makefile @@ -39,6 +39,10 @@ APPLE_BUILD ?= 1 endif endif +ifdef WINDOWS_BUILD +LOCAL_LDFLAGS += -lbcrypt +endif + # To compile as a shared library: ifdef SHARED # all code is position-indep with mingw, avoid warning about useless flag @@ -47,9 +51,9 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_TLS?=so.19 -SOEXT_X509?=so.4 -SOEXT_CRYPTO?=so.13 +SOEXT_TLS?=so.20 +SOEXT_X509?=so.6 +SOEXT_CRYPTO?=so.15 # Set AR_DASH= (empty string) to use an ar implementation that does not accept # the - prefix for command line options (e.g. llvm-ar) @@ -78,6 +82,7 @@ endif OBJS_CRYPTO= \ aes.o \ aesni.o \ + aesce.o \ aria.o \ asn1parse.o \ asn1write.o \ @@ -102,11 +107,11 @@ OBJS_CRYPTO= \ ecjpake.o \ ecp.o \ ecp_curves.o \ + ecp_curves_new.o \ entropy.o \ entropy_poll.o \ error.o \ gcm.o \ - hash_info.o \ hkdf.o \ hmac_drbg.o \ lmots.o \ @@ -131,8 +136,9 @@ OBJS_CRYPTO= \ psa_crypto_aead.o \ psa_crypto_cipher.o \ psa_crypto_client.o \ - psa_crypto_driver_wrappers.o \ + psa_crypto_driver_wrappers_no_static.o \ psa_crypto_ecp.o \ + psa_crypto_ffdh.o \ psa_crypto_hash.o \ psa_crypto_mac.o \ psa_crypto_pake.o \ @@ -141,12 +147,14 @@ OBJS_CRYPTO= \ psa_crypto_slot_management.o \ psa_crypto_storage.o \ psa_its_file.o \ + psa_util.o \ ripemd160.o \ rsa.o \ rsa_alt_helpers.o \ sha1.o \ sha256.o \ sha512.o \ + sha3.o \ threading.o \ timing.o \ version.o \ @@ -163,6 +171,7 @@ OBJS_X509= \ x509_crl.o \ x509_crt.o \ x509_csr.o \ + x509write.o \ x509write_crt.o \ x509write_csr.o \ pkcs7.o \ @@ -307,24 +316,33 @@ libmbedcrypto.dll: $(OBJS_CRYPTO) GENERATED_FILES = \ error.c version_features.c \ ssl_debug_helpers_generated.c \ - psa_crypto_driver_wrappers.c + psa_crypto_driver_wrappers.h \ + psa_crypto_driver_wrappers_no_static.c generated_files: $(GENERATED_FILES) -error.c: ../scripts/generate_errors.pl -error.c: ../scripts/data_files/error.fmt -error.c: $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) +# See root Makefile +GEN_FILES ?= yes +ifdef GEN_FILES +gen_file_dep = +else +gen_file_dep = | +endif + +error.c: $(gen_file_dep) ../scripts/generate_errors.pl +error.c: $(gen_file_dep) ../scripts/data_files/error.fmt +error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) error.c: echo " Gen $@" $(PERL) ../scripts/generate_errors.pl -ssl_debug_helpers_generated.c: ../scripts/generate_ssl_debug_helpers.py -ssl_debug_helpers_generated.c: $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) +ssl_debug_helpers_generated.c: $(gen_file_dep) ../scripts/generate_ssl_debug_helpers.py +ssl_debug_helpers_generated.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) ssl_debug_helpers_generated.c: echo " Gen $@" $(PYTHON) ../scripts/generate_ssl_debug_helpers.py --mbedtls-root .. . -version_features.c: ../scripts/generate_features.pl -version_features.c: ../scripts/data_files/version_features.fmt +version_features.c: $(gen_file_dep) ../scripts/generate_features.pl +version_features.c: $(gen_file_dep) ../scripts/data_files/version_features.fmt ## The generated file only depends on the options that are present in mbedtls_config.h, ## not on which options are set. To avoid regenerating this file all the time ## when switching between configurations, don't declare mbedtls_config.h as a @@ -335,12 +353,18 @@ version_features.c: echo " Gen $@" $(PERL) ../scripts/generate_features.pl -psa_crypto_driver_wrappers.c: ../scripts/generate_driver_wrappers.py -psa_crypto_driver_wrappers.c: ../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja -psa_crypto_driver_wrappers.c: - echo " Gen $@" +GENERATED_WRAPPER_FILES = \ + psa_crypto_driver_wrappers.h \ + psa_crypto_driver_wrappers_no_static.c +$(GENERATED_WRAPPER_FILES): ../scripts/generate_driver_wrappers.py +$(GENERATED_WRAPPER_FILES): ../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +$(GENERATED_WRAPPER_FILES): ../scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja +$(GENERATED_WRAPPER_FILES): + echo " Gen $(GENERATED_WRAPPER_FILES)" $(PYTHON) ../scripts/generate_driver_wrappers.py +psa_crypto.o:psa_crypto_driver_wrappers.h + clean: ifndef WINDOWS rm -f *.o libmbed* diff --git a/library/aes.c b/library/aes.c index 566e74715..e6b071a90 100644 --- a/library/aes.c +++ b/library/aes.c @@ -19,7 +19,7 @@ /* * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. * - * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf + * https://csrc.nist.gov/csrc/media/projects/cryptographic-standards-and-guidelines/documents/aes-development/rijndael-ammended.pdf * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf */ @@ -33,19 +33,42 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" + +#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) +#if !((defined(MBEDTLS_ARCH_IS_ARM64) && defined(MBEDTLS_AESCE_C)) || \ + (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \ + (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C))) +#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" +#endif +#endif + +#if defined(MBEDTLS_ARCH_IS_X86) +#if defined(MBEDTLS_PADLOCK_C) +#if !defined(MBEDTLS_HAVE_ASM) +#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites" +#endif +#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) +#error "MBEDTLS_AES_USE_HARDWARE_ONLY cannot be defined when " \ + "MBEDTLS_PADLOCK_C is set" +#endif +#endif +#endif + #if defined(MBEDTLS_PADLOCK_C) #include "padlock.h" #endif #if defined(MBEDTLS_AESNI_C) #include "aesni.h" #endif +#if defined(MBEDTLS_AESCE_C) +#include "aesce.h" +#endif #include "mbedtls/platform.h" #if !defined(MBEDTLS_AES_ALT) -#if defined(MBEDTLS_PADLOCK_C) && \ - (defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16)) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) static int aes_padlock_ace = -1; #endif @@ -53,6 +76,8 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -88,6 +113,8 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables @@ -159,6 +186,7 @@ static const unsigned char FSb[256] = V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t FT0[256] = { FT }; #undef V @@ -179,8 +207,11 @@ static const uint32_t FT3[256] = { FT }; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ + #undef FT +#if !defined(MBEDTLS_AES_DECRYPT_ALT) /* * Reverse S-box */ @@ -219,6 +250,7 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; +#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */ /* * Reverse tables @@ -290,6 +322,8 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) + #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; #undef V @@ -310,46 +344,62 @@ static const uint32_t RT3[256] = { RT }; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ + #undef RT +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ -static const uint32_t RCON[10] = +static const uint32_t round_constants[10] = { 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036 }; +#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ #else /* MBEDTLS_AES_ROM_TABLES */ /* * Forward S-box & tables */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char FSb[256]; +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t FT1[256]; static uint32_t FT2[256]; static uint32_t FT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * Reverse S-box & tables */ +#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) static unsigned char RSb[256]; +#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ + +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ -static uint32_t RCON[10]; +static uint32_t round_constants[10]; /* * Tables generation code @@ -362,25 +412,26 @@ static int aes_init_done = 0; static void aes_gen_tables(void) { - int i, x, y, z; - int pow[256]; - int log[256]; + int i; + uint8_t x, y, z; + uint8_t pow[256]; + uint8_t log[256]; /* * compute pow and log tables over GF(2^8) */ for (i = 0, x = 1; i < 256; i++) { pow[i] = x; - log[x] = i; - x = MBEDTLS_BYTE_0(x ^ XTIME(x)); + log[x] = (uint8_t) i; + x ^= XTIME(x); } /* * calculate the round constants */ for (i = 0, x = 1; i < 10; i++) { - RCON[i] = (uint32_t) x; - x = MBEDTLS_BYTE_0(XTIME(x)); + round_constants[i] = x; + x = XTIME(x); } /* @@ -392,13 +443,13 @@ static void aes_gen_tables(void) for (i = 1; i < 256; i++) { x = pow[255 - log[i]]; - y = x; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); - x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); - x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); - x ^= y; y = MBEDTLS_BYTE_0((y << 1) | (y >> 7)); + y = x; y = (y << 1) | (y >> 7); + x ^= y; y = (y << 1) | (y >> 7); + x ^= y; y = (y << 1) | (y >> 7); + x ^= y; y = (y << 1) | (y >> 7); x ^= y ^ 0x63; - FSb[i] = (unsigned char) x; + FSb[i] = x; RSb[x] = (unsigned char) i; } @@ -407,8 +458,8 @@ static void aes_gen_tables(void) */ for (i = 0; i < 256; i++) { x = FSb[i]; - y = MBEDTLS_BYTE_0(XTIME(x)); - z = MBEDTLS_BYTE_0(y ^ x); + y = XTIME(x); + z = y ^ x; FT0[i] = ((uint32_t) y) ^ ((uint32_t) x << 8) ^ @@ -423,6 +474,7 @@ static void aes_gen_tables(void) x = RSb[i]; +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ ((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x0D, x) << 16) ^ @@ -433,9 +485,12 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ } } +#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ + #undef ROTL8 #endif /* MBEDTLS_AES_ROM_TABLES */ @@ -502,6 +557,58 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) } #endif /* MBEDTLS_CIPHER_MODE_XTS */ +/* Some implementations need the round keys to be aligned. + * Return an offset to be added to buf, such that (buf + offset) is + * correctly aligned. + * Note that the offset is in units of elements of buf, i.e. 32-bit words, + * i.e. an offset of 1 means 4 bytes and so on. + */ +#if (defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)) || \ + (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2) +#define MAY_NEED_TO_ALIGN +#endif + +#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +static unsigned mbedtls_aes_rk_offset(uint32_t *buf) +{ +#if defined(MAY_NEED_TO_ALIGN) + int align_16_bytes = 0; + +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (aes_padlock_ace == -1) { + aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE); + } + if (aes_padlock_ace) { + align_16_bytes = 1; + } +#endif + +#if defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2 + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + align_16_bytes = 1; + } +#endif + + if (align_16_bytes) { + /* These implementations needs 16-byte alignment + * for the round key array. */ + unsigned delta = ((uintptr_t) buf & 0x0000000fU) / 4; + if (delta == 0) { + return 0; + } else { + return 4 - delta; // 16 bytes = 4 uint32_t + } + } +#else /* MAY_NEED_TO_ALIGN */ + (void) buf; +#endif /* MAY_NEED_TO_ALIGN */ + + return 0; +} +#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ + !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ + /* * AES key schedule (encryption) */ @@ -509,13 +616,14 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits) { - unsigned int i; uint32_t *RK; switch (keybits) { case 128: ctx->nr = 10; break; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) case 192: ctx->nr = 12; break; case 256: ctx->nr = 14; break; +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } @@ -526,33 +634,31 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, } #endif - ctx->rk_offset = 0; -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if (aes_padlock_ace == -1) { - aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE); - } - - if (aes_padlock_ace) { - ctx->rk_offset = MBEDTLS_PADLOCK_ALIGN16(ctx->buf) - ctx->buf; - } -#endif + ctx->rk_offset = mbedtls_aes_rk_offset(ctx->buf); RK = ctx->buf + ctx->rk_offset; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) +#if defined(MBEDTLS_AESNI_HAVE_CODE) if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { return mbedtls_aesni_setkey_enc((unsigned char *) RK, key, keybits); } #endif - for (i = 0; i < (keybits >> 5); i++) { +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits); + } +#endif + +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) + for (unsigned int i = 0; i < (keybits >> 5); i++) { RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2); } switch (ctx->nr) { case 10: - for (i = 0; i < 10; i++, RK += 4) { - RK[4] = RK[0] ^ RCON[i] ^ + for (unsigned int i = 0; i < 10; i++, RK += 4) { + RK[4] = RK[0] ^ round_constants[i] ^ ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^ ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] << 8) ^ ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[3])] << 16) ^ @@ -564,10 +670,11 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, } break; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) case 12: - for (i = 0; i < 8; i++, RK += 6) { - RK[6] = RK[0] ^ RCON[i] ^ + for (unsigned int i = 0; i < 8; i++, RK += 6) { + RK[6] = RK[0] ^ round_constants[i] ^ ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^ ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] << 8) ^ ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[5])] << 16) ^ @@ -583,8 +690,8 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, case 14: - for (i = 0; i < 7; i++, RK += 8) { - RK[8] = RK[0] ^ RCON[i] ^ + for (unsigned int i = 0; i < 7; i++, RK += 8) { + RK[8] = RK[0] ^ round_constants[i] ^ ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^ ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] << 8) ^ ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[7])] << 16) ^ @@ -605,9 +712,11 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, RK[15] = RK[7] ^ RK[14]; } break; +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ } return 0; +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } #endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ @@ -618,23 +727,17 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits) { - int i, j, ret; +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) + uint32_t *SK; +#endif + int ret; mbedtls_aes_context cty; uint32_t *RK; - uint32_t *SK; + mbedtls_aes_init(&cty); - ctx->rk_offset = 0; -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16) - if (aes_padlock_ace == -1) { - aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE); - } - - if (aes_padlock_ace) { - ctx->rk_offset = MBEDTLS_PADLOCK_ALIGN16(ctx->buf) - ctx->buf; - } -#endif + ctx->rk_offset = mbedtls_aes_rk_offset(ctx->buf); RK = ctx->buf + ctx->rk_offset; /* Also checks keybits */ @@ -644,7 +747,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, ctx->nr = cty.nr; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) +#if defined(MBEDTLS_AESNI_HAVE_CODE) if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { mbedtls_aesni_inverse_key((unsigned char *) RK, (const unsigned char *) (cty.buf + cty.rk_offset), ctx->nr); @@ -652,15 +755,26 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, } #endif +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + mbedtls_aesce_inverse_key( + (unsigned char *) RK, + (const unsigned char *) (cty.buf + cty.rk_offset), + ctx->nr); + goto exit; + } +#endif + +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) SK = cty.buf + cty.rk_offset + cty.nr * 4; *RK++ = *SK++; *RK++ = *SK++; *RK++ = *SK++; *RK++ = *SK++; - - for (i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8) { - for (j = 0; j < 4; j++, SK++) { + SK -= 8; + for (int i = ctx->nr - 1; i > 0; i--, SK -= 8) { + for (int j = 0; j < 4; j++, SK++) { *RK++ = AES_RT0(FSb[MBEDTLS_BYTE_0(*SK)]) ^ AES_RT1(FSb[MBEDTLS_BYTE_1(*SK)]) ^ AES_RT2(FSb[MBEDTLS_BYTE_2(*SK)]) ^ @@ -672,7 +786,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, *RK++ = *SK++; *RK++ = *SK++; *RK++ = *SK++; - +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ exit: mbedtls_aes_free(&cty); @@ -926,6 +1040,26 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ +#if defined(MAY_NEED_TO_ALIGN) +/* VIA Padlock and our intrinsics-based implementation of AESNI require + * the round keys to be aligned on a 16-byte boundary. We take care of this + * before creating them, but the AES context may have moved (this can happen + * if the library is called from a language with managed memory), and in later + * calls it might have a different alignment with respect to 16-byte memory. + * So we may need to realign. + */ +static void aes_maybe_realign(mbedtls_aes_context *ctx) +{ + unsigned new_offset = mbedtls_aes_rk_offset(ctx->buf); + if (new_offset != ctx->rk_offset) { + memmove(ctx->buf + new_offset, // new address + ctx->buf + ctx->rk_offset, // current address + (ctx->nr + 1) * 16); // number of round keys * bytes per rk + ctx->rk_offset = new_offset; + } +} +#endif + /* * AES-ECB block encryption/decryption */ @@ -938,32 +1072,40 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, return MBEDTLS_ERR_AES_BAD_INPUT_DATA; } -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) +#if defined(MAY_NEED_TO_ALIGN) + aes_maybe_realign(ctx); +#endif + +#if defined(MBEDTLS_AESNI_HAVE_CODE) if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { return mbedtls_aesni_crypt_ecb(ctx, mode, input, output); } #endif -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if (aes_padlock_ace > 0) { - if (mbedtls_padlock_xcryptecb(ctx, mode, input, output) == 0) { - return 0; - } - - // If padlock data misaligned, we just fall back to - // unaccelerated mode - // +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + return mbedtls_aesce_crypt_ecb(ctx, mode, input, output); } #endif +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (aes_padlock_ace > 0) { + return mbedtls_padlock_xcryptecb(ctx, mode, input, output); + } +#endif + +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) if (mode == MBEDTLS_AES_ENCRYPT) { return mbedtls_internal_aes_encrypt(ctx, input, output); } else { return mbedtls_internal_aes_decrypt(ctx, input, output); } +#endif + } #if defined(MBEDTLS_CIPHER_MODE_CBC) + /* * AES-CBC buffer encryption/decryption */ @@ -981,11 +1123,16 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, return MBEDTLS_ERR_AES_BAD_INPUT_DATA; } + /* Nothing to do if length is zero. */ + if (length == 0) { + return 0; + } + if (length % 16) { return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH; } -#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) if (aes_padlock_ace > 0) { if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) { return 0; @@ -997,6 +1144,8 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, } #endif + const unsigned char *ivp = iv; + if (mode == MBEDTLS_AES_DECRYPT) { while (length > 0) { memcpy(temp, input, 16); @@ -1004,8 +1153,10 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, if (ret != 0) { goto exit; } - - mbedtls_xor(output, output, iv, 16); + /* Avoid using the NEON implementation of mbedtls_xor. Because of the dependency on + * the result for the next block in CBC, and the cost of transferring that data from + * NEON registers, NEON is slower on aarch64. */ + mbedtls_xor_no_simd(output, output, iv, 16); memcpy(iv, temp, 16); @@ -1015,18 +1166,19 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx, } } else { while (length > 0) { - mbedtls_xor(output, input, iv, 16); + mbedtls_xor_no_simd(output, input, ivp, 16); ret = mbedtls_aes_crypt_ecb(ctx, mode, output, output); if (ret != 0) { goto exit; } - memcpy(iv, output, 16); + ivp = output; input += 16; output += 16; length -= 16; } + memcpy(iv, ivp, 16); } ret = 0; @@ -1047,8 +1199,11 @@ typedef unsigned char mbedtls_be128[16]; * for machine endianness and hence works correctly on both big and little * endian machines. */ -static void mbedtls_gf128mul_x_ble(unsigned char r[16], - const unsigned char x[16]) +#if defined(MBEDTLS_AESCE_C) || defined(MBEDTLS_AESNI_C) +MBEDTLS_OPTIMIZE_FOR_PERFORMANCE +#endif +static inline void mbedtls_gf128mul_x_ble(unsigned char r[16], + const unsigned char x[16]) { uint64_t a, b, ra, rb; @@ -1064,7 +1219,13 @@ static void mbedtls_gf128mul_x_ble(unsigned char r[16], /* * AES-XTS buffer encryption/decryption + * + * Use of MBEDTLS_OPTIMIZE_FOR_PERFORMANCE here and for mbedtls_gf128mul_x_ble() + * is a 3x performance improvement for gcc -Os, if we have hardware AES support. */ +#if defined(MBEDTLS_AESCE_C) || defined(MBEDTLS_AESNI_C) +MBEDTLS_OPTIMIZE_FOR_PERFORMANCE +#endif int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx, int mode, size_t length, @@ -1101,7 +1262,7 @@ int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx, } while (blocks--) { - if (leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0) { + if (MBEDTLS_UNLIKELY(leftover && (mode == MBEDTLS_AES_DECRYPT) && blocks == 0)) { /* We are on the last block in a decrypt operation that has * leftover bytes, so we need to use the next tweak for this block, * and this tweak for the leftover bytes. Save the current tweak for @@ -1366,45 +1527,53 @@ exit: * * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip */ -static const unsigned char aes_test_ecb_dec[3][16] = +static const unsigned char aes_test_ecb_dec[][16] = { { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58, 0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2, 0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 }, { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D, 0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE } +#endif }; -static const unsigned char aes_test_ecb_enc[3][16] = +static const unsigned char aes_test_ecb_enc[][16] = { { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73, 0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11, 0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 }, { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D, 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 } +#endif }; #if defined(MBEDTLS_CIPHER_MODE_CBC) -static const unsigned char aes_test_cbc_dec[3][16] = +static const unsigned char aes_test_cbc_dec[][16] = { { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73, 0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75, 0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B }, { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75, 0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 } +#endif }; -static const unsigned char aes_test_cbc_enc[3][16] = +static const unsigned char aes_test_cbc_enc[][16] = { { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84, 0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB, 0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 }, { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5, 0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 } +#endif }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1414,10 +1583,11 @@ static const unsigned char aes_test_cbc_enc[3][16] = * * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf */ -static const unsigned char aes_test_cfb128_key[3][32] = +static const unsigned char aes_test_cfb128_key[][32] = { { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, @@ -1425,6 +1595,7 @@ static const unsigned char aes_test_cfb128_key[3][32] = 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } +#endif }; static const unsigned char aes_test_cfb128_iv[16] = @@ -1445,7 +1616,7 @@ static const unsigned char aes_test_cfb128_pt[64] = 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 }; -static const unsigned char aes_test_cfb128_ct[3][64] = +static const unsigned char aes_test_cfb128_ct[][64] = { { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, @@ -1455,6 +1626,7 @@ static const unsigned char aes_test_cfb128_ct[3][64] = 0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF, 0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E, 0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, 0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21, @@ -1471,6 +1643,7 @@ static const unsigned char aes_test_cfb128_ct[3][64] = 0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9, 0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8, 0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 } +#endif }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ @@ -1480,10 +1653,11 @@ static const unsigned char aes_test_cfb128_ct[3][64] = * * https://csrc.nist.gov/publications/detail/sp/800-38a/final */ -static const unsigned char aes_test_ofb_key[3][32] = +static const unsigned char aes_test_ofb_key[][32] = { { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, @@ -1491,6 +1665,7 @@ static const unsigned char aes_test_ofb_key[3][32] = 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } +#endif }; static const unsigned char aes_test_ofb_iv[16] = @@ -1511,7 +1686,7 @@ static const unsigned char aes_test_ofb_pt[64] = 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 }; -static const unsigned char aes_test_ofb_ct[3][64] = +static const unsigned char aes_test_ofb_ct[][64] = { { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, @@ -1521,6 +1696,7 @@ static const unsigned char aes_test_ofb_ct[3][64] = 0x43, 0x44, 0xf7, 0xa8, 0x22, 0x60, 0xed, 0xcc, 0x30, 0x4c, 0x65, 0x28, 0xf6, 0x59, 0xc7, 0x78, 0x66, 0xa5, 0x10, 0xd9, 0xc1, 0xd6, 0xae, 0x5e }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, 0xfc, 0xc2, 0x8b, 0x8d, 0x4c, 0x63, 0x83, 0x7c, @@ -1537,6 +1713,7 @@ static const unsigned char aes_test_ofb_ct[3][64] = 0xf3, 0x9d, 0x1c, 0x5b, 0xba, 0x97, 0xc4, 0x08, 0x01, 0x26, 0x14, 0x1d, 0x67, 0xf3, 0x7b, 0xe8, 0x53, 0x8f, 0x5a, 0x8b, 0xe7, 0x40, 0xe4, 0x84 } +#endif }; #endif /* MBEDTLS_CIPHER_MODE_OFB */ @@ -1547,7 +1724,7 @@ static const unsigned char aes_test_ofb_ct[3][64] = * http://www.faqs.org/rfcs/rfc3686.html */ -static const unsigned char aes_test_ctr_key[3][16] = +static const unsigned char aes_test_ctr_key[][16] = { { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E }, @@ -1557,7 +1734,7 @@ static const unsigned char aes_test_ctr_key[3][16] = 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC } }; -static const unsigned char aes_test_ctr_nonce_counter[3][16] = +static const unsigned char aes_test_ctr_nonce_counter[][16] = { { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, @@ -1567,11 +1744,10 @@ static const unsigned char aes_test_ctr_nonce_counter[3][16] = 0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 } }; -static const unsigned char aes_test_ctr_pt[3][48] = +static const unsigned char aes_test_ctr_pt[][48] = { { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, - { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, @@ -1584,7 +1760,7 @@ static const unsigned char aes_test_ctr_pt[3][48] = 0x20, 0x21, 0x22, 0x23 } }; -static const unsigned char aes_test_ctr_ct[3][48] = +static const unsigned char aes_test_ctr_ct[][48] = { { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79, 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 }, @@ -1704,293 +1880,352 @@ int mbedtls_aes_self_test(int verbose) memset(key, 0, 32); mbedtls_aes_init(&ctx); + if (verbose != 0) { +#if defined(MBEDTLS_AES_ALT) + mbedtls_printf(" AES note: alternative implementation.\n"); +#else /* MBEDTLS_AES_ALT */ +#if defined(MBEDTLS_AESNI_HAVE_CODE) +#if MBEDTLS_AESNI_HAVE_CODE == 1 + mbedtls_printf(" AES note: AESNI code present (assembly implementation).\n"); +#elif MBEDTLS_AESNI_HAVE_CODE == 2 + mbedtls_printf(" AES note: AESNI code present (intrinsics implementation).\n"); +#else +#error "Unrecognised value for MBEDTLS_AESNI_HAVE_CODE" +#endif + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) { + mbedtls_printf(" AES note: using AESNI.\n"); + } else +#endif +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) + if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) { + mbedtls_printf(" AES note: using VIA Padlock.\n"); + } else +#endif +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + mbedtls_printf(" AES note: using AESCE.\n"); + } else +#endif + { +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) + mbedtls_printf(" AES note: built-in implementation.\n"); +#endif + } +#endif /* MBEDTLS_AES_ALT */ + } + /* * ECB mode */ - for (i = 0; i < 6; i++) { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; + { + static const int num_tests = + sizeof(aes_test_ecb_dec) / sizeof(*aes_test_ecb_dec); - if (verbose != 0) { - mbedtls_printf(" AES-ECB-%3u (%s): ", keybits, - (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); - } + for (i = 0; i < num_tests << 1; i++) { + u = i >> 1; + keybits = 128 + u * 64; + mode = i & 1; - memset(buf, 0, 16); + if (verbose != 0) { + mbedtls_printf(" AES-ECB-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - if (mode == MBEDTLS_AES_DECRYPT) { - ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); - aes_tests = aes_test_ecb_dec[u]; - } else { - ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); - aes_tests = aes_test_ecb_enc[u]; - } + memset(buf, 0, 16); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { - mbedtls_printf("skipped\n"); - continue; - } else if (ret != 0) { - goto exit; - } + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); + aes_tests = aes_test_ecb_dec[u]; + } else { + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); + aes_tests = aes_test_ecb_enc[u]; + } - for (j = 0; j < 10000; j++) { - ret = mbedtls_aes_crypt_ecb(&ctx, mode, buf, buf); - if (ret != 0) { + /* + * AES-192 is an optional feature that may be unavailable when + * there is an alternative underlying implementation i.e. when + * MBEDTLS_AES_ALT is defined. + */ + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); + continue; + } else if (ret != 0) { goto exit; } + + for (j = 0; j < 10000; j++) { + ret = mbedtls_aes_crypt_ecb(&ctx, mode, buf, buf); + if (ret != 0) { + goto exit; + } + } + + if (memcmp(buf, aes_tests, 16) != 0) { + ret = 1; + goto exit; + } + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } - if (memcmp(buf, aes_tests, 16) != 0) { - ret = 1; - goto exit; - } - if (verbose != 0) { - mbedtls_printf("passed\n"); + mbedtls_printf("\n"); } } - if (verbose != 0) { - mbedtls_printf("\n"); - } - #if defined(MBEDTLS_CIPHER_MODE_CBC) /* * CBC mode */ - for (i = 0; i < 6; i++) { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; + { + static const int num_tests = + sizeof(aes_test_cbc_dec) / sizeof(*aes_test_cbc_dec); - if (verbose != 0) { - mbedtls_printf(" AES-CBC-%3u (%s): ", keybits, - (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); - } + for (i = 0; i < num_tests << 1; i++) { + u = i >> 1; + keybits = 128 + u * 64; + mode = i & 1; - memset(iv, 0, 16); - memset(prv, 0, 16); - memset(buf, 0, 16); - - if (mode == MBEDTLS_AES_DECRYPT) { - ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); - aes_tests = aes_test_cbc_dec[u]; - } else { - ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); - aes_tests = aes_test_cbc_enc[u]; - } - - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { - mbedtls_printf("skipped\n"); - continue; - } else if (ret != 0) { - goto exit; - } - - for (j = 0; j < 10000; j++) { - if (mode == MBEDTLS_AES_ENCRYPT) { - unsigned char tmp[16]; - - memcpy(tmp, prv, 16); - memcpy(prv, buf, 16); - memcpy(buf, tmp, 16); + if (verbose != 0) { + mbedtls_printf(" AES-CBC-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); } - ret = mbedtls_aes_crypt_cbc(&ctx, mode, 16, iv, buf, buf); - if (ret != 0) { + memset(iv, 0, 16); + memset(prv, 0, 16); + memset(buf, 0, 16); + + if (mode == MBEDTLS_AES_DECRYPT) { + ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); + aes_tests = aes_test_cbc_dec[u]; + } else { + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); + aes_tests = aes_test_cbc_enc[u]; + } + + /* + * AES-192 is an optional feature that may be unavailable when + * there is an alternative underlying implementation i.e. when + * MBEDTLS_AES_ALT is defined. + */ + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); + continue; + } else if (ret != 0) { goto exit; } - } + for (j = 0; j < 10000; j++) { + if (mode == MBEDTLS_AES_ENCRYPT) { + unsigned char tmp[16]; - if (memcmp(buf, aes_tests, 16) != 0) { - ret = 1; - goto exit; + memcpy(tmp, prv, 16); + memcpy(prv, buf, 16); + memcpy(buf, tmp, 16); + } + + ret = mbedtls_aes_crypt_cbc(&ctx, mode, 16, iv, buf, buf); + if (ret != 0) { + goto exit; + } + + } + + if (memcmp(buf, aes_tests, 16) != 0) { + ret = 1; + goto exit; + } + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } if (verbose != 0) { - mbedtls_printf("passed\n"); + mbedtls_printf("\n"); } } - - if (verbose != 0) { - mbedtls_printf("\n"); - } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) /* * CFB128 mode */ - for (i = 0; i < 6; i++) { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; + { + static const int num_tests = + sizeof(aes_test_cfb128_key) / sizeof(*aes_test_cfb128_key); - if (verbose != 0) { - mbedtls_printf(" AES-CFB128-%3u (%s): ", keybits, - (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); - } + for (i = 0; i < num_tests << 1; i++) { + u = i >> 1; + keybits = 128 + u * 64; + mode = i & 1; - memcpy(iv, aes_test_cfb128_iv, 16); - memcpy(key, aes_test_cfb128_key[u], keybits / 8); + if (verbose != 0) { + mbedtls_printf(" AES-CFB128-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - offset = 0; - ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { - mbedtls_printf("skipped\n"); - continue; - } else if (ret != 0) { - goto exit; - } + memcpy(iv, aes_test_cfb128_iv, 16); + memcpy(key, aes_test_cfb128_key[u], keybits / 8); - if (mode == MBEDTLS_AES_DECRYPT) { - memcpy(buf, aes_test_cfb128_ct[u], 64); - aes_tests = aes_test_cfb128_pt; - } else { - memcpy(buf, aes_test_cfb128_pt, 64); - aes_tests = aes_test_cfb128_ct[u]; - } + offset = 0; + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); + /* + * AES-192 is an optional feature that may be unavailable when + * there is an alternative underlying implementation i.e. when + * MBEDTLS_AES_ALT is defined. + */ + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); + continue; + } else if (ret != 0) { + goto exit; + } - ret = mbedtls_aes_crypt_cfb128(&ctx, mode, 64, &offset, iv, buf, buf); - if (ret != 0) { - goto exit; - } + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_cfb128_ct[u], 64); + aes_tests = aes_test_cfb128_pt; + } else { + memcpy(buf, aes_test_cfb128_pt, 64); + aes_tests = aes_test_cfb128_ct[u]; + } - if (memcmp(buf, aes_tests, 64) != 0) { - ret = 1; - goto exit; + ret = mbedtls_aes_crypt_cfb128(&ctx, mode, 64, &offset, iv, buf, buf); + if (ret != 0) { + goto exit; + } + + if (memcmp(buf, aes_tests, 64) != 0) { + ret = 1; + goto exit; + } + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } if (verbose != 0) { - mbedtls_printf("passed\n"); + mbedtls_printf("\n"); } } - - if (verbose != 0) { - mbedtls_printf("\n"); - } #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) /* * OFB mode */ - for (i = 0; i < 6; i++) { - u = i >> 1; - keybits = 128 + u * 64; - mode = i & 1; + { + static const int num_tests = + sizeof(aes_test_ofb_key) / sizeof(*aes_test_ofb_key); - if (verbose != 0) { - mbedtls_printf(" AES-OFB-%3u (%s): ", keybits, - (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); - } + for (i = 0; i < num_tests << 1; i++) { + u = i >> 1; + keybits = 128 + u * 64; + mode = i & 1; - memcpy(iv, aes_test_ofb_iv, 16); - memcpy(key, aes_test_ofb_key[u], keybits / 8); + if (verbose != 0) { + mbedtls_printf(" AES-OFB-%3u (%s): ", keybits, + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - offset = 0; - ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e. when - * MBEDTLS_AES_ALT is defined. - */ - if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { - mbedtls_printf("skipped\n"); - continue; - } else if (ret != 0) { - goto exit; - } + memcpy(iv, aes_test_ofb_iv, 16); + memcpy(key, aes_test_ofb_key[u], keybits / 8); - if (mode == MBEDTLS_AES_DECRYPT) { - memcpy(buf, aes_test_ofb_ct[u], 64); - aes_tests = aes_test_ofb_pt; - } else { - memcpy(buf, aes_test_ofb_pt, 64); - aes_tests = aes_test_ofb_ct[u]; - } + offset = 0; + ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); + /* + * AES-192 is an optional feature that may be unavailable when + * there is an alternative underlying implementation i.e. when + * MBEDTLS_AES_ALT is defined. + */ + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { + mbedtls_printf("skipped\n"); + continue; + } else if (ret != 0) { + goto exit; + } - ret = mbedtls_aes_crypt_ofb(&ctx, 64, &offset, iv, buf, buf); - if (ret != 0) { - goto exit; - } + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_ofb_ct[u], 64); + aes_tests = aes_test_ofb_pt; + } else { + memcpy(buf, aes_test_ofb_pt, 64); + aes_tests = aes_test_ofb_ct[u]; + } - if (memcmp(buf, aes_tests, 64) != 0) { - ret = 1; - goto exit; + ret = mbedtls_aes_crypt_ofb(&ctx, 64, &offset, iv, buf, buf); + if (ret != 0) { + goto exit; + } + + if (memcmp(buf, aes_tests, 64) != 0) { + ret = 1; + goto exit; + } + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } if (verbose != 0) { - mbedtls_printf("passed\n"); + mbedtls_printf("\n"); } } - - if (verbose != 0) { - mbedtls_printf("\n"); - } #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) /* * CTR mode */ - for (i = 0; i < 6; i++) { - u = i >> 1; - mode = i & 1; + { + static const int num_tests = + sizeof(aes_test_ctr_key) / sizeof(*aes_test_ctr_key); - if (verbose != 0) { - mbedtls_printf(" AES-CTR-128 (%s): ", - (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); - } + for (i = 0; i < num_tests << 1; i++) { + u = i >> 1; + mode = i & 1; - memcpy(nonce_counter, aes_test_ctr_nonce_counter[u], 16); - memcpy(key, aes_test_ctr_key[u], 16); + if (verbose != 0) { + mbedtls_printf(" AES-CTR-128 (%s): ", + (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); + } - offset = 0; - if ((ret = mbedtls_aes_setkey_enc(&ctx, key, 128)) != 0) { - goto exit; - } + memcpy(nonce_counter, aes_test_ctr_nonce_counter[u], 16); + memcpy(key, aes_test_ctr_key[u], 16); - len = aes_test_ctr_len[u]; + offset = 0; + if ((ret = mbedtls_aes_setkey_enc(&ctx, key, 128)) != 0) { + goto exit; + } - if (mode == MBEDTLS_AES_DECRYPT) { - memcpy(buf, aes_test_ctr_ct[u], len); - aes_tests = aes_test_ctr_pt[u]; - } else { - memcpy(buf, aes_test_ctr_pt[u], len); - aes_tests = aes_test_ctr_ct[u]; - } + len = aes_test_ctr_len[u]; - ret = mbedtls_aes_crypt_ctr(&ctx, len, &offset, nonce_counter, - stream_block, buf, buf); - if (ret != 0) { - goto exit; - } + if (mode == MBEDTLS_AES_DECRYPT) { + memcpy(buf, aes_test_ctr_ct[u], len); + aes_tests = aes_test_ctr_pt[u]; + } else { + memcpy(buf, aes_test_ctr_pt[u], len); + aes_tests = aes_test_ctr_ct[u]; + } - if (memcmp(buf, aes_tests, len) != 0) { - ret = 1; - goto exit; - } + ret = mbedtls_aes_crypt_ctr(&ctx, len, &offset, nonce_counter, + stream_block, buf, buf); + if (ret != 0) { + goto exit; + } - if (verbose != 0) { - mbedtls_printf("passed\n"); + if (memcmp(buf, aes_tests, len) != 0) { + ret = 1; + goto exit; + } + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } } } @@ -2000,14 +2235,14 @@ int mbedtls_aes_self_test(int verbose) #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) + /* + * XTS mode + */ { static const int num_tests = sizeof(aes_test_xts_key) / sizeof(*aes_test_xts_key); mbedtls_aes_xts_context ctx_xts; - /* - * XTS mode - */ mbedtls_aes_xts_init(&ctx_xts); for (i = 0; i < num_tests << 1; i++) { diff --git a/library/aesce.c b/library/aesce.c new file mode 100644 index 000000000..8b42b034f --- /dev/null +++ b/library/aesce.c @@ -0,0 +1,515 @@ +/* + * Armv8-A Cryptographic Extension support functions for Aarch64 + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ + defined(__clang__) && __clang_major__ >= 4 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. + * + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. + */ +#define __ARM_FEATURE_CRYPTO 1 +/* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions + * + * `__ARM_FEATURE_CRYPTO` is deprecated, but we need to continue to specify it + * for older compilers. + */ +#define __ARM_FEATURE_AES 1 +#define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG +#endif + +#include +#include "common.h" + +#if defined(MBEDTLS_AESCE_C) + +#include "aesce.h" + +#if defined(MBEDTLS_ARCH_IS_ARM64) + +/* Compiler version checks. */ +#if defined(__clang__) +# if __clang_major__ < 4 +# error "Minimum version of Clang for MBEDTLS_AESCE_C is 4.0." +# endif +#elif defined(__GNUC__) +# if __GNUC__ < 6 +# error "Minimum version of GCC for MBEDTLS_AESCE_C is 6.0." +# endif +#elif defined(_MSC_VER) +/* TODO: We haven't verified MSVC from 1920 to 1928. If someone verified that, + * please update this and document of `MBEDTLS_AESCE_C` in + * `mbedtls_config.h`. */ +# if _MSC_VER < 1929 +# error "Minimum version of MSVC for MBEDTLS_AESCE_C is 2019 version 16.11.2." +# endif +#endif + +#ifdef __ARM_NEON +#include +#else +#error "Target does not support NEON instructions" +#endif + +#if !(defined(__ARM_FEATURE_CRYPTO) || defined(__ARM_FEATURE_AES)) || \ + defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) +# if defined(__ARMCOMPILER_VERSION) +# if __ARMCOMPILER_VERSION <= 6090000 +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_AESCE_C" +# else +# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# elif defined(__clang__) +# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__GNUC__) +# pragma GCC push_options +# pragma GCC target ("+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(_MSC_VER) +# error "Required feature(__ARM_FEATURE_AES) is not enabled." +# endif +#endif /* !(__ARM_FEATURE_CRYPTO || __ARM_FEATURE_AES) || + MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */ + +#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) + +#include +#include + +signed char mbedtls_aesce_has_support_result = -1; + +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) +/* + * AES instruction support detection routine + */ +int mbedtls_aesce_has_support_impl(void) +{ + /* To avoid many calls to getauxval, cache the result. This is + * thread-safe, because we store the result in a char so cannot + * be vulnerable to non-atomic updates. + * It is possible that we could end up setting result more than + * once, but that is harmless. + */ + if (mbedtls_aesce_has_support_result == -1) { + unsigned long auxval = getauxval(AT_HWCAP); + if ((auxval & (HWCAP_ASIMD | HWCAP_AES)) == + (HWCAP_ASIMD | HWCAP_AES)) { + mbedtls_aesce_has_support_result = 1; + } else { + mbedtls_aesce_has_support_result = 0; + } + } + return mbedtls_aesce_has_support_result; +} +#endif + +#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */ + +/* Single round of AESCE encryption */ +#define AESCE_ENCRYPT_ROUND \ + block = vaeseq_u8(block, vld1q_u8(keys)); \ + block = vaesmcq_u8(block); \ + keys += 16 +/* Two rounds of AESCE encryption */ +#define AESCE_ENCRYPT_ROUND_X2 AESCE_ENCRYPT_ROUND; AESCE_ENCRYPT_ROUND + +MBEDTLS_OPTIMIZE_FOR_PERFORMANCE +static uint8x16_t aesce_encrypt_block(uint8x16_t block, + unsigned char *keys, + int rounds) +{ + /* 10, 12 or 14 rounds. Unroll loop. */ + if (rounds == 10) { + goto rounds_10; + } + if (rounds == 12) { + goto rounds_12; + } + AESCE_ENCRYPT_ROUND_X2; +rounds_12: + AESCE_ENCRYPT_ROUND_X2; +rounds_10: + AESCE_ENCRYPT_ROUND_X2; + AESCE_ENCRYPT_ROUND_X2; + AESCE_ENCRYPT_ROUND_X2; + AESCE_ENCRYPT_ROUND_X2; + AESCE_ENCRYPT_ROUND; + + /* AES AddRoundKey for the previous round. + * SubBytes, ShiftRows for the final round. */ + block = vaeseq_u8(block, vld1q_u8(keys)); + keys += 16; + + /* Final round: no MixColumns */ + + /* Final AddRoundKey */ + block = veorq_u8(block, vld1q_u8(keys)); + + return block; +} + +/* Single round of AESCE decryption + * + * AES AddRoundKey, SubBytes, ShiftRows + * + * block = vaesdq_u8(block, vld1q_u8(keys)); + * + * AES inverse MixColumns for the next round. + * + * This means that we switch the order of the inverse AddRoundKey and + * inverse MixColumns operations. We have to do this as AddRoundKey is + * done in an atomic instruction together with the inverses of SubBytes + * and ShiftRows. + * + * It works because MixColumns is a linear operation over GF(2^8) and + * AddRoundKey is an exclusive or, which is equivalent to addition over + * GF(2^8). (The inverse of MixColumns needs to be applied to the + * affected round keys separately which has been done when the + * decryption round keys were calculated.) + * + * block = vaesimcq_u8(block); + */ +#define AESCE_DECRYPT_ROUND \ + block = vaesdq_u8(block, vld1q_u8(keys)); \ + block = vaesimcq_u8(block); \ + keys += 16 +/* Two rounds of AESCE decryption */ +#define AESCE_DECRYPT_ROUND_X2 AESCE_DECRYPT_ROUND; AESCE_DECRYPT_ROUND + +static uint8x16_t aesce_decrypt_block(uint8x16_t block, + unsigned char *keys, + int rounds) +{ + /* 10, 12 or 14 rounds. Unroll loop. */ + if (rounds == 10) { + goto rounds_10; + } + if (rounds == 12) { + goto rounds_12; + } + AESCE_DECRYPT_ROUND_X2; +rounds_12: + AESCE_DECRYPT_ROUND_X2; +rounds_10: + AESCE_DECRYPT_ROUND_X2; + AESCE_DECRYPT_ROUND_X2; + AESCE_DECRYPT_ROUND_X2; + AESCE_DECRYPT_ROUND_X2; + AESCE_DECRYPT_ROUND; + + /* The inverses of AES AddRoundKey, SubBytes, ShiftRows finishing up the + * last full round. */ + block = vaesdq_u8(block, vld1q_u8(keys)); + keys += 16; + + /* Inverse AddRoundKey for inverting the initial round key addition. */ + block = veorq_u8(block, vld1q_u8(keys)); + + return block; +} + +/* + * AES-ECB block en(de)cryption + */ +int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) +{ + uint8x16_t block = vld1q_u8(&input[0]); + unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset); + + if (mode == MBEDTLS_AES_ENCRYPT) { + block = aesce_encrypt_block(block, keys, ctx->nr); + } else { + block = aesce_decrypt_block(block, keys, ctx->nr); + } + vst1q_u8(&output[0], block); + + return 0; +} + +/* + * Compute decryption round keys from encryption round keys + */ +void mbedtls_aesce_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, + int nr) +{ + int i, j; + j = nr; + vst1q_u8(invkey, vld1q_u8(fwdkey + j * 16)); + for (i = 1, j--; j > 0; i++, j--) { + vst1q_u8(invkey + i * 16, + vaesimcq_u8(vld1q_u8(fwdkey + j * 16))); + } + vst1q_u8(invkey + i * 16, vld1q_u8(fwdkey + j * 16)); + +} + +static inline uint32_t aes_rot_word(uint32_t word) +{ + return (word << (32 - 8)) | (word >> 8); +} + +static inline uint32_t aes_sub_word(uint32_t in) +{ + uint8x16_t v = vreinterpretq_u8_u32(vdupq_n_u32(in)); + uint8x16_t zero = vdupq_n_u8(0); + + /* vaeseq_u8 does both SubBytes and ShiftRows. Taking the first row yields + * the correct result as ShiftRows doesn't change the first row. */ + v = vaeseq_u8(zero, v); + return vgetq_lane_u32(vreinterpretq_u32_u8(v), 0); +} + +/* + * Key expansion function + */ +static void aesce_setkey_enc(unsigned char *rk, + const unsigned char *key, + const size_t key_bit_length) +{ + static uint8_t const rcon[] = { 0x01, 0x02, 0x04, 0x08, 0x10, + 0x20, 0x40, 0x80, 0x1b, 0x36 }; + /* See https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf + * - Section 5, Nr = Nk + 6 + * - Section 5.2, the length of round keys is Nb*(Nr+1) + */ + const uint32_t key_len_in_words = key_bit_length / 32; /* Nk */ + const size_t round_key_len_in_words = 4; /* Nb */ + const size_t rounds_needed = key_len_in_words + 6; /* Nr */ + const size_t round_keys_len_in_words = + round_key_len_in_words * (rounds_needed + 1); /* Nb*(Nr+1) */ + const uint32_t *rko_end = (uint32_t *) rk + round_keys_len_in_words; + + memcpy(rk, key, key_len_in_words * 4); + + for (uint32_t *rki = (uint32_t *) rk; + rki + key_len_in_words < rko_end; + rki += key_len_in_words) { + + size_t iteration = (rki - (uint32_t *) rk) / key_len_in_words; + uint32_t *rko; + rko = rki + key_len_in_words; + rko[0] = aes_rot_word(aes_sub_word(rki[key_len_in_words - 1])); + rko[0] ^= rcon[iteration] ^ rki[0]; + rko[1] = rko[0] ^ rki[1]; + rko[2] = rko[1] ^ rki[2]; + rko[3] = rko[2] ^ rki[3]; + if (rko + key_len_in_words > rko_end) { + /* Do not write overflow words.*/ + continue; + } +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) + switch (key_bit_length) { + case 128: + break; + case 192: + rko[4] = rko[3] ^ rki[4]; + rko[5] = rko[4] ^ rki[5]; + break; + case 256: + rko[4] = aes_sub_word(rko[3]) ^ rki[4]; + rko[5] = rko[4] ^ rki[5]; + rko[6] = rko[5] ^ rki[6]; + rko[7] = rko[6] ^ rki[7]; + break; + } +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ + } +} + +/* + * Key expansion, wrapper + */ +int mbedtls_aesce_setkey_enc(unsigned char *rk, + const unsigned char *key, + size_t bits) +{ + switch (bits) { + case 128: + case 192: + case 256: + aesce_setkey_enc(rk, key, bits); + break; + default: + return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; + } + + return 0; +} + +#if defined(MBEDTLS_GCM_C) + +#if !defined(__clang__) && defined(__GNUC__) && __GNUC__ == 5 +/* Some intrinsics are not available for GCC 5.X. */ +#define vreinterpretq_p64_u8(a) ((poly64x2_t) a) +#define vreinterpretq_u8_p128(a) ((uint8x16_t) a) +static inline poly64_t vget_low_p64(poly64x2_t __a) +{ + uint64x2_t tmp = (uint64x2_t) (__a); + uint64x1_t lo = vcreate_u64(vgetq_lane_u64(tmp, 0)); + return (poly64_t) (lo); +} +#endif /* !__clang__ && __GNUC__ && __GNUC__ == 5*/ + +/* vmull_p64/vmull_high_p64 wrappers. + * + * Older compilers miss some intrinsic functions for `poly*_t`. We use + * uint8x16_t and uint8x16x3_t as input/output parameters. + */ +#if defined(__GNUC__) && !defined(__clang__) +/* GCC reports incompatible type error without cast. GCC think poly64_t and + * poly64x1_t are different, that is different with MSVC and Clang. */ +#define MBEDTLS_VMULL_P64(a, b) vmull_p64((poly64_t) a, (poly64_t) b) +#else +/* MSVC reports `error C2440: 'type cast'` with cast. Clang does not report + * error with/without cast. And I think poly64_t and poly64x1_t are same, no + * cast for clang also. */ +#define MBEDTLS_VMULL_P64(a, b) vmull_p64(a, b) +#endif +static inline uint8x16_t pmull_low(uint8x16_t a, uint8x16_t b) +{ + + return vreinterpretq_u8_p128( + MBEDTLS_VMULL_P64( + vget_low_p64(vreinterpretq_p64_u8(a)), + vget_low_p64(vreinterpretq_p64_u8(b)) + )); +} + +static inline uint8x16_t pmull_high(uint8x16_t a, uint8x16_t b) +{ + return vreinterpretq_u8_p128( + vmull_high_p64(vreinterpretq_p64_u8(a), + vreinterpretq_p64_u8(b))); +} + +/* GHASH does 128b polynomial multiplication on block in GF(2^128) defined by + * `x^128 + x^7 + x^2 + x + 1`. + * + * Arm64 only has 64b->128b polynomial multipliers, we need to do 4 64b + * multiplies to generate a 128b. + * + * `poly_mult_128` executes polynomial multiplication and outputs 256b that + * represented by 3 128b due to code size optimization. + * + * Output layout: + * | | | | + * |------------|-------------|-------------| + * | ret.val[0] | h3:h2:00:00 | high 128b | + * | ret.val[1] | :m2:m1:00 | middle 128b | + * | ret.val[2] | : :l1:l0 | low 128b | + */ +static inline uint8x16x3_t poly_mult_128(uint8x16_t a, uint8x16_t b) +{ + uint8x16x3_t ret; + uint8x16_t h, m, l; /* retval high/middle/low */ + uint8x16_t c, d, e; + + h = pmull_high(a, b); /* h3:h2:00:00 = a1*b1 */ + l = pmull_low(a, b); /* : :l1:l0 = a0*b0 */ + c = vextq_u8(b, b, 8); /* :c1:c0 = b0:b1 */ + d = pmull_high(a, c); /* :d2:d1:00 = a1*b0 */ + e = pmull_low(a, c); /* :e2:e1:00 = a0*b1 */ + m = veorq_u8(d, e); /* :m2:m1:00 = d + e */ + + ret.val[0] = h; + ret.val[1] = m; + ret.val[2] = l; + return ret; +} + +/* + * Modulo reduction. + * + * See: https://www.researchgate.net/publication/285612706_Implementing_GCM_on_ARMv8 + * + * Section 4.3 + * + * Modular reduction is slightly more complex. Write the GCM modulus as f(z) = + * z^128 +r(z), where r(z) = z^7+z^2+z+ 1. The well known approach is to + * consider that z^128 ≡r(z) (mod z^128 +r(z)), allowing us to write the 256-bit + * operand to be reduced as a(z) = h(z)z^128 +l(z)≡h(z)r(z) + l(z). That is, we + * simply multiply the higher part of the operand by r(z) and add it to l(z). If + * the result is still larger than 128 bits, we reduce again. + */ +static inline uint8x16_t poly_mult_reduce(uint8x16x3_t input) +{ + uint8x16_t const ZERO = vdupq_n_u8(0); + + uint64x2_t r = vreinterpretq_u64_u8(vdupq_n_u8(0x87)); +#if defined(__GNUC__) + /* use 'asm' as an optimisation barrier to prevent loading MODULO from + * memory. It is for GNUC compatible compilers. + */ + asm ("" : "+w" (r)); +#endif + uint8x16_t const MODULO = vreinterpretq_u8_u64(vshrq_n_u64(r, 64 - 8)); + uint8x16_t h, m, l; /* input high/middle/low 128b */ + uint8x16_t c, d, e, f, g, n, o; + h = input.val[0]; /* h3:h2:00:00 */ + m = input.val[1]; /* :m2:m1:00 */ + l = input.val[2]; /* : :l1:l0 */ + c = pmull_high(h, MODULO); /* :c2:c1:00 = reduction of h3 */ + d = pmull_low(h, MODULO); /* : :d1:d0 = reduction of h2 */ + e = veorq_u8(c, m); /* :e2:e1:00 = m2:m1:00 + c2:c1:00 */ + f = pmull_high(e, MODULO); /* : :f1:f0 = reduction of e2 */ + g = vextq_u8(ZERO, e, 8); /* : :g1:00 = e1:00 */ + n = veorq_u8(d, l); /* : :n1:n0 = d1:d0 + l1:l0 */ + o = veorq_u8(n, f); /* o1:o0 = f1:f0 + n1:n0 */ + return veorq_u8(o, g); /* = o1:o0 + g1:00 */ +} + +/* + * GCM multiplication: c = a times b in GF(2^128) + */ +void mbedtls_aesce_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]) +{ + uint8x16_t va, vb, vc; + va = vrbitq_u8(vld1q_u8(&a[0])); + vb = vrbitq_u8(vld1q_u8(&b[0])); + vc = vrbitq_u8(poly_mult_reduce(poly_mult_128(va, vb))); + vst1q_u8(&c[0], vc); +} + +#endif /* MBEDTLS_GCM_C */ + +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) +#pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + +#endif /* MBEDTLS_ARCH_IS_ARM64 */ + +#endif /* MBEDTLS_AESCE_C */ diff --git a/library/aesce.h b/library/aesce.h new file mode 100644 index 000000000..d24c423b8 --- /dev/null +++ b/library/aesce.h @@ -0,0 +1,133 @@ +/** + * \file aesce.h + * + * \brief Support hardware AES acceleration on Armv8-A processors with + * the Armv8-A Cryptographic Extension in AArch64 execution state. + * + * \warning These functions are only for internal use by other library + * functions; you must not call them directly. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef MBEDTLS_AESCE_H +#define MBEDTLS_AESCE_H + +#include "mbedtls/build_info.h" + +#include "mbedtls/aes.h" + + +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) + +#define MBEDTLS_AESCE_HAVE_CODE + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) + +extern signed char mbedtls_aesce_has_support_result; + +/** + * \brief Internal function to detect the crypto extension in CPUs. + * + * \return 1 if CPU has support for the feature, 0 otherwise + */ +int mbedtls_aesce_has_support_impl(void); + +#define MBEDTLS_AESCE_HAS_SUPPORT() (mbedtls_aesce_has_support_result == -1 ? \ + mbedtls_aesce_has_support_impl() : \ + mbedtls_aesce_has_support_result) + +#else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */ + +/* If we are not on Linux, we can't detect support so assume that it's supported. + * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set. + */ +#define MBEDTLS_AESCE_HAS_SUPPORT() 1 + +#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */ + +/** + * \brief Internal AES-ECB block encryption and decryption + * + * \warning This assumes that the context specifies either 10, 12 or 14 + * rounds and will behave incorrectly if this is not the case. + * + * \param ctx AES context + * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT + * \param input 16-byte input block + * \param output 16-byte output block + * + * \return 0 on success (cannot fail) + */ +int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]); + +/** + * \brief Internal GCM multiplication: c = a * b in GF(2^128) + * + * \note This function is only for internal use by other library + * functions; you must not call it directly. + * + * \param c Result + * \param a First operand + * \param b Second operand + * + * \note Both operands and result are bit strings interpreted as + * elements of GF(2^128) as per the GCM spec. + */ +void mbedtls_aesce_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]); + + +/** + * \brief Internal round key inversion. This function computes + * decryption round keys from the encryption round keys. + * + * \param invkey Round keys for the equivalent inverse cipher + * \param fwdkey Original round keys (for encryption) + * \param nr Number of rounds (that is, number of round keys minus one) + */ +void mbedtls_aesce_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, + int nr); + +/** + * \brief Internal key expansion for encryption + * + * \param rk Destination buffer where the round keys are written + * \param key Encryption key + * \param bits Key size in bits (must be 128, 192 or 256) + * + * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH + */ +int mbedtls_aesce_setkey_enc(unsigned char *rk, + const unsigned char *key, + size_t bits); + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */ + +#endif /* MBEDTLS_AESCE_H */ diff --git a/library/aesni.c b/library/aesni.c index d4abb4d6c..5f25a8249 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -18,33 +18,30 @@ */ /* - * [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set - * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/ + * [AES-WP] https://www.intel.com/content/www/us/en/developer/articles/tool/intel-advanced-encryption-standard-aes-instructions-set.html + * [CLMUL-WP] https://www.intel.com/content/www/us/en/develop/download/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode.html */ #include "common.h" #if defined(MBEDTLS_AESNI_C) -#if defined(__has_feature) -#if __has_feature(memory_sanitizer) -#warning \ - "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." -#endif -#endif - #include "aesni.h" #include -/* *INDENT-OFF* */ -#ifndef asm -#define asm __asm +#if defined(MBEDTLS_AESNI_HAVE_CODE) + +#if MBEDTLS_AESNI_HAVE_CODE == 2 +#if !defined(_WIN32) +#include +#else +#include +#endif +#include #endif -/* *INDENT-ON* */ - -#if defined(MBEDTLS_HAVE_X86_64) +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * AES-NI support detection routine */ @@ -54,16 +51,359 @@ int mbedtls_aesni_has_support(unsigned int what) static unsigned int c = 0; if (!done) { +#if MBEDTLS_AESNI_HAVE_CODE == 2 + static unsigned info[4] = { 0, 0, 0, 0 }; +#if defined(_MSC_VER) + __cpuid(info, 1); +#else + __cpuid(1, info[0], info[1], info[2], info[3]); +#endif + c = info[2]; +#else /* AESNI using asm */ asm ("movl $1, %%eax \n\t" "cpuid \n\t" : "=c" (c) : : "eax", "ebx", "edx"); +#endif /* MBEDTLS_AESNI_HAVE_CODE */ done = 1; } return (c & what) != 0; } +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ + +#if MBEDTLS_AESNI_HAVE_CODE == 2 + +/* + * AES-NI AES-ECB block en(de)cryption + */ +int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16]) +{ + const __m128i *rk = (const __m128i *) (ctx->buf + ctx->rk_offset); + unsigned nr = ctx->nr; // Number of remaining rounds + + // Load round key 0 + __m128i state; + memcpy(&state, input, 16); + state = _mm_xor_si128(state, rk[0]); // state ^= *rk; + ++rk; + --nr; + + if (mode == 0) { + while (nr != 0) { + state = _mm_aesdec_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesdeclast_si128(state, *rk); + } else { + while (nr != 0) { + state = _mm_aesenc_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesenclast_si128(state, *rk); + } + + memcpy(output, &state, 16); + return 0; +} + +/* + * GCM multiplication: c = a times b in GF(2^128) + * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. + */ + +static void gcm_clmul(const __m128i aa, const __m128i bb, + __m128i *cc, __m128i *dd) +{ + /* + * Caryless multiplication dd:cc = aa * bb + * using [CLMUL-WP] algorithm 1 (p. 12). + */ + *cc = _mm_clmulepi64_si128(aa, bb, 0x00); // a0*b0 = c1:c0 + *dd = _mm_clmulepi64_si128(aa, bb, 0x11); // a1*b1 = d1:d0 + __m128i ee = _mm_clmulepi64_si128(aa, bb, 0x10); // a0*b1 = e1:e0 + __m128i ff = _mm_clmulepi64_si128(aa, bb, 0x01); // a1*b0 = f1:f0 + ff = _mm_xor_si128(ff, ee); // e1+f1:e0+f0 + ee = ff; // e1+f1:e0+f0 + ff = _mm_srli_si128(ff, 8); // 0:e1+f1 + ee = _mm_slli_si128(ee, 8); // e0+f0:0 + *dd = _mm_xor_si128(*dd, ff); // d1:d0+e1+f1 + *cc = _mm_xor_si128(*cc, ee); // c1+e0+f0:c0 +} + +static void gcm_shift(__m128i *cc, __m128i *dd) +{ + /* [CMUCL-WP] Algorithm 5 Step 1: shift cc:dd one bit to the left, + * taking advantage of [CLMUL-WP] eq 27 (p. 18). */ + // // *cc = r1:r0 + // // *dd = r3:r2 + __m128i cc_lo = _mm_slli_epi64(*cc, 1); // r1<<1:r0<<1 + __m128i dd_lo = _mm_slli_epi64(*dd, 1); // r3<<1:r2<<1 + __m128i cc_hi = _mm_srli_epi64(*cc, 63); // r1>>63:r0>>63 + __m128i dd_hi = _mm_srli_epi64(*dd, 63); // r3>>63:r2>>63 + __m128i xmm5 = _mm_srli_si128(cc_hi, 8); // 0:r1>>63 + cc_hi = _mm_slli_si128(cc_hi, 8); // r0>>63:0 + dd_hi = _mm_slli_si128(dd_hi, 8); // 0:r1>>63 + + *cc = _mm_or_si128(cc_lo, cc_hi); // r1<<1|r0>>63:r0<<1 + *dd = _mm_or_si128(_mm_or_si128(dd_lo, dd_hi), xmm5); // r3<<1|r2>>62:r2<<1|r1>>63 +} + +static __m128i gcm_reduce(__m128i xx) +{ + // // xx = x1:x0 + /* [CLMUL-WP] Algorithm 5 Step 2 */ + __m128i aa = _mm_slli_epi64(xx, 63); // x1<<63:x0<<63 = stuff:a + __m128i bb = _mm_slli_epi64(xx, 62); // x1<<62:x0<<62 = stuff:b + __m128i cc = _mm_slli_epi64(xx, 57); // x1<<57:x0<<57 = stuff:c + __m128i dd = _mm_slli_si128(_mm_xor_si128(_mm_xor_si128(aa, bb), cc), 8); // a+b+c:0 + return _mm_xor_si128(dd, xx); // x1+a+b+c:x0 = d:x0 +} + +static __m128i gcm_mix(__m128i dx) +{ + /* [CLMUL-WP] Algorithm 5 Steps 3 and 4 */ + __m128i ee = _mm_srli_epi64(dx, 1); // e1:x0>>1 = e1:e0' + __m128i ff = _mm_srli_epi64(dx, 2); // f1:x0>>2 = f1:f0' + __m128i gg = _mm_srli_epi64(dx, 7); // g1:x0>>7 = g1:g0' + + // e0'+f0'+g0' is almost e0+f0+g0, except for some missing + // bits carried from d. Now get those bits back in. + __m128i eh = _mm_slli_epi64(dx, 63); // d<<63:stuff + __m128i fh = _mm_slli_epi64(dx, 62); // d<<62:stuff + __m128i gh = _mm_slli_epi64(dx, 57); // d<<57:stuff + __m128i hh = _mm_srli_si128(_mm_xor_si128(_mm_xor_si128(eh, fh), gh), 8); // 0:missing bits of d + + return _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(ee, ff), gg), hh), dx); +} + +void mbedtls_aesni_gcm_mult(unsigned char c[16], + const unsigned char a[16], + const unsigned char b[16]) +{ + __m128i aa, bb, cc, dd; + + /* The inputs are in big-endian order, so byte-reverse them */ + for (size_t i = 0; i < 16; i++) { + ((uint8_t *) &aa)[i] = a[15 - i]; + ((uint8_t *) &bb)[i] = b[15 - i]; + } + + gcm_clmul(aa, bb, &cc, &dd); + gcm_shift(&cc, &dd); + /* + * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1 + * using [CLMUL-WP] algorithm 5 (p. 18). + * Currently dd:cc holds x3:x2:x1:x0 (already shifted). + */ + __m128i dx = gcm_reduce(cc); + __m128i xh = gcm_mix(dx); + cc = _mm_xor_si128(xh, dd); // x3+h1:x2+h0 + + /* Now byte-reverse the outputs */ + for (size_t i = 0; i < 16; i++) { + c[i] = ((uint8_t *) &cc)[15 - i]; + } + + return; +} + +/* + * Compute decryption round keys from encryption round keys + */ +void mbedtls_aesni_inverse_key(unsigned char *invkey, + const unsigned char *fwdkey, int nr) +{ + __m128i *ik = (__m128i *) invkey; + const __m128i *fk = (const __m128i *) fwdkey + nr; + + *ik = *fk; + for (--fk, ++ik; fk > (const __m128i *) fwdkey; --fk, ++ik) { + *ik = _mm_aesimc_si128(*fk); + } + *ik = *fk; +} + +/* + * Key expansion, 128-bit case + */ +static __m128i aesni_set_rk_128(__m128i state, __m128i xword) +{ + /* + * Finish generating the next round key. + * + * On entry state is r3:r2:r1:r0 and xword is X:stuff:stuff:stuff + * with X = rot( sub( r3 ) ) ^ RCON (obtained with AESKEYGENASSIST). + * + * On exit, xword is r7:r6:r5:r4 + * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3 + * and this is returned, to be written to the round key buffer. + */ + xword = _mm_shuffle_epi32(xword, 0xff); // X:X:X:X + xword = _mm_xor_si128(xword, state); // X+r3:X+r2:X+r1:r4 + state = _mm_slli_si128(state, 4); // r2:r1:r0:0 + xword = _mm_xor_si128(xword, state); // X+r3+r2:X+r2+r1:r5:r4 + state = _mm_slli_si128(state, 4); // r1:r0:0:0 + xword = _mm_xor_si128(xword, state); // X+r3+r2+r1:r6:r5:r4 + state = _mm_slli_si128(state, 4); // r0:0:0:0 + state = _mm_xor_si128(xword, state); // r7:r6:r5:r4 + return state; +} + +static void aesni_setkey_enc_128(unsigned char *rk_bytes, + const unsigned char *key) +{ + __m128i *rk = (__m128i *) rk_bytes; + + memcpy(&rk[0], key, 16); + rk[1] = aesni_set_rk_128(rk[0], _mm_aeskeygenassist_si128(rk[0], 0x01)); + rk[2] = aesni_set_rk_128(rk[1], _mm_aeskeygenassist_si128(rk[1], 0x02)); + rk[3] = aesni_set_rk_128(rk[2], _mm_aeskeygenassist_si128(rk[2], 0x04)); + rk[4] = aesni_set_rk_128(rk[3], _mm_aeskeygenassist_si128(rk[3], 0x08)); + rk[5] = aesni_set_rk_128(rk[4], _mm_aeskeygenassist_si128(rk[4], 0x10)); + rk[6] = aesni_set_rk_128(rk[5], _mm_aeskeygenassist_si128(rk[5], 0x20)); + rk[7] = aesni_set_rk_128(rk[6], _mm_aeskeygenassist_si128(rk[6], 0x40)); + rk[8] = aesni_set_rk_128(rk[7], _mm_aeskeygenassist_si128(rk[7], 0x80)); + rk[9] = aesni_set_rk_128(rk[8], _mm_aeskeygenassist_si128(rk[8], 0x1B)); + rk[10] = aesni_set_rk_128(rk[9], _mm_aeskeygenassist_si128(rk[9], 0x36)); +} + +/* + * Key expansion, 192-bit case + */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) +static void aesni_set_rk_192(__m128i *state0, __m128i *state1, __m128i xword, + unsigned char *rk) +{ + /* + * Finish generating the next 6 quarter-keys. + * + * On entry state0 is r3:r2:r1:r0, state1 is stuff:stuff:r5:r4 + * and xword is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON + * (obtained with AESKEYGENASSIST). + * + * On exit, state0 is r9:r8:r7:r6 and state1 is stuff:stuff:r11:r10 + * and those are written to the round key buffer. + */ + xword = _mm_shuffle_epi32(xword, 0x55); // X:X:X:X + xword = _mm_xor_si128(xword, *state0); // X+r3:X+r2:X+r1:X+r0 + *state0 = _mm_slli_si128(*state0, 4); // r2:r1:r0:0 + xword = _mm_xor_si128(xword, *state0); // X+r3+r2:X+r2+r1:X+r1+r0:X+r0 + *state0 = _mm_slli_si128(*state0, 4); // r1:r0:0:0 + xword = _mm_xor_si128(xword, *state0); // X+r3+r2+r1:X+r2+r1+r0:X+r1+r0:X+r0 + *state0 = _mm_slli_si128(*state0, 4); // r0:0:0:0 + xword = _mm_xor_si128(xword, *state0); // X+r3+r2+r1+r0:X+r2+r1+r0:X+r1+r0:X+r0 + *state0 = xword; // = r9:r8:r7:r6 + + xword = _mm_shuffle_epi32(xword, 0xff); // r9:r9:r9:r9 + xword = _mm_xor_si128(xword, *state1); // stuff:stuff:r9+r5:r9+r4 + *state1 = _mm_slli_si128(*state1, 4); // stuff:stuff:r4:0 + xword = _mm_xor_si128(xword, *state1); // stuff:stuff:r9+r5+r4:r9+r4 + *state1 = xword; // = stuff:stuff:r11:r10 + + /* Store state0 and the low half of state1 into rk, which is conceptually + * an array of 24-byte elements. Since 24 is not a multiple of 16, + * rk is not necessarily aligned so just `*rk = *state0` doesn't work. */ + memcpy(rk, state0, 16); + memcpy(rk + 16, state1, 8); +} + +static void aesni_setkey_enc_192(unsigned char *rk, + const unsigned char *key) +{ + /* First round: use original key */ + memcpy(rk, key, 24); + /* aes.c guarantees that rk is aligned on a 16-byte boundary. */ + __m128i state0 = ((__m128i *) rk)[0]; + __m128i state1 = _mm_loadl_epi64(((__m128i *) rk) + 1); + + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x01), rk + 24 * 1); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x02), rk + 24 * 2); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x04), rk + 24 * 3); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x08), rk + 24 * 4); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x10), rk + 24 * 5); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x20), rk + 24 * 6); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x40), rk + 24 * 7); + aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x80), rk + 24 * 8); +} +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ + +/* + * Key expansion, 256-bit case + */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) +static void aesni_set_rk_256(__m128i state0, __m128i state1, __m128i xword, + __m128i *rk0, __m128i *rk1) +{ + /* + * Finish generating the next two round keys. + * + * On entry state0 is r3:r2:r1:r0, state1 is r7:r6:r5:r4 and + * xword is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON + * (obtained with AESKEYGENASSIST). + * + * On exit, *rk0 is r11:r10:r9:r8 and *rk1 is r15:r14:r13:r12 + */ + xword = _mm_shuffle_epi32(xword, 0xff); + xword = _mm_xor_si128(xword, state0); + state0 = _mm_slli_si128(state0, 4); + xword = _mm_xor_si128(xword, state0); + state0 = _mm_slli_si128(state0, 4); + xword = _mm_xor_si128(xword, state0); + state0 = _mm_slli_si128(state0, 4); + state0 = _mm_xor_si128(state0, xword); + *rk0 = state0; + + /* Set xword to stuff:Y:stuff:stuff with Y = subword( r11 ) + * and proceed to generate next round key from there */ + xword = _mm_aeskeygenassist_si128(state0, 0x00); + xword = _mm_shuffle_epi32(xword, 0xaa); + xword = _mm_xor_si128(xword, state1); + state1 = _mm_slli_si128(state1, 4); + xword = _mm_xor_si128(xword, state1); + state1 = _mm_slli_si128(state1, 4); + xword = _mm_xor_si128(xword, state1); + state1 = _mm_slli_si128(state1, 4); + state1 = _mm_xor_si128(state1, xword); + *rk1 = state1; +} + +static void aesni_setkey_enc_256(unsigned char *rk_bytes, + const unsigned char *key) +{ + __m128i *rk = (__m128i *) rk_bytes; + + memcpy(&rk[0], key, 16); + memcpy(&rk[1], key + 16, 16); + + /* + * Main "loop" - Generating one more key than necessary, + * see definition of mbedtls_aes_context.buf + */ + aesni_set_rk_256(rk[0], rk[1], _mm_aeskeygenassist_si128(rk[1], 0x01), &rk[2], &rk[3]); + aesni_set_rk_256(rk[2], rk[3], _mm_aeskeygenassist_si128(rk[3], 0x02), &rk[4], &rk[5]); + aesni_set_rk_256(rk[4], rk[5], _mm_aeskeygenassist_si128(rk[5], 0x04), &rk[6], &rk[7]); + aesni_set_rk_256(rk[6], rk[7], _mm_aeskeygenassist_si128(rk[7], 0x08), &rk[8], &rk[9]); + aesni_set_rk_256(rk[8], rk[9], _mm_aeskeygenassist_si128(rk[9], 0x10), &rk[10], &rk[11]); + aesni_set_rk_256(rk[10], rk[11], _mm_aeskeygenassist_si128(rk[11], 0x20), &rk[12], &rk[13]); + aesni_set_rk_256(rk[12], rk[13], _mm_aeskeygenassist_si128(rk[13], 0x40), &rk[14], &rk[15]); +} +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ + +#else /* MBEDTLS_AESNI_HAVE_CODE == 1 */ + +#if defined(__has_feature) +#if __has_feature(memory_sanitizer) +#warning \ + "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code." +#endif +#endif /* * Binutils needs to be at least 2.19 to support AES-NI instructions. @@ -75,13 +415,13 @@ int mbedtls_aesni_has_support(unsigned int what) * Operand macros are in gas order (src, dst) as opposed to Intel order * (dst, src) in order to blend better into the surrounding assembly code. */ -#define AESDEC ".byte 0x66,0x0F,0x38,0xDE," -#define AESDECLAST ".byte 0x66,0x0F,0x38,0xDF," -#define AESENC ".byte 0x66,0x0F,0x38,0xDC," -#define AESENCLAST ".byte 0x66,0x0F,0x38,0xDD," -#define AESIMC ".byte 0x66,0x0F,0x38,0xDB," -#define AESKEYGENA ".byte 0x66,0x0F,0x3A,0xDF," -#define PCLMULQDQ ".byte 0x66,0x0F,0x3A,0x44," +#define AESDEC(regs) ".byte 0x66,0x0F,0x38,0xDE," regs "\n\t" +#define AESDECLAST(regs) ".byte 0x66,0x0F,0x38,0xDF," regs "\n\t" +#define AESENC(regs) ".byte 0x66,0x0F,0x38,0xDC," regs "\n\t" +#define AESENCLAST(regs) ".byte 0x66,0x0F,0x38,0xDD," regs "\n\t" +#define AESIMC(regs) ".byte 0x66,0x0F,0x38,0xDB," regs "\n\t" +#define AESKEYGENA(regs, imm) ".byte 0x66,0x0F,0x3A,0xDF," regs "," imm "\n\t" +#define PCLMULQDQ(regs, imm) ".byte 0x66,0x0F,0x3A,0x44," regs "," imm "\n\t" #define xmm0_xmm0 "0xC0" #define xmm0_xmm1 "0xC8" @@ -109,25 +449,25 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, "1: \n\t" // encryption loop "movdqu (%1), %%xmm1 \n\t" // load round key - AESENC xmm1_xmm0 "\n\t" // do round - "add $16, %1 \n\t" // point to next round key - "subl $1, %0 \n\t" // loop - "jnz 1b \n\t" - "movdqu (%1), %%xmm1 \n\t" // load round key - AESENCLAST xmm1_xmm0 "\n\t" // last round - "jmp 3f \n\t" + AESENC(xmm1_xmm0) // do round + "add $16, %1 \n\t" // point to next round key + "subl $1, %0 \n\t" // loop + "jnz 1b \n\t" + "movdqu (%1), %%xmm1 \n\t" // load round key + AESENCLAST(xmm1_xmm0) // last round + "jmp 3f \n\t" - "2: \n\t" // decryption loop - "movdqu (%1), %%xmm1 \n\t" - AESDEC xmm1_xmm0 "\n\t" // do round - "add $16, %1 \n\t" - "subl $1, %0 \n\t" - "jnz 2b \n\t" - "movdqu (%1), %%xmm1 \n\t" // load round key - AESDECLAST xmm1_xmm0 "\n\t" // last round + "2: \n\t" // decryption loop + "movdqu (%1), %%xmm1 \n\t" + AESDEC(xmm1_xmm0) // do round + "add $16, %1 \n\t" + "subl $1, %0 \n\t" + "jnz 2b \n\t" + "movdqu (%1), %%xmm1 \n\t" // load round key + AESDECLAST(xmm1_xmm0) // last round - "3: \n\t" - "movdqu %%xmm0, (%4) \n\t" // export output + "3: \n\t" + "movdqu %%xmm0, (%4) \n\t" // export output : : "r" (ctx->nr), "r" (ctx->buf + ctx->rk_offset), "r" (mode), "r" (input), "r" (output) : "memory", "cc", "xmm0", "xmm1"); @@ -158,84 +498,84 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], /* * Caryless multiplication xmm2:xmm1 = xmm0 * xmm1 - * using [CLMUL-WP] algorithm 1 (p. 13). + * using [CLMUL-WP] algorithm 1 (p. 12). */ "movdqa %%xmm1, %%xmm2 \n\t" // copy of b1:b0 "movdqa %%xmm1, %%xmm3 \n\t" // same "movdqa %%xmm1, %%xmm4 \n\t" // same - PCLMULQDQ xmm0_xmm1 ",0x00 \n\t" // a0*b0 = c1:c0 - PCLMULQDQ xmm0_xmm2 ",0x11 \n\t" // a1*b1 = d1:d0 - PCLMULQDQ xmm0_xmm3 ",0x10 \n\t" // a0*b1 = e1:e0 - PCLMULQDQ xmm0_xmm4 ",0x01 \n\t" // a1*b0 = f1:f0 - "pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0 - "movdqa %%xmm4, %%xmm3 \n\t" // same - "psrldq $8, %%xmm4 \n\t" // 0:e1+f1 - "pslldq $8, %%xmm3 \n\t" // e0+f0:0 - "pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1 - "pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0 + PCLMULQDQ(xmm0_xmm1, "0x00") // a0*b0 = c1:c0 + PCLMULQDQ(xmm0_xmm2, "0x11") // a1*b1 = d1:d0 + PCLMULQDQ(xmm0_xmm3, "0x10") // a0*b1 = e1:e0 + PCLMULQDQ(xmm0_xmm4, "0x01") // a1*b0 = f1:f0 + "pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0 + "movdqa %%xmm4, %%xmm3 \n\t" // same + "psrldq $8, %%xmm4 \n\t" // 0:e1+f1 + "pslldq $8, %%xmm3 \n\t" // e0+f0:0 + "pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1 + "pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0 /* * Now shift the result one bit to the left, - * taking advantage of [CLMUL-WP] eq 27 (p. 20) + * taking advantage of [CLMUL-WP] eq 27 (p. 18) */ - "movdqa %%xmm1, %%xmm3 \n\t" // r1:r0 - "movdqa %%xmm2, %%xmm4 \n\t" // r3:r2 - "psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1 - "psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1 - "psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63 - "psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63 - "movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63 - "pslldq $8, %%xmm3 \n\t" // r0>>63:0 - "pslldq $8, %%xmm4 \n\t" // r2>>63:0 - "psrldq $8, %%xmm5 \n\t" // 0:r1>>63 - "por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1 - "por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1 - "por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63 + "movdqa %%xmm1, %%xmm3 \n\t" // r1:r0 + "movdqa %%xmm2, %%xmm4 \n\t" // r3:r2 + "psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1 + "psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1 + "psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63 + "psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63 + "movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63 + "pslldq $8, %%xmm3 \n\t" // r0>>63:0 + "pslldq $8, %%xmm4 \n\t" // r2>>63:0 + "psrldq $8, %%xmm5 \n\t" // 0:r1>>63 + "por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1 + "por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1 + "por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63 /* * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1 - * using [CLMUL-WP] algorithm 5 (p. 20). + * using [CLMUL-WP] algorithm 5 (p. 18). * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted). */ /* Step 2 (1) */ - "movdqa %%xmm1, %%xmm3 \n\t" // x1:x0 - "movdqa %%xmm1, %%xmm4 \n\t" // same - "movdqa %%xmm1, %%xmm5 \n\t" // same - "psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a - "psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b - "psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c + "movdqa %%xmm1, %%xmm3 \n\t" // x1:x0 + "movdqa %%xmm1, %%xmm4 \n\t" // same + "movdqa %%xmm1, %%xmm5 \n\t" // same + "psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a + "psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b + "psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c /* Step 2 (2) */ - "pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b - "pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c - "pslldq $8, %%xmm3 \n\t" // a+b+c:0 - "pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0 + "pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b + "pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c + "pslldq $8, %%xmm3 \n\t" // a+b+c:0 + "pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0 /* Steps 3 and 4 */ - "movdqa %%xmm1,%%xmm0 \n\t" // d:x0 - "movdqa %%xmm1,%%xmm4 \n\t" // same - "movdqa %%xmm1,%%xmm5 \n\t" // same - "psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0' - "psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0' - "psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0' - "pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0' - "pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0' + "movdqa %%xmm1,%%xmm0 \n\t" // d:x0 + "movdqa %%xmm1,%%xmm4 \n\t" // same + "movdqa %%xmm1,%%xmm5 \n\t" // same + "psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0' + "psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0' + "psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0' + "pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0' + "pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0' // e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing // bits carried from d. Now get those\t bits back in. - "movdqa %%xmm1,%%xmm3 \n\t" // d:x0 - "movdqa %%xmm1,%%xmm4 \n\t" // same - "movdqa %%xmm1,%%xmm5 \n\t" // same - "psllq $63, %%xmm3 \n\t" // d<<63:stuff - "psllq $62, %%xmm4 \n\t" // d<<62:stuff - "psllq $57, %%xmm5 \n\t" // d<<57:stuff - "pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff - "pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff - "psrldq $8, %%xmm3 \n\t" // 0:missing bits of d - "pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0 - "pxor %%xmm1, %%xmm0 \n\t" // h1:h0 - "pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0 + "movdqa %%xmm1,%%xmm3 \n\t" // d:x0 + "movdqa %%xmm1,%%xmm4 \n\t" // same + "movdqa %%xmm1,%%xmm5 \n\t" // same + "psllq $63, %%xmm3 \n\t" // d<<63:stuff + "psllq $62, %%xmm4 \n\t" // d<<62:stuff + "psllq $57, %%xmm5 \n\t" // d<<57:stuff + "pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff + "pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff + "psrldq $8, %%xmm3 \n\t" // 0:missing bits of d + "pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0 + "pxor %%xmm1, %%xmm0 \n\t" // h1:h0 + "pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0 - "movdqu %%xmm0, (%2) \n\t" // done + "movdqu %%xmm0, (%2) \n\t" // done : : "r" (aa), "r" (bb), "r" (cc) : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5"); @@ -261,8 +601,8 @@ void mbedtls_aesni_inverse_key(unsigned char *invkey, for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) { asm ("movdqu (%0), %%xmm0 \n\t" - AESIMC xmm0_xmm0 "\n\t" - "movdqu %%xmm0, (%1) \n\t" + AESIMC(xmm0_xmm0) + "movdqu %%xmm0, (%1) \n\t" : : "r" (fk), "r" (ik) : "memory", "xmm0"); @@ -306,16 +646,16 @@ static void aesni_setkey_enc_128(unsigned char *rk, /* Main "loop" */ "2: \n\t" - AESKEYGENA xmm0_xmm1 ",0x01 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x02 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x04 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x08 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x10 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x20 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x40 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x80 \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x1B \n\tcall 1b \n\t" - AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x01") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x02") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x04") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x08") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x10") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x20") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x40") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x80") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x1B") "call 1b \n\t" + AESKEYGENA(xmm0_xmm1, "0x36") "call 1b \n\t" : : "r" (rk), "r" (key) : "memory", "cc", "0"); @@ -324,6 +664,7 @@ static void aesni_setkey_enc_128(unsigned char *rk, /* * Key expansion, 192-bit case */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static void aesni_setkey_enc_192(unsigned char *rk, const unsigned char *key) { @@ -364,23 +705,25 @@ static void aesni_setkey_enc_192(unsigned char *rk, "ret \n\t" "2: \n\t" - AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x08 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x10 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x20 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x80 \n\tcall 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x01") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x02") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x04") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x08") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x10") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x20") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x40") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x80") "call 1b \n\t" : : "r" (rk), "r" (key) : "memory", "cc", "0"); } +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ /* * Key expansion, 256-bit case */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static void aesni_setkey_enc_256(unsigned char *rk, const unsigned char *key) { @@ -414,35 +757,38 @@ static void aesni_setkey_enc_256(unsigned char *rk, /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 ) * and proceed to generate next round key from there */ - AESKEYGENA xmm0_xmm2 ",0x00 \n\t" - "pshufd $0xaa, %%xmm2, %%xmm2 \n\t" - "pxor %%xmm1, %%xmm2 \n\t" - "pslldq $4, %%xmm1 \n\t" - "pxor %%xmm1, %%xmm2 \n\t" - "pslldq $4, %%xmm1 \n\t" - "pxor %%xmm1, %%xmm2 \n\t" - "pslldq $4, %%xmm1 \n\t" - "pxor %%xmm2, %%xmm1 \n\t" - "add $16, %0 \n\t" - "movdqu %%xmm1, (%0) \n\t" - "ret \n\t" + AESKEYGENA(xmm0_xmm2, "0x00") + "pshufd $0xaa, %%xmm2, %%xmm2 \n\t" + "pxor %%xmm1, %%xmm2 \n\t" + "pslldq $4, %%xmm1 \n\t" + "pxor %%xmm1, %%xmm2 \n\t" + "pslldq $4, %%xmm1 \n\t" + "pxor %%xmm1, %%xmm2 \n\t" + "pslldq $4, %%xmm1 \n\t" + "pxor %%xmm2, %%xmm1 \n\t" + "add $16, %0 \n\t" + "movdqu %%xmm1, (%0) \n\t" + "ret \n\t" /* * Main "loop" - Generating one more key than necessary, * see definition of mbedtls_aes_context.buf */ - "2: \n\t" - AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x08 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x10 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x20 \n\tcall 1b \n\t" - AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t" + "2: \n\t" + AESKEYGENA(xmm1_xmm2, "0x01") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x02") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x04") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x08") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x10") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x20") "call 1b \n\t" + AESKEYGENA(xmm1_xmm2, "0x40") "call 1b \n\t" : : "r" (rk), "r" (key) : "memory", "cc", "0"); } +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ + +#endif /* MBEDTLS_AESNI_HAVE_CODE */ /* * Key expansion, wrapper @@ -453,14 +799,16 @@ int mbedtls_aesni_setkey_enc(unsigned char *rk, { switch (bits) { case 128: aesni_setkey_enc_128(rk, key); break; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) case 192: aesni_setkey_enc_192(rk, key); break; case 256: aesni_setkey_enc_256(rk, key); break; +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; } return 0; } -#endif /* MBEDTLS_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_HAVE_CODE */ #endif /* MBEDTLS_AESNI_C */ diff --git a/library/aesni.h b/library/aesni.h index a842fb703..ba1429029 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -32,13 +32,46 @@ #define MBEDTLS_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_CLMUL 0x00000002u -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \ - (defined(__amd64__) || defined(__x86_64__)) && \ - !defined(MBEDTLS_HAVE_X86_64) -#define MBEDTLS_HAVE_X86_64 +#if defined(MBEDTLS_AESNI_C) && \ + (defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_X86)) + +/* Can we do AESNI with intrinsics? + * (Only implemented with certain compilers, only for certain targets.) + */ +#undef MBEDTLS_AESNI_HAVE_INTRINSICS +#if defined(_MSC_VER) +/* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support + * VS 2013 and up for other reasons anyway, so no need to check the version. */ +#define MBEDTLS_AESNI_HAVE_INTRINSICS +#endif +/* GCC-like compilers: currently, we only support intrinsics if the requisite + * target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2` + * or `clang -maes -mpclmul`). */ +#if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__) +#define MBEDTLS_AESNI_HAVE_INTRINSICS #endif -#if defined(MBEDTLS_HAVE_X86_64) +/* Choose the implementation of AESNI, if one is available. + * + * Favor the intrinsics-based implementation if it's available, for better + * maintainability. + * Performance is about the same (see #7380). + * In the long run, we will likely remove the assembly implementation. */ +#if defined(MBEDTLS_AESNI_HAVE_INTRINSICS) +#define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics +#elif defined(MBEDTLS_HAVE_ASM) && \ + defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) +/* Can we do AESNI with inline assembly? + * (Only implemented with gas syntax, only for 64-bit.) + */ +#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly +#elif defined(__GNUC__) +# error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" +#else +#error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available" +#endif + +#if defined(MBEDTLS_AESNI_HAVE_CODE) #ifdef __cplusplus extern "C" { @@ -55,7 +88,11 @@ extern "C" { * * \return 1 if CPU has support for the feature, 0 otherwise */ +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) int mbedtls_aesni_has_support(unsigned int what); +#else +#define mbedtls_aesni_has_support(what) 1 +#endif /** * \brief Internal AES-NI AES-ECB block encryption and decryption @@ -127,6 +164,7 @@ int mbedtls_aesni_setkey_enc(unsigned char *rk, } #endif -#endif /* MBEDTLS_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_HAVE_CODE */ +#endif /* MBEDTLS_AESNI_C */ #endif /* MBEDTLS_AESNI_H */ diff --git a/library/alignment.h b/library/alignment.h index bfc965eae..ab15986e5 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -27,7 +27,22 @@ #include #include -#include "mbedtls/build_info.h" +/* + * Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS for architectures where unaligned memory + * accesses are known to be efficient. + * + * All functions defined here will behave correctly regardless, but might be less + * efficient when this is not defined. + */ +#if defined(__ARM_FEATURE_UNALIGNED) \ + || defined(__i386__) || defined(__amd64__) || defined(__x86_64__) +/* + * __ARM_FEATURE_UNALIGNED is defined where appropriate by armcc, gcc 7, clang 9 + * (and later versions) for Arm v7 and later; all x86 platforms should have + * efficient unaligned access. + */ +#define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS +#endif /** * Read the unsigned 16 bits integer from the given address, which need not @@ -113,7 +128,7 @@ inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) * byte from x, where byte 0 is the least significant byte. */ #define MBEDTLS_BYTE_0(x) ((uint8_t) ((x) & 0xff)) -#define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff)) +#define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff)) #define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff)) #define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff)) #define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff)) @@ -138,13 +153,13 @@ inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) * Detect Clang built-in byteswap routines */ #if defined(__clang__) && defined(__has_builtin) -#if __has_builtin(__builtin_bswap16) +#if __has_builtin(__builtin_bswap16) && !defined(MBEDTLS_BSWAP16) #define MBEDTLS_BSWAP16 __builtin_bswap16 #endif /* __has_builtin(__builtin_bswap16) */ -#if __has_builtin(__builtin_bswap32) +#if __has_builtin(__builtin_bswap32) && !defined(MBEDTLS_BSWAP32) #define MBEDTLS_BSWAP32 __builtin_bswap32 #endif /* __has_builtin(__builtin_bswap32) */ -#if __has_builtin(__builtin_bswap64) +#if __has_builtin(__builtin_bswap64) && !defined(MBEDTLS_BSWAP64) #define MBEDTLS_BSWAP64 __builtin_bswap64 #endif /* __has_builtin(__builtin_bswap64) */ #endif /* defined(__clang__) && defined(__has_builtin) */ @@ -153,13 +168,22 @@ inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) * Detect MSVC built-in byteswap routines */ #if defined(_MSC_VER) +#if !defined(MBEDTLS_BSWAP16) #define MBEDTLS_BSWAP16 _byteswap_ushort +#endif +#if !defined(MBEDTLS_BSWAP32) #define MBEDTLS_BSWAP32 _byteswap_ulong +#endif +#if !defined(MBEDTLS_BSWAP64) #define MBEDTLS_BSWAP64 _byteswap_uint64 +#endif #endif /* defined(_MSC_VER) */ /* Detect armcc built-in byteswap routine */ -#if defined(__ARMCC_VERSION) && (__ARMCC_VERSION >= 410000) +#if defined(__ARMCC_VERSION) && (__ARMCC_VERSION >= 410000) && !defined(MBEDTLS_BSWAP32) +#if defined(__ARM_ACLE) /* ARM Compiler 6 - earlier versions don't need a header */ +#include +#endif #define MBEDTLS_BSWAP32 __rev #endif @@ -194,14 +218,14 @@ static inline uint32_t mbedtls_bswap32(uint32_t x) static inline uint64_t mbedtls_bswap64(uint64_t x) { return - (x & 0x00000000000000ff) << 56 | - (x & 0x000000000000ff00) << 40 | - (x & 0x0000000000ff0000) << 24 | - (x & 0x00000000ff000000) << 8 | - (x & 0x000000ff00000000) >> 8 | - (x & 0x0000ff0000000000) >> 24 | - (x & 0x00ff000000000000) >> 40 | - (x & 0xff00000000000000) >> 56; + (x & 0x00000000000000ffULL) << 56 | + (x & 0x000000000000ff00ULL) << 40 | + (x & 0x0000000000ff0000ULL) << 24 | + (x & 0x00000000ff000000ULL) << 8 | + (x & 0x000000ff00000000ULL) >> 8 | + (x & 0x0000ff0000000000ULL) >> 24 | + (x & 0x00ff000000000000ULL) >> 40 | + (x & 0xff00000000000000ULL) >> 56; } #define MBEDTLS_BSWAP64 mbedtls_bswap64 #endif /* !defined(MBEDTLS_BSWAP64) */ @@ -222,8 +246,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the four bytes to build the 32 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT32_BE(data, offset) \ - ((MBEDTLS_IS_BIG_ENDIAN) \ +#define MBEDTLS_GET_UINT32_BE(data, offset) \ + ((MBEDTLS_IS_BIG_ENDIAN) \ ? mbedtls_get_unaligned_uint32((data) + (offset)) \ : MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \ ) @@ -237,11 +261,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * \param offset Offset from \p data where to put the most significant * byte of the 32 bits unsigned integer \p n. */ -#define MBEDTLS_PUT_UINT32_BE(n, data, offset) \ +#define MBEDTLS_PUT_UINT32_BE(n, data, offset) \ { \ - if (MBEDTLS_IS_BIG_ENDIAN) \ + if (MBEDTLS_IS_BIG_ENDIAN) \ { \ - mbedtls_put_unaligned_uint32((data) + (offset), (uint32_t) (n)); \ + mbedtls_put_unaligned_uint32((data) + (offset), (uint32_t) (n)); \ } \ else \ { \ @@ -258,8 +282,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the four bytes to build the 32 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT32_LE(data, offset) \ - ((MBEDTLS_IS_BIG_ENDIAN) \ +#define MBEDTLS_GET_UINT32_LE(data, offset) \ + ((MBEDTLS_IS_BIG_ENDIAN) \ ? MBEDTLS_BSWAP32(mbedtls_get_unaligned_uint32((data) + (offset))) \ : mbedtls_get_unaligned_uint32((data) + (offset)) \ ) @@ -274,15 +298,15 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * \param offset Offset from \p data where to put the least significant * byte of the 32 bits unsigned integer \p n. */ -#define MBEDTLS_PUT_UINT32_LE(n, data, offset) \ +#define MBEDTLS_PUT_UINT32_LE(n, data, offset) \ { \ - if (MBEDTLS_IS_BIG_ENDIAN) \ + if (MBEDTLS_IS_BIG_ENDIAN) \ { \ mbedtls_put_unaligned_uint32((data) + (offset), MBEDTLS_BSWAP32((uint32_t) (n))); \ } \ else \ { \ - mbedtls_put_unaligned_uint32((data) + (offset), ((uint32_t) (n))); \ + mbedtls_put_unaligned_uint32((data) + (offset), ((uint32_t) (n))); \ } \ } @@ -295,8 +319,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the two bytes to build the 16 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT16_LE(data, offset) \ - ((MBEDTLS_IS_BIG_ENDIAN) \ +#define MBEDTLS_GET_UINT16_LE(data, offset) \ + ((MBEDTLS_IS_BIG_ENDIAN) \ ? MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \ : mbedtls_get_unaligned_uint16((data) + (offset)) \ ) @@ -310,15 +334,15 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * \param offset Offset from \p data where to put the least significant * byte of the 16 bits unsigned integer \p n. */ -#define MBEDTLS_PUT_UINT16_LE(n, data, offset) \ +#define MBEDTLS_PUT_UINT16_LE(n, data, offset) \ { \ - if (MBEDTLS_IS_BIG_ENDIAN) \ + if (MBEDTLS_IS_BIG_ENDIAN) \ { \ mbedtls_put_unaligned_uint16((data) + (offset), MBEDTLS_BSWAP16((uint16_t) (n))); \ } \ else \ { \ - mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \ + mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \ } \ } @@ -331,8 +355,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the two bytes to build the 16 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT16_BE(data, offset) \ - ((MBEDTLS_IS_BIG_ENDIAN) \ +#define MBEDTLS_GET_UINT16_BE(data, offset) \ + ((MBEDTLS_IS_BIG_ENDIAN) \ ? mbedtls_get_unaligned_uint16((data) + (offset)) \ : MBEDTLS_BSWAP16(mbedtls_get_unaligned_uint16((data) + (offset))) \ ) @@ -346,11 +370,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * \param offset Offset from \p data where to put the most significant * byte of the 16 bits unsigned integer \p n. */ -#define MBEDTLS_PUT_UINT16_BE(n, data, offset) \ +#define MBEDTLS_PUT_UINT16_BE(n, data, offset) \ { \ - if (MBEDTLS_IS_BIG_ENDIAN) \ + if (MBEDTLS_IS_BIG_ENDIAN) \ { \ - mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \ + mbedtls_put_unaligned_uint16((data) + (offset), (uint16_t) (n)); \ } \ else \ { \ @@ -367,11 +391,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the three bytes to build the 24 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT24_BE(data, offset) \ - ( \ - ((uint32_t) (data)[(offset)] << 16) \ - | ((uint32_t) (data)[(offset) + 1] << 8) \ - | ((uint32_t) (data)[(offset) + 2]) \ +#define MBEDTLS_GET_UINT24_BE(data, offset) \ + ( \ + ((uint32_t) (data)[(offset)] << 16) \ + | ((uint32_t) (data)[(offset) + 1] << 8) \ + | ((uint32_t) (data)[(offset) + 2]) \ ) /** @@ -384,8 +408,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the 24 bits unsigned integer \p n. */ #define MBEDTLS_PUT_UINT24_BE(n, data, offset) \ - { \ - (data)[(offset)] = MBEDTLS_BYTE_2(n); \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_2(n); \ (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ (data)[(offset) + 2] = MBEDTLS_BYTE_0(n); \ } @@ -399,9 +423,9 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the three bytes to build the 24 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT24_LE(data, offset) \ - ( \ - ((uint32_t) (data)[(offset)]) \ +#define MBEDTLS_GET_UINT24_LE(data, offset) \ + ( \ + ((uint32_t) (data)[(offset)]) \ | ((uint32_t) (data)[(offset) + 1] << 8) \ | ((uint32_t) (data)[(offset) + 2] << 16) \ ) @@ -416,8 +440,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the 24 bits unsigned integer \p n. */ #define MBEDTLS_PUT_UINT24_LE(n, data, offset) \ - { \ - (data)[(offset)] = MBEDTLS_BYTE_0(n); \ + { \ + (data)[(offset)] = MBEDTLS_BYTE_0(n); \ (data)[(offset) + 1] = MBEDTLS_BYTE_1(n); \ (data)[(offset) + 2] = MBEDTLS_BYTE_2(n); \ } @@ -431,8 +455,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the eight bytes to build the 64 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT64_BE(data, offset) \ - ((MBEDTLS_IS_BIG_ENDIAN) \ +#define MBEDTLS_GET_UINT64_BE(data, offset) \ + ((MBEDTLS_IS_BIG_ENDIAN) \ ? mbedtls_get_unaligned_uint64((data) + (offset)) \ : MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \ ) @@ -446,11 +470,11 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * \param offset Offset from \p data where to put the most significant * byte of the 64 bits unsigned integer \p n. */ -#define MBEDTLS_PUT_UINT64_BE(n, data, offset) \ +#define MBEDTLS_PUT_UINT64_BE(n, data, offset) \ { \ - if (MBEDTLS_IS_BIG_ENDIAN) \ + if (MBEDTLS_IS_BIG_ENDIAN) \ { \ - mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \ + mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \ } \ else \ { \ @@ -467,8 +491,8 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * byte of the eight bytes to build the 64 bits unsigned * integer from. */ -#define MBEDTLS_GET_UINT64_LE(data, offset) \ - ((MBEDTLS_IS_BIG_ENDIAN) \ +#define MBEDTLS_GET_UINT64_LE(data, offset) \ + ((MBEDTLS_IS_BIG_ENDIAN) \ ? MBEDTLS_BSWAP64(mbedtls_get_unaligned_uint64((data) + (offset))) \ : mbedtls_get_unaligned_uint64((data) + (offset)) \ ) @@ -482,15 +506,15 @@ static const uint16_t mbedtls_byte_order_detector = { 0x100 }; * \param offset Offset from \p data where to put the least significant * byte of the 64 bits unsigned integer \p n. */ -#define MBEDTLS_PUT_UINT64_LE(n, data, offset) \ +#define MBEDTLS_PUT_UINT64_LE(n, data, offset) \ { \ - if (MBEDTLS_IS_BIG_ENDIAN) \ + if (MBEDTLS_IS_BIG_ENDIAN) \ { \ mbedtls_put_unaligned_uint64((data) + (offset), MBEDTLS_BSWAP64((uint64_t) (n))); \ } \ else \ { \ - mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \ + mbedtls_put_unaligned_uint64((data) + (offset), (uint64_t) (n)); \ } \ } diff --git a/library/asn1parse.c b/library/asn1parse.c index d257ef438..abdd0b1bd 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -19,7 +19,7 @@ #include "common.h" -#if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" @@ -47,47 +47,18 @@ int mbedtls_asn1_get_len(unsigned char **p, if ((**p & 0x80) == 0) { *len = *(*p)++; } else { - switch (**p & 0x7F) { - case 1: - if ((end - *p) < 2) { - return MBEDTLS_ERR_ASN1_OUT_OF_DATA; - } - - *len = (*p)[1]; - (*p) += 2; - break; - - case 2: - if ((end - *p) < 3) { - return MBEDTLS_ERR_ASN1_OUT_OF_DATA; - } - - *len = ((size_t) (*p)[1] << 8) | (*p)[2]; - (*p) += 3; - break; - - case 3: - if ((end - *p) < 4) { - return MBEDTLS_ERR_ASN1_OUT_OF_DATA; - } - - *len = ((size_t) (*p)[1] << 16) | - ((size_t) (*p)[2] << 8) | (*p)[3]; - (*p) += 4; - break; - - case 4: - if ((end - *p) < 5) { - return MBEDTLS_ERR_ASN1_OUT_OF_DATA; - } - - *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) | - ((size_t) (*p)[3] << 8) | (*p)[4]; - (*p) += 5; - break; - - default: - return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + int n = (**p) & 0x7F; + if (n == 0 || n > 4) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } + if ((end - *p) <= n) { + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + *len = 0; + (*p)++; + while (n--) { + *len = (*len << 8) | **p; + (*p)++; } } @@ -114,7 +85,9 @@ int mbedtls_asn1_get_tag(unsigned char **p, return mbedtls_asn1_get_len(p, end, len); } +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ +#if defined(MBEDTLS_ASN1_PARSE_C) int mbedtls_asn1_get_bool(unsigned char **p, const unsigned char *end, int *val) diff --git a/library/asn1write.c b/library/asn1write.c index b9d586aef..2e9b98ad5 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -19,7 +19,7 @@ #include "common.h" -#if defined(MBEDTLS_ASN1_WRITE_C) +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) #include "mbedtls/asn1write.h" #include "mbedtls/error.h" @@ -28,68 +28,40 @@ #include "mbedtls/platform.h" +#if defined(MBEDTLS_ASN1_PARSE_C) +#include "mbedtls/asn1.h" +#endif + int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, size_t len) { - if (len < 0x80) { - if (*p - start < 1) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - - *--(*p) = (unsigned char) len; - return 1; - } - - if (len <= 0xFF) { - if (*p - start < 2) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - - *--(*p) = (unsigned char) len; - *--(*p) = 0x81; - return 2; - } - - if (len <= 0xFFFF) { - if (*p - start < 3) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - - *--(*p) = MBEDTLS_BYTE_0(len); - *--(*p) = MBEDTLS_BYTE_1(len); - *--(*p) = 0x82; - return 3; - } - - if (len <= 0xFFFFFF) { - if (*p - start < 4) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - - *--(*p) = MBEDTLS_BYTE_0(len); - *--(*p) = MBEDTLS_BYTE_1(len); - *--(*p) = MBEDTLS_BYTE_2(len); - *--(*p) = 0x83; - return 4; - } - - int len_is_valid = 1; #if SIZE_MAX > 0xFFFFFFFF - len_is_valid = (len <= 0xFFFFFFFF); + if (len > 0xFFFFFFFF) { + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + } #endif - if (len_is_valid) { - if (*p - start < 5) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - *--(*p) = MBEDTLS_BYTE_0(len); - *--(*p) = MBEDTLS_BYTE_1(len); - *--(*p) = MBEDTLS_BYTE_2(len); - *--(*p) = MBEDTLS_BYTE_3(len); - *--(*p) = 0x84; - return 5; + int required = 1; + + if (len >= 0x80) { + for (size_t l = len; l != 0; l >>= 8) { + required++; + } } - return MBEDTLS_ERR_ASN1_INVALID_LENGTH; + if (required > (*p - start)) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + do { + *--(*p) = MBEDTLS_BYTE_0(len); + len >>= 8; + } while (len); + + if (required > 1) { + *--(*p) = (unsigned char) (0x80 + required - 1); + } + + return required; } int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag) @@ -102,6 +74,21 @@ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsign return 1; } +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */ + +#if defined(MBEDTLS_ASN1_WRITE_C) +static int mbedtls_asn1_write_len_and_tag(unsigned char **p, + const unsigned char *start, + size_t len, + unsigned char tag) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); + + return (int) len; +} int mbedtls_asn1_write_raw_buffer(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t size) @@ -154,10 +141,7 @@ int mbedtls_asn1_write_mpi(unsigned char **p, const unsigned char *start, const len += 1; } - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER)); - - ret = (int) len; + ret = mbedtls_asn1_write_len_and_tag(p, start, len, MBEDTLS_ASN1_INTEGER); cleanup: return ret; @@ -166,15 +150,9 @@ cleanup: int mbedtls_asn1_write_null(unsigned char **p, const unsigned char *start) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - // Write NULL // - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, 0, MBEDTLS_ASN1_NULL); } int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start, @@ -185,38 +163,39 @@ int mbedtls_asn1_write_oid(unsigned char **p, const unsigned char *start, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, (const unsigned char *) oid, oid_len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, MBEDTLS_ASN1_OID); } int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, const unsigned char *start, const char *oid, size_t oid_len, size_t par_len) +{ + return mbedtls_asn1_write_algorithm_identifier_ext(p, start, oid, oid_len, par_len, 1); +} + +int mbedtls_asn1_write_algorithm_identifier_ext(unsigned char **p, const unsigned char *start, + const char *oid, size_t oid_len, + size_t par_len, int has_par) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - if (par_len == 0) { - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start)); - } else { - len += par_len; + if (has_par) { + if (par_len == 0) { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start)); + } else { + len += par_len; + } } MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); } int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start, int boolean) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; if (*p - start < 1) { @@ -226,15 +205,11 @@ int mbedtls_asn1_write_bool(unsigned char **p, const unsigned char *start, int b *--(*p) = (boolean) ? 255 : 0; len++; - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, MBEDTLS_ASN1_BOOLEAN); } static int asn1_write_tagged_int(unsigned char **p, const unsigned char *start, int val, int tag) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; do { @@ -254,10 +229,7 @@ static int asn1_write_tagged_int(unsigned char **p, const unsigned char *start, len += 1; } - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, tag); } int mbedtls_asn1_write_int(unsigned char **p, const unsigned char *start, int val) @@ -280,10 +252,7 @@ int mbedtls_asn1_write_tagged_string(unsigned char **p, const unsigned char *sta (const unsigned char *) text, text_len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, tag); } int mbedtls_asn1_write_utf8_string(unsigned char **p, const unsigned char *start, @@ -352,7 +321,6 @@ int mbedtls_asn1_write_named_bitstring(unsigned char **p, int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start, const unsigned char *buf, size_t bits) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; size_t unused_bits, byte_len; @@ -376,10 +344,7 @@ int mbedtls_asn1_write_bitstring(unsigned char **p, const unsigned char *start, /* Write unused bits */ *--(*p) = (unsigned char) unused_bits; - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, MBEDTLS_ASN1_BIT_STRING); } int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *start, @@ -390,13 +355,11 @@ int mbedtls_asn1_write_octet_string(unsigned char **p, const unsigned char *star MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING)); - - return (int) len; + return mbedtls_asn1_write_len_and_tag(p, start, len, MBEDTLS_ASN1_OCTET_STRING); } +#if !defined(MBEDTLS_ASN1_PARSE_C) /* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(), * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */ static mbedtls_asn1_named_data *asn1_find_named_data( @@ -414,6 +377,10 @@ static mbedtls_asn1_named_data *asn1_find_named_data( return list; } +#else +#define asn1_find_named_data(list, oid, len) \ + ((mbedtls_asn1_named_data *) mbedtls_asn1_find_named_data(list, oid, len)) +#endif mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **head, diff --git a/library/base64.c b/library/base64.c index 417061064..fa22e5375 100644 --- a/library/base64.c +++ b/library/base64.c @@ -17,11 +17,14 @@ * limitations under the License. */ +#include + #include "common.h" #if defined(MBEDTLS_BASE64_C) #include "mbedtls/base64.h" +#include "base64_internal.h" #include "constant_time_internal.h" #include @@ -31,7 +34,38 @@ #include "mbedtls/platform.h" #endif /* MBEDTLS_SELF_TEST */ -#define BASE64_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */ +MBEDTLS_STATIC_TESTABLE +unsigned char mbedtls_ct_base64_enc_char(unsigned char value) +{ + unsigned char digit = 0; + /* For each range of values, if value is in that range, mask digit with + * the corresponding value. Since value can only be in a single range, + * only at most one masking will change digit. */ + digit |= mbedtls_ct_uchar_in_range_if(0, 25, value, 'A' + value); + digit |= mbedtls_ct_uchar_in_range_if(26, 51, value, 'a' + value - 26); + digit |= mbedtls_ct_uchar_in_range_if(52, 61, value, '0' + value - 52); + digit |= mbedtls_ct_uchar_in_range_if(62, 62, value, '+'); + digit |= mbedtls_ct_uchar_in_range_if(63, 63, value, '/'); + return digit; +} + +MBEDTLS_STATIC_TESTABLE +signed char mbedtls_ct_base64_dec_value(unsigned char c) +{ + unsigned char val = 0; + /* For each range of digits, if c is in that range, mask val with + * the corresponding value. Since c can only be in a single range, + * only at most one masking will change val. Set val to one plus + * the desired value so that it stays 0 if c is in none of the ranges. */ + val |= mbedtls_ct_uchar_in_range_if('A', 'Z', c, c - 'A' + 0 + 1); + val |= mbedtls_ct_uchar_in_range_if('a', 'z', c, c - 'a' + 26 + 1); + val |= mbedtls_ct_uchar_in_range_if('0', '9', c, c - '0' + 52 + 1); + val |= mbedtls_ct_uchar_in_range_if('+', '+', c, c - '+' + 62 + 1); + val |= mbedtls_ct_uchar_in_range_if('/', '/', c, c - '/' + 63 + 1); + /* At this point, val is 0 if c is an invalid digit and v+1 if c is + * a digit with the value v. */ + return val - 1; +} /* * Encode a buffer into base64 format @@ -50,8 +84,8 @@ int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, n = slen / 3 + (slen % 3 != 0); - if (n > (BASE64_SIZE_T_MAX - 1) / 4) { - *olen = BASE64_SIZE_T_MAX; + if (n > (SIZE_MAX - 1) / 4) { + *olen = SIZE_MAX; return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL; } diff --git a/library/base64_internal.h b/library/base64_internal.h new file mode 100644 index 000000000..f9f56d78d --- /dev/null +++ b/library/base64_internal.h @@ -0,0 +1,57 @@ +/** + * \file base64_internal.h + * + * \brief RFC 1521 base64 encoding/decoding: interfaces for invasive testing + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_BASE64_INTERNAL +#define MBEDTLS_BASE64_INTERNAL + +#include "common.h" + +#if defined(MBEDTLS_TEST_HOOKS) + +/** Given a value in the range 0..63, return the corresponding Base64 digit. + * + * The implementation assumes that letters are consecutive (e.g. ASCII + * but not EBCDIC). + * + * \param value A value in the range 0..63. + * + * \return A base64 digit converted from \p value. + */ +unsigned char mbedtls_ct_base64_enc_char(unsigned char value); + +/** Given a Base64 digit, return its value. + * + * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), + * return -1. + * + * The implementation assumes that letters are consecutive (e.g. ASCII + * but not EBCDIC). + * + * \param c A base64 digit. + * + * \return The value of the base64 digit \p c. + */ +signed char mbedtls_ct_base64_dec_value(unsigned char c); + +#endif /* MBEDTLS_TEST_HOOKS */ + +#endif /* MBEDTLS_BASE64_INTERNAL */ diff --git a/library/bignum.c b/library/bignum.c index 9bc1c2d43..7c265e04d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -54,13 +54,136 @@ #define MPI_VALIDATE(cond) \ MBEDTLS_INTERNAL_VALIDATE(cond) -#define MPI_SIZE_T_MAX ((size_t) -1) /* SIZE_T_MAX is not standard */ +/* + * Compare signed values in constant time + */ +int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, + const mbedtls_mpi *Y, + unsigned *ret) +{ + mbedtls_ct_condition_t different_sign, X_is_negative, Y_is_negative, result; + + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); + MPI_VALIDATE_RET(ret != NULL); + + if (X->n != Y->n) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + } + + /* + * Set N_is_negative to MBEDTLS_CT_FALSE if N >= 0, MBEDTLS_CT_TRUE if N < 0. + * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. + */ + X_is_negative = mbedtls_ct_bool((X->s & 2) >> 1); + Y_is_negative = mbedtls_ct_bool((Y->s & 2) >> 1); + + /* + * If the signs are different, then the positive operand is the bigger. + * That is if X is negative (X_is_negative == 1), then X < Y is true and it + * is false if X is positive (X_is_negative == 0). + */ + different_sign = mbedtls_ct_bool_ne(X_is_negative, Y_is_negative); // true if different sign + result = mbedtls_ct_bool_and(different_sign, X_is_negative); + + /* + * Assuming signs are the same, compare X and Y. We switch the comparison + * order if they are negative so that we get the right result, regardles of + * sign. + */ + + /* This array is used to conditionally swap the pointers in const time */ + void * const p[2] = { X->p, Y->p }; + size_t i = mbedtls_ct_size_if_else_0(X_is_negative, 1); + mbedtls_ct_condition_t lt = mbedtls_mpi_core_lt_ct(p[i], p[i ^ 1], X->n); + + /* + * Store in result iff the signs are the same (i.e., iff different_sign == false). If + * the signs differ, result has already been set, so we don't change it. + */ + result = mbedtls_ct_bool_or(result, + mbedtls_ct_bool_and(mbedtls_ct_bool_not(different_sign), lt)); + + *ret = mbedtls_ct_uint_if_else_0(result, 1); + + return 0; +} + +/* + * Conditionally assign X = Y, without leaking information + * about whether the assignment was made or not. + * (Leaking information about the respective sizes of X and Y is ok however.) + */ +#if defined(_MSC_VER) && defined(_M_ARM64) && (_MSC_FULL_VER < 193131103) +/* + * MSVC miscompiles this function if it's inlined prior to Visual Studio 2022 version 17.1. See: + * https://developercommunity.visualstudio.com/t/c-compiler-miscompiles-part-of-mbedtls-library-on/1646989 + */ +__declspec(noinline) +#endif +int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, + const mbedtls_mpi *Y, + unsigned char assign) +{ + int ret = 0; + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); + + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); + + { + mbedtls_ct_condition_t do_assign = mbedtls_ct_bool(assign); + + X->s = (int) mbedtls_ct_uint_if(do_assign, Y->s, X->s); + + mbedtls_mpi_core_cond_assign(X->p, Y->p, Y->n, do_assign); + + mbedtls_ct_condition_t do_not_assign = mbedtls_ct_bool_not(do_assign); + for (size_t i = Y->n; i < X->n; i++) { + X->p[i] = mbedtls_ct_mpi_uint_if_else_0(do_not_assign, X->p[i]); + } + } + +cleanup: + return ret; +} + +/* + * Conditionally swap X and Y, without leaking information + * about whether the swap was made or not. + * Here it is not ok to simply swap the pointers, which would lead to + * different memory access patterns when X and Y are used afterwards. + */ +int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, + mbedtls_mpi *Y, + unsigned char swap) +{ + int ret = 0; + int s; + MPI_VALIDATE_RET(X != NULL); + MPI_VALIDATE_RET(Y != NULL); + + if (X == Y) { + return 0; + } + + mbedtls_ct_condition_t do_swap = mbedtls_ct_bool(swap); + + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n)); + + s = X->s; + X->s = (int) mbedtls_ct_uint_if(do_swap, Y->s, X->s); + Y->s = (int) mbedtls_ct_uint_if(do_swap, s, Y->s); + + mbedtls_mpi_core_cond_swap(X->p, Y->p, X->n, do_swap); + +cleanup: + return ret; +} /* Implementation that should never be optimized out by the compiler */ -static void mbedtls_mpi_zeroize(mbedtls_mpi_uint *v, size_t n) -{ - mbedtls_platform_zeroize(v, ciL * n); -} +#define mbedtls_mpi_zeroize_and_free(v, n) mbedtls_zeroize_and_free(v, ciL * (n)) /* * Initialize one MPI @@ -84,8 +207,7 @@ void mbedtls_mpi_free(mbedtls_mpi *X) } if (X->p != NULL) { - mbedtls_mpi_zeroize(X->p, X->n); - mbedtls_free(X->p); + mbedtls_mpi_zeroize_and_free(X->p, X->n); } X->s = 1; @@ -112,11 +234,12 @@ int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs) if (X->p != NULL) { memcpy(p, X->p, X->n * ciL); - mbedtls_mpi_zeroize(X->p, X->n); - mbedtls_free(X->p); + mbedtls_mpi_zeroize_and_free(X->p, X->n); } - X->n = nblimbs; + /* nblimbs fits in n because we ensure that MBEDTLS_MPI_MAX_LIMBS + * fits, and we've checked that nblimbs <= MBEDTLS_MPI_MAX_LIMBS. */ + X->n = (unsigned short) nblimbs; X->p = p; } @@ -160,11 +283,12 @@ int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs) if (X->p != NULL) { memcpy(p, X->p, i * ciL); - mbedtls_mpi_zeroize(X->p, X->n); - mbedtls_free(X->p); + mbedtls_mpi_zeroize_and_free(X->p, X->n); } - X->n = i; + /* i fits in n because we ensure that MBEDTLS_MPI_MAX_LIMBS + * fits, and we've checked that i <= nblimbs <= MBEDTLS_MPI_MAX_LIMBS. */ + X->n = (unsigned short) i; X->p = p; return 0; @@ -262,6 +386,10 @@ static inline mbedtls_mpi_uint mpi_sint_abs(mbedtls_mpi_sint z) return (mbedtls_mpi_uint) 0 - (mbedtls_mpi_uint) z; } +/* Convert x to a sign, i.e. to 1, if x is positive, or -1, if x is negative. + * This looks awkward but generates smaller code than (x < 0 ? -1 : 1) */ +#define TO_SIGN(x) ((mbedtls_mpi_sint) (((mbedtls_mpi_uint) x) >> (biL - 1)) * -2 + 1) + /* * Set value from integer */ @@ -274,7 +402,7 @@ int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z) memset(X->p, 0, X->n * ciL); X->p[0] = mpi_sint_abs(z); - X->s = (z < 0) ? -1 : 1; + X->s = TO_SIGN(z); cleanup: @@ -330,16 +458,35 @@ cleanup: */ size_t mbedtls_mpi_lsb(const mbedtls_mpi *X) { - size_t i, j, count = 0; + size_t i; MBEDTLS_INTERNAL_VALIDATE_RET(X != NULL, 0); +#if defined(__has_builtin) +#if (MBEDTLS_MPI_UINT_MAX == UINT_MAX) && __has_builtin(__builtin_ctz) + #define mbedtls_mpi_uint_ctz __builtin_ctz +#elif (MBEDTLS_MPI_UINT_MAX == ULONG_MAX) && __has_builtin(__builtin_ctzl) + #define mbedtls_mpi_uint_ctz __builtin_ctzl +#elif (MBEDTLS_MPI_UINT_MAX == ULLONG_MAX) && __has_builtin(__builtin_ctzll) + #define mbedtls_mpi_uint_ctz __builtin_ctzll +#endif +#endif + +#if defined(mbedtls_mpi_uint_ctz) for (i = 0; i < X->n; i++) { - for (j = 0; j < biL; j++, count++) { + if (X->p[i] != 0) { + return i * biL + mbedtls_mpi_uint_ctz(X->p[i]); + } + } +#else + size_t count = 0; + for (i = 0; i < X->n; i++) { + for (size_t j = 0; j < biL; j++, count++) { if (((X->p[i] >> j) & 1) != 0) { return count; } } } +#endif return 0; } @@ -416,7 +563,7 @@ int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s) slen = strlen(s); if (radix == 16) { - if (slen > MPI_SIZE_T_MAX >> 2) { + if (slen > SIZE_MAX >> 2) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } @@ -750,13 +897,9 @@ int mbedtls_mpi_write_binary(const mbedtls_mpi *X, int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, v0, t1; - mbedtls_mpi_uint r0 = 0, r1; + size_t i; MPI_VALIDATE_RET(X != NULL); - v0 = count / (biL); - t1 = count & (biL - 1); - i = mbedtls_mpi_bitlen(X) + count; if (X->n * biL < i) { @@ -765,31 +908,7 @@ int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count) ret = 0; - /* - * shift by count / limb_size - */ - if (v0 > 0) { - for (i = X->n; i > v0; i--) { - X->p[i - 1] = X->p[i - v0 - 1]; - } - - for (; i > 0; i--) { - X->p[i - 1] = 0; - } - } - - /* - * shift by count % limb_size - */ - if (t1 > 0) { - for (i = v0; i < X->n; i++) { - r1 = X->p[i] >> (biL - t1); - X->p[i] <<= t1; - X->p[i] |= r0; - r0 = r1; - } - } - + mbedtls_mpi_core_shift_l(X->p, X->n, count); cleanup: return ret; @@ -828,9 +947,8 @@ int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y) } } - if (i == 0 && j == 0) { - return 0; - } + /* If i == j == 0, i.e. abs(X) == abs(Y), + * we end up returning 0 at the end of the function. */ if (i > j) { return 1; @@ -912,7 +1030,7 @@ int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z) MPI_VALIDATE_RET(X != NULL); *p = mpi_sint_abs(z); - Y.s = (z < 0) ? -1 : 1; + Y.s = TO_SIGN(z); Y.n = 1; Y.p = p; @@ -926,6 +1044,8 @@ int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t j; + mbedtls_mpi_uint *p; + mbedtls_mpi_uint c; MPI_VALIDATE_RET(X != NULL); MPI_VALIDATE_RET(A != NULL); MPI_VALIDATE_RET(B != NULL); @@ -959,9 +1079,9 @@ int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi /* j is the number of non-zero limbs of B. Add those to X. */ - mbedtls_mpi_uint *p = X->p; + p = X->p; - mbedtls_mpi_uint c = mbedtls_mpi_core_add(p, p, B->p, j); + c = mbedtls_mpi_core_add(p, p, B->p, j); p += j; @@ -1009,7 +1129,7 @@ int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi /* Set the high limbs of X to match A. Don't touch the lower limbs * because X might be aliased to B, and we must not overwrite the * significant digits of B. */ - if (A->n > n) { + if (A->n > n && A != X) { memcpy(X->p + n, A->p + n, (A->n - n) * ciL); } if (X->n > A->n) { @@ -1098,7 +1218,7 @@ int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b MPI_VALIDATE_RET(A != NULL); p[0] = mpi_sint_abs(b); - B.s = (b < 0) ? -1 : 1; + B.s = TO_SIGN(b); B.n = 1; B.p = p; @@ -1116,7 +1236,7 @@ int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b MPI_VALIDATE_RET(A != NULL); p[0] = mpi_sint_abs(b); - B.s = (b < 0) ? -1 : 1; + B.s = TO_SIGN(b); B.n = 1; B.p = p; @@ -1136,7 +1256,8 @@ int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi MPI_VALIDATE_RET(A != NULL); MPI_VALIDATE_RET(B != NULL); - mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); + mbedtls_mpi_init(&TA); + mbedtls_mpi_init(&TB); if (X == A) { MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); A = &TA; @@ -1166,13 +1287,7 @@ int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + j)); MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0)); - for (size_t k = 0; k < j; k++) { - /* We know that there cannot be any carry-out since we're - * iterating from bottom to top. */ - (void) mbedtls_mpi_core_mla(X->p + k, i + 1, - A->p, i, - B->p[k]); - } + mbedtls_mpi_core_mul(X->p, A->p, i, B->p, j); /* If the result is 0, we don't shortcut the operation, which reduces * but does not eliminate side channels leaking the zero-ness. We do @@ -1471,7 +1586,7 @@ int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, MPI_VALIDATE_RET(A != NULL); p[0] = mpi_sint_abs(b); - B.s = (b < 0) ? -1 : 1; + B.s = TO_SIGN(b); B.n = 1; B.p = p; @@ -1609,8 +1724,8 @@ static void mpi_montred(mbedtls_mpi *A, const mbedtls_mpi *N, { mbedtls_mpi_uint z = 1; mbedtls_mpi U; - - U.n = U.s = (int) z; + U.n = 1; + U.s = 1; U.p = &z; mpi_montmul(A, &U, N, mm, T); @@ -1637,10 +1752,8 @@ static int mpi_select(mbedtls_mpi *R, const mbedtls_mpi *T, size_t T_size, size_ for (size_t i = 0; i < T_size; i++) { MBEDTLS_MPI_CHK(mbedtls_mpi_safe_cond_assign(R, &T[i], - (unsigned char) mbedtls_ct_size_bool_eq(i, - idx))); + (unsigned char) mbedtls_ct_uint_eq(i, idx))); } - cleanup: return ret; } @@ -1656,6 +1769,7 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, size_t window_bitsize; size_t i, j, nblimbs; size_t bufsize, nbits; + size_t exponent_bits_in_window = 0; mbedtls_mpi_uint ei, mm, state; mbedtls_mpi RR, T, W[(size_t) 1 << MBEDTLS_MPI_WINDOW_SIZE], WW, Apos; int neg; @@ -1714,8 +1828,9 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, * and squarings. Firstly, when multiplying by an element of the window * W[i], we do a constant-trace table lookup to obfuscate i. This leaves * squarings as having a different memory access patterns from other - * multiplications. So secondly, we put the accumulator X in the table as - * well, and also do a constant-trace table lookup to multiply by X. + * multiplications. So secondly, we put the accumulator in the table as + * well, and also do a constant-trace table lookup to multiply by the + * accumulator which is W[x_index]. * * This way, all multiplications take the form of a lookup-and-multiply. * The number of lookup-and-multiply operations inside each iteration of @@ -1728,19 +1843,16 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, * observe both memory accesses and branches. However, branch prediction * exploitation typically requires many traces of execution over the same * data, which is defeated by randomized blinding. - * - * To achieve this, we make a copy of X and we use the table entry in each - * calculation from this point on. */ const size_t x_index = 0; mbedtls_mpi_init(&W[x_index]); - mbedtls_mpi_copy(&W[x_index], X); j = N->n + 1; - /* All W[i] and X must have at least N->n limbs for the mpi_montmul() - * and mpi_montred() calls later. Here we ensure that W[1] and X are - * large enough, and later we'll grow other W[i] to the same length. - * They must not be shrunk midway through this function! + /* All W[i] including the accumulator must have at least N->n limbs for + * the mpi_montmul() and mpi_montred() calls later. Here we ensure that + * W[1] and the accumulator W[x_index] are large enough. later we'll grow + * other W[i] to the same length. They must not be shrunk midway through + * this function! */ MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[x_index], j)); MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1], j)); @@ -1829,7 +1941,6 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, nblimbs = E->n; bufsize = 0; nbits = 0; - size_t exponent_bits_in_window = 0; state = 0; while (1) { @@ -1922,7 +2033,7 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, /* * Load the result in the output variable. */ - mbedtls_mpi_copy(X, &W[x_index]); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &W[x_index])); cleanup: @@ -2200,29 +2311,30 @@ cleanup: #if defined(MBEDTLS_GENPRIME) -static const int small_prime[] = -{ - 3, 5, 7, 11, 13, 17, 19, 23, - 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, - 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, - 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251, 257, 263, 269, - 271, 277, 281, 283, 293, 307, 311, 313, - 317, 331, 337, 347, 349, 353, 359, 367, - 373, 379, 383, 389, 397, 401, 409, 419, - 421, 431, 433, 439, 443, 449, 457, 461, - 463, 467, 479, 487, 491, 499, 503, 509, - 521, 523, 541, 547, 557, 563, 569, 571, - 577, 587, 593, 599, 601, 607, 613, 617, - 619, 631, 641, 643, 647, 653, 659, 661, - 673, 677, 683, 691, 701, 709, 719, 727, - 733, 739, 743, 751, 757, 761, 769, 773, - 787, 797, 809, 811, 821, 823, 827, 829, - 839, 853, 857, 859, 863, 877, 881, 883, - 887, 907, 911, 919, 929, 937, 941, 947, - 953, 967, 971, 977, 983, 991, 997, -103 +/* Gaps between primes, starting at 3. https://oeis.org/A001223 */ +static const unsigned char small_prime_gaps[] = { + 2, 2, 4, 2, 4, 2, 4, 6, + 2, 6, 4, 2, 4, 6, 6, 2, + 6, 4, 2, 6, 4, 6, 8, 4, + 2, 4, 2, 4, 14, 4, 6, 2, + 10, 2, 6, 6, 4, 6, 6, 2, + 10, 2, 4, 2, 12, 12, 4, 2, + 4, 6, 2, 10, 6, 6, 6, 2, + 6, 4, 2, 10, 14, 4, 2, 4, + 14, 6, 10, 2, 4, 6, 8, 6, + 6, 4, 6, 8, 4, 8, 10, 2, + 10, 2, 6, 4, 6, 8, 4, 2, + 4, 12, 8, 4, 8, 4, 6, 12, + 2, 18, 6, 10, 6, 6, 2, 6, + 10, 6, 6, 2, 6, 6, 4, 2, + 12, 10, 2, 4, 6, 6, 2, 12, + 4, 6, 8, 10, 8, 10, 8, 6, + 6, 4, 8, 6, 4, 8, 4, 14, + 10, 12, 2, 10, 2, 4, 2, 10, + 14, 4, 2, 4, 14, 4, 2, 4, + 20, 4, 8, 10, 8, 4, 6, 6, + 14, 4, 6, 6, 8, 6, /*reaches 997*/ + 0 /* the last entry is effectively unused */ }; /* @@ -2239,20 +2351,20 @@ static int mpi_check_small_factors(const mbedtls_mpi *X) int ret = 0; size_t i; mbedtls_mpi_uint r; + unsigned p = 3; /* The first odd prime */ if ((X->p[0] & 1) == 0) { return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; } - for (i = 0; small_prime[i] > 0; i++) { - if (mbedtls_mpi_cmp_int(X, small_prime[i]) <= 0) { - return 1; - } - - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, small_prime[i])); - + for (i = 0; i < sizeof(small_prime_gaps); p += small_prime_gaps[i], i++) { + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, p)); if (r == 0) { - return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + if (mbedtls_mpi_cmp_int(X, p) == 0) { + return 1; + } else { + return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE; + } } } diff --git a/library/bignum_core.c b/library/bignum_core.c index e50f043c5..dbf6d1df4 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -35,6 +35,18 @@ size_t mbedtls_mpi_core_clz(mbedtls_mpi_uint a) { +#if defined(__has_builtin) +#if (MBEDTLS_MPI_UINT_MAX == UINT_MAX) && __has_builtin(__builtin_clz) + #define core_clz __builtin_clz +#elif (MBEDTLS_MPI_UINT_MAX == ULONG_MAX) && __has_builtin(__builtin_clzl) + #define core_clz __builtin_clzl +#elif (MBEDTLS_MPI_UINT_MAX == ULLONG_MAX) && __has_builtin(__builtin_clzll) + #define core_clz __builtin_clzll +#endif +#endif +#if defined(core_clz) + return (size_t) core_clz(a); +#else size_t j; mbedtls_mpi_uint mask = (mbedtls_mpi_uint) 1 << (biL - 1); @@ -47,41 +59,22 @@ size_t mbedtls_mpi_core_clz(mbedtls_mpi_uint a) } return j; +#endif } size_t mbedtls_mpi_core_bitlen(const mbedtls_mpi_uint *A, size_t A_limbs) { - size_t i, j; + int i; + size_t j; - if (A_limbs == 0) { - return 0; - } - - for (i = A_limbs - 1; i > 0; i--) { + for (i = ((int) A_limbs) - 1; i >= 0; i--) { if (A[i] != 0) { - break; + j = biL - mbedtls_mpi_core_clz(A[i]); + return (i * biL) + j; } } - j = biL - mbedtls_mpi_core_clz(A[i]); - - return (i * biL) + j; -} - -/* Convert a big-endian byte array aligned to the size of mbedtls_mpi_uint - * into the storage form used by mbedtls_mpi. */ -static mbedtls_mpi_uint mpi_bigendian_to_host_c(mbedtls_mpi_uint a) -{ - uint8_t i; - unsigned char *a_ptr; - mbedtls_mpi_uint tmp = 0; - - for (i = 0, a_ptr = (unsigned char *) &a; i < ciL; i++, a_ptr++) { - tmp <<= CHAR_BIT; - tmp |= (mbedtls_mpi_uint) *a_ptr; - } - - return tmp; + return 0; } static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) @@ -90,16 +83,11 @@ static mbedtls_mpi_uint mpi_bigendian_to_host(mbedtls_mpi_uint a) /* Nothing to do on bigendian systems. */ return a; } else { - switch (sizeof(mbedtls_mpi_uint)) { - case 4: - return (mbedtls_mpi_uint) MBEDTLS_BSWAP32((uint32_t) a); - case 8: - return (mbedtls_mpi_uint) MBEDTLS_BSWAP64((uint64_t) a); - } - - /* Fall back to C-based reordering if we don't know the byte order - * or we couldn't use a compiler-specific builtin. */ - return mpi_bigendian_to_host_c(a); +#if defined(MBEDTLS_HAVE_INT32) + return (mbedtls_mpi_uint) MBEDTLS_BSWAP32(a); +#elif defined(MBEDTLS_HAVE_INT64) + return (mbedtls_mpi_uint) MBEDTLS_BSWAP64(a); +#endif } } @@ -135,54 +123,92 @@ void mbedtls_mpi_core_bigendian_to_host(mbedtls_mpi_uint *A, /* Whether min <= A, in constant time. * A_limbs must be at least 1. */ -unsigned mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min, - const mbedtls_mpi_uint *A, - size_t A_limbs) +mbedtls_ct_condition_t mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min, + const mbedtls_mpi_uint *A, + size_t A_limbs) { /* min <= least significant limb? */ - unsigned min_le_lsl = 1 ^ mbedtls_ct_mpi_uint_lt(A[0], min); + mbedtls_ct_condition_t min_le_lsl = mbedtls_ct_uint_ge(A[0], min); /* limbs other than the least significant one are all zero? */ - mbedtls_mpi_uint msll_mask = 0; + mbedtls_ct_condition_t msll_mask = MBEDTLS_CT_FALSE; for (size_t i = 1; i < A_limbs; i++) { - msll_mask |= A[i]; + msll_mask = mbedtls_ct_bool_or(msll_mask, mbedtls_ct_bool(A[i])); } - /* The most significant limbs of A are not all zero iff msll_mask != 0. */ - unsigned msll_nonzero = mbedtls_ct_mpi_uint_mask(msll_mask) & 1; /* min <= A iff the lowest limb of A is >= min or the other limbs * are not all zero. */ - return min_le_lsl | msll_nonzero; + return mbedtls_ct_bool_or(msll_mask, min_le_lsl); +} + +mbedtls_ct_condition_t mbedtls_mpi_core_lt_ct(const mbedtls_mpi_uint *A, + const mbedtls_mpi_uint *B, + size_t limbs) +{ + mbedtls_ct_condition_t ret = MBEDTLS_CT_FALSE, cond = MBEDTLS_CT_FALSE, done = MBEDTLS_CT_FALSE; + + for (size_t i = limbs; i > 0; i--) { + /* + * If B[i - 1] < A[i - 1] then A < B is false and the result must + * remain 0. + * + * Again even if we can make a decision, we just mark the result and + * the fact that we are done and continue looping. + */ + cond = mbedtls_ct_uint_lt(B[i - 1], A[i - 1]); + done = mbedtls_ct_bool_or(done, cond); + + /* + * If A[i - 1] < B[i - 1] then A < B is true. + * + * Again even if we can make a decision, we just mark the result and + * the fact that we are done and continue looping. + */ + cond = mbedtls_ct_uint_lt(A[i - 1], B[i - 1]); + ret = mbedtls_ct_bool_or(ret, mbedtls_ct_bool_and(cond, mbedtls_ct_bool_not(done))); + done = mbedtls_ct_bool_or(done, cond); + } + + /* + * If all the limbs were equal, then the numbers are equal, A < B is false + * and leaving the result 0 is correct. + */ + + return ret; } void mbedtls_mpi_core_cond_assign(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, size_t limbs, - unsigned char assign) + mbedtls_ct_condition_t assign) { if (X == A) { return; } - mbedtls_ct_mpi_uint_cond_assign(limbs, X, A, assign); + /* This function is very performance-sensitive for RSA. For this reason + * we have the loop below, instead of calling mbedtls_ct_memcpy_if + * (this is more optimal since here we don't have to handle the case where + * we copy awkwardly sized data). + */ + for (size_t i = 0; i < limbs; i++) { + X[i] = mbedtls_ct_mpi_uint_if(assign, A[i], X[i]); + } } void mbedtls_mpi_core_cond_swap(mbedtls_mpi_uint *X, mbedtls_mpi_uint *Y, size_t limbs, - unsigned char swap) + mbedtls_ct_condition_t swap) { if (X == Y) { return; } - /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */ - mbedtls_mpi_uint limb_mask = mbedtls_ct_mpi_uint_mask(swap); - for (size_t i = 0; i < limbs; i++) { mbedtls_mpi_uint tmp = X[i]; - X[i] = (X[i] & ~limb_mask) | (Y[i] & limb_mask); - Y[i] = (Y[i] & ~limb_mask) | (tmp & limb_mask); + X[i] = mbedtls_ct_mpi_uint_if(swap, Y[i], X[i]); + Y[i] = mbedtls_ct_mpi_uint_if(swap, tmp, Y[i]); } } @@ -353,6 +379,41 @@ void mbedtls_mpi_core_shift_r(mbedtls_mpi_uint *X, size_t limbs, } } +void mbedtls_mpi_core_shift_l(mbedtls_mpi_uint *X, size_t limbs, + size_t count) +{ + size_t i, v0, v1; + mbedtls_mpi_uint r0 = 0, r1; + + v0 = count / (biL); + v1 = count & (biL - 1); + + /* + * shift by count / limb_size + */ + if (v0 > 0) { + for (i = limbs; i > v0; i--) { + X[i - 1] = X[i - v0 - 1]; + } + + for (; i > 0; i--) { + X[i - 1] = 0; + } + } + + /* + * shift by count % limb_size + */ + if (v1 > 0) { + for (i = v0; i < limbs; i++) { + r1 = X[i] >> (biL - v1); + X[i] <<= v1; + X[i] |= r0; + r0 = r1; + } + } +} + mbedtls_mpi_uint mbedtls_mpi_core_add(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *B, @@ -378,11 +439,10 @@ mbedtls_mpi_uint mbedtls_mpi_core_add_if(mbedtls_mpi_uint *X, { mbedtls_mpi_uint c = 0; - /* all-bits 0 if cond is 0, all-bits 1 if cond is non-0 */ - const mbedtls_mpi_uint mask = mbedtls_ct_mpi_uint_mask(cond); + mbedtls_ct_condition_t do_add = mbedtls_ct_bool(cond); for (size_t i = 0; i < limbs; i++) { - mbedtls_mpi_uint add = mask & A[i]; + mbedtls_mpi_uint add = mbedtls_ct_mpi_uint_if_else_0(do_add, A[i]); mbedtls_mpi_uint t = c + X[i]; c = (t < X[i]); t += add; @@ -448,6 +508,17 @@ mbedtls_mpi_uint mbedtls_mpi_core_mla(mbedtls_mpi_uint *d, size_t d_len, return c; } +void mbedtls_mpi_core_mul(mbedtls_mpi_uint *X, + const mbedtls_mpi_uint *A, size_t A_limbs, + const mbedtls_mpi_uint *B, size_t B_limbs) +{ + memset(X, 0, (A_limbs + B_limbs) * ciL); + + for (size_t i = 0; i < B_limbs; i++) { + (void) mbedtls_mpi_core_mla(X + i, A_limbs + 1, A, A_limbs, B[i]); + } +} + /* * Fast Montgomery initialization (thanks to Tom St Denis). */ @@ -513,7 +584,11 @@ void mbedtls_mpi_core_montmul(mbedtls_mpi_uint *X, * So the correct return value is already in X if (carry ^ borrow) = 0, * but is in (the lower AN_limbs limbs of) T if (carry ^ borrow) = 1. */ - mbedtls_ct_mpi_uint_cond_assign(AN_limbs, X, T, (unsigned char) (carry ^ borrow)); + mbedtls_ct_memcpy_if(mbedtls_ct_bool(carry ^ borrow), + (unsigned char *) X, + (unsigned char *) T, + NULL, + AN_limbs * sizeof(mbedtls_mpi_uint)); } int mbedtls_mpi_core_get_mont_r2_unsafe(mbedtls_mpi *X, @@ -538,7 +613,7 @@ void mbedtls_mpi_core_ct_uint_table_lookup(mbedtls_mpi_uint *dest, size_t index) { for (size_t i = 0; i < count; i++, table += limbs) { - unsigned char assign = mbedtls_ct_size_bool_eq(i, index); + mbedtls_ct_condition_t assign = mbedtls_ct_uint_eq(i, index); mbedtls_mpi_core_cond_assign(dest, table, limbs, assign); } } @@ -578,7 +653,7 @@ int mbedtls_mpi_core_random(mbedtls_mpi_uint *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - unsigned ge_lower = 1, lt_upper = 0; + mbedtls_ct_condition_t ge_lower = MBEDTLS_CT_TRUE, lt_upper = MBEDTLS_CT_FALSE; size_t n_bits = mbedtls_mpi_core_bitlen(N, limbs); size_t n_bytes = (n_bits + 7) / 8; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -623,26 +698,24 @@ int mbedtls_mpi_core_random(mbedtls_mpi_uint *X, ge_lower = mbedtls_mpi_core_uint_le_mpi(min, X, limbs); lt_upper = mbedtls_mpi_core_lt_ct(X, N, limbs); - } while (ge_lower == 0 || lt_upper == 0); + } while (mbedtls_ct_bool_and(ge_lower, lt_upper) == MBEDTLS_CT_FALSE); cleanup: return ret; } -/* BEGIN MERGE SLOT 1 */ - static size_t exp_mod_get_window_size(size_t Ebits) { - size_t wsize = (Ebits > 671) ? 6 : (Ebits > 239) ? 5 : - (Ebits > 79) ? 4 : 1; - -#if (MBEDTLS_MPI_WINDOW_SIZE < 6) - if (wsize > MBEDTLS_MPI_WINDOW_SIZE) { - wsize = MBEDTLS_MPI_WINDOW_SIZE; - } +#if MBEDTLS_MPI_WINDOW_SIZE >= 6 + return (Ebits > 671) ? 6 : (Ebits > 239) ? 5 : (Ebits > 79) ? 4 : 1; +#elif MBEDTLS_MPI_WINDOW_SIZE == 5 + return (Ebits > 239) ? 5 : (Ebits > 79) ? 4 : 1; +#elif MBEDTLS_MPI_WINDOW_SIZE > 1 + return (Ebits > 79) ? MBEDTLS_MPI_WINDOW_SIZE : 1; +#else + (void) Ebits; + return 1; #endif - - return wsize; } size_t mbedtls_mpi_core_exp_mod_working_limbs(size_t AN_limbs, size_t E_limbs) @@ -780,14 +853,6 @@ void mbedtls_mpi_core_exp_mod(mbedtls_mpi_uint *X, } while (!(E_bit_index == 0 && E_limb_index == 0)); } -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ - mbedtls_mpi_uint mbedtls_mpi_core_sub_int(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, mbedtls_mpi_uint c, /* doubles as carry */ @@ -838,34 +903,4 @@ void mbedtls_mpi_core_from_mont_rep(mbedtls_mpi_uint *X, mbedtls_mpi_core_montmul(X, A, &Rinv, 1, N, AN_limbs, mm, T); } -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ - -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ - -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ - -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ - #endif /* MBEDTLS_BIGNUM_C */ diff --git a/library/bignum_core.h b/library/bignum_core.h index 44d5c5aad..e5500f117 100644 --- a/library/bignum_core.h +++ b/library/bignum_core.h @@ -86,6 +86,8 @@ #include "mbedtls/bignum.h" #endif +#include "constant_time_internal.h" + #define ciL (sizeof(mbedtls_mpi_uint)) /** chars in limb */ #define biL (ciL << 3) /** bits in limb */ #define biH (ciL << 2) /** half limb size */ @@ -101,10 +103,13 @@ (((X)[(i) / ciL] >> (((i) % ciL) * 8)) & 0xff) /** Count leading zero bits in a given integer. + * + * \warning The result is undefined if \p a == 0 * * \param a Integer to count leading zero bits. * - * \return The number of leading zero bits in \p a. + * \return The number of leading zero bits in \p a, if \p a != 0. + * If \p a == 0, the result is undefined. */ size_t mbedtls_mpi_core_clz(mbedtls_mpi_uint a); @@ -139,11 +144,29 @@ void mbedtls_mpi_core_bigendian_to_host(mbedtls_mpi_uint *A, * \param A_limbs The number of limbs of \p A. * This must be at least 1. * - * \return 1 if \p min is less than or equal to \p A, otherwise 0. + * \return MBEDTLS_CT_TRUE if \p min is less than or equal to \p A, otherwise MBEDTLS_CT_FALSE. */ -unsigned mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min, - const mbedtls_mpi_uint *A, - size_t A_limbs); +mbedtls_ct_condition_t mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min, + const mbedtls_mpi_uint *A, + size_t A_limbs); + +/** + * \brief Check if one unsigned MPI is less than another in constant + * time. + * + * \param A The left-hand MPI. This must point to an array of limbs + * with the same allocated length as \p B. + * \param B The right-hand MPI. This must point to an array of limbs + * with the same allocated length as \p A. + * \param limbs The number of limbs in \p A and \p B. + * This must not be 0. + * + * \return MBEDTLS_CT_TRUE if \p A is less than \p B. + * MBEDTLS_CT_FALSE if \p A is greater than or equal to \p B. + */ +mbedtls_ct_condition_t mbedtls_mpi_core_lt_ct(const mbedtls_mpi_uint *A, + const mbedtls_mpi_uint *B, + size_t limbs); /** * \brief Perform a safe conditional copy of an MPI which doesn't reveal @@ -155,21 +178,17 @@ unsigned mbedtls_mpi_core_uint_le_mpi(mbedtls_mpi_uint min, * \param[in] A The address of the source MPI. This must be initialized. * \param limbs The number of limbs of \p A. * \param assign The condition deciding whether to perform the - * assignment or not. Must be either 0 or 1: - * * \c 1: Perform the assignment `X = A`. - * * \c 0: Keep the original value of \p X. + * assignment or not. Callers will need to use + * the constant time interface (e.g. `mbedtls_ct_bool()`) + * to construct this argument. * * \note This function avoids leaking any information about whether * the assignment was done or not. - * - * \warning If \p assign is neither 0 nor 1, the result of this function - * is indeterminate, and the resulting value in \p X might be - * neither its original value nor the value in \p A. */ void mbedtls_mpi_core_cond_assign(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, size_t limbs, - unsigned char assign); + mbedtls_ct_condition_t assign); /** * \brief Perform a safe conditional swap of two MPIs which doesn't reveal @@ -181,21 +200,15 @@ void mbedtls_mpi_core_cond_assign(mbedtls_mpi_uint *X, * This must be initialized. * \param limbs The number of limbs of \p X and \p Y. * \param swap The condition deciding whether to perform - * the swap or not. Must be either 0 or 1: - * * \c 1: Swap the values of \p X and \p Y. - * * \c 0: Keep the original values of \p X and \p Y. + * the swap or not. * * \note This function avoids leaking any information about whether * the swap was done or not. - * - * \warning If \p swap is neither 0 nor 1, the result of this function - * is indeterminate, and both \p X and \p Y might end up with - * values different to either of the original ones. */ void mbedtls_mpi_core_cond_swap(mbedtls_mpi_uint *X, mbedtls_mpi_uint *Y, size_t limbs, - unsigned char swap); + mbedtls_ct_condition_t swap); /** Import X from unsigned binary data, little-endian. * @@ -222,7 +235,7 @@ int mbedtls_mpi_core_read_le(mbedtls_mpi_uint *X, * most significant zero bytes in the input). * * \param[out] X The address of the MPI. - * May only be #NULL if \X_limbs is 0 and \p input_length + * May only be #NULL if \p X_limbs is 0 and \p input_length * is 0. * \param X_limbs The number of limbs of \p X. * \param[in] input The input buffer to import from. @@ -278,7 +291,7 @@ int mbedtls_mpi_core_write_be(const mbedtls_mpi_uint *A, unsigned char *output, size_t output_length); -/** \brief Shift an MPI right in place by a number of bits. +/** \brief Shift an MPI in-place right by a number of bits. * * Shifting by more bits than there are bit positions * in \p X is valid and results in setting \p X to 0. @@ -293,6 +306,21 @@ int mbedtls_mpi_core_write_be(const mbedtls_mpi_uint *A, void mbedtls_mpi_core_shift_r(mbedtls_mpi_uint *X, size_t limbs, size_t count); +/** + * \brief Shift an MPI in-place left by a number of bits. + * + * Shifting by more bits than there are bit positions + * in \p X will produce an unspecified result. + * + * This function's execution time depends on the value + * of \p count (and of course \p limbs). + * \param[in,out] X The number to shift. + * \param limbs The number of limbs of \p X. This must be at least 1. + * \param count The number of bits to shift by. + */ +void mbedtls_mpi_core_shift_l(mbedtls_mpi_uint *X, size_t limbs, + size_t count); + /** * \brief Add two fixed-size large unsigned integers, returning the carry. * @@ -398,6 +426,26 @@ mbedtls_mpi_uint mbedtls_mpi_core_mla(mbedtls_mpi_uint *X, size_t X_limbs, const mbedtls_mpi_uint *A, size_t A_limbs, mbedtls_mpi_uint b); +/** + * \brief Perform a known-size multiplication + * + * \p X may not be aliased to any of the inputs for this function. + * \p A may be aliased to \p B. + * + * \param[out] X The pointer to the (little-endian) array to receive + * the product of \p A_limbs and \p B_limbs. + * This must be of length \p A_limbs + \p B_limbs. + * \param[in] A The pointer to the (little-endian) array + * representing the first factor. + * \param A_limbs The number of limbs in \p A. + * \param[in] B The pointer to the (little-endian) array + * representing the second factor. + * \param B_limbs The number of limbs in \p B. + */ +void mbedtls_mpi_core_mul(mbedtls_mpi_uint *X, + const mbedtls_mpi_uint *A, size_t A_limbs, + const mbedtls_mpi_uint *B, size_t B_limbs); + /** * \brief Calculate initialisation value for fast Montgomery modular * multiplication @@ -549,8 +597,6 @@ int mbedtls_mpi_core_random(mbedtls_mpi_uint *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); -/* BEGIN MERGE SLOT 1 */ - /** * \brief Returns the number of limbs of working memory required for * a call to `mbedtls_mpi_core_exp_mod()`. @@ -604,14 +650,6 @@ void mbedtls_mpi_core_exp_mod(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *RR, mbedtls_mpi_uint *T); -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ - /** * \brief Subtract unsigned integer from known-size large unsigned integers. * Return the borrow. @@ -663,7 +701,7 @@ static inline size_t mbedtls_mpi_core_montmul_working_limbs(size_t AN_limbs) * * \p X may be aliased to \p A, but may not otherwise overlap it. * - * \p X may not alias \p N (it is in canonical form, so must be stricly less + * \p X may not alias \p N (it is in canonical form, so must be strictly less * than \p N). Nor may it alias or overlap \p rr (this is unlikely to be * required in practice.) * @@ -702,7 +740,7 @@ void mbedtls_mpi_core_to_mont_rep(mbedtls_mpi_uint *X, * * \p X may be aliased to \p A, but may not otherwise overlap it. * - * \p X may not alias \p N (it is in canonical form, so must be stricly less + * \p X may not alias \p N (it is in canonical form, so must be strictly less * than \p N). * * This function is a thin wrapper around `mbedtls_mpi_core_montmul()` that is @@ -734,34 +772,4 @@ void mbedtls_mpi_core_from_mont_rep(mbedtls_mpi_uint *X, mbedtls_mpi_uint mm, mbedtls_mpi_uint *T); -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ - -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ - -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ - -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ - #endif /* MBEDTLS_BIGNUM_CORE_H */ diff --git a/library/bignum_mod.c b/library/bignum_mod.c index e701a686d..2f0e9ed09 100644 --- a/library/bignum_mod.c +++ b/library/bignum_mod.c @@ -19,7 +19,7 @@ #include "common.h" -#if defined(MBEDTLS_BIGNUM_C) +#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ECP_WITH_MPI_UINT) #include @@ -35,15 +35,15 @@ #include "constant_time_internal.h" int mbedtls_mpi_mod_residue_setup(mbedtls_mpi_mod_residue *r, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, mbedtls_mpi_uint *p, size_t p_limbs) { - if (p_limbs != m->limbs || !mbedtls_mpi_core_lt_ct(p, m->p, m->limbs)) { + if (p_limbs != N->limbs || !mbedtls_mpi_core_lt_ct(p, N->p, N->limbs)) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } - r->limbs = m->limbs; + r->limbs = N->limbs; r->p = p; return 0; @@ -59,45 +59,44 @@ void mbedtls_mpi_mod_residue_release(mbedtls_mpi_mod_residue *r) r->p = NULL; } -void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *m) +void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *N) { - if (m == NULL) { + if (N == NULL) { return; } - m->p = NULL; - m->limbs = 0; - m->bits = 0; - m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; + N->p = NULL; + N->limbs = 0; + N->bits = 0; + N->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; } -void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *m) +void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *N) { - if (m == NULL) { + if (N == NULL) { return; } - switch (m->int_rep) { + switch (N->int_rep) { case MBEDTLS_MPI_MOD_REP_MONTGOMERY: - if (m->rep.mont.rr != NULL) { - mbedtls_platform_zeroize((mbedtls_mpi_uint *) m->rep.mont.rr, - m->limbs * sizeof(mbedtls_mpi_uint)); - mbedtls_free((mbedtls_mpi_uint *) m->rep.mont.rr); - m->rep.mont.rr = NULL; + if (N->rep.mont.rr != NULL) { + mbedtls_zeroize_and_free((mbedtls_mpi_uint *) N->rep.mont.rr, + N->limbs * sizeof(mbedtls_mpi_uint)); + N->rep.mont.rr = NULL; } - m->rep.mont.mm = 0; + N->rep.mont.mm = 0; break; case MBEDTLS_MPI_MOD_REP_OPT_RED: - mbedtls_free(m->rep.ored); + N->rep.ored.modp = NULL; break; case MBEDTLS_MPI_MOD_REP_INVALID: break; } - m->p = NULL; - m->limbs = 0; - m->bits = 0; - m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; + N->p = NULL; + N->limbs = 0; + N->bits = 0; + N->int_rep = MBEDTLS_MPI_MOD_REP_INVALID; } static int set_mont_const_square(const mbedtls_mpi_uint **X, @@ -136,46 +135,42 @@ cleanup: return ret; } -int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m, +static inline void standard_modulus_setup(mbedtls_mpi_mod_modulus *N, + const mbedtls_mpi_uint *p, + size_t p_limbs, + mbedtls_mpi_mod_rep_selector int_rep) +{ + N->p = p; + N->limbs = p_limbs; + N->bits = mbedtls_mpi_core_bitlen(p, p_limbs); + N->int_rep = int_rep; +} + +int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_uint *p, - size_t p_limbs, - mbedtls_mpi_mod_rep_selector int_rep) + size_t p_limbs) { int ret = 0; - - m->p = p; - m->limbs = p_limbs; - m->bits = mbedtls_mpi_core_bitlen(p, p_limbs); - - switch (int_rep) { - case MBEDTLS_MPI_MOD_REP_MONTGOMERY: - m->int_rep = int_rep; - m->rep.mont.mm = mbedtls_mpi_core_montmul_init(m->p); - ret = set_mont_const_square(&m->rep.mont.rr, m->p, m->limbs); - break; - case MBEDTLS_MPI_MOD_REP_OPT_RED: - m->int_rep = int_rep; - m->rep.ored = NULL; - break; - default: - ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - goto exit; - } - -exit: + standard_modulus_setup(N, p, p_limbs, MBEDTLS_MPI_MOD_REP_MONTGOMERY); + N->rep.mont.mm = mbedtls_mpi_core_montmul_init(N->p); + ret = set_mont_const_square(&N->rep.mont.rr, N->p, N->limbs); if (ret != 0) { - mbedtls_mpi_mod_modulus_free(m); + mbedtls_mpi_mod_modulus_free(N); } return ret; } -/* BEGIN MERGE SLOT 1 */ - -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ +int mbedtls_mpi_mod_optred_modulus_setup(mbedtls_mpi_mod_modulus *N, + const mbedtls_mpi_uint *p, + size_t p_limbs, + mbedtls_mpi_modp_fn modp) +{ + standard_modulus_setup(N, p, p_limbs, MBEDTLS_MPI_MOD_REP_OPT_RED); + N->rep.ored.modp = modp; + return 0; +} int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X, const mbedtls_mpi_mod_residue *A, @@ -202,9 +197,6 @@ int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X, return 0; } -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X, const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *B, @@ -244,8 +236,7 @@ static int mbedtls_mpi_mod_inv_non_mont(mbedtls_mpi_mod_residue *X, mbedtls_mpi_mod_modulus Nmont; mbedtls_mpi_mod_modulus_init(&Nmont); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_modulus_setup(&Nmont, N->p, N->limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + MBEDTLS_MPI_CHK(mbedtls_mpi_mod_modulus_setup(&Nmont, N->p, N->limbs)); /* We'll use X->p to hold the Montgomery form of the input A->p */ mbedtls_mpi_core_to_mont_rep(X->p, A->p, Nmont.p, Nmont.limbs, @@ -303,19 +294,12 @@ int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X, break; } - mbedtls_platform_zeroize(working_memory, + mbedtls_zeroize_and_free(working_memory, working_limbs * sizeof(mbedtls_mpi_uint)); - mbedtls_free(working_memory); return ret; } -/* END MERGE SLOT 3 */ -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X, const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *B, @@ -329,9 +313,6 @@ int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X, return 0; } -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X, mbedtls_mpi_uint min, @@ -345,11 +326,8 @@ int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X, return mbedtls_mpi_mod_raw_random(X->p, min, N, f_rng, p_rng); } -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, const unsigned char *buf, size_t buflen, mbedtls_mpi_mod_ext_rep ext_rep) @@ -357,78 +335,72 @@ int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r, int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; /* Do our best to check if r and m have been set up */ - if (r->limbs == 0 || m->limbs == 0) { + if (r->limbs == 0 || N->limbs == 0) { goto cleanup; } - if (r->limbs != m->limbs) { + if (r->limbs != N->limbs) { goto cleanup; } - ret = mbedtls_mpi_mod_raw_read(r->p, m, buf, buflen, ext_rep); + ret = mbedtls_mpi_mod_raw_read(r->p, N, buf, buflen, ext_rep); if (ret != 0) { goto cleanup; } - r->limbs = m->limbs; + r->limbs = N->limbs; - ret = mbedtls_mpi_mod_raw_canonical_to_modulus_rep(r->p, m); + ret = mbedtls_mpi_mod_raw_canonical_to_modulus_rep(r->p, N); cleanup: return ret; } int mbedtls_mpi_mod_write(const mbedtls_mpi_mod_residue *r, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, unsigned char *buf, size_t buflen, mbedtls_mpi_mod_ext_rep ext_rep) { - int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - /* Do our best to check if r and m have been set up */ - if (r->limbs == 0 || m->limbs == 0) { - goto cleanup; + if (r->limbs == 0 || N->limbs == 0) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } - if (r->limbs != m->limbs) { - goto cleanup; + if (r->limbs != N->limbs) { + return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } - if (m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) { - ret = mbedtls_mpi_mod_raw_from_mont_rep(r->p, m); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi_uint *working_memory = r->p; + size_t working_memory_len = sizeof(mbedtls_mpi_uint) * r->limbs; + + if (N->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) { + + working_memory = mbedtls_calloc(r->limbs, sizeof(mbedtls_mpi_uint)); + + if (working_memory == NULL) { + ret = MBEDTLS_ERR_MPI_ALLOC_FAILED; + goto cleanup; + } + + memcpy(working_memory, r->p, working_memory_len); + + ret = mbedtls_mpi_mod_raw_from_mont_rep(working_memory, N); if (ret != 0) { goto cleanup; } } - ret = mbedtls_mpi_mod_raw_write(r->p, m, buf, buflen, ext_rep); - - if (m->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) { - /* If this fails, the value of r is corrupted and we want to return - * this error (as opposed to the error code from the write above) to - * let the caller know. If it succeeds, we want to return the error - * code from write above. */ - int conv_ret = mbedtls_mpi_mod_raw_to_mont_rep(r->p, m); - if (ret == 0) { - ret = conv_ret; - } - } + ret = mbedtls_mpi_mod_raw_write(working_memory, N, buf, buflen, ext_rep); cleanup: + if (N->int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY && + working_memory != NULL) { + + mbedtls_zeroize_and_free(working_memory, working_memory_len); + } + return ret; } -/* END MERGE SLOT 7 */ -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ - -#endif /* MBEDTLS_BIGNUM_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ECP_WITH_MPI_UINT */ diff --git a/library/bignum_mod.h b/library/bignum_mod.h index 0a22e713a..39e8fd218 100644 --- a/library/bignum_mod.h +++ b/library/bignum_mod.h @@ -98,10 +98,11 @@ typedef enum { /* Skip 1 as it is slightly easier to accidentally pass to functions. */ /** Montgomery representation. */ MBEDTLS_MPI_MOD_REP_MONTGOMERY = 2, - /** TODO: document this. - * - * Residues are in canonical representation. - */ + /* Optimised reduction available. This indicates a coordinate modulus (P) + * and one or more of the following have been configured: + * - A nist curve (MBEDTLS_ECP_DP_SECPXXXR1_ENABLED) & MBEDTLS_ECP_NIST_OPTIM. + * - A Kobliz Curve. + * - A Fast Reduction Curve CURVE25519 or CURVE448. */ MBEDTLS_MPI_MOD_REP_OPT_RED, } mbedtls_mpi_mod_rep_selector; @@ -123,7 +124,11 @@ typedef struct { mbedtls_mpi_uint mm; /* Montgomery const for -N^{-1} mod 2^{ciL} */ } mbedtls_mpi_mont_struct; -typedef void *mbedtls_mpi_opt_red_struct; +typedef int (*mbedtls_mpi_modp_fn)(mbedtls_mpi_uint *X, size_t X_limbs); + +typedef struct { + mbedtls_mpi_modp_fn modp; /* The optimised reduction function pointer */ +} mbedtls_mpi_opt_red_struct; typedef struct { const mbedtls_mpi_uint *p; @@ -140,34 +145,34 @@ typedef struct { /** Setup a residue structure. * - * The residue will be set up with the buffer \p p and modulus \p m. + * The residue will be set up with the buffer \p p and modulus \p N. * * The memory pointed to by \p p will be used by the resulting residue structure. * The value at the pointed-to memory will be the initial value of \p r and must * hold a value that is less than the modulus. This value will be used as-is - * and interpreted according to the value of the `m->int_rep` field. + * and interpreted according to the value of the `N->int_rep` field. * - * The modulus \p m will be the modulus associated with \p r. The residue \p r - * should only be used in operations where the modulus is \p m. + * The modulus \p N will be the modulus associated with \p r. The residue \p r + * should only be used in operations where the modulus is \p N. * * \param[out] r The address of the residue to setup. - * \param[in] m The address of the modulus related to \p r. + * \param[in] N The address of the modulus related to \p r. * \param[in] p The address of the limb array containing the value of \p r. * The memory pointed to by \p p will be used by \p r and must * not be modified in any way until after * mbedtls_mpi_mod_residue_release() is called. The data * pointed to by \p p must be less than the modulus (the value - * pointed to by `m->p`) and already in the representation - * indicated by `m->int_rep`. + * pointed to by `N->p`) and already in the representation + * indicated by `N->int_rep`. * \param p_limbs The number of limbs of \p p. Must be the same as the number - * of limbs in the modulus \p m. + * of limbs in the modulus \p N. * * \return \c 0 if successful. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p p_limbs is less than the - * limbs in \p m or if \p p is not less than \p m. + * limbs in \p N or if \p p is not less than \p N. */ int mbedtls_mpi_mod_residue_setup(mbedtls_mpi_mod_residue *r, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, mbedtls_mpi_uint *p, size_t p_limbs); @@ -185,28 +190,41 @@ void mbedtls_mpi_mod_residue_release(mbedtls_mpi_mod_residue *r); /** Initialize a modulus structure. * - * \param[out] m The address of the modulus structure to initialize. + * \param[out] N The address of the modulus structure to initialize. */ -void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *m); +void mbedtls_mpi_mod_modulus_init(mbedtls_mpi_mod_modulus *N); /** Setup a modulus structure. * - * \param[out] m The address of the modulus structure to populate. - * \param[in] p The address of the limb array storing the value of \p m. - * The memory pointed to by \p p will be used by \p m and must + * \param[out] N The address of the modulus structure to populate. + * \param[in] p The address of the limb array storing the value of \p N. + * The memory pointed to by \p p will be used by \p N and must * not be modified in any way until after * mbedtls_mpi_mod_modulus_free() is called. * \param p_limbs The number of limbs of \p p. - * \param int_rep The internal representation to be used for residues - * associated with \p m (see #mbedtls_mpi_mod_rep_selector). * * \return \c 0 if successful. - * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p int_rep is invalid. */ -int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m, +int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *N, const mbedtls_mpi_uint *p, - size_t p_limbs, - mbedtls_mpi_mod_rep_selector int_rep); + size_t p_limbs); + +/** Setup an optimised-reduction compatible modulus structure. + * + * \param[out] N The address of the modulus structure to populate. + * \param[in] p The address of the limb array storing the value of \p N. + * The memory pointed to by \p p will be used by \p N and must + * not be modified in any way until after + * mbedtls_mpi_mod_modulus_free() is called. + * \param p_limbs The number of limbs of \p p. + * \param modp A pointer to the optimised reduction function to use. \p p. + * + * \return \c 0 if successful. + */ +int mbedtls_mpi_mod_optred_modulus_setup(mbedtls_mpi_mod_modulus *N, + const mbedtls_mpi_uint *p, + size_t p_limbs, + mbedtls_mpi_modp_fn modp); /** Free elements of a modulus structure. * @@ -216,15 +234,9 @@ int mbedtls_mpi_mod_modulus_setup(mbedtls_mpi_mod_modulus *m, * mbedtls_mpi_mod_modulus_setup() only removes the reference to it, * making it safe to free or to use it again. * - * \param[in,out] m The address of the modulus structure to free. + * \param[in,out] N The address of the modulus structure to free. */ -void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *m); - -/* BEGIN MERGE SLOT 1 */ - -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ +void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *N); /** \brief Multiply two residues, returning the residue modulo the specified * modulus. @@ -260,9 +272,6 @@ int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X, const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_modulus *N); -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ /** * \brief Perform a fixed-size modular subtraction. * @@ -321,13 +330,6 @@ int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X, int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X, const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_modulus *N); -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ /** * \brief Perform a fixed-size modular addition. * @@ -358,9 +360,6 @@ int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X, const mbedtls_mpi_mod_residue *A, const mbedtls_mpi_mod_residue *B, const mbedtls_mpi_mod_modulus *N); -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ /** Generate a random number uniformly in a range. * @@ -395,22 +394,19 @@ int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ /** Read a residue from a byte buffer. * * The residue will be automatically converted to the internal representation - * based on the value of the `m->int_rep` field. + * based on the value of the `N->int_rep` field. * - * The modulus \p m will be the modulus associated with \p r. The residue \p r - * should only be used in operations where the modulus is \p m or a modulus - * equivalent to \p m (in the sense that all their fields or memory pointed by + * The modulus \p N will be the modulus associated with \p r. The residue \p r + * should only be used in operations where the modulus is \p N or a modulus + * equivalent to \p N (in the sense that all their fields or memory pointed by * their fields hold the same value). * * \param[out] r The address of the residue. It must have exactly the same - * number of limbs as the modulus \p m. - * \param[in] m The address of the modulus. + * number of limbs as the modulus \p N. + * \param[in] N The address of the modulus. * \param[in] buf The input buffer to import from. * \param buflen The length in bytes of \p buf. * \param ext_rep The endianness of the number in the input buffer. @@ -419,32 +415,32 @@ int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X, * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p r isn't * large enough to hold the value in \p buf. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p ext_rep - * is invalid or the value in the buffer is not less than \p m. + * is invalid or the value in the buffer is not less than \p N. */ int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, const unsigned char *buf, size_t buflen, mbedtls_mpi_mod_ext_rep ext_rep); /** Write a residue into a byte buffer. * - * The modulus \p m must be the modulus associated with \p r (see + * The modulus \p N must be the modulus associated with \p r (see * mbedtls_mpi_mod_residue_setup() and mbedtls_mpi_mod_read()). * * The residue will be automatically converted from the internal representation - * based on the value of `m->int_rep` field. + * based on the value of `N->int_rep` field. * - * \warning If the buffer is smaller than `m->bits`, the number of + * \warning If the buffer is smaller than `N->bits`, the number of * leading zeroes is leaked through timing. If \p r is * secret, the caller must ensure that \p buflen is at least - * (`m->bits`+7)/8. + * (`N->bits`+7)/8. * * \param[in] r The address of the residue. It must have the same number of - * limbs as the modulus \p m. (\p r is an input parameter, but + * limbs as the modulus \p N. (\p r is an input parameter, but * its value will be modified during execution and restored * before the function returns.) - * \param[in] m The address of the modulus associated with \r. + * \param[in] N The address of the modulus associated with \p r. * \param[out] buf The output buffer to export to. * \param buflen The length in bytes of \p buf. * \param ext_rep The endianness in which the number should be written into @@ -460,22 +456,9 @@ int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r, * MBEDTLS_MPI_MOD_REP_MONTGOMERY. */ int mbedtls_mpi_mod_write(const mbedtls_mpi_mod_residue *r, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, unsigned char *buf, size_t buflen, mbedtls_mpi_mod_ext_rep ext_rep); -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ #endif /* MBEDTLS_BIGNUM_MOD_H */ diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c index aa2bd46cc..5ee1b19b2 100644 --- a/library/bignum_mod_raw.c +++ b/library/bignum_mod_raw.c @@ -19,7 +19,7 @@ #include "common.h" -#if defined(MBEDTLS_BIGNUM_C) +#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ECP_WITH_MPI_UINT) #include @@ -33,12 +33,14 @@ #include "bignum_mod.h" #include "constant_time_internal.h" +#include "bignum_mod_raw_invasive.h" + void mbedtls_mpi_mod_raw_cond_assign(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, const mbedtls_mpi_mod_modulus *N, unsigned char assign) { - mbedtls_mpi_core_cond_assign(X, A, N->limbs, assign); + mbedtls_mpi_core_cond_assign(X, A, N->limbs, mbedtls_ct_bool(assign)); } void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X, @@ -46,11 +48,11 @@ void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X, const mbedtls_mpi_mod_modulus *N, unsigned char swap) { - mbedtls_mpi_core_cond_swap(X, Y, N->limbs, swap); + mbedtls_mpi_core_cond_swap(X, Y, N->limbs, mbedtls_ct_bool(swap)); } int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, const unsigned char *input, size_t input_length, mbedtls_mpi_mod_ext_rep ext_rep) @@ -59,11 +61,11 @@ int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X, switch (ext_rep) { case MBEDTLS_MPI_MOD_EXT_REP_LE: - ret = mbedtls_mpi_core_read_le(X, m->limbs, + ret = mbedtls_mpi_core_read_le(X, N->limbs, input, input_length); break; case MBEDTLS_MPI_MOD_EXT_REP_BE: - ret = mbedtls_mpi_core_read_be(X, m->limbs, + ret = mbedtls_mpi_core_read_be(X, N->limbs, input, input_length); break; default: @@ -74,7 +76,7 @@ int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X, goto cleanup; } - if (!mbedtls_mpi_core_lt_ct(X, m->p, m->limbs)) { + if (!mbedtls_mpi_core_lt_ct(X, N->p, N->limbs)) { ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; goto cleanup; } @@ -85,29 +87,23 @@ cleanup: } int mbedtls_mpi_mod_raw_write(const mbedtls_mpi_uint *A, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, unsigned char *output, size_t output_length, mbedtls_mpi_mod_ext_rep ext_rep) { switch (ext_rep) { case MBEDTLS_MPI_MOD_EXT_REP_LE: - return mbedtls_mpi_core_write_le(A, m->limbs, + return mbedtls_mpi_core_write_le(A, N->limbs, output, output_length); case MBEDTLS_MPI_MOD_EXT_REP_BE: - return mbedtls_mpi_core_write_be(A, m->limbs, + return mbedtls_mpi_core_write_be(A, N->limbs, output, output_length); default: return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } } -/* BEGIN MERGE SLOT 1 */ - -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *B, @@ -118,20 +114,49 @@ void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X, (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) c); } +MBEDTLS_STATIC_TESTABLE +void mbedtls_mpi_mod_raw_fix_quasi_reduction(mbedtls_mpi_uint *X, + const mbedtls_mpi_mod_modulus *N) +{ + mbedtls_mpi_uint c = mbedtls_mpi_core_sub(X, X, N->p, N->limbs); + + (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) c); +} + + void mbedtls_mpi_mod_raw_mul(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *B, const mbedtls_mpi_mod_modulus *N, mbedtls_mpi_uint *T) { - mbedtls_mpi_core_montmul(X, A, B, N->limbs, N->p, N->limbs, - N->rep.mont.mm, T); + /* Standard (A * B) multiplication stored into pre-allocated T + * buffer of fixed limb size of (2N + 1). + * + * The space may not not fully filled by when + * MBEDTLS_MPI_MOD_REP_OPT_RED is used. */ + const size_t T_limbs = BITS_TO_LIMBS(N->bits) * 2; + switch (N->int_rep) { + case MBEDTLS_MPI_MOD_REP_MONTGOMERY: + mbedtls_mpi_core_montmul(X, A, B, N->limbs, N->p, N->limbs, + N->rep.mont.mm, T); + break; + case MBEDTLS_MPI_MOD_REP_OPT_RED: + mbedtls_mpi_core_mul(T, A, N->limbs, B, N->limbs); + + /* Optimised Reduction */ + (*N->rep.ored.modp)(T, T_limbs); + + /* Convert back to canonical representation */ + mbedtls_mpi_mod_raw_fix_quasi_reduction(T, N); + memcpy(X, T, N->limbs * sizeof(mbedtls_mpi_uint)); + break; + default: + break; + } + } -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ - size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs(size_t AN_limbs) { /* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent, @@ -163,13 +188,6 @@ void mbedtls_mpi_mod_raw_inv_prime(mbedtls_mpi_uint *X, RR, T + AN_limbs); } -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *B, @@ -180,9 +198,6 @@ void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X, borrow = mbedtls_mpi_core_sub(X, X, N->p, N->limbs); (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) (carry ^ borrow)); } -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( mbedtls_mpi_uint *X, @@ -225,67 +240,49 @@ int mbedtls_mpi_mod_raw_random(mbedtls_mpi_uint *X, return mbedtls_mpi_mod_raw_canonical_to_modulus_rep(X, N); } -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X, - const mbedtls_mpi_mod_modulus *m) + const mbedtls_mpi_mod_modulus *N) { mbedtls_mpi_uint *T; - const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(m->limbs); + const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(N->limbs); if ((T = (mbedtls_mpi_uint *) mbedtls_calloc(t_limbs, ciL)) == NULL) { return MBEDTLS_ERR_MPI_ALLOC_FAILED; } - mbedtls_mpi_core_to_mont_rep(X, X, m->p, m->limbs, - m->rep.mont.mm, m->rep.mont.rr, T); + mbedtls_mpi_core_to_mont_rep(X, X, N->p, N->limbs, + N->rep.mont.mm, N->rep.mont.rr, T); - mbedtls_platform_zeroize(T, t_limbs * ciL); - mbedtls_free(T); + mbedtls_zeroize_and_free(T, t_limbs * ciL); return 0; } int mbedtls_mpi_mod_raw_from_mont_rep(mbedtls_mpi_uint *X, - const mbedtls_mpi_mod_modulus *m) + const mbedtls_mpi_mod_modulus *N) { - const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(m->limbs); + const size_t t_limbs = mbedtls_mpi_core_montmul_working_limbs(N->limbs); mbedtls_mpi_uint *T; if ((T = (mbedtls_mpi_uint *) mbedtls_calloc(t_limbs, ciL)) == NULL) { return MBEDTLS_ERR_MPI_ALLOC_FAILED; } - mbedtls_mpi_core_from_mont_rep(X, X, m->p, m->limbs, m->rep.mont.mm, T); + mbedtls_mpi_core_from_mont_rep(X, X, N->p, N->limbs, N->rep.mont.mm, T); - mbedtls_platform_zeroize(T, t_limbs * ciL); - mbedtls_free(T); + mbedtls_zeroize_and_free(T, t_limbs * ciL); return 0; } void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, - const mbedtls_mpi_mod_modulus *m) + const mbedtls_mpi_mod_modulus *N) { - mbedtls_mpi_core_sub(X, m->p, A, m->limbs); + mbedtls_mpi_core_sub(X, N->p, A, N->limbs); /* If A=0 initially, then X=N now. Detect this by * subtracting N and catching the carry. */ - mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub(X, X, m->p, m->limbs); - (void) mbedtls_mpi_core_add_if(X, m->p, m->limbs, (unsigned) borrow); + mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub(X, X, N->p, N->limbs); + (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) borrow); } -/* END MERGE SLOT 7 */ -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ - -#endif /* MBEDTLS_BIGNUM_C */ +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ECP_WITH_MPI_UINT */ diff --git a/library/bignum_mod_raw.h b/library/bignum_mod_raw.h index da8db6f33..c5ff9378e 100644 --- a/library/bignum_mod_raw.h +++ b/library/bignum_mod_raw.h @@ -145,10 +145,10 @@ void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X, * The MPI needs to have enough limbs to store the full value (including any * most significant zero bytes in the input). * - * \param[out] X The address of the MPI. The size is determined by \p m. + * \param[out] X The address of the MPI. The size is determined by \p N. * (In particular, it must have at least as many limbs as - * the modulus \p m.) - * \param[in] m The address of the modulus related to \p X. + * the modulus \p N.) + * \param[in] N The address of the modulus related to \p X. * \param[in] input The input buffer to import from. * \param input_length The length in bytes of \p input. * \param ext_rep The endianness of the number in the input buffer. @@ -157,20 +157,20 @@ void mbedtls_mpi_mod_raw_cond_swap(mbedtls_mpi_uint *X, * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p X isn't * large enough to hold the value in \p input. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation - * of \p m is invalid or \p X is not less than \p m. + * of \p N is invalid or \p X is not less than \p N. */ int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, const unsigned char *input, size_t input_length, mbedtls_mpi_mod_ext_rep ext_rep); /** Export A into unsigned binary data. * - * \param[in] A The address of the MPI. The size is determined by \p m. + * \param[in] A The address of the MPI. The size is determined by \p N. * (In particular, it must have at least as many limbs as - * the modulus \p m.) - * \param[in] m The address of the modulus related to \p A. + * the modulus \p N.) + * \param[in] N The address of the modulus related to \p A. * \param[out] output The output buffer to export to. * \param output_length The length in bytes of \p output. * \param ext_rep The endianness in which the number should be written into the output buffer. @@ -179,20 +179,14 @@ int mbedtls_mpi_mod_raw_read(mbedtls_mpi_uint *X, * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p output isn't * large enough to hold the value of \p A. * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the external representation - * of \p m is invalid. + * of \p N is invalid. */ int mbedtls_mpi_mod_raw_write(const mbedtls_mpi_uint *A, - const mbedtls_mpi_mod_modulus *m, + const mbedtls_mpi_mod_modulus *N, unsigned char *output, size_t output_length, mbedtls_mpi_mod_ext_rep ext_rep); -/* BEGIN MERGE SLOT 1 */ - -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - /** \brief Subtract two MPIs, returning the residue modulo the specified * modulus. * @@ -250,10 +244,6 @@ void mbedtls_mpi_mod_raw_mul(mbedtls_mpi_uint *X, const mbedtls_mpi_mod_modulus *N, mbedtls_mpi_uint *T); -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ - /** * \brief Returns the number of limbs of working memory required for * a call to `mbedtls_mpi_mod_raw_inv_prime()`. @@ -303,13 +293,6 @@ void mbedtls_mpi_mod_raw_inv_prime(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *RR, mbedtls_mpi_uint *T); -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ /** * \brief Perform a known-size modular addition. * @@ -332,9 +315,6 @@ void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, const mbedtls_mpi_uint *B, const mbedtls_mpi_mod_modulus *N); -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ /** Convert an MPI from canonical representation (little-endian limb array) * to the representation associated with the modulus. @@ -346,7 +326,7 @@ void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X, * is unspecified. * \param[in] N The modulus structure. * - *\ return \c 0 if successful. + * \return \c 0 if successful. * Otherwise an \c MBEDTLS_ERR_MPI_xxx error code. */ int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( @@ -363,7 +343,7 @@ int mbedtls_mpi_mod_raw_canonical_to_modulus_rep( * is unspecified. * \param[in] N The modulus structure. * - *\ return \c 0 if successful. + * \return \c 0 if successful. * Otherwise an \c MBEDTLS_ERR_MPI_xxx error code. */ int mbedtls_mpi_mod_raw_modulus_to_canonical_rep( @@ -404,61 +384,45 @@ int mbedtls_mpi_mod_raw_random(mbedtls_mpi_uint *X, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ /** Convert an MPI into Montgomery form. * * \param X The address of the MPI. - * Must have the same number of limbs as \p m. - * \param m The address of the modulus, which gives the size of - * the base `R` = 2^(biL*m->limbs). + * Must have the same number of limbs as \p N. + * \param N The address of the modulus, which gives the size of + * the base `R` = 2^(biL*N->limbs). * * \return \c 0 if successful. */ int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X, - const mbedtls_mpi_mod_modulus *m); + const mbedtls_mpi_mod_modulus *N); /** Convert an MPI back from Montgomery representation. * * \param X The address of the MPI. - * Must have the same number of limbs as \p m. - * \param m The address of the modulus, which gives the size of - * the base `R`= 2^(biL*m->limbs). + * Must have the same number of limbs as \p N. + * \param N The address of the modulus, which gives the size of + * the base `R`= 2^(biL*N->limbs). * * \return \c 0 if successful. */ int mbedtls_mpi_mod_raw_from_mont_rep(mbedtls_mpi_uint *X, - const mbedtls_mpi_mod_modulus *m); + const mbedtls_mpi_mod_modulus *N); /** \brief Perform fixed width modular negation. * - * The size of the operation is determined by \p m. \p A must have - * the same number of limbs as \p m. + * The size of the operation is determined by \p N. \p A must have + * the same number of limbs as \p N. * * \p X may be aliased to \p A. * * \param[out] X The result of the modular negation. * This must be initialized. * \param[in] A Little-endian presentation of the input operand. This - * must be less than or equal to \p m. - * \param[in] m The modulus to use. + * must be less than or equal to \p N. + * \param[in] N The modulus to use. */ void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X, const mbedtls_mpi_uint *A, - const mbedtls_mpi_mod_modulus *m); -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ + const mbedtls_mpi_mod_modulus *N); #endif /* MBEDTLS_BIGNUM_MOD_RAW_H */ diff --git a/library/bignum_mod_raw_invasive.h b/library/bignum_mod_raw_invasive.h new file mode 100644 index 000000000..ead83942c --- /dev/null +++ b/library/bignum_mod_raw_invasive.h @@ -0,0 +1,46 @@ +/** + * \file bignum_mod_raw_invasive.h + * + * \brief Function declarations for invasive functions of Low-level + * modular bignum. + */ +/** + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_BIGNUM_MOD_RAW_INVASIVE_H +#define MBEDTLS_BIGNUM_MOD_RAW_INVASIVE_H + +#include "common.h" +#include "mbedtls/bignum.h" +#include "bignum_mod.h" + +#if defined(MBEDTLS_TEST_HOOKS) + +/** Convert the result of a quasi-reduction to its canonical representative. + * + * \param[in,out] X The address of the MPI to be converted. Must have the + * same number of limbs as \p N. The input value must + * be in range 0 <= X < 2N. + * \param[in] N The address of the modulus. + */ +MBEDTLS_STATIC_TESTABLE +void mbedtls_mpi_mod_raw_fix_quasi_reduction(mbedtls_mpi_uint *X, + const mbedtls_mpi_mod_modulus *N); + +#endif /* MBEDTLS_TEST_HOOKS */ + +#endif /* MBEDTLS_BIGNUM_MOD_RAW_INVASIVE_H */ diff --git a/library/bn_mul.h b/library/bn_mul.h index 307c2418f..ab1a66ae5 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -83,10 +83,6 @@ /* *INDENT-OFF* */ #if defined(MBEDTLS_HAVE_ASM) -#ifndef asm -#define asm __asm -#endif - /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ #if defined(__GNUC__) && \ ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) @@ -252,27 +248,39 @@ #endif /* AMD64 */ -#if defined(__aarch64__) +// The following assembly code assumes that a pointer will fit in a 64-bit register +// (including ILP32 __aarch64__ ABIs such as on watchOS, hence the 2^32 - 1) +#if defined(__aarch64__) && (UINTPTR_MAX == 0xfffffffful || UINTPTR_MAX == 0xfffffffffffffffful) +/* + * There are some issues around different compilers requiring different constraint + * syntax for updating pointers from assembly code (see notes for + * MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT in common.h), especially on aarch64_32 (aka ILP32). + * + * For this reason we cast the pointers to/from uintptr_t here. + */ #define MULADDC_X1_INIT \ - asm( + do { uintptr_t muladdc_d = (uintptr_t) d, muladdc_s = (uintptr_t) s; asm( #define MULADDC_X1_CORE \ - "ldr x4, [%2], #8 \n\t" \ - "ldr x5, [%1] \n\t" \ + "ldr x4, [%x2], #8 \n\t" \ + "ldr x5, [%x1] \n\t" \ "mul x6, x4, %4 \n\t" \ "umulh x7, x4, %4 \n\t" \ "adds x5, x5, x6 \n\t" \ "adc x7, x7, xzr \n\t" \ "adds x5, x5, %0 \n\t" \ "adc %0, x7, xzr \n\t" \ - "str x5, [%1], #8 \n\t" + "str x5, [%x1], #8 \n\t" #define MULADDC_X1_STOP \ - : "+r" (c), "+r" (d), "+r" (s), "+m" (*(uint64_t (*)[16]) d) \ + : "+r" (c), \ + "+r" (muladdc_d), \ + "+r" (muladdc_s), \ + "+m" (*(uint64_t (*)[16]) d) \ : "r" (b), "m" (*(const uint64_t (*)[16]) s) \ : "x4", "x5", "x6", "x7", "cc" \ - ); + ); d = (mbedtls_mpi_uint *)muladdc_d; s = (mbedtls_mpi_uint *)muladdc_s; } while (0); #endif /* Aarch64 */ @@ -662,6 +670,16 @@ #endif /* TriCore */ +#if defined(__arm__) + +#if defined(__thumb__) && !defined(__thumb2__) +#if defined(MBEDTLS_COMPILER_IS_GCC) +/* + * Thumb 1 ISA. This code path has only been tested successfully on gcc; + * it does not compile on clang or armclang. + */ + +#if !defined(__OPTIMIZE__) && defined(__GNUC__) /* * Note, gcc -O0 by default uses r7 for the frame pointer, so it complains about * our use of r7 below, unless -fomit-frame-pointer is passed. @@ -670,32 +688,39 @@ * x !=0, which we can detect using __OPTIMIZE__ (which is also defined by * clang and armcc5 under the same conditions). * - * So, only use the optimized assembly below for optimized build, which avoids - * the build error and is pretty reasonable anyway. + * If gcc needs to use r7, we use r1 as a scratch register and have a few extra + * instructions to preserve/restore it; otherwise, we can use r7 and avoid + * the preserve/restore overhead. */ -#if defined(__GNUC__) && !defined(__OPTIMIZE__) -#define MULADDC_CANNOT_USE_R7 -#endif - -#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7) - -#if defined(__thumb__) && !defined(__thumb2__) +#define MULADDC_SCRATCH "RS .req r1 \n\t" +#define MULADDC_PRESERVE_SCRATCH "mov r10, r1 \n\t" +#define MULADDC_RESTORE_SCRATCH "mov r1, r10 \n\t" +#define MULADDC_SCRATCH_CLOBBER "r10" +#else /* !defined(__OPTIMIZE__) && defined(__GNUC__) */ +#define MULADDC_SCRATCH "RS .req r7 \n\t" +#define MULADDC_PRESERVE_SCRATCH "" +#define MULADDC_RESTORE_SCRATCH "" +#define MULADDC_SCRATCH_CLOBBER "r7" +#endif /* !defined(__OPTIMIZE__) && defined(__GNUC__) */ #define MULADDC_X1_INIT \ asm( \ + MULADDC_SCRATCH \ "ldr r0, %3 \n\t" \ "ldr r1, %4 \n\t" \ "ldr r2, %5 \n\t" \ "ldr r3, %6 \n\t" \ - "lsr r7, r3, #16 \n\t" \ - "mov r9, r7 \n\t" \ - "lsl r7, r3, #16 \n\t" \ - "lsr r7, r7, #16 \n\t" \ - "mov r8, r7 \n\t" + "lsr r4, r3, #16 \n\t" \ + "mov r9, r4 \n\t" \ + "lsl r4, r3, #16 \n\t" \ + "lsr r4, r4, #16 \n\t" \ + "mov r8, r4 \n\t" \ + #define MULADDC_X1_CORE \ + MULADDC_PRESERVE_SCRATCH \ "ldmia r0!, {r6} \n\t" \ - "lsr r7, r6, #16 \n\t" \ + "lsr RS, r6, #16 \n\t" \ "lsl r6, r6, #16 \n\t" \ "lsr r6, r6, #16 \n\t" \ "mov r4, r8 \n\t" \ @@ -703,12 +728,12 @@ "mov r3, r9 \n\t" \ "mul r6, r3 \n\t" \ "mov r5, r9 \n\t" \ - "mul r5, r7 \n\t" \ + "mul r5, RS \n\t" \ "mov r3, r8 \n\t" \ - "mul r7, r3 \n\t" \ + "mul RS, r3 \n\t" \ "lsr r3, r6, #16 \n\t" \ "add r5, r5, r3 \n\t" \ - "lsr r3, r7, #16 \n\t" \ + "lsr r3, RS, #16 \n\t" \ "add r5, r5, r3 \n\t" \ "add r4, r4, r2 \n\t" \ "mov r2, #0 \n\t" \ @@ -716,9 +741,10 @@ "lsl r3, r6, #16 \n\t" \ "add r4, r4, r3 \n\t" \ "adc r5, r2 \n\t" \ - "lsl r3, r7, #16 \n\t" \ + "lsl r3, RS, #16 \n\t" \ "add r4, r4, r3 \n\t" \ "adc r5, r2 \n\t" \ + MULADDC_RESTORE_SCRATCH \ "ldr r3, [r1] \n\t" \ "add r4, r4, r3 \n\t" \ "adc r2, r5 \n\t" \ @@ -731,11 +757,15 @@ : "=m" (c), "=m" (d), "=m" (s) \ : "m" (s), "m" (d), "m" (c), "m" (b) \ : "r0", "r1", "r2", "r3", "r4", "r5", \ - "r6", "r7", "r8", "r9", "cc" \ + "r6", MULADDC_SCRATCH_CLOBBER, "r8", "r9", "cc" \ ); +#endif /* !defined(__ARMCC_VERSION) && !defined(__clang__) */ #elif (__ARM_ARCH >= 6) && \ defined (__ARM_FEATURE_DSP) && (__ARM_FEATURE_DSP == 1) +/* Armv6-M (or later) with DSP Instruction Set Extensions. + * Requires support for either Thumb 2 or Arm ISA. + */ #define MULADDC_X1_INIT \ { \ @@ -800,7 +830,7 @@ ); \ } -#else +#else /* Thumb 2 or Arm ISA, without DSP extensions */ #define MULADDC_X1_INIT \ asm( \ @@ -814,9 +844,9 @@ "mov r5, #0 \n\t" \ "ldr r6, [r1] \n\t" \ "umlal r2, r5, r3, r4 \n\t" \ - "adds r7, r6, r2 \n\t" \ + "adds r4, r6, r2 \n\t" \ "adc r2, r5, #0 \n\t" \ - "str r7, [r1], #4 \n\t" + "str r4, [r1], #4 \n\t" #define MULADDC_X1_STOP \ "str r2, %0 \n\t" \ @@ -825,12 +855,12 @@ : "=m" (c), "=m" (d), "=m" (s) \ : "m" (s), "m" (d), "m" (c), "m" (b) \ : "r0", "r1", "r2", "r3", "r4", "r5", \ - "r6", "r7", "cc" \ + "r6", "cc" \ ); -#endif /* Thumb */ +#endif /* ISA codepath selection */ -#endif /* ARMv3 */ +#endif /* defined(__arm__) */ #if defined(__alpha__) diff --git a/library/ccm.c b/library/ccm.c index 0b02d77b1..237ef9f31 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -33,6 +33,7 @@ #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/constant_time.h" #include @@ -70,7 +71,7 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, return MBEDTLS_ERR_CCM_BAD_INPUT; } - if (cipher_info->block_size != 16) { + if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) { return MBEDTLS_ERR_CCM_BAD_INPUT; } @@ -400,7 +401,6 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, mbedtls_xor(ctx->y + offset, ctx->y + offset, local_output, use_len); memcpy(output, local_output, use_len); - mbedtls_platform_zeroize(local_output, 16); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { if ((ret = @@ -533,13 +533,8 @@ static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned char *tag2, size_t tag_len) { - unsigned char i; - int diff; - /* Check tag in "constant-time" */ - for (diff = 0, i = 0; i < tag_len; i++) { - diff |= tag1[i] ^ tag2[i]; - } + int diff = mbedtls_ct_memcmp(tag1, tag2, tag_len); if (diff != 0) { return MBEDTLS_ERR_CCM_AUTH_FAILED; @@ -659,7 +654,7 @@ int mbedtls_ccm_self_test(int verbose) mbedtls_ccm_init(&ctx); if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data, - 8 * sizeof key_test_data) != 0) { + 8 * sizeof(key_test_data)) != 0) { if (verbose != 0) { mbedtls_printf(" CCM: setup failed"); } diff --git a/library/chachapoly.c b/library/chachapoly.c index 0124d7570..aebc646aa 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -25,6 +25,7 @@ #include "mbedtls/chachapoly.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/constant_time.h" #include @@ -310,7 +311,6 @@ int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - size_t i; int diff; if ((ret = chachapoly_crypt_and_tag(ctx, @@ -320,9 +320,7 @@ int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, } /* Check tag in "constant-time" */ - for (diff = 0, i = 0; i < sizeof(check_tag); i++) { - diff |= tag[i] ^ check_tag[i]; - } + diff = mbedtls_ct_memcmp(tag, check_tag, sizeof(check_tag)); if (diff != 0) { mbedtls_platform_zeroize(output, length); diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index 58175e374..b7d87fe07 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -42,13 +42,13 @@ #endif #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ - !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ + !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_ECDSA) && \ - !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \ + !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)) #error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites" #endif @@ -60,32 +60,84 @@ #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \ - !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \ - !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_OAEP) && \ - !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites" #endif #if defined(PSA_WANT_ALG_RSA_PSS) && \ - !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \ + !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY)) #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites" #endif -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) && \ +#if (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE)) && \ !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR defined, but not all prerequisites" +#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_xxx defined, but not all prerequisites" +#endif + +#if (defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)) && \ + !defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) +#error "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_xxx defined, but not all prerequisites" +#endif + +#if (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE)) && \ + !defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) +#error "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_xxx defined, but not all prerequisites" +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) +#if defined(MBEDTLS_DEPRECATED_REMOVED) +#error "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR is deprecated and will be removed in a \ + future version of Mbed TLS. Please switch to new PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_xxx \ + symbols, where xxx can be: USE, IMPORT, EXPORT, GENERATE, DERIVE" +#elif defined(MBEDTLS_DEPRECATED_WARNING) +#warning "PSA_WANT_KEY_TYPE_ECC_KEY_PAIR is deprecated and will be removed in a \ + future version of Mbed TLS. Please switch to new PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_xxx \ + symbols, where xxx can be: USE, IMPORT, EXPORT, GENERATE, DERIVE" +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) +#if defined(MBEDTLS_DEPRECATED_REMOVED) +#error "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR is deprecated and will be removed in a \ + future version of Mbed TLS. Please switch to new PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_xxx \ + symbols, where xxx can be: USE, IMPORT, EXPORT, GENERATE, DERIVE" +#elif defined(MBEDTLS_DEPRECATED_WARNING) +#warning "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR is deprecated and will be removed in a \ + future version of Mbed TLS. Please switch to new PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_xxx \ + symbols, where xxx can be: USE, IMPORT, EXPORT, GENERATE, DERIVE" +#endif /* MBEDTLS_DEPRECATED_WARNING */ +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE) +#error "PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE defined, but feature is not supported" +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE) +#error "PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE defined, but feature is not supported" #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_USE_PSA_CRYPTO) && \ diff --git a/library/cipher.c b/library/cipher.c index 81e855d46..9f9f1075c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1,7 +1,7 @@ /** * \file cipher.c * - * \brief Generic cipher wrapper for mbed TLS + * \brief Generic cipher wrapper for Mbed TLS * * \author Adriaan de Jong * @@ -30,6 +30,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#include "constant_time_internal.h" #include #include @@ -54,10 +55,9 @@ #include "mbedtls/cmac.h" #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_NIST_KW_C) #include "mbedtls/nist_kw.h" @@ -67,6 +67,12 @@ static int supported_init = 0; +static inline const mbedtls_cipher_base_t *mbedtls_cipher_get_base( + const mbedtls_cipher_info_t *info) +{ + return mbedtls_cipher_base_lookup_table[info->base_idx]; +} + const int *mbedtls_cipher_list(void) { const mbedtls_cipher_definition_t *def; @@ -128,8 +134,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_definition_t *def; for (def = mbedtls_cipher_definitions; def->info != NULL; def++) { - if (def->info->base->cipher == cipher_id && - def->info->key_bitlen == (unsigned) key_bitlen && + if (mbedtls_cipher_get_base(def->info)->cipher == cipher_id && + mbedtls_cipher_info_get_key_bitlen(def->info) == (unsigned) key_bitlen && def->info->mode == mode) { return def->info; } @@ -138,6 +144,72 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( return NULL; } +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) +static inline psa_key_type_t mbedtls_psa_translate_cipher_type( + mbedtls_cipher_type_t cipher) +{ + switch (cipher) { + case MBEDTLS_CIPHER_AES_128_CCM: + case MBEDTLS_CIPHER_AES_192_CCM: + case MBEDTLS_CIPHER_AES_256_CCM: + case MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG: + case MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG: + case MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG: + case MBEDTLS_CIPHER_AES_128_GCM: + case MBEDTLS_CIPHER_AES_192_GCM: + case MBEDTLS_CIPHER_AES_256_GCM: + case MBEDTLS_CIPHER_AES_128_CBC: + case MBEDTLS_CIPHER_AES_192_CBC: + case MBEDTLS_CIPHER_AES_256_CBC: + case MBEDTLS_CIPHER_AES_128_ECB: + case MBEDTLS_CIPHER_AES_192_ECB: + case MBEDTLS_CIPHER_AES_256_ECB: + return PSA_KEY_TYPE_AES; + + /* ARIA not yet supported in PSA. */ + /* case MBEDTLS_CIPHER_ARIA_128_CCM: + case MBEDTLS_CIPHER_ARIA_192_CCM: + case MBEDTLS_CIPHER_ARIA_256_CCM: + case MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG: + case MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG: + case MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG: + case MBEDTLS_CIPHER_ARIA_128_GCM: + case MBEDTLS_CIPHER_ARIA_192_GCM: + case MBEDTLS_CIPHER_ARIA_256_GCM: + case MBEDTLS_CIPHER_ARIA_128_CBC: + case MBEDTLS_CIPHER_ARIA_192_CBC: + case MBEDTLS_CIPHER_ARIA_256_CBC: + return( PSA_KEY_TYPE_ARIA ); */ + + default: + return 0; + } +} + +static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode( + mbedtls_cipher_mode_t mode, size_t taglen) +{ + switch (mode) { + case MBEDTLS_MODE_ECB: + return PSA_ALG_ECB_NO_PADDING; + case MBEDTLS_MODE_GCM: + return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, taglen); + case MBEDTLS_MODE_CCM: + return PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen); + case MBEDTLS_MODE_CCM_STAR_NO_TAG: + return PSA_ALG_CCM_STAR_NO_TAG; + case MBEDTLS_MODE_CBC: + if (taglen == 0) { + return PSA_ALG_CBC_NO_PADDING; + } else { + return 0; + } + default: + return 0; + } +} +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ + void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx) { memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); @@ -149,7 +221,7 @@ void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx) return; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { if (ctx->cipher_ctx != NULL) { mbedtls_cipher_context_psa * const cipher_psa = @@ -160,25 +232,23 @@ void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx) (void) psa_destroy_key(cipher_psa->slot); } - mbedtls_platform_zeroize(cipher_psa, sizeof(*cipher_psa)); - mbedtls_free(cipher_psa); + mbedtls_zeroize_and_free(cipher_psa, sizeof(*cipher_psa)); } mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); return; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_CMAC_C) if (ctx->cmac_ctx) { - mbedtls_platform_zeroize(ctx->cmac_ctx, + mbedtls_zeroize_and_free(ctx->cmac_ctx, sizeof(mbedtls_cmac_context_t)); - mbedtls_free(ctx->cmac_ctx); } #endif if (ctx->cipher_ctx) { - ctx->cipher_info->base->ctx_free_func(ctx->cipher_ctx); + mbedtls_cipher_get_base(ctx->cipher_info)->ctx_free_func(ctx->cipher_ctx); } mbedtls_platform_zeroize(ctx, sizeof(mbedtls_cipher_context_t)); @@ -193,28 +263,16 @@ int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - if (NULL == (ctx->cipher_ctx = cipher_info->base->ctx_alloc_func())) { + if (NULL == (ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func())) { return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; } ctx->cipher_info = cipher_info; -#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - /* - * Ignore possible errors caused by a cipher mode that doesn't use padding - */ -#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_PKCS7); -#else - (void) mbedtls_cipher_set_padding_mode(ctx, MBEDTLS_PADDING_NONE); -#endif -#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - return 0; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#if !defined(MBEDTLS_DEPRECATED_REMOVED) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info, size_t taglen) @@ -228,11 +286,11 @@ int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, /* Check that the underlying cipher mode and cipher type are * supported by the underlying PSA Crypto implementation. */ - alg = mbedtls_psa_translate_cipher_mode(cipher_info->mode, taglen); + alg = mbedtls_psa_translate_cipher_mode(((mbedtls_cipher_mode_t) cipher_info->mode), taglen); if (alg == 0) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - if (mbedtls_psa_translate_cipher_type(cipher_info->type) == 0) { + if (mbedtls_psa_translate_cipher_type(((mbedtls_cipher_type_t) cipher_info->type)) == 0) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } @@ -248,8 +306,7 @@ int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, ctx->psa_enabled = 1; return 0; } -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, @@ -263,7 +320,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { mbedtls_cipher_context_psa * const cipher_psa = (mbedtls_cipher_context_psa *) ctx->cipher_ctx; @@ -285,7 +342,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, } key_type = mbedtls_psa_translate_cipher_type( - ctx->cipher_info->type); + ((mbedtls_cipher_type_t) ctx->cipher_info->type)); if (key_type == 0) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } @@ -296,7 +353,6 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, * and use it for AEAD decryption. Until tests relying on this * are changed, allow any usage in PSA. */ psa_set_key_usage_flags(&attributes, - /* mbedtls_psa_translate_cipher_operation( operation ); */ PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT); psa_set_key_algorithm(&attributes, cipher_psa->alg); @@ -320,10 +376,10 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, ctx->operation = operation; return 0; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN) == 0 && - (int) ctx->cipher_info->key_bitlen != key_bitlen) { + (int) mbedtls_cipher_info_get_key_bitlen(ctx->cipher_info) != key_bitlen) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -334,16 +390,16 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, * For OFB, CFB and CTR mode always use the encryption key schedule */ if (MBEDTLS_ENCRYPT == operation || - MBEDTLS_MODE_CFB == ctx->cipher_info->mode || - MBEDTLS_MODE_OFB == ctx->cipher_info->mode || - MBEDTLS_MODE_CTR == ctx->cipher_info->mode) { - return ctx->cipher_info->base->setkey_enc_func(ctx->cipher_ctx, key, - ctx->key_bitlen); + MBEDTLS_MODE_CFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_OFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_CTR == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { + return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, + ctx->key_bitlen); } if (MBEDTLS_DECRYPT == operation) { - return ctx->cipher_info->base->setkey_dec_func(ctx->cipher_ctx, key, - ctx->key_bitlen); + return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key, + ctx->key_bitlen); } return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -358,14 +414,14 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, if (ctx->cipher_info == NULL) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ /* avoid buffer overflow in ctx->iv */ if (iv_len > MBEDTLS_MAX_IV_LENGTH) { @@ -375,7 +431,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, if ((ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN) != 0) { actual_iv_size = iv_len; } else { - actual_iv_size = ctx->cipher_info->iv_size; + actual_iv_size = mbedtls_cipher_info_get_iv_size(ctx->cipher_info); /* avoid reading past the end of input buffer */ if (actual_iv_size > iv_len) { @@ -384,7 +440,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, } #if defined(MBEDTLS_CHACHA20_C) - if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20) { + if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20) { /* Even though the actual_iv_size is overwritten with a correct value * of 12 from the cipher info, return an error to indicate that * the input iv_len is wrong. */ @@ -399,7 +455,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, } } #if defined(MBEDTLS_CHACHAPOLY_C) - if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 && + if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20_POLY1305 && iv_len != 12) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -407,7 +463,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, #endif #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return mbedtls_gcm_starts((mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, iv, iv_len); @@ -415,7 +471,7 @@ int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, #endif #if defined(MBEDTLS_CCM_C) - if (MBEDTLS_MODE_CCM_STAR_NO_TAG == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CCM_STAR_NO_TAG == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int set_lengths_result; int ccm_star_mode; @@ -454,13 +510,13 @@ int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx) return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* We don't support resetting PSA-based * cipher contexts, yet. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ ctx->unprocessed_len = 0; @@ -475,24 +531,24 @@ int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return mbedtls_gcm_update_ad((mbedtls_gcm_context *) ctx->cipher_ctx, ad, ad_len); } #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { int result; mbedtls_chachapoly_mode_t mode; @@ -526,14 +582,14 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ *olen = 0; block_size = mbedtls_cipher_get_block_size(ctx); @@ -541,15 +597,16 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; } - if (ctx->cipher_info->mode == MBEDTLS_MODE_ECB) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_ECB) { if (ilen != block_size) { return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } *olen = ilen; - if (0 != (ret = ctx->cipher_info->base->ecb_func(ctx->cipher_ctx, - ctx->operation, input, output))) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ecb_func(ctx->cipher_ctx, + ctx->operation, input, + output))) { return ret; } @@ -557,7 +614,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in } #if defined(MBEDTLS_GCM_C) - if (ctx->cipher_info->mode == MBEDTLS_MODE_GCM) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_GCM) { return mbedtls_gcm_update((mbedtls_gcm_context *) ctx->cipher_ctx, input, ilen, output, ilen, olen); @@ -565,7 +622,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif #if defined(MBEDTLS_CCM_C) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CCM_STAR_NO_TAG) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CCM_STAR_NO_TAG) { return mbedtls_ccm_update((mbedtls_ccm_context *) ctx->cipher_ctx, input, ilen, output, ilen, olen); @@ -573,7 +630,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) { + if (((mbedtls_cipher_type_t) ctx->cipher_info->type) == MBEDTLS_CIPHER_CHACHA20_POLY1305) { *olen = ilen; return mbedtls_chachapoly_update((mbedtls_chachapoly_context *) ctx->cipher_ctx, ilen, input, output); @@ -586,7 +643,7 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CBC) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CBC) { size_t copy_len = 0; /* @@ -614,9 +671,12 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]), input, copy_len); - if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, - ctx->operation, block_size, ctx->iv, - ctx->unprocessed_data, output))) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, + ctx->operation, + block_size, ctx->iv, + ctx-> + unprocessed_data, + output))) { return ret; } @@ -654,9 +714,11 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in * Process remaining full blocks */ if (ilen) { - if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, - output))) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, + ctx->operation, + ilen, ctx->iv, + input, + output))) { return ret; } @@ -668,11 +730,12 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CFB) { - if (0 != (ret = ctx->cipher_info->base->cfb_func(ctx->cipher_ctx, - ctx->operation, ilen, - &ctx->unprocessed_len, ctx->iv, - input, output))) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CFB) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cfb_func(ctx->cipher_ctx, + ctx->operation, ilen, + &ctx->unprocessed_len, + ctx->iv, + input, output))) { return ret; } @@ -683,10 +746,12 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) - if (ctx->cipher_info->mode == MBEDTLS_MODE_OFB) { - if (0 != (ret = ctx->cipher_info->base->ofb_func(ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, - input, output))) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_OFB) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ofb_func(ctx->cipher_ctx, + ilen, + &ctx->unprocessed_len, + ctx->iv, + input, output))) { return ret; } @@ -697,10 +762,13 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) - if (ctx->cipher_info->mode == MBEDTLS_MODE_CTR) { - if (0 != (ret = ctx->cipher_info->base->ctr_func(ctx->cipher_ctx, - ilen, &ctx->unprocessed_len, ctx->iv, - ctx->unprocessed_data, input, output))) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_CTR) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->ctr_func(ctx->cipher_ctx, + ilen, + &ctx->unprocessed_len, + ctx->iv, + ctx->unprocessed_data, + input, output))) { return ret; } @@ -711,14 +779,18 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) - if (ctx->cipher_info->mode == MBEDTLS_MODE_XTS) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_XTS) { if (ctx->unprocessed_len > 0) { /* We can only process an entire data unit at a time. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } - ret = ctx->cipher_info->base->xts_func(ctx->cipher_ctx, - ctx->operation, ilen, ctx->iv, input, output); + ret = mbedtls_cipher_get_base(ctx->cipher_info)->xts_func(ctx->cipher_ctx, + ctx->operation, + ilen, + ctx->iv, + input, + output); if (ret != 0) { return ret; } @@ -730,9 +802,10 @@ int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *in #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_CIPHER_MODE_STREAM) - if (ctx->cipher_info->mode == MBEDTLS_MODE_STREAM) { - if (0 != (ret = ctx->cipher_info->base->stream_func(ctx->cipher_ctx, - ilen, input, output))) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) == MBEDTLS_MODE_STREAM) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->stream_func(ctx->cipher_ctx, + ilen, input, + output))) { return ret; } @@ -765,7 +838,7 @@ static int get_pkcs_padding(unsigned char *input, size_t input_len, size_t *data_len) { size_t i, pad_idx; - unsigned char padding_len, bad = 0; + unsigned char padding_len; if (NULL == input || NULL == data_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -774,18 +847,19 @@ static int get_pkcs_padding(unsigned char *input, size_t input_len, padding_len = input[input_len - 1]; *data_len = input_len - padding_len; - /* Avoid logical || since it results in a branch */ - bad |= padding_len > input_len; - bad |= padding_len == 0; + mbedtls_ct_condition_t bad = mbedtls_ct_uint_gt(padding_len, input_len); + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_eq(padding_len, 0)); /* The number of bytes checked must be independent of padding_len, * so pick input_len, which is usually 8 or 16 (one block) */ pad_idx = input_len - padding_len; for (i = 0; i < input_len; i++) { - bad |= (input[i] ^ padding_len) * (i >= pad_idx); + mbedtls_ct_condition_t in_padding = mbedtls_ct_uint_ge(i, pad_idx); + mbedtls_ct_condition_t different = mbedtls_ct_uint_ne(input[i], padding_len); + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_and(in_padding, different)); } - return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0); + return mbedtls_ct_error_if_else_0(bad, MBEDTLS_ERR_CIPHER_INVALID_PADDING); } #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ @@ -808,24 +882,28 @@ static void add_one_and_zeros_padding(unsigned char *output, static int get_one_and_zeros_padding(unsigned char *input, size_t input_len, size_t *data_len) { - size_t i; - unsigned char done = 0, prev_done, bad; - if (NULL == input || NULL == data_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - bad = 0x80; + mbedtls_ct_condition_t in_padding = MBEDTLS_CT_TRUE; + mbedtls_ct_condition_t bad = MBEDTLS_CT_TRUE; + *data_len = 0; - for (i = input_len; i > 0; i--) { - prev_done = done; - done |= (input[i - 1] != 0); - *data_len |= (i - 1) * (done != prev_done); - bad ^= input[i - 1] * (done != prev_done); + + for (ptrdiff_t i = (ptrdiff_t) (input_len) - 1; i >= 0; i--) { + mbedtls_ct_condition_t is_nonzero = mbedtls_ct_bool(input[i]); + + mbedtls_ct_condition_t hit_first_nonzero = mbedtls_ct_bool_and(is_nonzero, in_padding); + + *data_len = mbedtls_ct_size_if(hit_first_nonzero, i, *data_len); + + bad = mbedtls_ct_bool_if(hit_first_nonzero, mbedtls_ct_uint_ne(input[i], 0x80), bad); + + in_padding = mbedtls_ct_bool_and(in_padding, mbedtls_ct_bool_not(is_nonzero)); } - return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0); - + return mbedtls_ct_error_if_else_0(bad, MBEDTLS_ERR_CIPHER_INVALID_PADDING); } #endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ @@ -849,7 +927,8 @@ static int get_zeros_and_len_padding(unsigned char *input, size_t input_len, size_t *data_len) { size_t i, pad_idx; - unsigned char padding_len, bad = 0; + unsigned char padding_len; + mbedtls_ct_condition_t bad; if (NULL == input || NULL == data_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -859,16 +938,19 @@ static int get_zeros_and_len_padding(unsigned char *input, size_t input_len, *data_len = input_len - padding_len; /* Avoid logical || since it results in a branch */ - bad |= padding_len > input_len; - bad |= padding_len == 0; + bad = mbedtls_ct_uint_gt(padding_len, input_len); + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_eq(padding_len, 0)); /* The number of bytes checked must be independent of padding_len */ pad_idx = input_len - padding_len; for (i = 0; i < input_len - 1; i++) { - bad |= input[i] * (i >= pad_idx); + mbedtls_ct_condition_t is_padding = mbedtls_ct_uint_ge(i, pad_idx); + mbedtls_ct_condition_t nonzero_pad_byte; + nonzero_pad_byte = mbedtls_ct_bool_if_else_0(is_padding, mbedtls_ct_bool(input[i])); + bad = mbedtls_ct_bool_or(bad, nonzero_pad_byte); } - return MBEDTLS_ERR_CIPHER_INVALID_PADDING * (bad != 0); + return mbedtls_ct_error_if_else_0(bad, MBEDTLS_ERR_CIPHER_INVALID_PADDING); } #endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ @@ -879,18 +961,14 @@ static int get_zeros_and_len_padding(unsigned char *input, size_t input_len, static void add_zeros_padding(unsigned char *output, size_t output_len, size_t data_len) { - size_t i; - - for (i = data_len; i < output_len; i++) { - output[i] = 0x00; - } + memset(output + data_len, 0, output_len - data_len); } static int get_zeros_padding(unsigned char *input, size_t input_len, size_t *data_len) { size_t i; - unsigned char done = 0, prev_done; + mbedtls_ct_condition_t done = MBEDTLS_CT_FALSE, prev_done; if (NULL == input || NULL == data_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -899,8 +977,8 @@ static int get_zeros_padding(unsigned char *input, size_t input_len, *data_len = 0; for (i = input_len; i > 0; i--) { prev_done = done; - done |= (input[i-1] != 0); - *data_len |= i * (done != prev_done); + done = mbedtls_ct_bool_or(done, mbedtls_ct_uint_ne(input[i-1], 0)); + *data_len = mbedtls_ct_size_if(mbedtls_ct_bool_ne(done, prev_done), i, *data_len); } return 0; @@ -933,33 +1011,43 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ *olen = 0; - if (MBEDTLS_MODE_CFB == ctx->cipher_info->mode || - MBEDTLS_MODE_OFB == ctx->cipher_info->mode || - MBEDTLS_MODE_CTR == ctx->cipher_info->mode || - MBEDTLS_MODE_GCM == ctx->cipher_info->mode || - MBEDTLS_MODE_CCM_STAR_NO_TAG == ctx->cipher_info->mode || - MBEDTLS_MODE_XTS == ctx->cipher_info->mode || - MBEDTLS_MODE_STREAM == ctx->cipher_info->mode) { +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + /* CBC mode requires padding so we make sure a call to + * mbedtls_cipher_set_padding_mode has been done successfully. */ + if (MBEDTLS_MODE_CBC == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { + if (ctx->get_padding == NULL) { + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } + } +#endif + + if (MBEDTLS_MODE_CFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_OFB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_CTR == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_CCM_STAR_NO_TAG == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_XTS == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_STREAM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return 0; } - if ((MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type) || - (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type)) { + if ((MBEDTLS_CIPHER_CHACHA20 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) || + (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type))) { return 0; } - if (MBEDTLS_MODE_ECB == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { if (ctx->unprocessed_len != 0) { return MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED; } @@ -968,7 +1056,7 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, } #if defined(MBEDTLS_CIPHER_MODE_CBC) - if (MBEDTLS_MODE_CBC == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CBC == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int ret = 0; if (MBEDTLS_ENCRYPT == ctx->operation) { @@ -996,11 +1084,13 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, } /* cipher block */ - if (0 != (ret = ctx->cipher_info->base->cbc_func(ctx->cipher_ctx, - ctx->operation, - mbedtls_cipher_get_block_size(ctx), - ctx->iv, - ctx->unprocessed_data, output))) { + if (0 != (ret = mbedtls_cipher_get_base(ctx->cipher_info)->cbc_func(ctx->cipher_ctx, + ctx->operation, + mbedtls_cipher_get_block_size( + ctx), + ctx->iv, + ctx->unprocessed_data, + output))) { return ret; } @@ -1025,11 +1115,12 @@ int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode) { - if (NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode) { + if (NULL == ctx->cipher_info || + MBEDTLS_MODE_CBC != ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto knows about CBC padding * schemes, we currently don't make them @@ -1040,7 +1131,7 @@ int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, return 0; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ switch (mode) { #if defined(MBEDTLS_CIPHER_PADDING_PKCS7) @@ -1092,17 +1183,17 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { size_t output_length; /* The code here doesn't yet support alternative implementations * that can delay up to a block of output. */ @@ -1113,7 +1204,7 @@ int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, #endif #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { /* Don't allow truncated MAC for Poly1305 */ if (tag_len != 16U) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1141,20 +1232,20 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* While PSA Crypto has an API for multipart * operations, we currently don't make it * accessible through the cipher layer. */ return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ /* Status to return on a non-authenticated algorithm. */ ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { size_t output_length; /* The code here doesn't yet support alternative implementations * that can delay up to a block of output. */ @@ -1179,7 +1270,7 @@ int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { /* Don't allow truncated MAC for Poly1305 */ if (tag_len != sizeof(check_tag)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1216,7 +1307,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t finish_olen; -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will @@ -1250,7 +1341,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; } - if (ctx->cipher_info->mode != MBEDTLS_MODE_ECB) { + if (((mbedtls_cipher_mode_t) ctx->cipher_info->mode) != MBEDTLS_MODE_ECB) { status = psa_cipher_set_iv(&cipher_op, iv, iv_len); if (status != PSA_SUCCESS) { return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; @@ -1274,7 +1365,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, *olen += part_len; return 0; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ if ((ret = mbedtls_cipher_set_iv(ctx, iv, iv_len)) != 0) { return ret; @@ -1311,7 +1402,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len) { -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will @@ -1342,10 +1433,10 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, *olen -= tag_len; return 0; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { *olen = ilen; return mbedtls_gcm_crypt_and_tag(ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen, iv, iv_len, ad, ad_len, @@ -1353,7 +1444,7 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { *olen = ilen; return mbedtls_ccm_encrypt_and_tag(ctx->cipher_ctx, ilen, iv, iv_len, ad, ad_len, input, output, @@ -1361,9 +1452,9 @@ static int mbedtls_cipher_aead_encrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ((iv_len != ctx->cipher_info->iv_size) || + if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -1388,7 +1479,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len) { -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { /* As in the non-PSA case, we don't check that * a key has been set. If not, the key slot will @@ -1420,10 +1511,10 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return 0; } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_GCM_C) - if (MBEDTLS_MODE_GCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_GCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; @@ -1439,7 +1530,7 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) - if (MBEDTLS_MODE_CCM == ctx->cipher_info->mode) { + if (MBEDTLS_MODE_CCM == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; *olen = ilen; @@ -1455,11 +1546,11 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CHACHAPOLY_C) - if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type) { + if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ((mbedtls_cipher_type_t) ctx->cipher_info->type)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* ChachaPoly has fixed length nonce and MAC (tag) */ - if ((iv_len != ctx->cipher_info->iv_size) || + if ((iv_len != mbedtls_cipher_info_get_iv_size(ctx->cipher_info)) || (tag_len != 16U)) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -1493,13 +1584,14 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, { #if defined(MBEDTLS_NIST_KW_C) if ( -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) ctx->psa_enabled == 0 && #endif - (MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { - mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode))) { + mbedtls_nist_kw_mode_t mode = + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ @@ -1543,13 +1635,14 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, { #if defined(MBEDTLS_NIST_KW_C) if ( -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) ctx->psa_enabled == 0 && #endif - (MBEDTLS_MODE_KW == ctx->cipher_info->mode || - MBEDTLS_MODE_KWP == ctx->cipher_info->mode)) { - mbedtls_nist_kw_mode_t mode = (MBEDTLS_MODE_KW == ctx->cipher_info->mode) ? - MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode))) { + mbedtls_nist_kw_mode_t mode = + (MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) ? + MBEDTLS_KW_MODE_KW : MBEDTLS_KW_MODE_KWP; /* There is no iv, tag or ad associated with KW and KWP, * so these length should be 0 as documented. */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index c99627c07..bbf57ceee 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1,7 +1,7 @@ /** * \file cipher_wrap.c * - * \brief Generic cipher wrapper for mbed TLS + * \brief Generic cipher wrapper for Mbed TLS * * \author Adriaan de Jong * @@ -70,6 +70,62 @@ #include "mbedtls/platform.h" +enum mbedtls_cipher_base_index { +#if defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_AES, +#endif +#if defined(MBEDTLS_ARIA_C) + MBEDTLS_CIPHER_BASE_INDEX_ARIA, +#endif +#if defined(MBEDTLS_CAMELLIA_C) + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CAMELLIA_C) + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA, +#endif +#if defined(MBEDTLS_CHACHA20_C) + MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE, +#endif +#if defined(MBEDTLS_CHACHAPOLY_C) + MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE, +#endif +#if defined(MBEDTLS_DES_C) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3, +#endif +#if defined(MBEDTLS_DES_C) + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE, +#endif +#if defined(MBEDTLS_DES_C) + MBEDTLS_CIPHER_BASE_INDEX_DES, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CAMELLIA_C) + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA, +#endif +#if defined(MBEDTLS_NIST_KW_C) + MBEDTLS_CIPHER_BASE_INDEX_KW_AES, +#endif +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE, +#endif +#if defined(MBEDTLS_CIPHER_MODE_XTS) && defined(MBEDTLS_AES_C) + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES, +#endif + /* Prevent compile failure due to empty enum */ + MBEDTLS_CIPHER_BASE_PREVENT_EMPTY_ENUM +}; + #if defined(MBEDTLS_GCM_C) /* shared by all GCM ciphers */ static void *gcm_ctx_alloc(void) @@ -241,176 +297,186 @@ static const mbedtls_cipher_base_t aes_info = { }; static const mbedtls_cipher_info_t aes_128_ecb_info = { - MBEDTLS_CIPHER_AES_128_ECB, - MBEDTLS_MODE_ECB, - 128, "AES-128-ECB", - 0, - 0, 16, - &aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_AES_128_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_ecb_info = { - MBEDTLS_CIPHER_AES_192_ECB, - MBEDTLS_MODE_ECB, - 192, "AES-192-ECB", - 0, - 0, 16, - &aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_AES_192_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_ecb_info = { - MBEDTLS_CIPHER_AES_256_ECB, - MBEDTLS_MODE_ECB, - 256, "AES-256-ECB", - 0, - 0, 16, - &aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_AES_256_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#endif #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aes_128_cbc_info = { - MBEDTLS_CIPHER_AES_128_CBC, - MBEDTLS_MODE_CBC, - 128, "AES-128-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_AES_128_CBC, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_cbc_info = { - MBEDTLS_CIPHER_AES_192_CBC, - MBEDTLS_MODE_CBC, - 192, "AES-192-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_AES_192_CBC, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_cbc_info = { - MBEDTLS_CIPHER_AES_256_CBC, - MBEDTLS_MODE_CBC, - 256, "AES-256-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_AES_256_CBC, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#endif #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aes_128_cfb128_info = { - MBEDTLS_CIPHER_AES_128_CFB128, - MBEDTLS_MODE_CFB, - 128, "AES-128-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_AES_128_CFB128, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_cfb128_info = { - MBEDTLS_CIPHER_AES_192_CFB128, - MBEDTLS_MODE_CFB, - 192, "AES-192-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_AES_192_CFB128, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_cfb128_info = { - MBEDTLS_CIPHER_AES_256_CFB128, - MBEDTLS_MODE_CFB, - 256, "AES-256-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_AES_256_CFB128, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#endif #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_OFB) static const mbedtls_cipher_info_t aes_128_ofb_info = { - MBEDTLS_CIPHER_AES_128_OFB, - MBEDTLS_MODE_OFB, - 128, "AES-128-OFB", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_OFB, + MBEDTLS_CIPHER_AES_128_OFB, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_ofb_info = { - MBEDTLS_CIPHER_AES_192_OFB, - MBEDTLS_MODE_OFB, - 192, "AES-192-OFB", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_OFB, + MBEDTLS_CIPHER_AES_192_OFB, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_ofb_info = { - MBEDTLS_CIPHER_AES_256_OFB, - MBEDTLS_MODE_OFB, - 256, "AES-256-OFB", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_OFB, + MBEDTLS_CIPHER_AES_256_OFB, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#endif #endif /* MBEDTLS_CIPHER_MODE_OFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aes_128_ctr_info = { - MBEDTLS_CIPHER_AES_128_CTR, - MBEDTLS_MODE_CTR, - 128, "AES-128-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_AES_128_CTR, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_ctr_info = { - MBEDTLS_CIPHER_AES_192_CTR, - MBEDTLS_MODE_CTR, - 192, "AES-192-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_AES_192_CTR, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; static const mbedtls_cipher_info_t aes_256_ctr_info = { - MBEDTLS_CIPHER_AES_256_CTR, - MBEDTLS_MODE_CTR, - 256, "AES-256-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_AES_256_CTR, 0, - 16, - &aes_info + MBEDTLS_CIPHER_BASE_INDEX_AES }; +#endif #endif /* MBEDTLS_CIPHER_MODE_CTR */ #if defined(MBEDTLS_CIPHER_MODE_XTS) @@ -479,26 +545,28 @@ static const mbedtls_cipher_base_t xts_aes_info = { }; static const mbedtls_cipher_info_t aes_128_xts_info = { - MBEDTLS_CIPHER_AES_128_XTS, - MBEDTLS_MODE_XTS, - 256, "AES-128-XTS", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_XTS, + MBEDTLS_CIPHER_AES_128_XTS, 0, - 16, - &xts_aes_info + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_256_xts_info = { - MBEDTLS_CIPHER_AES_256_XTS, - MBEDTLS_MODE_XTS, - 512, "AES-256-XTS", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 512 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_XTS, + MBEDTLS_CIPHER_AES_256_XTS, 0, - 16, - &xts_aes_info + MBEDTLS_CIPHER_BASE_INDEX_XTS_AES }; +#endif #endif /* MBEDTLS_CIPHER_MODE_XTS */ #if defined(MBEDTLS_GCM_C) @@ -537,37 +605,39 @@ static const mbedtls_cipher_base_t gcm_aes_info = { }; static const mbedtls_cipher_info_t aes_128_gcm_info = { - MBEDTLS_CIPHER_AES_128_GCM, - MBEDTLS_MODE_GCM, - 128, "AES-128-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_AES_128_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_gcm_info = { - MBEDTLS_CIPHER_AES_192_GCM, - MBEDTLS_MODE_GCM, - 192, "AES-192-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_AES_192_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; static const mbedtls_cipher_info_t aes_256_gcm_info = { - MBEDTLS_CIPHER_AES_256_GCM, - MBEDTLS_MODE_GCM, - 256, "AES-256-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_AES_256_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; +#endif #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CCM_C) @@ -606,70 +676,74 @@ static const mbedtls_cipher_base_t ccm_aes_info = { }; static const mbedtls_cipher_info_t aes_128_ccm_info = { - MBEDTLS_CIPHER_AES_128_CCM, - MBEDTLS_MODE_CCM, - 128, "AES-128-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_AES_128_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_ccm_info = { - MBEDTLS_CIPHER_AES_192_CCM, - MBEDTLS_MODE_CCM, - 192, "AES-192-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_AES_192_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_256_ccm_info = { - MBEDTLS_CIPHER_AES_256_CCM, - MBEDTLS_MODE_CCM, - 256, "AES-256-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_AES_256_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; +#endif static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 128, "AES-128-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 192, "AES-192-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 256, "AES-256-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aes_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; +#endif #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ @@ -773,140 +847,140 @@ static const mbedtls_cipher_base_t camellia_info = { }; static const mbedtls_cipher_info_t camellia_128_ecb_info = { - MBEDTLS_CIPHER_CAMELLIA_128_ECB, - MBEDTLS_MODE_ECB, - 128, "CAMELLIA-128-ECB", - 0, - 0, 16, - &camellia_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_CAMELLIA_128_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ecb_info = { - MBEDTLS_CIPHER_CAMELLIA_192_ECB, - MBEDTLS_MODE_ECB, - 192, "CAMELLIA-192-ECB", - 0, - 0, 16, - &camellia_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_CAMELLIA_192_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ecb_info = { - MBEDTLS_CIPHER_CAMELLIA_256_ECB, - MBEDTLS_MODE_ECB, - 256, "CAMELLIA-256-ECB", - 0, - 0, 16, - &camellia_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_CAMELLIA_256_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t camellia_128_cbc_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CBC, - MBEDTLS_MODE_CBC, - 128, "CAMELLIA-128-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_CAMELLIA_128_CBC, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_cbc_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CBC, - MBEDTLS_MODE_CBC, - 192, "CAMELLIA-192-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_CAMELLIA_192_CBC, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_cbc_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CBC, - MBEDTLS_MODE_CBC, - 256, "CAMELLIA-256-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_CAMELLIA_256_CBC, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t camellia_128_cfb128_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CFB128, - MBEDTLS_MODE_CFB, - 128, "CAMELLIA-128-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_CAMELLIA_128_CFB128, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_cfb128_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CFB128, - MBEDTLS_MODE_CFB, - 192, "CAMELLIA-192-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_CAMELLIA_192_CFB128, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_cfb128_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CFB128, - MBEDTLS_MODE_CFB, - 256, "CAMELLIA-256-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_CAMELLIA_256_CFB128, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t camellia_128_ctr_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CTR, - MBEDTLS_MODE_CTR, - 128, "CAMELLIA-128-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_CAMELLIA_128_CTR, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ctr_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CTR, - MBEDTLS_MODE_CTR, - 192, "CAMELLIA-192-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_CAMELLIA_192_CTR, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ctr_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CTR, - MBEDTLS_MODE_CTR, - 256, "CAMELLIA-256-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_CAMELLIA_256_CTR, 0, - 16, - &camellia_info + MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -946,36 +1020,36 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { }; static const mbedtls_cipher_info_t camellia_128_gcm_info = { - MBEDTLS_CIPHER_CAMELLIA_128_GCM, - MBEDTLS_MODE_GCM, - 128, "CAMELLIA-128-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_CAMELLIA_128_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_gcm_info = { - MBEDTLS_CIPHER_CAMELLIA_192_GCM, - MBEDTLS_MODE_GCM, - 192, "CAMELLIA-192-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_CAMELLIA_192_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_gcm_info = { - MBEDTLS_CIPHER_CAMELLIA_256_GCM, - MBEDTLS_MODE_GCM, - 256, "CAMELLIA-256-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_CAMELLIA_256_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA }; #endif /* MBEDTLS_GCM_C */ @@ -1015,69 +1089,69 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { }; static const mbedtls_cipher_info_t camellia_128_ccm_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CCM, - MBEDTLS_MODE_CCM, - 128, "CAMELLIA-128-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_CAMELLIA_128_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ccm_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CCM, - MBEDTLS_MODE_CCM, - 192, "CAMELLIA-192-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_CAMELLIA_192_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ccm_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CCM, - MBEDTLS_MODE_CCM, - 256, "CAMELLIA-256-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_CAMELLIA_256_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_128_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 128, "CAMELLIA-128-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_192_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 192, "CAMELLIA-192-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; static const mbedtls_cipher_info_t camellia_256_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 256, "CAMELLIA-256-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_camellia_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA }; #endif /* MBEDTLS_CCM_C */ @@ -1183,140 +1257,140 @@ static const mbedtls_cipher_base_t aria_info = { }; static const mbedtls_cipher_info_t aria_128_ecb_info = { - MBEDTLS_CIPHER_ARIA_128_ECB, - MBEDTLS_MODE_ECB, - 128, "ARIA-128-ECB", - 0, - 0, 16, - &aria_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_ARIA_128_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_ecb_info = { - MBEDTLS_CIPHER_ARIA_192_ECB, - MBEDTLS_MODE_ECB, - 192, "ARIA-192-ECB", - 0, - 0, 16, - &aria_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_ARIA_192_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_ecb_info = { - MBEDTLS_CIPHER_ARIA_256_ECB, - MBEDTLS_MODE_ECB, - 256, "ARIA-256-ECB", - 0, - 0, 16, - &aria_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_ARIA_256_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t aria_128_cbc_info = { - MBEDTLS_CIPHER_ARIA_128_CBC, - MBEDTLS_MODE_CBC, - 128, "ARIA-128-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_ARIA_128_CBC, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_cbc_info = { - MBEDTLS_CIPHER_ARIA_192_CBC, - MBEDTLS_MODE_CBC, - 192, "ARIA-192-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_ARIA_192_CBC, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_cbc_info = { - MBEDTLS_CIPHER_ARIA_256_CBC, - MBEDTLS_MODE_CBC, - 256, "ARIA-256-CBC", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_ARIA_256_CBC, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CIPHER_MODE_CFB) static const mbedtls_cipher_info_t aria_128_cfb128_info = { - MBEDTLS_CIPHER_ARIA_128_CFB128, - MBEDTLS_MODE_CFB, - 128, "ARIA-128-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_ARIA_128_CFB128, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_cfb128_info = { - MBEDTLS_CIPHER_ARIA_192_CFB128, - MBEDTLS_MODE_CFB, - 192, "ARIA-192-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_ARIA_192_CFB128, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_cfb128_info = { - MBEDTLS_CIPHER_ARIA_256_CFB128, - MBEDTLS_MODE_CFB, - 256, "ARIA-256-CFB128", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CFB, + MBEDTLS_CIPHER_ARIA_256_CFB128, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #endif /* MBEDTLS_CIPHER_MODE_CFB */ #if defined(MBEDTLS_CIPHER_MODE_CTR) static const mbedtls_cipher_info_t aria_128_ctr_info = { - MBEDTLS_CIPHER_ARIA_128_CTR, - MBEDTLS_MODE_CTR, - 128, "ARIA-128-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_ARIA_128_CTR, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_192_ctr_info = { - MBEDTLS_CIPHER_ARIA_192_CTR, - MBEDTLS_MODE_CTR, - 192, "ARIA-192-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_ARIA_192_CTR, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; static const mbedtls_cipher_info_t aria_256_ctr_info = { - MBEDTLS_CIPHER_ARIA_256_CTR, - MBEDTLS_MODE_CTR, - 256, "ARIA-256-CTR", 16, + 16 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CTR, + MBEDTLS_CIPHER_ARIA_256_CTR, 0, - 16, - &aria_info + MBEDTLS_CIPHER_BASE_INDEX_ARIA }; #endif /* MBEDTLS_CIPHER_MODE_CTR */ @@ -1356,36 +1430,36 @@ static const mbedtls_cipher_base_t gcm_aria_info = { }; static const mbedtls_cipher_info_t aria_128_gcm_info = { - MBEDTLS_CIPHER_ARIA_128_GCM, - MBEDTLS_MODE_GCM, - 128, "ARIA-128-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_ARIA_128_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA }; static const mbedtls_cipher_info_t aria_192_gcm_info = { - MBEDTLS_CIPHER_ARIA_192_GCM, - MBEDTLS_MODE_GCM, - 192, "ARIA-192-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_ARIA_192_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA }; static const mbedtls_cipher_info_t aria_256_gcm_info = { - MBEDTLS_CIPHER_ARIA_256_GCM, - MBEDTLS_MODE_GCM, - 256, "ARIA-256-GCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &gcm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_GCM, + MBEDTLS_CIPHER_ARIA_256_GCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA }; #endif /* MBEDTLS_GCM_C */ @@ -1425,69 +1499,69 @@ static const mbedtls_cipher_base_t ccm_aria_info = { }; static const mbedtls_cipher_info_t aria_128_ccm_info = { - MBEDTLS_CIPHER_ARIA_128_CCM, - MBEDTLS_MODE_CCM, - 128, "ARIA-128-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_ARIA_128_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_192_ccm_info = { - MBEDTLS_CIPHER_ARIA_192_CCM, - MBEDTLS_MODE_CCM, - 192, "ARIA-192-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_ARIA_192_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_256_ccm_info = { - MBEDTLS_CIPHER_ARIA_256_CCM, - MBEDTLS_MODE_CCM, - 256, "ARIA-256-CCM", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM, + MBEDTLS_CIPHER_ARIA_256_CCM, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_128_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 128, "ARIA-128-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_192_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 192, "ARIA-192-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; static const mbedtls_cipher_info_t aria_256_ccm_star_no_tag_info = { - MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, - MBEDTLS_MODE_CCM_STAR_NO_TAG, - 256, "ARIA-256-CCM*-NO-TAG", - 12, - MBEDTLS_CIPHER_VARIABLE_IV_LEN, 16, - &ccm_aria_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG, + MBEDTLS_CIPHER_VARIABLE_IV_LEN, + MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA }; #endif /* MBEDTLS_CCM_C */ @@ -1642,26 +1716,26 @@ static const mbedtls_cipher_base_t des_info = { }; static const mbedtls_cipher_info_t des_ecb_info = { - MBEDTLS_CIPHER_DES_ECB, - MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES, "DES-ECB", - 0, - 0, 8, - &des_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_DES_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_DES }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_cbc_info = { - MBEDTLS_CIPHER_DES_CBC, - MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES, "DES-CBC", 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_KEY_LENGTH_DES >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_DES_CBC, 0, - 8, - &des_info + MBEDTLS_CIPHER_BASE_INDEX_DES }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1693,26 +1767,26 @@ static const mbedtls_cipher_base_t des_ede_info = { }; static const mbedtls_cipher_info_t des_ede_ecb_info = { - MBEDTLS_CIPHER_DES_EDE_ECB, - MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES_EDE, "DES-EDE-ECB", - 0, - 0, 8, - &des_ede_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_DES_EDE_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede_cbc_info = { - MBEDTLS_CIPHER_DES_EDE_CBC, - MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES_EDE, "DES-EDE-CBC", 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_KEY_LENGTH_DES_EDE >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_DES_EDE_CBC, 0, - 8, - &des_ede_info + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ @@ -1744,25 +1818,25 @@ static const mbedtls_cipher_base_t des_ede3_info = { }; static const mbedtls_cipher_info_t des_ede3_ecb_info = { - MBEDTLS_CIPHER_DES_EDE3_ECB, - MBEDTLS_MODE_ECB, - MBEDTLS_KEY_LENGTH_DES_EDE3, "DES-EDE3-ECB", - 0, - 0, 8, - &des_ede3_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_ECB, + MBEDTLS_CIPHER_DES_EDE3_ECB, + 0, + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 }; #if defined(MBEDTLS_CIPHER_MODE_CBC) static const mbedtls_cipher_info_t des_ede3_cbc_info = { - MBEDTLS_CIPHER_DES_EDE3_CBC, - MBEDTLS_MODE_CBC, - MBEDTLS_KEY_LENGTH_DES_EDE3, "DES-EDE3-CBC", 8, + 8 >> MBEDTLS_IV_SIZE_SHIFT, + MBEDTLS_KEY_LENGTH_DES_EDE3 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CBC, + MBEDTLS_CIPHER_DES_EDE3_CBC, 0, - 8, - &des_ede3_info + MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3 }; #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_DES_C */ @@ -1844,14 +1918,14 @@ static const mbedtls_cipher_base_t chacha20_base_info = { chacha20_ctx_free }; static const mbedtls_cipher_info_t chacha20_info = { - MBEDTLS_CIPHER_CHACHA20, - MBEDTLS_MODE_STREAM, - 256, "CHACHA20", - 12, - 0, 1, - &chacha20_base_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_STREAM, + MBEDTLS_CIPHER_CHACHA20, + 0, + MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE }; #endif /* MBEDTLS_CHACHA20_C */ @@ -1919,14 +1993,14 @@ static const mbedtls_cipher_base_t chachapoly_base_info = { chachapoly_ctx_free }; static const mbedtls_cipher_info_t chachapoly_info = { - MBEDTLS_CIPHER_CHACHA20_POLY1305, - MBEDTLS_MODE_CHACHAPOLY, - 256, "CHACHA20-POLY1305", - 12, - 0, 1, - &chachapoly_base_info + 12 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_CHACHAPOLY, + MBEDTLS_CIPHER_CHACHA20_POLY1305, + 0, + MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE }; #endif /* MBEDTLS_CHACHAPOLY_C */ @@ -1988,14 +2062,14 @@ static const mbedtls_cipher_base_t null_base_info = { }; static const mbedtls_cipher_info_t null_cipher_info = { - MBEDTLS_CIPHER_NULL, - MBEDTLS_MODE_STREAM, - 0, "NULL", - 0, - 0, 1, - &null_base_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 0 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_STREAM, + MBEDTLS_CIPHER_NULL, + 0, + MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE }; #endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */ @@ -2059,115 +2133,137 @@ static const mbedtls_cipher_base_t kw_aes_info = { }; static const mbedtls_cipher_info_t aes_128_nist_kw_info = { - MBEDTLS_CIPHER_AES_128_KW, - MBEDTLS_MODE_KW, - 128, "AES-128-KW", - 0, - 0, 16, - &kw_aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KW, + MBEDTLS_CIPHER_AES_128_KW, + 0, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_nist_kw_info = { - MBEDTLS_CIPHER_AES_192_KW, - MBEDTLS_MODE_KW, - 192, "AES-192-KW", - 0, - 0, 16, - &kw_aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KW, + MBEDTLS_CIPHER_AES_192_KW, + 0, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_256_nist_kw_info = { - MBEDTLS_CIPHER_AES_256_KW, - MBEDTLS_MODE_KW, - 256, "AES-256-KW", - 0, - 0, 16, - &kw_aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KW, + MBEDTLS_CIPHER_AES_256_KW, + 0, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; +#endif static const mbedtls_cipher_info_t aes_128_nist_kwp_info = { - MBEDTLS_CIPHER_AES_128_KWP, - MBEDTLS_MODE_KWP, - 128, "AES-128-KWP", - 0, - 0, 16, - &kw_aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 128 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KWP, + MBEDTLS_CIPHER_AES_128_KWP, + 0, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const mbedtls_cipher_info_t aes_192_nist_kwp_info = { - MBEDTLS_CIPHER_AES_192_KWP, - MBEDTLS_MODE_KWP, - 192, "AES-192-KWP", - 0, - 0, 16, - &kw_aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 192 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KWP, + MBEDTLS_CIPHER_AES_192_KWP, + 0, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; static const mbedtls_cipher_info_t aes_256_nist_kwp_info = { - MBEDTLS_CIPHER_AES_256_KWP, - MBEDTLS_MODE_KWP, - 256, "AES-256-KWP", - 0, - 0, 16, - &kw_aes_info + 0 >> MBEDTLS_IV_SIZE_SHIFT, + 256 >> MBEDTLS_KEY_BITLEN_SHIFT, + MBEDTLS_MODE_KWP, + MBEDTLS_CIPHER_AES_256_KWP, + 0, + MBEDTLS_CIPHER_BASE_INDEX_KW_AES }; +#endif #endif /* MBEDTLS_NIST_KW_C */ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { #if defined(MBEDTLS_AES_C) { MBEDTLS_CIPHER_AES_128_ECB, &aes_128_ecb_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_ECB, &aes_192_ecb_info }, { MBEDTLS_CIPHER_AES_256_ECB, &aes_256_ecb_info }, +#endif #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_CIPHER_AES_128_CBC, &aes_128_cbc_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CBC, &aes_192_cbc_info }, { MBEDTLS_CIPHER_AES_256_CBC, &aes_256_cbc_info }, #endif +#endif #if defined(MBEDTLS_CIPHER_MODE_CFB) { MBEDTLS_CIPHER_AES_128_CFB128, &aes_128_cfb128_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CFB128, &aes_192_cfb128_info }, { MBEDTLS_CIPHER_AES_256_CFB128, &aes_256_cfb128_info }, #endif +#endif #if defined(MBEDTLS_CIPHER_MODE_OFB) { MBEDTLS_CIPHER_AES_128_OFB, &aes_128_ofb_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_OFB, &aes_192_ofb_info }, { MBEDTLS_CIPHER_AES_256_OFB, &aes_256_ofb_info }, #endif +#endif #if defined(MBEDTLS_CIPHER_MODE_CTR) { MBEDTLS_CIPHER_AES_128_CTR, &aes_128_ctr_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CTR, &aes_192_ctr_info }, { MBEDTLS_CIPHER_AES_256_CTR, &aes_256_ctr_info }, #endif +#endif #if defined(MBEDTLS_CIPHER_MODE_XTS) { MBEDTLS_CIPHER_AES_128_XTS, &aes_128_xts_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif +#endif #if defined(MBEDTLS_GCM_C) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif +#endif #if defined(MBEDTLS_CCM_C) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, +#endif { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, { MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, &aes_256_ccm_star_no_tag_info }, #endif +#endif #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -2259,12 +2355,16 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = #if defined(MBEDTLS_NIST_KW_C) { MBEDTLS_CIPHER_AES_128_KW, &aes_128_nist_kw_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_KW, &aes_192_nist_kw_info }, { MBEDTLS_CIPHER_AES_256_KW, &aes_256_nist_kw_info }, +#endif { MBEDTLS_CIPHER_AES_128_KWP, &aes_128_nist_kwp_info }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_KWP, &aes_192_nist_kwp_info }, { MBEDTLS_CIPHER_AES_256_KWP, &aes_256_nist_kwp_info }, #endif +#endif #if defined(MBEDTLS_CIPHER_NULL_CIPHER) { MBEDTLS_CIPHER_NULL, &null_cipher_info }, @@ -2277,4 +2377,58 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = sizeof(mbedtls_cipher_definitions[0])) int mbedtls_cipher_supported[NUM_CIPHERS]; +const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { +#if defined(MBEDTLS_AES_C) + [MBEDTLS_CIPHER_BASE_INDEX_AES] = &aes_info, +#endif +#if defined(MBEDTLS_ARIA_C) + [MBEDTLS_CIPHER_BASE_INDEX_ARIA] = &aria_info, +#endif +#if defined(MBEDTLS_CAMELLIA_C) + [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) + [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) + [MBEDTLS_CIPHER_BASE_INDEX_CCM_ARIA] = &ccm_aria_info, +#endif +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CAMELLIA_C) + [MBEDTLS_CIPHER_BASE_INDEX_CCM_CAMELLIA] = &ccm_camellia_info, +#endif +#if defined(MBEDTLS_CHACHA20_C) + [MBEDTLS_CIPHER_BASE_INDEX_CHACHA20_BASE] = &chacha20_base_info, +#endif +#if defined(MBEDTLS_CHACHAPOLY_C) + [MBEDTLS_CIPHER_BASE_INDEX_CHACHAPOLY_BASE] = &chachapoly_base_info, +#endif +#if defined(MBEDTLS_DES_C) + [MBEDTLS_CIPHER_BASE_INDEX_DES_EDE3] = &des_ede3_info, +#endif +#if defined(MBEDTLS_DES_C) + [MBEDTLS_CIPHER_BASE_INDEX_DES_EDE] = &des_ede_info, +#endif +#if defined(MBEDTLS_DES_C) + [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) + [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) + [MBEDTLS_CIPHER_BASE_INDEX_GCM_ARIA] = &gcm_aria_info, +#endif +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CAMELLIA_C) + [MBEDTLS_CIPHER_BASE_INDEX_GCM_CAMELLIA] = &gcm_camellia_info, +#endif +#if defined(MBEDTLS_NIST_KW_C) + [MBEDTLS_CIPHER_BASE_INDEX_KW_AES] = &kw_aes_info, +#endif +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) + [MBEDTLS_CIPHER_BASE_INDEX_NULL_BASE] = &null_base_info, +#endif +#if defined(MBEDTLS_CIPHER_MODE_XTS) && defined(MBEDTLS_AES_C) + [MBEDTLS_CIPHER_BASE_INDEX_XTS_AES] = &xts_aes_info +#endif +}; + #endif /* MBEDTLS_CIPHER_C */ diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 052cddbe1..c85a4efa8 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -135,6 +135,8 @@ extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; extern int mbedtls_cipher_supported[]; +extern const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[]; + #ifdef __cplusplus } #endif diff --git a/library/cmac.c b/library/cmac.c index 7d90ad2f5..c07968685 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -114,12 +114,12 @@ static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx, unsigned char *K1, unsigned char *K2) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char L[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; size_t olen, block_size; mbedtls_platform_zeroize(L, sizeof(L)); - block_size = ctx->cipher_info->block_size; + block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); /* Calculate Ek(0) */ if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) { @@ -152,7 +152,7 @@ exit: * We can't use the padding option from the cipher layer, as it only works for * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition. */ -static void cmac_pad(unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX], +static void cmac_pad(unsigned char padded_block[MBEDTLS_CMAC_MAX_BLOCK_SIZE], size_t padded_block_len, const unsigned char *last_block, size_t last_block_len) @@ -186,7 +186,7 @@ int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx, return retval; } - type = ctx->cipher_info->type; + type = mbedtls_cipher_info_get_type(ctx->cipher_info); switch (type) { case MBEDTLS_CIPHER_AES_128_ECB: @@ -226,7 +226,7 @@ int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, } cmac_ctx = ctx->cmac_ctx; - block_size = ctx->cipher_info->block_size; + block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); state = ctx->cmac_ctx->state; /* Is there data still to process from the last call, that's greater in @@ -237,7 +237,7 @@ int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, input, block_size - cmac_ctx->unprocessed_len); - mbedtls_xor(state, cmac_ctx->unprocessed_block, state, block_size); + mbedtls_xor_no_simd(state, cmac_ctx->unprocessed_block, state, block_size); if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, &olen)) != 0) { @@ -255,7 +255,7 @@ int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx, /* Iterate across the input data in block sized chunks, excluding any * final partial or complete block */ for (j = 1; j < n; j++) { - mbedtls_xor(state, input, state, block_size); + mbedtls_xor_no_simd(state, input, state, block_size); if ((ret = mbedtls_cipher_update(ctx, state, block_size, state, &olen)) != 0) { @@ -283,9 +283,9 @@ int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, { mbedtls_cmac_context_t *cmac_ctx; unsigned char *state, *last_block; - unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; - unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; - unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char K1[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; + unsigned char K2[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; + unsigned char M_last[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t olen, block_size; @@ -295,7 +295,7 @@ int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx, } cmac_ctx = ctx->cmac_ctx; - block_size = ctx->cipher_info->block_size; + block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); state = cmac_ctx->state; mbedtls_platform_zeroize(K1, sizeof(K1)); @@ -332,7 +332,7 @@ exit: mbedtls_platform_zeroize(cmac_ctx->unprocessed_block, sizeof(cmac_ctx->unprocessed_block)); - mbedtls_platform_zeroize(state, MBEDTLS_CIPHER_BLKSIZE_MAX); + mbedtls_platform_zeroize(state, MBEDTLS_CMAC_MAX_BLOCK_SIZE); return ret; } @@ -521,6 +521,7 @@ static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTL }; /* CMAC-AES192 Test Data */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const unsigned char aes_192_key[24] = { 0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, @@ -561,8 +562,10 @@ static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTL 0x4d, 0x77, 0x58, 0x96, 0x59, 0xf3, 0x9a, 0x11 } }; +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ /* CMAC-AES256 Test Data */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) static const unsigned char aes_256_key[32] = { 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, @@ -604,6 +607,7 @@ static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTL 0x69, 0x6a, 0x2c, 0x05, 0x6c, 0x31, 0x54, 0x10 } }; +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_DES_C) @@ -746,8 +750,8 @@ static int cmac_test_subkeys(int verbose, int i, ret = 0; mbedtls_cipher_context_t ctx; const mbedtls_cipher_info_t *cipher_info; - unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX]; - unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char K1[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; + unsigned char K2[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; cipher_info = mbedtls_cipher_info_from_type(cipher_type); if (cipher_info == NULL) { @@ -841,7 +845,7 @@ static int cmac_test_wth_cipher(int verbose, { const mbedtls_cipher_info_t *cipher_info; int i, ret = 0; - unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char output[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; cipher_info = mbedtls_cipher_info_from_type(cipher_type); if (cipher_info == NULL) { @@ -951,6 +955,7 @@ int mbedtls_cmac_self_test(int verbose) } /* AES-192 */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) if ((ret = cmac_test_subkeys(verbose, "AES 192", aes_192_key, @@ -974,8 +979,10 @@ int mbedtls_cmac_self_test(int verbose) NB_CMAC_TESTS_PER_KEY)) != 0) { return ret; } +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ /* AES-256 */ +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) if ((ret = cmac_test_subkeys(verbose, "AES 256", aes_256_key, @@ -999,6 +1006,7 @@ int mbedtls_cmac_self_test(int verbose) NB_CMAC_TESTS_PER_KEY)) != 0) { return ret; } +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_DES_C) diff --git a/library/common.h b/library/common.h index fd3ddba48..3c472c685 100644 --- a/library/common.h +++ b/library/common.h @@ -26,10 +26,15 @@ #include "mbedtls/build_info.h" #include "alignment.h" +#include #include #include #include +#if defined(__ARM_NEON) +#include +#endif /* __ARM_NEON */ + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -64,6 +69,44 @@ extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const cha #define MBEDTLS_TEST_HOOK_TEST_ASSERT(TEST) #endif /* defined(MBEDTLS_TEST_HOOKS) */ +/** \def ARRAY_LENGTH + * Return the number of elements of a static or stack array. + * + * \param array A value of array (not pointer) type. + * + * \return The number of elements of the array. + */ +/* A correct implementation of ARRAY_LENGTH, but which silently gives + * a nonsensical result if called with a pointer rather than an array. */ +#define ARRAY_LENGTH_UNSAFE(array) \ + (sizeof(array) / sizeof(*(array))) + +#if defined(__GNUC__) +/* Test if arg and &(arg)[0] have the same type. This is true if arg is + * an array but not if it's a pointer. */ +#define IS_ARRAY_NOT_POINTER(arg) \ + (!__builtin_types_compatible_p(__typeof__(arg), \ + __typeof__(&(arg)[0]))) +/* A compile-time constant with the value 0. If `const_expr` is not a + * compile-time constant with a nonzero value, cause a compile-time error. */ +#define STATIC_ASSERT_EXPR(const_expr) \ + (0 && sizeof(struct { unsigned int STATIC_ASSERT : 1 - 2 * !(const_expr); })) + +/* Return the scalar value `value` (possibly promoted). This is a compile-time + * constant if `value` is. `condition` must be a compile-time constant. + * If `condition` is false, arrange to cause a compile-time error. */ +#define STATIC_ASSERT_THEN_RETURN(condition, value) \ + (STATIC_ASSERT_EXPR(condition) ? 0 : (value)) + +#define ARRAY_LENGTH(array) \ + (STATIC_ASSERT_THEN_RETURN(IS_ARRAY_NOT_POINTER(array), \ + ARRAY_LENGTH_UNSAFE(array))) + +#else +/* If we aren't sure the compiler supports our non-standard tricks, + * fall back to the unsafe implementation. */ +#define ARRAY_LENGTH(array) ARRAY_LENGTH_UNSAFE(array) +#endif /** Allow library to access its structs' private members. * * Although structs defined in header files are publicly available, @@ -71,6 +114,20 @@ extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const cha */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS +/** + * \brief Securely zeroize a buffer then free it. + * + * Similar to making consecutive calls to + * \c mbedtls_platform_zeroize() and \c mbedtls_free(), but has + * code size savings, and potential for optimisation in the future. + * + * Guaranteed to be a no-op if \p buf is \c NULL and \p len is 0. + * + * \param buf Buffer to be zeroized then freed. + * \param len Length of the buffer in bytes + */ +void mbedtls_zeroize_and_free(void *buf, size_t len); + /** Return an offset into a buffer. * * This is just the addition of an offset to a pointer, except that this @@ -122,11 +179,67 @@ static inline const unsigned char *mbedtls_buffer_offset_const( */ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned char *b, size_t n) { - size_t i; - for (i = 0; (i + 4) <= n; i += 4) { + size_t i = 0; +#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) +#if defined(__ARM_NEON) + for (; (i + 16) <= n; i += 16) { + uint8x16_t v1 = vld1q_u8(a + i); + uint8x16_t v2 = vld1q_u8(b + i); + uint8x16_t x = veorq_u8(v1, v2); + vst1q_u8(r + i, x); + } +#elif defined(__amd64__) || defined(__x86_64__) || defined(__aarch64__) + /* This codepath probably only makes sense on architectures with 64-bit registers */ + for (; (i + 8) <= n; i += 8) { + uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); + mbedtls_put_unaligned_uint64(r + i, x); + } +#else + for (; (i + 4) <= n; i += 4) { uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i); mbedtls_put_unaligned_uint32(r + i, x); } +#endif +#endif + for (; i < n; i++) { + r[i] = a[i] ^ b[i]; + } +} + +/** + * Perform a fast block XOR operation, such that + * r[i] = a[i] ^ b[i] where 0 <= i < n + * + * In some situations, this can perform better than mbedtls_xor (e.g., it's about 5% + * better in AES-CBC). + * + * \param r Pointer to result (buffer of at least \p n bytes). \p r + * may be equal to either \p a or \p b, but behaviour when + * it overlaps in other ways is undefined. + * \param a Pointer to input (buffer of at least \p n bytes) + * \param b Pointer to input (buffer of at least \p n bytes) + * \param n Number of bytes to process. + */ +static inline void mbedtls_xor_no_simd(unsigned char *r, + const unsigned char *a, + const unsigned char *b, + size_t n) +{ + size_t i = 0; +#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) +#if defined(__amd64__) || defined(__x86_64__) || defined(__aarch64__) + /* This codepath probably only makes sense on architectures with 64-bit registers */ + for (; (i + 8) <= n; i += 8) { + uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); + mbedtls_put_unaligned_uint64(r + i, x); + } +#else + for (; (i + 4) <= n; i += 4) { + uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i); + mbedtls_put_unaligned_uint32(r + i, x); + } +#endif +#endif for (; i < n; i++) { r[i] = a[i] ^ b[i]; } @@ -140,4 +253,85 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned #define /*no-check-names*/ __func__ __FUNCTION__ #endif +/* Define `asm` for compilers which don't define it. */ +/* *INDENT-OFF* */ +#ifndef asm +#if defined(__IAR_SYSTEMS_ICC__) +#define asm __asm +#else +#define asm __asm__ +#endif +#endif +/* *INDENT-ON* */ + +/* + * Define the constraint used for read-only pointer operands to aarch64 asm. + * + * This is normally the usual "r", but for aarch64_32 (aka ILP32, + * as found in watchos), "p" is required to avoid warnings from clang. + * + * Note that clang does not recognise '+p' or '=p', and armclang + * does not recognise 'p' at all. Therefore, to update a pointer from + * aarch64 assembly, it is necessary to use something like: + * + * uintptr_t uptr = (uintptr_t) ptr; + * asm( "ldr x4, [%x0], #8" ... : "+r" (uptr) : : ) + * ptr = (void*) uptr; + * + * Note that the "x" in "%x0" is neccessary; writing "%0" will cause warnings. + */ +#if defined(__aarch64__) && defined(MBEDTLS_HAVE_ASM) +#if UINTPTR_MAX == 0xfffffffful +/* ILP32: Specify the pointer operand slightly differently, as per #7787. */ +#define MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT "p" +#elif UINTPTR_MAX == 0xfffffffffffffffful +/* Normal case (64-bit pointers): use "r" as the constraint for pointer operands to asm */ +#define MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT "r" +#else +#error "Unrecognised pointer size for aarch64" +#endif +#endif + +/* Always provide a static assert macro, so it can be used unconditionally. + * It will expand to nothing on some systems. + * Can be used outside functions (but don't add a trailing ';' in that case: + * the semicolon is included here to avoid triggering -Wextra-semi when + * MBEDTLS_STATIC_ASSERT() expands to nothing). + * Can't use the C11-style `defined(static_assert)` on FreeBSD, since it + * defines static_assert even with -std=c99, but then complains about it. + */ +#if defined(static_assert) && !defined(__FreeBSD__) +#define MBEDTLS_STATIC_ASSERT(expr, msg) static_assert(expr, msg); +#else +#define MBEDTLS_STATIC_ASSERT(expr, msg) +#endif + +/* Define compiler branch hints */ +#if defined(__has_builtin) +#if __has_builtin(__builtin_expect) +#define MBEDTLS_LIKELY(x) __builtin_expect(!!(x), 1) +#define MBEDTLS_UNLIKELY(x) __builtin_expect(!!(x), 0) +#endif +#endif +#if !defined(MBEDTLS_LIKELY) +#define MBEDTLS_LIKELY(x) x +#define MBEDTLS_UNLIKELY(x) x +#endif + +#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ + && !defined(__llvm__) && !defined(__INTEL_COMPILER) +/* Defined if the compiler really is gcc and not clang, etc */ +#define MBEDTLS_COMPILER_IS_GCC +#endif + +/* For gcc -Os, override with -O2 for a given function. + * + * This will not affect behaviour for other optimisation settings, e.g. -O0. + */ +#if defined(MBEDTLS_COMPILER_IS_GCC) && defined(__OPTIMIZE_SIZE__) +#define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE __attribute__((optimize("-O2"))) +#else +#define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE +#endif + #endif /* MBEDTLS_LIBRARY_COMMON_H */ diff --git a/library/constant_time.c b/library/constant_time.c index 442eb0e7a..8b41aed19 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -22,41 +22,98 @@ * might be translated to branches by some compilers on some platforms. */ +#include +#include + #include "common.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" -#if defined(MBEDTLS_BIGNUM_C) -#include "mbedtls/bignum.h" -#include "bignum_core.h" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) -#include "ssl_misc.h" -#endif - -#if defined(MBEDTLS_RSA_C) -#include "mbedtls/rsa.h" -#endif - -#if defined(MBEDTLS_BASE64_C) -#include "constant_time_invasive.h" -#endif - #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +#include "psa/crypto.h" +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif + +#if !defined(MBEDTLS_CT_ASM) +/* + * Define an object with the value zero, such that the compiler cannot prove that it + * has the value zero (because it is volatile, it "may be modified in ways unknown to + * the implementation"). + */ +volatile mbedtls_ct_uint_t mbedtls_ct_zero = 0; +#endif + +/* + * Define MBEDTLS_EFFICIENT_UNALIGNED_VOLATILE_ACCESS where assembly is present to + * perform fast unaligned access to volatile data. + * + * This is needed because mbedtls_get_unaligned_uintXX etc don't support volatile + * memory accesses. + * + * Some of these definitions could be moved into alignment.h but for now they are + * only used here. + */ +#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) && \ + ((defined(MBEDTLS_CT_ARM_ASM) && (UINTPTR_MAX == 0xfffffffful)) || \ + defined(MBEDTLS_CT_AARCH64_ASM)) +/* We check pointer sizes to avoid issues with them not matching register size requirements */ +#define MBEDTLS_EFFICIENT_UNALIGNED_VOLATILE_ACCESS + +static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsigned char *p) +{ + /* This is UB, even where it's safe: + * return *((volatile uint32_t*)p); + * so instead the same thing is expressed in assembly below. + */ + uint32_t r; +#if defined(MBEDTLS_CT_ARM_ASM) + asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :); +#elif defined(MBEDTLS_CT_AARCH64_ASM) + asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :); +#else +#error "No assembly defined for mbedtls_get_unaligned_volatile_uint32" +#endif + return r; +} +#endif /* defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) && + (defined(MBEDTLS_CT_ARM_ASM) || defined(MBEDTLS_CT_AARCH64_ASM)) */ + int mbedtls_ct_memcmp(const void *a, const void *b, size_t n) { - size_t i; + size_t i = 0; + /* + * `A` and `B` are cast to volatile to ensure that the compiler + * generates code that always fully reads both buffers. + * Otherwise it could generate a test to exit early if `diff` has all + * bits set early in the loop. + */ volatile const unsigned char *A = (volatile const unsigned char *) a; volatile const unsigned char *B = (volatile const unsigned char *) b; - volatile unsigned char diff = 0; + uint32_t diff = 0; - for (i = 0; i < n; i++) { +#if defined(MBEDTLS_EFFICIENT_UNALIGNED_VOLATILE_ACCESS) + for (; (i + 4) <= n; i += 4) { + uint32_t x = mbedtls_get_unaligned_volatile_uint32(A + i); + uint32_t y = mbedtls_get_unaligned_volatile_uint32(B + i); + diff |= x ^ y; + } +#endif + + for (; i < n; i++) { /* Read volatile data in order before computing diff. * This avoids IAR compiler warning: * 'the order of volatile accesses is undefined ..' */ @@ -64,361 +121,119 @@ int mbedtls_ct_memcmp(const void *a, diff |= x ^ y; } + +#if (INT_MAX < INT32_MAX) + /* We don't support int smaller than 32-bits, but if someone tried to build + * with this configuration, there is a risk that, for differing data, the + * only bits set in diff are in the top 16-bits, and would be lost by a + * simple cast from uint32 to int. + * This would have significant security implications, so protect against it. */ +#error "mbedtls_ct_memcmp() requires minimum 32-bit ints" +#else + /* The bit-twiddling ensures that when we cast uint32_t to int, we are casting + * a value that is in the range 0..INT_MAX - a value larger than this would + * result in implementation defined behaviour. + * + * This ensures that the value returned by the function is non-zero iff + * diff is non-zero. + */ + return (int) ((diff & 0xffff) | (diff >> 16)); +#endif +} + +#if defined(MBEDTLS_NIST_KW_C) + +int mbedtls_ct_memcmp_partial(const void *a, + const void *b, + size_t n, + size_t skip_head, + size_t skip_tail) +{ + unsigned int diff = 0; + + volatile const unsigned char *A = (volatile const unsigned char *) a; + volatile const unsigned char *B = (volatile const unsigned char *) b; + + size_t valid_end = n - skip_tail; + + for (size_t i = 0; i < n; i++) { + unsigned char x = A[i], y = B[i]; + unsigned int d = x ^ y; + mbedtls_ct_condition_t valid = mbedtls_ct_bool_and(mbedtls_ct_uint_ge(i, skip_head), + mbedtls_ct_uint_lt(i, valid_end)); + diff |= mbedtls_ct_uint_if_else_0(valid, d); + } + + /* Since we go byte-by-byte, the only bits set will be in the bottom 8 bits, so the + * cast from uint to int is safe. */ return (int) diff; } -unsigned mbedtls_ct_uint_mask(unsigned value) -{ - /* MSVC has a warning about unary minus on unsigned, but this is - * well-defined and precisely what we want to do here */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) #endif - return -((value | -value) >> (sizeof(value) * 8 - 1)); -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif -} - -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - -size_t mbedtls_ct_size_mask(size_t value) -{ - /* MSVC has a warning about unary minus on unsigned integer types, - * but this is well-defined and precisely what we want to do here. */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - return -((value | -value) >> (sizeof(value) * 8 - 1)); -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif -} - -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ - -#if defined(MBEDTLS_BIGNUM_C) - -mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value) -{ - /* MSVC has a warning about unary minus on unsigned, but this is - * well-defined and precisely what we want to do here */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - return -((value | -value) >> (sizeof(value) * 8 - 1)); -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif -} - -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) - -/** Constant-flow mask generation for "less than" comparison: - * - if \p x < \p y, return all-bits 1, that is (size_t) -1 - * - otherwise, return all bits 0, that is 0 - * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. - * - * \param x The first value to analyze. - * \param y The second value to analyze. - * - * \return All-bits-one if \p x is less than \p y, otherwise zero. - */ -static size_t mbedtls_ct_size_mask_lt(size_t x, - size_t y) -{ - /* This has the most significant bit set if and only if x < y */ - const size_t sub = x - y; - - /* sub1 = (x < y) ? 1 : 0 */ - const size_t sub1 = sub >> (sizeof(sub) * 8 - 1); - - /* mask = (x < y) ? 0xff... : 0x00... */ - const size_t mask = mbedtls_ct_size_mask(sub1); - - return mask; -} - -size_t mbedtls_ct_size_mask_ge(size_t x, - size_t y) -{ - return ~mbedtls_ct_size_mask_lt(x, y); -} - -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ - -#if defined(MBEDTLS_BASE64_C) - -/* Return 0xff if low <= c <= high, 0 otherwise. - * - * Constant flow with respect to c. - */ -MBEDTLS_STATIC_TESTABLE -unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low, - unsigned char high, - unsigned char c) -{ - /* low_mask is: 0 if low <= c, 0x...ff if low > c */ - unsigned low_mask = ((unsigned) c - low) >> 8; - /* high_mask is: 0 if c <= high, 0x...ff if c > high */ - unsigned high_mask = ((unsigned) high - c) >> 8; - return ~(low_mask | high_mask) & 0xff; -} - -#endif /* MBEDTLS_BASE64_C */ - -unsigned mbedtls_ct_size_bool_eq(size_t x, - size_t y) -{ - /* diff = 0 if x == y, non-zero otherwise */ - const size_t diff = x ^ y; - - /* MSVC has a warning about unary minus on unsigned integer types, - * but this is well-defined and precisely what we want to do here. */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - - /* diff_msb's most significant bit is equal to x != y */ - const size_t diff_msb = (diff | (size_t) -diff); - -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif - - /* diff1 = (x != y) ? 1 : 0 */ - const unsigned diff1 = diff_msb >> (sizeof(diff_msb) * 8 - 1); - - return 1 ^ diff1; -} #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) -/** Constant-flow "greater than" comparison: - * return x > y - * - * This is equivalent to \p x > \p y, but is likely to be compiled - * to code using bitwise operation rather than a branch. - * - * \param x The first value to analyze. - * \param y The second value to analyze. - * - * \return 1 if \p x greater than \p y, otherwise 0. - */ -static unsigned mbedtls_ct_size_gt(size_t x, - size_t y) -{ - /* Return the sign bit (1 for negative) of (y - x). */ - return (y - x) >> (sizeof(size_t) * 8 - 1); -} - -#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ - -#if defined(MBEDTLS_BIGNUM_C) - -unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x, - const mbedtls_mpi_uint y) -{ - mbedtls_mpi_uint ret; - mbedtls_mpi_uint cond; - - /* - * Check if the most significant bits (MSB) of the operands are different. - */ - cond = (x ^ y); - /* - * If the MSB are the same then the difference x-y will be negative (and - * have its MSB set to 1 during conversion to unsigned) if and only if x> (sizeof(mbedtls_mpi_uint) * 8 - 1); - - return (unsigned) ret; -} - -#endif /* MBEDTLS_BIGNUM_C */ - -unsigned mbedtls_ct_uint_if(unsigned condition, - unsigned if1, - unsigned if0) -{ - unsigned mask = mbedtls_ct_uint_mask(condition); - return (mask & if1) | (~mask & if0); -} - -#if defined(MBEDTLS_BIGNUM_C) - -/** Select between two sign values without branches. - * - * This is functionally equivalent to `condition ? if1 : if0` but uses only bit - * operations in order to avoid branches. - * - * \note if1 and if0 must be either 1 or -1, otherwise the result - * is undefined. - * - * \param condition Condition to test; must be either 0 or 1. - * \param if1 The first sign; must be either +1 or -1. - * \param if0 The second sign; must be either +1 or -1. - * - * \return \c if1 if \p condition is nonzero, otherwise \c if0. - * */ -static int mbedtls_ct_cond_select_sign(unsigned char condition, - int if1, - int if0) -{ - /* In order to avoid questions about what we can reasonably assume about - * the representations of signed integers, move everything to unsigned - * by taking advantage of the fact that if1 and if0 are either +1 or -1. */ - unsigned uif1 = if1 + 1; - unsigned uif0 = if0 + 1; - - /* condition was 0 or 1, mask is 0 or 2 as are uif1 and uif0 */ - const unsigned mask = condition << 1; - - /* select uif1 or uif0 */ - unsigned ur = (uif0 & ~mask) | (uif1 & mask); - - /* ur is now 0 or 2, convert back to -1 or +1 */ - return (int) ur - 1; -} - -void mbedtls_ct_mpi_uint_cond_assign(size_t n, - mbedtls_mpi_uint *dest, - const mbedtls_mpi_uint *src, - unsigned char condition) -{ - size_t i; - - /* MSVC has a warning about unary minus on unsigned integer types, - * but this is well-defined and precisely what we want to do here. */ -#if defined(_MSC_VER) -#pragma warning( push ) -#pragma warning( disable : 4146 ) -#endif - - /* all-bits 1 if condition is 1, all-bits 0 if condition is 0 */ - const mbedtls_mpi_uint mask = -condition; - -#if defined(_MSC_VER) -#pragma warning( pop ) -#endif - - for (i = 0; i < n; i++) { - dest[i] = (src[i] & mask) | (dest[i] & ~mask); - } -} - -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_BASE64_C) - -unsigned char mbedtls_ct_base64_enc_char(unsigned char value) -{ - unsigned char digit = 0; - /* For each range of values, if value is in that range, mask digit with - * the corresponding value. Since value can only be in a single range, - * only at most one masking will change digit. */ - digit |= mbedtls_ct_uchar_mask_of_range(0, 25, value) & ('A' + value); - digit |= mbedtls_ct_uchar_mask_of_range(26, 51, value) & ('a' + value - 26); - digit |= mbedtls_ct_uchar_mask_of_range(52, 61, value) & ('0' + value - 52); - digit |= mbedtls_ct_uchar_mask_of_range(62, 62, value) & '+'; - digit |= mbedtls_ct_uchar_mask_of_range(63, 63, value) & '/'; - return digit; -} - -signed char mbedtls_ct_base64_dec_value(unsigned char c) -{ - unsigned char val = 0; - /* For each range of digits, if c is in that range, mask val with - * the corresponding value. Since c can only be in a single range, - * only at most one masking will change val. Set val to one plus - * the desired value so that it stays 0 if c is in none of the ranges. */ - val |= mbedtls_ct_uchar_mask_of_range('A', 'Z', c) & (c - 'A' + 0 + 1); - val |= mbedtls_ct_uchar_mask_of_range('a', 'z', c) & (c - 'a' + 26 + 1); - val |= mbedtls_ct_uchar_mask_of_range('0', '9', c) & (c - '0' + 52 + 1); - val |= mbedtls_ct_uchar_mask_of_range('+', '+', c) & (c - '+' + 62 + 1); - val |= mbedtls_ct_uchar_mask_of_range('/', '/', c) & (c - '/' + 63 + 1); - /* At this point, val is 0 if c is an invalid digit and v+1 if c is - * a digit with the value v. */ - return val - 1; -} - -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) - -/** Shift some data towards the left inside a buffer. - * - * `mbedtls_ct_mem_move_to_left(start, total, offset)` is functionally - * equivalent to - * ``` - * memmove(start, start + offset, total - offset); - * memset(start + offset, 0, total - offset); - * ``` - * but it strives to use a memory access pattern (and thus total timing) - * that does not depend on \p offset. This timing independence comes at - * the expense of performance. - * - * \param start Pointer to the start of the buffer. - * \param total Total size of the buffer. - * \param offset Offset from which to copy \p total - \p offset bytes. - */ -static void mbedtls_ct_mem_move_to_left(void *start, - size_t total, - size_t offset) +void mbedtls_ct_memmove_left(void *start, size_t total, size_t offset) { volatile unsigned char *buf = start; - size_t i, n; - if (total == 0) { - return; - } - for (i = 0; i < total; i++) { - unsigned no_op = mbedtls_ct_size_gt(total - offset, i); + for (size_t i = 0; i < total; i++) { + mbedtls_ct_condition_t no_op = mbedtls_ct_uint_gt(total - offset, i); /* The first `total - offset` passes are a no-op. The last * `offset` passes shift the data one byte to the left and * zero out the last byte. */ - for (n = 0; n < total - 1; n++) { + for (size_t n = 0; n < total - 1; n++) { unsigned char current = buf[n]; - unsigned char next = buf[n+1]; + unsigned char next = buf[n+1]; buf[n] = mbedtls_ct_uint_if(no_op, current, next); } - buf[total-1] = mbedtls_ct_uint_if(no_op, buf[total-1], 0); + buf[total-1] = mbedtls_ct_uint_if_else_0(no_op, buf[total-1]); } } #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - -void mbedtls_ct_memcpy_if_eq(unsigned char *dest, - const unsigned char *src, - size_t len, - size_t c1, - size_t c2) +void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition, + unsigned char *dest, + const unsigned char *src1, + const unsigned char *src2, + size_t len) { - /* mask = c1 == c2 ? 0xff : 0x00 */ - const size_t equal = mbedtls_ct_size_bool_eq(c1, c2); - const unsigned char mask = (unsigned char) mbedtls_ct_size_mask(equal); +#if defined(MBEDTLS_CT_SIZE_64) + const uint64_t mask = (uint64_t) condition; + const uint64_t not_mask = (uint64_t) ~mbedtls_ct_compiler_opaque(condition); +#else + const uint32_t mask = (uint32_t) condition; + const uint32_t not_mask = (uint32_t) ~mbedtls_ct_compiler_opaque(condition); +#endif + + /* If src2 is NULL, setup src2 so that we read from the destination address. + * + * This means that if src2 == NULL && condition is false, the result will be a + * no-op because we read from dest and write the same data back into dest. + */ + if (src2 == NULL) { + src2 = dest; + } /* dest[i] = c1 == c2 ? src[i] : dest[i] */ - for (size_t i = 0; i < len; i++) { - dest[i] = (src[i] & mask) | (dest[i] & ~mask); + size_t i = 0; +#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) +#if defined(MBEDTLS_CT_SIZE_64) + for (; (i + 8) <= len; i += 8) { + uint64_t a = mbedtls_get_unaligned_uint64(src1 + i) & mask; + uint64_t b = mbedtls_get_unaligned_uint64(src2 + i) & not_mask; + mbedtls_put_unaligned_uint64(dest + i, a | b); + } +#else + for (; (i + 4) <= len; i += 4) { + uint32_t a = mbedtls_get_unaligned_uint32(src1 + i) & mask; + uint32_t b = mbedtls_get_unaligned_uint32(src2 + i) & not_mask; + mbedtls_put_unaligned_uint32(dest + i, a | b); + } +#endif /* defined(MBEDTLS_CT_SIZE_64) */ +#endif /* MBEDTLS_EFFICIENT_UNALIGNED_ACCESS */ + for (; i < len; i++) { + dest[i] = (src1[i] & mask) | (src2[i] & not_mask); } } @@ -432,547 +247,27 @@ void mbedtls_ct_memcpy_offset(unsigned char *dest, size_t offsetval; for (offsetval = offset_min; offsetval <= offset_max; offsetval++) { - mbedtls_ct_memcpy_if_eq(dest, src + offsetval, len, - offsetval, offset); + mbedtls_ct_memcpy_if(mbedtls_ct_uint_eq(offsetval, offset), dest, src + offsetval, NULL, + len); } } -#if defined(MBEDTLS_USE_PSA_CRYPTO) - -#if defined(PSA_WANT_ALG_SHA_384) -#define MAX_HASH_BLOCK_LENGTH PSA_HASH_BLOCK_LENGTH(PSA_ALG_SHA_384) -#elif defined(PSA_WANT_ALG_SHA_256) -#define MAX_HASH_BLOCK_LENGTH PSA_HASH_BLOCK_LENGTH(PSA_ALG_SHA_256) -#else /* See check_config.h */ -#define MAX_HASH_BLOCK_LENGTH PSA_HASH_BLOCK_LENGTH(PSA_ALG_SHA_1) -#endif - -int mbedtls_ct_hmac(mbedtls_svc_key_id_t key, - psa_algorithm_t mac_alg, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output) -{ - /* - * This function breaks the HMAC abstraction and uses psa_hash_clone() - * extension in order to get constant-flow behaviour. - * - * HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means - * concatenation, and okey/ikey are the XOR of the key with some fixed bit - * patterns (see RFC 2104, sec. 2). - * - * We'll first compute ikey/okey, then inner_hash = HASH(ikey + msg) by - * hashing up to minlen, then cloning the context, and for each byte up - * to maxlen finishing up the hash computation, keeping only the - * correct result. - * - * Then we only need to compute HASH(okey + inner_hash) and we're done. - */ - psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH(mac_alg); - const size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg); - unsigned char key_buf[MAX_HASH_BLOCK_LENGTH]; - const size_t hash_size = PSA_HASH_LENGTH(hash_alg); - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - size_t hash_length; - - unsigned char aux_out[PSA_HASH_MAX_SIZE]; - psa_hash_operation_t aux_operation = PSA_HASH_OPERATION_INIT; - size_t offset; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - size_t mac_key_length; - size_t i; - -#define PSA_CHK(func_call) \ - do { \ - status = (func_call); \ - if (status != PSA_SUCCESS) \ - goto cleanup; \ - } while (0) - - /* Export MAC key - * We assume key length is always exactly the output size - * which is never more than the block size, thus we use block_size - * as the key buffer size. - */ - PSA_CHK(psa_export_key(key, key_buf, block_size, &mac_key_length)); - - /* Calculate ikey */ - for (i = 0; i < mac_key_length; i++) { - key_buf[i] = (unsigned char) (key_buf[i] ^ 0x36); - } - for (; i < block_size; ++i) { - key_buf[i] = 0x36; - } - - PSA_CHK(psa_hash_setup(&operation, hash_alg)); - - /* Now compute inner_hash = HASH(ikey + msg) */ - PSA_CHK(psa_hash_update(&operation, key_buf, block_size)); - PSA_CHK(psa_hash_update(&operation, add_data, add_data_len)); - PSA_CHK(psa_hash_update(&operation, data, min_data_len)); - - /* Fill the hash buffer in advance with something that is - * not a valid hash (barring an attack on the hash and - * deliberately-crafted input), in case the caller doesn't - * check the return status properly. */ - memset(output, '!', hash_size); - - /* For each possible length, compute the hash up to that point */ - for (offset = min_data_len; offset <= max_data_len; offset++) { - PSA_CHK(psa_hash_clone(&operation, &aux_operation)); - PSA_CHK(psa_hash_finish(&aux_operation, aux_out, - PSA_HASH_MAX_SIZE, &hash_length)); - /* Keep only the correct inner_hash in the output buffer */ - mbedtls_ct_memcpy_if_eq(output, aux_out, hash_size, - offset, data_len_secret); - - if (offset < max_data_len) { - PSA_CHK(psa_hash_update(&operation, data + offset, 1)); - } - } - - /* Abort current operation to prepare for final operation */ - PSA_CHK(psa_hash_abort(&operation)); - - /* Calculate okey */ - for (i = 0; i < mac_key_length; i++) { - key_buf[i] = (unsigned char) ((key_buf[i] ^ 0x36) ^ 0x5C); - } - for (; i < block_size; ++i) { - key_buf[i] = 0x5C; - } - - /* Now compute HASH(okey + inner_hash) */ - PSA_CHK(psa_hash_setup(&operation, hash_alg)); - PSA_CHK(psa_hash_update(&operation, key_buf, block_size)); - PSA_CHK(psa_hash_update(&operation, output, hash_size)); - PSA_CHK(psa_hash_finish(&operation, output, hash_size, &hash_length)); - -#undef PSA_CHK - -cleanup: - mbedtls_platform_zeroize(key_buf, MAX_HASH_BLOCK_LENGTH); - mbedtls_platform_zeroize(aux_out, PSA_HASH_MAX_SIZE); - - psa_hash_abort(&operation); - psa_hash_abort(&aux_operation); - return psa_ssl_status_to_mbedtls(status); -} - -#undef MAX_HASH_BLOCK_LENGTH - -#else -int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output) -{ - /* - * This function breaks the HMAC abstraction and uses the md_clone() - * extension to the MD API in order to get constant-flow behaviour. - * - * HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means - * concatenation, and okey/ikey are the XOR of the key with some fixed bit - * patterns (see RFC 2104, sec. 2), which are stored in ctx->hmac_ctx. - * - * We'll first compute inner_hash = HASH(ikey + msg) by hashing up to - * minlen, then cloning the context, and for each byte up to maxlen - * finishing up the hash computation, keeping only the correct result. - * - * Then we only need to compute HASH(okey + inner_hash) and we're done. - */ - const mbedtls_md_type_t md_alg = mbedtls_md_get_type(ctx->md_info); - /* TLS 1.2 only supports SHA-384, SHA-256, SHA-1, MD-5, - * all of which have the same block size except SHA-384. */ - const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64; - const unsigned char * const ikey = ctx->hmac_ctx; - const unsigned char * const okey = ikey + block_size; - const size_t hash_size = mbedtls_md_get_size(ctx->md_info); - - unsigned char aux_out[MBEDTLS_MD_MAX_SIZE]; - mbedtls_md_context_t aux; - size_t offset; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - mbedtls_md_init(&aux); - -#define MD_CHK(func_call) \ - do { \ - ret = (func_call); \ - if (ret != 0) \ - goto cleanup; \ - } while (0) - - MD_CHK(mbedtls_md_setup(&aux, ctx->md_info, 0)); - - /* After hmac_start() of hmac_reset(), ikey has already been hashed, - * so we can start directly with the message */ - MD_CHK(mbedtls_md_update(ctx, add_data, add_data_len)); - MD_CHK(mbedtls_md_update(ctx, data, min_data_len)); - - /* Fill the hash buffer in advance with something that is - * not a valid hash (barring an attack on the hash and - * deliberately-crafted input), in case the caller doesn't - * check the return status properly. */ - memset(output, '!', hash_size); - - /* For each possible length, compute the hash up to that point */ - for (offset = min_data_len; offset <= max_data_len; offset++) { - MD_CHK(mbedtls_md_clone(&aux, ctx)); - MD_CHK(mbedtls_md_finish(&aux, aux_out)); - /* Keep only the correct inner_hash in the output buffer */ - mbedtls_ct_memcpy_if_eq(output, aux_out, hash_size, - offset, data_len_secret); - - if (offset < max_data_len) { - MD_CHK(mbedtls_md_update(ctx, data + offset, 1)); - } - } - - /* The context needs to finish() before it starts() again */ - MD_CHK(mbedtls_md_finish(ctx, aux_out)); - - /* Now compute HASH(okey + inner_hash) */ - MD_CHK(mbedtls_md_starts(ctx)); - MD_CHK(mbedtls_md_update(ctx, okey, block_size)); - MD_CHK(mbedtls_md_update(ctx, output, hash_size)); - MD_CHK(mbedtls_md_finish(ctx, output)); - - /* Done, get ready for next time */ - MD_CHK(mbedtls_md_hmac_reset(ctx)); - -#undef MD_CHK - -cleanup: - mbedtls_md_free(&aux); - return ret; -} -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ - -#if defined(MBEDTLS_BIGNUM_C) - -#define MPI_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA) - -/* - * Conditionally assign X = Y, without leaking information - * about whether the assignment was made or not. - * (Leaking information about the respective sizes of X and Y is ok however.) - */ -#if defined(_MSC_VER) && defined(_M_ARM64) && (_MSC_FULL_VER < 193131103) -/* - * MSVC miscompiles this function if it's inlined prior to Visual Studio 2022 version 17.1. See: - * https://developercommunity.visualstudio.com/t/c-compiler-miscompiles-part-of-mbedtls-library-on/1646989 - */ -__declspec(noinline) -#endif -int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, - const mbedtls_mpi *Y, - unsigned char assign) -{ - int ret = 0; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); - - /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */ - mbedtls_mpi_uint limb_mask = mbedtls_ct_mpi_uint_mask(assign); - - MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); - - X->s = mbedtls_ct_cond_select_sign(assign, Y->s, X->s); - - mbedtls_mpi_core_cond_assign(X->p, Y->p, Y->n, assign); - - for (size_t i = Y->n; i < X->n; i++) { - X->p[i] &= ~limb_mask; - } - -cleanup: - return ret; -} - -/* - * Conditionally swap X and Y, without leaking information - * about whether the swap was made or not. - * Here it is not ok to simply swap the pointers, which would lead to - * different memory access patterns when X and Y are used afterwards. - */ -int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, - mbedtls_mpi *Y, - unsigned char swap) -{ - int ret = 0; - int s; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); - - if (X == Y) { - return 0; - } - - MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); - MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n)); - - s = X->s; - X->s = mbedtls_ct_cond_select_sign(swap, Y->s, X->s); - Y->s = mbedtls_ct_cond_select_sign(swap, s, Y->s); - - mbedtls_mpi_core_cond_swap(X->p, Y->p, X->n, swap); - -cleanup: - return ret; -} - -/* - * Compare unsigned values in constant time - */ -unsigned mbedtls_mpi_core_lt_ct(const mbedtls_mpi_uint *A, - const mbedtls_mpi_uint *B, - size_t limbs) -{ - unsigned ret, cond, done; - - /* The value of any of these variables is either 0 or 1 for the rest of - * their scope. */ - ret = cond = done = 0; - - for (size_t i = limbs; i > 0; i--) { - /* - * If B[i - 1] < A[i - 1] then A < B is false and the result must - * remain 0. - * - * Again even if we can make a decision, we just mark the result and - * the fact that we are done and continue looping. - */ - cond = mbedtls_ct_mpi_uint_lt(B[i - 1], A[i - 1]); - done |= cond; - - /* - * If A[i - 1] < B[i - 1] then A < B is true. - * - * Again even if we can make a decision, we just mark the result and - * the fact that we are done and continue looping. - */ - cond = mbedtls_ct_mpi_uint_lt(A[i - 1], B[i - 1]); - ret |= cond & (1 - done); - done |= cond; - } - - /* - * If all the limbs were equal, then the numbers are equal, A < B is false - * and leaving the result 0 is correct. - */ - - return ret; -} - -/* - * Compare signed values in constant time - */ -int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, - const mbedtls_mpi *Y, - unsigned *ret) -{ - size_t i; - /* The value of any of these variables is either 0 or 1 at all times. */ - unsigned cond, done, X_is_negative, Y_is_negative; - - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); - MPI_VALIDATE_RET(ret != NULL); - - if (X->n != Y->n) { - return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; - } - - /* - * Set sign_N to 1 if N >= 0, 0 if N < 0. - * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0. - */ - X_is_negative = (X->s & 2) >> 1; - Y_is_negative = (Y->s & 2) >> 1; - - /* - * If the signs are different, then the positive operand is the bigger. - * That is if X is negative (X_is_negative == 1), then X < Y is true and it - * is false if X is positive (X_is_negative == 0). - */ - cond = (X_is_negative ^ Y_is_negative); - *ret = cond & X_is_negative; - - /* - * This is a constant-time function. We might have the result, but we still - * need to go through the loop. Record if we have the result already. - */ - done = cond; - - for (i = X->n; i > 0; i--) { - /* - * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both - * X and Y are negative. - * - * Again even if we can make a decision, we just mark the result and - * the fact that we are done and continue looping. - */ - cond = mbedtls_ct_mpi_uint_lt(Y->p[i - 1], X->p[i - 1]); - *ret |= cond & (1 - done) & X_is_negative; - done |= cond; - - /* - * If X->p[i - 1] < Y->p[i - 1] then X < Y is true if and only if both - * X and Y are positive. - * - * Again even if we can make a decision, we just mark the result and - * the fact that we are done and continue looping. - */ - cond = mbedtls_ct_mpi_uint_lt(X->p[i - 1], Y->p[i - 1]); - *ret |= cond & (1 - done) & (1 - X_is_negative); - done |= cond; - } - - return 0; -} - -#endif /* MBEDTLS_BIGNUM_C */ - #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) -int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input, - size_t ilen, - unsigned char *output, - size_t output_max_len, - size_t *olen) +void mbedtls_ct_zeroize_if(mbedtls_ct_condition_t condition, void *buf, size_t len) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, plaintext_max_size; - - /* The following variables take sensitive values: their value must - * not leak into the observable behavior of the function other than - * the designated outputs (output, olen, return value). Otherwise - * this would open the execution of the function to - * side-channel-based variants of the Bleichenbacher padding oracle - * attack. Potential side channels include overall timing, memory - * access patterns (especially visible to an adversary who has access - * to a shared memory cache), and branches (especially visible to - * an adversary who has access to a shared code cache or to a shared - * branch predictor). */ - size_t pad_count = 0; - unsigned bad = 0; - unsigned char pad_done = 0; - size_t plaintext_size = 0; - unsigned output_too_large; - - plaintext_max_size = (output_max_len > ilen - 11) ? ilen - 11 - : output_max_len; - - /* Check and get padding length in constant time and constant - * memory trace. The first byte must be 0. */ - bad |= input[0]; - - - /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 - * where PS must be at least 8 nonzero bytes. */ - bad |= input[1] ^ MBEDTLS_RSA_CRYPT; - - /* Read the whole buffer. Set pad_done to nonzero if we find - * the 0x00 byte and remember the padding length in pad_count. */ - for (i = 2; i < ilen; i++) { - pad_done |= ((input[i] | (unsigned char) -input[i]) >> 7) ^ 1; - pad_count += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1; + uint32_t mask = (uint32_t) ~condition; + uint8_t *p = (uint8_t *) buf; + size_t i = 0; +#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) + for (; (i + 4) <= len; i += 4) { + mbedtls_put_unaligned_uint32((void *) (p + i), + mbedtls_get_unaligned_uint32((void *) (p + i)) & mask); } - - - /* If pad_done is still zero, there's no data, only unfinished padding. */ - bad |= mbedtls_ct_uint_if(pad_done, 0, 1); - - /* There must be at least 8 bytes of padding. */ - bad |= mbedtls_ct_size_gt(8, pad_count); - - /* If the padding is valid, set plaintext_size to the number of - * remaining bytes after stripping the padding. If the padding - * is invalid, avoid leaking this fact through the size of the - * output: use the maximum message size that fits in the output - * buffer. Do it without branches to avoid leaking the padding - * validity through timing. RSA keys are small enough that all the - * size_t values involved fit in unsigned int. */ - plaintext_size = mbedtls_ct_uint_if( - bad, (unsigned) plaintext_max_size, - (unsigned) (ilen - pad_count - 3)); - - /* Set output_too_large to 0 if the plaintext fits in the output - * buffer and to 1 otherwise. */ - output_too_large = mbedtls_ct_size_gt(plaintext_size, - plaintext_max_size); - - /* Set ret without branches to avoid timing attacks. Return: - * - INVALID_PADDING if the padding is bad (bad != 0). - * - OUTPUT_TOO_LARGE if the padding is good but the decrypted - * plaintext does not fit in the output buffer. - * - 0 if the padding is correct. */ - ret = -(int) mbedtls_ct_uint_if( - bad, -MBEDTLS_ERR_RSA_INVALID_PADDING, - mbedtls_ct_uint_if(output_too_large, - -MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE, - 0)); - - /* If the padding is bad or the plaintext is too large, zero the - * data that we're about to copy to the output buffer. - * We need to copy the same amount of data - * from the same buffer whether the padding is good or not to - * avoid leaking the padding validity through overall timing or - * through memory or cache access patterns. */ - bad = mbedtls_ct_uint_mask(bad | output_too_large); - for (i = 11; i < ilen; i++) { - input[i] &= ~bad; +#endif + for (; i < len; i++) { + p[i] = p[i] & mask; } - - /* If the plaintext is too large, truncate it to the buffer size. - * Copy anyway to avoid revealing the length through timing, because - * revealing the length is as bad as revealing the padding validity - * for a Bleichenbacher attack. */ - plaintext_size = mbedtls_ct_uint_if(output_too_large, - (unsigned) plaintext_max_size, - (unsigned) plaintext_size); - - /* Move the plaintext to the leftmost position where it can start in - * the working buffer, i.e. make it start plaintext_max_size from - * the end of the buffer. Do this with a memory access trace that - * does not depend on the plaintext size. After this move, the - * starting location of the plaintext is no longer sensitive - * information. */ - mbedtls_ct_mem_move_to_left(input + ilen - plaintext_max_size, - plaintext_max_size, - plaintext_max_size - plaintext_size); - - /* Finally copy the decrypted plaintext plus trailing zeros into the output - * buffer. If output_max_len is 0, then output may be an invalid pointer - * and the result of memcpy() would be undefined; prevent undefined - * behavior making sure to depend only on output_max_len (the size of the - * user-provided output buffer), which is independent from plaintext - * length, validity of padding, success of the decryption, and other - * secrets. */ - if (output_max_len != 0) { - memcpy(output, input + ilen - plaintext_max_size, plaintext_max_size); - } - - /* Report the amount of data we copied to the output buffer. In case - * of errors (bad padding or output too large), the value of *olen - * when this function returns is not specified. Making it equivalent - * to the good case limits the risks of leaking the padding validity. */ - *olen = plaintext_size; - - return ret; } -#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ +#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) */ diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h new file mode 100644 index 000000000..7759ac384 --- /dev/null +++ b/library/constant_time_impl.h @@ -0,0 +1,566 @@ +/** + * Constant-time functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_CONSTANT_TIME_IMPL_H +#define MBEDTLS_CONSTANT_TIME_IMPL_H + +#include + +#include "common.h" + +#if defined(MBEDTLS_BIGNUM_C) +#include "mbedtls/bignum.h" +#endif + +/* + * To improve readability of constant_time_internal.h, the static inline + * definitions are here, and constant_time_internal.h has only the declarations. + * + * This results in duplicate declarations of the form: + * static inline void f(); // from constant_time_internal.h + * static inline void f() { ... } // from constant_time_impl.h + * when constant_time_internal.h is included. + * + * This appears to behave as if the declaration-without-definition was not present + * (except for warnings if gcc -Wredundant-decls or similar is used). + * + * Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled + * at the bottom of this file. + */ +#ifdef __GNUC__ + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Wredundant-decls" +#endif + +/* Disable asm under Memsan because it confuses Memsan and generates false errors. + * + * We also disable under Valgrind by default, because it's more useful + * for Valgrind to test the plain C implementation. MBEDTLS_TEST_CONSTANT_FLOW_ASM //no-check-names + * may be set to permit building asm under Valgrind. + */ +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) || \ + (defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) && !defined(MBEDTLS_TEST_CONSTANT_FLOW_ASM)) //no-check-names +#define MBEDTLS_CT_NO_ASM +#elif defined(__has_feature) +#if __has_feature(memory_sanitizer) +#define MBEDTLS_CT_NO_ASM +#endif +#endif + +/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ +#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && (!defined(__ARMCC_VERSION) || \ + __ARMCC_VERSION >= 6000000) && !defined(MBEDTLS_CT_NO_ASM) +#define MBEDTLS_CT_ASM +#if (defined(__arm__) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_CT_ARM_ASM +#elif defined(__aarch64__) +#define MBEDTLS_CT_AARCH64_ASM +#elif defined(__amd64__) || defined(__x86_64__) +#define MBEDTLS_CT_X86_64_ASM +#elif defined(__i386__) +#define MBEDTLS_CT_X86_ASM +#endif +#endif + +#define MBEDTLS_CT_SIZE (sizeof(mbedtls_ct_uint_t) * 8) + + +/* ============================================================================ + * Core const-time primitives + */ + +/* Ensure that the compiler cannot know the value of x (i.e., cannot optimise + * based on its value) after this function is called. + * + * If we are not using assembly, this will be fairly inefficient, so its use + * should be minimised. + */ + +#if !defined(MBEDTLS_CT_ASM) +extern volatile mbedtls_ct_uint_t mbedtls_ct_zero; +#endif + +/** + * \brief Ensure that a value cannot be known at compile time. + * + * \param x The value to hide from the compiler. + * \return The same value that was passed in, such that the compiler + * cannot prove its value (even for calls of the form + * x = mbedtls_ct_compiler_opaque(1), x will be unknown). + * + * \note This is mainly used in constructing mbedtls_ct_condition_t + * values and performing operations over them, to ensure that + * there is no way for the compiler to ever know anything about + * the value of an mbedtls_ct_condition_t. + */ +static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) +{ +#if defined(MBEDTLS_CT_ASM) + asm volatile ("" : [x] "+r" (x) :); + return x; +#else + return x ^ mbedtls_ct_zero; +#endif +} + +/* + * Selecting unified syntax is needed for gcc, and harmless on clang. + * + * This is needed because on Thumb 1, condition flags are always set, so + * e.g. "negs" is supported but "neg" is not (on Thumb 2, both exist). + * + * Under Thumb 1 unified syntax, only the "negs" form is accepted, and + * under divided syntax, only the "neg" form is accepted. clang only + * supports unified syntax. + * + * On Thumb 2 and Arm, both compilers are happy with the "s" suffix, + * although we don't actually care about setting the flags. + * + * For gcc, restore divided syntax afterwards - otherwise old versions of gcc + * seem to apply unified syntax globally, which breaks other asm code. + */ +#if !defined(__clang__) +#define RESTORE_ASM_SYNTAX ".syntax divided \n\t" +#else +#define RESTORE_ASM_SYNTAX +#endif + +/* Convert a number into a condition in constant time. */ +static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x) +{ + /* + * Define mask-generation code that, as far as possible, will not use branches or conditional instructions. + * + * For some platforms / type sizes, we define assembly to assure this. + * + * Otherwise, we define a plain C fallback which (in May 2023) does not get optimised into + * conditional instructions or branches by trunk clang, gcc, or MSVC v19. + */ +#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + mbedtls_ct_uint_t s; + asm volatile ("neg %x[s], %x[x] \n\t" + "orr %x[x], %x[s], %x[x] \n\t" + "asr %x[x], %x[x], 63 \n\t" + : + [s] "=&r" (s), + [x] "+&r" (x) + : + : + ); + return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32) + uint32_t s; + asm volatile (".syntax unified \n\t" + "negs %[s], %[x] \n\t" + "orrs %[x], %[x], %[s] \n\t" + "asrs %[x], %[x], #31 \n\t" + RESTORE_ASM_SYNTAX + : + [s] "=&l" (s), + [x] "+&l" (x) + : + : + "cc" /* clobbers flag bits */ + ); + return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + uint64_t s; + asm volatile ("mov %[x], %[s] \n\t" + "neg %[s] \n\t" + "or %[x], %[s] \n\t" + "sar $63, %[s] \n\t" + : + [s] "=&a" (s) + : + [x] "D" (x) + : + ); + return (mbedtls_ct_condition_t) s; +#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) + uint32_t s; + asm volatile ("mov %[x], %[s] \n\t" + "neg %[s] \n\t" + "or %[s], %[x] \n\t" + "sar $31, %[x] \n\t" + : + [s] "=&c" (s), + [x] "+&a" (x) + : + : + ); + return (mbedtls_ct_condition_t) x; +#else + const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x); +#if defined(_MSC_VER) + /* MSVC has a warning about unary minus on unsigned, but this is + * well-defined and precisely what we want to do here */ +#pragma warning( push ) +#pragma warning( disable : 4146 ) +#endif + // y is negative (i.e., top bit set) iff x is non-zero + mbedtls_ct_int_t y = (-xo) | -(xo >> 1); + + // extract only the sign bit of y so that y == 1 (if x is non-zero) or 0 (if x is zero) + y = (((mbedtls_ct_uint_t) y) >> (MBEDTLS_CT_SIZE - 1)); + + // -y has all bits set (if x is non-zero), or all bits clear (if x is zero) + return (mbedtls_ct_condition_t) (-y); +#if defined(_MSC_VER) +#pragma warning( pop ) +#endif +#endif +} + +static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition, + mbedtls_ct_uint_t if1, + mbedtls_ct_uint_t if0) +{ +#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + asm volatile ("and %x[if1], %x[if1], %x[condition] \n\t" + "mvn %x[condition], %x[condition] \n\t" + "and %x[condition], %x[condition], %x[if0] \n\t" + "orr %x[condition], %x[if1], %x[condition]" + : + [condition] "+&r" (condition), + [if1] "+&r" (if1) + : + [if0] "r" (if0) + : + ); + return (mbedtls_ct_uint_t) condition; +#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32) + asm volatile (".syntax unified \n\t" + "ands %[if1], %[if1], %[condition] \n\t" + "mvns %[condition], %[condition] \n\t" + "ands %[condition], %[condition], %[if0] \n\t" + "orrs %[condition], %[if1], %[condition] \n\t" + RESTORE_ASM_SYNTAX + : + [condition] "+&l" (condition), + [if1] "+&l" (if1) + : + [if0] "l" (if0) + : + "cc" + ); + return (mbedtls_ct_uint_t) condition; +#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + asm volatile ("and %[condition], %[if1] \n\t" + "not %[condition] \n\t" + "and %[condition], %[if0] \n\t" + "or %[if1], %[if0] \n\t" + : + [condition] "+&D" (condition), + [if1] "+&S" (if1), + [if0] "+&a" (if0) + : + : + ); + return if0; +#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) + asm volatile ("and %[condition], %[if1] \n\t" + "not %[condition] \n\t" + "and %[if0], %[condition] \n\t" + "or %[condition], %[if1] \n\t" + : + [condition] "+&c" (condition), + [if1] "+&a" (if1) + : + [if0] "b" (if0) + : + ); + return if1; +#else + mbedtls_ct_condition_t not_cond = + (mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition)); + return (mbedtls_ct_uint_t) ((condition & if1) | (not_cond & if0)); +#endif +} + +static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y) +{ +#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + uint64_t s1; + asm volatile ("eor %x[s1], %x[y], %x[x] \n\t" + "sub %x[x], %x[x], %x[y] \n\t" + "bic %x[x], %x[x], %x[s1] \n\t" + "and %x[s1], %x[s1], %x[y] \n\t" + "orr %x[s1], %x[x], %x[s1] \n\t" + "asr %x[x], %x[s1], 63" + : + [s1] "=&r" (s1), + [x] "+&r" (x) + : + [y] "r" (y) + : + ); + return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32) + uint32_t s1; + asm volatile ( + ".syntax unified \n\t" +#if defined(__thumb__) && !defined(__thumb2__) + "movs %[s1], %[x] \n\t" + "eors %[s1], %[s1], %[y] \n\t" +#else + "eors %[s1], %[x], %[y] \n\t" +#endif + "subs %[x], %[x], %[y] \n\t" + "bics %[x], %[x], %[s1] \n\t" + "ands %[y], %[s1], %[y] \n\t" + "orrs %[x], %[x], %[y] \n\t" + "asrs %[x], %[x], #31 \n\t" + RESTORE_ASM_SYNTAX + : + [s1] "=&l" (s1), + [x] "+&l" (x), + [y] "+&l" (y) + : + : + "cc" + ); + return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_X86_64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64)) + uint64_t s; + asm volatile ("mov %[x], %[s] \n\t" + "xor %[y], %[s] \n\t" + "sub %[y], %[x] \n\t" + "and %[s], %[y] \n\t" + "not %[s] \n\t" + "and %[s], %[x] \n\t" + "or %[y], %[x] \n\t" + "sar $63, %[x] \n\t" + : + [s] "=&a" (s), + [x] "+&D" (x), + [y] "+&S" (y) + : + : + ); + return (mbedtls_ct_condition_t) x; +#elif defined(MBEDTLS_CT_X86_ASM) && defined(MBEDTLS_CT_SIZE_32) + uint32_t s; + asm volatile ("mov %[x], %[s] \n\t" + "xor %[y], %[s] \n\t" + "sub %[y], %[x] \n\t" + "and %[s], %[y] \n\t" + "not %[s] \n\t" + "and %[s], %[x] \n\t" + "or %[y], %[x] \n\t" + "sar $31, %[x] \n\t" + : + [s] "=&b" (s), + [x] "+&a" (x), + [y] "+&c" (y) + : + : + ); + return (mbedtls_ct_condition_t) x; +#else + /* Ensure that the compiler cannot optimise the following operations over x and y, + * even if it knows the value of x and y. + */ + const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x); + const mbedtls_ct_uint_t yo = mbedtls_ct_compiler_opaque(y); + /* + * Check if the most significant bits (MSB) of the operands are different. + * cond is true iff the MSBs differ. + */ + mbedtls_ct_condition_t cond = mbedtls_ct_bool((xo ^ yo) >> (MBEDTLS_CT_SIZE - 1)); + + /* + * If the MSB are the same then the difference x-y will be negative (and + * have its MSB set to 1 during conversion to unsigned) if and only if x> (MBEDTLS_CT_SIZE - 1); + + // Convert to a condition (i.e., all bits set iff non-zero) + return mbedtls_ct_bool(ret); +#endif +} + +static inline mbedtls_ct_condition_t mbedtls_ct_uint_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y) +{ + /* diff = 0 if x == y, non-zero otherwise */ + const mbedtls_ct_uint_t diff = mbedtls_ct_compiler_opaque(x) ^ mbedtls_ct_compiler_opaque(y); + + /* all ones if x != y, 0 otherwise */ + return mbedtls_ct_bool(diff); +} + +static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low, + unsigned char high, + unsigned char c, + unsigned char t) +{ + const unsigned char co = (unsigned char) mbedtls_ct_compiler_opaque(c); + const unsigned char to = (unsigned char) mbedtls_ct_compiler_opaque(t); + + /* low_mask is: 0 if low <= c, 0x...ff if low > c */ + unsigned low_mask = ((unsigned) co - low) >> 8; + /* high_mask is: 0 if c <= high, 0x...ff if c > high */ + unsigned high_mask = ((unsigned) high - co) >> 8; + + return (unsigned char) (~(low_mask | high_mask)) & to; +} + +/* ============================================================================ + * Everything below here is trivial wrapper functions + */ + +static inline size_t mbedtls_ct_size_if(mbedtls_ct_condition_t condition, + size_t if1, + size_t if0) +{ + return (size_t) mbedtls_ct_if(condition, (mbedtls_ct_uint_t) if1, (mbedtls_ct_uint_t) if0); +} + +static inline unsigned mbedtls_ct_uint_if(mbedtls_ct_condition_t condition, + unsigned if1, + unsigned if0) +{ + return (unsigned) mbedtls_ct_if(condition, (mbedtls_ct_uint_t) if1, (mbedtls_ct_uint_t) if0); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_bool_if(mbedtls_ct_condition_t condition, + mbedtls_ct_condition_t if1, + mbedtls_ct_condition_t if0) +{ + return (mbedtls_ct_condition_t) mbedtls_ct_if(condition, (mbedtls_ct_uint_t) if1, + (mbedtls_ct_uint_t) if0); +} + +#if defined(MBEDTLS_BIGNUM_C) + +static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t condition, + mbedtls_mpi_uint if1, + mbedtls_mpi_uint if0) +{ + return (mbedtls_mpi_uint) mbedtls_ct_if(condition, + (mbedtls_ct_uint_t) if1, + (mbedtls_ct_uint_t) if0); +} + +#endif + +static inline size_t mbedtls_ct_size_if_else_0(mbedtls_ct_condition_t condition, size_t if1) +{ + return (size_t) (condition & if1); +} + +static inline unsigned mbedtls_ct_uint_if_else_0(mbedtls_ct_condition_t condition, unsigned if1) +{ + return (unsigned) (condition & if1); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_bool_if_else_0(mbedtls_ct_condition_t condition, + mbedtls_ct_condition_t if1) +{ + return (mbedtls_ct_condition_t) (condition & if1); +} + +#if defined(MBEDTLS_BIGNUM_C) + +static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_condition_t condition, + mbedtls_mpi_uint if1) +{ + return (mbedtls_mpi_uint) (condition & if1); +} + +#endif /* MBEDTLS_BIGNUM_C */ + +static inline int mbedtls_ct_error_if(mbedtls_ct_condition_t condition, int if1, int if0) +{ + /* Coverting int -> uint -> int here is safe, because we require if1 and if0 to be + * in the range -32767..0, and we require 32-bit int and uint types. + * + * This means that (0 <= -if0 < INT_MAX), so negating if0 is safe, and similarly for + * converting back to int. + */ + return -((int) mbedtls_ct_if(condition, (mbedtls_ct_uint_t) (-if1), + (mbedtls_ct_uint_t) (-if0))); +} + +static inline int mbedtls_ct_error_if_else_0(mbedtls_ct_condition_t condition, int if1) +{ + return -((int) (condition & (-if1))); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_uint_eq(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y) +{ + return ~mbedtls_ct_uint_ne(x, y); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_uint_gt(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y) +{ + return mbedtls_ct_uint_lt(y, x); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_uint_ge(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y) +{ + return ~mbedtls_ct_uint_lt(x, y); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_uint_le(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y) +{ + return ~mbedtls_ct_uint_gt(x, y); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_bool_ne(mbedtls_ct_condition_t x, + mbedtls_ct_condition_t y) +{ + return (mbedtls_ct_condition_t) (x ^ y); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_bool_and(mbedtls_ct_condition_t x, + mbedtls_ct_condition_t y) +{ + return (mbedtls_ct_condition_t) (x & y); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_bool_or(mbedtls_ct_condition_t x, + mbedtls_ct_condition_t y) +{ + return (mbedtls_ct_condition_t) (x | y); +} + +static inline mbedtls_ct_condition_t mbedtls_ct_bool_not(mbedtls_ct_condition_t x) +{ + return (mbedtls_ct_condition_t) (~x); +} + +#ifdef __GNUC__ +/* Restore warnings for -Wredundant-decls on gcc */ + #pragma GCC diagnostic pop +#endif + +#endif /* MBEDTLS_CONSTANT_TIME_IMPL_H */ diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index c4a32c7f0..cc26edcd1 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -20,224 +20,506 @@ #ifndef MBEDTLS_CONSTANT_TIME_INTERNAL_H #define MBEDTLS_CONSTANT_TIME_INTERNAL_H +#include +#include + #include "common.h" #if defined(MBEDTLS_BIGNUM_C) #include "mbedtls/bignum.h" #endif -#if defined(MBEDTLS_SSL_TLS_C) -#include "ssl_misc.h" +/* The constant-time interface provides various operations that are likely + * to result in constant-time code that does not branch or use conditional + * instructions for secret data (for secret pointers, this also applies to + * the data pointed to). + * + * It has three main parts: + * + * - boolean operations + * These are all named mbedtls_ct__. + * They operate over and return mbedtls_ct_condition_t. + * All arguments are considered secret. + * example: bool x = y | z => x = mbedtls_ct_bool_or(y, z) + * example: bool x = y == z => x = mbedtls_ct_uint_eq(y, z) + * + * - conditional data selection + * These are all named mbedtls_ct__if and mbedtls_ct__if_else_0 + * All arguments are considered secret. + * example: size_t a = x ? b : c => a = mbedtls_ct_size_if(x, b, c) + * example: unsigned a = x ? b : 0 => a = mbedtls_ct_uint_if_else_0(x, b) + * + * - block memory operations + * Only some arguments are considered secret, as documented for each + * function. + * example: if (x) memcpy(...) => mbedtls_ct_memcpy_if(x, ...) + * + * mbedtls_ct_condition_t must be treated as opaque and only created and + * manipulated via the functions in this header. The compiler should never + * be able to prove anything about its value at compile-time. + * + * mbedtls_ct_uint_t is an unsigned integer type over which constant time + * operations may be performed via the functions in this header. It is as big + * as the larger of size_t and mbedtls_mpi_uint, i.e. it is safe to cast + * to/from "unsigned int", "size_t", and "mbedtls_mpi_uint" (and any other + * not-larger integer types). + * + * For Arm (32-bit, 64-bit and Thumb), x86 and x86-64, assembly implementations + * are used to ensure that the generated code is constant time. For other + * architectures, it uses a plain C fallback designed to yield constant-time code + * (this has been observed to be constant-time on latest gcc, clang and MSVC + * as of May 2023). + * + * For readability, the static inline definitions are separated out into + * constant_time_impl.h. + */ + +#if (SIZE_MAX > 0xffffffffffffffffULL) +/* Pointer size > 64-bit */ +typedef size_t mbedtls_ct_condition_t; +typedef size_t mbedtls_ct_uint_t; +typedef ptrdiff_t mbedtls_ct_int_t; +#define MBEDTLS_CT_TRUE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(SIZE_MAX)) +#elif (SIZE_MAX > 0xffffffff) || defined(MBEDTLS_HAVE_INT64) +/* 32-bit < pointer size <= 64-bit, or 64-bit MPI */ +typedef uint64_t mbedtls_ct_condition_t; +typedef uint64_t mbedtls_ct_uint_t; +typedef int64_t mbedtls_ct_int_t; +#define MBEDTLS_CT_SIZE_64 +#define MBEDTLS_CT_TRUE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(UINT64_MAX)) +#else +/* Pointer size <= 32-bit, and no 64-bit MPIs */ +typedef uint32_t mbedtls_ct_condition_t; +typedef uint32_t mbedtls_ct_uint_t; +typedef int32_t mbedtls_ct_int_t; +#define MBEDTLS_CT_SIZE_32 +#define MBEDTLS_CT_TRUE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(UINT32_MAX)) #endif +#define MBEDTLS_CT_FALSE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(0)) -#include - - -/** Turn a value into a mask: - * - if \p value == 0, return the all-bits 0 mask, aka 0 - * - otherwise, return the all-bits 1 mask, aka (unsigned) -1 - * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. - * - * \param value The value to analyze. - * - * \return Zero if \p value is zero, otherwise all-bits-one. +/* ============================================================================ + * Boolean operations */ -unsigned mbedtls_ct_uint_mask(unsigned value); -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - -/** Turn a value into a mask: - * - if \p value == 0, return the all-bits 0 mask, aka 0 - * - otherwise, return the all-bits 1 mask, aka (size_t) -1 +/** Convert a number into a mbedtls_ct_condition_t. * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. + * \param x Number to convert. * - * \param value The value to analyze. + * \return MBEDTLS_CT_TRUE if \p x != 0, or MBEDTLS_CT_FALSE if \p x == 0 * - * \return Zero if \p value is zero, otherwise all-bits-one. */ -size_t mbedtls_ct_size_mask(size_t value); +static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x); -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ - -#if defined(MBEDTLS_BIGNUM_C) - -/** Turn a value into a mask: - * - if \p value == 0, return the all-bits 0 mask, aka 0 - * - otherwise, return the all-bits 1 mask, aka (mbedtls_mpi_uint) -1 +/** Boolean "not equal" operation. * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. + * Functionally equivalent to: * - * \param value The value to analyze. - * - * \return Zero if \p value is zero, otherwise all-bits-one. - */ -mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value); - -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC) - -/** Constant-flow mask generation for "greater or equal" comparison: - * - if \p x >= \p y, return all-bits 1, that is (size_t) -1 - * - otherwise, return all bits 0, that is 0 - * - * This function can be used to write constant-time code by replacing branches - * with bit operations using masks. + * \p x != \p y * * \param x The first value to analyze. * \param y The second value to analyze. * - * \return All-bits-one if \p x is greater or equal than \p y, - * otherwise zero. + * \return MBEDTLS_CT_TRUE if \p x != \p y, otherwise MBEDTLS_CT_FALSE. */ -size_t mbedtls_ct_size_mask_ge(size_t x, - size_t y); +static inline mbedtls_ct_condition_t mbedtls_ct_uint_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y); -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */ - -/** Constant-flow boolean "equal" comparison: - * return x == y +/** Boolean "equals" operation. * - * This is equivalent to \p x == \p y, but is likely to be compiled - * to code using bitwise operation rather than a branch. + * Functionally equivalent to: + * + * \p x == \p y * * \param x The first value to analyze. * \param y The second value to analyze. * - * \return 1 if \p x equals to \p y, otherwise 0. + * \return MBEDTLS_CT_TRUE if \p x == \p y, otherwise MBEDTLS_CT_FALSE. */ -unsigned mbedtls_ct_size_bool_eq(size_t x, - size_t y); +static inline mbedtls_ct_condition_t mbedtls_ct_uint_eq(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y); -#if defined(MBEDTLS_BIGNUM_C) - -/** Decide if an integer is less than the other, without branches. +/** Boolean "less than" operation. * - * This is equivalent to \p x < \p y, but is likely to be compiled - * to code using bitwise operation rather than a branch. + * Functionally equivalent to: + * + * \p x < \p y * * \param x The first value to analyze. * \param y The second value to analyze. * - * \return 1 if \p x is less than \p y, otherwise 0. + * \return MBEDTLS_CT_TRUE if \p x < \p y, otherwise MBEDTLS_CT_FALSE. */ -unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x, - const mbedtls_mpi_uint y); +static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y); -/** - * \brief Check if one unsigned MPI is less than another in constant - * time. +/** Boolean "greater than" operation. * - * \param A The left-hand MPI. This must point to an array of limbs - * with the same allocated length as \p B. - * \param B The right-hand MPI. This must point to an array of limbs - * with the same allocated length as \p A. - * \param limbs The number of limbs in \p A and \p B. - * This must not be 0. + * Functionally equivalent to: * - * \return The result of the comparison: - * \c 1 if \p A is less than \p B. - * \c 0 if \p A is greater than or equal to \p B. + * \p x > \p y + * + * \param x The first value to analyze. + * \param y The second value to analyze. + * + * \return MBEDTLS_CT_TRUE if \p x > \p y, otherwise MBEDTLS_CT_FALSE. */ -unsigned mbedtls_mpi_core_lt_ct(const mbedtls_mpi_uint *A, - const mbedtls_mpi_uint *B, - size_t limbs); -#endif /* MBEDTLS_BIGNUM_C */ +static inline mbedtls_ct_condition_t mbedtls_ct_uint_gt(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y); -/** Choose between two integer values without branches. +/** Boolean "greater or equal" operation. * - * This is equivalent to `condition ? if1 : if0`, but is likely to be compiled - * to code using bitwise operation rather than a branch. + * Functionally equivalent to: + * + * \p x >= \p y + * + * \param x The first value to analyze. + * \param y The second value to analyze. + * + * \return MBEDTLS_CT_TRUE if \p x >= \p y, + * otherwise MBEDTLS_CT_FALSE. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_uint_ge(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y); + +/** Boolean "less than or equal" operation. + * + * Functionally equivalent to: + * + * \p x <= \p y + * + * \param x The first value to analyze. + * \param y The second value to analyze. + * + * \return MBEDTLS_CT_TRUE if \p x <= \p y, + * otherwise MBEDTLS_CT_FALSE. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_uint_le(mbedtls_ct_uint_t x, + mbedtls_ct_uint_t y); + +/** Boolean not-equals operation. + * + * Functionally equivalent to: + * + * \p x != \p y + * + * \param x The first value to analyze. + * \param y The second value to analyze. + * + * \note This is more efficient than mbedtls_ct_uint_ne if both arguments are + * mbedtls_ct_condition_t. + * + * \return MBEDTLS_CT_TRUE if \p x != \p y, + * otherwise MBEDTLS_CT_FALSE. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_bool_ne(mbedtls_ct_condition_t x, + mbedtls_ct_condition_t y); + +/** Boolean "and" operation. + * + * Functionally equivalent to: + * + * \p x && \p y + * + * \param x The first value to analyze. + * \param y The second value to analyze. + * + * \return MBEDTLS_CT_TRUE if \p x && \p y, + * otherwise MBEDTLS_CT_FALSE. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_bool_and(mbedtls_ct_condition_t x, + mbedtls_ct_condition_t y); + +/** Boolean "or" operation. + * + * Functionally equivalent to: + * + * \p x || \p y + * + * \param x The first value to analyze. + * \param y The second value to analyze. + * + * \return MBEDTLS_CT_TRUE if \p x || \p y, + * otherwise MBEDTLS_CT_FALSE. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_bool_or(mbedtls_ct_condition_t x, + mbedtls_ct_condition_t y); + +/** Boolean "not" operation. + * + * Functionally equivalent to: + * + * ! \p x + * + * \param x The value to invert + * + * \return MBEDTLS_CT_FALSE if \p x, otherwise MBEDTLS_CT_TRUE. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_bool_not(mbedtls_ct_condition_t x); + + +/* ============================================================================ + * Data selection operations + */ + +/** Choose between two size_t values. + * + * Functionally equivalent to: + * + * condition ? if1 : if0. * * \param condition Condition to test. - * \param if1 Value to use if \p condition is nonzero. - * \param if0 Value to use if \p condition is zero. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * \param if0 Value to use if \p condition == MBEDTLS_CT_FALSE. * - * \return \c if1 if \p condition is nonzero, otherwise \c if0. + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0. */ -unsigned mbedtls_ct_uint_if(unsigned condition, - unsigned if1, - unsigned if0); +static inline size_t mbedtls_ct_size_if(mbedtls_ct_condition_t condition, + size_t if1, + size_t if0); + +/** Choose between two unsigned values. + * + * Functionally equivalent to: + * + * condition ? if1 : if0. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * \param if0 Value to use if \p condition == MBEDTLS_CT_FALSE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0. + */ +static inline unsigned mbedtls_ct_uint_if(mbedtls_ct_condition_t condition, + unsigned if1, + unsigned if0); + +/** Choose between two mbedtls_ct_condition_t values. + * + * Functionally equivalent to: + * + * condition ? if1 : if0. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * \param if0 Value to use if \p condition == MBEDTLS_CT_FALSE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0. + */ +static inline mbedtls_ct_condition_t mbedtls_ct_bool_if(mbedtls_ct_condition_t condition, + mbedtls_ct_condition_t if1, + mbedtls_ct_condition_t if0); #if defined(MBEDTLS_BIGNUM_C) -/** Conditionally assign a value without branches. +/** Choose between two mbedtls_mpi_uint values. * - * This is equivalent to `if ( condition ) dest = src`, but is likely - * to be compiled to code using bitwise operation rather than a branch. + * Functionally equivalent to: * - * \param n \p dest and \p src must be arrays of limbs of size n. - * \param dest The MPI to conditionally assign to. This must point - * to an initialized MPI. - * \param src The MPI to be assigned from. This must point to an - * initialized MPI. - * \param condition Condition to test, must be 0 or 1. + * condition ? if1 : if0. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * \param if0 Value to use if \p condition == MBEDTLS_CT_FALSE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0. */ -void mbedtls_ct_mpi_uint_cond_assign(size_t n, - mbedtls_mpi_uint *dest, - const mbedtls_mpi_uint *src, - unsigned char condition); +static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if(mbedtls_ct_condition_t condition, \ + mbedtls_mpi_uint if1, \ + mbedtls_mpi_uint if0); -#endif /* MBEDTLS_BIGNUM_C */ +#endif -#if defined(MBEDTLS_BASE64_C) - -/** Given a value in the range 0..63, return the corresponding Base64 digit. +/** Choose between an unsigned value and 0. * - * The implementation assumes that letters are consecutive (e.g. ASCII - * but not EBCDIC). + * Functionally equivalent to: * - * \param value A value in the range 0..63. + * condition ? if1 : 0. * - * \return A base64 digit converted from \p value. + * Functionally equivalent to mbedtls_ct_uint_if(condition, if1, 0) but + * results in smaller code size. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. */ -unsigned char mbedtls_ct_base64_enc_char(unsigned char value); +static inline unsigned mbedtls_ct_uint_if_else_0(mbedtls_ct_condition_t condition, unsigned if1); -/** Given a Base64 digit, return its value. +/** Choose between an mbedtls_ct_condition_t and 0. * - * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'), - * return -1. + * Functionally equivalent to: * - * The implementation assumes that letters are consecutive (e.g. ASCII - * but not EBCDIC). + * condition ? if1 : 0. * - * \param c A base64 digit. + * Functionally equivalent to mbedtls_ct_bool_if(condition, if1, 0) but + * results in smaller code size. * - * \return The value of the base64 digit \p c. + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. */ -signed char mbedtls_ct_base64_dec_value(unsigned char c); +static inline mbedtls_ct_condition_t mbedtls_ct_bool_if_else_0(mbedtls_ct_condition_t condition, + mbedtls_ct_condition_t if1); -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - -/** Conditional memcpy without branches. +/** Choose between a size_t value and 0. * - * This is equivalent to `if ( c1 == c2 ) memcpy(dest, src, len)`, but is likely - * to be compiled to code using bitwise operation rather than a branch. + * Functionally equivalent to: * - * \param dest The pointer to conditionally copy to. - * \param src The pointer to copy from. Shouldn't overlap with \p dest. - * \param len The number of bytes to copy. - * \param c1 The first value to analyze in the condition. - * \param c2 The second value to analyze in the condition. + * condition ? if1 : 0. + * + * Functionally equivalent to mbedtls_ct_size_if(condition, if1, 0) but + * results in smaller code size. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. */ -void mbedtls_ct_memcpy_if_eq(unsigned char *dest, - const unsigned char *src, - size_t len, - size_t c1, size_t c2); +static inline size_t mbedtls_ct_size_if_else_0(mbedtls_ct_condition_t condition, size_t if1); -/** Copy data from a secret position with constant flow. +#if defined(MBEDTLS_BIGNUM_C) + +/** Choose between an mbedtls_mpi_uint value and 0. * - * This function copies \p len bytes from \p src_base + \p offset_secret to \p - * dst, with a code flow and memory access pattern that does not depend on \p - * offset_secret, but only on \p offset_min, \p offset_max and \p len. - * Functionally equivalent to `memcpy(dst, src + offset_secret, len)`. + * Functionally equivalent to: + * + * condition ? if1 : 0. + * + * Functionally equivalent to mbedtls_ct_mpi_uint_if(condition, if1, 0) but + * results in smaller code size. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. + */ +static inline mbedtls_mpi_uint mbedtls_ct_mpi_uint_if_else_0(mbedtls_ct_condition_t condition, + mbedtls_mpi_uint if1); + +#endif + +/** Constant-flow char selection + * + * \param low Secret. Bottom of range + * \param high Secret. Top of range + * \param c Secret. Value to compare to range + * \param t Secret. Value to return, if in range + * + * \return \p t if \p low <= \p c <= \p high, 0 otherwise. + */ +static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low, + unsigned char high, + unsigned char c, + unsigned char t); + +/** Choose between two error values. The values must be in the range [-32767..0]. + * + * Functionally equivalent to: + * + * condition ? if1 : if0. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * \param if0 Value to use if \p condition == MBEDTLS_CT_FALSE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise \c if0. + */ +static inline int mbedtls_ct_error_if(mbedtls_ct_condition_t condition, int if1, int if0); + +/** Choose between an error value and 0. The error value must be in the range [-32767..0]. + * + * Functionally equivalent to: + * + * condition ? if1 : 0. + * + * Functionally equivalent to mbedtls_ct_error_if(condition, if1, 0) but + * results in smaller code size. + * + * \param condition Condition to test. + * \param if1 Value to use if \p condition == MBEDTLS_CT_TRUE. + * + * \return \c if1 if \p condition == MBEDTLS_CT_TRUE, otherwise 0. + */ +static inline int mbedtls_ct_error_if_else_0(mbedtls_ct_condition_t condition, int if1); + +/* ============================================================================ + * Block memory operations + */ + +#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) + +/** Conditionally set a block of memory to zero. + * + * Regardless of the condition, every byte will be read once and written to + * once. + * + * \param condition Secret. Condition to test. + * \param buf Secret. Pointer to the start of the buffer. + * \param len Number of bytes to set to zero. + * + * \warning Unlike mbedtls_platform_zeroize, this does not have the same guarantees + * about not being optimised away if the memory is never read again. + */ +void mbedtls_ct_zeroize_if(mbedtls_ct_condition_t condition, void *buf, size_t len); + +/** Shift some data towards the left inside a buffer. + * + * Functionally equivalent to: + * + * memmove(start, start + offset, total - offset); + * memset(start + (total - offset), 0, offset); + * + * Timing independence comes at the expense of performance. + * + * \param start Secret. Pointer to the start of the buffer. + * \param total Total size of the buffer. + * \param offset Secret. Offset from which to copy \p total - \p offset bytes. + */ +void mbedtls_ct_memmove_left(void *start, + size_t total, + size_t offset); + +#endif /* defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) */ + +/** Conditional memcpy. + * + * Functionally equivalent to: + * + * if (condition) { + * memcpy(dest, src1, len); + * } else { + * if (src2 != NULL) + * memcpy(dest, src2, len); + * } + * + * It will always read len bytes from src1. + * If src2 != NULL, it will always read len bytes from src2. + * If src2 == NULL, it will instead read len bytes from dest (as if src2 == dest). + * + * \param condition The condition + * \param dest Secret. Destination pointer. + * \param src1 Secret. Pointer to copy from (if \p condition == MBEDTLS_CT_TRUE). + * This may be equal to \p dest, but may not overlap in other ways. + * \param src2 Secret (contents only - may branch to determine if this parameter is NULL). + * Pointer to copy from (if \p condition == MBEDTLS_CT_FALSE and \p src2 is not NULL). May be NULL. + * This may be equal to \p dest, but may not overlap it in other ways. It may overlap with \p src1. + * \param len Number of bytes to copy. + */ +void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition, + unsigned char *dest, + const unsigned char *src1, + const unsigned char *src2, + size_t len + ); + +/** Copy data from a secret position. + * + * Functionally equivalent to: + * + * memcpy(dst, src + offset, len) + * + * This function copies \p len bytes from \p src + \p offset to + * \p dst, with a code flow and memory access pattern that does not depend on + * \p offset, but only on \p offset_min, \p offset_max and \p len. * * \note This function reads from \p dest, but the value that * is read does not influence the result and this @@ -246,12 +528,12 @@ void mbedtls_ct_memcpy_if_eq(unsigned char *dest, * positives from static or dynamic analyzers, especially * if \p dest is not initialized. * - * \param dest The destination buffer. This must point to a writable + * \param dest Secret. The destination buffer. This must point to a writable * buffer of at least \p len bytes. - * \param src The base of the source buffer. This must point to a + * \param src Secret. The base of the source buffer. This must point to a * readable buffer of at least \p offset_max + \p len - * bytes. Shouldn't overlap with \p dest. - * \param offset The offset in the source buffer from which to copy. + * bytes. Shouldn't overlap with \p dest + * \param offset Secret. The offset in the source buffer from which to copy. * This must be no less than \p offset_min and no greater * than \p offset_max. * \param offset_min The minimal value of \p offset. @@ -265,99 +547,45 @@ void mbedtls_ct_memcpy_offset(unsigned char *dest, size_t offset_max, size_t len); -/** Compute the HMAC of variable-length data with constant flow. - * - * This function computes the HMAC of the concatenation of \p add_data and \p - * data, and does with a code flow and memory access pattern that does not - * depend on \p data_len_secret, but only on \p min_data_len and \p - * max_data_len. In particular, this function always reads exactly \p - * max_data_len bytes from \p data. - * - * \param ctx The HMAC context. It must have keys configured - * with mbedtls_md_hmac_starts() and use one of the - * following hashes: SHA-384, SHA-256, SHA-1 or MD-5. - * It is reset using mbedtls_md_hmac_reset() after - * the computation is complete to prepare for the - * next computation. - * \param add_data The first part of the message whose HMAC is being - * calculated. This must point to a readable buffer - * of \p add_data_len bytes. - * \param add_data_len The length of \p add_data in bytes. - * \param data The buffer containing the second part of the - * message. This must point to a readable buffer - * of \p max_data_len bytes. - * \param data_len_secret The length of the data to process in \p data. - * This must be no less than \p min_data_len and no - * greater than \p max_data_len. - * \param min_data_len The minimal length of the second part of the - * message, read from \p data. - * \param max_data_len The maximal length of the second part of the - * message, read from \p data. - * \param output The HMAC will be written here. This must point to - * a writable buffer of sufficient size to hold the - * HMAC value. - * - * \retval 0 on success. - * \retval #MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED - * The hardware accelerator failed. +/* Documented in include/mbedtls/constant_time.h. a and b are secret. + + int mbedtls_ct_memcmp(const void *a, + const void *b, + size_t n); */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) -int mbedtls_ct_hmac(mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output); -#else -int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, - const unsigned char *add_data, - size_t add_data_len, - const unsigned char *data, - size_t data_len_secret, - size_t min_data_len, - size_t max_data_len, - unsigned char *output); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#if defined(MBEDTLS_NIST_KW_C) -#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) - -/** This function performs the unpadding part of a PKCS#1 v1.5 decryption - * operation (EME-PKCS1-v1_5 decoding). +/** Constant-time buffer comparison without branches. * - * \note The return value from this function is a sensitive value - * (this is unusual). #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE shouldn't happen - * in a well-written application, but 0 vs #MBEDTLS_ERR_RSA_INVALID_PADDING - * is often a situation that an attacker can provoke and leaking which - * one is the result is precisely the information the attacker wants. + * Similar to mbedtls_ct_memcmp, except that the result only depends on part of + * the input data - differences in the head or tail are ignored. Functionally equivalent to: * - * \param input The input buffer which is the payload inside PKCS#1v1.5 - * encryption padding, called the "encoded message EM" - * by the terminology. - * \param ilen The length of the payload in the \p input buffer. - * \param output The buffer for the payload, called "message M" by the - * PKCS#1 terminology. This must be a writable buffer of - * length \p output_max_len bytes. - * \param olen The address at which to store the length of - * the payload. This must not be \c NULL. - * \param output_max_len The length in bytes of the output buffer \p output. + * memcmp(a + skip_head, b + skip_head, size - skip_head - skip_tail) * - * \return \c 0 on success. - * \return #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE - * The output buffer is too small for the unpadded payload. - * \return #MBEDTLS_ERR_RSA_INVALID_PADDING - * The input doesn't contain properly formatted padding. + * Time taken depends on \p n, but not on \p skip_head or \p skip_tail . + * + * Behaviour is undefined if ( \p skip_head + \p skip_tail) > \p n. + * + * \param a Secret. Pointer to the first buffer, containing at least \p n bytes. May not be NULL. + * \param b Secret. Pointer to the second buffer, containing at least \p n bytes. May not be NULL. + * \param n The number of bytes to examine (total size of the buffers). + * \param skip_head Secret. The number of bytes to treat as non-significant at the start of the buffer. + * These bytes will still be read. + * \param skip_tail Secret. The number of bytes to treat as non-significant at the end of the buffer. + * These bytes will still be read. + * + * \return Zero if the contents of the two buffers are the same, otherwise non-zero. */ -int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input, - size_t ilen, - unsigned char *output, - size_t output_max_len, - size_t *olen); +int mbedtls_ct_memcmp_partial(const void *a, + const void *b, + size_t n, + size_t skip_head, + size_t skip_tail); -#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ +#endif + +/* Include the implementation of static inline functions above. */ +#include "constant_time_impl.h" #endif /* MBEDTLS_CONSTANT_TIME_INTERNAL_H */ diff --git a/library/constant_time_invasive.h b/library/constant_time_invasive.h deleted file mode 100644 index c176b28ff..000000000 --- a/library/constant_time_invasive.h +++ /dev/null @@ -1,51 +0,0 @@ -/** - * \file constant_time_invasive.h - * - * \brief Constant-time module: interfaces for invasive testing only. - * - * The interfaces in this file are intended for testing purposes only. - * They SHOULD NOT be made available in library integrations except when - * building the library for testing. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef MBEDTLS_CONSTANT_TIME_INVASIVE_H -#define MBEDTLS_CONSTANT_TIME_INVASIVE_H - -#include "common.h" - -#if defined(MBEDTLS_TEST_HOOKS) - -/** Turn a value into a mask: - * - if \p low <= \p c <= \p high, - * return the all-bits 1 mask, aka (unsigned) -1 - * - otherwise, return the all-bits 0 mask, aka 0 - * - * \param low The value to analyze. - * \param high The value to analyze. - * \param c The value to analyze. - * - * \return All-bits-one if \p low <= \p c <= \p high, otherwise zero. - */ -unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low, - unsigned char high, - unsigned char c); - -#endif /* MBEDTLS_TEST_HOOKS */ - -#endif /* MBEDTLS_CONSTANT_TIME_INVASIVE_H */ diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 13fa6d4eb..fdd753d1c 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -19,7 +19,7 @@ /* * The NIST SP 800-90 DRBGs are described in the following publication. * - * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf + * https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-90r.pdf */ #include "common.h" @@ -98,14 +98,13 @@ int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, if (len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) { return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; } -#if SIZE_MAX > INT_MAX + /* This shouldn't be an issue because * MBEDTLS_CTR_DRBG_MAX_SEED_INPUT < INT_MAX in any sensible * configuration, but make sure anyway. */ if (len > INT_MAX) { return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; } -#endif /* For backward compatibility with Mbed TLS <= 2.19, store the * entropy nonce length in a field that already exists, but isn't diff --git a/library/debug.c b/library/debug.c index 12559afe3..0983cb0fb 100644 --- a/library/debug.c +++ b/library/debug.c @@ -30,6 +30,7 @@ #include #include +/* DEBUG_BUF_SIZE must be at least 2 */ #define DEBUG_BUF_SIZE 512 static int debug_threshold = 0; @@ -69,6 +70,8 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, char str[DEBUG_BUF_SIZE]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + MBEDTLS_STATIC_ASSERT(DEBUG_BUF_SIZE >= 2, "DEBUG_BUF_SIZE too small"); + if (NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || @@ -80,10 +83,15 @@ void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, ret = mbedtls_vsnprintf(str, DEBUG_BUF_SIZE, format, argp); va_end(argp); - if (ret >= 0 && ret < DEBUG_BUF_SIZE - 1) { - str[ret] = '\n'; - str[ret + 1] = '\0'; + if (ret < 0) { + ret = 0; + } else { + if (ret >= DEBUG_BUF_SIZE - 1) { + ret = DEBUG_BUF_SIZE - 2; + } } + str[ret] = '\n'; + str[ret + 1] = '\0'; debug_send_line(ssl, level, file, line, str); } @@ -136,7 +144,6 @@ void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, debug_send_line(ssl, level, file, line, str); - idx = 0; memset(txt, 0, sizeof(txt)); for (i = 0; i < len; i++) { if (i >= 4096) { @@ -172,7 +179,7 @@ void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, } } -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, const char *file, int line, const char *text, const mbedtls_ecp_point *X) @@ -192,7 +199,79 @@ void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, mbedtls_snprintf(str, sizeof(str), "%s(Y)", text); mbedtls_debug_print_mpi(ssl, level, file, line, str, &X->Y); } -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_ECP_LIGHT */ + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +static void mbedtls_debug_print_ec_coord(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len) +{ + char str[DEBUG_BUF_SIZE]; + size_t i, idx = 0; + + mbedtls_snprintf(str + idx, sizeof(str) - idx, "value of '%s' (%u bits) is:\n", + text, (unsigned int) len * 8); + + debug_send_line(ssl, level, file, line, str); + + for (i = 0; i < len; i++) { + if (i >= 4096) { + break; + } + + if (i % 16 == 0) { + if (i > 0) { + mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n"); + debug_send_line(ssl, level, file, line, str); + + idx = 0; + } + } + + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " %02x", + (unsigned int) buf[i]); + } + + if (len > 0) { + for (/* i = i */; i % 16 != 0; i++) { + idx += mbedtls_snprintf(str + idx, sizeof(str) - idx, " "); + } + + mbedtls_snprintf(str + idx, sizeof(str) - idx, "\n"); + debug_send_line(ssl, level, file, line, str); + } +} + +void mbedtls_debug_print_psa_ec(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_pk_context *pk) +{ + char str[DEBUG_BUF_SIZE]; + const uint8_t *coord_start; + size_t coord_len; + + if (NULL == ssl || + NULL == ssl->conf || + NULL == ssl->conf->f_dbg || + level > debug_threshold) { + return; + } + + /* For the description of pk->pk_raw content please refer to the description + * psa_export_public_key() function. */ + coord_len = (pk->pub_raw_len - 1)/2; + + /* X coordinate */ + coord_start = pk->pub_raw + 1; + mbedtls_snprintf(str, sizeof(str), "%s(X)", text); + mbedtls_debug_print_ec_coord(ssl, level, file, line, str, coord_start, coord_len); + + /* Y coordinate */ + coord_start = coord_start + coord_len; + mbedtls_snprintf(str, sizeof(str), "%s(Y)", text); + mbedtls_debug_print_ec_coord(ssl, level, file, line, str, coord_start, coord_len); +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ #if defined(MBEDTLS_BIGNUM_C) void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, @@ -270,14 +349,21 @@ static void debug_print_pk(const mbedtls_ssl_context *ssl, int level, mbedtls_snprintf(name, sizeof(name), "%s%s", text, items[i].name); name[sizeof(name) - 1] = '\0'; +#if defined(MBEDTLS_RSA_C) if (items[i].type == MBEDTLS_PK_DEBUG_MPI) { mbedtls_debug_print_mpi(ssl, level, file, line, name, items[i].value); } else -#if defined(MBEDTLS_ECP_C) +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_ECP_LIGHT) if (items[i].type == MBEDTLS_PK_DEBUG_ECP) { mbedtls_debug_print_ecp(ssl, level, file, line, name, items[i].value); } else -#endif +#endif /* MBEDTLS_ECP_LIGHT */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + if (items[i].type == MBEDTLS_PK_DEBUG_PSA_EC) { + mbedtls_debug_print_psa_ec(ssl, level, file, line, name, items[i].value); + } else +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ { debug_send_line(ssl, level, file, line, "should not happen\n"); } } @@ -338,7 +424,8 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */ -#if defined(MBEDTLS_ECDH_C) +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \ + defined(MBEDTLS_ECDH_C) static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl, int level, const char *file, int line, @@ -384,6 +471,7 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, } #endif } -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED && + MBEDTLS_ECDH_C */ #endif /* MBEDTLS_DEBUG_C */ diff --git a/library/dhm.c b/library/dhm.c index 94137a264..174137d54 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -617,8 +617,7 @@ static int load_file(const char *path, unsigned char **buf, size_t *n) if (fread(*buf, 1, *n, f) != *n) { fclose(f); - mbedtls_platform_zeroize(*buf, *n + 1); - mbedtls_free(*buf); + mbedtls_zeroize_and_free(*buf, *n + 1); return MBEDTLS_ERR_DHM_FILE_IO_ERROR; } @@ -649,8 +648,7 @@ int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path) ret = mbedtls_dhm_parse_dhm(dhm, buf, n); - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } diff --git a/library/ecdh.c b/library/ecdh.c index b529af59c..58ef881f0 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -20,7 +20,7 @@ /* * References: * - * SEC1 http://www.secg.org/index.php?action=secg,docs_secg + * SEC1 https://www.secg.org/sec1-v2.pdf * RFC 4492 */ diff --git a/library/ecdsa.c b/library/ecdsa.c index 3ddb82b1e..6e55f2205 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -20,7 +20,7 @@ /* * References: * - * SEC1 http://www.secg.org/index.php?action=secg,docs_secg + * SEC1 https://www.secg.org/sec1-v2.pdf */ #include "common.h" @@ -234,18 +234,31 @@ cleanup: } #endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */ +int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) +{ + switch (gid) { +#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED + case MBEDTLS_ECP_DP_CURVE25519: return 0; +#endif +#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED + case MBEDTLS_ECP_DP_CURVE448: return 0; +#endif + default: return 1; + } +} + #if !defined(MBEDTLS_ECDSA_SIGN_ALT) /* * Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) */ -static int ecdsa_sign_restartable(mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx) +int mbedtls_ecdsa_sign_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret, key_tries, sign_tries; int *p_sign_tries = &sign_tries, *p_key_tries = &key_tries; @@ -360,7 +373,7 @@ modn: #if defined(MBEDTLS_ECP_RESTARTABLE) if (rs_ctx != NULL && rs_ctx->sig != NULL) { - mbedtls_mpi_copy(r, pr); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(r, pr)); } #endif @@ -373,19 +386,6 @@ cleanup: return ret; } -int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) -{ - switch (gid) { -#ifdef MBEDTLS_ECP_DP_CURVE25519_ENABLED - case MBEDTLS_ECP_DP_CURVE25519: return 0; -#endif -#ifdef MBEDTLS_ECP_DP_CURVE448_ENABLED - case MBEDTLS_ECP_DP_CURVE448: return 0; -#endif - default: return 1; - } -} - /* * Compute ECDSA signature of a hashed message */ @@ -394,8 +394,8 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { /* Use the same RNG for both blinding and ephemeral key generation */ - return ecdsa_sign_restartable(grp, r, s, d, buf, blen, - f_rng, p_rng, f_rng, p_rng, NULL); + return mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, + f_rng, p_rng, f_rng, p_rng, NULL); } #endif /* !MBEDTLS_ECDSA_SIGN_ALT */ @@ -406,13 +406,13 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, * note: The f_rng_blind parameter must not be NULL. * */ -static int ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, - mbedtls_mpi *r, mbedtls_mpi *s, - const mbedtls_mpi *d, const unsigned char *buf, size_t blen, - mbedtls_md_type_t md_alg, - int (*f_rng_blind)(void *, unsigned char *, size_t), - void *p_rng_blind, - mbedtls_ecdsa_restart_ctx *rs_ctx) +int mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, + mbedtls_mpi *r, mbedtls_mpi *s, + const mbedtls_mpi *d, const unsigned char *buf, size_t blen, + mbedtls_md_type_t md_alg, + int (*f_rng_blind)(void *, unsigned char *, size_t), + void *p_rng_blind, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_hmac_drbg_context rng_ctx; @@ -447,7 +447,7 @@ static int ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len)); MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen)); MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len)); - mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len); + MBEDTLS_MPI_CHK(mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len)); #if defined(MBEDTLS_ECP_RESTARTABLE) if (rs_ctx != NULL && rs_ctx->det != NULL) { @@ -462,9 +462,9 @@ sign: ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng); #else - ret = ecdsa_sign_restartable(grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng, - f_rng_blind, p_rng_blind, rs_ctx); + ret = mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, + mbedtls_hmac_drbg_random, p_rng, + f_rng_blind, p_rng_blind, rs_ctx); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: @@ -487,8 +487,8 @@ int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, size_t), void *p_rng_blind) { - return ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, - f_rng_blind, p_rng_blind, NULL); + return mbedtls_ecdsa_sign_det_restartable(grp, r, s, d, buf, blen, md_alg, + f_rng_blind, p_rng_blind, NULL); } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -497,11 +497,12 @@ int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, * Verify ECDSA signature of hashed message (SEC1 4.1.4) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) */ -static int ecdsa_verify_restartable(mbedtls_ecp_group *grp, - const unsigned char *buf, size_t blen, - const mbedtls_ecp_point *Q, - const mbedtls_mpi *r, const mbedtls_mpi *s, - mbedtls_ecdsa_restart_ctx *rs_ctx) +int mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp, + const unsigned char *buf, size_t blen, + const mbedtls_ecp_point *Q, + const mbedtls_mpi *r, + const mbedtls_mpi *s, + mbedtls_ecdsa_restart_ctx *rs_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi e, s_inv, u1, u2; @@ -610,7 +611,7 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, const mbedtls_mpi *r, const mbedtls_mpi *s) { - return ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); + return mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); } #endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ @@ -665,9 +666,9 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, mbedtls_mpi_init(&s); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - MBEDTLS_MPI_CHK(ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d, - hash, hlen, md_alg, f_rng, - p_rng, rs_ctx)); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, md_alg, f_rng, + p_rng, rs_ctx)); #else (void) md_alg; @@ -678,9 +679,9 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, hash, hlen, f_rng, p_rng)); #else /* Use the same RNG for both blinding and ephemeral key generation */ - MBEDTLS_MPI_CHK(ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng, f_rng, - p_rng, rs_ctx)); + MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, + hash, hlen, f_rng, p_rng, f_rng, + p_rng, rs_ctx)); #endif /* MBEDTLS_ECDSA_SIGN_ALT */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ @@ -760,8 +761,8 @@ int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, goto cleanup; } #else - if ((ret = ecdsa_verify_restartable(&ctx->grp, hash, hlen, - &ctx->Q, &r, &s, rs_ctx)) != 0) { + if ((ret = mbedtls_ecdsa_verify_restartable(&ctx->grp, hash, hlen, + &ctx->Q, &r, &s, rs_ctx)) != 0) { goto cleanup; } #endif /* MBEDTLS_ECDSA_VERIFY_ALT */ diff --git a/library/ecjpake.c b/library/ecjpake.c index 1a683d569..6355b5ea5 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -30,15 +30,6 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -/* We use MD first if it's available (for compatibility reasons) - * and "fall back" to PSA otherwise (which needs psa_crypto_init()). */ -#if !defined(MBEDTLS_MD_C) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif /* !MBEDTLS_MD_C */ - -#include "hash_info.h" - #include #if !defined(MBEDTLS_ECJPAKE_ALT) @@ -61,19 +52,8 @@ static int mbedtls_ecjpake_compute_hash(mbedtls_md_type_t md_type, const unsigned char *input, size_t ilen, unsigned char *output) { -#if defined(MBEDTLS_MD_C) return mbedtls_md(mbedtls_md_info_from_type(md_type), input, ilen, output); -#else - psa_algorithm_t alg = mbedtls_psa_translate_md(md_type); - psa_status_t status; - size_t out_size = PSA_HASH_LENGTH(alg); - size_t out_len; - - status = psa_hash_compute(alg, input, ilen, output, out_size, &out_len); - - return mbedtls_md_error_from_psa(status); -#endif /* !MBEDTLS_MD_C */ } /* @@ -137,15 +117,9 @@ int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, ctx->role = role; -#if defined(MBEDTLS_MD_C) if ((mbedtls_md_info_from_type(hash)) == NULL) { return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; } -#else - if (mbedtls_psa_translate_md(hash) == MBEDTLS_MD_NONE) { - return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; - } -#endif ctx->md_type = hash; @@ -241,7 +215,7 @@ static int ecjpake_hash(const mbedtls_md_type_t md_type, unsigned char *p = buf; const unsigned char *end = buf + sizeof(buf); const size_t id_len = strlen(id); - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; /* Write things to temporary buffer */ MBEDTLS_MPI_CHK(ecjpake_write_len_point(&p, end, grp, pf, G)); @@ -268,7 +242,7 @@ static int ecjpake_hash(const mbedtls_md_type_t md_type, /* Turn it into an integer mod n */ MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash, - mbedtls_hash_info_get_size(md_type))); + mbedtls_md_get_size_from_type(md_type))); MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(h, h, &grp->N)); cleanup: @@ -804,7 +778,7 @@ int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, unsigned char kx[MBEDTLS_ECP_MAX_BYTES]; size_t x_bytes; - *olen = mbedtls_hash_info_get_size(ctx->md_type); + *olen = mbedtls_md_get_size_from_type(ctx->md_type); if (len < *olen) { return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; } @@ -865,7 +839,7 @@ cleanup: #include "mbedtls/platform.h" #if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - !defined(MBEDTLS_SHA256_C) + !defined(MBEDTLS_MD_CAN_SHA256) int mbedtls_ecjpake_self_test(int verbose) { (void) verbose; @@ -1157,7 +1131,7 @@ int mbedtls_ecjpake_self_test(int verbose) #if !defined(MBEDTLS_ECJPAKE_ALT) /* 'reference handshake' tests can only be run against implementations * for which we have 100% control over how the random ephemeral keys - * are generated. This is only the case for the internal mbed TLS + * are generated. This is only the case for the internal Mbed TLS * implementation, so these tests are skipped in case the internal * implementation is swapped out for an alternative one. */ if (verbose != 0) { @@ -1247,7 +1221,7 @@ cleanup: #undef TEST_ASSERT -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/ecp.c b/library/ecp.c index d9d5425ed..5f2a7b0c0 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -20,13 +20,15 @@ /* * References: * - * SEC1 http://www.secg.org/index.php?action=secg,docs_secg + * SEC1 https://www.secg.org/sec1-v2.pdf * GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf * RFC 4492 for the related TLS structures and constants + * - https://www.rfc-editor.org/rfc/rfc4492 * RFC 7748 for the Curve448 and Curve25519 curve definitions + * - https://www.rfc-editor.org/rfc/rfc7748 * - * [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf + * [Curve25519] https://cr.yp.to/ecdh/curve25519-20060209.pdf * * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis * for elliptic curve cryptosystems. In : Cryptographic Hardware and @@ -70,7 +72,7 @@ #if defined(MBEDTLS_ECP_INTERNAL_ALT) #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) #include "mbedtls/ecp.h" #include "mbedtls/threading.h" @@ -93,7 +95,10 @@ * Counts of point addition and doubling, and field multiplications. * Used to test resistance of point multiplication to simple timing attacks. */ -static unsigned long add_count, dbl_count, mul_count; +#if defined(MBEDTLS_ECP_C) +static unsigned long add_count, dbl_count; +#endif /* MBEDTLS_ECP_C */ +static unsigned long mul_count; #endif #if defined(MBEDTLS_ECP_RESTARTABLE) @@ -320,6 +325,7 @@ int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp, #endif /* MBEDTLS_ECP_RESTARTABLE */ +#if defined(MBEDTLS_ECP_C) static void mpi_init_many(mbedtls_mpi *arr, size_t size) { while (size--) { @@ -333,6 +339,7 @@ static void mpi_free_many(mbedtls_mpi *arr, size_t size) mbedtls_mpi_free(arr++); } } +#endif /* MBEDTLS_ECP_C */ /* * List of supported curves: @@ -582,11 +589,14 @@ void mbedtls_ecp_group_free(mbedtls_ecp_group *grp) } if (grp->h != 1) { - mbedtls_mpi_free(&grp->P); mbedtls_mpi_free(&grp->A); mbedtls_mpi_free(&grp->B); mbedtls_ecp_point_free(&grp->G); + +#if !defined(MBEDTLS_ECP_WITH_MPI_UINT) mbedtls_mpi_free(&grp->N); + mbedtls_mpi_free(&grp->P); +#endif } if (!ecp_group_is_static_comb_table(grp) && grp->T != NULL) { @@ -948,9 +958,8 @@ int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp, /* * Next two bytes are the namedcurve value */ - tls_id = *(*buf)++; - tls_id <<= 8; - tls_id |= *(*buf)++; + tls_id = MBEDTLS_GET_UINT16_BE(*buf, 0); + *buf += 2; if ((curve_info = mbedtls_ecp_curve_info_from_tls_id(tls_id)) == NULL) { return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; @@ -1245,7 +1254,7 @@ static int ecp_sw_rhs(const mbedtls_ecp_group *grp, MPI_ECP_SQR(rhs, X); /* Special case for A = -3 */ - if (grp->A.p == NULL) { + if (mbedtls_ecp_group_a_is_minus_3(grp)) { MPI_ECP_SUB_INT(rhs, rhs, 3); } else { MPI_ECP_ADD(rhs, rhs, &grp->A); @@ -1308,7 +1317,10 @@ cleanup: mbedtls_mpi_free(&exp); return ret; } +#endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ +#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* * For curves in short Weierstrass form, we do all the internal operations in * Jacobian coordinates. @@ -1513,7 +1525,7 @@ static int ecp_double_jac(const mbedtls_ecp_group *grp, mbedtls_ecp_point *R, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Special case for A = -3 */ - if (grp->A.p == NULL) { + if (mbedtls_ecp_group_a_is_minus_3(grp)) { /* tmp[0] <- M = 3(X + Z^2)(X - Z^2) */ MPI_ECP_SQR(&tmp[1], &P->Z); MPI_ECP_ADD(&tmp[2], &P->X, &tmp[1]); @@ -2725,6 +2737,7 @@ int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, { return mbedtls_ecp_mul_restartable(grp, R, m, P, f_rng, p_rng, NULL); } +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* @@ -2765,6 +2778,7 @@ cleanup: } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ +#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) /* * R = m * P with shortcuts for m == 0, m == 1 and m == -1 @@ -2916,12 +2930,13 @@ int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, return mbedtls_ecp_muladd_restartable(grp, R, m, P, n, Q, NULL); } #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) -#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) } +#define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) } #define ECP_MPI_INIT_ARRAY(x) \ - ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) + ECP_MPI_INIT(x, sizeof(x) / sizeof(mbedtls_mpi_uint)) /* * Constants for the two points other than 0, 1, -1 (mod p) in * https://cr.yp.to/ecdh.html#validate @@ -3161,6 +3176,7 @@ int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp, return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } +#if defined(MBEDTLS_ECP_C) /* * Generate a keypair with configurable base point */ @@ -3202,6 +3218,7 @@ int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, return mbedtls_ecp_gen_keypair(&key->grp, &key->d, &key->Q, f_rng, p_rng); } +#endif /* MBEDTLS_ECP_C */ #define ECP_CURVE25519_KEY_SIZE 32 #define ECP_CURVE448_KEY_SIZE 56 @@ -3265,16 +3282,14 @@ int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, ); } } - #endif #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) if (mbedtls_ecp_get_type(&key->grp) == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS) { MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&key->d, buf, buflen)); - - MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); } - #endif + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); + cleanup: if (ret != 0) { @@ -3318,7 +3333,7 @@ cleanup: return ret; } - +#if defined(MBEDTLS_ECP_C) /* * Check a public-private key pair */ @@ -3359,6 +3374,7 @@ cleanup: return ret; } +#endif /* MBEDTLS_ECP_C */ /* * Export generic key-pair parameters. @@ -3385,6 +3401,7 @@ int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, #if defined(MBEDTLS_SELF_TEST) +#if defined(MBEDTLS_ECP_C) /* * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!! * @@ -3492,12 +3509,14 @@ cleanup: } return ret; } +#endif /* MBEDTLS_ECP_C */ /* * Checkup routine */ int mbedtls_ecp_self_test(int verbose) { +#if defined(MBEDTLS_ECP_C) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; mbedtls_ecp_point R, P; @@ -3611,10 +3630,14 @@ cleanup: } return ret; +#else /* MBEDTLS_ECP_C */ + (void) verbose; + return 0; +#endif /* MBEDTLS_ECP_C */ } #endif /* MBEDTLS_SELF_TEST */ #endif /* !MBEDTLS_ECP_ALT */ -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_ECP_LIGHT */ diff --git a/library/ecp_curves.c b/library/ecp_curves.c index e62dcea65..7b850e5e8 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -19,7 +19,9 @@ #include "common.h" -#if defined(MBEDTLS_ECP_C) +#if !defined(MBEDTLS_ECP_WITH_MPI_UINT) + +#if defined(MBEDTLS_ECP_LIGHT) #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" @@ -39,15 +41,15 @@ #define ECP_VALIDATE(cond) \ MBEDTLS_INTERNAL_VALIDATE(cond) -#define ECP_MPI_INIT(s, n, p) { s, (n), (mbedtls_mpi_uint *) (p) } +#define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) } #define ECP_MPI_INIT_ARRAY(x) \ - ECP_MPI_INIT(1, sizeof(x) / sizeof(mbedtls_mpi_uint), x) + ECP_MPI_INIT(x, sizeof(x) / sizeof(mbedtls_mpi_uint)) #define ECP_POINT_INIT_XY_Z0(x, y) { \ - ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(1, 0, NULL) } + ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(NULL, 0) } #define ECP_POINT_INIT_XY_Z1(x, y) { \ - ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(1, 1, mpi_one) } + ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(mpi_one, 1) } #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ @@ -4505,12 +4507,12 @@ static const mbedtls_ecp_point brainpoolP512r1_T[32] = { #if defined(ECP_LOAD_GROUP) /* * Create an MPI from embedded constants - * (assumes len is an exact multiple of sizeof mbedtls_mpi_uint) + * (assumes len is an exact multiple of sizeof(mbedtls_mpi_uint)) */ static inline void ecp_mpi_load(mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len) { X->s = 1; - X->n = len / sizeof(mbedtls_mpi_uint); + X->n = (unsigned short) (len / sizeof(mbedtls_mpi_uint)); X->p = (mbedtls_mpi_uint *) p; } @@ -4995,8 +4997,7 @@ static inline void sub32(uint32_t *dst, uint32_t src, signed char *carry) * If the result is negative, we get it in the form * c * 2^bits + N, with c negative and N positive shorter than 'bits' */ -MBEDTLS_STATIC_TESTABLE -void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits) +static void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits) { size_t i; @@ -5247,8 +5248,9 @@ static int ecp_mod_p255(mbedtls_mpi *N) /* Number of limbs fully occupied by 2^224 (max), and limbs used by it (min) */ #define DIV_ROUND_UP(X, Y) (((X) + (Y) -1) / (Y)) -#define P224_WIDTH_MIN (28 / sizeof(mbedtls_mpi_uint)) -#define P224_WIDTH_MAX DIV_ROUND_UP(28, sizeof(mbedtls_mpi_uint)) +#define P224_SIZE (224 / 8) +#define P224_WIDTH_MIN (P224_SIZE / sizeof(mbedtls_mpi_uint)) +#define P224_WIDTH_MAX DIV_ROUND_UP(P224_SIZE, sizeof(mbedtls_mpi_uint)) #define P224_UNUSED_BITS ((P224_WIDTH_MAX * sizeof(mbedtls_mpi_uint) * 8) - 224) /* @@ -5350,11 +5352,11 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p M.p = Mp; /* M = A1 */ - M.n = N->n - (p_limbs - adjust); + M.n = (unsigned short) (N->n - (p_limbs - adjust)); if (M.n > p_limbs + adjust) { - M.n = p_limbs + adjust; + M.n = (unsigned short) (p_limbs + adjust); } - memset(Mp, 0, sizeof Mp); + memset(Mp, 0, sizeof(Mp)); memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint)); if (shift != 0) { MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift)); @@ -5376,11 +5378,11 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p /* Second pass */ /* M = A1 */ - M.n = N->n - (p_limbs - adjust); + M.n = (unsigned short) (N->n - (p_limbs - adjust)); if (M.n > p_limbs + adjust) { - M.n = p_limbs + adjust; + M.n = (unsigned short) (p_limbs + adjust); } - memset(Mp, 0, sizeof Mp); + memset(Mp, 0, sizeof(Mp)); memcpy(Mp, N->p + p_limbs - adjust, M.n * sizeof(mbedtls_mpi_uint)); if (shift != 0) { MBEDTLS_MPI_CHK(mbedtls_mpi_shift_r(&M, shift)); @@ -5409,7 +5411,7 @@ cleanup: #if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) /* * Fast quasi-reduction modulo p192k1 = 2^192 - R, - * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119 + * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x01000011C9 */ static int ecp_mod_p192k1(mbedtls_mpi *N) { @@ -5461,6 +5463,17 @@ static int ecp_mod_p256k1(mbedtls_mpi *N) } #endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ +#if defined(MBEDTLS_TEST_HOOKS) + +MBEDTLS_STATIC_TESTABLE +mbedtls_ecp_variant mbedtls_ecp_get_variant(void) +{ + return MBEDTLS_ECP_VARIANT_WITH_MPI_STRUCT; +} + +#endif /* MBEDTLS_TEST_HOOKS */ + #endif /* !MBEDTLS_ECP_ALT */ -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_ECP_LIGHT */ +#endif /* MBEDTLS_ECP_WITH_MPI_UINT */ diff --git a/library/ecp_curves_new.c b/library/ecp_curves_new.c new file mode 100644 index 000000000..d431dcf24 --- /dev/null +++ b/library/ecp_curves_new.c @@ -0,0 +1,6055 @@ +/* + * Elliptic curves over GF(p): curve-specific data and functions + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#if defined(MBEDTLS_ECP_WITH_MPI_UINT) + +#if defined(MBEDTLS_ECP_LIGHT) + +#include "mbedtls/ecp.h" +#include "mbedtls/platform.h" +#include "mbedtls/platform_util.h" +#include "mbedtls/error.h" + +#include "mbedtls/platform.h" + +#include "constant_time_internal.h" + +#include "bn_mul.h" +#include "bignum_core.h" +#include "ecp_invasive.h" + +#include + +#if !defined(MBEDTLS_ECP_ALT) + +/* Parameter validation macros based on platform_util.h */ +#define ECP_VALIDATE_RET(cond) \ + MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) +#define ECP_VALIDATE(cond) \ + MBEDTLS_INTERNAL_VALIDATE(cond) + +#define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) } + +#define ECP_MPI_INIT_ARRAY(x) \ + ECP_MPI_INIT(x, sizeof(x) / sizeof(mbedtls_mpi_uint)) + +#define ECP_POINT_INIT_XY_Z0(x, y) { \ + ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(NULL, 0) } +#define ECP_POINT_INIT_XY_Z1(x, y) { \ + ECP_MPI_INIT_ARRAY(x), ECP_MPI_INIT_ARRAY(y), ECP_MPI_INIT(mpi_one, 1) } + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +/* For these curves, we build the group parameters dynamically. */ +#define ECP_LOAD_GROUP +static mbedtls_mpi_uint mpi_one[] = { 1 }; +#endif + +/* + * Note: the constants are in little-endian order + * to be directly usable in MPIs + */ + +/* + * Domain parameters for secp192r1 + */ +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +static const mbedtls_mpi_uint secp192r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; +static const mbedtls_mpi_uint secp192r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64), +}; +static const mbedtls_mpi_uint secp192r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18), +}; +static const mbedtls_mpi_uint secp192r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07), +}; +static const mbedtls_mpi_uint secp192r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp192r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18), +}; +static const mbedtls_mpi_uint secp192r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07), +}; +static const mbedtls_mpi_uint secp192r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x9E, 0xE3, 0x60, 0x59, 0xD1, 0xC4, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0xBD, 0x22, 0xD7, 0x2D, 0x07, 0xBD, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x2A, 0xCF, 0x33, 0xF0, 0xBE, 0xD1, 0xED), +}; +static const mbedtls_mpi_uint secp192r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x71, 0x4B, 0xA8, 0xED, 0x7E, 0xC9, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x2A, 0xF6, 0xDF, 0x0E, 0xE8, 0x4C, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x35, 0xF7, 0x8A, 0xC3, 0xEC, 0xDE, 0x1E), +}; +static const mbedtls_mpi_uint secp192r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x67, 0xC2, 0x1D, 0x32, 0x8F, 0x10, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x2D, 0x17, 0xF3, 0xE4, 0xFE, 0xD8, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x45, 0x10, 0x70, 0x2C, 0x3E, 0x52, 0x3E), +}; +static const mbedtls_mpi_uint secp192r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0xF1, 0x04, 0x5D, 0xEE, 0xD4, 0x56, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xB7, 0x38, 0x27, 0x61, 0xAA, 0x81, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x37, 0xD7, 0x0E, 0x29, 0x0E, 0x11, 0x14), +}; +static const mbedtls_mpi_uint secp192r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x35, 0x52, 0xC6, 0x31, 0xB7, 0x27, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xD4, 0x15, 0x98, 0x0F, 0xE7, 0xF3, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x31, 0x70, 0x35, 0x09, 0xA0, 0x2B, 0xC2), +}; +static const mbedtls_mpi_uint secp192r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x75, 0xA7, 0x4C, 0x88, 0xCF, 0x5B, 0xE4), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x17, 0x48, 0x8D, 0xF2, 0xF0, 0x86, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0xCF, 0xFE, 0x6B, 0xB0, 0xA5, 0x06, 0xAB), +}; +static const mbedtls_mpi_uint secp192r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0x6A, 0xDC, 0x9A, 0x6D, 0x7B, 0x47, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0xFC, 0x51, 0x12, 0x62, 0x66, 0x0B, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x40, 0x93, 0xA0, 0xB5, 0x5A, 0x58, 0xD7), +}; +static const mbedtls_mpi_uint secp192r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0xCB, 0xAF, 0xDC, 0x0B, 0xA1, 0x26, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x36, 0x9D, 0xA3, 0xD7, 0x3B, 0xAD, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x3B, 0x05, 0x9A, 0xA8, 0xAA, 0x69, 0xB2), +}; +static const mbedtls_mpi_uint secp192r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xD9, 0xD1, 0x4D, 0x4A, 0x6E, 0x96, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x66, 0x32, 0x39, 0xC6, 0x57, 0x7D, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0xA0, 0x36, 0xC2, 0x45, 0xF9, 0x00, 0x62), +}; +static const mbedtls_mpi_uint secp192r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xEF, 0x59, 0x46, 0xDC, 0x60, 0xD9, 0x8F), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0xB0, 0xE9, 0x41, 0xA4, 0x87, 0x76, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0xD4, 0x0E, 0xB2, 0xFA, 0x16, 0x56, 0xDC), +}; +static const mbedtls_mpi_uint secp192r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0x62, 0xD2, 0xB1, 0x34, 0xB2, 0xF1, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0xED, 0x55, 0xC5, 0x47, 0xB5, 0x07, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xF6, 0x2F, 0x94, 0xC3, 0xDD, 0x54, 0x2F), +}; +static const mbedtls_mpi_uint secp192r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xA6, 0xD4, 0x8C, 0xA9, 0xCE, 0x4D, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x4B, 0x46, 0xCC, 0xB2, 0x55, 0xC8, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0xAE, 0x31, 0xED, 0x89, 0x65, 0x59, 0x55), +}; +static const mbedtls_mpi_uint secp192r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x0A, 0xD1, 0x1A, 0xC5, 0xF6, 0xEA, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0xFC, 0x0C, 0x1A, 0xFB, 0xA0, 0xC8, 0x70), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xFD, 0x53, 0x6F, 0x6D, 0xBF, 0xBA, 0xAF), +}; +static const mbedtls_mpi_uint secp192r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0xB0, 0x7D, 0x83, 0x96, 0xE3, 0xCB, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x6E, 0x55, 0x2C, 0x20, 0x53, 0x2F, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0x66, 0x00, 0x17, 0x08, 0xFE, 0xAC, 0x31), +}; +static const mbedtls_mpi_uint secp192r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x12, 0x97, 0x3A, 0xC7, 0x57, 0x45, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x25, 0x99, 0x00, 0xF6, 0x97, 0xB4, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x74, 0xE6, 0xE6, 0xA3, 0xDF, 0x9C, 0xCC), +}; +static const mbedtls_mpi_uint secp192r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0xF4, 0x76, 0xD5, 0x5F, 0x2A, 0xFD, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x80, 0x7E, 0x3E, 0xE5, 0xE8, 0xD6, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0xAD, 0x1E, 0x70, 0x79, 0x3E, 0x3D, 0x83), +}; +static const mbedtls_mpi_uint secp192r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x15, 0xBB, 0xB3, 0x42, 0x6A, 0xA1, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x58, 0xCB, 0x43, 0x25, 0x00, 0x14, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x4E, 0x93, 0x11, 0xE0, 0x32, 0x54, 0x98), +}; +static const mbedtls_mpi_uint secp192r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x52, 0xA2, 0xB4, 0x57, 0x32, 0xB9, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x43, 0xA1, 0xB1, 0xFB, 0x01, 0xE1, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xFB, 0x5A, 0x11, 0xB8, 0xC2, 0x03, 0xE5), +}; +static const mbedtls_mpi_uint secp192r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x2B, 0x71, 0x26, 0x4E, 0x7C, 0xC5, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0xF5, 0xD3, 0xA8, 0xE4, 0x95, 0x48, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0xAE, 0xD9, 0x5D, 0x9F, 0x6A, 0x22, 0xAD), +}; +static const mbedtls_mpi_uint secp192r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0xCC, 0xA3, 0x4D, 0xA0, 0x1C, 0x34, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0x3C, 0x62, 0xF8, 0x5E, 0xA6, 0x58, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x6E, 0x66, 0x8A, 0x3D, 0x17, 0xFF, 0x0F), +}; +static const mbedtls_mpi_uint secp192r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xCD, 0xA8, 0xDD, 0xD1, 0x20, 0x5C, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0xFE, 0x17, 0xE2, 0xCF, 0xEA, 0x63, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x51, 0xC9, 0x16, 0xDE, 0xB4, 0xB2, 0xDD), +}; +static const mbedtls_mpi_uint secp192r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xBE, 0x12, 0xD7, 0xA3, 0x0A, 0x50, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0x87, 0xC5, 0x8A, 0x76, 0x57, 0x07, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0x1F, 0xC6, 0x1B, 0x66, 0xC4, 0x3D, 0x8A), +}; +static const mbedtls_mpi_uint secp192r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0xA4, 0x85, 0x13, 0x8F, 0xA7, 0x35, 0x19), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x0D, 0xFD, 0xFF, 0x1B, 0xD1, 0xD6, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x7A, 0xD0, 0xC3, 0xB4, 0xEF, 0x39, 0x66), +}; +static const mbedtls_mpi_uint secp192r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0xFE, 0xA5, 0x9C, 0x34, 0x30, 0x49, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0xC5, 0x39, 0x26, 0x06, 0xE3, 0x01, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0x2B, 0x66, 0xFC, 0x95, 0x5F, 0x35, 0xF7), +}; +static const mbedtls_mpi_uint secp192r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0xCF, 0x54, 0x63, 0x99, 0x57, 0x05, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x6F, 0x00, 0x5F, 0x65, 0x08, 0x47, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x2A, 0x90, 0x6D, 0x67, 0xC6, 0xBC, 0x45), +}; +static const mbedtls_mpi_uint secp192r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x4D, 0x88, 0x0A, 0x35, 0x9E, 0x33, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x17, 0x0C, 0xF8, 0xE1, 0x7A, 0x49, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x44, 0x06, 0x8F, 0x0B, 0x70, 0x2F, 0x71), +}; +static const mbedtls_mpi_uint secp192r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0x4B, 0xCB, 0xF9, 0x8E, 0x6A, 0xDA, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x43, 0xA1, 0x3F, 0xCE, 0x17, 0xD2, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x0D, 0xD2, 0x6C, 0x82, 0x37, 0xE5, 0xFC), +}; +static const mbedtls_mpi_uint secp192r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x3C, 0xF4, 0x92, 0xB4, 0x8A, 0x95, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0x96, 0xF1, 0x0A, 0x34, 0x2F, 0x74, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0xA1, 0xAA, 0xBA, 0x86, 0x77, 0x4F, 0xA2), +}; +static const mbedtls_mpi_uint secp192r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0x7F, 0xEF, 0x60, 0x50, 0x80, 0xD7, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0xAC, 0xC9, 0xFE, 0xEC, 0x0A, 0x1A, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x2F, 0xBE, 0x91, 0xD7, 0xB7, 0x38, 0x48), +}; +static const mbedtls_mpi_uint secp192r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xAE, 0x85, 0x98, 0xFE, 0x05, 0x7F, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0xBE, 0xFD, 0x11, 0x31, 0x3D, 0x14, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x75, 0xE8, 0x30, 0x01, 0xCB, 0x9B, 0x1C), +}; +static const mbedtls_ecp_point secp192r1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp192r1_T_0_X, secp192r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_1_X, secp192r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_2_X, secp192r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_3_X, secp192r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_4_X, secp192r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_5_X, secp192r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_6_X, secp192r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_7_X, secp192r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_8_X, secp192r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_9_X, secp192r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_10_X, secp192r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_11_X, secp192r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_12_X, secp192r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_13_X, secp192r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_14_X, secp192r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp192r1_T_15_X, secp192r1_T_15_Y), +}; +#else +#define secp192r1_T NULL +#endif +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +/* + * Domain parameters for secp224r1 + */ +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +static const mbedtls_mpi_uint secp224r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_4(0x85, 0x0A, 0x05, 0xB4), +}; +static const mbedtls_mpi_uint secp224r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_4(0xBD, 0x0C, 0x0E, 0xB7), +}; +static const mbedtls_mpi_uint secp224r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_4(0x88, 0x63, 0x37, 0xBD), +}; +static const mbedtls_mpi_uint secp224r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF), +}; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp224r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0x0C, 0x0E, 0xB7, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x63, 0x37, 0xBD, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0xF9, 0xB8, 0xD0, 0x3D, 0xD2, 0xD3, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xFD, 0x99, 0x26, 0x19, 0xFE, 0x13, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x0E, 0x4C, 0x48, 0x7C, 0xA2, 0x17, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xA3, 0x13, 0x57, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0x16, 0x5C, 0x8F, 0xAA, 0xED, 0x0F, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0xC5, 0x43, 0x34, 0x93, 0x05, 0x2A, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0xE3, 0x6C, 0xCA, 0xC6, 0x14, 0xC2, 0x25), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x43, 0x6C, 0xD7, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0x5A, 0x98, 0x1E, 0xC8, 0xA5, 0x42, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x49, 0x56, 0x78, 0xF8, 0xEF, 0xED, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0xBB, 0x64, 0xB6, 0x4C, 0x54, 0x5F, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0x0C, 0x33, 0xCC, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x79, 0xCB, 0x2E, 0x08, 0xFF, 0xD8, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0x2E, 0x1F, 0xD4, 0xD7, 0x57, 0xE9, 0x39, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xD6, 0x3B, 0x0A, 0x1C, 0x87, 0xB7, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x30, 0xD8, 0x05, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x79, 0x74, 0x9A, 0xE6, 0xBB, 0xC2, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x5B, 0xA6, 0x67, 0xC1, 0x91, 0xE7, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0xDF, 0x38, 0x82, 0x19, 0x2C, 0x4C, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x2E, 0x39, 0xC5, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x36, 0x78, 0x4E, 0xAE, 0x5B, 0x02, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0xF6, 0x8B, 0xF8, 0xF4, 0x92, 0x6B, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x4D, 0x71, 0x35, 0xE7, 0x0C, 0x2C, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0xA5, 0x1F, 0xAE, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0x1C, 0x4B, 0xDF, 0x5B, 0xF2, 0x51, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x74, 0xB1, 0x5A, 0xC6, 0x0F, 0x0E, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x24, 0x09, 0x62, 0xAF, 0xFC, 0xDB, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0xE1, 0x80, 0x55, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0x82, 0xFE, 0xAD, 0xC3, 0xE5, 0xCF, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0xA2, 0x62, 0x17, 0x76, 0xF0, 0x5A, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xB8, 0xE5, 0xAC, 0xB7, 0x66, 0x38, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0xFD, 0x86, 0x05, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xD3, 0x0C, 0x3C, 0xD1, 0x66, 0xB0, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x59, 0xB4, 0x8D, 0x90, 0x10, 0xB7, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x47, 0x9B, 0xE6, 0x55, 0x8A, 0xE4, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0x49, 0xDB, 0x78, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x97, 0xED, 0xDE, 0xFF, 0xB3, 0xDF, 0x48), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xB9, 0x83, 0xB7, 0xEB, 0xBE, 0x40, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xD3, 0xD3, 0xCD, 0x0E, 0x82, 0x79, 0x3D), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x83, 0x1B, 0xF0, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x22, 0xBB, 0x54, 0xD3, 0x31, 0x56, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x36, 0xE5, 0xE0, 0x89, 0x96, 0x8E, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0xEF, 0x0A, 0xED, 0xD0, 0x11, 0x4A, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x00, 0x57, 0x27, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0xCA, 0x3D, 0xF7, 0x64, 0x9B, 0x6E, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0xE3, 0x70, 0x6B, 0x41, 0xD7, 0xED, 0x8F), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x44, 0x44, 0x80, 0xCE, 0x13, 0x37, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x73, 0x80, 0x79, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x4D, 0x70, 0x7D, 0x31, 0x0F, 0x1C, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x35, 0x88, 0x47, 0xC4, 0x24, 0x78, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xF0, 0xCD, 0x91, 0x81, 0xB3, 0xDE, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xCE, 0xC6, 0xF7, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0x9C, 0x2D, 0xE8, 0xD2, 0x00, 0x8F, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x5E, 0x7C, 0x0E, 0x0C, 0x6E, 0x58, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x81, 0x21, 0xCE, 0x43, 0xF4, 0x24, 0x3D), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0xBC, 0xF0, 0xF4, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x10, 0xC2, 0x74, 0x4A, 0x8F, 0x8A, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x67, 0xF4, 0x2B, 0x38, 0x2B, 0x35, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xE7, 0x0C, 0xA9, 0xFA, 0x77, 0x5C, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x33, 0x19, 0x2B, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x3E, 0x96, 0x22, 0x53, 0xE1, 0xE9, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x13, 0xBC, 0xA1, 0x16, 0xEC, 0x01, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x00, 0xC9, 0x7A, 0xC3, 0x73, 0xA5, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0xF4, 0x5E, 0xC1, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x95, 0xD6, 0xD9, 0x32, 0x30, 0x2B, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x42, 0x09, 0x05, 0x61, 0x2A, 0x7E, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x84, 0xA2, 0x05, 0x88, 0x64, 0x65, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0x2D, 0x90, 0xB3, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0xE7, 0x2E, 0x85, 0x55, 0x80, 0x7C, 0x79), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xC1, 0xAC, 0x78, 0xB4, 0xAF, 0xFB, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0xC3, 0x28, 0x8E, 0x79, 0x18, 0x1F, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x46, 0xCF, 0x49, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x5F, 0xA8, 0x6C, 0x46, 0x83, 0x43, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xA9, 0x93, 0x11, 0xB6, 0x07, 0x57, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x2A, 0x9D, 0x03, 0x89, 0x7E, 0xD7, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x8C, 0x62, 0xCF, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0x2C, 0x13, 0x59, 0xCC, 0xFA, 0x84, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xB9, 0x48, 0xBC, 0x57, 0xC7, 0xB3, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x0A, 0x38, 0x24, 0x2E, 0x3A, 0x28, 0x25), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x0A, 0x43, 0xB8, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x25, 0xAB, 0xC1, 0xEE, 0x70, 0x3C, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0xDB, 0x45, 0x1D, 0x4A, 0x80, 0x75, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x1F, 0x4D, 0x2D, 0x9A, 0x05, 0xF4, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x10, 0xF0, 0x5A, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0x95, 0xE1, 0xDC, 0x15, 0x86, 0xC3, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0xDC, 0x27, 0xD1, 0x56, 0xA1, 0x14, 0x0D), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x0B, 0xD6, 0x77, 0x4E, 0x44, 0xA2, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x42, 0x71, 0x1F, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x86, 0xB2, 0xB0, 0xC8, 0x2F, 0x7B, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xEF, 0xCB, 0xDB, 0xBC, 0x9E, 0x3B, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x03, 0x86, 0xDD, 0x5B, 0xF5, 0x8D, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x95, 0x79, 0xD6, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x32, 0x14, 0xDA, 0x9B, 0x4F, 0x07, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x3E, 0xFB, 0x06, 0xEE, 0xA7, 0x40, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0x1F, 0xDF, 0x71, 0x61, 0xFD, 0x8B, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x8B, 0xAB, 0x8B, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x34, 0xB3, 0xB4, 0xBC, 0x9F, 0xB0, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x58, 0x48, 0xA8, 0x77, 0xBB, 0x13, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0xC6, 0xF7, 0x34, 0xCC, 0x89, 0x21, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x33, 0xDD, 0x1F, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x81, 0xEF, 0xA4, 0xF2, 0x10, 0x0B, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0xF7, 0x6E, 0x72, 0x4A, 0xDF, 0xDD, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x23, 0x0A, 0x53, 0x03, 0x16, 0x62, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x76, 0xFD, 0x3C, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x14, 0xA1, 0xFA, 0xA0, 0x18, 0xBE, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0x2A, 0xE1, 0xD7, 0xB0, 0x6C, 0xA0, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0xC0, 0xB0, 0xC6, 0x63, 0x24, 0xCD, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0x38, 0x2C, 0xB1, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0xCD, 0x7D, 0x20, 0x0C, 0xFE, 0xAC, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x97, 0x9F, 0xA2, 0xB6, 0x45, 0xF7, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x99, 0xF3, 0xD2, 0x20, 0x02, 0xEB, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x18, 0x5B, 0x7B, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0xDD, 0x77, 0x91, 0x60, 0xEA, 0xFD, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0xD3, 0xB5, 0xD6, 0x90, 0x17, 0x0E, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0xF4, 0x28, 0xC1, 0xF2, 0x53, 0xF6, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0x58, 0xDC, 0x61, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x20, 0x01, 0xFB, 0xF1, 0xBD, 0x5F, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x7F, 0x06, 0xDA, 0x11, 0xCB, 0xBA, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x41, 0x00, 0xA4, 0x1B, 0x30, 0x33, 0x79), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0xFF, 0x27, 0xCA, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_ecp_point secp224r1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp224r1_T_0_X, secp224r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_1_X, secp224r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_2_X, secp224r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_3_X, secp224r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_4_X, secp224r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_5_X, secp224r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_6_X, secp224r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_7_X, secp224r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_8_X, secp224r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_9_X, secp224r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_10_X, secp224r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_11_X, secp224r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_12_X, secp224r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_13_X, secp224r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_14_X, secp224r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp224r1_T_15_X, secp224r1_T_15_Y), +}; +#else +#define secp224r1_T NULL +#endif +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +/* + * Domain parameters for secp256r1 + */ +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +static const mbedtls_mpi_uint secp256r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), +}; +static const mbedtls_mpi_uint secp256r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A), +}; +static const mbedtls_mpi_uint secp256r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B), +}; +static const mbedtls_mpi_uint secp256r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F), +}; +static const mbedtls_mpi_uint secp256r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), +}; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp256r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B), +}; +static const mbedtls_mpi_uint secp256r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F), +}; +static const mbedtls_mpi_uint secp256r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0xC8, 0xBA, 0x04, 0xB7, 0x4B, 0xD2, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0xC6, 0x23, 0x3A, 0xA0, 0x09, 0x3A, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x9D, 0x4C, 0xF9, 0x58, 0x23, 0xCC, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0xED, 0x7B, 0x29, 0x87, 0x0F, 0xFA, 0x3C), +}; +static const mbedtls_mpi_uint secp256r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x69, 0xF2, 0x40, 0x0B, 0xA3, 0x98, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xA8, 0x48, 0x02, 0x0D, 0x1C, 0x12, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0xAF, 0x09, 0x83, 0x80, 0xAA, 0x58, 0xA7), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x12, 0xBE, 0x70, 0x94, 0x76, 0xE3, 0xE4), +}; +static const mbedtls_mpi_uint secp256r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x7D, 0xEF, 0x86, 0xFF, 0xE3, 0x37, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x86, 0x8B, 0x08, 0x27, 0x7C, 0xD7, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x54, 0x4C, 0x25, 0x4F, 0x9A, 0xFE, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0xFD, 0xF0, 0x6D, 0x37, 0x03, 0x69, 0xD6), +}; +static const mbedtls_mpi_uint secp256r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xD5, 0xDA, 0xAD, 0x92, 0x49, 0xF0, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x73, 0x43, 0x9E, 0xAF, 0xA7, 0xD1, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x41, 0x07, 0xDF, 0x78, 0x95, 0x3E, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x3D, 0xD1, 0xE6, 0x3C, 0xA5, 0xE2, 0x20), +}; +static const mbedtls_mpi_uint secp256r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x6A, 0x5D, 0x52, 0x35, 0xD7, 0xBF, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0xA2, 0xBE, 0x96, 0xF4, 0xF8, 0x02, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x20, 0x49, 0x54, 0xEA, 0xB3, 0x82, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x2E, 0xDB, 0xEA, 0x02, 0xD1, 0x75, 0x1C, 0x62), +}; +static const mbedtls_mpi_uint secp256r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x85, 0xF4, 0x9E, 0x4C, 0xDC, 0x39, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x6D, 0xC4, 0x57, 0xD8, 0x03, 0x5D, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x7F, 0x2D, 0x52, 0x6F, 0xC9, 0xDA, 0x4F), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x64, 0xFA, 0xB4, 0xFE, 0xA4, 0xC4, 0xD7), +}; +static const mbedtls_mpi_uint secp256r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x37, 0xB9, 0xC0, 0xAA, 0x59, 0xC6, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x58, 0xD9, 0xED, 0x58, 0x99, 0x65, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x7D, 0x26, 0x8C, 0x4A, 0xF9, 0x05, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x73, 0x9A, 0xC9, 0xE7, 0x46, 0xDC, 0x00), +}; +static const mbedtls_mpi_uint secp256r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0xD0, 0x55, 0xDF, 0x00, 0x0A, 0xF5, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0xBF, 0x56, 0x81, 0x2D, 0x20, 0xEB, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xC1, 0x28, 0x52, 0xAB, 0xE3, 0xD1, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x34, 0x79, 0x45, 0x57, 0xA5, 0x12, 0x03), +}; +static const mbedtls_mpi_uint secp256r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0xCF, 0xB8, 0x7E, 0xF7, 0x92, 0x96, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x01, 0x8C, 0x0D, 0x23, 0xF2, 0xE3, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x2E, 0xE3, 0x84, 0x52, 0x7A, 0x34, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0xA1, 0xB0, 0x15, 0x90, 0xE2, 0x53, 0x3C), +}; +static const mbedtls_mpi_uint secp256r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x98, 0xE7, 0xFA, 0xA5, 0x7D, 0x8B, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x35, 0xD2, 0x00, 0xD1, 0x1B, 0x9F, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x69, 0x08, 0x9A, 0x72, 0xF0, 0xA9, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0xFE, 0x0E, 0x14, 0xDA, 0x7C, 0x0E, 0xD3), +}; +static const mbedtls_mpi_uint secp256r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0xF6, 0xE8, 0xF8, 0x87, 0xF7, 0xFC, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0xBE, 0x7F, 0x3F, 0x7A, 0x2B, 0xD7, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0x32, 0xF2, 0x2D, 0x94, 0x6D, 0x42, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x9A, 0xE3, 0x5F, 0x42, 0xBB, 0x84, 0xED), +}; +static const mbedtls_mpi_uint secp256r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x95, 0x29, 0x73, 0xA1, 0x67, 0x3E, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x30, 0x54, 0x35, 0x8E, 0x0A, 0xDD, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0xD7, 0xA1, 0x97, 0x61, 0x3B, 0xF8, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x33, 0x3C, 0x58, 0x55, 0x34, 0x23, 0xA3), +}; +static const mbedtls_mpi_uint secp256r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x5D, 0x16, 0x5F, 0x7B, 0xBC, 0xBB, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0xEE, 0x4E, 0x8A, 0xC1, 0x51, 0xCC, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x0D, 0x4D, 0x1B, 0x53, 0x23, 0x1D, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x2A, 0x38, 0x66, 0x52, 0x84, 0xE1, 0x95), +}; +static const mbedtls_mpi_uint secp256r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x9B, 0x83, 0x0A, 0x81, 0x4F, 0xAD, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xFF, 0x42, 0x41, 0x6E, 0xA9, 0xA2, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xA1, 0x4F, 0x1F, 0x89, 0x82, 0xAA, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0xB8, 0x0F, 0x6B, 0x8F, 0x8C, 0xD6, 0x68), +}; +static const mbedtls_mpi_uint secp256r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0xB3, 0xBB, 0x51, 0x69, 0xA2, 0x11, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x4F, 0x0F, 0x8D, 0xBD, 0x26, 0x0F, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xCB, 0xEC, 0x6B, 0x34, 0xC3, 0x3D, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x5D, 0x1E, 0x10, 0xD5, 0x44, 0xE2, 0x54), +}; +static const mbedtls_mpi_uint secp256r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x9E, 0xB1, 0xF1, 0x6E, 0x4C, 0xAD, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xE3, 0xC2, 0x58, 0xC0, 0xFB, 0x34, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0x9C, 0xDF, 0x35, 0x07, 0x41, 0xBD, 0x19), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x6E, 0x10, 0xEC, 0x0E, 0xEC, 0xBB, 0xD6), +}; +static const mbedtls_mpi_uint secp256r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0xCF, 0xEF, 0x3F, 0x83, 0x1A, 0x88, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x29, 0xB5, 0xB9, 0xE0, 0xC9, 0xA3, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x46, 0x1E, 0x77, 0xCD, 0x7E, 0xB3, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x21, 0xD0, 0xD4, 0xA3, 0x16, 0x08, 0xEE), +}; +static const mbedtls_mpi_uint secp256r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0xCA, 0xA8, 0xB3, 0xBF, 0x29, 0x99, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0xF2, 0x05, 0xC1, 0xCF, 0x5D, 0x91, 0x48), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0x01, 0x49, 0xDB, 0x82, 0xDF, 0x5F, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x06, 0x90, 0xAD, 0xE3, 0x38, 0xA4, 0xC4), +}; +static const mbedtls_mpi_uint secp256r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xD2, 0x3A, 0xE8, 0x03, 0xC5, 0x6D, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x35, 0xD0, 0xAE, 0x1D, 0x7A, 0x9F, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0x1E, 0xD2, 0xCB, 0xAC, 0x88, 0x27, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0xB9, 0x9C, 0xE0, 0x31, 0xDD, 0x99, 0x86), +}; +static const mbedtls_mpi_uint secp256r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0xF9, 0x9B, 0x32, 0x96, 0x41, 0x58, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x5A, 0x2A, 0xB8, 0x96, 0x0E, 0xB2, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x78, 0x2C, 0xC7, 0x08, 0x99, 0x19, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x59, 0x28, 0xE9, 0x84, 0x54, 0xE6, 0x16), +}; +static const mbedtls_mpi_uint secp256r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x38, 0x30, 0xDB, 0x70, 0x2C, 0x0A, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x5C, 0x9D, 0xE9, 0xD5, 0x46, 0x0B, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x0B, 0x60, 0x4B, 0x37, 0x7D, 0xB9, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x24, 0xF3, 0x3D, 0x79, 0x7F, 0x6C, 0x18), +}; +static const mbedtls_mpi_uint secp256r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7F, 0xE5, 0x1C, 0x4F, 0x60, 0x24, 0xF7, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0xD8, 0xE2, 0x91, 0x7F, 0x89, 0x49, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0xA7, 0x2E, 0x8D, 0x6A, 0xB3, 0x39, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x89, 0xB5, 0x9A, 0xB8, 0x8D, 0x42, 0x9C), +}; +static const mbedtls_mpi_uint secp256r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0x45, 0xE6, 0x4B, 0x3F, 0x4F, 0x1E, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x65, 0x5E, 0x59, 0x22, 0xCC, 0x72, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x93, 0x1A, 0x27, 0x1E, 0x34, 0xC5, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0xF2, 0xA5, 0x58, 0x5C, 0x15, 0x2E, 0xC6), +}; +static const mbedtls_mpi_uint secp256r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0x7F, 0xBA, 0x58, 0x5A, 0x84, 0x6F, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0xA6, 0x36, 0x7E, 0xDC, 0xF7, 0xE1, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x4D, 0xAA, 0xEE, 0x57, 0x76, 0x3A, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x7E, 0x26, 0x18, 0x22, 0x23, 0x9F, 0xFF), +}; +static const mbedtls_mpi_uint secp256r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x4C, 0x64, 0xC7, 0x55, 0x02, 0x3F, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0x02, 0x90, 0xBB, 0xC3, 0xEC, 0x30, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0x6F, 0x64, 0xF4, 0x16, 0x69, 0x48, 0xA4), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x44, 0x9C, 0x95, 0x0C, 0x7D, 0x67, 0x5E), +}; +static const mbedtls_mpi_uint secp256r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0x91, 0x8B, 0xD8, 0xD0, 0xD7, 0xE7, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0xF9, 0x48, 0x62, 0x6F, 0xA8, 0x93, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0x3A, 0x99, 0x02, 0xD5, 0x0B, 0x3D, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xD3, 0x00, 0x31, 0xE6, 0x0C, 0x9F, 0x44), +}; +static const mbedtls_mpi_uint secp256r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0xB2, 0xAA, 0xFD, 0x88, 0x15, 0xDF, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x4C, 0x35, 0x27, 0x31, 0x44, 0xCD, 0xC0, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xF8, 0x91, 0xA5, 0x71, 0x94, 0x84, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0xCB, 0xD0, 0x93, 0xE9, 0x88, 0xDA, 0xE4), +}; +static const mbedtls_mpi_uint secp256r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0xC6, 0x39, 0x16, 0x5D, 0xA3, 0x1E, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x07, 0x37, 0x26, 0x36, 0x2A, 0xFE, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xBC, 0xF3, 0xD0, 0xDE, 0x50, 0xFC, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x2E, 0x06, 0x10, 0x15, 0x4D, 0xFA, 0xF7), +}; +static const mbedtls_mpi_uint secp256r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x65, 0x69, 0x5B, 0x66, 0xA2, 0x75, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0x16, 0x00, 0x5A, 0xB0, 0x30, 0x25, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xFB, 0x86, 0x42, 0x80, 0xC1, 0xC4, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x1D, 0x83, 0x8E, 0x94, 0x01, 0x5F, 0x82), +}; +static const mbedtls_mpi_uint secp256r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0x37, 0x70, 0xEF, 0x1F, 0xA1, 0xF0, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x10, 0x5B, 0xCE, 0xC4, 0x9B, 0x6F, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x11, 0x11, 0x24, 0x4F, 0x4C, 0x79, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x3A, 0x72, 0xBC, 0xFE, 0x72, 0x58, 0x43), +}; +static const mbedtls_ecp_point secp256r1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp256r1_T_0_X, secp256r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_1_X, secp256r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_2_X, secp256r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_3_X, secp256r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_4_X, secp256r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_5_X, secp256r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_6_X, secp256r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_7_X, secp256r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_8_X, secp256r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_9_X, secp256r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_10_X, secp256r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_11_X, secp256r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_12_X, secp256r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_13_X, secp256r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_14_X, secp256r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp256r1_T_15_X, secp256r1_T_15_Y), +}; +#else +#define secp256r1_T NULL +#endif + +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +/* + * Domain parameters for secp384r1 + */ +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +static const mbedtls_mpi_uint secp384r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; +static const mbedtls_mpi_uint secp384r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3), +}; +static const mbedtls_mpi_uint secp384r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA), +}; +static const mbedtls_mpi_uint secp384r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36), +}; +static const mbedtls_mpi_uint secp384r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp384r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA), +}; +static const mbedtls_mpi_uint secp384r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36), +}; +static const mbedtls_mpi_uint secp384r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x92, 0x00, 0x2C, 0x78, 0xDB, 0x1F, 0x37), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xF3, 0xEB, 0xB7, 0x06, 0xF7, 0xB6, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xBC, 0x2C, 0xCF, 0xD8, 0xED, 0x53, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0x75, 0x7B, 0xA3, 0xAB, 0xC3, 0x2C, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0x9D, 0x78, 0x41, 0xF6, 0x76, 0x84, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x56, 0xE8, 0x52, 0xB3, 0xCB, 0xA8, 0xBD), +}; +static const mbedtls_mpi_uint secp384r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xF2, 0xAE, 0xA4, 0xB6, 0x89, 0x1B, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x0F, 0xCE, 0x1C, 0x7C, 0xF6, 0x50, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0x4C, 0xEB, 0x90, 0xE6, 0x4D, 0xC7, 0xD4, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x49, 0x2D, 0x8A, 0x01, 0x99, 0x60, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x80, 0x9B, 0x9B, 0x6A, 0xB0, 0x07, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0xA2, 0xEE, 0x59, 0xBE, 0x95, 0xBC, 0x23), +}; +static const mbedtls_mpi_uint secp384r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x9D, 0x56, 0xAE, 0x59, 0xFB, 0x1F, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0xAC, 0x91, 0x80, 0x87, 0xA8, 0x6E, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x08, 0xA7, 0x08, 0x94, 0x32, 0xFC, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0x29, 0x9E, 0x84, 0xF4, 0xE5, 0x6E, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x21, 0xB9, 0x50, 0x24, 0xF8, 0x9C, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x04, 0x01, 0xC2, 0xFB, 0x77, 0x3E, 0xDE), +}; +static const mbedtls_mpi_uint secp384r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x38, 0xEE, 0xE3, 0xC7, 0x9D, 0xEC, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x88, 0xCF, 0x43, 0xFA, 0x92, 0x5E, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0xCA, 0x43, 0xF8, 0x3B, 0x49, 0x7E, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0xE7, 0xEB, 0x17, 0x45, 0x86, 0xC2, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x69, 0x57, 0x32, 0xE0, 0x9C, 0xD1, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x10, 0xB8, 0x4D, 0xB8, 0xF4, 0x0D, 0xE3), +}; +static const mbedtls_mpi_uint secp384r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x60, 0xDC, 0x9A, 0xB2, 0x79, 0x39, 0x27, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x71, 0xE4, 0x3B, 0x4D, 0x60, 0x0C, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0xBD, 0x19, 0x40, 0xFA, 0x19, 0x2A, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xF8, 0x1E, 0x43, 0xA1, 0x50, 0x8D, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0x18, 0x7C, 0x41, 0xFA, 0x7C, 0x1B, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x59, 0x24, 0xC4, 0xE9, 0xB7, 0xD3, 0xAD), +}; +static const mbedtls_mpi_uint secp384r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x01, 0x3D, 0x63, 0x54, 0x45, 0x6F, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0xB2, 0x19, 0xA3, 0x86, 0x1D, 0x42, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x02, 0x87, 0x18, 0x92, 0x52, 0x1A, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x18, 0xB1, 0x5D, 0x18, 0x1B, 0x37, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0x74, 0x61, 0xBA, 0x18, 0xAF, 0x40, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x7D, 0x3C, 0x52, 0x0F, 0x07, 0xB0, 0x6F), +}; +static const mbedtls_mpi_uint secp384r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x39, 0x13, 0xAA, 0x60, 0x15, 0x99, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x00, 0xCB, 0xC6, 0xB1, 0xDB, 0x97, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xFA, 0x60, 0xB8, 0x24, 0xE4, 0x7D, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x75, 0xB3, 0x70, 0xB2, 0x83, 0xB1, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0xE3, 0x6C, 0xCD, 0x33, 0x62, 0x7A, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x30, 0xDC, 0x0F, 0x9F, 0xBB, 0xB8, 0xAA), +}; +static const mbedtls_mpi_uint secp384r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xD5, 0x0A, 0x60, 0x81, 0xB9, 0xC5, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0xAA, 0x2F, 0xD6, 0xF2, 0x73, 0xDF, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x7B, 0x74, 0xC9, 0xB3, 0x5B, 0x95, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x04, 0xEB, 0x15, 0xC8, 0x5F, 0x00, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x50, 0x20, 0x28, 0xD1, 0x01, 0xAF, 0xF0), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x4F, 0x31, 0x81, 0x2F, 0x94, 0x48), +}; +static const mbedtls_mpi_uint secp384r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x2F, 0xD8, 0xB6, 0x63, 0x7C, 0xE9, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x8C, 0xB9, 0x14, 0xD9, 0x37, 0x63, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x02, 0xB8, 0x46, 0xAD, 0xCE, 0x7B, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x47, 0x2D, 0x66, 0xA7, 0xE9, 0x33, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0xF9, 0x93, 0x94, 0xA8, 0x48, 0xB3, 0x4F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0x4A, 0xAC, 0x51, 0x08, 0x72, 0x2F, 0x1A), +}; +static const mbedtls_mpi_uint secp384r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0xAD, 0xA0, 0xF9, 0x81, 0xE1, 0x78, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x9A, 0x63, 0xD8, 0xBA, 0x79, 0x1A, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x31, 0x7B, 0x7A, 0x5A, 0x5D, 0x7D, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x96, 0x12, 0x4B, 0x19, 0x09, 0xE0, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x8A, 0x57, 0xEE, 0x4E, 0x6E, 0x7E, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x9D, 0x69, 0xDC, 0xB3, 0xDA, 0xD8, 0x08), +}; +static const mbedtls_mpi_uint secp384r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x49, 0x03, 0x03, 0x33, 0x6F, 0x28, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xDB, 0xA7, 0x05, 0x8C, 0xF3, 0x4D, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x92, 0xB1, 0xA8, 0xEC, 0x0D, 0x64, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0xFC, 0xFD, 0xD0, 0x4B, 0x88, 0x1B, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x9C, 0x51, 0x69, 0xCE, 0x71, 0x73, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x5A, 0x14, 0x23, 0x1A, 0x46, 0x63, 0x5F), +}; +static const mbedtls_mpi_uint secp384r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x4C, 0x70, 0x44, 0x18, 0xCD, 0xEF, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x49, 0xDD, 0x64, 0x7E, 0x7E, 0x4D, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0xA2, 0x32, 0x7C, 0x09, 0xD0, 0x3F, 0xD6, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xE0, 0x4F, 0x65, 0x0C, 0x7A, 0x54, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0xFA, 0xFB, 0x4A, 0xB4, 0x79, 0x5A, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x5D, 0x1B, 0x2B, 0xDA, 0xBC, 0x9A, 0x74), +}; +static const mbedtls_mpi_uint secp384r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xAC, 0x56, 0xF7, 0x5F, 0x51, 0x68, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0xE0, 0x1D, 0xBC, 0x13, 0x4E, 0xAC, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xF5, 0xC5, 0xE6, 0xD2, 0x88, 0xBA, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x0E, 0x28, 0x23, 0x58, 0x67, 0xFA, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0x80, 0x4B, 0xD8, 0xC4, 0xDF, 0x15, 0xE4), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x0E, 0x58, 0xE6, 0x2C, 0x59, 0xC2, 0x03), +}; +static const mbedtls_mpi_uint secp384r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x26, 0x27, 0x99, 0x16, 0x2B, 0x22, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xF3, 0x8F, 0xC3, 0x2A, 0x9B, 0xFC, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x2E, 0x83, 0x3D, 0xFE, 0x9E, 0x3C, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x57, 0xCD, 0x2D, 0xC1, 0x49, 0x38, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0x42, 0x8B, 0x33, 0x89, 0x1F, 0xEA, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x1D, 0x13, 0xD7, 0x50, 0xBB, 0x3E, 0xEB), +}; +static const mbedtls_mpi_uint secp384r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD2, 0x9A, 0x52, 0xD2, 0x54, 0x7C, 0x97, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x33, 0x6E, 0xED, 0xD9, 0x87, 0x50, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x35, 0x7E, 0x16, 0x40, 0x15, 0x83, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0x2B, 0xA4, 0xAB, 0x03, 0x91, 0xEA, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x47, 0x39, 0xEF, 0x05, 0x59, 0xD0, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x24, 0x0D, 0x76, 0x11, 0x53, 0x08, 0xAF), +}; +static const mbedtls_mpi_uint secp384r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x2F, 0xDD, 0xBD, 0x50, 0x48, 0xB1, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x1C, 0x84, 0x55, 0x78, 0x14, 0xEB, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x5E, 0x3E, 0xA6, 0xAF, 0xF6, 0xC7, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x11, 0xE2, 0x65, 0xCA, 0x41, 0x95, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x83, 0xD8, 0xE6, 0x4D, 0x22, 0x06, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x7F, 0x25, 0x2A, 0xAA, 0x28, 0x46, 0x97), +}; +static const mbedtls_mpi_uint secp384r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0xDB, 0x15, 0x56, 0x84, 0xCB, 0xC0, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0xDB, 0x0E, 0x08, 0xC9, 0xF5, 0xD4, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x62, 0xD0, 0x1A, 0x7C, 0x13, 0xD5, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0xAD, 0x53, 0xE0, 0x32, 0x21, 0xA0, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x38, 0x81, 0x21, 0x23, 0x0E, 0xD2, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x51, 0x05, 0xD0, 0x1E, 0x82, 0xA9, 0x71), +}; +static const mbedtls_mpi_uint secp384r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0xC3, 0x27, 0xBF, 0xC6, 0xAA, 0xB7, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x65, 0x45, 0xDF, 0xB9, 0x46, 0x17, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x38, 0x3F, 0xB2, 0xB1, 0x5D, 0xCA, 0x1C), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x29, 0x6C, 0x63, 0xE9, 0xD7, 0x48, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xF1, 0xD7, 0x99, 0x8C, 0xC2, 0x05, 0x99), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xE6, 0x5E, 0x82, 0x6D, 0xE5, 0x7E, 0xD5), +}; +static const mbedtls_mpi_uint secp384r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x61, 0xFA, 0x7D, 0x01, 0xDB, 0xB6, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xC6, 0x58, 0x39, 0xF4, 0xC6, 0x82, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x5A, 0x7A, 0x80, 0x08, 0xCD, 0xAA, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x8C, 0xC6, 0x3F, 0x3C, 0xA5, 0x68, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0xF5, 0xD5, 0x17, 0xAE, 0x36, 0xD8, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0xAD, 0x92, 0xC5, 0x57, 0x6C, 0xDA, 0x91), +}; +static const mbedtls_mpi_uint secp384r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x67, 0x17, 0xC0, 0x40, 0x78, 0x8C, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x9F, 0xF4, 0xAA, 0xDA, 0x5C, 0x7E, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xDB, 0x42, 0x3E, 0x72, 0x64, 0xA0, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0xF9, 0x41, 0x17, 0x43, 0xE3, 0xE8, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xDD, 0xCC, 0x43, 0x7E, 0x16, 0x05, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0x4B, 0xCF, 0x48, 0x8F, 0x41, 0x90, 0xE5), +}; +static const mbedtls_mpi_uint secp384r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x0C, 0x6B, 0x9D, 0x22, 0x04, 0xBC, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x63, 0x79, 0x2F, 0x6A, 0x0E, 0x8A, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x67, 0x3F, 0x02, 0xB8, 0x91, 0x7F, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x14, 0x64, 0xA0, 0x33, 0xF4, 0x6B, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x44, 0x71, 0x87, 0xB8, 0x88, 0x3F, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x2B, 0x85, 0x05, 0xC5, 0x44, 0x53, 0x15), +}; +static const mbedtls_mpi_uint secp384r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x2B, 0xFE, 0xD1, 0x1C, 0x73, 0xE3, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0x33, 0xA1, 0xD3, 0x69, 0x1C, 0x9D, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x5A, 0xBA, 0xB6, 0xAE, 0x1B, 0x94, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0x74, 0x90, 0x5C, 0x57, 0xB0, 0x3A, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x2F, 0x93, 0x20, 0x24, 0x54, 0x1D, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x78, 0x9D, 0x71, 0x67, 0x5D, 0x49, 0x98), +}; +static const mbedtls_mpi_uint secp384r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0xC8, 0x0E, 0x11, 0x8D, 0xE0, 0x8F, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x7F, 0x79, 0x6C, 0x5F, 0xB7, 0xBC, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0xE1, 0x83, 0x3C, 0x12, 0xBB, 0xEE, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xC2, 0xC4, 0x1B, 0x41, 0x71, 0xB9, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0xEE, 0xBB, 0x1D, 0x89, 0x50, 0x88, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x1C, 0x55, 0x74, 0xEB, 0xDE, 0x92, 0x3F), +}; +static const mbedtls_mpi_uint secp384r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0x38, 0x92, 0x06, 0x19, 0xD0, 0xB3, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x99, 0x26, 0xA3, 0x5F, 0xE2, 0xC1, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0xFC, 0xFD, 0xC3, 0xB6, 0x26, 0x24, 0x8F), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xAD, 0xE7, 0x49, 0xB7, 0x64, 0x4B, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x4E, 0x95, 0xAD, 0x07, 0xFE, 0xB6, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x15, 0xE7, 0x2D, 0x19, 0xA9, 0x08, 0x10), +}; +static const mbedtls_mpi_uint secp384r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0xBD, 0xAC, 0x0A, 0x3F, 0x6B, 0xFF, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0xE4, 0x74, 0x14, 0xD9, 0x70, 0x1D, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0xB0, 0x71, 0xBB, 0xD8, 0x18, 0x96, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0xB8, 0x19, 0x90, 0x80, 0xB5, 0xEE, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x21, 0x20, 0xA6, 0x17, 0x48, 0x03, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x1D, 0xBB, 0x6D, 0x94, 0x20, 0x34, 0xF1), +}; +static const mbedtls_mpi_uint secp384r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x82, 0x67, 0x4B, 0x8E, 0x4E, 0xBE, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0xDA, 0x77, 0xF8, 0x23, 0x55, 0x2B, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0x02, 0xDE, 0x25, 0x35, 0x2D, 0x74, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x0C, 0xB8, 0x0B, 0x39, 0xBA, 0xAD, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0x0E, 0x28, 0x4D, 0xE1, 0x3D, 0xE4, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xEC, 0x0A, 0xD4, 0xB8, 0xC4, 0x8D, 0xB0), +}; +static const mbedtls_mpi_uint secp384r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x68, 0xCE, 0xC2, 0x55, 0x4D, 0x0C, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x20, 0x93, 0x32, 0x90, 0xD6, 0xAE, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x78, 0xAB, 0x43, 0x9E, 0xEB, 0x73, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0x97, 0xC3, 0x83, 0xA6, 0x3C, 0xF1, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0x25, 0x25, 0x66, 0x08, 0x26, 0xFA, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0xFB, 0x44, 0x5D, 0x82, 0xEC, 0x3B, 0xAC), +}; +static const mbedtls_mpi_uint secp384r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x90, 0xEA, 0xB5, 0x04, 0x99, 0xD0, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0xF2, 0x22, 0xA0, 0xEB, 0xFD, 0x45, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xA4, 0x81, 0x32, 0xFC, 0xFA, 0xEE, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0xBB, 0xA4, 0x6A, 0x77, 0x41, 0x5C, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x1E, 0xAA, 0x4F, 0xF0, 0x10, 0xB3, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x74, 0x13, 0x14, 0x9E, 0x90, 0xD7, 0xE6), +}; +static const mbedtls_mpi_uint secp384r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0xBD, 0x70, 0x4F, 0xA8, 0xD1, 0x06, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x4E, 0x2E, 0x68, 0xFC, 0x35, 0xFA, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x60, 0x53, 0x75, 0xED, 0xF2, 0x5F, 0xC2, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0x87, 0x6B, 0x9F, 0x05, 0xE2, 0x22, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x1A, 0xA8, 0xB7, 0x03, 0x9E, 0x6D, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0xD0, 0x69, 0x88, 0xA8, 0x39, 0x9E, 0x3A), +}; +static const mbedtls_mpi_uint secp384r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0xEF, 0x68, 0xFE, 0xEC, 0x24, 0x08, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x06, 0x4B, 0x92, 0x0D, 0xB7, 0x34, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xF4, 0xDD, 0x1A, 0xA0, 0x4A, 0xE4, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0x63, 0x4F, 0x4F, 0xCE, 0xBB, 0xD6, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xEE, 0x8D, 0xDF, 0x3F, 0x73, 0xB7, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x06, 0xB6, 0x80, 0x4D, 0x81, 0xD9, 0x53), +}; +static const mbedtls_mpi_uint secp384r1_T_16_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0xF5, 0x13, 0xDF, 0x13, 0x19, 0x97, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0xF9, 0xB3, 0x33, 0x66, 0x82, 0x21, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xFC, 0x39, 0x16, 0x23, 0x43, 0x76, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x48, 0x25, 0xA1, 0x64, 0x95, 0x1C, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0xAC, 0x15, 0x57, 0xD9, 0xDE, 0xA0, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x5F, 0xB8, 0x3D, 0x48, 0x91, 0x24, 0xCC), +}; +static const mbedtls_mpi_uint secp384r1_T_16_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0xF2, 0xC8, 0x54, 0xD1, 0x32, 0xBD, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x3B, 0xF0, 0xAA, 0x9D, 0xD8, 0xF4, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0xC3, 0xBB, 0x6C, 0x66, 0xAC, 0x25, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x25, 0x10, 0xB2, 0xE1, 0x41, 0xDE, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0xE8, 0x30, 0xB8, 0x37, 0xBC, 0x2A, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x57, 0x01, 0x4A, 0x1E, 0x78, 0x9F, 0x85), +}; +static const mbedtls_mpi_uint secp384r1_T_17_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0x19, 0xCD, 0x12, 0x0B, 0x51, 0x4F, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x4B, 0x3D, 0x24, 0xA4, 0x16, 0x59, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xEB, 0xD3, 0x59, 0x2E, 0x75, 0x7C, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0xB9, 0xB4, 0xA5, 0xD9, 0x2E, 0x29, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x16, 0x05, 0x75, 0x02, 0xB3, 0x06, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x7C, 0x9F, 0x79, 0x91, 0xF1, 0x4F, 0x23), +}; +static const mbedtls_mpi_uint secp384r1_T_17_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x98, 0x7C, 0x84, 0xE1, 0xFF, 0x30, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0xE2, 0xC2, 0x5F, 0x55, 0x40, 0xBD, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x65, 0x87, 0x3F, 0xC4, 0xC2, 0x24, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0x30, 0x0A, 0x60, 0x15, 0xD1, 0x24, 0x48), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x99, 0xD9, 0xB6, 0xAE, 0xB1, 0xAF, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x80, 0xEE, 0xA2, 0x0F, 0x74, 0xB9, 0xF3), +}; +static const mbedtls_mpi_uint secp384r1_T_18_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0xE6, 0x0F, 0x37, 0xC1, 0x10, 0x99, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0xAD, 0x9D, 0x5D, 0x80, 0x01, 0xA6, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x0F, 0x10, 0x2A, 0x9D, 0x20, 0x38, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x60, 0xCB, 0xCE, 0x5A, 0xA0, 0xA7, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xCF, 0x14, 0xDF, 0xBF, 0xE5, 0x74, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x12, 0x1A, 0xDD, 0x59, 0x02, 0x5D, 0xC6), +}; +static const mbedtls_mpi_uint secp384r1_T_18_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0xC9, 0xF8, 0xF5, 0xB6, 0x13, 0x4D, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0x45, 0xB1, 0x93, 0xB3, 0xA2, 0x79, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xF6, 0xCF, 0xF7, 0xE6, 0x29, 0x9C, 0xCC), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x50, 0x65, 0x80, 0xBC, 0x59, 0x0A, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xF0, 0x24, 0x35, 0xA2, 0x46, 0xF0, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0x26, 0xC0, 0x9D, 0x61, 0x56, 0x62, 0x67), +}; +static const mbedtls_mpi_uint secp384r1_T_19_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xBB, 0xC2, 0x24, 0x43, 0x2E, 0x37, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0xF7, 0xCE, 0x35, 0xFC, 0x77, 0xF3, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0x34, 0x96, 0xD5, 0x4A, 0x76, 0x9D, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x3B, 0x0F, 0xEA, 0xA8, 0x12, 0x0B, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0x3F, 0x5D, 0x2D, 0x1C, 0xD4, 0x9E, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x2E, 0xDD, 0xC7, 0x6E, 0xAB, 0xAF, 0xDC), +}; +static const mbedtls_mpi_uint secp384r1_T_19_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0xB2, 0x7B, 0x0C, 0x9A, 0x83, 0x8E, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x51, 0x90, 0x92, 0x79, 0x32, 0x19, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x89, 0xF9, 0xD0, 0xCF, 0x2C, 0xA5, 0x8F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x50, 0x21, 0xDE, 0x50, 0x41, 0x9D, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x7D, 0x2B, 0x9E, 0x9D, 0x95, 0xA8, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xA5, 0x20, 0x87, 0x88, 0x97, 0x5F, 0xAA), +}; +static const mbedtls_mpi_uint secp384r1_T_20_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x59, 0xB4, 0x66, 0x7E, 0xE8, 0x5A, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x5C, 0x7E, 0xB2, 0xAD, 0xD9, 0xC9, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x97, 0x49, 0xA3, 0x13, 0x83, 0x07, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x26, 0xC7, 0x13, 0x35, 0x0D, 0xB0, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x60, 0xAB, 0xFA, 0x4B, 0x93, 0x18, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x2D, 0x1C, 0x31, 0x4C, 0xE4, 0x61, 0xAE), +}; +static const mbedtls_mpi_uint secp384r1_T_20_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0x4D, 0x1E, 0x51, 0x59, 0x6E, 0x91, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x54, 0x4D, 0x51, 0xED, 0x36, 0xCC, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0xA8, 0x56, 0xC7, 0x78, 0x27, 0x33, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xB7, 0x95, 0xC9, 0x8B, 0xC8, 0x6A, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0xE9, 0x13, 0x96, 0xB3, 0xE1, 0xF9, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x46, 0xB0, 0x5E, 0xC3, 0x94, 0x03, 0x05), +}; +static const mbedtls_mpi_uint secp384r1_T_21_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x5B, 0x29, 0x30, 0x41, 0x1A, 0x9E, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0xCA, 0x83, 0x31, 0x5B, 0xA7, 0xCB, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x41, 0x50, 0x44, 0x4D, 0x64, 0x31, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0x84, 0xC2, 0x5D, 0x97, 0xA5, 0x3C, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x0F, 0xA5, 0xFD, 0x8E, 0x5A, 0x47, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x58, 0x02, 0x2D, 0x40, 0xB1, 0x0B, 0xBA), +}; +static const mbedtls_mpi_uint secp384r1_T_21_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x33, 0x8C, 0x67, 0xCE, 0x23, 0x43, 0x99), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x53, 0x47, 0x72, 0x44, 0x1F, 0x5B, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xC1, 0xD9, 0xA4, 0x50, 0x88, 0x63, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0xF2, 0x75, 0x69, 0x73, 0x00, 0xC4, 0x31), + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x90, 0x1D, 0xDF, 0x1A, 0x00, 0xD8, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0xB1, 0x89, 0x48, 0xA8, 0x70, 0x62, 0xEF), +}; +static const mbedtls_mpi_uint secp384r1_T_22_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x8A, 0x55, 0x50, 0x7B, 0xEF, 0x8A, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0x1B, 0x23, 0x48, 0x23, 0x63, 0x91, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0x04, 0x54, 0x3C, 0x24, 0x9B, 0xC7, 0x9A), + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0x38, 0xC3, 0x84, 0xFB, 0xFF, 0x9F, 0x49), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0x2A, 0xE0, 0x6D, 0x68, 0x8A, 0x5C, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0x93, 0x53, 0x85, 0xA1, 0x0D, 0xAF, 0x63), +}; +static const mbedtls_mpi_uint secp384r1_T_22_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x88, 0x95, 0x4C, 0x0B, 0xD0, 0x06, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0xAF, 0x8D, 0x49, 0xA2, 0xC8, 0xB4, 0xE0), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0x76, 0x53, 0x09, 0x88, 0x43, 0x87, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0xA4, 0x77, 0x3F, 0x5E, 0x21, 0xB4, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0x9E, 0x86, 0x64, 0xCC, 0x91, 0xC1, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x17, 0x56, 0xCB, 0xC3, 0x7D, 0x5B, 0xB1), +}; +static const mbedtls_mpi_uint secp384r1_T_23_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x74, 0x9F, 0xB5, 0x91, 0x21, 0xB1, 0x1C), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xED, 0xE1, 0x11, 0xEF, 0x45, 0xAF, 0xC1), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x31, 0xBE, 0xB2, 0xBC, 0x72, 0x65, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0x4B, 0x8C, 0x77, 0xCE, 0x1E, 0x42, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xC9, 0xAA, 0xB9, 0xD9, 0x86, 0x99, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x23, 0x80, 0xC6, 0x4E, 0x35, 0x0B, 0x6D), +}; +static const mbedtls_mpi_uint secp384r1_T_23_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0xD8, 0xA2, 0x0A, 0x39, 0x32, 0x1D, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0xC8, 0x86, 0xF1, 0x12, 0x9A, 0x4A, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xF1, 0x7C, 0xAA, 0x70, 0x8E, 0xBC, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x01, 0x47, 0x8F, 0xDD, 0x8B, 0xA5, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x08, 0x21, 0xF4, 0xAB, 0xC7, 0xF5, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0x76, 0xA5, 0x95, 0xC4, 0x0F, 0x88, 0x1D), +}; +static const mbedtls_mpi_uint secp384r1_T_24_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x42, 0x2A, 0x52, 0xCD, 0x75, 0x51, 0x49), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0x36, 0xE5, 0x04, 0x2B, 0x44, 0xC6, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xEE, 0x16, 0x13, 0x07, 0x83, 0xB5, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0x59, 0xC6, 0xA2, 0x19, 0x05, 0xD3, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x8B, 0xA8, 0x16, 0x09, 0xB7, 0xEA, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0xEE, 0x14, 0xAF, 0xB5, 0xFD, 0xD0, 0xEF), +}; +static const mbedtls_mpi_uint secp384r1_T_24_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0x7C, 0xCA, 0x71, 0x3E, 0x6E, 0x66, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x31, 0x0E, 0x3F, 0xE5, 0x91, 0xC4, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x3D, 0xC2, 0x3E, 0x95, 0x37, 0x58, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x1F, 0x02, 0x03, 0xF3, 0xEF, 0xEE, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x5B, 0x1A, 0xFC, 0x38, 0xCD, 0xE8, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x57, 0x42, 0x85, 0xC6, 0x21, 0x68, 0x71), +}; +static const mbedtls_mpi_uint secp384r1_T_25_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xA2, 0x4A, 0x66, 0xB1, 0x0A, 0xE6, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x0C, 0x94, 0x9D, 0x5E, 0x99, 0xB2, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x03, 0x40, 0xCA, 0xB2, 0xB3, 0x30, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x78, 0x48, 0x27, 0x34, 0x1E, 0xE2, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x72, 0x5B, 0xAC, 0xC1, 0x6D, 0xE3, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0xAB, 0x46, 0xCB, 0xEA, 0x5E, 0x4B, 0x0B), +}; +static const mbedtls_mpi_uint secp384r1_T_25_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x08, 0xAD, 0x4E, 0x51, 0x9F, 0x2A, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x5C, 0x7D, 0x4C, 0xD6, 0xCF, 0xDD, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0x76, 0x26, 0xE0, 0x8B, 0x10, 0xD9, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0xA7, 0x23, 0x4E, 0x5F, 0xD2, 0x42, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0xE5, 0xA4, 0xEC, 0x77, 0x21, 0x34, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0x14, 0x65, 0xEA, 0x4A, 0x85, 0xC3, 0x2F), +}; +static const mbedtls_mpi_uint secp384r1_T_26_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0xD8, 0x40, 0x27, 0x73, 0x15, 0x7E, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xBB, 0x53, 0x7E, 0x0F, 0x40, 0xC8, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0x37, 0x19, 0x73, 0xEF, 0x5A, 0x5E, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0x73, 0x2B, 0x49, 0x7E, 0xAC, 0x97, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0xB2, 0xC3, 0x1E, 0x0E, 0xE7, 0xD2, 0x21), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x08, 0xD6, 0xDD, 0xAC, 0x21, 0xD6, 0x3E), +}; +static const mbedtls_mpi_uint secp384r1_T_26_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x26, 0xBE, 0x6D, 0x6D, 0xF2, 0x38, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x6C, 0x31, 0xA7, 0x49, 0x50, 0x3A, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0x99, 0xC6, 0xF5, 0xD2, 0xC2, 0x30, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xE4, 0xF6, 0x8B, 0x8B, 0x97, 0xE9, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x21, 0xB7, 0x0D, 0xFC, 0x15, 0x54, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x83, 0x1C, 0xA4, 0xCD, 0x6B, 0x9D, 0xF2), +}; +static const mbedtls_mpi_uint secp384r1_T_27_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xE8, 0x4C, 0x48, 0xE4, 0xAA, 0x69, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x7A, 0x27, 0xFC, 0x37, 0x96, 0x1A, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0xE7, 0x30, 0xA5, 0xCF, 0x13, 0x46, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0xD8, 0xAF, 0x74, 0x23, 0x4D, 0x56, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x3D, 0x44, 0x14, 0x1B, 0x97, 0x83, 0xF0), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x47, 0xD7, 0x5F, 0xFD, 0x98, 0x38, 0xF7), +}; +static const mbedtls_mpi_uint secp384r1_T_27_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0x73, 0x64, 0x36, 0xFD, 0x7B, 0xC1, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0x5D, 0x32, 0xD2, 0x47, 0x94, 0x89, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xE9, 0x30, 0xAC, 0x06, 0xC8, 0x65, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x6C, 0xB9, 0x1B, 0xF7, 0x61, 0x49, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0xFF, 0x32, 0x43, 0x80, 0xDA, 0xA6, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xF8, 0x04, 0x01, 0x95, 0x35, 0xCE, 0x21), +}; +static const mbedtls_mpi_uint secp384r1_T_28_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x06, 0x46, 0x0D, 0x51, 0xE2, 0xD8, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0x57, 0x1D, 0x6F, 0x79, 0xA0, 0xCD, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0xFB, 0x36, 0xCA, 0xAD, 0xF5, 0x9E, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x7A, 0x1D, 0x9E, 0x1D, 0x95, 0x48, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x26, 0xA5, 0xB7, 0x15, 0x2C, 0xC2, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x42, 0x72, 0xAA, 0x11, 0xDC, 0xC9, 0xB6), +}; +static const mbedtls_mpi_uint secp384r1_T_28_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x6C, 0x64, 0xA7, 0x62, 0x3C, 0xAB, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0x48, 0x6A, 0x44, 0xD8, 0x60, 0xC0, 0xA8, 0x80), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x76, 0x58, 0x12, 0x57, 0x3C, 0x89, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x4F, 0x83, 0xCE, 0xCB, 0xB8, 0xD0, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x84, 0x04, 0xB0, 0xAD, 0xEB, 0xFA, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xA4, 0xC3, 0x41, 0x44, 0x4E, 0x65, 0x3E), +}; +static const mbedtls_mpi_uint secp384r1_T_29_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x16, 0xA9, 0x1C, 0xE7, 0x65, 0x20, 0xC1), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x53, 0x32, 0xF8, 0xC0, 0xA6, 0xBD, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xF0, 0xE6, 0x57, 0x31, 0xCC, 0x26, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0xE3, 0x54, 0x1C, 0x34, 0xD3, 0x17, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xAE, 0xED, 0xFB, 0xCD, 0xE7, 0x1E, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x16, 0x1C, 0x34, 0x40, 0x00, 0x1F, 0xB6), +}; +static const mbedtls_mpi_uint secp384r1_T_29_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x32, 0x00, 0xC2, 0xD4, 0x3B, 0x1A, 0x09), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xE0, 0x99, 0x8F, 0x0C, 0x4A, 0x16, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x73, 0x18, 0x1B, 0xD4, 0x94, 0x29, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xA4, 0x2D, 0xB1, 0x9D, 0x74, 0x32, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0xF4, 0xB1, 0x0C, 0x37, 0x62, 0x8B, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xFF, 0xDA, 0xE2, 0x35, 0xA3, 0xB6, 0x42), +}; +static const mbedtls_mpi_uint secp384r1_T_30_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x49, 0x99, 0x65, 0xC5, 0xED, 0x16, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0x42, 0x9A, 0xF3, 0xA7, 0x4E, 0x6F, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x0A, 0x7E, 0xC0, 0xD7, 0x4E, 0x07, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x7A, 0x31, 0x69, 0xA6, 0xB9, 0x15, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0xE0, 0x72, 0xA4, 0x3F, 0xB9, 0xF8, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0x75, 0x32, 0x85, 0xA2, 0xDE, 0x37, 0x12), +}; +static const mbedtls_mpi_uint secp384r1_T_30_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xC0, 0x0D, 0xCF, 0x25, 0x41, 0xA4, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0xFC, 0xB2, 0x48, 0xC3, 0x85, 0x83, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0xBE, 0x0B, 0x58, 0x2D, 0x7A, 0x9A, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0xF3, 0x81, 0x18, 0x1B, 0x74, 0x4F, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0x43, 0xA3, 0x0A, 0x16, 0x8B, 0xA3, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x18, 0x81, 0x7B, 0x8D, 0xA2, 0x35, 0x77), +}; +static const mbedtls_mpi_uint secp384r1_T_31_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0xC4, 0x3F, 0x2C, 0xE7, 0x5F, 0x99, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x2B, 0xB7, 0xB6, 0xAD, 0x5A, 0x56, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x00, 0xA4, 0x48, 0xC8, 0xE8, 0xBA, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0xA1, 0xB5, 0x13, 0x5A, 0xCD, 0x99, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x95, 0xAD, 0xFC, 0xE2, 0x7E, 0xE7, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x6B, 0xD1, 0x34, 0x99, 0x53, 0x63, 0x0B), +}; +static const mbedtls_mpi_uint secp384r1_T_31_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x8A, 0x77, 0x5D, 0x2B, 0xAB, 0x01, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x85, 0xD0, 0xD5, 0x49, 0x83, 0x4D, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0xC6, 0x91, 0x30, 0x3B, 0x00, 0xAF, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0xAE, 0x61, 0x07, 0xE1, 0xB6, 0xE2, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0x43, 0x41, 0xFE, 0x9B, 0xB6, 0xF0, 0xA5), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x97, 0xAE, 0xAD, 0x89, 0x88, 0x9E, 0x41), +}; +static const mbedtls_ecp_point secp384r1_T[32] = { + ECP_POINT_INIT_XY_Z1(secp384r1_T_0_X, secp384r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_1_X, secp384r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_2_X, secp384r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_3_X, secp384r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_4_X, secp384r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_5_X, secp384r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_6_X, secp384r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_7_X, secp384r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_8_X, secp384r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_9_X, secp384r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_10_X, secp384r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_11_X, secp384r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_12_X, secp384r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_13_X, secp384r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_14_X, secp384r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_15_X, secp384r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_16_X, secp384r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_17_X, secp384r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_18_X, secp384r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_19_X, secp384r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_20_X, secp384r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_21_X, secp384r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_22_X, secp384r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_23_X, secp384r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_24_X, secp384r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_25_X, secp384r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_26_X, secp384r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_27_X, secp384r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_28_X, secp384r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_29_X, secp384r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_30_X, secp384r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(secp384r1_T_31_X, secp384r1_T_31_Y), +}; +#else +#define secp384r1_T NULL +#endif + +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +/* + * Domain parameters for secp521r1 + */ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +static const mbedtls_mpi_uint secp521r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01), +}; +static const mbedtls_mpi_uint secp521r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95), + MBEDTLS_BYTES_TO_T_UINT_2(0x51, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85), + MBEDTLS_BYTES_TO_T_UINT_2(0xC6, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39), + MBEDTLS_BYTES_TO_T_UINT_2(0x18, 0x01), +}; +static const mbedtls_mpi_uint secp521r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_2(0xFF, 0x01), +}; +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp521r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xB1, 0x2D, 0xEB, 0x27, 0x2F, 0xE8, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x4B, 0x44, 0x25, 0xDB, 0x5C, 0x5F, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x85, 0x28, 0x78, 0x2E, 0x75, 0x34, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x57, 0x0F, 0x73, 0x78, 0x7A, 0xE3, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xD8, 0xEC, 0xDC, 0xDA, 0x04, 0xAD, 0xAB), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x8A, 0x09, 0xF3, 0x58, 0x79, 0xD8, 0x29), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x03, 0xCB, 0x50, 0x1A, 0x7F, 0x56, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xA6, 0x78, 0x38, 0x85, 0x67, 0x0B, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0xD5, 0xD2, 0x22, 0xC4, 0x00, 0x3B, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x93, 0x0E, 0x7B, 0x85, 0x51, 0xC3, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xA6, 0x5F, 0x54, 0x49, 0x02, 0x81, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xE9, 0x6B, 0x3A, 0x92, 0xE7, 0x72, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x5F, 0x28, 0x9E, 0x91, 0x27, 0x88, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x28, 0x31, 0xB3, 0x84, 0xCA, 0x12, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xF9, 0xAC, 0x22, 0x10, 0x0A, 0x64, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0xC6, 0x33, 0x1F, 0x69, 0x19, 0x18, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x48, 0xB8, 0xC7, 0x37, 0x5A, 0x00, 0x36), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xCC, 0x32, 0xE0, 0xEE, 0x03, 0xC2, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0x29, 0xC2, 0xE4, 0x6E, 0x24, 0x20, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x6B, 0x7F, 0x7B, 0xF9, 0xB0, 0xB8, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x7B, 0x3C, 0xE1, 0x19, 0xA1, 0x23, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xE3, 0xC2, 0x53, 0xC0, 0x07, 0x13, 0xA9), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFE, 0x36, 0x35, 0x9F, 0x5E, 0x59, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x55, 0x89, 0x84, 0xBC, 0xEF, 0xA2, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x1A, 0x08, 0x67, 0xB4, 0xE7, 0x22, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0x26, 0xDF, 0x81, 0x3C, 0x5F, 0x1C, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x4D, 0xD0, 0x0A, 0x48, 0x06, 0xF4, 0x48), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x18, 0x39, 0xF7, 0xD1, 0x20, 0x77, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0x8F, 0x44, 0x13, 0xCB, 0x78, 0x11, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0xE2, 0x49, 0xEA, 0x43, 0x79, 0x08, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0xD1, 0xD8, 0x73, 0x2C, 0x71, 0x2F, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xE5, 0xE7, 0xF4, 0x46, 0xAB, 0x20, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0x0B, 0xB9, 0x71, 0x1A, 0x27, 0xB7, 0xA7), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xA2, 0x2C, 0xD1, 0xDA, 0xBC, 0xC1, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xA3, 0x10, 0x1F, 0x90, 0xF2, 0xA5, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0xFB, 0x20, 0xF4, 0xC0, 0x70, 0xC0, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x8F, 0xA7, 0x99, 0xF0, 0xA5, 0xD3, 0x09, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0xE8, 0x14, 0x39, 0xBE, 0xCB, 0x60, 0xAF), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0xD6, 0x14, 0xA9, 0xC9, 0x20, 0xC3, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xA8, 0x5B, 0xFD, 0x2D, 0x96, 0xBC, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x04, 0x45, 0xBE, 0xCE, 0x75, 0x95, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0xDA, 0x58, 0x49, 0x35, 0x09, 0x8D, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0xF0, 0xC0, 0x36, 0xF2, 0xA6, 0x2D, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xFC, 0x3D, 0xA8, 0xFB, 0x3C, 0xD2, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x4D, 0x71, 0x09, 0x18, 0x42, 0xF0, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xC1, 0xCE, 0x9E, 0x6A, 0x49, 0x60, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0xB1, 0x00, 0xF7, 0xA1, 0x7A, 0x31, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0xC3, 0x86, 0xCD, 0x20, 0x4A, 0x17, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0xAB, 0x8B, 0x47, 0x8D, 0xAA, 0xA6, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0x97, 0xF0, 0xBC, 0x2D, 0xDC, 0x9D, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x86, 0xB0, 0x74, 0xB2, 0xF4, 0xF6, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xBD, 0xAC, 0xE3, 0x8F, 0x43, 0x5C, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xC3, 0xE2, 0x6E, 0x25, 0x49, 0xCD, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x5E, 0x08, 0xB3, 0xB9, 0xAC, 0x5F, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0xB7, 0xD1, 0xF4, 0xDC, 0x19, 0xE9, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0xE4, 0xFA, 0xE1, 0x36, 0x3E, 0xED, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x67, 0x92, 0x84, 0x6E, 0x48, 0x03, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0x95, 0xEF, 0x8F, 0xB2, 0x82, 0x6B, 0x1C), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xFA, 0xB9, 0x55, 0x23, 0xFE, 0x09, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x79, 0x85, 0x4B, 0x0E, 0xD4, 0x35, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x27, 0x45, 0x81, 0xE0, 0x88, 0x52, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x63, 0xA2, 0x4B, 0xBC, 0x5D, 0xB1, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x8C, 0x83, 0xD9, 0x3E, 0xD3, 0x42, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x03, 0x3A, 0x31, 0xBA, 0xE9, 0x3A, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0x10, 0xCD, 0x2D, 0x00, 0xFE, 0x32, 0xA7), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x6E, 0x1F, 0xDA, 0xF8, 0x6F, 0x4D, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x79, 0x7D, 0x09, 0xE5, 0xD3, 0x03, 0x21), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0xC3, 0xBE, 0xDF, 0x07, 0x65, 0x49, 0xCC), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x57, 0x33, 0xEF, 0xAE, 0x4F, 0x04, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0xE9, 0x9B, 0xFE, 0xBF, 0xE6, 0x85, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0xBA, 0xAA, 0x06, 0xC4, 0xC6, 0xB8, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x83, 0x01, 0xA9, 0xF6, 0x51, 0xE7, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xA6, 0x15, 0x8E, 0xAB, 0x1F, 0x10, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x08, 0x27, 0x1A, 0xA1, 0x21, 0xAD, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x09, 0x90, 0x6E, 0x50, 0x90, 0x9A, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x9A, 0xFE, 0xD7, 0xA1, 0xF5, 0xA2, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x7D, 0xE3, 0xDC, 0x21, 0xFB, 0xA4, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xBF, 0x07, 0xFF, 0x45, 0xDF, 0x51, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x5C, 0x34, 0x02, 0x62, 0x9B, 0x08, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0xCE, 0x9A, 0x6A, 0xEC, 0x75, 0xF6, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x59, 0xF4, 0x78, 0x3C, 0x60, 0xB1, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x37, 0x84, 0x6A, 0xDC, 0xF2, 0x9A, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x9A, 0x9A, 0x15, 0x36, 0xE0, 0x2B, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x38, 0x9C, 0x50, 0x3D, 0x1E, 0x37, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x79, 0xF0, 0x92, 0xF2, 0x8B, 0x18, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xE0, 0x82, 0x1E, 0x80, 0x82, 0x4B, 0xD7), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xBB, 0x59, 0x6B, 0x8A, 0x77, 0x41, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0xF9, 0xD4, 0xB8, 0x4A, 0x82, 0xCF, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x8C, 0xC8, 0x9B, 0x72, 0x9E, 0xF7, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0xCE, 0xE9, 0x77, 0x0A, 0x19, 0x59, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xA1, 0x41, 0x6A, 0x72, 0x4B, 0xB4, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x35, 0x43, 0xE2, 0x8C, 0xBE, 0x0D, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0xEB, 0xAD, 0xF3, 0xA9, 0xA6, 0x68, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x2F, 0xE2, 0x48, 0x0C, 0xDB, 0x1F, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x1E, 0x60, 0x9B, 0x2A, 0xD2, 0xC1, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0x64, 0xB5, 0xD2, 0xF6, 0xF6, 0x6E, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x3D, 0x30, 0x78, 0x10, 0x18, 0x41, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x1D, 0x1C, 0xE0, 0x6D, 0x83, 0xD1, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x03, 0x0B, 0xF5, 0x2F, 0x6C, 0x04, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x3E, 0xD5, 0xFC, 0x31, 0x5B, 0x3A, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x82, 0x2F, 0xFB, 0xFE, 0xF8, 0x76, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0x26, 0xDA, 0x9C, 0x36, 0xF5, 0x93, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0x4C, 0xE7, 0x6E, 0xD2, 0x7D, 0x81, 0x09, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x03, 0xF9, 0x58, 0x48, 0x24, 0xA2, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x79, 0x0C, 0x8E, 0x6B, 0x95, 0xF3, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0x10, 0x5C, 0x87, 0x03, 0x39, 0xCF, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0xF0, 0xF7, 0xC1, 0x07, 0xA4, 0xF4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0xE8, 0x02, 0x89, 0x65, 0xC4, 0x72, 0x36), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x88, 0xEA, 0x96, 0x67, 0x0B, 0x5D, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x75, 0x60, 0xA8, 0xBD, 0x74, 0xDF, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x6E, 0xE5, 0x71, 0x50, 0x67, 0xD0, 0xD2, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xFC, 0xE5, 0xC7, 0x77, 0xB0, 0x7F, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x86, 0x69, 0xCD, 0x0D, 0x9A, 0xBD, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x17, 0xBC, 0xBB, 0x59, 0x85, 0x7D, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xA8, 0x76, 0xAC, 0x80, 0xA9, 0x72, 0xE0), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x78, 0xC1, 0xE2, 0x4D, 0xAF, 0xF9, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x97, 0x8E, 0x74, 0xC4, 0x4B, 0xB2, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xD8, 0xF6, 0xF3, 0xAF, 0x2F, 0x52, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0x57, 0xF4, 0xCE, 0xEE, 0x43, 0xED, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x46, 0x38, 0xDE, 0x20, 0xFD, 0x59, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x18, 0xE8, 0x58, 0xB9, 0x76, 0x2C, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0x54, 0xE4, 0xFE, 0xC7, 0xBC, 0x31, 0x37), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xF8, 0x89, 0xEE, 0x70, 0xB5, 0xB0, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x22, 0x26, 0x9A, 0x53, 0xB9, 0x38, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xA7, 0x19, 0x8C, 0x74, 0x7E, 0x88, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xDA, 0x0A, 0xE8, 0xDA, 0xA5, 0xBE, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0x5C, 0xF7, 0xB1, 0x0C, 0x72, 0xFB, 0x09), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0xE2, 0x23, 0xE7, 0x46, 0xB7, 0xE0, 0x91), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x36, 0xBC, 0xBD, 0x48, 0x11, 0x8E, 0x72), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0xBB, 0xA1, 0xF7, 0x0B, 0x9E, 0xBF, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x28, 0xE1, 0xA2, 0x8F, 0xFC, 0xFC, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0xFE, 0x19, 0x0A, 0xE5, 0xE7, 0x69, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0xCD, 0x12, 0xF5, 0xBE, 0xD3, 0x04, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xA8, 0x0D, 0x81, 0x59, 0xC4, 0x79, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0xF3, 0x4B, 0x92, 0x65, 0xC3, 0x31, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0xB5, 0x4F, 0x4D, 0x91, 0xD4, 0xE2, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x09, 0x41, 0x79, 0x1D, 0x4D, 0x0D, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x31, 0x18, 0xBA, 0xA0, 0xF2, 0x6E, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x5B, 0x4D, 0x4F, 0xAF, 0xC9, 0x8C, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x48, 0x99, 0x9C, 0x06, 0x68, 0xDE, 0xD8, 0x29), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x04, 0xE1, 0xB5, 0x9D, 0x00, 0xBC, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x95, 0x92, 0x8D, 0x72, 0xD3, 0x37, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x4B, 0x27, 0xA2, 0xE8, 0xA4, 0x26, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x45, 0x9C, 0xA9, 0xCB, 0x9F, 0xBA, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x7E, 0x1B, 0x64, 0xF4, 0xE8, 0xA5, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0x20, 0xA9, 0xCA, 0xF3, 0x89, 0xE5, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0xED, 0xFC, 0xAB, 0xD9, 0x0A, 0xB9, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x6F, 0x46, 0x7C, 0xCD, 0x78, 0xFF, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0xAB, 0x71, 0x5A, 0x94, 0xAB, 0x20, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x2E, 0xEE, 0x87, 0x57, 0x1F, 0xAD, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x4C, 0x3D, 0xFB, 0x7E, 0xA1, 0x8B, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0xCF, 0x07, 0x86, 0xBA, 0x53, 0x37, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x26, 0xB2, 0xB9, 0xE2, 0x91, 0xE3, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0xC9, 0x54, 0x84, 0x08, 0x3D, 0x0B, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xA8, 0x77, 0x2F, 0x64, 0x45, 0x99, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x96, 0x16, 0x1F, 0xDB, 0x96, 0x28, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x2B, 0x8D, 0xFF, 0xA2, 0x4F, 0x55, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0xE6, 0x48, 0xBD, 0x99, 0x3D, 0x12, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x84, 0x59, 0xDA, 0xB9, 0xB6, 0x66, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x78, 0x41, 0x92, 0xDF, 0xF4, 0x3F, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x86, 0x6F, 0x4F, 0xBF, 0x67, 0xDF, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x2B, 0x1E, 0x5F, 0x00, 0xEA, 0xF6, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0xB9, 0x6A, 0x89, 0xD8, 0xC0, 0xD7, 0xA7), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x9A, 0x32, 0x23, 0xA0, 0x02, 0x91, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x7F, 0x6A, 0x15, 0x64, 0x6A, 0x8B, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x57, 0x82, 0x58, 0xA9, 0x56, 0xB5, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x50, 0x92, 0x60, 0xCC, 0x81, 0x24, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0x3D, 0xAD, 0xDA, 0xD9, 0x51, 0x3E, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0xFE, 0x8F, 0xB0, 0x0B, 0xDE, 0x2E, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0xD2, 0xBE, 0xEF, 0xAC, 0x76, 0x71, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0xE8, 0x72, 0x0B, 0xAC, 0xFE, 0xCA, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x5B, 0xC7, 0xFC, 0xE3, 0x3C, 0x7C, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x04, 0xA7, 0xB9, 0x9B, 0x93, 0xC0, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x48, 0x4B, 0x8E, 0x32, 0xC5, 0xF0, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x42, 0x07, 0xC1, 0xF2, 0xF1, 0x72, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x37, 0x54, 0x9C, 0x88, 0xD2, 0x62, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x19, 0x8A, 0x89, 0x58, 0xA2, 0x0F, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0xCC, 0x4C, 0x97, 0x30, 0x66, 0x34, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x6A, 0x1E, 0x1F, 0xDB, 0xC9, 0x5E, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x4D, 0x49, 0xFF, 0x9B, 0x9C, 0xAC, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0xE4, 0x4B, 0xF2, 0xD4, 0x1A, 0xD2, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xDA, 0xE8, 0x61, 0x9F, 0xC8, 0x49, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xCB, 0xF2, 0x2D, 0x85, 0xF6, 0x8D, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xC5, 0xCD, 0x2C, 0x79, 0xC6, 0x0E, 0x4F), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x1D, 0x55, 0x0F, 0xF8, 0x22, 0x9F, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0x56, 0xBA, 0xE7, 0x57, 0x32, 0xEC, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x9A, 0xC6, 0x4C, 0x09, 0xC4, 0x52, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x1E, 0x6F, 0xF4, 0x7D, 0x27, 0xDD, 0xAF), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x11, 0x16, 0xEC, 0x79, 0x83, 0xAD, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x4E, 0x92, 0x1F, 0x19, 0x7D, 0x65, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0xFF, 0x78, 0x15, 0x45, 0x63, 0x32, 0xE4), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x91, 0xD0, 0x78, 0x58, 0xDA, 0x50, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0xDE, 0x40, 0xF6, 0x41, 0xB4, 0x3B, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x8D, 0xE0, 0xE1, 0xA9, 0xF0, 0x35, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xD4, 0xBA, 0x7B, 0xCC, 0x1B, 0x3A, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x5A, 0x2E, 0x74, 0x47, 0x14, 0xC3, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0xF0, 0x8B, 0x06, 0x15, 0x8E, 0x0E, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0xD2, 0xEB, 0x97, 0x50, 0x7D, 0x31, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x93, 0x4C, 0xDB, 0x97, 0x79, 0x44, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0xA2, 0xA0, 0x0B, 0xC8, 0x3A, 0x8A, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0x50, 0x92, 0x9E, 0x24, 0x1F, 0xCB, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x16, 0xC9, 0xC5, 0x3D, 0x5A, 0xAF, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0xE3, 0x97, 0xE4, 0xA8, 0x50, 0xF6, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x57, 0x97, 0x42, 0x78, 0x92, 0x49, 0x0D), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0xEB, 0x62, 0x24, 0xFB, 0x8F, 0x32, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x0C, 0x36, 0x6E, 0x8F, 0xE8, 0xE8, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0xD3, 0x7C, 0xC7, 0x8D, 0x3F, 0x5C, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x64, 0x6A, 0x73, 0x10, 0x79, 0xB8, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xF9, 0xEF, 0xA5, 0x20, 0x4A, 0x5C, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xF3, 0xF4, 0x49, 0x5B, 0x73, 0xAA, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0xF2, 0xEA, 0x0F, 0x00, 0xAD, 0x53, 0xAB), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0xB8, 0x66, 0xED, 0xC4, 0x2B, 0x4C, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x2F, 0xC1, 0x9A, 0x37, 0xD2, 0x7F, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xA7, 0x81, 0x38, 0x64, 0xC9, 0x37, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x3B, 0x6C, 0x9F, 0x5B, 0xD9, 0x8B, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x14, 0xD9, 0x08, 0xD8, 0xD2, 0x7E, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x71, 0xE6, 0x3D, 0xD1, 0xB0, 0xE7, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x81, 0x23, 0xEC, 0x2D, 0x42, 0x45, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x5B, 0x44, 0x6B, 0x89, 0x03, 0x67, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x27, 0xAE, 0x80, 0x5A, 0x33, 0xBE, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0xB6, 0x64, 0x1A, 0xDF, 0xD3, 0x85, 0x91), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x8C, 0x22, 0xBA, 0xD0, 0xBD, 0xCC, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0x3C, 0x01, 0x3A, 0xFF, 0x9D, 0xC7, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0xC7, 0x64, 0xB4, 0x59, 0x4E, 0x9F, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x34, 0x0A, 0x41, 0x94, 0xA8, 0xF2, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xD4, 0xE4, 0xF0, 0x97, 0x45, 0x6D, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x8F, 0x1F, 0x4D, 0x6D, 0xFE, 0xA0, 0xC4, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x28, 0x5C, 0x40, 0xBB, 0x65, 0xD4, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0xA8, 0x87, 0x35, 0x20, 0x3A, 0x89, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xFD, 0x4F, 0xAB, 0x2D, 0xD1, 0xD0, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0xE8, 0x00, 0xFC, 0x69, 0x52, 0xF8, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x9A, 0x99, 0xE1, 0xDC, 0x9C, 0x3F, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x08, 0x98, 0xD9, 0xCA, 0x73, 0xD5, 0xA9), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x2C, 0xE0, 0xA7, 0x3E, 0x91, 0xD7, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x04, 0xB0, 0x54, 0x09, 0xF4, 0x72, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0xEE, 0x28, 0xCC, 0xE8, 0x50, 0x78, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0x91, 0x03, 0x76, 0xDB, 0x68, 0x24, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xE0, 0x56, 0xB2, 0x5D, 0x12, 0xD3, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0x42, 0x59, 0x8B, 0xDF, 0x67, 0xB5, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0xCC, 0xE5, 0x31, 0x53, 0x7A, 0x46, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_16_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x8D, 0x59, 0xB5, 0x1B, 0x0F, 0xF4, 0xAF), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x2F, 0xD1, 0x2C, 0xE0, 0xD8, 0x04, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xF4, 0xD7, 0xBA, 0xB0, 0xA3, 0x7E, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x08, 0x51, 0x56, 0xA6, 0x76, 0x67, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0x17, 0x63, 0xFE, 0x56, 0xD0, 0xD9, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0xF6, 0xC3, 0x14, 0x47, 0xC5, 0xA7, 0x31), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x4C, 0x80, 0xF6, 0xA2, 0x57, 0xA7, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xB3, 0x7B, 0xF8, 0x2F, 0xE1, 0x3E, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_16_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0xF4, 0xF9, 0x6B, 0x7B, 0x90, 0xDF, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x82, 0xEF, 0x62, 0xA1, 0x4C, 0x53, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x99, 0x76, 0x01, 0xBA, 0x8D, 0x0F, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xF4, 0x58, 0x73, 0x56, 0xFE, 0xDD, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xCE, 0xF9, 0xE8, 0xA1, 0x34, 0xC3, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x5F, 0xDC, 0x6A, 0x3D, 0xD8, 0x7F, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0xF4, 0x51, 0xB8, 0xB8, 0xC1, 0xD7, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x7D, 0x58, 0xD1, 0xD4, 0x1B, 0x4D, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_17_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x95, 0xDF, 0x00, 0xD8, 0x21, 0xDE, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0x47, 0x3C, 0xC3, 0xB2, 0x01, 0x53, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x17, 0x43, 0x23, 0xBD, 0xCA, 0x71, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0xBA, 0x0F, 0x4F, 0xDC, 0x41, 0x54, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x39, 0x26, 0x70, 0x53, 0x32, 0x18, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x46, 0x07, 0x97, 0x3A, 0x57, 0xE0, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x92, 0x4F, 0xCE, 0xDF, 0x25, 0x80, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x6F, 0x9A, 0x03, 0x05, 0x4B, 0xD1, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_17_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0x01, 0x72, 0x30, 0x90, 0x17, 0x51, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xFB, 0x41, 0x65, 0x5C, 0xB4, 0x2D, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xCD, 0xCD, 0xAA, 0x41, 0xCC, 0xBB, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0xCE, 0x08, 0x0A, 0x63, 0xE9, 0xA2, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xA8, 0x21, 0x7F, 0x7A, 0x5B, 0x9B, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x6B, 0x89, 0x44, 0x0A, 0x7F, 0x85, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0xDE, 0x7C, 0x19, 0x5C, 0x65, 0x26, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0xAC, 0x62, 0x29, 0x4A, 0xF1, 0xD0, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_18_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x00, 0x40, 0x87, 0xEB, 0xA9, 0x58, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0x51, 0x0B, 0xFF, 0x56, 0x35, 0x51, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0xAC, 0x08, 0x94, 0x71, 0xDA, 0xEC, 0x99), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x4D, 0xC5, 0x7B, 0x31, 0x8B, 0x8D, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x05, 0xF1, 0x3E, 0x9E, 0x8F, 0x17, 0x8F), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x9C, 0x4B, 0x62, 0x94, 0xAD, 0x49, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xC9, 0xC6, 0x8F, 0xFD, 0x33, 0x44, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x96, 0x17, 0x7F, 0x42, 0xBE, 0xF7, 0x0D), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_18_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0x29, 0x39, 0x13, 0x08, 0x8D, 0x91, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x79, 0xF9, 0x2F, 0xA9, 0x0A, 0xCF, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x87, 0x7A, 0xA3, 0x19, 0xAB, 0x55, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x0B, 0x01, 0xC5, 0x56, 0x19, 0x9D, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0xDE, 0x82, 0x3B, 0xEA, 0xD3, 0x0B, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x6B, 0xC7, 0xF3, 0x0F, 0x82, 0x87, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0x2E, 0x23, 0xF2, 0x39, 0x9D, 0x49, 0x70), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0xDE, 0xAF, 0x7A, 0xEE, 0xB0, 0xDA, 0x70), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_19_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0x4E, 0x2A, 0x50, 0xFD, 0x8E, 0xC0, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0x0F, 0x7C, 0x76, 0x63, 0xD8, 0x89, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x2D, 0xB9, 0x4E, 0xF4, 0xEE, 0x85, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x95, 0x5C, 0x96, 0x5D, 0xAA, 0x59, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0xDB, 0xD2, 0x68, 0x8E, 0x5A, 0x94, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x02, 0xBF, 0x77, 0x9F, 0xB9, 0x4C, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0xDC, 0xC0, 0xCF, 0x81, 0x1E, 0xC4, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0xCC, 0x37, 0x86, 0xDC, 0xE2, 0x64, 0x72), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_19_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x30, 0xB1, 0x59, 0x20, 0x9D, 0x98, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x0C, 0x9D, 0xF8, 0x20, 0xDC, 0x90, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xA0, 0xF4, 0xE7, 0x3E, 0x9C, 0x9E, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x25, 0xA2, 0xB0, 0x54, 0xCD, 0x2E, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xD9, 0x42, 0xB0, 0x80, 0xB0, 0xA3, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0xFE, 0x9D, 0x8D, 0x40, 0xFF, 0x27, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x9D, 0xA6, 0x88, 0x3A, 0x8B, 0x6F, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x39, 0xEE, 0x1F, 0x3F, 0xB1, 0x4F, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_20_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xD7, 0x9E, 0xFF, 0xD2, 0x35, 0x67, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x4F, 0x15, 0x5D, 0xE3, 0xE8, 0x53, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0xF7, 0x24, 0x98, 0xA2, 0xCB, 0x11, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x2E, 0x25, 0xE1, 0x94, 0xC5, 0xA3, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x82, 0x6E, 0xBA, 0xE7, 0x43, 0x25, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0x65, 0xB4, 0x49, 0x73, 0x18, 0x35, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0x5B, 0xBC, 0x62, 0x86, 0x4C, 0xC1, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0xF2, 0x95, 0xA2, 0xBB, 0xA2, 0x35, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_20_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x59, 0x62, 0xB0, 0x4B, 0x1E, 0xB4, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0x55, 0xCE, 0xB0, 0x69, 0xBA, 0x63, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x6E, 0x69, 0x86, 0xDB, 0x34, 0x7D, 0x68, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x06, 0xCA, 0x55, 0x44, 0x36, 0x2B, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0xD4, 0xC4, 0x3D, 0xCD, 0x9E, 0x69, 0xA4), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x44, 0xE4, 0xBF, 0x31, 0xE6, 0x40, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x4F, 0xFA, 0x75, 0xE3, 0xFB, 0x97, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0xC0, 0xBD, 0x1C, 0x48, 0xB0, 0x26, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0xD2, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_21_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x7B, 0x32, 0xFA, 0xF2, 0x6D, 0x84, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x21, 0x03, 0x1D, 0x0D, 0x22, 0x55, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0xF9, 0x42, 0x03, 0x9C, 0xC2, 0xCB, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0xA1, 0x96, 0xD9, 0x9D, 0x11, 0x6F, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x40, 0x57, 0xEB, 0x40, 0x2D, 0xC0, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0x96, 0xBB, 0x4F, 0x2F, 0x23, 0xA8, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x29, 0x85, 0x21, 0xA5, 0x50, 0x62, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x7D, 0x92, 0xCF, 0x87, 0x0C, 0x22, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_21_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x0E, 0xA5, 0x32, 0x5B, 0xDF, 0x9C, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x96, 0x37, 0x2C, 0x88, 0x35, 0x30, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xB4, 0x69, 0xFF, 0xEB, 0xC6, 0x94, 0x08), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x55, 0x60, 0xAD, 0xAA, 0x58, 0x14, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0xFF, 0xF2, 0xB2, 0xD5, 0xA7, 0xD9, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0xAE, 0x54, 0xD2, 0x60, 0x31, 0xF3, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x92, 0x83, 0xE3, 0xF1, 0x42, 0x83, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0xD2, 0xC8, 0xB7, 0x76, 0x45, 0x7F, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_22_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x11, 0xA4, 0xFB, 0x7A, 0x01, 0xBC, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x27, 0x73, 0x8D, 0x02, 0x91, 0x27, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x62, 0xF6, 0xDD, 0x6B, 0xFA, 0x5B, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0xCA, 0xA2, 0x44, 0x2C, 0xF0, 0x28, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0xF1, 0x7A, 0xA2, 0x42, 0x4C, 0x50, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0x83, 0x3E, 0x50, 0xAB, 0x9C, 0xF7, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0xED, 0x78, 0xCB, 0x76, 0x69, 0xDA, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x01, 0x1E, 0x43, 0x27, 0x47, 0x6E, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_22_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x4F, 0x54, 0xB9, 0x3E, 0xBD, 0xD5, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x35, 0x40, 0x69, 0x7F, 0x74, 0x9D, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x06, 0x6F, 0x67, 0x68, 0x2B, 0x4D, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x65, 0x41, 0xFC, 0x7C, 0x1E, 0xE8, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x79, 0x37, 0xAF, 0xFD, 0xD2, 0xDA, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0xA8, 0x69, 0x56, 0x62, 0xA4, 0xE4, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x71, 0x73, 0x21, 0x8A, 0x17, 0x81, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0x55, 0x8F, 0x7B, 0xB8, 0xAF, 0xF7, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_23_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0xD1, 0xBD, 0xBE, 0x8C, 0xBC, 0x60, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0xA6, 0x57, 0x8C, 0xAE, 0x5C, 0x19, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0x43, 0xE4, 0xD9, 0xD8, 0x7B, 0xE7, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0xB9, 0xE4, 0x85, 0x7C, 0x2E, 0xFC, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x2E, 0x01, 0x2A, 0x6D, 0x56, 0xBE, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x0C, 0x25, 0x9B, 0xAE, 0x86, 0x37, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x22, 0xB3, 0xCB, 0x99, 0x66, 0xB7, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0xF7, 0x90, 0xF0, 0x1B, 0x09, 0x27, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_23_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x16, 0x08, 0xEF, 0x39, 0x64, 0x49, 0x31), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0xA0, 0xE3, 0x97, 0xA9, 0x07, 0x54, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xFF, 0xE2, 0x00, 0x07, 0x21, 0x88, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0xFD, 0x59, 0x53, 0x05, 0x6C, 0x42, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0x8F, 0xF7, 0x39, 0x5C, 0x82, 0x36, 0xE8, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x2E, 0x83, 0xA8, 0xE2, 0xA8, 0x43, 0x07, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xAF, 0x2B, 0x79, 0xED, 0xD8, 0x39, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x20, 0x91, 0x7A, 0xC4, 0x07, 0xEF, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_24_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x10, 0x2F, 0xAA, 0x0C, 0x94, 0x0E, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x81, 0x87, 0x41, 0x23, 0xEB, 0x55, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x53, 0xCC, 0x79, 0xB6, 0xEB, 0x6C, 0xCC), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0x77, 0x73, 0x9D, 0xFC, 0x64, 0x6F, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0x40, 0xE3, 0x6D, 0x1C, 0x16, 0x71, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0xF4, 0x1B, 0xFF, 0x1C, 0x2F, 0xA5, 0xD7), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x0E, 0x0B, 0x11, 0xF4, 0x8D, 0x93, 0xAF), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0xC5, 0x64, 0x6F, 0x24, 0x19, 0xF2, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_24_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xB3, 0xAF, 0xA5, 0x0E, 0x4F, 0x5E, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0x77, 0xCA, 0xF2, 0x6D, 0xC5, 0xF6, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0x18, 0x8E, 0x33, 0x68, 0x6C, 0xE8, 0xE0), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x8B, 0x80, 0x90, 0x19, 0x7F, 0x90, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x80, 0x6B, 0x68, 0xE2, 0x7D, 0xD4, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xC1, 0x67, 0xB3, 0x72, 0xCB, 0xBF, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0xD5, 0xD3, 0x1D, 0x14, 0x58, 0x0A, 0x80), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0x7A, 0x65, 0x98, 0xB3, 0x07, 0x4B, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_25_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x87, 0x0F, 0x5F, 0xCF, 0xA2, 0x01, 0x08), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0xC9, 0xC8, 0x6E, 0x35, 0x87, 0xA5, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x3E, 0x91, 0xA0, 0xAB, 0x24, 0x1E, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xBC, 0x02, 0x35, 0x70, 0xC1, 0x5F, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x59, 0xA0, 0x50, 0x04, 0x80, 0x52, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x56, 0x6E, 0x42, 0x8F, 0x8C, 0x91, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xA2, 0xCB, 0xA5, 0xDE, 0x14, 0x24, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0xCB, 0x74, 0x28, 0xE6, 0xA7, 0xE7, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_25_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0x73, 0xA8, 0x8F, 0x9E, 0x0E, 0x63, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x1B, 0x77, 0xC7, 0xC1, 0x38, 0xF9, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0x3C, 0xCF, 0xA8, 0x7A, 0xD7, 0xF3, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x5F, 0x9A, 0xC9, 0xAD, 0xE9, 0x1A, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0xCF, 0x2B, 0x5E, 0xD5, 0x81, 0x95, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x88, 0x75, 0x29, 0x1F, 0xC7, 0xC7, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xA9, 0x5A, 0x4D, 0x63, 0x95, 0xF9, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xCD, 0x04, 0x8F, 0xCD, 0x91, 0xDE, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_26_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0xD4, 0xFD, 0x25, 0x11, 0x99, 0x6E, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x83, 0x01, 0x3D, 0xFB, 0x56, 0xA5, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x3A, 0xDC, 0x74, 0xC2, 0xD7, 0xCF, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x8F, 0xBD, 0xF1, 0xDD, 0xA3, 0x07, 0x03, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0xBE, 0xE9, 0x2E, 0x58, 0x84, 0x66, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x20, 0x78, 0x37, 0x79, 0x0B, 0xA6, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0xF2, 0xAC, 0x65, 0xC8, 0xC9, 0x2F, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x93, 0xE5, 0x0D, 0x0C, 0xC6, 0xB8, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_26_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0xAD, 0x5C, 0x19, 0x12, 0x61, 0x0E, 0x25), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0x4F, 0x0B, 0x1F, 0x49, 0x7E, 0xCD, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x2E, 0x30, 0x61, 0xDB, 0x08, 0x68, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x78, 0xAF, 0xB3, 0x08, 0xC1, 0x69, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0x5F, 0x5D, 0xC1, 0x57, 0x6F, 0xD8, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0xD3, 0x6A, 0xF7, 0xFD, 0x86, 0xE5, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x63, 0xBD, 0x70, 0x7B, 0x47, 0xE8, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0x62, 0xC8, 0x7E, 0x9D, 0x11, 0x2B, 0xA5), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_27_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0x84, 0xFD, 0xD5, 0x9A, 0x56, 0x7F, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0xBB, 0xA4, 0x6F, 0x12, 0x6E, 0x4D, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x08, 0xA1, 0x82, 0x9C, 0x62, 0x74, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0x58, 0x22, 0x05, 0x1D, 0x15, 0x35, 0x79), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x88, 0xCF, 0x5C, 0x05, 0x78, 0xFB, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x6B, 0x2F, 0x79, 0x09, 0x73, 0x67, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xA0, 0x80, 0xD8, 0xE8, 0xEC, 0xFB, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xE7, 0x0B, 0xB7, 0x81, 0x48, 0x7B, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_27_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x53, 0xA9, 0xED, 0x61, 0x92, 0xD7, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x49, 0xD9, 0x5D, 0x9B, 0x4E, 0x89, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x12, 0xEB, 0x9A, 0xC9, 0xCB, 0xC1, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0xDC, 0x95, 0x16, 0xFE, 0x29, 0x70, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x33, 0xB1, 0xD6, 0x78, 0xB9, 0xE2, 0x36), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xCE, 0x88, 0xC3, 0xFD, 0x7A, 0x6B, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x1E, 0x50, 0x1E, 0xAF, 0xB1, 0x25, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0xE7, 0xD7, 0xD5, 0xBD, 0x7A, 0x12, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_28_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xAA, 0xA2, 0x80, 0x5D, 0x8F, 0xCD, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0x48, 0x39, 0x79, 0x64, 0xA1, 0x67, 0x3C, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xC7, 0x49, 0xFF, 0x7F, 0xAC, 0xAB, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x54, 0x3E, 0x83, 0xF0, 0x3D, 0xBC, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x92, 0x4A, 0x38, 0x42, 0x8A, 0xAB, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x0B, 0x4F, 0xEE, 0x9E, 0x92, 0xA5, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0xDD, 0x19, 0x96, 0xF2, 0xF0, 0x6B, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0xFC, 0xDD, 0xB2, 0x8A, 0xE5, 0x4C, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_28_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x06, 0x49, 0xAC, 0x99, 0x7E, 0xF8, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0xC8, 0x01, 0x51, 0xEA, 0xF6, 0x52, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x89, 0x66, 0x2B, 0x1F, 0x9B, 0x2A, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x0F, 0x95, 0x07, 0x2B, 0x6C, 0x6E, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0xC3, 0xB4, 0xBB, 0x91, 0x1F, 0xA3, 0x72), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x6E, 0x54, 0x28, 0x7B, 0x9C, 0x79, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0x45, 0xFF, 0xA6, 0xDA, 0xA2, 0x83, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xDE, 0x8F, 0x17, 0x37, 0x82, 0xCB, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_29_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0x94, 0x3F, 0x26, 0xC9, 0x1D, 0xD9, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x97, 0x28, 0x20, 0xCD, 0xC1, 0xF3, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0xC9, 0xB5, 0x60, 0x9B, 0x1E, 0xDC, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0xB9, 0x5B, 0x7D, 0xA0, 0xB2, 0x8C, 0xF0), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0xD1, 0x42, 0xE6, 0x39, 0x33, 0x6D, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xC0, 0xFC, 0xD2, 0x14, 0x5D, 0x3E, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0x4A, 0x3E, 0x40, 0x16, 0x93, 0x15, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x24, 0xC1, 0x27, 0x27, 0xE5, 0x4B, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_29_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x50, 0xD8, 0xBC, 0xC1, 0x46, 0x22, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x0E, 0x60, 0xA1, 0xB3, 0x50, 0xD4, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0xB1, 0x26, 0xB6, 0x6D, 0x47, 0x5A, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0xAC, 0x11, 0x35, 0x3E, 0xB9, 0xF4, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x97, 0xFA, 0xBB, 0x6B, 0x39, 0x13, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x7B, 0x34, 0x12, 0x75, 0x8E, 0x9B, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x9E, 0xCD, 0x29, 0xB6, 0xEF, 0x8D, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0xAC, 0xE9, 0x25, 0x27, 0xBB, 0x78, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_30_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x7A, 0xA8, 0xD3, 0xE3, 0x66, 0xE5, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0x4C, 0xC4, 0x2C, 0x76, 0x81, 0x50, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x71, 0x08, 0xB8, 0x52, 0x7C, 0xAF, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x59, 0x24, 0xDD, 0xFB, 0x2F, 0xD0, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xCD, 0x56, 0xE9, 0xAC, 0x91, 0xE6, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0x64, 0x20, 0xC6, 0x9F, 0xE4, 0xEF, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x2C, 0x8F, 0x8C, 0x97, 0xF6, 0x22, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xF4, 0x88, 0xAA, 0xA8, 0xD7, 0xA5, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_30_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x6C, 0xAE, 0x83, 0xB1, 0x55, 0x55, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x67, 0x84, 0x47, 0x7C, 0x83, 0x5C, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x10, 0x4D, 0xDD, 0x30, 0x60, 0xB0, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xA7, 0x36, 0x76, 0x24, 0x32, 0x9F, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x42, 0x81, 0xFB, 0xA4, 0x2E, 0x13, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x94, 0x91, 0xFF, 0x99, 0xA0, 0x09, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x83, 0xA1, 0x76, 0xAF, 0x37, 0x5C, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xA8, 0x04, 0x86, 0xC4, 0xA9, 0x79, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_31_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x8C, 0xC2, 0x34, 0xFB, 0x83, 0x28, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x03, 0x7D, 0x5E, 0x9E, 0x0E, 0xB0, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0xA2, 0x02, 0x46, 0x7F, 0xB9, 0xAC, 0xBB, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0xED, 0x48, 0xC2, 0x96, 0x4D, 0x56, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0xB5, 0xC5, 0xD1, 0xE6, 0x1C, 0x7E, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x2E, 0x18, 0x71, 0x2D, 0x7B, 0xD7, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x46, 0x9D, 0xDE, 0xAA, 0x78, 0x8E, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xD7, 0x69, 0x2E, 0xE1, 0xD9, 0x48, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp521r1_T_31_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xFF, 0x9E, 0x09, 0x22, 0x22, 0xE6, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x14, 0x28, 0x13, 0x1B, 0x62, 0x12, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x7F, 0x67, 0x03, 0xB0, 0xC0, 0xF3, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xC3, 0x0F, 0xFB, 0x25, 0x48, 0x3E, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x6E, 0x53, 0x98, 0x36, 0xB3, 0xD3, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x81, 0x54, 0x22, 0xA4, 0xCC, 0xC1, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xBA, 0xFC, 0xA9, 0xDF, 0x68, 0x86, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x92, 0x0E, 0xC3, 0xF2, 0x58, 0xE8, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_ecp_point secp521r1_T[32] = { + ECP_POINT_INIT_XY_Z1(secp521r1_T_0_X, secp521r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_1_X, secp521r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_2_X, secp521r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_3_X, secp521r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_4_X, secp521r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_5_X, secp521r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_6_X, secp521r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_7_X, secp521r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_8_X, secp521r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_9_X, secp521r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_10_X, secp521r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_11_X, secp521r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_12_X, secp521r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_13_X, secp521r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_14_X, secp521r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_15_X, secp521r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_16_X, secp521r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_17_X, secp521r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_18_X, secp521r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_19_X, secp521r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_20_X, secp521r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_21_X, secp521r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_22_X, secp521r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_23_X, secp521r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_24_X, secp521r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_25_X, secp521r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_26_X, secp521r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_27_X, secp521r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_28_X, secp521r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_29_X, secp521r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_30_X, secp521r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(secp521r1_T_31_X, secp521r1_T_31_Y), +}; +#else +#define secp521r1_T NULL +#endif +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +static const mbedtls_mpi_uint secp192k1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; +static const mbedtls_mpi_uint secp192k1_a[] = { + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), +}; +static const mbedtls_mpi_uint secp192k1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_2(0x03, 0x00), +}; +static const mbedtls_mpi_uint secp192k1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB), +}; +static const mbedtls_mpi_uint secp192k1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B), +}; +static const mbedtls_mpi_uint secp192k1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp192k1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB), +}; +static const mbedtls_mpi_uint secp192k1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B), +}; +static const mbedtls_mpi_uint secp192k1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x77, 0x3D, 0x0D, 0x85, 0x48, 0xA8, 0xA9), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x07, 0xDF, 0x1D, 0xB3, 0xB3, 0x01, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x86, 0xF6, 0xAF, 0x19, 0x2A, 0x88, 0x2E), +}; +static const mbedtls_mpi_uint secp192k1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0x90, 0xB6, 0x2F, 0x48, 0x36, 0x4C, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x11, 0x14, 0xA6, 0xCB, 0xBA, 0x15, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0xB0, 0xF2, 0xD4, 0xC9, 0xDA, 0xBA, 0xD7), +}; +static const mbedtls_mpi_uint secp192k1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0xC1, 0x9C, 0xE6, 0xBB, 0xFB, 0xCF, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x19, 0xAC, 0x5A, 0xC9, 0x8A, 0x1C, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0xF6, 0x76, 0x86, 0x89, 0x27, 0x8D, 0x28), +}; +static const mbedtls_mpi_uint secp192k1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0xE0, 0x6F, 0x34, 0xBA, 0x5E, 0xD3, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0xDC, 0xA6, 0x87, 0xC9, 0x9D, 0xC0, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x11, 0x7E, 0xD6, 0xF7, 0x33, 0xFC, 0xE4), +}; +static const mbedtls_mpi_uint secp192k1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x37, 0x3E, 0xC0, 0x7F, 0x62, 0xE7, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x3B, 0x69, 0x9D, 0x44, 0xBC, 0x82, 0x99), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x84, 0xB3, 0x5F, 0x2B, 0xA5, 0x9E, 0x2C), +}; +static const mbedtls_mpi_uint secp192k1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x95, 0xEB, 0x4C, 0x04, 0xB4, 0xF4, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0xAD, 0x4B, 0xD5, 0x9A, 0xEB, 0xC4, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xB1, 0xC5, 0x59, 0xE3, 0xD5, 0x16, 0x2A), +}; +static const mbedtls_mpi_uint secp192k1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x48, 0x2A, 0xCC, 0xAC, 0xD0, 0xEE, 0x50, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x83, 0xE0, 0x5B, 0x14, 0x44, 0x52, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x15, 0x2D, 0x78, 0xF6, 0x51, 0x32, 0xCF), +}; +static const mbedtls_mpi_uint secp192k1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x36, 0x9B, 0xDD, 0xF8, 0xDD, 0xEF, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0xB1, 0x6A, 0x2B, 0xAF, 0xEB, 0x2B, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x87, 0x7A, 0x66, 0x5D, 0x5B, 0xDF, 0x8F), +}; +static const mbedtls_mpi_uint secp192k1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x45, 0xE5, 0x81, 0x9B, 0xEB, 0x37, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x29, 0xE2, 0x20, 0x64, 0x23, 0x6B, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0x1D, 0x41, 0xE1, 0x9B, 0x61, 0x7B, 0xD9), +}; +static const mbedtls_mpi_uint secp192k1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0x57, 0xA3, 0x0A, 0x13, 0xE4, 0x59, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0x6E, 0x4A, 0x48, 0x84, 0x90, 0xAC, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0xB8, 0xF5, 0xF3, 0xDE, 0xA0, 0xA1, 0x1D), +}; +static const mbedtls_mpi_uint secp192k1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0x32, 0x81, 0xA9, 0x91, 0x5A, 0x4E, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0xA8, 0x90, 0xBE, 0x0F, 0xEC, 0xC0, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x30, 0xD7, 0x08, 0xAE, 0xC4, 0x3A, 0xA5), +}; +static const mbedtls_mpi_uint secp192k1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x55, 0xE3, 0x76, 0xB3, 0x64, 0x74, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x75, 0xD4, 0xDB, 0x98, 0xD7, 0x39, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0xEB, 0x8A, 0xAB, 0x16, 0xD9, 0xD4, 0x0B), +}; +static const mbedtls_mpi_uint secp192k1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0xBE, 0xF9, 0xC7, 0xC7, 0xBA, 0xF3, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x85, 0x59, 0xF3, 0x60, 0x41, 0x02, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x1C, 0x4A, 0xA4, 0xC7, 0xED, 0x66, 0xBC), +}; +static const mbedtls_mpi_uint secp192k1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0x9C, 0x2E, 0x46, 0x52, 0x18, 0x87, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x35, 0x5A, 0x75, 0xAC, 0x4D, 0x75, 0x91), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0x2F, 0xAC, 0xFC, 0xBC, 0xE6, 0x93, 0x5E), +}; +static const mbedtls_mpi_uint secp192k1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x4D, 0xC9, 0x18, 0xE9, 0x00, 0xEB, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x69, 0x72, 0x07, 0x5A, 0x59, 0xA8, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x65, 0x83, 0x20, 0x10, 0xF9, 0x69, 0x82), +}; +static const mbedtls_mpi_uint secp192k1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0x56, 0x7F, 0x9F, 0xBF, 0x46, 0x0C, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0xCF, 0xF0, 0xDC, 0xDF, 0x2D, 0xE6, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0xF0, 0x72, 0x3A, 0x7A, 0x03, 0xE5, 0x22), +}; +static const mbedtls_mpi_uint secp192k1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xAA, 0x57, 0x13, 0x37, 0xA7, 0x2C, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0xAC, 0xA2, 0x23, 0xF9, 0x84, 0x60, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0xEB, 0x51, 0x70, 0x64, 0x78, 0xCA, 0x05), +}; +static const mbedtls_mpi_uint secp192k1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0xCC, 0x30, 0x62, 0x93, 0x46, 0x13, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x26, 0xCC, 0x6C, 0x3D, 0x5C, 0xDA, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xAA, 0xB8, 0x03, 0xA4, 0x1A, 0x00, 0x96), +}; +static const mbedtls_mpi_uint secp192k1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x9D, 0xE6, 0xCC, 0x4E, 0x2E, 0xC2, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xC3, 0x8A, 0xAE, 0x6F, 0x40, 0x05, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x8F, 0x4A, 0x4D, 0x35, 0xD3, 0x50, 0x9D), +}; +static const mbedtls_mpi_uint secp192k1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0xFD, 0x98, 0xAB, 0xC7, 0x03, 0xB4, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x40, 0xD2, 0x9F, 0xCA, 0xD0, 0x53, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x84, 0x00, 0x6F, 0xC8, 0xAD, 0xED, 0x8D), +}; +static const mbedtls_mpi_uint secp192k1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xD3, 0x57, 0xD7, 0xC3, 0x07, 0xBD, 0xD7), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0xBA, 0x47, 0x1D, 0x3D, 0xEF, 0x98, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xC0, 0x6C, 0x7F, 0x12, 0xEE, 0x9F, 0x67), +}; +static const mbedtls_mpi_uint secp192k1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x02, 0xDA, 0x79, 0xAA, 0xC9, 0x27, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x79, 0xC7, 0x71, 0x84, 0xCB, 0xE5, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x37, 0x06, 0xBA, 0xB5, 0xD5, 0x18, 0x4C), +}; +static const mbedtls_mpi_uint secp192k1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x65, 0x72, 0x6C, 0xF2, 0x63, 0x27, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0xBC, 0x71, 0xDF, 0x75, 0xF8, 0x98, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x70, 0x9B, 0xDC, 0xE7, 0x18, 0x71, 0xFF), +}; +static const mbedtls_mpi_uint secp192k1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x5B, 0x9F, 0x00, 0x5A, 0xB6, 0x80, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xE0, 0xBB, 0xFC, 0x5E, 0x78, 0x9C, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0x60, 0x03, 0x68, 0x83, 0x3D, 0x2E, 0x4C, 0xDD), +}; +static const mbedtls_mpi_uint secp192k1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0x49, 0x23, 0xA8, 0xCB, 0x3B, 0x1A, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0x3D, 0xA7, 0x46, 0xCF, 0x75, 0xB6, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0xFD, 0x30, 0x01, 0xB6, 0xEF, 0xF9, 0xE8), +}; +static const mbedtls_mpi_uint secp192k1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDC, 0xFA, 0xDA, 0xB8, 0x29, 0x42, 0xC9, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0xD7, 0xA0, 0xE6, 0x6B, 0x86, 0x61, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0xE9, 0xD3, 0x37, 0xD8, 0xE7, 0x35, 0xA9), +}; +static const mbedtls_mpi_uint secp192k1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xC8, 0x8E, 0xB1, 0xCB, 0xB1, 0xB5, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0xD7, 0x46, 0x7D, 0xAF, 0xE2, 0xDC, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x46, 0xE7, 0xD8, 0x76, 0x31, 0x90, 0x76), +}; +static const mbedtls_mpi_uint secp192k1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xD3, 0xF4, 0x74, 0xE1, 0x67, 0xD8, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x70, 0x3C, 0xC8, 0xAF, 0x5F, 0xF4, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x4E, 0xED, 0x5C, 0x43, 0xB3, 0x16, 0x35), +}; +static const mbedtls_mpi_uint secp192k1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0xAE, 0xD1, 0xDD, 0x31, 0x14, 0xD3, 0xF0), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x14, 0x06, 0x13, 0x12, 0x1C, 0x81, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xF9, 0x0C, 0x91, 0xF7, 0x67, 0x59, 0x63), +}; +static const mbedtls_mpi_uint secp192k1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x91, 0xE2, 0xF4, 0x9D, 0xEB, 0x88, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x82, 0x30, 0x9C, 0xAE, 0x18, 0x4D, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0x79, 0xCF, 0x17, 0xA5, 0x1E, 0xE8, 0xC8), +}; +static const mbedtls_ecp_point secp192k1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp192k1_T_0_X, secp192k1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_1_X, secp192k1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_2_X, secp192k1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_3_X, secp192k1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_4_X, secp192k1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_5_X, secp192k1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_6_X, secp192k1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_7_X, secp192k1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_8_X, secp192k1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_9_X, secp192k1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_10_X, secp192k1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_11_X, secp192k1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_12_X, secp192k1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_13_X, secp192k1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_14_X, secp192k1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp192k1_T_15_X, secp192k1_T_15_Y), +}; +#else +#define secp192k1_T NULL +#endif + +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +static const mbedtls_mpi_uint secp224k1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_4(0xFF, 0xFF, 0xFF, 0xFF), +}; +static const mbedtls_mpi_uint secp224k1_a[] = { + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_2(0x05, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_4(0x33, 0x5B, 0x45, 0xA1), +}; +static const mbedtls_mpi_uint secp224k1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_4(0xED, 0x9F, 0x08, 0x7E), +}; +static const mbedtls_mpi_uint secp224k1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00), +}; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp224k1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0x5B, 0x45, 0xA1, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0x9F, 0x08, 0x7E, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x6C, 0x22, 0x22, 0x40, 0x89, 0xAE, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0x92, 0xE1, 0x87, 0x56, 0x35, 0xAF, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0xAF, 0x08, 0x35, 0x27, 0xEA, 0x04, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x53, 0xFD, 0xCF, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0xD0, 0x9F, 0x8D, 0xF3, 0x63, 0x54, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0xDB, 0x0F, 0x61, 0x54, 0x26, 0xD1, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x21, 0xF7, 0x1B, 0xB5, 0x1D, 0xF6, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x05, 0xDA, 0x8F, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x26, 0x73, 0xBC, 0xE4, 0x29, 0x62, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x95, 0x17, 0x8B, 0xC3, 0x9B, 0xAC, 0xCC), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0xDB, 0x77, 0xDF, 0xDD, 0x13, 0x04, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0xFC, 0x22, 0x93, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x65, 0xF1, 0x5A, 0x37, 0xEF, 0x79, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x01, 0x37, 0xAC, 0x9A, 0x5B, 0x51, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x75, 0x13, 0xA9, 0x4A, 0xAD, 0xFE, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x82, 0x6F, 0x66, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0x5E, 0xF0, 0x40, 0xC3, 0xA6, 0xE2, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x9A, 0x6F, 0xCF, 0x11, 0x26, 0x66, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0x73, 0xA8, 0xCF, 0x2B, 0x12, 0x36, 0x37), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xB3, 0x0A, 0x58, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x79, 0x00, 0x55, 0x04, 0x34, 0x90, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0x54, 0x1C, 0xC2, 0x45, 0x0C, 0x1B, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x19, 0xAB, 0xA8, 0xFC, 0x73, 0xDC, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0xFB, 0x93, 0xCE, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x75, 0xD0, 0x66, 0x95, 0x86, 0xCA, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xEA, 0x29, 0x16, 0x6A, 0x38, 0xDF, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xA2, 0x36, 0x2F, 0xDC, 0xBB, 0x5E, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x89, 0x59, 0x49, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0xA3, 0x99, 0x9D, 0xB8, 0x77, 0x9D, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0x93, 0x43, 0x47, 0xC6, 0x5C, 0xF9, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x00, 0x79, 0x42, 0x64, 0xB8, 0x25, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x54, 0xB4, 0x33, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x0C, 0x42, 0x90, 0x83, 0x0B, 0x31, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x2E, 0xAE, 0xC8, 0xC7, 0x5F, 0xD2, 0x70), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0xBC, 0xAD, 0x41, 0xE7, 0x32, 0x3A, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x97, 0x52, 0x83, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x13, 0x7A, 0xBD, 0xAE, 0x94, 0x60, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x9B, 0x95, 0xB4, 0x6E, 0x68, 0xB2, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x49, 0xBE, 0x51, 0xFE, 0x66, 0x15, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x37, 0xE4, 0xFE, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x9B, 0xEE, 0x64, 0xC9, 0x1B, 0xBD, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x5F, 0x34, 0xA9, 0x0B, 0xB7, 0x25, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0x13, 0xB1, 0x38, 0xFB, 0x9D, 0x78, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0xE7, 0x1B, 0xFA, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0xB3, 0xB7, 0x44, 0x92, 0x6B, 0x00, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x82, 0x44, 0x3E, 0x18, 0x1A, 0x58, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0xF8, 0xC0, 0xE4, 0xEE, 0xC1, 0xBF, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x32, 0x27, 0xB2, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0x9A, 0x42, 0x62, 0x8B, 0x26, 0x54, 0x21), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x85, 0x74, 0xA0, 0x79, 0xA8, 0xEE, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x36, 0x60, 0xB3, 0x28, 0x4D, 0x55, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x27, 0x82, 0x29, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0xFC, 0x73, 0x77, 0xAF, 0x5C, 0xAC, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0xED, 0xE5, 0xF6, 0x1D, 0xA8, 0x67, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0xDE, 0x33, 0x1C, 0xF1, 0x80, 0x73, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xE2, 0xDE, 0x3C, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x3E, 0x6B, 0xFE, 0xF0, 0x04, 0x28, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0xB2, 0x14, 0x9D, 0x18, 0x11, 0x7D, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xC4, 0xD6, 0x2E, 0x6E, 0x57, 0x4D, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0x55, 0x1B, 0xDE, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xF7, 0x17, 0xBC, 0x45, 0xAB, 0x16, 0xAB), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xB0, 0xEF, 0x61, 0xE3, 0x20, 0x7C, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x85, 0x41, 0x4D, 0xF1, 0x7E, 0x4D, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xC2, 0x9B, 0x5E, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x2E, 0x49, 0x3D, 0x3E, 0x4B, 0xD3, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x2B, 0x9D, 0xD5, 0x27, 0xFA, 0xCA, 0xE0), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0xB3, 0x6A, 0xE0, 0x79, 0x14, 0x28, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x1E, 0xDC, 0xF5, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x44, 0x56, 0xCD, 0xFC, 0x9F, 0x09, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0x8C, 0x59, 0xA4, 0x64, 0x2A, 0x3A, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xA0, 0xB5, 0x86, 0x4E, 0x69, 0xDA, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x8B, 0x11, 0x38, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x17, 0x16, 0x12, 0x17, 0xDC, 0x00, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0x76, 0x24, 0x6C, 0x97, 0x2C, 0xB5, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x71, 0xE3, 0xB0, 0xBB, 0x4E, 0x50, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x6E, 0x48, 0x26, 0xD5, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x5F, 0x28, 0xF6, 0x01, 0x5A, 0x60, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x95, 0xFE, 0xD0, 0xAD, 0x15, 0xD4, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x5B, 0x7A, 0xFD, 0x80, 0xF7, 0x9F, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0xBC, 0x1B, 0xDF, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0xE6, 0xDF, 0x14, 0x29, 0xF4, 0xD4, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0x12, 0xDD, 0xEC, 0x5B, 0x8A, 0x59, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x92, 0x3E, 0x35, 0x08, 0xE9, 0xCF, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0x35, 0x29, 0x97, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xDB, 0xD6, 0x6A, 0xC5, 0x43, 0xA4, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x33, 0x50, 0x61, 0x70, 0xA1, 0xE9, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x15, 0x6E, 0x5F, 0x01, 0x0C, 0x8C, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0xA1, 0x9A, 0x9D, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6E, 0xC6, 0xF7, 0xE2, 0x4A, 0xCD, 0x9B, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x4D, 0x5A, 0xB8, 0xE2, 0x6D, 0xA6, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x3F, 0xB6, 0x17, 0xE3, 0x2C, 0x6F, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xA4, 0x59, 0x51, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x4F, 0x7C, 0x49, 0xCD, 0x6E, 0xEB, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0xC9, 0x1F, 0xB7, 0x4D, 0x98, 0xC7, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0x4C, 0xFD, 0x98, 0x20, 0x95, 0xBB, 0x20, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0xF2, 0x73, 0x92, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0xEF, 0xFB, 0x30, 0xFA, 0x12, 0x1A, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0x4C, 0x24, 0xB4, 0x5B, 0xC9, 0x4C, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xDD, 0x5E, 0x84, 0x95, 0x4D, 0x26, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0xFA, 0xF9, 0x3A, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0xA3, 0x2E, 0x7A, 0xDC, 0xA7, 0x53, 0xA9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x9F, 0x81, 0x84, 0xB2, 0x0D, 0xFE, 0x31), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x89, 0x1B, 0x77, 0x0C, 0x89, 0x71, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xFF, 0x7F, 0xB2, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0xE9, 0x2C, 0x79, 0xA6, 0x3C, 0xAD, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xE0, 0x23, 0x02, 0x86, 0x0F, 0x77, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x93, 0x6D, 0xE9, 0xF9, 0x3C, 0xBE, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0xE7, 0x24, 0x92, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x3C, 0x5B, 0x4B, 0x1B, 0x25, 0x37, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xE8, 0x38, 0x1B, 0xA1, 0x5A, 0x2E, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0x19, 0xFD, 0xF4, 0x78, 0x01, 0x6B, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0x69, 0x37, 0x4F, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0xE2, 0xBF, 0xD3, 0xEC, 0x95, 0x9C, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x7B, 0xFC, 0xD5, 0xD3, 0x25, 0x5E, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0x55, 0x09, 0xA2, 0x58, 0x6A, 0xC9, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0xCC, 0x3B, 0xD9, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_mpi_uint secp224k1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8F, 0x08, 0x65, 0x5E, 0xCB, 0xAB, 0x48, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x79, 0x8B, 0xC0, 0x11, 0xC0, 0x69, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xE8, 0x8C, 0x4C, 0xC5, 0x28, 0xE4, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x1F, 0x34, 0x5C, 0x00, 0x00, 0x00, 0x00), +}; +static const mbedtls_ecp_point secp224k1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp224k1_T_0_X, secp224k1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_1_X, secp224k1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_2_X, secp224k1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_3_X, secp224k1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_4_X, secp224k1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_5_X, secp224k1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_6_X, secp224k1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_7_X, secp224k1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_8_X, secp224k1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_9_X, secp224k1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_10_X, secp224k1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_11_X, secp224k1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_12_X, secp224k1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_13_X, secp224k1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_14_X, secp224k1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp224k1_T_15_X, secp224k1_T_15_Y), +}; +#else +#define secp224k1_T NULL +#endif +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +static const mbedtls_mpi_uint secp256k1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; +static const mbedtls_mpi_uint secp256k1_a[] = { + MBEDTLS_BYTES_TO_T_UINT_2(0x00, 0x00), +}; +static const mbedtls_mpi_uint secp256k1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_2(0x07, 0x00), +}; +static const mbedtls_mpi_uint secp256k1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79), +}; +static const mbedtls_mpi_uint secp256k1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48), +}; +static const mbedtls_mpi_uint secp256k1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF), +}; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint secp256k1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79), +}; +static const mbedtls_mpi_uint secp256k1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48), +}; +static const mbedtls_mpi_uint secp256k1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xEE, 0xD7, 0x1E, 0x67, 0x86, 0x32, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x73, 0xB1, 0xA9, 0xD5, 0xCC, 0x27, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x0E, 0x11, 0x01, 0x71, 0xFE, 0x92, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x28, 0x63, 0x6D, 0x72, 0x09, 0xA6, 0xC0), +}; +static const mbedtls_mpi_uint secp256k1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xE1, 0x69, 0xDC, 0x3E, 0x2C, 0x75, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0xB7, 0x3F, 0x30, 0x26, 0x3C, 0xDF, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xBE, 0xB9, 0x5D, 0x0E, 0xE8, 0x5E, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0xC3, 0x05, 0xD6, 0xB7, 0xD5, 0x24, 0xFC), +}; +static const mbedtls_mpi_uint secp256k1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0xCF, 0x7B, 0xDC, 0xCD, 0xC3, 0x39, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0xDA, 0xB9, 0xE5, 0x64, 0xA7, 0x47, 0x91), + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0x46, 0xA8, 0x61, 0xF6, 0x23, 0xEB, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xC1, 0xFF, 0xE4, 0x55, 0xD5, 0xC2, 0xBF), +}; +static const mbedtls_mpi_uint secp256k1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xBE, 0xB9, 0x59, 0x24, 0x13, 0x4A, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x45, 0x12, 0xDE, 0xBA, 0x4F, 0xEF, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x08, 0xBF, 0xC1, 0x66, 0xAA, 0x0A, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xFE, 0x30, 0x55, 0x31, 0x86, 0xA7, 0xB4), +}; +static const mbedtls_mpi_uint secp256k1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0xBF, 0x18, 0x81, 0x67, 0x27, 0x42, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x05, 0x83, 0xA4, 0xDD, 0x57, 0xD3, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x20, 0x63, 0xAB, 0xE4, 0x90, 0x70, 0xD0, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x5D, 0xFD, 0xA0, 0xEF, 0xCF, 0x1C, 0x54), +}; +static const mbedtls_mpi_uint secp256k1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x80, 0xE4, 0xF6, 0x09, 0xBC, 0x57, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x9F, 0x6E, 0x88, 0x54, 0x6E, 0x51, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x5F, 0x85, 0xFB, 0x84, 0x3E, 0x4A, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x19, 0xF5, 0x55, 0xC9, 0x07, 0xD8, 0xCE), +}; +static const mbedtls_mpi_uint secp256k1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0xB4, 0xC3, 0xD9, 0x5C, 0xA0, 0xD4, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0x30, 0xAF, 0x59, 0x9B, 0xF8, 0x04, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xA6, 0xFD, 0x66, 0x7B, 0xC3, 0x39, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0xE0, 0xBF, 0xF0, 0xC2, 0xE9, 0x71, 0xA4, 0x9E), +}; +static const mbedtls_mpi_uint secp256k1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0x2D, 0xB9, 0x88, 0x28, 0xF1, 0xBE, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0xF3, 0x1A, 0x0E, 0xB9, 0x01, 0x66, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0xA7, 0xA4, 0xF4, 0x05, 0xD0, 0xAA, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x39, 0x1E, 0x47, 0xE5, 0x68, 0xC8, 0xC0), +}; +static const mbedtls_mpi_uint secp256k1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xB9, 0xFC, 0xE0, 0x33, 0x8A, 0x7D, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x93, 0xA5, 0x53, 0x55, 0x16, 0xB4, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0x5F, 0xEA, 0x9B, 0x29, 0x52, 0x71, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0xF0, 0x24, 0xB8, 0x7D, 0xB7, 0xA0, 0x9B), +}; +static const mbedtls_mpi_uint secp256k1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x00, 0x27, 0xB2, 0xDF, 0x73, 0xA2, 0xE0), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x2E, 0x4D, 0x7C, 0xDE, 0x7A, 0x23, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x65, 0x60, 0xC7, 0x97, 0x1E, 0xA4, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x13, 0x5B, 0x77, 0x59, 0xCB, 0x36, 0xE1), +}; +static const mbedtls_mpi_uint secp256k1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xBC, 0x9F, 0x9E, 0x2D, 0x53, 0x2A, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x5F, 0x64, 0x9F, 0x1A, 0x19, 0xE6, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0x7B, 0x39, 0xD2, 0xDB, 0x85, 0x84, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0xC7, 0x0D, 0x58, 0x6E, 0x3F, 0x52, 0x15), +}; +static const mbedtls_mpi_uint secp256k1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x68, 0x19, 0x0B, 0x68, 0xC9, 0x1E, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xD2, 0x4E, 0x21, 0x49, 0x3D, 0x55, 0xCC, 0x25), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xF9, 0x25, 0x45, 0x54, 0x45, 0xB1, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0xB3, 0xF7, 0xCD, 0x80, 0xA4, 0x04, 0x05), +}; +static const mbedtls_mpi_uint secp256k1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x1E, 0x88, 0xC4, 0xAA, 0x18, 0x7E, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0xAC, 0xD9, 0xB2, 0xA1, 0xC0, 0x71, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0xA2, 0xF1, 0x15, 0xA6, 0x5F, 0x6C, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x5B, 0x05, 0xBC, 0xB7, 0xC6, 0x4E, 0x72), +}; +static const mbedtls_mpi_uint secp256k1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x80, 0xF8, 0x5C, 0x20, 0x2A, 0xE1, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x48, 0x2E, 0x68, 0x82, 0x7F, 0xEB, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA2, 0x3B, 0x25, 0xDB, 0x32, 0x4D, 0x88, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0x6E, 0xA6, 0xB6, 0x6D, 0x62, 0x78, 0x22), +}; +static const mbedtls_mpi_uint secp256k1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x4D, 0x3E, 0x86, 0x58, 0xC3, 0xEB, 0xBA), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x89, 0x33, 0x18, 0x21, 0x1D, 0x9B, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x9D, 0xFF, 0xC3, 0x79, 0xC1, 0x88, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0xD4, 0x48, 0x53, 0xE8, 0xAD, 0x21, 0x16), +}; +static const mbedtls_mpi_uint secp256k1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x7B, 0xDE, 0xCB, 0xD8, 0x39, 0x17, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0xF3, 0x03, 0xF2, 0x5C, 0xBC, 0xC8, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0xAE, 0x4C, 0xB0, 0x16, 0xA4, 0x93, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x8B, 0x6B, 0xDC, 0xD7, 0x9A, 0x3E, 0x7E), +}; +static const mbedtls_mpi_uint secp256k1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x2D, 0x7A, 0xD2, 0x59, 0x05, 0xA2, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x56, 0x09, 0x32, 0xF1, 0xE8, 0xE3, 0x72), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0xCA, 0xE5, 0x2E, 0xF0, 0xFB, 0x18, 0x19), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x85, 0xA9, 0x23, 0x15, 0x31, 0x1F, 0x0E), +}; +static const mbedtls_mpi_uint secp256k1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0xE5, 0xB1, 0x86, 0xB9, 0x6E, 0x8D, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x77, 0xFC, 0xC9, 0xA3, 0x3F, 0x89, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x6A, 0xDC, 0x25, 0xB0, 0xC7, 0x41, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x11, 0x6B, 0xA6, 0x11, 0x62, 0xD4, 0x2D), +}; +static const mbedtls_mpi_uint secp256k1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x7D, 0x34, 0xB3, 0x20, 0x7F, 0x37, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0xD4, 0x45, 0xE8, 0xC2, 0xE9, 0xC5, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x32, 0x3B, 0x25, 0x7E, 0x79, 0xAF, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0xE4, 0x54, 0x71, 0xBE, 0x35, 0x4E, 0xD0), +}; +static const mbedtls_mpi_uint secp256k1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x94, 0xDD, 0x8F, 0xB5, 0xC2, 0xDD, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x49, 0xE9, 0x1C, 0x2F, 0x08, 0x49, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0xB6, 0x03, 0x88, 0x6F, 0xB8, 0x15, 0x67), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xD3, 0x1C, 0xF3, 0xA5, 0xEB, 0x79, 0x01), +}; +static const mbedtls_mpi_uint secp256k1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0xF9, 0x43, 0x88, 0x89, 0x0D, 0x06, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x2D, 0xF5, 0x98, 0x32, 0xF6, 0xB1, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x73, 0x8F, 0x2B, 0x50, 0x27, 0x0A, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0xE3, 0xBD, 0x16, 0x05, 0xC8, 0x93, 0x12), +}; +static const mbedtls_mpi_uint secp256k1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0x6A, 0xF7, 0xE3, 0x3D, 0xDE, 0x5F, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0xA3, 0x9C, 0x22, 0x3C, 0x33, 0x36, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x20, 0x24, 0x4C, 0x69, 0x45, 0x78, 0x14, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xF8, 0xD4, 0xBF, 0xB8, 0xC0, 0xA1, 0x25), +}; +static const mbedtls_mpi_uint secp256k1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x88, 0xE1, 0x91, 0x03, 0xEB, 0xB3, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0x11, 0xA1, 0xEF, 0x14, 0x0D, 0xC4, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0xD4, 0x0D, 0x1D, 0x96, 0x33, 0x5C, 0x19), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x45, 0x2A, 0x1A, 0xE6, 0x57, 0x04, 0x9B), +}; +static const mbedtls_mpi_uint secp256k1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0xB5, 0xA7, 0x80, 0xE9, 0x93, 0x97, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0xB9, 0x7C, 0xA0, 0xC9, 0x57, 0x26, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0xEF, 0x56, 0xDA, 0x66, 0xF6, 0x1B, 0x9A), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x89, 0x6B, 0x91, 0xE0, 0xA9, 0x65, 0x2B), +}; +static const mbedtls_mpi_uint secp256k1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x98, 0x96, 0x9B, 0x06, 0x7D, 0x5E, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0xFA, 0xC1, 0x5F, 0x19, 0x37, 0x94, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0xBE, 0x6B, 0x1A, 0x05, 0xE4, 0xBF, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0xCD, 0x5D, 0x35, 0xB4, 0x51, 0xF7, 0x64), +}; +static const mbedtls_mpi_uint secp256k1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0xEF, 0x96, 0xDB, 0xF2, 0x61, 0x63, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x04, 0x88, 0xC9, 0x9F, 0x1B, 0x94, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x30, 0x79, 0x7E, 0x24, 0xE7, 0x5F, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0xB8, 0x90, 0xB7, 0x94, 0x25, 0xBB, 0x0F), +}; +static const mbedtls_mpi_uint secp256k1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x79, 0xEA, 0xAD, 0xC0, 0x6D, 0x18, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0xA4, 0x58, 0x2A, 0x8D, 0x95, 0xB3, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0xC4, 0xC2, 0x12, 0x0D, 0x79, 0xE2, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x6F, 0xBE, 0x97, 0x4D, 0xA4, 0x20, 0x07), +}; +static const mbedtls_mpi_uint secp256k1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x31, 0x71, 0xC6, 0xA6, 0x91, 0xEB, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x9B, 0xA8, 0x4A, 0xE7, 0x77, 0xE1, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0x06, 0xD3, 0x3D, 0x94, 0x30, 0xEF, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xDF, 0xCA, 0xFA, 0xF5, 0x28, 0xF8, 0xC9), +}; +static const mbedtls_mpi_uint secp256k1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0xE1, 0x32, 0xFD, 0x3E, 0x81, 0xF8, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0xF2, 0x4B, 0x1D, 0x19, 0xC9, 0x0F, 0xCC), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xB1, 0x8A, 0x22, 0x8B, 0x05, 0x6B, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0x21, 0xEF, 0x30, 0xEC, 0x09, 0x2A, 0x89), +}; +static const mbedtls_mpi_uint secp256k1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x84, 0x4A, 0x46, 0x07, 0x6C, 0x3C, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x18, 0x3A, 0xF4, 0xCC, 0xF5, 0xB2, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0x8F, 0xCD, 0x0A, 0x9C, 0xF4, 0xBD, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x89, 0x7F, 0x8A, 0xB1, 0x52, 0x3A, 0xAB), +}; +static const mbedtls_ecp_point secp256k1_T[16] = { + ECP_POINT_INIT_XY_Z1(secp256k1_T_0_X, secp256k1_T_0_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_1_X, secp256k1_T_1_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_2_X, secp256k1_T_2_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_3_X, secp256k1_T_3_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_4_X, secp256k1_T_4_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_5_X, secp256k1_T_5_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_6_X, secp256k1_T_6_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_7_X, secp256k1_T_7_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_8_X, secp256k1_T_8_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_9_X, secp256k1_T_9_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_10_X, secp256k1_T_10_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_11_X, secp256k1_T_11_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_12_X, secp256k1_T_12_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_13_X, secp256k1_T_13_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_14_X, secp256k1_T_14_Y), + ECP_POINT_INIT_XY_Z0(secp256k1_T_15_X, secp256k1_T_15_Y), +}; +#else +#define secp256k1_T NULL +#endif +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +/* + * Domain parameters for brainpoolP256r1 (RFC 5639 3.4) + */ +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +static const mbedtls_mpi_uint brainpoolP256r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9), +}; +static const mbedtls_mpi_uint brainpoolP256r1_a[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D), +}; +static const mbedtls_mpi_uint brainpoolP256r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26), +}; +static const mbedtls_mpi_uint brainpoolP256r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B), +}; +static const mbedtls_mpi_uint brainpoolP256r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54), +}; +static const mbedtls_mpi_uint brainpoolP256r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9), +}; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint brainpoolP256r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0xA2, 0xED, 0x52, 0xC9, 0x8C, 0xE3, 0xA5), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0xC9, 0xC4, 0x87, 0x3F, 0x93, 0x7A, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x12, 0x53, 0x61, 0x3E, 0x76, 0x08, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0x8C, 0x74, 0xF4, 0x08, 0xC3, 0x76, 0x80), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0xDD, 0x09, 0xA6, 0xED, 0xEE, 0xC4, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xD9, 0xBE, 0x4B, 0xA5, 0xB7, 0x2B, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x20, 0x12, 0xCA, 0x0A, 0x38, 0x24, 0xAB), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x72, 0x71, 0x90, 0x7A, 0x2E, 0xB7, 0x23), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x66, 0xA1, 0x93, 0x10, 0x2A, 0x51, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0x10, 0x11, 0x12, 0xBC, 0xB0, 0xB6, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0x58, 0xD7, 0x0A, 0x84, 0x05, 0xA3, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0x8E, 0x95, 0x61, 0xD3, 0x0B, 0xDF, 0x36), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x92, 0x12, 0x0F, 0x5E, 0x87, 0x70, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0xE9, 0x9B, 0xEB, 0x3A, 0xFB, 0xCF, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0xDC, 0x92, 0xB9, 0xF7, 0x45, 0xD3, 0x06, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x28, 0x65, 0xE1, 0xC5, 0x6C, 0x57, 0x18), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x0E, 0x77, 0x01, 0x81, 0x9E, 0x38, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0xF0, 0xD5, 0xA5, 0x91, 0x2B, 0xDF, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xEE, 0xB6, 0x25, 0xD6, 0x98, 0xDE, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0xA1, 0x55, 0x63, 0x39, 0xEB, 0xB5, 0x47), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0xD6, 0xB8, 0xE3, 0x13, 0xED, 0x7F, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0xE8, 0xAE, 0x36, 0xB8, 0xCD, 0x19, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x82, 0x83, 0x7A, 0x7B, 0x46, 0x56, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x60, 0x46, 0x15, 0x5A, 0xAC, 0x99, 0x30), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x61, 0x50, 0xC6, 0xFF, 0x10, 0x7D, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x51, 0xDF, 0xA9, 0x7D, 0x78, 0x26, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0x15, 0x9A, 0xF7, 0x01, 0xC1, 0xBB, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x0F, 0xE6, 0x2A, 0xBD, 0x4A, 0x9E, 0x87), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0xF8, 0xD1, 0x77, 0xD2, 0x49, 0xB3, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0x86, 0xFB, 0x9E, 0x1F, 0x5A, 0x60, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0xC4, 0x8D, 0xCD, 0x86, 0x61, 0x2F, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0xF6, 0xB9, 0xAC, 0x37, 0x9D, 0xE9, 0x28), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x77, 0xAA, 0x97, 0x9C, 0x0B, 0x04, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0xA6, 0x60, 0x81, 0xCE, 0x25, 0x13, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x00, 0xF3, 0xBB, 0x82, 0x99, 0x95, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x5A, 0xCE, 0x90, 0x71, 0x38, 0x2F, 0x10), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x1A, 0xC0, 0x84, 0x27, 0xD6, 0x9D, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x37, 0x52, 0x16, 0x13, 0x0E, 0xCE, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xBF, 0x5A, 0xDB, 0xDB, 0x6E, 0x1E, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0xB7, 0x5E, 0xF9, 0x86, 0xDD, 0x8A, 0x5C), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xAB, 0x5C, 0x8D, 0x1D, 0xF2, 0x2D, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0xC5, 0xF8, 0xF7, 0x1D, 0x96, 0x0B, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x4C, 0xA7, 0x45, 0x20, 0x6A, 0x1E, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x5D, 0xEF, 0xDE, 0xEE, 0x39, 0x44, 0x19), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x2F, 0x6D, 0x52, 0xC9, 0x58, 0x60, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0xC9, 0x62, 0xCB, 0x38, 0x3C, 0x55, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xA5, 0x09, 0x10, 0x88, 0xDB, 0xE3, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xE0, 0x3C, 0xCE, 0x06, 0x0B, 0x4B, 0x5D), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0x1D, 0xB4, 0x10, 0x76, 0x8F, 0xBA, 0x09), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x70, 0x5A, 0x07, 0xF5, 0x1A, 0x74, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0xE9, 0x94, 0xA8, 0xC0, 0xD5, 0x4A, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x6D, 0xD4, 0xE8, 0x9B, 0xE9, 0x6D, 0x0E), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x00, 0x32, 0x41, 0x57, 0x84, 0x89, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0xC7, 0x14, 0xEC, 0xE9, 0x27, 0xFF, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x67, 0x9E, 0xFB, 0xB6, 0xB8, 0x96, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0x4A, 0xE3, 0x97, 0x4B, 0x58, 0xDE, 0x30), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0x1E, 0x5C, 0xF5, 0x7F, 0xD5, 0xD4, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x08, 0x7A, 0xF1, 0xBD, 0x89, 0xC7, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0xF9, 0x11, 0x1B, 0xF5, 0x3C, 0x6D, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x50, 0xE5, 0x69, 0x1D, 0x59, 0xFC, 0x0C), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x2F, 0xF8, 0x3F, 0xEC, 0x55, 0x99, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0xA7, 0x29, 0x90, 0x43, 0x81, 0x31, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0x18, 0x44, 0x50, 0x5D, 0x76, 0xCB, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0xC5, 0x5B, 0x9A, 0x03, 0xE6, 0x17, 0x39), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x89, 0xFC, 0x55, 0x94, 0x91, 0x6A, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x46, 0x35, 0xF2, 0x3A, 0x42, 0x08, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0xD2, 0x76, 0x49, 0x42, 0x87, 0xD3, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0xEA, 0xA0, 0x52, 0xF1, 0x6A, 0x30, 0x57), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0xB2, 0x57, 0xA3, 0x8A, 0x4D, 0x1B, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0xA3, 0x99, 0x94, 0xB5, 0x3D, 0x64, 0x09), + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0xC3, 0xD7, 0x53, 0xF6, 0x49, 0x1C, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x23, 0x41, 0x4D, 0xFB, 0x7A, 0x5C, 0x53), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0xB8, 0x15, 0x65, 0x5C, 0x85, 0x94, 0xD7), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x37, 0xC7, 0xF8, 0x7E, 0xAE, 0x6C, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xD8, 0x11, 0x54, 0x98, 0x44, 0xE3, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x4D, 0xA6, 0x4B, 0x28, 0xF2, 0x57, 0x9E), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xD0, 0xEB, 0x1E, 0xAA, 0x30, 0xD3, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x9B, 0x4D, 0xA7, 0x73, 0x6E, 0xB6, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x47, 0xF6, 0xED, 0x37, 0xEF, 0x71, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0xB5, 0x49, 0x61, 0x5E, 0x45, 0xF6, 0x4A), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x0E, 0xB3, 0x84, 0x3A, 0x63, 0x72, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x53, 0x5C, 0xA7, 0xC6, 0x2E, 0xAB, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x0F, 0x8F, 0x87, 0x50, 0x28, 0xB4, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0x98, 0x4A, 0x98, 0x31, 0x86, 0xCA, 0x51), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0xC9, 0xE2, 0xFD, 0x5D, 0x1F, 0xE8, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x90, 0x91, 0xC4, 0x84, 0xF0, 0xBA, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x5A, 0xB3, 0x4E, 0xFB, 0xE0, 0x57, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x0B, 0x90, 0xA6, 0xFD, 0x9D, 0x8E, 0x02), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x41, 0x8F, 0x31, 0xFA, 0x5A, 0xF6, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xE9, 0xE3, 0xF6, 0xE0, 0x4A, 0xE7, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0x4E, 0xCD, 0xA2, 0x22, 0x14, 0xD4, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0xED, 0x21, 0xB7, 0x0F, 0x53, 0x10, 0x17), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x06, 0x24, 0x2C, 0x4E, 0xD1, 0x1E, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0x3F, 0xC1, 0x9F, 0xAB, 0xF0, 0x37, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0x03, 0x5E, 0x12, 0xCE, 0x83, 0x1B, 0x2A, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x65, 0xCF, 0xE8, 0x5C, 0xA5, 0xA2, 0x70), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x86, 0x76, 0x3A, 0x94, 0xF6, 0x1D, 0xC1), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0xDA, 0xC9, 0xA6, 0x29, 0x93, 0x15, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x61, 0x6A, 0x7D, 0xC7, 0xA9, 0xF3, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x03, 0x71, 0xA2, 0x15, 0xCE, 0x50, 0x72), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0xD0, 0xA8, 0x1E, 0x91, 0xC4, 0x4F, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0x4B, 0x7E, 0xD7, 0x71, 0x58, 0x7E, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x45, 0xAF, 0x2A, 0x18, 0x93, 0x95, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x8F, 0xC7, 0xFA, 0x4C, 0x7A, 0x86, 0x54), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0xAF, 0x68, 0x3A, 0x23, 0xC1, 0x2E, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x50, 0x11, 0x67, 0x39, 0xB9, 0xAF, 0x48), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x86, 0xAA, 0x1E, 0x88, 0x21, 0x29, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x28, 0xA4, 0x9D, 0x89, 0xA9, 0x9A, 0x10), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0xBA, 0x04, 0x67, 0xB7, 0x01, 0x40, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0xE9, 0x09, 0xA3, 0xCA, 0xA6, 0x37, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x97, 0xA8, 0xB6, 0x3C, 0xEE, 0x90, 0x3D), + MBEDTLS_BYTES_TO_T_UINT_8(0xDC, 0xED, 0xC4, 0xF7, 0xC3, 0x95, 0xEC, 0x85), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x84, 0xBD, 0xEB, 0xD5, 0x64, 0xBB, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x9B, 0xE2, 0x28, 0x50, 0xC2, 0x72, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0xF2, 0x74, 0xD1, 0x26, 0xBF, 0x32, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xCB, 0xAF, 0x72, 0xDB, 0x6D, 0x30, 0x98), +}; +static const mbedtls_mpi_uint brainpoolP256r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x50, 0x85, 0xF4, 0x2B, 0x48, 0xC1, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0x28, 0xBB, 0x11, 0xBA, 0x5B, 0x22, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0xA1, 0xE5, 0x5C, 0xC9, 0x1D, 0x44, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0xE8, 0xE6, 0x6F, 0xBB, 0xC1, 0x81, 0x7F), +}; +static const mbedtls_ecp_point brainpoolP256r1_T[16] = { + ECP_POINT_INIT_XY_Z1(brainpoolP256r1_T_0_X, brainpoolP256r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_1_X, brainpoolP256r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_2_X, brainpoolP256r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_3_X, brainpoolP256r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_4_X, brainpoolP256r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_5_X, brainpoolP256r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_6_X, brainpoolP256r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_7_X, brainpoolP256r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_8_X, brainpoolP256r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_9_X, brainpoolP256r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_10_X, brainpoolP256r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_11_X, brainpoolP256r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_12_X, brainpoolP256r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_13_X, brainpoolP256r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_14_X, brainpoolP256r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP256r1_T_15_X, brainpoolP256r1_T_15_Y), +}; +#else +#define brainpoolP256r1_T NULL +#endif + +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ + +/* + * Domain parameters for brainpoolP384r1 (RFC 5639 3.6) + */ +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +static const mbedtls_mpi_uint brainpoolP384r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C), +}; +static const mbedtls_mpi_uint brainpoolP384r1_a[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B), +}; +static const mbedtls_mpi_uint brainpoolP384r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04), +}; +static const mbedtls_mpi_uint brainpoolP384r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D), +}; +static const mbedtls_mpi_uint brainpoolP384r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A), +}; +static const mbedtls_mpi_uint brainpoolP384r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C), +}; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint brainpoolP384r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0xD8, 0x8A, 0x54, 0x41, 0xD6, 0x6B, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0x3B, 0xF1, 0x22, 0xFD, 0x2D, 0x4B, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x55, 0xE3, 0x33, 0xF0, 0x73, 0x52, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x3F, 0x30, 0x26, 0xCA, 0x7F, 0x52, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0xD3, 0x6E, 0x17, 0x9B, 0xD5, 0x2A, 0x4A, 0x31), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0xDA, 0x6B, 0xE5, 0x03, 0x07, 0x1D, 0x2E), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x7A, 0xAF, 0x98, 0xE3, 0xA4, 0xF6, 0x19), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x7D, 0xFE, 0x51, 0x40, 0x3B, 0x47, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x88, 0xEC, 0xC4, 0xE2, 0x8F, 0xCB, 0xA4), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0xE2, 0x88, 0x2D, 0x4E, 0x50, 0xEB, 0x9A), + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x54, 0x94, 0x5E, 0xF4, 0x7F, 0x3A, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x07, 0x1C, 0xE1, 0xBD, 0x0F, 0xF8, 0x63), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x92, 0x28, 0x2E, 0x32, 0x04, 0xB1, 0x4D), + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0x82, 0x44, 0x43, 0x76, 0x0D, 0x55, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0xE3, 0xFF, 0x89, 0x46, 0xDE, 0x4E, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0x22, 0xBB, 0x67, 0x1A, 0x81, 0xEE, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x54, 0xE2, 0x7A, 0xAE, 0xDA, 0x2C, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x9A, 0x90, 0xAA, 0x6E, 0x8B, 0xCC, 0x5F), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x40, 0xAC, 0xED, 0x7D, 0x37, 0x87, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0xF8, 0xB1, 0x80, 0x4C, 0x8C, 0x04, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x98, 0x2C, 0xAD, 0x30, 0x69, 0x35, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x2E, 0x00, 0x2F, 0x44, 0x8C, 0xF0, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x58, 0x07, 0xD7, 0xCD, 0x60, 0xA1, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0xFB, 0x7B, 0x03, 0x05, 0x5E, 0x79, 0x73), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x17, 0xCE, 0x38, 0x4B, 0x5E, 0x5B, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0x60, 0x0E, 0x0A, 0x61, 0x9D, 0x7C, 0x62, 0x08), + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0xF0, 0x98, 0x71, 0x7F, 0x17, 0x26, 0xD7), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0xD3, 0xFA, 0x3C, 0xF0, 0x70, 0x07, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x47, 0x5C, 0x09, 0x43, 0xB7, 0x65, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xA9, 0xA7, 0x3E, 0xFA, 0xF3, 0xEC, 0x22), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x78, 0x22, 0x2B, 0x58, 0x71, 0xFA, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x30, 0xCE, 0x6A, 0xB3, 0xB0, 0x4F, 0x83), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0x95, 0x20, 0xA9, 0x23, 0xC2, 0x65, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0xCF, 0x03, 0x5B, 0x8A, 0x80, 0x44, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xF8, 0x91, 0xF7, 0xD5, 0xED, 0xEA, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x5B, 0x16, 0x10, 0x25, 0xAC, 0x2A, 0x17), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0xEC, 0xDC, 0xC4, 0x7B, 0x8C, 0x6B, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0xBB, 0x1C, 0xD3, 0x5A, 0xEE, 0xD9, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x5D, 0x30, 0x5E, 0xF7, 0xB2, 0x41, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0xCE, 0x0F, 0x1A, 0xC6, 0x41, 0x64, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x18, 0xE1, 0xE3, 0x82, 0x15, 0x66, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0xE2, 0x24, 0x04, 0x72, 0x39, 0xA0, 0x7C), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0x51, 0xA2, 0x58, 0x88, 0x62, 0xE1, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0xD2, 0x65, 0x14, 0xE9, 0x4C, 0x82, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0xDC, 0xE1, 0xAC, 0x87, 0xAE, 0x31, 0x1A, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0x4F, 0x96, 0x1E, 0x85, 0x7A, 0xC3, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x86, 0xBB, 0xF0, 0xC0, 0x9D, 0x08, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0x53, 0x03, 0x09, 0x80, 0x91, 0xEF, 0x68), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0xD7, 0xAF, 0x6F, 0x69, 0x7B, 0x88, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0x13, 0xE4, 0x30, 0xA2, 0x47, 0xB5, 0xC1), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xD2, 0xC0, 0xDD, 0x8A, 0x1C, 0x3C, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x8C, 0xB3, 0x4C, 0xBA, 0x8B, 0x6D, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0xC7, 0xA1, 0xA8, 0x6E, 0x3C, 0x4F, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x4A, 0x97, 0xC8, 0x03, 0x6F, 0x01, 0x82), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x18, 0x12, 0xA9, 0x39, 0xD5, 0x22, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0xA7, 0xC0, 0xBD, 0x9D, 0x8D, 0x78, 0x38), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0xB3, 0xD0, 0x7F, 0xDF, 0xD0, 0x30, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x25, 0x73, 0x96, 0xEC, 0xA8, 0x1D, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0xD1, 0x65, 0x66, 0xDC, 0xD9, 0xCF, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0xED, 0x7B, 0x37, 0xAD, 0xE2, 0xBE, 0x2D), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x79, 0x42, 0x6A, 0x07, 0x66, 0xB1, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x53, 0x62, 0x65, 0x92, 0x09, 0x4C, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0xAF, 0xC3, 0x03, 0xF6, 0xF4, 0x2D, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0xCA, 0x41, 0xD9, 0xA2, 0x69, 0x9B, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0xB2, 0xA6, 0x8D, 0xE1, 0xAA, 0x61, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xBA, 0x4D, 0x12, 0xB6, 0xBE, 0xF3, 0x7E), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0xD9, 0x92, 0x22, 0x07, 0xCE, 0xC9, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0xA1, 0x7C, 0x91, 0xDB, 0x32, 0xF7, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x49, 0x4B, 0x6D, 0xFB, 0xD9, 0x70, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0xFB, 0x4E, 0x4C, 0x5E, 0x66, 0x81, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0xB3, 0xE1, 0x00, 0xB7, 0xD9, 0xCC, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x36, 0x8B, 0xC4, 0x39, 0x20, 0xFD, 0x30), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x1F, 0x60, 0x03, 0xBB, 0xD7, 0x60, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x3C, 0x62, 0xDD, 0x71, 0x95, 0xE9, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x5B, 0x7A, 0x5F, 0x68, 0x81, 0xC5, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xAF, 0xB5, 0xB9, 0x98, 0x42, 0x28, 0xA5), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x29, 0x8E, 0x11, 0x49, 0xB4, 0xD7, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x3E, 0xD2, 0x30, 0xA1, 0xBA, 0xCA, 0x03), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x37, 0x64, 0x44, 0x2F, 0x03, 0xE5, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x42, 0xBC, 0xFF, 0xA2, 0x1A, 0x5F, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0x04, 0xAB, 0x04, 0xE0, 0x24, 0xAD, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x45, 0x17, 0x67, 0x1F, 0x3E, 0x53, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0x0F, 0xB3, 0x1B, 0x57, 0x54, 0xC2, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xD3, 0xF8, 0xC4, 0x1B, 0x9B, 0xFA, 0x30), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x90, 0xFD, 0xFB, 0xCA, 0x49, 0x38, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0xCF, 0xC6, 0xDD, 0xF0, 0xFF, 0x8C, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0x69, 0x9D, 0xBD, 0x5F, 0x33, 0xE9, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x19, 0x82, 0x3D, 0xAC, 0x1C, 0x40, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0xC7, 0x02, 0x46, 0x14, 0x77, 0x00, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x05, 0xF2, 0x77, 0x3A, 0x66, 0x5C, 0x39), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xE6, 0x17, 0xDE, 0xB2, 0xA1, 0xE5, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0x71, 0xEC, 0x9D, 0xD8, 0xF5, 0xD4, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0xC6, 0x42, 0x5E, 0xE7, 0x18, 0xBA, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x21, 0x68, 0x5A, 0x26, 0xFB, 0xD7, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x00, 0x5C, 0xBA, 0x8A, 0x34, 0xEC, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0x9C, 0x3C, 0xAF, 0x53, 0xE8, 0x65, 0x35), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0xEF, 0x28, 0xDC, 0x67, 0x05, 0xC8, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x78, 0xC3, 0x85, 0x49, 0xA0, 0xBC, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x3E, 0x2D, 0xA0, 0xCF, 0xD4, 0x7A, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0x93, 0xFE, 0x60, 0xB3, 0x6E, 0x99, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x62, 0xAD, 0x04, 0xE7, 0x49, 0xAF, 0x5E, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x7A, 0xED, 0xA6, 0x9E, 0x18, 0x09, 0x31), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x05, 0x94, 0x44, 0xDC, 0xB8, 0x85, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0xB7, 0x37, 0xC2, 0x50, 0x75, 0x15, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0xC6, 0x0F, 0xB2, 0xA9, 0x91, 0x3E, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x81, 0xAD, 0x25, 0xA1, 0x26, 0x73, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xF1, 0xD1, 0x61, 0x7C, 0x76, 0x8F, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0xDB, 0x4A, 0xFF, 0x14, 0xA7, 0x48, 0x0B), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x73, 0xC6, 0xC2, 0xCC, 0xF1, 0x57, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0xED, 0x73, 0x27, 0x70, 0x82, 0xB6, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0xBA, 0xAC, 0x3A, 0xCF, 0xF4, 0xEA, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xD6, 0xB1, 0x8F, 0x0E, 0x08, 0x2C, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xE3, 0x8F, 0x2F, 0x0E, 0xA1, 0xF3, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0xF5, 0x7C, 0x9B, 0x29, 0x0A, 0xF6, 0x28), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0xEE, 0x17, 0x47, 0x34, 0x15, 0xA3, 0xAF), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0xBE, 0x88, 0x48, 0xE7, 0xA2, 0xBB, 0xDE), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0xAD, 0xDC, 0x65, 0x61, 0x37, 0x0F, 0xC1), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x67, 0xAD, 0xA2, 0x3A, 0x1C, 0x91, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x07, 0x0C, 0x3A, 0x41, 0x6E, 0x13, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0xBD, 0x7E, 0xED, 0xAA, 0x14, 0xDD, 0x61), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC3, 0xDC, 0x20, 0x01, 0x72, 0x11, 0x48, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xC4, 0x7B, 0xF8, 0x62, 0x3D, 0xF0, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0xC2, 0x3D, 0x2E, 0x52, 0xA3, 0x4A, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xE2, 0x53, 0x46, 0x5E, 0x21, 0xF8, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0xC7, 0x8F, 0xA9, 0x26, 0x42, 0x32, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0xA6, 0xA0, 0x8D, 0x4B, 0x9A, 0x19, 0x03), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xAB, 0x6D, 0x1E, 0xFB, 0xEE, 0x60, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x56, 0x3C, 0xC5, 0x5D, 0x10, 0x79, 0x1C), + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0xBC, 0x41, 0x9F, 0x71, 0xEF, 0x02, 0xF9), + MBEDTLS_BYTES_TO_T_UINT_8(0xA2, 0x36, 0xC4, 0xD0, 0x88, 0x9B, 0x32, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0xD4, 0x5D, 0x17, 0x39, 0xE6, 0x22, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x7B, 0x26, 0x01, 0xCE, 0xBE, 0x4A, 0x9C, 0x27), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x6D, 0x11, 0xCA, 0x6C, 0x5A, 0x93, 0x0C), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x96, 0x26, 0xAF, 0x2F, 0xE4, 0x30, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0xC1, 0x4C, 0xC6, 0x30, 0x1F, 0x5C, 0x04), + MBEDTLS_BYTES_TO_T_UINT_8(0x59, 0xB3, 0xE8, 0xFC, 0x35, 0xEB, 0x63, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0x1D, 0xCA, 0xFC, 0x50, 0x36, 0x4B, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x0E, 0x23, 0x5B, 0xAF, 0xEB, 0x2D, 0x31), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0x88, 0xB6, 0xD7, 0x74, 0x4A, 0x23, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x66, 0xE2, 0xBB, 0x29, 0xA6, 0x4F, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0x6F, 0x7E, 0x68, 0x6E, 0xA0, 0x14, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0x73, 0xD4, 0xE8, 0xAB, 0x5B, 0xF6, 0x0D), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0xE0, 0x3C, 0x24, 0x00, 0x95, 0xE9, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x0D, 0x4F, 0x81, 0xD0, 0xF2, 0x3F, 0x00), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0x1D, 0xCD, 0x78, 0x39, 0xC4, 0x6B, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x45, 0xC7, 0xB8, 0x2F, 0xAA, 0x5D, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0x8C, 0x6E, 0xA3, 0x24, 0xB2, 0xDB, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x2D, 0xD9, 0xF1, 0xC7, 0x9B, 0x8A, 0xAF), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0xE1, 0x2C, 0xB9, 0x40, 0x37, 0x91, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x2C, 0xB5, 0x23, 0x03, 0x2B, 0xAF, 0x2F), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0x9D, 0x5A, 0x20, 0x10, 0xA9, 0x84, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x30, 0x89, 0x20, 0x13, 0xE9, 0xB2, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x6E, 0x52, 0xEB, 0x03, 0x18, 0x1F, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x9E, 0x1C, 0x35, 0x87, 0x92, 0x69, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0xC9, 0x88, 0xAF, 0xC6, 0x6C, 0x83, 0x72), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0xD5, 0x7A, 0x54, 0x34, 0x99, 0xB6, 0x6F), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0xAD, 0x45, 0x9B, 0x4B, 0x41, 0x4D, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0x5D, 0xAB, 0x7F, 0x35, 0x34, 0xE9, 0x29), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0xBE, 0x78, 0x34, 0x44, 0xF3, 0x4A, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0xDE, 0xE3, 0xC4, 0xEE, 0x0B, 0xF9, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x86, 0x16, 0x48, 0x32, 0xB8, 0x74, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0xEE, 0x7C, 0xBA, 0xBD, 0x81, 0xE3, 0x55), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x6A, 0xFA, 0x84, 0xDA, 0xB8, 0xD5, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0x9F, 0x8A, 0xD5, 0x1B, 0x2E, 0x1A, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x0C, 0x61, 0xE2, 0xFF, 0x5B, 0xE6, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0x62, 0xC1, 0x87, 0x53, 0x1B, 0x92, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x90, 0x00, 0xD1, 0x6A, 0x0C, 0x0E, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0x2E, 0xB5, 0x3B, 0x44, 0xB5, 0xA0, 0x78), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x5D, 0x02, 0x58, 0xB5, 0xBE, 0x45, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0xEF, 0x8E, 0x90, 0x4D, 0x2A, 0x32, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0x48, 0x99, 0x75, 0x5C, 0x0A, 0x33, 0x8F, 0x36), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x6C, 0x95, 0xD4, 0x1F, 0xF3, 0xEB, 0xDA), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0xE4, 0x4C, 0x91, 0x20, 0xF3, 0x25, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x95, 0xEB, 0x29, 0x6F, 0x20, 0x34, 0x81), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0x15, 0xE5, 0x13, 0x7E, 0x64, 0x8B, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0xBC, 0x0D, 0x18, 0x7E, 0x37, 0x9E, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x82, 0x20, 0xF7, 0x2D, 0x7A, 0x77, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x29, 0xA2, 0xDB, 0x7A, 0xE6, 0x6F, 0xA5), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xC6, 0x50, 0x5C, 0xBC, 0xE6, 0x4F, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x9F, 0xD5, 0xE8, 0xC5, 0x3D, 0xB7, 0x30), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_16_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x03, 0x55, 0x10, 0xDB, 0xA6, 0x8B, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x17, 0xAE, 0x78, 0xC9, 0x1D, 0x43, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x35, 0x49, 0xD4, 0x47, 0x84, 0x8D, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x95, 0x2F, 0xEA, 0xBC, 0xB4, 0x18, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x48, 0xAE, 0x89, 0xF5, 0x65, 0x3D, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0xF2, 0x2B, 0x20, 0xD1, 0x75, 0x50, 0x63), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_16_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0xE6, 0x5C, 0x2C, 0xE0, 0x7D, 0xDF, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x07, 0x3E, 0xCE, 0x9F, 0x18, 0xB6, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0xF8, 0xF0, 0xD5, 0xFA, 0x42, 0x1D, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x6C, 0x1D, 0x03, 0xC9, 0x0E, 0x2B, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x18, 0x52, 0xA5, 0xB4, 0x63, 0xE1, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x0A, 0xD9, 0xC4, 0xFD, 0x16, 0x60, 0x54), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_17_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x7D, 0xDE, 0xDF, 0x4B, 0x4A, 0xB0, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x4E, 0x8C, 0x94, 0xC1, 0xE2, 0x85, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x4F, 0xF0, 0xEA, 0xB5, 0x9B, 0x70, 0xEF, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x56, 0xC2, 0x39, 0x5D, 0xF3, 0x2C, 0xD9, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0x1C, 0x2E, 0xCC, 0x2F, 0x54, 0x87, 0x80), + MBEDTLS_BYTES_TO_T_UINT_8(0xB0, 0x72, 0xC7, 0xB5, 0x50, 0xA3, 0x84, 0x77), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_17_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xD1, 0xAF, 0xA9, 0xB4, 0x8B, 0x5D, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0xF6, 0x52, 0x8A, 0xC3, 0x56, 0xA5, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0x52, 0xFF, 0xEA, 0x05, 0x42, 0x77, 0x83), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x08, 0x90, 0x72, 0x86, 0xC4, 0xC3, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0x15, 0xF8, 0xF1, 0x16, 0x67, 0xC6, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0x87, 0xAC, 0x8F, 0x71, 0xEC, 0x83, 0x81), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_18_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0xE1, 0xE6, 0x2D, 0x0E, 0x11, 0xA1, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0xE2, 0xA8, 0x32, 0xE6, 0xE3, 0x83, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x56, 0xE5, 0xCD, 0xB7, 0x2B, 0x67, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0xED, 0xC9, 0x65, 0x6D, 0x87, 0xE1, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x8E, 0xFD, 0x9A, 0x53, 0x0E, 0xFA, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0x4C, 0x4A, 0xE2, 0x23, 0x84, 0xFA, 0x01), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_18_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xFE, 0x49, 0x81, 0xD1, 0x3E, 0xF4, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x72, 0xE0, 0xEF, 0x0D, 0xB8, 0x3E, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0x00, 0x0F, 0x5F, 0xCE, 0x60, 0x72, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xCC, 0xD8, 0x03, 0x07, 0x6E, 0x5A, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x3A, 0x35, 0x50, 0x4E, 0x1F, 0xCA, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0xEA, 0x88, 0x55, 0xBD, 0x6E, 0x05, 0x7F), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_19_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0x6D, 0xF1, 0x97, 0xA6, 0x69, 0x39, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0x41, 0x99, 0xFF, 0x3B, 0xA1, 0x26, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0x2F, 0x95, 0x80, 0x12, 0x4A, 0x1B, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xBF, 0x51, 0xAA, 0xAE, 0x2D, 0xDA, 0xCF), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x1C, 0xB3, 0x52, 0x36, 0x49, 0xD4, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xC1, 0x1F, 0x3A, 0xD3, 0x3E, 0x5C, 0x1A), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_19_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x51, 0xF7, 0x2B, 0xC8, 0xA9, 0xA7, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0x4E, 0x7F, 0x98, 0x41, 0x66, 0xB0, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x1D, 0xC0, 0x42, 0xCD, 0xF8, 0xC3, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x41, 0x91, 0x7D, 0xCC, 0x8B, 0xCC, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xAE, 0x76, 0xED, 0x56, 0x18, 0xC5, 0xAB), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x6A, 0x06, 0xA3, 0x7F, 0x65, 0x10, 0x1F), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_20_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0xEC, 0x3C, 0x05, 0x05, 0xCA, 0xF6, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0x48, 0xCD, 0x02, 0x51, 0x12, 0x16, 0x3C, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0xEB, 0xB3, 0x43, 0x7B, 0xDD, 0xB2, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x59, 0x90, 0x41, 0xDB, 0xE4, 0xF5, 0x91), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x0E, 0x18, 0x2A, 0x5A, 0x83, 0x7C, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x37, 0xA1, 0x0D, 0xF1, 0x2F, 0x63, 0x79), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_20_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xC0, 0xFA, 0x6F, 0x1F, 0x67, 0xCF, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x34, 0x45, 0xBB, 0xF4, 0xF9, 0x9B, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0x69, 0xFE, 0x67, 0x1D, 0x64, 0x8F, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x39, 0xBF, 0xD8, 0xB3, 0xC7, 0xAD, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0x93, 0xFF, 0xF3, 0x28, 0xFA, 0x39, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xF9, 0xC3, 0x85, 0x26, 0x7A, 0x88, 0x89), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_21_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xD5, 0x79, 0xD8, 0x11, 0xDE, 0xEB, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x46, 0xA4, 0x6A, 0xDA, 0x74, 0x34, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0xBD, 0xD3, 0xF5, 0x14, 0xEE, 0xFE, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x4C, 0xA3, 0x71, 0x43, 0x65, 0xF8, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x6C, 0x35, 0xFA, 0x90, 0x25, 0xD8, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x34, 0x84, 0x96, 0xA1, 0x43, 0x03, 0x4D), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_21_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x3B, 0x3B, 0x2F, 0xCA, 0x59, 0xF2, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xCD, 0x48, 0x24, 0x74, 0xD8, 0x72, 0x90, 0xA3), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x42, 0x74, 0x8C, 0x6F, 0x52, 0x19, 0x3D), + MBEDTLS_BYTES_TO_T_UINT_8(0x40, 0x9E, 0x41, 0x63, 0x68, 0x78, 0x4C, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0x94, 0xB6, 0x6B, 0x38, 0x52, 0xA8, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x30, 0x25, 0x93, 0xA1, 0x6F, 0x6E, 0x68), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_22_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x2F, 0x4B, 0x64, 0x79, 0x50, 0xFF, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0x36, 0xED, 0x57, 0x39, 0x3B, 0xE7, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x85, 0xEA, 0x35, 0xD6, 0xC0, 0xA0, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x89, 0x3A, 0xCC, 0x22, 0x1C, 0x46, 0x02), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x7A, 0xB0, 0xA1, 0x1B, 0x69, 0x62, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0xB8, 0x8A, 0x6C, 0x18, 0x85, 0x0D, 0x88), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_22_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xB6, 0x50, 0xE9, 0x4E, 0x7F, 0xE8, 0x07), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x5B, 0x5C, 0xD1, 0x4B, 0x11, 0x9A, 0xD8), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x25, 0x56, 0x74, 0x51, 0x9C, 0xEC, 0x9C), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x7F, 0xB6, 0x8A, 0xCB, 0x3A, 0x10, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0x60, 0x33, 0x07, 0x01, 0xE9, 0x49, 0x59, 0xE6), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0xA5, 0x2E, 0xF2, 0xBA, 0x32, 0x63, 0x44), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_23_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x06, 0x0B, 0xA5, 0x44, 0x27, 0x7F, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x74, 0xAC, 0x0F, 0xCC, 0x4F, 0x13, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0xB1, 0xBF, 0x97, 0x49, 0xA5, 0x1C, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x64, 0x68, 0x7B, 0x0F, 0xCC, 0x77, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x39, 0xF9, 0x4E, 0x84, 0x9C, 0xF6, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xCF, 0x6D, 0xE2, 0xA1, 0x2D, 0xF9, 0x2B), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_23_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0xC4, 0x90, 0x57, 0x31, 0x01, 0x05, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x1E, 0xBB, 0xBF, 0x98, 0xA4, 0x7C, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0xE3, 0xA0, 0xB2, 0xCD, 0x39, 0x9A, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x34, 0x60, 0x7A, 0x89, 0x98, 0xB5, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0x20, 0x3D, 0x3A, 0x04, 0x8F, 0x5A, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0x26, 0xB6, 0x49, 0x09, 0x9C, 0x0F, 0x59), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_24_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x66, 0xD2, 0x38, 0x2A, 0x62, 0x81, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0xC8, 0x20, 0x5E, 0x28, 0xA3, 0x81, 0xA7), + MBEDTLS_BYTES_TO_T_UINT_8(0x20, 0x31, 0xA4, 0xF1, 0xEA, 0x7D, 0x87, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x8F, 0x2C, 0x99, 0x09, 0x6F, 0x63, 0xEB, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x73, 0x76, 0xDA, 0x1A, 0x06, 0xBE, 0xDE, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x09, 0x2E, 0x75, 0x39, 0x30, 0x2D, 0x42), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_24_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x9B, 0xC1, 0x5A, 0x17, 0xC3, 0x8C, 0x31), + MBEDTLS_BYTES_TO_T_UINT_8(0x58, 0x8D, 0x94, 0x4D, 0x3D, 0xAB, 0x60, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xFD, 0x1E, 0x0F, 0x43, 0xAE, 0x9D, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0xF2, 0xF3, 0x20, 0x1B, 0xAA, 0xB7, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0x5B, 0xA4, 0xF4, 0x90, 0x3B, 0xE3, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0x78, 0x72, 0xBD, 0x65, 0x09, 0x0B, 0x01), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_25_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x37, 0x2A, 0x6C, 0x16, 0x4F, 0x64, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0xCE, 0xA3, 0x90, 0xB4, 0x9A, 0xBC, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x38, 0x55, 0x63, 0x1D, 0x3A, 0x6E, 0x18), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xB4, 0xAA, 0x99, 0x22, 0x45, 0x89, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0x7C, 0x8C, 0xA6, 0x3D, 0xA7, 0x3E, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x06, 0x42, 0xDC, 0xA6, 0xE3, 0xC6, 0x12), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_25_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x8C, 0x3D, 0x5D, 0x47, 0x31, 0x7C, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x85, 0xEE, 0x46, 0x7E, 0x13, 0x04, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0x3C, 0x8B, 0x43, 0x2E, 0x74, 0xF5, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x88, 0x8E, 0x07, 0x29, 0x08, 0x03, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0x9B, 0x89, 0xEB, 0x08, 0xE8, 0x43, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x07, 0x67, 0xFD, 0xD9, 0x73, 0x6F, 0x18), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_26_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0xEB, 0x21, 0x8D, 0x98, 0x43, 0x74, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x88, 0xCC, 0x14, 0xD8, 0x08, 0xBB, 0xA6, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0x98, 0xF2, 0x6A, 0x18, 0xC3, 0xDD, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0x38, 0x91, 0xA0, 0x03, 0xF2, 0x04, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0xAF, 0xE8, 0xFD, 0xFB, 0x13, 0x70, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x93, 0x87, 0x98, 0x4A, 0xE0, 0x00, 0x12), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_26_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x2E, 0x69, 0x9C, 0xA2, 0x2D, 0x03, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0xFE, 0xF3, 0xB9, 0xC1, 0x85, 0x2A, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xFD, 0x86, 0xB1, 0xCD, 0xBF, 0x41, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xD8, 0x9A, 0x21, 0xF3, 0xFE, 0xCB, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0x78, 0x04, 0x60, 0xB7, 0xA9, 0xA2, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x1E, 0x66, 0x2A, 0x54, 0x51, 0xBD, 0x8B), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_27_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x16, 0x36, 0xEF, 0x61, 0x2D, 0xEE, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x5F, 0x88, 0xA0, 0x13, 0x12, 0xF7, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0xA9, 0xC6, 0xAD, 0x4A, 0x4A, 0x07, 0x01, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0xB8, 0x74, 0xB1, 0x4F, 0xEB, 0xBD, 0xD5, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0xF9, 0x71, 0xA2, 0x06, 0x4F, 0xD7, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x8B, 0x4D, 0x48, 0xE0, 0x98, 0xFB, 0x6A), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_27_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0xBA, 0x10, 0xA3, 0x0D, 0x52, 0xAC, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xD0, 0xE0, 0x36, 0xE6, 0x07, 0x3A, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x80, 0xF0, 0xAA, 0x49, 0x22, 0x4B, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xC7, 0xAB, 0x1C, 0x89, 0xCD, 0x24, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x82, 0x2A, 0xFC, 0xB3, 0x6D, 0x45, 0x96, 0x49), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0xE4, 0xDB, 0x52, 0x3F, 0xC4, 0xB4, 0x19), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_28_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5B, 0xCC, 0xC8, 0x7F, 0xBB, 0x6B, 0x87, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0x21, 0x3C, 0x69, 0x7D, 0x38, 0x57, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0x4C, 0x18, 0x3C, 0x53, 0xA5, 0x48, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xC3, 0x64, 0x45, 0xDB, 0xC4, 0x6D, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0xCC, 0xD1, 0xBB, 0x17, 0xB8, 0x34, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x69, 0x71, 0xFA, 0xA0, 0x28, 0x4A, 0x3D), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_28_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0xE8, 0x9E, 0x39, 0xEA, 0x8D, 0x38, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x9C, 0xBB, 0xCD, 0x80, 0x1A, 0xEE, 0xB7), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xA0, 0x45, 0xBF, 0xD9, 0x22, 0x11, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x7C, 0x5C, 0xD9, 0xC0, 0x9F, 0x69, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x8A, 0xA6, 0x79, 0x4E, 0x35, 0xB9, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0xCC, 0x8B, 0x9A, 0x3E, 0xA1, 0xB8, 0x28, 0x10), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_29_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x2F, 0xEF, 0xBB, 0xA9, 0x72, 0x7F, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x34, 0xB7, 0x12, 0xB9, 0xE7, 0xC3, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x1D, 0xD9, 0x42, 0x77, 0x0C, 0x71, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x01, 0x59, 0xA7, 0x56, 0x03, 0x91, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x91, 0x99, 0x33, 0x30, 0x3E, 0xEF, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0xC9, 0x5A, 0x9A, 0x54, 0x66, 0xF1, 0x70), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_29_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0x2C, 0xB7, 0x6E, 0x71, 0x7D, 0x35, 0x30), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x0D, 0xEF, 0xD1, 0x2D, 0x99, 0x63, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x31, 0xAF, 0x2D, 0xC9, 0xC6, 0xC2, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0xC0, 0xDF, 0x80, 0x54, 0xC4, 0xAC, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x6B, 0xA0, 0x84, 0x96, 0xF7, 0x31, 0xC8), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0xE2, 0x7C, 0x7A, 0x41, 0x45, 0x75, 0x6A), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_30_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xEE, 0x58, 0x31, 0xE8, 0x68, 0xD6, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0xD2, 0x2E, 0x48, 0xB7, 0x09, 0x9F, 0xD4, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xA9, 0x5C, 0xE7, 0x64, 0x43, 0x5D, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x9E, 0x58, 0x9F, 0x50, 0xAB, 0x68, 0xFF, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0x88, 0x2D, 0xBA, 0x12, 0xBF, 0x8D, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0xDF, 0x6F, 0xB3, 0x75, 0xA4, 0x55, 0x73), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_30_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x17, 0x92, 0x39, 0xB7, 0x13, 0x37, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x43, 0x71, 0xA7, 0xCA, 0x17, 0x1B, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0xE7, 0xB9, 0xB0, 0x78, 0xEF, 0xA0, 0xDA, 0x83), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x84, 0xF2, 0x0F, 0x85, 0xA2, 0xB6, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0x72, 0x65, 0x2E, 0x6E, 0x45, 0xB9, 0x4C, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0x6A, 0x8C, 0x2B, 0x77, 0x96, 0x36, 0x22), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_31_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x7A, 0x13, 0x4A, 0x97, 0x63, 0x02, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x1E, 0x06, 0x03, 0x8F, 0xB9, 0xEE, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0xEE, 0x8B, 0x89, 0xA9, 0x70, 0xDB, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x7B, 0x81, 0xC9, 0x70, 0x8D, 0x62, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0xDA, 0x46, 0xF8, 0xF9, 0x3A, 0xBE, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0x9C, 0x7A, 0x97, 0x62, 0xEB, 0xFA, 0x0F), +}; +static const mbedtls_mpi_uint brainpoolP384r1_T_31_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0x03, 0x3D, 0x3C, 0x46, 0x27, 0x9E, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x08, 0x1C, 0xD5, 0x25, 0xAF, 0xE9, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0x69, 0xDC, 0x59, 0xF4, 0x8A, 0x7C, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x9A, 0x7A, 0x99, 0x21, 0x0C, 0x4E, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xCE, 0x85, 0x5F, 0xAC, 0xAA, 0x82, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x83, 0x57, 0x69, 0x90, 0x76, 0xF3, 0x53, 0x3F), +}; +static const mbedtls_ecp_point brainpoolP384r1_T[32] = { + ECP_POINT_INIT_XY_Z1(brainpoolP384r1_T_0_X, brainpoolP384r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_1_X, brainpoolP384r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_2_X, brainpoolP384r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_3_X, brainpoolP384r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_4_X, brainpoolP384r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_5_X, brainpoolP384r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_6_X, brainpoolP384r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_7_X, brainpoolP384r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_8_X, brainpoolP384r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_9_X, brainpoolP384r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_10_X, brainpoolP384r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_11_X, brainpoolP384r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_12_X, brainpoolP384r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_13_X, brainpoolP384r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_14_X, brainpoolP384r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_15_X, brainpoolP384r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_16_X, brainpoolP384r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_17_X, brainpoolP384r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_18_X, brainpoolP384r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_19_X, brainpoolP384r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_20_X, brainpoolP384r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_21_X, brainpoolP384r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_22_X, brainpoolP384r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_23_X, brainpoolP384r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_24_X, brainpoolP384r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_25_X, brainpoolP384r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_26_X, brainpoolP384r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_27_X, brainpoolP384r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_28_X, brainpoolP384r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_29_X, brainpoolP384r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_30_X, brainpoolP384r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP384r1_T_31_X, brainpoolP384r1_T_31_Y), +}; +#else +#define brainpoolP384r1_T NULL +#endif + +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ + +/* + * Domain parameters for brainpoolP512r1 (RFC 5639 3.7) + */ +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +static const mbedtls_mpi_uint brainpoolP512r1_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA), +}; +static const mbedtls_mpi_uint brainpoolP512r1_a[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78), +}; +static const mbedtls_mpi_uint brainpoolP512r1_b[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_gx[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81), +}; +static const mbedtls_mpi_uint brainpoolP512r1_gy[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA), +}; + +#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1 +static const mbedtls_mpi_uint brainpoolP512r1_T_0_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_0_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_1_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xE9, 0x6B, 0x8C, 0x6F, 0x9D, 0x88, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x4F, 0x86, 0x96, 0xA7, 0x56, 0xD1, 0x37), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xAB, 0xFA, 0xEE, 0xA7, 0xF5, 0x0E, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x40, 0xEF, 0x9E, 0x6D, 0xD6, 0x32, 0x33), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0xED, 0x56, 0x14, 0x57, 0x1A, 0x8D, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xED, 0x4D, 0x3A, 0xFA, 0x71, 0x75, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xC5, 0x76, 0x1C, 0x14, 0xBE, 0xB5, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x5A, 0xCB, 0xE7, 0x36, 0x1D, 0x52, 0x1C), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_1_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x8D, 0x7A, 0xEB, 0xA3, 0x8B, 0xD5, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0xA3, 0x41, 0xF8, 0xAC, 0x9E, 0xAB, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x12, 0xE3, 0x65, 0x0D, 0x1C, 0xFE, 0x09, 0x2B), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0xCA, 0x13, 0x3F, 0xC5, 0xF9, 0x7E, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0x5D, 0x63, 0x28, 0xA6, 0x89, 0xD3, 0x91), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x95, 0x3F, 0x7A, 0x82, 0xD4, 0x77, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xBB, 0x92, 0x32, 0x00, 0xF4, 0x66, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x58, 0x31, 0xD1, 0x17, 0x9F, 0x2A, 0x22), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_2_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0x36, 0xA9, 0xCD, 0x80, 0xA5, 0x2D, 0x78), + MBEDTLS_BYTES_TO_T_UINT_8(0x91, 0x44, 0xAB, 0xCE, 0x71, 0xFF, 0x0C, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0x24, 0x58, 0x35, 0x5A, 0x21, 0x32, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0x1B, 0xA6, 0x28, 0xF8, 0x7A, 0x97, 0xAE, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0xE7, 0x08, 0xFA, 0x47, 0xC9, 0x55, 0x09), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xAC, 0x2E, 0x84, 0xA4, 0xF5, 0x52, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x58, 0x05, 0x9D, 0xA7, 0xC8, 0x71, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x92, 0xB4, 0x92, 0xC1, 0x92, 0xEC, 0x6B), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_2_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4A, 0x48, 0x2D, 0x79, 0x5E, 0x58, 0xE5, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x85, 0x26, 0xEC, 0xE9, 0x6E, 0xD4, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x68, 0x26, 0x87, 0x38, 0xA2, 0xD2, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0x17, 0x60, 0xCE, 0x75, 0xF8, 0xA5, 0x6F), + MBEDTLS_BYTES_TO_T_UINT_8(0x20, 0x51, 0xDB, 0xA9, 0xAE, 0x87, 0xF1, 0x15), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x49, 0x92, 0x3B, 0x19, 0x96, 0xF5, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0xD5, 0x52, 0x52, 0x8C, 0xCE, 0xFD, 0xFA), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x18, 0x0A, 0xE6, 0xF6, 0xAE, 0x08, 0x41), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_3_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x2B, 0xD8, 0x54, 0xCE, 0xB0, 0x57, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0xB0, 0xF8, 0x9E, 0x03, 0x03, 0x3C, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x0E, 0x29, 0x29, 0x00, 0xF3, 0x70, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0x33, 0x99, 0x0E, 0x00, 0x5D, 0xFE, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0x2D, 0xF2, 0x59, 0x32, 0xCF, 0x03, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0xC9, 0x72, 0xAE, 0x0C, 0xEF, 0xD1, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x5A, 0x27, 0xBF, 0x2F, 0x45, 0xF9, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0xD4, 0xBE, 0xE5, 0x2C, 0xFF, 0x5B, 0x1E, 0x88), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_3_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0xAC, 0xBB, 0xD8, 0x83, 0xC2, 0x46, 0xF6), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0xDC, 0xCE, 0x15, 0xB4, 0xEF, 0xCF, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0xDB, 0x5E, 0x94, 0x31, 0x0B, 0xB2, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0xB9, 0xE3, 0xE3, 0x11, 0x71, 0x41, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xE3, 0x01, 0xB7, 0x7D, 0xBC, 0x65, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x07, 0x65, 0x87, 0xA7, 0xE8, 0x48, 0xE3), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0x48, 0x8F, 0xD4, 0x30, 0x8E, 0xB4, 0x6C), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0xE0, 0x73, 0xBE, 0x1E, 0xBF, 0x56, 0x36), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_4_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xFE, 0x0E, 0x5E, 0x87, 0xC5, 0xAB, 0x0E, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0xF9, 0x5F, 0x80, 0x24, 0x4C, 0x2A, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0xDE, 0x15, 0x21, 0x54, 0x92, 0x84, 0x8D, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA8, 0x8A, 0x47, 0x74, 0xDC, 0x42, 0xB1, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0xF7, 0x30, 0xFD, 0xC1, 0x9B, 0x0C, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x6C, 0xCC, 0xDF, 0xC5, 0xE3, 0xA9, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x67, 0x59, 0x10, 0x5C, 0x51, 0x54, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x37, 0xFB, 0x6E, 0xB0, 0x78, 0x63, 0x8E), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_4_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0xEF, 0xC4, 0x39, 0x20, 0xF1, 0x46, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0x62, 0xAE, 0xFF, 0x10, 0xE4, 0xE2, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x5C, 0xF5, 0x2E, 0x22, 0x89, 0xE5, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0x0C, 0x29, 0xA8, 0x62, 0xAE, 0xDB, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0x9E, 0x0F, 0xCA, 0x87, 0x2A, 0x6F, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xCE, 0xDC, 0x9B, 0x9F, 0x65, 0xD4, 0xAD, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0xC3, 0x08, 0x0F, 0xCF, 0x67, 0xE9, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x5C, 0xD7, 0xFF, 0x41, 0x9C, 0xCB, 0x26), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_5_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x25, 0x05, 0x12, 0xAD, 0x73, 0x63, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0x99, 0x07, 0x86, 0x57, 0xE7, 0x94, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x4B, 0xA5, 0xBF, 0x18, 0xA9, 0xEF, 0x6A), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0x4C, 0xC4, 0x09, 0xF2, 0x2F, 0x0C, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0x3A, 0x04, 0xEA, 0x89, 0x6C, 0x91, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x6C, 0x3A, 0xE7, 0xA3, 0xEC, 0x24, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0xA1, 0x26, 0x21, 0x04, 0xE3, 0xB9, 0x40), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0x71, 0x4B, 0x7B, 0xC2, 0x89, 0xCD, 0xA2), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_5_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB7, 0xB9, 0xA8, 0x9D, 0xFD, 0x00, 0x3A, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x41, 0x6C, 0xBB, 0x5A, 0xCA, 0x1F, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0xD7, 0xE2, 0x6C, 0x6B, 0xA7, 0x48, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x19, 0xAD, 0xA7, 0xC1, 0x7E, 0x4F, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0xF7, 0x19, 0x3C, 0x06, 0x74, 0x2C, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x23, 0x4F, 0x0C, 0x09, 0xB0, 0x80, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x4E, 0x74, 0x34, 0x08, 0x44, 0x7E, 0xA3, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0xCC, 0x8D, 0x12, 0x6E, 0xE1, 0x3D, 0x0B), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_6_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x18, 0xB1, 0x71, 0x02, 0x93, 0xC2, 0xA4), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x89, 0x40, 0xE2, 0x1F, 0xE7, 0x5E, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x8E, 0xAE, 0x89, 0x01, 0xD4, 0x0C, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0xAE, 0xDA, 0x58, 0x70, 0x24, 0xF2, 0xE4, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0xC7, 0x1D, 0xD6, 0x4A, 0x6F, 0x66, 0x4F), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x1D, 0x7E, 0x4A, 0x2C, 0xCA, 0xEC, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0xA1, 0x06, 0x7F, 0xA8, 0x99, 0xE4, 0xD3, 0x4E), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x1D, 0x5A, 0xDF, 0x5E, 0x58, 0x36, 0x49), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_6_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0xB9, 0x32, 0x69, 0x1F, 0x72, 0x2A, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0x73, 0xE2, 0x03, 0x39, 0x35, 0xAA, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x5E, 0x5D, 0x48, 0xEF, 0xAE, 0x30, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x7F, 0x60, 0x19, 0xAF, 0xEC, 0x9D, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0xCA, 0xD9, 0x19, 0xE4, 0x1B, 0x56, 0x15, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xD7, 0x33, 0x59, 0x1F, 0x43, 0x59, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0xCE, 0xEE, 0xCA, 0xA4, 0x7F, 0x63, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0xBD, 0x40, 0xC0, 0xF6, 0x19, 0x89, 0x43, 0x20), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_7_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x92, 0xEA, 0x07, 0x65, 0x79, 0x86, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0xB7, 0x13, 0x75, 0xD3, 0xC5, 0x0A, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x9E, 0xFA, 0xE1, 0x1F, 0x0C, 0xF9, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x8C, 0xED, 0x5C, 0x21, 0xE9, 0x09, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0x4D, 0xD8, 0x18, 0xC4, 0xF6, 0x36, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0xC9, 0xAC, 0x5C, 0xFA, 0x69, 0xA4, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0x8C, 0x94, 0x1C, 0x7B, 0x71, 0x36, 0x58), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0xBD, 0x46, 0xCE, 0xB7, 0x1D, 0x9C, 0x5E), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_7_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xD6, 0x96, 0x4B, 0xA6, 0x47, 0xEB, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0xF1, 0x5F, 0x15, 0xDE, 0x99, 0x6F, 0x66), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xBD, 0xE5, 0x04, 0xB8, 0xE6, 0xC0, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0x49, 0xD3, 0xF0, 0x04, 0x00, 0xE4, 0x05, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xF3, 0x06, 0xA3, 0x1A, 0xFF, 0xEA, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x32, 0xAA, 0x99, 0x33, 0x09, 0xB6, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x6E, 0xEF, 0xFC, 0x61, 0x10, 0x42, 0x31, 0x94), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0xF1, 0xF4, 0x33, 0xCF, 0x28, 0x90, 0x9C), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_8_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xDE, 0xF9, 0x88, 0x87, 0x7B, 0xEB, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0xB8, 0xDA, 0xFA, 0xDA, 0x3D, 0xA6, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xF0, 0x62, 0x82, 0x53, 0x32, 0x55, 0x03), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xA5, 0x32, 0x4A, 0x19, 0x11, 0x9C, 0x10), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0xB3, 0x27, 0xE9, 0x75, 0x90, 0x05, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x1C, 0x90, 0x48, 0x77, 0x01, 0x85, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0xD6, 0x9B, 0x84, 0xA8, 0xD7, 0xC5, 0x28), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x7A, 0xCB, 0xB3, 0x11, 0x46, 0xD7, 0x99), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_8_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0x23, 0xBF, 0x75, 0x75, 0xA1, 0x95, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0x4B, 0x66, 0x5D, 0x34, 0x13, 0xA9, 0x03, 0xBE), + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x80, 0x9D, 0x5F, 0xD2, 0x44, 0xE1, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x5D, 0xBD, 0xA8, 0xBF, 0xB4, 0x25, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x99, 0x1F, 0x53, 0xF1, 0x57, 0xDB, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x7C, 0xE5, 0xC5, 0x51, 0x0B, 0x4C, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x6B, 0xB0, 0x1A, 0x9C, 0x16, 0xB0, 0x32, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0xE3, 0xCF, 0xDD, 0x48, 0xB4, 0x7B, 0x33), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_9_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0xDD, 0x9E, 0x3C, 0x98, 0x0E, 0x77, 0x65), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0xAB, 0x01, 0xD3, 0x87, 0x74, 0x25, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0xA3, 0xE3, 0x76, 0x43, 0x87, 0x12, 0xBD), + MBEDTLS_BYTES_TO_T_UINT_8(0x54, 0xB1, 0x3B, 0x60, 0x66, 0xEB, 0x98, 0x54), + MBEDTLS_BYTES_TO_T_UINT_8(0xD2, 0x78, 0xC8, 0xD7, 0x4E, 0x75, 0xCA, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xDF, 0x71, 0x19, 0xE7, 0x07, 0x36, 0xB5), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0xC9, 0xA8, 0x5F, 0x91, 0xBF, 0x47, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x96, 0x58, 0x96, 0x18, 0xB6, 0xFA, 0x01), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_9_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x2D, 0xA9, 0x9B, 0x86, 0xDB, 0x0C, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x0B, 0x2D, 0x56, 0x4A, 0xD3, 0x93, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x15, 0xE2, 0x65, 0x12, 0x86, 0x0E, 0xB2), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x41, 0x4D, 0xC1, 0xCB, 0xE4, 0xC3, 0xD7), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x53, 0x10, 0xCA, 0xA3, 0xAC, 0x83, 0x26), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x01, 0x22, 0x96, 0x10, 0xAD, 0x69, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x42, 0x46, 0x4E, 0xD8, 0xEA, 0xD6, 0x9D, 0xF3), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x2F, 0x7F, 0x62, 0x62, 0x80, 0xD0, 0x14), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_10_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0xDA, 0x00, 0x63, 0x09, 0xBD, 0x6A, 0x83), + MBEDTLS_BYTES_TO_T_UINT_8(0x0F, 0xD4, 0x6E, 0x48, 0x05, 0xB7, 0xF7, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0x4D, 0xD7, 0x00, 0x4A, 0x15, 0x27, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x15, 0xAA, 0x37, 0x27, 0x34, 0x18, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x20, 0x2C, 0x84, 0x1B, 0x88, 0xBA, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x09, 0xD6, 0x04, 0xA2, 0x60, 0x84, 0x72), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0x04, 0x94, 0x08, 0xD4, 0xED, 0x47, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xF3, 0xE4, 0x3E, 0xB9, 0x5B, 0x35, 0x42), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_10_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5F, 0xD8, 0xB6, 0x80, 0xD6, 0xF1, 0x30, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x14, 0xA6, 0x85, 0xEE, 0xA7, 0xD8, 0x61), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x49, 0x2A, 0x1E, 0x7C, 0xE9, 0x2D, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x3A, 0x87, 0x56, 0x91, 0x03, 0x77, 0x4D, 0x55), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0x52, 0xD4, 0xAA, 0xF7, 0xFA, 0xB0, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x5D, 0x11, 0x39, 0xB1, 0xE7, 0x76, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x13, 0xBC, 0x37, 0x5D, 0x74, 0xCD, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x48, 0x14, 0x23, 0x30, 0xF8, 0x46, 0x37), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_11_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x27, 0xB0, 0xD9, 0xB2, 0x74, 0xB4, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xEA, 0xA6, 0xB9, 0x6F, 0x9F, 0x64, 0x36, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x2E, 0x2B, 0x78, 0x40, 0x05, 0x2B, 0x7B, 0xA9), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x68, 0x3A, 0xB6, 0x4A, 0xE2, 0xDB, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x1E, 0x33, 0xD7, 0x34, 0x8B, 0x25, 0x45, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0xCE, 0xA8, 0xC9, 0x01, 0xFB, 0x0E, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0xF9, 0x51, 0x4C, 0x12, 0x9F, 0x60, 0xE4), + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0x85, 0xBD, 0x30, 0x37, 0x84, 0x39, 0x44), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_11_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x26, 0x33, 0xAF, 0x2E, 0xB8, 0x2E, 0xCC, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0xB1, 0x73, 0x59, 0x4E, 0x0C, 0x09, 0x4A), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0x24, 0x89, 0x81, 0x12, 0xFF, 0xBB, 0x6E), + MBEDTLS_BYTES_TO_T_UINT_8(0x71, 0x37, 0x1A, 0x66, 0xEE, 0xED, 0xB6, 0x9B), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0xBD, 0x04, 0x20, 0x5D, 0xFB, 0xBF, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0xF8, 0x34, 0xA3, 0xFF, 0x45, 0xDE, 0x92), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x18, 0x73, 0xF1, 0x32, 0x25, 0x58, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0xC1, 0x14, 0xE3, 0x9E, 0x40, 0x0F, 0x12), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_12_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x07, 0x9D, 0x9C, 0x00, 0xF7, 0x56, 0x19), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0xBA, 0x87, 0xF9, 0x15, 0x0C, 0x66, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0x1F, 0xC1, 0x28, 0xB0, 0x47, 0x0D, 0xF5), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0xCA, 0x27, 0xEE, 0x4B, 0x23, 0x2B, 0x89), + MBEDTLS_BYTES_TO_T_UINT_8(0x7E, 0xB5, 0x68, 0xC8, 0x17, 0x5D, 0xC3, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0x02, 0x08, 0xEE, 0x20, 0x9D, 0xEA, 0x64), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x14, 0x50, 0xD4, 0x7D, 0x5F, 0xCF, 0xA0), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0xFA, 0xF8, 0xA7, 0xC6, 0xDC, 0x14, 0x8C), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_12_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x76, 0xBD, 0x0A, 0x1A, 0x18, 0x98, 0xDC, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0x63, 0x63, 0x02, 0xB7, 0xD5, 0x5B, 0x5A, 0xC6), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0xB1, 0xD7, 0x4B, 0x15, 0x39, 0x61, 0x5D), + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0x32, 0xE1, 0x9E, 0x70, 0x1B, 0xCE, 0x51), + MBEDTLS_BYTES_TO_T_UINT_8(0x64, 0xD8, 0x18, 0x83, 0x52, 0x9B, 0x6D, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x55, 0x56, 0x19, 0x34, 0xA4, 0xEA, 0xFC), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0xA9, 0x55, 0x80, 0xE3, 0x15, 0x36, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0x06, 0xC8, 0x1D, 0x17, 0x0D, 0xAD, 0x16), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_13_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x20, 0xD6, 0xF0, 0xCC, 0xF3, 0x63, 0x53, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x5A, 0xDC, 0x46, 0xBD, 0x0D, 0xAD, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0x2F, 0x11, 0x60, 0x15, 0x51, 0x4A, 0xEA), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0xE3, 0x93, 0x38, 0xD5, 0x83, 0xAA, 0x0D), + MBEDTLS_BYTES_TO_T_UINT_8(0x90, 0xA6, 0xCC, 0xB1, 0xFD, 0xBB, 0x1A, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x3B, 0x54, 0xC8, 0x54, 0x6F, 0x79, 0x1A, 0x59), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x4A, 0xDA, 0x28, 0x92, 0x97, 0x9D, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xD6, 0x4B, 0xDB, 0xC7, 0x52, 0xC5, 0x66, 0x34), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_13_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x7E, 0x92, 0x53, 0x30, 0x93, 0xFD, 0xFF), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x16, 0x6A, 0xB1, 0x91, 0x0A, 0xB4, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x6D, 0x9D, 0x40, 0x3F, 0xE3, 0xF1, 0x01, 0x46), + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x0E, 0xD8, 0xED, 0x11, 0x8E, 0x4C, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0x86, 0x4A, 0x1B, 0x88, 0xDF, 0x8D, 0x29, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x23, 0x21, 0x11, 0xAB, 0x77, 0x81, 0x62), + MBEDTLS_BYTES_TO_T_UINT_8(0x0B, 0xAF, 0x11, 0xFA, 0xBA, 0x40, 0x63, 0xE7), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0x6F, 0x8D, 0x80, 0xDF, 0x67, 0xF5, 0x44), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_14_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0x8B, 0xB7, 0x08, 0xF4, 0xD7, 0x2D, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0x2B, 0x30, 0x02, 0x45, 0x71, 0x08, 0x49), + MBEDTLS_BYTES_TO_T_UINT_8(0x97, 0x3A, 0xCA, 0x50, 0xF6, 0xC2, 0x19, 0x8C), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xB9, 0x9B, 0x3E, 0x73, 0x95, 0x1D, 0x49), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x60, 0x59, 0x48, 0xCB, 0xD8, 0xD6, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0xB9, 0x6C, 0x89, 0xAB, 0x99, 0xA8, 0xF8), + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0xA1, 0x8B, 0x4E, 0x06, 0x19, 0xEC, 0x99), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x95, 0x04, 0xCF, 0xD5, 0x94, 0xB3, 0x02), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_14_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x29, 0x35, 0x93, 0x7C, 0xB3, 0xB8, 0x9E, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0xC4, 0x45, 0x5C, 0x7E, 0xBF, 0x75, 0x81, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xDC, 0xE8, 0x24, 0xDF, 0xEC, 0x2F, 0x7D, 0xB9), + MBEDTLS_BYTES_TO_T_UINT_8(0xF2, 0x8B, 0xD5, 0x6A, 0x9B, 0xA0, 0xE0, 0x4F), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0xE3, 0x27, 0x82, 0xDE, 0xDD, 0xCA, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x57, 0x56, 0x46, 0x05, 0x06, 0x01, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0x74, 0x35, 0xA7, 0x47, 0xE2, 0x6B, 0x2C, 0x4F), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x9D, 0x4C, 0xEC, 0x1F, 0x11, 0x75, 0x2B), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_15_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0xAA, 0x41, 0xC1, 0xE9, 0x0E, 0xE9, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0xCF, 0x9C, 0x4B, 0xE8, 0xED, 0x0A, 0x49), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0x73, 0xCA, 0x0C, 0x46, 0x0A, 0x9C, 0xE4), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xE1, 0x9E, 0xBC, 0xFE, 0x44, 0x63, 0x6D), + MBEDTLS_BYTES_TO_T_UINT_8(0x31, 0x43, 0x71, 0xEE, 0xF8, 0xC1, 0x8C, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x6A, 0x4B, 0xF0, 0x69, 0x25, 0xBD, 0x71, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0xFD, 0x9A, 0xFE, 0x82, 0xE7, 0xC1, 0xC1, 0xEE), + MBEDTLS_BYTES_TO_T_UINT_8(0xFC, 0x5A, 0x6E, 0x5E, 0x97, 0x6A, 0x35, 0x8D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_15_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA2, 0x18, 0x6C, 0x7E, 0xB8, 0x9E, 0x57, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x35, 0xB9, 0xC1, 0xD0, 0xFE, 0x78, 0xFB, 0x32), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x08, 0xAE, 0x46, 0x34, 0xEA, 0x7A, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x1C, 0x56, 0xA9, 0x18, 0x37, 0xD4, 0x9E), + MBEDTLS_BYTES_TO_T_UINT_8(0x28, 0x63, 0xE9, 0x0A, 0xB6, 0x38, 0x3C, 0xC1), + MBEDTLS_BYTES_TO_T_UINT_8(0x3E, 0x4F, 0xA4, 0x6E, 0x85, 0x31, 0x23, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x0D, 0xAD, 0xC4, 0xC3, 0xB1, 0x4B, 0x1C, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x56, 0x4A, 0x38, 0xB3, 0x6B, 0x6F, 0x2C), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_16_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x67, 0xC7, 0x19, 0xDE, 0x21, 0xED, 0x89, 0xD0), + MBEDTLS_BYTES_TO_T_UINT_8(0x2F, 0xBE, 0xA6, 0xAE, 0xEB, 0x9D, 0xA7, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x0E, 0x13, 0x1E, 0x86, 0x57, 0xC3, 0x3B), + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x4B, 0x30, 0x46, 0x52, 0xC1, 0xEC, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x6E, 0xD5, 0x44, 0x31, 0x96, 0x3B, 0x26, 0x27), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x68, 0xA8, 0x67, 0x78, 0x39, 0xE8, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0x78, 0xB7, 0xDD, 0xF2, 0x58, 0xB6, 0x3D), + MBEDTLS_BYTES_TO_T_UINT_8(0x81, 0x3C, 0xB3, 0x26, 0xC4, 0x2C, 0x8C, 0xA5), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_16_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB9, 0x24, 0xE5, 0x73, 0xEE, 0x9A, 0x02, 0xA9), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0x6A, 0x65, 0x60, 0xF3, 0x62, 0xE3, 0xE9), + MBEDTLS_BYTES_TO_T_UINT_8(0xFB, 0x07, 0x84, 0xE6, 0x3B, 0x46, 0x65, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0x8F, 0x0C, 0xB0, 0xE1, 0x04, 0x82, 0x9D), + MBEDTLS_BYTES_TO_T_UINT_8(0xEB, 0x13, 0xBF, 0x3D, 0xA0, 0x48, 0xA2, 0x74), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0x26, 0x76, 0x74, 0xAB, 0x0B, 0x29, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0x30, 0x6E, 0x5F, 0x03, 0x34, 0x7C, 0x38, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0x72, 0xF9, 0x3B, 0x3C, 0xA4, 0xBC, 0x7C), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_17_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x5C, 0xCE, 0x18, 0x80, 0xB8, 0x24, 0x45, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x09, 0x03, 0xB8, 0x06, 0x64, 0xF7, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0xF1, 0x26, 0xB1, 0x10, 0x6D, 0x71, 0x12, 0x2E), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x12, 0xC6, 0x6E, 0x1E, 0x6A, 0xC3, 0x80), + MBEDTLS_BYTES_TO_T_UINT_8(0xE5, 0xD3, 0x0A, 0xDE, 0xD8, 0x6B, 0x04, 0x5C), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x87, 0x5B, 0xAE, 0xDB, 0x3C, 0xC0, 0xC5), + MBEDTLS_BYTES_TO_T_UINT_8(0x8E, 0xF5, 0xF9, 0xC1, 0x9A, 0x89, 0xBB, 0x7E), + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0x69, 0x72, 0x8B, 0xAE, 0x32, 0x13, 0x11), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_17_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x16, 0x07, 0x50, 0xFA, 0x4C, 0xCF, 0xE8), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x50, 0x21, 0xE9, 0xDE, 0xEC, 0x7E, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x2F, 0xE8, 0x83, 0x30, 0x0B, 0x65, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x0B, 0x99, 0xAC, 0xC9, 0xBA, 0x6C, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x59, 0x5A, 0x0D, 0x7B, 0x9E, 0x08, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0x34, 0x91, 0xB2, 0xDC, 0x90, 0xCE, 0x67, 0xED), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x93, 0x60, 0x0C, 0xD7, 0x1F, 0x2F, 0x17), + MBEDTLS_BYTES_TO_T_UINT_8(0x19, 0x7F, 0x9D, 0x40, 0xF8, 0x78, 0x7A, 0x54), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_18_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x13, 0x22, 0x95, 0xE8, 0xEF, 0x31, 0x57, 0x35), + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0x88, 0x53, 0xFE, 0xAF, 0x7C, 0x47, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xCE, 0xCC, 0x79, 0xE8, 0x9F, 0x8C, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0xDB, 0x16, 0xDD, 0x77, 0x6E, 0x8A, 0x73, 0x97), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0x07, 0x97, 0x21, 0x3B, 0xF8, 0x5F, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0xC6, 0xB5, 0xD2, 0x81, 0x84, 0xF0, 0xE7, 0x9F), + MBEDTLS_BYTES_TO_T_UINT_8(0xCB, 0x8F, 0x75, 0x09, 0x6A, 0x0E, 0x53, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x4F, 0x70, 0x97, 0xC7, 0xAC, 0x7D, 0x3F), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_18_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF9, 0x3C, 0x6A, 0xB4, 0x10, 0xA9, 0xC8, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0xC5, 0xD6, 0x69, 0x16, 0xB8, 0xAC, 0x25), + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x44, 0xDC, 0xEB, 0x48, 0x54, 0x5D, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0x6F, 0x48, 0x9B, 0xD7, 0x72, 0x69, 0xA4, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x0D, 0x36, 0x9A, 0x66, 0x0B, 0xEC, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0xC6, 0xD4, 0xB6, 0x60, 0xE5, 0xC3, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xBA, 0x29, 0x42, 0xE0, 0x9D, 0xFD, 0x7C, 0x3E), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x10, 0xBA, 0x55, 0xBC, 0x3B, 0x38, 0x5D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_19_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x25, 0x66, 0xFA, 0x05, 0x73, 0x03, 0x1B, 0x69), + MBEDTLS_BYTES_TO_T_UINT_8(0x11, 0xA4, 0x66, 0x12, 0x96, 0x7B, 0x02, 0x4C), + MBEDTLS_BYTES_TO_T_UINT_8(0x44, 0xB5, 0xDE, 0x6D, 0x98, 0xD1, 0xD5, 0xA8), + MBEDTLS_BYTES_TO_T_UINT_8(0xE2, 0xF5, 0x44, 0xB8, 0x8E, 0xF6, 0x8C, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x15, 0x2B, 0x72, 0xBC, 0x49, 0xE5, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0x6C, 0x44, 0xD7, 0xDF, 0x8F, 0xEB, 0x8D, 0x80), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x64, 0x88, 0xAA, 0xB7, 0xE4, 0x70, 0x1D), + MBEDTLS_BYTES_TO_T_UINT_8(0x9C, 0x14, 0xBB, 0xE9, 0x9B, 0xB9, 0x65, 0x5D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_19_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x66, 0x8E, 0x88, 0xF5, 0xF1, 0xC1, 0x89, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0x16, 0x30, 0x53, 0xE6, 0xFB, 0x2D, 0x82, 0xB4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0xE4, 0xFF, 0xBA, 0x31, 0x79, 0xAB, 0xC2), + MBEDTLS_BYTES_TO_T_UINT_8(0x45, 0x09, 0xF7, 0xB7, 0x09, 0x78, 0x4C, 0x90), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xAE, 0xC2, 0x44, 0xDC, 0x17, 0x78, 0x47), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0xD4, 0x17, 0x43, 0x19, 0x74, 0x9E, 0x23), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x64, 0x3B, 0x73, 0xA2, 0x99, 0x27, 0x76), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x74, 0x36, 0x5F, 0xD3, 0x14, 0xB1, 0x31), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_20_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAC, 0x07, 0xAB, 0xFD, 0x9B, 0x03, 0xC5, 0xD5), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0xBE, 0xB0, 0x1D, 0xF2, 0x0C, 0x73, 0x73), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xE7, 0x7B, 0x87, 0xD3, 0x34, 0xFD, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x9A, 0x25, 0x3D, 0xC7, 0x36, 0x83, 0x53, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x7C, 0xCF, 0x63, 0x55, 0x12, 0x11, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0xC0, 0x34, 0x4D, 0x27, 0x92, 0xAC, 0x18, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x42, 0x61, 0x9D, 0x2E, 0xFF, 0x13, 0x16), + MBEDTLS_BYTES_TO_T_UINT_8(0xF4, 0xDE, 0x92, 0x65, 0x57, 0x0D, 0xBC, 0x0A), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_20_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xEF, 0x7B, 0x6E, 0xC6, 0x2A, 0x21, 0x74, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0xA7, 0x53, 0x4D, 0x29, 0x36, 0xEF, 0xE5), + MBEDTLS_BYTES_TO_T_UINT_8(0xE1, 0xD6, 0x41, 0xC7, 0x99, 0xAD, 0x50, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0x99, 0xAC, 0x41, 0x9F, 0xFB, 0x4C, 0x86, 0xF1), + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xBB, 0xE6, 0x25, 0x28, 0xAA, 0xEB, 0x1E), + MBEDTLS_BYTES_TO_T_UINT_8(0x92, 0x04, 0xA2, 0xC3, 0xAA, 0x08, 0x8A, 0xCC), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x2B, 0x5B, 0xE2, 0x8D, 0x76, 0xEA, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0xB3, 0x33, 0xD2, 0x21, 0x4D, 0x62, 0xE3, 0x8E), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_21_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0x06, 0x8B, 0x2B, 0xC2, 0xC4, 0xB1, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0xFA, 0xF5, 0xA1, 0xC0, 0x03, 0x6A, 0x29, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0xF5, 0xA9, 0xEF, 0x55, 0xB6, 0x1A, 0x9F, 0x6B), + MBEDTLS_BYTES_TO_T_UINT_8(0x9B, 0x54, 0x32, 0xBE, 0x06, 0x43, 0xB5, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xF7, 0xD6, 0xD9, 0x20, 0x89, 0xBE, 0xD4, 0x1B), + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0x26, 0x95, 0x10, 0xCE, 0xB4, 0x88, 0x79), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0xA6, 0x27, 0xAC, 0x32, 0xBA, 0xBD, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0xA6, 0xAE, 0x9C, 0x7B, 0xBE, 0xA1, 0x63), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_21_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8B, 0xCD, 0x4D, 0x3D, 0xDF, 0x96, 0xBB, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0xA7, 0x11, 0x06, 0xCC, 0x0E, 0x31, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0x20, 0xE4, 0xF4, 0xAD, 0x7B, 0x5F, 0xF1, 0xEF), + MBEDTLS_BYTES_TO_T_UINT_8(0xE4, 0x54, 0xBE, 0xF4, 0x8A, 0x03, 0x47, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0x53, 0x00, 0x7F, 0xB0, 0x8A, 0x68, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x16, 0xB1, 0x73, 0x6F, 0x5B, 0x0E, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x32, 0xE3, 0x43, 0x64, 0x75, 0xFB, 0xFB), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x18, 0x55, 0x8A, 0x4E, 0x6E, 0x35, 0x54), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_22_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x80, 0x97, 0x15, 0x1E, 0xCB, 0xF2, 0x9C, 0xA5), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0xD1, 0xBB, 0xF3, 0x70, 0xAD, 0x13, 0xAD), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0x96, 0xA4, 0xC5, 0x5E, 0xDA, 0xD5, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x81, 0xE9, 0x65, 0x66, 0x76, 0x47, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x35, 0x87, 0x06, 0x73, 0xCF, 0x34, 0xD2), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x81, 0x15, 0x42, 0xA2, 0x79, 0x5B, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x08, 0xA2, 0x7D, 0x09, 0x14, 0x64, 0xC6, 0xAE), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0x6D, 0xC4, 0xED, 0xF1, 0xD6, 0xE9, 0x24), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_22_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xB4, 0xD5, 0xBB, 0x25, 0xA3, 0xDD, 0xA3, 0x88), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0xF2, 0x68, 0x67, 0x39, 0x8F, 0x73, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x76, 0x28, 0x89, 0xAD, 0x32, 0xE0, 0xDF), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0x90, 0xCC, 0x57, 0x58, 0xAA, 0xC9, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0xD7, 0x43, 0xD2, 0xCE, 0x5E, 0xA0, 0x08), + MBEDTLS_BYTES_TO_T_UINT_8(0x33, 0xB0, 0xB8, 0xA4, 0x9E, 0x96, 0x26, 0x86), + MBEDTLS_BYTES_TO_T_UINT_8(0x94, 0x61, 0x1D, 0xF3, 0x65, 0x5E, 0x60, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xC7, 0x1E, 0x65, 0xED, 0xCF, 0x07, 0x60, 0x20), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_23_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x30, 0x17, 0x8A, 0x91, 0x88, 0x0A, 0xA4), + MBEDTLS_BYTES_TO_T_UINT_8(0x05, 0x7D, 0x18, 0xA4, 0xAC, 0x59, 0xFC, 0x5F), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x31, 0x8B, 0x25, 0x65, 0x39, 0x9A, 0xDC), + MBEDTLS_BYTES_TO_T_UINT_8(0x15, 0x16, 0x4B, 0x68, 0xBA, 0x59, 0x13, 0x2F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8D, 0xFD, 0xD3, 0xC5, 0x56, 0xC9, 0x8C, 0x5E), + MBEDTLS_BYTES_TO_T_UINT_8(0xBC, 0xC6, 0x9F, 0xF4, 0xE6, 0xF7, 0xB4, 0x01), + MBEDTLS_BYTES_TO_T_UINT_8(0x2D, 0x7C, 0x03, 0x00, 0x26, 0x9F, 0xD8, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x1D, 0x6E, 0x00, 0xB9, 0x00, 0x6E, 0x93), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_23_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0x63, 0xDA, 0x03, 0x2B, 0xD5, 0x0B, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x46, 0xFC, 0xE2, 0xC8, 0x47, 0xF0, 0xAE, 0xF2), + MBEDTLS_BYTES_TO_T_UINT_8(0x51, 0x4C, 0xF7, 0x50, 0x0C, 0x48, 0x06, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0xDF, 0x2B, 0x32, 0x98, 0x0E, 0x7E, 0x61, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x02, 0x27, 0xFE, 0x75, 0x86, 0xDF, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0x2B, 0x30, 0xB1, 0x22, 0x32, 0x1B, 0xFE, 0x24), + MBEDTLS_BYTES_TO_T_UINT_8(0xC2, 0x27, 0xF7, 0x78, 0x6F, 0xD7, 0xFD, 0xE4), + MBEDTLS_BYTES_TO_T_UINT_8(0xA0, 0x78, 0xCC, 0xEA, 0xC0, 0x50, 0x24, 0x44), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_24_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x2B, 0x4F, 0x7F, 0x58, 0xE6, 0xC2, 0x70), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x43, 0xD5, 0xA7, 0x35, 0x3C, 0x80, 0xB8), + MBEDTLS_BYTES_TO_T_UINT_8(0x1A, 0x6D, 0x4B, 0x12, 0x00, 0x7B, 0xE6, 0xA6), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x15, 0xBD, 0xD0, 0x9B, 0xCA, 0xAA, 0x81), + MBEDTLS_BYTES_TO_T_UINT_8(0xCF, 0xCE, 0x9C, 0xE3, 0x8B, 0x60, 0x7A, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0xDA, 0x4B, 0x03, 0xA7, 0x8D, 0x43, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0xAF, 0x00, 0x2B, 0x32, 0xF0, 0x22, 0x68), + MBEDTLS_BYTES_TO_T_UINT_8(0xDC, 0xD9, 0x99, 0x99, 0xBE, 0x43, 0x99, 0x3E), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_24_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x1F, 0x71, 0x41, 0xF4, 0xB5, 0xFD, 0xDD, 0x36), + MBEDTLS_BYTES_TO_T_UINT_8(0x9D, 0xE2, 0x20, 0x4C, 0xD1, 0x2E, 0x1F, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0x96, 0x43, 0x48, 0x76, 0x8A, 0x49, 0xAC, 0x87), + MBEDTLS_BYTES_TO_T_UINT_8(0x0C, 0x1A, 0x55, 0xA8, 0xA3, 0xD4, 0x57, 0x75), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0xA6, 0x84, 0x39, 0xC9, 0x13, 0xBB, 0x60), + MBEDTLS_BYTES_TO_T_UINT_8(0xD9, 0xFA, 0xA9, 0x70, 0xDE, 0x83, 0xDD, 0xC9), + MBEDTLS_BYTES_TO_T_UINT_8(0xEC, 0xC9, 0xD9, 0x3E, 0x44, 0x91, 0x68, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xB6, 0x9F, 0x85, 0x6D, 0xF7, 0x54, 0x36, 0x82), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_25_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x68, 0x6B, 0xA6, 0xA3, 0xE5, 0xD4, 0x46, 0xDB), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x3E, 0xDC, 0x84, 0x7C, 0x7B, 0x24, 0x34), + MBEDTLS_BYTES_TO_T_UINT_8(0x14, 0xED, 0x7F, 0x86, 0x07, 0x6C, 0x57, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0x95, 0x06, 0xFE, 0x52, 0x12, 0x79, 0x69, 0x56), + MBEDTLS_BYTES_TO_T_UINT_8(0x84, 0xD1, 0x44, 0x5F, 0x21, 0x3A, 0xC3, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x5E, 0xD9, 0x4A, 0xC0, 0x75, 0xAB, 0x17, 0xAC), + MBEDTLS_BYTES_TO_T_UINT_8(0xFF, 0x81, 0x94, 0xB6, 0x80, 0x6B, 0x6F, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xBE, 0x8E, 0xA5, 0xAA, 0xBC, 0x1E, 0x3E), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_25_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x89, 0xC7, 0x85, 0xA6, 0x59, 0x9B, 0xB1, 0x52), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0xCE, 0x40, 0xD1, 0xFB, 0xDF, 0x94, 0xF7), + MBEDTLS_BYTES_TO_T_UINT_8(0x18, 0xB8, 0x5E, 0xBF, 0x45, 0xA8, 0x2D, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x98, 0x9C, 0x06, 0x1B, 0xA9, 0x57, 0xB9, 0x79), + MBEDTLS_BYTES_TO_T_UINT_8(0x53, 0xE9, 0xCE, 0xA2, 0xD3, 0x74, 0xA1, 0x3C), + MBEDTLS_BYTES_TO_T_UINT_8(0xAA, 0x5F, 0x34, 0x78, 0xDB, 0xAE, 0x3A, 0x14), + MBEDTLS_BYTES_TO_T_UINT_8(0x7D, 0x32, 0x84, 0x3E, 0x68, 0x6A, 0x43, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0xBC, 0x39, 0x36, 0xA4, 0xC5, 0xBB, 0x11), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_26_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x8C, 0x07, 0xA2, 0xB5, 0xC9, 0x0F, 0x4D, 0x0F), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0x1D, 0x67, 0xE6, 0xF1, 0x46, 0xEB, 0x71), + MBEDTLS_BYTES_TO_T_UINT_8(0xD7, 0x41, 0x23, 0x95, 0xE7, 0xE0, 0x10, 0xDD), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x69, 0xFE, 0x68, 0x8C, 0xC6, 0x5F, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0xE3, 0xB9, 0x2B, 0x3D, 0xD2, 0x4F, 0xD8, 0x1A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA3, 0x09, 0xF5, 0x5F, 0xCF, 0xF6, 0x91, 0x57), + MBEDTLS_BYTES_TO_T_UINT_8(0x65, 0x15, 0x42, 0x6B, 0x6D, 0xB5, 0xF3, 0xB6), + MBEDTLS_BYTES_TO_T_UINT_8(0xBF, 0x56, 0x9D, 0xC5, 0xFF, 0xCA, 0x13, 0x9B), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_26_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x4D, 0x38, 0xE6, 0x23, 0x63, 0x48, 0x3C, 0xCA), + MBEDTLS_BYTES_TO_T_UINT_8(0xD2, 0x68, 0x3C, 0xD1, 0x3B, 0xE9, 0x3B, 0x82), + MBEDTLS_BYTES_TO_T_UINT_8(0xB5, 0x08, 0x54, 0x49, 0xD1, 0x46, 0x45, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x70, 0x52, 0x6E, 0x79, 0xC4, 0x5E, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0xDF, 0xE8, 0x5A, 0x32, 0x81, 0xDA, 0xD3), + MBEDTLS_BYTES_TO_T_UINT_8(0x3C, 0x2D, 0x94, 0x5B, 0xB5, 0x35, 0x9F, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0x2A, 0x12, 0x8D, 0xC3, 0x36, 0x36, 0xB2, 0x2A), + MBEDTLS_BYTES_TO_T_UINT_8(0x39, 0x2F, 0x22, 0x38, 0x5B, 0x18, 0x4C, 0x35), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_27_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0xC1, 0x22, 0x0E, 0xF0, 0x73, 0x11, 0x05), + MBEDTLS_BYTES_TO_T_UINT_8(0xB2, 0xAE, 0xA4, 0x56, 0x18, 0x61, 0x66, 0x12), + MBEDTLS_BYTES_TO_T_UINT_8(0x79, 0xFB, 0x72, 0x08, 0x84, 0x38, 0x51, 0xB0), + MBEDTLS_BYTES_TO_T_UINT_8(0xDA, 0x86, 0xA8, 0xB9, 0x31, 0x99, 0x29, 0xC3), + MBEDTLS_BYTES_TO_T_UINT_8(0x8A, 0xFB, 0xC3, 0x42, 0xB3, 0xC7, 0x6F, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0xD8, 0xF8, 0xE1, 0x09, 0xBE, 0x75, 0xB0, 0x22), + MBEDTLS_BYTES_TO_T_UINT_8(0x5A, 0x7D, 0xFF, 0xF4, 0x99, 0xFC, 0x13, 0xAB), + MBEDTLS_BYTES_TO_T_UINT_8(0xE6, 0x1B, 0x84, 0x81, 0x42, 0x22, 0xC6, 0x3D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_27_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x21, 0xE0, 0x37, 0xA4, 0xA0, 0x2F, 0x38, 0x7F), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x3D, 0xB7, 0x40, 0x2F, 0x39, 0x3C, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x7A, 0x3B, 0x8A, 0x51, 0xAE, 0x40, 0x49, 0x7A), + MBEDTLS_BYTES_TO_T_UINT_8(0x36, 0x20, 0x9F, 0xDD, 0xA9, 0xD0, 0x77, 0xC7), + MBEDTLS_BYTES_TO_T_UINT_8(0x78, 0x1D, 0x64, 0xDA, 0xA0, 0x53, 0xC7, 0x7D), + MBEDTLS_BYTES_TO_T_UINT_8(0x37, 0x7B, 0x66, 0x55, 0x94, 0xD1, 0x51, 0x44), + MBEDTLS_BYTES_TO_T_UINT_8(0x0E, 0xA9, 0xB5, 0x5B, 0x38, 0x35, 0x40, 0xC0), + MBEDTLS_BYTES_TO_T_UINT_8(0xC8, 0xC9, 0x0F, 0xF0, 0x73, 0x79, 0x43, 0x61), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_28_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x47, 0x45, 0x69, 0x80, 0x72, 0x72, 0x42), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x11, 0x99, 0x59, 0xDB, 0x48, 0x80, 0x39), + MBEDTLS_BYTES_TO_T_UINT_8(0x75, 0x6E, 0x3D, 0xFC, 0x37, 0x15, 0xF4, 0xBF), + MBEDTLS_BYTES_TO_T_UINT_8(0x17, 0xBB, 0x5B, 0xA6, 0x35, 0x8D, 0x28, 0x20), + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0x1A, 0x3B, 0x2C, 0x8F, 0xD3, 0xAA, 0x2D), + MBEDTLS_BYTES_TO_T_UINT_8(0x55, 0x1C, 0x1A, 0xF8, 0x02, 0xD9, 0x7B, 0x41), + MBEDTLS_BYTES_TO_T_UINT_8(0xAF, 0x69, 0xAC, 0xF8, 0x54, 0x31, 0x14, 0xA1), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x8A, 0xE6, 0xDE, 0x58, 0xB9, 0xC4, 0x7A), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_28_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x57, 0x83, 0x52, 0xFE, 0xF9, 0x7B, 0xE9, 0x1F), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0xA2, 0x55, 0x46, 0x15, 0x49, 0xC1, 0x3A), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0xBC, 0x5C, 0x91, 0xBD, 0xB9, 0x9C, 0xF4), + MBEDTLS_BYTES_TO_T_UINT_8(0xBB, 0xFD, 0xB1, 0x4E, 0x5F, 0x74, 0xEE, 0x53), + MBEDTLS_BYTES_TO_T_UINT_8(0xB1, 0x8B, 0xD8, 0x8B, 0x17, 0x73, 0x1B, 0x96), + MBEDTLS_BYTES_TO_T_UINT_8(0x22, 0x92, 0xD7, 0x67, 0x06, 0xAD, 0x25, 0xCD), + MBEDTLS_BYTES_TO_T_UINT_8(0x01, 0x0F, 0x80, 0x24, 0xE2, 0x27, 0x5F, 0x8B), + MBEDTLS_BYTES_TO_T_UINT_8(0x61, 0x1C, 0xCE, 0xD0, 0x67, 0xCA, 0xD4, 0x0B), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_29_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x87, 0xF1, 0xDD, 0x33, 0x66, 0xF9, 0x05, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x1D, 0xE5, 0x6B, 0x79, 0xBD, 0x48, 0x42, 0xAA), + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x14, 0x52, 0xE3, 0x53, 0xB4, 0x50, 0xD4), + MBEDTLS_BYTES_TO_T_UINT_8(0x32, 0x84, 0x6C, 0xCF, 0xDA, 0xB2, 0x20, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0xD6, 0x1A, 0xE5, 0xE2, 0x29, 0x70, 0xCE), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x61, 0xFE, 0xBB, 0x21, 0x82, 0xD1, 0xFE), + MBEDTLS_BYTES_TO_T_UINT_8(0x2C, 0xF0, 0x9C, 0x8B, 0x1A, 0x42, 0x30, 0x06), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0xD6, 0x49, 0x81, 0x92, 0xF1, 0xD0, 0x90), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_29_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x91, 0x93, 0x6A, 0xA6, 0x22, 0xE9, 0xD6), + MBEDTLS_BYTES_TO_T_UINT_8(0x09, 0xDC, 0xC3, 0x69, 0x11, 0x95, 0x7D, 0xEC), + MBEDTLS_BYTES_TO_T_UINT_8(0x1C, 0xA3, 0x9D, 0x87, 0x5E, 0x64, 0x41, 0xA2), + MBEDTLS_BYTES_TO_T_UINT_8(0xBE, 0x87, 0x5A, 0x15, 0xBD, 0x6E, 0x3C, 0x8D), + MBEDTLS_BYTES_TO_T_UINT_8(0xD0, 0x8D, 0x50, 0xCC, 0xCF, 0xB7, 0x8F, 0x0B), + MBEDTLS_BYTES_TO_T_UINT_8(0x38, 0x65, 0xCD, 0x31, 0x30, 0xF1, 0x68, 0x13), + MBEDTLS_BYTES_TO_T_UINT_8(0x10, 0x5C, 0x66, 0x67, 0x92, 0x30, 0x57, 0x95), + MBEDTLS_BYTES_TO_T_UINT_8(0x23, 0x9B, 0x01, 0x3D, 0x20, 0x8B, 0xD1, 0x0D), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_30_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xAB, 0xC0, 0xE6, 0x4F, 0xDE, 0x62, 0xAB, 0xB3), + MBEDTLS_BYTES_TO_T_UINT_8(0xA4, 0x48, 0xB3, 0x1C, 0x0F, 0x16, 0x93, 0x45), + MBEDTLS_BYTES_TO_T_UINT_8(0x77, 0x63, 0xBD, 0x1F, 0x16, 0x50, 0x56, 0x98), + MBEDTLS_BYTES_TO_T_UINT_8(0x5D, 0x06, 0xBC, 0xE9, 0x27, 0x1C, 0x9A, 0x7B), + MBEDTLS_BYTES_TO_T_UINT_8(0xF8, 0xFE, 0x21, 0xC5, 0x39, 0x55, 0xE1, 0xFD), + MBEDTLS_BYTES_TO_T_UINT_8(0xF6, 0xA8, 0xD0, 0x96, 0x0E, 0xB5, 0xB2, 0x84), + MBEDTLS_BYTES_TO_T_UINT_8(0x3D, 0xE7, 0x4B, 0xF3, 0x11, 0x0C, 0xC9, 0x5B), + MBEDTLS_BYTES_TO_T_UINT_8(0x43, 0x3A, 0xC4, 0x87, 0x71, 0xEE, 0xFA, 0x18), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_30_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xA7, 0x77, 0xEE, 0x81, 0x5E, 0x96, 0xEA, 0x4B), + MBEDTLS_BYTES_TO_T_UINT_8(0xEE, 0xDF, 0xA9, 0xF4, 0x4F, 0x7C, 0xB2, 0x43), + MBEDTLS_BYTES_TO_T_UINT_8(0x9F, 0xD4, 0xDF, 0x35, 0x63, 0x47, 0x25, 0x8A), + MBEDTLS_BYTES_TO_T_UINT_8(0xA5, 0x3D, 0xFF, 0xA4, 0x02, 0xC3, 0x95, 0x11), + MBEDTLS_BYTES_TO_T_UINT_8(0xD5, 0x10, 0x78, 0xD1, 0x2B, 0xB7, 0xBE, 0x0E), + MBEDTLS_BYTES_TO_T_UINT_8(0x0A, 0xE9, 0x57, 0xF9, 0xE0, 0xD8, 0xFC, 0xBC), + MBEDTLS_BYTES_TO_T_UINT_8(0xF3, 0xC4, 0x01, 0xD6, 0xB4, 0xE7, 0x78, 0xE2), + MBEDTLS_BYTES_TO_T_UINT_8(0x02, 0x6C, 0xB9, 0x13, 0xA4, 0xE8, 0x6D, 0x6F), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_31_X[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xE8, 0xB0, 0xC9, 0xCD, 0xBF, 0xA2, 0x1E, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0xDD, 0x4F, 0x86, 0x22, 0x9B, 0xEA, 0xE8, 0xBB), + MBEDTLS_BYTES_TO_T_UINT_8(0x50, 0x46, 0xDF, 0x43, 0xB9, 0x82, 0x2D, 0x0A), + MBEDTLS_BYTES_TO_T_UINT_8(0x07, 0x32, 0xF1, 0x4E, 0x95, 0x41, 0xAE, 0x8E), + MBEDTLS_BYTES_TO_T_UINT_8(0x52, 0x93, 0x26, 0xFC, 0xD3, 0x90, 0xDC, 0xEB), + MBEDTLS_BYTES_TO_T_UINT_8(0x04, 0x05, 0x45, 0xCA, 0xF9, 0x5A, 0x89, 0x93), + MBEDTLS_BYTES_TO_T_UINT_8(0xC5, 0x82, 0x63, 0x4E, 0x55, 0x1D, 0x3A, 0x08), + MBEDTLS_BYTES_TO_T_UINT_8(0x7C, 0x69, 0x52, 0x49, 0xE9, 0xED, 0x57, 0x34), +}; +static const mbedtls_mpi_uint brainpoolP512r1_T_31_Y[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x70, 0x64, 0xE9, 0xAC, 0x4C, 0x4A, 0xEA, 0x25), + MBEDTLS_BYTES_TO_T_UINT_8(0xE9, 0xE9, 0x0B, 0x99, 0xE7, 0xF9, 0xA9, 0x2C), + MBEDTLS_BYTES_TO_T_UINT_8(0x24, 0x0C, 0xC1, 0xF4, 0x8D, 0x07, 0xB6, 0xB1), + MBEDTLS_BYTES_TO_T_UINT_8(0xAD, 0x68, 0xFA, 0x35, 0xE4, 0x9E, 0xAE, 0xD9), + MBEDTLS_BYTES_TO_T_UINT_8(0xF0, 0x2D, 0x1A, 0x13, 0x8E, 0x02, 0xE2, 0x63), + MBEDTLS_BYTES_TO_T_UINT_8(0x27, 0x38, 0x28, 0x86, 0x46, 0x7B, 0x3A, 0xE1), + MBEDTLS_BYTES_TO_T_UINT_8(0x3F, 0x4C, 0x64, 0x59, 0x0A, 0xF9, 0x02, 0xC4), + MBEDTLS_BYTES_TO_T_UINT_8(0x41, 0x4F, 0x23, 0xA2, 0xC3, 0xD5, 0xEF, 0x42), +}; +static const mbedtls_ecp_point brainpoolP512r1_T[32] = { + ECP_POINT_INIT_XY_Z1(brainpoolP512r1_T_0_X, brainpoolP512r1_T_0_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_1_X, brainpoolP512r1_T_1_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_2_X, brainpoolP512r1_T_2_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_3_X, brainpoolP512r1_T_3_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_4_X, brainpoolP512r1_T_4_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_5_X, brainpoolP512r1_T_5_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_6_X, brainpoolP512r1_T_6_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_7_X, brainpoolP512r1_T_7_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_8_X, brainpoolP512r1_T_8_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_9_X, brainpoolP512r1_T_9_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_10_X, brainpoolP512r1_T_10_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_11_X, brainpoolP512r1_T_11_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_12_X, brainpoolP512r1_T_12_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_13_X, brainpoolP512r1_T_13_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_14_X, brainpoolP512r1_T_14_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_15_X, brainpoolP512r1_T_15_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_16_X, brainpoolP512r1_T_16_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_17_X, brainpoolP512r1_T_17_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_18_X, brainpoolP512r1_T_18_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_19_X, brainpoolP512r1_T_19_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_20_X, brainpoolP512r1_T_20_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_21_X, brainpoolP512r1_T_21_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_22_X, brainpoolP512r1_T_22_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_23_X, brainpoolP512r1_T_23_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_24_X, brainpoolP512r1_T_24_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_25_X, brainpoolP512r1_T_25_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_26_X, brainpoolP512r1_T_26_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_27_X, brainpoolP512r1_T_27_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_28_X, brainpoolP512r1_T_28_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_29_X, brainpoolP512r1_T_29_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_30_X, brainpoolP512r1_T_30_Y), + ECP_POINT_INIT_XY_Z0(brainpoolP512r1_T_31_X, brainpoolP512r1_T_31_Y), +}; +#else +#define brainpoolP512r1_T NULL +#endif +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + + +#if defined(ECP_LOAD_GROUP) || defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || \ + defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +/* + * Create an MPI from embedded constants + * (assumes len is an exact multiple of sizeof(mbedtls_mpi_uint) and + * len < 1048576) + */ +static inline void ecp_mpi_load(mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len) +{ + X->s = 1; + X->n = (unsigned short) (len / sizeof(mbedtls_mpi_uint)); + X->p = (mbedtls_mpi_uint *) p; +} +#endif + +#if defined(ECP_LOAD_GROUP) +/* + * Set an MPI to static value 1 + */ +static inline void ecp_mpi_set1(mbedtls_mpi *X) +{ + X->s = 1; + X->n = 1; + X->p = mpi_one; +} + +/* + * Make group available from embedded constants + */ +static int ecp_group_load(mbedtls_ecp_group *grp, + const mbedtls_mpi_uint *p, size_t plen, + const mbedtls_mpi_uint *a, size_t alen, + const mbedtls_mpi_uint *b, size_t blen, + const mbedtls_mpi_uint *gx, size_t gxlen, + const mbedtls_mpi_uint *gy, size_t gylen, + const mbedtls_mpi_uint *n, size_t nlen, + const mbedtls_ecp_point *T) +{ + ecp_mpi_load(&grp->P, p, plen); + if (a != NULL) { + ecp_mpi_load(&grp->A, a, alen); + } + ecp_mpi_load(&grp->B, b, blen); + ecp_mpi_load(&grp->N, n, nlen); + + ecp_mpi_load(&grp->G.X, gx, gxlen); + ecp_mpi_load(&grp->G.Y, gy, gylen); + ecp_mpi_set1(&grp->G.Z); + + grp->pbits = mbedtls_mpi_bitlen(&grp->P); + grp->nbits = mbedtls_mpi_bitlen(&grp->N); + + grp->h = 1; + + grp->T = (mbedtls_ecp_point *) T; + /* + * Set T_size to 0 to prevent T free by mbedtls_ecp_group_free. + */ + grp->T_size = 0; + + return 0; +} +#endif /* ECP_LOAD_GROUP */ + +#if defined(MBEDTLS_ECP_NIST_OPTIM) +/* Forward declarations */ +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +static int ecp_mod_p192(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p192_raw(mbedtls_mpi_uint *Np, size_t Nn); +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +static int ecp_mod_p224(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p224_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +static int ecp_mod_p256(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p256_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +static int ecp_mod_p384(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +static int ecp_mod_p521(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p521_raw(mbedtls_mpi_uint *N_p, size_t N_n); +#endif + +#define NIST_MODP(P) grp->modp = ecp_mod_ ## P; +#else +#define NIST_MODP(P) +#endif /* MBEDTLS_ECP_NIST_OPTIM */ + +/* Additional forward declarations */ +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +static int ecp_mod_p255(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p255_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +static int ecp_mod_p448(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p448_raw(mbedtls_mpi_uint *, size_t); +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +static int ecp_mod_p192k1(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p192k1_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +static int ecp_mod_p224k1(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p224k1_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +static int ecp_mod_p256k1(mbedtls_mpi *); +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p256k1_raw(mbedtls_mpi_uint *X, size_t X_limbs); +#endif + +#if defined(ECP_LOAD_GROUP) +#define LOAD_GROUP_A(G) ecp_group_load(grp, \ + G ## _p, sizeof(G ## _p), \ + G ## _a, sizeof(G ## _a), \ + G ## _b, sizeof(G ## _b), \ + G ## _gx, sizeof(G ## _gx), \ + G ## _gy, sizeof(G ## _gy), \ + G ## _n, sizeof(G ## _n), \ + G ## _T \ + ) + +#define LOAD_GROUP(G) ecp_group_load(grp, \ + G ## _p, sizeof(G ## _p), \ + NULL, 0, \ + G ## _b, sizeof(G ## _b), \ + G ## _gx, sizeof(G ## _gx), \ + G ## _gy, sizeof(G ## _gy), \ + G ## _n, sizeof(G ## _n), \ + G ## _T \ + ) +#endif /* ECP_LOAD_GROUP */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +/* Constants used by ecp_use_curve25519() */ +static const mbedtls_mpi_sint curve25519_a24 = 0x01DB42; + +/* P = 2^255 - 19 */ +static const mbedtls_mpi_uint curve25519_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xED, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0X7F) +}; + +/* N = 2^252 + 27742317777372353535851937790883648493 */ +static const mbedtls_mpi_uint curve25519_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0XED, 0XD3, 0XF5, 0X5C, 0X1A, 0X63, 0X12, 0X58), + MBEDTLS_BYTES_TO_T_UINT_8(0XD6, 0X9C, 0XF7, 0XA2, 0XDE, 0XF9, 0XDE, 0X14), + MBEDTLS_BYTES_TO_T_UINT_8(0X00, 0X00, 0X00, 0X00, 0x00, 0x00, 0x00, 0x00), + MBEDTLS_BYTES_TO_T_UINT_8(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10) +}; + +/* + * Specialized function for creating the Curve25519 group + */ +static int ecp_use_curve25519(mbedtls_ecp_group *grp) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* Actually ( A + 2 ) / 4 */ + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve25519_a24)); + + ecp_mpi_load(&grp->P, curve25519_p, sizeof(curve25519_p)); + + grp->pbits = mbedtls_mpi_bitlen(&grp->P); + + ecp_mpi_load(&grp->N, curve25519_n, sizeof(curve25519_n)); + + /* Y intentionally not set, since we use x/z coordinates. + * This is used as a marker to identify Montgomery curves! */ + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 9)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1)); + mbedtls_mpi_free(&grp->G.Y); + + /* Actually, the required msb for private keys */ + grp->nbits = 254; + +cleanup: + if (ret != 0) { + mbedtls_ecp_group_free(grp); + } + + return ret; +} +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +/* Constants used by ecp_use_curve448() */ +static const mbedtls_mpi_sint curve448_a24 = 0x98AA; + +/* P = 2^448 - 2^224 - 1 */ +static const mbedtls_mpi_uint curve448_p[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFE, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0X00, 0X00, 0X00, 0X00, 0X00, 0X00, 0X00, 0X00) +}; + +/* N = 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885 */ +static const mbedtls_mpi_uint curve448_n[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0XF3, 0X44, 0X58, 0XAB, 0X92, 0XC2, 0X78, 0X23), + MBEDTLS_BYTES_TO_T_UINT_8(0X55, 0X8F, 0XC5, 0X8D, 0X72, 0XC2, 0X6C, 0X21), + MBEDTLS_BYTES_TO_T_UINT_8(0X90, 0X36, 0XD6, 0XAE, 0X49, 0XDB, 0X4E, 0XC4), + MBEDTLS_BYTES_TO_T_UINT_8(0XE9, 0X23, 0XCA, 0X7C, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF), + MBEDTLS_BYTES_TO_T_UINT_8(0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0XFF, 0X3F), + MBEDTLS_BYTES_TO_T_UINT_8(0X00, 0X00, 0X00, 0X00, 0X00, 0X00, 0X00, 0X00) +}; + +/* + * Specialized function for creating the Curve448 group + */ +static int ecp_use_curve448(mbedtls_ecp_group *grp) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* Actually ( A + 2 ) / 4 */ + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->A, curve448_a24)); + + ecp_mpi_load(&grp->P, curve448_p, sizeof(curve448_p)); + grp->pbits = mbedtls_mpi_bitlen(&grp->P); + + /* Y intentionally not set, since we use x/z coordinates. + * This is used as a marker to identify Montgomery curves! */ + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.X, 5)); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&grp->G.Z, 1)); + mbedtls_mpi_free(&grp->G.Y); + + ecp_mpi_load(&grp->N, curve448_n, sizeof(curve448_n)); + + /* Actually, the required msb for private keys */ + grp->nbits = 447; + +cleanup: + if (ret != 0) { + mbedtls_ecp_group_free(grp); + } + + return ret; +} +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + +/* + * Set a group using well-known domain parameters + */ +int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id) +{ + ECP_VALIDATE_RET(grp != NULL); + mbedtls_ecp_group_free(grp); + + mbedtls_ecp_group_init(grp); + + grp->id = id; + + switch (id) { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + case MBEDTLS_ECP_DP_SECP192R1: + NIST_MODP(p192); + return LOAD_GROUP(secp192r1); +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + case MBEDTLS_ECP_DP_SECP224R1: + NIST_MODP(p224); + return LOAD_GROUP(secp224r1); +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + case MBEDTLS_ECP_DP_SECP256R1: + NIST_MODP(p256); + return LOAD_GROUP(secp256r1); +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + case MBEDTLS_ECP_DP_SECP384R1: + NIST_MODP(p384); + return LOAD_GROUP(secp384r1); +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + case MBEDTLS_ECP_DP_SECP521R1: + NIST_MODP(p521); + return LOAD_GROUP(secp521r1); +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case MBEDTLS_ECP_DP_SECP192K1: + grp->modp = ecp_mod_p192k1; + return LOAD_GROUP_A(secp192k1); +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case MBEDTLS_ECP_DP_SECP224K1: + grp->modp = ecp_mod_p224k1; + return LOAD_GROUP_A(secp224k1); +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case MBEDTLS_ECP_DP_SECP256K1: + grp->modp = ecp_mod_p256k1; + return LOAD_GROUP_A(secp256k1); +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + case MBEDTLS_ECP_DP_BP256R1: + return LOAD_GROUP_A(brainpoolP256r1); +#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + case MBEDTLS_ECP_DP_BP384R1: + return LOAD_GROUP_A(brainpoolP384r1); +#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + case MBEDTLS_ECP_DP_BP512R1: + return LOAD_GROUP_A(brainpoolP512r1); +#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: + grp->modp = ecp_mod_p255; + return ecp_use_curve25519(grp); +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + case MBEDTLS_ECP_DP_CURVE448: + grp->modp = ecp_mod_p448; + return ecp_use_curve448(grp); +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + + default: + grp->id = MBEDTLS_ECP_DP_NONE; + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; + } +} + +#if defined(MBEDTLS_ECP_NIST_OPTIM) +/* + * Fast reduction modulo the primes used by the NIST curves. + * + * These functions are critical for speed, but not needed for correct + * operations. So, we make the choice to heavily rely on the internals of our + * bignum library, which creates a tight coupling between these functions and + * our MPI implementation. However, the coupling between the ECP module and + * MPI remains loose, since these functions can be deactivated at will. + */ + +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +/* + * Compared to the way things are presented in FIPS 186-3 D.2, + * we proceed in columns, from right (least significant chunk) to left, + * adding chunks to N in place, and keeping a carry for the next chunk. + * This avoids moving things around in memory, and uselessly adding zeros, + * compared to the more straightforward, line-oriented approach. + * + * For this prime we need to handle data in chunks of 64 bits. + * Since this is always a multiple of our basic mbedtls_mpi_uint, we can + * use a mbedtls_mpi_uint * to designate such a chunk, and small loops to handle it. + */ + +/* Add 64-bit chunks (dst += src) and update carry */ +static inline void add64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry) +{ + unsigned char i; + mbedtls_mpi_uint c = 0; + for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++, src++) { + *dst += c; c = (*dst < c); + *dst += *src; c += (*dst < *src); + } + *carry += c; +} + +/* Add carry to a 64-bit chunk and update carry */ +static inline void carry64(mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry) +{ + unsigned char i; + for (i = 0; i < 8 / sizeof(mbedtls_mpi_uint); i++, dst++) { + *dst += *carry; + *carry = (*dst < *carry); + } +} + +#define WIDTH 8 / sizeof(mbedtls_mpi_uint) +#define A(i) Np + (i) * WIDTH +#define ADD(i) add64(p, A(i), &c) +#define NEXT p += WIDTH; carry64(p, &c) +#define LAST p += WIDTH; do *p = 0; while (++p < end) +#define RESET last_carry[0] = c; c = 0; p = Np +#define ADD_LAST add64(p, last_carry, &c) + +/* + * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1) + */ +static int ecp_mod_p192(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(192) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p192_raw(N->p, expected_width); + +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p192_raw(mbedtls_mpi_uint *Np, size_t Nn) +{ + mbedtls_mpi_uint c = 0, last_carry[WIDTH] = { 0 }; + mbedtls_mpi_uint *p, *end; + + if (Nn != BITS_TO_LIMBS(192) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + p = Np; + end = p + Nn; + + ADD(3); ADD(5); NEXT; // A0 += A3 + A5 + ADD(3); ADD(4); ADD(5); NEXT; // A1 += A3 + A4 + A5 + ADD(4); ADD(5); // A2 += A4 + A5 + + RESET; + + /* Use the reduction for the carry as well: + * 2^192 * last_carry = 2^64 * last_carry + last_carry mod P192 + * It can generate a carry. */ + ADD_LAST; NEXT; // A0 += last_carry + ADD_LAST; NEXT; // A1 += last_carry + // A2 += carry + + RESET; + + /* Use the reduction for the carry as well: + * 2^192 * last_carry = 2^64 * last_carry + last_carry mod P192 + */ + ADD_LAST; NEXT; // A0 += last_carry + ADD_LAST; NEXT; // A1 += last_carry + // A2 += carry + + LAST; + + return 0; +} + +#undef WIDTH +#undef A +#undef ADD +#undef NEXT +#undef LAST +#undef RESET +#undef ADD_LAST +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + +/* + * The reader is advised to first understand ecp_mod_p192() since the same + * general structure is used here, but with additional complications: + * (1) chunks of 32 bits, and (2) subtractions. + */ + +/* + * For these primes, we need to handle data in chunks of 32 bits. + * This makes it more complicated if we use 64 bits limbs in MPI, + * which prevents us from using a uniform access method as for p192. + * + * So, we define a mini abstraction layer to access 32 bit chunks, + * load them in 'cur' for work, and store them back from 'cur' when done. + * + * While at it, also define the size of N in terms of 32-bit chunks. + */ +#define LOAD32 cur = A(i); + +#if defined(MBEDTLS_HAVE_INT32) /* 32 bit */ + +#define MAX32 X_limbs +#define A(j) X[j] +#define STORE32 X[i] = (mbedtls_mpi_uint) cur; +#define STORE0 X[i] = 0; + +#else /* 64 bit */ + +#define MAX32 X_limbs * 2 +#define A(j) \ + (j) % 2 ? \ + (uint32_t) (X[(j) / 2] >> 32) : \ + (uint32_t) (X[(j) / 2]) +#define STORE32 \ + if (i % 2) { \ + X[i/2] &= 0x00000000FFFFFFFF; \ + X[i/2] |= (uint64_t) (cur) << 32; \ + } else { \ + X[i/2] &= 0xFFFFFFFF00000000; \ + X[i/2] |= (uint32_t) cur; \ + } + +#define STORE0 \ + if (i % 2) { \ + X[i/2] &= 0x00000000FFFFFFFF; \ + } else { \ + X[i/2] &= 0xFFFFFFFF00000000; \ + } + +#endif + +static inline int8_t extract_carry(int64_t cur) +{ + return (int8_t) (cur >> 32); +} + +#define ADD(j) cur += A(j) +#define SUB(j) cur -= A(j) + +#define ADD_CARRY(cc) cur += (cc) +#define SUB_CARRY(cc) cur -= (cc) + +#define ADD_LAST ADD_CARRY(last_c) +#define SUB_LAST SUB_CARRY(last_c) + +/* + * Helpers for the main 'loop' + */ +#define INIT(b) \ + int8_t c = 0, last_c; \ + int64_t cur; \ + size_t i = 0; \ + LOAD32; + +#define NEXT \ + c = extract_carry(cur); \ + STORE32; i++; LOAD32; \ + ADD_CARRY(c); + +#define RESET \ + c = extract_carry(cur); \ + last_c = c; \ + STORE32; i = 0; LOAD32; \ + c = 0; \ + +#define LAST \ + c = extract_carry(cur); \ + STORE32; i++; \ + if (c != 0) \ + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; \ + while (i < MAX32) { STORE0; i++; } + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + +/* + * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2) + */ +static int ecp_mod_p224(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(224) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p224_raw(N->p, expected_width); +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p224_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + if (X_limbs != BITS_TO_LIMBS(224) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + INIT(224); + + SUB(7); SUB(11); NEXT; // A0 += -A7 - A11 + SUB(8); SUB(12); NEXT; // A1 += -A8 - A12 + SUB(9); SUB(13); NEXT; // A2 += -A9 - A13 + SUB(10); ADD(7); ADD(11); NEXT; // A3 += -A10 + A7 + A11 + SUB(11); ADD(8); ADD(12); NEXT; // A4 += -A11 + A8 + A12 + SUB(12); ADD(9); ADD(13); NEXT; // A5 += -A12 + A9 + A13 + SUB(13); ADD(10); // A6 += -A13 + A10 + + RESET; + + /* Use 2^224 = P + 2^96 - 1 to modulo reduce the final carry */ + SUB_LAST; NEXT; // A0 -= last_c + ; NEXT; // A1 + ; NEXT; // A2 + ADD_LAST; NEXT; // A3 += last_c + ; NEXT; // A4 + ; NEXT; // A5 + // A6 + + /* The carry reduction cannot generate a carry + * (see commit 73e8553 for details)*/ + + LAST; + + return 0; +} + +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + +/* + * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3) + */ +static int ecp_mod_p256(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(256) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p256_raw(N->p, expected_width); +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p256_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + if (X_limbs != BITS_TO_LIMBS(256) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + INIT(256); + + ADD(8); ADD(9); + SUB(11); SUB(12); SUB(13); SUB(14); NEXT; // A0 + + ADD(9); ADD(10); + SUB(12); SUB(13); SUB(14); SUB(15); NEXT; // A1 + + ADD(10); ADD(11); + SUB(13); SUB(14); SUB(15); NEXT; // A2 + + ADD(11); ADD(11); ADD(12); ADD(12); ADD(13); + SUB(15); SUB(8); SUB(9); NEXT; // A3 + + ADD(12); ADD(12); ADD(13); ADD(13); ADD(14); + SUB(9); SUB(10); NEXT; // A4 + + ADD(13); ADD(13); ADD(14); ADD(14); ADD(15); + SUB(10); SUB(11); NEXT; // A5 + + ADD(14); ADD(14); ADD(15); ADD(15); ADD(14); ADD(13); + SUB(8); SUB(9); NEXT; // A6 + + ADD(15); ADD(15); ADD(15); ADD(8); + SUB(10); SUB(11); SUB(12); SUB(13); // A7 + + RESET; + + /* Use 2^224 * (2^32 - 1) + 2^192 + 2^96 - 1 + * to modulo reduce the final carry. */ + ADD_LAST; NEXT; // A0 + ; NEXT; // A1 + ; NEXT; // A2 + SUB_LAST; NEXT; // A3 + ; NEXT; // A4 + ; NEXT; // A5 + SUB_LAST; NEXT; // A6 + ADD_LAST; // A7 + + RESET; + + /* Use 2^224 * (2^32 - 1) + 2^192 + 2^96 - 1 + * to modulo reduce the carry generated by the previous reduction. */ + ADD_LAST; NEXT; // A0 + ; NEXT; // A1 + ; NEXT; // A2 + SUB_LAST; NEXT; // A3 + ; NEXT; // A4 + ; NEXT; // A5 + SUB_LAST; NEXT; // A6 + ADD_LAST; // A7 + + LAST; + + return 0; +} + +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +/* + * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4) + */ +static int ecp_mod_p384(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(384) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p384_raw(N->p, expected_width); +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + if (X_limbs != BITS_TO_LIMBS(384) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + INIT(384); + + ADD(12); ADD(21); ADD(20); + SUB(23); NEXT; // A0 + + ADD(13); ADD(22); ADD(23); + SUB(12); SUB(20); NEXT; // A1 + + ADD(14); ADD(23); + SUB(13); SUB(21); NEXT; // A2 + + ADD(15); ADD(12); ADD(20); ADD(21); + SUB(14); SUB(22); SUB(23); NEXT; // A3 + + ADD(21); ADD(21); ADD(16); ADD(13); ADD(12); ADD(20); ADD(22); + SUB(15); SUB(23); SUB(23); NEXT; // A4 + + ADD(22); ADD(22); ADD(17); ADD(14); ADD(13); ADD(21); ADD(23); + SUB(16); NEXT; // A5 + + ADD(23); ADD(23); ADD(18); ADD(15); ADD(14); ADD(22); + SUB(17); NEXT; // A6 + + ADD(19); ADD(16); ADD(15); ADD(23); + SUB(18); NEXT; // A7 + + ADD(20); ADD(17); ADD(16); + SUB(19); NEXT; // A8 + + ADD(21); ADD(18); ADD(17); + SUB(20); NEXT; // A9 + + ADD(22); ADD(19); ADD(18); + SUB(21); NEXT; // A10 + + ADD(23); ADD(20); ADD(19); + SUB(22); // A11 + + RESET; + + /* Use 2^384 = P + 2^128 + 2^96 - 2^32 + 1 to modulo reduce the final carry */ + ADD_LAST; NEXT; // A0 + SUB_LAST; NEXT; // A1 + ; NEXT; // A2 + ADD_LAST; NEXT; // A3 + ADD_LAST; NEXT; // A4 + ; NEXT; // A5 + ; NEXT; // A6 + ; NEXT; // A7 + ; NEXT; // A8 + ; NEXT; // A9 + ; NEXT; // A10 + // A11 + + RESET; + + ADD_LAST; NEXT; // A0 + SUB_LAST; NEXT; // A1 + ; NEXT; // A2 + ADD_LAST; NEXT; // A3 + ADD_LAST; NEXT; // A4 + ; NEXT; // A5 + ; NEXT; // A6 + ; NEXT; // A7 + ; NEXT; // A8 + ; NEXT; // A9 + ; NEXT; // A10 + // A11 + + LAST; + + return 0; +} +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#undef LOAD32 +#undef MAX32 +#undef A +#undef STORE32 +#undef STORE0 +#undef ADD +#undef SUB +#undef ADD_CARRY +#undef SUB_CARRY +#undef ADD_LAST +#undef SUB_LAST +#undef INIT +#undef NEXT +#undef RESET +#undef LAST + +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED || + MBEDTLS_ECP_DP_SECP256R1_ENABLED || + MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +/* Size of p521 in terms of mbedtls_mpi_uint */ +#define P521_WIDTH (521 / 8 / sizeof(mbedtls_mpi_uint) + 1) + +/* Bits to keep in the most significant mbedtls_mpi_uint */ +#define P521_MASK 0x01FF + +/* + * Fast quasi-reduction modulo p521 = 2^521 - 1 (FIPS 186-3 D.2.5) + */ +static int ecp_mod_p521(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(521) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p521_raw(N->p, expected_width); +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p521_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + mbedtls_mpi_uint carry = 0; + + if (X_limbs != BITS_TO_LIMBS(521) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + /* Step 1: Reduction to P521_WIDTH limbs */ + /* Helper references for bottom part of X */ + mbedtls_mpi_uint *X0 = X; + size_t X0_limbs = P521_WIDTH; + /* Helper references for top part of X */ + mbedtls_mpi_uint *X1 = X + X0_limbs; + size_t X1_limbs = X_limbs - X0_limbs; + /* Split X as X0 + 2^P521_WIDTH X1 and compute X0 + 2^(biL - 9) X1. + * (We are using that 2^P521_WIDTH = 2^(512 + biL) and that + * 2^(512 + biL) X1 = 2^(biL - 9) X1 mod P521.) + * The high order limb of the result will be held in carry and the rest + * in X0 (that is the result will be represented as + * 2^P521_WIDTH carry + X0). + * + * Also, note that the resulting carry is either 0 or 1: + * X0 < 2^P521_WIDTH = 2^(512 + biL) and X1 < 2^(P521_WIDTH-biL) = 2^512 + * therefore + * X0 + 2^(biL - 9) X1 < 2^(512 + biL) + 2^(512 + biL - 9) + * which in turn is less than 2 * 2^(512 + biL). + */ + mbedtls_mpi_uint shift = ((mbedtls_mpi_uint) 1u) << (biL - 9); + carry = mbedtls_mpi_core_mla(X0, X0_limbs, X1, X1_limbs, shift); + /* Set X to X0 (by clearing the top part). */ + memset(X1, 0, X1_limbs * sizeof(mbedtls_mpi_uint)); + + /* Step 2: Reduction modulo P521 + * + * At this point X is reduced to P521_WIDTH limbs. What remains is to add + * the carry (that is 2^P521_WIDTH carry) and to reduce mod P521. */ + + /* 2^P521_WIDTH carry = 2^(512 + biL) carry = 2^(biL - 9) carry mod P521. + * Also, recall that carry is either 0 or 1. */ + mbedtls_mpi_uint addend = carry << (biL - 9); + /* Keep the top 9 bits and reduce the rest, using 2^521 = 1 mod P521. */ + addend += (X[P521_WIDTH - 1] >> 9); + X[P521_WIDTH - 1] &= P521_MASK; + + /* Reuse the top part of X (already zeroed) as a helper array for + * carrying out the addition. */ + mbedtls_mpi_uint *addend_arr = X + P521_WIDTH; + addend_arr[0] = addend; + (void) mbedtls_mpi_core_add(X, X, addend_arr, P521_WIDTH); + /* Both addends were less than P521 therefore X < 2 * P521. (This also means + * that the result fit in P521_WIDTH limbs and there won't be any carry.) */ + + /* Clear the reused part of X. */ + addend_arr[0] = 0; + + return 0; +} + +#undef P521_WIDTH +#undef P521_MASK + +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#endif /* MBEDTLS_ECP_NIST_OPTIM */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + +/* Size of p255 in terms of mbedtls_mpi_uint */ +#define P255_WIDTH (255 / 8 / sizeof(mbedtls_mpi_uint) + 1) + +/* + * Fast quasi-reduction modulo p255 = 2^255 - 19 + * Write N as A0 + 2^256 A1, return A0 + 38 * A1 + */ +static int ecp_mod_p255(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(255) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p255_raw(N->p, expected_width); +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p255_raw(mbedtls_mpi_uint *X, size_t X_Limbs) +{ + + if (X_Limbs != BITS_TO_LIMBS(255) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + mbedtls_mpi_uint *carry = mbedtls_calloc(P255_WIDTH, ciL); + if (carry == NULL) { + return MBEDTLS_ERR_ECP_ALLOC_FAILED; + } + + /* Step 1: Reduction to P255_WIDTH limbs */ + if (X_Limbs > P255_WIDTH) { + /* Helper references for top part of X */ + mbedtls_mpi_uint * const A1 = X + P255_WIDTH; + const size_t A1_limbs = X_Limbs - P255_WIDTH; + + /* X = A0 + 38 * A1, capture carry out */ + *carry = mbedtls_mpi_core_mla(X, P255_WIDTH, A1, A1_limbs, 38); + /* Clear top part */ + memset(A1, 0, sizeof(mbedtls_mpi_uint) * A1_limbs); + } + + /* Step 2: Reduce to <2p + * Split as A0 + 2^255*c, with c a scalar, and compute A0 + 19*c */ + *carry <<= 1; + *carry += (X[P255_WIDTH - 1] >> (biL - 1)); + *carry *= 19; + + /* Clear top bit */ + X[P255_WIDTH - 1] <<= 1; X[P255_WIDTH - 1] >>= 1; + /* Since the top bit for X has been cleared 0 + 0 + Carry + * will not overflow. + * + * Furthermore for 2p = 2^256-38. When a carry propagation on the highest + * limb occurs, X > 2^255 and all the remaining bits on the limb are zero. + * - If X < 2^255 ==> X < 2p + * - If X > 2^255 ==> X < 2^256 - 2^255 < 2p */ + (void) mbedtls_mpi_core_add(X, X, carry, P255_WIDTH); + + mbedtls_free(carry); + return 0; +} +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + +/* Size of p448 in terms of mbedtls_mpi_uint */ +#define P448_WIDTH (448 / 8 / sizeof(mbedtls_mpi_uint)) + +/* Number of limbs fully occupied by 2^224 (max), and limbs used by it (min) */ +#define DIV_ROUND_UP(X, Y) (((X) + (Y) -1) / (Y)) +#define P224_SIZE (224 / 8) +#define P224_WIDTH_MIN (P224_SIZE / sizeof(mbedtls_mpi_uint)) +#define P224_WIDTH_MAX DIV_ROUND_UP(P224_SIZE, sizeof(mbedtls_mpi_uint)) +#define P224_UNUSED_BITS ((P224_WIDTH_MAX * sizeof(mbedtls_mpi_uint) * 8) - 224) + +static int ecp_mod_p448(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(448) * 2; + + /* This is required as some tests and use cases do not pass in a Bignum of + * the correct size, and expect the growth to be done automatically, which + * will no longer happen. */ + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + + ret = mbedtls_ecp_mod_p448_raw(N->p, N->n); + +cleanup: + return ret; +} + +/* + * Fast quasi-reduction modulo p448 = 2^448 - 2^224 - 1 + * Write X as A0 + 2^448 A1 and A1 as B0 + 2^224 B1, and return A0 + A1 + B1 + + * (B0 + B1) * 2^224. This is different to the reference implementation of + * Curve448, which uses its own special 56-bit limbs rather than a generic + * bignum library. We could squeeze some extra speed out on 32-bit machines by + * splitting N up into 32-bit limbs and doing the arithmetic using the limbs + * directly as we do for the NIST primes above, but for 64-bit targets it should + * use half the number of operations if we do the reduction with 224-bit limbs, + * since mpi_core_add will then use 64-bit adds. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p448_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + size_t round; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if (X_limbs != BITS_TO_LIMBS(448) * 2) { + return 0; + } + + size_t M_limbs = X_limbs - (P448_WIDTH); + + if (M_limbs > P448_WIDTH) { + /* Shouldn't be called with X larger than 2^896! */ + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + /* Both M and Q require an extra limb to catch carries. */ + M_limbs++; + + const size_t Q_limbs = M_limbs; + mbedtls_mpi_uint *M = NULL; + mbedtls_mpi_uint *Q = NULL; + + M = mbedtls_calloc(M_limbs, ciL); + + if (M == NULL) { + return MBEDTLS_ERR_ECP_ALLOC_FAILED; + } + + Q = mbedtls_calloc(Q_limbs, ciL); + + if (Q == NULL) { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + /* M = A1 */ + memset(M, 0, (M_limbs * ciL)); + /* Do not copy into the overflow limb, as this would read past the end of + * X. */ + memcpy(M, X + P448_WIDTH, ((M_limbs - 1) * ciL)); + + /* X = A0 */ + memset(X + P448_WIDTH, 0, ((M_limbs - 1) * ciL)); + + /* X = X + M = A0 + A1 */ + /* Carry here fits in oversize X. Oversize M means it will get + * added in, not returned as carry. */ + (void) mbedtls_mpi_core_add(X, X, M, M_limbs); + + /* Q = B1 = M >> 224 */ + memcpy(Q, (char *) M + P224_SIZE, P224_SIZE); + memset((char *) Q + P224_SIZE, 0, P224_SIZE); + + /* X = X + Q = (A0 + A1) + B1 + * Oversize Q catches potential carry here when X is already max 448 bits. + */ + (void) mbedtls_mpi_core_add(X, X, Q, Q_limbs); + + /* M = B0 */ +#ifdef MBEDTLS_HAVE_INT64 + M[P224_WIDTH_MIN] &= ((mbedtls_mpi_uint)-1) >> (P224_UNUSED_BITS); + #endif + memset(M + P224_WIDTH_MAX, 0, ((M_limbs - P224_WIDTH_MAX) * ciL)); + + /* M = M + Q = B0 + B1 */ + (void) mbedtls_mpi_core_add(M, M, Q, Q_limbs); + + /* M = (B0 + B1) * 2^224 */ + /* Shifted carry bit from the addition fits in oversize M. */ + memmove((char *) M + P224_SIZE, M, P224_SIZE + ciL); + memset(M, 0, P224_SIZE); + + /* X = X + M = (A0 + A1 + B1) + (B0 + B1) * 2^224 */ + (void) mbedtls_mpi_core_add(X, X, M, M_limbs); + + /* In the second and third rounds A1 and B0 have at most 1 non-zero limb and + * B1=0. + * Using this we need to calculate: + * A0 + A1 + B1 + (B0 + B1) * 2^224 = A0 + A1 + B0 * 2^224. */ + for (round = 0; round < 2; ++round) { + + /* M = A1 */ + memset(M, 0, (M_limbs * ciL)); + memcpy(M, X + P448_WIDTH, ((M_limbs - 1) * ciL)); + + /* X = A0 */ + memset(X + P448_WIDTH, 0, ((M_limbs - 1) * ciL)); + + /* M = A1 + B0 * 2^224 + * We know that only one limb of A1 will be non-zero and that it will be + * limb 0. We also know that B0 is the bottom 224 bits of A1 (which is + * then shifted up 224 bits), so, given M is currently A1 this turns + * into: + * M = M + (M << 224) + * As the single non-zero limb in B0 will be A1 limb 0 shifted up by 224 + * bits, we can just move that into the right place, shifted up + * accordingly.*/ + M[P224_WIDTH_MIN] = M[0] << (224 & (biL - 1)); + + /* X = A0 + (A1 + B0 * 2^224) */ + (void) mbedtls_mpi_core_add(X, X, M, M_limbs); + } + + ret = 0; + +cleanup: + mbedtls_free(M); + mbedtls_free(Q); + + return ret; +} +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + +/* + * Fast quasi-reduction modulo P = 2^s - R, + * with R about 33 bits, used by the Koblitz curves. + * + * Write X as A0 + 2^224 A1, return A0 + R * A1. + */ +#define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R + +static inline int ecp_mod_koblitz(mbedtls_mpi_uint *X, + size_t X_limbs, + mbedtls_mpi_uint *R, + size_t bits) +{ + int ret = 0; + + /* Determine if A1 is aligned to limb bitsize. If not then the used limbs + * of P, A0 and A1 must be set accordingly and there is a middle limb + * which is shared by A0 and A1 and need to handle accordingly. + */ + size_t shift = bits % biL; + size_t adjust = (shift + biL - 1) / biL; + size_t P_limbs = bits / biL + adjust; + + mbedtls_mpi_uint *A1 = mbedtls_calloc(P_limbs, ciL); + if (A1 == NULL) { + return MBEDTLS_ERR_ECP_ALLOC_FAILED; + } + + /* Create a buffer to store the value of `R * A1` */ + size_t R_limbs = P_KOBLITZ_R; + size_t M_limbs = P_limbs + R_limbs; + mbedtls_mpi_uint *M = mbedtls_calloc(M_limbs, ciL); + if (M == NULL) { + ret = MBEDTLS_ERR_ECP_ALLOC_FAILED; + goto cleanup; + } + + mbedtls_mpi_uint mask = 0; + if (adjust != 0) { + mask = ((mbedtls_mpi_uint) 1 << shift) - 1; + } + + /* Two passes are needed to reduce the value of `A0 + R * A1` and then + * we need an additional one to reduce the possible overflow during + * the addition. + */ + for (size_t pass = 0; pass < 3; pass++) { + /* Copy A1 */ + memcpy(A1, X + P_limbs - adjust, P_limbs * ciL); + + /* Shift A1 to be aligned */ + if (shift != 0) { + mbedtls_mpi_core_shift_r(A1, P_limbs, shift); + } + + /* Zeroize the A1 part of the shared limb */ + if (mask != 0) { + X[P_limbs - 1] &= mask; + } + + /* X = A0 + * Zeroize the A1 part of X to keep only the A0 part. + */ + for (size_t i = P_limbs; i < X_limbs; i++) { + X[i] = 0; + } + + /* X = A0 + R * A1 */ + mbedtls_mpi_core_mul(M, A1, P_limbs, R, R_limbs); + (void) mbedtls_mpi_core_add(X, X, M, P_limbs + R_limbs); + + /* Carry can not be generated since R is a 33-bit value and stored in + * 64 bits. The result value of the multiplication is at most + * P length + 33 bits in length and the result value of the addition + * is at most P length + 34 bits in length. So the result of the + * addition always fits in P length + 64 bits. + */ + } + +cleanup: + mbedtls_free(M); + mbedtls_free(A1); + + return ret; +} + +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) || + MBEDTLS_ECP_DP_SECP224K1_ENABLED) || + MBEDTLS_ECP_DP_SECP256K1_ENABLED) */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + +/* + * Fast quasi-reduction modulo p192k1 = 2^192 - R, + * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x01000011C9 + */ +static int ecp_mod_p192k1(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(192) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p192k1_raw(N->p, expected_width); + +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p192k1_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + static mbedtls_mpi_uint Rp[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, + 0x01, 0x00, 0x00, 0x00) + }; + + if (X_limbs != BITS_TO_LIMBS(192) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + return ecp_mod_koblitz(X, X_limbs, Rp, 192); +} + +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + +/* + * Fast quasi-reduction modulo p224k1 = 2^224 - R, + * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93 + */ +static int ecp_mod_p224k1(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(224) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p224k1_raw(N->p, expected_width); + +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p224k1_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + static mbedtls_mpi_uint Rp[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, + 0x01, 0x00, 0x00, 0x00) + }; + + if (X_limbs != BITS_TO_LIMBS(224) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + return ecp_mod_koblitz(X, X_limbs, Rp, 224); +} + +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + +/* + * Fast quasi-reduction modulo p256k1 = 2^256 - R, + * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1 + */ +static int ecp_mod_p256k1(mbedtls_mpi *N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t expected_width = BITS_TO_LIMBS(256) * 2; + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(N, expected_width)); + ret = mbedtls_ecp_mod_p256k1_raw(N->p, expected_width); + +cleanup: + return ret; +} + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p256k1_raw(mbedtls_mpi_uint *X, size_t X_limbs) +{ + static mbedtls_mpi_uint Rp[] = { + MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, + 0x01, 0x00, 0x00, 0x00) + }; + + if (X_limbs != BITS_TO_LIMBS(256) * 2) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + return ecp_mod_koblitz(X, X_limbs, Rp, 256); +} + +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +#if defined(MBEDTLS_TEST_HOOKS) +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_modulus_setup(mbedtls_mpi_mod_modulus *N, + const mbedtls_ecp_group_id id, + const mbedtls_ecp_modulus_type ctype) +{ + mbedtls_mpi_modp_fn modp = NULL; + mbedtls_mpi_uint *p = NULL; + size_t p_limbs; + + if (!(ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE || \ + ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_SCALAR)) { + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + switch (id) { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + case MBEDTLS_ECP_DP_SECP192R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { +#if defined(MBEDTLS_ECP_NIST_OPTIM) + modp = &mbedtls_ecp_mod_p192_raw; +#endif + p = (mbedtls_mpi_uint *) secp192r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp192r1_p)); + } else { + p = (mbedtls_mpi_uint *) secp192r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp192r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + case MBEDTLS_ECP_DP_SECP224R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { +#if defined(MBEDTLS_ECP_NIST_OPTIM) + modp = &mbedtls_ecp_mod_p224_raw; +#endif + p = (mbedtls_mpi_uint *) secp224r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp224r1_p)); + } else { + p = (mbedtls_mpi_uint *) secp224r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp224r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + case MBEDTLS_ECP_DP_SECP256R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { +#if defined(MBEDTLS_ECP_NIST_OPTIM) + modp = &mbedtls_ecp_mod_p256_raw; +#endif + p = (mbedtls_mpi_uint *) secp256r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp256r1_p)); + } else { + p = (mbedtls_mpi_uint *) secp256r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp256r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + case MBEDTLS_ECP_DP_SECP384R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { +#if defined(MBEDTLS_ECP_NIST_OPTIM) + modp = &mbedtls_ecp_mod_p384_raw; +#endif + p = (mbedtls_mpi_uint *) secp384r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp384r1_p)); + } else { + p = (mbedtls_mpi_uint *) secp384r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp384r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + case MBEDTLS_ECP_DP_SECP521R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { +#if defined(MBEDTLS_ECP_NIST_OPTIM) + modp = &mbedtls_ecp_mod_p521_raw; +#endif + p = (mbedtls_mpi_uint *) secp521r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp521r1_p)); + } else { + p = (mbedtls_mpi_uint *) secp521r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp521r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) + case MBEDTLS_ECP_DP_BP256R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + p = (mbedtls_mpi_uint *) brainpoolP256r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(brainpoolP256r1_p)); + } else { + p = (mbedtls_mpi_uint *) brainpoolP256r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(brainpoolP256r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) + case MBEDTLS_ECP_DP_BP384R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + p = (mbedtls_mpi_uint *) brainpoolP384r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(brainpoolP384r1_p)); + } else { + p = (mbedtls_mpi_uint *) brainpoolP384r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(brainpoolP384r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) + case MBEDTLS_ECP_DP_BP512R1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + p = (mbedtls_mpi_uint *) brainpoolP512r1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(brainpoolP512r1_p)); + } else { + p = (mbedtls_mpi_uint *) brainpoolP512r1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(brainpoolP512r1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + modp = &mbedtls_ecp_mod_p255_raw; + p = (mbedtls_mpi_uint *) curve25519_p; + p_limbs = CHARS_TO_LIMBS(sizeof(curve25519_p)); + } else { + p = (mbedtls_mpi_uint *) curve25519_n; + p_limbs = CHARS_TO_LIMBS(sizeof(curve25519_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case MBEDTLS_ECP_DP_SECP192K1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + modp = &mbedtls_ecp_mod_p192k1_raw; + p = (mbedtls_mpi_uint *) secp192k1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp192k1_p)); + } else { + p = (mbedtls_mpi_uint *) secp192k1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp192k1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case MBEDTLS_ECP_DP_SECP224K1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + modp = &mbedtls_ecp_mod_p224k1_raw; + p = (mbedtls_mpi_uint *) secp224k1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp224k1_p)); + } else { + p = (mbedtls_mpi_uint *) secp224k1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp224k1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case MBEDTLS_ECP_DP_SECP256K1: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + modp = &mbedtls_ecp_mod_p256k1_raw; + p = (mbedtls_mpi_uint *) secp256k1_p; + p_limbs = CHARS_TO_LIMBS(sizeof(secp256k1_p)); + } else { + p = (mbedtls_mpi_uint *) secp256k1_n; + p_limbs = CHARS_TO_LIMBS(sizeof(secp256k1_n)); + } + break; +#endif + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + case MBEDTLS_ECP_DP_CURVE448: + if (ctype == (mbedtls_ecp_modulus_type) MBEDTLS_ECP_MOD_COORDINATE) { + modp = &mbedtls_ecp_mod_p448_raw; + p = (mbedtls_mpi_uint *) curve448_p; + p_limbs = CHARS_TO_LIMBS(sizeof(curve448_p)); + } else { + p = (mbedtls_mpi_uint *) curve448_n; + p_limbs = CHARS_TO_LIMBS(sizeof(curve448_n)); + } + break; +#endif + + default: + case MBEDTLS_ECP_DP_NONE: + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + + if (modp != NULL) { + if (mbedtls_mpi_mod_optred_modulus_setup(N, p, p_limbs, modp)) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } + } else { + if (mbedtls_mpi_mod_modulus_setup(N, p, p_limbs)) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } + } + return 0; +} +#endif /* MBEDTLS_TEST_HOOKS */ + +#if defined(MBEDTLS_TEST_HOOKS) + +MBEDTLS_STATIC_TESTABLE +mbedtls_ecp_variant mbedtls_ecp_get_variant(void) +{ + return MBEDTLS_ECP_VARIANT_WITH_MPI_UINT; +} + +#endif /* MBEDTLS_TEST_HOOKS */ + +#endif /* !MBEDTLS_ECP_ALT */ +#endif /* MBEDTLS_ECP_LIGHT */ +#endif /* MBEDTLS_ECP_WITH_MPI_UINT */ diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index 18815be08..bb3b127ff 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -28,24 +28,32 @@ #include "common.h" #include "mbedtls/bignum.h" +#include "bignum_mod.h" #include "mbedtls/ecp.h" -#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C) - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) -/* Preconditions: - * - bits is a multiple of 64 or is 224 - * - c is -1 or -2 - * - 0 <= N < 2^bits - * - N has room for bits plus one limb - * - * Behavior: - * Set N to c * 2^bits + old_value_of_N. +/* + * Curve modulus types */ -void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits); -#endif +typedef enum { + MBEDTLS_ECP_MOD_NONE = 0, + MBEDTLS_ECP_MOD_COORDINATE, + MBEDTLS_ECP_MOD_SCALAR +} mbedtls_ecp_modulus_type; + +typedef enum { + MBEDTLS_ECP_VARIANT_NONE = 0, + MBEDTLS_ECP_VARIANT_WITH_MPI_STRUCT, + MBEDTLS_ECP_VARIANT_WITH_MPI_UINT +} mbedtls_ecp_variant; + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_LIGHT) + +/** Queries the ecp variant. + * + * \return The id of the ecp variant. + */ +MBEDTLS_STATIC_TESTABLE +mbedtls_ecp_variant mbedtls_ecp_get_variant(void); #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) /** Generate a private key on a Montgomery curve (Curve25519 or Curve448). @@ -61,7 +69,7 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits); * This is the bit-size of the key minus 1: * 254 for Curve25519 or 447 for Curve448. * \param d The randomly generated key. This is a number of size - * exactly \p n_bits + 1 bits, with the least significant bits + * exactly \p high_bit + 1 bits, with the least significant bits * masked as specified in [Curve25519] and in [RFC7748] §5. * \param f_rng The RNG function. * \param p_rng The RNG context to be passed to \p f_rng. @@ -69,13 +77,261 @@ void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits); * \return \c 0 on success. * \return \c MBEDTLS_ERR_ECP_xxx or MBEDTLS_ERR_MPI_xxx on failure. */ -int mbedtls_ecp_gen_privkey_mx(size_t n_bits, +int mbedtls_ecp_gen_privkey_mx(size_t high_bit, mbedtls_mpi *d, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */ +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) + +/** Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1) + * + * This operation expects a 384 bit MPI and the result of the reduction + * is a 192 bit MPI. + * + * \param[in,out] Np The address of the MPI to be converted. + * Must have twice as many limbs as the modulus. + * Upon return this holds the reduced value. The bitlength + * of the reduced value is the same as that of the modulus + * (192 bits). + * \param[in] Nn The length of \p Np in limbs. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p192_raw(mbedtls_mpi_uint *Np, size_t Nn); + +#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) + +/** Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2) + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 448-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * The bitlength of the reduced value is the same as + * that of the modulus (224 bits). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X_limbs is not the + * limb size that sores a 448-bit MPI. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p224_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) + +/** Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3) + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 512-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * The bitlength of the reduced value is the same as + * that of the modulus (256 bits). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X_limbs is not the + * limb size that sores a 512-bit MPI. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p256_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif + +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) + +/** Fast quasi-reduction modulo p521 = 2^521 - 1 (FIPS 186-3 D.2.5) + * + * \param[in,out] X The address of the MPI to be converted. + * Must have twice as many limbs as the modulus + * (the modulus is 521 bits long). Upon return this + * holds the reduced value. The reduced value is + * in range `0 <= X < 2 * N` (where N is the modulus). + * and its the bitlength is one plus the bitlength + * of the modulus. + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X_limbs does not have + * twice as many limbs as the modulus. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p521_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) + +/** Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4) + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 768-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * The bitlength of the reduced value is the same as + * that of the modulus (384 bits). + * \param[in] X_limbs The length of \p N in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p N_n does not have + * twice as many limbs as the modulus. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p384_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + +/** Fast quasi-reduction modulo p192k1 = 2^192 - R, + * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x01000011C9 + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 384-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * The bitlength of the reduced value is the same as + * that of the modulus (192 bits). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have + * twice as many limbs as the modulus. + * \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p192k1_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + +/** Fast quasi-reduction modulo p224k1 = 2^224 - R, + * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93 + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 448-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * The bitlength of the reduced value is the same as + * that of the modulus (224 bits). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have + * twice as many limbs as the modulus. + * \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p224k1_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + +/** Fast quasi-reduction modulo p256k1 = 2^256 - R, + * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1 + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 512-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * The bitlength of the reduced value is the same as + * that of the modulus (256 bits). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have + * twice as many limbs as the modulus. + * \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p256k1_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + +/** Fast quasi-reduction modulo p255 = 2^255 - 19 + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 510-bit MPI + * (double the bitlength of the modulus). + * Upon return holds the reduced value which is + * in range `0 <= X < 2 * N` (where N is the modulus). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have + * twice as many limbs as the modulus. + * \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation failed. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p255_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ + +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + +/** Fast quasi-reduction modulo p448 = 2^448 - 2^224 - 1 + * Write X as A0 + 2^448 A1 and A1 as B0 + 2^224 B1, and return A0 + A1 + B1 + + * (B0 + B1) * 2^224. + * + * \param[in,out] X The address of the MPI to be converted. + * Must have exact limb size that stores a 896-bit MPI + * (double the bitlength of the modulus). Upon return + * holds the reduced value which is in range `0 <= X < + * N` (where N is the modulus). The bitlength of the + * reduced value is the same as that of the modulus + * (448 bits). + * \param[in] X_limbs The length of \p X in limbs. + * + * \return \c 0 on Success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p X does not have + * twice as many limbs as the modulus. + * \return #MBEDTLS_ERR_ECP_ALLOC_FAILED if memory allocation + * failed. + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_mod_p448_raw(mbedtls_mpi_uint *X, size_t X_limbs); + +#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ + +/** Initialise a modulus with hard-coded const curve data. + * + * \note The caller is responsible for the \p N modulus' memory. + * mbedtls_mpi_mod_modulus_free(&N) should be invoked at the + * end of its lifecycle. + * + * \param[in,out] N The address of the modulus structure to populate. + * Must be initialized. + * \param[in] id The mbedtls_ecp_group_id for which to initialise the modulus. + * \param[in] ctype The mbedtls_ecp_modulus_type identifier for a coordinate modulus (P) + * or a scalar modulus (N). + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the given MPIs do not + * have the correct number of limbs. + * + */ +MBEDTLS_STATIC_TESTABLE +int mbedtls_ecp_modulus_setup(mbedtls_mpi_mod_modulus *N, + const mbedtls_ecp_group_id id, + const mbedtls_ecp_modulus_type ctype); + #endif /* MBEDTLS_TEST_HOOKS && MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_INVASIVE_H */ diff --git a/library/entropy.c b/library/entropy.c index 7e25f287f..00079176a 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -34,9 +34,6 @@ #include "mbedtls/platform.h" -#include "mbedtls/platform.h" - - #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ void mbedtls_entropy_init(mbedtls_entropy_context *ctx) @@ -49,11 +46,7 @@ void mbedtls_entropy_init(mbedtls_entropy_context *ctx) #endif ctx->accumulator_started = 0; -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init(&ctx->accumulator); -#else - mbedtls_sha256_init(&ctx->accumulator); -#endif + mbedtls_md_init(&ctx->accumulator); /* Reminder: Update ENTROPY_HAVE_STRONG in the test files * when adding more strong entropy sources here. */ @@ -89,11 +82,7 @@ void mbedtls_entropy_free(mbedtls_entropy_context *ctx) #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_free(&ctx->mutex); #endif -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_free(&ctx->accumulator); -#else - mbedtls_sha256_free(&ctx->accumulator); -#endif + mbedtls_md_free(&ctx->accumulator); #if defined(MBEDTLS_ENTROPY_NV_SEED) ctx->initial_entropy_run = 0; #endif @@ -150,15 +139,10 @@ static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id, int ret = 0; if (use_len > MBEDTLS_ENTROPY_BLOCK_SIZE) { -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if ((ret = mbedtls_sha512(data, len, tmp, 0)) != 0) { + if ((ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), + data, len, tmp)) != 0) { goto cleanup; } -#else - if ((ret = mbedtls_sha256(data, len, tmp, 0)) != 0) { - goto cleanup; - } -#endif p = tmp; use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; } @@ -171,29 +155,22 @@ static int entropy_update(mbedtls_entropy_context *ctx, unsigned char source_id, * it is sufficient to start the accumulator here only because all calls to * gather entropy eventually execute this code. */ -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - if (ctx->accumulator_started == 0 && - (ret = mbedtls_sha512_starts(&ctx->accumulator, 0)) != 0) { - goto cleanup; - } else { + if (ctx->accumulator_started == 0) { + ret = mbedtls_md_setup(&ctx->accumulator, + mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), 0); + if (ret != 0) { + goto cleanup; + } + ret = mbedtls_md_starts(&ctx->accumulator); + if (ret != 0) { + goto cleanup; + } ctx->accumulator_started = 1; } - if ((ret = mbedtls_sha512_update(&ctx->accumulator, header, 2)) != 0) { + if ((ret = mbedtls_md_update(&ctx->accumulator, header, 2)) != 0) { goto cleanup; } - ret = mbedtls_sha512_update(&ctx->accumulator, p, use_len); -#else - if (ctx->accumulator_started == 0 && - (ret = mbedtls_sha256_starts(&ctx->accumulator, 0)) != 0) { - goto cleanup; - } else { - ctx->accumulator_started = 1; - } - if ((ret = mbedtls_sha256_update(&ctx->accumulator, header, 2)) != 0) { - goto cleanup; - } - ret = mbedtls_sha256_update(&ctx->accumulator, p, use_len); -#endif + ret = mbedtls_md_update(&ctx->accumulator, p, use_len); cleanup: mbedtls_platform_zeroize(tmp, sizeof(tmp)); @@ -354,62 +331,41 @@ int mbedtls_entropy_func(void *data, unsigned char *output, size_t len) memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE); -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) /* * Note that at this stage it is assumed that the accumulator was started * in a previous call to entropy_update(). If this is not guaranteed, the * code below will fail. */ - if ((ret = mbedtls_sha512_finish(&ctx->accumulator, buf)) != 0) { + if ((ret = mbedtls_md_finish(&ctx->accumulator, buf)) != 0) { goto exit; } /* * Reset accumulator and counters and recycle existing entropy */ - mbedtls_sha512_free(&ctx->accumulator); - mbedtls_sha512_init(&ctx->accumulator); - if ((ret = mbedtls_sha512_starts(&ctx->accumulator, 0)) != 0) { + mbedtls_md_free(&ctx->accumulator); + mbedtls_md_init(&ctx->accumulator); + ret = mbedtls_md_setup(&ctx->accumulator, + mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), 0); + if (ret != 0) { goto exit; } - if ((ret = mbedtls_sha512_update(&ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { + ret = mbedtls_md_starts(&ctx->accumulator); + if (ret != 0) { + goto exit; + } + if ((ret = mbedtls_md_update(&ctx->accumulator, buf, + MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { goto exit; } /* - * Perform second SHA-512 on entropy + * Perform second hashing on entropy */ - if ((ret = mbedtls_sha512(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0)) != 0) { + if ((ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_ENTROPY_MD), + buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf)) != 0) { goto exit; } -#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ - if ((ret = mbedtls_sha256_finish(&ctx->accumulator, buf)) != 0) { - goto exit; - } - - /* - * Reset accumulator and counters and recycle existing entropy - */ - mbedtls_sha256_free(&ctx->accumulator); - mbedtls_sha256_init(&ctx->accumulator); - if ((ret = mbedtls_sha256_starts(&ctx->accumulator, 0)) != 0) { - goto exit; - } - if ((ret = mbedtls_sha256_update(&ctx->accumulator, buf, - MBEDTLS_ENTROPY_BLOCK_SIZE)) != 0) { - goto exit; - } - - /* - * Perform second SHA-256 on entropy - */ - if ((ret = mbedtls_sha256(buf, MBEDTLS_ENTROPY_BLOCK_SIZE, - buf, 0)) != 0) { - goto exit; - } -#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */ for (i = 0; i < ctx->source_count; i++) { ctx->source[i].size = 0; @@ -677,7 +633,7 @@ int mbedtls_entropy_self_test(int verbose) goto cleanup; } - if ((ret = mbedtls_entropy_update_manual(&ctx, buf, sizeof buf)) != 0) { + if ((ret = mbedtls_entropy_update_manual(&ctx, buf, sizeof(buf))) != 0) { goto cleanup; } diff --git a/library/entropy_poll.c b/library/entropy_poll.c index b5024c83f..9d5b1e652 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -48,31 +48,33 @@ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) -#if !defined(_WIN32_WINNT) -#define _WIN32_WINNT 0x0400 -#endif #include -#include +#include +#include int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len, size_t *olen) { - HCRYPTPROV provider; ((void) data); *olen = 0; - if (CryptAcquireContext(&provider, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) { - return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - } + /* + * BCryptGenRandom takes ULONG for size, which is smaller than size_t on + * 64-bit Windows platforms. Extract entropy in chunks of len (dependent + * on ULONG_MAX) size. + */ + while (len != 0) { + unsigned long ulong_bytes = + (len > ULONG_MAX) ? ULONG_MAX : (unsigned long) len; - if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) { - CryptReleaseContext(provider, 0); - return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - } + if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, ulong_bytes, + BCRYPT_USE_SYSTEM_PREFERRED_RNG))) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } - CryptReleaseContext(provider, 0); - *olen = len; + *olen += ulong_bytes; + len -= ulong_bytes; + } return 0; } diff --git a/library/entropy_poll.h b/library/entropy_poll.h index 3cfd4a444..be4943cce 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -50,7 +50,7 @@ int mbedtls_platform_entropy_poll(void *data, /** * \brief Entropy poll callback for a hardware source * - * \warning This is not provided by mbed TLS! + * \warning This is not provided by Mbed TLS! * See \c MBEDTLS_ENTROPY_HARDWARE_ALT in mbedtls_config.h. * * \note This must accept NULL as its first argument. diff --git a/library/gcm.c b/library/gcm.c index 6d4495fd3..c8618be7c 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -35,6 +35,7 @@ #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "mbedtls/constant_time.h" #include @@ -42,6 +43,10 @@ #include "aesni.h" #endif +#if defined(MBEDTLS_AESCE_C) +#include "aesce.h" +#endif + #if !defined(MBEDTLS_GCM_ALT) /* @@ -86,13 +91,19 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) ctx->HL[8] = vl; ctx->HH[8] = vh; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) +#if defined(MBEDTLS_AESNI_HAVE_CODE) /* With CLMUL support, we need only h, not the rest of the table */ if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { return 0; } #endif +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + return 0; + } +#endif + /* 0 corresponds to 0 in GF(2^128) */ ctx->HH[0] = 0; ctx->HL[0] = 0; @@ -137,7 +148,7 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, return MBEDTLS_ERR_GCM_BAD_INPUT; } - if (cipher_info->block_size != 16) { + if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) { return MBEDTLS_ERR_GCM_BAD_INPUT; } @@ -164,7 +175,7 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, * last4[x] = x times P^128 * where x and last4[x] are seen as elements of GF(2^128) as in [MGV] */ -static const uint64_t last4[16] = +static const uint16_t last4[16] = { 0x0000, 0x1c20, 0x3840, 0x2460, 0x7080, 0x6ca0, 0x48c0, 0x54e0, @@ -183,10 +194,11 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16], unsigned char lo, hi, rem; uint64_t zh, zl; -#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64) +#if defined(MBEDTLS_AESNI_HAVE_CODE) if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { unsigned char h[16]; + /* mbedtls_aesni_gcm_mult needs big-endian input */ MBEDTLS_PUT_UINT32_BE(ctx->HH[8] >> 32, h, 0); MBEDTLS_PUT_UINT32_BE(ctx->HH[8], h, 4); MBEDTLS_PUT_UINT32_BE(ctx->HL[8] >> 32, h, 8); @@ -195,7 +207,22 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16], mbedtls_aesni_gcm_mult(output, x, h); return; } -#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */ +#endif /* MBEDTLS_AESNI_HAVE_CODE */ + +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + unsigned char h[16]; + + /* mbedtls_aesce_gcm_mult needs big-endian input */ + MBEDTLS_PUT_UINT32_BE(ctx->HH[8] >> 32, h, 0); + MBEDTLS_PUT_UINT32_BE(ctx->HH[8], h, 4); + MBEDTLS_PUT_UINT32_BE(ctx->HL[8] >> 32, h, 8); + MBEDTLS_PUT_UINT32_BE(ctx->HL[8], h, 12); + + mbedtls_aesce_gcm_mult(output, x, h); + return; + } +#endif lo = x[15] & 0xf; @@ -575,7 +602,6 @@ int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char check_tag[16]; - size_t i; int diff; if ((ret = mbedtls_gcm_crypt_and_tag(ctx, MBEDTLS_GCM_DECRYPT, length, @@ -585,9 +611,7 @@ int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, } /* Check tag in "constant-time" */ - for (diff = 0, i = 0; i < tag_len; i++) { - diff |= tag[i] ^ check_tag[i]; - } + diff = mbedtls_ct_memcmp(tag, check_tag, tag_len); if (diff != 0) { mbedtls_platform_zeroize(output, length); @@ -619,7 +643,7 @@ void mbedtls_gcm_free(mbedtls_gcm_context *ctx) static const int key_index_test_data[MAX_TESTS] = { 0, 0, 1, 1, 1, 1 }; -static const unsigned char key_test_data[MAX_TESTS][32] = +static const unsigned char key_test_data[][32] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -637,7 +661,7 @@ static const size_t iv_len_test_data[MAX_TESTS] = static const int iv_index_test_data[MAX_TESTS] = { 0, 0, 1, 1, 1, 2 }; -static const unsigned char iv_test_data[MAX_TESTS][64] = +static const unsigned char iv_test_data[][64] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, @@ -659,7 +683,7 @@ static const size_t add_len_test_data[MAX_TESTS] = static const int add_index_test_data[MAX_TESTS] = { 0, 0, 0, 1, 1, 1 }; -static const unsigned char additional_test_data[MAX_TESTS][64] = +static const unsigned char additional_test_data[][64] = { { 0x00 }, { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, @@ -673,7 +697,7 @@ static const size_t pt_len_test_data[MAX_TESTS] = static const int pt_index_test_data[MAX_TESTS] = { 0, 0, 1, 1, 1, 1 }; -static const unsigned char pt_test_data[MAX_TESTS][64] = +static const unsigned char pt_test_data[][64] = { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, @@ -687,7 +711,7 @@ static const unsigned char pt_test_data[MAX_TESTS][64] = 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, }; -static const unsigned char ct_test_data[MAX_TESTS * 3][64] = +static const unsigned char ct_test_data[][64] = { { 0x00 }, { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, @@ -724,6 +748,7 @@ static const unsigned char ct_test_data[MAX_TESTS * 3][64] = 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f, 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03, 0x4c, 0x34, 0xae, 0xe5 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x00 }, { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41, 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 }, @@ -794,9 +819,10 @@ static const unsigned char ct_test_data[MAX_TESTS * 3][64] = 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde, 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e, 0x44, 0xae, 0x7e, 0x3f }, +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ }; -static const unsigned char tag_test_data[MAX_TESTS * 3][16] = +static const unsigned char tag_test_data[][16] = { { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }, @@ -810,6 +836,7 @@ static const unsigned char tag_test_data[MAX_TESTS * 3][16] = 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb }, { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa, 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b, 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 }, { 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab, @@ -834,6 +861,7 @@ static const unsigned char tag_test_data[MAX_TESTS * 3][16] = 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 }, { 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0, 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, +#endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ }; int mbedtls_gcm_self_test(int verbose) @@ -845,17 +873,40 @@ int mbedtls_gcm_self_test(int verbose) mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES; size_t olen; - for (j = 0; j < 3; j++) { + if (verbose != 0) { +#if defined(MBEDTLS_GCM_ALT) + mbedtls_printf(" GCM note: alternative implementation.\n"); +#else /* MBEDTLS_GCM_ALT */ +#if defined(MBEDTLS_AESNI_HAVE_CODE) + if (mbedtls_aesni_has_support(MBEDTLS_AESNI_CLMUL)) { + mbedtls_printf(" GCM note: using AESNI.\n"); + } else +#endif + +#if defined(MBEDTLS_AESCE_HAVE_CODE) + if (MBEDTLS_AESCE_HAS_SUPPORT()) { + mbedtls_printf(" GCM note: using AESCE.\n"); + } else +#endif + + mbedtls_printf(" GCM note: built-in implementation.\n"); +#endif /* MBEDTLS_GCM_ALT */ + } + + static const int loop_limit = + (sizeof(ct_test_data) / sizeof(*ct_test_data)) / MAX_TESTS; + + for (j = 0; j < loop_limit; j++) { int key_len = 128 + 64 * j; for (i = 0; i < MAX_TESTS; i++) { - mbedtls_gcm_init(&ctx); - if (verbose != 0) { mbedtls_printf(" AES-GCM-%3d #%d (%s): ", key_len, i, "enc"); } + mbedtls_gcm_init(&ctx); + ret = mbedtls_gcm_setkey(&ctx, cipher, key_test_data[key_index_test_data[i]], key_len); diff --git a/library/hash_info.c b/library/hash_info.c deleted file mode 100644 index f8b41a5cb..000000000 --- a/library/hash_info.c +++ /dev/null @@ -1,121 +0,0 @@ -/* - * Hash information that's independent from the crypto implementation. - * - * (See the corresponding header file for usage notes.) - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "hash_info.h" -#include "mbedtls/legacy_or_psa.h" -#include "mbedtls/error.h" - -typedef struct { - psa_algorithm_t psa_alg; - mbedtls_md_type_t md_type; - unsigned char size; - unsigned char block_size; -} hash_entry; - -static const hash_entry hash_table[] = { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_MD5, MBEDTLS_MD_MD5, 16, 64 }, -#endif -#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_RIPEMD160, MBEDTLS_MD_RIPEMD160, 20, 64 }, -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_SHA_1, MBEDTLS_MD_SHA1, 20, 64 }, -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_SHA_224, MBEDTLS_MD_SHA224, 28, 64 }, -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_SHA_256, MBEDTLS_MD_SHA256, 32, 64 }, -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_SHA_384, MBEDTLS_MD_SHA384, 48, 128 }, -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA) - { PSA_ALG_SHA_512, MBEDTLS_MD_SHA512, 64, 128 }, -#endif - { PSA_ALG_NONE, MBEDTLS_MD_NONE, 0, 0 }, -}; - -/* Get size from MD type */ -unsigned char mbedtls_hash_info_get_size(mbedtls_md_type_t md_type) -{ - const hash_entry *entry = hash_table; - while (entry->md_type != MBEDTLS_MD_NONE && - entry->md_type != md_type) { - entry++; - } - - return entry->size; -} - -/* Get block size from MD type */ -unsigned char mbedtls_hash_info_get_block_size(mbedtls_md_type_t md_type) -{ - const hash_entry *entry = hash_table; - while (entry->md_type != MBEDTLS_MD_NONE && - entry->md_type != md_type) { - entry++; - } - - return entry->block_size; -} - -/* Get PSA from MD */ -psa_algorithm_t mbedtls_hash_info_psa_from_md(mbedtls_md_type_t md_type) -{ - const hash_entry *entry = hash_table; - while (entry->md_type != MBEDTLS_MD_NONE && - entry->md_type != md_type) { - entry++; - } - - return entry->psa_alg; -} - -/* Get MD from PSA */ -mbedtls_md_type_t mbedtls_hash_info_md_from_psa(psa_algorithm_t psa_alg) -{ - const hash_entry *entry = hash_table; - while (entry->md_type != MBEDTLS_MD_NONE && - entry->psa_alg != psa_alg) { - entry++; - } - - return entry->md_type; -} - -int mbedtls_md_error_from_psa(psa_status_t status) -{ - switch (status) { - case PSA_SUCCESS: - return 0; - case PSA_ERROR_NOT_SUPPORTED: - return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; - case PSA_ERROR_INVALID_ARGUMENT: - return MBEDTLS_ERR_MD_BAD_INPUT_DATA; - case PSA_ERROR_INSUFFICIENT_MEMORY: - return MBEDTLS_ERR_MD_ALLOC_FAILED; - default: - return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; - } -} diff --git a/library/hash_info.h b/library/hash_info.h deleted file mode 100644 index 47da934de..000000000 --- a/library/hash_info.h +++ /dev/null @@ -1,99 +0,0 @@ -/** - * Hash information that's independent from the crypto implementation. - * - * This can be used by: - * - code based on PSA - * - code based on the legacy API - * - code based on either of them depending on MBEDTLS_USE_PSA_CRYPTO - * - code based on either of them depending on what's available - * - * Note: this internal module will go away when everything becomes based on - * PSA Crypto; it is a helper for the transition while hash algorithms are - * still represented using mbedtls_md_type_t in most places even when PSA is - * used for the actual crypto computations. - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef MBEDTLS_HASH_INFO_H -#define MBEDTLS_HASH_INFO_H - -#include "common.h" - -#include "mbedtls/md.h" -#include "psa/crypto.h" - -/** \def MBEDTLS_HASH_MAX_SIZE - * - * Maximum size of a hash based on configuration. - */ -#if defined(MBEDTLS_MD_C) && ( \ - !defined(MBEDTLS_PSA_CRYPTO_C) || \ - MBEDTLS_MD_MAX_SIZE >= PSA_HASH_MAX_SIZE) -#define MBEDTLS_HASH_MAX_SIZE MBEDTLS_MD_MAX_SIZE -#elif defined(MBEDTLS_PSA_CRYPTO_C) && ( \ - !defined(MBEDTLS_MD_C) || \ - PSA_HASH_MAX_SIZE >= MBEDTLS_MD_MAX_SIZE) -#define MBEDTLS_HASH_MAX_SIZE PSA_HASH_MAX_SIZE -#endif - -/** Get the output length of the given hash type from its MD type. - * - * \note To get the output length from the PSA alg, use \c PSA_HASH_LENGTH(). - * - * \param md_type The hash MD type. - * - * \return The output length in bytes, or 0 if not known. - */ -unsigned char mbedtls_hash_info_get_size(mbedtls_md_type_t md_type); - -/** Get the block size of the given hash type from its MD type. - * - * \note To get the output length from the PSA alg, use - * \c PSA_HASH_BLOCK_LENGTH(). - * - * \param md_type The hash MD type. - * - * \return The block size in bytes, or 0 if not known. - */ -unsigned char mbedtls_hash_info_get_block_size(mbedtls_md_type_t md_type); - -/** Get the PSA alg from the MD type. - * - * \param md_type The hash MD type. - * - * \return The corresponding PSA algorithm identifier, - * or PSA_ALG_NONE if not known. - */ -psa_algorithm_t mbedtls_hash_info_psa_from_md(mbedtls_md_type_t md_type); - -/** Get the MD type alg from the PSA algorithm identifier. - * - * \param psa_alg The PSA hash algorithm. - * - * \return The corresponding MD type, - * or MBEDTLS_MD_NONE if not known. - */ -mbedtls_md_type_t mbedtls_hash_info_md_from_psa(psa_algorithm_t psa_alg); - -/** Convert PSA status to MD error code. - * - * \param status PSA status. - * - * \return The corresponding MD error code, - */ -int mbedtls_md_error_from_psa(psa_status_t status); - -#endif /* MBEDTLS_HASH_INFO_H */ diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index b15730235..af205aacb 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -510,7 +510,7 @@ exit: #if defined(MBEDTLS_SELF_TEST) -#if !defined(MBEDTLS_SHA1_C) +#if !defined(MBEDTLS_MD_CAN_SHA1) /* Dummy checkup routine */ int mbedtls_hmac_drbg_self_test(int verbose) { @@ -639,7 +639,7 @@ int mbedtls_hmac_drbg_self_test(int verbose) return 0; } -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_HMAC_DRBG_C */ diff --git a/library/lmots.c b/library/lmots.c index c6b45ed59..9d796943c 100644 --- a/library/lmots.c +++ b/library/lmots.c @@ -41,9 +41,20 @@ #include "mbedtls/lms.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "psa_util_internal.h" #include "psa/crypto.h" +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_lms_errors, + ARRAY_LENGTH(psa_to_lms_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) + #define PUBLIC_KEY_TYPE_OFFSET (0) #define PUBLIC_KEY_I_KEY_ID_OFFSET (PUBLIC_KEY_TYPE_OFFSET + \ MBEDTLS_LMOTS_TYPE_LEN) @@ -198,7 +209,7 @@ static int create_digit_array_with_checksum(const mbedtls_lmots_parameters_t *pa exit: psa_hash_abort(&op); - return mbedtls_lms_error_from_psa(status); + return PSA_TO_MBEDTLS_ERR(status); } /* Hash each element of the string of digits (+ checksum), producing a hash @@ -321,7 +332,7 @@ exit: psa_hash_abort(&op); mbedtls_platform_zeroize(tmp_hash, sizeof(tmp_hash)); - return mbedtls_lms_error_from_psa(status); + return PSA_TO_MBEDTLS_ERR(status); } /* Combine the hashes of the digit array into a public key. This is used in @@ -386,9 +397,10 @@ exit: psa_hash_abort(&op); } - return mbedtls_lms_error_from_psa(status); + return PSA_TO_MBEDTLS_ERR(status); } +#if !defined(MBEDTLS_DEPRECATED_REMOVED) int mbedtls_lms_error_from_psa(psa_status_t status) { switch (status) { @@ -406,6 +418,7 @@ int mbedtls_lms_error_from_psa(psa_status_t status) return MBEDTLS_ERR_ERROR_GENERIC_ERROR; } } +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ void mbedtls_lmots_public_init(mbedtls_lmots_public_t *ctx) { @@ -425,8 +438,10 @@ int mbedtls_lmots_import_public_key(mbedtls_lmots_public_t *ctx, } ctx->params.type = - mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMOTS_TYPE_LEN, - key + MBEDTLS_LMOTS_SIG_TYPE_OFFSET); + (mbedtls_lmots_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int( + MBEDTLS_LMOTS_TYPE_LEN, + key + + MBEDTLS_LMOTS_SIG_TYPE_OFFSET); if (key_len != MBEDTLS_LMOTS_PUBLIC_KEY_LEN(ctx->params.type)) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; @@ -682,7 +697,7 @@ int mbedtls_lmots_generate_private_key(mbedtls_lmots_private_t *ctx, exit: psa_hash_abort(&op); - return mbedtls_lms_error_from_psa(status); + return PSA_TO_MBEDTLS_ERR(status); } int mbedtls_lmots_calculate_public_key(mbedtls_lmots_public_t *ctx, diff --git a/library/lmots.h b/library/lmots.h index deeeacea8..98d1941d5 100644 --- a/library/lmots.h +++ b/library/lmots.h @@ -79,6 +79,7 @@ void mbedtls_lms_unsigned_int_to_network_bytes(unsigned int val, size_t len, unsigned int mbedtls_lms_network_bytes_to_unsigned_int(size_t len, const unsigned char *bytes); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) /** * \brief This function converts a \ref psa_status_t to a * low-level LMS error code. @@ -87,8 +88,8 @@ unsigned int mbedtls_lms_network_bytes_to_unsigned_int(size_t len, * * \return The corresponding LMS error code. */ -int mbedtls_lms_error_from_psa(psa_status_t status); - +int MBEDTLS_DEPRECATED mbedtls_lms_error_from_psa(psa_status_t status); +#endif /** * \brief This function initializes a public LMOTS context diff --git a/library/lms.c b/library/lms.c index 76bcc19af..c06f9c260 100644 --- a/library/lms.c +++ b/library/lms.c @@ -39,13 +39,23 @@ #include "lmots.h" #include "psa/crypto.h" - +#include "psa_util_internal.h" #include "mbedtls/lms.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_lms_errors, + ARRAY_LENGTH(psa_to_lms_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) + #define SIG_Q_LEAF_ID_OFFSET (0) #define SIG_OTS_SIG_OFFSET (SIG_Q_LEAF_ID_OFFSET + \ MBEDTLS_LMOTS_Q_LEAF_ID_LEN) @@ -140,7 +150,7 @@ static int create_merkle_leaf_value(const mbedtls_lms_parameters_t *params, exit: psa_hash_abort(&op); - return mbedtls_lms_error_from_psa(status); + return PSA_TO_MBEDTLS_ERR(status); } /* Calculate the value of an internal node of the Merkle tree (which is a hash @@ -220,7 +230,7 @@ static int create_merkle_internal_value(const mbedtls_lms_parameters_t *params, exit: psa_hash_abort(&op); - return mbedtls_lms_error_from_psa(status); + return PSA_TO_MBEDTLS_ERR(status); } void mbedtls_lms_public_init(mbedtls_lms_public_t *ctx) @@ -239,8 +249,10 @@ int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx, mbedtls_lms_algorithm_type_t type; mbedtls_lmots_algorithm_type_t otstype; - type = mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMS_TYPE_LEN, - key + PUBLIC_KEY_TYPE_OFFSET); + type = (mbedtls_lms_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int( + MBEDTLS_LMS_TYPE_LEN, + key + + PUBLIC_KEY_TYPE_OFFSET); if (type != MBEDTLS_LMS_SHA256_M32_H10) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } @@ -250,8 +262,10 @@ int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx, return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } - otstype = mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMOTS_TYPE_LEN, - key + PUBLIC_KEY_OTSTYPE_OFFSET); + otstype = (mbedtls_lmots_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int( + MBEDTLS_LMOTS_TYPE_LEN, + key + + PUBLIC_KEY_OTSTYPE_OFFSET); if (otstype != MBEDTLS_LMOTS_SHA256_N32_W8) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } @@ -527,9 +541,8 @@ static int get_merkle_path(mbedtls_lms_private_t *ctx, ret = 0; exit: - mbedtls_platform_zeroize(tree, node_bytes * + mbedtls_zeroize_and_free(tree, node_bytes * MERKLE_TREE_NODE_AM(ctx->params.type)); - mbedtls_free(tree); return ret; } @@ -690,9 +703,8 @@ int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx, ret = 0; exit: - mbedtls_platform_zeroize(tree, node_bytes * + mbedtls_zeroize_and_free(tree, node_bytes * MERKLE_TREE_NODE_AM(priv_ctx->params.type)); - mbedtls_free(tree); return ret; } diff --git a/library/md.c b/library/md.c index a72987899..6dfbba78d 100644 --- a/library/md.c +++ b/library/md.c @@ -1,7 +1,7 @@ /** * \file md.c * - * \brief Generic message digest wrapper for mbed TLS + * \brief Generic message digest wrapper for Mbed TLS * * \author Adriaan de Jong * @@ -23,7 +23,23 @@ #include "common.h" -#if defined(MBEDTLS_MD_C) +/* + * Availability of functions in this module is controlled by two + * feature macros: + * - MBEDTLS_MD_C enables the whole module; + * - MBEDTLS_MD_LIGHT enables only functions for hashing and accessing + * most hash metadata (everything except string names); is it + * automatically set whenever MBEDTLS_MD_C is defined. + * + * In this file, functions from MD_LIGHT are at the top, MD_C at the end. + * + * In the future we may want to change the contract of some functions + * (behaviour with NULL arguments) depending on whether MD_C is defined or + * only MD_LIGHT. Also, the exact scope of MD_LIGHT might vary. + * + * For these reasons, we're keeping MD_LIGHT internal for now. + */ +#if defined(MBEDTLS_MD_LIGHT) #include "mbedtls/md.h" #include "md_wrap.h" @@ -35,6 +51,17 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/sha3.h" + +#if defined(MBEDTLS_PSA_CRYPTO_C) +#include +#include "md_psa.h" +#include "psa_util_internal.h" +#endif + +#if defined(MBEDTLS_MD_SOME_PSA) +#include "psa_crypto_core.h" +#endif #include "mbedtls/platform.h" @@ -44,202 +71,202 @@ #include #endif -#if defined(MBEDTLS_MD5_C) -const mbedtls_md_info_t mbedtls_md5_info = { - "MD5", - MBEDTLS_MD_MD5, - 16, - 64, +/* See comment above MBEDTLS_MD_MAX_SIZE in md.h */ +#if defined(MBEDTLS_PSA_CRYPTO_C) && MBEDTLS_MD_MAX_SIZE < PSA_HASH_MAX_SIZE +#error "Internal error: MBEDTLS_MD_MAX_SIZE < PSA_HASH_MAX_SIZE" +#endif + +#if defined(MBEDTLS_MD_C) +#define MD_INFO(type, out_size, block_size) type, out_size, block_size, +#else +#define MD_INFO(type, out_size, block_size) type, out_size, +#endif + +#if defined(MBEDTLS_MD_CAN_MD5) +static const mbedtls_md_info_t mbedtls_md5_info = { + MD_INFO(MBEDTLS_MD_MD5, 16, 64) }; #endif -#if defined(MBEDTLS_RIPEMD160_C) -const mbedtls_md_info_t mbedtls_ripemd160_info = { - "RIPEMD160", - MBEDTLS_MD_RIPEMD160, - 20, - 64, +#if defined(MBEDTLS_MD_CAN_RIPEMD160) +static const mbedtls_md_info_t mbedtls_ripemd160_info = { + MD_INFO(MBEDTLS_MD_RIPEMD160, 20, 64) }; #endif -#if defined(MBEDTLS_SHA1_C) -const mbedtls_md_info_t mbedtls_sha1_info = { - "SHA1", - MBEDTLS_MD_SHA1, - 20, - 64, +#if defined(MBEDTLS_MD_CAN_SHA1) +static const mbedtls_md_info_t mbedtls_sha1_info = { + MD_INFO(MBEDTLS_MD_SHA1, 20, 64) }; #endif -#if defined(MBEDTLS_SHA224_C) -const mbedtls_md_info_t mbedtls_sha224_info = { - "SHA224", - MBEDTLS_MD_SHA224, - 28, - 64, +#if defined(MBEDTLS_MD_CAN_SHA224) +static const mbedtls_md_info_t mbedtls_sha224_info = { + MD_INFO(MBEDTLS_MD_SHA224, 28, 64) }; #endif -#if defined(MBEDTLS_SHA256_C) -const mbedtls_md_info_t mbedtls_sha256_info = { - "SHA256", - MBEDTLS_MD_SHA256, - 32, - 64, +#if defined(MBEDTLS_MD_CAN_SHA256) +static const mbedtls_md_info_t mbedtls_sha256_info = { + MD_INFO(MBEDTLS_MD_SHA256, 32, 64) }; #endif -#if defined(MBEDTLS_SHA384_C) -const mbedtls_md_info_t mbedtls_sha384_info = { - "SHA384", - MBEDTLS_MD_SHA384, - 48, - 128, +#if defined(MBEDTLS_MD_CAN_SHA384) +static const mbedtls_md_info_t mbedtls_sha384_info = { + MD_INFO(MBEDTLS_MD_SHA384, 48, 128) }; #endif -#if defined(MBEDTLS_SHA512_C) -const mbedtls_md_info_t mbedtls_sha512_info = { - "SHA512", - MBEDTLS_MD_SHA512, - 64, - 128, +#if defined(MBEDTLS_MD_CAN_SHA512) +static const mbedtls_md_info_t mbedtls_sha512_info = { + MD_INFO(MBEDTLS_MD_SHA512, 64, 128) }; #endif -/* - * Reminder: update profiles in x509_crt.c when adding a new hash! - */ -static const int supported_digests[] = { - -#if defined(MBEDTLS_SHA512_C) - MBEDTLS_MD_SHA512, -#endif - -#if defined(MBEDTLS_SHA384_C) - MBEDTLS_MD_SHA384, -#endif - -#if defined(MBEDTLS_SHA256_C) - MBEDTLS_MD_SHA256, -#endif -#if defined(MBEDTLS_SHA224_C) - MBEDTLS_MD_SHA224, -#endif - -#if defined(MBEDTLS_SHA1_C) - MBEDTLS_MD_SHA1, -#endif - -#if defined(MBEDTLS_RIPEMD160_C) - MBEDTLS_MD_RIPEMD160, -#endif - -#if defined(MBEDTLS_MD5_C) - MBEDTLS_MD_MD5, -#endif - - MBEDTLS_MD_NONE +#if defined(MBEDTLS_MD_CAN_SHA3_224) +static const mbedtls_md_info_t mbedtls_sha3_224_info = { + MD_INFO(MBEDTLS_MD_SHA3_224, 28, 144) }; +#endif -const int *mbedtls_md_list(void) -{ - return supported_digests; -} +#if defined(MBEDTLS_MD_CAN_SHA3_256) +static const mbedtls_md_info_t mbedtls_sha3_256_info = { + MD_INFO(MBEDTLS_MD_SHA3_256, 32, 136) +}; +#endif -const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name) -{ - if (NULL == md_name) { - return NULL; - } +#if defined(MBEDTLS_MD_CAN_SHA3_384) +static const mbedtls_md_info_t mbedtls_sha3_384_info = { + MD_INFO(MBEDTLS_MD_SHA3_384, 48, 104) +}; +#endif - /* Get the appropriate digest information */ -#if defined(MBEDTLS_MD5_C) - if (!strcmp("MD5", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_MD5); - } +#if defined(MBEDTLS_MD_CAN_SHA3_512) +static const mbedtls_md_info_t mbedtls_sha3_512_info = { + MD_INFO(MBEDTLS_MD_SHA3_512, 64, 72) +}; #endif -#if defined(MBEDTLS_RIPEMD160_C) - if (!strcmp("RIPEMD160", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_RIPEMD160); - } -#endif -#if defined(MBEDTLS_SHA1_C) - if (!strcmp("SHA1", md_name) || !strcmp("SHA", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); - } -#endif -#if defined(MBEDTLS_SHA224_C) - if (!strcmp("SHA224", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_SHA224); - } -#endif -#if defined(MBEDTLS_SHA256_C) - if (!strcmp("SHA256", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); - } -#endif -#if defined(MBEDTLS_SHA384_C) - if (!strcmp("SHA384", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); - } -#endif -#if defined(MBEDTLS_SHA512_C) - if (!strcmp("SHA512", md_name)) { - return mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); - } -#endif - return NULL; -} const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type) { switch (md_type) { -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_MD_MD5: return &mbedtls_md5_info; #endif -#if defined(MBEDTLS_RIPEMD160_C) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) case MBEDTLS_MD_RIPEMD160: return &mbedtls_ripemd160_info; #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_MD_SHA1: return &mbedtls_sha1_info; #endif -#if defined(MBEDTLS_SHA224_C) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_MD_SHA224: return &mbedtls_sha224_info; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: return &mbedtls_sha256_info; #endif -#if defined(MBEDTLS_SHA384_C) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: return &mbedtls_sha384_info; #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_MD_SHA512: return &mbedtls_sha512_info; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_224) + case MBEDTLS_MD_SHA3_224: + return &mbedtls_sha3_224_info; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_256) + case MBEDTLS_MD_SHA3_256: + return &mbedtls_sha3_256_info; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_384) + case MBEDTLS_MD_SHA3_384: + return &mbedtls_sha3_384_info; +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_512) + case MBEDTLS_MD_SHA3_512: + return &mbedtls_sha3_512_info; #endif default: return NULL; } } -const mbedtls_md_info_t *mbedtls_md_info_from_ctx( - const mbedtls_md_context_t *ctx) +#if defined(MBEDTLS_MD_SOME_PSA) +static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info) { - if (ctx == NULL) { - return NULL; + switch (info->type) { +#if defined(MBEDTLS_MD_MD5_VIA_PSA) + case MBEDTLS_MD_MD5: + return PSA_ALG_MD5; +#endif +#if defined(MBEDTLS_MD_RIPEMD160_VIA_PSA) + case MBEDTLS_MD_RIPEMD160: + return PSA_ALG_RIPEMD160; +#endif +#if defined(MBEDTLS_MD_SHA1_VIA_PSA) + case MBEDTLS_MD_SHA1: + return PSA_ALG_SHA_1; +#endif +#if defined(MBEDTLS_MD_SHA224_VIA_PSA) + case MBEDTLS_MD_SHA224: + return PSA_ALG_SHA_224; +#endif +#if defined(MBEDTLS_MD_SHA256_VIA_PSA) + case MBEDTLS_MD_SHA256: + return PSA_ALG_SHA_256; +#endif +#if defined(MBEDTLS_MD_SHA384_VIA_PSA) + case MBEDTLS_MD_SHA384: + return PSA_ALG_SHA_384; +#endif +#if defined(MBEDTLS_MD_SHA512_VIA_PSA) + case MBEDTLS_MD_SHA512: + return PSA_ALG_SHA_512; +#endif +#if defined(MBEDTLS_MD_SHA3_224_VIA_PSA) + case MBEDTLS_MD_SHA3_224: + return PSA_ALG_SHA3_224; +#endif +#if defined(MBEDTLS_MD_SHA3_256_VIA_PSA) + case MBEDTLS_MD_SHA3_256: + return PSA_ALG_SHA3_256; +#endif +#if defined(MBEDTLS_MD_SHA3_384_VIA_PSA) + case MBEDTLS_MD_SHA3_384: + return PSA_ALG_SHA3_384; +#endif +#if defined(MBEDTLS_MD_SHA3_512_VIA_PSA) + case MBEDTLS_MD_SHA3_512: + return PSA_ALG_SHA3_512; +#endif + default: + return PSA_ALG_NONE; + } +} + +static int md_can_use_psa(const mbedtls_md_info_t *info) +{ + psa_algorithm_t alg = psa_alg_of_md(info); + if (alg == PSA_ALG_NONE) { + return 0; } - return ctx->MBEDTLS_PRIVATE(md_info); + return psa_can_do_hash(alg); } +#endif /* MBEDTLS_MD_SOME_PSA */ void mbedtls_md_init(mbedtls_md_context_t *ctx) { + /* Note: this sets engine (if present) to MBEDTLS_MD_ENGINE_LEGACY */ memset(ctx, 0, sizeof(mbedtls_md_context_t)); } @@ -250,6 +277,11 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx) } if (ctx->md_ctx != NULL) { +#if defined(MBEDTLS_MD_SOME_PSA) + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { + psa_hash_abort(ctx->md_ctx); + } else +#endif switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -285,6 +317,14 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx) case MBEDTLS_MD_SHA512: mbedtls_sha512_free(ctx->md_ctx); break; +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + case MBEDTLS_MD_SHA3_256: + case MBEDTLS_MD_SHA3_384: + case MBEDTLS_MD_SHA3_512: + mbedtls_sha3_free(ctx->md_ctx); + break; #endif default: /* Shouldn't happen */ @@ -293,11 +333,12 @@ void mbedtls_md_free(mbedtls_md_context_t *ctx) mbedtls_free(ctx->md_ctx); } +#if defined(MBEDTLS_MD_C) if (ctx->hmac_ctx != NULL) { - mbedtls_platform_zeroize(ctx->hmac_ctx, + mbedtls_zeroize_and_free(ctx->hmac_ctx, 2 * ctx->md_info->block_size); - mbedtls_free(ctx->hmac_ctx); } +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t)); } @@ -311,6 +352,21 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst, return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + if (src->engine != dst->engine) { + /* This can happen with src set to legacy because PSA wasn't ready + * yet, and dst to PSA because it became ready in the meantime. + * We currently don't support that case (we'd need to re-allocate + * md_ctx to the size of the appropriate MD context). */ + return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; + } + + if (src->engine == MBEDTLS_MD_ENGINE_PSA) { + psa_status_t status = psa_hash_clone(src->md_ctx, dst->md_ctx); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (src->md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -346,6 +402,14 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst, case MBEDTLS_MD_SHA512: mbedtls_sha512_clone(dst->md_ctx, src->md_ctx); break; +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + case MBEDTLS_MD_SHA3_256: + case MBEDTLS_MD_SHA3_384: + case MBEDTLS_MD_SHA3_512: + mbedtls_sha3_clone(dst->md_ctx, src->md_ctx); + break; #endif default: return MBEDTLS_ERR_MD_BAD_INPUT_DATA; @@ -365,14 +429,34 @@ int mbedtls_md_clone(mbedtls_md_context_t *dst, int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac) { - if (md_info == NULL || ctx == NULL) { +#if defined(MBEDTLS_MD_C) + if (ctx == NULL) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } +#endif + if (md_info == NULL) { return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } ctx->md_info = md_info; ctx->md_ctx = NULL; +#if defined(MBEDTLS_MD_C) ctx->hmac_ctx = NULL; +#else + if (hmac != 0) { + return MBEDTLS_ERR_MD_BAD_INPUT_DATA; + } +#endif +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_can_use_psa(ctx->md_info)) { + ctx->md_ctx = mbedtls_calloc(1, sizeof(psa_hash_operation_t)); + if (ctx->md_ctx == NULL) { + return MBEDTLS_ERR_MD_ALLOC_FAILED; + } + ctx->engine = MBEDTLS_MD_ENGINE_PSA; + } else +#endif switch (md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -408,11 +492,20 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info case MBEDTLS_MD_SHA512: ALLOC(sha512); break; +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + case MBEDTLS_MD_SHA3_256: + case MBEDTLS_MD_SHA3_384: + case MBEDTLS_MD_SHA3_512: + ALLOC(sha3); + break; #endif default: return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_C) if (hmac != 0) { ctx->hmac_ctx = mbedtls_calloc(2, md_info->block_size); if (ctx->hmac_ctx == NULL) { @@ -420,6 +513,7 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info return MBEDTLS_ERR_MD_ALLOC_FAILED; } } +#endif return 0; } @@ -427,9 +521,20 @@ int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info int mbedtls_md_starts(mbedtls_md_context_t *ctx) { +#if defined(MBEDTLS_MD_C) if (ctx == NULL || ctx->md_info == NULL) { return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#endif + +#if defined(MBEDTLS_MD_SOME_PSA) + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { + psa_algorithm_t alg = psa_alg_of_md(ctx->md_info); + psa_hash_abort(ctx->md_ctx); + psa_status_t status = psa_hash_setup(ctx->md_ctx, alg); + return mbedtls_md_error_from_psa(status); + } +#endif switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) @@ -459,6 +564,16 @@ int mbedtls_md_starts(mbedtls_md_context_t *ctx) #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return mbedtls_sha512_starts(ctx->md_ctx, 0); +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + return mbedtls_sha3_starts(ctx->md_ctx, MBEDTLS_SHA3_224); + case MBEDTLS_MD_SHA3_256: + return mbedtls_sha3_starts(ctx->md_ctx, MBEDTLS_SHA3_256); + case MBEDTLS_MD_SHA3_384: + return mbedtls_sha3_starts(ctx->md_ctx, MBEDTLS_SHA3_384); + case MBEDTLS_MD_SHA3_512: + return mbedtls_sha3_starts(ctx->md_ctx, MBEDTLS_SHA3_512); #endif default: return MBEDTLS_ERR_MD_BAD_INPUT_DATA; @@ -467,9 +582,18 @@ int mbedtls_md_starts(mbedtls_md_context_t *ctx) int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen) { +#if defined(MBEDTLS_MD_C) if (ctx == NULL || ctx->md_info == NULL) { return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#endif + +#if defined(MBEDTLS_MD_SOME_PSA) + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { + psa_status_t status = psa_hash_update(ctx->md_ctx, input, ilen); + return mbedtls_md_error_from_psa(status); + } +#endif switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) @@ -499,6 +623,13 @@ int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, siz #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return mbedtls_sha512_update(ctx->md_ctx, input, ilen); +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + case MBEDTLS_MD_SHA3_256: + case MBEDTLS_MD_SHA3_384: + case MBEDTLS_MD_SHA3_512: + return mbedtls_sha3_update(ctx->md_ctx, input, ilen); #endif default: return MBEDTLS_ERR_MD_BAD_INPUT_DATA; @@ -507,9 +638,20 @@ int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, siz int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output) { +#if defined(MBEDTLS_MD_C) if (ctx == NULL || ctx->md_info == NULL) { return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#endif + +#if defined(MBEDTLS_MD_SOME_PSA) + if (ctx->engine == MBEDTLS_MD_ENGINE_PSA) { + size_t size = ctx->md_info->size; + psa_status_t status = psa_hash_finish(ctx->md_ctx, + output, size, &size); + return mbedtls_md_error_from_psa(status); + } +#endif switch (ctx->md_info->type) { #if defined(MBEDTLS_MD5_C) @@ -539,6 +681,13 @@ int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output) #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return mbedtls_sha512_finish(ctx->md_ctx, output); +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + case MBEDTLS_MD_SHA3_256: + case MBEDTLS_MD_SHA3_384: + case MBEDTLS_MD_SHA3_512: + return mbedtls_sha3_finish(ctx->md_ctx, output, ctx->md_info->size); #endif default: return MBEDTLS_ERR_MD_BAD_INPUT_DATA; @@ -552,6 +701,16 @@ int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, siz return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } +#if defined(MBEDTLS_MD_SOME_PSA) + if (md_can_use_psa(md_info)) { + size_t size = md_info->size; + psa_status_t status = psa_hash_compute(psa_alg_of_md(md_info), + input, ilen, + output, size, &size); + return mbedtls_md_error_from_psa(status); + } +#endif + switch (md_info->type) { #if defined(MBEDTLS_MD5_C) case MBEDTLS_MD_MD5: @@ -580,12 +739,194 @@ int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, siz #if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return mbedtls_sha512(input, ilen, output, 0); +#endif +#if defined(MBEDTLS_SHA3_C) + case MBEDTLS_MD_SHA3_224: + return mbedtls_sha3(MBEDTLS_SHA3_224, input, ilen, output, md_info->size); + case MBEDTLS_MD_SHA3_256: + return mbedtls_sha3(MBEDTLS_SHA3_256, input, ilen, output, md_info->size); + case MBEDTLS_MD_SHA3_384: + return mbedtls_sha3(MBEDTLS_SHA3_384, input, ilen, output, md_info->size); + case MBEDTLS_MD_SHA3_512: + return mbedtls_sha3(MBEDTLS_SHA3_512, input, ilen, output, md_info->size); #endif default: return MBEDTLS_ERR_MD_BAD_INPUT_DATA; } } +unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info) +{ + if (md_info == NULL) { + return 0; + } + + return md_info->size; +} + +mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info) +{ + if (md_info == NULL) { + return MBEDTLS_MD_NONE; + } + + return md_info->type; +} + +#if defined(MBEDTLS_PSA_CRYPTO_C) +int mbedtls_md_error_from_psa(psa_status_t status) +{ + return PSA_TO_MBEDTLS_ERR_LIST(status, psa_to_md_errors, + psa_generic_status_to_mbedtls); +} +#endif /* MBEDTLS_PSA_CRYPTO_C */ + + +/************************************************************************ + * Functions above this separator are part of MBEDTLS_MD_LIGHT, * + * functions below are only available when MBEDTLS_MD_C is set. * + ************************************************************************/ +#if defined(MBEDTLS_MD_C) + +/* + * Reminder: update profiles in x509_crt.c when adding a new hash! + */ +static const int supported_digests[] = { + +#if defined(MBEDTLS_MD_CAN_SHA512) + MBEDTLS_MD_SHA512, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA384) + MBEDTLS_MD_SHA384, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA256) + MBEDTLS_MD_SHA256, +#endif +#if defined(MBEDTLS_MD_CAN_SHA224) + MBEDTLS_MD_SHA224, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA1) + MBEDTLS_MD_SHA1, +#endif + +#if defined(MBEDTLS_MD_CAN_RIPEMD160) + MBEDTLS_MD_RIPEMD160, +#endif + +#if defined(MBEDTLS_MD_CAN_MD5) + MBEDTLS_MD_MD5, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA3_224) + MBEDTLS_MD_SHA3_224, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA3_256) + MBEDTLS_MD_SHA3_256, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA3_384) + MBEDTLS_MD_SHA3_384, +#endif + +#if defined(MBEDTLS_MD_CAN_SHA3_512) + MBEDTLS_MD_SHA3_512, +#endif + + MBEDTLS_MD_NONE +}; + +const int *mbedtls_md_list(void) +{ + return supported_digests; +} + +typedef struct { + const char *md_name; + mbedtls_md_type_t md_type; +} md_name_entry; + +static const md_name_entry md_names[] = { +#if defined(MBEDTLS_MD_CAN_MD5) + { "MD5", MBEDTLS_MD_MD5 }, +#endif +#if defined(MBEDTLS_MD_CAN_RIPEMD160) + { "RIPEMD160", MBEDTLS_MD_RIPEMD160 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA1) + { "SHA1", MBEDTLS_MD_SHA1 }, + { "SHA", MBEDTLS_MD_SHA1 }, // compatibility fallback +#endif +#if defined(MBEDTLS_MD_CAN_SHA224) + { "SHA224", MBEDTLS_MD_SHA224 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA256) + { "SHA256", MBEDTLS_MD_SHA256 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA384) + { "SHA384", MBEDTLS_MD_SHA384 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA512) + { "SHA512", MBEDTLS_MD_SHA512 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_224) + { "SHA3-224", MBEDTLS_MD_SHA3_224 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_256) + { "SHA3-256", MBEDTLS_MD_SHA3_256 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_384) + { "SHA3-384", MBEDTLS_MD_SHA3_384 }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_512) + { "SHA3-512", MBEDTLS_MD_SHA3_512 }, +#endif + { NULL, MBEDTLS_MD_NONE }, +}; + +const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name) +{ + if (NULL == md_name) { + return NULL; + } + + const md_name_entry *entry = md_names; + while (entry->md_name != NULL && + strcmp(entry->md_name, md_name) != 0) { + ++entry; + } + + return mbedtls_md_info_from_type(entry->md_type); +} + +const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info) +{ + if (md_info == NULL) { + return NULL; + } + + const md_name_entry *entry = md_names; + while (entry->md_type != MBEDTLS_MD_NONE && + entry->md_type != md_info->type) { + ++entry; + } + + return entry->md_name; +} + +const mbedtls_md_info_t *mbedtls_md_info_from_ctx( + const mbedtls_md_context_t *ctx) +{ + if (ctx == NULL) { + return NULL; + } + + return ctx->MBEDTLS_PRIVATE(md_info); +} + #if defined(MBEDTLS_FS_IO) int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path, unsigned char *output) { @@ -774,71 +1115,6 @@ cleanup: return ret; } -int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data) -{ - if (ctx == NULL || ctx->md_info == NULL) { - return MBEDTLS_ERR_MD_BAD_INPUT_DATA; - } - - switch (ctx->md_info->type) { -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_MD_MD5: - return mbedtls_internal_md5_process(ctx->md_ctx, data); -#endif -#if defined(MBEDTLS_RIPEMD160_C) - case MBEDTLS_MD_RIPEMD160: - return mbedtls_internal_ripemd160_process(ctx->md_ctx, data); -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_MD_SHA1: - return mbedtls_internal_sha1_process(ctx->md_ctx, data); -#endif -#if defined(MBEDTLS_SHA224_C) - case MBEDTLS_MD_SHA224: - return mbedtls_internal_sha256_process(ctx->md_ctx, data); -#endif -#if defined(MBEDTLS_SHA256_C) - case MBEDTLS_MD_SHA256: - return mbedtls_internal_sha256_process(ctx->md_ctx, data); -#endif -#if defined(MBEDTLS_SHA384_C) - case MBEDTLS_MD_SHA384: - return mbedtls_internal_sha512_process(ctx->md_ctx, data); -#endif -#if defined(MBEDTLS_SHA512_C) - case MBEDTLS_MD_SHA512: - return mbedtls_internal_sha512_process(ctx->md_ctx, data); -#endif - default: - return MBEDTLS_ERR_MD_BAD_INPUT_DATA; - } -} - -unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info) -{ - if (md_info == NULL) { - return 0; - } - - return md_info->size; -} - -mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info) -{ - if (md_info == NULL) { - return MBEDTLS_MD_NONE; - } - - return md_info->type; -} - -const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info) -{ - if (md_info == NULL) { - return NULL; - } - - return md_info->name; -} - #endif /* MBEDTLS_MD_C */ + +#endif /* MBEDTLS_MD_LIGHT */ diff --git a/library/md5.c b/library/md5.c index 138a32057..7e7e3ad9e 100644 --- a/library/md5.c +++ b/library/md5.c @@ -286,7 +286,7 @@ int mbedtls_md5_finish(mbedtls_md5_context *ctx, memset(ctx->buffer + used, 0, 64 - used); if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } memset(ctx->buffer, 0, 56); @@ -303,7 +303,7 @@ int mbedtls_md5_finish(mbedtls_md5_context *ctx, MBEDTLS_PUT_UINT32_LE(high, ctx->buffer, 60); if ((ret = mbedtls_internal_md5_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } /* @@ -314,7 +314,11 @@ int mbedtls_md5_finish(mbedtls_md5_context *ctx, MBEDTLS_PUT_UINT32_LE(ctx->state[2], output, 8); MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); - return 0; + ret = 0; + +exit: + mbedtls_md5_free(ctx); + return ret; } #endif /* !MBEDTLS_MD5_ALT */ diff --git a/library/md_psa.h b/library/md_psa.h new file mode 100644 index 000000000..8e00bb149 --- /dev/null +++ b/library/md_psa.h @@ -0,0 +1,75 @@ +/** + * Translation between MD and PSA identifiers (algorithms, errors). + * + * Note: this internal module will go away when everything becomes based on + * PSA Crypto; it is a helper for the transition period. + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef MBEDTLS_MD_PSA_H +#define MBEDTLS_MD_PSA_H + +#include "common.h" + +#include "mbedtls/md.h" +#include "psa/crypto.h" + +/** + * \brief This function returns the PSA algorithm identifier + * associated with the given digest type. + * + * \param md_type The type of digest to search for. Must not be NONE. + * + * \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will + * not return \c PSA_ALG_NONE, but an invalid algorithm. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The PSA algorithm identifier associated with \p md_type, + * regardless of whether it is supported or not. + */ +static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) +{ + return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; +} + +/** + * \brief This function returns the given digest type + * associated with the PSA algorithm identifier. + * + * \param psa_alg The PSA algorithm identifier to search for. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The MD type associated with \p psa_alg, + * regardless of whether it is supported or not. + */ +static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) +{ + return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); +} + +/** Convert PSA status to MD error code. + * + * \param status PSA status. + * + * \return The corresponding MD error code, + */ +int mbedtls_md_error_from_psa(psa_status_t status); + +#endif /* MBEDTLS_MD_PSA_H */ diff --git a/library/md_wrap.h b/library/md_wrap.h index cd539b54b..166b43b99 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -39,41 +39,18 @@ extern "C" { * Allows message digest functions to be called in a generic way. */ struct mbedtls_md_info_t { - /** Name of the message digest */ - const char *name; - /** Digest identifier */ mbedtls_md_type_t type; /** Output length of the digest function in bytes */ unsigned char size; +#if defined(MBEDTLS_MD_C) /** Block length of the digest function in bytes */ unsigned char block_size; +#endif }; -#if defined(MBEDTLS_MD5_C) -extern const mbedtls_md_info_t mbedtls_md5_info; -#endif -#if defined(MBEDTLS_RIPEMD160_C) -extern const mbedtls_md_info_t mbedtls_ripemd160_info; -#endif -#if defined(MBEDTLS_SHA1_C) -extern const mbedtls_md_info_t mbedtls_sha1_info; -#endif -#if defined(MBEDTLS_SHA224_C) -extern const mbedtls_md_info_t mbedtls_sha224_info; -#endif -#if defined(MBEDTLS_SHA256_C) -extern const mbedtls_md_info_t mbedtls_sha256_info; -#endif -#if defined(MBEDTLS_SHA384_C) -extern const mbedtls_md_info_t mbedtls_sha384_info; -#endif -#if defined(MBEDTLS_SHA512_C) -extern const mbedtls_md_info_t mbedtls_sha512_info; -#endif - #ifdef __cplusplus } #endif diff --git a/library/mps_common.h b/library/mps_common.h index 4a10176bd..301d52532 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** @@ -169,7 +169,7 @@ * */ typedef size_t mbedtls_mps_stored_size_t; -#define MBEDTLS_MPS_STORED_SIZE_MAX ((mbedtls_mps_stored_size_t) -1) +#define MBEDTLS_MPS_STORED_SIZE_MAX (SIZE_MAX) /** \brief The type of buffer sizes and offsets used in the MPS API * and implementation. @@ -183,7 +183,7 @@ typedef size_t mbedtls_mps_stored_size_t; * so almost 10%. */ typedef size_t mbedtls_mps_size_t; -#define MBEDTLS_MPS_SIZE_MAX ((mbedtls_mps_size_t) -1) +#define MBEDTLS_MPS_SIZE_MAX (SIZE_MAX) #if MBEDTLS_MPS_STORED_SIZE_MAX > MBEDTLS_MPS_SIZE_MAX #error "Misconfiguration of mbedtls_mps_size_t and mbedtls_mps_stored_size_t." diff --git a/library/mps_error.h b/library/mps_error.h index 15570d238..5113959be 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_reader.h b/library/mps_reader.h index bff670503..bb912ec17 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_trace.h b/library/mps_trace.h index 6f0455f03..f8e0a5d80 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS (https://tls.mbed.org) + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/net_sockets.c b/library/net_sockets.c index e63d08b15..db80447a3 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -49,11 +49,6 @@ #define IS_EINTR(ret) ((ret) == WSAEINTR) -#if !defined(_WIN32_WINNT) -/* Enables getaddrinfo() & Co */ -#define _WIN32_WINNT 0x0501 -#endif - #include #include @@ -90,6 +85,7 @@ static int wsa_init_done = 0; #include #define IS_EINTR(ret) ((ret) == EINTR) +#define SOCKET int #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ @@ -494,13 +490,13 @@ int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout) FD_ZERO(&read_fds); if (rw & MBEDTLS_NET_POLL_READ) { rw &= ~MBEDTLS_NET_POLL_READ; - FD_SET(fd, &read_fds); + FD_SET((SOCKET) fd, &read_fds); } FD_ZERO(&write_fds); if (rw & MBEDTLS_NET_POLL_WRITE) { rw &= ~MBEDTLS_NET_POLL_WRITE; - FD_SET(fd, &write_fds); + FD_SET((SOCKET) fd, &write_fds); } if (rw != 0) { @@ -608,7 +604,7 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, } FD_ZERO(&read_fds); - FD_SET(fd, &read_fds); + FD_SET((SOCKET) fd, &read_fds); tv.tv_sec = timeout / 1000; tv.tv_usec = (timeout % 1000) * 1000; diff --git a/library/nist_kw.c b/library/nist_kw.c index 5817bf4f4..7bdc807bc 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -35,6 +35,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#include "constant_time_internal.h" #include #include @@ -75,7 +76,7 @@ int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } - if (cipher_info->block_size != 16) { + if (mbedtls_cipher_info_get_block_size(cipher_info) != 16) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } @@ -333,9 +334,9 @@ int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, unsigned char *output, size_t *out_len, size_t out_size) { int ret = 0; - size_t i, olen; + size_t olen; unsigned char A[KW_SEMIBLOCK_LENGTH]; - unsigned char diff, bad_padding = 0; + int diff; *out_len = 0; if (out_size < in_len - KW_SEMIBLOCK_LENGTH) { @@ -420,19 +421,15 @@ int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, * larger than 8, because of the type wrap around. */ padlen = in_len - KW_SEMIBLOCK_LENGTH - Plen; - if (padlen > 7) { - padlen &= 7; - ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; - } + ret = mbedtls_ct_error_if(mbedtls_ct_uint_gt(padlen, 7), + MBEDTLS_ERR_CIPHER_AUTH_FAILED, ret); + padlen &= 7; /* Check padding in "constant-time" */ - for (diff = 0, i = 0; i < KW_SEMIBLOCK_LENGTH; i++) { - if (i >= KW_SEMIBLOCK_LENGTH - padlen) { - diff |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; - } else { - bad_padding |= output[*out_len - KW_SEMIBLOCK_LENGTH + i]; - } - } + const uint8_t zero[KW_SEMIBLOCK_LENGTH] = { 0 }; + diff = mbedtls_ct_memcmp_partial( + &output[*out_len - KW_SEMIBLOCK_LENGTH], zero, + KW_SEMIBLOCK_LENGTH, KW_SEMIBLOCK_LENGTH - padlen, 0); if (diff != 0) { ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED; @@ -454,7 +451,6 @@ cleanup: *out_len = 0; } - mbedtls_platform_zeroize(&bad_padding, sizeof(bad_padding)); mbedtls_platform_zeroize(&diff, sizeof(diff)); mbedtls_platform_zeroize(A, sizeof(A)); @@ -465,17 +461,22 @@ cleanup: #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) -#define KW_TESTS 3 - /* * Test vectors taken from NIST * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES#KW */ -static const unsigned int key_len[KW_TESTS] = { 16, 24, 32 }; +static const unsigned int key_len[] = { + 16, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) + 24, + 32 +#endif +}; -static const unsigned char kw_key[KW_TESTS][32] = { +static const unsigned char kw_key[][32] = { { 0x75, 0x75, 0xda, 0x3a, 0x93, 0x60, 0x7c, 0xc2, 0xbf, 0xd8, 0xce, 0xc7, 0xaa, 0xdf, 0xd9, 0xa6 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x2d, 0x85, 0x26, 0x08, 0x1d, 0x02, 0xfb, 0x5b, 0x85, 0xf6, 0x9a, 0xc2, 0x86, 0xec, 0xd5, 0x7d, 0x40, 0xdf, 0x5d, 0xf3, 0x49, 0x47, 0x44, 0xd3 }, @@ -483,11 +484,13 @@ static const unsigned char kw_key[KW_TESTS][32] = { 0x4a, 0x98, 0x48, 0xd3, 0x0f, 0xdd, 0x78, 0x33, 0x5b, 0x03, 0x9a, 0x48, 0xa8, 0x96, 0x2c, 0x4d, 0x1c, 0xb7, 0x8e, 0xab, 0xd5, 0xda, 0xd7, 0x88 } +#endif }; -static const unsigned char kw_msg[KW_TESTS][40] = { +static const unsigned char kw_msg[][40] = { { 0x42, 0x13, 0x6d, 0x3c, 0x38, 0x4a, 0x3e, 0xea, 0xc9, 0x5a, 0x06, 0x6f, 0xd2, 0x8f, 0xed, 0x3f }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x95, 0xc1, 0x1b, 0xf5, 0x35, 0x3a, 0xfe, 0xdb, 0x98, 0xfd, 0xd6, 0xc8, 0xca, 0x6f, 0xdb, 0x6d, 0xa5, 0x4b, 0x74, 0xb4, 0x99, 0x0f, 0xdc, 0x45, @@ -496,14 +499,28 @@ static const unsigned char kw_msg[KW_TESTS][40] = { { 0x1b, 0x20, 0xbf, 0x19, 0x90, 0xb0, 0x65, 0xd7, 0x98, 0xe1, 0xb3, 0x22, 0x64, 0xad, 0x50, 0xa8, 0x74, 0x74, 0x92, 0xba, 0x09, 0xa0, 0x4d, 0xd1 } +#endif }; -static const size_t kw_msg_len[KW_TESTS] = { 16, 40, 24 }; -static const size_t kw_out_len[KW_TESTS] = { 24, 48, 32 }; -static const unsigned char kw_res[KW_TESTS][48] = { +static const size_t kw_msg_len[] = { + 16, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) + 40, + 24 +#endif +}; +static const size_t kw_out_len[] = { + 24, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) + 48, + 32 +#endif +}; +static const unsigned char kw_res[][48] = { { 0x03, 0x1f, 0x6b, 0xd7, 0xe6, 0x1e, 0x64, 0x3d, 0xf6, 0x85, 0x94, 0x81, 0x6f, 0x64, 0xca, 0xa3, 0xf5, 0x6f, 0xab, 0xea, 0x25, 0x48, 0xf5, 0xfb }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x44, 0x3c, 0x6f, 0x15, 0x09, 0x83, 0x71, 0x91, 0x3e, 0x5c, 0x81, 0x4c, 0xa1, 0xa0, 0x42, 0xec, 0x68, 0x2f, 0x7b, 0x13, 0x6d, 0x24, 0x3a, 0x4d, @@ -514,11 +531,13 @@ static const unsigned char kw_res[KW_TESTS][48] = { 0xd5, 0xd5, 0x40, 0xec, 0x25, 0xd4, 0x3d, 0x87, 0x20, 0x0f, 0xda, 0xdc, 0x6d, 0x1f, 0x05, 0xd9, 0x16, 0x58, 0x4f, 0xa9, 0xf6, 0xcb, 0xf5, 0x12 } +#endif }; -static const unsigned char kwp_key[KW_TESTS][32] = { +static const unsigned char kwp_key[][32] = { { 0x78, 0x65, 0xe2, 0x0f, 0x3c, 0x21, 0x65, 0x9a, 0xb4, 0x69, 0x0b, 0x62, 0x9c, 0xdf, 0x3c, 0xc4 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0xf5, 0xf8, 0x96, 0xa3, 0xbd, 0x2f, 0x4a, 0x98, 0x23, 0xef, 0x16, 0x2b, 0x00, 0xb8, 0x05, 0xd7, 0xde, 0x1e, 0xa4, 0x66, 0x26, 0x96, 0xa2, 0x58 }, @@ -526,23 +545,33 @@ static const unsigned char kwp_key[KW_TESTS][32] = { 0x25, 0x54, 0xee, 0x2a, 0x8d, 0xf1, 0x38, 0x6f, 0x5b, 0x94, 0xa1, 0xa6, 0x0e, 0xd8, 0xa4, 0xae, 0xf6, 0x0a, 0x8d, 0x61, 0xab, 0x5f, 0x22, 0x5a } +#endif }; -static const unsigned char kwp_msg[KW_TESTS][31] = { +static const unsigned char kwp_msg[][31] = { { 0xbd, 0x68, 0x43, 0xd4, 0x20, 0x37, 0x8d, 0xc8, 0x96 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x6c, 0xcd, 0xd5, 0x85, 0x18, 0x40, 0x97, 0xeb, 0xd5, 0xc3, 0xaf, 0x3e, 0x47, 0xd0, 0x2c, 0x19, 0x14, 0x7b, 0x4d, 0x99, 0x5f, 0x96, 0x43, 0x66, 0x91, 0x56, 0x75, 0x8c, 0x13, 0x16, 0x8f }, { 0xd1 } +#endif +}; +static const size_t kwp_msg_len[] = { + 9, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) + 31, + 1 +#endif }; -static const size_t kwp_msg_len[KW_TESTS] = { 9, 31, 1 }; -static const unsigned char kwp_res[KW_TESTS][48] = { +static const unsigned char kwp_res[][48] = { { 0x41, 0xec, 0xa9, 0x56, 0xd4, 0xaa, 0x04, 0x7e, 0xb5, 0xcf, 0x4e, 0xfe, 0x65, 0x96, 0x61, 0xe7, 0x4d, 0xb6, 0xf8, 0xc5, 0x64, 0xe2, 0x35, 0x00 }, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { 0x4e, 0x9b, 0xc2, 0xbc, 0xbc, 0x6c, 0x1e, 0x13, 0xd3, 0x35, 0xbc, 0xc0, 0xf7, 0x73, 0x6a, 0x88, 0xfa, 0x87, 0x53, 0x66, 0x15, 0xbb, 0x8e, 0x63, @@ -550,8 +579,15 @@ static const unsigned char kwp_res[KW_TESTS][48] = { 0x67, 0xcf, 0xa9, 0x8a, 0x9d, 0x0e, 0x33, 0x26 }, { 0x06, 0xba, 0x7a, 0xe6, 0xf3, 0x24, 0x8c, 0xfd, 0xcf, 0x26, 0x75, 0x07, 0xfa, 0x00, 0x1b, 0xc4 } +#endif +}; +static const size_t kwp_out_len[] = { + 24, +#if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) + 40, + 16 +#endif }; -static const size_t kwp_out_len[KW_TESTS] = { 24, 40, 16 }; int mbedtls_nist_kw_self_test(int verbose) { @@ -562,114 +598,128 @@ int mbedtls_nist_kw_self_test(int verbose) int ret = 0; mbedtls_nist_kw_init(&ctx); - for (i = 0; i < KW_TESTS; i++) { - if (verbose != 0) { - mbedtls_printf(" KW-AES-%u ", (unsigned int) key_len[i] * 8); - } + /* + * KW mode + */ + { + static const int num_tests = sizeof(kw_key) / sizeof(*kw_key); - ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, - kw_key[i], key_len[i] * 8, 1); - if (ret != 0) { + for (i = 0; i < num_tests; i++) { if (verbose != 0) { - mbedtls_printf(" KW: setup failed "); + mbedtls_printf(" KW-AES-%u ", (unsigned int) key_len[i] * 8); } - goto end; - } + ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kw_key[i], key_len[i] * 8, 1); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf(" KW: setup failed "); + } - ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, kw_msg[i], - kw_msg_len[i], out, &olen, sizeof(out)); - if (ret != 0 || kw_out_len[i] != olen || - memcmp(out, kw_res[i], kw_out_len[i]) != 0) { - if (verbose != 0) { - mbedtls_printf("failed. "); + goto end; } - ret = 1; - goto end; - } + ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, kw_msg[i], + kw_msg_len[i], out, &olen, sizeof(out)); + if (ret != 0 || kw_out_len[i] != olen || + memcmp(out, kw_res[i], kw_out_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } - if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, - kw_key[i], key_len[i] * 8, 0)) - != 0) { - if (verbose != 0) { - mbedtls_printf(" KW: setup failed "); + ret = 1; + goto end; } - goto end; - } + if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kw_key[i], key_len[i] * 8, 0)) + != 0) { + if (verbose != 0) { + mbedtls_printf(" KW: setup failed "); + } - ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, - out, olen, out, &olen, sizeof(out)); - - if (ret != 0 || olen != kw_msg_len[i] || - memcmp(out, kw_msg[i], kw_msg_len[i]) != 0) { - if (verbose != 0) { - mbedtls_printf("failed\n"); + goto end; } - ret = 1; - goto end; - } + ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, + out, olen, out, &olen, sizeof(out)); - if (verbose != 0) { - mbedtls_printf(" passed\n"); + if (ret != 0 || olen != kw_msg_len[i] || + memcmp(out, kw_msg[i], kw_msg_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + + ret = 1; + goto end; + } + + if (verbose != 0) { + mbedtls_printf(" passed\n"); + } } } - for (i = 0; i < KW_TESTS; i++) { - olen = sizeof(out); - if (verbose != 0) { - mbedtls_printf(" KWP-AES-%u ", (unsigned int) key_len[i] * 8); - } + /* + * KWP mode + */ + { + static const int num_tests = sizeof(kwp_key) / sizeof(*kwp_key); - ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i], - key_len[i] * 8, 1); - if (ret != 0) { + for (i = 0; i < num_tests; i++) { + olen = sizeof(out); if (verbose != 0) { - mbedtls_printf(" KWP: setup failed "); + mbedtls_printf(" KWP-AES-%u ", (unsigned int) key_len[i] * 8); } - goto end; - } - ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i], - kwp_msg_len[i], out, &olen, sizeof(out)); + ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, kwp_key[i], + key_len[i] * 8, 1); + if (ret != 0) { + if (verbose != 0) { + mbedtls_printf(" KWP: setup failed "); + } - if (ret != 0 || kwp_out_len[i] != olen || - memcmp(out, kwp_res[i], kwp_out_len[i]) != 0) { - if (verbose != 0) { - mbedtls_printf("failed. "); + goto end; + } + ret = mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KWP, kwp_msg[i], + kwp_msg_len[i], out, &olen, sizeof(out)); + + if (ret != 0 || kwp_out_len[i] != olen || + memcmp(out, kwp_res[i], kwp_out_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } + + ret = 1; + goto end; } - ret = 1; - goto end; - } + if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, + kwp_key[i], key_len[i] * 8, 0)) + != 0) { + if (verbose != 0) { + mbedtls_printf(" KWP: setup failed "); + } - if ((ret = mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, - kwp_key[i], key_len[i] * 8, 0)) - != 0) { - if (verbose != 0) { - mbedtls_printf(" KWP: setup failed "); + goto end; } - goto end; - } + ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KWP, out, + olen, out, &olen, sizeof(out)); - ret = mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KWP, out, - olen, out, &olen, sizeof(out)); + if (ret != 0 || olen != kwp_msg_len[i] || + memcmp(out, kwp_msg[i], kwp_msg_len[i]) != 0) { + if (verbose != 0) { + mbedtls_printf("failed. "); + } - if (ret != 0 || olen != kwp_msg_len[i] || - memcmp(out, kwp_msg[i], kwp_msg_len[i]) != 0) { - if (verbose != 0) { - mbedtls_printf("failed. "); + ret = 1; + goto end; } - ret = 1; - goto end; - } - - if (verbose != 0) { - mbedtls_printf(" passed\n"); + if (verbose != 0) { + mbedtls_printf(" passed\n"); + } } } end: diff --git a/library/oid.c b/library/oid.c index 049d80245..d139a6d0d 100644 --- a/library/oid.c +++ b/library/oid.c @@ -26,8 +26,7 @@ #include "mbedtls/oid.h" #include "mbedtls/rsa.h" #include "mbedtls/error.h" - -#include "mbedtls/legacy_or_psa.h" +#include "mbedtls/pk.h" #include #include @@ -319,6 +318,18 @@ static const oid_x509_ext_t oid_x509_ext[] = "Certificate Policies"), MBEDTLS_OID_X509_EXT_CERTIFICATE_POLICIES, }, + { + OID_DESCRIPTOR(MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER, + "id-ce-subjectKeyIdentifier", + "Subject Key Identifier"), + MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER, + }, + { + OID_DESCRIPTOR(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, + "id-ce-authorityKeyIdentifier", + "Authority Key Identifier"), + MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER, + }, { NULL_OID_DESCRIPTOR, 0, @@ -380,85 +391,85 @@ typedef struct { static const oid_sig_alg_t oid_sig_alg[] = { #if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) { OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5"), MBEDTLS_MD_MD5, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_MD5 */ +#if defined(MBEDTLS_MD_CAN_SHA1) { OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA1, "sha-1WithRSAEncryption", "RSA with SHA1"), MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA224) { OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA224, "sha224WithRSAEncryption", "RSA with SHA-224"), MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA224 */ +#if defined(MBEDTLS_MD_CAN_SHA256) { OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA256, "sha256WithRSAEncryption", "RSA with SHA-256"), MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA384, "sha384WithRSAEncryption", "RSA with SHA-384"), MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384 */ +#if defined(MBEDTLS_MD_CAN_SHA512) { OID_DESCRIPTOR(MBEDTLS_OID_PKCS1_SHA512, "sha512WithRSAEncryption", "RSA with SHA-512"), MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA512 */ +#if defined(MBEDTLS_MD_CAN_SHA1) { OID_DESCRIPTOR(MBEDTLS_OID_RSA_SHA_OBS, "sha-1WithRSAEncryption", "RSA with SHA1"), MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECDSA_C) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) +#if defined(MBEDTLS_MD_CAN_SHA1) { OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA1, "ecdsa-with-SHA1", "ECDSA with SHA1"), MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA224) { OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA224, "ecdsa-with-SHA224", "ECDSA with SHA224"), MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA256, "ecdsa-with-SHA256", "ECDSA with SHA256"), MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384"), MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384 */ +#if defined(MBEDTLS_MD_CAN_SHA512) { OID_DESCRIPTOR(MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512"), MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, }, -#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */ -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_MD_CAN_SHA512 */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ #if defined(MBEDTLS_RSA_C) { OID_DESCRIPTOR(MBEDTLS_OID_RSASSA_PSS, "RSASSA-PSS", "RSASSA-PSS"), @@ -532,9 +543,9 @@ FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, mbedtls_pk_type_t, pk_alg) -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* - * For namedCurve (RFC 5480) + * For elliptic curves that use namedCurve inside ECParams (RFC 5480) */ typedef struct { mbedtls_oid_descriptor_t descriptor; @@ -543,72 +554,72 @@ typedef struct { static const oid_ecp_grp_t oid_ecp_grp[] = { -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_SECP192R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP192R1, "secp192r1", "secp192r1"), MBEDTLS_ECP_DP_SECP192R1, }, -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP192R1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP224R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP224R1, "secp224r1", "secp224r1"), MBEDTLS_ECP_DP_SECP224R1, }, -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP224R1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP256R1, "secp256r1", "secp256r1"), MBEDTLS_ECP_DP_SECP256R1, }, -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP256R1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP384R1, "secp384r1", "secp384r1"), MBEDTLS_ECP_DP_SECP384R1, }, -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP384R1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP521R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP521R1, "secp521r1", "secp521r1"), MBEDTLS_ECP_DP_SECP521R1, }, -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP521R1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP192K1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP192K1, "secp192k1", "secp192k1"), MBEDTLS_ECP_DP_SECP192K1, }, -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP192K1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP224K1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP224K1, "secp224k1", "secp224k1"), MBEDTLS_ECP_DP_SECP224K1, }, -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP224K1 */ +#if defined(MBEDTLS_ECP_HAVE_SECP256K1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_SECP256K1, "secp256k1", "secp256k1"), MBEDTLS_ECP_DP_SECP256K1, }, -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_SECP256K1 */ +#if defined(MBEDTLS_ECP_HAVE_BP256R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_BP256R1, "brainpoolP256r1", "brainpool256r1"), MBEDTLS_ECP_DP_BP256R1, }, -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_BP256R1 */ +#if defined(MBEDTLS_ECP_HAVE_BP384R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_BP384R1, "brainpoolP384r1", "brainpool384r1"), MBEDTLS_ECP_DP_BP384R1, }, -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#endif /* MBEDTLS_ECP_HAVE_BP384R1 */ +#if defined(MBEDTLS_ECP_HAVE_BP512R1) { OID_DESCRIPTOR(MBEDTLS_OID_EC_GRP_BP512R1, "brainpoolP512r1", "brainpool512r1"), MBEDTLS_ECP_DP_BP512R1, }, -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ +#endif /* MBEDTLS_ECP_HAVE_BP512R1 */ { NULL_OID_DESCRIPTOR, MBEDTLS_ECP_DP_NONE, @@ -622,7 +633,48 @@ FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp, mbedtls_ecp_group_id, grp_id) -#endif /* MBEDTLS_ECP_C */ + +/* + * For Elliptic Curve algorithms that are directly + * encoded in the AlgorithmIdentifier (RFC 8410) + */ +typedef struct { + mbedtls_oid_descriptor_t descriptor; + mbedtls_ecp_group_id grp_id; +} oid_ecp_grp_algid_t; + +static const oid_ecp_grp_algid_t oid_ecp_grp_algid[] = +{ +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) + { + OID_DESCRIPTOR(MBEDTLS_OID_X25519, "X25519", "X25519"), + MBEDTLS_ECP_DP_CURVE25519, + }, +#endif /* MBEDTLS_ECP_HAVE_CURVE25519 */ +#if defined(MBEDTLS_ECP_HAVE_CURVE448) + { + OID_DESCRIPTOR(MBEDTLS_OID_X448, "X448", "X448"), + MBEDTLS_ECP_DP_CURVE448, + }, +#endif /* MBEDTLS_ECP_HAVE_CURVE448 */ + { + NULL_OID_DESCRIPTOR, + MBEDTLS_ECP_DP_NONE, + }, +}; + +FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_algid_t, grp_id_algid, oid_ecp_grp_algid) +FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp_algid, + oid_ecp_grp_algid_t, + grp_id_algid, + mbedtls_ecp_group_id, + grp_id) +FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp_algid, + oid_ecp_grp_algid_t, + oid_ecp_grp_algid, + mbedtls_ecp_group_id, + grp_id) +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_CIPHER_C) /* @@ -667,47 +719,71 @@ typedef struct { static const oid_md_alg_t oid_md_alg[] = { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5"), MBEDTLS_MD_MD5, }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA1, "id-sha1", "SHA-1"), MBEDTLS_MD_SHA1, }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA224, "id-sha224", "SHA-224"), MBEDTLS_MD_SHA224, }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA256, "id-sha256", "SHA-256"), MBEDTLS_MD_SHA256, }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384"), MBEDTLS_MD_SHA384, }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512"), MBEDTLS_MD_SHA512, }, #endif -#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) { OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160"), MBEDTLS_MD_RIPEMD160, }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_224) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_224, "id-sha3-224", "SHA-3-224"), + MBEDTLS_MD_SHA3_224, + }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_256) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_256, "id-sha3-256", "SHA-3-256"), + MBEDTLS_MD_SHA3_256, + }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_384) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_384, "id-sha3-384", "SHA-3-384"), + MBEDTLS_MD_SHA3_384, + }, +#endif +#if defined(MBEDTLS_MD_CAN_SHA3_512) + { + OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_512, "id-sha3-512", "SHA-3-512"), + MBEDTLS_MD_SHA3_512, + }, #endif { NULL_OID_DESCRIPTOR, @@ -733,36 +809,66 @@ typedef struct { static const oid_md_hmac_t oid_md_hmac[] = { -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA1, "hmacSHA1", "HMAC-SHA-1"), MBEDTLS_MD_SHA1, }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA224) { OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA224, "hmacSHA224", "HMAC-SHA-224"), MBEDTLS_MD_SHA224, }, -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA224 */ +#if defined(MBEDTLS_MD_CAN_SHA256) { OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA256, "hmacSHA256", "HMAC-SHA-256"), MBEDTLS_MD_SHA256, }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA384, "hmacSHA384", "HMAC-SHA-384"), MBEDTLS_MD_SHA384, }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384 */ +#if defined(MBEDTLS_MD_CAN_SHA512) { OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA512, "hmacSHA512", "HMAC-SHA-512"), MBEDTLS_MD_SHA512, }, -#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA512 */ +#if defined(MBEDTLS_MD_CAN_SHA3_224) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_224, "hmacSHA3-224", "HMAC-SHA3-224"), + MBEDTLS_MD_SHA3_224, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_224 */ +#if defined(MBEDTLS_MD_CAN_SHA3_256) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_256, "hmacSHA3-256", "HMAC-SHA3-256"), + MBEDTLS_MD_SHA3_256, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_256 */ +#if defined(MBEDTLS_MD_CAN_SHA3_384) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_384, "hmacSHA3-384", "HMAC-SHA3-384"), + MBEDTLS_MD_SHA3_384, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_384 */ +#if defined(MBEDTLS_MD_CAN_SHA3_512) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_512, "hmacSHA3-512", "HMAC-SHA3-512"), + MBEDTLS_MD_SHA3_512, + }, +#endif /* MBEDTLS_MD_CAN_SHA3_512 */ +#if defined(MBEDTLS_MD_CAN_RIPEMD160) + { + OID_DESCRIPTOR(MBEDTLS_OID_HMAC_RIPEMD160, "hmacRIPEMD160", "HMAC-RIPEMD160"), + MBEDTLS_MD_RIPEMD160, + }, +#endif /* MBEDTLS_MD_CAN_RIPEMD160 */ { NULL_OID_DESCRIPTOR, MBEDTLS_MD_NONE, @@ -812,52 +918,249 @@ FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, cipher_alg) #endif /* MBEDTLS_PKCS12_C */ -#define OID_SAFE_SNPRINTF \ - do { \ - if (ret < 0 || (size_t) ret >= n) \ - return MBEDTLS_ERR_OID_BUF_TOO_SMALL; \ - \ - n -= (size_t) ret; \ - p += (size_t) ret; \ - } while (0) - /* Return the x.y.z.... style numeric string for the given OID */ int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, n; - unsigned int value; - char *p; + char *p = buf; + size_t n = size; + unsigned int value = 0; - p = buf; - n = size; - - /* First byte contains first two dots */ - if (oid->len > 0) { - ret = mbedtls_snprintf(p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40); - OID_SAFE_SNPRINTF; + if (size > INT_MAX) { + /* Avoid overflow computing return value */ + return MBEDTLS_ERR_ASN1_INVALID_LENGTH; } - value = 0; - for (i = 1; i < oid->len; i++) { + if (oid->len <= 0) { + /* OID must not be empty */ + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + + for (size_t i = 0; i < oid->len; i++) { /* Prevent overflow in value. */ - if (((value << 7) >> 7) != value) { - return MBEDTLS_ERR_OID_BUF_TOO_SMALL; + if (value > (UINT_MAX >> 7)) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + if ((value == 0) && ((oid->p[i]) == 0x80)) { + /* Overlong encoding is not allowed */ + return MBEDTLS_ERR_ASN1_INVALID_DATA; } value <<= 7; - value += oid->p[i] & 0x7F; + value |= oid->p[i] & 0x7F; if (!(oid->p[i] & 0x80)) { /* Last byte */ - ret = mbedtls_snprintf(p, n, ".%u", value); - OID_SAFE_SNPRINTF; + if (n == size) { + int component1; + unsigned int component2; + /* First subidentifier contains first two OID components */ + if (value >= 80) { + component1 = '2'; + component2 = value - 80; + } else if (value >= 40) { + component1 = '1'; + component2 = value - 40; + } else { + component1 = '0'; + component2 = value; + } + ret = mbedtls_snprintf(p, n, "%c.%u", component1, component2); + } else { + ret = mbedtls_snprintf(p, n, ".%u", value); + } + if (ret < 2 || (size_t) ret >= n) { + return MBEDTLS_ERR_OID_BUF_TOO_SMALL; + } + n -= (size_t) ret; + p += ret; value = 0; } } + if (value != 0) { + /* Unterminated subidentifier */ + return MBEDTLS_ERR_ASN1_OUT_OF_DATA; + } + return (int) (size - n); } +static int oid_parse_number(unsigned int *num, const char **p, const char *bound) +{ + int ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + + *num = 0; + + while (*p < bound && **p >= '0' && **p <= '9') { + ret = 0; + if (*num > (UINT_MAX / 10)) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + *num *= 10; + *num += **p - '0'; + (*p)++; + } + return ret; +} + +static size_t oid_subidentifier_num_bytes(unsigned int value) +{ + size_t num_bytes = 0; + + do { + value >>= 7; + num_bytes++; + } while (value != 0); + + return num_bytes; +} + +static int oid_subidentifier_encode_into(unsigned char **p, + unsigned char *bound, + unsigned int value) +{ + size_t num_bytes = oid_subidentifier_num_bytes(value); + + if ((size_t) (bound - *p) < num_bytes) { + return MBEDTLS_ERR_OID_BUF_TOO_SMALL; + } + (*p)[num_bytes - 1] = (unsigned char) (value & 0x7f); + value >>= 7; + + for (size_t i = 2; i <= num_bytes; i++) { + (*p)[num_bytes - i] = 0x80 | (unsigned char) (value & 0x7f); + value >>= 7; + } + *p += num_bytes; + + return 0; +} + +/* Return the OID for the given x.y.z.... style numeric string */ +int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid, + const char *oid_str, size_t size) +{ + int ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + const char *str_ptr = oid_str; + const char *str_bound = oid_str + size; + unsigned int val = 0; + unsigned int component1, component2; + size_t encoded_len; + unsigned char *resized_mem; + + /* Count the number of dots to get a worst-case allocation size. */ + size_t num_dots = 0; + for (size_t i = 0; i < size; i++) { + if (oid_str[i] == '.') { + num_dots++; + } + } + /* Allocate maximum possible required memory: + * There are (num_dots + 1) integer components, but the first 2 share the + * same subidentifier, so we only need num_dots subidentifiers maximum. */ + if (num_dots == 0 || (num_dots > MBEDTLS_OID_MAX_COMPONENTS - 1)) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + /* Each byte can store 7 bits, calculate number of bytes for a + * subidentifier: + * + * bytes = ceil(subidentifer_size * 8 / 7) + */ + size_t bytes_per_subidentifier = (((sizeof(unsigned int) * 8) - 1) / 7) + + 1; + size_t max_possible_bytes = num_dots * bytes_per_subidentifier; + oid->p = mbedtls_calloc(max_possible_bytes, 1); + if (oid->p == NULL) { + return MBEDTLS_ERR_ASN1_ALLOC_FAILED; + } + unsigned char *out_ptr = oid->p; + unsigned char *out_bound = oid->p + max_possible_bytes; + + ret = oid_parse_number(&component1, &str_ptr, str_bound); + if (ret != 0) { + goto error; + } + if (component1 > 2) { + /* First component can't be > 2 */ + ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + goto error; + } + if (str_ptr >= str_bound || *str_ptr != '.') { + ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + goto error; + } + str_ptr++; + + ret = oid_parse_number(&component2, &str_ptr, str_bound); + if (ret != 0) { + goto error; + } + if ((component1 < 2) && (component2 > 39)) { + /* Root nodes 0 and 1 may have up to 40 children, numbered 0-39 */ + ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + goto error; + } + if (str_ptr < str_bound) { + if (*str_ptr == '.') { + str_ptr++; + } else { + ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + goto error; + } + } + + if (component2 > (UINT_MAX - (component1 * 40))) { + ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + goto error; + } + ret = oid_subidentifier_encode_into(&out_ptr, out_bound, + (component1 * 40) + component2); + if (ret != 0) { + goto error; + } + + while (str_ptr < str_bound) { + ret = oid_parse_number(&val, &str_ptr, str_bound); + if (ret != 0) { + goto error; + } + if (str_ptr < str_bound) { + if (*str_ptr == '.') { + str_ptr++; + } else { + ret = MBEDTLS_ERR_ASN1_INVALID_DATA; + goto error; + } + } + + ret = oid_subidentifier_encode_into(&out_ptr, out_bound, val); + if (ret != 0) { + goto error; + } + } + + encoded_len = out_ptr - oid->p; + resized_mem = mbedtls_calloc(encoded_len, 1); + if (resized_mem == NULL) { + ret = MBEDTLS_ERR_ASN1_ALLOC_FAILED; + goto error; + } + memcpy(resized_mem, oid->p, encoded_len); + mbedtls_free(oid->p); + oid->p = resized_mem; + oid->len = encoded_len; + + oid->tag = MBEDTLS_ASN1_OID; + + return 0; + +error: + mbedtls_free(oid->p); + oid->p = NULL; + oid->len = 0; + return ret; +} + #endif /* MBEDTLS_OID_C */ diff --git a/library/padlock.c b/library/padlock.c index b6c6919cd..563d40e7c 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -31,13 +31,7 @@ #include -/* *INDENT-OFF* */ -#ifndef asm -#define asm __asm -#endif -/* *INDENT-ON* */ - -#if defined(MBEDTLS_HAVE_X86) +#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) /* * PadLock detection routine @@ -168,6 +162,6 @@ int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, return 0; } -#endif /* MBEDTLS_HAVE_X86 */ +#endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */ #endif /* MBEDTLS_PADLOCK_C */ diff --git a/library/padlock.h b/library/padlock.h index b5f0d7d7a..a00afe04f 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -38,13 +38,16 @@ #endif #endif -/* Some versions of ASan result in errors about not enough registers */ -#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \ +/* + * - `padlock` is implements with GNUC assembly for x86 target. + * - Some versions of ASan result in errors about not enough registers. + */ +#if defined(MBEDTLS_PADLOCK_C) && \ + defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X86) && \ + defined(MBEDTLS_HAVE_ASM) && \ !defined(MBEDTLS_HAVE_ASAN) -#ifndef MBEDTLS_HAVE_X86 -#define MBEDTLS_HAVE_X86 -#endif +#define MBEDTLS_VIA_PADLOCK_HAVE_CODE #include diff --git a/library/pem.c b/library/pem.c index 8044ed644..bd269dda7 100644 --- a/library/pem.c +++ b/library/pem.c @@ -25,11 +25,10 @@ #include "mbedtls/base64.h" #include "mbedtls/des.h" #include "mbedtls/aes.h" -#include "mbedtls/md5.h" +#include "mbedtls/md.h" #include "mbedtls/cipher.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "hash_info.h" #include @@ -39,13 +38,11 @@ #include "psa/crypto.h" #endif -#include "mbedtls/legacy_or_psa.h" - -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ +#if defined(MBEDTLS_MD_CAN_MD5) && \ defined(MBEDTLS_CIPHER_MODE_CBC) && \ (defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C)) #define PEM_RFC1421 -#endif /* MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA && +#endif /* MBEDTLS_MD_CAN_MD5 && MBEDTLS_CIPHER_MODE_CBC && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ @@ -87,31 +84,37 @@ static int pem_get_iv(const unsigned char *s, unsigned char *iv, return 0; } -#if defined(MBEDTLS_MD5_C) static int pem_pbkdf1(unsigned char *key, size_t keylen, unsigned char *iv, const unsigned char *pwd, size_t pwdlen) { - mbedtls_md5_context md5_ctx; + mbedtls_md_context_t md5_ctx; + const mbedtls_md_info_t *md5_info; unsigned char md5sum[16]; size_t use_len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_md5_init(&md5_ctx); + mbedtls_md_init(&md5_ctx); + + /* Prepare the context. (setup() errors gracefully on NULL info.) */ + md5_info = mbedtls_md_info_from_type(MBEDTLS_MD_MD5); + if ((ret = mbedtls_md_setup(&md5_ctx, md5_info, 0)) != 0) { + goto exit; + } /* * key[ 0..15] = MD5(pwd || IV) */ - if ((ret = mbedtls_md5_starts(&md5_ctx)) != 0) { + if ((ret = mbedtls_md_starts(&md5_ctx)) != 0) { goto exit; } - if ((ret = mbedtls_md5_update(&md5_ctx, pwd, pwdlen)) != 0) { + if ((ret = mbedtls_md_update(&md5_ctx, pwd, pwdlen)) != 0) { goto exit; } - if ((ret = mbedtls_md5_update(&md5_ctx, iv, 8)) != 0) { + if ((ret = mbedtls_md_update(&md5_ctx, iv, 8)) != 0) { goto exit; } - if ((ret = mbedtls_md5_finish(&md5_ctx, md5sum)) != 0) { + if ((ret = mbedtls_md_finish(&md5_ctx, md5sum)) != 0) { goto exit; } @@ -125,19 +128,19 @@ static int pem_pbkdf1(unsigned char *key, size_t keylen, /* * key[16..23] = MD5(key[ 0..15] || pwd || IV]) */ - if ((ret = mbedtls_md5_starts(&md5_ctx)) != 0) { + if ((ret = mbedtls_md_starts(&md5_ctx)) != 0) { goto exit; } - if ((ret = mbedtls_md5_update(&md5_ctx, md5sum, 16)) != 0) { + if ((ret = mbedtls_md_update(&md5_ctx, md5sum, 16)) != 0) { goto exit; } - if ((ret = mbedtls_md5_update(&md5_ctx, pwd, pwdlen)) != 0) { + if ((ret = mbedtls_md_update(&md5_ctx, pwd, pwdlen)) != 0) { goto exit; } - if ((ret = mbedtls_md5_update(&md5_ctx, iv, 8)) != 0) { + if ((ret = mbedtls_md_update(&md5_ctx, iv, 8)) != 0) { goto exit; } - if ((ret = mbedtls_md5_finish(&md5_ctx, md5sum)) != 0) { + if ((ret = mbedtls_md_finish(&md5_ctx, md5sum)) != 0) { goto exit; } @@ -149,96 +152,11 @@ static int pem_pbkdf1(unsigned char *key, size_t keylen, memcpy(key + 16, md5sum, use_len); exit: - mbedtls_md5_free(&md5_ctx); + mbedtls_md_free(&md5_ctx); mbedtls_platform_zeroize(md5sum, 16); return ret; } -#else -static int pem_pbkdf1(unsigned char *key, size_t keylen, - unsigned char *iv, - const unsigned char *pwd, size_t pwdlen) -{ - unsigned char md5sum[16]; - psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; - size_t output_length = 0; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - - if ((status = psa_hash_setup(&operation, PSA_ALG_MD5)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_update(&operation, pwd, pwdlen)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_update(&operation, iv, 8)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_finish(&operation, md5sum, - PSA_HASH_LENGTH(PSA_ALG_MD5), - &output_length)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_abort(&operation)) != PSA_SUCCESS) { - goto exit; - } - - /* - * key[ 0..15] = MD5(pwd || IV) - */ - if (keylen <= 16) { - memcpy(key, md5sum, keylen); - goto exit; - } - - memcpy(key, md5sum, 16); - - /* - * key[16..23] = MD5(key[ 0..15] || pwd || IV]) - */ - if ((status = psa_hash_setup(&operation, PSA_ALG_MD5)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_update(&operation, md5sum, 16)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_update(&operation, pwd, pwdlen)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_update(&operation, iv, 8)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_finish(&operation, md5sum, - PSA_HASH_LENGTH(PSA_ALG_MD5), - &output_length)) != PSA_SUCCESS) { - goto exit; - } - - if ((status = psa_hash_abort(&operation)) != PSA_SUCCESS) { - goto exit; - } - - size_t use_len = 16; - if (keylen < 32) { - use_len = keylen - 16; - } - - memcpy(key + 16, md5sum, use_len); - -exit: - mbedtls_platform_zeroize(md5sum, 16); - - return mbedtls_md_error_from_psa(status); -} -#endif /* MBEDTLS_MD5_C */ #if defined(MBEDTLS_DES_C) /* @@ -488,16 +406,14 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const } if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) { - mbedtls_platform_zeroize(buf, len); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, len); return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); } if (enc != 0) { #if defined(PEM_RFC1421) if (pwd == NULL) { - mbedtls_platform_zeroize(buf, len); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, len); return MBEDTLS_ERR_PEM_PASSWORD_REQUIRED; } @@ -533,13 +449,11 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const * Use that as a heuristic to try to detect password mismatches. */ if (len <= 2 || buf[0] != 0x30 || buf[1] > 0x83) { - mbedtls_platform_zeroize(buf, len); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, len); return MBEDTLS_ERR_PEM_PASSWORD_MISMATCH; } #else - mbedtls_platform_zeroize(buf, len); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, len); return MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE; #endif /* PEM_RFC1421 */ } @@ -553,8 +467,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const void mbedtls_pem_free(mbedtls_pem_context *ctx) { if (ctx->buf != NULL) { - mbedtls_platform_zeroize(ctx->buf, ctx->buflen); - mbedtls_free(ctx->buf); + mbedtls_zeroize_and_free(ctx->buf, ctx->buflen); } mbedtls_free(ctx->info); @@ -572,7 +485,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, size_t len = 0, use_len, add_len = 0; mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len); - add_len = strlen(header) + strlen(footer) + (use_len / 64) + 1; + add_len = strlen(header) + strlen(footer) + (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; if (use_len + add_len > buf_len) { *olen = use_len + add_len; diff --git a/library/pk.c b/library/pk.c index b01694ca0..96b8ef922 100644 --- a/library/pk.c +++ b/library/pk.c @@ -23,8 +23,7 @@ #include "mbedtls/pk.h" #include "pk_wrap.h" #include "pkwrite.h" - -#include "hash_info.h" +#include "pk_internal.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" @@ -32,7 +31,7 @@ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "mbedtls/ecp.h" #endif #if defined(MBEDTLS_ECDSA_C) @@ -40,7 +39,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" +#include "md_psa.h" #endif #include @@ -53,6 +53,15 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx) { ctx->pk_info = NULL; ctx->pk_ctx = NULL; +#if defined(MBEDTLS_PSA_CRYPTO_C) + ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT; +#endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + memset(ctx->pub_raw, 0, sizeof(ctx->pub_raw)); + ctx->pub_raw_len = 0; + ctx->ec_family = 0; + ctx->ec_bits = 0; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } /* @@ -64,10 +73,18 @@ void mbedtls_pk_free(mbedtls_pk_context *ctx) return; } - if (ctx->pk_info != NULL) { + if ((ctx->pk_info != NULL) && (ctx->pk_info->ctx_free_func != NULL)) { ctx->pk_info->ctx_free_func(ctx->pk_ctx); } +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + /* The ownership of the priv_id key for opaque keys is external of the PK + * module. It's the user responsibility to clear it after use. */ + if ((ctx->pk_info != NULL) && (ctx->pk_info->type != MBEDTLS_PK_OPAQUE)) { + psa_destroy_key(ctx->priv_id); + } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pk_context)); } @@ -107,17 +124,17 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type) #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: return &mbedtls_rsa_info; -#endif -#if defined(MBEDTLS_ECP_C) +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) case MBEDTLS_PK_ECKEY: return &mbedtls_eckey_info; case MBEDTLS_PK_ECKEY_DH: return &mbedtls_eckeydh_info; -#endif -#if defined(MBEDTLS_ECDSA_C) +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) case MBEDTLS_PK_ECDSA: return &mbedtls_ecdsa_info; -#endif +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ /* MBEDTLS_PK_RSA_ALT omitted on purpose */ default: return NULL; @@ -133,7 +150,8 @@ int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info) return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { + if ((info->ctx_alloc_func != NULL) && + ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL)) { return MBEDTLS_ERR_PK_ALLOC_FAILED; } @@ -151,7 +169,6 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, { const mbedtls_pk_info_t *info = NULL; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - mbedtls_svc_key_id_t *pk_ctx; psa_key_type_t type; if (ctx == NULL || ctx->pk_info != NULL) { @@ -164,22 +181,19 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, type = psa_get_key_type(&attributes); psa_reset_key_attributes(&attributes); +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { - info = &mbedtls_pk_ecdsa_opaque_info; - } else if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { - info = &mbedtls_pk_rsa_opaque_info; + info = &mbedtls_ecdsa_opaque_info; + } else +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { + info = &mbedtls_rsa_opaque_info; } else { return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - if ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL) { - return MBEDTLS_ERR_PK_ALLOC_FAILED; - } - ctx->pk_info = info; - - pk_ctx = (mbedtls_svc_key_id_t *) ctx->pk_ctx; - *pk_ctx = key; + ctx->priv_id = key; return 0; } @@ -308,12 +322,11 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, return (key_usage & usage) == usage; } - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx->pk_ctx; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t key_alg, key_alg2; psa_status_t status; - status = psa_get_key_attributes(*key, &attributes); + status = psa_get_key_attributes(ctx->priv_id, &attributes); if (status != PSA_SUCCESS) { return 0; } @@ -371,7 +384,7 @@ static inline int pk_hashlen_helper(mbedtls_md_type_t md_alg, size_t *hash_len) return 0; } - *hash_len = mbedtls_hash_info_get_size(md_alg); + *hash_len = mbedtls_md_get_size_from_type(md_alg); if (*hash_len == 0) { return -1; @@ -436,7 +449,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, return ret; } - ret = ctx->pk_info->verify_rs_func(ctx->pk_ctx, + ret = ctx->pk_info->verify_rs_func(ctx, md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx); if (ret != MBEDTLS_ERR_ECP_IN_PROGRESS) { @@ -453,7 +466,7 @@ int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->verify_func(ctx->pk_ctx, md_alg, hash, hash_len, + return ctx->pk_info->verify_func(ctx, md_alg, hash, hash_len, sig, sig_len); } @@ -505,7 +518,7 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } -#endif /* SIZE_MAX > UINT_MAX */ +#endif if (options == NULL) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -522,7 +535,7 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, psa_status_t status = PSA_ERROR_DATA_CORRUPT; psa_status_t destruction_status = PSA_ERROR_DATA_CORRUPT; - psa_algorithm_t psa_md_alg = mbedtls_hash_info_psa_from_md(md_alg); + psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg); mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t psa_sig_alg = PSA_ALG_RSA_PSS_ANY_SALT(psa_md_alg); @@ -542,7 +555,7 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, &key_id); if (status != PSA_SUCCESS) { psa_destroy_key(key_id); - return mbedtls_pk_error_from_psa(status); + return PSA_PK_TO_MBEDTLS_ERR(status); } /* This function requires returning MBEDTLS_ERR_PK_SIG_LEN_MISMATCH @@ -564,7 +577,7 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, status = destruction_status; } - return mbedtls_pk_error_from_psa_rsa(status); + return PSA_PK_RSA_TO_MBEDTLS_ERR(status); } else #endif { @@ -621,7 +634,7 @@ int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, return ret; } - ret = ctx->pk_info->sign_rs_func(ctx->pk_ctx, md_alg, + ret = ctx->pk_info->sign_rs_func(ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, rs_ctx->rs_ctx); @@ -640,7 +653,7 @@ int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->sign_func(ctx->pk_ctx, md_alg, + return ctx->pk_info->sign_func(ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng); @@ -690,19 +703,18 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, } #if defined(MBEDTLS_RSA_C) - psa_md_alg = mbedtls_hash_info_psa_from_md(md_alg); + psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg); if (psa_md_alg == 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_OPAQUE) { - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx->pk_ctx; psa_status_t status; - status = psa_sign_hash(*key, PSA_ALG_RSA_PSS(psa_md_alg), + status = psa_sign_hash(ctx->priv_id, PSA_ALG_RSA_PSS(psa_md_alg), hash, hash_len, sig, sig_size, sig_len); - return mbedtls_pk_error_from_psa_rsa(status); + return PSA_PK_RSA_TO_MBEDTLS_ERR(status); } return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PSS(psa_md_alg), @@ -731,7 +743,7 @@ int mbedtls_pk_decrypt(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->decrypt_func(ctx->pk_ctx, input, ilen, + return ctx->pk_info->decrypt_func(ctx, input, ilen, output, olen, osize, f_rng, p_rng); } @@ -751,7 +763,7 @@ int mbedtls_pk_encrypt(mbedtls_pk_context *ctx, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - return ctx->pk_info->encrypt_func(ctx->pk_ctx, input, ilen, + return ctx->pk_info->encrypt_func(ctx, input, ilen, output, olen, osize, f_rng, p_rng); } @@ -781,12 +793,15 @@ int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } } else { - if (pub->pk_info != prv->pk_info) { + if ((prv->pk_info->type != MBEDTLS_PK_OPAQUE) && + (pub->pk_info != prv->pk_info)) { return MBEDTLS_ERR_PK_TYPE_MISMATCH; } } - return prv->pk_info->check_pair_func(pub->pk_ctx, prv->pk_ctx, f_rng, p_rng); + return prv->pk_info->check_pair_func((mbedtls_pk_context *) pub, + (mbedtls_pk_context *) prv, + f_rng, p_rng); } /* @@ -800,7 +815,7 @@ size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx) return 0; } - return ctx->pk_info->get_bitlen(ctx->pk_ctx); + return ctx->pk_info->get_bitlen((mbedtls_pk_context *) ctx); } /* @@ -816,7 +831,7 @@ int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items return MBEDTLS_ERR_PK_TYPE_MISMATCH; } - ctx->pk_info->debug_func(ctx->pk_ctx, items); + ctx->pk_info->debug_func((mbedtls_pk_context *) ctx, items); return 0; } @@ -857,33 +872,44 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, psa_key_usage_t usage, psa_algorithm_t alg2) { -#if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_RSA_C) +#if !defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_RSA_C) ((void) pk); ((void) key); ((void) alg); ((void) usage); ((void) alg2); -#else -#if defined(MBEDTLS_ECP_C) +#else /* !MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY) { - const mbedtls_ecp_keypair *ec; - unsigned char d[MBEDTLS_ECP_MAX_BYTES]; size_t d_len; psa_ecc_family_t curve_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type; size_t bits; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status; /* export the private key material in the format PSA wants */ - ec = mbedtls_pk_ec(*pk); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + unsigned char d[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; + status = psa_export_key(pk->priv_id, d, sizeof(d), &d_len); + if (status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(status); + } + + curve_id = pk->ec_family; + bits = pk->ec_bits; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + unsigned char d[MBEDTLS_ECP_MAX_BYTES]; + mbedtls_ecp_keypair *ec = mbedtls_pk_ec_rw(*pk); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + d_len = PSA_BITS_TO_BYTES(ec->grp.nbits); - if ((ret = mbedtls_mpi_write_binary(&ec->d, d, d_len)) != 0) { + if ((ret = mbedtls_ecp_write_key(ec, d, d_len)) != 0) { return ret; } curve_id = mbedtls_ecc_group_to_psa(ec->grp.id, &bits); +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(curve_id); /* prepare the key attributes */ @@ -897,8 +923,9 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, /* import private key into PSA */ status = psa_import_key(&attributes, d, d_len, key); + mbedtls_platform_zeroize(d, sizeof(d)); if (status != PSA_SUCCESS) { - return mbedtls_pk_error_from_psa(status); + return PSA_PK_TO_MBEDTLS_ERR(status); } /* make PK context wrap the key slot */ @@ -907,7 +934,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, return mbedtls_pk_setup_opaque(pk, *key); } else -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_RSA_C) if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) { unsigned char buf[MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES]; @@ -938,7 +965,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, mbedtls_platform_zeroize(buf, sizeof(buf)); if (status != PSA_SUCCESS) { - return mbedtls_pk_error_from_psa(status); + return PSA_PK_TO_MBEDTLS_ERR(status); } /* make PK context wrap the key slot */ @@ -948,7 +975,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, return mbedtls_pk_setup_opaque(pk, *key); } else #endif /* MBEDTLS_RSA_C */ -#endif /* !MBEDTLS_ECP_C && !MBEDTLS_RSA_C */ +#endif /* !MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_RSA_C */ return MBEDTLS_ERR_PK_TYPE_MISMATCH; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk_internal.h b/library/pk_internal.h new file mode 100644 index 000000000..004660e09 --- /dev/null +++ b/library/pk_internal.h @@ -0,0 +1,130 @@ +/** + * \file pk_internal.h + * + * \brief Public Key abstraction layer: internal (i.e. library only) functions + * and definitions. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef MBEDTLS_PK_INTERNAL_H +#define MBEDTLS_PK_INTERNAL_H + +#include "mbedtls/pk.h" + +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#include "mbedtls/ecp.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) +#include "psa_util_internal.h" +#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status) +#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ + psa_to_pk_rsa_errors, \ + psa_pk_status_to_mbedtls) +#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ + psa_to_pk_ecdsa_errors, \ + psa_pk_status_to_mbedtls) +#endif + +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +/** + * Public function mbedtls_pk_ec() can be used to get direct access to the + * wrapped ecp_keypair structure pointed to the pk_ctx. However this is not + * ideal because it bypasses the PK module on the control of its internal + * structure (pk_context) fields. + * For backward compatibility we keep mbedtls_pk_ec() when ECP_C is defined, but + * we provide 2 very similar functions when only ECP_LIGHT is enabled and not + * ECP_C. + * These variants embed the "ro" or "rw" keywords in their name to make the + * usage of the returned pointer explicit. Of course the returned value is + * const or non-const accordingly. + */ +static inline const mbedtls_ecp_keypair *mbedtls_pk_ec_ro(const mbedtls_pk_context pk) +{ + switch (mbedtls_pk_get_type(&pk)) { + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + return (const mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx); + default: + return NULL; + } +} + +static inline mbedtls_ecp_keypair *mbedtls_pk_ec_rw(const mbedtls_pk_context pk) +{ + switch (mbedtls_pk_get_type(&pk)) { + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + return (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx); + default: + return NULL; + } +} + +static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_context *pk) +{ + mbedtls_ecp_group_id id; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t opaque_key_type; + psa_ecc_family_t curve; + + if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) { + return MBEDTLS_ECP_DP_NONE; + } + opaque_key_type = psa_get_key_type(&opaque_attrs); + curve = PSA_KEY_TYPE_ECC_GET_FAMILY(opaque_key_type); + id = mbedtls_ecc_group_of_psa(curve, psa_get_key_bits(&opaque_attrs), 0); + psa_reset_key_attributes(&opaque_attrs); + } else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + { +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + id = mbedtls_pk_ec_ro(*pk)->grp.id; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + } + + return id; +} + +/* Helper for Montgomery curves */ +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) || defined(MBEDTLS_ECP_HAVE_CURVE448) +#define MBEDTLS_PK_HAVE_RFC8410_CURVES +#endif /* MBEDTLS_ECP_HAVE_CURVE25519 || MBEDTLS_ECP_DP_CURVE448 */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + +#if defined(MBEDTLS_TEST_HOOKS) + +MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( + mbedtls_pk_context *pk, + unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + +#endif + +#endif /* MBEDTLS_PK_INTERNAL_H */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index aaf516eab..436876a5d 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -19,47 +19,49 @@ #include "common.h" +#include "mbedtls/platform_util.h" + #if defined(MBEDTLS_PK_C) #include "pk_wrap.h" +#include "pk_internal.h" #include "mbedtls/error.h" +#include "md_psa.h" /* Even if RSA not activated, for the sake of RSA-alt */ #include "mbedtls/rsa.h" -#include - #if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" #endif -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) -#include "pkwrite.h" -#endif - #if defined(MBEDTLS_ECDSA_C) #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/asn1write.h" +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PSA_CRYPTO_C) +#include "pkwrite.h" #endif -#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) -#include "mbedtls/platform_util.h" +#if defined(MBEDTLS_PSA_CRYPTO_C) +#include "psa_util_internal.h" #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" + +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) +#include "mbedtls/asn1write.h" #include "mbedtls/asn1.h" -#include "hash_info.h" #endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #include "mbedtls/platform.h" #include #include +#include +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_PSA_CRYPTO_C) int mbedtls_pk_error_from_psa(psa_status_t status) { @@ -95,7 +97,7 @@ int mbedtls_pk_error_from_psa(psa_status_t status) } #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) int mbedtls_pk_error_from_psa_rsa(psa_status_t status) { switch (status) { @@ -111,16 +113,31 @@ int mbedtls_pk_error_from_psa_rsa(psa_status_t status) return MBEDTLS_ERR_RSA_VERIFY_FAILED; case PSA_ERROR_INVALID_PADDING: return MBEDTLS_ERR_RSA_INVALID_PADDING; + case PSA_SUCCESS: + return 0; + case PSA_ERROR_NOT_SUPPORTED: + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + case PSA_ERROR_INSUFFICIENT_MEMORY: + return MBEDTLS_ERR_PK_ALLOC_FAILED; + case PSA_ERROR_BAD_STATE: + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + case PSA_ERROR_COMMUNICATION_FAILURE: + case PSA_ERROR_HARDWARE_FAILURE: + return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; + case PSA_ERROR_DATA_CORRUPT: + case PSA_ERROR_DATA_INVALID: + case PSA_ERROR_STORAGE_FAILURE: + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + case PSA_ERROR_CORRUPTION_DETECTED: + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; default: - return mbedtls_pk_error_from_psa(status); + return MBEDTLS_ERR_ERROR_GENERIC_ERROR; } } -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ - +#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ #endif /* MBEDTLS_PSA_CRYPTO_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status) { @@ -136,13 +153,30 @@ int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status) return MBEDTLS_ERR_ECP_RANDOM_FAILED; case PSA_ERROR_INVALID_SIGNATURE: return MBEDTLS_ERR_ECP_VERIFY_FAILED; + case PSA_SUCCESS: + return 0; + case PSA_ERROR_NOT_SUPPORTED: + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + case PSA_ERROR_INSUFFICIENT_MEMORY: + return MBEDTLS_ERR_PK_ALLOC_FAILED; + case PSA_ERROR_BAD_STATE: + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + case PSA_ERROR_COMMUNICATION_FAILURE: + case PSA_ERROR_HARDWARE_FAILURE: + return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; + case PSA_ERROR_DATA_CORRUPT: + case PSA_ERROR_DATA_INVALID: + case PSA_ERROR_STORAGE_FAILURE: + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + case PSA_ERROR_CORRUPTION_DETECTED: + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; default: - return mbedtls_pk_error_from_psa(status); + return MBEDTLS_ERR_ERROR_GENERIC_ERROR; } } #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ - #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_RSA_C) static int rsa_can_do(mbedtls_pk_type_t type) @@ -151,18 +185,18 @@ static int rsa_can_do(mbedtls_pk_type_t type) type == MBEDTLS_PK_RSASSA_PSS; } -static size_t rsa_get_bitlen(const void *ctx) +static size_t rsa_get_bitlen(mbedtls_pk_context *pk) { - const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) ctx; + const mbedtls_rsa_context *rsa = (const mbedtls_rsa_context *) pk->pk_ctx; return 8 * mbedtls_rsa_get_len(rsa); } #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -171,14 +205,14 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, int key_len; unsigned char buf[MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES]; psa_algorithm_t psa_alg_md = - PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_hash_info_psa_from_md(md_alg)); + PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_md_psa_alg_from_type(md_alg)); size_t rsa_len = mbedtls_rsa_get_len(rsa); #if SIZE_MAX > UINT_MAX if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } -#endif /* SIZE_MAX > UINT_MAX */ +#endif if (sig_len < rsa_len) { return MBEDTLS_ERR_RSA_VERIFY_FAILED; @@ -187,7 +221,7 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, /* mbedtls_pk_write_pubkey_der() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = ctx; + key.pk_ctx = rsa; key_len = mbedtls_pk_write_pubkey_der(&key, buf, sizeof(buf)); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -201,14 +235,14 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, buf + sizeof(buf) - key_len, key_len, &key_id); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); goto cleanup; } status = psa_verify_hash(key_id, psa_alg_md, hash, hash_len, sig, sig_len); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa_rsa(status); + ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status); goto cleanup; } ret = 0; @@ -216,25 +250,25 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, cleanup: status = psa_destroy_key(key_id); if (ret == 0 && status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); } return ret; } -#else -static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, +#else /* MBEDTLS_USE_PSA_CRYPTO */ +static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; size_t rsa_len = mbedtls_rsa_get_len(rsa); #if SIZE_MAX > UINT_MAX if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } -#endif /* SIZE_MAX > UINT_MAX */ +#endif if (sig_len < rsa_len) { return MBEDTLS_ERR_RSA_VERIFY_FAILED; @@ -257,7 +291,7 @@ static int rsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, return 0; } -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_C) int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, @@ -272,11 +306,16 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, psa_status_t status; mbedtls_pk_context key; int key_len; - unsigned char buf[MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES]; + unsigned char *buf = NULL; + buf = mbedtls_calloc(1, MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES); + if (buf == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } mbedtls_pk_info_t pk_info = mbedtls_rsa_info; *sig_len = mbedtls_rsa_get_len(rsa_ctx); if (sig_size < *sig_len) { + mbedtls_free(buf); return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } @@ -284,8 +323,9 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, * re-construct one to make it happy */ key.pk_info = &pk_info; key.pk_ctx = rsa_ctx; - key_len = mbedtls_pk_write_key_der(&key, buf, sizeof(buf)); + key_len = mbedtls_pk_write_key_der(&key, buf, MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES); if (key_len <= 0) { + mbedtls_free(buf); return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); @@ -293,32 +333,33 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); status = psa_import_key(&attributes, - buf + sizeof(buf) - key_len, key_len, + buf + MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES - key_len, key_len, &key_id); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); goto cleanup; } status = psa_sign_hash(key_id, alg, hash, hash_len, sig, sig_size, sig_len); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa_rsa(status); + ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status); goto cleanup; } ret = 0; cleanup: + mbedtls_free(buf); status = psa_destroy_key(key_id); if (ret == 0 && status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); } return ret; } #endif /* MBEDTLS_PSA_CRYPTO_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) @@ -327,29 +368,29 @@ static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, ((void) p_rng); psa_algorithm_t psa_md_alg; - psa_md_alg = mbedtls_hash_info_psa_from_md(md_alg); + psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg); if (psa_md_alg == 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PKCS1V15_SIGN( psa_md_alg), - ctx, hash, hash_len, + pk->pk_ctx, hash, hash_len, sig, sig_size, sig_len); } -#else -static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +#else /* MBEDTLS_USE_PSA_CRYPTO */ +static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; #if SIZE_MAX > UINT_MAX if (md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } -#endif /* SIZE_MAX > UINT_MAX */ +#endif *sig_len = mbedtls_rsa_get_len(rsa); if (sig_size < *sig_len) { @@ -360,15 +401,15 @@ static int rsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, md_alg, (unsigned int) hash_len, hash, sig); } -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_decrypt_wrap(void *ctx, +static int rsa_decrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -393,7 +434,7 @@ static int rsa_decrypt_wrap(void *ctx, /* mbedtls_pk_write_key_der() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = ctx; + key.pk_ctx = rsa; key_len = mbedtls_pk_write_key_der(&key, buf, sizeof(buf)); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -407,7 +448,7 @@ static int rsa_decrypt_wrap(void *ctx, buf + sizeof(buf) - key_len, key_len, &key_id); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); goto cleanup; } @@ -416,7 +457,7 @@ static int rsa_decrypt_wrap(void *ctx, NULL, 0, output, osize, olen); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa_rsa(status); + ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status); goto cleanup; } @@ -426,18 +467,18 @@ cleanup: mbedtls_platform_zeroize(buf, sizeof(buf)); status = psa_destroy_key(key_id); if (ret == 0 && status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); } return ret; } -#else -static int rsa_decrypt_wrap(void *ctx, +#else /* MBEDTLS_USE_PSA_CRYPTO */ +static int rsa_decrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; if (ilen != mbedtls_rsa_get_len(rsa)) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; @@ -446,15 +487,15 @@ static int rsa_decrypt_wrap(void *ctx, return mbedtls_rsa_pkcs1_decrypt(rsa, f_rng, p_rng, olen, input, output, osize); } -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -static int rsa_encrypt_wrap(void *ctx, +static int rsa_encrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; @@ -479,7 +520,7 @@ static int rsa_encrypt_wrap(void *ctx, /* mbedtls_pk_write_pubkey_der() expects a full PK context; * re-construct one to make it happy */ key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = ctx; + key.pk_ctx = rsa; key_len = mbedtls_pk_write_pubkey_der(&key, buf, sizeof(buf)); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -493,7 +534,7 @@ static int rsa_encrypt_wrap(void *ctx, buf + sizeof(buf) - key_len, key_len, &key_id); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); goto cleanup; } @@ -502,7 +543,7 @@ static int rsa_encrypt_wrap(void *ctx, NULL, 0, output, osize, olen); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa_rsa(status); + ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status); goto cleanup; } @@ -511,18 +552,18 @@ static int rsa_encrypt_wrap(void *ctx, cleanup: status = psa_destroy_key(key_id); if (ret == 0 && status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); } return ret; } -#else -static int rsa_encrypt_wrap(void *ctx, +#else /* MBEDTLS_USE_PSA_CRYPTO */ +static int rsa_encrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) ctx; + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; *olen = mbedtls_rsa_get_len(rsa); if (*olen > osize) { @@ -532,16 +573,16 @@ static int rsa_encrypt_wrap(void *ctx, return mbedtls_rsa_pkcs1_encrypt(rsa, f_rng, p_rng, ilen, input, output); } -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ -static int rsa_check_pair_wrap(const void *pub, const void *prv, +static int rsa_check_pair_wrap(mbedtls_pk_context *pub, mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { (void) f_rng; (void) p_rng; - return mbedtls_rsa_check_pub_priv((const mbedtls_rsa_context *) pub, - (const mbedtls_rsa_context *) prv); + return mbedtls_rsa_check_pub_priv((const mbedtls_rsa_context *) pub->pk_ctx, + (const mbedtls_rsa_context *) prv->pk_ctx); } static void *rsa_alloc_wrap(void) @@ -561,50 +602,50 @@ static void rsa_free_wrap(void *ctx) mbedtls_free(ctx); } -static void rsa_debug(const void *ctx, mbedtls_pk_debug_item *items) +static void rsa_debug(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items) { #if defined(MBEDTLS_RSA_ALT) /* Not supported */ - (void) ctx; + (void) pk; (void) items; #else + mbedtls_rsa_context *rsa = (mbedtls_rsa_context *) pk->pk_ctx; + items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.N"; - items->value = &(((mbedtls_rsa_context *) ctx)->N); + items->value = &(rsa->N); items++; items->type = MBEDTLS_PK_DEBUG_MPI; items->name = "rsa.E"; - items->value = &(((mbedtls_rsa_context *) ctx)->E); + items->value = &(rsa->E); #endif } const mbedtls_pk_info_t mbedtls_rsa_info = { - MBEDTLS_PK_RSA, - "RSA", - rsa_get_bitlen, - rsa_can_do, - rsa_verify_wrap, - rsa_sign_wrap, + .type = MBEDTLS_PK_RSA, + .name = "RSA", + .get_bitlen = rsa_get_bitlen, + .can_do = rsa_can_do, + .verify_func = rsa_verify_wrap, + .sign_func = rsa_sign_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, - NULL, -#endif - rsa_decrypt_wrap, - rsa_encrypt_wrap, - rsa_check_pair_wrap, - rsa_alloc_wrap, - rsa_free_wrap, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, - NULL, -#endif - rsa_debug, + .verify_rs_func = NULL, + .sign_rs_func = NULL, + .rs_alloc_func = NULL, + .rs_free_func = NULL, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + .decrypt_func = rsa_decrypt_wrap, + .encrypt_func = rsa_encrypt_wrap, + .check_pair_func = rsa_check_pair_wrap, + .ctx_alloc_func = rsa_alloc_wrap, + .ctx_free_func = rsa_free_wrap, + .debug_func = rsa_debug, }; #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* * Generic EC key */ @@ -615,270 +656,17 @@ static int eckey_can_do(mbedtls_pk_type_t type) type == MBEDTLS_PK_ECDSA; } -static size_t eckey_get_bitlen(const void *ctx) +static size_t eckey_get_bitlen(mbedtls_pk_context *pk) { - return ((mbedtls_ecp_keypair *) ctx)->grp.pbits; -} - -#if defined(MBEDTLS_ECDSA_C) -/* Forward declarations */ -static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len); - -static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); - -static int eckey_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_ecdsa_context ecdsa; - - mbedtls_ecdsa_init(&ecdsa); - - if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) { - ret = ecdsa_verify_wrap(&ecdsa, md_alg, hash, hash_len, sig, sig_len); - } - - mbedtls_ecdsa_free(&ecdsa); - - return ret; -} - -static int eckey_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_ecdsa_context ecdsa; - - mbedtls_ecdsa_init(&ecdsa); - - if ((ret = mbedtls_ecdsa_from_keypair(&ecdsa, ctx)) == 0) { - ret = ecdsa_sign_wrap(&ecdsa, md_alg, hash, hash_len, - sig, sig_size, sig_len, - f_rng, p_rng); - } - - mbedtls_ecdsa_free(&ecdsa); - - return ret; -} - -#if defined(MBEDTLS_ECP_RESTARTABLE) -/* Forward declarations */ -static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx); - -static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx); - -/* - * Restart context for ECDSA operations with ECKEY context - * - * We need to store an actual ECDSA context, as we need to pass the same to - * the underlying ecdsa function, so we can't create it on the fly every time. - */ -typedef struct { - mbedtls_ecdsa_restart_ctx ecdsa_rs; - mbedtls_ecdsa_context ecdsa_ctx; -} eckey_restart_ctx; - -static void *eckey_rs_alloc(void) -{ - eckey_restart_ctx *rs_ctx; - - void *ctx = mbedtls_calloc(1, sizeof(eckey_restart_ctx)); - - if (ctx != NULL) { - rs_ctx = ctx; - mbedtls_ecdsa_restart_init(&rs_ctx->ecdsa_rs); - mbedtls_ecdsa_init(&rs_ctx->ecdsa_ctx); - } - - return ctx; -} - -static void eckey_rs_free(void *ctx) -{ - eckey_restart_ctx *rs_ctx; - - if (ctx == NULL) { - return; - } - - rs_ctx = ctx; - mbedtls_ecdsa_restart_free(&rs_ctx->ecdsa_rs); - mbedtls_ecdsa_free(&rs_ctx->ecdsa_ctx); - - mbedtls_free(ctx); -} - -static int eckey_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len, - void *rs_ctx) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - eckey_restart_ctx *rs = rs_ctx; - - /* Should never happen */ - if (rs == NULL) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - /* set up our own sub-context if needed (that is, on first run) */ - if (rs->ecdsa_ctx.grp.pbits == 0) { - MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); - } - - MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(&rs->ecdsa_ctx, - md_alg, hash, hash_len, - sig, sig_len, &rs->ecdsa_rs)); - -cleanup: - return ret; -} - -static int eckey_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - void *rs_ctx) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - eckey_restart_ctx *rs = rs_ctx; - - /* Should never happen */ - if (rs == NULL) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - /* set up our own sub-context if needed (that is, on first run) */ - if (rs->ecdsa_ctx.grp.pbits == 0) { - MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, ctx)); - } - - MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(&rs->ecdsa_ctx, md_alg, - hash, hash_len, sig, sig_size, sig_len, - f_rng, p_rng, &rs->ecdsa_rs)); - -cleanup: - return ret; -} -#endif /* MBEDTLS_ECP_RESTARTABLE */ -#endif /* MBEDTLS_ECDSA_C */ - -static int eckey_check_pair(const void *pub, const void *prv, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng) -{ - return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub, - (const mbedtls_ecp_keypair *) prv, - f_rng, p_rng); -} - -static void *eckey_alloc_wrap(void) -{ - void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); - - if (ctx != NULL) { - mbedtls_ecp_keypair_init(ctx); - } - - return ctx; -} - -static void eckey_free_wrap(void *ctx) -{ - mbedtls_ecp_keypair_free((mbedtls_ecp_keypair *) ctx); - mbedtls_free(ctx); -} - -static void eckey_debug(const void *ctx, mbedtls_pk_debug_item *items) -{ - items->type = MBEDTLS_PK_DEBUG_ECP; - items->name = "eckey.Q"; - items->value = &(((mbedtls_ecp_keypair *) ctx)->Q); -} - -const mbedtls_pk_info_t mbedtls_eckey_info = { - MBEDTLS_PK_ECKEY, - "EC", - eckey_get_bitlen, - eckey_can_do, -#if defined(MBEDTLS_ECDSA_C) - eckey_verify_wrap, - eckey_sign_wrap, -#if defined(MBEDTLS_ECP_RESTARTABLE) - eckey_verify_rs_wrap, - eckey_sign_rs_wrap, -#endif -#else /* MBEDTLS_ECDSA_C */ - NULL, - NULL, -#endif /* MBEDTLS_ECDSA_C */ - NULL, - NULL, - eckey_check_pair, - eckey_alloc_wrap, - eckey_free_wrap, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - eckey_rs_alloc, - eckey_rs_free, -#endif - eckey_debug, -}; - -/* - * EC key restricted to ECDH - */ -static int eckeydh_can_do(mbedtls_pk_type_t type) -{ - return type == MBEDTLS_PK_ECKEY || - type == MBEDTLS_PK_ECKEY_DH; -} - -const mbedtls_pk_info_t mbedtls_eckeydh_info = { - MBEDTLS_PK_ECKEY_DH, - "EC_DH", - eckey_get_bitlen, /* Same underlying key structure */ - eckeydh_can_do, - NULL, - NULL, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, - NULL, -#endif - NULL, - NULL, - eckey_check_pair, - eckey_alloc_wrap, /* Same underlying key structure */ - eckey_free_wrap, /* Same underlying key structure */ -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, - NULL, -#endif - eckey_debug, /* Same underlying key structure */ -}; -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_ECDSA_C) -static int ecdsa_can_do(mbedtls_pk_type_t type) -{ - return type == MBEDTLS_PK_ECDSA; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + return pk->ec_bits; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ecp = (mbedtls_ecp_keypair *) pk->pk_ctx; + return ecp->grp.pbits; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } +#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) #if defined(MBEDTLS_USE_PSA_CRYPTO) /* * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of @@ -940,71 +728,53 @@ static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end, return 0; } -static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - const unsigned char *sig, size_t sig_len) +/* Common helper for ECDSA verify using PSA functions. */ +static int ecdsa_verify_psa(unsigned char *key, size_t key_len, + psa_ecc_family_t curve, size_t curve_bits, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) { - mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - psa_status_t status; - mbedtls_pk_context key; - int key_len; - unsigned char buf[MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES]; - unsigned char *p; - mbedtls_pk_info_t pk_info = mbedtls_eckey_info; psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY; - size_t curve_bits; - psa_ecc_family_t curve = - mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); - const size_t signature_part_size = (ctx->grp.nbits + 7) / 8; - ((void) md_alg); + size_t signature_len = PSA_ECDSA_SIGNATURE_SIZE(curve_bits); + unsigned char extracted_sig[PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE]; + unsigned char *p; + psa_status_t status; if (curve == 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - /* mbedtls_pk_write_pubkey() expects a full PK context; - * re-construct one to make it happy */ - key.pk_info = &pk_info; - key.pk_ctx = ctx; - p = buf + sizeof(buf); - key_len = mbedtls_pk_write_pubkey(&p, buf, &key); - if (key_len <= 0) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); psa_set_key_algorithm(&attributes, psa_sig_md); - status = psa_import_key(&attributes, - buf + sizeof(buf) - key_len, key_len, - &key_id); + status = psa_import_key(&attributes, key, key_len, &key_id); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); goto cleanup; } - /* We don't need the exported key anymore and can - * reuse its buffer for signature extraction. */ - if (2 * signature_part_size > sizeof(buf)) { + if (signature_len > sizeof(extracted_sig)) { ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; goto cleanup; } p = (unsigned char *) sig; - if ((ret = extract_ecdsa_sig(&p, sig + sig_len, buf, - signature_part_size)) != 0) { + /* extract_ecdsa_sig's last parameter is the size + * of each integer to be parsed, so it's actually half + * the size of the signature. */ + if ((ret = extract_ecdsa_sig(&p, sig + sig_len, extracted_sig, + signature_len/2)) != 0) { goto cleanup; } - status = psa_verify_hash(key_id, psa_sig_md, - hash, hash_len, - buf, 2 * signature_part_size); + status = psa_verify_hash(key_id, psa_sig_md, hash, hash_len, + extracted_sig, signature_len); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa_ecdsa(status); + ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); goto cleanup; } @@ -1017,20 +787,89 @@ static int ecdsa_verify_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, cleanup: status = psa_destroy_key(key_id); if (ret == 0 && status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); } return ret; } + +static int ecdsa_opaque_verify_wrap(mbedtls_pk_context *pk, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) +{ + (void) md_alg; + unsigned char key[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN]; + size_t key_len; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + psa_ecc_family_t curve; + size_t curve_bits; + psa_status_t status; + + status = psa_get_key_attributes(pk->priv_id, &key_attr); + if (status != PSA_SUCCESS) { + return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + } + curve = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attr)); + curve_bits = psa_get_key_bits(&key_attr); + psa_reset_key_attributes(&key_attr); + + status = psa_export_public_key(pk->priv_id, key, sizeof(key), &key_len); + if (status != PSA_SUCCESS) { + return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + } + + return ecdsa_verify_psa(key, key_len, curve, curve_bits, + hash, hash_len, sig, sig_len); +} + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +static int ecdsa_verify_wrap(mbedtls_pk_context *pk, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) +{ + (void) md_alg; + psa_ecc_family_t curve = pk->ec_family; + size_t curve_bits = pk->ec_bits; + + return ecdsa_verify_psa(pk->pub_raw, pk->pub_raw_len, curve, curve_bits, + hash, hash_len, sig, sig_len); +} +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ +static int ecdsa_verify_wrap(mbedtls_pk_context *pk, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len) +{ + (void) md_alg; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_ecp_keypair *ctx = pk->pk_ctx; + unsigned char key[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t key_len; + size_t curve_bits; + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); + + ret = mbedtls_ecp_point_write_binary(&ctx->grp, &ctx->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &key_len, key, sizeof(key)); + if (ret != 0) { + return ret; + } + + return ecdsa_verify_psa(key, key_len, curve, curve_bits, + hash, hash_len, sig, sig_len); +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ #else /* MBEDTLS_USE_PSA_CRYPTO */ -static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ((void) md_alg); - ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) ctx, + ret = mbedtls_ecdsa_read_signature((mbedtls_ecdsa_context *) pk->pk_ctx, hash, hash_len, sig, sig_len); if (ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) { @@ -1040,7 +879,9 @@ static int ecdsa_verify_wrap(void *ctx, mbedtls_md_type_t md_alg, return ret; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) #if defined(MBEDTLS_USE_PSA_CRYPTO) /* * Simultaneously convert and move raw MPI from the beginning of a buffer @@ -1126,79 +967,83 @@ static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len, return 0; } -/* Locate an ECDSA privateKey in a RFC 5915, or SEC1 Appendix C.4 ASN.1 buffer - * - * [in/out] buf: ASN.1 buffer start as input - ECDSA privateKey start as output - * [in] end: ASN.1 buffer end - * [out] key_len: the ECDSA privateKey length in bytes - */ -static int find_ecdsa_private_key(unsigned char **buf, unsigned char *end, - size_t *key_len) +/* Common helper for ECDSA sign using PSA functions. */ +static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, size_t *sig_len) { - size_t len; - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_status_t status; + psa_algorithm_t psa_sig_md; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + psa_algorithm_t alg; - /* - * RFC 5915, or SEC1 Appendix C.4 - * - * ECPrivateKey ::= SEQUENCE { - * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), - * privateKey OCTET STRING, - * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, - * publicKey [1] BIT STRING OPTIONAL - * } - */ + status = psa_get_key_attributes(key_id, &key_attr); + if (status != PSA_SUCCESS) { + return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + } + alg = psa_get_key_algorithm(&key_attr); + psa_reset_key_attributes(&key_attr); - if ((ret = mbedtls_asn1_get_tag(buf, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)) != 0) { - return ret; + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); + } else { + psa_sig_md = PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); } - /* version */ - if ((ret = mbedtls_asn1_get_tag(buf, end, &len, - MBEDTLS_ASN1_INTEGER)) != 0) { - return ret; + status = psa_sign_hash(key_id, psa_sig_md, hash, hash_len, + sig, sig_size, sig_len); + if (status != PSA_SUCCESS) { + return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); } - *buf += len; + ret = pk_ecdsa_sig_asn1_from_psa(sig, sig_len, sig_size); - /* privateKey */ - if ((ret = mbedtls_asn1_get_tag(buf, end, &len, - MBEDTLS_ASN1_OCTET_STRING)) != 0) { - return ret; - } - - *key_len = len; - - return 0; + return ret; } -static int ecdsa_sign_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, +static int ecdsa_opaque_sign_wrap(mbedtls_pk_context *pk, + mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, + size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + ((void) f_rng); + ((void) p_rng); + + return ecdsa_sign_psa(pk->priv_id, md_alg, hash, hash_len, sig, sig_size, + sig_len); +} + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +/* When PK_USE_PSA_EC_DATA is defined opaque and non-opaque keys end up + * using the same function. */ +#define ecdsa_sign_wrap ecdsa_opaque_sign_wrap +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ +static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_ecdsa_context *ctx = ctx_arg; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; - mbedtls_pk_context key; - size_t key_len; - unsigned char buf[MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES]; - unsigned char *p; - psa_algorithm_t psa_hash = mbedtls_hash_info_psa_from_md(md_alg); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_algorithm_t psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(psa_hash); -#else - psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA(psa_hash); -#endif + mbedtls_ecp_keypair *ctx = pk->pk_ctx; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + unsigned char buf[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; size_t curve_bits; psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); - - /* PSA has its own RNG */ + size_t key_len = PSA_BITS_TO_BYTES(curve_bits); +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_algorithm_t psa_sig_md = + PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); +#else + psa_algorithm_t psa_sig_md = + PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); +#endif ((void) f_rng); ((void) p_rng); @@ -1206,17 +1051,10 @@ static int ecdsa_sign_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - /* mbedtls_pk_write_key_der() expects a full PK context; - * re-construct one to make it happy */ - key.pk_info = &mbedtls_eckey_info; - key.pk_ctx = ctx; - key_len = mbedtls_pk_write_key_der(&key, buf, sizeof(buf)); - if (key_len <= 0) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + if (key_len > sizeof(buf)) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } - - p = buf + sizeof(buf) - key_len; - ret = find_ecdsa_private_key(&p, buf + sizeof(buf), &key_len); + ret = mbedtls_mpi_write_binary(&ctx->d, buf, key_len); if (ret != 0) { goto cleanup; } @@ -1225,47 +1063,404 @@ static int ecdsa_sign_wrap(void *ctx_arg, mbedtls_md_type_t md_alg, psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); psa_set_key_algorithm(&attributes, psa_sig_md); - status = psa_import_key(&attributes, - p, key_len, - &key_id); + status = psa_import_key(&attributes, buf, key_len, &key_id); if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); goto cleanup; } - status = psa_sign_hash(key_id, psa_sig_md, hash, hash_len, - sig, sig_size, sig_len); - if (status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa_ecdsa(status); - goto cleanup; - } - - ret = pk_ecdsa_sig_asn1_from_psa(sig, sig_len, sig_size); + ret = ecdsa_sign_psa(key_id, md_alg, hash, hash_len, sig, sig_size, sig_len); cleanup: mbedtls_platform_zeroize(buf, sizeof(buf)); status = psa_destroy_key(key_id); if (ret == 0 && status != PSA_SUCCESS) { - ret = mbedtls_pk_error_from_psa(status); + ret = PSA_PK_TO_MBEDTLS_ERR(status); } return ret; } -#else -static int ecdsa_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +#else /* MBEDTLS_USE_PSA_CRYPTO */ +static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) ctx, + return mbedtls_ecdsa_write_signature((mbedtls_ecdsa_context *) pk->pk_ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng); } -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ -#if defined(MBEDTLS_ECP_RESTARTABLE) -static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +/* Forward declarations */ +static int ecdsa_verify_rs_wrap(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx); + +static int ecdsa_sign_rs_wrap(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx); + +/* + * Restart context for ECDSA operations with ECKEY context + * + * We need to store an actual ECDSA context, as we need to pass the same to + * the underlying ecdsa function, so we can't create it on the fly every time. + */ +typedef struct { + mbedtls_ecdsa_restart_ctx ecdsa_rs; + mbedtls_ecdsa_context ecdsa_ctx; +} eckey_restart_ctx; + +static void *eckey_rs_alloc(void) +{ + eckey_restart_ctx *rs_ctx; + + void *ctx = mbedtls_calloc(1, sizeof(eckey_restart_ctx)); + + if (ctx != NULL) { + rs_ctx = ctx; + mbedtls_ecdsa_restart_init(&rs_ctx->ecdsa_rs); + mbedtls_ecdsa_init(&rs_ctx->ecdsa_ctx); + } + + return ctx; +} + +static void eckey_rs_free(void *ctx) +{ + eckey_restart_ctx *rs_ctx; + + if (ctx == NULL) { + return; + } + + rs_ctx = ctx; + mbedtls_ecdsa_restart_free(&rs_ctx->ecdsa_rs); + mbedtls_ecdsa_free(&rs_ctx->ecdsa_ctx); + + mbedtls_free(ctx); +} + +static int eckey_verify_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len, + void *rs_ctx) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + eckey_restart_ctx *rs = rs_ctx; + + /* Should never happen */ + if (rs == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + /* set up our own sub-context if needed (that is, on first run) */ + if (rs->ecdsa_ctx.grp.pbits == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, pk->pk_ctx)); + } + + MBEDTLS_MPI_CHK(ecdsa_verify_rs_wrap(pk, + md_alg, hash, hash_len, + sig, sig_len, &rs->ecdsa_rs)); + +cleanup: + return ret; +} + +static int eckey_sign_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + void *rs_ctx) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + eckey_restart_ctx *rs = rs_ctx; + + /* Should never happen */ + if (rs == NULL) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + /* set up our own sub-context if needed (that is, on first run) */ + if (rs->ecdsa_ctx.grp.pbits == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecdsa_from_keypair(&rs->ecdsa_ctx, pk->pk_ctx)); + } + + MBEDTLS_MPI_CHK(ecdsa_sign_rs_wrap(pk, md_alg, + hash, hash_len, sig, sig_size, sig_len, + f_rng, p_rng, &rs->ecdsa_rs)); + +cleanup: + return ret; +} +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +static int eckey_check_pair_psa(mbedtls_pk_context *pub, mbedtls_pk_context *prv) +{ + psa_status_t status; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + uint8_t prv_key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t prv_key_len; + mbedtls_svc_key_id_t key_id = prv->priv_id; + + status = psa_export_public_key(key_id, prv_key_buf, sizeof(prv_key_buf), + &prv_key_len); + ret = PSA_PK_TO_MBEDTLS_ERR(status); + if (ret != 0) { + return ret; + } + + if (memcmp(prv_key_buf, pub->pub_raw, pub->pub_raw_len) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + return 0; +} +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ +static int eckey_check_pair_psa(mbedtls_pk_context *pub, mbedtls_pk_context *prv) +{ + psa_status_t status; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + uint8_t prv_key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t prv_key_len; + psa_status_t destruction_status; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + uint8_t pub_key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t pub_key_len; + size_t curve_bits; + const psa_ecc_family_t curve = + mbedtls_ecc_group_to_psa(mbedtls_pk_ec_ro(*prv)->grp.id, &curve_bits); + const size_t curve_bytes = PSA_BITS_TO_BYTES(curve_bits); + + if (curve == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); + + ret = mbedtls_mpi_write_binary(&mbedtls_pk_ec_ro(*prv)->d, + prv_key_buf, curve_bytes); + if (ret != 0) { + mbedtls_platform_zeroize(prv_key_buf, sizeof(prv_key_buf)); + return ret; + } + + status = psa_import_key(&key_attr, prv_key_buf, curve_bytes, &key_id); + mbedtls_platform_zeroize(prv_key_buf, sizeof(prv_key_buf)); + ret = PSA_PK_TO_MBEDTLS_ERR(status); + if (ret != 0) { + return ret; + } + + // From now on prv_key_buf is used to store the public key of prv. + status = psa_export_public_key(key_id, prv_key_buf, sizeof(prv_key_buf), + &prv_key_len); + ret = PSA_PK_TO_MBEDTLS_ERR(status); + destruction_status = psa_destroy_key(key_id); + if (ret != 0) { + return ret; + } else if (destruction_status != PSA_SUCCESS) { + return PSA_PK_TO_MBEDTLS_ERR(destruction_status); + } + + ret = mbedtls_ecp_point_write_binary(&mbedtls_pk_ec_rw(*pub)->grp, + &mbedtls_pk_ec_rw(*pub)->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &pub_key_len, pub_key_buf, + sizeof(pub_key_buf)); + if (ret != 0) { + return ret; + } + + if (memcmp(prv_key_buf, pub_key_buf, curve_bytes) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + return 0; +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + +static int eckey_check_pair_wrap(mbedtls_pk_context *pub, mbedtls_pk_context *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + (void) f_rng; + (void) p_rng; + return eckey_check_pair_psa(pub, prv); +} +#else /* MBEDTLS_USE_PSA_CRYPTO */ +static int eckey_check_pair_wrap(mbedtls_pk_context *pub, mbedtls_pk_context *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + return mbedtls_ecp_check_pub_priv((const mbedtls_ecp_keypair *) pub->pk_ctx, + (const mbedtls_ecp_keypair *) prv->pk_ctx, + f_rng, p_rng); +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +/* When PK_USE_PSA_EC_DATA is defined opaque and non-opaque keys end up + * using the same function. */ +#define ecdsa_opaque_check_pair_wrap eckey_check_pair_wrap +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ +static int ecdsa_opaque_check_pair_wrap(mbedtls_pk_context *pub, + mbedtls_pk_context *prv, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + psa_status_t status; + uint8_t exp_pub_key[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN]; + size_t exp_pub_key_len = 0; + uint8_t pub_key[MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN]; + size_t pub_key_len = 0; + int ret; + (void) f_rng; + (void) p_rng; + + status = psa_export_public_key(prv->priv_id, exp_pub_key, sizeof(exp_pub_key), + &exp_pub_key_len); + if (status != PSA_SUCCESS) { + ret = psa_pk_status_to_mbedtls(status); + return ret; + } + ret = mbedtls_ecp_point_write_binary(&(mbedtls_pk_ec_ro(*pub)->grp), + &(mbedtls_pk_ec_ro(*pub)->Q), + MBEDTLS_ECP_PF_UNCOMPRESSED, + &pub_key_len, pub_key, sizeof(pub_key)); + if (ret != 0) { + return ret; + } + if ((exp_pub_key_len != pub_key_len) || + memcmp(exp_pub_key, pub_key, exp_pub_key_len)) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + return 0; +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) +static void *eckey_alloc_wrap(void) +{ + void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecp_keypair)); + + if (ctx != NULL) { + mbedtls_ecp_keypair_init(ctx); + } + + return ctx; +} + +static void eckey_free_wrap(void *ctx) +{ + mbedtls_ecp_keypair_free((mbedtls_ecp_keypair *) ctx); + mbedtls_free(ctx); +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + +static void eckey_debug(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + items->type = MBEDTLS_PK_DEBUG_PSA_EC; + items->name = "eckey.Q"; + items->value = pk; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ecp = (mbedtls_ecp_keypair *) pk->pk_ctx; + items->type = MBEDTLS_PK_DEBUG_ECP; + items->name = "eckey.Q"; + items->value = &(ecp->Q); +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + +const mbedtls_pk_info_t mbedtls_eckey_info = { + .type = MBEDTLS_PK_ECKEY, + .name = "EC", + .get_bitlen = eckey_get_bitlen, + .can_do = eckey_can_do, +#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) + .verify_func = ecdsa_verify_wrap, /* Compatible key structures */ +#else /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ + .verify_func = NULL, +#endif /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) + .sign_func = ecdsa_sign_wrap, /* Compatible key structures */ +#else /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ + .sign_func = NULL, +#endif /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + .verify_rs_func = eckey_verify_rs_wrap, + .sign_rs_func = eckey_sign_rs_wrap, + .rs_alloc_func = eckey_rs_alloc, + .rs_free_func = eckey_rs_free, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + .decrypt_func = NULL, + .encrypt_func = NULL, + .check_pair_func = eckey_check_pair_wrap, +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + .ctx_alloc_func = NULL, + .ctx_free_func = NULL, +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + .ctx_alloc_func = eckey_alloc_wrap, + .ctx_free_func = eckey_free_wrap, +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + .debug_func = eckey_debug, +}; + +/* + * EC key restricted to ECDH + */ +static int eckeydh_can_do(mbedtls_pk_type_t type) +{ + return type == MBEDTLS_PK_ECKEY || + type == MBEDTLS_PK_ECKEY_DH; +} + +const mbedtls_pk_info_t mbedtls_eckeydh_info = { + .type = MBEDTLS_PK_ECKEY_DH, + .name = "EC_DH", + .get_bitlen = eckey_get_bitlen, /* Same underlying key structure */ + .can_do = eckeydh_can_do, + .verify_func = NULL, + .sign_func = NULL, +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + .verify_rs_func = NULL, + .sign_rs_func = NULL, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + .decrypt_func = NULL, + .encrypt_func = NULL, + .check_pair_func = eckey_check_pair_wrap, +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + .ctx_alloc_func = NULL, + .ctx_free_func = NULL, +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + .ctx_alloc_func = eckey_alloc_wrap, /* Same underlying key structure */ + .ctx_free_func = eckey_free_wrap, /* Same underlying key structure */ +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + .debug_func = eckey_debug, /* Same underlying key structure */ +}; + +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) +static int ecdsa_can_do(mbedtls_pk_type_t type) +{ + return type == MBEDTLS_PK_ECDSA; +} + +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) +static int ecdsa_verify_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, void *rs_ctx) @@ -1274,7 +1469,7 @@ static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, ((void) md_alg); ret = mbedtls_ecdsa_read_signature_restartable( - (mbedtls_ecdsa_context *) ctx, + (mbedtls_ecdsa_context *) pk->pk_ctx, hash, hash_len, sig, sig_len, (mbedtls_ecdsa_restart_ctx *) rs_ctx); @@ -1285,38 +1480,19 @@ static int ecdsa_verify_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, return ret; } -static int ecdsa_sign_rs_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int ecdsa_sign_rs_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, void *rs_ctx) { return mbedtls_ecdsa_write_signature_restartable( - (mbedtls_ecdsa_context *) ctx, + (mbedtls_ecdsa_context *) pk->pk_ctx, md_alg, hash, hash_len, sig, sig_size, sig_len, f_rng, p_rng, (mbedtls_ecdsa_restart_ctx *) rs_ctx); } -#endif /* MBEDTLS_ECP_RESTARTABLE */ -static void *ecdsa_alloc_wrap(void) -{ - void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_context)); - - if (ctx != NULL) { - mbedtls_ecdsa_init((mbedtls_ecdsa_context *) ctx); - } - - return ctx; -} - -static void ecdsa_free_wrap(void *ctx) -{ - mbedtls_ecdsa_free((mbedtls_ecdsa_context *) ctx); - mbedtls_free(ctx); -} - -#if defined(MBEDTLS_ECP_RESTARTABLE) static void *ecdsa_rs_alloc(void) { void *ctx = mbedtls_calloc(1, sizeof(mbedtls_ecdsa_restart_ctx)); @@ -1333,31 +1509,43 @@ static void ecdsa_rs_free(void *ctx) mbedtls_ecdsa_restart_free(ctx); mbedtls_free(ctx); } -#endif /* MBEDTLS_ECP_RESTARTABLE */ +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ const mbedtls_pk_info_t mbedtls_ecdsa_info = { - MBEDTLS_PK_ECDSA, - "ECDSA", - eckey_get_bitlen, /* Compatible key structures */ - ecdsa_can_do, - ecdsa_verify_wrap, - ecdsa_sign_wrap, -#if defined(MBEDTLS_ECP_RESTARTABLE) - ecdsa_verify_rs_wrap, - ecdsa_sign_rs_wrap, -#endif - NULL, - NULL, - eckey_check_pair, /* Compatible key structures */ - ecdsa_alloc_wrap, - ecdsa_free_wrap, -#if defined(MBEDTLS_ECP_RESTARTABLE) - ecdsa_rs_alloc, - ecdsa_rs_free, -#endif - eckey_debug, /* Compatible key structures */ + .type = MBEDTLS_PK_ECDSA, + .name = "ECDSA", + .get_bitlen = eckey_get_bitlen, /* Compatible key structures */ + .can_do = ecdsa_can_do, +#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) + .verify_func = ecdsa_verify_wrap, /* Compatible key structures */ +#else /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ + .verify_func = NULL, +#endif /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) + .sign_func = ecdsa_sign_wrap, /* Compatible key structures */ +#else /* MBEDTLS_PK_CAN_ECDSA_SIGN */ + .sign_func = NULL, +#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + .verify_rs_func = ecdsa_verify_rs_wrap, + .sign_rs_func = ecdsa_sign_rs_wrap, + .rs_alloc_func = ecdsa_rs_alloc, + .rs_free_func = ecdsa_rs_free, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + .decrypt_func = NULL, + .encrypt_func = NULL, + .check_pair_func = eckey_check_pair_wrap, /* Compatible key structures */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + .ctx_alloc_func = NULL, + .ctx_free_func = NULL, +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + .ctx_alloc_func = eckey_alloc_wrap, /* Compatible key structures */ + .ctx_free_func = eckey_free_wrap, /* Compatible key structures */ +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + .debug_func = eckey_debug, /* Compatible key structures */ }; -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* @@ -1369,25 +1557,25 @@ static int rsa_alt_can_do(mbedtls_pk_type_t type) return type == MBEDTLS_PK_RSA; } -static size_t rsa_alt_get_bitlen(const void *ctx) +static size_t rsa_alt_get_bitlen(mbedtls_pk_context *pk) { - const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; + const mbedtls_rsa_alt_context *rsa_alt = pk->pk_ctx; return 8 * rsa_alt->key_len_func(rsa_alt->key); } -static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, +static int rsa_alt_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; + mbedtls_rsa_alt_context *rsa_alt = pk->pk_ctx; #if SIZE_MAX > UINT_MAX if (UINT_MAX < hash_len) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } -#endif /* SIZE_MAX > UINT_MAX */ +#endif *sig_len = rsa_alt->key_len_func(rsa_alt->key); if (*sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE) { @@ -1401,12 +1589,12 @@ static int rsa_alt_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, md_alg, (unsigned int) hash_len, hash, sig); } -static int rsa_alt_decrypt_wrap(void *ctx, +static int rsa_alt_decrypt_wrap(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; + mbedtls_rsa_alt_context *rsa_alt = pk->pk_ctx; ((void) f_rng); ((void) p_rng); @@ -1420,7 +1608,7 @@ static int rsa_alt_decrypt_wrap(void *ctx, } #if defined(MBEDTLS_RSA_C) -static int rsa_alt_check_pair(const void *pub, const void *prv, +static int rsa_alt_check_pair(mbedtls_pk_context *pub, mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { @@ -1435,14 +1623,14 @@ static int rsa_alt_check_pair(const void *pub, const void *prv, memset(hash, 0x2a, sizeof(hash)); - if ((ret = rsa_alt_sign_wrap((void *) prv, MBEDTLS_MD_NONE, + if ((ret = rsa_alt_sign_wrap(prv, MBEDTLS_MD_NONE, hash, sizeof(hash), sig, sizeof(sig), &sig_len, f_rng, p_rng)) != 0) { return ret; } - if (rsa_verify_wrap((void *) pub, MBEDTLS_MD_NONE, + if (rsa_verify_wrap(pub, MBEDTLS_MD_NONE, hash, sizeof(hash), sig, sig_len) != 0) { return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED; } @@ -1464,63 +1652,42 @@ static void *rsa_alt_alloc_wrap(void) static void rsa_alt_free_wrap(void *ctx) { - mbedtls_platform_zeroize(ctx, sizeof(mbedtls_rsa_alt_context)); - mbedtls_free(ctx); + mbedtls_zeroize_and_free(ctx, sizeof(mbedtls_rsa_alt_context)); } const mbedtls_pk_info_t mbedtls_rsa_alt_info = { - MBEDTLS_PK_RSA_ALT, - "RSA-alt", - rsa_alt_get_bitlen, - rsa_alt_can_do, - NULL, - rsa_alt_sign_wrap, + .type = MBEDTLS_PK_RSA_ALT, + .name = "RSA-alt", + .get_bitlen = rsa_alt_get_bitlen, + .can_do = rsa_alt_can_do, + .verify_func = NULL, + .sign_func = rsa_alt_sign_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, - NULL, -#endif - rsa_alt_decrypt_wrap, - NULL, + .verify_rs_func = NULL, + .sign_rs_func = NULL, + .rs_alloc_func = NULL, + .rs_free_func = NULL, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + .decrypt_func = rsa_alt_decrypt_wrap, + .encrypt_func = NULL, #if defined(MBEDTLS_RSA_C) - rsa_alt_check_pair, + .check_pair_func = rsa_alt_check_pair, #else - NULL, + .check_pair_func = NULL, #endif - rsa_alt_alloc_wrap, - rsa_alt_free_wrap, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, - NULL, -#endif - NULL, + .ctx_alloc_func = rsa_alt_alloc_wrap, + .ctx_free_func = rsa_alt_free_wrap, + .debug_func = NULL, }; - #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - -static void *pk_opaque_alloc_wrap(void) +static size_t opaque_get_bitlen(mbedtls_pk_context *pk) { - void *ctx = mbedtls_calloc(1, sizeof(mbedtls_svc_key_id_t)); - - /* no _init() function to call, as calloc() already zeroized */ - - return ctx; -} - -static void pk_opaque_free_wrap(void *ctx) -{ - mbedtls_platform_zeroize(ctx, sizeof(mbedtls_svc_key_id_t)); - mbedtls_free(ctx); -} - -static size_t pk_opaque_get_bitlen(const void *ctx) -{ - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; size_t bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if (PSA_SUCCESS != psa_get_key_attributes(*key, &attributes)) { + if (PSA_SUCCESS != psa_get_key_attributes(pk->priv_id, &attributes)) { return 0; } @@ -1529,36 +1696,79 @@ static size_t pk_opaque_get_bitlen(const void *ctx) return bits; } -static int pk_opaque_ecdsa_can_do(mbedtls_pk_type_t type) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +static int ecdsa_opaque_can_do(mbedtls_pk_type_t type) { return type == MBEDTLS_PK_ECKEY || type == MBEDTLS_PK_ECDSA; } -static int pk_opaque_rsa_can_do(mbedtls_pk_type_t type) +const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info = { + .type = MBEDTLS_PK_OPAQUE, + .name = "Opaque", + .get_bitlen = opaque_get_bitlen, + .can_do = ecdsa_opaque_can_do, +#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) + .verify_func = ecdsa_opaque_verify_wrap, +#else /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ + .verify_func = NULL, +#endif /* MBEDTLS_PK_CAN_ECDSA_VERIFY */ +#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) + .sign_func = ecdsa_opaque_sign_wrap, +#else /* MBEDTLS_PK_CAN_ECDSA_SIGN */ + .sign_func = NULL, +#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ +#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) + .verify_rs_func = NULL, + .sign_rs_func = NULL, + .rs_alloc_func = NULL, + .rs_free_func = NULL, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ + .decrypt_func = NULL, + .encrypt_func = NULL, + .check_pair_func = ecdsa_opaque_check_pair_wrap, + .ctx_alloc_func = NULL, + .ctx_free_func = NULL, + .debug_func = NULL, +}; +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + +static int rsa_opaque_can_do(mbedtls_pk_type_t type) { return type == MBEDTLS_PK_RSA || type == MBEDTLS_PK_RSASSA_PSS; } -static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, size_t *sig_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +static int rsa_opaque_decrypt(mbedtls_pk_context *pk, + const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen, size_t osize, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { -#if !defined(MBEDTLS_ECDSA_C) && !defined(MBEDTLS_RSA_C) - ((void) ctx); - ((void) md_alg); - ((void) hash); - ((void) hash_len); - ((void) sig); - ((void) sig_size); - ((void) sig_len); - ((void) f_rng); - ((void) p_rng); - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; -#else /* !MBEDTLS_ECDSA_C && !MBEDTLS_RSA_C */ - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; + psa_status_t status; + + /* PSA has its own RNG */ + (void) f_rng; + (void) p_rng; + + status = psa_asymmetric_decrypt(pk->priv_id, PSA_ALG_RSA_PKCS1V15_CRYPT, + input, ilen, + NULL, 0, + output, osize, olen); + if (status != PSA_SUCCESS) { + return PSA_PK_RSA_TO_MBEDTLS_ERR(status); + } + + return 0; +} +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ + +static int rsa_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, size_t *sig_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ +#if defined(MBEDTLS_RSA_C) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg; psa_key_type_t type; @@ -1568,127 +1778,69 @@ static int pk_opaque_sign_wrap(void *ctx, mbedtls_md_type_t md_alg, (void) f_rng; (void) p_rng; - status = psa_get_key_attributes(*key, &attributes); + status = psa_get_key_attributes(pk->priv_id, &attributes); if (status != PSA_SUCCESS) { - return mbedtls_pk_error_from_psa(status); + return PSA_PK_TO_MBEDTLS_ERR(status); } type = psa_get_key_type(&attributes); psa_reset_key_attributes(&attributes); -#if defined(MBEDTLS_ECDSA_C) - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { - alg = PSA_ALG_ECDSA(mbedtls_hash_info_psa_from_md(md_alg)); - } else -#endif /* MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_RSA_C) if (PSA_KEY_TYPE_IS_RSA(type)) { - alg = PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_hash_info_psa_from_md(md_alg)); - } else -#endif /* MBEDTLS_RSA_C */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + alg = PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_md_psa_alg_from_type(md_alg)); + } else { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } /* make the signature */ - status = psa_sign_hash(*key, alg, hash, hash_len, + status = psa_sign_hash(pk->priv_id, alg, hash, hash_len, sig, sig_size, sig_len); if (status != PSA_SUCCESS) { -#if defined(MBEDTLS_ECDSA_C) - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { - return mbedtls_pk_error_from_psa_ecdsa(status); - } else -#endif /* MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_RSA_C) if (PSA_KEY_TYPE_IS_RSA(type)) { - return mbedtls_pk_error_from_psa_rsa(status); - } else -#endif /* MBEDTLS_RSA_C */ - return mbedtls_pk_error_from_psa(status); - } - -#if defined(MBEDTLS_ECDSA_C) - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { - /* transcode it to ASN.1 sequence */ - return pk_ecdsa_sig_asn1_from_psa(sig, sig_len, sig_size); - } -#endif /* MBEDTLS_ECDSA_C */ - - return 0; -#endif /* !MBEDTLS_ECDSA_C && !MBEDTLS_RSA_C */ -} - -const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info = { - MBEDTLS_PK_OPAQUE, - "Opaque", - pk_opaque_get_bitlen, - pk_opaque_ecdsa_can_do, - NULL, /* verify - will be done later */ - pk_opaque_sign_wrap, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, /* restartable verify - not relevant */ - NULL, /* restartable sign - not relevant */ -#endif - NULL, /* decrypt - not relevant */ - NULL, /* encrypt - not relevant */ - NULL, /* check_pair - could be done later or left NULL */ - pk_opaque_alloc_wrap, - pk_opaque_free_wrap, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, /* restart alloc - not relevant */ - NULL, /* restart free - not relevant */ -#endif - NULL, /* debug - could be done later, or even left NULL */ -}; - -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) -static int pk_opaque_rsa_decrypt(void *ctx, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen, size_t osize, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ - const mbedtls_svc_key_id_t *key = (const mbedtls_svc_key_id_t *) ctx; - psa_status_t status; - - /* PSA has its own RNG */ - (void) f_rng; - (void) p_rng; - - status = psa_asymmetric_decrypt(*key, PSA_ALG_RSA_PKCS1V15_CRYPT, - input, ilen, - NULL, 0, - output, osize, olen); - if (status != PSA_SUCCESS) { - return mbedtls_pk_error_from_psa_rsa(status); + return PSA_PK_RSA_TO_MBEDTLS_ERR(status); + } else { + return PSA_PK_TO_MBEDTLS_ERR(status); + } } return 0; +#else /* !MBEDTLS_RSA_C */ + ((void) pk); + ((void) md_alg); + ((void) hash); + ((void) hash_len); + ((void) sig); + ((void) sig_size); + ((void) sig_len); + ((void) f_rng); + ((void) p_rng); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* !MBEDTLS_RSA_C */ } -#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ -const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info = { - MBEDTLS_PK_OPAQUE, - "Opaque", - pk_opaque_get_bitlen, - pk_opaque_rsa_can_do, - NULL, /* verify - will be done later */ - pk_opaque_sign_wrap, +const mbedtls_pk_info_t mbedtls_rsa_opaque_info = { + .type = MBEDTLS_PK_OPAQUE, + .name = "Opaque", + .get_bitlen = opaque_get_bitlen, + .can_do = rsa_opaque_can_do, + .verify_func = NULL, + .sign_func = rsa_opaque_sign_wrap, #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, /* restartable verify - not relevant */ - NULL, /* restartable sign - not relevant */ -#endif -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) - pk_opaque_rsa_decrypt, -#else - NULL, /* decrypt - not available */ -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */ - NULL, /* encrypt - will be done later */ - NULL, /* check_pair - could be done later or left NULL */ - pk_opaque_alloc_wrap, - pk_opaque_free_wrap, -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) - NULL, /* restart alloc - not relevant */ - NULL, /* restart free - not relevant */ -#endif - NULL, /* debug - could be done later, or even left NULL */ + .verify_rs_func = NULL, + .sign_rs_func = NULL, + .rs_alloc_func = NULL, + .rs_free_func = NULL, +#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) + .decrypt_func = rsa_opaque_decrypt, +#else /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ + .decrypt_func = NULL, +#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ + .encrypt_func = NULL, + .check_pair_func = NULL, + .ctx_alloc_func = NULL, + .ctx_free_func = NULL, + .debug_func = NULL, }; #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/library/pk_wrap.h b/library/pk_wrap.h index 67d0989c1..b1e02180a 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -39,18 +39,18 @@ struct mbedtls_pk_info_t { const char *name; /** Get key size in bits */ - size_t (*get_bitlen)(const void *); + size_t (*get_bitlen)(mbedtls_pk_context *pk); /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ int (*can_do)(mbedtls_pk_type_t type); /** Verify signature */ - int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*verify_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len); /** Make signature */ - int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*sign_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), @@ -58,13 +58,13 @@ struct mbedtls_pk_info_t { #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /** Verify signature (restartable) */ - int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*verify_rs_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len, void *rs_ctx); /** Make signature (restartable) */ - int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg, + int (*sign_rs_func)(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), @@ -72,19 +72,19 @@ struct mbedtls_pk_info_t { #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Decrypt message */ - int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + int (*decrypt_func)(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** Encrypt message */ - int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen, + int (*encrypt_func)(mbedtls_pk_context *pk, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, size_t osize, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); /** Check public-private key pair */ - int (*check_pair_func)(const void *pub, const void *prv, + int (*check_pair_func)(mbedtls_pk_context *pub, mbedtls_pk_context *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); @@ -103,7 +103,7 @@ struct mbedtls_pk_info_t { #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /** Interface with the debug module */ - void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items); + void (*debug_func)(mbedtls_pk_context *pk, mbedtls_pk_debug_item *items); }; #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) @@ -120,12 +120,12 @@ typedef struct { extern const mbedtls_pk_info_t mbedtls_rsa_info; #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) extern const mbedtls_pk_info_t mbedtls_eckey_info; extern const mbedtls_pk_info_t mbedtls_eckeydh_info; #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) extern const mbedtls_pk_info_t mbedtls_ecdsa_info; #endif @@ -134,29 +134,33 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) -extern const mbedtls_pk_info_t mbedtls_pk_ecdsa_opaque_info; -extern const mbedtls_pk_info_t mbedtls_pk_rsa_opaque_info; +extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info; +extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info; +#if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); +int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); +#endif #endif #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_C) -int mbedtls_pk_error_from_psa(psa_status_t status); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) +int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status); #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) -int mbedtls_pk_error_from_psa_rsa(psa_status_t status); -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); +#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #if defined(MBEDTLS_RSA_C) -int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, - mbedtls_rsa_context *rsa_ctx, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, - size_t *sig_len); +int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, + mbedtls_rsa_context *rsa_ctx, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, + size_t *sig_len); #endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/pkcs12.c b/library/pkcs12.c index f5ab742c5..4db2a4bbf 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -39,8 +39,7 @@ #include "mbedtls/des.h" #endif -#include "hash_info.h" -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" #if defined(MBEDTLS_ASN1_PARSE_C) @@ -130,18 +129,49 @@ static int pkcs12_pbe_derive_key_iv(mbedtls_asn1_buf *pbe_params, mbedtls_md_typ #undef PKCS12_MAX_PWDLEN +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) +int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output, size_t output_size, + size_t *output_len); +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t len, unsigned char *output) +{ + size_t output_len = 0; + + /* We assume caller of the function is providing a big enough output buffer + * so we pass output_size as SIZE_MAX to pass checks, However, no guarantees + * for the output size actually being correct. + */ + return mbedtls_pkcs12_pbe_ext(pbe_params, mode, cipher_type, md_type, + pwd, pwdlen, data, len, output, SIZE_MAX, + &output_len); +} +#endif + +int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, + mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output, size_t output_size, + size_t *output_len) { int ret, keylen = 0; unsigned char key[32]; unsigned char iv[16]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t cipher_ctx; - size_t olen = 0; + size_t iv_len = 0; + size_t finish_olen = 0; + unsigned int padlen = 0; if (pwd == NULL && pwdlen != 0) { return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; @@ -152,11 +182,25 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; } - keylen = cipher_info->key_bitlen / 8; + keylen = (int) mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; + if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { + if (output_size < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + + if (mode == MBEDTLS_PKCS12_PBE_ENCRYPT) { + padlen = cipher_info->block_size - (len % cipher_info->block_size); + if (output_size < (len + padlen)) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + + iv_len = mbedtls_cipher_info_get_iv_size(cipher_info); if ((ret = pkcs12_pbe_derive_key_iv(pbe_params, md_type, pwd, pwdlen, key, keylen, - iv, cipher_info->iv_size)) != 0) { + iv, iv_len)) != 0) { return ret; } @@ -166,29 +210,37 @@ int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode, goto exit; } - if ((ret = - mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen, - (mbedtls_operation_t) mode)) != 0) { + if ((ret = mbedtls_cipher_setkey(&cipher_ctx, key, 8 * keylen, + (mbedtls_operation_t) mode)) != 0) { goto exit; } - if ((ret = mbedtls_cipher_set_iv(&cipher_ctx, iv, cipher_info->iv_size)) != 0) { +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + /* PKCS12 uses CBC with PKCS7 padding */ + + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } +#endif + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { goto exit; } +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ - if ((ret = mbedtls_cipher_reset(&cipher_ctx)) != 0) { - goto exit; - } - - if ((ret = mbedtls_cipher_update(&cipher_ctx, data, len, - output, &olen)) != 0) { - goto exit; - } - - if ((ret = mbedtls_cipher_finish(&cipher_ctx, output + olen, &olen)) != 0) { + ret = mbedtls_cipher_crypt(&cipher_ctx, iv, iv_len, data, len, output, &finish_olen); + if (ret == MBEDTLS_ERR_CIPHER_INVALID_PADDING) { ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH; } + *output_len += finish_olen; + exit: mbedtls_platform_zeroize(key, sizeof(key)); mbedtls_platform_zeroize(iv, sizeof(iv)); @@ -227,7 +279,6 @@ static int calculate_hashes(mbedtls_md_type_t md_type, int iterations, unsigned char *pwd_block, unsigned char *hash_output, int use_salt, int use_password, size_t hlen, size_t v) { -#if defined(MBEDTLS_MD_C) int ret = -1; size_t i; const mbedtls_md_info_t *md_info; @@ -278,58 +329,6 @@ static int calculate_hashes(mbedtls_md_type_t md_type, int iterations, exit: mbedtls_md_free(&md_ctx); return ret; -#else - psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; - psa_algorithm_t alg = mbedtls_psa_translate_md(md_type); - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t status_abort = PSA_ERROR_CORRUPTION_DETECTED; - size_t i, out_len, out_size = PSA_HASH_LENGTH(alg); - - if (alg == PSA_ALG_NONE) { - return MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE; - } - - if ((status = psa_hash_setup(&op, alg)) != PSA_SUCCESS) { - goto exit; - } - - // Calculate hash( diversifier || salt_block || pwd_block ) - if ((status = psa_hash_update(&op, diversifier, v)) != PSA_SUCCESS) { - goto exit; - } - - if (use_salt != 0) { - if ((status = psa_hash_update(&op, salt_block, v)) != PSA_SUCCESS) { - goto exit; - } - } - - if (use_password != 0) { - if ((status = psa_hash_update(&op, pwd_block, v)) != PSA_SUCCESS) { - goto exit; - } - } - - if ((status = psa_hash_finish(&op, hash_output, out_size, &out_len)) - != PSA_SUCCESS) { - goto exit; - } - - // Perform remaining ( iterations - 1 ) recursive hash calculations - for (i = 1; i < (size_t) iterations; i++) { - if ((status = psa_hash_compute(alg, hash_output, hlen, hash_output, - out_size, &out_len)) != PSA_SUCCESS) { - goto exit; - } - } - -exit: - status_abort = psa_hash_abort(&op); - if (status == PSA_SUCCESS) { - status = status_abort; - } - return mbedtls_md_error_from_psa(status); -#endif /* !MBEDTLS_MD_C */ } @@ -343,7 +342,7 @@ int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen, unsigned char diversifier[128]; unsigned char salt_block[128], pwd_block[128], hash_block[128] = { 0 }; - unsigned char hash_output[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash_output[MBEDTLS_MD_MAX_SIZE]; unsigned char *p; unsigned char c; int use_password = 0; @@ -367,7 +366,7 @@ int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen, use_password = (pwd && pwdlen != 0); use_salt = (salt && saltlen != 0); - hlen = mbedtls_hash_info_get_size(md_type); + hlen = mbedtls_md_get_size_from_type(md_type); if (hlen <= 32) { v = 64; diff --git a/library/pkcs5.c b/library/pkcs5.c index 4e71dd396..2756d058e 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -44,8 +44,7 @@ #include "mbedtls/platform.h" -#include "hash_info.h" -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" #if defined(MBEDTLS_ASN1_PARSE_C) static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, @@ -112,10 +111,36 @@ static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, return 0; } +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) +int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output, size_t output_size, + size_t *output_len); +#endif + +#if !defined(MBEDTLS_DEPRECATED_REMOVED) int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t datalen, unsigned char *output) +{ + size_t output_len = 0; + + /* We assume caller of the function is providing a big enough output buffer + * so we pass output_size as SIZE_MAX to pass checks, However, no guarantees + * for the output size actually being correct. + */ + return mbedtls_pkcs5_pbes2_ext(pbe_params, mode, pwd, pwdlen, data, + datalen, output, SIZE_MAX, &output_len); +} +#endif + +int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output, size_t output_size, + size_t *output_len) { int ret, iterations = 0, keylen = 0; unsigned char *p, *end; @@ -123,10 +148,10 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_asn1_buf salt; mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1; unsigned char key[32], iv[32]; - size_t olen = 0; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_type_t cipher_alg; mbedtls_cipher_context_t cipher_ctx; + unsigned int padlen = 0; p = pbe_params->p; end = p + pbe_params->len; @@ -177,13 +202,26 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored * since it is optional and we don't know if it was set or not */ - keylen = cipher_info->key_bitlen / 8; + keylen = (int) mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; if (enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING || - enc_scheme_params.len != cipher_info->iv_size) { + enc_scheme_params.len != mbedtls_cipher_info_get_iv_size(cipher_info)) { return MBEDTLS_ERR_PKCS5_INVALID_FORMAT; } + if (mode == MBEDTLS_PKCS5_DECRYPT) { + if (output_size < datalen) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + + if (mode == MBEDTLS_PKCS5_ENCRYPT) { + padlen = cipher_info->block_size - (datalen % cipher_info->block_size); + if (output_size < (datalen + padlen)) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + } + mbedtls_cipher_init(&cipher_ctx); memcpy(iv, enc_scheme_params.p, enc_scheme_params.len); @@ -203,8 +241,28 @@ int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode, goto exit; } +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) + /* PKCS5 uses CBC with PKCS7 padding (which is the same as + * "PKCS5 padding" except that it's typically only called PKCS5 + * with 64-bit-block ciphers). + */ + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; +#if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } +#endif + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { + goto exit; + } +#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len, - data, datalen, output, &olen)) != 0) { + data, datalen, output, output_len)) != 0) { ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH; } @@ -215,7 +273,6 @@ exit: } #endif /* MBEDTLS_ASN1_PARSE_C */ -#if defined(MBEDTLS_MD_C) static int pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, @@ -316,7 +373,6 @@ int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, key_length, output); } #endif -#endif /* MBEDTLS_MD_C */ int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg, const unsigned char *password, @@ -324,7 +380,6 @@ int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg, unsigned int iteration_count, uint32_t key_length, unsigned char *output) { -#if defined(MBEDTLS_MD_C) mbedtls_md_context_t md_ctx; const mbedtls_md_info_t *md_info = NULL; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -344,121 +399,11 @@ int mbedtls_pkcs5_pbkdf2_hmac_ext(mbedtls_md_type_t md_alg, exit: mbedtls_md_free(&md_ctx); return ret; -#else - unsigned int i; - unsigned char md1[PSA_HASH_MAX_SIZE]; - unsigned char work[PSA_HASH_MAX_SIZE]; - const unsigned char md_size = mbedtls_hash_info_get_size(md_alg); - psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t status_destruction = PSA_ERROR_CORRUPTION_DETECTED; - size_t use_len, out_len; - unsigned char *out_p = output; - unsigned char counter[4]; - mbedtls_svc_key_id_t psa_hmac_key = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - const psa_algorithm_t alg = PSA_ALG_HMAC(mbedtls_hash_info_psa_from_md(md_alg)); - const size_t out_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_HMAC, 0, alg); - - memset(counter, 0, sizeof(counter)); - counter[3] = 1; - - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); - - if (key_length == 0) { - return 0; - } - if ((status = psa_import_key(&attributes, - password, plen, - &psa_hmac_key)) != PSA_SUCCESS) { - return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA; - } - -#if UINT_MAX > 0xFFFFFFFF - if (iteration_count > 0xFFFFFFFF) { - return MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA; - } -#endif - - while (key_length) { - status = psa_mac_sign_setup(&operation, psa_hmac_key, - PSA_ALG_HMAC(alg)); - if (status != PSA_SUCCESS) { - goto cleanup; - } - // U1 ends up in work - if ((status = psa_mac_update(&operation, salt, slen)) != PSA_SUCCESS) { - goto cleanup; - } - - if ((status = psa_mac_update(&operation, counter, sizeof(counter))) != PSA_SUCCESS) { - goto cleanup; - } - - if ((status = psa_mac_sign_finish(&operation, work, out_size, &out_len)) - != PSA_SUCCESS) { - goto cleanup; - } - - memcpy(md1, work, out_len); - - for (i = 1; i < iteration_count; i++) { - // U2 ends up in md1 - // - status = psa_mac_sign_setup(&operation, psa_hmac_key, - PSA_ALG_HMAC(alg)); - if (status != PSA_SUCCESS) { - goto cleanup; - } - if ((status = psa_mac_update(&operation, md1, md_size)) != PSA_SUCCESS) { - goto cleanup; - } - if ((status = - psa_mac_sign_finish(&operation, md1, out_size, &out_len)) != PSA_SUCCESS) { - goto cleanup; - } - - // U1 xor U2 - // - mbedtls_xor(work, work, md1, md_size); - } - - use_len = (key_length < md_size) ? key_length : md_size; - memcpy(out_p, work, use_len); - - key_length -= (uint32_t) use_len; - out_p += use_len; - - for (i = 4; i > 0; i--) { - if (++counter[i - 1] != 0) { - break; - } - } - } - -cleanup: - /* Zeroise buffers to clear sensitive data from memory. */ - mbedtls_platform_zeroize(work, PSA_HASH_MAX_SIZE); - mbedtls_platform_zeroize(md1, PSA_HASH_MAX_SIZE); - status_destruction = psa_destroy_key(psa_hmac_key); - if (status == PSA_SUCCESS && status_destruction != PSA_SUCCESS) { - status = status_destruction; - } - status_destruction = psa_mac_abort(&operation); - if (status == PSA_SUCCESS && status_destruction != PSA_SUCCESS) { - status = status_destruction; - } - - return mbedtls_md_error_from_psa(status); -#endif /* !MBEDTLS_MD_C */ } #if defined(MBEDTLS_SELF_TEST) -#if !defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA) +#if !defined(MBEDTLS_MD_CAN_SHA1) int mbedtls_pkcs5_self_test(int verbose) { if (verbose != 0) { @@ -556,7 +501,7 @@ int mbedtls_pkcs5_self_test(int verbose) exit: return ret; } -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_SELF_TEST */ diff --git a/library/pkcs7.c b/library/pkcs7.c index 5fd8f6444..cf05afd2c 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -26,9 +26,6 @@ #include "mbedtls/oid.h" #include "mbedtls/error.h" -#include -#include -#include #if defined(MBEDTLS_FS_IO) #include #include @@ -45,7 +42,7 @@ #endif /** - * Initializes the pkcs7 structure. + * Initializes the mbedtls_pkcs7 structure. */ void mbedtls_pkcs7_init(mbedtls_pkcs7 *pkcs7) { @@ -60,7 +57,10 @@ static int pkcs7_get_next_content_len(unsigned char **p, unsigned char *end, ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC); if (ret != 0) { - ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret); + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret); + } else if ((size_t) (end - *p) != *len) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } return ret; @@ -94,6 +94,7 @@ static int pkcs7_get_version(unsigned char **p, unsigned char *end, int *ver) * [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL } **/ static int pkcs7_get_content_info_type(unsigned char **p, unsigned char *end, + unsigned char **seq_end, mbedtls_pkcs7_buf *pkcs7) { size_t len = 0; @@ -106,8 +107,8 @@ static int pkcs7_get_content_info_type(unsigned char **p, unsigned char *end, *p = start; return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret); } - - ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_OID); + *seq_end = *p + len; + ret = mbedtls_asn1_get_tag(p, *seq_end, &len, MBEDTLS_ASN1_OID); if (ret != 0) { *p = start; return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret); @@ -186,13 +187,13 @@ static int pkcs7_get_certificates(unsigned char **p, unsigned char *end, size_t len2 = 0; unsigned char *end_set, *end_cert, *start; - if ((ret = mbedtls_asn1_get_tag(p, end, &len1, MBEDTLS_ASN1_CONSTRUCTED - | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != 0) { - if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { - return 0; - } else { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret); - } + ret = mbedtls_asn1_get_tag(p, end, &len1, MBEDTLS_ASN1_CONSTRUCTED + | MBEDTLS_ASN1_CONTEXT_SPECIFIC); + if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return 0; + } + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret); } start = *p; end_set = *p + len1; @@ -215,12 +216,11 @@ static int pkcs7_get_certificates(unsigned char **p, unsigned char *end, return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE; } - *p = start; - if ((ret = mbedtls_x509_crt_parse_der(certs, *p, len1)) < 0) { + if ((ret = mbedtls_x509_crt_parse_der(certs, start, len1)) < 0) { return MBEDTLS_ERR_PKCS7_INVALID_CERT; } - *p = *p + len1; + *p = end_cert; /* * Since in this version we strictly support single certificate, and reaching @@ -287,9 +287,10 @@ static void pkcs7_free_signer_info(mbedtls_pkcs7_signer_info *signer) * and unauthenticatedAttributes. **/ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end, - mbedtls_pkcs7_signer_info *signer) + mbedtls_pkcs7_signer_info *signer, + mbedtls_x509_buf *alg) { - unsigned char *end_signer; + unsigned char *end_signer, *end_issuer_and_sn; int asn1_ret = 0, ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; @@ -312,10 +313,11 @@ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end, goto out; } + end_issuer_and_sn = *p + len; /* Parsing IssuerAndSerialNumber */ signer->issuer_raw.p = *p; - asn1_ret = mbedtls_asn1_get_tag(p, end_signer, &len, + asn1_ret = mbedtls_asn1_get_tag(p, end_issuer_and_sn, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (asn1_ret != 0) { goto out; @@ -328,18 +330,31 @@ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end, signer->issuer_raw.len = *p - signer->issuer_raw.p; - ret = mbedtls_x509_get_serial(p, end_signer, &signer->serial); + ret = mbedtls_x509_get_serial(p, end_issuer_and_sn, &signer->serial); if (ret != 0) { goto out; } + /* ensure no extra or missing bytes */ + if (*p != end_issuer_and_sn) { + ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO; + goto out; + } + ret = pkcs7_get_digest_algorithm(p, end_signer, &signer->alg_identifier); if (ret != 0) { goto out; } - /* Assume authenticatedAttributes is nonexistent */ + /* Check that the digest algorithm used matches the one provided earlier */ + if (signer->alg_identifier.tag != alg->tag || + signer->alg_identifier.len != alg->len || + memcmp(signer->alg_identifier.p, alg->p, alg->len) != 0) { + ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO; + goto out; + } + /* Assume authenticatedAttributes is nonexistent */ ret = pkcs7_get_digest_algorithm(p, end_signer, &signer->sig_alg_identifier); if (ret != 0) { goto out; @@ -372,7 +387,8 @@ out: * Return negative error code for failure. **/ static int pkcs7_get_signers_info_set(unsigned char **p, unsigned char *end, - mbedtls_pkcs7_signer_info *signers_set) + mbedtls_pkcs7_signer_info *signers_set, + mbedtls_x509_buf *digest_alg) { unsigned char *end_set; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -392,7 +408,7 @@ static int pkcs7_get_signers_info_set(unsigned char **p, unsigned char *end, end_set = *p + len; - ret = pkcs7_get_signer_info(p, end_set, signers_set); + ret = pkcs7_get_signer_info(p, end_set, signers_set, digest_alg); if (ret != 0) { return ret; } @@ -407,7 +423,7 @@ static int pkcs7_get_signers_info_set(unsigned char **p, unsigned char *end, goto cleanup; } - ret = pkcs7_get_signer_info(p, end_set, signer); + ret = pkcs7_get_signer_info(p, end_set, signer, digest_alg); if (ret != 0) { mbedtls_free(signer); goto cleanup; @@ -449,7 +465,7 @@ static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen, { unsigned char *p = buf; unsigned char *end = buf + buflen; - unsigned char *end_set; + unsigned char *end_content_info = NULL; size_t len = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_alg; @@ -460,16 +476,19 @@ static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret); } - end_set = p + len; + if (p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } /* Get version of signed data */ - ret = pkcs7_get_version(&p, end_set, &signed_data->version); + ret = pkcs7_get_version(&p, end, &signed_data->version); if (ret != 0) { return ret; } /* Get digest algorithm */ - ret = pkcs7_get_digest_algorithm_set(&p, end_set, + ret = pkcs7_get_digest_algorithm_set(&p, end, &signed_data->digest_alg_identifiers); if (ret != 0) { return ret; @@ -480,19 +499,36 @@ static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen, return MBEDTLS_ERR_PKCS7_INVALID_ALG; } - /* Do not expect any content */ - ret = pkcs7_get_content_info_type(&p, end_set, &signed_data->content.oid); + mbedtls_pkcs7_buf content_type; + memset(&content_type, 0, sizeof(content_type)); + ret = pkcs7_get_content_info_type(&p, end, &end_content_info, &content_type); if (ret != 0) { return ret; } - - if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &signed_data->content.oid)) { + if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &content_type)) { return MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO; } + if (p != end_content_info) { + /* Determine if valid content is present */ + ret = mbedtls_asn1_get_tag(&p, + end_content_info, + &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret); + } + p += len; + if (p != end_content_info) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret); + } + /* Valid content is present - this is not supported */ + return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE; + } + /* Look for certificates, there may or may not be any */ mbedtls_x509_crt_init(&signed_data->certs); - ret = pkcs7_get_certificates(&p, end_set, &signed_data->certs); + ret = pkcs7_get_certificates(&p, end, &signed_data->certs); if (ret < 0) { return ret; } @@ -508,7 +544,10 @@ static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen, signed_data->no_of_crls = 0; /* Get signers info */ - ret = pkcs7_get_signers_info_set(&p, end_set, &signed_data->signers); + ret = pkcs7_get_signers_info_set(&p, + end, + &signed_data->signers, + &signed_data->digest_alg_identifiers); if (ret < 0) { return ret; } @@ -530,7 +569,6 @@ int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf, unsigned char *end; size_t len = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - int isoidset = 0; if (pkcs7 == NULL) { return MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA; @@ -546,46 +584,63 @@ int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf, pkcs7->raw.len = buflen; end = p + buflen; - ret = pkcs7_get_content_info_type(&p, end, &pkcs7->content_type_oid); + ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED + | MBEDTLS_ASN1_SEQUENCE); if (ret != 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret); + goto out; + } + + if ((size_t) (end - p) != len) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + goto out; + } + + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) { + if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + goto out; + } + p = pkcs7->raw.p; len = buflen; goto try_data; } - if (!MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &pkcs7->content_type_oid) - || !MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_ENCRYPTED_DATA, &pkcs7->content_type_oid) - || !MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_ENVELOPED_DATA, &pkcs7->content_type_oid) - || !MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_SIGNED_AND_ENVELOPED_DATA, &pkcs7->content_type_oid) - || !MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DIGESTED_DATA, &pkcs7->content_type_oid) - || !MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_ENCRYPTED_DATA, &pkcs7->content_type_oid)) { - ret = MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE; + if (MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_SIGNED_DATA, p, len)) { + /* OID is not MBEDTLS_OID_PKCS7_SIGNED_DATA, which is the only supported feature */ + if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DATA, p, len) + || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_ENCRYPTED_DATA, p, len) + || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_ENVELOPED_DATA, p, len) + || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_SIGNED_AND_ENVELOPED_DATA, p, len) + || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DIGESTED_DATA, p, len)) { + /* OID is valid according to the spec, but unsupported */ + ret = MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE; + } else { + /* OID is invalid according to the spec */ + ret = MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA; + } goto out; } - if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_SIGNED_DATA, &pkcs7->content_type_oid)) { - ret = MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA; - goto out; - } - - isoidset = 1; + p += len; ret = pkcs7_get_next_content_len(&p, end, &len); if (ret != 0) { goto out; } + /* ensure no extra/missing data */ + if (p + len != end) { + ret = MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA; + goto out; + } + try_data: ret = pkcs7_get_signed_data(p, len, &pkcs7->signed_data); if (ret != 0) { goto out; } - if (!isoidset) { - pkcs7->content_type_oid.tag = MBEDTLS_ASN1_OID; - pkcs7->content_type_oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKCS7_SIGNED_DATA); - pkcs7->content_type_oid.p = (unsigned char *) MBEDTLS_OID_PKCS7_SIGNED_DATA; - } - ret = MBEDTLS_PKCS7_SIGNED_DATA; out: @@ -618,6 +673,39 @@ static int mbedtls_pkcs7_data_or_hash_verify(mbedtls_pkcs7 *pkcs7, return MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID; } + ret = mbedtls_oid_get_md_alg(&pkcs7->signed_data.digest_alg_identifiers, &md_alg); + if (ret != 0) { + return ret; + } + + md_info = mbedtls_md_info_from_type(md_alg); + if (md_info == NULL) { + return MBEDTLS_ERR_PKCS7_VERIFY_FAIL; + } + + hash = mbedtls_calloc(mbedtls_md_get_size(md_info), 1); + if (hash == NULL) { + return MBEDTLS_ERR_PKCS7_ALLOC_FAILED; + } + + /* BEGIN must free hash before jumping out */ + if (is_data_hash) { + if (datalen != mbedtls_md_get_size(md_info)) { + ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL; + } else { + memcpy(hash, data, datalen); + } + } else { + ret = mbedtls_md(md_info, data, datalen, hash); + } + if (ret != 0) { + mbedtls_free(hash); + return MBEDTLS_ERR_PKCS7_VERIFY_FAIL; + } + + /* assume failure */ + ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL; + /* * Potential TODOs * Currently we iterate over all signers and return success if any of them @@ -627,61 +715,30 @@ static int mbedtls_pkcs7_data_or_hash_verify(mbedtls_pkcs7 *pkcs7, * identification and SignerIdentifier fields first. That would also allow * us to distinguish between 'no signature for key' and 'signature for key * failed to validate'. - * - * We could also cache hashes by md, so if there are several sigs all using - * the same algo we don't recalculate the hash each time. */ for (signer = &pkcs7->signed_data.signers; signer; signer = signer->next) { - ret = mbedtls_oid_get_md_alg(&signer->alg_identifier, &md_alg); - if (ret != 0) { - ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL; - continue; - } - - md_info = mbedtls_md_info_from_type(md_alg); - if (md_info == NULL) { - ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL; - continue; - } - - hash = mbedtls_calloc(mbedtls_md_get_size(md_info), 1); - if (hash == NULL) { - return MBEDTLS_ERR_PKCS7_ALLOC_FAILED; - } - /* BEGIN must free hash before jumping out */ - if (is_data_hash) { - if (datalen != mbedtls_md_get_size(md_info)) { - ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL; - } else { - memcpy(hash, data, datalen); - } - } else { - ret = mbedtls_md(md_info, data, datalen, hash); - } - if (ret != 0) { - ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL; - mbedtls_free(hash); - continue; - } - ret = mbedtls_pk_verify(&pk_cxt, md_alg, hash, mbedtls_md_get_size(md_info), signer->sig.p, signer->sig.len); - mbedtls_free(hash); - /* END must free hash before jumping out */ if (ret == 0) { break; } } + mbedtls_free(hash); + /* END must free hash before jumping out */ return ret; } + int mbedtls_pkcs7_signed_data_verify(mbedtls_pkcs7 *pkcs7, const mbedtls_x509_crt *cert, const unsigned char *data, size_t datalen) { + if (data == NULL) { + return MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA; + } return mbedtls_pkcs7_data_or_hash_verify(pkcs7, cert, data, datalen, 0); } @@ -690,6 +747,9 @@ int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7, const unsigned char *hash, size_t hashlen) { + if (hash == NULL) { + return MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA; + } return mbedtls_pkcs7_data_or_hash_verify(pkcs7, cert, hash, hashlen, 1); } diff --git a/library/pkparse.c b/library/pkparse.c index 990b55452..e1422df77 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -26,14 +26,16 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "pk_internal.h" #include #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#include "pk_internal.h" #endif #if defined(MBEDTLS_ECDSA_C) #include "mbedtls/ecdsa.h" @@ -48,8 +50,22 @@ #include "mbedtls/pkcs12.h" #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) +#include "psa_util_internal.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + #include "mbedtls/platform.h" +/* Helper for Montgomery curves */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ + ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PK_HAVE_RFC8410_CURVES */ + #if defined(MBEDTLS_FS_IO) /* * Load all data from a file into a given buffer. @@ -88,8 +104,7 @@ int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) if (fread(*buf, 1, *n, f) != *n) { fclose(f); - mbedtls_platform_zeroize(*buf, *n); - mbedtls_free(*buf); + mbedtls_zeroize_and_free(*buf, *n); return MBEDTLS_ERR_PK_FILE_IO_ERROR; } @@ -127,8 +142,7 @@ int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, (const unsigned char *) pwd, strlen(pwd), f_rng, p_rng); } - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } @@ -148,14 +162,13 @@ int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) ret = mbedtls_pk_parse_public_key(ctx, buf, n); - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } #endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * * ECParameters ::= CHOICE { @@ -224,7 +237,7 @@ static int pk_group_from_specified(const mbedtls_asn1_buf *params, mbedtls_ecp_g { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = params->p; - const unsigned char * const end = params->p + params->len; + const unsigned char *const end = params->p + params->len; const unsigned char *end_field, *end_curve; size_t len; int ver; @@ -396,7 +409,6 @@ static int pk_group_id_from_group(const mbedtls_ecp_group *grp, mbedtls_ecp_grou mbedtls_mpi_get_bit(&grp->G.Y, 0) == mbedtls_mpi_get_bit(&ref.G.Y, 0)) { break; } - } cleanup: @@ -429,12 +441,46 @@ static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, ret = pk_group_id_from_group(&grp, grp_id); cleanup: - mbedtls_ecp_group_free(&grp); + /* The API respecting lifecycle for mbedtls_ecp_group struct is + * _init(), _load() and _free(). In pk_group_id_from_specified() the + * temporary grp breaks that flow and it's members are populated + * by pk_group_id_from_group(). As such mbedtls_ecp_group_free() + * which is assuming a group populated by _setup() may not clean-up + * properly -> Manually free it's members. + */ + mbedtls_mpi_free(&grp.N); + mbedtls_mpi_free(&grp.P); + mbedtls_mpi_free(&grp.A); + mbedtls_mpi_free(&grp.B); + mbedtls_ecp_point_free(&grp.G); return ret; } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +/* Functions pk_use_ecparams() and pk_use_ecparams_rfc8410() update the + * ecp_keypair structure with proper group ID. The purpose of this helper + * function is to update ec_family and ec_bits accordingly. */ +static int pk_update_psa_ecparams(mbedtls_pk_context *pk, + mbedtls_ecp_group_id grp_id) +{ + psa_ecc_family_t ec_family; + size_t bits; + + ec_family = mbedtls_ecc_group_to_psa(grp_id, &bits); + + if ((pk->ec_family != 0) && (pk->ec_family != ec_family)) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + pk->ec_family = ec_family; + pk->ec_bits = bits; + + return 0; +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + /* * Use EC parameters to initialise an EC group * @@ -443,7 +489,7 @@ cleanup: * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } * -- implicitCurve NULL */ -static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp) +static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; @@ -462,19 +508,197 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *gr #endif } - /* - * grp may already be initialized; if so, make sure IDs match - */ - if (grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id) { +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + ret = pk_update_psa_ecparams(pk, grp_id); +#else + /* grp may already be initialized; if so, make sure IDs match */ + if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && + mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } - if ((ret = mbedtls_ecp_group_load(grp, grp_id)) != 0) { + if ((ret = mbedtls_ecp_group_load(&(mbedtls_pk_ec_rw(*pk)->grp), + grp_id)) != 0) { + return ret; + } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + return ret; +} + +/* + * Helper function for deriving a public key from its private counterpart. + */ +static int pk_derive_public_key(mbedtls_pk_context *pk, + const unsigned char *d, size_t d_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ + int ret; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; + (void) f_rng; + (void) p_rng; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + (void) d; + (void) d_len; + + status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), + &pk->pub_raw_len); + ret = psa_pk_status_to_mbedtls(status); +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t key_len; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + size_t curve_bits; + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); + psa_status_t destruction_status; + + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); + + status = psa_import_key(&key_attr, d, d_len, &key_id); + ret = psa_pk_status_to_mbedtls(status); + if (ret != 0) { + return ret; + } + + status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); + ret = psa_pk_status_to_mbedtls(status); + destruction_status = psa_destroy_key(key_id); + if (ret != 0) { + return ret; + } else if (destruction_status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(destruction_status); + } + ret = mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +#else /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + (void) d; + (void) d_len; + + ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return ret; +} + +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + +/* + * Load an RFC8410 EC key, which doesn't have any parameters + */ +static int pk_use_ecparams_rfc8410(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id grp_id, + mbedtls_pk_context *pk) +{ + int ret; + + if (params->tag != 0 || params->len != 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + ret = pk_update_psa_ecparams(pk, grp_id); +#else + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); + ret = mbedtls_ecp_group_load(&(ecp->grp), grp_id); + if (ret != 0) { + return ret; + } +#endif + return ret; +} + +/* + * Parse an RFC 8410 encoded private EC key + * + * CurvePrivateKey ::= OCTET STRING + */ +static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, + unsigned char *key, size_t keylen, const unsigned char *end, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len; + + if ((ret = mbedtls_asn1_get_tag(&key, (key + keylen), &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + + if (key + len != end) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); + + status = psa_import_key(&attributes, key, len, &pk->priv_id); + if (status != PSA_SUCCESS) { + ret = psa_pk_status_to_mbedtls(status); + return ret; + } +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); + + if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + /* pk_parse_key_pkcs8_unencrypted_der() only supports version 1 PKCS8 keys, + * which never contain a public key. As such, derive the public key + * unconditionally. */ + if ((ret = pk_derive_public_key(pk, key, len, f_rng, p_rng)) != 0) { return ret; } return 0; } +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) && defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) +/* + * Create a temporary ecp_keypair for converting an EC point in compressed + * format to an uncompressed one + */ +static int pk_convert_compressed_ec(mbedtls_pk_context *pk, + const unsigned char *in_start, size_t in_len, + size_t *out_buf_len, unsigned char *out_buf, + size_t out_buf_size) +{ + mbedtls_ecp_keypair ecp_key; + mbedtls_ecp_group_id ecp_group_id; + int ret; + + ecp_group_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); + + mbedtls_ecp_keypair_init(&ecp_key); + ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); + if (ret != 0) { + return ret; + } + ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, + in_start, in_len); + if (ret != 0) { + goto exit; + } + ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + out_buf_len, out_buf, out_buf_size); + +exit: + mbedtls_ecp_keypair_free(&ecp_key); + return ret; +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA && MBEDTLS_PK_PARSE_EC_COMPRESSED */ /* * EC public key is an EC point @@ -484,15 +708,65 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_ecp_group *gr * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. */ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, - mbedtls_ecp_keypair *key) + mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ((ret = mbedtls_ecp_point_read_binary(&key->grp, &key->Q, - (const unsigned char *) *p, end - *p)) == 0) { - ret = mbedtls_ecp_check_pubkey(&key->grp, &key->Q); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + mbedtls_svc_key_id_t key; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + size_t len = (end - *p); + + if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } + /* Compressed point format are not supported yet by PSA crypto. As a + * consequence ecp functions are used to "convert" the point to + * uncompressed format */ + if ((**p == 0x02) || (**p == 0x03)) { +#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + ret = pk_convert_compressed_ec(pk, *p, len, + &(pk->pub_raw_len), pk->pub_raw, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + if (ret != 0) { + return ret; + } +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ + } else { + /* Uncompressed format */ + if ((size_t) (end - *p) > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; + } + memcpy(pk->pub_raw, *p, (end - *p)); + pk->pub_raw_len = end - *p; + } + + /* Validate the key by trying to importing it */ + psa_set_key_usage_flags(&key_attrs, 0); + psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); + psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); + psa_set_key_bits(&key_attrs, pk->ec_bits); + + if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, + &key) != PSA_SUCCESS) || + (psa_destroy_key(key) != PSA_SUCCESS)) { + mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); + pk->pub_raw_len = 0; + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + ret = 0; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; + if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, + (const unsigned char *) *p, + end - *p)) == 0) { + ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); + } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + /* * We know mbedtls_ecp_point_read_binary consumed all bytes or failed */ @@ -500,7 +774,7 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, return ret; } -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_RSA_C) /* @@ -572,7 +846,8 @@ static int pk_get_rsapubkey(unsigned char **p, */ static int pk_get_pk_alg(unsigned char **p, const unsigned char *end, - mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params) + mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *ec_grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_asn1_buf alg_oid; @@ -583,7 +858,18 @@ static int pk_get_pk_alg(unsigned char **p, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_ALG, ret); } - if (mbedtls_oid_get_pk_alg(&alg_oid, pk_alg) != 0) { + ret = mbedtls_oid_get_pk_alg(&alg_oid, pk_alg); +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + if (ret == MBEDTLS_ERR_OID_NOT_FOUND) { + ret = mbedtls_oid_get_ec_grp_algid(&alg_oid, ec_grp_id); + if (ret == 0) { + *pk_alg = MBEDTLS_PK_ECKEY; + } + } +#else + (void) ec_grp_id; +#endif + if (ret != 0) { return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; } @@ -611,6 +897,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, size_t len; mbedtls_asn1_buf alg_params; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; + mbedtls_ecp_group_id ec_grp_id = MBEDTLS_ECP_DP_NONE; const mbedtls_pk_info_t *pk_info; if ((ret = mbedtls_asn1_get_tag(p, end, &len, @@ -620,7 +907,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, end = *p + len; - if ((ret = pk_get_pk_alg(p, end, &pk_alg, &alg_params)) != 0) { + if ((ret = pk_get_pk_alg(p, end, &pk_alg, &alg_params, &ec_grp_id)) != 0) { return ret; } @@ -646,14 +933,21 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, ret = pk_get_rsapubkey(p, end, mbedtls_pk_rsa(*pk)); } else #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY) { - ret = pk_use_ecparams(&alg_params, &mbedtls_pk_ec(*pk)->grp); +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + if (MBEDTLS_PK_IS_RFC8410_GROUP_ID(ec_grp_id)) { + ret = pk_use_ecparams_rfc8410(&alg_params, ec_grp_id, pk); + } else +#endif + { + ret = pk_use_ecparams(&alg_params, pk); + } if (ret == 0) { - ret = pk_get_ecpubkey(p, end, mbedtls_pk_ec(*pk)); + ret = pk_get_ecpubkey(p, end, pk); } } else -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; if (ret == 0 && *p != end) { @@ -857,21 +1151,28 @@ cleanup: } #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* * Parse a SEC1 encoded private EC key */ -static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, +static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, const unsigned char *key, size_t keylen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int version, pubkey_done; - size_t len; + size_t len, d_len; mbedtls_asn1_buf params = { 0, 0, NULL }; unsigned char *p = (unsigned char *) key; + unsigned char *d; unsigned char *end = p + keylen; unsigned char *end2; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* * RFC 5915, or SEC1 Appendix C.4 @@ -902,10 +1203,10 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } - if ((ret = mbedtls_mpi_read_binary(&eck->d, p, len)) != 0) { - mbedtls_ecp_keypair_free(eck); - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } + /* Keep a reference to the position fo the private key. It will be used + * later in this function. */ + d = p; + d_len = len; p += len; @@ -918,16 +1219,21 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0)) == 0) { if ((ret = pk_get_ecparams(&p, p + len, ¶ms)) != 0 || - (ret = pk_use_ecparams(¶ms, &eck->grp)) != 0) { - mbedtls_ecp_keypair_free(eck); + (ret = pk_use_ecparams(¶ms, pk)) != 0) { return ret; } } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { - mbedtls_ecp_keypair_free(eck); return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } } + +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) + if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, d, d_len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } +#endif + if (p != end) { /* * Is 'publickey' present? If not, or if we can't read it (eg because it @@ -947,7 +1253,7 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - if ((ret = pk_get_ecpubkey(&p, end2, eck)) == 0) { + if ((ret = pk_get_ecpubkey(&p, end2, pk)) == 0) { pubkey_done = 1; } else { /* @@ -959,26 +1265,40 @@ static int pk_parse_key_sec1_der(mbedtls_ecp_keypair *eck, } } } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { - mbedtls_ecp_keypair_free(eck); return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } } - if (!pubkey_done && - (ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, - f_rng, p_rng)) != 0) { - mbedtls_ecp_keypair_free(eck); - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + /* Setting largest masks for usage and key algorithms */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_set_key_algorithm(&attributes, + PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); +#else + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); +#endif + psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); - if ((ret = mbedtls_ecp_check_privkey(&eck->grp, &eck->d)) != 0) { - mbedtls_ecp_keypair_free(eck); + status = psa_import_key(&attributes, d, d_len, &pk->priv_id); + if (status != PSA_SUCCESS) { + ret = psa_pk_status_to_mbedtls(status); return ret; } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + if (!pubkey_done) { + if ((ret = pk_derive_public_key(pk, d, d_len, f_rng, p_rng)) != 0) { + return ret; + } + } return 0; } -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ /* * Parse an unencrypted PKCS#8 encoded private key @@ -1004,9 +1324,10 @@ static int pk_parse_key_pkcs8_unencrypted_der( unsigned char *p = (unsigned char *) key; unsigned char *end = p + keylen; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; + mbedtls_ecp_group_id ec_grp_id = MBEDTLS_ECP_DP_NONE; const mbedtls_pk_info_t *pk_info; -#if !defined(MBEDTLS_ECP_C) +#if !defined(MBEDTLS_PK_HAVE_ECC_KEYS) (void) f_rng; (void) p_rng; #endif @@ -1042,7 +1363,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_VERSION, ret); } - if ((ret = pk_get_pk_alg(&p, end, &pk_alg, ¶ms)) != 0) { + if ((ret = pk_get_pk_alg(&p, end, &pk_alg, ¶ms, &ec_grp_id)) != 0) { return ret; } @@ -1071,17 +1392,37 @@ static int pk_parse_key_pkcs8_unencrypted_der( } } else #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) { - if ((ret = pk_use_ecparams(¶ms, &mbedtls_pk_ec(*pk)->grp)) != 0 || - (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), p, len, f_rng, p_rng)) != 0) { - mbedtls_pk_free(pk); - return ret; +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + if (MBEDTLS_PK_IS_RFC8410_GROUP_ID(ec_grp_id)) { + if ((ret = + pk_use_ecparams_rfc8410(¶ms, ec_grp_id, pk)) != 0 || + (ret = + pk_parse_key_rfc8410_der(pk, p, len, end, f_rng, + p_rng)) != 0) { + mbedtls_pk_free(pk); + return ret; + } + } else +#endif + { + if ((ret = pk_use_ecparams(¶ms, pk)) != 0 || + (ret = pk_parse_key_sec1_der(pk, p, len, f_rng, p_rng)) != 0) { + mbedtls_pk_free(pk); + return ret; + } } } else -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ return MBEDTLS_ERR_PK_UNKNOWN_PK_ALG; + end = p + len; + if (end != (key + keylen)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + return 0; } @@ -1095,7 +1436,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( * */ #if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) -static int pk_parse_key_pkcs8_encrypted_der( +MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( mbedtls_pk_context *pk, unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen, @@ -1110,6 +1451,7 @@ static int pk_parse_key_pkcs8_encrypted_der( mbedtls_cipher_type_t cipher_alg; mbedtls_md_type_t md_alg; #endif + size_t outlen = 0; p = key; end = p + keylen; @@ -1155,9 +1497,9 @@ static int pk_parse_key_pkcs8_encrypted_der( */ #if defined(MBEDTLS_PKCS12_C) if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) { - if ((ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, - cipher_alg, md_alg, - pwd, pwdlen, p, len, buf)) != 0) { + if ((ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, + cipher_alg, md_alg, + pwd, pwdlen, p, len, buf, len, &outlen)) != 0) { if (ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) { return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; } @@ -1170,8 +1512,8 @@ static int pk_parse_key_pkcs8_encrypted_der( #endif /* MBEDTLS_PKCS12_C */ #if defined(MBEDTLS_PKCS5_C) if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) { - if ((ret = mbedtls_pkcs5_pbes2(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, - p, len, buf)) != 0) { + if ((ret = mbedtls_pkcs5_pbes2_ext(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, + p, len, buf, len, &outlen)) != 0) { if (ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) { return MBEDTLS_ERR_PK_PASSWORD_MISMATCH; } @@ -1189,8 +1531,7 @@ static int pk_parse_key_pkcs8_encrypted_der( if (decrypted == 0) { return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } - - return pk_parse_key_pkcs8_unencrypted_der(pk, buf, len, f_rng, p_rng); + return pk_parse_key_pkcs8_unencrypted_der(pk, buf, outlen, f_rng, p_rng); } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ @@ -1246,7 +1587,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, } #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ if (key[keylen - 1] != '\0') { ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; @@ -1260,7 +1601,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || - (ret = pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + (ret = pk_parse_key_sec1_der(pk, pem.buf, pem.buflen, f_rng, p_rng)) != 0) { mbedtls_pk_free(pk); @@ -1275,7 +1616,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { return ret; } -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */ if (key[keylen - 1] != '\0') { @@ -1309,8 +1650,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, key, NULL, 0, &len); } if (ret == 0) { - if ((ret = pk_parse_key_pkcs8_encrypted_der(pk, pem.buf, pem.buflen, - pwd, pwdlen, f_rng, p_rng)) != 0) { + if ((ret = mbedtls_pk_parse_key_pkcs8_encrypted_der(pk, pem.buf, pem.buflen, + pwd, pwdlen, f_rng, p_rng)) != 0) { mbedtls_pk_free(pk); } @@ -1342,11 +1683,10 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, memcpy(key_copy, key, keylen); - ret = pk_parse_key_pkcs8_encrypted_der(pk, key_copy, keylen, - pwd, pwdlen, f_rng, p_rng); + ret = mbedtls_pk_parse_key_pkcs8_encrypted_der(pk, key_copy, keylen, + pwd, pwdlen, f_rng, p_rng); - mbedtls_platform_zeroize(key_copy, keylen); - mbedtls_free(key_copy); + mbedtls_zeroize_and_free(key_copy, keylen); } if (ret == 0) { @@ -1381,21 +1721,21 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, mbedtls_pk_init(pk); #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); if (mbedtls_pk_setup(pk, pk_info) == 0 && - pk_parse_key_sec1_der(mbedtls_pk_ec(*pk), + pk_parse_key_sec1_der(pk, key, keylen, f_rng, p_rng) == 0) { return 0; } mbedtls_pk_free(pk); -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - /* If MBEDTLS_RSA_C is defined but MBEDTLS_ECP_C isn't, + /* If MBEDTLS_RSA_C is defined but MBEDTLS_PK_HAVE_ECC_KEYS isn't, * it is ok to leave the PK context initialized but not * freed: It is the caller's responsibility to call pk_init() * before calling this function, and to call pk_free() - * when it fails. If MBEDTLS_ECP_C is defined but MBEDTLS_RSA_C + * when it fails. If MBEDTLS_PK_HAVE_ECC_KEYS is defined but MBEDTLS_RSA_C * isn't, this leads to mbedtls_pk_free() being called * twice, once here and once by the caller, but this is * also ok and in line with the mbedtls_pk_free() calls @@ -1477,7 +1817,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, */ p = pem.buf; - ret = mbedtls_pk_parse_subpubkey(&p, p + pem.buflen, ctx); + ret = mbedtls_pk_parse_subpubkey(&p, p + pem.buflen, ctx); mbedtls_pem_free(&pem); return ret; } else if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) { diff --git a/library/pkwrite.c b/library/pkwrite.c index 2194c97e3..e38bc27de 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -26,6 +26,7 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" +#include "pk_internal.h" #include @@ -37,7 +38,10 @@ #include "mbedtls/ecp.h" #include "mbedtls/platform_util.h" #endif -#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#include "pk_internal.h" +#endif +#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "pkwrite.h" #endif #if defined(MBEDTLS_ECDSA_C) @@ -49,10 +53,66 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" #endif #include "mbedtls/platform.h" +/* Helper for Montgomery curves */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) +{ + mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk); + +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) + if (id == MBEDTLS_ECP_DP_CURVE25519) { + return 1; + } +#endif +#if defined(MBEDTLS_ECP_HAVE_CURVE448) + if (id == MBEDTLS_ECP_DP_CURVE448) { + return 1; + } +#endif + return 0; +} + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PEM_WRITE_C) +/* It is assumed that the input key is opaque */ +static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk) +{ + psa_ecc_family_t ec_family = 0; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + + if (psa_get_key_attributes(pk->priv_id, &key_attrs) != PSA_SUCCESS) { + return 0; + } + ec_family = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attrs)); + psa_reset_key_attributes(&key_attrs); + + return ec_family; +} +#endif /* MBETLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C */ +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* It is assumed that the input key is opaque */ +static psa_key_type_t pk_get_opaque_key_type(const mbedtls_pk_context *pk) +{ + psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t opaque_key_type; + + if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) { + return 0; + } + opaque_key_type = psa_get_key_type(&opaque_attrs); + psa_reset_key_attributes(&opaque_attrs); + + return opaque_key_type; +} +#endif /* MBETLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_RSA_C) /* * RSAPublicKey ::= SEQUENCE { @@ -61,11 +121,12 @@ * } */ static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start, - mbedtls_rsa_context *rsa) + const mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_mpi T; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); mbedtls_mpi_init(&T); @@ -98,21 +159,21 @@ end_of_export: } #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) -/* - * EC public key is an EC point - */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec) + const mbedtls_pk_context *pk) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; - unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; + uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; - if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - &len, buf, sizeof(buf))) != 0) { - return ret; + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + } else { + len = pk->pub_raw_len; + memcpy(buf, pk->pub_raw, len); } if (*p < start || (size_t) (*p - start) < len) { @@ -124,6 +185,47 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, return (int) len; } +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ +static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *pk) +{ + size_t len = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; +#else + unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + *p -= len; + memcpy(*p, buf, len); + return (int) len; + } else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + { + if ((ret = mbedtls_ecp_point_write_binary(&ec->grp, &ec->Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, buf, sizeof(buf))) != 0) { + return ret; + } + } + + if (*p < start || (size_t) (*p - start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + *p -= len; + memcpy(*p, buf, len); + + return (int) len; +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* * ECParameters ::= CHOICE { @@ -131,14 +233,14 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, * } */ static int pk_write_ec_param(unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec) + mbedtls_ecp_group_id grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; const char *oid; size_t oid_len; - if ((ret = mbedtls_oid_get_oid_by_ec_grp(ec->grp.id, &oid, &oid_len)) != 0) { + if ((ret = mbedtls_oid_get_oid_by_ec_grp(grp_id, &oid, &oid_len)) != 0) { return ret; } @@ -150,24 +252,96 @@ static int pk_write_ec_param(unsigned char **p, unsigned char *start, /* * privateKey OCTET STRING -- always of length ceil(log2(n)/8) */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) static int pk_write_ec_private(unsigned char **p, unsigned char *start, - mbedtls_ecp_keypair *ec) + const mbedtls_pk_context *pk) { + size_t byte_length; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t byte_length = (ec->grp.pbits + 7) / 8; - unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; + unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; + psa_status_t status; - ret = mbedtls_ecp_write_key(ec, tmp, byte_length); - if (ret != 0) { - goto exit; + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length); + if (status != PSA_SUCCESS) { + ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + return ret; + } + } else { + status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length); + if (status != PSA_SUCCESS) { + ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + goto exit; + } } - ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length); + ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length); exit: - mbedtls_platform_zeroize(tmp, byte_length); + mbedtls_platform_zeroize(tmp, sizeof(tmp)); return ret; } -#endif /* MBEDTLS_ECP_C */ +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ +static int pk_write_ec_private(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *pk) +{ + size_t byte_length; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; + psa_status_t status; +#else + unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length); + if (status != PSA_SUCCESS) { + ret = PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + return ret; + } + } else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + { + mbedtls_ecp_keypair *ec = mbedtls_pk_ec_rw(*pk); + byte_length = (ec->grp.pbits + 7) / 8; + + ret = mbedtls_ecp_write_key(ec, tmp, byte_length); + if (ret != 0) { + goto exit; + } + } + ret = mbedtls_asn1_write_octet_string(p, start, tmp, byte_length); +exit: + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + return ret; +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start, + const mbedtls_pk_context *pk) +{ + size_t buffer_size; + size_t len = 0; + + if (*p < start) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + buffer_size = (size_t) (*p - start); + if (psa_export_public_key(pk->priv_id, start, buffer_size, + &len) != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + *p -= len; + memmove(*p, start, len); + + return (int) len; +} +#endif /* MBEDTLS_USE_PSA_CRYPTO */ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *key) @@ -177,31 +351,17 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, #if defined(MBEDTLS_RSA_C) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { - MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, mbedtls_pk_rsa(*key))); + MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, key)); } else #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { - MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, mbedtls_pk_ec(*key))); + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_pubkey(p, start, key)); } else #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { - size_t buffer_size; - mbedtls_svc_key_id_t *key_id = (mbedtls_svc_key_id_t *) key->pk_ctx; - - if (*p < start) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - buffer_size = (size_t) (*p - start); - if (psa_export_public_key(*key_id, start, buffer_size, &len) - != PSA_SUCCESS) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } else { - *p -= len; - memmove(*p, start, len); - } + MBEDTLS_ASN1_CHK_ADD(len, pk_write_opaque_pubkey(p, start, key)); } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; @@ -213,9 +373,13 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *c; - size_t len = 0, par_len = 0, oid_len; + int has_par = 1; + size_t len = 0, par_len = 0, oid_len = 0; mbedtls_pk_type_t pk_type; - const char *oid; +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + mbedtls_ecp_group_id ec_grp_id = MBEDTLS_ECP_DP_NONE; +#endif + const char *oid = NULL; if (size == 0) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; @@ -241,63 +405,58 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); pk_type = mbedtls_pk_get_type(key); -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_type == MBEDTLS_PK_ECKEY) { - MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, mbedtls_pk_ec(*key))); + ec_grp_id = mbedtls_pk_get_group_id(key); } -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_USE_PSA_CRYPTO) if (pk_type == MBEDTLS_PK_OPAQUE) { - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t key_type; - mbedtls_svc_key_id_t key_id; - psa_ecc_family_t curve; - size_t bits; - - key_id = *((mbedtls_svc_key_id_t *) key->pk_ctx); - if (PSA_SUCCESS != psa_get_key_attributes(key_id, &attributes)) { - return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; - } - key_type = psa_get_key_type(&attributes); - bits = psa_get_key_bits(&attributes); - psa_reset_key_attributes(&attributes); - - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(key_type)) { - curve = PSA_KEY_TYPE_ECC_GET_FAMILY(key_type); - if (curve == 0) { - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - } - - ret = mbedtls_psa_get_ecc_oid_from_id(curve, bits, - &oid, &oid_len); - if (ret != 0) { - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - } - - /* Write EC algorithm parameters; that's akin - * to pk_write_ec_param() above. */ - MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_oid(&c, buf, - oid, - oid_len)); - - /* The rest of the function works as for legacy EC contexts. */ + psa_key_type_t opaque_key_type = pk_get_opaque_key_type(key); +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + if (PSA_KEY_TYPE_IS_ECC(opaque_key_type)) { pk_type = MBEDTLS_PK_ECKEY; - } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { + ec_grp_id = mbedtls_pk_get_group_id(key); + } else +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) { /* The rest of the function works as for legacy RSA contexts. */ pk_type = MBEDTLS_PK_RSA; - } else { - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } } + /* `pk_type` will have been changed to non-opaque by here if this function can handle it */ + if (pk_type == MBEDTLS_PK_OPAQUE) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, - &oid_len)) != 0) { - return ret; +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + if (pk_type == MBEDTLS_PK_ECKEY) { + /* Some groups have their own AlgorithmIdentifier OID, others are handled + * by mbedtls_oid_get_oid_by_pk_alg() below */ + ret = mbedtls_oid_get_oid_by_ec_grp_algid(ec_grp_id, &oid, &oid_len); + + if (ret == 0) { + /* Currently, none of the supported algorithms that have their own + * AlgorithmIdentifier OID have any parameters */ + has_par = 0; + } else if (ret == MBEDTLS_ERR_OID_NOT_FOUND) { + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec_grp_id)); + } else { + return ret; + } + } +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + + if (oid_len == 0) { + if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, + &oid_len)) != 0) { + return ret; + } } - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(&c, buf, oid, oid_len, - par_len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier_ext(&c, buf, oid, oid_len, + par_len, has_par)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | @@ -306,22 +465,140 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu return (int) len; } -int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +/* + * RFC8410 section 7 + * + * OneAsymmetricKey ::= SEQUENCE { + * version Version, + * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, + * privateKey PrivateKey, + * attributes [0] IMPLICIT Attributes OPTIONAL, + * ..., + * [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]], + * ... + * } + * ... + * CurvePrivateKey ::= OCTET STRING + */ +static int pk_write_ec_rfc8410_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char *c; size_t len = 0; + size_t oid_len = 0; + const char *oid; + mbedtls_ecp_group_id grp_id; - if (size == 0) { + /* privateKey */ + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_OCTET_STRING)); + + grp_id = mbedtls_pk_get_group_id(pk); + /* privateKeyAlgorithm */ + if ((ret = mbedtls_oid_get_oid_by_ec_grp_algid(grp_id, &oid, &oid_len)) != 0) { + return ret; + } + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_algorithm_identifier_ext(p, buf, oid, oid_len, 0, 0)); + + /* version */ + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + +/* + * RFC 5915, or SEC1 Appendix C.4 + * + * ECPrivateKey ::= SEQUENCE { + * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), + * privateKey OCTET STRING, + * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, + * publicKey [1] BIT STRING OPTIONAL + * } + */ +static int pk_write_ec_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) +{ + size_t len = 0; + int ret; + size_t pub_len = 0, par_len = 0; + mbedtls_ecp_group_id grp_id; + + /* publicKey */ + MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(p, buf, pk)); + + if (*p - buf < 1) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; } + (*p)--; + **p = 0; + pub_len += 1; - c = buf + size; + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_BIT_STRING)); + + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 1)); + len += pub_len; + + /* parameters */ + grp_id = mbedtls_pk_get_group_id(pk); + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(p, buf, grp_id)); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(p, buf, par_len)); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0)); + len += par_len; + + /* privateKey */ + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk)); + + /* version */ + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 1)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_RSA_C) - if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { +static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) +{ + size_t len = 0; + int ret; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; + size_t tmp_len = 0; + + if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + *p -= tmp_len; + memcpy(*p, tmp, tmp_len); + len += tmp_len; + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + } else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + { mbedtls_mpi T; /* Temporary holding the exported parameters */ - mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*key); + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); /* * Export the parameters one after another to avoid simultaneous copies. @@ -331,21 +608,21 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, /* Export QP */ if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; /* Export DQ */ if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; /* Export DP */ if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; @@ -353,7 +630,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, /* Export Q */ if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; @@ -361,7 +638,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, /* Export P */ if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; @@ -369,7 +646,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, /* Export D */ if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; @@ -377,7 +654,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, /* Export E */ if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; @@ -385,7 +662,7 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, /* Export N */ if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(&c, buf, &T)) < 0) { + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { goto end_of_export; } len += ret; @@ -397,71 +674,65 @@ end_of_export: return ret; } - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 0)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); - } else -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) - if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { - mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*key); - size_t pub_len = 0, par_len = 0; - - /* - * RFC 5915, or SEC1 Appendix C.4 - * - * ECPrivateKey ::= SEQUENCE { - * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), - * privateKey OCTET STRING, - * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, - * publicKey [1] BIT STRING OPTIONAL - * } - */ - - /* publicKey */ - MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(&c, buf, ec)); - - if (c - buf < 1) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - *--c = 0; - pub_len += 1; - - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len)); - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); - - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(&c, buf, pub_len)); - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(&c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 1)); - len += pub_len; - - /* parameters */ - MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec)); - - MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(&c, buf, par_len)); - MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(&c, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 0)); - len += par_len; - - /* privateKey */ - MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(&c, buf, ec)); - - /* version */ - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(&c, buf, 1)); - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - } else -#endif /* MBEDTLS_ECP_C */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } return (int) len; } +#endif /* MBEDTLS_RSA_C */ + +int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size) +{ + unsigned char *c; +#if defined(MBEDTLS_RSA_C) + int is_rsa_opaque = 0; +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + int is_ec_opaque = 0; +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_type_t opaque_key_type; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (size == 0) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + c = buf + size; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { + opaque_key_type = pk_get_opaque_key_type(key); +#if defined(MBEDTLS_RSA_C) + is_rsa_opaque = PSA_KEY_TYPE_IS_RSA(opaque_key_type); +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + is_ec_opaque = PSA_KEY_TYPE_IS_ECC(opaque_key_type); +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_RSA_C) + if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) || is_rsa_opaque) { + return pk_write_rsa_der(&c, buf, key); + } else +#endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) || is_ec_opaque) { +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + if (mbedtls_pk_is_rfc8410(key)) { + return pk_write_ec_rfc8410_der(&c, buf, key); + } +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + return pk_write_ec_der(&c, buf, key); + } else +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +} #if defined(MBEDTLS_PEM_WRITE_C) @@ -472,6 +743,8 @@ end_of_export: #define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n" #define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n" #define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n" +#define PEM_BEGIN_PRIVATE_KEY_PKCS8 "-----BEGIN PRIVATE KEY-----\n" +#define PEM_END_PRIVATE_KEY_PKCS8 "-----END PRIVATE KEY-----\n" #define PUB_DER_MAX_BYTES \ (MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES > MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES ? \ @@ -483,55 +756,109 @@ end_of_export: int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char output_buf[PUB_DER_MAX_BYTES]; + unsigned char *output_buf = NULL; + output_buf = mbedtls_calloc(1, PUB_DER_MAX_BYTES); + if (output_buf == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } size_t olen = 0; if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, - sizeof(output_buf))) < 0) { - return ret; + PUB_DER_MAX_BYTES)) < 0) { + goto cleanup; } if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, - output_buf + sizeof(output_buf) - ret, + output_buf + PUB_DER_MAX_BYTES - ret, ret, buf, size, &olen)) != 0) { - return ret; + goto cleanup; } - return 0; + ret = 0; +cleanup: + mbedtls_free(output_buf); + return ret; } int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char output_buf[PRV_DER_MAX_BYTES]; + unsigned char *output_buf = NULL; + output_buf = mbedtls_calloc(1, PRV_DER_MAX_BYTES); + if (output_buf == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } const char *begin, *end; size_t olen = 0; +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + int is_ec_opaque = 0; +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + int is_montgomery_opaque = 0; +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ +#if defined(MBEDTLS_RSA_C) + int is_rsa_opaque = 0; +#endif - if ((ret = mbedtls_pk_write_key_der(key, output_buf, sizeof(output_buf))) < 0) { - return ret; + if ((ret = mbedtls_pk_write_key_der(key, output_buf, PRV_DER_MAX_BYTES)) < 0) { + goto cleanup; } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { + psa_key_type_t opaque_key_type = pk_get_opaque_key_type(key); + #if defined(MBEDTLS_RSA_C) - if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { + is_rsa_opaque = PSA_KEY_TYPE_IS_RSA(opaque_key_type); +#endif +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + is_ec_opaque = PSA_KEY_TYPE_IS_ECC(opaque_key_type); +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + if (pk_get_opaque_ec_family(key) == PSA_ECC_FAMILY_MONTGOMERY) { + is_montgomery_opaque = 1; + } +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_RSA_C) + if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) || is_rsa_opaque) { begin = PEM_BEGIN_PRIVATE_KEY_RSA; end = PEM_END_PRIVATE_KEY_RSA; } else #endif -#if defined(MBEDTLS_ECP_C) - if (mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) { - begin = PEM_BEGIN_PRIVATE_KEY_EC; - end = PEM_END_PRIVATE_KEY_EC; +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) || is_ec_opaque) { +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) + if (is_montgomery_opaque || + ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) && + (mbedtls_pk_is_rfc8410(key)))) { + begin = PEM_BEGIN_PRIVATE_KEY_PKCS8; + end = PEM_END_PRIVATE_KEY_PKCS8; + } else +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + { + begin = PEM_BEGIN_PRIVATE_KEY_EC; + end = PEM_END_PRIVATE_KEY_EC; + } } else -#endif - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - - if ((ret = mbedtls_pem_write_buffer(begin, end, - output_buf + sizeof(output_buf) - ret, - ret, buf, size, &olen)) != 0) { - return ret; +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + { + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + goto cleanup; } - return 0; + if ((ret = mbedtls_pem_write_buffer(begin, end, + output_buf + PRV_DER_MAX_BYTES - ret, + ret, buf, size, &olen)) != 0) { + goto cleanup; + } + + ret = 0; +cleanup: + mbedtls_zeroize_and_free(output_buf, PRV_DER_MAX_BYTES); + return ret; } #endif /* MBEDTLS_PEM_WRITE_C */ diff --git a/library/pkwrite.h b/library/pkwrite.h index 8aebd0c24..8cfa64b8e 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -27,6 +27,10 @@ #include "mbedtls/pk.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * Max sizes of key per types. Shown as tag + len (+ content). */ @@ -73,7 +77,20 @@ #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + +/* Find the maximum number of bytes necessary to store an EC point. When USE_PSA + * is defined this means looking for the maximum between PSA and built-in + * supported curves. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define MBEDTLS_PK_MAX_ECC_BYTES (PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) > \ + MBEDTLS_ECP_MAX_BYTES ? \ + PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS) : \ + MBEDTLS_ECP_MAX_BYTES) +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#define MBEDTLS_PK_MAX_ECC_BYTES MBEDTLS_ECP_MAX_BYTES +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * EC public keys: * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2 @@ -85,7 +102,7 @@ * + 2 * ECP_MAX (coords) [1] * } */ -#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES) +#define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_PK_MAX_ECC_BYTES) /* * EC private keys: @@ -96,13 +113,12 @@ * publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above * } */ -#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_ECP_MAX_BYTES) +#define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES (29 + 3 * MBEDTLS_PK_MAX_ECC_BYTES) -#else /* MBEDTLS_ECP_C */ +#else /* MBEDTLS_PK_HAVE_ECC_KEYS */ #define MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES 0 #define MBEDTLS_PK_ECP_PRV_DER_MAX_BYTES 0 -#endif /* MBEDTLS_ECP_C */ - +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #endif /* MBEDTLS_PK_WRITE_H */ diff --git a/library/platform_util.c b/library/platform_util.c index f935b900e..09216edfb 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -20,12 +20,18 @@ /* * Ensure gmtime_r is available even with -std=c99; must be defined before - * mbedtls_config.h, which pulls in glibc's features.h. Harmless on other platforms. + * mbedtls_config.h, which pulls in glibc's features.h. Harmless on other platforms + * except OpenBSD, where it stops us accessing explicit_bzero. */ -#if !defined(_POSIX_C_SOURCE) +#if !defined(_POSIX_C_SOURCE) && !defined(__OpenBSD__) #define _POSIX_C_SOURCE 200112L #endif +#if !defined(_GNU_SOURCE) +/* Clang requires this to get support for explicit_bzero */ +#define _GNU_SOURCE +#endif + #include "common.h" #include "mbedtls/platform_util.h" @@ -33,11 +39,40 @@ #include "mbedtls/threading.h" #include + +#ifndef __STDC_WANT_LIB_EXT1__ +#define __STDC_WANT_LIB_EXT1__ 1 /* Ask for the C11 gmtime_s() and memset_s() if available */ +#endif #include +#if defined(_WIN32) +#include +#endif + +// Detect platforms known to support explicit_bzero() +#if defined(__GLIBC__) && (__GLIBC__ >= 2) && (__GLIBC_MINOR__ >= 25) +#define MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO 1 +#elif (defined(__FreeBSD__) && (__FreeBSD_version >= 1100037)) || defined(__OpenBSD__) +#define MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO 1 +#endif + #if !defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) + +#undef HAVE_MEMORY_SANITIZER +#if defined(__has_feature) +#if __has_feature(memory_sanitizer) +#include +#define HAVE_MEMORY_SANITIZER +#endif +#endif + /* - * This implementation should never be optimized out by the compiler + * Where possible, we try to detect the presence of a platform-provided + * secure memset, such as explicit_bzero(), that is safe against being optimized + * out, and use that. + * + * For other platforms, we provide an implementation that aims not to be + * optimized out by the compiler. * * This implementation for mbedtls_platform_zeroize() was inspired from Colin * Percival's blog article at: @@ -52,30 +87,79 @@ * (refer to http://www.daemonology.net/blog/2014-09-05-erratum.html for * details), optimizations of the following form are still possible: * - * if( memset_func != memset ) - * memset_func( buf, 0, len ); + * if (memset_func != memset) + * memset_func(buf, 0, len); * * Note that it is extremely difficult to guarantee that - * mbedtls_platform_zeroize() will not be optimized out by aggressive compilers + * the memset() call will not be optimized out by aggressive compilers * in a portable way. For this reason, Mbed TLS also provides the configuration * option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure * mbedtls_platform_zeroize() to use a suitable implementation for their * platform and needs. */ +#if !defined(MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO) && !(defined(__STDC_LIB_EXT1__) && \ + !defined(__IAR_SYSTEMS_ICC__)) \ + && !defined(_WIN32) static void *(*const volatile memset_func)(void *, int, size_t) = memset; +#endif void mbedtls_platform_zeroize(void *buf, size_t len) { MBEDTLS_INTERNAL_VALIDATE(len == 0 || buf != NULL); if (len > 0) { +#if defined(MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO) + explicit_bzero(buf, len); +#if defined(HAVE_MEMORY_SANITIZER) + /* You'd think that Msan would recognize explicit_bzero() as + * equivalent to bzero(), but it actually doesn't on several + * platforms, including Linux (Ubuntu 20.04). + * https://github.com/google/sanitizers/issues/1507 + * https://github.com/openssh/openssh-portable/commit/74433a19bb6f4cef607680fa4d1d7d81ca3826aa + */ + __msan_unpoison(buf, len); +#endif +#elif defined(__STDC_LIB_EXT1__) && !defined(__IAR_SYSTEMS_ICC__) + memset_s(buf, len, 0, len); +#elif defined(_WIN32) + SecureZeroMemory(buf, len); +#else memset_func(buf, 0, len); +#endif + +#if defined(__GNUC__) + /* For clang and recent gcc, pretend that we have some assembly that reads the + * zero'd memory as an additional protection against being optimised away. */ +#if defined(__clang__) || (__GNUC__ >= 10) +#if defined(__clang__) +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wvla" +#elif defined(MBEDTLS_COMPILER_IS_GCC) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wvla" +#endif + asm volatile ("" : : "m" (*(char (*)[len]) buf) :); +#if defined(__clang__) +#pragma clang diagnostic pop +#elif defined(MBEDTLS_COMPILER_IS_GCC) +#pragma GCC diagnostic pop +#endif +#endif +#endif } } #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ +void mbedtls_zeroize_and_free(void *buf, size_t len) +{ + if (buf != NULL) { + mbedtls_platform_zeroize(buf, len); + } + + mbedtls_free(buf); +} + #if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) -#define __STDC_WANT_LIB_EXT1__ 1 /* Ask for the C11 gmtime_s() if it's available */ #include #if !defined(_WIN32) && (defined(unix) || \ defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \ @@ -165,3 +249,49 @@ extern inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x); extern inline uint64_t mbedtls_get_unaligned_uint64(const void *p); extern inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x); + +#if defined(MBEDTLS_HAVE_TIME) && !defined(MBEDTLS_PLATFORM_MS_TIME_ALT) + +#include +#if !defined(_WIN32) && \ + (defined(unix) || defined(__unix) || defined(__unix__) || \ + (defined(__APPLE__) && defined(__MACH__))) +#include +#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__)) */ +#if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L) +mbedtls_ms_time_t mbedtls_ms_time(void) +{ + int ret; + struct timespec tv; + mbedtls_ms_time_t current_ms; + +#if defined(__linux__) + ret = clock_gettime(CLOCK_BOOTTIME, &tv); +#else + ret = clock_gettime(CLOCK_MONOTONIC, &tv); +#endif + if (ret) { + return time(NULL) * 1000; + } + + current_ms = tv.tv_sec; + + return current_ms*1000 + tv.tv_nsec / 1000000; +} +#elif defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \ + defined(__MINGW32__) || defined(_WIN64) +#include +mbedtls_ms_time_t mbedtls_ms_time(void) +{ + FILETIME ct; + mbedtls_ms_time_t current_ms; + + GetSystemTimeAsFileTime(&ct); + current_ms = ((mbedtls_ms_time_t) ct.dwLowDateTime + + ((mbedtls_ms_time_t) (ct.dwHighDateTime) << 32LL))/10000; + return current_ms; +} +#else +#error "No mbedtls_ms_time available" +#endif +#endif /* MBEDTLS_HAVE_TIME && !MBEDTLS_PLATFORM_MS_TIME_ALT */ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0a8949fda..1faf1dd6c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -19,6 +19,7 @@ */ #include "common.h" +#include "psa_crypto_core_common.h" #if defined(MBEDTLS_PSA_CRYPTO_C) @@ -33,7 +34,9 @@ #include "psa_crypto_core.h" #include "psa_crypto_invasive.h" #include "psa_crypto_driver_wrappers.h" +#include "psa_crypto_driver_wrappers_no_static.h" #include "psa_crypto_ecp.h" +#include "psa_crypto_ffdh.h" #include "psa_crypto_hash.h" #include "psa_crypto_mac.h" #include "psa_crypto_rsa.h" @@ -48,7 +51,6 @@ #include "psa_crypto_random_impl.h" -#include #include #include #include "mbedtls/platform.h" @@ -63,6 +65,7 @@ #include "mbedtls/cipher.h" #include "mbedtls/ccm.h" #include "mbedtls/cmac.h" +#include "mbedtls/constant_time.h" #include "mbedtls/des.h" #include "mbedtls/ecdh.h" #include "mbedtls/ecp.h" @@ -71,7 +74,6 @@ #include "mbedtls/gcm.h" #include "mbedtls/md5.h" #include "mbedtls/md.h" -#include "md_wrap.h" #include "mbedtls/pk.h" #include "pk_wrap.h" #include "mbedtls/platform_util.h" @@ -81,8 +83,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" - -#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array))) +#include "md_psa.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ @@ -105,8 +106,9 @@ static int key_type_is_raw_bytes(psa_key_type_t type) #define RNG_SEEDED 2 typedef struct { - unsigned initialized : 1; - unsigned rng_state : 2; + uint8_t initialized; + uint8_t rng_state; + uint8_t drivers_initialized; mbedtls_psa_random_context_t rng; } psa_global_data_t; @@ -121,6 +123,27 @@ mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state = if (global_data.initialized == 0) \ return PSA_ERROR_BAD_STATE; +int psa_can_do_hash(psa_algorithm_t hash_alg) +{ + (void) hash_alg; + return global_data.drivers_initialized; +} +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) || \ + defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) +static int psa_is_dh_key_size_valid(size_t bits) +{ + if (bits != 2048 && bits != 3072 && bits != 4096 && + bits != 6144 && bits != 8192) { + return 0; + } + + return 1; +} +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT || + MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY || + PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */ + psa_status_t mbedtls_to_psa_error(int ret) { /* Mbed TLS error codes can combine a high-level error code and a @@ -131,9 +154,15 @@ psa_status_t mbedtls_to_psa_error(int ret) case 0: return PSA_SUCCESS; +#if defined(MBEDTLS_AES_C) case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: return PSA_ERROR_NOT_SUPPORTED; + case MBEDTLS_ERR_AES_BAD_INPUT_DATA: + return PSA_ERROR_INVALID_ARGUMENT; +#endif + +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_ASN1_WRITE_C) case MBEDTLS_ERR_ASN1_OUT_OF_DATA: case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG: case MBEDTLS_ERR_ASN1_INVALID_LENGTH: @@ -144,26 +173,34 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL: return PSA_ERROR_BUFFER_TOO_SMALL; - -#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA) - case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: #endif + +#if defined(MBEDTLS_CAMELLIA_C) + case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA: case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH: return PSA_ERROR_NOT_SUPPORTED; +#endif +#if defined(MBEDTLS_CCM_C) case MBEDTLS_ERR_CCM_BAD_INPUT: return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_CCM_AUTH_FAILED: return PSA_ERROR_INVALID_SIGNATURE; +#endif +#if defined(MBEDTLS_CHACHA20_C) case MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; +#endif +#if defined(MBEDTLS_CHACHAPOLY_C) case MBEDTLS_ERR_CHACHAPOLY_BAD_STATE: return PSA_ERROR_BAD_STATE; case MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED: return PSA_ERROR_INVALID_SIGNATURE; +#endif +#if defined(MBEDTLS_CIPHER_C) case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE: return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA: @@ -178,6 +215,7 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT: return PSA_ERROR_CORRUPTION_DETECTED; +#endif #if !(defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) || \ defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE)) @@ -192,20 +230,24 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_INSUFFICIENT_ENTROPY; #endif +#if defined(MBEDTLS_DES_C) case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH: return PSA_ERROR_NOT_SUPPORTED; +#endif case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED: case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE: case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED: return PSA_ERROR_INSUFFICIENT_ENTROPY; +#if defined(MBEDTLS_GCM_C) case MBEDTLS_ERR_GCM_AUTH_FAILED: return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL: return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_GCM_BAD_INPUT: return PSA_ERROR_INVALID_ARGUMENT; +#endif #if !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) @@ -220,17 +262,24 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_INSUFFICIENT_ENTROPY; #endif +#if defined(MBEDTLS_MD_LIGHT) case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE: return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_MD_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MD_ALLOC_FAILED: return PSA_ERROR_INSUFFICIENT_MEMORY; +#if defined(MBEDTLS_FS_IO) case MBEDTLS_ERR_MD_FILE_IO_ERROR: return PSA_ERROR_STORAGE_FAILURE; +#endif +#endif +#if defined(MBEDTLS_BIGNUM_C) +#if defined(MBEDTLS_FS_IO) case MBEDTLS_ERR_MPI_FILE_IO_ERROR: return PSA_ERROR_STORAGE_FAILURE; +#endif case MBEDTLS_ERR_MPI_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_INVALID_CHARACTER: @@ -245,14 +294,19 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_MPI_ALLOC_FAILED: return PSA_ERROR_INSUFFICIENT_MEMORY; +#endif +#if defined(MBEDTLS_PK_C) case MBEDTLS_ERR_PK_ALLOC_FAILED: return PSA_ERROR_INSUFFICIENT_MEMORY; case MBEDTLS_ERR_PK_TYPE_MISMATCH: case MBEDTLS_ERR_PK_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) || defined(MBEDTLS_FS_IO) || \ + defined(MBEDTLS_PSA_ITS_FILE_C) case MBEDTLS_ERR_PK_FILE_IO_ERROR: return PSA_ERROR_STORAGE_FAILURE; +#endif case MBEDTLS_ERR_PK_KEY_INVALID_VERSION: case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT: return PSA_ERROR_INVALID_ARGUMENT; @@ -271,12 +325,14 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_INVALID_SIGNATURE; case MBEDTLS_ERR_PK_BUFFER_TOO_SMALL: return PSA_ERROR_BUFFER_TOO_SMALL; +#endif case MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED: return PSA_ERROR_HARDWARE_FAILURE; case MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED: return PSA_ERROR_NOT_SUPPORTED; +#if defined(MBEDTLS_RSA_C) case MBEDTLS_ERR_RSA_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; case MBEDTLS_ERR_RSA_INVALID_PADDING: @@ -294,7 +350,9 @@ psa_status_t mbedtls_to_psa_error(int ret) return PSA_ERROR_BUFFER_TOO_SMALL; case MBEDTLS_ERR_RSA_RNG_FAILED: return PSA_ERROR_INSUFFICIENT_ENTROPY; +#endif +#if defined(MBEDTLS_ECP_LIGHT) case MBEDTLS_ERR_ECP_BAD_INPUT_DATA: case MBEDTLS_ERR_ECP_INVALID_KEY: return PSA_ERROR_INVALID_ARGUMENT; @@ -310,6 +368,12 @@ psa_status_t mbedtls_to_psa_error(int ret) case MBEDTLS_ERR_ECP_RANDOM_FAILED: return PSA_ERROR_INSUFFICIENT_ENTROPY; +#if defined(MBEDTLS_ECP_RESTARTABLE) + case MBEDTLS_ERR_ECP_IN_PROGRESS: + return PSA_OPERATION_INCOMPLETE; +#endif +#endif + case MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED: return PSA_ERROR_CORRUPTION_DETECTED; @@ -318,6 +382,44 @@ psa_status_t mbedtls_to_psa_error(int ret) } } +/** + * \brief For output buffers which contain "tags" + * (outputs that may be checked for validity like + * hashes, MACs and signatures), fill the unused + * part of the output buffer (the whole buffer on + * error, the trailing part on success) with + * something that isn't a valid tag (barring an + * attack on the tag and deliberately-crafted + * input), in case the caller doesn't check the + * return status properly. + * + * \param output_buffer Pointer to buffer to wipe. May not be NULL + * unless \p output_buffer_size is zero. + * \param status Status of function called to generate + * output_buffer originally + * \param output_buffer_size Size of output buffer. If zero, \p output_buffer + * could be NULL. + * \param output_buffer_length Length of data written to output_buffer, must be + * less than \p output_buffer_size + */ +static void psa_wipe_tag_output_buffer(uint8_t *output_buffer, psa_status_t status, + size_t output_buffer_size, size_t output_buffer_length) +{ + size_t offset = 0; + + if (output_buffer_size == 0) { + /* If output_buffer_size is 0 then we have nothing to do. We must not + call memset because output_buffer may be NULL in this case */ + return; + } + + if (status == PSA_SUCCESS) { + offset = output_buffer_length; + } + + memset(output_buffer + offset, '!', output_buffer_size - offset); +} + @@ -325,11 +427,82 @@ psa_status_t mbedtls_to_psa_error(int ret) /* Key management */ /****************************************************************/ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits) +{ + switch (grpid) { +#if defined(MBEDTLS_ECP_HAVE_SECP192R1) + case MBEDTLS_ECP_DP_SECP192R1: + *bits = 192; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP224R1) + case MBEDTLS_ECP_DP_SECP224R1: + *bits = 224; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) + case MBEDTLS_ECP_DP_SECP256R1: + *bits = 256; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) + case MBEDTLS_ECP_DP_SECP384R1: + *bits = 384; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP521R1) + case MBEDTLS_ECP_DP_SECP521R1: + *bits = 521; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_BP256R1) + case MBEDTLS_ECP_DP_BP256R1: + *bits = 256; + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_BP384R1) + case MBEDTLS_ECP_DP_BP384R1: + *bits = 384; + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_BP512R1) + case MBEDTLS_ECP_DP_BP512R1: + *bits = 512; + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) + case MBEDTLS_ECP_DP_CURVE25519: + *bits = 255; + return PSA_ECC_FAMILY_MONTGOMERY; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP192K1) + case MBEDTLS_ECP_DP_SECP192K1: + *bits = 192; + return PSA_ECC_FAMILY_SECP_K1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP224K1) + case MBEDTLS_ECP_DP_SECP224K1: + *bits = 224; + return PSA_ECC_FAMILY_SECP_K1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP256K1) + case MBEDTLS_ECP_DP_SECP256K1: + *bits = 256; + return PSA_ECC_FAMILY_SECP_K1; +#endif +#if defined(MBEDTLS_ECP_HAVE_CURVE448) + case MBEDTLS_ECP_DP_CURVE448: + *bits = 448; + return PSA_ECC_FAMILY_MONTGOMERY; +#endif + default: + *bits = 0; + return 0; + } +} + mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, size_t bits, int bits_is_sloppy) @@ -421,11 +594,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, (void) bits_is_sloppy; return MBEDTLS_ECP_DP_NONE; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ psa_status_t psa_validate_unstructured_key_bit_size(psa_key_type_t type, size_t bits) @@ -583,7 +752,21 @@ psa_status_t psa_import_key_into_slot( return PSA_SUCCESS; } else if (PSA_KEY_TYPE_IS_ASYMMETRIC(type)) { -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) + if (PSA_KEY_TYPE_IS_DH(type)) { + if (psa_is_dh_key_size_valid(PSA_BYTES_TO_BITS(data_length)) == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + return mbedtls_psa_ffdh_import_key(attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, + bits); + } +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) */ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) if (PSA_KEY_TYPE_IS_ECC(type)) { return mbedtls_psa_ecp_import_key(attributes, @@ -592,9 +775,10 @@ psa_status_t psa_import_key_into_slot( key_buffer_length, bits); } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) if (PSA_KEY_TYPE_IS_RSA(type)) { return mbedtls_psa_rsa_import_key(attributes, @@ -603,7 +787,8 @@ psa_status_t psa_import_key_into_slot( key_buffer_length, bits); } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || +#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ } @@ -874,14 +1059,27 @@ static psa_status_t psa_restrict_key_policy( return PSA_SUCCESS; } -psa_status_t psa_get_and_lock_key_slot_with_policy( +/** Get the description of a key given its identifier and policy constraints + * and lock it. + * + * The key must have allow all the usage flags set in \p usage. If \p alg is + * nonzero, the key must allow operations with this algorithm. If \p alg is + * zero, the algorithm is not checked. + * + * In case of a persistent key, the function loads the description of the key + * into a key slot if not already done. + * + * On success, the returned key slot is locked. It is the responsibility of + * the caller to unlock the key slot when it does not access it anymore. + */ +static psa_status_t psa_get_and_lock_key_slot_with_policy( mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot, psa_key_usage_t usage, psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_slot_t *slot; + psa_key_slot_t *slot = NULL; status = psa_get_and_lock_key_slot(key, p_slot); if (status != PSA_SUCCESS) { @@ -957,13 +1155,10 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot) { - /* Data pointer will always be either a valid pointer or NULL in an - * initialized slot, so we can just free it. */ if (slot->key.data != NULL) { - mbedtls_platform_zeroize(slot->key.data, slot->key.bytes); + mbedtls_zeroize_and_free(slot->key.data, slot->key.bytes); } - mbedtls_free(slot->key.data); slot->key.data = NULL; slot->key.bytes = 0; @@ -1118,7 +1313,7 @@ exit: return overall_status; } -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) static psa_status_t psa_get_rsa_public_exponent( const mbedtls_rsa_context *rsa, @@ -1160,7 +1355,7 @@ exit: } return mbedtls_to_psa_error(ret); } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ /** Retrieve all the publicly-accessible attributes of a key. @@ -1191,7 +1386,8 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ switch (slot->attr.type) { -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: @@ -1217,7 +1413,8 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, mbedtls_free(rsa); } break; -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || +#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ default: /* Nothing else to do. */ @@ -1272,7 +1469,8 @@ psa_status_t psa_export_key_internal( if (key_type_is_raw_bytes(type) || PSA_KEY_TYPE_IS_RSA(type) || - PSA_KEY_TYPE_IS_ECC(type)) { + PSA_KEY_TYPE_IS_ECC(type) || + PSA_KEY_TYPE_IS_DH(type)) { return psa_export_key_buffer_internal( key_buffer, key_buffer_size, data, data_size, data_length); @@ -1338,47 +1536,59 @@ psa_status_t psa_export_public_key_internal( { psa_key_type_t type = attributes->core.type; - if (PSA_KEY_TYPE_IS_RSA(type) || PSA_KEY_TYPE_IS_ECC(type)) { - if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { - /* Exporting public -> public */ - return psa_export_key_buffer_internal( - key_buffer, key_buffer_size, - data, data_size, data_length); - } - - if (PSA_KEY_TYPE_IS_RSA(type)) { -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - return mbedtls_psa_rsa_export_public_key(attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length); + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && + (PSA_KEY_TYPE_IS_RSA(type) || PSA_KEY_TYPE_IS_ECC(type) || + PSA_KEY_TYPE_IS_DH(type))) { + /* Exporting public -> public */ + return psa_export_key_buffer_internal( + key_buffer, key_buffer_size, + data, data_size, data_length); + } else if (PSA_KEY_TYPE_IS_RSA(type)) { +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_rsa_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #else - /* We don't know how to convert a private RSA key to public. */ - return PSA_ERROR_NOT_SUPPORTED; -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || + /* We don't know how to convert a private RSA key to public. */ + return PSA_ERROR_NOT_SUPPORTED; +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ - } else { -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) - return mbedtls_psa_ecp_export_public_key(attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length); + } else if (PSA_KEY_TYPE_IS_ECC(type)) { +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) + return mbedtls_psa_ecp_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length); #else - /* We don't know how to convert a private ECC key to public */ - return PSA_ERROR_NOT_SUPPORTED; -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || + /* We don't know how to convert a private ECC key to public */ + return PSA_ERROR_NOT_SUPPORTED; +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ - } + } else if (PSA_KEY_TYPE_IS_DH(type)) { +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) + return mbedtls_psa_ffdh_export_public_key(attributes, + key_buffer, + key_buffer_size, + data, data_size, + data_length); +#else + return PSA_ERROR_NOT_SUPPORTED; +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) */ } else { - /* This shouldn't happen in the reference implementation, but - it is valid for a special-purpose implementation to omit - support for exporting certain key types. */ + (void) key_buffer; + (void) key_buffer_size; + (void) data; + (void) data_size; + (void) data_length; return PSA_ERROR_NOT_SUPPORTED; } } @@ -1391,6 +1601,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; + psa_key_attributes_t attributes; /* Reject a zero-length output buffer now, since this can never be a * valid key representation. This way we know that data must be a valid @@ -1416,7 +1627,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; status = psa_driver_wrapper_export_public_key( @@ -1429,14 +1640,15 @@ exit: return (status == PSA_SUCCESS) ? unlock_status : status; } -#if defined(static_assert) -static_assert((MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, - "One or more key attribute flag is listed as both external-only and dual-use"); -static_assert((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, - "One or more key attribute flag is listed as both internal-only and dual-use"); -static_assert((PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY) == 0, - "One or more key attribute flag is listed as both internal-only and external-only"); -#endif +MBEDTLS_STATIC_ASSERT( + (MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, + "One or more key attribute flag is listed as both external-only and dual-use") +MBEDTLS_STATIC_ASSERT( + (PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE) == 0, + "One or more key attribute flag is listed as both internal-only and dual-use") +MBEDTLS_STATIC_ASSERT( + (PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY) == 0, + "One or more key attribute flag is listed as both internal-only and external-only") /** Validate that a key policy is internally well-formed. * @@ -1673,12 +1885,12 @@ static psa_status_t psa_start_key_creation( * * \retval #PSA_SUCCESS * The key was successfully created. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription * * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. @@ -1700,11 +1912,10 @@ static psa_status_t psa_finish_key_creation( psa_key_slot_number_t slot_number = psa_key_slot_get_slot_number(slot); -#if defined(static_assert) - static_assert(sizeof(slot_number) == - sizeof(data.slot_number), - "Slot number size does not match psa_se_key_data_storage_t"); -#endif + MBEDTLS_STATIC_ASSERT(sizeof(slot_number) == + sizeof(data.slot_number), + "Slot number size does not match psa_se_key_data_storage_t"); + memcpy(&data.slot_number, &slot_number, sizeof(slot_number)); status = psa_save_persistent_key(&slot->attr, (uint8_t *) &data, @@ -1810,7 +2021,8 @@ static psa_status_t psa_validate_optional_attributes( } if (attributes->domain_parameters_size != 0) { -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) if (PSA_KEY_TYPE_IS_RSA(slot->attr.type)) { mbedtls_rsa_context *rsa = NULL; @@ -1851,7 +2063,8 @@ rsa_exit: return mbedtls_to_psa_error(ret); } } else -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || +#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ { return PSA_ERROR_INVALID_ARGUMENT; @@ -2209,7 +2422,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation, goto exit; } - if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) { + if (mbedtls_ct_memcmp(hash, actual_hash, actual_hash_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; } @@ -2258,7 +2471,7 @@ psa_status_t psa_hash_compare(psa_algorithm_t alg, status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if (mbedtls_psa_safer_memcmp(hash, actual_hash, actual_hash_length) != 0) { + if (mbedtls_ct_memcmp(hash, actual_hash, actual_hash_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; } @@ -2365,6 +2578,7 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; + psa_key_attributes_t attributes; /* A context must be freshly initialized before it can be set up. */ if (operation->id != 0) { @@ -2381,7 +2595,7 @@ static psa_status_t psa_mac_setup(psa_mac_operation_t *operation, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -2500,10 +2714,7 @@ exit: operation->mac_size = 0; } - if (mac_size > operation->mac_size) { - memset(&mac[operation->mac_size], '!', - mac_size - operation->mac_size); - } + psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length); abort_status = psa_mac_abort(operation); @@ -2554,6 +2765,7 @@ static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; uint8_t operation_mac_size = 0; + psa_key_attributes_t attributes; status = psa_get_and_lock_key_slot_with_policy( key, @@ -2564,7 +2776,7 @@ static psa_status_t psa_mac_compute_internal(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -2597,9 +2809,8 @@ exit: *mac_length = mac_size; operation_mac_size = 0; } - if (mac_size > operation_mac_size) { - memset(&mac[operation_mac_size], '!', mac_size - operation_mac_size); - } + + psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length); unlock_status = psa_unlock_key_slot(slot); @@ -2642,7 +2853,7 @@ psa_status_t psa_mac_verify(mbedtls_svc_key_id_t key, status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } - if (mbedtls_psa_safer_memcmp(mac, actual_mac, actual_mac_length) != 0) { + if (mbedtls_ct_memcmp(mac, actual_mac, actual_mac_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; goto exit; } @@ -2691,6 +2902,7 @@ static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; + psa_key_attributes_t attributes; *signature_length = 0; @@ -2722,7 +2934,7 @@ static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -2741,18 +2953,8 @@ static psa_status_t psa_sign_internal(mbedtls_svc_key_id_t key, exit: - /* Fill the unused part of the output buffer (the whole buffer on error, - * the trailing part on success) with something that isn't a valid signature - * (barring an attack on the signature and deliberately-crafted input), - * in case the caller doesn't check the return status properly. */ - if (status == PSA_SUCCESS) { - memset(signature + *signature_length, '!', - signature_size - *signature_length); - } else { - memset(signature, '!', signature_size); - } - /* If signature_size is 0 then we have nothing to do. We must not call - * memset because signature may be NULL in this case. */ + psa_wipe_tag_output_buffer(signature, status, signature_size, + *signature_length); unlock_status = psa_unlock_key_slot(slot); @@ -3035,6 +3237,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; + psa_key_attributes_t attributes; (void) input; (void) input_length; @@ -3059,7 +3262,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -3086,6 +3289,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; + psa_key_attributes_t attributes; (void) input; (void) input_length; @@ -3109,7 +3313,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -3124,7 +3328,757 @@ exit: return (status == PSA_SUCCESS) ? unlock_status : status; } +/****************************************************************/ +/* Asymmetric interruptible cryptography */ +/****************************************************************/ +static uint32_t psa_interruptible_max_ops = PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED; + +void psa_interruptible_set_max_ops(uint32_t max_ops) +{ + psa_interruptible_max_ops = max_ops; +} + +uint32_t psa_interruptible_get_max_ops(void) +{ + return psa_interruptible_max_ops; +} + +uint32_t psa_sign_hash_get_num_ops( + const psa_sign_hash_interruptible_operation_t *operation) +{ + return operation->num_ops; +} + +uint32_t psa_verify_hash_get_num_ops( + const psa_verify_hash_interruptible_operation_t *operation) +{ + return operation->num_ops; +} + +static psa_status_t psa_sign_hash_abort_internal( + psa_sign_hash_interruptible_operation_t *operation) +{ + if (operation->id == 0) { + /* The object has (apparently) been initialized but it is not (yet) + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + return PSA_SUCCESS; + } + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + status = psa_driver_wrapper_sign_hash_abort(operation); + + operation->id = 0; + + /* Do not clear either the error_occurred or num_ops elements here as they + * only want to be cleared by the application calling abort, not by abort + * being called at completion of an operation. */ + + return status; +} + +psa_status_t psa_sign_hash_start( + psa_sign_hash_interruptible_operation_t *operation, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + psa_key_attributes_t attributes; + + /* Check that start has not been previously called, or operation has not + * previously errored. */ + if (operation->id != 0 || operation->error_occurred) { + return PSA_ERROR_BAD_STATE; + } + + status = psa_sign_verify_check_alg(0, alg); + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + return status; + } + + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_SIGN_HASH, + alg); + + if (status != PSA_SUCCESS) { + goto exit; + } + + if (!PSA_KEY_TYPE_IS_KEY_PAIR(slot->attr.type)) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + attributes = (psa_key_attributes_t) { + .core = slot->attr + }; + + /* Ensure ops count gets reset, in case of operation re-use. */ + operation->num_ops = 0; + + status = psa_driver_wrapper_sign_hash_start(operation, &attributes, + slot->key.data, + slot->key.bytes, alg, + hash, hash_length); +exit: + + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + psa_sign_hash_abort_internal(operation); + } + + unlock_status = psa_unlock_key_slot(slot); + + if (unlock_status != PSA_SUCCESS) { + operation->error_occurred = 1; + } + + return (status == PSA_SUCCESS) ? unlock_status : status; +} + + +psa_status_t psa_sign_hash_complete( + psa_sign_hash_interruptible_operation_t *operation, + uint8_t *signature, size_t signature_size, + size_t *signature_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + *signature_length = 0; + + /* Check that start has been called first, and that operation has not + * previously errored. */ + if (operation->id == 0 || operation->error_occurred) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + /* Immediately reject a zero-length signature buffer. This guarantees that + * signature must be a valid pointer. */ + if (signature_size == 0) { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + + status = psa_driver_wrapper_sign_hash_complete(operation, signature, + signature_size, + signature_length); + + /* Update ops count with work done. */ + operation->num_ops = psa_driver_wrapper_sign_hash_get_num_ops(operation); + +exit: + + psa_wipe_tag_output_buffer(signature, status, signature_size, + *signature_length); + + if (status != PSA_OPERATION_INCOMPLETE) { + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + } + + psa_sign_hash_abort_internal(operation); + } + + return status; +} + +psa_status_t psa_sign_hash_abort( + psa_sign_hash_interruptible_operation_t *operation) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + status = psa_sign_hash_abort_internal(operation); + + /* We clear the number of ops done here, so that it is not cleared when + * the operation fails or succeeds, only on manual abort. */ + operation->num_ops = 0; + + /* Likewise, failure state. */ + operation->error_occurred = 0; + + return status; +} + +static psa_status_t psa_verify_hash_abort_internal( + psa_verify_hash_interruptible_operation_t *operation) +{ + if (operation->id == 0) { + /* The object has (apparently) been initialized but it is not (yet) + * in use. It's ok to call abort on such an object, and there's + * nothing to do. */ + return PSA_SUCCESS; + } + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + status = psa_driver_wrapper_verify_hash_abort(operation); + + operation->id = 0; + + /* Do not clear either the error_occurred or num_ops elements here as they + * only want to be cleared by the application calling abort, not by abort + * being called at completion of an operation. */ + + return status; +} + +psa_status_t psa_verify_hash_start( + psa_verify_hash_interruptible_operation_t *operation, + mbedtls_svc_key_id_t key, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + + /* Check that start has not been previously called, or operation has not + * previously errored. */ + if (operation->id != 0 || operation->error_occurred) { + return PSA_ERROR_BAD_STATE; + } + + status = psa_sign_verify_check_alg(0, alg); + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + return status; + } + + status = psa_get_and_lock_key_slot_with_policy(key, &slot, + PSA_KEY_USAGE_VERIFY_HASH, + alg); + + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + return status; + } + + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + /* Ensure ops count gets reset, in case of operation re-use. */ + operation->num_ops = 0; + + status = psa_driver_wrapper_verify_hash_start(operation, &attributes, + slot->key.data, + slot->key.bytes, + alg, hash, hash_length, + signature, signature_length); + + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + psa_verify_hash_abort_internal(operation); + } + + unlock_status = psa_unlock_key_slot(slot); + + if (unlock_status != PSA_SUCCESS) { + operation->error_occurred = 1; + } + + return (status == PSA_SUCCESS) ? unlock_status : status; +} + +psa_status_t psa_verify_hash_complete( + psa_verify_hash_interruptible_operation_t *operation) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + /* Check that start has been called first, and that operation has not + * previously errored. */ + if (operation->id == 0 || operation->error_occurred) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + status = psa_driver_wrapper_verify_hash_complete(operation); + + /* Update ops count with work done. */ + operation->num_ops = psa_driver_wrapper_verify_hash_get_num_ops( + operation); + +exit: + + if (status != PSA_OPERATION_INCOMPLETE) { + if (status != PSA_SUCCESS) { + operation->error_occurred = 1; + } + + psa_verify_hash_abort_internal(operation); + } + + return status; +} + +psa_status_t psa_verify_hash_abort( + psa_verify_hash_interruptible_operation_t *operation) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + status = psa_verify_hash_abort_internal(operation); + + /* We clear the number of ops done here, so that it is not cleared when + * the operation fails or succeeds, only on manual abort. */ + operation->num_ops = 0; + + /* Likewise, failure state. */ + operation->error_occurred = 0; + + return status; +} + +/****************************************************************/ +/* Asymmetric interruptible cryptography internal */ +/* implementations */ +/****************************************************************/ + +void mbedtls_psa_interruptible_set_max_ops(uint32_t max_ops) +{ + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + /* Internal implementation uses zero to indicate infinite number max ops, + * therefore avoid this value, and set to minimum possible. */ + if (max_ops == 0) { + max_ops = 1; + } + + mbedtls_ecp_set_max_ops(max_ops); +#else + (void) max_ops; +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +uint32_t mbedtls_psa_sign_hash_get_num_ops( + const mbedtls_psa_sign_hash_interruptible_operation_t *operation) +{ +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + return operation->num_ops; +#else + (void) operation; + return 0; +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +uint32_t mbedtls_psa_verify_hash_get_num_ops( + const mbedtls_psa_verify_hash_interruptible_operation_t *operation) +{ + #if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + return operation->num_ops; +#else + (void) operation; + return 0; +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +psa_status_t mbedtls_psa_sign_hash_start( + mbedtls_psa_sign_hash_interruptible_operation_t *operation, + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t required_hash_length; + + if (!PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + return PSA_ERROR_NOT_SUPPORTED; + } + + if (!PSA_ALG_IS_ECDSA(alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + mbedtls_ecdsa_restart_init(&operation->restart_ctx); + + /* Ensure num_ops is zero'ed in case of context re-use. */ + operation->num_ops = 0; + + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + key_buffer, + key_buffer_size, + &operation->ctx); + + if (status != PSA_SUCCESS) { + return status; + } + + operation->coordinate_bytes = PSA_BITS_TO_BYTES( + operation->ctx->grp.nbits); + + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); + operation->md_alg = mbedtls_md_type_from_psa_alg(hash_alg); + operation->alg = alg; + + /* We only need to store the same length of hash as the private key size + * here, it would be truncated by the internal implementation anyway. */ + required_hash_length = (hash_length < operation->coordinate_bytes ? + hash_length : operation->coordinate_bytes); + + if (required_hash_length > sizeof(operation->hash)) { + /* Shouldn't happen, but better safe than sorry. */ + return PSA_ERROR_CORRUPTION_DETECTED; + } + + memcpy(operation->hash, hash, required_hash_length); + operation->hash_length = required_hash_length; + + return PSA_SUCCESS; + +#else + (void) operation; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) status; + (void) required_hash_length; + + return PSA_ERROR_NOT_SUPPORTED; +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +psa_status_t mbedtls_psa_sign_hash_complete( + mbedtls_psa_sign_hash_interruptible_operation_t *operation, + uint8_t *signature, size_t signature_size, + size_t *signature_length) +{ +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi r; + mbedtls_mpi s; + + mbedtls_mpi_init(&r); + mbedtls_mpi_init(&s); + + /* Ensure max_ops is set to the current value (or default). */ + mbedtls_psa_interruptible_set_max_ops(psa_interruptible_get_max_ops()); + + if (signature_size < 2 * operation->coordinate_bytes) { + status = PSA_ERROR_BUFFER_TOO_SMALL; + goto exit; + } + + if (PSA_ALG_ECDSA_IS_DETERMINISTIC(operation->alg)) { + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) + status = mbedtls_to_psa_error( + mbedtls_ecdsa_sign_det_restartable(&operation->ctx->grp, + &r, + &s, + &operation->ctx->d, + operation->hash, + operation->hash_length, + operation->md_alg, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + &operation->restart_ctx)); +#else /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */ + } else { + status = mbedtls_to_psa_error( + mbedtls_ecdsa_sign_restartable(&operation->ctx->grp, + &r, + &s, + &operation->ctx->d, + operation->hash, + operation->hash_length, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE, + &operation->restart_ctx)); + } + + /* Hide the fact that the restart context only holds a delta of number of + * ops done during the last operation, not an absolute value. */ + operation->num_ops += operation->restart_ctx.ecp.ops_done; + + if (status == PSA_SUCCESS) { + status = mbedtls_to_psa_error( + mbedtls_mpi_write_binary(&r, + signature, + operation->coordinate_bytes) + ); + + if (status != PSA_SUCCESS) { + goto exit; + } + + status = mbedtls_to_psa_error( + mbedtls_mpi_write_binary(&s, + signature + + operation->coordinate_bytes, + operation->coordinate_bytes) + ); + + if (status != PSA_SUCCESS) { + goto exit; + } + + *signature_length = operation->coordinate_bytes * 2; + + status = PSA_SUCCESS; + } + +exit: + + mbedtls_mpi_free(&r); + mbedtls_mpi_free(&s); + return status; + + #else + + (void) operation; + (void) signature; + (void) signature_size; + (void) signature_length; + + return PSA_ERROR_NOT_SUPPORTED; + +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +psa_status_t mbedtls_psa_sign_hash_abort( + mbedtls_psa_sign_hash_interruptible_operation_t *operation) +{ + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + if (operation->ctx) { + mbedtls_ecdsa_free(operation->ctx); + mbedtls_free(operation->ctx); + operation->ctx = NULL; + } + + mbedtls_ecdsa_restart_free(&operation->restart_ctx); + + operation->num_ops = 0; + + return PSA_SUCCESS; + +#else + + (void) operation; + + return PSA_ERROR_NOT_SUPPORTED; + +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +psa_status_t mbedtls_psa_verify_hash_start( + mbedtls_psa_verify_hash_interruptible_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t coordinate_bytes = 0; + size_t required_hash_length = 0; + + if (!PSA_KEY_TYPE_IS_ECC(attributes->core.type)) { + return PSA_ERROR_NOT_SUPPORTED; + } + + if (!PSA_ALG_IS_ECDSA(alg)) { + return PSA_ERROR_NOT_SUPPORTED; + } + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + mbedtls_ecdsa_restart_init(&operation->restart_ctx); + mbedtls_mpi_init(&operation->r); + mbedtls_mpi_init(&operation->s); + + /* Ensure num_ops is zero'ed in case of context re-use. */ + operation->num_ops = 0; + + status = mbedtls_psa_ecp_load_representation(attributes->core.type, + attributes->core.bits, + key_buffer, + key_buffer_size, + &operation->ctx); + + if (status != PSA_SUCCESS) { + return status; + } + + coordinate_bytes = PSA_BITS_TO_BYTES(operation->ctx->grp.nbits); + + if (signature_length != 2 * coordinate_bytes) { + return PSA_ERROR_INVALID_SIGNATURE; + } + + status = mbedtls_to_psa_error( + mbedtls_mpi_read_binary(&operation->r, + signature, + coordinate_bytes)); + + if (status != PSA_SUCCESS) { + return status; + } + + status = mbedtls_to_psa_error( + mbedtls_mpi_read_binary(&operation->s, + signature + + coordinate_bytes, + coordinate_bytes)); + + if (status != PSA_SUCCESS) { + return status; + } + + status = mbedtls_psa_ecp_load_public_part(operation->ctx); + + if (status != PSA_SUCCESS) { + return status; + } + + /* We only need to store the same length of hash as the private key size + * here, it would be truncated by the internal implementation anyway. */ + required_hash_length = (hash_length < coordinate_bytes ? hash_length : + coordinate_bytes); + + if (required_hash_length > sizeof(operation->hash)) { + /* Shouldn't happen, but better safe than sorry. */ + return PSA_ERROR_CORRUPTION_DETECTED; + } + + memcpy(operation->hash, hash, required_hash_length); + operation->hash_length = required_hash_length; + + return PSA_SUCCESS; +#else + (void) operation; + (void) key_buffer; + (void) key_buffer_size; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_length; + (void) status; + (void) coordinate_bytes; + (void) required_hash_length; + + return PSA_ERROR_NOT_SUPPORTED; +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +psa_status_t mbedtls_psa_verify_hash_complete( + mbedtls_psa_verify_hash_interruptible_operation_t *operation) +{ + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + /* Ensure max_ops is set to the current value (or default). */ + mbedtls_psa_interruptible_set_max_ops(psa_interruptible_get_max_ops()); + + status = mbedtls_to_psa_error( + mbedtls_ecdsa_verify_restartable(&operation->ctx->grp, + operation->hash, + operation->hash_length, + &operation->ctx->Q, + &operation->r, + &operation->s, + &operation->restart_ctx)); + + /* Hide the fact that the restart context only holds a delta of number of + * ops done during the last operation, not an absolute value. */ + operation->num_ops += operation->restart_ctx.ecp.ops_done; + + return status; +#else + (void) operation; + + return PSA_ERROR_NOT_SUPPORTED; + +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} + +psa_status_t mbedtls_psa_verify_hash_abort( + mbedtls_psa_verify_hash_interruptible_operation_t *operation) +{ + +#if (defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)) && \ + defined(MBEDTLS_ECP_RESTARTABLE) + + if (operation->ctx) { + mbedtls_ecdsa_free(operation->ctx); + mbedtls_free(operation->ctx); + operation->ctx = NULL; + } + + mbedtls_ecdsa_restart_free(&operation->restart_ctx); + + operation->num_ops = 0; + + mbedtls_mpi_free(&operation->r); + mbedtls_mpi_free(&operation->s); + + return PSA_SUCCESS; + +#else + (void) operation; + + return PSA_ERROR_NOT_SUPPORTED; + +#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || + * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) && + * defined( MBEDTLS_ECP_RESTARTABLE ) */ +} /****************************************************************/ /* Symmetric cryptography */ @@ -3141,6 +4095,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, psa_key_usage_t usage = (cipher_operation == MBEDTLS_ENCRYPT ? PSA_KEY_USAGE_ENCRYPT : PSA_KEY_USAGE_DECRYPT); + psa_key_attributes_t attributes; /* A context must be freshly initialized before it can be set up. */ if (operation->id != 0) { @@ -3170,7 +4125,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation, } operation->default_iv_length = PSA_CIPHER_IV_LENGTH(slot->attr.type, alg); - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -3220,7 +4175,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; - size_t default_iv_length; + size_t default_iv_length = 0; if (operation->id == 0) { status = PSA_ERROR_BAD_STATE; @@ -3396,6 +4351,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, psa_key_slot_t *slot = NULL; uint8_t local_iv[PSA_CIPHER_IV_MAX_SIZE]; size_t default_iv_length = 0; + psa_key_attributes_t attributes; if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; @@ -3409,7 +4365,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -3434,7 +4390,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, status = psa_driver_wrapper_cipher_encrypt( &attributes, slot->key.data, slot->key.bytes, alg, local_iv, default_iv_length, input, input_length, - mbedtls_buffer_offset(output, default_iv_length), + psa_crypto_buffer_offset(output, default_iv_length), output_size - default_iv_length, output_length); exit: @@ -3466,6 +4422,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; + psa_key_attributes_t attributes; if (!PSA_ALG_IS_CIPHER(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; @@ -3479,7 +4436,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -3733,6 +4690,7 @@ static psa_status_t psa_aead_setup(psa_aead_operation_t *operation, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; psa_key_usage_t key_usage = 0; + psa_key_attributes_t attributes; status = psa_aead_check_algorithm(alg); if (status != PSA_SUCCESS) { @@ -3762,7 +4720,7 @@ static psa_status_t psa_aead_setup(psa_aead_operation_t *operation, goto exit; } - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -3827,7 +4785,7 @@ psa_status_t psa_aead_generate_nonce(psa_aead_operation_t *operation, { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; uint8_t local_nonce[PSA_AEAD_NONCE_MAX_SIZE]; - size_t required_nonce_size; + size_t required_nonce_size = 0; *nonce_length = 0; @@ -4126,18 +5084,14 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation, tag, tag_size, tag_length); exit: + + /* In case the operation fails and the user fails to check for failure or * the zero tag size, make sure the tag is set to something implausible. * Even if the operation succeeds, make sure we clear the rest of the * buffer to prevent potential leakage of anything previously placed in * the same buffer.*/ - if (tag != NULL) { - if (status != PSA_SUCCESS) { - memset(tag, '!', tag_size); - } else if (*tag_length < tag_size) { - memset(tag + *tag_length, '!', (tag_size - *tag_length)); - } - } + psa_wipe_tag_output_buffer(tag, status, tag_size, *tag_length); psa_aead_abort(operation); @@ -4204,7 +5158,8 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation) #if defined(BUILTIN_ALG_ANY_HKDF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) + defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) || \ + defined(PSA_HAVE_SOFT_PBKDF2) #define AT_LEAST_ONE_BUILTIN_KDF #endif /* At least one builtin KDF */ @@ -4272,29 +5227,25 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation) /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { if (operation->ctx.tls12_prf.secret != NULL) { - mbedtls_platform_zeroize(operation->ctx.tls12_prf.secret, + mbedtls_zeroize_and_free(operation->ctx.tls12_prf.secret, operation->ctx.tls12_prf.secret_length); - mbedtls_free(operation->ctx.tls12_prf.secret); } if (operation->ctx.tls12_prf.seed != NULL) { - mbedtls_platform_zeroize(operation->ctx.tls12_prf.seed, + mbedtls_zeroize_and_free(operation->ctx.tls12_prf.seed, operation->ctx.tls12_prf.seed_length); - mbedtls_free(operation->ctx.tls12_prf.seed); } if (operation->ctx.tls12_prf.label != NULL) { - mbedtls_platform_zeroize(operation->ctx.tls12_prf.label, + mbedtls_zeroize_and_free(operation->ctx.tls12_prf.label, operation->ctx.tls12_prf.label_length); - mbedtls_free(operation->ctx.tls12_prf.label); } - +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) if (operation->ctx.tls12_prf.other_secret != NULL) { - mbedtls_platform_zeroize(operation->ctx.tls12_prf.other_secret, + mbedtls_zeroize_and_free(operation->ctx.tls12_prf.other_secret, operation->ctx.tls12_prf.other_secret_length); - mbedtls_free(operation->ctx.tls12_prf.other_secret); } - +#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ status = PSA_SUCCESS; /* We leave the fields Ai and output_block to be erased safely by the @@ -4308,6 +5259,16 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation) sizeof(operation->ctx.tls12_ecjpake_to_pms.data)); } else #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) */ +#if defined(PSA_HAVE_SOFT_PBKDF2) + if (PSA_ALG_IS_PBKDF2(kdf_alg)) { + if (operation->ctx.pbkdf2.salt != NULL) { + mbedtls_zeroize_and_free(operation->ctx.pbkdf2.salt, + operation->ctx.pbkdf2.salt_length); + } + + status = PSA_SUCCESS; + } else +#endif /* defined(PSA_HAVE_SOFT_PBKDF2) */ { status = PSA_ERROR_BAD_STATE; } @@ -4634,6 +5595,144 @@ static psa_status_t psa_key_derivation_tls12_ecjpake_to_pms_read( } #endif +#if defined(PSA_HAVE_SOFT_PBKDF2) +static psa_status_t psa_key_derivation_pbkdf2_generate_block( + psa_pbkdf2_key_derivation_t *pbkdf2, + psa_algorithm_t prf_alg, + uint8_t prf_output_length, + psa_key_attributes_t *attributes) +{ + psa_status_t status; + psa_mac_operation_t mac_operation = PSA_MAC_OPERATION_INIT; + size_t mac_output_length; + uint8_t U_i[PSA_MAC_MAX_SIZE]; + uint8_t *U_accumulator = pbkdf2->output_block; + uint64_t i; + uint8_t block_counter[4]; + + mac_operation.is_sign = 1; + mac_operation.mac_size = prf_output_length; + MBEDTLS_PUT_UINT32_BE(pbkdf2->block_number, block_counter, 0); + + status = psa_driver_wrapper_mac_sign_setup(&mac_operation, + attributes, + pbkdf2->password, + pbkdf2->password_length, + prf_alg); + if (status != PSA_SUCCESS) { + goto cleanup; + } + status = psa_mac_update(&mac_operation, pbkdf2->salt, pbkdf2->salt_length); + if (status != PSA_SUCCESS) { + goto cleanup; + } + status = psa_mac_update(&mac_operation, block_counter, sizeof(block_counter)); + if (status != PSA_SUCCESS) { + goto cleanup; + } + status = psa_mac_sign_finish(&mac_operation, U_i, sizeof(U_i), + &mac_output_length); + if (status != PSA_SUCCESS) { + goto cleanup; + } + + if (mac_output_length != prf_output_length) { + status = PSA_ERROR_CORRUPTION_DETECTED; + goto cleanup; + } + + memcpy(U_accumulator, U_i, prf_output_length); + + for (i = 1; i < pbkdf2->input_cost; i++) { + /* We are passing prf_output_length as mac_size because the driver + * function directly sets mac_output_length as mac_size upon success. + * See https://github.com/Mbed-TLS/mbedtls/issues/7801 */ + status = psa_driver_wrapper_mac_compute(attributes, + pbkdf2->password, + pbkdf2->password_length, + prf_alg, U_i, prf_output_length, + U_i, prf_output_length, + &mac_output_length); + if (status != PSA_SUCCESS) { + goto cleanup; + } + + mbedtls_xor(U_accumulator, U_accumulator, U_i, prf_output_length); + } + +cleanup: + /* Zeroise buffers to clear sensitive data from memory. */ + mbedtls_platform_zeroize(U_i, PSA_MAC_MAX_SIZE); + return status; +} + +static psa_status_t psa_key_derivation_pbkdf2_read( + psa_pbkdf2_key_derivation_t *pbkdf2, + psa_algorithm_t kdf_alg, + uint8_t *output, + size_t output_length) +{ + psa_status_t status; + psa_algorithm_t prf_alg; + uint8_t prf_output_length; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(pbkdf2->password_length)); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { + prf_alg = PSA_ALG_HMAC(PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg)); + prf_output_length = PSA_HASH_LENGTH(prf_alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); + } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { + prf_alg = PSA_ALG_CMAC; + prf_output_length = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + } else { + return PSA_ERROR_INVALID_ARGUMENT; + } + + switch (pbkdf2->state) { + case PSA_PBKDF2_STATE_PASSWORD_SET: + /* Initially we need a new block so bytes_used is equal to block size*/ + pbkdf2->bytes_used = prf_output_length; + pbkdf2->state = PSA_PBKDF2_STATE_OUTPUT; + break; + case PSA_PBKDF2_STATE_OUTPUT: + break; + default: + return PSA_ERROR_BAD_STATE; + } + + while (output_length != 0) { + uint8_t n = prf_output_length - pbkdf2->bytes_used; + if (n > output_length) { + n = (uint8_t) output_length; + } + memcpy(output, pbkdf2->output_block + pbkdf2->bytes_used, n); + output += n; + output_length -= n; + pbkdf2->bytes_used += n; + + if (output_length == 0) { + break; + } + + /* We need a new block */ + pbkdf2->bytes_used = 0; + pbkdf2->block_number++; + + status = psa_key_derivation_pbkdf2_generate_block(pbkdf2, prf_alg, + prf_output_length, + &attributes); + if (status != PSA_SUCCESS) { + return status; + } + } + + return PSA_SUCCESS; +} +#endif /* PSA_HAVE_SOFT_PBKDF2 */ + psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, uint8_t *output, @@ -4687,6 +5786,12 @@ psa_status_t psa_key_derivation_output_bytes( &operation->ctx.tls12_ecjpake_to_pms, output, output_length); } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ +#if defined(PSA_HAVE_SOFT_PBKDF2) + if (PSA_ALG_IS_PBKDF2(kdf_alg)) { + status = psa_key_derivation_pbkdf2_read(&operation->ctx.pbkdf2, kdf_alg, + output, output_length); + } else +#endif /* PSA_HAVE_SOFT_PBKDF2 */ { (void) kdf_alg; @@ -4751,11 +5856,8 @@ static void psa_des_set_key_parity(uint8_t *data, size_t data_size) * Note: Function allocates memory for *data buffer, so given *data should be * always NULL. */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( psa_key_slot_t *slot, size_t bits, @@ -4768,6 +5870,8 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( mbedtls_mpi diff_N_2; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t m; + size_t m_bytes; mbedtls_mpi_init(&k); mbedtls_mpi_init(&diff_N_2); @@ -4789,9 +5893,9 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( /* N is the boundary of the private key domain (ecp_group.N). */ /* Let m be the bit size of N. */ - size_t m = ecp_group.nbits; + m = ecp_group.nbits; - size_t m_bytes = PSA_BITS_TO_BYTES(m); + m_bytes = PSA_BITS_TO_BYTES(m); /* Calculate N - 2 - it will be needed later. */ MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&diff_N_2, &ecp_group.N, 2)); @@ -4912,11 +6016,28 @@ static psa_status_t psa_generate_derived_ecc_key_montgomery_helper( return status; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ +#else /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ +static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( + psa_key_slot_t *slot, size_t bits, + psa_key_derivation_operation_t *operation, uint8_t **data) +{ + (void) slot; + (void) bits; + (void) operation; + (void) data; + return PSA_ERROR_NOT_SUPPORTED; +} + +static psa_status_t psa_generate_derived_ecc_key_montgomery_helper( + size_t bits, psa_key_derivation_operation_t *operation, uint8_t **data) +{ + (void) bits; + (void) operation; + (void) data; + return PSA_ERROR_NOT_SUPPORTED; +} +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ +#endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, @@ -4927,16 +6048,14 @@ static psa_status_t psa_generate_derived_key_internal( size_t bytes = PSA_BITS_TO_BYTES(bits); size_t storage_size = bytes; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_attributes_t attributes; if (PSA_KEY_TYPE_IS_PUBLIC_KEY(slot->attr.type)) { return PSA_ERROR_INVALID_ARGUMENT; } -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) if (PSA_KEY_TYPE_IS_ECC(slot->attr.type)) { psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(slot->attr.type); if (PSA_ECC_FAMILY_IS_WEIERSTRASS(curve)) { @@ -4953,11 +6072,8 @@ static psa_status_t psa_generate_derived_key_internal( } } } else -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || - defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ +#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) */ if (key_type_is_raw_bytes(slot->attr.type)) { if (bits % 8 != 0) { return PSA_ERROR_INVALID_ARGUMENT; @@ -4981,7 +6097,7 @@ static psa_status_t psa_generate_derived_key_internal( } slot->attr.bits = (psa_key_bits_t) bits; - psa_key_attributes_t attributes = { + attributes = (psa_key_attributes_t) { .core = slot->attr }; @@ -5096,6 +6212,16 @@ static int is_kdf_alg_supported(psa_algorithm_t kdf_alg) if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { return 1; } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { + return 1; + } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) + if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { + return 1; + } #endif return 0; } @@ -5122,10 +6248,14 @@ static psa_status_t psa_key_derivation_setup_kdf( } /* All currently supported key derivation algorithms (apart from - * ecjpake to pms) are based on a hash algorithm. */ + * ecjpake to pms and pbkdf2_aes_cmac_128) are based on a hash algorithm. */ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); size_t hash_size = PSA_HASH_LENGTH(hash_alg); - if (kdf_alg != PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256); + } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { + hash_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); + } else { if (hash_size == 0) { return PSA_ERROR_NOT_SUPPORTED; } @@ -5137,8 +6267,6 @@ static psa_status_t psa_key_derivation_setup_kdf( if (status != PSA_SUCCESS) { return status; } - } else { - hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256); } if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || @@ -5164,10 +6292,27 @@ static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg) if (alg == PSA_ALG_ECDH) { return PSA_SUCCESS; } +#endif +#if defined(PSA_WANT_ALG_FFDH) + if (alg == PSA_ALG_FFDH) { + return PSA_SUCCESS; + } #endif (void) alg; return PSA_ERROR_NOT_SUPPORTED; } + +static int psa_key_derivation_allows_free_form_secret_input( + psa_algorithm_t kdf_alg) +{ +#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) + if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + return 0; + } +#endif + (void) kdf_alg; + return 1; +} #endif /* AT_LEAST_ONE_BUILTIN_KDF */ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, @@ -5189,6 +6334,9 @@ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, if (status != PSA_SUCCESS) { return status; } + if (!psa_key_derivation_allows_free_form_secret_input(kdf_alg)) { + return PSA_ERROR_INVALID_ARGUMENT; + } status = psa_key_derivation_setup_kdf(operation, kdf_alg); #else return PSA_ERROR_NOT_SUPPORTED; @@ -5492,8 +6640,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( status = psa_tls12_prf_set_key(prf, pms, cur - pms); - mbedtls_platform_zeroize(pms, pms_len); - mbedtls_free(pms); + mbedtls_zeroize_and_free(pms, pms_len); return status; } @@ -5570,6 +6717,170 @@ static psa_status_t psa_tls12_ecjpake_to_pms_input( return PSA_SUCCESS; } #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ + +#if defined(PSA_HAVE_SOFT_PBKDF2) +static psa_status_t psa_pbkdf2_set_input_cost( + psa_pbkdf2_key_derivation_t *pbkdf2, + psa_key_derivation_step_t step, + uint64_t data) +{ + if (step != PSA_KEY_DERIVATION_INPUT_COST) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (pbkdf2->state != PSA_PBKDF2_STATE_INIT) { + return PSA_ERROR_BAD_STATE; + } + + if (data > PSA_VENDOR_PBKDF2_MAX_ITERATIONS) { + return PSA_ERROR_NOT_SUPPORTED; + } + + if (data == 0) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + pbkdf2->input_cost = data; + pbkdf2->state = PSA_PBKDF2_STATE_INPUT_COST_SET; + + return PSA_SUCCESS; +} + +static psa_status_t psa_pbkdf2_set_salt(psa_pbkdf2_key_derivation_t *pbkdf2, + const uint8_t *data, + size_t data_length) +{ + if (pbkdf2->state == PSA_PBKDF2_STATE_INPUT_COST_SET) { + pbkdf2->state = PSA_PBKDF2_STATE_SALT_SET; + } else if (pbkdf2->state == PSA_PBKDF2_STATE_SALT_SET) { + /* Appending to existing salt. No state change. */ + } else { + return PSA_ERROR_BAD_STATE; + } + + if (data_length == 0) { + /* Appending an empty string, nothing to do. */ + } else { + uint8_t *next_salt; + + next_salt = mbedtls_calloc(1, data_length + pbkdf2->salt_length); + if (next_salt == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + + if (pbkdf2->salt_length != 0) { + memcpy(next_salt, pbkdf2->salt, pbkdf2->salt_length); + } + memcpy(next_salt + pbkdf2->salt_length, data, data_length); + pbkdf2->salt_length += data_length; + mbedtls_free(pbkdf2->salt); + pbkdf2->salt = next_salt; + } + return PSA_SUCCESS; +} + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) +static psa_status_t psa_pbkdf2_hmac_set_password(psa_algorithm_t hash_alg, + const uint8_t *input, + size_t input_len, + uint8_t *output, + size_t *output_len) +{ + psa_status_t status = PSA_SUCCESS; + if (input_len > PSA_HASH_BLOCK_LENGTH(hash_alg)) { + status = psa_hash_compute(hash_alg, input, input_len, output, + PSA_HMAC_MAX_HASH_BLOCK_SIZE, output_len); + } else { + memcpy(output, input, input_len); + *output_len = PSA_HASH_BLOCK_LENGTH(hash_alg); + } + return status; +} +#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */ + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) +static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input, + size_t input_len, + uint8_t *output, + size_t *output_len) +{ + psa_status_t status = PSA_SUCCESS; + if (input_len != PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC)) { + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t zeros[16] = { 0 }; + psa_set_key_type(&attributes, PSA_KEY_TYPE_AES); + psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(sizeof(zeros))); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + /* Passing PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC) as + * mac_size as the driver function sets mac_output_length = mac_size + * on success. See https://github.com/Mbed-TLS/mbedtls/issues/7801 */ + status = psa_driver_wrapper_mac_compute(&attributes, + zeros, sizeof(zeros), + PSA_ALG_CMAC, input, input_len, + output, + PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC), + output_len); + } else { + memcpy(output, input, input_len); + *output_len = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); + } + return status; +} +#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */ + +static psa_status_t psa_pbkdf2_set_password(psa_pbkdf2_key_derivation_t *pbkdf2, + psa_algorithm_t kdf_alg, + const uint8_t *data, + size_t data_length) +{ + psa_status_t status = PSA_SUCCESS; + if (pbkdf2->state != PSA_PBKDF2_STATE_SALT_SET) { + return PSA_ERROR_BAD_STATE; + } + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { + psa_algorithm_t hash_alg = PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg); + status = psa_pbkdf2_hmac_set_password(hash_alg, data, data_length, + pbkdf2->password, + &pbkdf2->password_length); + } else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) + if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { + status = psa_pbkdf2_cmac_set_password(data, data_length, + pbkdf2->password, + &pbkdf2->password_length); + } else +#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */ + { + return PSA_ERROR_INVALID_ARGUMENT; + } + + pbkdf2->state = PSA_PBKDF2_STATE_PASSWORD_SET; + + return status; +} + +static psa_status_t psa_pbkdf2_input(psa_pbkdf2_key_derivation_t *pbkdf2, + psa_algorithm_t kdf_alg, + psa_key_derivation_step_t step, + const uint8_t *data, + size_t data_length) +{ + switch (step) { + case PSA_KEY_DERIVATION_INPUT_SALT: + return psa_pbkdf2_set_salt(pbkdf2, data, data_length); + case PSA_KEY_DERIVATION_INPUT_PASSWORD: + return psa_pbkdf2_set_password(pbkdf2, kdf_alg, data, data_length); + default: + return PSA_ERROR_INVALID_ARGUMENT; + } +} +#endif /* PSA_HAVE_SOFT_PBKDF2 */ + /** Check whether the given key type is acceptable for the given * input step of a key derivation. * @@ -5611,6 +6922,17 @@ static int psa_key_derivation_check_input_type( return PSA_SUCCESS; } break; + case PSA_KEY_DERIVATION_INPUT_PASSWORD: + if (key_type == PSA_KEY_TYPE_PASSWORD) { + return PSA_SUCCESS; + } + if (key_type == PSA_KEY_TYPE_DERIVE) { + return PSA_SUCCESS; + } + if (key_type == PSA_KEY_TYPE_NONE) { + return PSA_SUCCESS; + } + break; } return PSA_ERROR_INVALID_ARGUMENT; } @@ -5654,6 +6976,12 @@ static psa_status_t psa_key_derivation_input_internal( &operation->ctx.tls12_ecjpake_to_pms, step, data, data_length); } else #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ +#if defined(PSA_HAVE_SOFT_PBKDF2) + if (PSA_ALG_IS_PBKDF2(kdf_alg)) { + status = psa_pbkdf2_input(&operation->ctx.pbkdf2, kdf_alg, + step, data, data_length); + } else +#endif /* PSA_HAVE_SOFT_PBKDF2 */ { /* This can't happen unless the operation object was not initialized */ (void) data; @@ -5669,6 +6997,33 @@ exit: return status; } +static psa_status_t psa_key_derivation_input_integer_internal( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + uint64_t value) +{ + psa_status_t status; + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation); + +#if defined(PSA_HAVE_SOFT_PBKDF2) + if (PSA_ALG_IS_PBKDF2(kdf_alg)) { + status = psa_pbkdf2_set_input_cost( + &operation->ctx.pbkdf2, step, value); + } else +#endif /* PSA_HAVE_SOFT_PBKDF2 */ + { + (void) step; + (void) value; + (void) kdf_alg; + status = PSA_ERROR_INVALID_ARGUMENT; + } + + if (status != PSA_SUCCESS) { + psa_key_derivation_abort(operation); + } + return status; +} + psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, @@ -5680,6 +7035,14 @@ psa_status_t psa_key_derivation_input_bytes( data, data_length); } +psa_status_t psa_key_derivation_input_integer( + psa_key_derivation_operation_t *operation, + psa_key_derivation_step_t step, + uint64_t value) +{ + return psa_key_derivation_input_integer_internal(operation, step, value); +} + psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, @@ -5696,9 +7059,10 @@ psa_status_t psa_key_derivation_input_key( return status; } - /* Passing a key object as a SECRET input unlocks the permission - * to output to a key object. */ - if (step == PSA_KEY_DERIVATION_INPUT_SECRET) { + /* Passing a key object as a SECRET or PASSWORD input unlocks the + * permission to output to a key object. */ + if (step == PSA_KEY_DERIVATION_INPUT_SECRET || + step == PSA_KEY_DERIVATION_INPUT_PASSWORD) { operation->can_output_key = 1; } @@ -5738,6 +7102,19 @@ psa_status_t psa_key_agreement_raw_builtin(const psa_key_attributes_t *attribute shared_secret_size, shared_secret_length); #endif /* MBEDTLS_PSA_BUILTIN_ALG_ECDH */ + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH) + case PSA_ALG_FFDH: + return mbedtls_psa_ffdh_key_agreement(attributes, + peer_key, + peer_key_length, + key_buffer, + key_buffer_size, + shared_secret, + shared_secret_size, + shared_secret_length); +#endif /* MBEDTLS_PSA_BUILTIN_ALG_FFDH */ + default: (void) attributes; (void) key_buffer; @@ -5867,6 +7244,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot = NULL; + size_t expected_length; if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; @@ -5886,7 +7264,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, * PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() is exact so the point is moot. * If FFDH is implemented, PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE() can easily * be exact for it as well. */ - size_t expected_length = + expected_length = PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(slot->attr.type, slot->attr.bits); if (output_size < expected_length) { status = PSA_ERROR_BUFFER_TOO_SMALL; @@ -5922,6 +7300,10 @@ exit: /* Random generation */ /****************************************************************/ +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include "entropy_poll.h" +#endif + /** Initialize the PSA random generator. */ static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng) @@ -6056,8 +7438,6 @@ int mbedtls_psa_get_random(void *p_rng, #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ #if defined(MBEDTLS_PSA_INJECT_ENTROPY) -#include "entropy_poll.h" - psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, size_t seed_size) { @@ -6099,11 +7479,14 @@ static psa_status_t psa_validate_key_type_and_size_for_key_generation( return status; } } else -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) if (PSA_KEY_TYPE_IS_RSA(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { return PSA_ERROR_NOT_SUPPORTED; } + if (bits < PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Accept only byte-aligned keys, for the same reasons as * in psa_import_rsa_key(). */ @@ -6111,14 +7494,22 @@ static psa_status_t psa_validate_key_type_and_size_for_key_generation( return PSA_ERROR_NOT_SUPPORTED; } } else -#endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) */ +#endif /* defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) */ -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { /* To avoid empty block, return successfully here. */ return PSA_SUCCESS; } else -#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) */ +#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) + if (PSA_KEY_TYPE_IS_DH(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + if (psa_is_dh_key_size_valid(bits) == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } + } else +#endif /* defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) */ { return PSA_ERROR_NOT_SUPPORTED; } @@ -6151,25 +7542,32 @@ psa_status_t psa_generate_key_internal( #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES */ } else -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ - defined(MBEDTLS_GENPRIME) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) if (type == PSA_KEY_TYPE_RSA_KEY_PAIR) { return mbedtls_psa_rsa_generate_key(attributes, key_buffer, key_buffer_size, key_buffer_length); } else -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - * defined(MBEDTLS_GENPRIME) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) if (PSA_KEY_TYPE_IS_ECC(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { return mbedtls_psa_ecp_generate_key(attributes, key_buffer, key_buffer_size, key_buffer_length); } else -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) */ + +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) + if (PSA_KEY_TYPE_IS_DH(type) && PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + return mbedtls_psa_ffdh_generate_key(attributes, + key_buffer, + key_buffer_size, + key_buffer_length); + } else +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) */ { (void) key_buffer_length; return PSA_ERROR_NOT_SUPPORTED; @@ -6320,6 +7718,13 @@ psa_status_t psa_crypto_init(void) return PSA_SUCCESS; } + /* Init drivers */ + status = psa_driver_wrapper_init(); + if (status != PSA_SUCCESS) { + goto exit; + } + global_data.drivers_initialized = 1; + /* Initialize and seed the random generator. */ mbedtls_psa_random_init(&global_data.rng); global_data.rng_state = RNG_INITIALIZED; @@ -6334,12 +7739,6 @@ psa_status_t psa_crypto_init(void) goto exit; } - /* Init drivers */ - status = psa_driver_wrapper_init(); - if (status != PSA_SUCCESS) { - goto exit; - } - #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction(); if (status == PSA_SUCCESS) { @@ -6364,4 +7763,682 @@ exit: return status; } +#if defined(PSA_WANT_ALG_SOME_PAKE) +psa_status_t psa_crypto_driver_pake_get_password_len( + const psa_crypto_driver_pake_inputs_t *inputs, + size_t *password_len) +{ + if (inputs->password_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + *password_len = inputs->password_len; + + return PSA_SUCCESS; +} + +psa_status_t psa_crypto_driver_pake_get_password( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *buffer, size_t buffer_size, size_t *buffer_length) +{ + if (inputs->password_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + if (buffer_size < inputs->password_len) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(buffer, inputs->password, inputs->password_len); + *buffer_length = inputs->password_len; + + return PSA_SUCCESS; +} + +psa_status_t psa_crypto_driver_pake_get_user_len( + const psa_crypto_driver_pake_inputs_t *inputs, + size_t *user_len) +{ + if (inputs->user_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + *user_len = inputs->user_len; + + return PSA_SUCCESS; +} + +psa_status_t psa_crypto_driver_pake_get_user( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *user_id, size_t user_id_size, size_t *user_id_len) +{ + if (inputs->user_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + if (user_id_size < inputs->user_len) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(user_id, inputs->user, inputs->user_len); + *user_id_len = inputs->user_len; + + return PSA_SUCCESS; +} + +psa_status_t psa_crypto_driver_pake_get_peer_len( + const psa_crypto_driver_pake_inputs_t *inputs, + size_t *peer_len) +{ + if (inputs->peer_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + *peer_len = inputs->peer_len; + + return PSA_SUCCESS; +} + +psa_status_t psa_crypto_driver_pake_get_peer( + const psa_crypto_driver_pake_inputs_t *inputs, + uint8_t *peer_id, size_t peer_id_size, size_t *peer_id_length) +{ + if (inputs->peer_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + if (peer_id_size < inputs->peer_len) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(peer_id, inputs->peer, inputs->peer_len); + *peer_id_length = inputs->peer_len; + + return PSA_SUCCESS; +} + +psa_status_t psa_crypto_driver_pake_get_cipher_suite( + const psa_crypto_driver_pake_inputs_t *inputs, + psa_pake_cipher_suite_t *cipher_suite) +{ + if (inputs->cipher_suite.algorithm == PSA_ALG_NONE) { + return PSA_ERROR_BAD_STATE; + } + + *cipher_suite = inputs->cipher_suite; + + return PSA_SUCCESS; +} + +psa_status_t psa_pake_setup( + psa_pake_operation_t *operation, + const psa_pake_cipher_suite_t *cipher_suite) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_SETUP) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + if (PSA_ALG_IS_PAKE(cipher_suite->algorithm) == 0 || + PSA_ALG_IS_HASH(cipher_suite->hash) == 0) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + memset(&operation->data.inputs, 0, sizeof(operation->data.inputs)); + + operation->alg = cipher_suite->algorithm; + operation->primitive = PSA_PAKE_PRIMITIVE(cipher_suite->type, + cipher_suite->family, cipher_suite->bits); + operation->data.inputs.cipher_suite = *cipher_suite; + +#if defined(PSA_WANT_ALG_JPAKE) + if (operation->alg == PSA_ALG_JPAKE) { + psa_jpake_computation_stage_t *computation_stage = + &operation->computation_stage.jpake; + + memset(computation_stage, 0, sizeof(*computation_stage)); + computation_stage->step = PSA_PAKE_STEP_KEY_SHARE; + } else +#endif /* PSA_WANT_ALG_JPAKE */ + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + operation->stage = PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS; + + return PSA_SUCCESS; +exit: + psa_pake_abort(operation); + return status; +} + +psa_status_t psa_pake_set_password_key( + psa_pake_operation_t *operation, + mbedtls_svc_key_id_t password) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot = NULL; + psa_key_attributes_t attributes; + psa_key_type_t type; + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + status = psa_get_and_lock_key_slot_with_policy(password, &slot, + PSA_KEY_USAGE_DERIVE, + operation->alg); + if (status != PSA_SUCCESS) { + goto exit; + } + + attributes = (psa_key_attributes_t) { + .core = slot->attr + }; + + type = psa_get_key_type(&attributes); + + if (type != PSA_KEY_TYPE_PASSWORD && + type != PSA_KEY_TYPE_PASSWORD_HASH) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + operation->data.inputs.password = mbedtls_calloc(1, slot->key.bytes); + if (operation->data.inputs.password == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto exit; + } + + memcpy(operation->data.inputs.password, slot->key.data, slot->key.bytes); + operation->data.inputs.password_len = slot->key.bytes; + operation->data.inputs.attributes = attributes; +exit: + if (status != PSA_SUCCESS) { + psa_pake_abort(operation); + } + unlock_status = psa_unlock_key_slot(slot); + return (status == PSA_SUCCESS) ? unlock_status : status; +} + +psa_status_t psa_pake_set_user( + psa_pake_operation_t *operation, + const uint8_t *user_id, + size_t user_id_len) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + if (user_id_len == 0) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + if (operation->data.inputs.user_len != 0) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + operation->data.inputs.user = mbedtls_calloc(1, user_id_len); + if (operation->data.inputs.user == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto exit; + } + + memcpy(operation->data.inputs.user, user_id, user_id_len); + operation->data.inputs.user_len = user_id_len; + + return PSA_SUCCESS; +exit: + psa_pake_abort(operation); + return status; +} + +psa_status_t psa_pake_set_peer( + psa_pake_operation_t *operation, + const uint8_t *peer_id, + size_t peer_id_len) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + if (peer_id_len == 0) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + if (operation->data.inputs.peer_len != 0) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + operation->data.inputs.peer = mbedtls_calloc(1, peer_id_len); + if (operation->data.inputs.peer == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto exit; + } + + memcpy(operation->data.inputs.peer, peer_id, peer_id_len); + operation->data.inputs.peer_len = peer_id_len; + + return PSA_SUCCESS; +exit: + psa_pake_abort(operation); + return status; +} + +psa_status_t psa_pake_set_role( + psa_pake_operation_t *operation, + psa_pake_role_t role) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + switch (operation->alg) { +#if defined(PSA_WANT_ALG_JPAKE) + case PSA_ALG_JPAKE: + if (role == PSA_PAKE_ROLE_NONE) { + return PSA_SUCCESS; + } + status = PSA_ERROR_INVALID_ARGUMENT; + break; +#endif + default: + (void) role; + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } +exit: + psa_pake_abort(operation); + return status; +} + +/* Auxiliary function to convert core computation stage to single driver step. */ +#if defined(PSA_WANT_ALG_JPAKE) +static psa_crypto_driver_pake_step_t convert_jpake_computation_stage_to_driver_step( + psa_jpake_computation_stage_t *stage) +{ + psa_crypto_driver_pake_step_t key_share_step; + if (stage->round == PSA_JPAKE_FIRST) { + int is_x1; + + if (stage->io_mode == PSA_JPAKE_OUTPUT) { + is_x1 = (stage->outputs < 1); + } else { + is_x1 = (stage->inputs < 1); + } + + key_share_step = is_x1 ? + PSA_JPAKE_X1_STEP_KEY_SHARE : + PSA_JPAKE_X2_STEP_KEY_SHARE; + } else if (stage->round == PSA_JPAKE_SECOND) { + key_share_step = (stage->io_mode == PSA_JPAKE_OUTPUT) ? + PSA_JPAKE_X2S_STEP_KEY_SHARE : + PSA_JPAKE_X4S_STEP_KEY_SHARE; + } else { + return PSA_JPAKE_STEP_INVALID; + } + return (psa_crypto_driver_pake_step_t) (key_share_step + stage->step - PSA_PAKE_STEP_KEY_SHARE); +} +#endif /* PSA_WANT_ALG_JPAKE */ + +static psa_status_t psa_pake_complete_inputs( + psa_pake_operation_t *operation) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + /* Create copy of the inputs on stack as inputs share memory + with the driver context which will be setup by the driver. */ + psa_crypto_driver_pake_inputs_t inputs = operation->data.inputs; + + if (inputs.password_len == 0) { + return PSA_ERROR_BAD_STATE; + } + + if (operation->alg == PSA_ALG_JPAKE) { + if (inputs.user_len == 0 || inputs.peer_len == 0) { + return PSA_ERROR_BAD_STATE; + } + } + + /* Clear driver context */ + mbedtls_platform_zeroize(&operation->data, sizeof(operation->data)); + + status = psa_driver_wrapper_pake_setup(operation, &inputs); + + /* Driver is responsible for creating its own copy of the password. */ + mbedtls_zeroize_and_free(inputs.password, inputs.password_len); + + /* User and peer are translated to role. */ + mbedtls_free(inputs.user); + mbedtls_free(inputs.peer); + + if (status == PSA_SUCCESS) { +#if defined(PSA_WANT_ALG_JPAKE) + if (operation->alg == PSA_ALG_JPAKE) { + operation->stage = PSA_PAKE_OPERATION_STAGE_COMPUTATION; + } else +#endif /* PSA_WANT_ALG_JPAKE */ + { + status = PSA_ERROR_NOT_SUPPORTED; + } + } + return status; +} + +#if defined(PSA_WANT_ALG_JPAKE) +static psa_status_t psa_jpake_prologue( + psa_pake_operation_t *operation, + psa_pake_step_t step, + psa_jpake_io_mode_t io_mode) +{ + if (step != PSA_PAKE_STEP_KEY_SHARE && + step != PSA_PAKE_STEP_ZK_PUBLIC && + step != PSA_PAKE_STEP_ZK_PROOF) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + psa_jpake_computation_stage_t *computation_stage = + &operation->computation_stage.jpake; + + if (computation_stage->round != PSA_JPAKE_FIRST && + computation_stage->round != PSA_JPAKE_SECOND) { + return PSA_ERROR_BAD_STATE; + } + + /* Check that the step we are given is the one we were expecting */ + if (step != computation_stage->step) { + return PSA_ERROR_BAD_STATE; + } + + if (step == PSA_PAKE_STEP_KEY_SHARE && + computation_stage->inputs == 0 && + computation_stage->outputs == 0) { + /* Start of the round, so function decides whether we are inputting + * or outputting */ + computation_stage->io_mode = io_mode; + } else if (computation_stage->io_mode != io_mode) { + /* Middle of the round so the mode we are in must match the function + * called by the user */ + return PSA_ERROR_BAD_STATE; + } + + return PSA_SUCCESS; +} + +static psa_status_t psa_jpake_epilogue( + psa_pake_operation_t *operation, + psa_jpake_io_mode_t io_mode) +{ + psa_jpake_computation_stage_t *stage = + &operation->computation_stage.jpake; + + if (stage->step == PSA_PAKE_STEP_ZK_PROOF) { + /* End of an input/output */ + if (io_mode == PSA_JPAKE_INPUT) { + stage->inputs++; + if (stage->inputs == PSA_JPAKE_EXPECTED_INPUTS(stage->round)) { + stage->io_mode = PSA_JPAKE_OUTPUT; + } + } + if (io_mode == PSA_JPAKE_OUTPUT) { + stage->outputs++; + if (stage->outputs == PSA_JPAKE_EXPECTED_OUTPUTS(stage->round)) { + stage->io_mode = PSA_JPAKE_INPUT; + } + } + if (stage->inputs == PSA_JPAKE_EXPECTED_INPUTS(stage->round) && + stage->outputs == PSA_JPAKE_EXPECTED_OUTPUTS(stage->round)) { + /* End of a round, move to the next round */ + stage->inputs = 0; + stage->outputs = 0; + stage->round++; + } + stage->step = PSA_PAKE_STEP_KEY_SHARE; + } else { + stage->step++; + } + return PSA_SUCCESS; +} + +#endif /* PSA_WANT_ALG_JPAKE */ + +psa_status_t psa_pake_output( + psa_pake_operation_t *operation, + psa_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_crypto_driver_pake_step_t driver_step = PSA_JPAKE_STEP_INVALID; + *output_length = 0; + + if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + status = psa_pake_complete_inputs(operation); + if (status != PSA_SUCCESS) { + goto exit; + } + } + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COMPUTATION) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + if (output_size == 0) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + switch (operation->alg) { +#if defined(PSA_WANT_ALG_JPAKE) + case PSA_ALG_JPAKE: + status = psa_jpake_prologue(operation, step, PSA_JPAKE_OUTPUT); + if (status != PSA_SUCCESS) { + goto exit; + } + driver_step = convert_jpake_computation_stage_to_driver_step( + &operation->computation_stage.jpake); + break; +#endif /* PSA_WANT_ALG_JPAKE */ + default: + (void) step; + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + status = psa_driver_wrapper_pake_output(operation, driver_step, + output, output_size, output_length); + + if (status != PSA_SUCCESS) { + goto exit; + } + + switch (operation->alg) { +#if defined(PSA_WANT_ALG_JPAKE) + case PSA_ALG_JPAKE: + status = psa_jpake_epilogue(operation, PSA_JPAKE_OUTPUT); + if (status != PSA_SUCCESS) { + goto exit; + } + break; +#endif /* PSA_WANT_ALG_JPAKE */ + default: + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + return PSA_SUCCESS; +exit: + psa_pake_abort(operation); + return status; +} + +psa_status_t psa_pake_input( + psa_pake_operation_t *operation, + psa_pake_step_t step, + const uint8_t *input, + size_t input_length) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_crypto_driver_pake_step_t driver_step = PSA_JPAKE_STEP_INVALID; + const size_t max_input_length = (size_t) PSA_PAKE_INPUT_SIZE(operation->alg, + operation->primitive, + step); + + if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + status = psa_pake_complete_inputs(operation); + if (status != PSA_SUCCESS) { + goto exit; + } + } + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COMPUTATION) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + + if (input_length == 0 || input_length > max_input_length) { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + switch (operation->alg) { +#if defined(PSA_WANT_ALG_JPAKE) + case PSA_ALG_JPAKE: + status = psa_jpake_prologue(operation, step, PSA_JPAKE_INPUT); + if (status != PSA_SUCCESS) { + goto exit; + } + driver_step = convert_jpake_computation_stage_to_driver_step( + &operation->computation_stage.jpake); + break; +#endif /* PSA_WANT_ALG_JPAKE */ + default: + (void) step; + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + status = psa_driver_wrapper_pake_input(operation, driver_step, + input, input_length); + + if (status != PSA_SUCCESS) { + goto exit; + } + + switch (operation->alg) { +#if defined(PSA_WANT_ALG_JPAKE) + case PSA_ALG_JPAKE: + status = psa_jpake_epilogue(operation, PSA_JPAKE_INPUT); + if (status != PSA_SUCCESS) { + goto exit; + } + break; +#endif /* PSA_WANT_ALG_JPAKE */ + default: + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + return PSA_SUCCESS; +exit: + psa_pake_abort(operation); + return status; +} + +psa_status_t psa_pake_get_implicit_key( + psa_pake_operation_t *operation, + psa_key_derivation_operation_t *output) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; + uint8_t shared_key[MBEDTLS_PSA_JPAKE_BUFFER_SIZE]; + size_t shared_key_len = 0; + + if (operation->stage != PSA_PAKE_OPERATION_STAGE_COMPUTATION) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + +#if defined(PSA_WANT_ALG_JPAKE) + if (operation->alg == PSA_ALG_JPAKE) { + psa_jpake_computation_stage_t *computation_stage = + &operation->computation_stage.jpake; + if (computation_stage->round != PSA_JPAKE_FINISHED) { + status = PSA_ERROR_BAD_STATE; + goto exit; + } + } else +#endif /* PSA_WANT_ALG_JPAKE */ + { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + + status = psa_driver_wrapper_pake_get_implicit_key(operation, + shared_key, + sizeof(shared_key), + &shared_key_len); + + if (status != PSA_SUCCESS) { + goto exit; + } + + status = psa_key_derivation_input_bytes(output, + PSA_KEY_DERIVATION_INPUT_SECRET, + shared_key, + shared_key_len); + + mbedtls_platform_zeroize(shared_key, sizeof(shared_key)); +exit: + abort_status = psa_pake_abort(operation); + return status == PSA_SUCCESS ? abort_status : status; +} + +psa_status_t psa_pake_abort( + psa_pake_operation_t *operation) +{ + psa_status_t status = PSA_SUCCESS; + + if (operation->stage == PSA_PAKE_OPERATION_STAGE_COMPUTATION) { + status = psa_driver_wrapper_pake_abort(operation); + } + + if (operation->stage == PSA_PAKE_OPERATION_STAGE_COLLECT_INPUTS) { + if (operation->data.inputs.password != NULL) { + mbedtls_zeroize_and_free(operation->data.inputs.password, + operation->data.inputs.password_len); + } + if (operation->data.inputs.user != NULL) { + mbedtls_free(operation->data.inputs.user); + } + if (operation->data.inputs.peer != NULL) { + mbedtls_free(operation->data.inputs.peer); + } + } + memset(operation, 0, sizeof(psa_pake_operation_t)); + + return status; +} +#endif /* PSA_WANT_ALG_SOME_PAKE */ + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h index 2ae8fe82d..4b24b0f68 100644 --- a/library/psa_crypto_aead.h +++ b/library/psa_crypto_aead.h @@ -71,10 +71,10 @@ * \retval #PSA_SUCCESS Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * ciphertext_size is too small. - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_aead_encrypt( const psa_key_attributes_t *attributes, @@ -134,10 +134,10 @@ psa_status_t mbedtls_psa_aead_encrypt( * The cipher is not authentic. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * plaintext_size is too small. - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_aead_decrypt( const psa_key_attributes_t *attributes, diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index c501144e3..b997a07cf 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -306,7 +306,7 @@ static psa_status_t psa_cipher_update_ecb( size_t *output_length) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - size_t block_size = ctx->cipher_info->block_size; + size_t block_size = mbedtls_cipher_info_get_block_size(ctx->cipher_info); size_t internal_output_length = 0; *output_length = 0; diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 6cc6bf614..bf43ff08a 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -59,10 +59,10 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_cipher_encrypt_setup( mbedtls_psa_cipher_operation_t *operation, @@ -89,10 +89,10 @@ psa_status_t mbedtls_psa_cipher_encrypt_setup( * (\c PSA_ALG_XXX value such that * #PSA_ALG_IS_CIPHER(\p alg) is true). * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_cipher_decrypt_setup( mbedtls_psa_cipher_operation_t *operation, @@ -116,11 +116,11 @@ psa_status_t mbedtls_psa_cipher_decrypt_setup( * the core to be less or equal to * PSA_CIPHER_IV_MAX_SIZE. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * The size of \p iv is not acceptable for the chosen algorithm, * or the chosen algorithm does not use an IV. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation, @@ -142,10 +142,10 @@ psa_status_t mbedtls_psa_cipher_set_iv( * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation, @@ -165,7 +165,7 @@ psa_status_t mbedtls_psa_cipher_update( * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * The total input size passed to this operation is not valid for * this particular algorithm. For example, the algorithm is a based @@ -176,7 +176,7 @@ psa_status_t mbedtls_psa_cipher_update( * padding, and the ciphertext does not contain valid padding. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation, @@ -195,7 +195,7 @@ psa_status_t mbedtls_psa_cipher_finish( * * \param[in,out] operation Initialized cipher operation. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription */ psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation); @@ -224,10 +224,10 @@ psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation) * the returned output. Initialized to zero * by the core. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INVALID_ARGUMENT @@ -275,10 +275,10 @@ psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes, * the returned output. Initialized to zero * by the core. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. * \retval #PSA_ERROR_INVALID_ARGUMENT diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 38e4bc5cc..29b3b94bf 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -21,31 +21,29 @@ #ifndef PSA_CRYPTO_CORE_H #define PSA_CRYPTO_CORE_H -#include "mbedtls/build_info.h" +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" #include "psa/crypto.h" #include "psa/crypto_se_driver.h" -/** Constant-time buffer comparison +/** + * Tell if PSA is ready for this hash. * - * \param[in] a Left-hand buffer for comparison. - * \param[in] b Right-hand buffer for comparison. - * \param n Amount of bytes to compare. + * \note For now, only checks the state of the driver subsystem, + * not the algorithm. Might do more in the future. * - * \return 0 if the buffer contents are equal, non-zero otherwise + * \param hash_alg The hash algorithm (ignored for now). + * + * \return 1 if the driver subsytem is ready, 0 otherwise. */ -static inline int mbedtls_psa_safer_memcmp( - const uint8_t *a, const uint8_t *b, size_t n) -{ - size_t i; - unsigned char diff = 0; - - for (i = 0; i < n; i++) { - diff |= a[i] ^ b[i]; - } - - return diff; -} +int psa_can_do_hash(psa_algorithm_t hash_alg); /** The data structure representing a key slot, containing key material * and metadata for one key. @@ -182,24 +180,6 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( } #endif -/** Get the description of a key given its identifier and policy constraints - * and lock it. - * - * The key must have allow all the usage flags set in \p usage. If \p alg is - * nonzero, the key must allow operations with this algorithm. If \p alg is - * zero, the algorithm is not checked. - * - * In case of a persistent key, the function loads the description of the key - * into a key slot if not already done. - * - * On success, the returned key slot is locked. It is the responsibility of - * the caller to unlock the key slot when it does not access it anymore. - */ -psa_status_t psa_get_and_lock_key_slot_with_policy(mbedtls_svc_key_id_t key, - psa_key_slot_t **p_slot, - psa_key_usage_t usage, - psa_algorithm_t alg); - /** Completely wipe a slot in memory, including its policy. * * Persistent storage is not affected. @@ -209,7 +189,7 @@ psa_status_t psa_get_and_lock_key_slot_with_policy(mbedtls_svc_key_id_t key, * \retval #PSA_SUCCESS * Success. This includes the case of a key slot that was * already fully wiped. - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot); @@ -252,12 +232,12 @@ psa_status_t psa_copy_key_material_into_slot(psa_key_slot_t *slot, const uint8_t *data, size_t data_length); -/** Convert an mbed TLS error code to a PSA error code +/** Convert an Mbed TLS error code to a PSA error code * * \note This function is provided solely for the convenience of * Mbed TLS and may be removed at any time without notice. * - * \param ret An mbed TLS-thrown error code + * \param ret An Mbed TLS-thrown error code * * \return The corresponding PSA error code */ @@ -285,9 +265,9 @@ psa_status_t mbedtls_to_psa_error(int ret); * \retval #PSA_SUCCESS The key was imported successfully. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key data is not correctly formatted. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t psa_import_key_into_slot( const psa_key_attributes_t *attributes, @@ -310,12 +290,12 @@ psa_status_t psa_import_key_into_slot( * \p data * * \retval #PSA_SUCCESS The key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_export_key_internal( const psa_key_attributes_t *attributes, @@ -338,12 +318,12 @@ psa_status_t psa_export_key_internal( * \p data * * \retval #PSA_SUCCESS The public key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_export_public_key_internal( const psa_key_attributes_t *attributes, @@ -364,7 +344,7 @@ psa_status_t psa_export_public_key_internal( * * \retval #PSA_SUCCESS * The key was generated successfully. - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription * \retval #PSA_ERROR_NOT_SUPPORTED * Key size in bits or type not supported. * \retval #PSA_ERROR_BUFFER_TOO_SMALL @@ -399,18 +379,18 @@ psa_status_t psa_generate_key_internal(const psa_key_attributes_t *attributes, * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of the key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t psa_sign_message_builtin( const psa_key_attributes_t *attributes, @@ -445,9 +425,9 @@ psa_status_t psa_sign_message_builtin( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_verify_message_builtin( const psa_key_attributes_t *attributes, @@ -475,18 +455,18 @@ psa_status_t psa_verify_message_builtin( * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of the key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, @@ -519,9 +499,9 @@ psa_status_t psa_sign_hash_builtin( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, @@ -577,8 +557,8 @@ psa_status_t psa_validate_unstructured_key_bit_size(psa_key_type_t type, * up the returned shared secret. * \retval #PSA_SUCCESS * Success. Shared secret successfully calculated. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a key agreement algorithm, or * \p private_key is not compatible with \p alg, @@ -588,12 +568,12 @@ psa_status_t psa_validate_unstructured_key_bit_size(psa_key_type_t type, * \p shared_secret_size is too small * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not a supported key agreement algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE \emptydescription */ psa_status_t psa_key_agreement_raw_builtin( const psa_key_attributes_t *attributes, @@ -606,4 +586,272 @@ psa_status_t psa_key_agreement_raw_builtin( size_t shared_secret_size, size_t *shared_secret_length); +/** + * \brief Set the maximum number of ops allowed to be executed by an + * interruptible function in a single call. + * + * \note The signature of this function is that of a PSA driver + * interruptible_set_max_ops entry point. This function behaves as an + * interruptible_set_max_ops entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in] max_ops The maximum number of ops to be executed in a + * single call, this can be a number from 0 to + * #PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED, where 0 + * is obviously the least amount of work done per + * call. + */ +void mbedtls_psa_interruptible_set_max_ops(uint32_t max_ops); + +/** + * \brief Get the maximum number of ops allowed to be executed by an + * interruptible function in a single call. + * + * \note The signature of this function is that of a PSA driver + * interruptible_get_max_ops entry point. This function behaves as an + * interruptible_get_max_ops entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \return Maximum number of ops allowed to be executed + * by an interruptible function in a single call. + */ +uint32_t mbedtls_psa_interruptible_get_max_ops(void); + +/** + * \brief Get the number of ops that a hash signing operation has taken for the + * previous call. If no call or work has taken place, this will return + * zero. + * + * \note The signature of this function is that of a PSA driver + * sign_hash_get_num_ops entry point. This function behaves as an + * sign_hash_get_num_ops entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param operation The \c + * mbedtls_psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \return Number of ops that were completed + * in the last call to \c + * mbedtls_psa_sign_hash_complete(). + */ +uint32_t mbedtls_psa_sign_hash_get_num_ops( + const mbedtls_psa_sign_hash_interruptible_operation_t *operation); + +/** + * \brief Get the number of ops that a hash verification operation has taken for + * the previous call. If no call or work has taken place, this will + * return zero. + * + * \note The signature of this function is that of a PSA driver + * verify_hash_get_num_ops entry point. This function behaves as an + * verify_hash_get_num_ops entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param operation The \c + * mbedtls_psa_verify_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \return Number of ops that were completed + * in the last call to \c + * mbedtls_psa_verify_hash_complete(). + */ +uint32_t mbedtls_psa_verify_hash_get_num_ops( + const mbedtls_psa_verify_hash_interruptible_operation_t *operation); + +/** + * \brief Start signing a hash or short message with a private key, in an + * interruptible manner. + * + * \note The signature of this function is that of a PSA driver + * sign_hash_start entry point. This function behaves as a + * sign_hash_start entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c + * mbedtls_psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first. + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A signature algorithm that is compatible with + * the type of the key. + * \param[in] hash The hash or message to sign. + * \param hash_length Size of the \p hash buffer in bytes. + * + * \retval #PSA_SUCCESS + * The operation started successfully - call \c psa_sign_hash_complete() + * with the same context to complete the operation + * \retval #PSA_ERROR_INVALID_ARGUMENT + * An unsupported, incorrectly formatted or incorrect type of key was + * used. + * \retval #PSA_ERROR_NOT_SUPPORTED Either no internal interruptible operations + * are currently supported, or the key type is currently unsupported. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There was insufficient memory to load the key representation. + */ +psa_status_t mbedtls_psa_sign_hash_start( + mbedtls_psa_sign_hash_interruptible_operation_t *operation, + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length); + +/** + * \brief Continue and eventually complete the action of signing a hash or + * short message with a private key, in an interruptible manner. + * + * \note The signature of this function is that of a PSA driver + * sign_hash_complete entry point. This function behaves as a + * sign_hash_complete entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c + * mbedtls_psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \param[out] signature Buffer where the signature is to be written. + * \param signature_size Size of the \p signature buffer in bytes. This + * must be appropriate for the selected + * algorithm and key. + * \param[out] signature_length On success, the number of bytes that make up + * the returned signature value. + * + * \retval #PSA_SUCCESS + * Operation completed successfully + * + * \retval #PSA_OPERATION_INCOMPLETE + * Operation was interrupted due to the setting of \c + * psa_interruptible_set_max_ops(), there is still work to be done, + * please call this function again with the same operation object. + * + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p key. + * + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + */ +psa_status_t mbedtls_psa_sign_hash_complete( + mbedtls_psa_sign_hash_interruptible_operation_t *operation, + uint8_t *signature, size_t signature_size, + size_t *signature_length); + +/** + * \brief Abort a sign hash operation. + * + * \note The signature of this function is that of a PSA driver sign_hash_abort + * entry point. This function behaves as a sign_hash_abort entry point as + * defined in the PSA driver interface specification for transparent + * drivers. + * + * \param[in] operation The \c + * mbedtls_psa_sign_hash_interruptible_operation_t + * to abort. + * + * \retval #PSA_SUCCESS + * The operation was aborted successfully. + */ +psa_status_t mbedtls_psa_sign_hash_abort( + mbedtls_psa_sign_hash_interruptible_operation_t *operation); + +/** + * \brief Start reading and verifying a hash or short message, in an + * interruptible manner. + * + * \note The signature of this function is that of a PSA driver + * verify_hash_start entry point. This function behaves as a + * verify_hash_start entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c + * mbedtls_psa_verify_hash_interruptible_operation_t + * to use. This must be initialized first. + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A signature algorithm that is compatible with + * the type of the key. + * \param[in] hash The hash whose signature is to be verified. + * \param hash_length Size of the \p hash buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The operation started successfully - call \c psa_sign_hash_complete() + * with the same context to complete the operation + * \retval #PSA_ERROR_INVALID_ARGUMENT + * An unsupported or incorrect type of key was used. + * \retval #PSA_ERROR_NOT_SUPPORTED + * Either no internal interruptible operations are currently supported, + * or the key type is currently unsupported. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There was insufficient memory either to load the key representation, + * or to prepare the operation. + */ +psa_status_t mbedtls_psa_verify_hash_start( + mbedtls_psa_verify_hash_interruptible_operation_t *operation, + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length); + +/** + * \brief Continue and eventually complete the action of signing a hash or + * short message with a private key, in an interruptible manner. + * + * \note The signature of this function is that of a PSA driver + * sign_hash_complete entry point. This function behaves as a + * sign_hash_complete entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c + * mbedtls_psa_sign_hash_interruptible_operation_t + * to use. This must be initialized first. + * + * \retval #PSA_SUCCESS + * Operation completed successfully, and the passed signature is valid. + * + * \retval #PSA_OPERATION_INCOMPLETE + * Operation was interrupted due to the setting of \c + * psa_interruptible_set_max_ops(), there is still work to be done, + * please call this function again with the same operation object. + * + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was performed successfully, but the passed + * signature is not a valid signature. + * + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + */ +psa_status_t mbedtls_psa_verify_hash_complete( + mbedtls_psa_verify_hash_interruptible_operation_t *operation); + +/** + * \brief Abort a verify signed hash operation. + * + * \note The signature of this function is that of a PSA driver + * verify_hash_abort entry point. This function behaves as a + * verify_hash_abort entry point as defined in the PSA driver interface + * specification for transparent drivers. + * + * \param[in] operation The \c + * mbedtls_psa_verify_hash_interruptible_operation_t + * to abort. + * + * \retval #PSA_SUCCESS + * The operation was aborted successfully. + */ +psa_status_t mbedtls_psa_verify_hash_abort( + mbedtls_psa_verify_hash_interruptible_operation_t *operation); + #endif /* PSA_CRYPTO_CORE_H */ diff --git a/library/psa_crypto_core_common.h b/library/psa_crypto_core_common.h new file mode 100644 index 000000000..dd72ab162 --- /dev/null +++ b/library/psa_crypto_core_common.h @@ -0,0 +1,64 @@ +/** + * \file psa_crypto_core_common.h + * + * \brief Utility macros for internal use in the PSA cryptography core. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_CORE_COMMON_H +#define PSA_CRYPTO_CORE_COMMON_H + +/** Return an offset into a buffer. + * + * This is just the addition of an offset to a pointer, except that this + * function also accepts an offset of 0 into a buffer whose pointer is null. + * (`p + n` has undefined behavior when `p` is null, even when `n == 0`. + * A null pointer is a valid buffer pointer when the size is 0, for example + * as the result of `malloc(0)` on some platforms.) + * + * \param p Pointer to a buffer of at least n bytes. + * This may be \p NULL if \p n is zero. + * \param n An offset in bytes. + * \return Pointer to offset \p n in the buffer \p p. + * Note that this is only a valid pointer if the size of the + * buffer is at least \p n + 1. + */ +static inline unsigned char *psa_crypto_buffer_offset( + unsigned char *p, size_t n) +{ + return p == NULL ? NULL : p + n; +} + +/** Return an offset into a read-only buffer. + * + * Similar to mbedtls_buffer_offset(), but for const pointers. + * + * \param p Pointer to a buffer of at least n bytes. + * This may be \p NULL if \p n is zero. + * \param n An offset in bytes. + * \return Pointer to offset \p n in the buffer \p p. + * Note that this is only a valid pointer if the size of the + * buffer is at least \p n + 1. + */ +static inline const unsigned char *psa_crypto_buffer_offset_const( + const unsigned char *p, size_t n) +{ + return p == NULL ? NULL : p + n; +} + +#endif /* PSA_CRYPTO_CORE_COMMON_H */ diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h deleted file mode 100644 index da3cd1d5d..000000000 --- a/library/psa_crypto_driver_wrappers.h +++ /dev/null @@ -1,376 +0,0 @@ -/* - * Function signatures for functionality that can be provided by - * cryptographic accelerators. - */ -/* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_DRIVER_WRAPPERS_H -#define PSA_CRYPTO_DRIVER_WRAPPERS_H - -#include "psa/crypto.h" -#include "psa/crypto_driver_common.h" - -/* - * Initialization and termination functions - */ -psa_status_t psa_driver_wrapper_init(void); -void psa_driver_wrapper_free(void); - -/* - * Signature functions - */ -psa_status_t psa_driver_wrapper_sign_message( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *signature, - size_t signature_size, - size_t *signature_length); - -psa_status_t psa_driver_wrapper_verify_message( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *signature, - size_t signature_length); - -psa_status_t psa_driver_wrapper_sign_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length); - -psa_status_t psa_driver_wrapper_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length); - -/* - * Key handling functions - */ - -psa_status_t psa_driver_wrapper_import_key( - const psa_key_attributes_t *attributes, - const uint8_t *data, size_t data_length, - uint8_t *key_buffer, size_t key_buffer_size, - size_t *key_buffer_length, size_t *bits); - -psa_status_t psa_driver_wrapper_export_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length); - -psa_status_t psa_driver_wrapper_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length); - -psa_status_t psa_driver_wrapper_get_key_buffer_size( - const psa_key_attributes_t *attributes, - size_t *key_buffer_size); - -psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( - const psa_key_attributes_t *attributes, - const uint8_t *data, - size_t data_length, - size_t *key_buffer_size); - -psa_status_t psa_driver_wrapper_generate_key( - const psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); - -psa_status_t psa_driver_wrapper_get_builtin_key( - psa_drv_slot_number_t slot_number, - psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); - -psa_status_t psa_driver_wrapper_copy_key( - psa_key_attributes_t *attributes, - const uint8_t *source_key, size_t source_key_length, - uint8_t *target_key_buffer, size_t target_key_buffer_size, - size_t *target_key_buffer_length); -/* - * Cipher functions - */ -psa_status_t psa_driver_wrapper_cipher_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *iv, - size_t iv_length, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -psa_status_t psa_driver_wrapper_cipher_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -psa_status_t psa_driver_wrapper_cipher_encrypt_setup( - psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_cipher_decrypt_setup( - psa_cipher_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_cipher_set_iv( - psa_cipher_operation_t *operation, - const uint8_t *iv, - size_t iv_length); - -psa_status_t psa_driver_wrapper_cipher_update( - psa_cipher_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -psa_status_t psa_driver_wrapper_cipher_finish( - psa_cipher_operation_t *operation, - uint8_t *output, - size_t output_size, - size_t *output_length); - -psa_status_t psa_driver_wrapper_cipher_abort( - psa_cipher_operation_t *operation); - -/* - * Hashing functions - */ -psa_status_t psa_driver_wrapper_hash_compute( - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t psa_driver_wrapper_hash_setup( - psa_hash_operation_t *operation, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_hash_clone( - const psa_hash_operation_t *source_operation, - psa_hash_operation_t *target_operation); - -psa_status_t psa_driver_wrapper_hash_update( - psa_hash_operation_t *operation, - const uint8_t *input, - size_t input_length); - -psa_status_t psa_driver_wrapper_hash_finish( - psa_hash_operation_t *operation, - uint8_t *hash, - size_t hash_size, - size_t *hash_length); - -psa_status_t psa_driver_wrapper_hash_abort( - psa_hash_operation_t *operation); - -/* - * AEAD functions - */ - -psa_status_t psa_driver_wrapper_aead_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *nonce, size_t nonce_length, - const uint8_t *additional_data, size_t additional_data_length, - const uint8_t *plaintext, size_t plaintext_length, - uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length); - -psa_status_t psa_driver_wrapper_aead_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *nonce, size_t nonce_length, - const uint8_t *additional_data, size_t additional_data_length, - const uint8_t *ciphertext, size_t ciphertext_length, - uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length); - -psa_status_t psa_driver_wrapper_aead_encrypt_setup( - psa_aead_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_aead_decrypt_setup( - psa_aead_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_aead_set_nonce( - psa_aead_operation_t *operation, - const uint8_t *nonce, - size_t nonce_length); - -psa_status_t psa_driver_wrapper_aead_set_lengths( - psa_aead_operation_t *operation, - size_t ad_length, - size_t plaintext_length); - -psa_status_t psa_driver_wrapper_aead_update_ad( - psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length); - -psa_status_t psa_driver_wrapper_aead_update( - psa_aead_operation_t *operation, - const uint8_t *input, - size_t input_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -psa_status_t psa_driver_wrapper_aead_finish( - psa_aead_operation_t *operation, - uint8_t *ciphertext, - size_t ciphertext_size, - size_t *ciphertext_length, - uint8_t *tag, - size_t tag_size, - size_t *tag_length); - -psa_status_t psa_driver_wrapper_aead_verify( - psa_aead_operation_t *operation, - uint8_t *plaintext, - size_t plaintext_size, - size_t *plaintext_length, - const uint8_t *tag, - size_t tag_length); - -psa_status_t psa_driver_wrapper_aead_abort( - psa_aead_operation_t *operation); - -/* - * MAC functions - */ -psa_status_t psa_driver_wrapper_mac_compute( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - uint8_t *mac, - size_t mac_size, - size_t *mac_length); - -psa_status_t psa_driver_wrapper_mac_sign_setup( - psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_mac_verify_setup( - psa_mac_operation_t *operation, - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg); - -psa_status_t psa_driver_wrapper_mac_update( - psa_mac_operation_t *operation, - const uint8_t *input, - size_t input_length); - -psa_status_t psa_driver_wrapper_mac_sign_finish( - psa_mac_operation_t *operation, - uint8_t *mac, - size_t mac_size, - size_t *mac_length); - -psa_status_t psa_driver_wrapper_mac_verify_finish( - psa_mac_operation_t *operation, - const uint8_t *mac, - size_t mac_length); - -psa_status_t psa_driver_wrapper_mac_abort( - psa_mac_operation_t *operation); - -/* - * Asymmetric cryptography - */ -psa_status_t psa_driver_wrapper_asymmetric_encrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -psa_status_t psa_driver_wrapper_asymmetric_decrypt( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *input, - size_t input_length, - const uint8_t *salt, - size_t salt_length, - uint8_t *output, - size_t output_size, - size_t *output_length); - -/* - * Raw Key Agreement - */ -psa_status_t psa_driver_wrapper_key_agreement( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, - size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *peer_key, - size_t peer_key_length, - uint8_t *shared_secret, - size_t shared_secret_size, - size_t *shared_secret_length); - -#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_H */ - -/* End of automatically generated file. */ diff --git a/library/psa_crypto_driver_wrappers_no_static.h b/library/psa_crypto_driver_wrappers_no_static.h new file mode 100644 index 000000000..4985403cd --- /dev/null +++ b/library/psa_crypto_driver_wrappers_no_static.h @@ -0,0 +1,43 @@ +/* + * Function signatures for functionality that can be provided by + * cryptographic accelerators. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_DRIVER_WRAPPERS_NO_STATIC_H +#define PSA_CRYPTO_DRIVER_WRAPPERS_NO_STATIC_H + +#include "psa/crypto.h" +#include "psa/crypto_driver_common.h" + +psa_status_t psa_driver_wrapper_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length); + +psa_status_t psa_driver_wrapper_get_key_buffer_size( + const psa_key_attributes_t *attributes, + size_t *key_buffer_size); + +psa_status_t psa_driver_wrapper_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); + +#endif /* PSA_CRYPTO_DRIVER_WRAPPERS_NO_STATIC_H */ + +/* End of automatically generated file. */ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index c4ccefd75..5c7786504 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -26,7 +26,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" #include "psa_crypto_random_impl.h" -#include "hash_info.h" +#include "md_psa.h" #include #include @@ -37,7 +37,9 @@ #include #include -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ @@ -150,13 +152,16 @@ exit: return status; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) psa_status_t mbedtls_psa_ecp_import_key( @@ -277,10 +282,11 @@ psa_status_t mbedtls_psa_ecp_export_public_key( return status; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) psa_status_t mbedtls_psa_ecp_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) @@ -325,7 +331,7 @@ psa_status_t mbedtls_psa_ecp_generate_key( return status; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */ +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE */ /****************************************************************/ /* ECDSA sign/verify */ @@ -366,7 +372,7 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( if (PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); - mbedtls_md_type_t md_alg = mbedtls_hash_info_md_from_psa(hash_alg); + mbedtls_md_type_t md_alg = mbedtls_md_type_from_psa_alg(hash_alg); MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_det_ext( &ecp->grp, &r, &s, &ecp->d, hash, @@ -404,6 +410,21 @@ cleanup: return mbedtls_to_psa_error(ret); } +psa_status_t mbedtls_psa_ecp_load_public_part(mbedtls_ecp_keypair *ecp) +{ + int ret = 0; + + /* Check whether the public part is loaded. If not, load it. */ + if (mbedtls_ecp_is_zero(&ecp->Q)) { + ret = mbedtls_ecp_mul(&ecp->grp, &ecp->Q, + &ecp->d, &ecp->grp.G, + mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE); + } + + return mbedtls_to_psa_error(ret); +} + psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -412,7 +433,6 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_keypair *ecp = NULL; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t curve_bytes; mbedtls_mpi r, s; @@ -432,34 +452,39 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( mbedtls_mpi_init(&s); if (signature_length != 2 * curve_bytes) { - ret = MBEDTLS_ERR_ECP_VERIFY_FAILED; + status = PSA_ERROR_INVALID_SIGNATURE; goto cleanup; } - MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&r, - signature, - curve_bytes)); - MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&s, - signature + curve_bytes, - curve_bytes)); - - /* Check whether the public part is loaded. If not, load it. */ - if (mbedtls_ecp_is_zero(&ecp->Q)) { - MBEDTLS_MPI_CHK( - mbedtls_ecp_mul(&ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G, - mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)); + status = mbedtls_to_psa_error(mbedtls_mpi_read_binary(&r, + signature, + curve_bytes)); + if (status != PSA_SUCCESS) { + goto cleanup; } - ret = mbedtls_ecdsa_verify(&ecp->grp, hash, hash_length, - &ecp->Q, &r, &s); + status = mbedtls_to_psa_error(mbedtls_mpi_read_binary(&s, + signature + curve_bytes, + curve_bytes)); + if (status != PSA_SUCCESS) { + goto cleanup; + } + status = mbedtls_psa_ecp_load_public_part(ecp); + if (status != PSA_SUCCESS) { + goto cleanup; + } + + status = mbedtls_to_psa_error(mbedtls_ecdsa_verify(&ecp->grp, hash, + hash_length, &ecp->Q, + &r, &s)); cleanup: mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); mbedtls_ecp_keypair_free(ecp); mbedtls_free(ecp); - return mbedtls_to_psa_error(ret); + return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index 71f9d6acc..f4ad3d277 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -48,6 +48,15 @@ psa_status_t mbedtls_psa_ecp_load_representation(psa_key_type_t type, size_t data_length, mbedtls_ecp_keypair **p_ecp); +/** Load the public part of an internal ECP, if required. + * + * \param ecp The ECP context to load the public part for. + * + * \return PSA_SUCCESS on success, otherwise an MPI error. + */ + +psa_status_t mbedtls_psa_ecp_load_public_part(mbedtls_ecp_keypair *ecp); + /** Import an ECP key in binary format. * * \note The signature of this function is that of a PSA driver @@ -70,9 +79,9 @@ psa_status_t mbedtls_psa_ecp_load_representation(psa_key_type_t type, * \retval #PSA_SUCCESS The ECP key was imported successfully. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key data is not correctly formatted. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_ecp_import_key( const psa_key_attributes_t *attributes, @@ -111,12 +120,12 @@ psa_status_t mbedtls_psa_ecp_export_key(psa_key_type_t type, * \p data * * \retval #PSA_SUCCESS The ECP public key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_ecp_export_public_key( const psa_key_attributes_t *attributes, @@ -166,17 +175,17 @@ psa_status_t mbedtls_psa_ecp_generate_key( * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_ECC_KEY_PAIR, \c key_bits, * \p alg) where \c key_bits is the bit-size of the ECC key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t mbedtls_psa_ecdsa_sign_hash( const psa_key_attributes_t *attributes, @@ -209,9 +218,9 @@ psa_status_t mbedtls_psa_ecdsa_sign_hash( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_ecdsa_verify_hash( const psa_key_attributes_t *attributes, @@ -247,8 +256,8 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( * up the returned shared secret. * \retval #PSA_SUCCESS * Success. Shared secret successfully calculated. - * \retval #PSA_ERROR_INVALID_HANDLE - * \retval #PSA_ERROR_NOT_PERMITTED + * \retval #PSA_ERROR_INVALID_HANDLE \emptydescription + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription * \retval #PSA_ERROR_INVALID_ARGUMENT * \p alg is not a key agreement algorithm, or * \p private_key is not compatible with \p alg, @@ -258,8 +267,8 @@ psa_status_t mbedtls_psa_ecdsa_verify_hash( * \p shared_secret_size is too small * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not a supported key agreement algorithm. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_key_agreement_ecdh( const psa_key_attributes_t *attributes, diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c new file mode 100644 index 000000000..20dfd2dcf --- /dev/null +++ b/library/psa_crypto_ffdh.c @@ -0,0 +1,307 @@ +/* + * PSA FFDH layer on top of Mbed TLS crypto + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include +#include "psa_crypto_core.h" +#include "psa_crypto_ffdh.h" +#include "psa_crypto_random_impl.h" +#include "mbedtls/platform.h" +#include "mbedtls/error.h" + +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH) +static psa_status_t mbedtls_psa_ffdh_set_prime_generator(size_t key_size, + mbedtls_mpi *P, + mbedtls_mpi *G) +{ + const unsigned char *dhm_P = NULL; + const unsigned char *dhm_G = NULL; + size_t dhm_size_P = 0; + size_t dhm_size_G = 0; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if (P == NULL && G == NULL) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + static const unsigned char dhm_P_2048[] = + MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN; + static const unsigned char dhm_P_3072[] = + MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN; + static const unsigned char dhm_P_4096[] = + MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN; + static const unsigned char dhm_P_6144[] = + MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN; + static const unsigned char dhm_P_8192[] = + MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN; + static const unsigned char dhm_G_2048[] = + MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN; + static const unsigned char dhm_G_3072[] = + MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN; + static const unsigned char dhm_G_4096[] = + MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN; + static const unsigned char dhm_G_6144[] = + MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN; + static const unsigned char dhm_G_8192[] = + MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN; + + switch (key_size) { + case sizeof(dhm_P_2048): + dhm_P = dhm_P_2048; + dhm_G = dhm_G_2048; + dhm_size_P = sizeof(dhm_P_2048); + dhm_size_G = sizeof(dhm_G_2048); + break; + case sizeof(dhm_P_3072): + dhm_P = dhm_P_3072; + dhm_G = dhm_G_3072; + dhm_size_P = sizeof(dhm_P_3072); + dhm_size_G = sizeof(dhm_G_3072); + break; + case sizeof(dhm_P_4096): + dhm_P = dhm_P_4096; + dhm_G = dhm_G_4096; + dhm_size_P = sizeof(dhm_P_4096); + dhm_size_G = sizeof(dhm_G_4096); + break; + case sizeof(dhm_P_6144): + dhm_P = dhm_P_6144; + dhm_G = dhm_G_6144; + dhm_size_P = sizeof(dhm_P_6144); + dhm_size_G = sizeof(dhm_G_6144); + break; + case sizeof(dhm_P_8192): + dhm_P = dhm_P_8192; + dhm_G = dhm_G_8192; + dhm_size_P = sizeof(dhm_P_8192); + dhm_size_G = sizeof(dhm_G_8192); + break; + default: + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (P != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(P, dhm_P, + dhm_size_P)); + } + if (G != NULL) { + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(G, dhm_G, + dhm_size_G)); + } + +cleanup: + if (ret != 0) { + return mbedtls_to_psa_error(ret); + } + + return PSA_SUCCESS; +} +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT || + MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE || + MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY || + MBEDTLS_PSA_BUILTIN_ALG_FFDH */ + +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) +psa_status_t mbedtls_psa_ffdh_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *data, + size_t data_size, + size_t *data_length) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi GX, G, X, P; + psa_key_type_t type = attributes->core.type; + + if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { + if (key_buffer_size > data_size) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(data, key_buffer, key_buffer_size); + memset(data + key_buffer_size, 0, + data_size - key_buffer_size); + *data_length = key_buffer_size; + return PSA_SUCCESS; + } + + mbedtls_mpi_init(&GX); mbedtls_mpi_init(&G); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&P); + + size_t key_len = PSA_BITS_TO_BYTES(attributes->core.bits); + + status = mbedtls_psa_ffdh_set_prime_generator(key_len, &P, &G); + + if (status != PSA_SUCCESS) { + goto cleanup; + } + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, key_buffer, + key_buffer_size)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&GX, &G, &X, &P, NULL)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&GX, data, key_len)); + + *data_length = key_len; + + ret = 0; +cleanup: + mbedtls_mpi_free(&P); mbedtls_mpi_free(&G); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&GX); + + if (status == PSA_SUCCESS && ret != 0) { + status = mbedtls_to_psa_error(ret); + } + + return status; +} +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT || + MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY */ + +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) +psa_status_t mbedtls_psa_ffdh_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length) +{ + mbedtls_mpi X, P; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi_init(&P); mbedtls_mpi_init(&X); + (void) attributes; + + status = mbedtls_psa_ffdh_set_prime_generator(key_buffer_size, &P, NULL); + + if (status != PSA_SUCCESS) { + goto cleanup; + } + + /* RFC7919: Traditional finite field Diffie-Hellman has each peer choose their + secret exponent from the range [2, P-2]. + Select random value in range [3, P-1] and decrease it by 1. */ + MBEDTLS_MPI_CHK(mbedtls_mpi_random(&X, 3, &P, mbedtls_psa_get_random, + MBEDTLS_PSA_RANDOM_STATE)); + MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int(&X, &X, 1)); + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&X, key_buffer, key_buffer_size)); + *key_buffer_length = key_buffer_size; + +cleanup: + mbedtls_mpi_free(&P); mbedtls_mpi_free(&X); + if (status == PSA_SUCCESS && ret != 0) { + return mbedtls_to_psa_error(ret); + } + + return status; +} +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE */ + +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) +psa_status_t mbedtls_psa_ffdh_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, + uint8_t *key_buffer, size_t key_buffer_size, + size_t *key_buffer_length, size_t *bits) +{ + (void) attributes; + + if (key_buffer_size < data_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(key_buffer, data, data_length); + *key_buffer_length = data_length; + *bits = PSA_BYTES_TO_BITS(data_length); + + return PSA_SUCCESS; +} +#endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT */ + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH) +psa_status_t mbedtls_psa_ffdh_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *peer_key, + size_t peer_key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + mbedtls_mpi P, G, X, GY, K; + const size_t calculated_shared_secret_size = peer_key_length; + + if (peer_key_length != key_buffer_size || + calculated_shared_secret_size > shared_secret_size) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + if (!PSA_KEY_TYPE_IS_DH_KEY_PAIR(psa_get_key_type(attributes))) { + return PSA_ERROR_INVALID_ARGUMENT; + } + + mbedtls_mpi_init(&P); mbedtls_mpi_init(&G); + mbedtls_mpi_init(&X); mbedtls_mpi_init(&GY); + mbedtls_mpi_init(&K); + + status = mbedtls_psa_ffdh_set_prime_generator( + PSA_BITS_TO_BYTES(attributes->core.bits), &P, &G); + + if (status != PSA_SUCCESS) { + goto cleanup; + } + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, key_buffer, + key_buffer_size)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&GY, peer_key, + peer_key_length)); + + /* Calculate shared secret public key: K = G^(XY) mod P = GY^X mod P */ + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&K, &GY, &X, &P, NULL)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&K, shared_secret, + calculated_shared_secret_size)); + + *shared_secret_length = calculated_shared_secret_size; + + ret = 0; + +cleanup: + mbedtls_mpi_free(&P); mbedtls_mpi_free(&G); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&GY); + mbedtls_mpi_free(&K); + + if (status == PSA_SUCCESS && ret != 0) { + status = mbedtls_to_psa_error(ret); + } + + return status; +} +#endif /* MBEDTLS_PSA_BUILTIN_ALG_FFDH */ + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_crypto_ffdh.h b/library/psa_crypto_ffdh.h new file mode 100644 index 000000000..67e5444fc --- /dev/null +++ b/library/psa_crypto_ffdh.h @@ -0,0 +1,144 @@ +/* + * PSA FFDH layer on top of Mbed TLS crypto + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_FFDH_H +#define PSA_CRYPTO_FFDH_H + +#include +#include + +/** Perform a key agreement and return the FFDH shared secret. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] peer_key The buffer containing the key context + * of the peer's public key. + * \param[in] peer_key_length Size of the \p peer_key buffer in + * bytes. + * \param[in] key_buffer The buffer containing the private key + * context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in + * bytes. + * \param[out] shared_secret The buffer to which the shared secret + * is to be written. + * \param[in] shared_secret_size Size of the \p shared_secret buffer in + * bytes. + * \param[out] shared_secret_length On success, the number of bytes that make + * up the returned shared secret. + * \retval #PSA_SUCCESS + * Success. Shared secret successfully calculated. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \p key_buffer_size, \p peer_key_length, \p shared_secret_size + * do not match + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + */ +psa_status_t mbedtls_psa_ffdh_key_agreement( + const psa_key_attributes_t *attributes, + const uint8_t *peer_key, + size_t peer_key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *shared_secret, + size_t shared_secret_size, + size_t *shared_secret_length); + +/** Export a public key or the public part of a DH key pair in binary format. + * + * \param[in] attributes The attributes for the key to export. + * \param[in] key_buffer Material or context of the key to export. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[out] data Buffer where the key data is to be written. + * \param[in] data_size Size of the \p data buffer in bytes. + * \param[out] data_length On success, the number of bytes written in + * \p data + * + * \retval #PSA_SUCCESS The public key was exported successfully. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of \p key_buffer is too small. + * \retval #PSA_ERROR_NOT_PERMITTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + */ +psa_status_t mbedtls_psa_ffdh_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + uint8_t *data, + size_t data_size, + size_t *data_length); + +/** + * \brief Generate DH key. + * + * \note The signature of the function is that of a PSA driver generate_key + * entry point. + * + * \param[in] attributes The attributes for the key to generate. + * \param[out] key_buffer Buffer where the key data is to be written. + * \param[in] key_buffer_size Size of \p key_buffer in bytes. + * \param[out] key_buffer_length On success, the number of bytes written in + * \p key_buffer. + * + * \retval #PSA_SUCCESS + * The key was generated successfully. + * \retval #PSA_ERROR_NOT_SUPPORTED + * Key size in bits is invalid. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of \p key_buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + */ +psa_status_t mbedtls_psa_ffdh_generate_key( + const psa_key_attributes_t *attributes, + uint8_t *key_buffer, + size_t key_buffer_size, + size_t *key_buffer_length); + +/** + * \brief Import DH key. + * + * \note The signature of the function is that of a PSA driver import_key + * entry point. + * + * \param[in] attributes The attributes for the key to import. + * \param[in] data The buffer containing the key data in import + * format. + * \param[in] data_length Size of the \p data buffer in bytes. + * \param[out] key_buffer The buffer containing the key data in output + * format. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. This + * size is greater or equal to \p data_length. + * \param[out] key_buffer_length The length of the data written in \p + * key_buffer in bytes. + * \param[out] bits The key size in number of bits. + * + * \retval #PSA_SUCCESS + * The key was generated successfully. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of \p key_buffer is too small. + */ +psa_status_t mbedtls_psa_ffdh_import_key( + const psa_key_attributes_t *attributes, + const uint8_t *data, size_t data_length, + uint8_t *key_buffer, size_t key_buffer_size, + size_t *key_buffer_length, size_t *bits); + +#endif /* PSA_CRYPTO_FFDH_H */ diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index ddf70949c..dad182616 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -73,6 +73,25 @@ psa_status_t mbedtls_psa_hash_abort( case PSA_ALG_SHA_512: mbedtls_sha512_free(&operation->ctx.sha512); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) + case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) + case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) + case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + mbedtls_sha3_free(&operation->ctx.sha3); + break; #endif default: return PSA_ERROR_BAD_STATE; @@ -134,6 +153,30 @@ psa_status_t mbedtls_psa_hash_setup( mbedtls_sha512_init(&operation->ctx.sha512); ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) + case PSA_ALG_SHA3_224: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) + case PSA_ALG_SHA3_256: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) + case PSA_ALG_SHA3_384: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384); + break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + case PSA_ALG_SHA3_512: + mbedtls_sha3_init(&operation->ctx.sha3); + ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512); + break; #endif default: return PSA_ALG_IS_HASH(alg) ? @@ -196,6 +239,26 @@ psa_status_t mbedtls_psa_hash_clone( mbedtls_sha512_clone(&target_operation->ctx.sha512, &source_operation->ctx.sha512); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) + case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) + case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) + case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + mbedtls_sha3_clone(&target_operation->ctx.sha3, + &source_operation->ctx.sha3); + break; #endif default: (void) source_operation; @@ -256,6 +319,26 @@ psa_status_t mbedtls_psa_hash_update( ret = mbedtls_sha512_update(&operation->ctx.sha512, input, input_length); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) + case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) + case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) + case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + ret = mbedtls_sha3_update(&operation->ctx.sha3, + input, input_length); + break; #endif default: (void) input; @@ -326,6 +409,25 @@ psa_status_t mbedtls_psa_hash_finish( case PSA_ALG_SHA_512: ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash); break; +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) + case PSA_ALG_SHA3_224: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) + case PSA_ALG_SHA3_256: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) + case PSA_ALG_SHA3_384: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + case PSA_ALG_SHA3_512: +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512) + ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size); + break; #endif default: (void) hash; diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 63874e87d..2dfb0115e 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -23,8 +23,6 @@ #include -#include "md_wrap.h" - /** Calculate the hash (digest) of a message using Mbed TLS routines. * * \note The signature of this function is that of a PSA driver hash_compute @@ -48,8 +46,8 @@ * \p alg is not supported * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p hash_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_compute( psa_algorithm_t alg, @@ -88,8 +86,8 @@ psa_status_t mbedtls_psa_hash_compute( * \p alg is not supported * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_setup( mbedtls_psa_hash_operation_t *operation, @@ -115,13 +113,13 @@ psa_status_t mbedtls_psa_hash_setup( * \param[in,out] target_operation The operation object to set up. * It must be initialized but not active. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BAD_STATE * The \p source_operation state is not valid (it must be active). * \retval #PSA_ERROR_BAD_STATE * The \p target_operation state is not valid (it must be inactive). - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_hash_clone( const mbedtls_psa_hash_operation_t *source_operation, @@ -147,8 +145,8 @@ psa_status_t mbedtls_psa_hash_clone( * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_update( mbedtls_psa_hash_operation_t *operation, @@ -186,8 +184,8 @@ psa_status_t mbedtls_psa_hash_update( * The size of the \p hash buffer is too small. You can determine a * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg) * where \c alg is the hash algorithm that is calculated. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_finish( mbedtls_psa_hash_operation_t *operation, @@ -216,8 +214,8 @@ psa_status_t mbedtls_psa_hash_finish( * * \param[in,out] operation Initialized hash operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_hash_abort( mbedtls_psa_hash_operation_t *operation); diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index a900dd8ff..408c39bfe 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -28,7 +28,14 @@ #ifndef PSA_CRYPTO_INVASIVE_H #define PSA_CRYPTO_INVASIVE_H -#include "mbedtls/build_info.h" +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" #include "psa/crypto.h" #include "common.h" diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 07f123ee0..2f2c51dce 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -29,6 +29,7 @@ #include #include +#include "mbedtls/constant_time.h" #include #if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) @@ -453,7 +454,7 @@ psa_status_t mbedtls_psa_mac_verify_finish( goto cleanup; } - if (mbedtls_psa_safer_memcmp(mac, actual_mac, mac_length) != 0) { + if (mbedtls_ct_memcmp(mac, actual_mac, mac_length) != 0) { status = PSA_ERROR_INVALID_SIGNATURE; } diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 21c4de636..4f8024a9e 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -52,8 +52,8 @@ * \p alg is not supported. * \retval #PSA_ERROR_BUFFER_TOO_SMALL * \p mac_size is too small - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_compute( const psa_key_attributes_t *attributes, @@ -89,8 +89,8 @@ psa_status_t mbedtls_psa_mac_compute( * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). */ @@ -124,8 +124,8 @@ psa_status_t mbedtls_psa_mac_sign_setup( * Success. * \retval #PSA_ERROR_NOT_SUPPORTED * \p alg is not supported. - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be inactive). */ @@ -158,8 +158,8 @@ psa_status_t mbedtls_psa_mac_verify_setup( * Success. * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be active). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_update( mbedtls_psa_mac_operation_t *operation, @@ -200,8 +200,8 @@ psa_status_t mbedtls_psa_mac_update( * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p mac buffer is too small. A sufficient buffer size * can be determined by calling PSA_MAC_LENGTH(). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_sign_finish( mbedtls_psa_mac_operation_t *operation, @@ -241,8 +241,8 @@ psa_status_t mbedtls_psa_mac_sign_finish( * \retval #PSA_ERROR_BAD_STATE * The operation state is not valid (it must be an active mac verify * operation). - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_verify_finish( mbedtls_psa_mac_operation_t *operation, @@ -267,8 +267,8 @@ psa_status_t mbedtls_psa_mac_verify_finish( * * \param[in,out] operation Initialized MAC operation. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation); diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c index 1f9a8cb33..db00cbd28 100644 --- a/library/psa_crypto_pake.c +++ b/library/psa_crypto_pake.c @@ -24,10 +24,11 @@ #include #include "psa_crypto_core.h" +#include "psa_crypto_pake.h" #include "psa_crypto_slot_management.h" #include -#include +#include "psa_util_internal.h" #include #include @@ -78,94 +79,39 @@ * psa_pake_abort() */ -enum psa_pake_step { - PSA_PAKE_STEP_INVALID = 0, - PSA_PAKE_STEP_X1_X2 = 1, - PSA_PAKE_STEP_X2S = 2, - PSA_PAKE_STEP_DERIVE = 3, -}; - -enum psa_pake_state { - PSA_PAKE_STATE_INVALID = 0, - PSA_PAKE_STATE_SETUP = 1, - PSA_PAKE_STATE_READY = 2, - PSA_PAKE_OUTPUT_X1_X2 = 3, - PSA_PAKE_OUTPUT_X2S = 4, - PSA_PAKE_INPUT_X1_X2 = 5, - PSA_PAKE_INPUT_X4S = 6, -}; - /* - * The first PAKE step shares the same sequences of the second PAKE step - * but with a second set of KEY_SHARE/ZK_PUBLIC/ZK_PROOF outputs/inputs. - * It's simpler to share the same sequences numbers of the first - * set of KEY_SHARE/ZK_PUBLIC/ZK_PROOF outputs/inputs in both PAKE steps. + * Possible sequence of calls to implementation: * - * State sequence with step, state & sequence enums: - * => Input & Output Step = PSA_PAKE_STEP_INVALID - * => state = PSA_PAKE_STATE_INVALID - * psa_pake_setup() - * => Input & Output Step = PSA_PAKE_STEP_X1_X2 - * => state = PSA_PAKE_STATE_SETUP - * => sequence = PSA_PAKE_SEQ_INVALID - * | - * |--- In any order: (First round input before or after first round output) - * | | First call of psa_pake_output() or psa_pake_input() sets - * | | state = PSA_PAKE_STATE_READY - * | | - * | |------ In Order: => state = PSA_PAKE_OUTPUT_X1_X2 - * | | | psa_pake_output() => sequence = PSA_PAKE_X1_STEP_KEY_SHARE - * | | | psa_pake_output() => sequence = PSA_PAKE_X1_STEP_ZK_PUBLIC - * | | | psa_pake_output() => sequence = PSA_PAKE_X1_STEP_ZK_PROOF - * | | | psa_pake_output() => sequence = PSA_PAKE_X2_STEP_KEY_SHARE - * | | | psa_pake_output() => sequence = PSA_PAKE_X2_STEP_ZK_PUBLIC - * | | | psa_pake_output() => sequence = PSA_PAKE_X2_STEP_ZK_PROOF - * | | | => state = PSA_PAKE_STATE_READY - * | | | => sequence = PSA_PAKE_SEQ_INVALID - * | | | => Output Step = PSA_PAKE_STEP_X2S - * | | - * | |------ In Order: => state = PSA_PAKE_INPUT_X1_X2 - * | | | psa_pake_input() => sequence = PSA_PAKE_X1_STEP_KEY_SHARE - * | | | psa_pake_input() => sequence = PSA_PAKE_X1_STEP_ZK_PUBLIC - * | | | psa_pake_input() => sequence = PSA_PAKE_X1_STEP_ZK_PROOF - * | | | psa_pake_input() => sequence = PSA_PAKE_X2_STEP_KEY_SHARE - * | | | psa_pake_input() => sequence = PSA_PAKE_X2_STEP_ZK_PUBLIC - * | | | psa_pake_input() => sequence = PSA_PAKE_X2_STEP_ZK_PROOF - * | | | => state = PSA_PAKE_STATE_READY - * | | | => sequence = PSA_PAKE_SEQ_INVALID - * | | | => Output Step = PSA_PAKE_INPUT_X4S - * | - * |--- In any order: (Second round input before or after second round output) - * | | - * | |------ In Order: => state = PSA_PAKE_OUTPUT_X2S - * | | | psa_pake_output() => sequence = PSA_PAKE_X1_STEP_KEY_SHARE - * | | | psa_pake_output() => sequence = PSA_PAKE_X1_STEP_ZK_PUBLIC - * | | | psa_pake_output() => sequence = PSA_PAKE_X1_STEP_ZK_PROOF - * | | | => state = PSA_PAKE_STATE_READY - * | | | => sequence = PSA_PAKE_SEQ_INVALID - * | | | => Output Step = PSA_PAKE_STEP_DERIVE - * | | - * | |------ In Order: => state = PSA_PAKE_INPUT_X4S - * | | | psa_pake_input() => sequence = PSA_PAKE_X1_STEP_KEY_SHARE - * | | | psa_pake_input() => sequence = PSA_PAKE_X1_STEP_ZK_PUBLIC - * | | | psa_pake_input() => sequence = PSA_PAKE_X1_STEP_ZK_PROOF - * | | | => state = PSA_PAKE_STATE_READY - * | | | => sequence = PSA_PAKE_SEQ_INVALID - * | | | => Output Step = PSA_PAKE_STEP_DERIVE - * | - * psa_pake_get_implicit_key() - * => Input & Output Step = PSA_PAKE_STEP_INVALID + * |--- In any order: + * | | + * | |------ In Order + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X1_STEP_KEY_SHARE) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X1_STEP_ZK_PUBLIC) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X1_STEP_ZK_PROOF) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X2_STEP_KEY_SHARE) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X2_STEP_ZK_PUBLIC) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X2_STEP_ZK_PROOF) + * | | + * | |------ In Order: + * | | mbedtls_psa_pake_input(PSA_JPAKE_X1_STEP_KEY_SHARE) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X1_STEP_ZK_PUBLIC) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X1_STEP_ZK_PROOF) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X2_STEP_KEY_SHARE) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X2_STEP_ZK_PUBLIC) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X2_STEP_ZK_PROOF) + * | + * |--- In any order: + * | | + * | |------ In Order + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X2S_STEP_KEY_SHARE) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X2S_STEP_ZK_PUBLIC) + * | | | mbedtls_psa_pake_output(PSA_JPAKE_X2S_STEP_ZK_PROOF) + * | | + * | |------ In Order: + * | | mbedtls_psa_pake_input(PSA_JPAKE_X4S_STEP_KEY_SHARE) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X4S_STEP_ZK_PUBLIC) + * | | mbedtls_psa_pake_input(PSA_JPAKE_X4S_STEP_ZK_PROOF) */ -enum psa_pake_sequence { - PSA_PAKE_SEQ_INVALID = 0, - PSA_PAKE_X1_STEP_KEY_SHARE = 1, /* also X2S & X4S KEY_SHARE */ - PSA_PAKE_X1_STEP_ZK_PUBLIC = 2, /* also X2S & X4S ZK_PUBLIC */ - PSA_PAKE_X1_STEP_ZK_PROOF = 3, /* also X2S & X4S ZK_PROOF */ - PSA_PAKE_X2_STEP_KEY_SHARE = 4, - PSA_PAKE_X2_STEP_ZK_PUBLIC = 5, - PSA_PAKE_X2_STEP_ZK_PROOF = 6, - PSA_PAKE_SEQ_END = 7, -}; #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) static psa_status_t mbedtls_ecjpake_to_psa_error(int ret) @@ -190,279 +136,178 @@ static psa_status_t mbedtls_ecjpake_to_psa_error(int ret) #endif #if defined(MBEDTLS_PSA_BUILTIN_PAKE) -psa_status_t psa_pake_setup(psa_pake_operation_t *operation, - const psa_pake_cipher_suite_t *cipher_suite) -{ - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - /* A context must be freshly initialized before it can be set up. */ - if (operation->alg != PSA_ALG_NONE) { - status = PSA_ERROR_BAD_STATE; - goto error; - } - - if (cipher_suite == NULL || - PSA_ALG_IS_PAKE(cipher_suite->algorithm) == 0 || - (cipher_suite->type != PSA_PAKE_PRIMITIVE_TYPE_ECC && - cipher_suite->type != PSA_PAKE_PRIMITIVE_TYPE_DH) || - PSA_ALG_IS_HASH(cipher_suite->hash) == 0) { - status = PSA_ERROR_INVALID_ARGUMENT; - goto error; - } - #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) - if (cipher_suite->algorithm == PSA_ALG_JPAKE) { - if (cipher_suite->type != PSA_PAKE_PRIMITIVE_TYPE_ECC || - cipher_suite->family != PSA_ECC_FAMILY_SECP_R1 || - cipher_suite->bits != 256 || - cipher_suite->hash != PSA_ALG_SHA_256) { - status = PSA_ERROR_NOT_SUPPORTED; - goto error; - } - - operation->alg = cipher_suite->algorithm; - - mbedtls_ecjpake_init(&operation->ctx.ecjpake); - - operation->state = PSA_PAKE_STATE_SETUP; - operation->sequence = PSA_PAKE_SEQ_INVALID; - operation->input_step = PSA_PAKE_STEP_X1_X2; - operation->output_step = PSA_PAKE_STEP_X1_X2; - - mbedtls_platform_zeroize(operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE); - operation->buffer_length = 0; - operation->buffer_offset = 0; - - return PSA_SUCCESS; - } else -#endif - status = PSA_ERROR_NOT_SUPPORTED; - -error: - psa_pake_abort(operation); - return status; -} - -psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation, - mbedtls_svc_key_id_t password) -{ - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_attributes_t attributes = psa_key_attributes_init(); - psa_key_type_t type; - psa_key_usage_t usage; - psa_key_slot_t *slot = NULL; - - if (operation->alg == PSA_ALG_NONE || - operation->state != PSA_PAKE_STATE_SETUP) { - status = PSA_ERROR_BAD_STATE; - goto error; - } - - status = psa_get_key_attributes(password, &attributes); - if (status != PSA_SUCCESS) { - goto error; - } - - type = psa_get_key_type(&attributes); - usage = psa_get_key_usage_flags(&attributes); - - psa_reset_key_attributes(&attributes); - - if (type != PSA_KEY_TYPE_PASSWORD && - type != PSA_KEY_TYPE_PASSWORD_HASH) { - status = PSA_ERROR_INVALID_ARGUMENT; - goto error; - } - - if ((usage & PSA_KEY_USAGE_DERIVE) == 0) { - status = PSA_ERROR_NOT_PERMITTED; - goto error; - } - - if (operation->password != NULL) { - return PSA_ERROR_BAD_STATE; - } - - status = psa_get_and_lock_key_slot_with_policy(password, &slot, - PSA_KEY_USAGE_DERIVE, - PSA_ALG_JPAKE); - if (status != PSA_SUCCESS) { - return status; - } - - operation->password = mbedtls_calloc(1, slot->key.bytes); - if (operation->password == NULL) { - psa_unlock_key_slot(slot); - return PSA_ERROR_INSUFFICIENT_MEMORY; - } - memcpy(operation->password, slot->key.data, slot->key.bytes); - operation->password_len = slot->key.bytes; - - status = psa_unlock_key_slot(slot); - if (status != PSA_SUCCESS) { - return status; - } - - return PSA_SUCCESS; - -error: - psa_pake_abort(operation); - return status; -} - -psa_status_t psa_pake_set_user(psa_pake_operation_t *operation, - const uint8_t *user_id, - size_t user_id_len) -{ - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - if (operation->alg == PSA_ALG_NONE || - operation->state != PSA_PAKE_STATE_SETUP) { - status = PSA_ERROR_BAD_STATE; - goto error; - } - - if (user_id_len == 0 || user_id == NULL) { - status = PSA_ERROR_INVALID_ARGUMENT; - goto error; - } - - status = PSA_ERROR_NOT_SUPPORTED; - -error: - psa_pake_abort(operation); - return status; -} - -psa_status_t psa_pake_set_peer(psa_pake_operation_t *operation, - const uint8_t *peer_id, - size_t peer_id_len) -{ - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - if (operation->alg == PSA_ALG_NONE || - operation->state != PSA_PAKE_STATE_SETUP) { - status = PSA_ERROR_BAD_STATE; - goto error; - } - - if (peer_id_len == 0 || peer_id == NULL) { - status = PSA_ERROR_INVALID_ARGUMENT; - goto error; - } - - status = PSA_ERROR_NOT_SUPPORTED; - -error: - psa_pake_abort(operation); - return status; -} - -psa_status_t psa_pake_set_role(psa_pake_operation_t *operation, - psa_pake_role_t role) -{ - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - if (operation->alg == PSA_ALG_NONE || - operation->state != PSA_PAKE_STATE_SETUP) { - status = PSA_ERROR_BAD_STATE; - goto error; - } - - if (role != PSA_PAKE_ROLE_NONE && - role != PSA_PAKE_ROLE_FIRST && - role != PSA_PAKE_ROLE_SECOND && - role != PSA_PAKE_ROLE_CLIENT && - role != PSA_PAKE_ROLE_SERVER) { - status = PSA_ERROR_INVALID_ARGUMENT; - goto error; - } - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) - if (operation->alg == PSA_ALG_JPAKE) { - if (role != PSA_PAKE_ROLE_CLIENT && - role != PSA_PAKE_ROLE_SERVER) { - return PSA_ERROR_NOT_SUPPORTED; - } - - operation->role = role; - - return PSA_SUCCESS; - } else -#endif - status = PSA_ERROR_NOT_SUPPORTED; - -error: - psa_pake_abort(operation); - return status; -} - -#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) -static psa_status_t psa_pake_ecjpake_setup(psa_pake_operation_t *operation) +static psa_status_t psa_pake_ecjpake_setup(mbedtls_psa_pake_operation_t *operation) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_ecjpake_role role; - if (operation->role == PSA_PAKE_ROLE_CLIENT) { - role = MBEDTLS_ECJPAKE_CLIENT; - } else if (operation->role == PSA_PAKE_ROLE_SERVER) { - role = MBEDTLS_ECJPAKE_SERVER; - } else { - return PSA_ERROR_BAD_STATE; - } + mbedtls_ecjpake_init(&operation->ctx.jpake); - if (operation->password_len == 0) { - return PSA_ERROR_BAD_STATE; - } - - ret = mbedtls_ecjpake_setup(&operation->ctx.ecjpake, - role, + ret = mbedtls_ecjpake_setup(&operation->ctx.jpake, + operation->role, MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, operation->password, operation->password_len); mbedtls_platform_zeroize(operation->password, operation->password_len); - mbedtls_free(operation->password); - operation->password = NULL; - operation->password_len = 0; if (ret != 0) { return mbedtls_ecjpake_to_psa_error(ret); } - operation->state = PSA_PAKE_STATE_READY; - return PSA_SUCCESS; } #endif -static psa_status_t psa_pake_output_internal( - psa_pake_operation_t *operation, - psa_pake_step_t step, +/* The only two JPAKE user/peer identifiers supported in built-in implementation. */ +static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' }; +static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' }; + +psa_status_t mbedtls_psa_pake_setup(mbedtls_psa_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t user_len = 0, peer_len = 0, password_len = 0; + uint8_t *peer = NULL, *user = NULL; + size_t actual_user_len = 0, actual_peer_len = 0, actual_password_len = 0; + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + + status = psa_crypto_driver_pake_get_password_len(inputs, &password_len); + if (status != PSA_SUCCESS) { + return status; + } + + status = psa_crypto_driver_pake_get_user_len(inputs, &user_len); + if (status != PSA_SUCCESS) { + return status; + } + + status = psa_crypto_driver_pake_get_peer_len(inputs, &peer_len); + if (status != PSA_SUCCESS) { + return status; + } + + status = psa_crypto_driver_pake_get_cipher_suite(inputs, &cipher_suite); + if (status != PSA_SUCCESS) { + return status; + } + + operation->password = mbedtls_calloc(1, password_len); + if (operation->password == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto error; + } + + user = mbedtls_calloc(1, user_len); + if (user == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto error; + } + + peer = mbedtls_calloc(1, peer_len); + if (peer == NULL) { + status = PSA_ERROR_INSUFFICIENT_MEMORY; + goto error; + } + + status = psa_crypto_driver_pake_get_password(inputs, operation->password, + password_len, &actual_password_len); + if (status != PSA_SUCCESS) { + goto error; + } + + status = psa_crypto_driver_pake_get_user(inputs, user, + user_len, &actual_user_len); + if (status != PSA_SUCCESS) { + goto error; + } + + status = psa_crypto_driver_pake_get_peer(inputs, peer, + peer_len, &actual_peer_len); + if (status != PSA_SUCCESS) { + goto error; + } + + operation->password_len = actual_password_len; + operation->alg = cipher_suite.algorithm; + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) + if (cipher_suite.algorithm == PSA_ALG_JPAKE) { + if (cipher_suite.type != PSA_PAKE_PRIMITIVE_TYPE_ECC || + cipher_suite.family != PSA_ECC_FAMILY_SECP_R1 || + cipher_suite.bits != 256 || + cipher_suite.hash != PSA_ALG_SHA_256) { + status = PSA_ERROR_NOT_SUPPORTED; + goto error; + } + + const size_t user_peer_len = sizeof(jpake_client_id); // client and server have the same length + if (actual_user_len != user_peer_len || + actual_peer_len != user_peer_len) { + status = PSA_ERROR_NOT_SUPPORTED; + goto error; + } + + if (memcmp(user, jpake_client_id, actual_user_len) == 0 && + memcmp(peer, jpake_server_id, actual_peer_len) == 0) { + operation->role = MBEDTLS_ECJPAKE_CLIENT; + } else + if (memcmp(user, jpake_server_id, actual_user_len) == 0 && + memcmp(peer, jpake_client_id, actual_peer_len) == 0) { + operation->role = MBEDTLS_ECJPAKE_SERVER; + } else { + status = PSA_ERROR_NOT_SUPPORTED; + goto error; + } + + operation->buffer_length = 0; + operation->buffer_offset = 0; + + status = psa_pake_ecjpake_setup(operation); + if (status != PSA_SUCCESS) { + goto error; + } + + /* Role has been set, release user/peer buffers. */ + mbedtls_free(user); mbedtls_free(peer); + + return PSA_SUCCESS; + } else +#else + (void) operation; + (void) inputs; +#endif + { status = PSA_ERROR_NOT_SUPPORTED; } + +error: + mbedtls_free(user); mbedtls_free(peer); + /* In case of failure of the setup of a multipart operation, the PSA driver interface + * specifies that the core does not call any other driver entry point thus does not + * call mbedtls_psa_pake_abort(). Therefore call it here to do the needed clean + * up like freeing the memory that may have been allocated to store the password. + */ + mbedtls_psa_pake_abort(operation); + return status; +} + +static psa_status_t mbedtls_psa_pake_output_internal( + mbedtls_psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, uint8_t *output, size_t output_size, size_t *output_length) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t length; - - if (operation->alg == PSA_ALG_NONE || - operation->state == PSA_PAKE_STATE_INVALID) { - return PSA_ERROR_BAD_STATE; - } - - if (output == NULL || output_size == 0 || output_length == NULL) { - return PSA_ERROR_INVALID_ARGUMENT; - } + (void) step; // Unused parameter #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) /* - * The PSA CRYPTO PAKE and MbedTLS JPAKE API have a different + * The PSA CRYPTO PAKE and Mbed TLS JPAKE API have a different * handling of output sequencing. * - * The MbedTLS JPAKE API outputs the whole X1+X2 and X2S steps data + * The Mbed TLS JPAKE API outputs the whole X1+X2 and X2S steps data * at once, on the other side the PSA CRYPTO PAKE api requires * the KEY_SHARE/ZP_PUBLIC/ZK_PROOF parts of X1, X2 & X2S to be * retrieved in sequence. @@ -473,77 +318,11 @@ static psa_status_t psa_pake_output_internal( * to return the right parts on each step. */ if (operation->alg == PSA_ALG_JPAKE) { - if (step != PSA_PAKE_STEP_KEY_SHARE && - step != PSA_PAKE_STEP_ZK_PUBLIC && - step != PSA_PAKE_STEP_ZK_PROOF) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - if (operation->state == PSA_PAKE_STATE_SETUP) { - status = psa_pake_ecjpake_setup(operation); - if (status != PSA_SUCCESS) { - return status; - } - } - - if (operation->state != PSA_PAKE_STATE_READY && - operation->state != PSA_PAKE_OUTPUT_X1_X2 && - operation->state != PSA_PAKE_OUTPUT_X2S) { - return PSA_ERROR_BAD_STATE; - } - - if (operation->state == PSA_PAKE_STATE_READY) { - if (step != PSA_PAKE_STEP_KEY_SHARE) { - return PSA_ERROR_BAD_STATE; - } - - switch (operation->output_step) { - case PSA_PAKE_STEP_X1_X2: - operation->state = PSA_PAKE_OUTPUT_X1_X2; - break; - case PSA_PAKE_STEP_X2S: - operation->state = PSA_PAKE_OUTPUT_X2S; - break; - default: - return PSA_ERROR_BAD_STATE; - } - - operation->sequence = PSA_PAKE_X1_STEP_KEY_SHARE; - } - - /* Check if step matches current sequence */ - switch (operation->sequence) { - case PSA_PAKE_X1_STEP_KEY_SHARE: - case PSA_PAKE_X2_STEP_KEY_SHARE: - if (step != PSA_PAKE_STEP_KEY_SHARE) { - return PSA_ERROR_BAD_STATE; - } - break; - - case PSA_PAKE_X1_STEP_ZK_PUBLIC: - case PSA_PAKE_X2_STEP_ZK_PUBLIC: - if (step != PSA_PAKE_STEP_ZK_PUBLIC) { - return PSA_ERROR_BAD_STATE; - } - break; - - case PSA_PAKE_X1_STEP_ZK_PROOF: - case PSA_PAKE_X2_STEP_ZK_PROOF: - if (step != PSA_PAKE_STEP_ZK_PROOF) { - return PSA_ERROR_BAD_STATE; - } - break; - - default: - return PSA_ERROR_BAD_STATE; - } - /* Initialize & write round on KEY_SHARE sequences */ - if (operation->state == PSA_PAKE_OUTPUT_X1_X2 && - operation->sequence == PSA_PAKE_X1_STEP_KEY_SHARE) { - ret = mbedtls_ecjpake_write_round_one(&operation->ctx.ecjpake, + if (step == PSA_JPAKE_X1_STEP_KEY_SHARE) { + ret = mbedtls_ecjpake_write_round_one(&operation->ctx.jpake, operation->buffer, - MBEDTLS_PSA_PAKE_BUFFER_SIZE, + sizeof(operation->buffer), &operation->buffer_length, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE); @@ -552,11 +331,10 @@ static psa_status_t psa_pake_output_internal( } operation->buffer_offset = 0; - } else if (operation->state == PSA_PAKE_OUTPUT_X2S && - operation->sequence == PSA_PAKE_X1_STEP_KEY_SHARE) { - ret = mbedtls_ecjpake_write_round_two(&operation->ctx.ecjpake, + } else if (step == PSA_JPAKE_X2S_STEP_KEY_SHARE) { + ret = mbedtls_ecjpake_write_round_two(&operation->ctx.jpake, operation->buffer, - MBEDTLS_PSA_PAKE_BUFFER_SIZE, + sizeof(operation->buffer), &operation->buffer_length, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE); @@ -578,9 +356,8 @@ static psa_status_t psa_pake_output_internal( * output with a length byte, even less a curve identifier, as that * information is already available. */ - if (operation->state == PSA_PAKE_OUTPUT_X2S && - operation->sequence == PSA_PAKE_X1_STEP_KEY_SHARE && - operation->role == PSA_PAKE_ROLE_SERVER) { + if (step == PSA_JPAKE_X2S_STEP_KEY_SHARE && + operation->role == MBEDTLS_ECJPAKE_SERVER) { /* Skip ECParameters, with is 3 bytes (RFC 8422) */ operation->buffer_offset += 3; } @@ -605,149 +382,62 @@ static psa_status_t psa_pake_output_internal( operation->buffer_offset += length; /* Reset buffer after ZK_PROOF sequence */ - if ((operation->state == PSA_PAKE_OUTPUT_X1_X2 && - operation->sequence == PSA_PAKE_X2_STEP_ZK_PROOF) || - (operation->state == PSA_PAKE_OUTPUT_X2S && - operation->sequence == PSA_PAKE_X1_STEP_ZK_PROOF)) { - mbedtls_platform_zeroize(operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE); + if ((step == PSA_JPAKE_X2_STEP_ZK_PROOF) || + (step == PSA_JPAKE_X2S_STEP_ZK_PROOF)) { + mbedtls_platform_zeroize(operation->buffer, sizeof(operation->buffer)); operation->buffer_length = 0; operation->buffer_offset = 0; - - operation->state = PSA_PAKE_STATE_READY; - operation->output_step++; - operation->sequence = PSA_PAKE_SEQ_INVALID; - } else { - operation->sequence++; } return PSA_SUCCESS; } else +#else + (void) step; + (void) output; + (void) output_size; + (void) output_length; #endif - return PSA_ERROR_NOT_SUPPORTED; + { return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_pake_output(psa_pake_operation_t *operation, - psa_pake_step_t step, - uint8_t *output, - size_t output_size, - size_t *output_length) +psa_status_t mbedtls_psa_pake_output(mbedtls_psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length) { - psa_status_t status = psa_pake_output_internal( + psa_status_t status = mbedtls_psa_pake_output_internal( operation, step, output, output_size, output_length); - if (status != PSA_SUCCESS) { - psa_pake_abort(operation); - } - return status; } -static psa_status_t psa_pake_input_internal( - psa_pake_operation_t *operation, - psa_pake_step_t step, +static psa_status_t mbedtls_psa_pake_input_internal( + mbedtls_psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, const uint8_t *input, size_t input_length) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - if (operation->alg == PSA_ALG_NONE || - operation->state == PSA_PAKE_STATE_INVALID) { - return PSA_ERROR_BAD_STATE; - } - - if (input == NULL || input_length == 0) { - return PSA_ERROR_INVALID_ARGUMENT; - } + (void) step; // Unused parameter #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) /* - * The PSA CRYPTO PAKE and MbedTLS JPAKE API have a different + * The PSA CRYPTO PAKE and Mbed TLS JPAKE API have a different * handling of input sequencing. * - * The MbedTLS JPAKE API takes the whole X1+X2 or X4S steps data + * The Mbed TLS JPAKE API takes the whole X1+X2 or X4S steps data * at once as input, on the other side the PSA CRYPTO PAKE api requires * the KEY_SHARE/ZP_PUBLIC/ZK_PROOF parts of X1, X2 & X4S to be * given in sequence. * * In order to achieve API compatibility, each X1+X2 or X4S step data * is stored sequentially in an intermediate buffer and given to the - * MbedTLS JPAKE API on the last step. + * Mbed TLS JPAKE API on the last step. * * This causes any input error to be only detected on the last step. */ if (operation->alg == PSA_ALG_JPAKE) { - if (step != PSA_PAKE_STEP_KEY_SHARE && - step != PSA_PAKE_STEP_ZK_PUBLIC && - step != PSA_PAKE_STEP_ZK_PROOF) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - const psa_pake_primitive_t prim = PSA_PAKE_PRIMITIVE( - PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256); - if (input_length > (size_t) PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, prim, step)) { - return PSA_ERROR_INVALID_ARGUMENT; - } - - if (operation->state == PSA_PAKE_STATE_SETUP) { - status = psa_pake_ecjpake_setup(operation); - if (status != PSA_SUCCESS) { - return status; - } - } - - if (operation->state != PSA_PAKE_STATE_READY && - operation->state != PSA_PAKE_INPUT_X1_X2 && - operation->state != PSA_PAKE_INPUT_X4S) { - return PSA_ERROR_BAD_STATE; - } - - if (operation->state == PSA_PAKE_STATE_READY) { - if (step != PSA_PAKE_STEP_KEY_SHARE) { - return PSA_ERROR_BAD_STATE; - } - - switch (operation->input_step) { - case PSA_PAKE_STEP_X1_X2: - operation->state = PSA_PAKE_INPUT_X1_X2; - break; - case PSA_PAKE_STEP_X2S: - operation->state = PSA_PAKE_INPUT_X4S; - break; - default: - return PSA_ERROR_BAD_STATE; - } - - operation->sequence = PSA_PAKE_X1_STEP_KEY_SHARE; - } - - /* Check if step matches current sequence */ - switch (operation->sequence) { - case PSA_PAKE_X1_STEP_KEY_SHARE: - case PSA_PAKE_X2_STEP_KEY_SHARE: - if (step != PSA_PAKE_STEP_KEY_SHARE) { - return PSA_ERROR_BAD_STATE; - } - break; - - case PSA_PAKE_X1_STEP_ZK_PUBLIC: - case PSA_PAKE_X2_STEP_ZK_PUBLIC: - if (step != PSA_PAKE_STEP_ZK_PUBLIC) { - return PSA_ERROR_BAD_STATE; - } - break; - - case PSA_PAKE_X1_STEP_ZK_PROOF: - case PSA_PAKE_X2_STEP_ZK_PROOF: - if (step != PSA_PAKE_STEP_ZK_PROOF) { - return PSA_ERROR_BAD_STATE; - } - break; - - default: - return PSA_ERROR_BAD_STATE; - } - /* * Copy input to local buffer and format it as the Mbed TLS API * expects, i.e. as defined by draft-cragie-tls-ecjpake-01 section 7. @@ -757,20 +447,34 @@ static psa_status_t psa_pake_input_internal( * ECParameters structure - which means we have to prepend that when * we're a client. */ - if (operation->state == PSA_PAKE_INPUT_X4S && - operation->sequence == PSA_PAKE_X1_STEP_KEY_SHARE && - operation->role == PSA_PAKE_ROLE_CLIENT) { + if (step == PSA_JPAKE_X4S_STEP_KEY_SHARE && + operation->role == MBEDTLS_ECJPAKE_CLIENT) { /* We only support secp256r1. */ /* This is the ECParameters structure defined by RFC 8422. */ unsigned char ecparameters[3] = { 3, /* named_curve */ 0, 23 /* secp256r1 */ }; + + if (operation->buffer_length + sizeof(ecparameters) > + sizeof(operation->buffer)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + memcpy(operation->buffer + operation->buffer_length, ecparameters, sizeof(ecparameters)); operation->buffer_length += sizeof(ecparameters); } + /* + * The core checks that input_length is smaller than + * PSA_PAKE_INPUT_MAX_SIZE. + * Thus no risk of integer overflow here. + */ + if (operation->buffer_length + input_length + 1 > sizeof(operation->buffer)) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + /* Write the length byte */ operation->buffer[operation->buffer_length] = (uint8_t) input_length; operation->buffer_length += 1; @@ -781,25 +485,23 @@ static psa_status_t psa_pake_input_internal( operation->buffer_length += input_length; /* Load buffer at each last round ZK_PROOF */ - if (operation->state == PSA_PAKE_INPUT_X1_X2 && - operation->sequence == PSA_PAKE_X2_STEP_ZK_PROOF) { - ret = mbedtls_ecjpake_read_round_one(&operation->ctx.ecjpake, + if (step == PSA_JPAKE_X2_STEP_ZK_PROOF) { + ret = mbedtls_ecjpake_read_round_one(&operation->ctx.jpake, operation->buffer, operation->buffer_length); - mbedtls_platform_zeroize(operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE); + mbedtls_platform_zeroize(operation->buffer, sizeof(operation->buffer)); operation->buffer_length = 0; if (ret != 0) { return mbedtls_ecjpake_to_psa_error(ret); } - } else if (operation->state == PSA_PAKE_INPUT_X4S && - operation->sequence == PSA_PAKE_X1_STEP_ZK_PROOF) { - ret = mbedtls_ecjpake_read_round_two(&operation->ctx.ecjpake, + } else if (step == PSA_JPAKE_X4S_STEP_ZK_PROOF) { + ret = mbedtls_ecjpake_read_round_two(&operation->ctx.jpake, operation->buffer, operation->buffer_length); - mbedtls_platform_zeroize(operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE); + mbedtls_platform_zeroize(operation->buffer, sizeof(operation->buffer)); operation->buffer_length = 0; if (ret != 0) { @@ -807,113 +509,71 @@ static psa_status_t psa_pake_input_internal( } } - if ((operation->state == PSA_PAKE_INPUT_X1_X2 && - operation->sequence == PSA_PAKE_X2_STEP_ZK_PROOF) || - (operation->state == PSA_PAKE_INPUT_X4S && - operation->sequence == PSA_PAKE_X1_STEP_ZK_PROOF)) { - operation->state = PSA_PAKE_STATE_READY; - operation->input_step++; - operation->sequence = PSA_PAKE_SEQ_INVALID; - } else { - operation->sequence++; - } - return PSA_SUCCESS; } else +#else + (void) step; + (void) input; + (void) input_length; #endif - return PSA_ERROR_NOT_SUPPORTED; + { return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_pake_input(psa_pake_operation_t *operation, - psa_pake_step_t step, - const uint8_t *input, - size_t input_length) +psa_status_t mbedtls_psa_pake_input(mbedtls_psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length) { - psa_status_t status = psa_pake_input_internal( + psa_status_t status = mbedtls_psa_pake_input_internal( operation, step, input, input_length); - if (status != PSA_SUCCESS) { - psa_pake_abort(operation); - } - return status; } -psa_status_t psa_pake_get_implicit_key(psa_pake_operation_t *operation, - psa_key_derivation_operation_t *output) +psa_status_t mbedtls_psa_pake_get_implicit_key( + mbedtls_psa_pake_operation_t *operation, + uint8_t *output, size_t output_size, + size_t *output_length) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - if (operation->alg == PSA_ALG_NONE || - operation->state != PSA_PAKE_STATE_READY || - operation->input_step != PSA_PAKE_STEP_DERIVE || - operation->output_step != PSA_PAKE_STEP_DERIVE) { - status = PSA_ERROR_BAD_STATE; - goto error; - } #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) if (operation->alg == PSA_ALG_JPAKE) { - ret = mbedtls_ecjpake_write_shared_key(&operation->ctx.ecjpake, - operation->buffer, - MBEDTLS_PSA_PAKE_BUFFER_SIZE, - &operation->buffer_length, + ret = mbedtls_ecjpake_write_shared_key(&operation->ctx.jpake, + output, + output_size, + output_length, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE); if (ret != 0) { - psa_pake_abort(operation); return mbedtls_ecjpake_to_psa_error(ret); } - status = psa_key_derivation_input_bytes(output, - PSA_KEY_DERIVATION_INPUT_SECRET, - operation->buffer, - operation->buffer_length); - - mbedtls_platform_zeroize(operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE); - - psa_pake_abort(operation); - - return status; + return PSA_SUCCESS; } else +#else + (void) output; #endif - status = PSA_ERROR_NOT_SUPPORTED; - -error: - psa_key_derivation_abort(output); - psa_pake_abort(operation); - - return status; + { return PSA_ERROR_NOT_SUPPORTED; } } -psa_status_t psa_pake_abort(psa_pake_operation_t *operation) +psa_status_t mbedtls_psa_pake_abort(mbedtls_psa_pake_operation_t *operation) { - if (operation->alg == PSA_ALG_NONE) { - return PSA_SUCCESS; - } + mbedtls_zeroize_and_free(operation->password, operation->password_len); + operation->password = NULL; + operation->password_len = 0; #if defined(MBEDTLS_PSA_BUILTIN_ALG_JPAKE) if (operation->alg == PSA_ALG_JPAKE) { - operation->input_step = PSA_PAKE_STEP_INVALID; - operation->output_step = PSA_PAKE_STEP_INVALID; - if (operation->password_len > 0) { - mbedtls_platform_zeroize(operation->password, operation->password_len); - } - mbedtls_free(operation->password); - operation->password = NULL; - operation->password_len = 0; - operation->role = PSA_PAKE_ROLE_NONE; - mbedtls_platform_zeroize(operation->buffer, MBEDTLS_PSA_PAKE_BUFFER_SIZE); + operation->role = MBEDTLS_ECJPAKE_NONE; + mbedtls_platform_zeroize(operation->buffer, sizeof(operation->buffer)); operation->buffer_length = 0; operation->buffer_offset = 0; - mbedtls_ecjpake_free(&operation->ctx.ecjpake); + mbedtls_ecjpake_free(&operation->ctx.jpake); } #endif operation->alg = PSA_ALG_NONE; - operation->state = PSA_PAKE_STATE_INVALID; - operation->sequence = PSA_PAKE_SEQ_INVALID; return PSA_SUCCESS; } diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h new file mode 100644 index 000000000..f21b0e672 --- /dev/null +++ b/library/psa_crypto_pake.h @@ -0,0 +1,171 @@ +/* + * PSA PAKE layer on top of Mbed TLS software crypto + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_PAKE_H +#define PSA_CRYPTO_PAKE_H + +#include + +/** Set the session information for a password-authenticated key exchange. + * + * \note The signature of this function is that of a PSA driver + * pake_setup entry point. This function behaves as a pake_setup + * entry point as defined in the PSA driver interface specification for + * transparent drivers. + * + * \param[in,out] operation The operation object to set up. It must have + * been initialized but not set up yet. + * \param[in] inputs Inputs required for PAKE operation (role, password, + * key lifetime, cipher suite) + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The algorithm in \p cipher_suite is not a supported PAKE algorithm, + * or the PAKE primitive in \p cipher_suite is not supported or not + * compatible with the PAKE algorithm, or the hash algorithm in + * \p cipher_suite is not supported or not compatible with the PAKE + * algorithm and primitive. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + */ +psa_status_t mbedtls_psa_pake_setup(mbedtls_psa_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs); + + +/** Get output for a step of a password-authenticated key exchange. + * + * \note The signature of this function is that of a PSA driver + * pake_output entry point. This function behaves as a pake_output + * entry point as defined in the PSA driver interface specification for + * transparent drivers. + * + * \param[in,out] operation Active PAKE operation. + * \param step The step of the algorithm for which the output is + * requested. + * \param[out] output Buffer where the output is to be written in the + * format appropriate for this driver \p step. Refer to + * the documentation of psa_crypto_driver_pake_step_t for + * more information. + * \param output_size Size of the \p output buffer in bytes. This must + * be at least #PSA_PAKE_OUTPUT_SIZE(\p alg, \p + * primitive, \p step) where \p alg and + * \p primitive are the PAKE algorithm and primitive + * in the operation's cipher suite, and \p step is + * the output step. + * + * \param[out] output_length On success, the number of bytes of the returned + * output. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p output buffer is too small. + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + */ +psa_status_t mbedtls_psa_pake_output(mbedtls_psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length); + +/** Provide input for a step of a password-authenticated key exchange. + * + * \note The signature of this function is that of a PSA driver + * pake_input entry point. This function behaves as a pake_input + * entry point as defined in the PSA driver interface specification for + * transparent drivers. + * + * \note The core checks that input_length is smaller than PSA_PAKE_INPUT_MAX_SIZE. + * + * \param[in,out] operation Active PAKE operation. + * \param step The driver step for which the input is provided. + * \param[in] input Buffer containing the input in the format + * appropriate for this \p step. Refer to the + * documentation of psa_crypto_driver_pake_step_t + * for more information. + * \param input_length Size of the \p input buffer in bytes. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The verification fails for a zero-knowledge input step. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * the \p input is not valid for the \p operation's algorithm, cipher suite + * or \p step. + * \retval #PSA_ERROR_NOT_SUPPORTED + * the \p input is not supported for the \p operation's algorithm, cipher + * suite or \p step. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + */ +psa_status_t mbedtls_psa_pake_input(mbedtls_psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length); + +/** Get implicitly confirmed shared secret from a PAKE. + * + * \note The signature of this function is that of a PSA driver + * pake_get_implicit_key entry point. This function behaves as a + * pake_get_implicit_key entry point as defined in the PSA driver + * interface specification for transparent drivers. + * + * \param[in,out] operation Active PAKE operation. + * \param[out] output Output buffer for implicit key. + * \param output_size Size of the output buffer in bytes. + * \param[out] output_length On success, the number of bytes of the implicit key. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_NOT_SUPPORTED + * Input from a PAKE is not supported by the algorithm in the \p output + * key derivation operation. + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + */ +psa_status_t mbedtls_psa_pake_get_implicit_key( + mbedtls_psa_pake_operation_t *operation, + uint8_t *output, size_t output_size, + size_t *output_length); + +/** Abort a PAKE operation. + * + * \note The signature of this function is that of a PSA driver + * pake_abort entry point. This function behaves as a pake_abort + * entry point as defined in the PSA driver interface specification for + * transparent drivers. + * + * \param[in,out] operation The operation to abort. + * + * \retval #PSA_SUCCESS + * Success. + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + */ +psa_status_t mbedtls_psa_pake_abort(mbedtls_psa_pake_operation_t *operation); + +#endif /* PSA_CRYPTO_PAKE_H */ diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h index f1a2af11d..8719d9c70 100644 --- a/library/psa_crypto_random_impl.h +++ b/library/psa_crypto_random_impl.h @@ -3,12 +3,12 @@ * \brief PSA crypto random generator implementation abstraction. * * The definitions here need to be consistent with the declarations - * in include/mbedtls/psa_util.h. This file contains some redundant + * in include/psa_util_internal.h. This file contains some redundant * declarations to increase the chance that a compiler will detect * inconsistencies if one file is changed without updating the other, * but not all potential inconsistencies can be enforced, so make sure * to check the public declarations and contracts in - * include/mbedtls/psa_util.h if you modify this file. + * include/psa_util_internal.h if you modify this file. */ /* * Copyright The Mbed TLS Contributors @@ -30,7 +30,7 @@ #ifndef PSA_CRYPTO_RANDOM_IMPL_H #define PSA_CRYPTO_RANDOM_IMPL_H -#include +#include "psa_util_internal.h" #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) @@ -62,7 +62,7 @@ int mbedtls_psa_get_random(void *p_rng, #elif defined(MBEDTLS_HMAC_DRBG_C) #include "mbedtls/hmac_drbg.h" -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA512) && defined(MBEDTLS_MD_CAN_SHA256) #include #if SIZE_MAX > 0xffffffff /* Looks like a 64-bit system, so prefer SHA-512. */ @@ -71,9 +71,9 @@ int mbedtls_psa_get_random(void *p_rng, /* Looks like a 32-bit system, so prefer SHA-256. */ #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 #endif -#elif defined(MBEDTLS_SHA512_C) +#elif defined(MBEDTLS_MD_CAN_SHA512) #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA512 -#elif defined(MBEDTLS_SHA256_C) +#elif defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256 #else #error "No hash algorithm available for HMAC_DBRG." @@ -123,7 +123,7 @@ typedef struct { mbedtls_psa_drbg_context_t drbg; } mbedtls_psa_random_context_t; -/* Defined in include/mbedtls/psa_util.h so that it's visible to +/* Defined in include/psa_util_internal.h so that it's visible to * application code. The declaration here is redundant, but included * as a safety net to make it more likely that a future change that * accidentally causes the implementation to diverge from the interface @@ -154,7 +154,7 @@ static mbedtls_f_rng_t *const mbedtls_psa_get_random; /* psa_crypto.c sets this variable to a pointer to the DRBG state in the * global PSA crypto state. */ /* The type `mbedtls_psa_drbg_context_t` is defined in - * include/mbedtls/psa_util.h so that `mbedtls_psa_random_state` can be + * include/psa_util_internal.h so that `mbedtls_psa_random_state` can be * declared there and be visible to application code. */ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index c72061586..065e55af1 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -28,6 +28,7 @@ #include "psa_crypto_random_impl.h" #include "psa_crypto_rsa.h" #include "psa_crypto_hash.h" +#include "md_psa.h" #include #include @@ -37,13 +38,13 @@ #include #include #include "pk_wrap.h" -#include "hash_info.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) /* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes @@ -123,12 +124,13 @@ exit: * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || - * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) - psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, @@ -165,14 +167,18 @@ exit: return status; } +#endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || + * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, mbedtls_rsa_context *rsa, uint8_t *data, size_t data_size, size_t *data_length) { -#if defined(MBEDTLS_PK_WRITE_C) int ret; mbedtls_pk_context pk; uint8_t *pos = data + data_size; @@ -209,14 +215,6 @@ psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, *data_length = ret; return PSA_SUCCESS; -#else - (void) type; - (void) rsa; - (void) data; - (void) data_size; - (void) data_length; - return PSA_ERROR_NOT_SUPPORTED; -#endif /* MBEDTLS_PK_WRITE_C */ } psa_status_t mbedtls_psa_rsa_export_public_key( @@ -244,11 +242,10 @@ psa_status_t mbedtls_psa_rsa_export_public_key( return status; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ - defined(MBEDTLS_GENPRIME) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) static psa_status_t psa_rsa_read_exponent(const uint8_t *domain_parameters, size_t domain_parameters_size, int *exponent) @@ -310,8 +307,7 @@ psa_status_t mbedtls_psa_rsa_generate_key( return status; } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) - * defined(MBEDTLS_GENPRIME) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) */ /****************************************************************/ /* Sign/verify hashes */ @@ -327,7 +323,7 @@ static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg, mbedtls_md_type_t *md_alg) { psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH(alg); - *md_alg = mbedtls_hash_info_md_from_psa(hash_alg); + *md_alg = mbedtls_md_type_from_psa_alg(hash_alg); /* The Mbed TLS RSA module uses an unsigned int for hash length * parameters. Validate that it fits so that we don't risk an @@ -343,7 +339,7 @@ static psa_status_t psa_rsa_decode_md_type(psa_algorithm_t alg, if (*md_alg == MBEDTLS_MD_NONE) { return PSA_ERROR_NOT_SUPPORTED; } - if (mbedtls_hash_info_get_size(*md_alg) != hash_length) { + if (mbedtls_md_get_size_from_type(*md_alg) != hash_length) { return PSA_ERROR_INVALID_ARGUMENT; } } @@ -538,7 +534,13 @@ static int psa_rsa_oaep_set_padding_mode(psa_algorithm_t alg, mbedtls_rsa_context *rsa) { psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH(alg); - mbedtls_md_type_t md_alg = mbedtls_hash_info_md_from_psa(hash_alg); + mbedtls_md_type_t md_alg = mbedtls_md_type_from_psa_alg(hash_alg); + + /* Just to get the error status right, as rsa_set_padding() doesn't + * distinguish between "bad RSA algorithm" and "unknown hash". */ + if (mbedtls_md_info_from_type(md_alg) == NULL) { + return PSA_ERROR_NOT_SUPPORTED; + } return mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_alg); } diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index c3acdd0eb..bc24ef5d5 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -61,9 +61,9 @@ psa_status_t mbedtls_psa_rsa_load_representation(psa_key_type_t type, * \retval #PSA_SUCCESS The RSA key was imported successfully. * \retval #PSA_ERROR_INVALID_ARGUMENT * The key data is not correctly formatted. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription */ psa_status_t mbedtls_psa_rsa_import_key( const psa_key_attributes_t *attributes, @@ -102,12 +102,12 @@ psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, * \p data. * * \retval #PSA_SUCCESS The RSA public key was exported successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_rsa_export_public_key( const psa_key_attributes_t *attributes, @@ -158,17 +158,17 @@ psa_status_t mbedtls_psa_rsa_generate_key( * \param[out] signature_length On success, the number of bytes * that make up the returned signature value. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p signature buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_SIGN_OUTPUT_SIZE(\c PSA_KEY_TYPE_RSA_KEY_PAIR, \c key_bits, * \p alg) where \c key_bits is the bit-size of the RSA key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription */ psa_status_t mbedtls_psa_rsa_sign_hash( const psa_key_attributes_t *attributes, @@ -202,9 +202,9 @@ psa_status_t mbedtls_psa_rsa_sign_hash( * \retval #PSA_ERROR_INVALID_SIGNATURE * The calculation was performed successfully, but the passed * signature is not a valid signature. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ psa_status_t mbedtls_psa_rsa_verify_hash( const psa_key_attributes_t *attributes, @@ -237,20 +237,20 @@ psa_status_t mbedtls_psa_rsa_verify_hash( * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize @@ -294,21 +294,21 @@ psa_status_t mbedtls_psa_asymmetric_encrypt(const psa_key_attributes_t *attribut * \param[out] output_length On success, the number of bytes * that make up the returned output. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL * The size of the \p output buffer is too small. You can * determine a sufficient buffer size by calling * #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) * where \c key_type and \c key_bits are the type and bit-size * respectively of \p key. - * \retval #PSA_ERROR_NOT_SUPPORTED - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_COMMUNICATION_FAILURE - * \retval #PSA_ERROR_HARDWARE_FAILURE - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY - * \retval #PSA_ERROR_INVALID_PADDING + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription + * \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY \emptydescription + * \retval #PSA_ERROR_INVALID_PADDING \emptydescription * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index b66039364..9db3dedce 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -22,7 +22,6 @@ #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#include #include #include @@ -125,12 +124,10 @@ static psa_status_t psa_get_se_driver_its_file_uid( return PSA_ERROR_NOT_SUPPORTED; } -#if SIZE_MAX > UINT32_MAX /* ITS file sizes are limited to 32 bits. */ if (driver->u.internal.persistent_data_size > UINT32_MAX) { return PSA_ERROR_NOT_SUPPORTED; } -#endif /* See the documentation of PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE. */ *uid = PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE + driver->location; @@ -315,10 +312,9 @@ psa_status_t psa_register_se_driver( } /* Driver table entries are 0-initialized. 0 is not a valid driver * location because it means a transparent key. */ -#if defined(static_assert) - static_assert(PSA_KEY_LOCATION_LOCAL_STORAGE == 0, - "Secure element support requires 0 to mean a local key"); -#endif + MBEDTLS_STATIC_ASSERT(PSA_KEY_LOCATION_LOCAL_STORAGE == 0, + "Secure element support requires 0 to mean a local key"); + if (location == PSA_KEY_LOCATION_LOCAL_STORAGE) { return PSA_ERROR_INVALID_ARGUMENT; } diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index a1e5e0922..850ea8f6f 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -21,7 +21,14 @@ #ifndef PSA_CRYPTO_SE_H #define PSA_CRYPTO_SE_H -#include "mbedtls/build_info.h" +/* + * Include the build-time configuration information header. Here, we do not + * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which + * is basically just an alias to it. This is to ease the maintenance of the + * TF-PSA-Crypto repository which has a different build system and + * configuration. + */ +#include "psa/build_info.h" #include "psa/crypto.h" #include "psa/crypto_se_driver.h" diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index cb7fa59c0..92646c07c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -25,7 +25,7 @@ #include "psa/crypto.h" #include "psa_crypto_core.h" -#include "psa_crypto_driver_wrappers.h" +#include "psa_crypto_driver_wrappers_no_static.h" #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" #if defined(MBEDTLS_PSA_CRYPTO_SE_C) @@ -36,11 +36,9 @@ #include #include "mbedtls/platform.h" -#define ARRAY_LENGTH(array) (sizeof(array) / sizeof(*(array))) - typedef struct { psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; - unsigned key_slots_initialized : 1; + uint8_t key_slots_initialized; } psa_global_data_t; static psa_global_data_t global_data; @@ -438,14 +436,8 @@ psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, (void) p_drv; #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) /* Key location for external keys gets checked by the wrapper */ return PSA_SUCCESS; -#else /* MBEDTLS_PSA_CRYPTO_DRIVERS */ - /* No support for external lifetimes at all, or dynamic interface - * did not find driver for requested lifetime. */ - return PSA_ERROR_INVALID_ARGUMENT; -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ } else { /* Local/internal keys are always valid */ return PSA_SUCCESS; diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index ff8ccdeae..c8366abeb 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -88,9 +88,9 @@ static inline int psa_key_id_is_volatile(psa_key_id_t key_id) * due to a lack of empty key slot, or available memory. * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no key with key identifier \p key. - * \retval #PSA_ERROR_CORRUPTION_DETECTED - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot); @@ -118,9 +118,9 @@ void psa_wipe_all_key_slots(void); * associated to the returned slot. * \param[out] p_slot On success, a pointer to the slot. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_BAD_STATE \emptydescription */ psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot); @@ -195,8 +195,8 @@ static inline int psa_key_lifetime_is_external(psa_key_lifetime_t lifetime) * storage, returns a pointer to the driver table * associated with the key's storage location. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription */ psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, psa_se_drv_table_entry_t **p_drv); @@ -205,7 +205,7 @@ psa_status_t psa_validate_key_location(psa_key_lifetime_t lifetime, * * \param[in] lifetime The key lifetime attribute. * - * \retval #PSA_SUCCESS + * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_NOT_SUPPORTED The key is persistent but persistent keys * are not supported. */ diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 822501439..574d4b05e 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -79,11 +79,11 @@ static psa_storage_uid_t psa_its_identifier_of_slot(mbedtls_svc_key_id_t key) * \param[out] data Buffer where the data is to be written. * \param data_size Size of the \c data buffer in bytes. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription */ static psa_status_t psa_crypto_storage_load( const mbedtls_svc_key_id_t key, uint8_t *data, size_t data_size) @@ -131,11 +131,11 @@ int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key) * \param data_length The number of bytes * that make up the data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription */ static psa_status_t psa_crypto_storage_store(const mbedtls_svc_key_id_t key, const uint8_t *data, @@ -205,10 +205,10 @@ psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key) * is to be obtained. * \param[out] data_length The number of bytes that make up the data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DOES_NOT_EXIST - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ static psa_status_t psa_crypto_storage_get_data_length( const mbedtls_svc_key_id_t key, @@ -354,18 +354,14 @@ psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, status = psa_crypto_storage_store(attr->id, storage_data, storage_data_length); - mbedtls_platform_zeroize(storage_data, storage_data_length); - mbedtls_free(storage_data); + mbedtls_zeroize_and_free(storage_data, storage_data_length); return status; } void psa_free_persistent_key_data(uint8_t *key_data, size_t key_data_length) { - if (key_data != NULL) { - mbedtls_platform_zeroize(key_data, key_data_length); - } - mbedtls_free(key_data); + mbedtls_zeroize_and_free(key_data, key_data_length); } psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, @@ -403,8 +399,7 @@ psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, } exit: - mbedtls_platform_zeroize(loaded_data, storage_data_length); - mbedtls_free(loaded_data); + mbedtls_zeroize_and_free(loaded_data, storage_data_length); return status; } diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 8e108c568..37ca46e28 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -39,7 +39,7 @@ extern "C" { /* Sanity check: a file size must fit in 32 bits. Allow a generous * 64kB of metadata. */ #if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 -#error PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000 +#error "PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000" #endif /** The maximum permitted persistent slot number. @@ -96,14 +96,14 @@ int psa_is_key_present_in_storage(const mbedtls_svc_key_id_t key); * \param[in] data Buffer containing the key data. * \param data_length The number of bytes that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_ALREADY_EXISTS - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_ALREADY_EXISTS \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, const uint8_t *data, @@ -129,11 +129,11 @@ psa_status_t psa_save_persistent_key(const psa_core_key_attributes_t *attr, * \param[out] data Pointer to an allocated key data buffer on return. * \param[out] data_length The number of bytes that make up the key data. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_DOES_NOT_EXIST + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_DOES_NOT_EXIST \emptydescription */ psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, uint8_t **data, @@ -148,7 +148,7 @@ psa_status_t psa_load_persistent_key(psa_core_key_attributes_t *attr, * \retval #PSA_SUCCESS * The key was successfully removed, * or the key did not exist. - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_DATA_INVALID \emptydescription */ psa_status_t psa_destroy_persistent_key(const mbedtls_svc_key_id_t key); @@ -190,9 +190,9 @@ void psa_format_key_data_for_storage(const uint8_t *data, * \param[out] attr On success, the attribute structure is filled * with the loaded key metadata. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY - * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription */ psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data, size_t storage_data_length, @@ -202,7 +202,7 @@ psa_status_t psa_parse_key_data_from_storage(const uint8_t *storage_data, #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /** This symbol is defined if transaction support is required. */ -#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS +#define PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS 1 #endif #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) @@ -322,10 +322,10 @@ static inline void psa_crypto_prepare_transaction( * You may call this function multiple times during a transaction to * atomically update the transaction state. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_DATA_CORRUPT - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE - * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription */ psa_status_t psa_crypto_save_transaction(void); @@ -339,9 +339,9 @@ psa_status_t psa_crypto_save_transaction(void); * #psa_crypto_transaction. * \retval #PSA_ERROR_DOES_NOT_EXIST * There is no ongoing transaction. - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_DATA_INVALID - * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_DATA_INVALID \emptydescription + * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription */ psa_status_t psa_crypto_load_transaction(void); @@ -380,8 +380,8 @@ psa_status_t psa_crypto_stop_transaction(void); * * \retval #PSA_SUCCESS * Success - * \retval #PSA_ERROR_STORAGE_FAILURE - * \retval #PSA_ERROR_INSUFFICIENT_STORAGE + * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_STORAGE \emptydescription * \retval #PSA_ERROR_NOT_PERMITTED * The entropy seed file already exists. */ diff --git a/library/psa_util.c b/library/psa_util.c new file mode 100644 index 000000000..dd5e13455 --- /dev/null +++ b/library/psa_util.c @@ -0,0 +1,172 @@ +/* + * PSA hashing layer on top of Mbed TLS software crypto + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "common.h" + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#include + +#include "psa_crypto_core.h" +#include "psa_util_internal.h" + +/* The following includes are needed for MBEDTLS_ERR_XXX macros */ +#include +#if defined(MBEDTLS_MD_LIGHT) +#include +#endif +#if defined(MBEDTLS_LMS_C) +#include +#endif +#if defined(MBEDTLS_SSL_TLS_C) && \ + (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) +#include +#endif +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#include +#endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#include +#endif +#if defined(MBEDTLS_PK_C) +#include +#endif + +/* PSA_SUCCESS is kept at the top of each error table since + * it's the most common status when everything functions properly. */ +#if defined(MBEDTLS_MD_LIGHT) +const mbedtls_error_pair_t psa_to_md_errors[] = +{ + { PSA_SUCCESS, 0 }, + { PSA_ERROR_NOT_SUPPORTED, MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE }, + { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_MD_BAD_INPUT_DATA }, + { PSA_ERROR_INSUFFICIENT_MEMORY, MBEDTLS_ERR_MD_ALLOC_FAILED } +}; +#endif +#if defined(MBEDTLS_LMS_C) +const mbedtls_error_pair_t psa_to_lms_errors[] = +{ + { PSA_SUCCESS, 0 }, + { PSA_ERROR_BUFFER_TOO_SMALL, MBEDTLS_ERR_LMS_BUFFER_TOO_SMALL }, + { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_LMS_BAD_INPUT_DATA } +}; +#endif +#if defined(MBEDTLS_SSL_TLS_C) && \ + (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) +const mbedtls_error_pair_t psa_to_ssl_errors[] = +{ + { PSA_SUCCESS, 0 }, + { PSA_ERROR_INSUFFICIENT_MEMORY, MBEDTLS_ERR_SSL_ALLOC_FAILED }, + { PSA_ERROR_NOT_SUPPORTED, MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE }, + { PSA_ERROR_INVALID_SIGNATURE, MBEDTLS_ERR_SSL_INVALID_MAC }, + { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_SSL_BAD_INPUT_DATA }, + { PSA_ERROR_BAD_STATE, MBEDTLS_ERR_SSL_INTERNAL_ERROR }, + { PSA_ERROR_BUFFER_TOO_SMALL, MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL } +}; +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +const mbedtls_error_pair_t psa_to_pk_rsa_errors[] = +{ + { PSA_SUCCESS, 0 }, + { PSA_ERROR_NOT_PERMITTED, MBEDTLS_ERR_RSA_BAD_INPUT_DATA }, + { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_RSA_BAD_INPUT_DATA }, + { PSA_ERROR_INVALID_HANDLE, MBEDTLS_ERR_RSA_BAD_INPUT_DATA }, + { PSA_ERROR_BUFFER_TOO_SMALL, MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE }, + { PSA_ERROR_INSUFFICIENT_ENTROPY, MBEDTLS_ERR_RSA_RNG_FAILED }, + { PSA_ERROR_INVALID_SIGNATURE, MBEDTLS_ERR_RSA_VERIFY_FAILED }, + { PSA_ERROR_INVALID_PADDING, MBEDTLS_ERR_RSA_INVALID_PADDING } +}; +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[] = +{ + { PSA_SUCCESS, 0 }, + { PSA_ERROR_NOT_PERMITTED, MBEDTLS_ERR_ECP_BAD_INPUT_DATA }, + { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_ECP_BAD_INPUT_DATA }, + { PSA_ERROR_INVALID_HANDLE, MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE }, + { PSA_ERROR_BUFFER_TOO_SMALL, MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL }, + { PSA_ERROR_INSUFFICIENT_ENTROPY, MBEDTLS_ERR_ECP_RANDOM_FAILED }, + { PSA_ERROR_INVALID_SIGNATURE, MBEDTLS_ERR_ECP_VERIFY_FAILED } +}; +#endif + +int psa_generic_status_to_mbedtls(psa_status_t status) +{ + switch (status) { + case PSA_SUCCESS: + return 0; + case PSA_ERROR_NOT_SUPPORTED: + return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED; + case PSA_ERROR_CORRUPTION_DETECTED: + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + case PSA_ERROR_COMMUNICATION_FAILURE: + case PSA_ERROR_HARDWARE_FAILURE: + return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; + case PSA_ERROR_NOT_PERMITTED: + default: + return MBEDTLS_ERR_ERROR_GENERIC_ERROR; + } +} + +int psa_status_to_mbedtls(psa_status_t status, + const mbedtls_error_pair_t *local_translations, + size_t local_errors_num, + int (*fallback_f)(psa_status_t)) +{ + for (size_t i = 0; i < local_errors_num; i++) { + if (status == local_translations[i].psa_status) { + return local_translations[i].mbedtls_error; + } + } + return fallback_f(status); +} + +#if defined(MBEDTLS_PK_C) +int psa_pk_status_to_mbedtls(psa_status_t status) +{ + switch (status) { + case PSA_ERROR_INVALID_HANDLE: + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + case PSA_ERROR_BUFFER_TOO_SMALL: + return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; + case PSA_ERROR_NOT_SUPPORTED: + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + case PSA_ERROR_INVALID_ARGUMENT: + return MBEDTLS_ERR_PK_INVALID_ALG; + case PSA_ERROR_INSUFFICIENT_MEMORY: + return MBEDTLS_ERR_PK_ALLOC_FAILED; + case PSA_ERROR_BAD_STATE: + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + case PSA_ERROR_DATA_CORRUPT: + case PSA_ERROR_DATA_INVALID: + case PSA_ERROR_STORAGE_FAILURE: + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + default: + return psa_generic_status_to_mbedtls(status); + } +} +#endif /* MBEDTLS_PK_C */ +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_util_internal.h b/library/psa_util_internal.h new file mode 100644 index 000000000..4a36dbf88 --- /dev/null +++ b/library/psa_util_internal.h @@ -0,0 +1,108 @@ +/** + * \file psa_util_internal.h + * + * \brief Internal utility functions for use of PSA Crypto. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef MBEDTLS_PSA_UTIL_INTERNAL_H +#define MBEDTLS_PSA_UTIL_INTERNAL_H + +/* Include the public header so that users only need one include. */ +#include "mbedtls/psa_util.h" + +#include "psa/crypto.h" + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +/************************************************************************* + * FFDH + ************************************************************************/ + +#define MBEDTLS_PSA_MAX_FFDH_PUBKEY_LENGTH \ + PSA_KEY_EXPORT_FFDH_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_FFDH_MAX_KEY_BITS) + +/************************************************************************* + * ECC + ************************************************************************/ + +#define MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH \ + PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + +#define MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH \ + PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS) + +/************************************************************************* + * Error translation + ************************************************************************/ + +typedef struct { + /* Error codes used by PSA crypto are in -255..-128, fitting in 16 bits. */ + int16_t psa_status; + /* Error codes used by Mbed TLS are in one of the ranges + * -127..-1 (low-level) or -32767..-4096 (high-level with a low-level + * code optionally added), fitting in 16 bits. */ + int16_t mbedtls_error; +} mbedtls_error_pair_t; + +#if defined(MBEDTLS_MD_LIGHT) +extern const mbedtls_error_pair_t psa_to_md_errors[4]; +#endif + +#if defined(MBEDTLS_LMS_C) +extern const mbedtls_error_pair_t psa_to_lms_errors[3]; +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) +extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ + defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +extern const mbedtls_error_pair_t psa_to_pk_rsa_errors[8]; +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +extern const mbedtls_error_pair_t psa_to_pk_ecdsa_errors[7]; +#endif + +/* Generic fallback function for error translation, + * when the received state was not module-specific. */ +int psa_generic_status_to_mbedtls(psa_status_t status); + +/* This function iterates over provided local error translations, + * and if no match was found - calls the fallback error translation function. */ +int psa_status_to_mbedtls(psa_status_t status, + const mbedtls_error_pair_t *local_translations, + size_t local_errors_num, + int (*fallback_f)(psa_status_t)); + +/* The second out of three-stage error handling functions of the pk module, + * acts as a fallback after RSA / ECDSA error translation, and if no match + * is found, it itself calls psa_generic_status_to_mbedtls. */ +int psa_pk_status_to_mbedtls(psa_status_t status); + +/* Utility macro to shorten the defines of error translator in modules. */ +#define PSA_TO_MBEDTLS_ERR_LIST(status, error_list, fallback_f) \ + psa_status_to_mbedtls(status, error_list, \ + sizeof(error_list)/sizeof(error_list[0]), \ + fallback_f) + +#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_PSA_UTIL_INTERNAL_H */ diff --git a/library/ripemd160.c b/library/ripemd160.c index eed664f8c..49fee8579 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -356,12 +356,12 @@ int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx, ret = mbedtls_ripemd160_update(ctx, ripemd160_padding, padn); if (ret != 0) { - return ret; + goto exit; } ret = mbedtls_ripemd160_update(ctx, msglen, 8); if (ret != 0) { - return ret; + goto exit; } MBEDTLS_PUT_UINT32_LE(ctx->state[0], output, 0); @@ -370,7 +370,11 @@ int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx, MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12); MBEDTLS_PUT_UINT32_LE(ctx->state[4], output, 16); - return 0; + ret = 0; + +exit: + mbedtls_ripemd160_free(ctx); + return ret; } #endif /* ! MBEDTLS_RIPEMD160_ALT */ @@ -456,7 +460,7 @@ int mbedtls_ripemd160_self_test(int verbose) int i, ret = 0; unsigned char output[20]; - memset(output, 0, sizeof output); + memset(output, 0, sizeof(output)); for (i = 0; i < TESTS; i++) { if (verbose != 0) { diff --git a/library/rsa.c b/library/rsa.c index df7d7975c..3c538bf43 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -46,7 +46,7 @@ #include "mbedtls/error.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" -#include "hash_info.h" +#include "md_psa.h" #include @@ -54,17 +54,164 @@ #include #endif -/* We use MD first if it's available (for compatibility reasons) - * and "fall back" to PSA otherwise (which needs psa_crypto_init()). */ -#if defined(MBEDTLS_PKCS1_V21) -#if !defined(MBEDTLS_MD_C) -#include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#endif /* MBEDTLS_MD_C */ -#endif /* MBEDTLS_PKCS1_V21 */ - #include "mbedtls/platform.h" + +#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) + +/** This function performs the unpadding part of a PKCS#1 v1.5 decryption + * operation (EME-PKCS1-v1_5 decoding). + * + * \note The return value from this function is a sensitive value + * (this is unusual). #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE shouldn't happen + * in a well-written application, but 0 vs #MBEDTLS_ERR_RSA_INVALID_PADDING + * is often a situation that an attacker can provoke and leaking which + * one is the result is precisely the information the attacker wants. + * + * \param input The input buffer which is the payload inside PKCS#1v1.5 + * encryption padding, called the "encoded message EM" + * by the terminology. + * \param ilen The length of the payload in the \p input buffer. + * \param output The buffer for the payload, called "message M" by the + * PKCS#1 terminology. This must be a writable buffer of + * length \p output_max_len bytes. + * \param olen The address at which to store the length of + * the payload. This must not be \c NULL. + * \param output_max_len The length in bytes of the output buffer \p output. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE + * The output buffer is too small for the unpadded payload. + * \return #MBEDTLS_ERR_RSA_INVALID_PADDING + * The input doesn't contain properly formatted padding. + */ +static int mbedtls_ct_rsaes_pkcs1_v15_unpadding(unsigned char *input, + size_t ilen, + unsigned char *output, + size_t output_max_len, + size_t *olen) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t i, plaintext_max_size; + + /* The following variables take sensitive values: their value must + * not leak into the observable behavior of the function other than + * the designated outputs (output, olen, return value). Otherwise + * this would open the execution of the function to + * side-channel-based variants of the Bleichenbacher padding oracle + * attack. Potential side channels include overall timing, memory + * access patterns (especially visible to an adversary who has access + * to a shared memory cache), and branches (especially visible to + * an adversary who has access to a shared code cache or to a shared + * branch predictor). */ + size_t pad_count = 0; + mbedtls_ct_condition_t bad; + mbedtls_ct_condition_t pad_done; + size_t plaintext_size = 0; + mbedtls_ct_condition_t output_too_large; + + plaintext_max_size = (output_max_len > ilen - 11) ? ilen - 11 + : output_max_len; + + /* Check and get padding length in constant time and constant + * memory trace. The first byte must be 0. */ + bad = mbedtls_ct_bool(input[0]); + + + /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 + * where PS must be at least 8 nonzero bytes. */ + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_ne(input[1], MBEDTLS_RSA_CRYPT)); + + /* Read the whole buffer. Set pad_done to nonzero if we find + * the 0x00 byte and remember the padding length in pad_count. */ + pad_done = MBEDTLS_CT_FALSE; + for (i = 2; i < ilen; i++) { + mbedtls_ct_condition_t found = mbedtls_ct_uint_eq(input[i], 0); + pad_done = mbedtls_ct_bool_or(pad_done, found); + pad_count += mbedtls_ct_uint_if_else_0(mbedtls_ct_bool_not(pad_done), 1); + } + + /* If pad_done is still zero, there's no data, only unfinished padding. */ + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool_not(pad_done)); + + /* There must be at least 8 bytes of padding. */ + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_gt(8, pad_count)); + + /* If the padding is valid, set plaintext_size to the number of + * remaining bytes after stripping the padding. If the padding + * is invalid, avoid leaking this fact through the size of the + * output: use the maximum message size that fits in the output + * buffer. Do it without branches to avoid leaking the padding + * validity through timing. RSA keys are small enough that all the + * size_t values involved fit in unsigned int. */ + plaintext_size = mbedtls_ct_uint_if( + bad, (unsigned) plaintext_max_size, + (unsigned) (ilen - pad_count - 3)); + + /* Set output_too_large to 0 if the plaintext fits in the output + * buffer and to 1 otherwise. */ + output_too_large = mbedtls_ct_uint_gt(plaintext_size, + plaintext_max_size); + + /* Set ret without branches to avoid timing attacks. Return: + * - INVALID_PADDING if the padding is bad (bad != 0). + * - OUTPUT_TOO_LARGE if the padding is good but the decrypted + * plaintext does not fit in the output buffer. + * - 0 if the padding is correct. */ + ret = mbedtls_ct_error_if( + bad, + MBEDTLS_ERR_RSA_INVALID_PADDING, + mbedtls_ct_error_if_else_0(output_too_large, MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) + ); + + /* If the padding is bad or the plaintext is too large, zero the + * data that we're about to copy to the output buffer. + * We need to copy the same amount of data + * from the same buffer whether the padding is good or not to + * avoid leaking the padding validity through overall timing or + * through memory or cache access patterns. */ + mbedtls_ct_zeroize_if(mbedtls_ct_bool_or(bad, output_too_large), input + 11, ilen - 11); + + /* If the plaintext is too large, truncate it to the buffer size. + * Copy anyway to avoid revealing the length through timing, because + * revealing the length is as bad as revealing the padding validity + * for a Bleichenbacher attack. */ + plaintext_size = mbedtls_ct_uint_if(output_too_large, + (unsigned) plaintext_max_size, + (unsigned) plaintext_size); + + /* Move the plaintext to the leftmost position where it can start in + * the working buffer, i.e. make it start plaintext_max_size from + * the end of the buffer. Do this with a memory access trace that + * does not depend on the plaintext size. After this move, the + * starting location of the plaintext is no longer sensitive + * information. */ + mbedtls_ct_memmove_left(input + ilen - plaintext_max_size, + plaintext_max_size, + plaintext_max_size - plaintext_size); + + /* Finally copy the decrypted plaintext plus trailing zeros into the output + * buffer. If output_max_len is 0, then output may be an invalid pointer + * and the result of memcpy() would be undefined; prevent undefined + * behavior making sure to depend only on output_max_len (the size of the + * user-provided output buffer), which is independent from plaintext + * length, validity of padding, success of the decryption, and other + * secrets. */ + if (output_max_len != 0) { + memcpy(output, input + ilen - plaintext_max_size, plaintext_max_size); + } + + /* Report the amount of data we copied to the output buffer. In case + * of errors (bad padding or output too large), the value of *olen + * when this function returns is not specified. Making it equivalent + * to the good case limits the risks of leaking the padding validity. */ + *olen = plaintext_size; + + return ret; +} + +#endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */ + #if !defined(MBEDTLS_RSA_ALT) int mbedtls_rsa_import(mbedtls_rsa_context *ctx, @@ -487,7 +634,7 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, if ((padding == MBEDTLS_RSA_PKCS_V21) && (hash_id != MBEDTLS_MD_NONE)) { /* Just make sure this hash is supported in this build. */ - if (mbedtls_hash_info_psa_from_md(hash_id) == PSA_ALG_NONE) { + if (mbedtls_md_info_from_type(hash_id) == NULL) { return MBEDTLS_ERR_RSA_INVALID_PADDING; } } @@ -499,10 +646,25 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, return 0; } +/* + * Get padding mode of initialized RSA context + */ +int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) +{ + return ctx->padding; +} + +/* + * Get hash identifier of mbedtls_md_type_t type + */ +int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx) +{ + return ctx->hash_id; +} + /* * Get length in bytes of RSA modulus */ - size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx) { return ctx->len; @@ -539,7 +701,12 @@ int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, mbedtls_mpi_init(&G); mbedtls_mpi_init(&L); - if (nbits < 128 || exponent < 3 || nbits % 2 != 0) { + if (exponent < 3 || nbits % 2 != 0) { + ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + goto cleanup; + } + + if (nbits < MBEDTLS_RSA_GEN_KEY_MIN_BITS) { ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA; goto cleanup; } @@ -1070,8 +1237,7 @@ static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, unsigned char *p; unsigned int hlen; size_t i, use_len; - unsigned char mask[MBEDTLS_HASH_MAX_SIZE]; -#if defined(MBEDTLS_MD_C) + unsigned char mask[MBEDTLS_MD_MAX_SIZE]; int ret = 0; const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; @@ -1088,14 +1254,6 @@ static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, } hlen = mbedtls_md_get_size(md_info); -#else - psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; - psa_algorithm_t alg = mbedtls_psa_translate_md(md_alg); - psa_status_t status = PSA_SUCCESS; - size_t out_len; - - hlen = PSA_HASH_LENGTH(alg); -#endif memset(mask, 0, sizeof(mask)); memset(counter, 0, 4); @@ -1109,7 +1267,6 @@ static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, use_len = dlen; } -#if defined(MBEDTLS_MD_C) if ((ret = mbedtls_md_starts(&md_ctx)) != 0) { goto exit; } @@ -1122,21 +1279,6 @@ static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, if ((ret = mbedtls_md_finish(&md_ctx, mask)) != 0) { goto exit; } -#else - if ((status = psa_hash_setup(&op, alg)) != PSA_SUCCESS) { - goto exit; - } - if ((status = psa_hash_update(&op, src, slen)) != PSA_SUCCESS) { - goto exit; - } - if ((status = psa_hash_update(&op, counter, 4)) != PSA_SUCCESS) { - goto exit; - } - status = psa_hash_finish(&op, mask, sizeof(mask), &out_len); - if (status != PSA_SUCCESS) { - goto exit; - } -#endif for (i = 0; i < use_len; ++i) { *p++ ^= mask[i]; @@ -1149,15 +1291,9 @@ static int mgf_mask(unsigned char *dst, size_t dlen, unsigned char *src, exit: mbedtls_platform_zeroize(mask, sizeof(mask)); -#if defined(MBEDTLS_MD_C) mbedtls_md_free(&md_ctx); return ret; -#else - psa_hash_abort(&op); - - return mbedtls_md_error_from_psa(status); -#endif } /** @@ -1176,7 +1312,6 @@ static int hash_mprime(const unsigned char *hash, size_t hlen, { const unsigned char zeros[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; -#if defined(MBEDTLS_MD_C) mbedtls_md_context_t md_ctx; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -1209,35 +1344,6 @@ exit: mbedtls_md_free(&md_ctx); return ret; -#else - psa_hash_operation_t op = PSA_HASH_OPERATION_INIT; - psa_algorithm_t alg = mbedtls_psa_translate_md(md_alg); - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - size_t out_size = PSA_HASH_LENGTH(alg); - size_t out_len; - - if ((status = psa_hash_setup(&op, alg)) != PSA_SUCCESS) { - goto exit; - } - if ((status = psa_hash_update(&op, zeros, sizeof(zeros))) != PSA_SUCCESS) { - goto exit; - } - if ((status = psa_hash_update(&op, hash, hlen)) != PSA_SUCCESS) { - goto exit; - } - if ((status = psa_hash_update(&op, salt, slen)) != PSA_SUCCESS) { - goto exit; - } - status = psa_hash_finish(&op, out, out_size, &out_len); - if (status != PSA_SUCCESS) { - goto exit; - } - -exit: - psa_hash_abort(&op); - - return mbedtls_md_error_from_psa(status); -#endif /* !MBEDTLS_MD_C */ } /** @@ -1252,7 +1358,6 @@ static int compute_hash(mbedtls_md_type_t md_alg, const unsigned char *input, size_t ilen, unsigned char *output) { -#if defined(MBEDTLS_MD_C) const mbedtls_md_info_t *md_info; md_info = mbedtls_md_info_from_type(md_alg); @@ -1261,16 +1366,6 @@ static int compute_hash(mbedtls_md_type_t md_alg, } return mbedtls_md(md_info, input, ilen, output); -#else - psa_algorithm_t alg = mbedtls_psa_translate_md(md_alg); - psa_status_t status; - size_t out_size = PSA_HASH_LENGTH(alg); - size_t out_len; - - status = psa_hash_compute(alg, input, ilen, output, out_size, &out_len); - - return mbedtls_md_error_from_psa(status); -#endif /* !MBEDTLS_MD_C */ } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1295,7 +1390,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - hlen = mbedtls_hash_info_get_size((mbedtls_md_type_t) ctx->hash_id); + hlen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) ctx->hash_id); if (hlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1332,13 +1427,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, /* maskedDB: Apply dbMask to DB */ if ((ret = mgf_mask(output + hlen + 1, olen - hlen - 1, output + 1, hlen, - ctx->hash_id)) != 0) { + (mbedtls_md_type_t) ctx->hash_id)) != 0) { return ret; } /* maskedSeed: Apply seedMask to seed */ if ((ret = mgf_mask(output + 1, hlen, output + hlen + 1, olen - hlen - 1, - ctx->hash_id)) != 0) { + (mbedtls_md_type_t) ctx->hash_id)) != 0) { return ret; } @@ -1444,9 +1539,10 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t ilen, i, pad_len; - unsigned char *p, bad, pad_done; + unsigned char *p; + mbedtls_ct_condition_t bad, in_padding; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; - unsigned char lhash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char lhash[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; /* @@ -1462,7 +1558,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - hlen = mbedtls_hash_info_get_size((mbedtls_md_type_t) ctx->hash_id); + hlen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) ctx->hash_id); if (hlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1486,10 +1582,10 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, */ /* seed: Apply seedMask to maskedSeed */ if ((ret = mgf_mask(buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, - ctx->hash_id)) != 0 || + (mbedtls_md_type_t) ctx->hash_id)) != 0 || /* DB: Apply dbMask to maskedDB */ (ret = mgf_mask(buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, - ctx->hash_id)) != 0) { + (mbedtls_md_type_t) ctx->hash_id)) != 0) { goto cleanup; } @@ -1504,28 +1600,26 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, * Check contents, in "constant-time" */ p = buf; - bad = 0; - bad |= *p++; /* First byte must be 0 */ + bad = mbedtls_ct_bool(*p++); /* First byte must be 0 */ p += hlen; /* Skip seed */ /* Check lHash */ - for (i = 0; i < hlen; i++) { - bad |= lhash[i] ^ *p++; - } + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_bool(mbedtls_ct_memcmp(lhash, p, hlen))); + p += hlen; /* Get zero-padding len, but always read till end of buffer * (minus one, for the 01 byte) */ pad_len = 0; - pad_done = 0; + in_padding = MBEDTLS_CT_TRUE; for (i = 0; i < ilen - 2 * hlen - 2; i++) { - pad_done |= p[i]; - pad_len += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1; + in_padding = mbedtls_ct_bool_and(in_padding, mbedtls_ct_uint_eq(p[i], 0)); + pad_len += mbedtls_ct_uint_if_else_0(in_padding, 1); } p += pad_len; - bad |= *p++ ^ 0x01; + bad = mbedtls_ct_bool_or(bad, mbedtls_ct_uint_ne(*p++, 0x01)); /* * The only information "leaked" is whether the padding was correct or not @@ -1533,7 +1627,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, * recommendations in PKCS#1 v2.2: an opponent cannot distinguish between * the different error conditions. */ - if (bad != 0) { + if (bad != MBEDTLS_CT_FALSE) { ret = MBEDTLS_ERR_RSA_INVALID_PADDING; goto cleanup; } @@ -1662,7 +1756,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, if (md_alg != MBEDTLS_MD_NONE) { /* Gather length of hash to sign */ - size_t exp_hashlen = mbedtls_hash_info_get_size(md_alg); + size_t exp_hashlen = mbedtls_md_get_size_from_type(md_alg); if (exp_hashlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1672,7 +1766,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, } } - hlen = mbedtls_hash_info_get_size((mbedtls_md_type_t) ctx->hash_id); + hlen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) ctx->hash_id); if (hlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1715,7 +1809,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, p += slen; /* Generate H = Hash( M' ) */ - ret = hash_mprime(hash, hashlen, salt, slen, p, ctx->hash_id); + ret = hash_mprime(hash, hashlen, salt, slen, p, (mbedtls_md_type_t) ctx->hash_id); if (ret != 0) { return ret; } @@ -1727,7 +1821,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, /* maskedDB: Apply dbMask to DB */ ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, - ctx->hash_id); + (mbedtls_md_type_t) ctx->hash_id); if (ret != 0) { return ret; } @@ -1810,7 +1904,7 @@ static int rsa_rsassa_pkcs1_v15_encode(mbedtls_md_type_t md_alg, /* Are we signing hashed or raw data? */ if (md_alg != MBEDTLS_MD_NONE) { - unsigned char md_size = mbedtls_hash_info_get_size(md_alg); + unsigned char md_size = mbedtls_md_get_size_from_type(md_alg); if (md_size == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1971,10 +2065,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, memcpy(sig, sig_try, ctx->len); cleanup: - mbedtls_platform_zeroize(sig_try, ctx->len); - mbedtls_platform_zeroize(verif, ctx->len); - mbedtls_free(sig_try); - mbedtls_free(verif); + mbedtls_zeroize_and_free(sig_try, ctx->len); + mbedtls_zeroize_and_free(verif, ctx->len); if (ret != 0) { memset(sig, '!', ctx->len); @@ -2032,7 +2124,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, size_t siglen; unsigned char *p; unsigned char *hash_start; - unsigned char result[MBEDTLS_HASH_MAX_SIZE]; + unsigned char result[MBEDTLS_MD_MAX_SIZE]; unsigned int hlen; size_t observed_salt_len, msb; unsigned char buf[MBEDTLS_MPI_MAX_SIZE] = { 0 }; @@ -2061,7 +2153,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, if (md_alg != MBEDTLS_MD_NONE) { /* Gather length of hash to sign */ - size_t exp_hashlen = mbedtls_hash_info_get_size(md_alg); + size_t exp_hashlen = mbedtls_md_get_size_from_type(md_alg); if (exp_hashlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -2071,7 +2163,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, } } - hlen = mbedtls_hash_info_get_size(mgf1_hash_id); + hlen = mbedtls_md_get_size_from_type(mgf1_hash_id); if (hlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -2218,13 +2310,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, cleanup: if (encoded != NULL) { - mbedtls_platform_zeroize(encoded, sig_len); - mbedtls_free(encoded); + mbedtls_zeroize_and_free(encoded, sig_len); } if (encoded_expected != NULL) { - mbedtls_platform_zeroize(encoded_expected, sig_len); - mbedtls_free(encoded_expected); + mbedtls_zeroize_and_free(encoded_expected, sig_len); } return ret; @@ -2341,7 +2431,7 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx) #if defined(MBEDTLS_SELF_TEST) -#include "mbedtls/sha1.h" +#include "mbedtls/md.h" /* * Example RSA-1024 keypair, for test purposes @@ -2419,7 +2509,7 @@ int mbedtls_rsa_self_test(int verbose) unsigned char rsa_plaintext[PT_LEN]; unsigned char rsa_decrypted[PT_LEN]; unsigned char rsa_ciphertext[KEY_LEN]; -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) unsigned char sha1sum[20]; #endif @@ -2500,12 +2590,13 @@ int mbedtls_rsa_self_test(int verbose) mbedtls_printf("passed\n"); } -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) if (verbose != 0) { mbedtls_printf(" PKCS#1 data sign : "); } - if (mbedtls_sha1(rsa_plaintext, PT_LEN, sha1sum) != 0) { + if (mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), + rsa_plaintext, PT_LEN, sha1sum) != 0) { if (verbose != 0) { mbedtls_printf("failed\n"); } @@ -2541,7 +2632,7 @@ int mbedtls_rsa_self_test(int verbose) if (verbose != 0) { mbedtls_printf("passed\n"); } -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ if (verbose != 0) { mbedtls_printf("\n"); diff --git a/library/rsa_alt_helpers.c b/library/rsa_alt_helpers.c index 3451469b9..5cc4636e4 100644 --- a/library/rsa_alt_helpers.c +++ b/library/rsa_alt_helpers.c @@ -126,7 +126,7 @@ int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, } for (; attempt < num_primes; ++attempt) { - mbedtls_mpi_lset(&K, primes[attempt]); + MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&K, primes[attempt])); /* Check if gcd(K,N) = 1 */ MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N)); diff --git a/library/sha1.c b/library/sha1.c index 4c9cbf5e8..28a57b644 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -322,7 +322,7 @@ int mbedtls_sha1_finish(mbedtls_sha1_context *ctx, memset(ctx->buffer + used, 0, 64 - used); if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } memset(ctx->buffer, 0, 56); @@ -339,7 +339,7 @@ int mbedtls_sha1_finish(mbedtls_sha1_context *ctx, MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60); if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } /* @@ -351,7 +351,11 @@ int mbedtls_sha1_finish(mbedtls_sha1_context *ctx, MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12); MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16); - return 0; + ret = 0; + +exit: + mbedtls_sha1_free(ctx); + return ret; } #endif /* !MBEDTLS_SHA1_ALT */ @@ -382,7 +386,6 @@ int mbedtls_sha1(const unsigned char *input, exit: mbedtls_sha1_free(&ctx); - return ret; } diff --git a/library/sha256.c b/library/sha256.c index 16fd20d8c..223badf00 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -22,6 +22,28 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ +#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ + defined(__clang__) && __clang_major__ >= 4 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. + * + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. + */ +#define __ARM_FEATURE_CRYPTO 1 +/* See: https://arm-software.github.io/acle/main/acle.html#cryptographic-extensions + * + * `__ARM_FEATURE_CRYPTO` is deprecated, but we need to continue to specify it + * for older compilers. + */ +#define __ARM_FEATURE_SHA2 1 +#define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG +#endif + #include "common.h" #if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) @@ -35,9 +57,48 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) + # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) -# include + +/* *INDENT-OFF* */ + +# ifdef __ARM_NEON +# include +# else +# error "Target does not support NEON instructions" +# endif + +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) +# if defined(__ARMCOMPILER_VERSION) +# if __ARMCOMPILER_VERSION <= 6090000 +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# endif +# pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__clang__) +# if __clang_major__ < 4 +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# endif +# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# elif defined(__GNUC__) + /* FIXME: GCC 5 claims to support Armv8 Crypto Extensions, but some + * intrinsics are missing. Missing intrinsics could be worked around. + */ +# if __GNUC__ < 6 +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# else +# pragma GCC push_options +# pragma GCC target ("arch=armv8-a+crypto") +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# else +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# endif +# endif +/* *INDENT-ON* */ + # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) @@ -89,12 +150,6 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) #include #include -/* *INDENT-OFF* */ -#ifndef asm -#define asm __asm__ -#endif -/* *INDENT-ON* */ - static jmp_buf return_from_sigill; /* @@ -361,6 +416,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) +#pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif #if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many @@ -618,6 +681,7 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; uint32_t high, low; + int truncated = 0; /* * Add padding: 0x80 then 0x00 until 8 bytes remain for the length @@ -634,7 +698,7 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, memset(ctx->buffer + used, 0, SHA256_BLOCK_SIZE - used); if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } memset(ctx->buffer, 0, 56); @@ -651,7 +715,7 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60); if ((ret = mbedtls_internal_sha256_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } /* @@ -665,7 +729,6 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, MBEDTLS_PUT_UINT32_BE(ctx->state[5], output, 20); MBEDTLS_PUT_UINT32_BE(ctx->state[6], output, 24); - int truncated = 0; #if defined(MBEDTLS_SHA224_C) truncated = ctx->is224; #endif @@ -673,7 +736,11 @@ int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, MBEDTLS_PUT_UINT32_BE(ctx->state[7], output, 28); } - return 0; + ret = 0; + +exit: + mbedtls_sha256_free(ctx); + return ret; } #endif /* !MBEDTLS_SHA256_ALT */ diff --git a/library/sha3.c b/library/sha3.c new file mode 100644 index 000000000..4c1a1a9d4 --- /dev/null +++ b/library/sha3.c @@ -0,0 +1,638 @@ +/* + * FIPS-202 compliant SHA3 implementation + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * The SHA-3 Secure Hash Standard was published by NIST in 2015. + * + * https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.202.pdf + */ + +#include "common.h" + +#if defined(MBEDTLS_SHA3_C) + +#include "mbedtls/sha3.h" +#include "mbedtls/platform_util.h" +#include "mbedtls/error.h" + +#include + +#if defined(MBEDTLS_SELF_TEST) +#include "mbedtls/platform.h" +#endif /* MBEDTLS_SELF_TEST */ + +#define XOR_BYTE 0x6 + +typedef struct mbedtls_sha3_family_functions { + mbedtls_sha3_id id; + + uint16_t r; + uint16_t olen; +} +mbedtls_sha3_family_functions; + +/* + * List of supported SHA-3 families + */ +static mbedtls_sha3_family_functions sha3_families[] = { + { MBEDTLS_SHA3_224, 1152, 224 }, + { MBEDTLS_SHA3_256, 1088, 256 }, + { MBEDTLS_SHA3_384, 832, 384 }, + { MBEDTLS_SHA3_512, 576, 512 }, + { MBEDTLS_SHA3_NONE, 0, 0 } +}; + +static const uint64_t rc[24] = { + 0x0000000000000001, 0x0000000000008082, 0x800000000000808a, 0x8000000080008000, + 0x000000000000808b, 0x0000000080000001, 0x8000000080008081, 0x8000000000008009, + 0x000000000000008a, 0x0000000000000088, 0x0000000080008009, 0x000000008000000a, + 0x000000008000808b, 0x800000000000008b, 0x8000000000008089, 0x8000000000008003, + 0x8000000000008002, 0x8000000000000080, 0x000000000000800a, 0x800000008000000a, + 0x8000000080008081, 0x8000000000008080, 0x0000000080000001, 0x8000000080008008, +}; + +static const uint8_t rho[24] = { + 1, 62, 28, 27, 36, 44, 6, 55, 20, + 3, 10, 43, 25, 39, 41, 45, 15, + 21, 8, 18, 2, 61, 56, 14 +}; + +static const uint8_t pi[24] = { + 10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4, + 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1, +}; + +#define ROT64(x, y) (((x) << (y)) | ((x) >> (64U - (y)))) +#define ABSORB(ctx, idx, v) do { ctx->state[(idx) >> 3] ^= ((uint64_t) (v)) << (((idx) & 0x7) << 3); \ +} while (0) +#define SQUEEZE(ctx, idx) ((uint8_t) (ctx->state[(idx) >> 3] >> (((idx) & 0x7) << 3))) +#define SWAP(x, y) do { uint64_t tmp = (x); (x) = (y); (y) = tmp; } while (0) + +/* The permutation function. */ +static void keccak_f1600(mbedtls_sha3_context *ctx) +{ + uint64_t lane[5]; + uint64_t *s = ctx->state; + int i; + + for (int round = 0; round < 24; round++) { + uint64_t t; + + /* Theta */ + lane[0] = s[0] ^ s[5] ^ s[10] ^ s[15] ^ s[20]; + lane[1] = s[1] ^ s[6] ^ s[11] ^ s[16] ^ s[21]; + lane[2] = s[2] ^ s[7] ^ s[12] ^ s[17] ^ s[22]; + lane[3] = s[3] ^ s[8] ^ s[13] ^ s[18] ^ s[23]; + lane[4] = s[4] ^ s[9] ^ s[14] ^ s[19] ^ s[24]; + + t = lane[4] ^ ROT64(lane[1], 1); + s[0] ^= t; s[5] ^= t; s[10] ^= t; s[15] ^= t; s[20] ^= t; + + t = lane[0] ^ ROT64(lane[2], 1); + s[1] ^= t; s[6] ^= t; s[11] ^= t; s[16] ^= t; s[21] ^= t; + + t = lane[1] ^ ROT64(lane[3], 1); + s[2] ^= t; s[7] ^= t; s[12] ^= t; s[17] ^= t; s[22] ^= t; + + t = lane[2] ^ ROT64(lane[4], 1); + s[3] ^= t; s[8] ^= t; s[13] ^= t; s[18] ^= t; s[23] ^= t; + + t = lane[3] ^ ROT64(lane[0], 1); + s[4] ^= t; s[9] ^= t; s[14] ^= t; s[19] ^= t; s[24] ^= t; + + /* Rho */ + for (i = 1; i < 25; i++) { + s[i] = ROT64(s[i], rho[i-1]); + } + + /* Pi */ + t = s[1]; + for (i = 0; i < 24; i++) { + SWAP(s[pi[i]], t); + } + + /* Chi */ + lane[0] = s[0]; lane[1] = s[1]; lane[2] = s[2]; lane[3] = s[3]; lane[4] = s[4]; + s[0] ^= (~lane[1]) & lane[2]; + s[1] ^= (~lane[2]) & lane[3]; + s[2] ^= (~lane[3]) & lane[4]; + s[3] ^= (~lane[4]) & lane[0]; + s[4] ^= (~lane[0]) & lane[1]; + + lane[0] = s[5]; lane[1] = s[6]; lane[2] = s[7]; lane[3] = s[8]; lane[4] = s[9]; + s[5] ^= (~lane[1]) & lane[2]; + s[6] ^= (~lane[2]) & lane[3]; + s[7] ^= (~lane[3]) & lane[4]; + s[8] ^= (~lane[4]) & lane[0]; + s[9] ^= (~lane[0]) & lane[1]; + + lane[0] = s[10]; lane[1] = s[11]; lane[2] = s[12]; lane[3] = s[13]; lane[4] = s[14]; + s[10] ^= (~lane[1]) & lane[2]; + s[11] ^= (~lane[2]) & lane[3]; + s[12] ^= (~lane[3]) & lane[4]; + s[13] ^= (~lane[4]) & lane[0]; + s[14] ^= (~lane[0]) & lane[1]; + + lane[0] = s[15]; lane[1] = s[16]; lane[2] = s[17]; lane[3] = s[18]; lane[4] = s[19]; + s[15] ^= (~lane[1]) & lane[2]; + s[16] ^= (~lane[2]) & lane[3]; + s[17] ^= (~lane[3]) & lane[4]; + s[18] ^= (~lane[4]) & lane[0]; + s[19] ^= (~lane[0]) & lane[1]; + + lane[0] = s[20]; lane[1] = s[21]; lane[2] = s[22]; lane[3] = s[23]; lane[4] = s[24]; + s[20] ^= (~lane[1]) & lane[2]; + s[21] ^= (~lane[2]) & lane[3]; + s[22] ^= (~lane[3]) & lane[4]; + s[23] ^= (~lane[4]) & lane[0]; + s[24] ^= (~lane[0]) & lane[1]; + + /* Iota */ + s[0] ^= rc[round]; + } +} + +void mbedtls_sha3_init(mbedtls_sha3_context *ctx) +{ + memset(ctx, 0, sizeof(mbedtls_sha3_context)); +} + +void mbedtls_sha3_free(mbedtls_sha3_context *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha3_context)); +} + +void mbedtls_sha3_clone(mbedtls_sha3_context *dst, + const mbedtls_sha3_context *src) +{ + *dst = *src; +} + +/* + * SHA-3 context setup + */ +int mbedtls_sha3_starts(mbedtls_sha3_context *ctx, mbedtls_sha3_id id) +{ + mbedtls_sha3_family_functions *p = NULL; + + for (p = sha3_families; p->id != MBEDTLS_SHA3_NONE; p++) { + if (p->id == id) { + break; + } + } + + if (p->id == MBEDTLS_SHA3_NONE) { + return MBEDTLS_ERR_SHA3_BAD_INPUT_DATA; + } + + ctx->olen = p->olen / 8; + ctx->max_block_size = p->r / 8; + + memset(ctx->state, 0, sizeof(ctx->state)); + ctx->index = 0; + + return 0; +} + +/* + * SHA-3 process buffer + */ +int mbedtls_sha3_update(mbedtls_sha3_context *ctx, + const uint8_t *input, + size_t ilen) +{ + if (ilen >= 8) { + // 8-byte align index + int align_bytes = 8 - (ctx->index % 8); + if (align_bytes) { + for (; align_bytes > 0; align_bytes--) { + ABSORB(ctx, ctx->index, *input++); + ilen--; + ctx->index++; + } + if ((ctx->index = ctx->index % ctx->max_block_size) == 0) { + keccak_f1600(ctx); + } + } + + // process input in 8-byte chunks + while (ilen >= 8) { + ABSORB(ctx, ctx->index, MBEDTLS_GET_UINT64_LE(input, 0)); + input += 8; + ilen -= 8; + if ((ctx->index = (ctx->index + 8) % ctx->max_block_size) == 0) { + keccak_f1600(ctx); + } + } + } + + // handle remaining bytes + while (ilen-- > 0) { + ABSORB(ctx, ctx->index, *input++); + if ((ctx->index = (ctx->index + 1) % ctx->max_block_size) == 0) { + keccak_f1600(ctx); + } + } + + return 0; +} + +int mbedtls_sha3_finish(mbedtls_sha3_context *ctx, + uint8_t *output, size_t olen) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* Catch SHA-3 families, with fixed output length */ + if (ctx->olen > 0) { + if (ctx->olen > olen) { + ret = MBEDTLS_ERR_SHA3_BAD_INPUT_DATA; + goto exit; + } + olen = ctx->olen; + } + + ABSORB(ctx, ctx->index, XOR_BYTE); + ABSORB(ctx, ctx->max_block_size - 1, 0x80); + keccak_f1600(ctx); + ctx->index = 0; + + while (olen-- > 0) { + *output++ = SQUEEZE(ctx, ctx->index); + + if ((ctx->index = (ctx->index + 1) % ctx->max_block_size) == 0) { + keccak_f1600(ctx); + } + } + + ret = 0; + +exit: + mbedtls_sha3_free(ctx); + return ret; +} + +/* + * output = SHA-3( input buffer ) + */ +int mbedtls_sha3(mbedtls_sha3_id id, const uint8_t *input, + size_t ilen, uint8_t *output, size_t olen) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_sha3_context ctx; + + mbedtls_sha3_init(&ctx); + + /* Sanity checks are performed in every mbedtls_sha3_xxx() */ + if ((ret = mbedtls_sha3_starts(&ctx, id)) != 0) { + goto exit; + } + + if ((ret = mbedtls_sha3_update(&ctx, input, ilen)) != 0) { + goto exit; + } + + if ((ret = mbedtls_sha3_finish(&ctx, output, olen)) != 0) { + goto exit; + } + +exit: + mbedtls_sha3_free(&ctx); + + return ret; +} + +/**************** Self-tests ****************/ + +#if defined(MBEDTLS_SELF_TEST) + +static const unsigned char test_data[2][4] = +{ + "", + "abc", +}; + +static const size_t test_data_len[2] = +{ + 0, /* "" */ + 3 /* "abc" */ +}; + +static const unsigned char test_hash_sha3_224[2][28] = +{ + { /* "" */ + 0x6B, 0x4E, 0x03, 0x42, 0x36, 0x67, 0xDB, 0xB7, + 0x3B, 0x6E, 0x15, 0x45, 0x4F, 0x0E, 0xB1, 0xAB, + 0xD4, 0x59, 0x7F, 0x9A, 0x1B, 0x07, 0x8E, 0x3F, + 0x5B, 0x5A, 0x6B, 0xC7 + }, + { /* "abc" */ + 0xE6, 0x42, 0x82, 0x4C, 0x3F, 0x8C, 0xF2, 0x4A, + 0xD0, 0x92, 0x34, 0xEE, 0x7D, 0x3C, 0x76, 0x6F, + 0xC9, 0xA3, 0xA5, 0x16, 0x8D, 0x0C, 0x94, 0xAD, + 0x73, 0xB4, 0x6F, 0xDF + } +}; + +static const unsigned char test_hash_sha3_256[2][32] = +{ + { /* "" */ + 0xA7, 0xFF, 0xC6, 0xF8, 0xBF, 0x1E, 0xD7, 0x66, + 0x51, 0xC1, 0x47, 0x56, 0xA0, 0x61, 0xD6, 0x62, + 0xF5, 0x80, 0xFF, 0x4D, 0xE4, 0x3B, 0x49, 0xFA, + 0x82, 0xD8, 0x0A, 0x4B, 0x80, 0xF8, 0x43, 0x4A + }, + { /* "abc" */ + 0x3A, 0x98, 0x5D, 0xA7, 0x4F, 0xE2, 0x25, 0xB2, + 0x04, 0x5C, 0x17, 0x2D, 0x6B, 0xD3, 0x90, 0xBD, + 0x85, 0x5F, 0x08, 0x6E, 0x3E, 0x9D, 0x52, 0x5B, + 0x46, 0xBF, 0xE2, 0x45, 0x11, 0x43, 0x15, 0x32 + } +}; + +static const unsigned char test_hash_sha3_384[2][48] = +{ + { /* "" */ + 0x0C, 0x63, 0xA7, 0x5B, 0x84, 0x5E, 0x4F, 0x7D, + 0x01, 0x10, 0x7D, 0x85, 0x2E, 0x4C, 0x24, 0x85, + 0xC5, 0x1A, 0x50, 0xAA, 0xAA, 0x94, 0xFC, 0x61, + 0x99, 0x5E, 0x71, 0xBB, 0xEE, 0x98, 0x3A, 0x2A, + 0xC3, 0x71, 0x38, 0x31, 0x26, 0x4A, 0xDB, 0x47, + 0xFB, 0x6B, 0xD1, 0xE0, 0x58, 0xD5, 0xF0, 0x04 + }, + { /* "abc" */ + 0xEC, 0x01, 0x49, 0x82, 0x88, 0x51, 0x6F, 0xC9, + 0x26, 0x45, 0x9F, 0x58, 0xE2, 0xC6, 0xAD, 0x8D, + 0xF9, 0xB4, 0x73, 0xCB, 0x0F, 0xC0, 0x8C, 0x25, + 0x96, 0xDA, 0x7C, 0xF0, 0xE4, 0x9B, 0xE4, 0xB2, + 0x98, 0xD8, 0x8C, 0xEA, 0x92, 0x7A, 0xC7, 0xF5, + 0x39, 0xF1, 0xED, 0xF2, 0x28, 0x37, 0x6D, 0x25 + } +}; + +static const unsigned char test_hash_sha3_512[2][64] = +{ + { /* "" */ + 0xA6, 0x9F, 0x73, 0xCC, 0xA2, 0x3A, 0x9A, 0xC5, + 0xC8, 0xB5, 0x67, 0xDC, 0x18, 0x5A, 0x75, 0x6E, + 0x97, 0xC9, 0x82, 0x16, 0x4F, 0xE2, 0x58, 0x59, + 0xE0, 0xD1, 0xDC, 0xC1, 0x47, 0x5C, 0x80, 0xA6, + 0x15, 0xB2, 0x12, 0x3A, 0xF1, 0xF5, 0xF9, 0x4C, + 0x11, 0xE3, 0xE9, 0x40, 0x2C, 0x3A, 0xC5, 0x58, + 0xF5, 0x00, 0x19, 0x9D, 0x95, 0xB6, 0xD3, 0xE3, + 0x01, 0x75, 0x85, 0x86, 0x28, 0x1D, 0xCD, 0x26 + }, + { /* "abc" */ + 0xB7, 0x51, 0x85, 0x0B, 0x1A, 0x57, 0x16, 0x8A, + 0x56, 0x93, 0xCD, 0x92, 0x4B, 0x6B, 0x09, 0x6E, + 0x08, 0xF6, 0x21, 0x82, 0x74, 0x44, 0xF7, 0x0D, + 0x88, 0x4F, 0x5D, 0x02, 0x40, 0xD2, 0x71, 0x2E, + 0x10, 0xE1, 0x16, 0xE9, 0x19, 0x2A, 0xF3, 0xC9, + 0x1A, 0x7E, 0xC5, 0x76, 0x47, 0xE3, 0x93, 0x40, + 0x57, 0x34, 0x0B, 0x4C, 0xF4, 0x08, 0xD5, 0xA5, + 0x65, 0x92, 0xF8, 0x27, 0x4E, 0xEC, 0x53, 0xF0 + } +}; + +static const unsigned char long_kat_hash_sha3_224[28] = +{ + 0xD6, 0x93, 0x35, 0xB9, 0x33, 0x25, 0x19, 0x2E, + 0x51, 0x6A, 0x91, 0x2E, 0x6D, 0x19, 0xA1, 0x5C, + 0xB5, 0x1C, 0x6E, 0xD5, 0xC1, 0x52, 0x43, 0xE7, + 0xA7, 0xFD, 0x65, 0x3C +}; + +static const unsigned char long_kat_hash_sha3_256[32] = +{ + 0x5C, 0x88, 0x75, 0xAE, 0x47, 0x4A, 0x36, 0x34, + 0xBA, 0x4F, 0xD5, 0x5E, 0xC8, 0x5B, 0xFF, 0xD6, + 0x61, 0xF3, 0x2A, 0xCA, 0x75, 0xC6, 0xD6, 0x99, + 0xD0, 0xCD, 0xCB, 0x6C, 0x11, 0x58, 0x91, 0xC1 +}; + +static const unsigned char long_kat_hash_sha3_384[48] = +{ + 0xEE, 0xE9, 0xE2, 0x4D, 0x78, 0xC1, 0x85, 0x53, + 0x37, 0x98, 0x34, 0x51, 0xDF, 0x97, 0xC8, 0xAD, + 0x9E, 0xED, 0xF2, 0x56, 0xC6, 0x33, 0x4F, 0x8E, + 0x94, 0x8D, 0x25, 0x2D, 0x5E, 0x0E, 0x76, 0x84, + 0x7A, 0xA0, 0x77, 0x4D, 0xDB, 0x90, 0xA8, 0x42, + 0x19, 0x0D, 0x2C, 0x55, 0x8B, 0x4B, 0x83, 0x40 +}; + +static const unsigned char long_kat_hash_sha3_512[64] = +{ + 0x3C, 0x3A, 0x87, 0x6D, 0xA1, 0x40, 0x34, 0xAB, + 0x60, 0x62, 0x7C, 0x07, 0x7B, 0xB9, 0x8F, 0x7E, + 0x12, 0x0A, 0x2A, 0x53, 0x70, 0x21, 0x2D, 0xFF, + 0xB3, 0x38, 0x5A, 0x18, 0xD4, 0xF3, 0x88, 0x59, + 0xED, 0x31, 0x1D, 0x0A, 0x9D, 0x51, 0x41, 0xCE, + 0x9C, 0xC5, 0xC6, 0x6E, 0xE6, 0x89, 0xB2, 0x66, + 0xA8, 0xAA, 0x18, 0xAC, 0xE8, 0x28, 0x2A, 0x0E, + 0x0D, 0xB5, 0x96, 0xC9, 0x0B, 0x0A, 0x7B, 0x87 +}; + +static int mbedtls_sha3_kat_test(int verbose, + const char *type_name, + mbedtls_sha3_id id, + int test_num) +{ + uint8_t hash[64]; + int result; + + result = mbedtls_sha3(id, + test_data[test_num], test_data_len[test_num], + hash, sizeof(hash)); + if (result != 0) { + if (verbose != 0) { + mbedtls_printf(" %s test %d error code: %d\n", + type_name, test_num, result); + } + + return result; + } + + switch (id) { + case MBEDTLS_SHA3_224: + result = memcmp(hash, test_hash_sha3_224[test_num], 28); + break; + case MBEDTLS_SHA3_256: + result = memcmp(hash, test_hash_sha3_256[test_num], 32); + break; + case MBEDTLS_SHA3_384: + result = memcmp(hash, test_hash_sha3_384[test_num], 48); + break; + case MBEDTLS_SHA3_512: + result = memcmp(hash, test_hash_sha3_512[test_num], 64); + break; + default: + break; + } + + if (0 != result) { + if (verbose != 0) { + mbedtls_printf(" %s test %d failed\n", type_name, test_num); + } + + return -1; + } + + if (verbose != 0) { + mbedtls_printf(" %s test %d passed\n", type_name, test_num); + } + + return 0; +} + +static int mbedtls_sha3_long_kat_test(int verbose, + const char *type_name, + mbedtls_sha3_id id) +{ + mbedtls_sha3_context ctx; + unsigned char buffer[1000]; + unsigned char hash[64]; + int result = 0; + + memset(buffer, 'a', 1000); + + if (verbose != 0) { + mbedtls_printf(" %s long KAT test ", type_name); + } + + mbedtls_sha3_init(&ctx); + + result = mbedtls_sha3_starts(&ctx, id); + if (result != 0) { + if (verbose != 0) { + mbedtls_printf("setup failed\n "); + } + } + + /* Process 1,000,000 (one million) 'a' characters */ + for (int i = 0; i < 1000; i++) { + result = mbedtls_sha3_update(&ctx, buffer, 1000); + if (result != 0) { + if (verbose != 0) { + mbedtls_printf("update error code: %i\n", result); + } + + goto cleanup; + } + } + + result = mbedtls_sha3_finish(&ctx, hash, sizeof(hash)); + if (result != 0) { + if (verbose != 0) { + mbedtls_printf("finish error code: %d\n", result); + } + + goto cleanup; + } + + switch (id) { + case MBEDTLS_SHA3_224: + result = memcmp(hash, long_kat_hash_sha3_224, 28); + break; + case MBEDTLS_SHA3_256: + result = memcmp(hash, long_kat_hash_sha3_256, 32); + break; + case MBEDTLS_SHA3_384: + result = memcmp(hash, long_kat_hash_sha3_384, 48); + break; + case MBEDTLS_SHA3_512: + result = memcmp(hash, long_kat_hash_sha3_512, 64); + break; + default: + break; + } + + if (result != 0) { + if (verbose != 0) { + mbedtls_printf("failed\n"); + } + } + + if (verbose != 0) { + mbedtls_printf("passed\n"); + } + +cleanup: + mbedtls_sha3_free(&ctx); + return result; +} + +int mbedtls_sha3_self_test(int verbose) +{ + int i; + + /* SHA-3 Known Answer Tests (KAT) */ + for (i = 0; i < 2; i++) { + if (0 != mbedtls_sha3_kat_test(verbose, + "SHA3-224", MBEDTLS_SHA3_224, i)) { + return 1; + } + + if (0 != mbedtls_sha3_kat_test(verbose, + "SHA3-256", MBEDTLS_SHA3_256, i)) { + return 1; + } + + if (0 != mbedtls_sha3_kat_test(verbose, + "SHA3-384", MBEDTLS_SHA3_384, i)) { + return 1; + } + + if (0 != mbedtls_sha3_kat_test(verbose, + "SHA3-512", MBEDTLS_SHA3_512, i)) { + return 1; + } + } + + /* SHA-3 long KAT tests */ + if (0 != mbedtls_sha3_long_kat_test(verbose, + "SHA3-224", MBEDTLS_SHA3_224)) { + return 1; + } + + if (0 != mbedtls_sha3_long_kat_test(verbose, + "SHA3-256", MBEDTLS_SHA3_256)) { + return 1; + } + + if (0 != mbedtls_sha3_long_kat_test(verbose, + "SHA3-384", MBEDTLS_SHA3_384)) { + return 1; + } + + if (0 != mbedtls_sha3_long_kat_test(verbose, + "SHA3-512", MBEDTLS_SHA3_512)) { + return 1; + } + + if (verbose != 0) { + mbedtls_printf("\n"); + } + + return 0; +} +#endif /* MBEDTLS_SELF_TEST */ + +#endif /* MBEDTLS_SHA3_C */ diff --git a/library/sha512.c b/library/sha512.c index 0ea64218b..e739af254 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -22,6 +22,22 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ +#if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512) && \ + defined(__clang__) && __clang_major__ >= 7 +/* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. + * + * The intrinsic declaration are guarded by predefined ACLE macros in clang: + * these are normally only enabled by the -march option on the command line. + * By defining the macros ourselves we gain access to those declarations without + * requiring -march on the command line. + * + * `arm_neon.h` could be included by any header file, so we put these defines + * at the top of this file, before any includes. + */ +#define __ARM_FEATURE_SHA512 1 +#define MBEDTLS_ENABLE_ARM_SHA3_EXTENSIONS_COMPILER_FLAG +#endif + #include "common.h" #if defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_SHA384_C) @@ -43,7 +59,57 @@ #if defined(__aarch64__) # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -# include +/* *INDENT-OFF* */ +# ifdef __ARM_NEON +# include +# else +# error "Target does not support NEON instructions" +# endif +/* + * Best performance comes from most recent compilers, with intrinsics and -O3. + * Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and + * can't always detect __ARM_FEATURE_SHA512 (notably clang 7-12). + * + * GCC < 8 won't work at all (lacks the sha512 instructions) + * GCC >= 8 uses intrinsics, sets __ARM_FEATURE_SHA512 + * + * Clang < 7 won't work at all (lacks the sha512 instructions) + * Clang 7-12 don't have intrinsics (but we work around that with inline + * assembler) or __ARM_FEATURE_SHA512 + * Clang == 13.0.0 same as clang 12 (only seen on macOS) + * Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics + */ +# if !defined(__ARM_FEATURE_SHA512) || defined(MBEDTLS_ENABLE_ARM_SHA3_EXTENSIONS_COMPILER_FLAG) + /* Test Clang first, as it defines __GNUC__ */ +# if defined(__ARMCOMPILER_VERSION) +# if __ARMCOMPILER_VERSION < 6090000 +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# elif __ARMCOMPILER_VERSION == 6090000 +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# else +# pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# elif defined(__clang__) +# if __clang_major__ < 7 +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# else +# pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# elif defined(__GNUC__) +# if __GNUC__ < 8 +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# else +# pragma GCC push_options +# pragma GCC target ("arch=armv8.2-a+sha3") +# define MBEDTLS_POP_TARGET_PRAGMA +# endif +# else +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# endif +# endif +/* *INDENT-ON* */ # endif # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) @@ -104,12 +170,6 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) #include #include -/* *INDENT-OFF* */ -#ifndef asm -#define asm __asm__ -#endif -/* *INDENT-ON* */ - static jmp_buf return_from_sigill; /* @@ -300,12 +360,6 @@ static const uint64_t K[80] = # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif -/* *INDENT-OFF* */ -#ifndef asm -#define asm __asm__ -#endif -/* *INDENT-ON* */ - /* Accelerated SHA-512 implementation originally written by Simon Tatham for PuTTY, * under the MIT licence; dual-licensed as Apache 2 with his kind permission. */ @@ -530,6 +584,15 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) +#pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many @@ -765,6 +828,7 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; uint64_t high, low; + int truncated = 0; /* * Add padding: 0x80 then 0x00 until 16 bytes remain for the length @@ -781,7 +845,7 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, memset(ctx->buffer + used, 0, SHA512_BLOCK_SIZE - used); if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } memset(ctx->buffer, 0, 112); @@ -798,7 +862,7 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, sha512_put_uint64_be(low, ctx->buffer, 120); if ((ret = mbedtls_internal_sha512_process(ctx, ctx->buffer)) != 0) { - return ret; + goto exit; } /* @@ -811,7 +875,6 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, sha512_put_uint64_be(ctx->state[4], output, 32); sha512_put_uint64_be(ctx->state[5], output, 40); - int truncated = 0; #if defined(MBEDTLS_SHA384_C) truncated = ctx->is384; #endif @@ -820,7 +883,11 @@ int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, sha512_put_uint64_be(ctx->state[7], output, 56); } - return 0; + ret = 0; + +exit: + mbedtls_sha512_free(ctx); + return ret; } #endif /* !MBEDTLS_SHA512_ALT */ @@ -951,8 +1018,6 @@ static sha_test_sum_t sha512_test_sum[] = }; #endif /* MBEDTLS_SHA512_C */ -#define ARRAY_LENGTH(a) (sizeof(a) / sizeof((a)[0])) - static int mbedtls_sha512_common_self_test(int verbose, int is384) { int i, buflen, ret = 0; diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 7c16e10e9..929c28bec 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -29,6 +29,7 @@ #include "mbedtls/ssl_cache.h" #include "ssl_misc.h" +#include "mbedtls/error.h" #include @@ -50,7 +51,7 @@ static int ssl_cache_find_entry(mbedtls_ssl_cache_context *cache, size_t session_id_len, mbedtls_ssl_cache_entry **dst) { - int ret = 1; + int ret = MBEDTLS_ERR_SSL_CACHE_ENTRY_NOT_FOUND; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t t = mbedtls_time(NULL); #endif @@ -87,13 +88,13 @@ int mbedtls_ssl_cache_get(void *data, size_t session_id_len, mbedtls_ssl_session *session) { - int ret = 1; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *entry; #if defined(MBEDTLS_THREADING_C) - if (mbedtls_mutex_lock(&cache->mutex) != 0) { - return 1; + if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) { + return ret; } #endif @@ -114,13 +115,29 @@ int mbedtls_ssl_cache_get(void *data, exit: #if defined(MBEDTLS_THREADING_C) if (mbedtls_mutex_unlock(&cache->mutex) != 0) { - ret = 1; + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; } #endif return ret; } +/* zeroize a cache entry */ +static void ssl_cache_entry_zeroize(mbedtls_ssl_cache_entry *entry) +{ + if (entry == NULL) { + return; + } + + /* zeroize and free session structure */ + if (entry->session != NULL) { + mbedtls_zeroize_and_free(entry->session, entry->session_len); + } + + /* zeroize the whole entry structure */ + mbedtls_platform_zeroize(entry, sizeof(mbedtls_ssl_cache_entry)); +} + MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_cache_pick_writing_slot(mbedtls_ssl_cache_context *cache, unsigned char const *session_id, @@ -180,7 +197,7 @@ static int ssl_cache_pick_writing_slot(mbedtls_ssl_cache_context *cache, /* Create new entry */ cur = mbedtls_calloc(1, sizeof(mbedtls_ssl_cache_entry)); if (cur == NULL) { - return 1; + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* Append to the end of the linked list. */ @@ -201,12 +218,13 @@ static int ssl_cache_pick_writing_slot(mbedtls_ssl_cache_context *cache, if (old == NULL) { /* This should only happen on an ill-configured cache * with max_entries == 0. */ - return 1; + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } #else /* MBEDTLS_HAVE_TIME */ /* Reuse first entry in chain, but move to last place. */ if (cache->chain == NULL) { - return 1; + /* This should never happen */ + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; } old = cache->chain; @@ -220,19 +238,19 @@ static int ssl_cache_pick_writing_slot(mbedtls_ssl_cache_context *cache, found: + /* If we're reusing an entry, free it first. */ + if (cur->session != NULL) { + /* `ssl_cache_entry_zeroize` would break the chain, + * so we reuse `old` to record `next` temporarily. */ + old = cur->next; + ssl_cache_entry_zeroize(cur); + cur->next = old; + } + #if defined(MBEDTLS_HAVE_TIME) cur->timestamp = t; #endif - /* If we're reusing an entry, free it first. */ - if (cur->session != NULL) { - mbedtls_free(cur->session); - cur->session = NULL; - cur->session_len = 0; - memset(cur->session_id, 0, sizeof(cur->session_id)); - cur->session_id_len = 0; - } - *dst = cur; return 0; } @@ -242,11 +260,11 @@ int mbedtls_ssl_cache_set(void *data, size_t session_id_len, const mbedtls_ssl_session *session) { - int ret = 1; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *cur; - size_t session_serialized_len; + size_t session_serialized_len = 0; unsigned char *session_serialized = NULL; #if defined(MBEDTLS_THREADING_C) @@ -266,7 +284,6 @@ int mbedtls_ssl_cache_set(void *data, * and allocate a sufficiently large buffer. */ ret = mbedtls_ssl_session_save(session, NULL, 0, &session_serialized_len); if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { - ret = 1; goto exit; } @@ -286,7 +303,7 @@ int mbedtls_ssl_cache_set(void *data, } if (session_id_len > sizeof(cur->session_id)) { - ret = 1; + ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; goto exit; } cur->session_id_len = session_id_len; @@ -301,19 +318,67 @@ int mbedtls_ssl_cache_set(void *data, exit: #if defined(MBEDTLS_THREADING_C) if (mbedtls_mutex_unlock(&cache->mutex) != 0) { - ret = 1; + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; } #endif if (session_serialized != NULL) { - mbedtls_platform_zeroize(session_serialized, session_serialized_len); - mbedtls_free(session_serialized); + mbedtls_zeroize_and_free(session_serialized, session_serialized_len); session_serialized = NULL; } return ret; } +int mbedtls_ssl_cache_remove(void *data, + unsigned char const *session_id, + size_t session_id_len) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; + mbedtls_ssl_cache_entry *entry; + mbedtls_ssl_cache_entry *prev; + +#if defined(MBEDTLS_THREADING_C) + if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) { + return ret; + } +#endif + + ret = ssl_cache_find_entry(cache, session_id, session_id_len, &entry); + /* No valid entry found, exit with success */ + if (ret != 0) { + ret = 0; + goto exit; + } + + /* Now we remove the entry from the chain */ + if (entry == cache->chain) { + cache->chain = entry->next; + goto free; + } + for (prev = cache->chain; prev->next != NULL; prev = prev->next) { + if (prev->next == entry) { + prev->next = entry->next; + break; + } + } + +free: + ssl_cache_entry_zeroize(entry); + mbedtls_free(entry); + ret = 0; + +exit: +#if defined(MBEDTLS_THREADING_C) + if (mbedtls_mutex_unlock(&cache->mutex) != 0) { + ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR; + } +#endif + + return ret; +} + #if defined(MBEDTLS_HAVE_TIME) void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout) { @@ -344,7 +409,7 @@ void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache) prv = cur; cur = cur->next; - mbedtls_free(prv->session); + ssl_cache_entry_zeroize(prv); mbedtls_free(prv); } diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 33789c463..2368489df 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1,7 +1,7 @@ /** * \file ssl_ciphersuites.c * - * \brief SSL ciphersuites for mbed TLS + * \brief SSL ciphersuites for Mbed TLS * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -28,8 +28,9 @@ #include "mbedtls/ssl_ciphersuites.h" #include "mbedtls/ssl.h" #include "ssl_misc.h" - -#include "mbedtls/legacy_or_psa.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "md_psa.h" +#endif #include @@ -52,9 +53,9 @@ static const int ciphersuite_preference[] = #else #if defined(MBEDTLS_SSL_PROTO_TLS1_3) /* TLS 1.3 ciphersuites */ - MBEDTLS_TLS1_3_AES_128_GCM_SHA256, - MBEDTLS_TLS1_3_AES_256_GCM_SHA384, MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, + MBEDTLS_TLS1_3_AES_256_GCM_SHA384, + MBEDTLS_TLS1_3_AES_128_GCM_SHA256, MBEDTLS_TLS1_3_AES_128_CCM_SHA256, MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ @@ -293,22 +294,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384 */ +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ @@ -319,20 +320,20 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_CCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, "TLS1-3-CHACHA20-POLY1305-SHA256", MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ #if defined(MBEDTLS_CHACHAPOLY_C) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ + defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, @@ -391,11 +392,11 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #endif /* MBEDTLS_CHACHAPOLY_C && - MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA && + MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -406,8 +407,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -420,8 +421,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -434,7 +435,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -457,53 +458,53 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -514,8 +515,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -528,8 +529,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -542,66 +543,66 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ +#if defined(MBEDTLS_MD_CAN_SHA384) && \ defined(MBEDTLS_GCM_C) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_GCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_GCM_C) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -620,10 +621,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -633,7 +634,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", @@ -657,7 +658,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -667,9 +668,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -679,22 +680,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -702,15 +703,15 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ +#if defined(MBEDTLS_MD_CAN_SHA384) && \ defined(MBEDTLS_GCM_C) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_GCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_GCM_C) { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -729,9 +730,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, @@ -743,7 +744,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -766,7 +767,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -776,9 +777,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -788,23 +789,23 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -812,7 +813,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -823,8 +824,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -837,8 +838,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -851,58 +852,58 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -913,8 +914,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA1 */ +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -927,8 +928,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -941,89 +942,89 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 0, @@ -1033,7 +1034,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", @@ -1057,35 +1058,35 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1094,37 +1095,37 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, @@ -1134,7 +1135,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", @@ -1158,35 +1159,35 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1196,21 +1197,21 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 0, @@ -1220,27 +1221,27 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1249,37 +1250,37 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, @@ -1289,41 +1290,41 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1342,21 +1343,21 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_WEAK, @@ -1365,95 +1366,95 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_CIPHERSUITE_WEAK, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ @@ -1461,7 +1462,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1469,14 +1470,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1484,7 +1485,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1496,7 +1497,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1504,14 +1505,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1519,7 +1520,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1531,7 +1532,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1539,14 +1540,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, "TLS-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1554,7 +1555,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1566,7 +1567,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1574,14 +1575,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1589,7 +1590,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1601,7 +1602,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1609,14 +1610,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1624,7 +1625,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1637,7 +1638,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, @@ -1645,7 +1646,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, @@ -1657,7 +1658,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1665,14 +1666,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1680,7 +1681,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1692,7 +1693,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1700,14 +1701,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1715,7 +1716,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1727,7 +1728,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -1735,14 +1736,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -1750,7 +1751,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -1762,7 +1763,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1770,14 +1771,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1785,7 +1786,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif #if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1919,7 +1920,7 @@ size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersui psa_algorithm_t alg; size_t key_bits; - status = mbedtls_ssl_cipher_to_psa(info->cipher, + status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) info->cipher, info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16, &alg, &key_type, &key_bits); @@ -1930,7 +1931,7 @@ size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersui return key_bits; #else const mbedtls_cipher_info_t * const cipher_info = - mbedtls_cipher_info_from_type(info->cipher); + mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) info->cipher); return mbedtls_cipher_info_get_key_bitlen(cipher_info); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -1968,10 +1969,10 @@ psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_cip case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: return PSA_ALG_RSA_PKCS1V15_SIGN( - mbedtls_hash_info_psa_from_md(info->mac)); + mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac)); case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return PSA_ALG_ECDSA(mbedtls_hash_info_psa_from_md(info->mac)); + return PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac)); case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: @@ -2020,7 +2021,8 @@ mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersu #endif /* MBEDTLS_PK_C */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info) { @@ -2037,7 +2039,9 @@ int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info) return 0; } } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || + * MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || + * MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info) diff --git a/library/ssl_client.c b/library/ssl_client.c index ab897c49f..1a56f1ebe 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS ( https://tls.mbed.org ) + * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" @@ -184,8 +184,8 @@ static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#if defined(MBEDTLS_SSL_TLS1_2_SOME_ECC) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) /* * Function for writing a supported groups (TLS 1.3) or supported elliptic * curves (TLS 1.2) extension. @@ -223,12 +223,15 @@ static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl, * generalization of the TLS 1.2 supported elliptic curves extension. They both * share the same extension identifier. * - * DHE groups are not supported yet. */ +#define SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_2_FLAG 1 +#define SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG 2 + MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, + int flags, size_t *out_len) { unsigned char *p = buf; @@ -255,27 +258,44 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, } for (; *group_list != 0; group_list++) { - MBEDTLS_SSL_DEBUG_MSG(1, ("got supported group(%04x)", *group_list)); + int propose_group = 0; -#if defined(MBEDTLS_ECP_C) - if ((mbedtls_ssl_conf_is_tls13_enabled(ssl->conf) && - mbedtls_ssl_tls13_named_group_is_ecdhe(*group_list)) || - (mbedtls_ssl_conf_is_tls12_enabled(ssl->conf) && - mbedtls_ssl_tls12_named_group_is_ecdhe(*group_list))) { - if (mbedtls_ssl_get_ecp_group_id_from_tls_id(*group_list) == - MBEDTLS_ECP_DP_NONE) { - continue; + MBEDTLS_SSL_DEBUG_MSG(3, ("got supported group(%04x)", *group_list)); + +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) + if (flags & SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG) { +#if defined(PSA_WANT_ALG_ECDH) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(*group_list) && + (mbedtls_ssl_get_ecp_group_id_from_tls_id(*group_list) != + MBEDTLS_ECP_DP_NONE)) { + propose_group = 1; } +#endif +#if defined(PSA_WANT_ALG_FFDH) + if (mbedtls_ssl_tls13_named_group_is_ffdh(*group_list)) { + propose_group = 1; + } +#endif + } +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ + +#if defined(MBEDTLS_SSL_TLS1_2_SOME_ECC) + if ((flags & SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_2_FLAG) && + mbedtls_ssl_tls12_named_group_is_ecdhe(*group_list) && + (mbedtls_ssl_get_ecp_group_id_from_tls_id(*group_list) != + MBEDTLS_ECP_DP_NONE)) { + propose_group = 1; + } +#endif /* MBEDTLS_SSL_TLS1_2_SOME_ECC */ + + if (propose_group) { MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); MBEDTLS_PUT_UINT16_BE(*group_list, p, 0); p += 2; MBEDTLS_SSL_DEBUG_MSG(3, ("NamedGroup: %s ( %x )", - mbedtls_ssl_get_curve_name_from_tls_id(*group_list), + mbedtls_ssl_named_group_to_str(*group_list), *group_list)); } -#endif /* MBEDTLS_ECP_C */ - /* Add DHE groups here */ - } /* Length of named_group_list */ @@ -304,9 +324,8 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, return 0; } - -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || - MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#endif /* MBEDTLS_SSL_TLS1_2_SOME_ECC || + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_write_client_hello_cipher_suites( @@ -355,7 +374,8 @@ static int ssl_write_client_hello_cipher_suites( } #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + (defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)) *tls12_uses_ec |= mbedtls_ssl_ciphersuite_uses_ec(ciphersuite_info); #endif @@ -597,34 +617,47 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, } #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if ( -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) - (propose_tls13 && - mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) || -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - (propose_tls12 && tls12_uses_ec) || -#endif - 0) { - ret = ssl_write_supported_groups_ext(ssl, p, end, &output_len); - if (ret != 0) { - return ret; +#if defined(MBEDTLS_SSL_TLS1_2_SOME_ECC) || \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) + { + int ssl_write_supported_groups_ext_flags = 0; + +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) + if (propose_tls13 && mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + ssl_write_supported_groups_ext_flags |= + SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG; + } +#endif +#if defined(MBEDTLS_SSL_TLS1_2_SOME_ECC) + if (propose_tls12 && tls12_uses_ec) { + ssl_write_supported_groups_ext_flags |= + SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_2_FLAG; + } +#endif + if (ssl_write_supported_groups_ext_flags != 0) { + ret = ssl_write_supported_groups_ext(ssl, p, end, + ssl_write_supported_groups_ext_flags, + &output_len); + if (ret != 0) { + return ret; + } + p += output_len; } - p += output_len; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#endif /* MBEDTLS_SSL_TLS1_2_SOME_ECC || + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) - if ( + int write_sig_alg_ext = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) - (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)) || + write_sig_alg_ext = write_sig_alg_ext || + (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - propose_tls12 || + write_sig_alg_ext = write_sig_alg_ext || propose_tls12; #endif - 0) { + + if (write_sig_alg_ext) { ret = mbedtls_ssl_write_sig_alg_ext(ssl, p, end, &output_len); if (ret != 0) { return ret; @@ -769,7 +802,6 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl) ssl->tls_version = session_negotiate->tls_version; ssl->handshake->min_tls_version = ssl->tls_version; } else { - ssl->tls_version = ssl->conf->max_tls_version; ssl->handshake->min_tls_version = ssl->conf->min_tls_version; } } @@ -945,25 +977,49 @@ int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl) #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_DTLS */ { - mbedtls_ssl_add_hs_hdr_to_checksum(ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, - msg_len); - ssl->handshake->update_checksum(ssl, buf, msg_len - binders_len); + ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl, + MBEDTLS_SSL_HS_CLIENT_HELLO, + msg_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_add_hs_hdr_to_checksum", ret); + return ret; + } + ret = ssl->handshake->update_checksum(ssl, buf, msg_len - binders_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret); + return ret; + } #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) if (binders_len > 0) { MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_write_binders_of_pre_shared_key_ext( ssl, buf + msg_len - binders_len, buf + msg_len)); - ssl->handshake->update_checksum(ssl, buf + msg_len - binders_len, - binders_len); + ret = ssl->handshake->update_checksum(ssl, buf + msg_len - binders_len, + binders_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret); + return ret; + } } #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(ssl, buf_len, msg_len)); - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); - } + /* + * Set next state. Note that if TLS 1.3 is proposed, this may be + * overwritten by mbedtls_ssl_tls13_finalize_client_hello(). + */ + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + if (ssl->handshake->min_tls_version <= MBEDTLS_SSL_VERSION_TLS1_3 && + MBEDTLS_SSL_VERSION_TLS1_3 <= ssl->tls_version) { + ret = mbedtls_ssl_tls13_finalize_client_hello(ssl); + } +#endif + } cleanup: diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index b7eead402..098acedd3 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -33,19 +33,30 @@ #include "mbedtls/platform_util.h" #include "mbedtls/constant_time.h" -#include "mbedtls/legacy_or_psa.h" - #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "md_psa.h" +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif + /* * If DTLS is in use, then at least one of SHA-256 or SHA-384 is * available. Try SHA-256 first as 384 wastes resources */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #define COOKIE_MD MBEDTLS_MD_SHA256 #define COOKIE_MD_OUTLEN 32 #define COOKIE_HMAC_LEN 28 -#elif defined(MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA) +#elif defined(MBEDTLS_MD_CAN_SHA384) #define COOKIE_MD MBEDTLS_MD_SHA384 #define COOKIE_MD_OUTLEN 48 #define COOKIE_HMAC_LEN 28 @@ -110,7 +121,7 @@ int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, (void) f_rng; (void) p_rng; - alg = mbedtls_hash_info_psa_from_md(COOKIE_MD); + alg = mbedtls_md_psa_alg_from_type(COOKIE_MD); if (alg == 0) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } @@ -126,7 +137,7 @@ int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx, if ((status = psa_generate_key(&attributes, &ctx->psa_hmac_key)) != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } #else int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -215,26 +226,26 @@ int mbedtls_ssl_cookie_write(void *p_ctx, status = psa_mac_sign_setup(&operation, ctx->psa_hmac_key, ctx->psa_hmac_alg); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_update(&operation, *p - 4, 4); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_update(&operation, cli_id, cli_id_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_sign_finish(&operation, *p, COOKIE_MD_OUTLEN, &sign_mac_length); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } @@ -263,7 +274,7 @@ int mbedtls_ssl_cookie_write(void *p_ctx, exit: status = psa_mac_abort(&operation); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ return ret; @@ -299,27 +310,27 @@ int mbedtls_ssl_cookie_check(void *p_ctx, status = psa_mac_verify_setup(&operation, ctx->psa_hmac_key, ctx->psa_hmac_alg); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_update(&operation, cookie, 4); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_update(&operation, cli_id, cli_id_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_verify_finish(&operation, cookie + 4, COOKIE_HMAC_LEN); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } @@ -360,10 +371,7 @@ int mbedtls_ssl_cookie_check(void *p_ctx, cur_time = ctx->serial; #endif - cookie_time = ((unsigned long) cookie[0] << 24) | - ((unsigned long) cookie[1] << 16) | - ((unsigned long) cookie[2] << 8) | - ((unsigned long) cookie[3]); + cookie_time = (unsigned long) MBEDTLS_GET_UINT32_BE(cookie, 0); if (ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout) { ret = -1; @@ -374,7 +382,7 @@ exit: #if defined(MBEDTLS_USE_PSA_CRYPTO) status = psa_mac_abort(&operation); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } #else mbedtls_platform_zeroize(ref_hmac, sizeof(ref_hmac)); diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 146dae0fb..a99bb3343 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -24,29 +24,29 @@ #include "mbedtls/build_info.h" +#include "mbedtls/error.h" + #include "mbedtls/ssl.h" #include "mbedtls/cipher.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" -#include "hash_info.h" +#include "psa_util_internal.h" #endif -#include "mbedtls/legacy_or_psa.h" -#if defined(MBEDTLS_MD5_C) +#if defined(MBEDTLS_MD_CAN_MD5) #include "mbedtls/md5.h" #endif -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) #include "mbedtls/sha1.h" #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) #include "mbedtls/sha256.h" #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_MD_CAN_SHA512) #include "mbedtls/sha512.h" #endif @@ -55,6 +55,8 @@ #include "mbedtls/ecjpake.h" #endif +#include "mbedtls/pk.h" +#include "pk_internal.h" #include "common.h" /* Shorthand for restartable ECC */ @@ -106,6 +108,7 @@ #define MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC 25 #define MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET 26 #define MBEDTLS_SSL_EXT_ID_SESSION_TICKET 27 +#define MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT 28 /* Utility for translating IANA extension type. */ uint32_t mbedtls_ssl_get_extension_id(unsigned int extension_type); @@ -166,6 +169,7 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); MBEDTLS_SSL_EXT_MASK(CERT_AUTH) | \ MBEDTLS_SSL_EXT_MASK(POST_HANDSHAKE_AUTH) | \ MBEDTLS_SSL_EXT_MASK(SIG_ALG_CERT) | \ + MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT) | \ MBEDTLS_SSL_TLS1_3_EXT_MASK_UNRECOGNIZED) /* RFC 8446 section 4.2. Allowed extensions for EncryptedExtensions */ @@ -178,7 +182,8 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); MBEDTLS_SSL_EXT_MASK(ALPN) | \ MBEDTLS_SSL_EXT_MASK(CLI_CERT_TYPE) | \ MBEDTLS_SSL_EXT_MASK(SERV_CERT_TYPE) | \ - MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) + MBEDTLS_SSL_EXT_MASK(EARLY_DATA) | \ + MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) /* RFC 8446 section 4.2. Allowed extensions for CertificateRequest */ #define MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CR \ @@ -294,9 +299,9 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) /* Ciphersuites using HMAC */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ -#elif defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#elif defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ #else #define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ @@ -705,9 +710,12 @@ struct mbedtls_ssl_handshake_params { mbedtls_ssl_ciphersuite_t const *ciphersuite_info; - void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); - void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *); - void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); + MBEDTLS_CHECK_RETURN_CRITICAL + int (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t); + MBEDTLS_CHECK_RETURN_CRITICAL + int (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *); + MBEDTLS_CHECK_RETURN_CRITICAL + int (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int); mbedtls_ssl_tls_prf_cb *tls_prf; /* @@ -745,25 +753,20 @@ struct mbedtls_ssl_handshake_params { mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */ #endif -/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due - * to guards in client and server code. There is a gap in functionality that - * access to ecdh_ctx structure is needed for MBEDTLS_ECDSA_C which does not - * seem correct. - */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) -#if !defined(MBEDTLS_USE_PSA_CRYPTO) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */ -#endif /* !MBEDTLS_USE_PSA_CRYPTO */ +#endif /* !MBEDTLS_USE_PSA_CRYPTO && + MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) - psa_key_type_t ecdh_psa_type; - size_t ecdh_bits; - mbedtls_svc_key_id_t ecdh_psa_privkey; - uint8_t ecdh_psa_privkey_is_external; - unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t ecdh_psa_peerkey_len; -#endif /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */ -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED) + psa_key_type_t xxdh_psa_type; + size_t xxdh_psa_bits; + mbedtls_svc_key_id_t xxdh_psa_privkey; + uint8_t xxdh_psa_privkey_is_external; + unsigned char xxdh_psa_peerkey[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; + size_t xxdh_psa_peerkey_len; +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -779,7 +782,8 @@ struct mbedtls_ssl_handshake_params { #endif #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) uint16_t *curves_tls_id; /*!< List of TLS IDs of supported elliptic curves */ #endif @@ -898,18 +902,18 @@ struct mbedtls_ssl_handshake_params { /* * Checksum contexts */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_operation_t fin_sha256_psa; #else - mbedtls_sha256_context fin_sha256; + mbedtls_md_context_t fin_sha256; #endif #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_operation_t fin_sha384_psa; #else - mbedtls_sha512_context fin_sha384; + mbedtls_md_context_t fin_sha384; #endif #endif @@ -986,7 +990,6 @@ struct mbedtls_ssl_handshake_params { mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets; #if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_tls13_early_secrets tls13_early_secrets; /** TLS 1.3 transform for early data and handshake messages. */ mbedtls_ssl_transform *transform_earlydata; #endif @@ -1318,7 +1321,8 @@ static inline void mbedtls_ssl_handshake_set_state(mbedtls_ssl_context *ssl, MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl); -void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) MBEDTLS_CHECK_RETURN_CRITICAL @@ -1329,7 +1333,8 @@ MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl); -void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl); /** * \brief Update record layer @@ -1462,14 +1467,16 @@ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, /* * Update checksum of handshake messages. */ -void mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl, - unsigned hs_type, - unsigned char const *msg, - size_t msg_len); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl, + unsigned hs_type, + unsigned char const *msg, + size_t msg_len); -void mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, - unsigned hs_type, - size_t total_hs_len); +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, + unsigned hs_type, + size_t total_hs_len); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) #if !defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1549,16 +1556,16 @@ int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md); MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id); -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id); -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ /** * \brief Return PSA EC info for the specified TLS ID. * * \param tls_id The TLS ID to look for - * \param family If the TLD ID is supported, then proper \c psa_ecc_family_t + * \param type If the TLD ID is supported, then proper \c psa_key_type_t * value is returned here. Can be NULL. * \param bits If the TLD ID is supported, then proper bit size is returned * here. Can be NULL. @@ -1571,7 +1578,7 @@ int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id * simply to check if a specific TLS ID is supported. */ int mbedtls_ssl_get_psa_curve_info_from_tls_id(uint16_t tls_id, - psa_ecc_family_t *family, + psa_key_type_t *type, size_t *bits); /** @@ -2044,6 +2051,33 @@ int mbedtls_ssl_tls13_fetch_handshake_msg(mbedtls_ssl_context *ssl, unsigned char **buf, size_t *buf_len); +/** + * \brief Detect if a list of extensions contains a supported_versions + * extension or not. + * + * \param[in] ssl SSL context + * \param[in] buf Address of the first byte of the extensions vector. + * \param[in] end End of the buffer containing the list of extensions. + * \param[out] supported_versions_data If the extension is present, address of + * its first byte of data, NULL otherwise. + * \param[out] supported_versions_data_end If the extension is present, address + * of the first byte immediately + * following the extension data, NULL + * otherwise. + * \return 0 if the list of extensions does not contain a supported_versions + * extension. + * \return 1 if the list of extensions contains a supported_versions + * extension. + * \return A negative value if an error occurred while parsing the + * extensions. + */ +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts( + mbedtls_ssl_context *ssl, + const unsigned char *buf, const unsigned char *end, + const unsigned char **supported_versions_data, + const unsigned char **supported_versions_data_end); + /* * Handler of TLS 1.3 server certificate message */ @@ -2080,15 +2114,15 @@ int mbedtls_ssl_tls13_write_change_cipher_spec(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_reset_transcript_for_hrr(mbedtls_ssl_context *ssl); -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( +int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( mbedtls_ssl_context *ssl, uint16_t named_group, unsigned char *buf, unsigned char *end, size_t *out_len); -#endif /* MBEDTLS_ECDH_C */ +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, @@ -2180,7 +2214,7 @@ static inline int mbedtls_ssl_tls13_named_group_is_ecdhe(uint16_t named_group) named_group == MBEDTLS_SSL_IANA_TLS_GROUP_X448; } -static inline int mbedtls_ssl_tls13_named_group_is_dhe(uint16_t named_group) +static inline int mbedtls_ssl_tls13_named_group_is_ffdh(uint16_t named_group) { return named_group >= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048 && named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192; @@ -2206,16 +2240,22 @@ static inline int mbedtls_ssl_named_group_is_offered( static inline int mbedtls_ssl_named_group_is_supported(uint16_t named_group) { -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) if (mbedtls_ssl_tls13_named_group_is_ecdhe(named_group)) { if (mbedtls_ssl_get_ecp_group_id_from_tls_id(named_group) != MBEDTLS_ECP_DP_NONE) { return 1; } } -#else - ((void) named_group); -#endif /* MBEDTLS_ECDH_C */ +#endif +#if defined(PSA_WANT_ALG_FFDH) + if (mbedtls_ssl_tls13_named_group_is_ffdh(named_group)) { + return 1; + } +#endif +#if !defined(PSA_WANT_ALG_ECDH) && !defined(PSA_WANT_ALG_FFDH) + (void) named_group; +#endif return 0; } @@ -2273,20 +2313,20 @@ static inline int mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( const uint16_t sig_alg) { switch (sig_alg) { -#if defined(MBEDTLS_ECDSA_C) -#if defined(PSA_WANT_ALG_SHA_256) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) +#if defined(PSA_WANT_ALG_SHA_256) && defined(PSA_WANT_ECC_SECP_R1_256) case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256: break; #endif /* PSA_WANT_ALG_SHA_256 && MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(PSA_WANT_ALG_SHA_384) && defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#if defined(PSA_WANT_ALG_SHA_384) && defined(PSA_WANT_ECC_SECP_R1_384) case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384: break; #endif /* PSA_WANT_ALG_SHA_384 && MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(PSA_WANT_ALG_SHA_512) && defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#if defined(PSA_WANT_ALG_SHA_512) && defined(PSA_WANT_ECC_SECP_R1_521) case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512: break; #endif /* PSA_WANT_ALG_SHA_512 && MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ #if defined(MBEDTLS_PKCS1_V21) #if defined(PSA_WANT_ALG_SHA_256) @@ -2314,18 +2354,18 @@ static inline int mbedtls_ssl_tls13_sig_alg_is_supported( { switch (sig_alg) { #if defined(MBEDTLS_PKCS1_V15) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256: break; -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384: break; -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384 */ +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512: break; -#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA512 */ #endif /* MBEDTLS_PKCS1_V15 */ default: return mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( @@ -2368,24 +2408,24 @@ static inline int mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg( switch (sig_alg) { #if defined(MBEDTLS_PKCS1_V21) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256: *md_alg = MBEDTLS_MD_SHA256; *pk_type = MBEDTLS_PK_RSASSA_PSS; break; -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384: *md_alg = MBEDTLS_MD_SHA384; *pk_type = MBEDTLS_PK_RSASSA_PSS; break; -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384 */ +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512: *md_alg = MBEDTLS_MD_SHA512; *pk_type = MBEDTLS_PK_RSASSA_PSS; break; -#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA512 */ #endif /* MBEDTLS_PKCS1_V21 */ default: return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; @@ -2402,32 +2442,32 @@ static inline int mbedtls_ssl_tls12_sig_alg_is_supported( unsigned char sig = MBEDTLS_BYTE_0(sig_alg); switch (hash) { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_SSL_HASH_MD5: break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_SSL_HASH_SHA1: break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_SSL_HASH_SHA224: break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_SSL_HASH_SHA256: break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_SSL_HASH_SHA384: break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_SSL_HASH_SHA512: break; #endif @@ -2442,7 +2482,7 @@ static inline int mbedtls_ssl_tls12_sig_alg_is_supported( break; #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) case MBEDTLS_SSL_SIG_ECDSA: break; #endif @@ -2508,6 +2548,7 @@ psa_status_t mbedtls_ssl_cipher_to_psa(mbedtls_cipher_type_t mbedtls_cipher_type psa_key_type_t *key_type, size_t *key_size); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) /** * \brief Convert given PSA status to mbedtls error code. * @@ -2515,7 +2556,7 @@ psa_status_t mbedtls_ssl_cipher_to_psa(mbedtls_cipher_type_t mbedtls_cipher_type * * \return corresponding mbedtls error code */ -static inline int psa_ssl_status_to_mbedtls(psa_status_t status) +static inline MBEDTLS_DEPRECATED int psa_ssl_status_to_mbedtls(psa_status_t status) { switch (status) { case PSA_SUCCESS: @@ -2536,6 +2577,7 @@ static inline int psa_ssl_status_to_mbedtls(psa_status_t status) return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; } } +#endif /* !MBEDTLS_DEPRECATED_REMOVED */ #endif /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \ @@ -2606,14 +2648,14 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( const mbedtls_ssl_ciphersuite_t *suite); #endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC_ETM */ -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_read_public_ecdhe_share(mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t buf_len); -#endif /* MBEDTLS_ECDH_C */ +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ static inline int mbedtls_ssl_tls13_cipher_suite_is_offered( mbedtls_ssl_context *ssl, int cipher_suite) @@ -2653,6 +2695,16 @@ int mbedtls_ssl_parse_server_name_ext(mbedtls_ssl_context *ssl, const unsigned char *end); #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) +#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH (2) +#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64) + +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end); +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + #if defined(MBEDTLS_SSL_ALPN) MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, @@ -2740,4 +2792,68 @@ static inline void mbedtls_ssl_session_clear_ticket_flags( } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3) +int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl); +#endif + +#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) + +/** Compute the HMAC of variable-length data with constant flow. + * + * This function computes the HMAC of the concatenation of \p add_data and \p + * data, and does with a code flow and memory access pattern that does not + * depend on \p data_len_secret, but only on \p min_data_len and \p + * max_data_len. In particular, this function always reads exactly \p + * max_data_len bytes from \p data. + * + * \param ctx The HMAC context. It must have keys configured + * with mbedtls_md_hmac_starts() and use one of the + * following hashes: SHA-384, SHA-256, SHA-1 or MD-5. + * It is reset using mbedtls_md_hmac_reset() after + * the computation is complete to prepare for the + * next computation. + * \param add_data The first part of the message whose HMAC is being + * calculated. This must point to a readable buffer + * of \p add_data_len bytes. + * \param add_data_len The length of \p add_data in bytes. + * \param data The buffer containing the second part of the + * message. This must point to a readable buffer + * of \p max_data_len bytes. + * \param data_len_secret The length of the data to process in \p data. + * This must be no less than \p min_data_len and no + * greater than \p max_data_len. + * \param min_data_len The minimal length of the second part of the + * message, read from \p data. + * \param max_data_len The maximal length of the second part of the + * message, read from \p data. + * \param output The HMAC will be written here. This must point to + * a writable buffer of sufficient size to hold the + * HMAC value. + * + * \retval 0 on success. + * \retval #MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED + * The hardware accelerator failed. + */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +int mbedtls_ct_hmac(mbedtls_svc_key_id_t key, + psa_algorithm_t mac_alg, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output); +#else +int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output); +#endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */ +#endif /* MBEDTLS_TEST_HOOKS && defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) */ + #endif /* ssl_misc.h */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 4ebc8cb92..c312d816e 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -40,7 +40,7 @@ #include #if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" #include "psa/crypto.h" #endif @@ -48,6 +48,246 @@ #include "mbedtls/oid.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif + +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + +#if defined(PSA_WANT_ALG_SHA_384) +#define MAX_HASH_BLOCK_LENGTH PSA_HASH_BLOCK_LENGTH(PSA_ALG_SHA_384) +#elif defined(PSA_WANT_ALG_SHA_256) +#define MAX_HASH_BLOCK_LENGTH PSA_HASH_BLOCK_LENGTH(PSA_ALG_SHA_256) +#else /* See check_config.h */ +#define MAX_HASH_BLOCK_LENGTH PSA_HASH_BLOCK_LENGTH(PSA_ALG_SHA_1) +#endif + +MBEDTLS_STATIC_TESTABLE +int mbedtls_ct_hmac(mbedtls_svc_key_id_t key, + psa_algorithm_t mac_alg, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output) +{ + /* + * This function breaks the HMAC abstraction and uses psa_hash_clone() + * extension in order to get constant-flow behaviour. + * + * HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means + * concatenation, and okey/ikey are the XOR of the key with some fixed bit + * patterns (see RFC 2104, sec. 2). + * + * We'll first compute ikey/okey, then inner_hash = HASH(ikey + msg) by + * hashing up to minlen, then cloning the context, and for each byte up + * to maxlen finishing up the hash computation, keeping only the + * correct result. + * + * Then we only need to compute HASH(okey + inner_hash) and we're done. + */ + psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH(mac_alg); + const size_t block_size = PSA_HASH_BLOCK_LENGTH(hash_alg); + unsigned char key_buf[MAX_HASH_BLOCK_LENGTH]; + const size_t hash_size = PSA_HASH_LENGTH(hash_alg); + psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; + size_t hash_length; + + unsigned char aux_out[PSA_HASH_MAX_SIZE]; + psa_hash_operation_t aux_operation = PSA_HASH_OPERATION_INIT; + size_t offset; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + size_t mac_key_length; + size_t i; + +#define PSA_CHK(func_call) \ + do { \ + status = (func_call); \ + if (status != PSA_SUCCESS) \ + goto cleanup; \ + } while (0) + + /* Export MAC key + * We assume key length is always exactly the output size + * which is never more than the block size, thus we use block_size + * as the key buffer size. + */ + PSA_CHK(psa_export_key(key, key_buf, block_size, &mac_key_length)); + + /* Calculate ikey */ + for (i = 0; i < mac_key_length; i++) { + key_buf[i] = (unsigned char) (key_buf[i] ^ 0x36); + } + for (; i < block_size; ++i) { + key_buf[i] = 0x36; + } + + PSA_CHK(psa_hash_setup(&operation, hash_alg)); + + /* Now compute inner_hash = HASH(ikey + msg) */ + PSA_CHK(psa_hash_update(&operation, key_buf, block_size)); + PSA_CHK(psa_hash_update(&operation, add_data, add_data_len)); + PSA_CHK(psa_hash_update(&operation, data, min_data_len)); + + /* Fill the hash buffer in advance with something that is + * not a valid hash (barring an attack on the hash and + * deliberately-crafted input), in case the caller doesn't + * check the return status properly. */ + memset(output, '!', hash_size); + + /* For each possible length, compute the hash up to that point */ + for (offset = min_data_len; offset <= max_data_len; offset++) { + PSA_CHK(psa_hash_clone(&operation, &aux_operation)); + PSA_CHK(psa_hash_finish(&aux_operation, aux_out, + PSA_HASH_MAX_SIZE, &hash_length)); + /* Keep only the correct inner_hash in the output buffer */ + mbedtls_ct_memcpy_if(mbedtls_ct_uint_eq(offset, data_len_secret), + output, aux_out, NULL, hash_size); + + if (offset < max_data_len) { + PSA_CHK(psa_hash_update(&operation, data + offset, 1)); + } + } + + /* Abort current operation to prepare for final operation */ + PSA_CHK(psa_hash_abort(&operation)); + + /* Calculate okey */ + for (i = 0; i < mac_key_length; i++) { + key_buf[i] = (unsigned char) ((key_buf[i] ^ 0x36) ^ 0x5C); + } + for (; i < block_size; ++i) { + key_buf[i] = 0x5C; + } + + /* Now compute HASH(okey + inner_hash) */ + PSA_CHK(psa_hash_setup(&operation, hash_alg)); + PSA_CHK(psa_hash_update(&operation, key_buf, block_size)); + PSA_CHK(psa_hash_update(&operation, output, hash_size)); + PSA_CHK(psa_hash_finish(&operation, output, hash_size, &hash_length)); + +#undef PSA_CHK + +cleanup: + mbedtls_platform_zeroize(key_buf, MAX_HASH_BLOCK_LENGTH); + mbedtls_platform_zeroize(aux_out, PSA_HASH_MAX_SIZE); + + psa_hash_abort(&operation); + psa_hash_abort(&aux_operation); + return PSA_TO_MBEDTLS_ERR(status); +} + +#undef MAX_HASH_BLOCK_LENGTH + +#else +MBEDTLS_STATIC_TESTABLE +int mbedtls_ct_hmac(mbedtls_md_context_t *ctx, + const unsigned char *add_data, + size_t add_data_len, + const unsigned char *data, + size_t data_len_secret, + size_t min_data_len, + size_t max_data_len, + unsigned char *output) +{ + /* + * This function breaks the HMAC abstraction and uses the md_clone() + * extension to the MD API in order to get constant-flow behaviour. + * + * HMAC(msg) is defined as HASH(okey + HASH(ikey + msg)) where + means + * concatenation, and okey/ikey are the XOR of the key with some fixed bit + * patterns (see RFC 2104, sec. 2), which are stored in ctx->hmac_ctx. + * + * We'll first compute inner_hash = HASH(ikey + msg) by hashing up to + * minlen, then cloning the context, and for each byte up to maxlen + * finishing up the hash computation, keeping only the correct result. + * + * Then we only need to compute HASH(okey + inner_hash) and we're done. + */ + const mbedtls_md_type_t md_alg = mbedtls_md_get_type(ctx->md_info); + /* TLS 1.2 only supports SHA-384, SHA-256, SHA-1, MD-5, + * all of which have the same block size except SHA-384. */ + const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64; + const unsigned char * const ikey = ctx->hmac_ctx; + const unsigned char * const okey = ikey + block_size; + const size_t hash_size = mbedtls_md_get_size(ctx->md_info); + + unsigned char aux_out[MBEDTLS_MD_MAX_SIZE]; + mbedtls_md_context_t aux; + size_t offset; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + mbedtls_md_init(&aux); + +#define MD_CHK(func_call) \ + do { \ + ret = (func_call); \ + if (ret != 0) \ + goto cleanup; \ + } while (0) + + MD_CHK(mbedtls_md_setup(&aux, ctx->md_info, 0)); + + /* After hmac_start() of hmac_reset(), ikey has already been hashed, + * so we can start directly with the message */ + MD_CHK(mbedtls_md_update(ctx, add_data, add_data_len)); + MD_CHK(mbedtls_md_update(ctx, data, min_data_len)); + + /* Fill the hash buffer in advance with something that is + * not a valid hash (barring an attack on the hash and + * deliberately-crafted input), in case the caller doesn't + * check the return status properly. */ + memset(output, '!', hash_size); + + /* For each possible length, compute the hash up to that point */ + for (offset = min_data_len; offset <= max_data_len; offset++) { + MD_CHK(mbedtls_md_clone(&aux, ctx)); + MD_CHK(mbedtls_md_finish(&aux, aux_out)); + /* Keep only the correct inner_hash in the output buffer */ + mbedtls_ct_memcpy_if(mbedtls_ct_uint_eq(offset, data_len_secret), + output, aux_out, NULL, hash_size); + + if (offset < max_data_len) { + MD_CHK(mbedtls_md_update(ctx, data + offset, 1)); + } + } + + /* The context needs to finish() before it starts() again */ + MD_CHK(mbedtls_md_finish(ctx, aux_out)); + + /* Now compute HASH(okey + inner_hash) */ + MD_CHK(mbedtls_md_starts(ctx)); + MD_CHK(mbedtls_md_update(ctx, okey, block_size)); + MD_CHK(mbedtls_md_update(ctx, output, hash_size)); + MD_CHK(mbedtls_md_finish(ctx, output)); + + /* Done, get ready for next time */ + MD_CHK(mbedtls_md_hmac_reset(ctx)); + +#undef MD_CHK + +cleanup: + mbedtls_md_free(&aux); + return ret; +} + +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl); /* @@ -879,10 +1119,10 @@ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, hmac_failed_etm_disabled: mbedtls_platform_zeroize(mac, transform->maclen); #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); status = psa_mac_abort(&operation); if (ret == 0 && status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ if (ret != 0) { @@ -979,7 +1219,7 @@ hmac_failed_etm_disabled: &rec->data_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_encrypt_buf", ret); return ret; } @@ -1089,7 +1329,7 @@ hmac_failed_etm_disabled: transform->psa_key_enc, transform->psa_alg); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_encrypt_setup", ret); return ret; } @@ -1097,7 +1337,7 @@ hmac_failed_etm_disabled: status = psa_cipher_set_iv(&cipher_op, transform->iv_enc, transform->ivlen); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_set_iv", ret); return ret; @@ -1108,7 +1348,7 @@ hmac_failed_etm_disabled: data, rec->data_len, &olen); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_update", ret); return ret; @@ -1119,7 +1359,7 @@ hmac_failed_etm_disabled: &part_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_finish", ret); return ret; @@ -1222,10 +1462,10 @@ hmac_failed_etm_disabled: hmac_failed_etm_enabled: mbedtls_platform_zeroize(mac, transform->maclen); #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); status = psa_mac_abort(&operation); if (ret == 0 && status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ if (ret != 0) { @@ -1264,7 +1504,8 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, int auth_done = 0; #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - size_t padlen = 0, correct = 1; + size_t padlen = 0; + mbedtls_ct_condition_t correct = MBEDTLS_CT_TRUE; #endif unsigned char *data; /* For an explanation of the additional data length see @@ -1306,8 +1547,16 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, #if defined(MBEDTLS_SSL_SOME_SUITES_USE_STREAM) if (ssl_mode == MBEDTLS_SSL_MODE_STREAM) { + if (rec->data_len < transform->maclen) { + MBEDTLS_SSL_DEBUG_MSG(1, + ("Record too short for MAC:" + " %" MBEDTLS_PRINTF_SIZET " < %" MBEDTLS_PRINTF_SIZET, + rec->data_len, transform->maclen)); + return MBEDTLS_ERR_SSL_INVALID_MAC; + } + /* The only supported stream cipher is "NULL", - * so there's nothing to do here.*/ + * so there's no encryption to do here.*/ } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ #if defined(MBEDTLS_GCM_C) || \ @@ -1399,7 +1648,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, &olen); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_aead_decrypt", ret); return ret; } @@ -1571,10 +1820,10 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, hmac_failed_etm_enabled: #if defined(MBEDTLS_USE_PSA_CRYPTO) - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); status = psa_mac_abort(&operation); if (ret == 0 && status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } #else mbedtls_platform_zeroize(mac_expect, transform->maclen); @@ -1621,7 +1870,7 @@ hmac_failed_etm_enabled: transform->psa_key_dec, transform->psa_alg); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_decrypt_setup", ret); return ret; } @@ -1629,7 +1878,7 @@ hmac_failed_etm_enabled: status = psa_cipher_set_iv(&cipher_op, transform->iv_dec, transform->ivlen); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_set_iv", ret); return ret; } @@ -1639,7 +1888,7 @@ hmac_failed_etm_enabled: data, rec->data_len, &olen); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_update", ret); return ret; } @@ -1649,7 +1898,7 @@ hmac_failed_etm_enabled: &part_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_cipher_finish", ret); return ret; } @@ -1678,11 +1927,11 @@ hmac_failed_etm_enabled: padlen = data[rec->data_len - 1]; if (auth_done == 1) { - const size_t mask = mbedtls_ct_size_mask_ge( + const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge( rec->data_len, padlen + 1); - correct &= mask; - padlen &= mask; + correct = mbedtls_ct_bool_and(ge, correct); + padlen = mbedtls_ct_size_if_else_0(ge, padlen); } else { #if defined(MBEDTLS_SSL_DEBUG_ALL) if (rec->data_len < transform->maclen + padlen + 1) { @@ -1694,12 +1943,11 @@ hmac_failed_etm_enabled: padlen + 1)); } #endif - - const size_t mask = mbedtls_ct_size_mask_ge( + const mbedtls_ct_condition_t ge = mbedtls_ct_uint_ge( rec->data_len, transform->maclen + padlen + 1); - correct &= mask; - padlen &= mask; + correct = mbedtls_ct_bool_and(ge, correct); + padlen = mbedtls_ct_size_if_else_0(ge, padlen); } padlen++; @@ -1728,19 +1976,20 @@ hmac_failed_etm_enabled: /* pad_count += (idx >= padding_idx) && * (check[idx] == padlen - 1); */ - const size_t mask = mbedtls_ct_size_mask_ge(idx, padding_idx); - const size_t equal = mbedtls_ct_size_bool_eq(check[idx], - padlen - 1); - pad_count += mask & equal; + const mbedtls_ct_condition_t a = mbedtls_ct_uint_ge(idx, padding_idx); + size_t increment = mbedtls_ct_size_if_else_0(a, 1); + const mbedtls_ct_condition_t b = mbedtls_ct_uint_eq(check[idx], padlen - 1); + increment = mbedtls_ct_size_if_else_0(b, increment); + pad_count += increment; } - correct &= mbedtls_ct_size_bool_eq(pad_count, padlen); + correct = mbedtls_ct_bool_and(mbedtls_ct_uint_eq(pad_count, padlen), correct); #if defined(MBEDTLS_SSL_DEBUG_ALL) - if (padlen > 0 && correct == 0) { + if (padlen > 0 && correct == MBEDTLS_CT_FALSE) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad padding byte detected")); } #endif - padlen &= mbedtls_ct_size_mask(correct); + padlen = mbedtls_ct_size_if_else_0(correct, padlen); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -1770,7 +2019,7 @@ hmac_failed_etm_enabled: unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD] = { 0 }; unsigned char mac_peer[MBEDTLS_SSL_MAC_ADD] = { 0 }; - /* If the initial value of padlen was such that + /* For CBC+MAC, If the initial value of padlen was such that * data_len < maclen + padlen + 1, then padlen * got reset to 1, and the initial check * data_len >= minlen + maclen + 1 @@ -1782,6 +2031,9 @@ hmac_failed_etm_enabled: * subtracted either padlen + 1 (if the padding was correct) * or 0 (if the padding was incorrect) since then, * hence data_len >= maclen in any case. + * + * For stream ciphers, we checked above that + * data_len >= maclen. */ rec->data_len -= transform->maclen; ssl_extract_add_data_from_record(add_data, &add_data_len, rec, @@ -1835,7 +2087,7 @@ hmac_failed_etm_enabled: #if defined(MBEDTLS_SSL_DEBUG_ALL) MBEDTLS_SSL_DEBUG_MSG(1, ("message mac does not match")); #endif - correct = 0; + correct = MBEDTLS_CT_FALSE; } auth_done++; @@ -1850,7 +2102,7 @@ hmac_failed_etm_disabled: /* * Finally check the correct flag */ - if (correct == 0) { + if (correct == MBEDTLS_CT_FALSE) { return MBEDTLS_ERR_SSL_INVALID_MAC; } #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ @@ -2090,7 +2342,7 @@ int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want) return ret; } - if ((size_t) ret > len || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) { + if ((size_t) ret > len) { MBEDTLS_SSL_DEBUG_MSG(1, ("f_recv returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " were requested", @@ -2142,7 +2394,7 @@ int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl) return ret; } - if ((size_t) ret > ssl->out_left || (INT_MAX > SIZE_MAX && ret > (int) SIZE_MAX)) { + if ((size_t) ret > ssl->out_left) { MBEDTLS_SSL_DEBUG_MSG(1, ("f_send returned %d bytes but only %" MBEDTLS_PRINTF_SIZET " bytes were sent", @@ -2639,7 +2891,12 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl, /* Update running hashes of handshake messages seen */ if (hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0) { - ssl->handshake->update_checksum(ssl, ssl->out_msg, ssl->out_msglen); + ret = ssl->handshake->update_checksum(ssl, ssl->out_msg, + ssl->out_msglen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret); + return ret; + } } } @@ -3067,12 +3324,17 @@ int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) return 0; } -void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl) +int mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_handshake_params * const hs = ssl->handshake; if (mbedtls_ssl_is_handshake_over(ssl) == 0 && hs != NULL) { - ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen); + ret = ssl->handshake->update_checksum(ssl, ssl->in_msg, ssl->in_hslen); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret); + return ret; + } } /* Handshake message is complete, increment counter */ @@ -3103,6 +3365,7 @@ void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl) memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer)); } #endif + return 0; } /* @@ -3579,8 +3842,9 @@ static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, */ rec->ver[0] = buf[rec_hdr_version_offset + 0]; rec->ver[1] = buf[rec_hdr_version_offset + 1]; - tls_version = mbedtls_ssl_read_version(buf + rec_hdr_version_offset, - ssl->conf->transport); + tls_version = (mbedtls_ssl_protocol_version) mbedtls_ssl_read_version( + buf + rec_hdr_version_offset, + ssl->conf->transport); if (tls_version > ssl->conf->max_tls_version) { MBEDTLS_SSL_DEBUG_MSG(1, ("TLS version mismatch: got %u, expected max %u", @@ -3928,7 +4192,11 @@ int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl, if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && update_hs_digest == 1) { - mbedtls_ssl_update_handshake_status(ssl); + ret = mbedtls_ssl_update_handshake_status(ssl); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_update_handshake_status"), ret); + return ret; + } } } else { MBEDTLS_SSL_DEBUG_MSG(2, ("reuse previously read message")); @@ -5578,8 +5846,10 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) n = (len < ssl->in_msglen) ? len : ssl->in_msglen; - memcpy(buf, ssl->in_offt, n); - ssl->in_msglen -= n; + if (len != 0) { + memcpy(buf, ssl->in_offt, n); + ssl->in_msglen -= n; + } /* Zeroising the plaintext buffer to erase unused application data from the memory. */ @@ -5655,7 +5925,9 @@ static int ssl_write_real(mbedtls_ssl_context *ssl, */ ssl->out_msglen = len; ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; - memcpy(ssl->out_msg, buf, len); + if (len > 0) { + memcpy(ssl->out_msg, buf, len); + } if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); @@ -5798,8 +6070,7 @@ static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, if (hs_buf->is_valid == 1) { hs->buffering.total_bytes_buffered -= hs_buf->data_len; - mbedtls_platform_zeroize(hs_buf->data, hs_buf->data_len); - mbedtls_free(hs_buf->data); + mbedtls_zeroize_and_free(hs_buf->data, hs_buf->data_len); memset(hs_buf, 0, sizeof(mbedtls_ssl_hs_buffer)); } } @@ -5818,15 +6089,19 @@ static void ssl_buffering_free_slot(mbedtls_ssl_context *ssl, void mbedtls_ssl_write_version(unsigned char version[2], int transport, mbedtls_ssl_protocol_version tls_version) { + uint16_t tls_version_formatted; #if defined(MBEDTLS_SSL_PROTO_DTLS) if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { - tls_version = + tls_version_formatted = ~(tls_version - (tls_version == 0x0302 ? 0x0202 : 0x0201)); - } + } else #else ((void) transport); #endif - MBEDTLS_PUT_UINT16_BE(tls_version, version, 0); + { + tls_version_formatted = (uint16_t) tls_version; + } + MBEDTLS_PUT_UINT16_BE(tls_version_formatted, version, 0); } uint16_t mbedtls_ssl_read_version(const unsigned char version[2], diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index ba9dbd512..1adaa07fe 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -30,6 +30,18 @@ #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif + /* * Initialize context */ @@ -91,7 +103,7 @@ static int ssl_ticket_gen_key(mbedtls_ssl_ticket_context *ctx, psa_set_key_type(&attributes, key->key_type); psa_set_key_bits(&attributes, key->key_bits); - ret = psa_ssl_status_to_mbedtls( + ret = PSA_TO_MBEDTLS_ERR( psa_import_key(&attributes, buf, PSA_BITS_TO_BYTES(key->key_bits), &key->key)); @@ -133,7 +145,7 @@ static int ssl_ticket_update_keys(mbedtls_ssl_ticket_context *ctx) #if defined(MBEDTLS_USE_PSA_CRYPTO) if ((status = psa_destroy_key(ctx->keys[ctx->active].key)) != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -169,7 +181,7 @@ int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx, #if defined(MBEDTLS_USE_PSA_CRYPTO) if ((status = psa_destroy_key(key->key)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); return ret; } @@ -182,7 +194,7 @@ int mbedtls_ssl_ticket_rotate(mbedtls_ssl_ticket_context *ctx, if ((status = psa_import_key(&attributes, k, PSA_BITS_TO_BYTES(key->key_bits), &key->key)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); return ret; } #else @@ -355,7 +367,7 @@ int mbedtls_ssl_ticket_write(void *p_ticket, state, clear_len, state, end - state, &ciph_len)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto cleanup; } #else @@ -465,7 +477,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, key_name, TICKET_ADD_DATA_LEN, ticket, enc_len + TICKET_AUTH_TAG_BYTES, ticket, enc_len, &clear_len)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto cleanup; } #else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 86f5c0b55..d3a7ddb42 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -25,8 +25,6 @@ #if defined(MBEDTLS_SSL_TLS_C) -#include - #include "mbedtls/platform.h" #include "mbedtls/ssl.h" @@ -43,15 +41,27 @@ #include #if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" +#include "md_psa.h" +#include "psa_util_internal.h" #include "psa/crypto.h" #endif -#include "mbedtls/legacy_or_psa.h" #if defined(MBEDTLS_X509_CRT_PARSE_C) #include "mbedtls/oid.h" #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* Define local translating functions to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif + #if defined(MBEDTLS_TEST_HOOKS) static mbedtls_ssl_chk_buf_ptr_args chk_buf_ptr_fail_args; @@ -317,8 +327,7 @@ static int resize_buffer(unsigned char **buffer, size_t len_new, size_t *len_old * lost, are done outside of this function. */ memcpy(resized_buffer, *buffer, (len_new < *len_old) ? len_new : *len_old); - mbedtls_platform_zeroize(*buffer, *len_old); - mbedtls_free(*buffer); + mbedtls_zeroize_and_free(*buffer, *len_old); *buffer = resized_buffer; *len_old = len_new; @@ -412,27 +421,27 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, unsigned endpoint, const mbedtls_ssl_context *ssl); -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_CHECK_RETURN_CRITICAL static int tls_prf_sha256(const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen); -static void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *, unsigned char *, size_t *); -static void ssl_calc_finished_tls_sha256(mbedtls_ssl_context *, unsigned char *, int); +static int ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *, unsigned char *, size_t *); +static int ssl_calc_finished_tls_sha256(mbedtls_ssl_context *, unsigned char *, int); -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA256*/ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_CHECK_RETURN_CRITICAL static int tls_prf_sha384(const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, unsigned char *dstbuf, size_t dlen); -static void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *, unsigned char *, size_t *); -static void ssl_calc_finished_tls_sha384(mbedtls_ssl_context *, unsigned char *, int); -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +static int ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *, unsigned char *, size_t *); +static int ssl_calc_finished_tls_sha384(mbedtls_ssl_context *, unsigned char *, int); +#endif /* MBEDTLS_MD_CAN_SHA384*/ static size_t ssl_tls12_session_save(const mbedtls_ssl_session *session, unsigned char *buf, @@ -444,15 +453,15 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, size_t len); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -static void ssl_update_checksum_start(mbedtls_ssl_context *, const unsigned char *, size_t); +static int ssl_update_checksum_start(mbedtls_ssl_context *, const unsigned char *, size_t); -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -static void ssl_update_checksum_sha256(mbedtls_ssl_context *, const unsigned char *, size_t); -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#if defined(MBEDTLS_MD_CAN_SHA256) +static int ssl_update_checksum_sha256(mbedtls_ssl_context *, const unsigned char *, size_t); +#endif /* MBEDTLS_MD_CAN_SHA256*/ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -static void ssl_update_checksum_sha384(mbedtls_ssl_context *, const unsigned char *, size_t); -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#if defined(MBEDTLS_MD_CAN_SHA384) +static int ssl_update_checksum_sha384(mbedtls_ssl_context *, const unsigned char *, size_t); +#endif /* MBEDTLS_MD_CAN_SHA384*/ int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf, const unsigned char *secret, size_t slen, @@ -464,16 +473,16 @@ int mbedtls_ssl_tls_prf(const mbedtls_tls_prf_types prf, switch (prf) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_SSL_TLS_PRF_SHA384: tls_prf = tls_prf_sha384; break; -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA384*/ +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_SSL_TLS_PRF_SHA256: tls_prf = tls_prf_sha256; break; -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA256*/ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ default: return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; @@ -584,6 +593,9 @@ uint32_t mbedtls_ssl_get_extension_id(unsigned int extension_type) case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET: return MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET; + case MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT: + return MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT; + case MBEDTLS_TLS_EXT_SESSION_TICKET: return MBEDTLS_SSL_EXT_ID_SESSION_TICKET; @@ -626,7 +638,8 @@ static const char *extension_name_table[] = { [MBEDTLS_SSL_EXT_ID_SUPPORTED_POINT_FORMATS] = "supported_point_formats", [MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC] = "encrypt_then_mac", [MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET] = "extended_master_secret", - [MBEDTLS_SSL_EXT_ID_SESSION_TICKET] = "session_ticket" + [MBEDTLS_SSL_EXT_ID_SESSION_TICKET] = "session_ticket", + [MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT] = "record_size_limit" }; static unsigned int extension_type_table[] = { @@ -657,7 +670,8 @@ static unsigned int extension_type_table[] = { [MBEDTLS_SSL_EXT_ID_SUPPORTED_POINT_FORMATS] = MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS, [MBEDTLS_SSL_EXT_ID_ENCRYPT_THEN_MAC] = MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC, [MBEDTLS_SSL_EXT_ID_EXTENDED_MASTER_SECRET] = MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET, - [MBEDTLS_SSL_EXT_ID_SESSION_TICKET] = MBEDTLS_TLS_EXT_SESSION_TICKET + [MBEDTLS_SSL_EXT_ID_SESSION_TICKET] = MBEDTLS_TLS_EXT_SESSION_TICKET, + [MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT] = MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT }; const char *mbedtls_ssl_get_extension_name(unsigned int extension_type) @@ -736,8 +750,6 @@ void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define ARRAY_LENGTH(a) (sizeof(a) / sizeof(*(a))) - static const char *ticket_flag_name_table[] = { [0] = "ALLOW_PSK_RESUMPTION", @@ -772,12 +784,12 @@ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, { ((void) ciphersuite_info); -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { ssl->handshake->update_checksum = ssl_update_checksum_sha384; } else #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) if (ciphersuite_info->mac != MBEDTLS_MD_SHA384) { ssl->handshake->update_checksum = ssl_update_checksum_sha256; } else @@ -788,9 +800,9 @@ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl, } } -void mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, - unsigned hs_type, - size_t total_hs_len) +int mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, + unsigned hs_type, + size_t total_hs_len) { unsigned char hs_hdr[4]; @@ -800,84 +812,152 @@ void mbedtls_ssl_add_hs_hdr_to_checksum(mbedtls_ssl_context *ssl, hs_hdr[2] = MBEDTLS_BYTE_1(total_hs_len); hs_hdr[3] = MBEDTLS_BYTE_0(total_hs_len); - ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr)); + return ssl->handshake->update_checksum(ssl, hs_hdr, sizeof(hs_hdr)); } -void mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl, - unsigned hs_type, - unsigned char const *msg, - size_t msg_len) +int mbedtls_ssl_add_hs_msg_to_checksum(mbedtls_ssl_context *ssl, + unsigned hs_type, + unsigned char const *msg, + size_t msg_len) { - mbedtls_ssl_add_hs_hdr_to_checksum(ssl, hs_type, msg_len); - ssl->handshake->update_checksum(ssl, msg, msg_len); + int ret; + ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl, hs_type, msg_len); + if (ret != 0) { + return ret; + } + return ssl->handshake->update_checksum(ssl, msg, msg_len); } -void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl) +int mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl) { +#if defined(MBEDTLS_MD_CAN_SHA256) || \ + defined(MBEDTLS_MD_CAN_SHA384) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; +#else + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; +#endif +#else /* SHA-256 or SHA-384 */ ((void) ssl); -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* SHA-256 or SHA-384 */ +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort(&ssl->handshake->fin_sha256_psa); - psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); + status = psa_hash_abort(&ssl->handshake->fin_sha256_psa); + if (status != PSA_SUCCESS) { + return mbedtls_md_error_from_psa(status); + } + status = psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); + if (status != PSA_SUCCESS) { + return mbedtls_md_error_from_psa(status); + } #else - mbedtls_sha256_starts(&ssl->handshake->fin_sha256, 0); + mbedtls_md_free(&ssl->handshake->fin_sha256); + mbedtls_md_init(&ssl->handshake->fin_sha256); + ret = mbedtls_md_setup(&ssl->handshake->fin_sha256, + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + 0); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_starts(&ssl->handshake->fin_sha256); + if (ret != 0) { + return ret; + } #endif #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort(&ssl->handshake->fin_sha384_psa); - psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); + status = psa_hash_abort(&ssl->handshake->fin_sha384_psa); + if (status != PSA_SUCCESS) { + return mbedtls_md_error_from_psa(status); + } + status = psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); + if (status != PSA_SUCCESS) { + return mbedtls_md_error_from_psa(status); + } #else - mbedtls_sha512_starts(&ssl->handshake->fin_sha384, 1); + mbedtls_md_free(&ssl->handshake->fin_sha384); + mbedtls_md_init(&ssl->handshake->fin_sha384); + ret = mbedtls_md_setup(&ssl->handshake->fin_sha384, + mbedtls_md_info_from_type(MBEDTLS_MD_SHA384), 0); + if (ret != 0) { + return ret; + } + ret = mbedtls_md_starts(&ssl->handshake->fin_sha384); + if (ret != 0) { + return ret; + } #endif #endif + return 0; } -static void ssl_update_checksum_start(mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len) +static int ssl_update_checksum_start(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) || \ + defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); + psa_status_t status; #else - mbedtls_sha256_update(&ssl->handshake->fin_sha256, buf, len); + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #endif -#endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); -#else - mbedtls_sha512_update(&ssl->handshake->fin_sha384, buf, len); -#endif -#endif -#if !defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) - (void) ssl; +#else /* SHA-256 or SHA-384 */ + ((void) ssl); (void) buf; (void) len; +#endif /* SHA-256 or SHA-384 */ +#if defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); + if (status != PSA_SUCCESS) { + return mbedtls_md_error_from_psa(status); + } +#else + ret = mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len); + if (ret != 0) { + return ret; + } #endif +#endif +#if defined(MBEDTLS_MD_CAN_SHA384) +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); + if (status != PSA_SUCCESS) { + return mbedtls_md_error_from_psa(status); + } +#else + ret = mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len); + if (ret != 0) { + return ret; + } +#endif +#endif + return 0; } -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -static void ssl_update_checksum_sha256(mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len) +#if defined(MBEDTLS_MD_CAN_SHA256) +static int ssl_update_checksum_sha256(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update(&ssl->handshake->fin_sha256_psa, buf, len); + return mbedtls_md_error_from_psa(psa_hash_update( + &ssl->handshake->fin_sha256_psa, buf, len)); #else - mbedtls_sha256_update(&ssl->handshake->fin_sha256, buf, len); + return mbedtls_md_update(&ssl->handshake->fin_sha256, buf, len); #endif } #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -static void ssl_update_checksum_sha384(mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len) +#if defined(MBEDTLS_MD_CAN_SHA384) +static int ssl_update_checksum_sha384(mbedtls_ssl_context *ssl, + const unsigned char *buf, size_t len) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_update(&ssl->handshake->fin_sha384_psa, buf, len); + return mbedtls_md_error_from_psa(psa_hash_update( + &ssl->handshake->fin_sha384_psa, buf, len)); #else - mbedtls_sha512_update(&ssl->handshake->fin_sha384, buf, len); + return mbedtls_md_update(&ssl->handshake->fin_sha384, buf, len); #endif } #endif @@ -886,22 +966,18 @@ static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake) { memset(handshake, 0, sizeof(mbedtls_ssl_handshake_params)); -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha256_psa = psa_hash_operation_init(); - psa_hash_setup(&handshake->fin_sha256_psa, PSA_ALG_SHA_256); #else - mbedtls_sha256_init(&handshake->fin_sha256); - mbedtls_sha256_starts(&handshake->fin_sha256, 0); + mbedtls_md_init(&handshake->fin_sha256); #endif #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha384_psa = psa_hash_operation_init(); - psa_hash_setup(&handshake->fin_sha384_psa, PSA_ALG_SHA_384); #else - mbedtls_sha512_init(&handshake->fin_sha384); - mbedtls_sha512_starts(&handshake->fin_sha384, 1); + mbedtls_md_init(&handshake->fin_sha384); #endif #endif @@ -910,7 +986,8 @@ static void ssl_handshake_params_init(mbedtls_ssl_handshake_params *handshake) #if defined(MBEDTLS_DHM_C) mbedtls_dhm_init(&handshake->dhm_ctx); #endif -#if !defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) mbedtls_ecdh_init(&handshake->ecdh_ctx); #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -971,6 +1048,8 @@ void mbedtls_ssl_session_init(mbedtls_ssl_session *session) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_handshake_init(mbedtls_ssl_context *ssl) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + /* Clear old handshake information if present */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if (ssl->transform_negotiate) { @@ -1038,6 +1117,13 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) mbedtls_ssl_transform_init(ssl->transform_negotiate); #endif + /* Setup handshake checksums */ + ret = mbedtls_ssl_reset_checksum(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_reset_checksum", ret); + return ret; + } + #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_SSL_SESSION_TICKETS) @@ -1071,8 +1157,7 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) size_t length; const mbedtls_ecp_group_id *curve_list = ssl->conf->curve_list; - for (length = 0; (curve_list[length] != MBEDTLS_ECP_DP_NONE) && - (length < MBEDTLS_ECP_DP_MAX); length++) { + for (length = 0; (curve_list[length] != MBEDTLS_ECP_DP_NONE); length++) { } /* Leave room for zero termination */ @@ -1114,17 +1199,15 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) size_t sig_algs_len = 0; uint16_t *p; -#if defined(static_assert) - static_assert(MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN - <= (SIZE_MAX - (2 * sizeof(uint16_t))), - "MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN too big"); -#endif + MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN + <= (SIZE_MAX - (2 * sizeof(uint16_t))), + "MBEDTLS_SSL_MAX_SIG_ALG_LIST_LEN too big"); for (md = sig_hashes; *md != MBEDTLS_MD_NONE; md++) { if (mbedtls_ssl_hash_from_md_alg(*md) == MBEDTLS_SSL_HASH_NONE) { continue; } -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) sig_algs_len += sizeof(uint16_t); #endif @@ -1152,7 +1235,7 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) if (hash == MBEDTLS_SSL_HASH_NONE) { continue; } -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) *p = ((hash << 8) | MBEDTLS_SSL_SIG_ECDSA); p++; #endif @@ -1243,12 +1326,6 @@ static int ssl_conf_version_check(const mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; } - if (conf->endpoint == MBEDTLS_SSL_IS_SERVER) { - MBEDTLS_SSL_DEBUG_MSG(1, ("TLS 1.3 server is not supported yet.")); - return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - } - - MBEDTLS_SSL_DEBUG_MSG(4, ("The SSL configuration is TLS 1.3 or TLS 1.2.")); return 0; } @@ -1311,6 +1388,7 @@ int mbedtls_ssl_setup(mbedtls_ssl_context *ssl, if ((ret = ssl_conf_check(ssl)) != 0) { return ret; } + ssl->tls_version = ssl->conf->max_tls_version; /* * Prepare base structures @@ -1867,14 +1945,19 @@ void mbedtls_ssl_set_verify(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_USE_PSA_CRYPTO) +static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' }; +static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' }; + static psa_status_t mbedtls_ssl_set_hs_ecjpake_password_common( mbedtls_ssl_context *ssl, mbedtls_svc_key_id_t pwd) { psa_status_t status; - psa_pake_role_t psa_role; psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); - + const uint8_t *user = NULL; + size_t user_len = 0; + const uint8_t *peer = NULL; + size_t peer_len = 0; psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE); psa_pake_cs_set_primitive(&cipher_suite, PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, @@ -1888,12 +1971,23 @@ static psa_status_t mbedtls_ssl_set_hs_ecjpake_password_common( } if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { - psa_role = PSA_PAKE_ROLE_SERVER; + user = jpake_server_id; + user_len = sizeof(jpake_server_id); + peer = jpake_client_id; + peer_len = sizeof(jpake_client_id); } else { - psa_role = PSA_PAKE_ROLE_CLIENT; + user = jpake_client_id; + user_len = sizeof(jpake_client_id); + peer = jpake_server_id; + peer_len = sizeof(jpake_server_id); } - status = psa_pake_set_role(&ssl->handshake->psa_pake_ctx, psa_role); + status = psa_pake_set_user(&ssl->handshake->psa_pake_ctx, user, user_len); + if (status != PSA_SUCCESS) { + return status; + } + + status = psa_pake_set_peer(&ssl->handshake->psa_pake_ctx, peer, peer_len); if (status != PSA_SUCCESS) { return status; } @@ -2029,9 +2123,7 @@ static void ssl_conf_remove_psk(mbedtls_ssl_config *conf) } #endif /* MBEDTLS_USE_PSA_CRYPTO */ if (conf->psk != NULL) { - mbedtls_platform_zeroize(conf->psk, conf->psk_len); - - mbedtls_free(conf->psk); + mbedtls_zeroize_and_free(conf->psk, conf->psk_len); conf->psk = NULL; conf->psk_len = 0; } @@ -2123,9 +2215,8 @@ static void ssl_remove_psk(mbedtls_ssl_context *ssl) } #else if (ssl->handshake->psk != NULL) { - mbedtls_platform_zeroize(ssl->handshake->psk, + mbedtls_zeroize_and_free(ssl->handshake->psk, ssl->handshake->psk_len); - mbedtls_free(ssl->handshake->psk); ssl->handshake->psk_len = 0; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -2336,13 +2427,14 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( psa_algorithm_t alg; psa_key_type_t type; size_t size; - status = mbedtls_ssl_cipher_to_psa(suite->cipher, 0, &alg, &type, &size); + status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) suite->cipher, + 0, &alg, &type, &size); if (status == PSA_SUCCESS) { base_mode = mbedtls_ssl_get_base_mode(alg); } #else const mbedtls_cipher_info_t *cipher = - mbedtls_cipher_info_from_type(suite->cipher); + mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) suite->cipher); if (cipher != NULL) { base_mode = mbedtls_ssl_get_base_mode( @@ -2881,8 +2973,7 @@ int mbedtls_ssl_set_hostname(mbedtls_ssl_context *ssl, const char *hostname) * so we can free it safely */ if (ssl->hostname != NULL) { - mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname)); - mbedtls_free(ssl->hostname); + mbedtls_zeroize_and_free(ssl->hostname, strlen(ssl->hostname)); } /* Passing NULL as hostname shall clear the old one */ @@ -3022,12 +3113,12 @@ void mbedtls_ssl_get_dtls_srtp_negotiation_result(const mbedtls_ssl_context *ssl #if !defined(MBEDTLS_DEPRECATED_REMOVED) void mbedtls_ssl_conf_max_version(mbedtls_ssl_config *conf, int major, int minor) { - conf->max_tls_version = (major << 8) | minor; + conf->max_tls_version = (mbedtls_ssl_protocol_version) ((major << 8) | minor); } void mbedtls_ssl_conf_min_version(mbedtls_ssl_config *conf, int major, int minor) { - conf->min_tls_version = (major << 8) | minor; + conf->min_tls_version = (mbedtls_ssl_protocol_version) ((major << 8) | minor); } #endif /* MBEDTLS_DEPRECATED_REMOVED */ @@ -3655,7 +3746,7 @@ static int ssl_session_load(mbedtls_ssl_session *session, if (1 > (size_t) (end - p)) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->tls_version = 0x0300 | *p++; + session->tls_version = (mbedtls_ssl_protocol_version) (0x0300 | *p++); /* Dispatch according to TLS version. */ remaining_len = (end - p); @@ -3758,7 +3849,7 @@ int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_CLI_C) if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { MBEDTLS_SSL_DEBUG_MSG(2, ("client state: %s", - mbedtls_ssl_states_str(ssl->state))); + mbedtls_ssl_states_str((mbedtls_ssl_states) ssl->state))); switch (ssl->state) { case MBEDTLS_SSL_HELLO_REQUEST: @@ -3784,22 +3875,23 @@ int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl) #endif } } -#endif +#endif /* MBEDTLS_SSL_CLI_C */ + #if defined(MBEDTLS_SSL_SRV_C) if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) { -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (mbedtls_ssl_conf_is_tls13_only(ssl->conf)) { +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) + if (ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { ret = mbedtls_ssl_tls13_handshake_server_step(ssl); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if (mbedtls_ssl_conf_is_tls12_only(ssl->conf)) { + } else { ret = mbedtls_ssl_handshake_server_step(ssl); } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - } +#elif defined(MBEDTLS_SSL_PROTO_TLS1_2) + ret = mbedtls_ssl_handshake_server_step(ssl); +#else + ret = mbedtls_ssl_tls13_handshake_server_step(ssl); #endif + } +#endif /* MBEDTLS_SSL_SRV_C */ if (ret != 0) { /* handshake_step return error. And it is same @@ -3989,14 +4081,14 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) return; } -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #if !defined(MBEDTLS_DEPRECATED_REMOVED) if (ssl->handshake->group_list_heap_allocated) { mbedtls_free((void *) handshake->group_list); } handshake->group_list = NULL; #endif /* MBEDTLS_DEPRECATED_REMOVED */ -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) #if !defined(MBEDTLS_DEPRECATED_REMOVED) @@ -4019,25 +4111,26 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_abort(&handshake->fin_sha256_psa); #else - mbedtls_sha256_free(&handshake->fin_sha256); + mbedtls_md_free(&handshake->fin_sha256); #endif #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_abort(&handshake->fin_sha384_psa); #else - mbedtls_sha512_free(&handshake->fin_sha384); + mbedtls_md_free(&handshake->fin_sha384); #endif #endif #if defined(MBEDTLS_DHM_C) mbedtls_dhm_free(&handshake->dhm_ctx); #endif -#if !defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) mbedtls_ecdh_free(&handshake->ecdh_ctx); #endif @@ -4063,7 +4156,8 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) #endif #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_WITH_ECDSA_ANY_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) /* explicit void pointer cast for buggy MS compiler */ mbedtls_free((void *) handshake->curves_tls_id); @@ -4082,8 +4176,7 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) } #else if (handshake->psk != NULL) { - mbedtls_platform_zeroize(handshake->psk, handshake->psk_len); - mbedtls_free(handshake->psk); + mbedtls_zeroize_and_free(handshake->psk, handshake->psk_len); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ @@ -4121,12 +4214,11 @@ void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl) mbedtls_ssl_buffering_free(ssl); #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_ECDH_C) && \ - (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) - if (handshake->ecdh_psa_privkey_is_external == 0) { - psa_destroy_key(handshake->ecdh_psa_privkey); +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED) + if (handshake->xxdh_psa_privkey_is_external == 0) { + psa_destroy_key(handshake->xxdh_psa_privkey); } -#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) mbedtls_ssl_transform_free(handshake->transform_handshake); @@ -4487,13 +4579,14 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, * We can't check that the config matches the initial one, but we can at * least check it matches the requirements for serializing. */ - if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || - ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 || - ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 || + if ( #if defined(MBEDTLS_SSL_RENEGOTIATION) ssl->conf->disable_renegotiation != MBEDTLS_SSL_RENEGOTIATION_DISABLED || #endif - 0) { + ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->conf->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2 || + ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2 + ) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } @@ -4519,10 +4612,7 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session_len = ((size_t) p[0] << 24) | - ((size_t) p[1] << 16) | - ((size_t) p[2] << 8) | - ((size_t) p[3]); + session_len = MBEDTLS_GET_UINT32_BE(p, 0); p += 4; /* This has been allocated by ssl_handshake_init(), called by @@ -4617,10 +4707,7 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - ssl->badmac_seen = ((uint32_t) p[0] << 24) | - ((uint32_t) p[1] << 16) | - ((uint32_t) p[2] << 8) | - ((uint32_t) p[3]); + ssl->badmac_seen = MBEDTLS_GET_UINT32_BE(p, 0); p += 4; #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) @@ -4628,24 +4715,10 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - ssl->in_window_top = ((uint64_t) p[0] << 56) | - ((uint64_t) p[1] << 48) | - ((uint64_t) p[2] << 40) | - ((uint64_t) p[3] << 32) | - ((uint64_t) p[4] << 24) | - ((uint64_t) p[5] << 16) | - ((uint64_t) p[6] << 8) | - ((uint64_t) p[7]); + ssl->in_window_top = MBEDTLS_GET_UINT64_BE(p, 0); p += 8; - ssl->in_window = ((uint64_t) p[0] << 56) | - ((uint64_t) p[1] << 48) | - ((uint64_t) p[2] << 40) | - ((uint64_t) p[3] << 32) | - ((uint64_t) p[4] << 24) | - ((uint64_t) p[5] << 16) | - ((uint64_t) p[6] << 8) | - ((uint64_t) p[7]); + ssl->in_window = MBEDTLS_GET_UINT64_BE(p, 0); p += 8; #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ @@ -4775,8 +4848,7 @@ void mbedtls_ssl_free(mbedtls_ssl_context *ssl) size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN; #endif - mbedtls_platform_zeroize(ssl->out_buf, out_buf_len); - mbedtls_free(ssl->out_buf); + mbedtls_zeroize_and_free(ssl->out_buf, out_buf_len); ssl->out_buf = NULL; } @@ -4787,8 +4859,7 @@ void mbedtls_ssl_free(mbedtls_ssl_context *ssl) size_t in_buf_len = MBEDTLS_SSL_IN_BUFFER_LEN; #endif - mbedtls_platform_zeroize(ssl->in_buf, in_buf_len); - mbedtls_free(ssl->in_buf); + mbedtls_zeroize_and_free(ssl->in_buf, in_buf_len); ssl->in_buf = NULL; } @@ -4822,8 +4893,7 @@ void mbedtls_ssl_free(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_X509_CRT_PARSE_C) if (ssl->hostname != NULL) { - mbedtls_platform_zeroize(ssl->hostname, strlen(ssl->hostname)); - mbedtls_free(ssl->hostname); + mbedtls_zeroize_and_free(ssl->hostname, strlen(ssl->hostname)); } #endif @@ -4852,34 +4922,41 @@ void mbedtls_ssl_config_init(mbedtls_ssl_config *conf) * about this list. */ static uint16_t ssl_preset_default_groups[] = { -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) MBEDTLS_SSL_IANA_TLS_GROUP_X25519, #endif -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, #endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, #endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_CURVE448) MBEDTLS_SSL_IANA_TLS_GROUP_X448, #endif -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_SECP521R1) MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, #endif -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_BP256R1) MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, #endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_BP384R1) MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, #endif -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_BP512R1) MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, +#endif +#if defined(PSA_WANT_ALG_FFDH) + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, + MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, #endif MBEDTLS_SSL_IANA_TLS_GROUP_NONE }; -static int ssl_preset_suiteb_ciphersuites[] = { +static const int ssl_preset_suiteb_ciphersuites[] = { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 0 @@ -4897,53 +4974,56 @@ static int ssl_preset_suiteb_ciphersuites[] = { */ static uint16_t ssl_preset_default_sig_algs[] = { -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ + defined(MBEDTLS_MD_CAN_SHA256) && \ + defined(PSA_WANT_ECC_SECP_R1_256) MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256, -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA && - MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256) +#endif -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ + defined(MBEDTLS_MD_CAN_SHA384) && \ + defined(PSA_WANT_ECC_SECP_R1_384) MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384, -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA&& - MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384) +#endif -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ + defined(MBEDTLS_MD_CAN_SHA512) && \ + defined(PSA_WANT_ECC_SECP_R1_521) MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512, -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA&& - MBEDTLS_ECP_DP_SECP521R1_ENABLED */ + // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512) +#endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) + defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512, #endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ + /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA512 */ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) + defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384, #endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ + /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA384 */ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) + defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, #endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ + /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512, -#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA512 */ -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384, -#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA384_C */ +#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256, -#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 */ MBEDTLS_TLS_SIG_NONE }; @@ -4951,8 +5031,8 @@ static uint16_t ssl_preset_default_sig_algs[] = { /* NOTICE: see above */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) static uint16_t ssl_tls12_preset_default_sig_algs[] = { -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_MD_CAN_SHA512) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) @@ -4961,9 +5041,9 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = { #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA512), #endif -#endif /* MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -#if defined(MBEDTLS_ECDSA_C) +#endif /* MBEDTLS_MD_CAN_SHA512*/ +#if defined(MBEDTLS_MD_CAN_SHA384) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) @@ -4972,9 +5052,9 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = { #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384), #endif -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -#if defined(MBEDTLS_ECDSA_C) +#endif /* MBEDTLS_MD_CAN_SHA384*/ +#if defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) @@ -4983,34 +5063,36 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = { #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256), #endif -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA256*/ MBEDTLS_TLS_SIG_NONE }; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* NOTICE: see above */ static uint16_t ssl_preset_suiteb_sig_algs[] = { -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ + defined(MBEDTLS_MD_CAN_SHA256) && \ + defined(MBEDTLS_ECP_HAVE_SECP256R1) MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256, -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA&& - MBEDTLS_ECP_DP_SECP256R1_ENABLED */ + // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256) +#endif -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ + defined(MBEDTLS_MD_CAN_SHA384) && \ + defined(MBEDTLS_ECP_HAVE_SECP384R1) MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384, -#endif /* MBEDTLS_ECDSA_C && MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA&& - MBEDTLS_ECP_DP_SECP384R1_ENABLED */ + // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384) +#endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) + defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, #endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ + /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256*/ -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256, -#endif /* MBEDTLS_RSA_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256*/ MBEDTLS_TLS_SIG_NONE }; @@ -5018,22 +5100,22 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = { /* NOTICE: see above */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256), #endif -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -#if defined(MBEDTLS_ECDSA_C) +#endif /* MBEDTLS_MD_CAN_SHA256*/ +#if defined(MBEDTLS_MD_CAN_SHA384) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384), #endif -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA256*/ MBEDTLS_TLS_SIG_NONE }; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ @@ -5041,10 +5123,10 @@ static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ static uint16_t ssl_preset_suiteb_groups[] = { -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, #endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, #endif MBEDTLS_SSL_IANA_TLS_GROUP_NONE @@ -5203,14 +5285,8 @@ int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, #endif } else { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (endpoint == MBEDTLS_SSL_IS_CLIENT) { - conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2; - conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3; - } else { - /* Hybrid TLS 1.2 / 1.3 is not supported on server side yet */ - conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2; - conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_2; - } + conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2; + conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3; #elif defined(MBEDTLS_SSL_PROTO_TLS1_3) conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_3; conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3; @@ -5302,15 +5378,13 @@ void mbedtls_ssl_config_free(mbedtls_ssl_config *conf) } #endif /* MBEDTLS_USE_PSA_CRYPTO */ if (conf->psk != NULL) { - mbedtls_platform_zeroize(conf->psk, conf->psk_len); - mbedtls_free(conf->psk); + mbedtls_zeroize_and_free(conf->psk, conf->psk_len); conf->psk = NULL; conf->psk_len = 0; } if (conf->psk_identity != NULL) { - mbedtls_platform_zeroize(conf->psk_identity, conf->psk_identity_len); - mbedtls_free(conf->psk_identity); + mbedtls_zeroize_and_free(conf->psk_identity, conf->psk_identity_len); conf->psk_identity = NULL; conf->psk_identity_len = 0; } @@ -5324,7 +5398,7 @@ void mbedtls_ssl_config_free(mbedtls_ssl_config *conf) } #if defined(MBEDTLS_PK_C) && \ - (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)) + (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED)) /* * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX */ @@ -5335,7 +5409,7 @@ unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk) return MBEDTLS_SSL_SIG_RSA; } #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) if (mbedtls_pk_can_do(pk, MBEDTLS_PK_ECDSA)) { return MBEDTLS_SSL_SIG_ECDSA; } @@ -5363,7 +5437,7 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig) case MBEDTLS_SSL_SIG_RSA: return MBEDTLS_PK_RSA; #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) case MBEDTLS_SSL_SIG_ECDSA: return MBEDTLS_PK_ECDSA; #endif @@ -5371,7 +5445,8 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig) return MBEDTLS_PK_NONE; } } -#endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */ +#endif /* MBEDTLS_PK_C && + ( MBEDTLS_RSA_C || MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED ) */ /* * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX @@ -5379,27 +5454,27 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig) mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash) { switch (hash) { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_SSL_HASH_MD5: return MBEDTLS_MD_MD5; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_SSL_HASH_SHA1: return MBEDTLS_MD_SHA1; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_SSL_HASH_SHA224: return MBEDTLS_MD_SHA224; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_SSL_HASH_SHA256: return MBEDTLS_MD_SHA256; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_SSL_HASH_SHA384: return MBEDTLS_MD_SHA384; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_SSL_HASH_SHA512: return MBEDTLS_MD_SHA512; #endif @@ -5414,27 +5489,27 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash) unsigned char mbedtls_ssl_hash_from_md_alg(int md) { switch (md) { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_MD_MD5: return MBEDTLS_SSL_HASH_MD5; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_MD_SHA1: return MBEDTLS_SSL_HASH_SHA1; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_MD_SHA224: return MBEDTLS_SSL_HASH_SHA224; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: return MBEDTLS_SSL_HASH_SHA256; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: return MBEDTLS_SSL_HASH_SHA384; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_MD_SHA512: return MBEDTLS_SSL_HASH_SHA512; #endif @@ -5464,7 +5539,7 @@ int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_ return -1; } -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* * Same as mbedtls_ssl_check_curve_tls_id() but with a mbedtls_ecp_group_id. */ @@ -5478,72 +5553,65 @@ int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id return mbedtls_ssl_check_curve_tls_id(ssl, tls_id); } -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_DEBUG_C) -#define EC_NAME(_name_) _name_ -#else -#define EC_NAME(_name_) NULL -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ static const struct { uint16_t tls_id; mbedtls_ecp_group_id ecp_group_id; psa_ecc_family_t psa_family; uint16_t bits; - const char *name; } tls_id_match_table[] = { -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) - { 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521, EC_NAME("secp521r1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP521R1) + { 25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521 }, #endif -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) - { 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512, EC_NAME("brainpoolP512r1") }, +#if defined(MBEDTLS_ECP_HAVE_BP512R1) + { 28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) - { 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384, EC_NAME("secp384r1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) + { 24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384 }, #endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) - { 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384, EC_NAME("brainpoolP384r1") }, +#if defined(MBEDTLS_ECP_HAVE_BP384R1) + { 27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) - { 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256, EC_NAME("secp256r1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) + { 23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256) - { 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256, EC_NAME("secp256k1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP256K1) + { 22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256 }, #endif -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) - { 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256, EC_NAME("brainpoolP256r1") }, +#if defined(MBEDTLS_ECP_HAVE_BP256R1) + { 26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224) - { 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224, EC_NAME("secp224r1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP224R1) + { 21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224) - { 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224, EC_NAME("secp224k1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP224K1) + { 20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192) - { 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192, EC_NAME("secp192r1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP192R1) + { 19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192 }, #endif -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192) - { 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192, EC_NAME("secp192k1") }, +#if defined(MBEDTLS_ECP_HAVE_SECP192K1) + { 18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192 }, #endif -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255) - { 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255, EC_NAME("x25519") }, +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) + { 29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255 }, #endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448) - { 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448, EC_NAME("x448") }, +#if defined(MBEDTLS_ECP_HAVE_CURVE448) + { 30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448 }, #endif - { 0, MBEDTLS_ECP_DP_NONE, 0, 0, NULL }, + { 0, MBEDTLS_ECP_DP_NONE, 0, 0 }, }; int mbedtls_ssl_get_psa_curve_info_from_tls_id(uint16_t tls_id, - psa_ecc_family_t *family, + psa_key_type_t *type, size_t *bits) { for (int i = 0; tls_id_match_table[i].tls_id != 0; i++) { if (tls_id_match_table[i].tls_id == tls_id) { - if (family != NULL) { - *family = tls_id_match_table[i].psa_family; + if (type != NULL) { + *type = PSA_KEY_TYPE_ECC_KEY_PAIR(tls_id_match_table[i].psa_family); } if (bits != NULL) { *bits = tls_id_match_table[i].bits; @@ -5579,11 +5647,32 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id(mbedtls_ecp_group_id grp_id) } #if defined(MBEDTLS_DEBUG_C) +static const struct { + uint16_t tls_id; + const char *name; +} tls_id_curve_name_table[] = +{ + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP224R1, "secp224r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP224K1, "secp224k1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1, "secp192r1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP192K1, "secp192k1" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519" }, + { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448" }, + { 0, NULL }, +}; + const char *mbedtls_ssl_get_curve_name_from_tls_id(uint16_t tls_id) { - for (int i = 0; tls_id_match_table[i].tls_id != 0; i++) { - if (tls_id_match_table[i].tls_id == tls_id) { - return tls_id_match_table[i].name; + for (int i = 0; tls_id_curve_name_table[i].tls_id != 0; i++) { + if (tls_id_curve_name_table[i].tls_id == tls_id) { + return tls_id_curve_name_table[i].name; } } @@ -5670,13 +5759,13 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, *olen = 0; switch (md) { -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: hash_operation_to_clone = &ssl->handshake->fin_sha384_psa; break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: hash_operation_to_clone = &ssl->handshake->fin_sha256_psa; break; @@ -5697,15 +5786,15 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, } exit: -#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - !defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if !defined(MBEDTLS_MD_CAN_SHA384) && \ + !defined(MBEDTLS_MD_CAN_SHA256) (void) ssl; #endif - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } #else /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_handshake_transcript_sha384(mbedtls_ssl_context *ssl, unsigned char *dst, @@ -5713,17 +5802,24 @@ static int ssl_get_handshake_transcript_sha384(mbedtls_ssl_context *ssl, size_t *olen) { int ret; - mbedtls_sha512_context sha512; + mbedtls_md_context_t sha384; if (dst_len < 48) { return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - mbedtls_sha512_init(&sha512); - mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha384); + mbedtls_md_init(&sha384); + ret = mbedtls_md_setup(&sha384, mbedtls_md_info_from_type(MBEDTLS_MD_SHA384), 0); + if (ret != 0) { + goto exit; + } + ret = mbedtls_md_clone(&sha384, &ssl->handshake->fin_sha384); + if (ret != 0) { + goto exit; + } - if ((ret = mbedtls_sha512_finish(&sha512, dst)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha512_finish", ret); + if ((ret = mbedtls_md_finish(&sha384, dst)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_finish", ret); goto exit; } @@ -5731,12 +5827,12 @@ static int ssl_get_handshake_transcript_sha384(mbedtls_ssl_context *ssl, exit: - mbedtls_sha512_free(&sha512); + mbedtls_md_free(&sha384); return ret; } -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_handshake_transcript_sha256(mbedtls_ssl_context *ssl, unsigned char *dst, @@ -5744,17 +5840,24 @@ static int ssl_get_handshake_transcript_sha256(mbedtls_ssl_context *ssl, size_t *olen) { int ret; - mbedtls_sha256_context sha256; + mbedtls_md_context_t sha256; if (dst_len < 32) { return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - mbedtls_sha256_init(&sha256); - mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); + mbedtls_md_init(&sha256); + ret = mbedtls_md_setup(&sha256, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 0); + if (ret != 0) { + goto exit; + } + ret = mbedtls_md_clone(&sha256, &ssl->handshake->fin_sha256); + if (ret != 0) { + goto exit; + } - if ((ret = mbedtls_sha256_finish(&sha256, dst)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_sha256_finish", ret); + if ((ret = mbedtls_md_finish(&sha256, dst)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_md_finish", ret); goto exit; } @@ -5762,10 +5865,10 @@ static int ssl_get_handshake_transcript_sha256(mbedtls_ssl_context *ssl, exit: - mbedtls_sha256_free(&sha256); + mbedtls_md_free(&sha256); return ret; } -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, const mbedtls_md_type_t md, @@ -5775,19 +5878,19 @@ int mbedtls_ssl_get_handshake_transcript(mbedtls_ssl_context *ssl, { switch (md) { -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: return ssl_get_handshake_transcript_sha384(ssl, dst, dst_len, olen); -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA384*/ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: return ssl_get_handshake_transcript_sha256(ssl, dst, dst_len, olen); -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA256*/ default: -#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - !defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if !defined(MBEDTLS_MD_CAN_SHA384) && \ + !defined(MBEDTLS_MD_CAN_SHA256) (void) ssl; (void) dst; (void) dst_len; @@ -6053,8 +6156,8 @@ static int tls_prf_generic(mbedtls_md_type_t md_type, #else /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_MD_C) && \ - (defined(MBEDTLS_SHA256_C) || \ - defined(MBEDTLS_SHA384_C)) + (defined(MBEDTLS_MD_CAN_SHA256) || \ + defined(MBEDTLS_MD_CAN_SHA384)) MBEDTLS_CHECK_RETURN_CRITICAL static int tls_prf_generic(mbedtls_md_type_t md_type, const unsigned char *secret, size_t slen, @@ -6158,10 +6261,10 @@ exit: return ret; } -#endif /* MBEDTLS_MD_C && ( MBEDTLS_SHA256_C || MBEDTLS_SHA384_C ) */ +#endif /* MBEDTLS_MD_C && ( MBEDTLS_MD_CAN_SHA256 || MBEDTLS_MD_CAN_SHA384 ) */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_CHECK_RETURN_CRITICAL static int tls_prf_sha256(const unsigned char *secret, size_t slen, const char *label, @@ -6171,9 +6274,9 @@ static int tls_prf_sha256(const unsigned char *secret, size_t slen, return tls_prf_generic(MBEDTLS_MD_SHA256, secret, slen, label, random, rlen, dstbuf, dlen); } -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA256*/ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_CHECK_RETURN_CRITICAL static int tls_prf_sha384(const unsigned char *secret, size_t slen, const char *label, @@ -6183,7 +6286,7 @@ static int tls_prf_sha384(const unsigned char *secret, size_t slen, return tls_prf_generic(MBEDTLS_MD_SHA384, secret, slen, label, random, rlen, dstbuf, dlen); } -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ +#endif /* MBEDTLS_MD_CAN_SHA384*/ /* * Set appropriate PRF function and other SSL / TLS1.2 functions @@ -6198,14 +6301,14 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_set_handshake_prfs(mbedtls_ssl_handshake_params *handshake, mbedtls_md_type_t hash) { -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) if (hash == MBEDTLS_MD_SHA384) { handshake->tls_prf = tls_prf_sha384; handshake->calc_verify = ssl_calc_verify_tls_sha384; handshake->calc_finished = ssl_calc_finished_tls_sha384; } else #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { (void) hash; handshake->tls_prf = tls_prf_sha256; @@ -6285,7 +6388,10 @@ static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake, if (handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED) { lbl = "extended master secret"; seed = session_hash; - handshake->calc_verify(ssl, session_hash, &seed_len); + ret = handshake->calc_verify(ssl, session_hash, &seed_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "calc_verify", ret); + } MBEDTLS_SSL_DEBUG_BUF(3, "session hash for extended master secret", session_hash, seed_len); @@ -6301,7 +6407,7 @@ static int ssl_compute_master(mbedtls_ssl_handshake_params *handshake, mbedtls_svc_key_id_t psk; psa_key_derivation_operation_t derivation = PSA_KEY_DERIVATION_OPERATION_INIT; - mbedtls_md_type_t hash_alg = handshake->ciphersuite_info->mac; + mbedtls_md_type_t hash_alg = (mbedtls_md_type_t) handshake->ciphersuite_info->mac; MBEDTLS_SSL_DEBUG_MSG(2, ("perform PSA-based PSK-to-MS expansion")); @@ -6437,7 +6543,7 @@ int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl) /* Set PRF, calc_verify and calc_finished function pointers */ ret = ssl_set_handshake_prfs(ssl->handshake, - ciphersuite_info->mac); + (mbedtls_md_type_t) ciphersuite_info->mac); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "ssl_set_handshake_prfs", ret); return ret; @@ -6492,12 +6598,12 @@ int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl) int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md) { switch (md) { -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_SSL_HASH_SHA384: ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; break; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_SSL_HASH_SHA256: ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256; break; @@ -6505,106 +6611,114 @@ int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md) default: return -1; } -#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - !defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if !defined(MBEDTLS_MD_CAN_SHA384) && \ + !defined(MBEDTLS_MD_CAN_SHA256) (void) ssl; #endif return 0; } -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -void ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen) -{ #if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; +static int ssl_calc_verify_tls_psa(const mbedtls_ssl_context *ssl, + const psa_hash_operation_t *hs_op, + size_t buffer_size, + unsigned char *hash, + size_t *hlen) +{ psa_status_t status; - psa_hash_operation_t sha256_psa = psa_hash_operation_init(); + psa_hash_operation_t cloned_op = psa_hash_operation_init(); - MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha256")); - status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa); +#if !defined(MBEDTLS_DEBUG_C) + (void) ssl; +#endif + MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify")); + status = psa_hash_clone(hs_op, &cloned_op); if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); - return; + goto exit; } - status = psa_hash_finish(&sha256_psa, hash, 32, &hash_size); + status = psa_hash_finish(&cloned_op, hash, buffer_size, hlen); if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); - return; + goto exit; } - *hlen = 32; MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen); MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify")); + +exit: + psa_hash_abort(&cloned_op); + return mbedtls_md_error_from_psa(status); +} #else - mbedtls_sha256_context sha256; +static int ssl_calc_verify_tls_legacy(const mbedtls_ssl_context *ssl, + const mbedtls_md_context_t *hs_ctx, + unsigned char *hash, + size_t *hlen) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_md_context_t cloned_ctx; - mbedtls_sha256_init(&sha256); + mbedtls_md_init(&cloned_ctx); - MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha256")); +#if !defined(MBEDTLS_DEBUG_C) + (void) ssl; +#endif + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify")); - mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); - mbedtls_sha256_finish(&sha256, hash); + ret = mbedtls_md_setup(&cloned_ctx, mbedtls_md_info_from_ctx(hs_ctx), 0); + if (ret != 0) { + goto exit; + } + ret = mbedtls_md_clone(&cloned_ctx, hs_ctx); + if (ret != 0) { + goto exit; + } - *hlen = 32; + ret = mbedtls_md_finish(&cloned_ctx, hash); + if (ret != 0) { + goto exit; + } + + *hlen = mbedtls_md_get_size(mbedtls_md_info_from_ctx(hs_ctx)); MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - mbedtls_sha256_free(&sha256); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - return; +exit: + mbedtls_md_free(&cloned_ctx); + return ret; } -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -void ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen) +#if defined(MBEDTLS_MD_CAN_SHA256) +int ssl_calc_verify_tls_sha256(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) { #if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_status_t status; - psa_hash_operation_t sha384_psa = psa_hash_operation_init(); - - MBEDTLS_SSL_DEBUG_MSG(2, ("=> PSA calc verify sha384")); - status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa); - if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); - return; - } - - status = psa_hash_finish(&sha384_psa, hash, 48, &hash_size); - if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); - return; - } - - *hlen = 48; - MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated verify result", hash, *hlen); - MBEDTLS_SSL_DEBUG_MSG(2, ("<= PSA calc verify")); + return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha256_psa, 32, + hash, hlen); #else - mbedtls_sha512_context sha512; - - mbedtls_sha512_init(&sha512); - - MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc verify sha384")); - - mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha384); - mbedtls_sha512_finish(&sha512, hash); - - *hlen = 48; - - MBEDTLS_SSL_DEBUG_BUF(3, "calculated verify result", hash, *hlen); - MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc verify")); - - mbedtls_sha512_free(&sha512); + return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha256, + hash, hlen); #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return; } -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ + +#if defined(MBEDTLS_MD_CAN_SHA384) +int ssl_calc_verify_tls_sha384(const mbedtls_ssl_context *ssl, + unsigned char *hash, + size_t *hlen) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + return ssl_calc_verify_tls_psa(ssl, &ssl->handshake->fin_sha384_psa, 48, + hash, hlen); +#else + return ssl_calc_verify_tls_legacy(ssl, &ssl->handshake->fin_sha384, + hash, hlen); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +} +#endif /* MBEDTLS_MD_CAN_SHA384 */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -7239,7 +7353,7 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl, * Secondary checks: always done, but change 'ret' only if it was 0 */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) { const mbedtls_pk_context *pk = &chain->pk; @@ -7250,13 +7364,12 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl, /* and in the unlikely case the above assumption no longer holds * we are making sure that pk_ec() here does not return a NULL */ - const mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); - if (ec == NULL) { - MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_pk_ec() returned NULL")); + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk); + if (grp_id == MBEDTLS_ECP_DP_NONE) { + MBEDTLS_SSL_DEBUG_MSG(1, ("invalid group ID")); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - - if (mbedtls_ssl_check_curve(ssl, ec->grp.id) != 0) { + if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY; @@ -7267,7 +7380,7 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl, } } } -#endif /* MBEDTLS_ECP_C */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ if (mbedtls_ssl_check_cert_usage(chain, ciphersuite_info, @@ -7544,19 +7657,22 @@ exit: } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -static void ssl_calc_finished_tls_sha256( - mbedtls_ssl_context *ssl, unsigned char *buf, int from) +static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx, + unsigned char *padbuf, size_t hlen, + unsigned char *buf, int from) { int len = 12; const char *sender; - unsigned char padbuf[32]; #if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; psa_status_t status; + psa_hash_operation_t *hs_op = ctx; + psa_hash_operation_t cloned_op = PSA_HASH_OPERATION_INIT; + size_t hash_size; #else - mbedtls_sha256_context sha256; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_md_context_t *hs_ctx = ctx; + mbedtls_md_context_t cloned_ctx; + mbedtls_md_init(&cloned_ctx); #endif mbedtls_ssl_session *session = ssl->session_negotiate; @@ -7569,130 +7685,94 @@ static void ssl_calc_finished_tls_sha256( : "server finished"; #if defined(MBEDTLS_USE_PSA_CRYPTO) - sha256_psa = psa_hash_operation_init(); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls")); - MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha256")); - - status = psa_hash_clone(&ssl->handshake->fin_sha256_psa, &sha256_psa); + status = psa_hash_clone(hs_op, &cloned_op); if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); - return; + goto exit; } - status = psa_hash_finish(&sha256_psa, padbuf, sizeof(padbuf), &hash_size); + status = psa_hash_finish(&cloned_op, padbuf, hlen, &hash_size); if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); - return; + goto exit; } - MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 32); + MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, hlen); #else + MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls")); - mbedtls_sha256_init(&sha256); + ret = mbedtls_md_setup(&cloned_ctx, mbedtls_md_info_from_ctx(hs_ctx), 0); + if (ret != 0) { + goto exit; + } + ret = mbedtls_md_clone(&cloned_ctx, hs_ctx); + if (ret != 0) { + goto exit; + } - MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls sha256")); - - mbedtls_sha256_clone(&sha256, &ssl->handshake->fin_sha256); - - /* - * TLSv1.2: - * hash = PRF( master, finished_label, - * Hash( handshake ) )[0.11] - */ - -#if !defined(MBEDTLS_SHA256_ALT) - MBEDTLS_SSL_DEBUG_BUF(4, "finished sha2 state", (unsigned char *) - sha256.state, sizeof(sha256.state)); -#endif - - mbedtls_sha256_finish(&sha256, padbuf); - mbedtls_sha256_free(&sha256); + ret = mbedtls_md_finish(&cloned_ctx, padbuf); + if (ret != 0) { + goto exit; + } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - ssl->handshake->tls_prf(session->master, 48, sender, - padbuf, 32, buf, len); - - MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - - mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); - - MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); -} -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ - - -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) -static void ssl_calc_finished_tls_sha384( - mbedtls_ssl_context *ssl, unsigned char *buf, int from) -{ - int len = 12; - const char *sender; - unsigned char padbuf[48]; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t hash_size; - psa_hash_operation_t sha384_psa = PSA_HASH_OPERATION_INIT; - psa_status_t status; -#else - mbedtls_sha512_context sha512; -#endif - - mbedtls_ssl_session *session = ssl->session_negotiate; - if (!session) { - session = ssl->session; - } - - sender = (from == MBEDTLS_SSL_IS_CLIENT) - ? "client finished" - : "server finished"; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - sha384_psa = psa_hash_operation_init(); - - MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc PSA finished tls sha384")); - - status = psa_hash_clone(&ssl->handshake->fin_sha384_psa, &sha384_psa); - if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash clone failed")); - return; - } - - status = psa_hash_finish(&sha384_psa, padbuf, sizeof(padbuf), &hash_size); - if (status != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_MSG(2, ("PSA hash finish failed")); - return; - } - MBEDTLS_SSL_DEBUG_BUF(3, "PSA calculated padbuf", padbuf, 48); -#else - mbedtls_sha512_init(&sha512); - - MBEDTLS_SSL_DEBUG_MSG(2, ("=> calc finished tls sha384")); - - mbedtls_sha512_clone(&sha512, &ssl->handshake->fin_sha384); + MBEDTLS_SSL_DEBUG_BUF(4, "finished output", padbuf, hlen); /* * TLSv1.2: * hash = PRF( master, finished_label, * Hash( handshake ) )[0.11] */ - -#if !defined(MBEDTLS_SHA512_ALT) - MBEDTLS_SSL_DEBUG_BUF(4, "finished sha512 state", (unsigned char *) - sha512.state, sizeof(sha512.state)); -#endif - mbedtls_sha512_finish(&sha512, padbuf); - - mbedtls_sha512_free(&sha512); -#endif - ssl->handshake->tls_prf(session->master, 48, sender, - padbuf, 48, buf, len); + padbuf, hlen, buf, len); MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len); - mbedtls_platform_zeroize(padbuf, sizeof(padbuf)); + mbedtls_platform_zeroize(padbuf, hlen); - MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished")); + +exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_hash_abort(&cloned_op); + return mbedtls_md_error_from_psa(status); +#else + mbedtls_md_free(&cloned_ctx); + return ret; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ } -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ + +#if defined(MBEDTLS_MD_CAN_SHA256) +static int ssl_calc_finished_tls_sha256( + mbedtls_ssl_context *ssl, unsigned char *buf, int from) +{ + unsigned char padbuf[32]; + return ssl_calc_finished_tls_generic(ssl, +#if defined(MBEDTLS_USE_PSA_CRYPTO) + &ssl->handshake->fin_sha256_psa, +#else + &ssl->handshake->fin_sha256, +#endif + padbuf, sizeof(padbuf), + buf, from); +} +#endif /* MBEDTLS_MD_CAN_SHA256*/ + + +#if defined(MBEDTLS_MD_CAN_SHA384) +static int ssl_calc_finished_tls_sha384( + mbedtls_ssl_context *ssl, unsigned char *buf, int from) +{ + unsigned char padbuf[48]; + return ssl_calc_finished_tls_generic(ssl, +#if defined(MBEDTLS_USE_PSA_CRYPTO) + &ssl->handshake->fin_sha384_psa, +#else + &ssl->handshake->fin_sha384, +#endif + padbuf, sizeof(padbuf), + buf, from); +} +#endif /* MBEDTLS_MD_CAN_SHA384*/ void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl) { @@ -7787,7 +7867,10 @@ int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl) mbedtls_ssl_update_out_pointers(ssl, ssl->transform_negotiate); - ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint); + ret = ssl->handshake->calc_finished(ssl, ssl->out_msg + 4, ssl->conf->endpoint); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "calc_finished", ret); + } /* * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites @@ -7897,7 +7980,10 @@ int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished")); - ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1); + ret = ssl->handshake->calc_finished(ssl, buf, ssl->conf->endpoint ^ 1); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "calc_finished", ret); + } if ((ret = mbedtls_ssl_read_record(ssl, 1)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); @@ -7978,20 +8064,20 @@ static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id) { const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) if (ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA384) { return tls_prf_sha384; } else #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) { if (ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA256) { return tls_prf_sha256; } } #endif -#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ - !defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if !defined(MBEDTLS_MD_CAN_SHA384) && \ + !defined(MBEDTLS_MD_CAN_SHA256) (void) ciphersuite_info; #endif @@ -8002,12 +8088,12 @@ static tls_prf_fn ssl_tls12prf_from_cs(int ciphersuite_id) static mbedtls_tls_prf_types tls_prf_get_type(mbedtls_ssl_tls_prf_cb *tls_prf) { ((void) tls_prf); -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) if (tls_prf == tls_prf_sha384) { return MBEDTLS_SSL_TLS_PRF_SHA384; } else #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) if (tls_prf == tls_prf_sha256) { return MBEDTLS_SSL_TLS_PRF_SHA256; } else @@ -8123,17 +8209,17 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, } #if defined(MBEDTLS_USE_PSA_CRYPTO) - if ((status = mbedtls_ssl_cipher_to_psa(ciphersuite_info->cipher, + if ((status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) ciphersuite_info->cipher, transform->taglen, &alg, &key_type, &key_bits)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_cipher_to_psa", ret); goto end; } #else - cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); + cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) ciphersuite_info->cipher); if (cipher_info == NULL) { MBEDTLS_SSL_DEBUG_MSG(1, ("cipher info for %u not found", ciphersuite_info->cipher)); @@ -8142,14 +8228,14 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - mac_alg = mbedtls_hash_info_psa_from_md(ciphersuite_info->mac); + mac_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac); if (mac_alg == 0) { - MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_hash_info_psa_from_md for %u not found", + MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_md_psa_alg_from_type for %u not found", (unsigned) ciphersuite_info->mac)); return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } #else - md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) ciphersuite_info->mac); if (md_info == NULL) { MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_md info for %u not found", (unsigned) ciphersuite_info->mac)); @@ -8246,7 +8332,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t block_size = PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type); #else - size_t block_size = cipher_info->block_size; + size_t block_size = mbedtls_cipher_info_get_block_size(cipher_info); #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -8269,7 +8355,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, #if defined(MBEDTLS_USE_PSA_CRYPTO) transform->ivlen = PSA_CIPHER_IV_LENGTH(key_type, alg); #else - transform->ivlen = cipher_info->iv_size; + transform->ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Minimum length */ @@ -8376,7 +8462,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, PSA_BITS_TO_BYTES(key_bits), &transform->psa_key_enc)) != PSA_SUCCESS) { MBEDTLS_SSL_DEBUG_RET(3, "psa_import_key", (int) status); - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_import_key", ret); goto end; } @@ -8387,7 +8473,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, key2, PSA_BITS_TO_BYTES(key_bits), &transform->psa_key_dec)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_import_key", ret); goto end; } @@ -8450,7 +8536,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, if ((status = psa_import_key(&attributes, mac_enc, mac_key_len, &transform->psa_mac_enc)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_import_mac_key", ret); goto end; } @@ -8471,7 +8557,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, if ((status = psa_import_key(&attributes, mac_dec, mac_key_len, &transform->psa_mac_dec)) != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_import_mac_key", ret); goto end; } @@ -8526,7 +8612,7 @@ int mbedtls_psa_ecjpake_read_round( status = psa_pake_input(pake_ctx, step, buf + input_offset, length); if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } input_offset += length; @@ -8568,7 +8654,7 @@ int mbedtls_psa_ecjpake_write_round( len - output_offset - 1, &output_len); if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } *(buf + output_offset) = (uint8_t) output_len; @@ -8591,7 +8677,7 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl, { psa_status_t status; psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; - psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md(md_alg); + psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(md_alg); MBEDTLS_SSL_DEBUG_MSG(3, ("Perform PSA-based computation of digest of ServerKeyExchange")); @@ -8716,11 +8802,17 @@ unsigned int mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( MBEDTLS_SSL_TLS12_SIG_ALG_FROM_SIG_AND_HASH_ALG( received_sig_algs[i]); + mbedtls_md_type_t md_alg = + mbedtls_ssl_md_alg_from_hash((unsigned char) hash_alg_received); + if (md_alg == MBEDTLS_MD_NONE) { + continue; + } + if (sig_alg == sig_alg_received) { #if defined(MBEDTLS_USE_PSA_CRYPTO) if (ssl->handshake->key_cert && ssl->handshake->key_cert->key) { psa_algorithm_t psa_hash_alg = - mbedtls_hash_info_psa_from_md(hash_alg_received); + mbedtls_md_psa_alg_from_type(md_alg); if (sig_alg_received == MBEDTLS_SSL_SIG_ECDSA && !mbedtls_pk_can_do_ext(ssl->handshake->key_cert->key, @@ -8930,14 +9022,7 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - start = ((uint64_t) p[0] << 56) | - ((uint64_t) p[1] << 48) | - ((uint64_t) p[2] << 40) | - ((uint64_t) p[3] << 32) | - ((uint64_t) p[4] << 24) | - ((uint64_t) p[5] << 16) | - ((uint64_t) p[6] << 8) | - ((uint64_t) p[7]); + start = MBEDTLS_GET_UINT64_BE(p, 0); p += 8; session->start = (time_t) start; @@ -8960,10 +9045,7 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, memcpy(session->master, p, 48); p += 48; - session->verify_result = ((uint32_t) p[0] << 24) | - ((uint32_t) p[1] << 16) | - ((uint32_t) p[2] << 8) | - ((uint32_t) p[3]); + session->verify_result = MBEDTLS_GET_UINT32_BE(p, 0); p += 4; /* Immediately clear invalid pointer values that have been read, in case @@ -9082,10 +9164,7 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->ticket_lifetime = ((uint32_t) p[0] << 24) | - ((uint32_t) p[1] << 16) | - ((uint32_t) p[2] << 8) | - ((uint32_t) p[3]); + session->ticket_lifetime = MBEDTLS_GET_UINT32_BE(p, 0); p += 4; #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ @@ -9485,9 +9564,8 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session, /* Now it's clear that we will overwrite the old hostname, * so we can free it safely */ if (session->hostname != NULL) { - mbedtls_platform_zeroize(session->hostname, + mbedtls_zeroize_and_free(session->hostname, strlen(session->hostname)); - mbedtls_free(session->hostname); } /* Passing NULL as hostname shall clear the old one */ diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index b427ae944..27bbafa06 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -31,8 +31,19 @@ #include "mbedtls/constant_time.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" #include "psa/crypto.h" +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ #include @@ -47,8 +58,6 @@ #include "mbedtls/platform_util.h" #endif -#include "hash_info.h" - #if defined(MBEDTLS_SSL_RENEGOTIATION) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, @@ -90,7 +99,8 @@ static int ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL @@ -121,7 +131,8 @@ static int ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, return 0; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -538,7 +549,8 @@ int mbedtls_ssl_tls12_write_client_hello_exts(mbedtls_ssl_context *ssl, p += ext_len; #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) if (uses_ec) { if ((ret = ssl_write_supported_point_formats_ext(ssl, p, end, @@ -806,7 +818,8 @@ static int ssl_parse_session_ticket_ext(mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, @@ -828,11 +841,10 @@ static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, while (list_size > 0) { if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || p[0] == MBEDTLS_ECP_PF_COMPRESSED) { -#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ - (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) ssl->handshake->ecdh_ctx.point_format = p[0]; -#endif /* !MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ) */ +#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx, @@ -851,7 +863,8 @@ static int ssl_parse_supported_point_formats_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -1090,6 +1103,7 @@ static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl) { + int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); uint16_t dtls_legacy_version; @@ -1160,7 +1174,11 @@ static int ssl_parse_hello_verify_request(mbedtls_ssl_context *ssl) /* Start over at ClientHello */ ssl->state = MBEDTLS_SSL_CLIENT_HELLO; - mbedtls_ssl_reset_checksum(ssl); + ret = mbedtls_ssl_reset_checksum(ssl); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_reset_checksum"), ret); + return ret; + } mbedtls_ssl_recv_flight_completed(ssl); @@ -1259,7 +1277,8 @@ static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) buf += mbedtls_ssl_hs_hdr_len(ssl); MBEDTLS_SSL_DEBUG_BUF(3, "server hello, version", buf, 2); - ssl->tls_version = mbedtls_ssl_read_version(buf, ssl->conf->transport); + ssl->tls_version = (mbedtls_ssl_protocol_version) mbedtls_ssl_read_version(buf, + ssl->conf->transport); ssl->session_negotiate->tls_version = ssl->tls_version; if (ssl->tls_version < ssl->conf->min_tls_version || @@ -1530,7 +1549,8 @@ static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) break; #endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS: MBEDTLS_SSL_DEBUG_MSG(3, @@ -1542,7 +1562,8 @@ static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) } break; -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -1706,9 +1727,9 @@ static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, unsigned char *end) { uint16_t tls_id; - uint8_t ecpoint_len; + size_t ecpoint_len; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - psa_ecc_family_t ec_psa_family = 0; + psa_key_type_t key_type = PSA_KEY_TYPE_NONE; size_t ec_bits = 0; /* @@ -1745,12 +1766,12 @@ static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, } /* Convert EC's TLS ID to PSA key type. */ - if (mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &ec_psa_family, + if (mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &key_type, &ec_bits) == PSA_ERROR_NOT_SUPPORTED) { return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } - handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ec_psa_family); - handshake->ecdh_bits = ec_bits; + handshake->xxdh_psa_type = key_type; + handshake->xxdh_psa_bits = ec_bits; /* Keep a copy of the peer's public key */ ecpoint_len = *(*p)++; @@ -1758,12 +1779,12 @@ static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_DECODE_ERROR; } - if (ecpoint_len > sizeof(handshake->ecdh_psa_peerkey)) { + if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) { return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } - memcpy(handshake->ecdh_psa_peerkey, *p, ecpoint_len); - handshake->ecdh_psa_peerkey_len = ecpoint_len; + memcpy(handshake->xxdh_psa_peerkey, *p, ecpoint_len); + handshake->xxdh_psa_peerkey_len = ecpoint_len; *p += ecpoint_len; return 0; @@ -1980,7 +2001,6 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const mbedtls_ecp_keypair *peer_key; mbedtls_pk_context *peer_pk; #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) @@ -2001,45 +2021,53 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - peer_key = mbedtls_pk_ec(*peer_pk); +#if defined(MBEDTLS_ECP_C) + const mbedtls_ecp_keypair *peer_key = mbedtls_pk_ec_ro(*peer_pk); +#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - size_t olen = 0; uint16_t tls_id = 0; - psa_ecc_family_t ecc_family; + psa_key_type_t key_type = PSA_KEY_TYPE_NONE; + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(peer_pk); - if (mbedtls_ssl_check_curve(ssl, peer_key->grp.id) != 0) { + if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)")); return MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } - tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(peer_key->grp.id); + tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(grp_id); if (tls_id == 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("ECC group %u not suported", - peer_key->grp.id)); + grp_id)); return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } /* If the above conversion to TLS ID was fine, then also this one will be, so there is no need to check the return value here */ - mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &ecc_family, - &ssl->handshake->ecdh_bits); + mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &key_type, + &ssl->handshake->xxdh_psa_bits); - ssl->handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ecc_family); + ssl->handshake->xxdh_psa_type = key_type; /* Store peer's public key in psa format. */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + memcpy(ssl->handshake->xxdh_psa_peerkey, peer_pk->pub_raw, peer_pk->pub_raw_len); + ssl->handshake->xxdh_psa_peerkey_len = peer_pk->pub_raw_len; + ret = 0; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + size_t olen = 0; ret = mbedtls_ecp_point_write_binary(&peer_key->grp, &peer_key->Q, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, - ssl->handshake->ecdh_psa_peerkey, - MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH); + ssl->handshake->xxdh_psa_peerkey, + sizeof(ssl->handshake->xxdh_psa_peerkey)); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecp_point_write_binary"), ret); return ret; } - - ssl->handshake->ecdh_psa_peerkey_len = olen; -#else + ssl->handshake->xxdh_psa_peerkey_len = olen; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +#else /* MBEDTLS_USE_PSA_CRYPTO */ if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, peer_key, MBEDTLS_ECDH_THEIRS)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); @@ -2050,7 +2078,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)")); return MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* We don't need the peer's public key anymore. Free it, * so that more RAM is available for upcoming expensive @@ -2278,7 +2306,7 @@ start_processing: #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) if (mbedtls_ssl_ciphersuite_uses_server_signature(ciphersuite_info)) { size_t sig_len, hashlen; - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; @@ -2395,7 +2423,7 @@ start_processing: mbedtls_pk_rsassa_pss_options rsassa_pss_options; rsassa_pss_options.mgf1_hash_id = md_alg; rsassa_pss_options.expected_salt_len = - mbedtls_hash_info_get_size(md_alg); + mbedtls_md_get_size_from_type(md_alg); if (rsassa_pss_options.expected_salt_len == 0) { return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } @@ -2767,12 +2795,12 @@ static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl) key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); - psa_set_key_type(&key_attributes, handshake->ecdh_psa_type); - psa_set_key_bits(&key_attributes, handshake->ecdh_bits); + psa_set_key_type(&key_attributes, handshake->xxdh_psa_type); + psa_set_key_bits(&key_attributes, handshake->xxdh_psa_bits); /* Generate ECDH private key. */ status = psa_generate_key(&key_attributes, - &handshake->ecdh_psa_privkey); + &handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } @@ -2785,12 +2813,12 @@ static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl) size_t own_pubkey_max_len = (size_t) (end - own_pubkey); size_t own_pubkey_len; - status = psa_export_public_key(handshake->ecdh_psa_privkey, + status = psa_export_public_key(handshake->xxdh_psa_privkey, own_pubkey, own_pubkey_max_len, &own_pubkey_len); if (status != PSA_SUCCESS) { - psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; } @@ -2801,15 +2829,15 @@ static int ssl_write_client_key_exchange(mbedtls_ssl_context *ssl) /* Compute ECDH shared secret. */ status = psa_raw_key_agreement(PSA_ALG_ECDH, - handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, - handshake->ecdh_psa_peerkey_len, + handshake->xxdh_psa_privkey, + handshake->xxdh_psa_peerkey, + handshake->xxdh_psa_peerkey_len, ssl->handshake->premaster, sizeof(ssl->handshake->premaster), &ssl->handshake->pmslen); - destruction_status = psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; if (status != PSA_SUCCESS || destruction_status != PSA_SUCCESS) { return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; @@ -2939,14 +2967,14 @@ ecdh_calc_secret: key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); - psa_set_key_type(&key_attributes, handshake->ecdh_psa_type); - psa_set_key_bits(&key_attributes, handshake->ecdh_bits); + psa_set_key_type(&key_attributes, handshake->xxdh_psa_type); + psa_set_key_bits(&key_attributes, handshake->xxdh_psa_bits); /* Generate ECDH private key. */ status = psa_generate_key(&key_attributes, - &handshake->ecdh_psa_privkey); + &handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } /* Export the public part of the ECDH private key from PSA. @@ -2957,13 +2985,13 @@ ecdh_calc_secret: size_t own_pubkey_max_len = (size_t) (end - own_pubkey); size_t own_pubkey_len = 0; - status = psa_export_public_key(handshake->ecdh_psa_privkey, + status = psa_export_public_key(handshake->xxdh_psa_privkey, own_pubkey, own_pubkey_max_len, &own_pubkey_len); if (status != PSA_SUCCESS) { - psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - return psa_ssl_status_to_mbedtls(status); + psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + return PSA_TO_MBEDTLS_ERR(status); } *p = (unsigned char) own_pubkey_len; @@ -2984,20 +3012,20 @@ ecdh_calc_secret: /* Perform ECDH computation after the uint16 reserved for the length */ status = psa_raw_key_agreement(PSA_ALG_ECDH, - handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, - handshake->ecdh_psa_peerkey_len, + handshake->xxdh_psa_privkey, + handshake->xxdh_psa_peerkey, + handshake->xxdh_psa_peerkey_len, pms + zlen_size, pms_end - (pms + zlen_size), &zlen); - destruction_status = psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } else if (destruction_status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(destruction_status); + return PSA_TO_MBEDTLS_ERR(destruction_status); } /* Write the ECDH computation length before the ECDH computation */ @@ -3120,7 +3148,8 @@ ecdh_calc_secret: #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, - ciphersuite_info->key_exchange)) != 0) { + (mbedtls_key_exchange_type_t) ciphersuite_info-> + key_exchange)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); return ret; @@ -3283,7 +3312,11 @@ static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) sign: #endif - ssl->handshake->calc_verify(ssl, hash, &hashlen); + ret = ssl->handshake->calc_verify(ssl, hash, &hashlen); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("calc_verify"), ret); + return ret; + } /* * digitally-signed struct { @@ -3427,16 +3460,14 @@ static int ssl_parse_new_session_ticket(mbedtls_ssl_context *ssl) } if (ssl->session != NULL && ssl->session->ticket != NULL) { - mbedtls_platform_zeroize(ssl->session->ticket, + mbedtls_zeroize_and_free(ssl->session->ticket, ssl->session->ticket_len); - mbedtls_free(ssl->session->ticket); ssl->session->ticket = NULL; ssl->session->ticket_len = 0; } - mbedtls_platform_zeroize(ssl->session_negotiate->ticket, + mbedtls_zeroize_and_free(ssl->session_negotiate->ticket, ssl->session_negotiate->ticket_len); - mbedtls_free(ssl->session_negotiate->ticket); ssl->session_negotiate->ticket = NULL; ssl->session_negotiate->ticket_len = 0; diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 929829249..6ebd5064f 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -30,10 +30,24 @@ #include "mbedtls/platform_util.h" #include "constant_time_internal.h" #include "mbedtls/constant_time.h" -#include "hash_info.h" #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif +#endif + #if defined(MBEDTLS_ECP_C) #include "mbedtls/ecp.h" #endif @@ -134,7 +148,8 @@ static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, return 0; } -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) /* * Function for parsing a supported groups (TLS 1.3) or supported elliptic @@ -173,7 +188,6 @@ static int ssl_parse_renegotiation_info(mbedtls_ssl_context *ssl, * generalization of the TLS 1.2 supported elliptic curves extension. They both * share the same extension identifier. * - * DHE groups are not supported yet. */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_parse_supported_groups_ext(mbedtls_ssl_context *ssl, @@ -260,11 +274,10 @@ static int ssl_parse_supported_point_formats(mbedtls_ssl_context *ssl, while (list_size > 0) { if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED || p[0] == MBEDTLS_ECP_PF_COMPRESSED) { -#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ - (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ + defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) ssl->handshake->ecdh_ctx.point_format = p[0]; -#endif /* !MBEDTLS_USE_PSA_CRYPTO && - ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ) */ +#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED */ #if !defined(MBEDTLS_USE_PSA_CRYPTO) && \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx, @@ -280,7 +293,8 @@ static int ssl_parse_supported_point_formats(mbedtls_ssl_context *ssl, return 0; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -656,13 +670,13 @@ static int ssl_parse_use_srtp_ext(mbedtls_ssl_context *ssl, /* * Return 0 if the given key uses one of the acceptable curves, -1 otherwise */ -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_check_key_curve(mbedtls_pk_context *pk, uint16_t *curves_tls_id) { uint16_t *curr_tls_id = curves_tls_id; - mbedtls_ecp_group_id grp_id = mbedtls_pk_ec(*pk)->grp.id; + mbedtls_ecp_group_id grp_id = mbedtls_pk_ec_ro(*pk)->grp.id; mbedtls_ecp_group_id curr_grp_id; while (*curr_tls_id != 0) { @@ -675,7 +689,7 @@ static int ssl_check_key_curve(mbedtls_pk_context *pk, return -1; } -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED */ /* * Try picking a certificate for this ciphersuite, @@ -760,7 +774,7 @@ static int ssl_pick_cert(mbedtls_ssl_context *ssl, continue; } -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) if (pk_alg == MBEDTLS_PK_ECDSA && ssl_check_key_curve(&cur->cert->pk, ssl->handshake->curves_tls_id) != 0) { @@ -824,7 +838,8 @@ static int ssl_ciphersuite_match(mbedtls_ssl_context *ssl, int suite_id, #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) if (mbedtls_ssl_ciphersuite_uses_ec(suite_info) && (ssl->handshake->curves_tls_id == NULL || ssl->handshake->curves_tls_id[0] == 0)) { @@ -916,12 +931,15 @@ read_record_header: * If renegotiating, then the input was read with mbedtls_ssl_read_record(), * otherwise read it ourselves manually in order to support SSLv2 * ClientHello, which doesn't use the same record layer format. + * Otherwise in a scenario of TLS 1.3/TLS 1.2 version negotiation, the + * ClientHello has been already fully fetched by the TLS 1.3 code and the + * flag ssl->keep_current_message is raised. */ renegotiating = 0; #if defined(MBEDTLS_SSL_RENEGOTIATION) renegotiating = (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE); #endif - if (!renegotiating) { + if (!renegotiating && !ssl->keep_current_message) { if ((ret = mbedtls_ssl_fetch_input(ssl, 5)) != 0) { /* No alert on a read error. */ MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); @@ -996,31 +1014,39 @@ read_record_header: } else #endif { - if (msg_len > MBEDTLS_SSL_IN_CONTENT_LEN) { - MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; - } + if (ssl->keep_current_message) { + ssl->keep_current_message = 0; + } else { + if (msg_len > MBEDTLS_SSL_IN_CONTENT_LEN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } - if ((ret = mbedtls_ssl_fetch_input(ssl, - mbedtls_ssl_in_hdr_len(ssl) + msg_len)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); - return ret; - } + if ((ret = mbedtls_ssl_fetch_input(ssl, + mbedtls_ssl_in_hdr_len(ssl) + msg_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_fetch_input", ret); + return ret; + } - /* Done reading this record, get ready for the next one */ + /* Done reading this record, get ready for the next one */ #if defined(MBEDTLS_SSL_PROTO_DTLS) - if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { - ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len(ssl); - } else + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + ssl->next_record_offset = msg_len + mbedtls_ssl_in_hdr_len(ssl); + } else #endif - ssl->in_left = 0; + ssl->in_left = 0; + } } buf = ssl->in_msg; MBEDTLS_SSL_DEBUG_BUF(4, "record contents", buf, msg_len); - ssl->handshake->update_checksum(ssl, buf, msg_len); + ret = ssl->handshake->update_checksum(ssl, buf, msg_len); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret); + return ret; + } /* * Handshake layer: @@ -1073,9 +1099,7 @@ read_record_header: #if defined(MBEDTLS_SSL_RENEGOTIATION) if (ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS) { /* This couldn't be done in ssl_prepare_handshake_record() */ - unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) | - ssl->in_msg[5]; - + unsigned int cli_msg_seq = (unsigned int) MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4); if (cli_msg_seq != ssl->handshake->in_msg_seq) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message_seq: " "%u (expected %u)", cli_msg_seq, @@ -1087,8 +1111,7 @@ read_record_header: } else #endif { - unsigned int cli_msg_seq = (ssl->in_msg[4] << 8) | - ssl->in_msg[5]; + unsigned int cli_msg_seq = (unsigned int) MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4); ssl->handshake->out_msg_seq = cli_msg_seq; ssl->handshake->in_msg_seq = cli_msg_seq + 1; } @@ -1147,7 +1170,8 @@ read_record_header: */ MBEDTLS_SSL_DEBUG_BUF(3, "client hello, version", buf, 2); - ssl->tls_version = mbedtls_ssl_read_version(buf, ssl->conf->transport); + ssl->tls_version = (mbedtls_ssl_protocol_version) mbedtls_ssl_read_version(buf, + ssl->conf->transport); ssl->session_negotiate->tls_version = ssl->tls_version; if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_2) { @@ -1359,7 +1383,8 @@ read_record_header: break; #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS: MBEDTLS_SSL_DEBUG_MSG(3, ("found supported elliptic curves extension")); @@ -1379,7 +1404,8 @@ read_record_header: return ret; } break; -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || \ + MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -1489,7 +1515,7 @@ read_record_header: if (!sig_hash_alg_ext_present) { uint16_t *received_sig_algs = ssl->handshake->received_sig_algs; const uint16_t default_sig_algs[] = { -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA1), #endif @@ -1500,10 +1526,9 @@ read_record_header: MBEDTLS_TLS_SIG_NONE }; -#if defined(static_assert) - static_assert(sizeof(default_sig_algs) / sizeof(default_sig_algs[0]) <= - MBEDTLS_RECEIVED_SIG_ALGS_SIZE, "default_sig_algs is too big"); -#endif + MBEDTLS_STATIC_ASSERT(sizeof(default_sig_algs) / sizeof(default_sig_algs[0]) + <= MBEDTLS_RECEIVED_SIG_ALGS_SIZE, + "default_sig_algs is too big"); memcpy(received_sig_algs, default_sig_algs, sizeof(default_sig_algs)); } @@ -1874,7 +1899,8 @@ static void ssl_write_max_fragment_length_ext(mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) static void ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, unsigned char *buf, @@ -1902,7 +1928,9 @@ static void ssl_write_supported_point_formats_ext(mbedtls_ssl_context *ssl, *olen = 6; } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, @@ -2199,11 +2227,37 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl) p += 4; #endif /* MBEDTLS_HAVE_TIME */ - if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 28)) != 0) { + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 20)) != 0) { return ret; } + p += 20; - p += 28; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + /* + * RFC 8446 + * TLS 1.3 has a downgrade protection mechanism embedded in the server's + * random value. TLS 1.3 servers which negotiate TLS 1.2 or below in + * response to a ClientHello MUST set the last 8 bytes of their Random + * value specially in their ServerHello. + */ + if (mbedtls_ssl_conf_is_tls13_enabled(ssl->conf)) { + static const unsigned char magic_tls12_downgrade_string[] = + { 'D', 'O', 'W', 'N', 'G', 'R', 'D', 1 }; + + MBEDTLS_STATIC_ASSERT( + sizeof(magic_tls12_downgrade_string) == 8, + "magic_tls12_downgrade_string does not have the expected size"); + + memcpy(p, magic_tls12_downgrade_string, + sizeof(magic_tls12_downgrade_string)); + } else +#endif + { + if ((ret = ssl->conf->f_rng(ssl->conf->p_rng, p, 8)) != 0) { + return ret; + } + } + p += 8; memcpy(ssl->handshake->randbytes + 32, buf + 6, 32); @@ -2305,7 +2359,8 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl) ext_len += olen; #endif -#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) const mbedtls_ssl_ciphersuite_t *suite = mbedtls_ssl_ciphersuite_from_id(ssl->session_negotiate->ciphersuite); @@ -2429,7 +2484,7 @@ static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_RSA_C) p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN; #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN; #endif @@ -2553,14 +2608,17 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - unsigned char buf[ - PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; - psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT; - uint16_t tls_id = 0; - psa_ecc_family_t ecc_family; - size_t key_len; mbedtls_pk_context *pk; + mbedtls_pk_type_t pk_type; + psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT; +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) + uint16_t tls_id = 0; + psa_key_type_t key_type = PSA_KEY_TYPE_NONE; + size_t key_len; + mbedtls_ecp_group_id grp_id; + unsigned char buf[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; mbedtls_ecp_keypair *key; +#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ pk = mbedtls_ssl_own_key(ssl); @@ -2568,41 +2626,48 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - switch (mbedtls_pk_get_type(pk)) { + pk_type = mbedtls_pk_get_type(pk); + + switch (pk_type) { case MBEDTLS_PK_OPAQUE: +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ if (!mbedtls_pk_can_do(pk, MBEDTLS_PK_ECKEY)) { return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - ssl->handshake->ecdh_psa_privkey = - *((mbedtls_svc_key_id_t *) pk->pk_ctx); + ssl->handshake->xxdh_psa_privkey = pk->priv_id; /* Key should not be destroyed in the TLS library */ - ssl->handshake->ecdh_psa_privkey_is_external = 1; + ssl->handshake->xxdh_psa_privkey_is_external = 1; - status = psa_get_key_attributes(ssl->handshake->ecdh_psa_privkey, + status = psa_get_key_attributes(ssl->handshake->xxdh_psa_privkey, &key_attributes); if (status != PSA_SUCCESS) { - ssl->handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - return psa_ssl_status_to_mbedtls(status); + ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + return PSA_TO_MBEDTLS_ERR(status); } - ssl->handshake->ecdh_psa_type = psa_get_key_type(&key_attributes); - ssl->handshake->ecdh_bits = psa_get_key_bits(&key_attributes); + ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes); + ssl->handshake->xxdh_psa_bits = psa_get_key_bits(&key_attributes); psa_reset_key_attributes(&key_attributes); ret = 0; break; +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) case MBEDTLS_PK_ECKEY: case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECDSA: - key = mbedtls_pk_ec(*pk); - if (key == NULL) { + key = mbedtls_pk_ec_rw(*pk); + grp_id = mbedtls_pk_get_group_id(pk); + if (grp_id == MBEDTLS_ECP_DP_NONE) { return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - - tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(key->grp.id); + tls_id = mbedtls_ssl_get_tls_id_from_ecp_group_id(grp_id); if (tls_id == 0) { /* This elliptic curve is not supported */ return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; @@ -2610,40 +2675,41 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) /* If the above conversion to TLS ID was fine, then also this one will be, so there is no need to check the return value here */ - mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &ecc_family, - &ssl->handshake->ecdh_bits); + mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id, &key_type, + &ssl->handshake->xxdh_psa_bits); - ssl->handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ecc_family); + ssl->handshake->xxdh_psa_type = key_type; key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); psa_set_key_type(&key_attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->ecdh_psa_type)); - psa_set_key_bits(&key_attributes, ssl->handshake->ecdh_bits); + PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type)); + psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits); key_len = PSA_BITS_TO_BYTES(key->grp.pbits); ret = mbedtls_ecp_write_key(key, buf, key_len); if (ret != 0) { - goto cleanup; + mbedtls_platform_zeroize(buf, sizeof(buf)); + break; } status = psa_import_key(&key_attributes, buf, key_len, - &ssl->handshake->ecdh_psa_privkey); + &ssl->handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); - goto cleanup; + ret = PSA_TO_MBEDTLS_ERR(status); + mbedtls_platform_zeroize(buf, sizeof(buf)); + break; } + mbedtls_platform_zeroize(buf, sizeof(buf)); ret = 0; break; +#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ default: ret = MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } -cleanup: - mbedtls_platform_zeroize(buf, sizeof(buf)); - return ret; } #elif defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ @@ -2665,7 +2731,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) } if ((ret = mbedtls_ecdh_get_params(&ssl->handshake->ecdh_ctx, - mbedtls_pk_ec(*mbedtls_ssl_own_key(ssl)), + mbedtls_pk_ec_ro(*mbedtls_ssl_own_key(ssl)), MBEDTLS_ECDH_OURS)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ecdh_get_params"), ret); return ret; @@ -2914,26 +2980,26 @@ curve_matching_done: const size_t header_size = 4; // curve_type(1), namedcurve(2), // data length(1) const size_t data_length_size = 1; - psa_ecc_family_t ec_psa_family = 0; + psa_key_type_t key_type = PSA_KEY_TYPE_NONE; size_t ec_bits = 0; MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation.")); /* Convert EC's TLS ID to PSA key type. */ if (mbedtls_ssl_get_psa_curve_info_from_tls_id(*curr_tls_id, - &ec_psa_family, + &key_type, &ec_bits) == PSA_ERROR_NOT_SUPPORTED) { MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid ecc group parse.")); return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } - handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ec_psa_family); - handshake->ecdh_bits = ec_bits; + handshake->xxdh_psa_type = key_type; + handshake->xxdh_psa_bits = ec_bits; key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); - psa_set_key_type(&key_attributes, handshake->ecdh_psa_type); - psa_set_key_bits(&key_attributes, handshake->ecdh_bits); + psa_set_key_type(&key_attributes, handshake->xxdh_psa_type); + psa_set_key_bits(&key_attributes, handshake->xxdh_psa_bits); /* * ECParameters curve_params @@ -2950,9 +3016,9 @@ curve_matching_done: /* Generate ECDH private key. */ status = psa_generate_key(&key_attributes, - &handshake->ecdh_psa_privkey); + &handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_generate_key", ret); return ret; } @@ -2972,14 +3038,14 @@ curve_matching_done: size_t own_pubkey_max_len = (size_t) (MBEDTLS_SSL_OUT_CONTENT_LEN - (own_pubkey - ssl->out_msg)); - status = psa_export_public_key(handshake->ecdh_psa_privkey, + status = psa_export_public_key(handshake->xxdh_psa_privkey, own_pubkey, own_pubkey_max_len, &len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_export_public_key", ret); - (void) psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + (void) psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return ret; } @@ -3034,7 +3100,7 @@ curve_matching_done: size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; size_t hashlen = 0; - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -3445,9 +3511,8 @@ static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl, unsigned char *pms = ssl->handshake->premaster + pms_offset; unsigned char ver[2]; unsigned char fake_pms[48], peer_pms[48]; - unsigned char mask; - size_t i, peer_pmslen; - unsigned int diff; + size_t peer_pmslen; + mbedtls_ct_condition_t diff; /* In case of a failure in decryption, the decryption may write less than * 2 bytes of output, but we always read the first two bytes. It doesn't @@ -3476,13 +3541,10 @@ static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl, /* Avoid data-dependent branches while checking for invalid * padding, to protect against timing-based Bleichenbacher-type * attacks. */ - diff = (unsigned int) ret; - diff |= peer_pmslen ^ 48; - diff |= peer_pms[0] ^ ver[0]; - diff |= peer_pms[1] ^ ver[1]; - - /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */ - mask = mbedtls_ct_uint_mask(diff); + diff = mbedtls_ct_bool(ret); + diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pmslen, 48)); + diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pms[0], ver[0])); + diff = mbedtls_ct_bool_or(diff, mbedtls_ct_uint_ne(peer_pms[1], ver[1])); /* * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding @@ -3501,7 +3563,7 @@ static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_DEBUG_ALL) - if (diff != 0) { + if (diff != MBEDTLS_CT_FALSE) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad client key exchange message")); } #endif @@ -3515,9 +3577,7 @@ static int ssl_parse_encrypted_pms(mbedtls_ssl_context *ssl, /* Set pms to either the true or the fake PMS, without * data-dependent branches. */ - for (i = 0; i < ssl->handshake->pmslen; i++) { - pms[i] = (mask & fake_pms[i]) | ((~mask) & peer_pms[i]); - } + mbedtls_ct_memcpy_if(diff, pms, fake_pms, peer_pms, ssl->handshake->pmslen); return 0; } @@ -3658,51 +3718,61 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) psa_status_t status = PSA_ERROR_GENERIC_ERROR; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - MBEDTLS_SSL_DEBUG_MSG(1, ("Read the peer's public key.")); + MBEDTLS_SSL_DEBUG_MSG(3, ("Read the peer's public key.")); /* * We must have at least two bytes (1 for length, at least 1 for data) */ if (buf_len < 2) { - MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid buffer length")); - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid buffer length: %" MBEDTLS_PRINTF_SIZET, + buf_len)); + return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } if (data_len < 1 || data_len > buf_len) { - MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid data length")); - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid data length: %" MBEDTLS_PRINTF_SIZET + " > %" MBEDTLS_PRINTF_SIZET, + data_len, buf_len)); + return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } /* Store peer's ECDH public key. */ - memcpy(handshake->ecdh_psa_peerkey, p, data_len); - handshake->ecdh_psa_peerkey_len = data_len; + if (data_len > sizeof(handshake->xxdh_psa_peerkey)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid public key length: %" MBEDTLS_PRINTF_SIZET + " > %" MBEDTLS_PRINTF_SIZET, + data_len, + sizeof(handshake->xxdh_psa_peerkey))); + return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; + } + memcpy(handshake->xxdh_psa_peerkey, p, data_len); + handshake->xxdh_psa_peerkey_len = data_len; /* Compute ECDH shared secret. */ status = psa_raw_key_agreement( - PSA_ALG_ECDH, handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, handshake->ecdh_psa_peerkey_len, + PSA_ALG_ECDH, handshake->xxdh_psa_privkey, + handshake->xxdh_psa_peerkey, handshake->xxdh_psa_peerkey_len, handshake->premaster, sizeof(handshake->premaster), &handshake->pmslen); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_raw_key_agreement", ret); - if (handshake->ecdh_psa_privkey_is_external == 0) { - (void) psa_destroy_key(handshake->ecdh_psa_privkey); + if (handshake->xxdh_psa_privkey_is_external == 0) { + (void) psa_destroy_key(handshake->xxdh_psa_privkey); } - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return ret; } - if (handshake->ecdh_psa_privkey_is_external == 0) { - status = psa_destroy_key(handshake->ecdh_psa_privkey); + if (handshake->xxdh_psa_privkey_is_external == 0) { + status = psa_destroy_key(handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_destroy_key", ret); return ret; } } - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; #else if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, p, end - p)) != 0) { @@ -3744,7 +3814,8 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, - ciphersuite_info->key_exchange)) != 0) { + (mbedtls_key_exchange_type_t) ciphersuite_info-> + key_exchange)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); return ret; } @@ -3776,7 +3847,8 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, - ciphersuite_info->key_exchange)) != 0) { + (mbedtls_key_exchange_type_t) ciphersuite_info-> + key_exchange)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); return ret; } @@ -3817,7 +3889,8 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MPI(3, "DHM: K ", &ssl->handshake->dhm_ctx.K); #else if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, - ciphersuite_info->key_exchange)) != 0) { + (mbedtls_key_exchange_type_t) ciphersuite_info-> + key_exchange)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); return ret; } @@ -3835,33 +3908,42 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) if ((ret = ssl_parse_client_psk_identity(ssl, &p, end)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, ("ssl_parse_client_psk_identity"), ret); - psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return ret; } /* Keep a copy of the peer's public key */ if (p >= end) { - psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return MBEDTLS_ERR_SSL_DECODE_ERROR; } ecpoint_len = *(p++); if ((size_t) (end - p) < ecpoint_len) { - psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return MBEDTLS_ERR_SSL_DECODE_ERROR; } - if (ecpoint_len > sizeof(handshake->ecdh_psa_peerkey)) { - psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + /* When FFDH is enabled, the array handshake->xxdh_psa_peer_key size takes into account + the sizes of the FFDH keys which are at least 2048 bits. + The size of the array is thus greater than 256 bytes which is greater than any + possible value of ecpoint_len (type uint8_t) and the check below can be skipped.*/ +#if !defined(PSA_WANT_ALG_FFDH) + if (ecpoint_len > sizeof(handshake->xxdh_psa_peerkey)) { + psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } +#else + MBEDTLS_STATIC_ASSERT(sizeof(handshake->xxdh_psa_peerkey) >= UINT8_MAX, + "peer key buffer too small"); +#endif - memcpy(handshake->ecdh_psa_peerkey, p, ecpoint_len); - handshake->ecdh_psa_peerkey_len = ecpoint_len; + memcpy(handshake->xxdh_psa_peerkey, p, ecpoint_len); + handshake->xxdh_psa_peerkey_len = ecpoint_len; p += ecpoint_len; /* As RFC 5489 section 2, the premaster secret is formed as follows: @@ -3879,20 +3961,20 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) /* Compute ECDH shared secret. */ status = psa_raw_key_agreement(PSA_ALG_ECDH, - handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, - handshake->ecdh_psa_peerkey_len, + handshake->xxdh_psa_privkey, + handshake->xxdh_psa_peerkey, + handshake->xxdh_psa_peerkey_len, psm + zlen_size, psm_end - (psm + zlen_size), &zlen); - destruction_status = psa_destroy_key(handshake->ecdh_psa_privkey); - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + destruction_status = psa_destroy_key(handshake->xxdh_psa_privkey); + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } else if (destruction_status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(destruction_status); + return PSA_TO_MBEDTLS_ERR(destruction_status); } /* Write the ECDH computation length before the ECDH computation */ @@ -3915,7 +3997,8 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) MBEDTLS_DEBUG_ECDH_QP); if ((ret = mbedtls_ssl_psk_derive_premaster(ssl, - ciphersuite_info->key_exchange)) != 0) { + (mbedtls_key_exchange_type_t) ciphersuite_info-> + key_exchange)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_psk_derive_premaster", ret); return ret; } @@ -4129,7 +4212,11 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) /* Calculate hash and verify signature */ { size_t dummy_hlen; - ssl->handshake->calc_verify(ssl, hash, &dummy_hlen); + ret = ssl->handshake->calc_verify(ssl, hash, &dummy_hlen); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("calc_verify"), ret); + return ret; + } } if ((ret = mbedtls_pk_verify(peer_pk, @@ -4139,7 +4226,11 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) return ret; } - mbedtls_ssl_update_handshake_status(ssl); + ret = mbedtls_ssl_update_handshake_status(ssl); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_update_handshake_status"), ret); + return ret; + } MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate verify")); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 4aea61ca7..c6fa3b390 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. * - * This file is part of mbed TLS ( https://tls.mbed.org ) + * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" @@ -33,6 +33,19 @@ #include "ssl_client.h" #include "ssl_tls13_keys.h" #include "ssl_debug_helpers.h" +#include "md_psa.h" + +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif /* Write extensions */ @@ -113,7 +126,8 @@ static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, } if (&buf[2] != end) { - MBEDTLS_SSL_DEBUG_MSG(1, ("supported_versions ext data length incorrect")); + MBEDTLS_SSL_DEBUG_MSG( + 1, ("supported_versions ext data length incorrect")); MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, MBEDTLS_ERR_SSL_DECODE_ERROR); return MBEDTLS_ERR_SSL_DECODE_ERROR; @@ -180,23 +194,24 @@ static int ssl_tls13_reset_key_share(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } -#if defined(MBEDTLS_ECDH_C) - if (mbedtls_ssl_tls13_named_group_is_ecdhe(group_id)) { +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(group_id) || + mbedtls_ssl_tls13_named_group_is_ffdh(group_id)) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; /* Destroy generated private key. */ - status = psa_destroy_key(ssl->handshake->ecdh_psa_privkey); + status = psa_destroy_key(ssl->handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_destroy_key", ret); return ret; } - ssl->handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; + ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; return 0; } else -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ if (0 /* other KEMs? */) { /* Do something */ } @@ -215,7 +230,7 @@ static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl, int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) const uint16_t *group_list = mbedtls_ssl_get_groups(ssl); /* Pick first available ECDHE group compatible with TLS 1.3 */ if (group_list == NULL) { @@ -223,22 +238,25 @@ static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl, } for (; *group_list != 0; group_list++) { - if ((mbedtls_ssl_get_psa_curve_info_from_tls_id(*group_list, - NULL, NULL) == PSA_SUCCESS) && +#if defined(PSA_WANT_ALG_ECDH) + if ((mbedtls_ssl_get_psa_curve_info_from_tls_id( + *group_list, NULL, NULL) == PSA_SUCCESS) && mbedtls_ssl_tls13_named_group_is_ecdhe(*group_list)) { *group_id = *group_list; return 0; } +#endif +#if defined(PSA_WANT_ALG_FFDH) + if (mbedtls_ssl_tls13_named_group_is_ffdh(*group_list)) { + *group_id = *group_list; + return 0; + } +#endif } #else ((void) ssl); ((void) group_id); -#endif /* MBEDTLS_ECDH_C */ - - /* - * Add DHE named groups here. - * Pick first available DHE group compatible with TLS 1.3 - */ +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ return ret; } @@ -283,7 +301,7 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, /* HRR could already have requested something else. */ group_id = ssl->handshake->offered_group_id; if (!mbedtls_ssl_tls13_named_group_is_ecdhe(group_id) && - !mbedtls_ssl_tls13_named_group_is_dhe(group_id)) { + !mbedtls_ssl_tls13_named_group_is_ffdh(group_id)) { MBEDTLS_SSL_PROC_CHK(ssl_tls13_get_default_group_id(ssl, &group_id)); } @@ -297,8 +315,9 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, * only one key share entry is allowed. */ client_shares = p; -#if defined(MBEDTLS_ECDH_C) - if (mbedtls_ssl_tls13_named_group_is_ecdhe(group_id)) { +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(group_id) || + mbedtls_ssl_tls13_named_group_is_ffdh(group_id)) { /* Pointer to group */ unsigned char *group = p; /* Length of key_exchange */ @@ -310,7 +329,7 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); p += 4; - ret = mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( + ret = mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( ssl, group_id, p, end, &key_exchange_len); p += key_exchange_len; if (ret != 0) { @@ -322,7 +341,7 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, /* Write key_exchange_length */ MBEDTLS_PUT_UINT16_BE(key_exchange_len, group, 2); } else -#endif /* MBEDTLS_ECDH_C */ +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ if (0 /* other KEMs? */) { /* Do something */ } else { @@ -348,7 +367,8 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl, /* Output the total length of key_share extension. */ *out_len = p - buf; - MBEDTLS_SSL_DEBUG_BUF(3, "client hello, key_share extension", buf, *out_len); + MBEDTLS_SSL_DEBUG_BUF( + 3, "client hello, key_share extension", buf, *out_len); mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_KEY_SHARE); @@ -371,7 +391,7 @@ static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end) { -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) const unsigned char *p = buf; int selected_group; int found = 0; @@ -398,15 +418,22 @@ static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, * then the client MUST abort the handshake with an "illegal_parameter" alert. */ for (; *group_list != 0; group_list++) { - if ((mbedtls_ssl_get_psa_curve_info_from_tls_id(*group_list, - NULL, NULL) == PSA_ERROR_NOT_SUPPORTED) || - *group_list != selected_group) { - continue; +#if defined(PSA_WANT_ALG_ECDH) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(*group_list)) { + if ((mbedtls_ssl_get_psa_curve_info_from_tls_id( + *group_list, NULL, NULL) == PSA_ERROR_NOT_SUPPORTED) || + *group_list != selected_group) { + found = 1; + break; + } } - - /* We found a match */ - found = 1; - break; +#endif /* PSA_WANT_ALG_ECDH */ +#if defined(PSA_WANT_ALG_FFDH) + if (mbedtls_ssl_tls13_named_group_is_ffdh(*group_list)) { + found = 1; + break; + } +#endif /* PSA_WANT_ALG_FFDH */ } /* Client MUST verify that the selected_group field does not @@ -428,12 +455,12 @@ static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl, ssl->handshake->offered_group_id = selected_group; return 0; -#else +#else /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ (void) ssl; (void) buf; (void) end; return MBEDTLS_ERR_SSL_BAD_CONFIG; -#endif +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ } /* @@ -468,31 +495,25 @@ static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl, /* Check that the chosen group matches the one we offered. */ offered_group = ssl->handshake->offered_group_id; if (offered_group != group) { - MBEDTLS_SSL_DEBUG_MSG(1, - ("Invalid server key share, our group %u, their group %u", - (unsigned) offered_group, (unsigned) group)); + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Invalid server key share, our group %u, their group %u", + (unsigned) offered_group, (unsigned) group)); MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE, MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } -#if defined(MBEDTLS_ECDH_C) - if (mbedtls_ssl_tls13_named_group_is_ecdhe(group)) { - if (mbedtls_ssl_get_psa_curve_info_from_tls_id(group, NULL, NULL) - == PSA_ERROR_NOT_SUPPORTED) { - MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid TLS curve group id")); - return MBEDTLS_ERR_SSL_INTERNAL_ERROR; - } - - MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH curve: %s", - mbedtls_ssl_get_curve_name_from_tls_id(group))); - - ret = mbedtls_ssl_tls13_read_public_ecdhe_share(ssl, p, end - p); +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(group) || + mbedtls_ssl_tls13_named_group_is_ffdh(group)) { + MBEDTLS_SSL_DEBUG_MSG(2, + ("DHE group name: %s", mbedtls_ssl_named_group_to_str(group))); + ret = mbedtls_ssl_tls13_read_public_xxdhe_share(ssl, p, end - p); if (ret != 0) { return ret; } } else -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ if (0 /* other KEMs? */) { /* Do something */ } else { @@ -665,7 +686,7 @@ static psa_algorithm_t ssl_tls13_get_ciphersuite_hash_alg(int ciphersuite) ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(ciphersuite); if (ciphersuite_info != NULL) { - return mbedtls_psa_translate_md(ciphersuite_info->mac); + return mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac); } return PSA_ALG_NONE; @@ -843,7 +864,7 @@ static int ssl_tls13_write_binder(mbedtls_ssl_context *ssl, /* Get current state of handshake transcript. */ ret = mbedtls_ssl_get_handshake_transcript( - ssl, mbedtls_hash_info_md_from_psa(hash_alg), + ssl, mbedtls_md_type_from_psa_alg(hash_alg), transcript, sizeof(transcript), &transcript_len); if (ret != 0) { return ret; @@ -893,7 +914,7 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int configured_psk_count = 0; unsigned char *p = buf; - psa_algorithm_t hash_alg; + psa_algorithm_t hash_alg = PSA_ALG_NONE; const unsigned char *identity; size_t identity_len; size_t l_binders_len = 0; @@ -1092,6 +1113,7 @@ static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 2); selected_identity = MBEDTLS_GET_UINT16_BE(buf, 0); + ssl->handshake->selected_identity = (uint16_t) selected_identity; MBEDTLS_SSL_DEBUG_MSG(3, ("selected_identity = %d", selected_identity)); @@ -1118,6 +1140,16 @@ static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl, return ret; } + if (mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac) + != hash_alg) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Invalid ciphersuite for external psk.")); + + MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_set_hs_psk", ret); @@ -1211,6 +1243,80 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, return 0; } +int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) +{ + ((void) ssl); + +#if defined(MBEDTLS_SSL_EARLY_DATA) + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + psa_algorithm_t hash_alg = PSA_ALG_NONE; + const unsigned char *psk; + size_t psk_len; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { +#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO); +#endif + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Set hs psk for early data when writing the first psk")); + + ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "ssl_tls13_ticket_get_psk", ret); + return ret; + } + + ret = mbedtls_ssl_set_hs_psk(ssl, psk, psk_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_set_hs_psk", ret); + return ret; + } + + /* + * Early data are going to be encrypted using the ciphersuite + * associated with the pre-shared key used for the handshake. + * Note that if the server rejects early data, the handshake + * based on the pre-shared key may complete successfully + * with a selected ciphersuite different from the ciphersuite + * associated with the pre-shared key. Only the hashes of the + * two ciphersuites have to be the same. In that case, the + * encrypted handshake data and application data are + * encrypted using a different ciphersuite than the one used for + * the rejected early data. + */ + ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( + ssl->session_negotiate->ciphersuite); + ssl->handshake->ciphersuite_info = ciphersuite_info; + + /* Enable psk and psk_ephemeral to make stage early happy */ + ssl->handshake->key_exchange_mode = + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL; + + /* Start the TLS 1.3 key schedule: + * Set the PSK and derive early secret. + */ + ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_key_schedule_stage_early", ret); + return ret; + } + + /* Derive early data key material */ + ret = mbedtls_ssl_tls13_compute_early_transform(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_compute_early_transform", ret); + return ret; + } + + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + return 0; +} /* * Functions for parsing and processing Server Hello */ @@ -1235,8 +1341,8 @@ static int ssl_tls13_is_supported_versions_ext_present( { const unsigned char *p = buf; size_t legacy_session_id_echo_len; - size_t extensions_len; - const unsigned char *extensions_end; + const unsigned char *supported_versions_data; + const unsigned char *supported_versions_data_end; /* * Check there is enough data to access the legacy_session_id_echo vector @@ -1258,45 +1364,9 @@ static int ssl_tls13_is_supported_versions_ext_present( MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, legacy_session_id_echo_len + 4); p += legacy_session_id_echo_len + 4; - /* Case of no extension */ - if (p == end) { - return 0; - } - - /* ... - * Extension extensions<6..2^16-1>; - * ... - * struct { - * ExtensionType extension_type; (2 bytes) - * opaque extension_data<0..2^16-1>; - * } Extension; - */ - MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2); - extensions_len = MBEDTLS_GET_UINT16_BE(p, 0); - p += 2; - - /* Check extensions do not go beyond the buffer of data. */ - MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, extensions_len); - extensions_end = p + extensions_len; - - while (p < extensions_end) { - unsigned int extension_type; - size_t extension_data_len; - - MBEDTLS_SSL_CHK_BUF_READ_PTR(p, extensions_end, 4); - extension_type = MBEDTLS_GET_UINT16_BE(p, 0); - extension_data_len = MBEDTLS_GET_UINT16_BE(p, 2); - p += 4; - - if (extension_type == MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS) { - return 1; - } - - MBEDTLS_SSL_CHK_BUF_READ_PTR(p, extensions_end, extension_data_len); - p += extension_data_len; - } - - return 0; + return mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts( + ssl, p, end, + &supported_versions_data, &supported_versions_data_end); } /* Returns a negative value on failure, and otherwise @@ -1357,8 +1427,8 @@ static int ssl_server_hello_is_hrr(mbedtls_ssl_context *ssl, * } ServerHello; * */ - MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, - 2 + sizeof(mbedtls_ssl_tls13_hello_retry_request_magic)); + MBEDTLS_SSL_CHK_BUF_READ_PTR( + buf, end, 2 + sizeof(mbedtls_ssl_tls13_hello_retry_request_magic)); if (memcmp(buf + 2, mbedtls_ssl_tls13_hello_retry_request_magic, sizeof(mbedtls_ssl_tls13_hello_retry_request_magic)) == 0) { @@ -1402,10 +1472,18 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } + /* + * Version 1.2 of the protocol has been negotiated, set the + * ssl->keep_current_message flag for the ServerHello to be kept and + * parsed as a TLS 1.2 ServerHello. We also change ssl->tls_version to + * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step() + * will dispatch to the TLS 1.2 state machine. + */ ssl->keep_current_message = 1; ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_SERVER_HELLO, - buf, (size_t) (end - buf)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_SERVER_HELLO, + buf, (size_t) (end - buf))); if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { ret = ssl_tls13_reset_key_share(ssl); @@ -1431,15 +1509,16 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, break; case SSL_SERVER_HELLO_HRR: MBEDTLS_SSL_DEBUG_MSG(2, ("received HelloRetryRequest message")); - /* If a client receives a second - * HelloRetryRequest in the same connection (i.e., where the ClientHello - * was itself in response to a HelloRetryRequest), it MUST abort the - * handshake with an "unexpected_message" alert. + /* If a client receives a second HelloRetryRequest in the same + * connection (i.e., where the ClientHello was itself in response + * to a HelloRetryRequest), it MUST abort the handshake with an + * "unexpected_message" alert. */ if (handshake->hello_retry_request_count > 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("Multiple HRRs received")); - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE, - MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE, + MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE); return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } /* @@ -1627,13 +1706,11 @@ static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl, mbedtls_ssl_optimize_checksum(ssl, ciphersuite_info); handshake->ciphersuite_info = ciphersuite_info; - ssl->session_negotiate->ciphersuite = cipher_suite; - MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: ( %04x ) - %s", cipher_suite, ciphersuite_info->name)); #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time(NULL); + ssl->session_negotiate->start = mbedtls_time(NULL); #endif /* MBEDTLS_HAVE_TIME */ /* ... @@ -1802,20 +1879,25 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) * exchange mode is EPHEMERAL-only. */ switch (handshake->received_extensions & - (MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) | MBEDTLS_SSL_EXT_MASK(KEY_SHARE))) { + (MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) | + MBEDTLS_SSL_EXT_MASK(KEY_SHARE))) { /* Only the pre_shared_key extension was received */ case MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY): - handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; + handshake->key_exchange_mode = + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; break; /* Only the key_share extension was received */ case MBEDTLS_SSL_EXT_MASK(KEY_SHARE): - handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL; + handshake->key_exchange_mode = + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL; break; /* Both the pre_shared_key and key_share extensions were received */ - case (MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) | MBEDTLS_SSL_EXT_MASK(KEY_SHARE)): - handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; + case (MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) | + MBEDTLS_SSL_EXT_MASK(KEY_SHARE)): + handshake->key_exchange_mode = + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; break; /* Neither pre_shared_key nor key_share extension was received */ @@ -1824,29 +1906,71 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; goto cleanup; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA) && + (handshake->selected_identity != 0 || + handshake->ciphersuite_info->id != + ssl->session_negotiate->ciphersuite)) { + /* RFC8446 4.2.11 + * If the server supplies an "early_data" extension, the + * client MUST verify that the server's selected_identity + * is 0. If any other value is returned, the client MUST + * abort the handshake with an "illegal_parameter" alert. + * + * RFC 8446 4.2.10 + * In order to accept early data, the server MUST have accepted a PSK + * cipher suite and selected the first key offered in the client's + * "pre_shared_key" extension. In addition, it MUST verify that the + * following values are the same as those associated with the + * selected PSK: + * - The TLS version number + * - The selected cipher suite + * - The selected ALPN [RFC7301] protocol, if any + * + * We check here that when early data is involved the server + * selected the cipher suite associated to the pre-shared key + * as it must have. + */ + MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } +#endif - if (!mbedtls_ssl_conf_tls13_check_kex_modes(ssl, handshake->key_exchange_mode)) { + if (!mbedtls_ssl_conf_tls13_check_kex_modes( + ssl, handshake->key_exchange_mode)) { ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; - MBEDTLS_SSL_DEBUG_MSG(2, - ("Key exchange mode(%s) is not supported.", - ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode))); + MBEDTLS_SSL_DEBUG_MSG( + 2, ("Key exchange mode(%s) is not supported.", + ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode))); goto cleanup; } - MBEDTLS_SSL_DEBUG_MSG(3, - ("Selected key exchange mode: %s", - ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode))); + MBEDTLS_SSL_DEBUG_MSG( + 3, ("Selected key exchange mode: %s", + ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode))); - /* Start the TLS 1.3 key schedule: Set the PSK and derive early secret. + /* Start the TLS 1.3 key scheduling if not already done. * - * TODO: We don't have to do this in case we offered 0-RTT and the - * server accepted it. In this case, we could skip generating - * the early secret. */ - ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); - if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_key_schedule_stage_early", - ret); - goto cleanup; + * If we proposed early data then we have already derived an + * early secret using the selected PSK and its associated hash. + * It means that if the negotiated key exchange mode is psk or + * psk_ephemeral, we have already correctly computed the + * early secret and thus we do not do it again. In all other + * cases we compute it here. + */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT || + handshake->key_exchange_mode == + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL) +#endif + { + ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_key_schedule_stage_early", ret); + goto cleanup; + } } ret = mbedtls_ssl_tls13_compute_handshake_transform(ssl); @@ -1859,6 +1983,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic")); + ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; ssl->session_in = ssl->session_negotiate; cleanup: @@ -1889,6 +2014,7 @@ static int ssl_tls13_postprocess_hrr(mbedtls_ssl_context *ssl) return ret; } + ssl->session_negotiate->ciphersuite = ssl->handshake->ciphersuite_info->id; return 0; } @@ -1906,9 +2032,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> %s", __func__)); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl, - MBEDTLS_SSL_HS_SERVER_HELLO, - &buf, &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg( + ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len)); ret = ssl_tls13_preprocess_server_hello(ssl, buf, buf + buf_len); if (ret < 0) { @@ -1929,8 +2054,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl)); } - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_SERVER_HELLO, - buf, buf_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len)); if (is_hrr) { MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl)); @@ -1939,8 +2064,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl) * immediately before its second flight. This may either be before * its second ClientHello or before its encrypted handshake flight. */ - mbedtls_ssl_handshake_set_state(ssl, - MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO); + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO); #else mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO); #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ @@ -1984,10 +2109,11 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, extensions_len = MBEDTLS_GET_UINT16_BE(p, 0); p += 2; - MBEDTLS_SSL_DEBUG_BUF(3, "encrypted extensions", p, extensions_len); MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, extensions_len); extensions_end = p + extensions_len; + MBEDTLS_SSL_DEBUG_BUF(3, "encrypted extensions", p, extensions_len); + handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE; while (p < extensions_end) { @@ -2019,7 +2145,8 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension")); - if ((ret = ssl_tls13_parse_alpn_ext(ssl, p, (size_t) extension_data_len)) != 0) { + if ((ret = ssl_tls13_parse_alpn_ext( + ssl, p, (size_t) extension_data_len)) != 0) { return ret; } @@ -2039,6 +2166,21 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, break; #endif /* MBEDTLS_SSL_EARLY_DATA */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + case MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT: + MBEDTLS_SSL_DEBUG_MSG(3, ("found record_size_limit extension")); + + ret = mbedtls_ssl_tls13_parse_record_size_limit_ext( + ssl, p, p + extension_data_len); + + /* TODO: Return unconditionally here until we handle the record + * size limit correctly. Once handled correctly, only return in + * case of errors. */ + return ret; + + break; +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + default: MBEDTLS_SSL_PRINT_EXT( 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, @@ -2072,9 +2214,9 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse encrypted extensions")); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl, - MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, - &buf, &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg( + ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, + &buf, &buf_len)); /* Process the message contents */ MBEDTLS_SSL_PROC_CHK( @@ -2087,8 +2229,9 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) } #endif - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, - buf, buf_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, + buf, buf_len)); #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) { @@ -2108,6 +2251,44 @@ cleanup: } +/* + * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA + * + * RFC 8446 section 4.5 + * + * struct {} EndOfEarlyData; + * + * If the server sent an "early_data" extension in EncryptedExtensions, the + * client MUST send an EndOfEarlyData message after receiving the server + * Finished. Otherwise, the client MUST NOT send an EndOfEarlyData message. + */ + +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *buf = NULL; + size_t buf_len; + MBEDTLS_SSL_DEBUG_MSG(2, ("=> write EndOfEarlyData")); + + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, + &buf, &buf_len)); + + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_hdr_to_checksum( + ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0)); + + MBEDTLS_SSL_PROC_CHK( + mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0)); + + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); + +cleanup: + + MBEDTLS_SSL_DEBUG_MSG(2, ("<= write EndOfEarlyData")); + return ret; +} + #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) /* * STATE HANDLING: CertificateRequest @@ -2286,15 +2467,16 @@ static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl) unsigned char *buf; size_t buf_len; - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl, - MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, - &buf, &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, + &buf, &buf_len)); - MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_request(ssl, - buf, buf + buf_len)); + MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_request( + ssl, buf, buf + buf_len)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, - buf, buf_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, + buf, buf_len)); } else if (ret == SSL_CERTIFICATE_REQUEST_SKIP) { ret = 0; } else { @@ -2367,13 +2549,21 @@ static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl) return ret; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); + } else if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); + } else +#endif /* MBEDTLS_SSL_EARLY_DATA */ + { #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) - mbedtls_ssl_handshake_set_state( - ssl, - MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED); + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED); #else - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ + } return 0; } @@ -2448,8 +2638,8 @@ static int ssl_tls13_write_client_finished(mbedtls_ssl_context *ssl) ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl); if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, - "mbedtls_ssl_tls13_compute_resumption_master_secret ", ret); + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_compute_resumption_master_secret ", ret); return ret; } @@ -2668,7 +2858,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - psa_hash_alg = mbedtls_psa_translate_md(ciphersuite_info->mac); + psa_hash_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac); hash_length = PSA_HASH_LENGTH(psa_hash_alg); if (hash_length == -1 || (size_t) hash_length > sizeof(session->resumption_key)) { @@ -2789,6 +2979,10 @@ int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl) ret = ssl_tls13_process_server_finished(ssl); break; + case MBEDTLS_SSL_END_OF_EARLY_DATA: + ret = ssl_tls13_write_end_of_early_data(ssl); + break; + case MBEDTLS_SSL_CLIENT_CERTIFICATE: ret = ssl_tls13_write_client_certificate(ssl); break; @@ -2825,7 +3019,22 @@ int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl) case MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED: ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); if (ret == 0) { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); + } + break; + + case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: + ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); + if (ret == 0) { + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); + +#if defined(MBEDTLS_SSL_EARLY_DATA) + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Switch to early data keys for outbound traffic")); + mbedtls_ssl_set_outbound_transform( + ssl, ssl->handshake->transform_earlydata); +#endif } break; #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 513937e0e..3c8d448c6 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -29,13 +29,28 @@ #include "mbedtls/platform.h" #include "mbedtls/constant_time.h" #include "psa/crypto.h" -#include "mbedtls/psa_util.h" +#include "md_psa.h" #include "ssl_misc.h" #include "ssl_tls13_invasive.h" #include "ssl_tls13_keys.h" #include "ssl_debug_helpers.h" +#include "psa/crypto.h" +#include "psa_util_internal.h" + +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) +#endif + const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[ MBEDTLS_SERVER_HELLO_RANDOM_LEN] = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, @@ -79,6 +94,61 @@ cleanup: return ret; } +int mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts( + mbedtls_ssl_context *ssl, + const unsigned char *buf, const unsigned char *end, + const unsigned char **supported_versions_data, + const unsigned char **supported_versions_data_end) +{ + const unsigned char *p = buf; + size_t extensions_len; + const unsigned char *extensions_end; + + *supported_versions_data = NULL; + *supported_versions_data_end = NULL; + + /* Case of no extension */ + if (p == end) { + return 0; + } + + /* ... + * Extension extensions; + * ... + * struct { + * ExtensionType extension_type; (2 bytes) + * opaque extension_data<0..2^16-1>; + * } Extension; + */ + MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2); + extensions_len = MBEDTLS_GET_UINT16_BE(p, 0); + p += 2; + + /* Check extensions do not go beyond the buffer of data. */ + MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, extensions_len); + extensions_end = p + extensions_len; + + while (p < extensions_end) { + unsigned int extension_type; + size_t extension_data_len; + + MBEDTLS_SSL_CHK_BUF_READ_PTR(p, extensions_end, 4); + extension_type = MBEDTLS_GET_UINT16_BE(p, 0); + extension_data_len = MBEDTLS_GET_UINT16_BE(p, 2); + p += 4; + MBEDTLS_SSL_CHK_BUF_READ_PTR(p, extensions_end, extension_data_len); + + if (extension_type == MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS) { + *supported_versions_data = p; + *supported_versions_data_end = p + extension_data_len; + return 1; + } + p += extension_data_len; + } + + return 0; +} + #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) /* * STATE HANDLING: Read CertificateVerify @@ -185,15 +255,17 @@ static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl, /* RFC 8446 section 4.4.3 * - * If the CertificateVerify message is sent by a server, the signature algorithm - * MUST be one offered in the client's "signature_algorithms" extension unless - * no valid certificate chain can be produced without unsupported algorithms + * If the CertificateVerify message is sent by a server, the signature + * algorithm MUST be one offered in the client's "signature_algorithms" + * extension unless no valid certificate chain can be produced without + * unsupported algorithms * * RFC 8446 section 4.4.2.2 * * If the client cannot construct an acceptable chain using the provided - * certificates and decides to abort the handshake, then it MUST abort the handshake - * with an appropriate certificate-related alert (by default, "unsupported_certificate"). + * certificates and decides to abort the handshake, then it MUST abort the + * handshake with an appropriate certificate-related alert + * (by default, "unsupported_certificate"). * * Check if algorithm is an offered signature algorithm. */ @@ -210,7 +282,7 @@ static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl, goto error; } - hash_alg = mbedtls_hash_info_psa_from_md(md_alg); + hash_alg = mbedtls_md_psa_alg_from_type(md_alg); if (hash_alg == 0) { goto error; } @@ -288,17 +360,18 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify")); MBEDTLS_SSL_PROC_CHK( - mbedtls_ssl_tls13_fetch_handshake_msg(ssl, - MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len)); + mbedtls_ssl_tls13_fetch_handshake_msg( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len)); /* Need to calculate the hash of the transcript first * before reading the message since otherwise it gets * included in the transcript */ - ret = mbedtls_ssl_get_handshake_transcript(ssl, - ssl->handshake->ciphersuite_info->mac, - transcript, sizeof(transcript), - &transcript_len); + ret = mbedtls_ssl_get_handshake_transcript( + ssl, + (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac, + transcript, sizeof(transcript), + &transcript_len); if (ret != 0) { MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR, @@ -318,12 +391,13 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl) MBEDTLS_SSL_IS_CLIENT); /* Process the message contents */ - MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_verify(ssl, buf, - buf + buf_len, verify_buffer, - verify_buffer_len)); + MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_verify( + ssl, buf, buf + buf_len, + verify_buffer, verify_buffer_len)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, - buf, buf_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, + buf, buf_len)); cleanup: @@ -537,7 +611,8 @@ exit: return MBEDTLS_ERR_SSL_DECODE_ERROR; } - MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", ssl->session_negotiate->peer_cert); + MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", + ssl->session_negotiate->peer_cert); return ret; } @@ -603,8 +678,9 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl) if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL) { return 0; } else { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_NO_CERT, - MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_NO_CERT, + MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE); return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; } } @@ -691,7 +767,8 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl) Pick one and send the corresponding alert. Which alert to send may be a subject of debate in some cases. */ if (verify_result & MBEDTLS_X509_BADCERT_OTHER) { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED, ret); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED, ret); } else if (verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_BAD_CERT, ret); } else if (verify_result & (MBEDTLS_X509_BADCERT_KEY_USAGE | @@ -699,15 +776,19 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl) MBEDTLS_X509_BADCERT_NS_CERT_TYPE | MBEDTLS_X509_BADCERT_BAD_PK | MBEDTLS_X509_BADCERT_BAD_KEY)) { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT, ret); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT, ret); } else if (verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED, ret); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED, ret); } else if (verify_result & MBEDTLS_X509_BADCERT_REVOKED) { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED, ret); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED, ret); } else if (verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA, ret); } else { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN, ret); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN, ret); } } @@ -752,10 +833,12 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl) /* Validate the certificate chain and set the verification results. */ MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE, - buf, buf_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len)); cleanup: +#else /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ + (void) ssl; #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate")); @@ -859,17 +942,16 @@ int mbedtls_ssl_tls13_write_certificate(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, - MBEDTLS_SSL_HS_CERTIFICATE, &buf, - &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_CERTIFICATE, &buf, &buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_body(ssl, buf, buf + buf_len, &msg_len)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE, - buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( ssl, buf_len, msg_len)); @@ -885,7 +967,7 @@ cleanup: int mbedtls_ssl_tls13_check_sig_alg_cert_key_match(uint16_t sig_alg, mbedtls_pk_context *key) { - mbedtls_pk_type_t pk_type = mbedtls_ssl_sig_from_pk(key); + mbedtls_pk_type_t pk_type = (mbedtls_pk_type_t) mbedtls_ssl_sig_from_pk(key); size_t key_size = mbedtls_pk_get_bitlen(key); switch (pk_type) { @@ -952,11 +1034,9 @@ static int ssl_tls13_write_certificate_verify_body(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - ret = mbedtls_ssl_get_handshake_transcript(ssl, - ssl->handshake->ciphersuite_info->mac, - handshake_hash, - sizeof(handshake_hash), - &handshake_hash_len); + ret = mbedtls_ssl_get_handshake_transcript( + ssl, (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac, + handshake_hash, sizeof(handshake_hash), &handshake_hash_len); if (ret != 0) { return ret; } @@ -1006,14 +1086,14 @@ static int ssl_tls13_write_certificate_verify_body(mbedtls_ssl_context *ssl, } /* Hash verify buffer with indicated hash function */ - psa_algorithm = mbedtls_hash_info_psa_from_md(md_alg); + psa_algorithm = mbedtls_md_psa_alg_from_type(md_alg); status = psa_hash_compute(psa_algorithm, verify_buffer, verify_buffer_len, verify_hash, sizeof(verify_hash), &verify_hash_len); if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len); @@ -1063,15 +1143,16 @@ int mbedtls_ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, - MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, - &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, + &buf, &buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_verify_body( ssl, buf, buf + buf_len, &msg_len)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, - buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, + buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( ssl, buf_len, msg_len)); @@ -1097,13 +1178,13 @@ static int ssl_tls13_preprocess_finished_message(mbedtls_ssl_context *ssl) { int ret; - ret = mbedtls_ssl_tls13_calculate_verify_data(ssl, - ssl->handshake->state_local.finished_in.digest, - sizeof(ssl->handshake->state_local.finished_in. - digest), - &ssl->handshake->state_local.finished_in.digest_len, - ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ? - MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT); + ret = mbedtls_ssl_tls13_calculate_verify_data( + ssl, + ssl->handshake->state_local.finished_in.digest, + sizeof(ssl->handshake->state_local.finished_in.digest), + &ssl->handshake->state_local.finished_in.digest_len, + ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ? + MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_calculate_verify_data", ret); return ret; @@ -1162,17 +1243,17 @@ int mbedtls_ssl_tls13_process_finished_message(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished message")); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl, - MBEDTLS_SSL_HS_FINISHED, - &buf, &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg( + ssl, MBEDTLS_SSL_HS_FINISHED, &buf, &buf_len)); /* Preprocessing step: Compute handshake digest */ MBEDTLS_SSL_PROC_CHK(ssl_tls13_preprocess_finished_message(ssl)); - MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(ssl, buf, buf + buf_len)); + MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message( + ssl, buf, buf + buf_len)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_FINISHED, - buf, buf_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_FINISHED, buf, buf_len)); cleanup: @@ -1248,8 +1329,8 @@ int mbedtls_ssl_tls13_write_finished_message(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_finished_message_body( ssl, buf, buf + buf_len, &msg_len)); - mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_HS_FINISHED, - buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl, + MBEDTLS_SSL_HS_FINISHED, buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( ssl, buf_len, msg_len)); @@ -1378,18 +1459,17 @@ int mbedtls_ssl_reset_transcript_for_hrr(mbedtls_ssl_context *ssl) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char hash_transcript[PSA_HASH_MAX_SIZE + 4]; size_t hash_len; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - uint16_t cipher_suite = ssl->session_negotiate->ciphersuite; - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(cipher_suite); + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + ssl->handshake->ciphersuite_info; MBEDTLS_SSL_DEBUG_MSG(3, ("Reset SSL session for HRR")); - ret = mbedtls_ssl_get_handshake_transcript(ssl, ciphersuite_info->mac, + ret = mbedtls_ssl_get_handshake_transcript(ssl, (mbedtls_md_type_t) ciphersuite_info->mac, hash_transcript + 4, PSA_HASH_MAX_SIZE, &hash_len); if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(4, "mbedtls_ssl_get_handshake_transcript", ret); + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_get_handshake_transcript", ret); return ret; } @@ -1400,44 +1480,27 @@ int mbedtls_ssl_reset_transcript_for_hrr(mbedtls_ssl_context *ssl) hash_len += 4; -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) - if (ciphersuite_info->mac == MBEDTLS_MD_SHA256) { - MBEDTLS_SSL_DEBUG_BUF(4, "Truncated SHA-256 handshake transcript", - hash_transcript, hash_len); + MBEDTLS_SSL_DEBUG_BUF(4, "Truncated handshake transcript", + hash_transcript, hash_len); -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort(&ssl->handshake->fin_sha256_psa); - psa_hash_setup(&ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256); -#else - mbedtls_sha256_starts(&ssl->handshake->fin_sha256, 0); -#endif + /* Reset running hash and replace it with a hash of the transcript */ + ret = mbedtls_ssl_reset_checksum(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_reset_checksum", ret); + return ret; } -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) - if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { - MBEDTLS_SSL_DEBUG_BUF(4, "Truncated SHA-384 handshake transcript", - hash_transcript, hash_len); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_hash_abort(&ssl->handshake->fin_sha384_psa); - psa_hash_setup(&ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384); -#else - mbedtls_sha512_starts(&ssl->handshake->fin_sha384, 1); -#endif + ret = ssl->handshake->update_checksum(ssl, hash_transcript, hash_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "update_checksum", ret); + return ret; } -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \ - defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) - ssl->handshake->update_checksum(ssl, hash_transcript, hash_len); -#endif \ - /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA || MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ return ret; } -#if defined(MBEDTLS_ECDH_C) +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) -int mbedtls_ssl_tls13_read_public_ecdhe_share(mbedtls_ssl_context *ssl, +int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t buf_len) { @@ -1453,14 +1516,51 @@ int mbedtls_ssl_tls13_read_public_ecdhe_share(mbedtls_ssl_context *ssl, /* Check if key size is consistent with given buffer length. */ MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, peerkey_len); - /* Store peer's ECDH public key. */ - memcpy(handshake->ecdh_psa_peerkey, p, peerkey_len); - handshake->ecdh_psa_peerkey_len = peerkey_len; + /* Store peer's ECDH/FFDH public key. */ + if (peerkey_len > sizeof(handshake->xxdh_psa_peerkey)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid public key length: %u > %" MBEDTLS_PRINTF_SIZET, + (unsigned) peerkey_len, + sizeof(handshake->xxdh_psa_peerkey))); + return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; + } + memcpy(handshake->xxdh_psa_peerkey, p, peerkey_len); + handshake->xxdh_psa_peerkey_len = peerkey_len; return 0; } -int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( +#if defined(PSA_WANT_ALG_FFDH) +static psa_status_t mbedtls_ssl_get_psa_ffdh_info_from_tls_id( + uint16_t tls_id, size_t *bits, psa_key_type_t *key_type) +{ + switch (tls_id) { + case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048: + *bits = 2048; + *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); + return PSA_SUCCESS; + case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072: + *bits = 3072; + *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); + return PSA_SUCCESS; + case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096: + *bits = 4096; + *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); + return PSA_SUCCESS; + case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144: + *bits = 6144; + *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); + return PSA_SUCCESS; + case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192: + *bits = 8192; + *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); + return PSA_SUCCESS; + default: + return PSA_ERROR_NOT_SUPPORTED; + } +} +#endif /* PSA_WANT_ALG_FFDH */ + +int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( mbedtls_ssl_context *ssl, uint16_t named_group, unsigned char *buf, @@ -1472,52 +1572,70 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( psa_key_attributes_t key_attributes; size_t own_pubkey_len; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - psa_ecc_family_t ec_psa_family = 0; - size_t ec_bits = 0; + size_t bits = 0; + psa_key_type_t key_type = PSA_KEY_TYPE_NONE; + psa_algorithm_t alg = PSA_ALG_NONE; + size_t buf_size = (size_t) (end - buf); - MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation.")); + MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH/FFDH computation.")); /* Convert EC's TLS ID to PSA key type. */ - if (mbedtls_ssl_get_psa_curve_info_from_tls_id(named_group, - &ec_psa_family, - &ec_bits) == PSA_ERROR_NOT_SUPPORTED) { +#if defined(PSA_WANT_ALG_ECDH) + if (mbedtls_ssl_get_psa_curve_info_from_tls_id( + named_group, &key_type, &bits) == PSA_SUCCESS) { + alg = PSA_ALG_ECDH; + } +#endif +#if defined(PSA_WANT_ALG_FFDH) + if (mbedtls_ssl_get_psa_ffdh_info_from_tls_id(named_group, &bits, + &key_type) == PSA_SUCCESS) { + alg = PSA_ALG_FFDH; + } +#endif + + if (key_type == PSA_KEY_TYPE_NONE) { return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } - handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ec_psa_family); - ssl->handshake->ecdh_bits = ec_bits; + + if (buf_size < PSA_BITS_TO_BYTES(bits)) { + return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; + } + + handshake->xxdh_psa_type = key_type; + ssl->handshake->xxdh_psa_bits = bits; key_attributes = psa_key_attributes_init(); psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); - psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); - psa_set_key_type(&key_attributes, handshake->ecdh_psa_type); - psa_set_key_bits(&key_attributes, handshake->ecdh_bits); + psa_set_key_algorithm(&key_attributes, alg); + psa_set_key_type(&key_attributes, handshake->xxdh_psa_type); + psa_set_key_bits(&key_attributes, handshake->xxdh_psa_bits); - /* Generate ECDH private key. */ + /* Generate ECDH/FFDH private key. */ status = psa_generate_key(&key_attributes, - &handshake->ecdh_psa_privkey); + &handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_generate_key", ret); return ret; } - /* Export the public part of the ECDH private key from PSA. */ - status = psa_export_public_key(handshake->ecdh_psa_privkey, - buf, (size_t) (end - buf), + /* Export the public part of the ECDH/FFDH private key from PSA. */ + status = psa_export_public_key(handshake->xxdh_psa_privkey, + buf, buf_size, &own_pubkey_len); + if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_export_public_key", ret); return ret; - } *out_len = own_pubkey_len; return 0; } -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ /* RFC 8446 section 4.2 * @@ -1574,4 +1692,61 @@ int mbedtls_ssl_tls13_check_received_extension( return MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION; } +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) +/* RFC 8449, section 4: + * + * The ExtensionData of the "record_size_limit" extension is + * RecordSizeLimit: + * uint16 RecordSizeLimit; + */ +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) +{ + const unsigned char *p = buf; + uint16_t record_size_limit; + const size_t extension_data_len = end - buf; + + if (extension_data_len != + MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH) { + MBEDTLS_SSL_DEBUG_MSG(2, + ("record_size_limit extension has invalid length: %" + MBEDTLS_PRINTF_SIZET " Bytes", + extension_data_len)); + + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + + MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2); + record_size_limit = MBEDTLS_GET_UINT16_BE(p, 0); + + MBEDTLS_SSL_DEBUG_MSG(2, ("RecordSizeLimit: %u Bytes", record_size_limit)); + + /* RFC 8449, section 4 + * + * Endpoints MUST NOT send a "record_size_limit" extension with a value + * smaller than 64. An endpoint MUST treat receipt of a smaller value + * as a fatal error and generate an "illegal_parameter" alert. + */ + if (record_size_limit < MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN) { + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + + MBEDTLS_SSL_DEBUG_MSG( + 2, ("record_size_limit extension is still in development. Aborting handshake.")); + + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT, + MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION); + return MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION; +} +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + #endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index ecfdab318..5ae621005 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -34,6 +34,17 @@ #include "ssl_tls13_invasive.h" #include "psa/crypto.h" +#include "md_psa.h" + +/* Define a local translating function to save code size by not using too many + * arguments in each translating place. */ +static int local_err_translation(psa_status_t status) +{ + return psa_status_to_mbedtls(status, psa_to_ssl_errors, + ARRAY_LENGTH(psa_to_ssl_errors), + psa_generic_status_to_mbedtls); +} +#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) #define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ .name = string, @@ -215,7 +226,7 @@ cleanup: abort_status = psa_key_derivation_abort(&operation); status = (status == PSA_SUCCESS ? abort_status : status); mbedtls_platform_zeroize(hkdf_label, hkdf_label_len); - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } MBEDTLS_CHECK_RETURN_CRITICAL @@ -309,7 +320,7 @@ int mbedtls_ssl_tls13_derive_secret( status = psa_hash_compute(hash_alg, ctx, ctx_len, hashed_context, PSA_HASH_LENGTH(hash_alg), &ctx_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); return ret; } } else { @@ -416,7 +427,7 @@ int mbedtls_ssl_tls13_evolve_secret( cleanup: abort_status = psa_key_derivation_abort(&operation); status = (status == PSA_SUCCESS ? abort_status : status); - ret = (ret == 0 ? psa_ssl_status_to_mbedtls(status) : ret); + ret = (ret == 0 ? PSA_TO_MBEDTLS_ERR(status) : ret); mbedtls_platform_zeroize(tmp_secret, sizeof(tmp_secret)); return ret; } @@ -451,25 +462,27 @@ int mbedtls_ssl_tls13_derive_early_secrets( */ /* Create client_early_traffic_secret */ - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - early_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_e_traffic), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->client_early_traffic_secret, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + early_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_e_traffic), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->client_early_traffic_secret, + hash_len); if (ret != 0) { return ret; } /* Create early exporter */ - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - early_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(e_exp_master), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->early_exporter_master_secret, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + early_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(e_exp_master), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->early_exporter_master_secret, + hash_len); if (ret != 0) { return ret; } @@ -511,13 +524,14 @@ int mbedtls_ssl_tls13_derive_handshake_secrets( * Derive-Secret( ., "c hs traffic", ClientHello...ServerHello ) */ - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - handshake_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_hs_traffic), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->client_handshake_traffic_secret, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + handshake_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_hs_traffic), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->client_handshake_traffic_secret, + hash_len); if (ret != 0) { return ret; } @@ -527,13 +541,14 @@ int mbedtls_ssl_tls13_derive_handshake_secrets( * Derive-Secret( ., "s hs traffic", ClientHello...ServerHello ) */ - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - handshake_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(s_hs_traffic), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->server_handshake_traffic_secret, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + handshake_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(s_hs_traffic), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->server_handshake_traffic_secret, + hash_len); if (ret != 0) { return ret; } @@ -574,35 +589,38 @@ int mbedtls_ssl_tls13_derive_application_secrets( * */ - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - application_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_ap_traffic), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->client_application_traffic_secret_N, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + application_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_ap_traffic), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->client_application_traffic_secret_N, + hash_len); if (ret != 0) { return ret; } - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - application_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(s_ap_traffic), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->server_application_traffic_secret_N, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + application_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(s_ap_traffic), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->server_application_traffic_secret_N, + hash_len); if (ret != 0) { return ret; } - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - application_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(exp_master), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->exporter_master_secret, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + application_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(exp_master), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->exporter_master_secret, + hash_len); if (ret != 0) { return ret; } @@ -629,13 +647,14 @@ int mbedtls_ssl_tls13_derive_resumption_master_secret( return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - application_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(res_master), - transcript, transcript_len, - MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, - derived->resumption_master_secret, - hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + application_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(res_master), + transcript, transcript_len, + MBEDTLS_SSL_TLS1_3_CONTEXT_HASHED, + derived->resumption_master_secret, + hash_len); if (ret != 0) { return ret; @@ -644,27 +663,46 @@ int mbedtls_ssl_tls13_derive_resumption_master_secret( return 0; } -int mbedtls_ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl) +/** + * \brief Transition into application stage of TLS 1.3 key schedule. + * + * The TLS 1.3 key schedule can be viewed as a simple state machine + * with states Initial -> Early -> Handshake -> Application, and + * this function represents the Handshake -> Application transition. + * + * In the handshake stage, ssl_tls13_generate_application_keys() + * can be used to derive the handshake traffic keys. + * + * \param ssl The SSL context to operate on. This must be in key schedule + * stage \c Handshake. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md( - handshake->ciphersuite_info->mac); + psa_algorithm_t const hash_alg = mbedtls_md_psa_alg_from_type( + (mbedtls_md_type_t) handshake->ciphersuite_info->mac); /* * Compute MasterSecret */ - ret = mbedtls_ssl_tls13_evolve_secret(hash_alg, - handshake->tls13_master_secrets.handshake, - NULL, 0, - handshake->tls13_master_secrets.app); + ret = mbedtls_ssl_tls13_evolve_secret( + hash_alg, + handshake->tls13_master_secrets.handshake, + NULL, 0, + handshake->tls13_master_secrets.app); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_evolve_secret", ret); return ret; } - MBEDTLS_SSL_DEBUG_BUF(4, "Master secret", - handshake->tls13_master_secrets.app, PSA_HASH_LENGTH(hash_alg)); + MBEDTLS_SSL_DEBUG_BUF( + 4, "Master secret", + handshake->tls13_master_secrets.app, PSA_HASH_LENGTH(hash_alg)); return 0; } @@ -723,19 +761,19 @@ static int ssl_tls13_calc_finished_core(psa_algorithm_t hash_alg, status = psa_import_key(&attributes, finished_key, hash_len, &key); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); goto exit; } status = psa_mac_compute(key, alg, transcript, hash_len, dst, hash_len, dst_len); - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); exit: status = psa_destroy_key(key); if (ret == 0) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } mbedtls_platform_zeroize(finished_key, sizeof(finished_key)); @@ -759,10 +797,10 @@ int mbedtls_ssl_tls13_calculate_verify_data(mbedtls_ssl_context *ssl, mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets = &ssl->handshake->tls13_hs_secrets; - mbedtls_md_type_t const md_type = ssl->handshake->ciphersuite_info->mac; + mbedtls_md_type_t const md_type = (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac; - psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( - ssl->handshake->ciphersuite_info->mac); + psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type( + (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac); size_t const hash_len = PSA_HASH_LENGTH(hash_alg); MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_tls13_calculate_verify_data")); @@ -789,7 +827,8 @@ int mbedtls_ssl_tls13_calculate_verify_data(mbedtls_ssl_context *ssl, } MBEDTLS_SSL_DEBUG_BUF(4, "handshake hash", transcript, transcript_len); - ret = ssl_tls13_calc_finished_core(hash_alg, base_key, transcript, dst, actual_len); + ret = ssl_tls13_calc_finished_core(hash_alg, base_key, + transcript, dst, actual_len); if (ret != 0) { goto exit; } @@ -852,18 +891,20 @@ int mbedtls_ssl_tls13_create_psk_binder(mbedtls_ssl_context *ssl, early_secret, hash_len); if (psk_type == MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION) { - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - early_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(res_binder), - NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, - binder_key, hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + early_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(res_binder), + NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, + binder_key, hash_len); MBEDTLS_SSL_DEBUG_MSG(4, ("Derive Early Secret with 'res binder'")); } else { - ret = mbedtls_ssl_tls13_derive_secret(hash_alg, - early_secret, hash_len, - MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(ext_binder), - NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, - binder_key, hash_len); + ret = mbedtls_ssl_tls13_derive_secret( + hash_alg, + early_secret, hash_len, + MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(ext_binder), + NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED, + binder_key, hash_len); MBEDTLS_SSL_DEBUG_MSG(4, ("Derive Early Secret with 'ext binder'")); } @@ -892,11 +933,11 @@ exit: return ret; } -int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform, - int endpoint, - int ciphersuite, - mbedtls_ssl_key_set const *traffic_keys, - mbedtls_ssl_context *ssl /* DEBUG ONLY */) +int mbedtls_ssl_tls13_populate_transform( + mbedtls_ssl_transform *transform, + int endpoint, int ciphersuite, + mbedtls_ssl_key_set const *traffic_keys, + mbedtls_ssl_context *ssl /* DEBUG ONLY */) { #if !defined(MBEDTLS_USE_PSA_CRYPTO) int ret; @@ -978,14 +1019,14 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform, #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, - key_enc, cipher_info->key_bitlen, + key_enc, (int) mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_ENCRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; } if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, - key_dec, cipher_info->key_bitlen, + key_dec, (int) mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_DECRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; @@ -1018,13 +1059,14 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform, /* * Setup psa keys and alg */ - if ((status = mbedtls_ssl_cipher_to_psa(ciphersuite_info->cipher, + if ((status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) ciphersuite_info->cipher, transform->taglen, &alg, &key_type, &key_bits)) != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_cipher_to_psa", psa_ssl_status_to_mbedtls(status)); - return psa_ssl_status_to_mbedtls(status); + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_cipher_to_psa", PSA_TO_MBEDTLS_ERR(status)); + return PSA_TO_MBEDTLS_ERR(status); } transform->psa_alg = alg; @@ -1038,8 +1080,9 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform, key_enc, PSA_BITS_TO_BYTES(key_bits), &transform->psa_key_enc)) != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_RET(1, "psa_import_key", psa_ssl_status_to_mbedtls(status)); - return psa_ssl_status_to_mbedtls(status); + MBEDTLS_SSL_DEBUG_RET( + 1, "psa_import_key", PSA_TO_MBEDTLS_ERR(status)); + return PSA_TO_MBEDTLS_ERR(status); } psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); @@ -1048,8 +1091,9 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform, key_dec, PSA_BITS_TO_BYTES(key_bits), &transform->psa_key_dec)) != PSA_SUCCESS) { - MBEDTLS_SSL_DEBUG_RET(1, "psa_import_key", psa_ssl_status_to_mbedtls(status)); - return psa_ssl_status_to_mbedtls(status); + MBEDTLS_SSL_DEBUG_RET( + 1, "psa_import_key", PSA_TO_MBEDTLS_ERR(status)); + return PSA_TO_MBEDTLS_ERR(status); } } #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -1074,10 +1118,10 @@ static int ssl_tls13_get_cipher_key_info( taglen = 16; } - status = mbedtls_ssl_cipher_to_psa(ciphersuite_info->cipher, taglen, + status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) ciphersuite_info->cipher, taglen, &alg, &key_type, &key_bits); if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } *key_len = PSA_BITS_TO_BYTES(key_bits); @@ -1110,10 +1154,11 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, size_t transcript_len; size_t key_len; size_t iv_len; + mbedtls_ssl_tls13_early_secrets tls13_early_secrets; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info; - mbedtls_ssl_tls13_early_secrets *tls13_early_secrets = &handshake->tls13_early_secrets; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + handshake->ciphersuite_info; MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_generate_early_key")); @@ -1123,9 +1168,9 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, goto cleanup; } - md_type = ciphersuite_info->mac; + md_type = (mbedtls_md_type_t) ciphersuite_info->mac; - hash_alg = mbedtls_hash_info_psa_from_md(ciphersuite_info->mac); + hash_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac); hash_len = PSA_HASH_LENGTH(hash_alg); ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type, @@ -1141,7 +1186,7 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, ret = mbedtls_ssl_tls13_derive_early_secrets( hash_alg, handshake->tls13_master_secrets.early, - transcript, transcript_len, tls13_early_secrets); + transcript, transcript_len, &tls13_early_secrets); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_derive_early_secrets", ret); @@ -1150,7 +1195,7 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "Client early traffic secret", - tls13_early_secrets->client_early_traffic_secret, hash_len); + tls13_early_secrets.client_early_traffic_secret, hash_len); /* * Export client handshake traffic secret @@ -1159,7 +1204,7 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, ssl->f_export_keys( ssl->p_export_keys, MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_EARLY_SECRET, - tls13_early_secrets->client_early_traffic_secret, + tls13_early_secrets.client_early_traffic_secret, hash_len, handshake->randbytes, handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, @@ -1168,7 +1213,7 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, ret = ssl_tls13_make_traffic_key( hash_alg, - tls13_early_secrets->client_early_traffic_secret, + tls13_early_secrets.client_early_traffic_secret, hash_len, traffic_keys->client_write_key, key_len, traffic_keys->client_write_iv, iv_len); if (ret != 0) { @@ -1189,9 +1234,9 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_generate_early_key")); cleanup: - /* Erase secret and transcript */ + /* Erase early secrets and transcript */ mbedtls_platform_zeroize( - tls13_early_secrets, sizeof(mbedtls_ssl_tls13_early_secrets)); + &tls13_early_secrets, sizeof(mbedtls_ssl_tls13_early_secrets)); mbedtls_platform_zeroize(transcript, sizeof(transcript)); return ret; } @@ -1221,7 +1266,7 @@ int mbedtls_ssl_tls13_compute_early_transform(mbedtls_ssl_context *ssl) ret = mbedtls_ssl_tls13_populate_transform( transform_earlydata, ssl->conf->endpoint, - ssl->session_negotiate->ciphersuite, + handshake->ciphersuite_info->id, &traffic_keys, ssl); if (ret != 0) { @@ -1253,7 +1298,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_early(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - hash_alg = mbedtls_hash_info_psa_from_md(handshake->ciphersuite_info->mac); + hash_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) handshake->ciphersuite_info->mac); #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) if (mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) { ret = mbedtls_ssl_tls13_export_handshake_psk(ssl, &psk, &psk_len); @@ -1282,10 +1327,25 @@ int mbedtls_ssl_tls13_key_schedule_stage_early(mbedtls_ssl_context *ssl) return 0; } -/* mbedtls_ssl_tls13_generate_handshake_keys() generates keys necessary for - * protecting the handshake messages, as described in Section 7 of TLS 1.3. */ -int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, - mbedtls_ssl_key_set *traffic_keys) +/** + * \brief Compute TLS 1.3 handshake traffic keys. + * + * ssl_tls13_generate_handshake_keys() generates keys necessary for + * protecting the handshake messages, as described in Section 7 of + * RFC 8446. + * + * \param ssl The SSL context to operate on. This must be in + * key schedule stage \c Handshake, see + * ssl_tls13_key_schedule_stage_handshake(). + * \param traffic_keys The address at which to store the handshake traffic + * keys. This must be writable but may be uninitialized. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, + mbedtls_ssl_key_set *traffic_keys) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_md_type_t md_type; @@ -1297,10 +1357,12 @@ int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, size_t iv_len; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info; - mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets = &handshake->tls13_hs_secrets; + const mbedtls_ssl_ciphersuite_t *ciphersuite_info = + handshake->ciphersuite_info; + mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets = + &handshake->tls13_hs_secrets; - MBEDTLS_SSL_DEBUG_MSG(2, ("=> mbedtls_ssl_tls13_generate_handshake_keys")); + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_generate_handshake_keys")); ret = ssl_tls13_get_cipher_key_info(ciphersuite_info, &key_len, &iv_len); if (ret != 0) { @@ -1308,9 +1370,9 @@ int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, return ret; } - md_type = ciphersuite_info->mac; + md_type = (mbedtls_md_type_t) ciphersuite_info->mac; - hash_alg = mbedtls_hash_info_psa_from_md(ciphersuite_info->mac); + hash_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac); hash_len = PSA_HASH_LENGTH(hash_alg); ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type, @@ -1324,9 +1386,9 @@ int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, return ret; } - ret = mbedtls_ssl_tls13_derive_handshake_secrets(hash_alg, - handshake->tls13_master_secrets.handshake, - transcript, transcript_len, tls13_hs_secrets); + ret = mbedtls_ssl_tls13_derive_handshake_secrets( + hash_alg, handshake->tls13_master_secrets.handshake, + transcript, transcript_len, tls13_hs_secrets); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_derive_handshake_secrets", ret); @@ -1344,27 +1406,30 @@ int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, * Export client handshake traffic secret */ if (ssl->f_export_keys != NULL) { - ssl->f_export_keys(ssl->p_export_keys, - MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET, - tls13_hs_secrets->client_handshake_traffic_secret, - hash_len, - handshake->randbytes, - handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, - MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */); + ssl->f_export_keys( + ssl->p_export_keys, + MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET, + tls13_hs_secrets->client_handshake_traffic_secret, + hash_len, + handshake->randbytes, + handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, + MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */); - ssl->f_export_keys(ssl->p_export_keys, - MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET, - tls13_hs_secrets->server_handshake_traffic_secret, - hash_len, - handshake->randbytes, - handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, - MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */); + ssl->f_export_keys( + ssl->p_export_keys, + MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET, + tls13_hs_secrets->server_handshake_traffic_secret, + hash_len, + handshake->randbytes, + handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, + MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */); } - ret = mbedtls_ssl_tls13_make_traffic_keys(hash_alg, - tls13_hs_secrets->client_handshake_traffic_secret, - tls13_hs_secrets->server_handshake_traffic_secret, - hash_len, key_len, iv_len, traffic_keys); + ret = mbedtls_ssl_tls13_make_traffic_keys( + hash_alg, + tls13_hs_secrets->client_handshake_traffic_secret, + tls13_hs_secrets->server_handshake_traffic_secret, + hash_len, key_len, iv_len, traffic_keys); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_make_traffic_keys", ret); goto exit; @@ -1386,19 +1451,36 @@ int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, traffic_keys->server_write_iv, traffic_keys->iv_len); - MBEDTLS_SSL_DEBUG_MSG(2, ("<= mbedtls_ssl_tls13_generate_handshake_keys")); + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_generate_handshake_keys")); exit: return ret; } -int mbedtls_ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) +/** + * \brief Transition into handshake stage of TLS 1.3 key schedule. + * + * The TLS 1.3 key schedule can be viewed as a simple state machine + * with states Initial -> Early -> Handshake -> Application, and + * this function represents the Early -> Handshake transition. + * + * In the handshake stage, ssl_tls13_generate_handshake_keys() + * can be used to derive the handshake traffic keys. + * + * \param ssl The SSL context to operate on. This must be in key schedule + * stage \c Early. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ssl_handshake_params *handshake = ssl->handshake; - psa_algorithm_t const hash_alg = mbedtls_hash_info_psa_from_md( - handshake->ciphersuite_info->mac); + psa_algorithm_t const hash_alg = mbedtls_md_psa_alg_from_type( + (mbedtls_md_type_t) handshake->ciphersuite_info->mac); unsigned char *shared_secret = NULL; size_t shared_secret_len = 0; @@ -1409,16 +1491,21 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) * are derived in the handshake secret derivation stage. */ if (mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral(ssl)) { - if (mbedtls_ssl_tls13_named_group_is_ecdhe(handshake->offered_group_id)) { -#if defined(MBEDTLS_ECDH_C) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(handshake->offered_group_id) || + mbedtls_ssl_tls13_named_group_is_ffdh(handshake->offered_group_id)) { +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) + psa_algorithm_t alg = + mbedtls_ssl_tls13_named_group_is_ecdhe(handshake->offered_group_id) ? + PSA_ALG_ECDH : PSA_ALG_FFDH; + /* Compute ECDH shared secret. */ psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT; - status = psa_get_key_attributes(handshake->ecdh_psa_privkey, + status = psa_get_key_attributes(handshake->xxdh_psa_privkey, &key_attributes); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); } shared_secret_len = PSA_BITS_TO_BYTES( @@ -1429,24 +1516,24 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) } status = psa_raw_key_agreement( - PSA_ALG_ECDH, handshake->ecdh_psa_privkey, - handshake->ecdh_psa_peerkey, handshake->ecdh_psa_peerkey_len, + alg, handshake->xxdh_psa_privkey, + handshake->xxdh_psa_peerkey, handshake->xxdh_psa_peerkey_len, shared_secret, shared_secret_len, &shared_secret_len); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_raw_key_agreement", ret); goto cleanup; } - status = psa_destroy_key(handshake->ecdh_psa_privkey); + status = psa_destroy_key(handshake->xxdh_psa_privkey); if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); + ret = PSA_TO_MBEDTLS_ERR(status); MBEDTLS_SSL_DEBUG_RET(1, "psa_destroy_key", ret); goto cleanup; } - handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; -#endif /* MBEDTLS_ECDH_C */ + handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ } else { MBEDTLS_SSL_DEBUG_MSG(1, ("Group not supported.")); return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; @@ -1457,10 +1544,10 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) /* * Compute the Handshake Secret */ - ret = mbedtls_ssl_tls13_evolve_secret(hash_alg, - handshake->tls13_master_secrets.early, - shared_secret, shared_secret_len, - handshake->tls13_master_secrets.handshake); + ret = mbedtls_ssl_tls13_evolve_secret( + hash_alg, handshake->tls13_master_secrets.early, + shared_secret, shared_secret_len, + handshake->tls13_master_secrets.handshake); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_evolve_secret", ret); goto cleanup; @@ -1472,17 +1559,30 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl) cleanup: if (shared_secret != NULL) { - mbedtls_platform_zeroize(shared_secret, shared_secret_len); - mbedtls_free(shared_secret); + mbedtls_zeroize_and_free(shared_secret, shared_secret_len); } return ret; } -/* Generate application traffic keys since any records following a 1-RTT Finished message - * MUST be encrypted under the application traffic key. +/** + * \brief Compute TLS 1.3 application traffic keys. + * + * ssl_tls13_generate_application_keys() generates application traffic + * keys, since any record following a 1-RTT Finished message MUST be + * encrypted under the application traffic key. + * + * \param ssl The SSL context to operate on. This must be in + * key schedule stage \c Application, see + * ssl_tls13_key_schedule_stage_application(). + * \param traffic_keys The address at which to store the application traffic + * keys. This must be writable but may be uninitialized. + * + * \returns \c 0 on success. + * \returns A negative error code on failure. */ -int mbedtls_ssl_tls13_generate_application_keys( +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_generate_application_keys( mbedtls_ssl_context *ssl, mbedtls_ssl_key_set *traffic_keys) { @@ -1517,9 +1617,9 @@ int mbedtls_ssl_tls13_generate_application_keys( goto cleanup; } - md_type = handshake->ciphersuite_info->mac; + md_type = (mbedtls_md_type_t) handshake->ciphersuite_info->mac; - hash_alg = mbedtls_hash_info_psa_from_md(handshake->ciphersuite_info->mac); + hash_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) handshake->ciphersuite_info->mac); hash_len = PSA_HASH_LENGTH(hash_alg); /* Compute current handshake transcript. It's the caller's responsibility @@ -1534,22 +1634,22 @@ int mbedtls_ssl_tls13_generate_application_keys( /* Compute application secrets from master secret and transcript hash. */ - ret = mbedtls_ssl_tls13_derive_application_secrets(hash_alg, - handshake->tls13_master_secrets.app, - transcript, transcript_len, - app_secrets); + ret = mbedtls_ssl_tls13_derive_application_secrets( + hash_alg, handshake->tls13_master_secrets.app, + transcript, transcript_len, app_secrets); if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, - "mbedtls_ssl_tls13_derive_application_secrets", ret); + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_derive_application_secrets", ret); goto cleanup; } /* Derive first epoch of IV + Key for application traffic. */ - ret = mbedtls_ssl_tls13_make_traffic_keys(hash_alg, - app_secrets->client_application_traffic_secret_N, - app_secrets->server_application_traffic_secret_N, - hash_len, key_len, iv_len, traffic_keys); + ret = mbedtls_ssl_tls13_make_traffic_keys( + hash_alg, + app_secrets->client_application_traffic_secret_N, + app_secrets->server_application_traffic_secret_N, + hash_len, key_len, iv_len, traffic_keys); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_make_traffic_keys", ret); goto cleanup; @@ -1567,21 +1667,23 @@ int mbedtls_ssl_tls13_generate_application_keys( * Export client/server application traffic secret 0 */ if (ssl->f_export_keys != NULL) { - ssl->f_export_keys(ssl->p_export_keys, - MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET, - app_secrets->client_application_traffic_secret_N, hash_len, - handshake->randbytes, - handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, - MBEDTLS_SSL_TLS_PRF_NONE /* TODO: this should be replaced by - a new constant for TLS 1.3! */); + ssl->f_export_keys( + ssl->p_export_keys, + MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET, + app_secrets->client_application_traffic_secret_N, hash_len, + handshake->randbytes, + handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, + MBEDTLS_SSL_TLS_PRF_NONE /* TODO: this should be replaced by + a new constant for TLS 1.3! */); - ssl->f_export_keys(ssl->p_export_keys, - MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET, - app_secrets->server_application_traffic_secret_N, hash_len, - handshake->randbytes, - handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, - MBEDTLS_SSL_TLS_PRF_NONE /* TODO: this should be replaced by - a new constant for TLS 1.3! */); + ssl->f_export_keys( + ssl->p_export_keys, + MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET, + app_secrets->server_application_traffic_secret_N, hash_len, + handshake->randbytes, + handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN, + MBEDTLS_SSL_TLS_PRF_NONE /* TODO: this should be replaced by + a new constant for TLS 1.3! */); } MBEDTLS_SSL_DEBUG_BUF(4, "client application_write_key:", @@ -1612,7 +1714,7 @@ int mbedtls_ssl_tls13_compute_handshake_transform(mbedtls_ssl_context *ssl) mbedtls_ssl_handshake_params *handshake = ssl->handshake; /* Compute handshake secret */ - ret = mbedtls_ssl_tls13_key_schedule_stage_handshake(ssl); + ret = ssl_tls13_key_schedule_stage_handshake(ssl); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_derive_master_secret", ret); goto cleanup; @@ -1620,9 +1722,9 @@ int mbedtls_ssl_tls13_compute_handshake_transform(mbedtls_ssl_context *ssl) /* Next evolution in key schedule: Establish handshake secret and * key material. */ - ret = mbedtls_ssl_tls13_generate_handshake_keys(ssl, &traffic_keys); + ret = ssl_tls13_generate_handshake_keys(ssl, &traffic_keys); if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_generate_handshake_keys", + MBEDTLS_SSL_DEBUG_RET(1, "ssl_tls13_generate_handshake_keys", ret); goto cleanup; } @@ -1636,7 +1738,7 @@ int mbedtls_ssl_tls13_compute_handshake_transform(mbedtls_ssl_context *ssl) ret = mbedtls_ssl_tls13_populate_transform( transform_handshake, ssl->conf->endpoint, - ssl->session_negotiate->ciphersuite, + handshake->ciphersuite_info->id, &traffic_keys, ssl); if (ret != 0) { @@ -1662,10 +1764,10 @@ int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl) unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE]; size_t transcript_len; - MBEDTLS_SSL_DEBUG_MSG(2, - ("=> mbedtls_ssl_tls13_compute_resumption_master_secret")); + MBEDTLS_SSL_DEBUG_MSG( + 2, ("=> mbedtls_ssl_tls13_compute_resumption_master_secret")); - md_type = handshake->ciphersuite_info->mac; + md_type = (mbedtls_md_type_t) handshake->ciphersuite_info->mac; ret = mbedtls_ssl_get_handshake_transcript(ssl, md_type, transcript, sizeof(transcript), @@ -1675,7 +1777,7 @@ int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl) } ret = mbedtls_ssl_tls13_derive_resumption_master_secret( - mbedtls_psa_translate_md(md_type), + mbedtls_md_psa_alg_from_type(md_type), handshake->tls13_master_secrets.app, transcript, transcript_len, &ssl->session_negotiate->app_secrets); @@ -1687,12 +1789,13 @@ int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl) mbedtls_platform_zeroize(&handshake->tls13_master_secrets, sizeof(handshake->tls13_master_secrets)); - MBEDTLS_SSL_DEBUG_BUF(4, "Resumption master secret", - ssl->session_negotiate->app_secrets.resumption_master_secret, - PSA_HASH_LENGTH(mbedtls_psa_translate_md(md_type))); + MBEDTLS_SSL_DEBUG_BUF( + 4, "Resumption master secret", + ssl->session_negotiate->app_secrets.resumption_master_secret, + PSA_HASH_LENGTH(mbedtls_md_psa_alg_from_type(md_type))); - MBEDTLS_SSL_DEBUG_MSG(2, - ("<= mbedtls_ssl_tls13_compute_resumption_master_secret")); + MBEDTLS_SSL_DEBUG_MSG( + 2, ("<= mbedtls_ssl_tls13_compute_resumption_master_secret")); return 0; } @@ -1702,17 +1805,17 @@ int mbedtls_ssl_tls13_compute_application_transform(mbedtls_ssl_context *ssl) mbedtls_ssl_key_set traffic_keys; mbedtls_ssl_transform *transform_application = NULL; - ret = mbedtls_ssl_tls13_key_schedule_stage_application(ssl); + ret = ssl_tls13_key_schedule_stage_application(ssl); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, - "mbedtls_ssl_tls13_key_schedule_stage_application", ret); + "ssl_tls13_key_schedule_stage_application", ret); goto cleanup; } - ret = mbedtls_ssl_tls13_generate_application_keys(ssl, &traffic_keys); + ret = ssl_tls13_generate_application_keys(ssl, &traffic_keys); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, - "mbedtls_ssl_tls13_generate_application_keys", ret); + "ssl_tls13_generate_application_keys", ret); goto cleanup; } @@ -1726,7 +1829,7 @@ int mbedtls_ssl_tls13_compute_application_transform(mbedtls_ssl_context *ssl) ret = mbedtls_ssl_tls13_populate_transform( transform_application, ssl->conf->endpoint, - ssl->session_negotiate->ciphersuite, + ssl->handshake->ciphersuite_info->id, &traffic_keys, ssl); if (ret != 0) { @@ -1763,7 +1866,7 @@ int mbedtls_ssl_tls13_export_handshake_psk(mbedtls_ssl_context *ssl, status = psa_get_key_attributes(ssl->handshake->psk_opaque, &key_attributes); if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } *psk_len = PSA_BITS_TO_BYTES(psa_get_key_bits(&key_attributes)); @@ -1777,7 +1880,7 @@ int mbedtls_ssl_tls13_export_handshake_psk(mbedtls_ssl_context *ssl, if (status != PSA_SUCCESS) { mbedtls_free((void *) *psk); *psk = NULL; - return psa_ssl_status_to_mbedtls(status); + return PSA_TO_MBEDTLS_ERR(status); } return 0; #else diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index d4f2b4024..21e9b4d73 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -553,76 +553,6 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform, MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_tls13_key_schedule_stage_early(mbedtls_ssl_context *ssl); -/** - * \brief Transition into handshake stage of TLS 1.3 key schedule. - * - * The TLS 1.3 key schedule can be viewed as a simple state machine - * with states Initial -> Early -> Handshake -> Application, and - * this function represents the Early -> Handshake transition. - * - * In the handshake stage, mbedtls_ssl_tls13_generate_handshake_keys() - * can be used to derive the handshake traffic keys. - * - * \param ssl The SSL context to operate on. This must be in key schedule - * stage \c Early. - * - * \returns \c 0 on success. - * \returns A negative error code on failure. - */ -MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl); - -/** - * \brief Compute TLS 1.3 handshake traffic keys. - * - * \param ssl The SSL context to operate on. This must be in - * key schedule stage \c Handshake, see - * mbedtls_ssl_tls13_key_schedule_stage_handshake(). - * \param traffic_keys The address at which to store the handshake traffic key - * keys. This must be writable but may be uninitialized. - * - * \returns \c 0 on success. - * \returns A negative error code on failure. - */ -MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, - mbedtls_ssl_key_set *traffic_keys); - -/** - * \brief Transition into application stage of TLS 1.3 key schedule. - * - * The TLS 1.3 key schedule can be viewed as a simple state machine - * with states Initial -> Early -> Handshake -> Application, and - * this function represents the Handshake -> Application transition. - * - * In the handshake stage, mbedtls_ssl_tls13_generate_application_keys() - * can be used to derive the handshake traffic keys. - * - * \param ssl The SSL context to operate on. This must be in key schedule - * stage \c Handshake. - * - * \returns \c 0 on success. - * \returns A negative error code on failure. - */ -MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl); - -/** - * \brief Compute TLS 1.3 application traffic keys. - * - * \param ssl The SSL context to operate on. This must be in - * key schedule stage \c Application, see - * mbedtls_ssl_tls13_key_schedule_stage_application(). - * \param traffic_keys The address at which to store the application traffic key - * keys. This must be writable but may be uninitialized. - * - * \returns \c 0 on success. - * \returns A negative error code on failure. - */ -MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_tls13_generate_application_keys( - mbedtls_ssl_context *ssl, mbedtls_ssl_key_set *traffic_keys); - /** * \brief Compute TLS 1.3 resumption master secret. * diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 7bf32c689..87eaa192f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -25,6 +25,8 @@ #include "mbedtls/error.h" #include "mbedtls/platform.h" #include "mbedtls/constant_time.h" +#include "mbedtls/oid.h" +#include "md_psa.h" #include "ssl_misc.h" #include "ssl_tls13_keys.h" @@ -258,6 +260,8 @@ static int ssl_tls13_offered_psks_check_identity_match( int *psk_type, mbedtls_ssl_session *session) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + ((void) session); ((void) obfuscated_ticket_age); *psk_type = MBEDTLS_SSL_TLS1_3_PSK_EXTERNAL; @@ -271,9 +275,13 @@ static int ssl_tls13_offered_psks_check_identity_match( session) == SSL_TLS1_3_OFFERED_PSK_MATCH) { ssl->handshake->resume = 1; *psk_type = MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION; - mbedtls_ssl_set_hs_psk(ssl, - session->resumption_key, - session->resumption_key_len); + ret = mbedtls_ssl_set_hs_psk(ssl, + session->resumption_key, + session->resumption_key_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_set_hs_psk", ret); + return ret; + } MBEDTLS_SSL_DEBUG_BUF(4, "Ticket-resumed PSK:", session->resumption_key, @@ -299,7 +307,11 @@ static int ssl_tls13_offered_psks_check_identity_match( identity_len == ssl->conf->psk_identity_len && mbedtls_ct_memcmp(ssl->conf->psk_identity, identity, identity_len) == 0) { - mbedtls_ssl_set_hs_psk(ssl, ssl->conf->psk, ssl->conf->psk_len); + ret = mbedtls_ssl_set_hs_psk(ssl, ssl->conf->psk, ssl->conf->psk_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_set_hs_psk", ret); + return ret; + } return SSL_TLS1_3_OFFERED_PSK_MATCH; } @@ -307,11 +319,10 @@ static int ssl_tls13_offered_psks_check_identity_match( } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_offered_psks_check_binder_match(mbedtls_ssl_context *ssl, - const unsigned char *binder, - size_t binder_len, - int psk_type, - psa_algorithm_t psk_hash_alg) +static int ssl_tls13_offered_psks_check_binder_match( + mbedtls_ssl_context *ssl, + const unsigned char *binder, size_t binder_len, + int psk_type, psa_algorithm_t psk_hash_alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -323,7 +334,7 @@ static int ssl_tls13_offered_psks_check_binder_match(mbedtls_ssl_context *ssl, /* Get current state of handshake transcript. */ ret = mbedtls_ssl_get_handshake_transcript( - ssl, mbedtls_hash_info_md_from_psa(psk_hash_alg), + ssl, mbedtls_md_type_from_psa_alg(psk_hash_alg), transcript, sizeof(transcript), &transcript_len); if (ret != 0) { return ret; @@ -397,7 +408,8 @@ static int ssl_tls13_select_ciphersuite_for_psk( /* MAC of selected ciphersuite MUST be same with PSK binder if exist. * Otherwise, client should reject. */ - if (psk_hash_alg == mbedtls_psa_translate_md(ciphersuite_info->mac)) { + if (psk_hash_alg == + mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac)) { *selected_ciphersuite = cipher_suite; *selected_ciphersuite_info = ciphersuite_info; return 0; @@ -480,12 +492,14 @@ static int ssl_tls13_session_copy_ticket(mbedtls_ssl_session *dst, * } PreSharedKeyExtension; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl, - const unsigned char *pre_shared_key_ext, - const unsigned char *pre_shared_key_ext_end, - const unsigned char *ciphersuites, - const unsigned char *ciphersuites_end) +static int ssl_tls13_parse_pre_shared_key_ext( + mbedtls_ssl_context *ssl, + const unsigned char *pre_shared_key_ext, + const unsigned char *pre_shared_key_ext_end, + const unsigned char *ciphersuites, + const unsigned char *ciphersuites_end) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *identities = pre_shared_key_ext; const unsigned char *p_identity_len; size_t identities_len; @@ -521,8 +535,12 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_CHK_BUF_READ_PTR(p_binder_len, pre_shared_key_ext_end, binders_len); binders_end = p_binder_len + binders_len; - ssl->handshake->update_checksum(ssl, pre_shared_key_ext, - identities_end - pre_shared_key_ext); + ret = ssl->handshake->update_checksum(ssl, pre_shared_key_ext, + identities_end - pre_shared_key_ext); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret); + return ret; + } while (p_identity_len < identities_end && p_binder_len < binders_end) { const unsigned char *identity; @@ -530,7 +548,6 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl, uint32_t obfuscated_ticket_age; const unsigned char *binder; size_t binder_len; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int psk_type; uint16_t cipher_suite; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; @@ -598,7 +615,7 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl, ret = ssl_tls13_offered_psks_check_binder_match( ssl, binder, binder_len, psk_type, - mbedtls_psa_translate_md(ciphersuite_info->mac)); + mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac)); if (ret != SSL_TLS1_3_OFFERED_PSK_MATCH) { /* For security reasons, the handshake should be aborted when we * fail to validate a binder value. See RFC 8446 section 4.2.11.2 @@ -607,8 +624,8 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl, mbedtls_ssl_session_free(&session); #endif MBEDTLS_SSL_DEBUG_MSG(3, ("Invalid binder.")); - MBEDTLS_SSL_DEBUG_RET(1, - "ssl_tls13_offered_psks_check_binder_match", ret); + MBEDTLS_SSL_DEBUG_RET( + 1, "ssl_tls13_offered_psks_check_binder_match", ret); MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR, MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE); @@ -642,9 +659,12 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl, } /* Update the handshake transcript with the binder list. */ - ssl->handshake->update_checksum(ssl, - identities_end, - (size_t) (binders_end - identities_end)); + ret = ssl->handshake->update_checksum( + ssl, identities_end, (size_t) (binders_end - identities_end)); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret); + return ret; + } if (matched_identity == -1) { MBEDTLS_SSL_DEBUG_MSG(3, ("No matched PSK or ticket.")); return MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY; @@ -720,7 +740,7 @@ static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, size_t versions_len; const unsigned char *versions_end; uint16_t tls_version; - int tls13_supported = 0; + int found_supported_version = 0; MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 1); versions_len = p[0]; @@ -733,28 +753,33 @@ static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl, tls_version = mbedtls_ssl_read_version(p, ssl->conf->transport); p += 2; - /* In this implementation we only support TLS 1.3 and DTLS 1.3. */ - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - tls13_supported = 1; + if (MBEDTLS_SSL_VERSION_TLS1_3 == tls_version) { + found_supported_version = 1; + break; + } + + if ((MBEDTLS_SSL_VERSION_TLS1_2 == tls_version) && + mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) { + found_supported_version = 1; break; } } - if (!tls13_supported) { - MBEDTLS_SSL_DEBUG_MSG(1, ("TLS 1.3 is not supported by the client")); + if (!found_supported_version) { + MBEDTLS_SSL_DEBUG_MSG(1, ("No supported version found.")); MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION, MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION); return MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } - MBEDTLS_SSL_DEBUG_MSG(1, ("Negotiated version. Supported is [%04x]", + MBEDTLS_SSL_DEBUG_MSG(1, ("Negotiated version: [%04x]", (unsigned int) tls_version)); - return 0; + return (int) tls_version; } -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) /* * * From RFC 8446: @@ -810,20 +835,21 @@ static int ssl_tls13_parse_supported_groups_ext(mbedtls_ssl_context *ssl, return 0; } -#endif /* MBEDTLS_ECDH_C */ +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH */ #define SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH 1 -#if defined(MBEDTLS_ECDH_C) +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) /* * ssl_tls13_parse_key_shares_ext() verifies whether the information in the - * extension is correct and stores the first acceptable key share and its associated group. + * extension is correct and stores the first acceptable key share and its + * associated group. * * Possible return values are: * - 0: Successful processing of the client provided key share extension. - * - SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH: The key shares provided by the client - * does not match a group supported by the server. A HelloRetryRequest will - * be needed. + * - SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH: The key shares provided by + * the client does not match a group supported by the server. A + * HelloRetryRequest will be needed. * - A negative value for fatal errors. */ MBEDTLS_CHECK_RETURN_CRITICAL @@ -887,13 +913,14 @@ static int ssl_tls13_parse_key_shares_ext(mbedtls_ssl_context *ssl, } /* - * For now, we only support ECDHE groups. + * ECDHE and FFDHE groups are supported */ - if (mbedtls_ssl_tls13_named_group_is_ecdhe(group)) { - MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH group: %s (%04x)", + if (mbedtls_ssl_tls13_named_group_is_ecdhe(group) || + mbedtls_ssl_tls13_named_group_is_ffdh(group)) { + MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH/FFDH group: %s (%04x)", mbedtls_ssl_named_group_to_str(group), group)); - ret = mbedtls_ssl_tls13_read_public_ecdhe_share( + ret = mbedtls_ssl_tls13_read_public_xxdhe_share( ssl, key_exchange - 2, key_exchange_len + 2); if (ret != 0) { return ret; @@ -915,7 +942,7 @@ static int ssl_tls13_parse_key_shares_ext(mbedtls_ssl_context *ssl, } return 0; } -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_client_hello_has_exts(mbedtls_ssl_context *ssl, @@ -1044,7 +1071,8 @@ static int ssl_tls13_determine_key_exchange_mode(mbedtls_ssl_context *ssl) * 3 ) Plain PSK Mode ( psk ) */ - ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; + ssl->handshake->key_exchange_mode = + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; if (ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { ssl->handshake->key_exchange_mode = @@ -1240,6 +1268,7 @@ static int ssl_tls13_pick_key_cert(mbedtls_ssl_context *ssl) #define SSL_CLIENT_HELLO_OK 0 #define SSL_CLIENT_HELLO_HRR_REQUIRED 1 +#define SSL_CLIENT_HELLO_TLS1_2 2 MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, @@ -1248,16 +1277,21 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; + const unsigned char *random; size_t legacy_session_id_len; + const unsigned char *legacy_session_id; size_t cipher_suites_len; + const unsigned char *cipher_suites; const unsigned char *cipher_suites_end; size_t extensions_len; const unsigned char *extensions_end; + const unsigned char *supported_versions_data; + const unsigned char *supported_versions_data_end; mbedtls_ssl_handshake_params *handshake = ssl->handshake; int hrr_required = 0; + int no_usable_share_for_key_agreement = 0; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) - const unsigned char *cipher_suites; const unsigned char *pre_shared_key_ext = NULL; const unsigned char *pre_shared_key_ext_end = NULL; #endif @@ -1298,55 +1332,47 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } p += 2; - /* - * Only support TLS 1.3 currently, temporarily set the version. - */ - ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - /* Store minor version for later use with ticket serialization. */ - ssl->session_negotiate->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; - ssl->session_negotiate->endpoint = ssl->conf->endpoint; -#endif - /* ... * Random random; * ... * with Random defined as: * opaque Random[32]; */ - MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", - p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN); - - memcpy(&handshake->randbytes[0], p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN); + random = p; p += MBEDTLS_CLIENT_HELLO_RANDOM_LEN; /* ... * opaque legacy_session_id<0..32>; * ... */ - legacy_session_id_len = p[0]; - p++; + legacy_session_id_len = *(p++); + legacy_session_id = p; - if (legacy_session_id_len > sizeof(ssl->session_negotiate->id)) { - MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); - return MBEDTLS_ERR_SSL_DECODE_ERROR; - } - - ssl->session_negotiate->id_len = legacy_session_id_len; - MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", - p, legacy_session_id_len); /* * Check we have enough data for the legacy session identifier * and the ciphersuite list length. */ MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, legacy_session_id_len + 2); - - memcpy(&ssl->session_negotiate->id[0], p, legacy_session_id_len); p += legacy_session_id_len; + /* ... + * CipherSuite cipher_suites<2..2^16-2>; + * ... + * with CipherSuite defined as: + * uint8 CipherSuite[2]; + */ cipher_suites_len = MBEDTLS_GET_UINT16_BE(p, 0); p += 2; + cipher_suites = p; + + /* + * The length of the ciphersuite list has to be even. + */ + if (cipher_suites_len & 1) { + MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, + MBEDTLS_ERR_SSL_DECODE_ERROR); + return MBEDTLS_ERR_SSL_DECODE_ERROR; + } /* Check we have enough data for the ciphersuite list, the legacy * compression methods and the length of the extensions. @@ -1356,30 +1382,95 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, * extensions_len 2 bytes */ MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, cipher_suites_len + 2 + 2); + p += cipher_suites_len; + cipher_suites_end = p; - /* ... - * CipherSuite cipher_suites<2..2^16-2>; - * ... - * with CipherSuite defined as: - * uint8 CipherSuite[2]; + /* + * Search for the supported versions extension and parse it to determine + * if the client supports TLS 1.3. */ -#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) - cipher_suites = p; + ret = mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts( + ssl, p + 2, end, + &supported_versions_data, &supported_versions_data_end); + if (ret < 0) { + MBEDTLS_SSL_DEBUG_RET(1, + ("mbedtls_ssl_tls13_is_supported_versions_ext_present_in_exts"), ret); + return ret; + } + + if (ret == 0) { + return SSL_CLIENT_HELLO_TLS1_2; + } + + if (ret == 1) { + ret = ssl_tls13_parse_supported_versions_ext(ssl, + supported_versions_data, + supported_versions_data_end); + if (ret < 0) { + MBEDTLS_SSL_DEBUG_RET(1, + ("ssl_tls13_parse_supported_versions_ext"), ret); + return ret; + } + + /* + * The supported versions extension was parsed successfully as the + * value returned by ssl_tls13_parse_supported_versions_ext() is + * positive. The return value is then equal to + * MBEDTLS_SSL_VERSION_TLS1_2 or MBEDTLS_SSL_VERSION_TLS1_3, defining + * the TLS version to negotiate. + */ + if (MBEDTLS_SSL_VERSION_TLS1_2 == ret) { + return SSL_CLIENT_HELLO_TLS1_2; + } + } + + /* + * We negotiate TLS 1.3. + */ + ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + /* Store minor version for later use with ticket serialization. */ + ssl->session_negotiate->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; + ssl->session_negotiate->endpoint = ssl->conf->endpoint; #endif - cipher_suites_end = p + cipher_suites_len; - MBEDTLS_SSL_DEBUG_BUF(3, "client hello, ciphersuitelist", - p, cipher_suites_len); + + /* + * We are negotiating the version 1.3 of the protocol. Do what we have + * postponed: copy of the client random bytes, copy of the legacy session + * identifier and selection of the TLS 1.3 cipher suite. + */ + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes", + random, MBEDTLS_CLIENT_HELLO_RANDOM_LEN); + memcpy(&handshake->randbytes[0], random, MBEDTLS_CLIENT_HELLO_RANDOM_LEN); + + if (legacy_session_id_len > sizeof(ssl->session_negotiate->id)) { + MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); + return MBEDTLS_ERR_SSL_DECODE_ERROR; + } + ssl->session_negotiate->id_len = legacy_session_id_len; + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, session id", + legacy_session_id, legacy_session_id_len); + memcpy(&ssl->session_negotiate->id[0], + legacy_session_id, legacy_session_id_len); /* * Search for a matching ciphersuite */ - for (; p < cipher_suites_end; p += 2) { + MBEDTLS_SSL_DEBUG_BUF(3, "client hello, list of cipher suites", + cipher_suites, cipher_suites_len); + for (const unsigned char *cipher_suites_p = cipher_suites; + cipher_suites_p < cipher_suites_end; cipher_suites_p += 2) { uint16_t cipher_suite; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - MBEDTLS_SSL_CHK_BUF_READ_PTR(p, cipher_suites_end, 2); - - cipher_suite = MBEDTLS_GET_UINT16_BE(p, 0); + /* + * "cipher_suites_end - cipher_suites_p is even" is an invariant of the + * loop. As cipher_suites_end - cipher_suites_p > 0, we have + * cipher_suites_end - cipher_suites_p >= 2 and it is thus safe to read + * two bytes. + */ + cipher_suite = MBEDTLS_GET_UINT16_BE(cipher_suites_p, 0); ciphersuite_info = ssl_tls13_validate_peer_ciphersuite( ssl, cipher_suite); if (ciphersuite_info == NULL) { @@ -1391,6 +1482,7 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("selected ciphersuite: %04x - %s", cipher_suite, ciphersuite_info->name)); + break; } if (handshake->ciphersuite_info == NULL) { @@ -1426,7 +1518,6 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, extensions_end = p + extensions_len; MBEDTLS_SSL_DEBUG_BUF(3, "client hello extensions", p, extensions_len); - handshake->received_extensions = MBEDTLS_SSL_EXT_MASK_NONE; while (p < extensions_end) { @@ -1479,7 +1570,7 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, break; #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_ECDH_C) +#if defined(PSA_WANT_ALG_ECDH) || defined(PSA_WANT_ALG_FFDH) case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS: MBEDTLS_SSL_DEBUG_MSG(3, ("found supported group extension")); @@ -1492,15 +1583,15 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, ret = ssl_tls13_parse_supported_groups_ext( ssl, p, extension_data_end); if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, - "mbedtls_ssl_parse_supported_groups_ext", ret); + MBEDTLS_SSL_DEBUG_RET( + 1, "ssl_tls13_parse_supported_groups_ext", ret); return ret; } break; -#endif /* MBEDTLS_ECDH_C */ +#endif /* PSA_WANT_ALG_ECDH || PSA_WANT_ALG_FFDH*/ -#if defined(MBEDTLS_ECDH_C) +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) case MBEDTLS_TLS_EXT_KEY_SHARE: MBEDTLS_SSL_DEBUG_MSG(3, ("found key share extension")); @@ -1514,8 +1605,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, ret = ssl_tls13_parse_key_shares_ext( ssl, p, extension_data_end); if (ret == SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH) { - MBEDTLS_SSL_DEBUG_MSG(2, ("HRR needed ")); - hrr_required = 1; + MBEDTLS_SSL_DEBUG_MSG(2, ("No usable share for key agreement.")); + no_usable_share_for_key_agreement = 1; } if (ret < 0) { @@ -1525,23 +1616,16 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } break; -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS: - MBEDTLS_SSL_DEBUG_MSG(3, ("found supported versions extension")); - - ret = ssl_tls13_parse_supported_versions_ext( - ssl, p, extension_data_end); - if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, - ("ssl_tls13_parse_supported_versions_ext"), ret); - return ret; - } + /* Already parsed */ break; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) case MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES: - MBEDTLS_SSL_DEBUG_MSG(3, ("found psk key exchange modes extension")); + MBEDTLS_SSL_DEBUG_MSG( + 3, ("found psk key exchange modes extension")); ret = ssl_tls13_parse_key_exchange_modes_ext( ssl, p, extension_data_end); @@ -1593,15 +1677,30 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, ret = mbedtls_ssl_parse_sig_alg_ext( ssl, p, extension_data_end); if (ret != 0) { - MBEDTLS_SSL_DEBUG_MSG(1, - ( - "ssl_parse_supported_signature_algorithms_server_ext ( %d )", - ret)); + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_parse_sig_alg_ext", ret); return ret; } break; #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + case MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT: + MBEDTLS_SSL_DEBUG_MSG(3, ("found record_size_limit extension")); + + ret = mbedtls_ssl_tls13_parse_record_size_limit_ext( + ssl, p, extension_data_end); + + /* + * TODO: Return unconditionally here until we handle the record + * size limit correctly. + * Once handled correctly, only return in case of errors. + */ + return ret; + + break; +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + default: MBEDTLS_SSL_PRINT_EXT( 3, MBEDTLS_SSL_HS_CLIENT_HELLO, @@ -1615,9 +1714,13 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->received_extensions); - mbedtls_ssl_add_hs_hdr_to_checksum(ssl, - MBEDTLS_SSL_HS_CLIENT_HELLO, - p - buf); + ret = mbedtls_ssl_add_hs_hdr_to_checksum(ssl, + MBEDTLS_SSL_HS_CLIENT_HELLO, + p - buf); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("mbedtls_ssl_add_hs_hdr_to_checksum"), ret); + return ret; + } #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) /* Update checksum with either @@ -1628,8 +1731,12 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, if (mbedtls_ssl_tls13_some_psk_enabled(ssl) && mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) && (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY))) { - handshake->update_checksum(ssl, buf, - pre_shared_key_ext - buf); + ret = handshake->update_checksum(ssl, buf, + pre_shared_key_ext - buf); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret); + return ret; + } ret = ssl_tls13_parse_pre_shared_key_ext(ssl, pre_shared_key_ext, pre_shared_key_ext_end, @@ -1645,7 +1752,11 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } else #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ { - handshake->update_checksum(ssl, buf, p - buf); + ret = handshake->update_checksum(ssl, buf, p - buf); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret); + return ret; + } } ret = ssl_tls13_determine_key_exchange_mode(ssl); @@ -1653,6 +1764,11 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, return ret; } + if (ssl->handshake->key_exchange_mode != + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) { + hrr_required = (no_usable_share_for_key_agreement != 0); + } + mbedtls_ssl_optimize_checksum(ssl, handshake->ciphersuite_info); return hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK; @@ -1709,15 +1825,27 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_parse_client_hello(ssl, buf, buf + buflen)); - parse_client_hello_ret = ret; /* Store return value of parse_client_hello, - * only SSL_CLIENT_HELLO_OK or - * SSL_CLIENT_HELLO_HRR_REQUIRED at this - * stage as negative error codes are handled + parse_client_hello_ret = ret; /* Store positive return value of + * parse_client_hello, + * as negative error codes are handled * by MBEDTLS_SSL_PROC_CHK_NEG. */ + /* + * Version 1.2 of the protocol has been chosen, set the + * ssl->keep_current_message flag for the ClientHello to be kept and parsed + * as a TLS 1.2 ClientHello. We also change ssl->tls_version to + * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step() + * will dispatch to the TLS 1.2 state machine. + */ + if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) { + ssl->keep_current_message = 1; + ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; + return 0; + } + MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_client_hello(ssl)); - if (parse_client_hello_ret == SSL_CLIENT_HELLO_OK) { + if (SSL_CLIENT_HELLO_OK == parse_client_hello_ret) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); } else { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST); @@ -1753,7 +1881,7 @@ static int ssl_tls13_prepare_server_hello(mbedtls_ssl_context *ssl) MBEDTLS_SERVER_HELLO_RANDOM_LEN); #if defined(MBEDTLS_HAVE_TIME) - ssl->session_negotiate->start = time(NULL); + ssl->session_negotiate->start = mbedtls_time(NULL); #endif /* MBEDTLS_HAVE_TIME */ return ret; @@ -1818,18 +1946,19 @@ static int ssl_tls13_generate_and_write_key_share(mbedtls_ssl_context *ssl, *out_len = 0; -#if defined(MBEDTLS_ECDH_C) - if (mbedtls_ssl_tls13_named_group_is_ecdhe(named_group)) { - ret = mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange( +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) + if (mbedtls_ssl_tls13_named_group_is_ecdhe(named_group) || + mbedtls_ssl_tls13_named_group_is_ffdh(named_group)) { + ret = mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( ssl, named_group, buf, end, out_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange", + 1, "mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange", ret); return ret; } } else -#endif /* MBEDTLS_ECDH_C */ +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED */ if (0 /* Other kinds of KEMs */) { } else { ((void) ssl); @@ -2125,7 +2254,7 @@ static int ssl_tls13_write_server_hello_body(mbedtls_ssl_context *ssl, } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_finalize_write_server_hello(mbedtls_ssl_context *ssl) +static int ssl_tls13_finalize_server_hello(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; ret = mbedtls_ssl_tls13_compute_handshake_transform(ssl); @@ -2150,22 +2279,21 @@ static int ssl_tls13_write_server_hello(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_prepare_server_hello(ssl)); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, - MBEDTLS_SSL_HS_SERVER_HELLO, &buf, - &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_server_hello_body(ssl, buf, buf + buf_len, &msg_len, 0)); - mbedtls_ssl_add_hs_msg_to_checksum( - ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( ssl, buf_len, msg_len)); - MBEDTLS_SSL_PROC_CHK(ssl_tls13_finalize_write_server_hello(ssl)); + MBEDTLS_SSL_PROC_CHK(ssl_tls13_finalize_server_hello(ssl)); #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) /* The server sends a dummy change_cipher_spec record immediately @@ -2232,8 +2360,8 @@ static int ssl_tls13_write_hello_retry_request(mbedtls_ssl_context *ssl) buf + buf_len, &msg_len, 1)); - mbedtls_ssl_add_hs_msg_to_checksum( - ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(ssl, buf_len, @@ -2324,15 +2452,16 @@ static int ssl_tls13_write_encrypted_extensions(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(2, ("=> write encrypted extensions")); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, - MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, &buf, - &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, + &buf, &buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_encrypted_extensions_body( ssl, buf, buf + buf_len, &msg_len)); - mbedtls_ssl_add_hs_msg_to_checksum( - ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, + buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( ssl, buf_len, msg_len)); @@ -2457,15 +2586,16 @@ static int ssl_tls13_write_certificate_request(mbedtls_ssl_context *ssl) unsigned char *buf; size_t buf_len, msg_len; - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, - MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, - &buf, &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, + &buf, &buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_request_body( ssl, buf, buf + buf_len, &msg_len)); - mbedtls_ssl_add_hs_msg_to_checksum( - ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, msg_len); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, + buf, msg_len)); MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( ssl, buf_len, msg_len)); @@ -2576,8 +2706,8 @@ static int ssl_tls13_process_client_finished(mbedtls_ssl_context *ssl) ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl); if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET(1, - "mbedtls_ssl_tls13_compute_resumption_master_secret", ret); + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_compute_resumption_master_secret", ret); } mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP); @@ -2602,7 +2732,8 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) */ /* Sent NewSessionTicket message only when client supports PSK */ if (mbedtls_ssl_tls13_some_psk_enabled(ssl)) { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); } else #endif { @@ -2688,7 +2819,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, ciphersuite_info = (mbedtls_ssl_ciphersuite_t *) ssl->handshake->ciphersuite_info; - psa_hash_alg = mbedtls_psa_translate_md(ciphersuite_info->mac); + psa_hash_alg = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) ciphersuite_info->mac); hash_length = PSA_HASH_LENGTH(psa_hash_alg); if (hash_length == -1 || (size_t) hash_length > sizeof(session->resumption_key)) { @@ -2865,9 +2996,9 @@ static int ssl_tls13_write_new_session_ticket(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_prepare_new_session_ticket( ssl, ticket_nonce, sizeof(ticket_nonce))); - MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, - MBEDTLS_SSL_HS_NEW_SESSION_TICKET, - &buf, &buf_len)); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg( + ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, + &buf, &buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_new_session_ticket_body( ssl, buf, buf + buf_len, &msg_len, @@ -2910,7 +3041,7 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) } MBEDTLS_SSL_DEBUG_MSG(2, ("tls13 server state: %s(%d)", - mbedtls_ssl_states_str(ssl->state), + mbedtls_ssl_states_str((mbedtls_ssl_states) ssl->state), ssl->state)); switch (ssl->state) { @@ -3035,7 +3166,8 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) if (ssl->handshake->new_session_tickets_count == 0) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER); } else { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); } break; diff --git a/library/x509.c b/library/x509.c index 1b3701cda..990393c31 100644 --- a/library/x509.c +++ b/library/x509.c @@ -43,6 +43,8 @@ #include "mbedtls/pem.h" #endif +#include "mbedtls/asn1write.h" + #include "mbedtls/platform.h" #if defined(MBEDTLS_HAVE_TIME) @@ -53,15 +55,17 @@ #include #endif -#include "mbedtls/legacy_or_psa.h" +#define CHECK(code) \ + do { \ + if ((ret = (code)) != 0) { \ + return ret; \ + } \ + } while (0) -#define CHECK(code) if ((ret = (code)) != 0) { return ret; } #define CHECK_RANGE(min, max, val) \ - do \ - { \ - if ((val) < (min) || (val) > (max)) \ - { \ - return ret; \ + do { \ + if ((val) < (min) || (val) > (max)) { \ + return ret; \ } \ } while (0) @@ -132,34 +136,36 @@ int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, /* * Convert md type to string */ +#if !defined(MBEDTLS_X509_REMOVE_INFO) && defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + static inline const char *md_type_to_string(mbedtls_md_type_t md_alg) { switch (md_alg) { -#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_MD5) case MBEDTLS_MD_MD5: return "MD5"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) case MBEDTLS_MD_SHA1: return "SHA1"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) case MBEDTLS_MD_SHA224: return "SHA224"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) case MBEDTLS_MD_SHA256: return "SHA256"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) case MBEDTLS_MD_SHA384: return "SHA384"; #endif -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) case MBEDTLS_MD_SHA512: return "SHA512"; #endif -#if defined(MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA) +#if defined(MBEDTLS_MD_CAN_RIPEMD160) case MBEDTLS_MD_RIPEMD160: return "RIPEMD160"; #endif @@ -170,6 +176,8 @@ static inline const char *md_type_to_string(mbedtls_md_type_t md_alg) } } +#endif /* !defined(MBEDTLS_X509_REMOVE_INFO) && defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) */ + #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) /* * HashAlgorithm ::= AlgorithmIdentifier @@ -567,117 +575,82 @@ error: return ret; } -static int x509_parse_int(unsigned char **p, size_t n, int *res) +static int x509_date_is_valid(const mbedtls_x509_time *t) { - *res = 0; - - for (; n > 0; --n) { - if ((**p < '0') || (**p > '9')) { + unsigned int month_days; + unsigned int year; + switch (t->mon) { + case 1: case 3: case 5: case 7: case 8: case 10: case 12: + month_days = 31; + break; + case 4: case 6: case 9: case 11: + month_days = 30; + break; + case 2: + year = (unsigned int) t->year; + month_days = ((year & 3) || (!(year % 100) + && (year % 400))) + ? 28 : 29; + break; + default: return MBEDTLS_ERR_X509_INVALID_DATE; - } + } - *res *= 10; - *res += (*(*p)++ - '0'); + if ((unsigned int) (t->day - 1) >= month_days || /* (1 - days in month) */ + /* (unsigned int) (t->mon - 1) >= 12 || */ /* (1 - 12) checked above */ + (unsigned int) t->year > 9999 || /* (0 - 9999) */ + (unsigned int) t->hour > 23 || /* (0 - 23) */ + (unsigned int) t->min > 59 || /* (0 - 59) */ + (unsigned int) t->sec > 59) { /* (0 - 59) */ + return MBEDTLS_ERR_X509_INVALID_DATE; } return 0; } -static int x509_date_is_valid(const mbedtls_x509_time *t) +static int x509_parse2_int(const unsigned char *p) { - int ret = MBEDTLS_ERR_X509_INVALID_DATE; - int month_len; - - CHECK_RANGE(0, 9999, t->year); - CHECK_RANGE(0, 23, t->hour); - CHECK_RANGE(0, 59, t->min); - CHECK_RANGE(0, 59, t->sec); - - switch (t->mon) { - case 1: case 3: case 5: case 7: case 8: case 10: case 12: - month_len = 31; - break; - case 4: case 6: case 9: case 11: - month_len = 30; - break; - case 2: - if ((!(t->year % 4) && t->year % 100) || - !(t->year % 400)) { - month_len = 29; - } else { - month_len = 28; - } - break; - default: - return ret; - } - CHECK_RANGE(1, month_len, t->day); - - return 0; + uint32_t d1 = p[0] - '0'; + uint32_t d2 = p[1] - '0'; + return (d1 < 10 && d2 < 10) ? (int) (d1 * 10 + d2) : -1; } /* * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4) * field. */ -static int x509_parse_time(unsigned char **p, size_t len, size_t yearlen, - mbedtls_x509_time *tm) +static int x509_parse_time(const unsigned char *p, mbedtls_x509_time *tm, + size_t yearlen) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int x; /* - * Minimum length is 10 or 12 depending on yearlen + * Parse year, month, day, hour, minute, second */ - if (len < yearlen + 8) { + tm->year = x509_parse2_int(p); + if (tm->year < 0) { return MBEDTLS_ERR_X509_INVALID_DATE; } - len -= yearlen + 8; - /* - * Parse year, month, day, hour, minute - */ - CHECK(x509_parse_int(p, yearlen, &tm->year)); - if (2 == yearlen) { - if (tm->year < 50) { - tm->year += 100; + if (4 == yearlen) { + x = tm->year * 100; + p += 2; + tm->year = x509_parse2_int(p); + if (tm->year < 0) { + return MBEDTLS_ERR_X509_INVALID_DATE; } - - tm->year += 1900; - } - - CHECK(x509_parse_int(p, 2, &tm->mon)); - CHECK(x509_parse_int(p, 2, &tm->day)); - CHECK(x509_parse_int(p, 2, &tm->hour)); - CHECK(x509_parse_int(p, 2, &tm->min)); - - /* - * Parse seconds if present - */ - if (len >= 2) { - CHECK(x509_parse_int(p, 2, &tm->sec)); - len -= 2; } else { - return MBEDTLS_ERR_X509_INVALID_DATE; + x = (tm->year < 50) ? 2000 : 1900; } + tm->year += x; - /* - * Parse trailing 'Z' if present - */ - if (1 == len && 'Z' == **p) { - (*p)++; - len--; - } + tm->mon = x509_parse2_int(p + 2); + tm->day = x509_parse2_int(p + 4); + tm->hour = x509_parse2_int(p + 6); + tm->min = x509_parse2_int(p + 8); + tm->sec = x509_parse2_int(p + 10); - /* - * We should have parsed all characters at this point - */ - if (0 != len) { - return MBEDTLS_ERR_X509_INVALID_DATE; - } - - CHECK(x509_date_is_valid(tm)); - - return 0; + return x509_date_is_valid(tm); } /* @@ -715,7 +688,14 @@ int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_DATE, ret); } - return x509_parse_time(p, len, year_len, tm); + /* len is 12 or 14 depending on year_len, plus optional trailing 'Z' */ + if (len != year_len + 10 && + !(len == year_len + 11 && (*p)[(len - 1)] == 'Z')) { + return MBEDTLS_ERR_X509_INVALID_DATE; + } + + (*p) += len; + return x509_parse_time(*p - len, tm, year_len); } int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig) @@ -832,6 +812,11 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, return 0; } +static char nibble_to_hex_digit(int i) +{ + return (i < 10) ? (i + '0') : (i - 10 + 'A'); +} + /* * Store the name in printable form into buf; no more * than size characters will be written @@ -839,11 +824,16 @@ int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i, j, n; + size_t i, j, n, asn1_len_size, asn1_tag_size, asn1_tag_len_buf_start; + /* 6 is enough as our asn1 write functions only write one byte for the tag and at most five bytes for the length*/ + unsigned char asn1_tag_len_buf[6]; + unsigned char *asn1_len_p; unsigned char c, merge = 0; const mbedtls_x509_name *name; const char *short_name = NULL; + char lowbits, highbits; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; + int print_hexstring; memset(s, 0, sizeof(s)); @@ -862,32 +852,91 @@ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn) MBEDTLS_X509_SAFE_SNPRINTF; } - ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name); + print_hexstring = (name->val.tag != MBEDTLS_ASN1_UTF8_STRING) && + (name->val.tag != MBEDTLS_ASN1_PRINTABLE_STRING) && + (name->val.tag != MBEDTLS_ASN1_IA5_STRING); - if (ret == 0) { + if ((ret = mbedtls_oid_get_attr_short_name(&name->oid, &short_name)) == 0) { ret = mbedtls_snprintf(p, n, "%s=", short_name); } else { - ret = mbedtls_snprintf(p, n, "\?\?="); + if ((ret = mbedtls_oid_get_numeric_string(p, n, &name->oid)) > 0) { + n -= ret; + p += ret; + ret = mbedtls_snprintf(p, n, "="); + print_hexstring = 1; + } else if (ret == MBEDTLS_ERR_OID_BUF_TOO_SMALL) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } else { + ret = mbedtls_snprintf(p, n, "\?\?="); + } } MBEDTLS_X509_SAFE_SNPRINTF; - for (i = 0, j = 0; i < name->val.len; i++, j++) { - if (j >= sizeof(s) - 1) { - return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; - } + if (print_hexstring) { + s[0] = '#'; - c = name->val.p[i]; - // Special characters requiring escaping, RFC 1779 - if (c && strchr(",=+<>#;\"\\", c)) { + asn1_len_p = asn1_tag_len_buf + sizeof(asn1_tag_len_buf); + if ((ret = mbedtls_asn1_write_len(&asn1_len_p, asn1_tag_len_buf, name->val.len)) < 0) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } + asn1_len_size = ret; + if ((ret = mbedtls_asn1_write_tag(&asn1_len_p, asn1_tag_len_buf, name->val.tag)) < 0) { + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } + asn1_tag_size = ret; + asn1_tag_len_buf_start = sizeof(asn1_tag_len_buf) - asn1_len_size - asn1_tag_size; + for (i = 0, j = 1; i < asn1_len_size + asn1_tag_size; i++) { if (j + 1 >= sizeof(s) - 1) { return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; } - s[j++] = '\\'; + c = asn1_tag_len_buf[asn1_tag_len_buf_start+i]; + lowbits = (c & 0x0F); + highbits = c >> 4; + s[j++] = nibble_to_hex_digit(highbits); + s[j++] = nibble_to_hex_digit(lowbits); } - if (c < 32 || c >= 127) { - s[j] = '?'; - } else { - s[j] = c; + for (i = 0; i < name->val.len; i++) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + c = name->val.p[i]; + lowbits = (c & 0x0F); + highbits = c >> 4; + s[j++] = nibble_to_hex_digit(highbits); + s[j++] = nibble_to_hex_digit(lowbits); + } + } else { + for (i = 0, j = 0; i < name->val.len; i++, j++) { + if (j >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + + c = name->val.p[i]; + // Special characters requiring escaping, RFC 4514 Section 2.4 + if (c == '\0') { + return MBEDTLS_ERR_X509_INVALID_NAME; + } else { + if (strchr(",=+<>;\"\\", c) || + ((i == 0) && strchr("# ", c)) || + ((i == name->val.len-1) && (c == ' '))) { + if (j + 1 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; + } + } + if (c < 32 || c >= 127) { + if (j + 3 >= sizeof(s) - 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + s[j++] = '\\'; + lowbits = (c & 0x0F); + highbits = c >> 4; + s[j++] = nibble_to_hex_digit(highbits); + s[j] = nibble_to_hex_digit(lowbits); + } else { + s[j] = c; + } } } s[j] = '\0'; @@ -996,81 +1045,45 @@ int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name) return 0; } -#if defined(MBEDTLS_HAVE_TIME_DATE) -/* - * Set the time structure to the current time. - * Return 0 on success, non-zero on failure. - */ -static int x509_get_current_time(mbedtls_x509_time *now) +int mbedtls_x509_time_cmp(const mbedtls_x509_time *t1, + const mbedtls_x509_time *t2) { - struct tm *lt, tm_buf; - mbedtls_time_t tt; - int ret = 0; + int x; - tt = mbedtls_time(NULL); - lt = mbedtls_platform_gmtime_r(&tt, &tm_buf); - - if (lt == NULL) { - ret = -1; - } else { - now->year = lt->tm_year + 1900; - now->mon = lt->tm_mon + 1; - now->day = lt->tm_mday; - now->hour = lt->tm_hour; - now->min = lt->tm_min; - now->sec = lt->tm_sec; + x = (((t1->year << 9) | (t1->mon << 5) | (t1->day)) - + ((t2->year << 9) | (t2->mon << 5) | (t2->day))); + if (x != 0) { + return x; } - return ret; + x = (((t1->hour << 12) | (t1->min << 6) | (t1->sec)) - + ((t2->hour << 12) | (t2->min << 6) | (t2->sec))); + return x; } -/* - * Return 0 if before <= after, 1 otherwise - */ -static int x509_check_time(const mbedtls_x509_time *before, const mbedtls_x509_time *after) +#if defined(MBEDTLS_HAVE_TIME_DATE) +int mbedtls_x509_time_gmtime(mbedtls_time_t tt, mbedtls_x509_time *now) { - if (before->year > after->year) { - return 1; - } - - if (before->year == after->year && - before->mon > after->mon) { - return 1; - } - - if (before->year == after->year && - before->mon == after->mon && - before->day > after->day) { - return 1; - } - - if (before->year == after->year && - before->mon == after->mon && - before->day == after->day && - before->hour > after->hour) { - return 1; - } - - if (before->year == after->year && - before->mon == after->mon && - before->day == after->day && - before->hour == after->hour && - before->min > after->min) { - return 1; - } - - if (before->year == after->year && - before->mon == after->mon && - before->day == after->day && - before->hour == after->hour && - before->min == after->min && - before->sec > after->sec) { - return 1; + struct tm tm; + + if (mbedtls_platform_gmtime_r(&tt, &tm) == NULL) { + return -1; } + now->year = tm.tm_year + 1900; + now->mon = tm.tm_mon + 1; + now->day = tm.tm_mday; + now->hour = tm.tm_hour; + now->min = tm.tm_min; + now->sec = tm.tm_sec; return 0; } +static int x509_get_current_time(mbedtls_x509_time *now) +{ + return mbedtls_x509_time_gmtime(mbedtls_time(NULL), now); +} + int mbedtls_x509_time_is_past(const mbedtls_x509_time *to) { mbedtls_x509_time now; @@ -1079,7 +1092,7 @@ int mbedtls_x509_time_is_past(const mbedtls_x509_time *to) return 1; } - return x509_check_time(&now, to); + return mbedtls_x509_time_cmp(to, &now) < 0; } int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) @@ -1090,7 +1103,7 @@ int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) return 1; } - return x509_check_time(from, &now); + return mbedtls_x509_time_cmp(from, &now) > 0; } #else /* MBEDTLS_HAVE_TIME_DATE */ @@ -1107,4 +1120,669 @@ int mbedtls_x509_time_is_future(const mbedtls_x509_time *from) return 0; } #endif /* MBEDTLS_HAVE_TIME_DATE */ + +/* Common functions for parsing CRT and CSR. */ +#if defined(MBEDTLS_X509_CRT_PARSE_C) || defined(MBEDTLS_X509_CSR_PARSE_C) +/* + * OtherName ::= SEQUENCE { + * type-id OBJECT IDENTIFIER, + * value [0] EXPLICIT ANY DEFINED BY type-id } + * + * HardwareModuleName ::= SEQUENCE { + * hwType OBJECT IDENTIFIER, + * hwSerialNum OCTET STRING } + * + * NOTE: we currently only parse and use otherName of type HwModuleName, + * as defined in RFC 4108. + */ +static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name, + mbedtls_x509_san_other_name *other_name) +{ + int ret = 0; + size_t len; + unsigned char *p = subject_alt_name->p; + const unsigned char *end = p + subject_alt_name->len; + mbedtls_x509_buf cur_oid; + + if ((subject_alt_name->tag & + (MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK)) != + (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME)) { + /* + * The given subject alternative name is not of type "othername". + */ + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + cur_oid.tag = MBEDTLS_ASN1_OID; + cur_oid.p = p; + cur_oid.len = len; + + /* + * Only HwModuleName is currently supported. + */ + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid) != 0) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } + other_name->type_id = cur_oid; + + p += len; + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if (end != p + len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if (end != p + len) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID; + other_name->value.hardware_module_name.oid.p = p; + other_name->value.hardware_module_name.oid.len = len; + + p += len; + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING; + other_name->value.hardware_module_name.val.p = p; + other_name->value.hardware_module_name.val.len = len; + p += len; + if (p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + return 0; +} + +/* Check mbedtls_x509_get_subject_alt_name for detailed description. + * + * In some cases while parsing subject alternative names the sequence tag is optional + * (e.g. CertSerialNumber). This function is designed to handle such case. + */ +int mbedtls_x509_get_subject_alt_name_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t tag_len; + mbedtls_asn1_sequence *cur = subject_alt_name; + + while (*p < end) { + mbedtls_x509_subject_alternative_name tmp_san_name; + mbedtls_x509_buf tmp_san_buf; + memset(&tmp_san_name, 0, sizeof(tmp_san_name)); + + tmp_san_buf.tag = **p; + (*p)++; + + if ((ret = mbedtls_asn1_get_len(p, end, &tag_len)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + tmp_san_buf.p = *p; + tmp_san_buf.len = tag_len; + + if ((tmp_san_buf.tag & MBEDTLS_ASN1_TAG_CLASS_MASK) != + MBEDTLS_ASN1_CONTEXT_SPECIFIC) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } + + /* + * Check that the SAN is structured correctly by parsing it. + * The SAN structure is discarded afterwards. + */ + ret = mbedtls_x509_parse_subject_alt_name(&tmp_san_buf, &tmp_san_name); + /* + * In case the extension is malformed, return an error, + * and clear the allocated sequences. + */ + if (ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { + mbedtls_asn1_sequence_free(subject_alt_name->next); + subject_alt_name->next = NULL; + return ret; + } + + mbedtls_x509_free_subject_alt_name(&tmp_san_name); + /* Allocate and assign next pointer */ + if (cur->buf.p != NULL) { + if (cur->next != NULL) { + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; + } + + cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); + + if (cur->next == NULL) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_ALLOC_FAILED); + } + + cur = cur->next; + } + + cur->buf = tmp_san_buf; + *p += tmp_san_buf.len; + } + + /* Set final sequence entry's next pointer to NULL */ + cur->next = NULL; + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + return 0; +} + +/* + * SubjectAltName ::= GeneralNames + * + * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName + * + * GeneralName ::= CHOICE { + * otherName [0] OtherName, + * rfc822Name [1] IA5String, + * dNSName [2] IA5String, + * x400Address [3] ORAddress, + * directoryName [4] Name, + * ediPartyName [5] EDIPartyName, + * uniformResourceIdentifier [6] IA5String, + * iPAddress [7] OCTET STRING, + * registeredID [8] OBJECT IDENTIFIER } + * + * OtherName ::= SEQUENCE { + * type-id OBJECT IDENTIFIER, + * value [0] EXPLICIT ANY DEFINED BY type-id } + * + * EDIPartyName ::= SEQUENCE { + * nameAssigner [0] DirectoryString OPTIONAL, + * partyName [1] DirectoryString } + * + * We list all types, but use the following GeneralName types from RFC 5280: + * "dnsName", "uniformResourceIdentifier" and "hardware_module_name" + * of type "otherName", as defined in RFC 4108. + */ +int mbedtls_x509_get_subject_alt_name(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len; + + /* Get main sequence tag */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + return mbedtls_x509_get_subject_alt_name_ext(p, end, subject_alt_name); +} + +int mbedtls_x509_get_ns_cert_type(unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_x509_bitstring bs = { 0, 0, NULL }; + + if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + /* A bitstring with no flags set is still technically valid, as it will mean + that the certificate has no designated purpose at the time of creation. */ + if (bs.len == 0) { + *ns_cert_type = 0; + return 0; + } + + if (bs.len != 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_LENGTH); + } + + /* Get actual bitstring */ + *ns_cert_type = *bs.p; + return 0; +} + +int mbedtls_x509_get_key_usage(unsigned char **p, + const unsigned char *end, + unsigned int *key_usage) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t i; + mbedtls_x509_bitstring bs = { 0, 0, NULL }; + + if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + /* A bitstring with no flags set is still technically valid, as it will mean + that the certificate has no designated purpose at the time of creation. */ + if (bs.len == 0) { + *key_usage = 0; + return 0; + } + + /* Get actual bitstring */ + *key_usage = 0; + for (i = 0; i < bs.len && i < sizeof(unsigned int); i++) { + *key_usage |= (unsigned int) bs.p[i] << (8*i); + } + + return 0; +} + +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + switch (san_buf->tag & + (MBEDTLS_ASN1_TAG_CLASS_MASK | + MBEDTLS_ASN1_TAG_VALUE_MASK)) { + /* + * otherName + */ + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME): + { + mbedtls_x509_san_other_name other_name; + + ret = x509_get_other_name(san_buf, &other_name); + if (ret != 0) { + return ret; + } + + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); + san->type = MBEDTLS_X509_SAN_OTHER_NAME; + memcpy(&san->san.other_name, + &other_name, sizeof(other_name)); + + } + break; + /* + * uniformResourceIdentifier + */ + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER): + { + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); + san->type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; + + memcpy(&san->san.unstructured_name, + san_buf, sizeof(*san_buf)); + + } + break; + /* + * dNSName + */ + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME): + { + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); + san->type = MBEDTLS_X509_SAN_DNS_NAME; + + memcpy(&san->san.unstructured_name, + san_buf, sizeof(*san_buf)); + } + break; + /* + * IP address + */ + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_IP_ADDRESS): + { + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); + san->type = MBEDTLS_X509_SAN_IP_ADDRESS; + // Only IPv6 (16 bytes) and IPv4 (4 bytes) types are supported + if (san_buf->len == 4 || san_buf->len == 16) { + memcpy(&san->san.unstructured_name, + san_buf, sizeof(*san_buf)); + } else { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + } + break; + /* + * rfc822Name + */ + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_RFC822_NAME): + { + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); + san->type = MBEDTLS_X509_SAN_RFC822_NAME; + memcpy(&san->san.unstructured_name, san_buf, sizeof(*san_buf)); + } + break; + /* + * directoryName + */ + case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DIRECTORY_NAME): + { + size_t name_len; + unsigned char *p = san_buf->p; + memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); + san->type = MBEDTLS_X509_SAN_DIRECTORY_NAME; + + ret = mbedtls_asn1_get_tag(&p, p + san_buf->len, &name_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + + if (ret != 0) { + return ret; + } + + if ((ret = mbedtls_x509_get_name(&p, p + name_len, + &san->san.directory_name)) != 0) { + return ret; + } + } + break; + /* + * Type not supported + */ + default: + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } + return 0; +} + +void mbedtls_x509_free_subject_alt_name(mbedtls_x509_subject_alternative_name *san) +{ + if (san->type == MBEDTLS_X509_SAN_DIRECTORY_NAME) { + mbedtls_asn1_free_named_data_list_shallow(san->san.directory_name.next); + } +} + +#if !defined(MBEDTLS_X509_REMOVE_INFO) +int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size, + const mbedtls_x509_sequence + *subject_alt_name, + const char *prefix) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t i; + size_t n = *size; + char *p = *buf; + const mbedtls_x509_sequence *cur = subject_alt_name; + mbedtls_x509_subject_alternative_name san; + int parse_ret; + + while (cur != NULL) { + memset(&san, 0, sizeof(san)); + parse_ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); + if (parse_ret != 0) { + if (parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + } else { + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + } + cur = cur->next; + continue; + } + + switch (san.type) { + /* + * otherName + */ + case MBEDTLS_X509_SAN_OTHER_NAME: + { + mbedtls_x509_san_other_name *other_name = &san.san.other_name; + + ret = mbedtls_snprintf(p, n, "\n%s otherName :", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + + if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, + &other_name->type_id) == 0) { + ret = mbedtls_snprintf(p, n, "\n%s hardware module name :", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = + mbedtls_snprintf(p, n, "\n%s hardware type : ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = mbedtls_oid_get_numeric_string(p, + n, + &other_name->value.hardware_module_name.oid); + MBEDTLS_X509_SAFE_SNPRINTF; + + ret = + mbedtls_snprintf(p, n, "\n%s hardware serial number : ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + + for (i = 0; i < other_name->value.hardware_module_name.val.len; i++) { + ret = mbedtls_snprintf(p, + n, + "%02X", + other_name->value.hardware_module_name.val.p[i]); + MBEDTLS_X509_SAFE_SNPRINTF; + } + }/* MBEDTLS_OID_ON_HW_MODULE_NAME */ + } + break; + /* + * uniformResourceIdentifier + */ + case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: + { + ret = mbedtls_snprintf(p, n, "\n%s uniformResourceIdentifier : ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + if (san.san.unstructured_name.len >= n) { + if (n > 0) { + *p = '\0'; + } + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + + memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len); + p += san.san.unstructured_name.len; + n -= san.san.unstructured_name.len; + } + break; + /* + * dNSName + * RFC822 Name + */ + case MBEDTLS_X509_SAN_DNS_NAME: + case MBEDTLS_X509_SAN_RFC822_NAME: + { + const char *dns_name = "dNSName"; + const char *rfc822_name = "rfc822Name"; + + ret = mbedtls_snprintf(p, n, + "\n%s %s : ", + prefix, + san.type == + MBEDTLS_X509_SAN_DNS_NAME ? dns_name : rfc822_name); + MBEDTLS_X509_SAFE_SNPRINTF; + if (san.san.unstructured_name.len >= n) { + if (n > 0) { + *p = '\0'; + } + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + + memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len); + p += san.san.unstructured_name.len; + n -= san.san.unstructured_name.len; + } + break; + /* + * iPAddress + */ + case MBEDTLS_X509_SAN_IP_ADDRESS: + { + ret = mbedtls_snprintf(p, n, "\n%s %s : ", + prefix, "iPAddress"); + MBEDTLS_X509_SAFE_SNPRINTF; + if (san.san.unstructured_name.len >= n) { + if (n > 0) { + *p = '\0'; + } + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + + unsigned char *ip = san.san.unstructured_name.p; + // Only IPv6 (16 bytes) and IPv4 (4 bytes) types are supported + if (san.san.unstructured_name.len == 4) { + ret = mbedtls_snprintf(p, n, "%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); + MBEDTLS_X509_SAFE_SNPRINTF; + } else if (san.san.unstructured_name.len == 16) { + ret = mbedtls_snprintf(p, n, + "%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X:%X%X", + ip[0], ip[1], ip[2], ip[3], ip[4], ip[5], ip[6], + ip[7], ip[8], ip[9], ip[10], ip[11], ip[12], ip[13], + ip[14], ip[15]); + MBEDTLS_X509_SAFE_SNPRINTF; + } else { + if (n > 0) { + *p = '\0'; + } + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + } + break; + /* + * directoryName + */ + case MBEDTLS_X509_SAN_DIRECTORY_NAME: + { + ret = mbedtls_snprintf(p, n, "\n%s directoryName : ", prefix); + if (ret < 0 || (size_t) ret >= n) { + mbedtls_x509_free_subject_alt_name(&san); + } + + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets(p, n, &san.san.directory_name); + + if (ret < 0) { + mbedtls_x509_free_subject_alt_name(&san); + if (n > 0) { + *p = '\0'; + } + return ret; + } + + p += ret; + n -= ret; + } + break; + /* + * Type not supported, skip item. + */ + default: + ret = mbedtls_snprintf(p, n, "\n%s ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + break; + } + + /* So far memory is freed only in the case of directoryName + * parsing succeeding, as mbedtls_x509_get_name allocates memory. */ + mbedtls_x509_free_subject_alt_name(&san); + cur = cur->next; + } + + *p = '\0'; + + *size = n; + *buf = p; + + return 0; +} + +#define PRINT_ITEM(i) \ + do { \ + ret = mbedtls_snprintf(p, n, "%s" i, sep); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + sep = ", "; \ + } while (0) + +#define CERT_TYPE(type, name) \ + do { \ + if (ns_cert_type & (type)) { \ + PRINT_ITEM(name); \ + } \ + } while (0) + +int mbedtls_x509_info_cert_type(char **buf, size_t *size, + unsigned char ns_cert_type) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n = *size; + char *p = *buf; + const char *sep = ""; + + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA"); + CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA"); + + *size = n; + *buf = p; + + return 0; +} + +#define KEY_USAGE(code, name) \ + do { \ + if ((key_usage) & (code)) { \ + PRINT_ITEM(name); \ + } \ + } while (0) + +int mbedtls_x509_info_key_usage(char **buf, size_t *size, + unsigned int key_usage) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n = *size; + char *p = *buf; + const char *sep = ""; + + KEY_USAGE(MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature"); + KEY_USAGE(MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment"); + KEY_USAGE(MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement"); + KEY_USAGE(MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign"); + KEY_USAGE(MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign"); + KEY_USAGE(MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only"); + KEY_USAGE(MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only"); + + *size = n; + *buf = p; + + return 0; +} +#endif /* MBEDTLS_X509_REMOVE_INFO */ +#endif /* MBEDTLS_X509_CRT_PARSE_C || MBEDTLS_X509_CSR_PARSE_C */ #endif /* MBEDTLS_X509_USE_C */ diff --git a/library/x509_create.c b/library/x509_create.c index 50db95688..2583cdd0f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -28,6 +28,10 @@ #include +#include "mbedtls/platform.h" + +#include "mbedtls/asn1.h" + /* Structure linking OIDs for X.509 DN AttributeTypes to their * string representations and default string encodings used by Mbed TLS. */ typedef struct { @@ -35,7 +39,8 @@ typedef struct { * "CN" or "emailAddress". */ size_t name_len; /* Length of 'name', without trailing 0 byte. */ const char *oid; /* String representation of OID of AttributeType, - * as per RFC 5280, Appendix A.1. */ + * as per RFC 5280, Appendix A.1. encoded as per + * X.690 */ int default_tag; /* The default character encoding used for the * given attribute type, e.g. * MBEDTLS_ASN1_UTF8_STRING for UTF-8. */ @@ -123,76 +128,259 @@ static const x509_attr_descriptor_t *x509_attr_descr_from_name(const char *name, return cur; } +static int hex_to_int(char c) +{ + return ('0' <= c && c <= '9') ? (c - '0') : + ('a' <= c && c <= 'f') ? (c - 'a' + 10) : + ('A' <= c && c <= 'F') ? (c - 'A' + 10) : -1; +} + +static int hexpair_to_int(const char *hexpair) +{ + int n1 = hex_to_int(*hexpair); + int n2 = hex_to_int(*(hexpair + 1)); + + if (n1 != -1 && n2 != -1) { + return (n1 << 4) | n2; + } else { + return -1; + } +} + +static int parse_attribute_value_string(const char *s, + int len, + unsigned char *data, + size_t *data_len) +{ + const char *c; + const char *end = s + len; + unsigned char *d = data; + int n; + + for (c = s; c < end; c++) { + if (*c == '\\') { + c++; + + /* Check for valid escaped characters as per RFC 4514 Section 3 */ + if (c + 1 < end && (n = hexpair_to_int(c)) != -1) { + if (n == 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + *(d++) = n; + c++; + } else if (c < end && strchr(" ,=+<>#;\"\\", *c)) { + *(d++) = *c; + } else { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + } else { + *(d++) = *c; + } + + if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } + } + *data_len = d - data; + return 0; +} + +/** Parse a hexstring containing a DER-encoded string. + * + * \param s A string of \p len bytes hexadecimal digits. + * \param len Number of bytes to read from \p s. + * \param data Output buffer of size \p data_size. + * On success, it contains the payload that's DER-encoded + * in the input (content without the tag and length). + * If the DER tag is a string tag, the payload is guaranteed + * not to contain null bytes. + * \param data_size Length of the \p data buffer. + * \param data_len On success, the length of the parsed string. + * It is guaranteed to be less than + * #MBEDTLS_X509_MAX_DN_NAME_SIZE. + * \param tag The ASN.1 tag that the payload in \p data is encoded in. + * + * \retval 0 on success. + * \retval #MBEDTLS_ERR_X509_INVALID_NAME if \p s does not contain + * a valid hexstring, + * or if the decoded hexstring is not valid DER, + * or if the payload does not fit in \p data, + * or if the payload is more than + * #MBEDTLS_X509_MAX_DN_NAME_SIZE bytes, + * of if \p *tag is an ASN.1 string tag and the payload + * contains a null byte. + * \retval #MBEDTLS_ERR_X509_ALLOC_FAILED on low memory. + */ +static int parse_attribute_value_hex_der_encoded(const char *s, + size_t len, + unsigned char *data, + size_t data_size, + size_t *data_len, + int *tag) +{ + /* Step 1: preliminary length checks. */ + /* Each byte is encoded by exactly two hexadecimal digits. */ + if (len % 2 != 0) { + /* Odd number of hex digits */ + return MBEDTLS_ERR_X509_INVALID_NAME; + } + size_t const der_length = len / 2; + if (der_length > MBEDTLS_X509_MAX_DN_NAME_SIZE + 4) { + /* The payload would be more than MBEDTLS_X509_MAX_DN_NAME_SIZE + * (after subtracting the ASN.1 tag and length). Reject this early + * to avoid allocating a large intermediate buffer. */ + return MBEDTLS_ERR_X509_INVALID_NAME; + } + if (der_length < 1) { + /* Avoid empty-buffer shenanigans. A valid DER encoding is never + * empty. */ + return MBEDTLS_ERR_X509_INVALID_NAME; + } + + /* Step 2: Decode the hex string into an intermediate buffer. */ + unsigned char *der = mbedtls_calloc(1, der_length); + if (der == NULL) { + return MBEDTLS_ERR_X509_ALLOC_FAILED; + } + /* Beyond this point, der needs to be freed on exit. */ + for (size_t i = 0; i < der_length; i++) { + int c = hexpair_to_int(s + 2 * i); + if (c < 0) { + goto error; + } + der[i] = c; + } + + /* Step 3: decode the DER. */ + /* We've checked that der_length >= 1 above. */ + *tag = der[0]; + unsigned char *p = der + 1; + if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { + goto error; + } + /* Now p points to the first byte of the payload inside der, + * and *data_len is the length of the payload. */ + + /* Step 4: payload validation */ + if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + goto error; + } + /* Strings must not contain null bytes. */ + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { + for (size_t i = 0; i < *data_len; i++) { + if (p[i] == 0) { + goto error; + } + } + } + + /* Step 5: output the payload. */ + if (*data_len > data_size) { + goto error; + } + memcpy(data, p, *data_len); + mbedtls_free(der); + + return 0; + +error: + mbedtls_free(der); + return MBEDTLS_ERR_X509_INVALID_NAME; +} + int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name) { - int ret = 0; + int ret = MBEDTLS_ERR_X509_INVALID_NAME; + int parse_ret = 0; const char *s = name, *c = s; const char *end = s + strlen(s); - const char *oid = NULL; + mbedtls_asn1_buf oid = { .p = NULL, .len = 0, .tag = MBEDTLS_ASN1_NULL }; const x509_attr_descriptor_t *attr_descr = NULL; - int in_tag = 1; - char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; - char *d = data; + int in_attr_type = 1; + int tag; + int numericoid = 0; + unsigned char data[MBEDTLS_X509_MAX_DN_NAME_SIZE]; + size_t data_len = 0; /* Clear existing chain if present */ mbedtls_asn1_free_named_data_list(head); while (c <= end) { - if (in_tag && *c == '=') { + if (in_attr_type && *c == '=') { if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { - ret = MBEDTLS_ERR_X509_UNKNOWN_OID; - goto exit; + if ((mbedtls_oid_from_numeric_string(&oid, s, c - s)) != 0) { + return MBEDTLS_ERR_X509_INVALID_NAME; + } else { + numericoid = 1; + } + } else { + oid.len = strlen(attr_descr->oid); + oid.p = mbedtls_calloc(1, oid.len); + memcpy(oid.p, attr_descr->oid, oid.len); + numericoid = 0; } - oid = attr_descr->oid; s = c + 1; - in_tag = 0; - d = data; + in_attr_type = 0; } - if (!in_tag && *c == '\\' && c != end) { - c++; - - /* Check for valid escaped characters */ - if (c == end || *c != ',') { - ret = MBEDTLS_ERR_X509_INVALID_NAME; - goto exit; + if (!in_attr_type && ((*c == ',' && *(c-1) != '\\') || c == end)) { + if (s == c) { + mbedtls_free(oid.p); + return MBEDTLS_ERR_X509_INVALID_NAME; + } else if (*s == '#') { + /* We know that c >= s (loop invariant) and c != s (in this + * else branch), hence c - s - 1 >= 0. */ + parse_ret = parse_attribute_value_hex_der_encoded( + s + 1, c - s - 1, + data, sizeof(data), &data_len, &tag); + if (parse_ret != 0) { + mbedtls_free(oid.p); + return parse_ret; + } + } else { + if (numericoid) { + mbedtls_free(oid.p); + return MBEDTLS_ERR_X509_INVALID_NAME; + } else { + if ((parse_ret = + parse_attribute_value_string(s, (int) (c - s), data, + &data_len)) != 0) { + mbedtls_free(oid.p); + return parse_ret; + } + tag = attr_descr->default_tag; + } } - } else if (!in_tag && (*c == ',' || c == end)) { - mbedtls_asn1_named_data *cur = - mbedtls_asn1_store_named_data(head, oid, strlen(oid), - (unsigned char *) data, - d - data); + mbedtls_asn1_named_data *cur = + mbedtls_asn1_store_named_data(head, (char *) oid.p, oid.len, + (unsigned char *) data, + data_len); + mbedtls_free(oid.p); + oid.p = NULL; if (cur == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; } // set tagType - cur->val.tag = attr_descr->default_tag; + cur->val.tag = tag; while (c < end && *(c + 1) == ' ') { c++; } s = c + 1; - in_tag = 1; + in_attr_type = 1; + + /* Successfully parsed one name, update ret to success */ + ret = 0; } - - if (!in_tag && s != c + 1) { - *(d++) = *c; - - if (d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE) { - ret = MBEDTLS_ERR_X509_INVALID_NAME; - goto exit; - } - } - c++; } - -exit: - + if (oid.p != NULL) { + mbedtls_free(oid.p); + } return ret; } @@ -282,9 +470,11 @@ int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, const char *oid, size_t oid_len, - unsigned char *sig, size_t size) + unsigned char *sig, size_t size, + mbedtls_pk_type_t pk_alg) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int write_null_par; size_t len = 0; if (*p < start || (size_t) (*p - start) < size) { @@ -307,8 +497,19 @@ int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, // Write OID // - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(p, start, oid, - oid_len, 0)); + if (pk_alg == MBEDTLS_PK_ECDSA) { + /* + * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature + * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and + * https://www.rfc-editor.org/rfc/rfc5758#section-3. + */ + write_null_par = 0; + } else { + write_null_par = 1; + } + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_algorithm_identifier_ext(p, start, oid, oid_len, + 0, write_null_par)); return (int) len; } diff --git a/library/x509_crl.c b/library/x509_crl.c index f6442030d..79ace8fa0 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -587,8 +587,7 @@ int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path) ret = mbedtls_x509_crl_parse(chain, buf, n); - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } @@ -704,14 +703,12 @@ void mbedtls_x509_crl_free(mbedtls_x509_crl *crl) while (entry_cur != NULL) { entry_prv = entry_cur; entry_cur = entry_cur->next; - mbedtls_platform_zeroize(entry_prv, + mbedtls_zeroize_and_free(entry_prv, sizeof(mbedtls_x509_crl_entry)); - mbedtls_free(entry_prv); } if (crl_cur->raw.p != NULL) { - mbedtls_platform_zeroize(crl_cur->raw.p, crl_cur->raw.len); - mbedtls_free(crl_cur->raw.p); + mbedtls_zeroize_and_free(crl_cur->raw.p, crl_cur->raw.len); } crl_prv = crl_cur; diff --git a/library/x509_crt.c b/library/x509_crt.c index 033009797..e9153e710 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -46,9 +46,10 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" +#include "md_psa.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#include "hash_info.h" +#include "pk_internal.h" #include "mbedtls/platform.h" @@ -58,6 +59,7 @@ #if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) +#define WIN32_LEAN_AND_MEAN #include #else #include @@ -101,7 +103,7 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 0xFFFFFFF, /* Any PK alg */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Curves at or above 128-bit security level. Note that this selection * should be aligned with ssl_preset_default_curves in ssl_tls.c. */ MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) | @@ -111,9 +113,9 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default = MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP384R1) | MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_BP512R1) | 0, -#else +#else /* MBEDTLS_PK_HAVE_ECC_KEYS */ 0, -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ 2048, }; @@ -152,13 +154,13 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb = /* Only ECDSA */ MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECDSA) | MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_ECKEY), -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Only NIST P-256 and P-384 */ MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP256R1) | MBEDTLS_X509_ID_FLAG(MBEDTLS_ECP_DP_SECP384R1), -#else +#else /* MBEDTLS_PK_HAVE_ECC_KEYS */ 0, -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ 0, }; @@ -226,13 +228,13 @@ static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile, return -1; } -#endif +#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_alg == MBEDTLS_PK_ECDSA || pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) { - const mbedtls_ecp_group_id gid = mbedtls_pk_ec(*pk)->grp.id; + const mbedtls_ecp_group_id gid = mbedtls_pk_get_group_id(pk); if (gid == MBEDTLS_ECP_DP_NONE) { return -1; @@ -244,7 +246,7 @@ static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile, return -1; } -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ return -1; } @@ -562,53 +564,6 @@ static int x509_get_basic_constraints(unsigned char **p, return 0; } -static int x509_get_ns_cert_type(unsigned char **p, - const unsigned char *end, - unsigned char *ns_cert_type) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_x509_bitstring bs = { 0, 0, NULL }; - - if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - if (bs.len != 1) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH); - } - - /* Get actual bitstring */ - *ns_cert_type = *bs.p; - return 0; -} - -static int x509_get_key_usage(unsigned char **p, - const unsigned char *end, - unsigned int *key_usage) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i; - mbedtls_x509_bitstring bs = { 0, 0, NULL }; - - if ((ret = mbedtls_asn1_get_bitstring(p, end, &bs)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - if (bs.len < 1) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_LENGTH); - } - - /* Get actual bitstring */ - *key_usage = 0; - for (i = 0; i < bs.len && i < sizeof(unsigned int); i++) { - *key_usage |= (unsigned int) bs.p[i] << (8*i); - } - - return 0; -} - /* * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId * @@ -634,43 +589,50 @@ static int x509_get_ext_key_usage(unsigned char **p, } /* - * SubjectAltName ::= GeneralNames + * SubjectKeyIdentifier ::= KeyIdentifier * - * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName - * - * GeneralName ::= CHOICE { - * otherName [0] OtherName, - * rfc822Name [1] IA5String, - * dNSName [2] IA5String, - * x400Address [3] ORAddress, - * directoryName [4] Name, - * ediPartyName [5] EDIPartyName, - * uniformResourceIdentifier [6] IA5String, - * iPAddress [7] OCTET STRING, - * registeredID [8] OBJECT IDENTIFIER } - * - * OtherName ::= SEQUENCE { - * type-id OBJECT IDENTIFIER, - * value [0] EXPLICIT ANY DEFINED BY type-id } - * - * EDIPartyName ::= SEQUENCE { - * nameAssigner [0] DirectoryString OPTIONAL, - * partyName [1] DirectoryString } - * - * NOTE: we list all types, but only use dNSName and otherName - * of type HwModuleName, as defined in RFC 4108, at this point. + * KeyIdentifier ::= OCTET STRING */ -static int x509_get_subject_alt_name(unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *subject_alt_name) +static int x509_get_subject_key_id(unsigned char **p, + const unsigned char *end, + mbedtls_x509_buf *subject_key_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len, tag_len; - mbedtls_asn1_buf *buf; - unsigned char tag; - mbedtls_asn1_sequence *cur = subject_alt_name; + size_t len = 0u; + + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + subject_key_id->len = len; + subject_key_id->tag = MBEDTLS_ASN1_OCTET_STRING; + subject_key_id->p = *p; + *p += len; + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + return 0; +} + +/* + * AuthorityKeyIdentifier ::= SEQUENCE { + * keyIdentifier [0] KeyIdentifier OPTIONAL, + * authorityCertIssuer [1] GeneralNames OPTIONAL, + * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } + * + * KeyIdentifier ::= OCTET STRING + */ +static int x509_get_authority_key_id(unsigned char **p, + unsigned char *end, + mbedtls_x509_authority *authority_key_id) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len = 0u; - /* Get main sequence tag */ if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); @@ -681,65 +643,54 @@ static int x509_get_subject_alt_name(unsigned char **p, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - while (*p < end) { - mbedtls_x509_subject_alternative_name dummy_san_buf; - memset(&dummy_san_buf, 0, sizeof(dummy_san_buf)); + ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC); - tag = **p; - (*p)++; - if ((ret = mbedtls_asn1_get_len(p, end, &tag_len)) != 0) { + /* KeyIdentifier is an OPTIONAL field */ + if (ret == 0) { + authority_key_id->keyIdentifier.len = len; + authority_key_id->keyIdentifier.p = *p; + /* Setting tag of the keyIdentfier intentionally to 0x04. + * Although the .keyIdentfier field is CONTEXT_SPECIFIC ([0] OPTIONAL), + * its tag with the content is the payload of on OCTET STRING primitive */ + authority_key_id->keyIdentifier.tag = MBEDTLS_ASN1_OCTET_STRING; + + *p += len; + } else if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if (*p < end) { + /* Getting authorityCertIssuer using the required specific class tag [1] */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | + 1)) != 0) { + /* authorityCertIssuer and authorityCertSerialNumber MUST both + be present or both be absent. At this point we expect to have both. */ return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } - - if ((tag & MBEDTLS_ASN1_TAG_CLASS_MASK) != - MBEDTLS_ASN1_CONTEXT_SPECIFIC) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); - } - - /* - * Check that the SAN is structured correctly. - */ - ret = mbedtls_x509_parse_subject_alt_name(&(cur->buf), &dummy_san_buf); - /* - * In case the extension is malformed, return an error, - * and clear the allocated sequences. - */ - if (ret != 0 && ret != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { - mbedtls_asn1_sequence_free(subject_alt_name->next); - subject_alt_name->next = NULL; + /* "end" also includes the CertSerialNumber field so "len" shall be used */ + ret = mbedtls_x509_get_subject_alt_name_ext(p, + (*p+len), + &authority_key_id->authorityCertIssuer); + if (ret != 0) { return ret; } - /* Allocate and assign next pointer */ - if (cur->buf.p != NULL) { - if (cur->next != NULL) { - return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; - } - - cur->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); - - if (cur->next == NULL) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_ALLOC_FAILED); - } - - cur = cur->next; + /* Getting authorityCertSerialNumber using the required specific class tag [2] */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } - - buf = &(cur->buf); - buf->tag = tag; - buf->p = *p; - buf->len = tag_len; - *p += buf->len; + authority_key_id->authorityCertSerialNumber.len = len; + authority_key_id->authorityCertSerialNumber.p = *p; + authority_key_id->authorityCertSerialNumber.tag = MBEDTLS_ASN1_INTEGER; + *p += len; } - /* Set final sequence entry's next pointer to NULL */ - cur->next = NULL; - if (*p != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } return 0; @@ -1029,8 +980,8 @@ static int x509_get_crt_ext(unsigned char **p, case MBEDTLS_X509_EXT_KEY_USAGE: /* Parse key usage */ - if ((ret = x509_get_key_usage(p, end_ext_octet, - &crt->key_usage)) != 0) { + if ((ret = mbedtls_x509_get_key_usage(p, end_ext_octet, + &crt->key_usage)) != 0) { return ret; } break; @@ -1043,18 +994,35 @@ static int x509_get_crt_ext(unsigned char **p, } break; + case MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER: + /* Parse subject key identifier */ + if ((ret = x509_get_subject_key_id(p, end_ext_data, + &crt->subject_key_id)) != 0) { + return ret; + } + break; + + case MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER: + /* Parse authority key identifier */ + if ((ret = x509_get_authority_key_id(p, end_ext_octet, + &crt->authority_key_id)) != 0) { + return ret; + } + break; case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: - /* Parse subject alt name */ - if ((ret = x509_get_subject_alt_name(p, end_ext_octet, - &crt->subject_alt_names)) != 0) { + /* Parse subject alt name + * SubjectAltName ::= GeneralNames + */ + if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_octet, + &crt->subject_alt_names)) != 0) { return ret; } break; case MBEDTLS_X509_EXT_NS_CERT_TYPE: /* Parse netscape certificate type */ - if ((ret = x509_get_ns_cert_type(p, end_ext_octet, - &crt->ns_cert_type)) != 0) { + if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_octet, + &crt->ns_cert_type)) != 0) { return ret; } break; @@ -1558,8 +1526,7 @@ int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path) ret = mbedtls_x509_crt_parse(chain, buf, n); - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } @@ -1588,6 +1555,11 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path) p = filename + len; filename[len++] = '*'; + /* + * Note this function uses the code page CP_ACP which is the system default + * ANSI codepage. The input string is always described in BYTES and the + * output length is described in WCHARs. + */ w_ret = MultiByteToWideChar(CP_ACP, 0, filename, (int) len, szDir, MAX_PATH - 3); if (w_ret == 0) { @@ -1606,11 +1578,8 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path) if (file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { continue; } - w_ret = WideCharToMultiByte(CP_ACP, 0, file_data.cFileName, - lstrlenW(file_data.cFileName), - p, (int) len - 1, - NULL, NULL); + -1, p, (int) len, NULL, NULL); if (w_ret == 0) { ret = MBEDTLS_ERR_X509_FILE_IO_ERROR; goto cleanup; @@ -1652,10 +1621,10 @@ cleanup: memset(&sb, 0, sizeof(sb)); while ((entry = readdir(dir)) != NULL) { - snp_ret = mbedtls_snprintf(entry_name, sizeof entry_name, + snp_ret = mbedtls_snprintf(entry_name, sizeof(entry_name), "%s/%s", path, entry->d_name); - if (snp_ret < 0 || (size_t) snp_ret >= sizeof entry_name) { + if (snp_ret < 0 || (size_t) snp_ret >= sizeof(entry_name)) { ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; goto cleanup; } else if (stat(entry_name, &sb) == -1) { @@ -1703,318 +1672,27 @@ cleanup: } #endif /* MBEDTLS_FS_IO */ -/* - * OtherName ::= SEQUENCE { - * type-id OBJECT IDENTIFIER, - * value [0] EXPLICIT ANY DEFINED BY type-id } - * - * HardwareModuleName ::= SEQUENCE { - * hwType OBJECT IDENTIFIER, - * hwSerialNum OCTET STRING } - * - * NOTE: we currently only parse and use otherName of type HwModuleName, - * as defined in RFC 4108. - */ -static int x509_get_other_name(const mbedtls_x509_buf *subject_alt_name, - mbedtls_x509_san_other_name *other_name) -{ - int ret = 0; - size_t len; - unsigned char *p = subject_alt_name->p; - const unsigned char *end = p + subject_alt_name->len; - mbedtls_x509_buf cur_oid; - - if ((subject_alt_name->tag & - (MBEDTLS_ASN1_TAG_CLASS_MASK | MBEDTLS_ASN1_TAG_VALUE_MASK)) != - (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME)) { - /* - * The given subject alternative name is not of type "othername". - */ - return MBEDTLS_ERR_X509_BAD_INPUT_DATA; - } - - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_OID)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - cur_oid.tag = MBEDTLS_ASN1_OID; - cur_oid.p = p; - cur_oid.len = len; - - /* - * Only HwModuleName is currently supported. - */ - if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, &cur_oid) != 0) { - return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; - } - - if (p + len >= end) { - mbedtls_platform_zeroize(other_name, sizeof(*other_name)); - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - } - p += len; - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) != - 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - other_name->value.hardware_module_name.oid.tag = MBEDTLS_ASN1_OID; - other_name->value.hardware_module_name.oid.p = p; - other_name->value.hardware_module_name.oid.len = len; - - if (p + len >= end) { - mbedtls_platform_zeroize(other_name, sizeof(*other_name)); - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - } - p += len; - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_OCTET_STRING)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); - } - - other_name->value.hardware_module_name.val.tag = MBEDTLS_ASN1_OCTET_STRING; - other_name->value.hardware_module_name.val.p = p; - other_name->value.hardware_module_name.val.len = len; - p += len; - if (p != end) { - mbedtls_platform_zeroize(other_name, - sizeof(*other_name)); - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - } - return 0; -} - -int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - switch (san_buf->tag & - (MBEDTLS_ASN1_TAG_CLASS_MASK | - MBEDTLS_ASN1_TAG_VALUE_MASK)) { - /* - * otherName - */ - case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_OTHER_NAME): - { - mbedtls_x509_san_other_name other_name; - - ret = x509_get_other_name(san_buf, &other_name); - if (ret != 0) { - return ret; - } - - memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); - san->type = MBEDTLS_X509_SAN_OTHER_NAME; - memcpy(&san->san.other_name, - &other_name, sizeof(other_name)); - - } - break; - - /* - * dNSName - */ - case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DNS_NAME): - { - memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name)); - san->type = MBEDTLS_X509_SAN_DNS_NAME; - - memcpy(&san->san.unstructured_name, - san_buf, sizeof(*san_buf)); - - } - break; - - /* - * Type not supported - */ - default: - return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; - } - return 0; -} - #if !defined(MBEDTLS_X509_REMOVE_INFO) -static int x509_info_subject_alt_name(char **buf, size_t *size, - const mbedtls_x509_sequence - *subject_alt_name, - const char *prefix) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t i; - size_t n = *size; - char *p = *buf; - const mbedtls_x509_sequence *cur = subject_alt_name; - mbedtls_x509_subject_alternative_name san; - int parse_ret; +#define PRINT_ITEM(i) \ + do { \ + ret = mbedtls_snprintf(p, n, "%s" i, sep); \ + MBEDTLS_X509_SAFE_SNPRINTF; \ + sep = ", "; \ + } while (0) - while (cur != NULL) { - memset(&san, 0, sizeof(san)); - parse_ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); - if (parse_ret != 0) { - if (parse_ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { - ret = mbedtls_snprintf(p, n, "\n%s ", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - } else { - ret = mbedtls_snprintf(p, n, "\n%s ", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - } - cur = cur->next; - continue; - } +#define CERT_TYPE(type, name) \ + do { \ + if (ns_cert_type & (type)) { \ + PRINT_ITEM(name); \ + } \ + } while (0) - switch (san.type) { - /* - * otherName - */ - case MBEDTLS_X509_SAN_OTHER_NAME: - { - mbedtls_x509_san_other_name *other_name = &san.san.other_name; - - ret = mbedtls_snprintf(p, n, "\n%s otherName :", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - - if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, - &other_name->value.hardware_module_name.oid) != 0) { - ret = mbedtls_snprintf(p, n, "\n%s hardware module name :", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - ret = - mbedtls_snprintf(p, n, "\n%s hardware type : ", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = mbedtls_oid_get_numeric_string(p, - n, - &other_name->value.hardware_module_name.oid); - MBEDTLS_X509_SAFE_SNPRINTF; - - ret = - mbedtls_snprintf(p, n, "\n%s hardware serial number : ", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - - for (i = 0; i < other_name->value.hardware_module_name.val.len; i++) { - ret = mbedtls_snprintf(p, - n, - "%02X", - other_name->value.hardware_module_name.val.p[i]); - MBEDTLS_X509_SAFE_SNPRINTF; - } - }/* MBEDTLS_OID_ON_HW_MODULE_NAME */ - } - break; - - /* - * dNSName - */ - case MBEDTLS_X509_SAN_DNS_NAME: - { - ret = mbedtls_snprintf(p, n, "\n%s dNSName : ", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - if (san.san.unstructured_name.len >= n) { - *p = '\0'; - return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; - } - - memcpy(p, san.san.unstructured_name.p, san.san.unstructured_name.len); - p += san.san.unstructured_name.len; - n -= san.san.unstructured_name.len; - } - break; - - /* - * Type not supported, skip item. - */ - default: - ret = mbedtls_snprintf(p, n, "\n%s ", prefix); - MBEDTLS_X509_SAFE_SNPRINTF; - break; - } - - cur = cur->next; - } - - *p = '\0'; - - *size = n; - *buf = p; - - return 0; -} - -#define PRINT_ITEM(i) \ - { \ - ret = mbedtls_snprintf(p, n, "%s" i, sep); \ - MBEDTLS_X509_SAFE_SNPRINTF; \ - sep = ", "; \ - } - -#define CERT_TYPE(type, name) \ - if (ns_cert_type & (type)) \ - PRINT_ITEM(name); - -static int x509_info_cert_type(char **buf, size_t *size, - unsigned char ns_cert_type) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n = *size; - char *p = *buf; - const char *sep = ""; - - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT, "SSL Client"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER, "SSL Server"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL, "Email"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING, "Object Signing"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_RESERVED, "Reserved"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_SSL_CA, "SSL CA"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA, "Email CA"); - CERT_TYPE(MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA, "Object Signing CA"); - - *size = n; - *buf = p; - - return 0; -} - -#define KEY_USAGE(code, name) \ - if (key_usage & (code)) \ - PRINT_ITEM(name); - -static int x509_info_key_usage(char **buf, size_t *size, - unsigned int key_usage) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n = *size; - char *p = *buf; - const char *sep = ""; - - KEY_USAGE(MBEDTLS_X509_KU_DIGITAL_SIGNATURE, "Digital Signature"); - KEY_USAGE(MBEDTLS_X509_KU_NON_REPUDIATION, "Non Repudiation"); - KEY_USAGE(MBEDTLS_X509_KU_KEY_ENCIPHERMENT, "Key Encipherment"); - KEY_USAGE(MBEDTLS_X509_KU_DATA_ENCIPHERMENT, "Data Encipherment"); - KEY_USAGE(MBEDTLS_X509_KU_KEY_AGREEMENT, "Key Agreement"); - KEY_USAGE(MBEDTLS_X509_KU_KEY_CERT_SIGN, "Key Cert Sign"); - KEY_USAGE(MBEDTLS_X509_KU_CRL_SIGN, "CRL Sign"); - KEY_USAGE(MBEDTLS_X509_KU_ENCIPHER_ONLY, "Encipher Only"); - KEY_USAGE(MBEDTLS_X509_KU_DECIPHER_ONLY, "Decipher Only"); - - *size = n; - *buf = p; - - return 0; -} +#define KEY_USAGE(code, name) \ + do { \ + if (key_usage & (code)) { \ + PRINT_ITEM(name); \ + } \ + } while (0) static int x509_info_ext_key_usage(char **buf, size_t *size, const mbedtls_x509_sequence *extended_key_usage) @@ -2167,9 +1845,9 @@ int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, ret = mbedtls_snprintf(p, n, "\n%ssubject alt name :", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if ((ret = x509_info_subject_alt_name(&p, &n, - &crt->subject_alt_names, - prefix)) != 0) { + if ((ret = mbedtls_x509_info_subject_alt_name(&p, &n, + &crt->subject_alt_names, + prefix)) != 0) { return ret; } } @@ -2178,7 +1856,7 @@ int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, ret = mbedtls_snprintf(p, n, "\n%scert. type : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if ((ret = x509_info_cert_type(&p, &n, crt->ns_cert_type)) != 0) { + if ((ret = mbedtls_x509_info_cert_type(&p, &n, crt->ns_cert_type)) != 0) { return ret; } } @@ -2187,7 +1865,7 @@ int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix, ret = mbedtls_snprintf(p, n, "\n%skey usage : ", prefix); MBEDTLS_X509_SAFE_SNPRINTF; - if ((ret = x509_info_key_usage(&p, &n, crt->key_usage)) != 0) { + if ((ret = mbedtls_x509_info_key_usage(&p, &n, crt->key_usage)) != 0) { return ret; } } @@ -2340,10 +2018,11 @@ int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_ */ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, mbedtls_x509_crl *crl_list, - const mbedtls_x509_crt_profile *profile) + const mbedtls_x509_crt_profile *profile, + const mbedtls_x509_time *now) { int flags = 0; - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_algorithm_t psa_algorithm; #else @@ -2383,7 +2062,7 @@ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, } #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_algorithm = mbedtls_hash_info_psa_from_md(crl_list->sig_md); + psa_algorithm = mbedtls_md_psa_alg_from_type(crl_list->sig_md); if (psa_hash_compute(psa_algorithm, crl_list->tbs.p, crl_list->tbs.len, @@ -2418,16 +2097,20 @@ static int x509_crt_verifycrl(mbedtls_x509_crt *crt, mbedtls_x509_crt *ca, break; } +#if defined(MBEDTLS_HAVE_TIME_DATE) /* * Check for validity of CRL (Do not drop out) */ - if (mbedtls_x509_time_is_past(&crl_list->next_update)) { + if (mbedtls_x509_time_cmp(&crl_list->next_update, now) < 0) { flags |= MBEDTLS_X509_BADCRL_EXPIRED; } - if (mbedtls_x509_time_is_future(&crl_list->this_update)) { + if (mbedtls_x509_time_cmp(&crl_list->this_update, now) > 0) { flags |= MBEDTLS_X509_BADCRL_FUTURE; } +#else + ((void) now); +#endif /* * Check if certificate is revoked @@ -2452,7 +2135,7 @@ static int x509_crt_check_signature(const mbedtls_x509_crt *child, mbedtls_x509_crt_restart_ctx *rs_ctx) { size_t hash_len; - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; #if !defined(MBEDTLS_USE_PSA_CRYPTO) const mbedtls_md_info_t *md_info; md_info = mbedtls_md_info_from_type(child->sig_md); @@ -2463,7 +2146,7 @@ static int x509_crt_check_signature(const mbedtls_x509_crt *child, return -1; } #else - psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md(child->sig_md); + psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(child->sig_md); psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; status = psa_hash_compute(hash_alg, @@ -2585,7 +2268,8 @@ static int x509_crt_find_parent_in( int top, unsigned path_cnt, unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx) + mbedtls_x509_crt_restart_ctx *rs_ctx, + const mbedtls_x509_time *now) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *parent, *fallback_parent; @@ -2648,9 +2332,10 @@ check_signature: continue; } +#if defined(MBEDTLS_HAVE_TIME_DATE) /* optional time check */ - if (mbedtls_x509_time_is_past(&parent->valid_to) || - mbedtls_x509_time_is_future(&parent->valid_from)) { + if (mbedtls_x509_time_cmp(&parent->valid_to, now) < 0 || /* past */ + mbedtls_x509_time_cmp(&parent->valid_from, now) > 0) { /* future */ if (fallback_parent == NULL) { fallback_parent = parent; fallback_signature_is_good = signature_is_good; @@ -2658,6 +2343,9 @@ check_signature: continue; } +#else + ((void) now); +#endif *r_parent = parent; *r_signature_is_good = signature_is_good; @@ -2703,7 +2391,8 @@ static int x509_crt_find_parent( int *signature_is_good, unsigned path_cnt, unsigned self_cnt, - mbedtls_x509_crt_restart_ctx *rs_ctx) + mbedtls_x509_crt_restart_ctx *rs_ctx, + const mbedtls_x509_time *now) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_x509_crt *search_list; @@ -2724,7 +2413,7 @@ static int x509_crt_find_parent( ret = x509_crt_find_parent_in(child, search_list, parent, signature_is_good, *parent_is_trusted, - path_cnt, self_cnt, rs_ctx); + path_cnt, self_cnt, rs_ctx, now); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { @@ -2845,6 +2534,13 @@ static int x509_crt_verify_chain( int signature_is_good; unsigned self_cnt; mbedtls_x509_crt *cur_trust_ca = NULL; + mbedtls_x509_time now; + +#if defined(MBEDTLS_HAVE_TIME_DATE) + if (mbedtls_x509_time_gmtime(mbedtls_time(NULL), &now) != 0) { + return MBEDTLS_ERR_X509_FATAL_ERROR; + } +#endif #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) /* resume if we had an operation in progress */ @@ -2875,14 +2571,16 @@ static int x509_crt_verify_chain( ver_chain->len++; flags = &cur->flags; +#if defined(MBEDTLS_HAVE_TIME_DATE) /* Check time-validity (all certificates) */ - if (mbedtls_x509_time_is_past(&child->valid_to)) { + if (mbedtls_x509_time_cmp(&child->valid_to, &now) < 0) { *flags |= MBEDTLS_X509_BADCERT_EXPIRED; } - if (mbedtls_x509_time_is_future(&child->valid_from)) { + if (mbedtls_x509_time_cmp(&child->valid_from, &now) > 0) { *flags |= MBEDTLS_X509_BADCERT_FUTURE; } +#endif /* Stop here for trusted roots (but not for trusted EE certs) */ if (child_is_trusted) { @@ -2933,7 +2631,8 @@ find_parent: /* Look for a parent in trusted CAs or up the chain */ ret = x509_crt_find_parent(child, cur_trust_ca, &parent, &parent_is_trusted, &signature_is_good, - ver_chain->len - 1, self_cnt, rs_ctx); + ver_chain->len - 1, self_cnt, rs_ctx, + &now); #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) if (rs_ctx != NULL && ret == MBEDTLS_ERR_ECP_IN_PROGRESS) { @@ -2982,7 +2681,7 @@ find_parent: #if defined(MBEDTLS_X509_CRL_PARSE_C) /* Check trusted CA's CRL for the given crt */ - *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile); + *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile, &now); #else (void) ca_crl; #endif @@ -2995,6 +2694,202 @@ find_parent: } } +#ifdef _WIN32 +#ifdef _MSC_VER +#pragma comment(lib, "ws2_32.lib") +#include +#include +#elif (defined(__MINGW32__) || defined(__MINGW64__)) && _WIN32_WINNT >= 0x0600 +#include +#include +#else +/* inet_pton() is not supported, fallback to software version */ +#define MBEDTLS_TEST_SW_INET_PTON +#endif +#elif defined(__sun) +/* Solaris requires -lsocket -lnsl for inet_pton() */ +#elif defined(__has_include) +#if __has_include() +#include +#endif +#if __has_include() +#include +#endif +#endif + +/* Use whether or not AF_INET6 is defined to indicate whether or not to use + * the platform inet_pton() or a local implementation (below). The local + * implementation may be used even in cases where the platform provides + * inet_pton(), e.g. when there are different includes required and/or the + * platform implementation requires dependencies on additional libraries. + * Specifically, Windows requires custom includes and additional link + * dependencies, and Solaris requires additional link dependencies. + * Also, as a coarse heuristic, use the local implementation if the compiler + * does not support __has_include(), or if the definition of AF_INET6 is not + * provided by headers included (or not) via __has_include() above. + * MBEDTLS_TEST_SW_INET_PTON is a bypass define to force testing of this code //no-check-names + * despite having a platform that has inet_pton. */ +#if !defined(AF_INET6) || defined(MBEDTLS_TEST_SW_INET_PTON) //no-check-names +/* Definition located further below to possibly reduce compiler inlining */ +static int x509_inet_pton_ipv4(const char *src, void *dst); + +#define li_cton(c, n) \ + (((n) = (c) - '0') <= 9 || (((n) = ((c)&0xdf) - 'A') <= 5 ? ((n) += 10) : 0)) + +static int x509_inet_pton_ipv6(const char *src, void *dst) +{ + const unsigned char *p = (const unsigned char *) src; + int nonzero_groups = 0, num_digits, zero_group_start = -1; + uint16_t addr[8]; + do { + /* note: allows excess leading 0's, e.g. 1:0002:3:... */ + uint16_t group = num_digits = 0; + for (uint8_t digit; num_digits < 4; num_digits++) { + if (li_cton(*p, digit) == 0) { + break; + } + group = (group << 4) | digit; + p++; + } + if (num_digits != 0) { + MBEDTLS_PUT_UINT16_BE(group, addr, nonzero_groups); + nonzero_groups++; + if (*p == '\0') { + break; + } else if (*p == '.') { + /* Don't accept IPv4 too early or late */ + if ((nonzero_groups == 0 && zero_group_start == -1) || + nonzero_groups >= 7) { + break; + } + + /* Walk back to prior ':', then parse as IPv4-mapped */ + int steps = 4; + do { + p--; + steps--; + } while (*p != ':' && steps > 0); + + if (*p != ':') { + break; + } + p++; + nonzero_groups--; + if (x509_inet_pton_ipv4((const char *) p, + addr + nonzero_groups) != 0) { + break; + } + + nonzero_groups += 2; + p = (const unsigned char *) ""; + break; + } else if (*p != ':') { + return -1; + } + } else { + /* Don't accept a second zero group or an invalid delimiter */ + if (zero_group_start != -1 || *p != ':') { + return -1; + } + zero_group_start = nonzero_groups; + + /* Accept a zero group at start, but it has to be a double colon */ + if (zero_group_start == 0 && *++p != ':') { + return -1; + } + + if (p[1] == '\0') { + ++p; + break; + } + } + ++p; + } while (nonzero_groups < 8); + + if (*p != '\0') { + return -1; + } + + if (zero_group_start != -1) { + if (nonzero_groups > 6) { + return -1; + } + int zero_groups = 8 - nonzero_groups; + int groups_after_zero = nonzero_groups - zero_group_start; + + /* Move the non-zero part to after the zeroes */ + if (groups_after_zero) { + memmove(addr + zero_group_start + zero_groups, + addr + zero_group_start, + groups_after_zero * sizeof(*addr)); + } + memset(addr + zero_group_start, 0, zero_groups * sizeof(*addr)); + } else { + if (nonzero_groups != 8) { + return -1; + } + } + memcpy(dst, addr, sizeof(addr)); + return 0; +} + +static int x509_inet_pton_ipv4(const char *src, void *dst) +{ + const unsigned char *p = (const unsigned char *) src; + uint8_t *res = (uint8_t *) dst; + uint8_t digit, num_digits = 0; + uint8_t num_octets = 0; + uint16_t octet; + + do { + octet = num_digits = 0; + do { + digit = *p - '0'; + if (digit > 9) { + break; + } + + /* Don't allow leading zeroes. These might mean octal format, + * which this implementation does not support. */ + if (octet == 0 && num_digits > 0) { + return -1; + } + + octet = octet * 10 + digit; + num_digits++; + p++; + } while (num_digits < 3); + + if (octet >= 256 || num_digits > 3 || num_digits == 0) { + return -1; + } + *res++ = (uint8_t) octet; + num_octets++; + } while (num_octets < 4 && *p++ == '.'); + return num_octets == 4 && *p == '\0' ? 0 : -1; +} + +#else + +static int x509_inet_pton_ipv6(const char *src, void *dst) +{ + return inet_pton(AF_INET6, src, dst) == 1 ? 0 : -1; +} + +static int x509_inet_pton_ipv4(const char *src, void *dst) +{ + return inet_pton(AF_INET, src, dst) == 1 ? 0 : -1; +} + +#endif /* !AF_INET6 || MBEDTLS_TEST_SW_INET_PTON */ //no-check-names + +size_t mbedtls_x509_crt_parse_cn_inet_pton(const char *cn, void *dst) +{ + return strchr(cn, ':') == NULL + ? x509_inet_pton_ipv4(cn, dst) == 0 ? 4 : 0 + : x509_inet_pton_ipv6(cn, dst) == 0 ? 16 : 0; +} + /* * Check for CN match */ @@ -3015,23 +2910,80 @@ static int x509_crt_check_cn(const mbedtls_x509_buf *name, return -1; } +static int x509_crt_check_san_ip(const mbedtls_x509_sequence *san, + const char *cn, size_t cn_len) +{ + uint32_t ip[4]; + cn_len = mbedtls_x509_crt_parse_cn_inet_pton(cn, ip); + if (cn_len == 0) { + return -1; + } + + for (const mbedtls_x509_sequence *cur = san; cur != NULL; cur = cur->next) { + const unsigned char san_type = (unsigned char) cur->buf.tag & + MBEDTLS_ASN1_TAG_VALUE_MASK; + if (san_type == MBEDTLS_X509_SAN_IP_ADDRESS && + cur->buf.len == cn_len && memcmp(cur->buf.p, ip, cn_len) == 0) { + return 0; + } + } + + return -1; +} + +static int x509_crt_check_san_uri(const mbedtls_x509_sequence *san, + const char *cn, size_t cn_len) +{ + for (const mbedtls_x509_sequence *cur = san; cur != NULL; cur = cur->next) { + const unsigned char san_type = (unsigned char) cur->buf.tag & + MBEDTLS_ASN1_TAG_VALUE_MASK; + if (san_type == MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER && + cur->buf.len == cn_len && memcmp(cur->buf.p, cn, cn_len) == 0) { + return 0; + } + } + + return -1; +} + /* * Check for SAN match, see RFC 5280 Section 4.2.1.6 */ -static int x509_crt_check_san(const mbedtls_x509_buf *name, +static int x509_crt_check_san(const mbedtls_x509_sequence *san, const char *cn, size_t cn_len) { - const unsigned char san_type = (unsigned char) name->tag & - MBEDTLS_ASN1_TAG_VALUE_MASK; - - /* dNSName */ - if (san_type == MBEDTLS_X509_SAN_DNS_NAME) { - return x509_crt_check_cn(name, cn, cn_len); + int san_ip = 0; + int san_uri = 0; + /* Prioritize DNS name over other subtypes due to popularity */ + for (const mbedtls_x509_sequence *cur = san; cur != NULL; cur = cur->next) { + switch ((unsigned char) cur->buf.tag & MBEDTLS_ASN1_TAG_VALUE_MASK) { + case MBEDTLS_X509_SAN_DNS_NAME: + if (x509_crt_check_cn(&cur->buf, cn, cn_len) == 0) { + return 0; + } + break; + case MBEDTLS_X509_SAN_IP_ADDRESS: + san_ip = 1; + break; + case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: + san_uri = 1; + break; + /* (We may handle other types here later.) */ + default: /* Unrecognized type */ + break; + } + } + if (san_ip) { + if (x509_crt_check_san_ip(san, cn, cn_len) == 0) { + return 0; + } + } + if (san_uri) { + if (x509_crt_check_san_uri(san, cn, cn_len) == 0) { + return 0; + } } - /* (We may handle other types here later.) */ - - /* Unrecognized type */ return -1; } @@ -3043,31 +2995,23 @@ static void x509_crt_verify_name(const mbedtls_x509_crt *crt, uint32_t *flags) { const mbedtls_x509_name *name; - const mbedtls_x509_sequence *cur; size_t cn_len = strlen(cn); if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { - for (cur = &crt->subject_alt_names; cur != NULL; cur = cur->next) { - if (x509_crt_check_san(&cur->buf, cn, cn_len) == 0) { - break; - } - } - - if (cur == NULL) { - *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; + if (x509_crt_check_san(&crt->subject_alt_names, cn, cn_len) == 0) { + return; } } else { for (name = &crt->subject; name != NULL; name = name->next) { if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid) == 0 && x509_crt_check_cn(&name->val, cn, cn_len) == 0) { - break; + return; } } - if (name == NULL) { - *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; - } } + + *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH; } /* @@ -3308,10 +3252,10 @@ void mbedtls_x509_crt_free(mbedtls_x509_crt *crt) mbedtls_asn1_sequence_free(cert_cur->ext_key_usage.next); mbedtls_asn1_sequence_free(cert_cur->subject_alt_names.next); mbedtls_asn1_sequence_free(cert_cur->certificate_policies.next); + mbedtls_asn1_sequence_free(cert_cur->authority_key_id.authorityCertIssuer.next); if (cert_cur->raw.p != NULL && cert_cur->own_buffer) { - mbedtls_platform_zeroize(cert_cur->raw.p, cert_cur->raw.len); - mbedtls_free(cert_cur->raw.p); + mbedtls_zeroize_and_free(cert_cur->raw.p, cert_cur->raw.len); } cert_prv = cert_cur; diff --git a/library/x509_csr.c b/library/x509_csr.c index 0c664d908..0b2bb6f3b 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -69,6 +69,165 @@ static int x509_csr_get_version(unsigned char **p, return 0; } +/* + * Parse CSR extension requests in DER format + */ +static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, + unsigned char **p, const unsigned char *end) +{ + int ret; + size_t len; + unsigned char *end_ext_data; + while (*p < end) { + mbedtls_x509_buf extn_oid = { 0, 0, NULL }; + int ext_type = 0; + + /* Read sequence tag */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + end_ext_data = *p + len; + + /* Get extension ID */ + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &extn_oid.len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + extn_oid.tag = MBEDTLS_ASN1_OID; + extn_oid.p = *p; + *p += extn_oid.len; + + /* Data should be octet string type */ + if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, + MBEDTLS_ASN1_OCTET_STRING)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if (*p + len != end_ext_data) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + /* + * Detect supported extensions and skip unsupported extensions + */ + ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type); + + if (ret == 0) { + /* Forbid repeated extensions */ + if ((csr->ext_types & ext_type) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_DATA); + } + + csr->ext_types |= ext_type; + + switch (ext_type) { + case MBEDTLS_X509_EXT_KEY_USAGE: + /* Parse key usage */ + if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data, + &csr->key_usage)) != 0) { + return ret; + } + break; + + case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: + /* Parse subject alt name */ + if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data, + &csr->subject_alt_names)) != 0) { + return ret; + } + break; + + case MBEDTLS_X509_EXT_NS_CERT_TYPE: + /* Parse netscape certificate type */ + if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data, + &csr->ns_cert_type)) != 0) { + return ret; + } + break; + default: + break; + } + } + *p = end_ext_data; + } + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + return 0; +} + +/* + * Parse CSR attributes in DER format + */ +static int x509_csr_parse_attributes(mbedtls_x509_csr *csr, + const unsigned char *start, const unsigned char *end) +{ + int ret; + size_t len; + unsigned char *end_attr_data; + unsigned char **p = (unsigned char **) &start; + + while (*p < end) { + mbedtls_x509_buf attr_oid = { 0, 0, NULL }; + + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + end_attr_data = *p + len; + + /* Get attribute ID */ + if ((ret = mbedtls_asn1_get_tag(p, end_attr_data, &attr_oid.len, + MBEDTLS_ASN1_OID)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + attr_oid.tag = MBEDTLS_ASN1_OID; + attr_oid.p = *p; + *p += attr_oid.len; + + /* Check that this is an extension-request attribute */ + if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS9_CSR_EXT_REQ, &attr_oid) == 0) { + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != + 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } + + if ((ret = x509_csr_parse_extensions(csr, p, *p + len)) != 0) { + return ret; + } + + if (*p != end_attr_data) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + } + + *p = end_attr_data; + } + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + return 0; +} + /* * Parse a CSR in DER format */ @@ -197,6 +356,11 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } + if ((ret = x509_csr_parse_attributes(csr, p, p + len)) != 0) { + mbedtls_x509_csr_free(csr); + return ret; + } + p += len; end = csr->raw.p + csr->raw.len; @@ -296,8 +460,7 @@ int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path) ret = mbedtls_x509_csr_parse(csr, buf, n); - mbedtls_platform_zeroize(buf, n); - mbedtls_free(buf); + mbedtls_zeroize_and_free(buf, n); return ret; } @@ -345,6 +508,44 @@ int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix, (int) mbedtls_pk_get_bitlen(&csr->pk)); MBEDTLS_X509_SAFE_SNPRINTF; + /* + * Optional extensions + */ + + if (csr->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { + ret = mbedtls_snprintf(p, n, "\n%ssubject alt name :", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + + if ((ret = mbedtls_x509_info_subject_alt_name(&p, &n, + &csr->subject_alt_names, + prefix)) != 0) { + return ret; + } + } + + if (csr->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE) { + ret = mbedtls_snprintf(p, n, "\n%scert. type : ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + + if ((ret = mbedtls_x509_info_cert_type(&p, &n, csr->ns_cert_type)) != 0) { + return ret; + } + } + + if (csr->ext_types & MBEDTLS_X509_EXT_KEY_USAGE) { + ret = mbedtls_snprintf(p, n, "\n%skey usage : ", prefix); + MBEDTLS_X509_SAFE_SNPRINTF; + + if ((ret = mbedtls_x509_info_key_usage(&p, &n, csr->key_usage)) != 0) { + return ret; + } + } + + if (csr->ext_types != 0) { + ret = mbedtls_snprintf(p, n, "\n"); + MBEDTLS_X509_SAFE_SNPRINTF; + } + return (int) (size - n); } #endif /* MBEDTLS_X509_REMOVE_INFO */ @@ -373,10 +574,10 @@ void mbedtls_x509_csr_free(mbedtls_x509_csr *csr) #endif mbedtls_asn1_free_named_data_list_shallow(csr->subject.next); + mbedtls_asn1_sequence_free(csr->subject_alt_names.next); if (csr->raw.p != NULL) { - mbedtls_platform_zeroize(csr->raw.p, csr->raw.len); - mbedtls_free(csr->raw.p); + mbedtls_zeroize_and_free(csr->raw.p, csr->raw.len); } mbedtls_platform_zeroize(csr, sizeof(mbedtls_x509_csr)); diff --git a/library/x509write.c b/library/x509write.c new file mode 100644 index 000000000..cd3c7394d --- /dev/null +++ b/library/x509write.c @@ -0,0 +1,186 @@ +/* + * X.509 internal, common functions for writing + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "common.h" +#if defined(MBEDTLS_X509_CSR_WRITE_C) || defined(MBEDTLS_X509_CRT_WRITE_C) + +#include "mbedtls/x509_crt.h" +#include "mbedtls/asn1write.h" +#include "mbedtls/error.h" +#include "mbedtls/oid.h" +#include "mbedtls/platform.h" +#include "mbedtls/platform_util.h" +#include "mbedtls/md.h" + +#include +#include + +#if defined(MBEDTLS_PEM_WRITE_C) +#include "mbedtls/pem.h" +#endif /* MBEDTLS_PEM_WRITE_C */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#include "mbedtls/psa_util.h" +#include "md_psa.h" +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#define CHECK_OVERFLOW_ADD(a, b) \ + do \ + { \ + if (a > SIZE_MAX - (b)) \ + { \ + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; \ + } \ + a += b; \ + } while (0) + +int mbedtls_x509_write_set_san_common(mbedtls_asn1_named_data **extensions, + const mbedtls_x509_san_list *san_list) +{ + int ret = 0; + const mbedtls_x509_san_list *cur; + unsigned char *buf; + unsigned char *p; + size_t len; + size_t buflen = 0; + + /* Determine the maximum size of the SubjectAltName list */ + for (cur = san_list; cur != NULL; cur = cur->next) { + /* Calculate size of the required buffer */ + switch (cur->node.type) { + case MBEDTLS_X509_SAN_DNS_NAME: + case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: + case MBEDTLS_X509_SAN_IP_ADDRESS: + case MBEDTLS_X509_SAN_RFC822_NAME: + /* length of value for each name entry, + * maximum 4 bytes for the length field, + * 1 byte for the tag/type. + */ + CHECK_OVERFLOW_ADD(buflen, cur->node.san.unstructured_name.len); + CHECK_OVERFLOW_ADD(buflen, 4 + 1); + break; + case MBEDTLS_X509_SAN_DIRECTORY_NAME: + { + const mbedtls_asn1_named_data *chunk = &cur->node.san.directory_name; + while (chunk != NULL) { + // Max 4 bytes for length, +1 for tag, + // additional 4 max for length, +1 for tag. + // See x509_write_name for more information. + CHECK_OVERFLOW_ADD(buflen, 4 + 1 + 4 + 1); + CHECK_OVERFLOW_ADD(buflen, chunk->oid.len); + CHECK_OVERFLOW_ADD(buflen, chunk->val.len); + chunk = chunk->next; + } + CHECK_OVERFLOW_ADD(buflen, 4 + 1); + break; + } + default: + /* Not supported - return. */ + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } + } + + /* Add the extra length field and tag */ + CHECK_OVERFLOW_ADD(buflen, 4 + 1); + + /* Allocate buffer */ + buf = mbedtls_calloc(1, buflen); + if (buf == NULL) { + return MBEDTLS_ERR_ASN1_ALLOC_FAILED; + } + p = buf + buflen; + + /* Write ASN.1-based structure */ + cur = san_list; + len = 0; + while (cur != NULL) { + size_t single_san_len = 0; + switch (cur->node.type) { + case MBEDTLS_X509_SAN_DNS_NAME: + case MBEDTLS_X509_SAN_RFC822_NAME: + case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER: + case MBEDTLS_X509_SAN_IP_ADDRESS: + { + const unsigned char *unstructured_name = + (const unsigned char *) cur->node.san.unstructured_name.p; + size_t unstructured_name_len = cur->node.san.unstructured_name.len; + + MBEDTLS_ASN1_CHK_CLEANUP_ADD(single_san_len, + mbedtls_asn1_write_raw_buffer( + &p, buf, + unstructured_name, unstructured_name_len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(single_san_len, mbedtls_asn1_write_len( + &p, buf, unstructured_name_len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(single_san_len, + mbedtls_asn1_write_tag( + &p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | cur->node.type)); + } + break; + case MBEDTLS_X509_SAN_DIRECTORY_NAME: + MBEDTLS_ASN1_CHK_CLEANUP_ADD(single_san_len, + mbedtls_x509_write_names(&p, buf, + (mbedtls_asn1_named_data *) & + cur->node + .san.directory_name)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(single_san_len, + mbedtls_asn1_write_len(&p, buf, single_san_len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(single_san_len, + mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_X509_SAN_DIRECTORY_NAME)); + break; + default: + /* Error out on an unsupported SAN */ + ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + goto cleanup; + } + cur = cur->next; + /* check for overflow */ + if (len > SIZE_MAX - single_san_len) { + ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; + goto cleanup; + } + len += single_san_len; + } + + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, mbedtls_asn1_write_len(&p, buf, len)); + MBEDTLS_ASN1_CHK_CLEANUP_ADD(len, + mbedtls_asn1_write_tag(&p, buf, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + ret = mbedtls_x509_set_extension(extensions, + MBEDTLS_OID_SUBJECT_ALT_NAME, + MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME), + 0, + buf + buflen - len, len); + + /* If we exceeded the allocated buffer it means that maximum size of the SubjectAltName list + * was incorrectly calculated and memory is corrupted. */ + if (p < buf) { + ret = MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } +cleanup: + mbedtls_free(buf); + return ret; +} + +#endif /* MBEDTLS_X509_CSR_WRITE_C || MBEDTLS_X509_CRT_WRITE_C */ diff --git a/library/x509write_crt.c b/library/x509write_crt.c index febd0e6f3..a8a3022cb 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -31,10 +31,12 @@ #include "mbedtls/asn1write.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" +#include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/sha1.h" +#include "mbedtls/md.h" #include +#include #if defined(MBEDTLS_PEM_WRITE_C) #include "mbedtls/pem.h" @@ -42,24 +44,19 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" +#include "md_psa.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#include "hash_info.h" -#include "mbedtls/legacy_or_psa.h" - void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx) { memset(ctx, 0, sizeof(mbedtls_x509write_cert)); - mbedtls_mpi_init(&ctx->serial); ctx->version = MBEDTLS_X509_CRT_VERSION_3; } void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx) { - mbedtls_mpi_free(&ctx->serial); - mbedtls_asn1_free_named_data_list(&ctx->subject); mbedtls_asn1_free_named_data_list(&ctx->issuer); mbedtls_asn1_free_named_data_list(&ctx->extensions); @@ -103,17 +100,42 @@ int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx, return mbedtls_x509_string_to_names(&ctx->issuer, issuer_name); } +#if defined(MBEDTLS_BIGNUM_C) && !defined(MBEDTLS_DEPRECATED_REMOVED) int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int ret; + size_t tmp_len; - if ((ret = mbedtls_mpi_copy(&ctx->serial, serial)) != 0) { + /* Ensure that the MPI value fits into the buffer */ + tmp_len = mbedtls_mpi_size(serial); + if (tmp_len > MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + + ctx->serial_len = tmp_len; + + ret = mbedtls_mpi_write_binary(serial, ctx->serial, tmp_len); + if (ret < 0) { return ret; } return 0; } +#endif // MBEDTLS_BIGNUM_C && !MBEDTLS_DEPRECATED_REMOVED + +int mbedtls_x509write_crt_set_serial_raw(mbedtls_x509write_cert *ctx, + unsigned char *serial, size_t serial_len) +{ + if (serial_len > MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + + ctx->serial_len = serial_len; + memcpy(ctx->serial, serial, serial_len); + + return 0; +} int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before, @@ -131,6 +153,13 @@ int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, return 0; } +int mbedtls_x509write_crt_set_subject_alternative_name(mbedtls_x509write_cert *ctx, + const mbedtls_x509_san_list *san_list) +{ + return mbedtls_x509_write_set_san_common(&ctx->extensions, san_list); +} + + int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx, const char *oid, size_t oid_len, int critical, @@ -173,7 +202,7 @@ int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx, is_ca, buf + sizeof(buf) - len, len); } -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA1) static int mbedtls_x509write_crt_set_key_identifier(mbedtls_x509write_cert *ctx, int is_ca, unsigned char tag) @@ -207,8 +236,9 @@ static int mbedtls_x509write_crt_set_key_identifier(mbedtls_x509write_cert *ctx, return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; } #else - ret = mbedtls_sha1(buf + sizeof(buf) - len, len, - buf + sizeof(buf) - 20); + ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), + buf + sizeof(buf) - len, len, + buf + sizeof(buf) - 20); if (ret != 0) { return ret; } @@ -257,7 +287,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *c 1, (MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0)); } -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx, unsigned int key_usage) @@ -404,7 +434,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *c, *c2; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; size_t hash_length = 0; - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_algorithm_t psa_algorithm; @@ -413,6 +443,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; size_t len = 0; mbedtls_pk_type_t pk_alg; + int write_sig_null_par; /* * Prepare data to be signed at the end of the target buffer @@ -504,15 +535,46 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, /* * Signature ::= AlgorithmIdentifier */ + if (pk_alg == MBEDTLS_PK_ECDSA) { + /* + * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature + * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and + * https://www.rfc-editor.org/rfc/rfc5758#section-3. + */ + write_sig_null_par = 0; + } else { + write_sig_null_par = 1; + } MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_algorithm_identifier(&c, buf, - sig_oid, strlen(sig_oid), 0)); + mbedtls_asn1_write_algorithm_identifier_ext(&c, buf, + sig_oid, strlen(sig_oid), + 0, write_sig_null_par)); /* * Serial ::= INTEGER + * + * Written data is: + * - "ctx->serial_len" bytes for the raw serial buffer + * - if MSb of "serial" is 1, then prepend an extra 0x00 byte + * - 1 byte for the length + * - 1 byte for the TAG */ - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_mpi(&c, buf, - &ctx->serial)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(&c, buf, + ctx->serial, ctx->serial_len)); + if (*c & 0x80) { + if (c - buf < 1) { + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + *(--c) = 0x0; + len++; + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, + ctx->serial_len + 1)); + } else { + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, + ctx->serial_len)); + } + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, + MBEDTLS_ASN1_INTEGER)); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } @@ -543,7 +605,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, /* Compute hash of CRT. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_algorithm = mbedtls_hash_info_psa_from_md(ctx->md_alg); + psa_algorithm = mbedtls_md_psa_alg_from_type(ctx->md_alg); status = psa_hash_compute(psa_algorithm, c, @@ -578,8 +640,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, * into the CRT buffer. */ c2 = buf + size; MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c, - sig_oid, sig_oid_len, sig, - sig_len)); + sig_oid, sig_oid_len, + sig, sig_len, pk_alg)); /* * Memory layout after this step: diff --git a/library/x509write_csr.c b/library/x509write_csr.c index d8d8e99ff..d996052ba 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -26,6 +26,7 @@ #if defined(MBEDTLS_X509_CSR_WRITE_C) +#include "mbedtls/x509.h" #include "mbedtls/x509_csr.h" #include "mbedtls/asn1write.h" #include "mbedtls/error.h" @@ -34,9 +35,9 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#include "mbedtls/psa_util.h" +#include "psa_util_internal.h" +#include "md_psa.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#include "hash_info.h" #include #include @@ -85,6 +86,12 @@ int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx, critical, val, val_len); } +int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ctx, + const mbedtls_x509_san_list *san_list) +{ + return mbedtls_x509_write_set_san_common(&ctx->extensions, san_list); +} + int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage) { unsigned char buf[4] = { 0 }; @@ -143,13 +150,13 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx, const char *sig_oid; size_t sig_oid_len = 0; unsigned char *c, *c2; - unsigned char hash[MBEDTLS_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t pub_len = 0, sig_and_oid_len = 0, sig_len; size_t len = 0; mbedtls_pk_type_t pk_alg; #if defined(MBEDTLS_USE_PSA_CRYPTO) size_t hash_len; - psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md(ctx->md_alg); + psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(ctx->md_alg); #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Write the CSR backwards starting from the end of buf */ @@ -263,7 +270,7 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx, c2 = buf + size; MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, buf + len, sig_oid, sig_oid_len, - sig, sig_len)); + sig, sig_len, pk_alg)); /* * Compact the space between the CSR data and signature by moving the diff --git a/programs/.gitignore b/programs/.gitignore index 44e904a95..a641c31c4 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -5,13 +5,6 @@ *.sln *.vcxproj -# Generated source files -/psa/psa_constant_names_generated.c -/test/query_config.c - -*.o -*.exe - aes/crypt_and_hash cipher/cipher_aead_demo hash/generic_sum @@ -64,6 +57,7 @@ test/cpp_dummy_build.cpp test/dlopen test/ecp-bench test/query_compile_time_config +test/query_included_headers test/selftest test/ssl_cert_test test/udp_proxy @@ -77,5 +71,11 @@ x509/crl_app x509/load_roots x509/req_app +###START_GENERATED_FILES### +# Generated source files +/psa/psa_constant_names_generated.c +/test/query_config.c + # Generated data files pkey/keyfile.key +###END_GENERATED_FILES### diff --git a/programs/Makefile b/programs/Makefile index fdfece72a..116883b83 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -45,7 +45,7 @@ endif ifdef WINDOWS_BUILD DLEXT=dll EXEXT=.exe -LOCAL_LDFLAGS += -lws2_32 +LOCAL_LDFLAGS += -lws2_32 -lbcrypt ifdef SHARED SHARED_SUFFIX=.$(DLEXT) endif @@ -109,6 +109,7 @@ APPS = \ psa/hmac_demo \ psa/key_ladder_demo \ psa/psa_constant_names \ + psa/psa_hash \ random/gen_entropy \ random/gen_random_ctr_drbg \ ssl/dtls_client \ @@ -123,6 +124,7 @@ APPS = \ ssl/ssl_server2 \ test/benchmark \ test/query_compile_time_config \ + test/query_included_headers \ test/selftest \ test/udp_proxy \ test/zeroize \ @@ -175,22 +177,30 @@ ${MBEDTLS_TEST_OBJS}: GENERATED_FILES = psa/psa_constant_names_generated.c test/query_config.c generated_files: $(GENERATED_FILES) -psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py -psa/psa_constant_names_generated.c: ../include/psa/crypto_values.h -psa/psa_constant_names_generated.c: ../include/psa/crypto_extra.h -psa/psa_constant_names_generated.c: ../tests/suites/test_suite_psa_crypto_metadata.data +# See root Makefile +GEN_FILES ?= yes +ifdef GEN_FILES +gen_file_dep = +else +gen_file_dep = | +endif + +psa/psa_constant_names_generated.c: $(gen_file_dep) ../scripts/generate_psa_constants.py +psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_values.h +psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_extra.h +psa/psa_constant_names_generated.c: $(gen_file_dep) ../tests/suites/test_suite_psa_crypto_metadata.data psa/psa_constant_names_generated.c: echo " Gen $@" $(PYTHON) ../scripts/generate_psa_constants.py -test/query_config.c: ../scripts/generate_query_config.pl +test/query_config.c: $(gen_file_dep) ../scripts/generate_query_config.pl ## The generated file only depends on the options that are present in mbedtls_config.h, ## not on which options are set. To avoid regenerating this file all the time ## when switching between configurations, don't declare mbedtls_config.h as a ## dependency. Remove this file from your working tree if you've just added or ## removed an option in mbedtls_config.h. -#test/query_config.c: ../include/mbedtls/mbedtls_config.h -test/query_config.c: ../scripts/data_files/query_config.fmt +#test/query_config.c: $(gen_file_dep) ../include/mbedtls/mbedtls_config.h +test/query_config.c: $(gen_file_dep) ../scripts/data_files/query_config.fmt test/query_config.c: echo " Gen $@" $(PERL) ../scripts/generate_query_config.pl @@ -315,6 +325,10 @@ psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c psa/psa_constant_names_ echo " CC psa/psa_constant_names.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +psa/psa_hash$(EXEXT): psa/psa_hash.c $(DEP) + echo " CC psa/psa_hash.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP) echo " CC random/gen_entropy.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -403,6 +417,10 @@ test/query_config.o: test/query_config.c test/query_config.h $(DEP) echo " CC test/query_config.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@ +test/query_included_headers$(EXEXT): test/query_included_headers.c $(DEP) + echo " CC test/query_included_headers.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/query_included_headers.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + test/selftest$(EXEXT): test/selftest.c $(DEP) echo " CC test/selftest.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/selftest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 0187648be..1d9b522a3 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -88,6 +88,9 @@ int main(int argc, char *argv[]) const mbedtls_md_info_t *md_info; mbedtls_cipher_context_t cipher_ctx; mbedtls_md_context_t md_ctx; + mbedtls_cipher_mode_t cipher_mode; + unsigned int cipher_block_size; + unsigned char md_size; #if defined(_WIN32_WCE) long filesize, offset; #elif defined(_WIN32) @@ -235,6 +238,9 @@ int main(int argc, char *argv[]) goto exit; } + md_size = mbedtls_md_get_size(md_info); + cipher_block_size = mbedtls_cipher_get_block_size(&cipher_ctx); + if (mode == MODE_ENCRYPT) { /* * Generate the initialization vector as: @@ -329,9 +335,9 @@ int main(int argc, char *argv[]) /* * Encrypt and write the ciphertext. */ - for (offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size(&cipher_ctx)) { - ilen = ((unsigned int) filesize - offset > mbedtls_cipher_get_block_size(&cipher_ctx)) ? - mbedtls_cipher_get_block_size(&cipher_ctx) : (unsigned int) (filesize - offset); + for (offset = 0; offset < filesize; offset += cipher_block_size) { + ilen = ((unsigned int) filesize - offset > cipher_block_size) ? + cipher_block_size : (unsigned int) (filesize - offset); if (fread(buffer, 1, ilen, fin) != ilen) { mbedtls_fprintf(stderr, "fread(%ld bytes) failed\n", (long) ilen); @@ -376,8 +382,8 @@ int main(int argc, char *argv[]) goto exit; } - if (fwrite(digest, 1, mbedtls_md_get_size(md_info), fout) != mbedtls_md_get_size(md_info)) { - mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", mbedtls_md_get_size(md_info)); + if (fwrite(digest, 1, md_size, fout) != md_size) { + mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", md_size); goto exit; } } @@ -392,12 +398,12 @@ int main(int argc, char *argv[]) * N*16 .. (N+1)*16 - 1 Encrypted Block #N * (N+1)*16 .. (N+1)*16 + n Hash(ciphertext) */ - if (filesize < 16 + mbedtls_md_get_size(md_info)) { + if (filesize < 16 + md_size) { mbedtls_fprintf(stderr, "File too short to be encrypted.\n"); goto exit; } - if (mbedtls_cipher_get_block_size(&cipher_ctx) == 0) { + if (cipher_block_size == 0) { mbedtls_fprintf(stderr, "Invalid cipher block size: 0. \n"); goto exit; } @@ -405,18 +411,21 @@ int main(int argc, char *argv[]) /* * Check the file size. */ - if (mbedtls_cipher_info_get_mode(cipher_info) != MBEDTLS_MODE_GCM && - ((filesize - mbedtls_md_get_size(md_info)) % - mbedtls_cipher_get_block_size(&cipher_ctx)) != 0) { + cipher_mode = mbedtls_cipher_info_get_mode(cipher_info); + if (cipher_mode != MBEDTLS_MODE_GCM && + cipher_mode != MBEDTLS_MODE_CTR && + cipher_mode != MBEDTLS_MODE_CFB && + cipher_mode != MBEDTLS_MODE_OFB && + ((filesize - md_size) % cipher_block_size) != 0) { mbedtls_fprintf(stderr, "File content not a multiple of the block size (%u).\n", - mbedtls_cipher_get_block_size(&cipher_ctx)); + cipher_block_size); goto exit; } /* * Subtract the IV + HMAC length. */ - filesize -= (16 + mbedtls_md_get_size(md_info)); + filesize -= (16 + md_size); /* * Read the IV and original filesize modulo 16. @@ -480,13 +489,13 @@ int main(int argc, char *argv[]) /* * Decrypt and write the plaintext. */ - for (offset = 0; offset < filesize; offset += mbedtls_cipher_get_block_size(&cipher_ctx)) { - ilen = ((unsigned int) filesize - offset > mbedtls_cipher_get_block_size(&cipher_ctx)) ? - mbedtls_cipher_get_block_size(&cipher_ctx) : (unsigned int) (filesize - offset); + for (offset = 0; offset < filesize; offset += cipher_block_size) { + ilen = ((unsigned int) filesize - offset > cipher_block_size) ? + cipher_block_size : (unsigned int) (filesize - offset); if (fread(buffer, 1, ilen, fin) != ilen) { mbedtls_fprintf(stderr, "fread(%u bytes) failed\n", - mbedtls_cipher_get_block_size(&cipher_ctx)); + cipher_block_size); goto exit; } @@ -514,14 +523,14 @@ int main(int argc, char *argv[]) goto exit; } - if (fread(buffer, 1, mbedtls_md_get_size(md_info), fin) != mbedtls_md_get_size(md_info)) { - mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", mbedtls_md_get_size(md_info)); + if (fread(buffer, 1, md_size, fin) != md_size) { + mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", md_size); goto exit; } /* Use constant-time buffer comparison */ diff = 0; - for (i = 0; i < mbedtls_md_get_size(md_info); i++) { + for (i = 0; i < md_size; i++) { diff |= digest[i] ^ buffer[i]; } diff --git a/programs/fuzz/Makefile b/programs/fuzz/Makefile index 8477aa8cb..b4fc76ae1 100644 --- a/programs/fuzz/Makefile +++ b/programs/fuzz/Makefile @@ -27,6 +27,10 @@ ifdef FUZZINGENGINE LOCAL_LDFLAGS += -lFuzzingEngine endif +ifdef WINDOWS_BUILD +LOCAL_LDFLAGS += -lbcrypt +endif + # A test application is built for each suites/test_suite_*.data file. # Application name is same as .data file's base name and can be # constructed by stripping path 'suites/' and extension .data. diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index 75021bb2f..98aa4037b 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -13,7 +13,7 @@ mbedtls_time_t dummy_constant_time(mbedtls_time_t *time) } #endif -void dummy_init() +void dummy_init(void) { #if defined(MBEDTLS_PLATFORM_TIME_ALT) mbedtls_platform_set_time(dummy_constant_time); diff --git a/programs/fuzz/common.h b/programs/fuzz/common.h index bc817bd76..094383c7a 100644 --- a/programs/fuzz/common.h +++ b/programs/fuzz/common.h @@ -15,7 +15,7 @@ typedef struct fuzzBufferOffset { #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time(mbedtls_time_t *time); #endif -void dummy_init(); +void dummy_init(void); int dummy_send(void *ctx, const unsigned char *buf, size_t len); int fuzz_recv(void *ctx, unsigned char *buf, size_t len); diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c index 56a5efe78..d4e1d74cd 100644 --- a/programs/fuzz/fuzz_client.c +++ b/programs/fuzz/fuzz_client.c @@ -78,6 +78,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, (const unsigned char *) pers, strlen(pers)) != 0) { goto exit; @@ -175,6 +182,9 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/programs/fuzz/fuzz_dtlsclient.c b/programs/fuzz/fuzz_dtlsclient.c index a58f6f45b..365902684 100644 --- a/programs/fuzz/fuzz_dtlsclient.c +++ b/programs/fuzz/fuzz_dtlsclient.c @@ -61,6 +61,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + srand(1); if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, (const unsigned char *) pers, strlen(pers)) != 0) { @@ -119,6 +126,9 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c index 007838565..1632e9df6 100644 --- a/programs/fuzz/fuzz_dtlsserver.c +++ b/programs/fuzz/fuzz_dtlsserver.c @@ -11,14 +11,13 @@ #include "mbedtls/ctr_drbg.h" #include "mbedtls/timing.h" #include "mbedtls/ssl_cookie.h" -#include "mbedtls/legacy_or_psa.h" #if defined(MBEDTLS_SSL_SRV_C) && \ defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) && \ defined(MBEDTLS_TIMING_C) && \ - (defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + (defined(MBEDTLS_MD_CAN_SHA384) || \ + defined(MBEDTLS_MD_CAN_SHA256)) const char *pers = "fuzz_dtlsserver"; const unsigned char client_ip[4] = { 0x7F, 0, 0, 1 }; static int initialized = 0; @@ -36,8 +35,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) defined(MBEDTLS_ENTROPY_C) && \ defined(MBEDTLS_CTR_DRBG_C) && \ defined(MBEDTLS_TIMING_C) && \ - (defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) || \ - defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)) + (defined(MBEDTLS_MD_CAN_SHA384) || \ + defined(MBEDTLS_MD_CAN_SHA256)) int ret; size_t len; mbedtls_ssl_context ssl; @@ -51,6 +50,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); +#endif + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ssl_cookie_init(&cookie_ctx); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, (const unsigned char *) pers, strlen(pers)) != 0) { @@ -59,8 +72,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) if (initialized == 0) { #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init(&srvcert); - mbedtls_pk_init(&pkey); + if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, mbedtls_test_srv_crt_len) != 0) { return 1; @@ -79,9 +91,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) initialized = 1; } - mbedtls_ssl_init(&ssl); - mbedtls_ssl_config_init(&conf); - mbedtls_ssl_cookie_init(&cookie_ctx); if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, @@ -155,9 +164,16 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) exit: mbedtls_ssl_cookie_free(&cookie_ctx); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) + mbedtls_pk_free(&pkey); + mbedtls_x509_crt_free(&srvcert); +#endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); mbedtls_ssl_free(&ssl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c index 39c23e21e..ce7562488 100644 --- a/programs/fuzz/fuzz_privkey.c +++ b/programs/fuzz/fuzz_privkey.c @@ -30,13 +30,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); + mbedtls_pk_init(&pk); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, (const unsigned char *) pers, strlen(pers)) != 0) { - return 1; + goto exit; } - mbedtls_pk_init(&pk); ret = mbedtls_pk_parse_key(&pk, Data, Size, NULL, 0, dummy_random, &ctr_drbg); if (ret == 0) { @@ -83,7 +90,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) abort(); } } +exit: + mbedtls_entropy_free(&entropy); + mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_pubkey.c b/programs/fuzz/fuzz_pubkey.c index 7f5e4aa0b..9203b4e61 100644 --- a/programs/fuzz/fuzz_pubkey.c +++ b/programs/fuzz/fuzz_pubkey.c @@ -11,6 +11,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) mbedtls_pk_context pk; mbedtls_pk_init(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ ret = mbedtls_pk_parse_public_key(&pk, Data, Size); if (ret == 0) { #if defined(MBEDTLS_RSA_C) @@ -66,6 +72,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) abort(); } } +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_pk_free(&pk); #else (void) Data; diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c index cd021e1b4..e7678590a 100644 --- a/programs/fuzz/fuzz_server.c +++ b/programs/fuzz/fuzz_server.c @@ -58,6 +58,21 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) + mbedtls_x509_crt_init(&srvcert); + mbedtls_pk_init(&pkey); +#endif + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) + mbedtls_ssl_ticket_init(&ticket_ctx); +#endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ if (mbedtls_ctr_drbg_seed(&ctr_drbg, dummy_entropy, &entropy, (const unsigned char *) pers, strlen(pers)) != 0) { @@ -67,8 +82,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) if (initialized == 0) { #if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) - mbedtls_x509_crt_init(&srvcert); - mbedtls_pk_init(&pkey); if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt, mbedtls_test_srv_crt_len) != 0) { return 1; @@ -92,11 +105,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) initialized = 1; } - mbedtls_ssl_init(&ssl); - mbedtls_ssl_config_init(&conf); -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) - mbedtls_ssl_ticket_init(&ticket_ctx); -#endif if (mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, @@ -193,8 +201,14 @@ exit: mbedtls_entropy_free(&entropy); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_ssl_config_free(&conf); +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) + mbedtls_x509_crt_free(&srvcert); + mbedtls_pk_free(&pkey); +#endif mbedtls_ssl_free(&ssl); - +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif #else (void) Data; (void) Size; diff --git a/programs/fuzz/fuzz_x509crl.c b/programs/fuzz/fuzz_x509crl.c index 6ff0c05b2..313540d76 100644 --- a/programs/fuzz/fuzz_x509crl.c +++ b/programs/fuzz/fuzz_x509crl.c @@ -11,6 +11,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) unsigned char buf[4096]; mbedtls_x509_crl_init(&crl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ ret = mbedtls_x509_crl_parse(&crl, Data, Size); #if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { @@ -20,6 +26,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) ((void) ret); ((void) buf); #endif /* !MBEDTLS_X509_REMOVE_INFO */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_x509_crl_free(&crl); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509crt.c b/programs/fuzz/fuzz_x509crt.c index 858c1ffe3..8442090cd 100644 --- a/programs/fuzz/fuzz_x509crt.c +++ b/programs/fuzz/fuzz_x509crt.c @@ -11,6 +11,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) unsigned char buf[4096]; mbedtls_x509_crt_init(&crt); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ ret = mbedtls_x509_crt_parse(&crt, Data, Size); #if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { @@ -20,6 +26,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) ((void) ret); ((void) buf); #endif /* !MBEDTLS_X509_REMOVE_INFO */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_x509_crt_free(&crt); #else (void) Data; diff --git a/programs/fuzz/fuzz_x509csr.c b/programs/fuzz/fuzz_x509csr.c index 39fb4cb0d..395d3c28e 100644 --- a/programs/fuzz/fuzz_x509csr.c +++ b/programs/fuzz/fuzz_x509csr.c @@ -11,6 +11,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) unsigned char buf[4096]; mbedtls_x509_csr_init(&csr); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ ret = mbedtls_x509_csr_parse(&csr, Data, Size); #if !defined(MBEDTLS_X509_REMOVE_INFO) if (ret == 0) { @@ -20,6 +26,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) ((void) ret); ((void) buf); #endif /* !MBEDTLS_X509_REMOVE_INFO */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +exit: + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_x509_csr_free(&csr); #else (void) Data; diff --git a/programs/fuzz/onefile.c b/programs/fuzz/onefile.c index 4f80cdcec..3b2709f80 100644 --- a/programs/fuzz/onefile.c +++ b/programs/fuzz/onefile.c @@ -14,34 +14,48 @@ int main(int argc, char **argv) FILE *fp; uint8_t *Data; size_t Size; + const char *argv0 = argv[0] == NULL ? "PROGRAM_NAME" : argv[0]; if (argc != 2) { + fprintf(stderr, "Usage: %s REPRODUCER_FILE\n", argv0); return 1; } //opens the file, get its size, and reads it into a buffer fp = fopen(argv[1], "rb"); if (fp == NULL) { + fprintf(stderr, "%s: Error in fopen\n", argv0); + perror(argv[1]); return 2; } if (fseek(fp, 0L, SEEK_END) != 0) { + fprintf(stderr, "%s: Error in fseek(SEEK_END)\n", argv0); + perror(argv[1]); fclose(fp); return 2; } Size = ftell(fp); if (Size == (size_t) -1) { + fprintf(stderr, "%s: Error in ftell\n", argv0); + perror(argv[1]); fclose(fp); return 2; } if (fseek(fp, 0L, SEEK_SET) != 0) { + fprintf(stderr, "%s: Error in fseek(0)\n", argv0); + perror(argv[1]); fclose(fp); return 2; } Data = malloc(Size); if (Data == NULL) { + fprintf(stderr, "%s: Could not allocate memory\n", argv0); + perror(argv[1]); fclose(fp); return 2; } if (fread(Data, Size, 1, fp) != 1) { + fprintf(stderr, "%s: Error in fread\n", argv0); + perror(argv[1]); free(Data); fclose(fp); return 2; diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index e2e49e343..995694af0 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -169,7 +169,7 @@ int main(int argc, char *argv[]) mbedtls_md_init(&md_ctx); - if (argc == 1) { + if (argc < 2) { const int *list; mbedtls_printf("print mode: generic_sum ...\n"); diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index bc58a153c..5a2c30fc2 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -20,12 +20,14 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) + defined(MBEDTLS_MD_CAN_SHA1) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" @@ -43,15 +45,15 @@ #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_SHA1_C) int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); mbedtls_exit(0); } #else @@ -280,5 +282,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && + MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 25371ba9e..1f4cd59ee 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -71,7 +71,7 @@ int main(int argc, char **argv) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); - if (argc == 0) { + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 2514fc05c..c940be0c0 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -20,12 +20,14 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) + defined(MBEDTLS_MD_CAN_SHA1) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" @@ -43,15 +45,15 @@ #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ !defined(MBEDTLS_SHA1_C) int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); mbedtls_exit(0); } #else @@ -302,5 +304,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && + MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index d880a1a0a..980441707 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -74,7 +74,7 @@ int main(int argc, char *argv[]) if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, - sizeof pers)) != 0) { + sizeof(pers))) != 0) { mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret); goto exit; diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index be2ca90b5..953c14450 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -73,7 +73,7 @@ static void dump_pubkey(const char *title, mbedtls_ecdsa_context *key) size_t len; if (mbedtls_ecp_point_write_binary(&key->MBEDTLS_PRIVATE(grp), &key->MBEDTLS_PRIVATE(Q), - MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf) != 0) { + MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof(buf)) != 0) { mbedtls_printf("internal error\n"); return; } diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 85ee4358a..99e88505c 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -180,7 +180,9 @@ int main(int argc, char *argv[]) char buf[1024]; int i; char *p, *q; +#if defined(MBEDTLS_RSA_C) mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; +#endif /* MBEDTLS_RSA_C */ mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "gen_key"; @@ -191,16 +193,26 @@ int main(int argc, char *argv[]) /* * Set to sane values */ - +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); +#endif /* MBEDTLS_RSA_C */ mbedtls_pk_init(&key); mbedtls_ctr_drbg_init(&ctr_drbg); memset(buf, 0, sizeof(buf)); - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); #if defined(MBEDTLS_ECP_C) @@ -400,13 +412,18 @@ exit: #endif } +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); +#endif /* MBEDTLS_RSA_C */ mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 8ed88dafb..cd16e3320 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -99,11 +99,20 @@ int main(int argc, char *argv[]) mbedtls_pk_init(&pk); memset(buf, 0, sizeof(buf)); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto cleanup; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); - if (argc == 0) { + if (argc < 2) { usage: mbedtls_printf(USAGE); goto cleanup; @@ -305,8 +314,10 @@ cleanup: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); - mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 2dbb79efe..179094cb5 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -203,7 +203,9 @@ int main(int argc, char *argv[]) mbedtls_ctr_drbg_context ctr_drbg; mbedtls_pk_context key; +#if defined(MBEDTLS_RSA_C) mbedtls_mpi N, P, Q, D, E, DP, DQ, QP; +#endif /* MBEDTLS_RSA_C */ /* * Set to sane values @@ -216,11 +218,22 @@ int main(int argc, char *argv[]) memset(buf, 0, sizeof(buf)); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP); mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP); +#endif /* MBEDTLS_RSA_C */ - if (argc == 0) { + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; @@ -414,14 +427,19 @@ exit: #endif } +#if defined(MBEDTLS_RSA_C) mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP); mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP); +#endif /* MBEDTLS_RSA_C */ mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index 88626364e..f60c946ed 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -67,6 +67,15 @@ int main(int argc, char *argv[]) memset(result, 0, sizeof(result)); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc != 2) { mbedtls_printf("usage: mbedtls_pk_decrypt \n"); @@ -139,6 +148,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_entropy_free(&entropy); mbedtls_ctr_drbg_free(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index eab3f086a..04e5cc702 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -63,6 +63,15 @@ int main(int argc, char *argv[]) mbedtls_entropy_init(&entropy); mbedtls_pk_init(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc != 3) { mbedtls_printf("usage: mbedtls_pk_encrypt \n"); @@ -140,6 +149,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_entropy_free(&entropy); mbedtls_ctr_drbg_free(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 21a75e927..57bd796c8 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -20,15 +20,17 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_MD_C and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); @@ -38,7 +40,6 @@ int main(void) #include "mbedtls/error.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" -#include "mbedtls/md.h" #include "mbedtls/pk.h" #include @@ -62,6 +63,15 @@ int main(int argc, char *argv[]) mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_pk_init(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc != 3) { mbedtls_printf("usage: mbedtls_pk_sign \n"); @@ -139,6 +149,9 @@ exit: mbedtls_pk_free(&pk); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { @@ -150,5 +163,5 @@ exit: mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && + MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index b1fd1b646..bca985b14 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -20,21 +20,22 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_PK_PARSE_C) || \ !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or " + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_PK_PARSE_C and/or " "MBEDTLS_FS_IO not defined.\n"); mbedtls_exit(0); } #else #include "mbedtls/error.h" -#include "mbedtls/md.h" #include "mbedtls/pk.h" #include @@ -54,6 +55,15 @@ int main(int argc, char *argv[]) mbedtls_pk_init(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc != 3) { mbedtls_printf("usage: mbedtls_pk_verify \n"); @@ -113,6 +123,9 @@ int main(int argc, char *argv[]) exit: mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_ERROR_C) if (exit_code != MBEDTLS_EXIT_SUCCESS) { @@ -123,5 +136,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index a8418d145..64375e9e7 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -20,21 +20,22 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO not defined.\n"); mbedtls_exit(0); } #else #include "mbedtls/rsa.h" -#include "mbedtls/md.h" #include #include @@ -162,5 +163,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 19ab962e4..999669e66 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -20,15 +20,17 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_RSA_C and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); @@ -37,7 +39,6 @@ int main(void) #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" -#include "mbedtls/md.h" #include "mbedtls/rsa.h" #include "mbedtls/pk.h" @@ -63,6 +64,15 @@ int main(int argc, char *argv[]) mbedtls_pk_init(&pk); mbedtls_ctr_drbg_init(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc != 3) { mbedtls_printf("usage: rsa_sign_pss \n"); @@ -152,9 +162,12 @@ exit: mbedtls_pk_free(&pk); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C && - MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && + MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 9c08435cd..d525010df 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -20,21 +20,22 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \ - !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ + !defined(MBEDTLS_MD_CAN_SHA256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n"); + "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO not defined.\n"); mbedtls_exit(0); } #else #include "mbedtls/rsa.h" -#include "mbedtls/md.h" #include #include @@ -138,5 +139,5 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_FS_IO */ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index df61e4712..8a1fb5908 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -20,15 +20,17 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or " - "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_RSA_C and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or " "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); @@ -38,7 +40,6 @@ int main(void) #include "mbedtls/md.h" #include "mbedtls/pem.h" #include "mbedtls/pk.h" -#include "mbedtls/md.h" #include #include @@ -57,6 +58,15 @@ int main(int argc, char *argv[]) mbedtls_pk_init(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc != 3) { mbedtls_printf("usage: rsa_verify_pss \n"); @@ -128,8 +138,11 @@ int main(int argc, char *argv[]) exit: mbedtls_pk_free(&pk); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } -#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && +#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */ diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index 7ba4af63d..c8ee626d8 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -4,6 +4,7 @@ set(executables hmac_demo key_ladder_demo psa_constant_names + psa_hash ) if(GEN_FILES) diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index f5c31de5d..a79fac640 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -62,13 +62,13 @@ #include /* If the build options we need are not enabled, compile a placeholder. */ -#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \ +#if !defined(PSA_WANT_ALG_SHA_256) || !defined(MBEDTLS_MD_C) || \ !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) || \ !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO) || \ defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) int main(void) { - printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or " + printf("PSA_WANT_ALG_SHA_256 and/or MBEDTLS_MD_C and/or " "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or " "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO " "not defined and/or MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER " @@ -698,6 +698,6 @@ usage_failure: usage(); return EXIT_FAILURE; } -#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && +#endif /* PSA_WANT_ALG_SHA_256 && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */ diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index 67de08537..e21d1abf0 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -17,9 +17,27 @@ set -e -u -program="${0%/*}"/key_ladder_demo +program_name="key_ladder_demo" +program="${0%/*}/$program_name" files_to_clean= +if [ ! -e "$program" ]; then + # Look for programs in the current directory and the directories above it + for dir in "." ".." "../.."; do + program="$dir/programs/psa/$program_name" + if [ -e "$program" ]; then + break + fi + done + if [ ! -e "$program" ]; then + echo "Could not find $program_name executable" + + echo "If building out-of-tree, this script must be run" \ + "from the project build directory." + exit 1 + fi +fi + run () { echo echo "# $1" diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c new file mode 100644 index 000000000..d3a6bf857 --- /dev/null +++ b/programs/psa/psa_hash.c @@ -0,0 +1,171 @@ +/* + * Example computing a SHA-256 hash using the PSA Crypto API + * + * The example computes the SHA-256 hash of a test string using the + * one-shot API call psa_hash_compute() and the using multi-part + * operation, which requires psa_hash_setup(), psa_hash_update() and + * psa_hash_finish(). The multi-part operation is popular on embedded + * devices where a rolling hash needs to be computed. + * + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "psa/crypto.h" +#include +#include +#include + +#include "mbedtls/build_info.h" +#include "mbedtls/platform.h" + +/* Information about hashing with the PSA API can be + * found here: + * https://arm-software.github.io/psa-api/crypto/1.1/api/ops/hashes.html + * + * The algorithm used by this demo is SHA 256. + * Please see include/psa/crypto_values.h to see the other + * algorithms that are supported by Mbed TLS. + * If you switch to a different algorithm you will need to update + * the hash data in the EXAMPLE_HASH_VALUE macro below. */ + +#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) +int main(void) +{ + mbedtls_printf("MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256" + "not defined.\r\n"); + return EXIT_SUCCESS; +} +#else + +#define HASH_ALG PSA_ALG_SHA_256 + +const uint8_t sample_message[] = "Hello World!"; +/* sample_message is terminated with a null byte which is not part of + * the message itself so we make sure to subtract it in order to get + * the message length. */ +const size_t sample_message_length = sizeof(sample_message) - 1; + +#define EXPECTED_HASH_VALUE { \ + 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, \ + 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, \ + 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69 \ +} + +const uint8_t expected_hash[] = EXPECTED_HASH_VALUE; +const size_t expected_hash_len = sizeof(expected_hash); + +int main(void) +{ + psa_status_t status; + uint8_t hash[PSA_HASH_LENGTH(HASH_ALG)]; + size_t hash_length; + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t cloned_hash_operation = PSA_HASH_OPERATION_INIT; + + mbedtls_printf("PSA Crypto API: SHA-256 example\n\n"); + + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_printf("psa_crypto_init failed\n"); + return EXIT_FAILURE; + } + + /* Compute hash using multi-part operation */ + status = psa_hash_setup(&hash_operation, HASH_ALG); + if (status == PSA_ERROR_NOT_SUPPORTED) { + mbedtls_printf("unknown hash algorithm supplied\n"); + return EXIT_FAILURE; + } else if (status != PSA_SUCCESS) { + mbedtls_printf("psa_hash_setup failed\n"); + return EXIT_FAILURE; + } + + status = psa_hash_update(&hash_operation, sample_message, sample_message_length); + if (status != PSA_SUCCESS) { + mbedtls_printf("psa_hash_update failed\n"); + goto cleanup; + } + + status = psa_hash_clone(&hash_operation, &cloned_hash_operation); + if (status != PSA_SUCCESS) { + mbedtls_printf("PSA hash clone failed\n"); + goto cleanup; + } + + status = psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_length); + if (status != PSA_SUCCESS) { + mbedtls_printf("psa_hash_finish failed\n"); + goto cleanup; + } + + /* Check the result of the operation against the sample */ + if (hash_length != expected_hash_len || + (memcmp(hash, expected_hash, expected_hash_len) != 0)) { + mbedtls_printf("Multi-part hash operation gave the wrong result!\n\n"); + goto cleanup; + } + + status = + psa_hash_verify(&cloned_hash_operation, expected_hash, + expected_hash_len); + if (status != PSA_SUCCESS) { + mbedtls_printf("psa_hash_verify failed\n"); + goto cleanup; + } else { + mbedtls_printf("Multi-part hash operation successful!\n"); + } + + /* Clear local variables prior to one-shot hash demo */ + memset(hash, 0, sizeof(hash)); + hash_length = 0; + + /* Compute hash using one-shot function call */ + status = psa_hash_compute(HASH_ALG, + sample_message, sample_message_length, + hash, sizeof(hash), + &hash_length); + if (status != PSA_SUCCESS) { + mbedtls_printf("psa_hash_compute failed\n"); + goto cleanup; + } + + if (hash_length != expected_hash_len || + (memcmp(hash, expected_hash, expected_hash_len) != 0)) { + mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); + goto cleanup; + } + + mbedtls_printf("One-shot hash operation successful!\n\n"); + + /* Print out result */ + mbedtls_printf("The SHA-256( '%s' ) is: ", sample_message); + + for (size_t j = 0; j < expected_hash_len; j++) { + mbedtls_printf("%02x", hash[j]); + } + + mbedtls_printf("\n"); + + mbedtls_psa_crypto_free(); + return EXIT_SUCCESS; + +cleanup: + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); + return EXIT_FAILURE; +} +#endif /* !MBEDTLS_PSA_CRYPTO_C || !PSA_WANT_ALG_SHA_256 */ diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index 44a135f3e..f0abcabc7 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -109,11 +109,21 @@ int main(int argc, char *argv[]) mbedtls_ssl_config_init(&conf); mbedtls_x509_crt_init(&cacert); mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_printf("\n . Seeding the random number generator..."); fflush(stdout); - mbedtls_entropy_init(&entropy); if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers))) != 0) { @@ -284,7 +294,6 @@ send_request: case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: mbedtls_printf(" connection was closed gracefully\n"); - ret = 0; goto close_notify; default: @@ -324,12 +333,14 @@ exit: #endif mbedtls_net_free(&server_fd); - mbedtls_x509_crt_free(&cacert); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Shell can not handle large exit numbers -> 1 for errors */ if (ret < 0) { diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 6f8c8415f..b11a4f5b4 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -119,6 +119,16 @@ int main(void) mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_DEBUG_C) mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif @@ -253,7 +263,7 @@ reset: mbedtls_ssl_session_reset(&ssl); /* - * 3. Wait until a client connects + * 5. Wait until a client connects */ printf(" . Waiting for a remote connection ..."); fflush(stdout); @@ -278,7 +288,7 @@ reset: printf(" ok\n"); /* - * 5. Handshake + * 6. Handshake */ printf(" . Performing the DTLS handshake..."); fflush(stdout); @@ -300,7 +310,7 @@ reset: printf(" ok\n"); /* - * 6. Read the echo Request + * 7. Read the echo Request */ printf(" < Read from client:"); fflush(stdout); @@ -321,7 +331,6 @@ reset: case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: printf(" connection was closed gracefully\n"); - ret = 0; goto close_notify; default: @@ -334,7 +343,7 @@ reset: printf(" %d bytes read\n\n%s\n\n", len, buf); /* - * 7. Write the 200 Response + * 8. Write the 200 Response */ printf(" > Write to client:"); fflush(stdout); @@ -353,7 +362,7 @@ reset: printf(" %d bytes written\n\n%s\n\n", len, buf); /* - * 8. Done, cleanly close the connection + * 9. Done, cleanly close the connection */ close_notify: printf(" . Closing the connection..."); @@ -394,6 +403,9 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Shell can not handle large exit numbers -> 1 for errors */ if (ret < 0) { diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 6dbbc6d20..e8f4797b8 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -175,8 +175,16 @@ int main(void) #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_init(&ca); #endif - mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers)) != 0) { ret = ctr_drbg_seed_failed; @@ -262,7 +270,6 @@ int main(void) exit: mbedtls_net_free(&server_fd); - mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); @@ -270,6 +277,9 @@ exit: #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_x509_crt_free(&ca); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(ret); } diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index ea96a4d61..259b8f930 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -91,11 +91,21 @@ int main(void) mbedtls_ssl_config_init(&conf); mbedtls_x509_crt_init(&cacert); mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_printf("\n . Seeding the random number generator..."); fflush(stdout); - mbedtls_entropy_init(&entropy); + if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers))) != 0) { @@ -274,12 +284,14 @@ exit: #endif mbedtls_net_free(&server_fd); - mbedtls_x509_crt_free(&cacert); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index b12406595..7c2c818d8 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -95,7 +95,7 @@ int main(void) #define DFL_RECONNECT_HARD 0 #define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED #define DFL_ALPN_STRING NULL -#define DFL_CURVES NULL +#define DFL_GROUPS NULL #define DFL_SIG_ALGS NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM #define DFL_HS_TO_MIN 0 @@ -261,15 +261,20 @@ int main(void) #define USAGE_ALPN "" #endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_ECP_C) -#define USAGE_CURVES \ - " curves=a,b,c,d default: \"default\" (library default)\n" \ - " example: \"secp521r1,brainpoolP512r1\"\n" \ - " - use \"none\" for empty list\n" \ - " - see mbedtls_ecp_curve_list()\n" \ - " for acceptable curve names\n" +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \ + (defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ + defined(PSA_WANT_ALG_FFDH)) +#define USAGE_GROUPS \ + " groups=a,b,c,d default: \"default\" (library default)\n" \ + " example: \"secp521r1,brainpoolP512r1\"\n" \ + " - use \"none\" for empty list\n" \ + " - see mbedtls_ecp_curve_list()\n" \ + " for acceptable EC group names\n" \ + " - the following ffdh groups are supported:\n" \ + " ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144,\n" \ + " ffdhe8192\n" #else -#define USAGE_CURVES "" +#define USAGE_GROUPS "" #endif #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) @@ -425,7 +430,7 @@ int main(void) " reconnect=%%d number of reconnections using session resumption\n" \ " default: 0 (disabled)\n" \ " reco_server_name=%%s default: NULL\n" \ - " reco_delay=%%d default: 0 millionseconds\n" \ + " reco_delay=%%d default: 0 milliseconds\n" \ " reco_mode=%%d 0: copy session, 1: serialize session\n" \ " default: 1\n" \ " reconnect_hard=%%d default: 0 (disabled)\n" \ @@ -437,7 +442,7 @@ int main(void) USAGE_EMS \ USAGE_ETM \ USAGE_REPRODUCIBLE \ - USAGE_CURVES \ + USAGE_GROUPS \ USAGE_SIG_ALGS \ USAGE_EARLY_DATA \ USAGE_DHMLEN \ @@ -466,10 +471,6 @@ int main(void) USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 -#define SIG_ALG_LIST_SIZE 5 - /* * global options */ @@ -526,7 +527,7 @@ struct options { int reco_mode; /* how to keep the session around */ int reconnect_hard; /* unexpectedly reconnect from the same port */ int tickets; /* enable / disable session tickets */ - const char *curves; /* list of supported elliptic curves */ + const char *groups; /* list of supported groups */ const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *alpn_string; /* ALPN supported protocols */ int transport; /* TLS or DTLS? */ @@ -759,11 +760,7 @@ int main(int argc, char *argv[]) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) unsigned char alloc_buf[MEMORY_HEAP_SIZE]; #endif - -#if defined(MBEDTLS_ECP_C) - uint16_t group_list[CURVE_LIST_SIZE]; - const mbedtls_ecp_curve_info *curve_cur; -#endif + uint16_t group_list[GROUP_LIST_SIZE]; #if defined(MBEDTLS_SSL_DTLS_SRTP) unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH]; size_t mki_len = 0; @@ -867,7 +864,7 @@ int main(int argc, char *argv[]) mbedtls_test_enable_insecure_external_rng(); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - if (argc == 0) { + if (argc < 2) { usage: if (ret == 0) { ret = 1; @@ -949,7 +946,7 @@ usage: opt.reconnect_hard = DFL_RECONNECT_HARD; opt.tickets = DFL_TICKETS; opt.alpn_string = DFL_ALPN_STRING; - opt.curves = DFL_CURVES; + opt.groups = DFL_GROUPS; opt.sig_algs = DFL_SIG_ALGS; #if defined(MBEDTLS_SSL_EARLY_DATA) opt.early_data = DFL_EARLY_DATA; @@ -1172,8 +1169,8 @@ usage: break; default: goto usage; } - } else if (strcmp(p, "curves") == 0) { - opt.curves = q; + } else if (strcmp(p, "groups") == 0) { + opt.groups = q; } #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) else if (strcmp(p, "sig_algs") == 0) { @@ -1463,11 +1460,11 @@ usage: #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) if (opt.psk_opaque != 0) { /* Determine KDF algorithm the opaque PSK will be used in. */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); } else -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ @@ -1497,53 +1494,11 @@ usage: } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_ECP_C) - if (opt.curves != NULL) { - p = (char *) opt.curves; - i = 0; - - if (strcmp(p, "none") == 0) { - group_list[0] = 0; - } else if (strcmp(p, "default") != 0) { - /* Leave room for a final NULL in curve list */ - while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { - q = p; - - /* Terminate the current string */ - while (*p != ',' && *p != '\0') { - p++; - } - if (*p == ',') { - *p++ = '\0'; - } - - if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { - group_list[i++] = curve_cur->tls_id; - } else { - mbedtls_printf("unknown curve %s\n", q); - mbedtls_printf("supported curves: "); - for (curve_cur = mbedtls_ecp_curve_list(); - curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++) { - mbedtls_printf("%s ", curve_cur->name); - } - mbedtls_printf("\n"); - goto exit; - } - } - - mbedtls_printf("Number of curves: %d\n", i); - - if (i == CURVE_LIST_SIZE - 1 && *p != '\0') { - mbedtls_printf("curves list too long, maximum %d", - CURVE_LIST_SIZE - 1); - goto exit; - } - - group_list[i] = 0; + if (opt.groups != NULL) { + if (parse_groups(opt.groups, group_list, GROUP_LIST_SIZE) != 0) { + goto exit; } } -#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) if (opt.sig_algs != NULL) { @@ -1946,9 +1901,11 @@ usage: } #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ -#if defined(MBEDTLS_ECP_C) - if (opt.curves != NULL && - strcmp(opt.curves, "default") != 0) { +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \ + (defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ + defined(PSA_WANT_ALG_FFDH)) + if (opt.groups != NULL && + strcmp(opt.groups, "default") != 0) { mbedtls_ssl_conf_groups(&conf, group_list); } #endif diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 0ba0d2c04..9744c58d5 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -1,5 +1,5 @@ /* - * MbedTLS SSL context deserializer from base64 code + * Mbed TLS SSL context deserializer from base64 code * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 @@ -21,6 +21,7 @@ #include "mbedtls/build_info.h" #include "mbedtls/debug.h" +#include "mbedtls/platform.h" #include #include @@ -124,12 +125,12 @@ const char buf_ln_err[] = "Buffer does not have enough data to complete the pars /* * Basic printing functions */ -void print_version() +void print_version(void) { printf("%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR); } -void print_usage() +void print_usage(void) { print_version(); printf("\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n" @@ -178,7 +179,7 @@ void printf_err(const char *str, ...) /* * Exit from the program in case of error */ -void error_exit() +void error_exit(void) { if (NULL != b64_file) { fclose(b64_file); @@ -933,6 +934,15 @@ int main(int argc, char *argv[]) size_t ssl_max_len = SSL_INIT_LEN; size_t ssl_len = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + return MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* The 'b64_file' is opened when parsing arguments to check that the * file name is correct */ parse_arguments(argc, argv); @@ -1001,6 +1011,10 @@ int main(int argc, char *argv[]) printf("Finished. No valid base64 code found\n"); } +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return 0; } diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 7ee880d38..6734a14d9 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -65,7 +65,7 @@ int main(void) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

    mbed TLS Test Server

    \r\n" \ + "

    Mbed TLS Test Server

    \r\n" \ "

    Successful connection using: %s

    \r\n" #define DEBUG_LEVEL 0 @@ -105,6 +105,15 @@ int main(void) mbedtls_x509_crt_init(&srvcert); mbedtls_ctr_drbg_init(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + signal(SIGCHLD, SIG_IGN); /* @@ -366,13 +375,15 @@ int main(void) exit: mbedtls_net_free(&client_fd); mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free(&srvcert); mbedtls_pk_free(&pkey); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 4e54be885..1e648e8af 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -369,8 +369,18 @@ int main(int argc, char *argv[]) mbedtls_x509_crt_init(&clicert); mbedtls_pk_init(&pkey); mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); @@ -458,7 +468,6 @@ usage: mbedtls_printf("\n . Seeding the random number generator..."); fflush(stdout); - mbedtls_entropy_init(&entropy); if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers))) != 0) { @@ -766,9 +775,9 @@ usage: mbedtls_printf(" > Write content to server:"); fflush(stdout); - len = sprintf((char *) buf, "From: %s\r\nSubject: mbed TLS Test mail\r\n\r\n" + len = sprintf((char *) buf, "From: %s\r\nSubject: Mbed TLS Test mail\r\n\r\n" "This is a simple test mail from the " - "mbed TLS mail client example.\r\n" + "Mbed TLS mail client example.\r\n" "\r\n" "Enjoy!", opt.mail_from); ret = write_ssl_data(&ssl, buf, len); @@ -796,6 +805,9 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 2b3baffa4..12d3057b4 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -66,7 +66,7 @@ int main(void) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

    mbed TLS Test Server

    \r\n" \ + "

    Mbed TLS Test Server

    \r\n" \ "

    Successful connection using: %s

    \r\n" #define DEBUG_LEVEL 0 @@ -332,6 +332,16 @@ int main(void) */ mbedtls_entropy_init(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + /* * 1a. Seed the random number generator */ @@ -473,14 +483,14 @@ exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); mbedtls_ssl_config_free(&conf); - mbedtls_net_free(&listen_fd); - mbedtls_mutex_free(&debug_mutex); - #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_free(); #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(ret); } diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 7dabda8ae..ad82567f4 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -59,7 +59,7 @@ int main(void) #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

    mbed TLS Test Server

    \r\n" \ + "

    Mbed TLS Test Server

    \r\n" \ "

    Successful connection using: %s

    \r\n" #define DEBUG_LEVEL 0 @@ -104,6 +104,16 @@ int main(void) mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&ctr_drbg); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED; + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_DEBUG_C) mbedtls_debug_set_threshold(DEBUG_LEVEL); #endif @@ -343,7 +353,6 @@ exit: mbedtls_net_free(&client_fd); mbedtls_net_free(&listen_fd); - mbedtls_x509_crt_free(&srvcert); mbedtls_pk_free(&pkey); mbedtls_ssl_free(&ssl); @@ -353,6 +362,9 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(ret); } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index b3d9f5a5c..0efcb7f9a 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -69,9 +69,12 @@ int main(void) #include "test/psa_crypto_helpers.h" #endif +#include "mbedtls/pk.h" +#include "mbedtls/dhm.h" + /* Size of memory to be allocated for the heap, when using the library's memory * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */ -#define MEMORY_HEAP_SIZE 120000 +#define MEMORY_HEAP_SIZE 180000 #define DFL_SERVER_ADDR NULL #define DFL_SERVER_PORT "4433" @@ -127,9 +130,10 @@ int main(void) #define DFL_TICKET_AEAD MBEDTLS_CIPHER_AES_256_GCM #define DFL_CACHE_MAX -1 #define DFL_CACHE_TIMEOUT -1 +#define DFL_CACHE_REMOVE 0 #define DFL_SNI NULL #define DFL_ALPN_STRING NULL -#define DFL_CURVES NULL +#define DFL_GROUPS NULL #define DFL_MAX_EARLY_DATA_SIZE 0 #define DFL_SIG_ALGS NULL #define DFL_DHM_FILE NULL @@ -169,7 +173,7 @@ int main(void) * packets (for fragmentation purposes) */ #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ - "

    mbed TLS Test Server

    \r\n" \ + "

    Mbed TLS Test Server

    \r\n" \ "

    Successful connection using: %s

    \r\n" // LONG_RESPONSE /* @@ -319,7 +323,8 @@ int main(void) #if defined(MBEDTLS_SSL_CACHE_C) #define USAGE_CACHE \ - " cache_max=%%d default: cache default (50)\n" + " cache_max=%%d default: cache default (50)\n" \ + " cache_remove=%%d default: 0 (don't remove)\n" #if defined(MBEDTLS_HAVE_TIME) #define USAGE_CACHE_TIME \ " cache_timeout=%%d default: cache default (1d)\n" @@ -441,15 +446,20 @@ int main(void) #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA */ -#if defined(MBEDTLS_ECP_C) -#define USAGE_CURVES \ - " curves=a,b,c,d default: \"default\" (library default)\n" \ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \ + (defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ + defined(PSA_WANT_ALG_FFDH)) +#define USAGE_GROUPS \ + " groups=a,b,c,d default: \"default\" (library default)\n" \ " example: \"secp521r1,brainpoolP512r1\"\n" \ " - use \"none\" for empty list\n" \ - " - see mbedtls_ecp_curve_list()\n" \ - " for acceptable curve names\n" + " - see mbedtls_ecp_curve_list()\n" \ + " for acceptable EC group names\n" \ + " - the following ffdh groups are supported:\n" \ + " ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144,\n" \ + " ffdhe8192\n" #else -#define USAGE_CURVES "" +#define USAGE_GROUPS "" #endif #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) @@ -553,7 +563,7 @@ int main(void) USAGE_ALPN \ USAGE_EMS \ USAGE_ETM \ - USAGE_CURVES \ + USAGE_GROUPS \ USAGE_SIG_ALGS \ USAGE_KEY_OPAQUE_ALGS \ "\n" @@ -582,10 +592,6 @@ int main(void) USAGE_SERIALIZATION \ " acceptable ciphersuite names:\n" -#define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 -#define SIG_ALG_LIST_SIZE 5 - #define PUT_UINT64_BE(out_be, in_le, i) \ { \ (out_be)[(i) + 0] = (unsigned char) (((in_le) >> 56) & 0xFF); \ @@ -667,8 +673,9 @@ struct options { #if defined(MBEDTLS_HAVE_TIME) int cache_timeout; /* expiration delay of session cache entries*/ #endif + int cache_remove; /* enable / disable cache entry removal */ char *sni; /* string describing sni information */ - const char *curves; /* list of supported elliptic curves */ + const char *groups; /* list of supported groups */ const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *alpn_string; /* ALPN supported protocols */ const char *dhm_file; /* the file with the DH parameters */ @@ -1374,6 +1381,11 @@ int report_cid_usage(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_HAVE_TIME) +static inline void put_unaligned_uint32(void *p, uint32_t x) +{ + memcpy(p, &x, sizeof(x)); +} + /* Functions for session ticket tests */ int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session, unsigned char *start, const unsigned char *end, @@ -1387,7 +1399,7 @@ int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session, if (end - p < 4) { return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } - *((uint32_t *) p) = 7 * 24 * 3600; + put_unaligned_uint32(p, 7 * 24 * 3600); *ticket_lifetime = 7 * 24 * 3600; p += 4; @@ -1513,10 +1525,7 @@ int main(int argc, char *argv[]) #if defined(SNI_OPTION) sni_entry *sni_info = NULL; #endif -#if defined(MBEDTLS_ECP_C) - uint16_t group_list[CURVE_LIST_SIZE]; - const mbedtls_ecp_curve_info *curve_cur; -#endif + uint16_t group_list[GROUP_LIST_SIZE]; #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -1633,7 +1642,7 @@ int main(int argc, char *argv[]) signal(SIGINT, term_handler); #endif - if (argc == 0) { + if (argc < 2) { usage: if (ret == 0) { ret = 1; @@ -1724,9 +1733,10 @@ usage: #if defined(MBEDTLS_HAVE_TIME) opt.cache_timeout = DFL_CACHE_TIMEOUT; #endif + opt.cache_remove = DFL_CACHE_REMOVE; opt.sni = DFL_SNI; opt.alpn_string = DFL_ALPN_STRING; - opt.curves = DFL_CURVES; + opt.groups = DFL_GROUPS; opt.max_early_data_size = DFL_MAX_EARLY_DATA_SIZE; opt.sig_algs = DFL_SIG_ALGS; opt.dhm_file = DFL_DHM_FILE; @@ -1906,8 +1916,8 @@ usage: goto usage; } opt.force_ciphersuite[1] = 0; - } else if (strcmp(p, "curves") == 0) { - opt.curves = q; + } else if (strcmp(p, "groups") == 0) { + opt.groups = q; } #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) else if (strcmp(p, "sig_algs") == 0) { @@ -2137,7 +2147,12 @@ usage: } } #endif - else if (strcmp(p, "cookies") == 0) { + else if (strcmp(p, "cache_remove") == 0) { + opt.cache_remove = atoi(q); + if (opt.cache_remove < 0 || opt.cache_remove > 1) { + goto usage; + } + } else if (strcmp(p, "cookies") == 0) { opt.cookies = atoi(q); if (opt.cookies < -1 || opt.cookies > 1) { goto usage; @@ -2322,11 +2337,11 @@ usage: #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) if (opt.psk_opaque != 0 || opt.psk_list_opaque != 0) { /* Determine KDF algorithm the opaque PSK will be used in. */ -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) if (ciphersuite_info->mac == MBEDTLS_MD_SHA384) { alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); } else -#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA384 */ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ @@ -2374,53 +2389,11 @@ usage: } #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ -#if defined(MBEDTLS_ECP_C) - if (opt.curves != NULL) { - p = (char *) opt.curves; - i = 0; - - if (strcmp(p, "none") == 0) { - group_list[0] = 0; - } else if (strcmp(p, "default") != 0) { - /* Leave room for a final NULL in curve list */ - while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { - q = p; - - /* Terminate the current string */ - while (*p != ',' && *p != '\0') { - p++; - } - if (*p == ',') { - *p++ = '\0'; - } - - if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { - group_list[i++] = curve_cur->tls_id; - } else { - mbedtls_printf("unknown curve %s\n", q); - mbedtls_printf("supported curves: "); - for (curve_cur = mbedtls_ecp_curve_list(); - curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; - curve_cur++) { - mbedtls_printf("%s ", curve_cur->name); - } - mbedtls_printf("\n"); - goto exit; - } - } - - mbedtls_printf("Number of curves: %d\n", i); - - if (i == CURVE_LIST_SIZE - 1 && *p != '\0') { - mbedtls_printf("curves list too long, maximum %d", - CURVE_LIST_SIZE - 1); - goto exit; - } - - group_list[i] = 0; + if (opt.groups != NULL) { + if (parse_groups(opt.groups, group_list, GROUP_LIST_SIZE) != 0) { + goto exit; } } -#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) if (opt.sig_algs != NULL) { @@ -2647,7 +2620,7 @@ usage: } key_cert_init = 2; #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) if ((ret = mbedtls_x509_crt_parse(&srvcert2, (const unsigned char *) mbedtls_test_srv_crt_ec, mbedtls_test_srv_crt_ec_len)) != 0) { @@ -2664,7 +2637,7 @@ usage: goto exit; } key_cert_init2 = 2; -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -3122,9 +3095,11 @@ usage: } #endif -#if defined(MBEDTLS_ECP_C) - if (opt.curves != NULL && - strcmp(opt.curves, "default") != 0) { +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) || \ + (defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ + defined(PSA_WANT_ALG_FFDH)) + if (opt.groups != NULL && + strcmp(opt.groups, "default") != 0) { mbedtls_ssl_conf_groups(&conf, group_list); } #endif @@ -3806,7 +3781,6 @@ data_exchange: switch (ret) { case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY: mbedtls_printf(" connection was closed gracefully\n"); - ret = 0; goto close_notify; default: @@ -4120,6 +4094,12 @@ close_notify: mbedtls_printf(" done\n"); +#if defined(MBEDTLS_SSL_CACHE_C) + if (opt.cache_remove > 0) { + mbedtls_ssl_cache_remove(&cache, ssl.session->id, ssl.session->id_len); + } +#endif + goto reset; /* diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 9115cd1b4..67fc06115 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -272,7 +272,7 @@ int send_cb(void *ctx, unsigned char const *buf, size_t len) } #if defined(MBEDTLS_X509_CRT_PARSE_C) -#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) && defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) /* * When GnuTLS/Openssl server is configured in TLS 1.2 mode with a certificate @@ -289,7 +289,7 @@ int send_cb(void *ctx, unsigned char const *buf, size_t len) #define MBEDTLS_SSL_SIG_ALG(hash) ((hash << 8) | MBEDTLS_SSL_SIG_ECDSA), \ ((hash << 8) | MBEDTLS_SSL_SIG_RSA), #endif -#elif defined(MBEDTLS_ECDSA_C) +#elif defined(MBEDTLS_PK_CAN_ECDSA_SOME) #define MBEDTLS_SSL_SIG_ALG(hash) ((hash << 8) | MBEDTLS_SSL_SIG_ECDSA), #elif defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) @@ -304,22 +304,22 @@ int send_cb(void *ctx, unsigned char const *buf, size_t len) #endif uint16_t ssl_sig_algs_for_test[] = { -#if defined(MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA512) #endif -#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA384) #endif -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA256) #endif -#if defined(MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA224) MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA224) #endif -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) /* Allow SHA-1 as we use it extensively in tests. */ MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA1) #endif diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index e3e3cac3b..aea056b68 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -30,6 +30,8 @@ #if !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) +#define ARRAY_LENGTH(x) (sizeof(x)/sizeof(x[0])) + void my_debug(void *ctx, int level, const char *file, int line, const char *str) @@ -124,9 +126,9 @@ int rng_seed(rng_context_t *rng, int reproducible, const char *pers) (const unsigned char *) pers, strlen(pers)); #elif defined(MBEDTLS_HMAC_DRBG_C) -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_MD_CAN_SHA256) const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA256; -#elif defined(MBEDTLS_SHA512_C) +#elif defined(MBEDTLS_MD_CAN_SHA512) const mbedtls_md_type_t md_type = MBEDTLS_MD_SHA512; #else #error "No message digest available for HMAC_DRBG" @@ -449,4 +451,163 @@ void test_hooks_free(void) #endif /* MBEDTLS_TEST_HOOKS */ +static const struct { + uint16_t tls_id; + const char *name; + uint8_t is_supported; +} tls_id_group_name_table[] = +{ +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) + { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP224R1, "secp224r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP224R1, "secp224r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP224K1, "secp224k1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP224K1, "secp224k1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1, "secp192r1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP192R1, "secp192r1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192) + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP192K1, "secp192k1", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_SECP192K1, "secp192k1", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255) + { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 0 }, +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448) + { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 0 }, +#endif +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ + defined(PSA_WANT_ALG_FFDH) + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", 1 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 1 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 1 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 1 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 1 }, +#else + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", 0 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 0 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 0 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 0 }, + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 0 }, +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED && PSA_WANT_ALG_FFDH */ + { 0, NULL, 0 }, +}; + +static uint16_t mbedtls_ssl_get_curve_tls_id_from_name(const char *name) +{ + if (name == NULL) { + return 0; + } + + for (int i = 0; tls_id_group_name_table[i].tls_id != 0; i++) { + if (strcmp(tls_id_group_name_table[i].name, name) == 0) { + return tls_id_group_name_table[i].tls_id; + } + } + + return 0; +} + +static void mbedtls_ssl_print_supported_groups_list(void) +{ + for (int i = 0; tls_id_group_name_table[i].tls_id != 0; i++) { + if (tls_id_group_name_table[i].is_supported == 1) { + mbedtls_printf("%s ", tls_id_group_name_table[i].name); + } + } +} + +int parse_groups(const char *groups, uint16_t *group_list, size_t group_list_len) +{ + char *p = (char *) groups; + char *q = NULL; + size_t i = 0; + + if (strcmp(p, "none") == 0) { + group_list[0] = 0; + } else if (strcmp(p, "default") != 0) { + /* Leave room for a final NULL in group list */ + while (i < group_list_len - 1 && *p != '\0') { + uint16_t curve_tls_id; + q = p; + + /* Terminate the current string */ + while (*p != ',' && *p != '\0') { + p++; + } + if (*p == ',') { + *p++ = '\0'; + } + + if ((curve_tls_id = mbedtls_ssl_get_curve_tls_id_from_name(q)) != 0) { + group_list[i++] = curve_tls_id; + } else { + mbedtls_printf("unknown group %s\n", q); + mbedtls_printf("supported groups: "); + mbedtls_ssl_print_supported_groups_list(); + mbedtls_printf("\n"); + return -1; + } + } + + mbedtls_printf("Number of groups: %u\n", (unsigned int) i); + + if (i == group_list_len - 1 && *p != '\0') { + mbedtls_printf("groups list too long, maximum %u", + (unsigned int) (group_list_len - 1)); + return -1; + } + + group_list[i] = 0; + } + + return 0; +} + #endif /* !defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) */ diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index 64f557d78..ef0dba718 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -23,6 +23,7 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +#include "mbedtls/md.h" #undef HAVE_RNG #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) && \ @@ -32,7 +33,7 @@ #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) #define HAVE_RNG #elif defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_HMAC_DRBG_C) && \ - (defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA512_C)) + (defined(MBEDTLS_MD_CAN_SHA256) || defined(MBEDTLS_MD_CAN_SHA512)) #define HAVE_RNG #endif @@ -79,6 +80,10 @@ #include "../test/query_config.h" +#define ALPN_LIST_SIZE 10 +#define GROUP_LIST_SIZE 25 +#define SIG_ALG_LIST_SIZE 5 + typedef struct eap_tls_keys { unsigned char master_secret[48]; unsigned char randbytes[64]; @@ -306,5 +311,8 @@ void test_hooks_free(void); #endif /* !MBEDTLS_TEST_HOOKS */ +/* Helper functions for FFDH groups. */ +int parse_groups(const char *groups, uint16_t *group_list, size_t group_list_len); + #endif /* MBEDTLS_SSL_TEST_IMPOSSIBLE conditions: else */ #endif /* MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H */ diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index c3e7d2e98..a75f8d923 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -3,6 +3,7 @@ set(libs ) set(executables_libs + query_included_headers selftest udp_proxy ) @@ -44,11 +45,13 @@ if(GEN_FILES) ${PERL} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt ${CMAKE_CURRENT_BINARY_DIR}/query_config.c DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt ) # this file will also be used in another directory, so create a target, see diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 773c53829..d8237f544 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -39,6 +39,7 @@ int main(void) #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/sha3.h" #include "mbedtls/des.h" #include "mbedtls/aes.h" @@ -112,12 +113,13 @@ static void mbedtls_set_alarm(int seconds); #define HEADER_FORMAT " %-24s : " #define TITLE_LEN 25 -#define OPTIONS \ - "md5, ripemd160, sha1, sha256, sha512,\n" \ - "des3, des, camellia, chacha20,\n" \ - "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \ - "aes_cmac, des3_cmac, poly1305\n" \ - "ctr_drbg, hmac_drbg\n" \ +#define OPTIONS \ + "md5, ripemd160, sha1, sha256, sha512,\n" \ + "sha3_224, sha3_256, sha3_384, sha3_512,\n" \ + "des3, des, camellia, chacha20,\n" \ + "aes_cbc, aes_cfb128, aes_cfb8, aes_gcm, aes_ccm, aes_xts, chachapoly\n" \ + "aes_cmac, des3_cmac, poly1305\n" \ + "ctr_drbg, hmac_drbg\n" \ "rsa, dhm, ecdsa, ecdh.\n" #if defined(MBEDTLS_ERROR_C) @@ -363,7 +365,7 @@ static unsigned long mbedtls_timing_hardclock(void) #endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM && __GNUC__ && __ia64__ */ -#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \ +#if !defined(HAVE_HARDCLOCK) && defined(_WIN32) && \ !defined(EFIX64) && !defined(EFI32) #define HAVE_HARDCLOCK @@ -376,7 +378,7 @@ static unsigned long mbedtls_timing_hardclock(void) return (unsigned long) (offset.QuadPart); } -#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */ +#endif /* !HAVE_HARDCLOCK && _WIN32 && !EFIX64 && !EFI32 */ #if !defined(HAVE_HARDCLOCK) @@ -506,8 +508,9 @@ unsigned char buf[BUFSIZE]; typedef struct { char md5, ripemd160, sha1, sha256, sha512, + sha3_224, sha3_256, sha3_384, sha3_512, des3, des, - aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly, + aes_cbc, aes_cfb128, aes_cfb8, aes_gcm, aes_ccm, aes_xts, chachapoly, aes_cmac, des3_cmac, aria, camellia, chacha20, poly1305, @@ -553,12 +556,24 @@ int main(int argc, char *argv[]) todo.sha256 = 1; } else if (strcmp(argv[i], "sha512") == 0) { todo.sha512 = 1; + } else if (strcmp(argv[i], "sha3_224") == 0) { + todo.sha3_224 = 1; + } else if (strcmp(argv[i], "sha3_256") == 0) { + todo.sha3_256 = 1; + } else if (strcmp(argv[i], "sha3_384") == 0) { + todo.sha3_384 = 1; + } else if (strcmp(argv[i], "sha3_512") == 0) { + todo.sha3_512 = 1; } else if (strcmp(argv[i], "des3") == 0) { todo.des3 = 1; } else if (strcmp(argv[i], "des") == 0) { todo.des = 1; } else if (strcmp(argv[i], "aes_cbc") == 0) { todo.aes_cbc = 1; + } else if (strcmp(argv[i], "aes_cfb128") == 0) { + todo.aes_cfb128 = 1; + } else if (strcmp(argv[i], "aes_cfb8") == 0) { + todo.aes_cfb8 = 1; } else if (strcmp(argv[i], "aes_xts") == 0) { todo.aes_xts = 1; } else if (strcmp(argv[i], "aes_gcm") == 0) { @@ -645,11 +660,26 @@ int main(int argc, char *argv[]) TIME_AND_TSC("SHA-512", mbedtls_sha512(buf, BUFSIZE, tmp, 0)); } #endif +#if defined(MBEDTLS_SHA3_C) + if (todo.sha3_224) { + TIME_AND_TSC("SHA3-224", mbedtls_sha3(MBEDTLS_SHA3_224, buf, BUFSIZE, tmp, 28)); + } + if (todo.sha3_256) { + TIME_AND_TSC("SHA3-256", mbedtls_sha3(MBEDTLS_SHA3_256, buf, BUFSIZE, tmp, 32)); + } + if (todo.sha3_384) { + TIME_AND_TSC("SHA3-384", mbedtls_sha3(MBEDTLS_SHA3_384, buf, BUFSIZE, tmp, 48)); + } + if (todo.sha3_512) { + TIME_AND_TSC("SHA3-512", mbedtls_sha3(MBEDTLS_SHA3_512, buf, BUFSIZE, tmp, 64)); + } +#endif #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) if (todo.des3) { mbedtls_des3_context des3; + mbedtls_des3_init(&des3); if (mbedtls_des3_set3key_enc(&des3, tmp) != 0) { mbedtls_exit(1); @@ -661,6 +691,7 @@ int main(int argc, char *argv[]) if (todo.des) { mbedtls_des_context des; + mbedtls_des_init(&des); if (mbedtls_des_setkey_enc(&des, tmp) != 0) { mbedtls_exit(1); @@ -693,6 +724,7 @@ int main(int argc, char *argv[]) if (todo.aes_cbc) { int keysize; mbedtls_aes_context aes; + mbedtls_aes_init(&aes); for (keysize = 128; keysize <= 256; keysize += 64) { mbedtls_snprintf(title, sizeof(title), "AES-CBC-%d", keysize); @@ -707,6 +739,44 @@ int main(int argc, char *argv[]) mbedtls_aes_free(&aes); } #endif +#if defined(MBEDTLS_CIPHER_MODE_CFB) + if (todo.aes_cfb128) { + int keysize; + size_t iv_off = 0; + mbedtls_aes_context aes; + + mbedtls_aes_init(&aes); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CFB128-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + CHECK_AND_CONTINUE(mbedtls_aes_setkey_enc(&aes, tmp, keysize)); + + TIME_AND_TSC(title, + mbedtls_aes_crypt_cfb128(&aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, + &iv_off, tmp, buf, buf)); + } + mbedtls_aes_free(&aes); + } + if (todo.aes_cfb8) { + int keysize; + mbedtls_aes_context aes; + + mbedtls_aes_init(&aes); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CFB8-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + CHECK_AND_CONTINUE(mbedtls_aes_setkey_enc(&aes, tmp, keysize)); + + TIME_AND_TSC(title, + mbedtls_aes_crypt_cfb8(&aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf)); + } + mbedtls_aes_free(&aes); + } +#endif #if defined(MBEDTLS_CIPHER_MODE_XTS) if (todo.aes_xts) { int keysize; @@ -824,6 +894,7 @@ int main(int argc, char *argv[]) if (todo.aria) { int keysize; mbedtls_aria_context aria; + mbedtls_aria_init(&aria); for (keysize = 128; keysize <= 256; keysize += 64) { mbedtls_snprintf(title, sizeof(title), "ARIA-CBC-%d", keysize); @@ -844,6 +915,7 @@ int main(int argc, char *argv[]) if (todo.camellia) { int keysize; mbedtls_camellia_context camellia; + mbedtls_camellia_init(&camellia); for (keysize = 128; keysize <= 256; keysize += 64) { mbedtls_snprintf(title, sizeof(title), "CAMELLIA-CBC-%d", keysize); @@ -950,6 +1022,7 @@ int main(int argc, char *argv[]) if (todo.rsa) { int keysize; mbedtls_rsa_context rsa; + for (keysize = 2048; keysize <= 4096; keysize *= 2) { mbedtls_snprintf(title, sizeof(title), "RSA-%d", keysize); @@ -992,6 +1065,7 @@ int main(int argc, char *argv[]) mbedtls_dhm_context dhm; size_t olen; size_t n; + for (i = 0; (size_t) i < sizeof(dhm_sizes) / sizeof(dhm_sizes[0]); i++) { mbedtls_dhm_init(&dhm); @@ -1105,6 +1179,7 @@ int main(int argc, char *argv[]) if (curve_list == (const mbedtls_ecp_curve_info *) &single_curve) { mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); if (mbedtls_ecp_group_load(&grp, curve_list->grp_id) != 0) { mbedtls_exit(1); diff --git a/programs/test/cmake_package/CMakeLists.txt b/programs/test/cmake_package/CMakeLists.txt index 518d2e94f..f498cf931 100644 --- a/programs/test/cmake_package/CMakeLists.txt +++ b/programs/test/cmake_package/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.8.12) +cmake_minimum_required(VERSION 3.5.1) # # Simulate configuring and building Mbed TLS as the user might do it. We'll @@ -13,7 +13,9 @@ execute_process( "-H${MbedTLS_SOURCE_DIR}" "-B${MbedTLS_BINARY_DIR}" "-DENABLE_PROGRAMS=NO" - "-DENABLE_TESTING=NO") + "-DENABLE_TESTING=NO" + # Turn on generated files explicitly in case this is a release + "-DGEN_FILES=ON") execute_process( COMMAND "${CMAKE_COMMAND}" diff --git a/programs/test/cmake_package_install/CMakeLists.txt b/programs/test/cmake_package_install/CMakeLists.txt index fb5ad51b5..6937af4f6 100644 --- a/programs/test/cmake_package_install/CMakeLists.txt +++ b/programs/test/cmake_package_install/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.8.12) +cmake_minimum_required(VERSION 3.5.1) # # Simulate configuring and building Mbed TLS as the user might do it. We'll @@ -15,6 +15,8 @@ execute_process( "-B${MbedTLS_BINARY_DIR}" "-DENABLE_PROGRAMS=NO" "-DENABLE_TESTING=NO" + # Turn on generated files explicitly in case this is a release + "-DGEN_FILES=ON" "-DCMAKE_INSTALL_PREFIX=${MbedTLS_INSTALL_DIR}") execute_process( diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt index a9fcfde29..3c3cba3c2 100644 --- a/programs/test/cmake_subproject/CMakeLists.txt +++ b/programs/test/cmake_subproject/CMakeLists.txt @@ -1,4 +1,4 @@ -cmake_minimum_required(VERSION 2.6) +cmake_minimum_required(VERSION 3.5.1) # Test the target renaming support by adding a prefix to the targets built set(MBEDTLS_TARGET_PREFIX subproject_test_) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index 2dde3ebed..a6a9022fc 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -20,8 +20,29 @@ set -e -u +program_name="dlopen" program_dir="${0%/*}" -program="$program_dir/dlopen" +program="$program_dir/$program_name" + +if [ ! -e "$program" ]; then + # Look for programs in the current directory and the directories above it + for dir in "." ".." "../.."; do + program_dir="$dir/programs/test" + program="$program_dir/$program_name" + if [ -e "$program" ]; then + break + fi + done + if [ ! -e "$program" ]; then + echo "Could not find $program_name program" + + echo "Make sure that Mbed TLS is built as a shared library." \ + "If building out-of-tree, this script must be run" \ + "from the project build directory." + exit 1 + fi +fi + top_dir="$program_dir/../.." library_dir="$top_dir/library" diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index 94e911515..a55051652 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -63,7 +63,9 @@ EOF for header in include/mbedtls/*.h include/psa/*.h; do case ${header#include/} in mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion + mbedtls/config_*.h) :;; # not meant for direct inclusion psa/crypto_config.h) :;; # not meant for direct inclusion + psa/crypto_ajdust_config*.h) :;; # not meant for direct inclusion # Some of the psa/crypto_*.h headers are not meant to be included # directly. They do have include guards that make them no-ops if # psa/crypto.h has been included before. Since psa/crypto.h comes diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c index 8f763facd..df0fe4a70 100644 --- a/programs/test/query_compile_time_config.c +++ b/programs/test/query_compile_time_config.c @@ -40,7 +40,7 @@ int main(int argc, char *argv[]) { int i; - if (argc == 1 || strcmp(argv[1], "-h") == 0) { + if (argc < 2 || strcmp(argv[1], "-h") == 0) { mbedtls_printf(USAGE, argv[0]); return MBEDTLS_EXIT_FAILURE; } diff --git a/programs/test/query_included_headers.c b/programs/test/query_included_headers.c new file mode 100644 index 000000000..383a2ffc8 --- /dev/null +++ b/programs/test/query_included_headers.c @@ -0,0 +1,41 @@ +/* Ad hoc report on included headers. */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +int main(void) +{ + + /* Which PSA platform header? */ +#if defined(PSA_CRYPTO_PLATFORM_H) + mbedtls_printf("PSA_CRYPTO_PLATFORM_H\n"); +#endif +#if defined(PSA_CRYPTO_PLATFORM_ALT_H) + mbedtls_printf("PSA_CRYPTO_PLATFORM_ALT_H\n"); +#endif + + /* Which PSA struct header? */ +#if defined(PSA_CRYPTO_STRUCT_H) + mbedtls_printf("PSA_CRYPTO_STRUCT_H\n"); +#endif +#if defined(PSA_CRYPTO_STRUCT_ALT_H) + mbedtls_printf("PSA_CRYPTO_STRUCT_ALT_H\n"); +#endif + +} diff --git a/programs/test/selftest.c b/programs/test/selftest.c index b4d7008e6..cc5e00ed3 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -33,6 +33,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/sha3.h" #include "mbedtls/des.h" #include "mbedtls/aes.h" #include "mbedtls/camellia.h" @@ -72,23 +73,51 @@ static int calloc_self_test(int verbose) void *empty2 = mbedtls_calloc(0, 1); void *buffer1 = mbedtls_calloc(1, 1); void *buffer2 = mbedtls_calloc(1, 1); + unsigned int buffer_3_size = 256; + unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */ + unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1); + unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1); if (empty1 == NULL && empty2 == NULL) { if (verbose) { - mbedtls_printf(" CALLOC(0): passed (NULL)\n"); + mbedtls_printf(" CALLOC(0,1): passed (NULL)\n"); } } else if (empty1 == NULL || empty2 == NULL) { if (verbose) { - mbedtls_printf(" CALLOC(0): failed (mix of NULL and non-NULL)\n"); + mbedtls_printf(" CALLOC(0,1): failed (mix of NULL and non-NULL)\n"); } ++failures; } else if (empty1 == empty2) { if (verbose) { - mbedtls_printf(" CALLOC(0): passed (same non-null)\n"); + mbedtls_printf(" CALLOC(0,1): passed (same non-null)\n"); } } else { if (verbose) { - mbedtls_printf(" CALLOC(0): passed (distinct non-null)\n"); + mbedtls_printf(" CALLOC(0,1): passed (distinct non-null)\n"); + } + } + + mbedtls_free(empty1); + mbedtls_free(empty2); + + empty1 = mbedtls_calloc(1, 0); + empty2 = mbedtls_calloc(1, 0); + if (empty1 == NULL && empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (NULL)\n"); + } + } else if (empty1 == NULL || empty2 == NULL) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): failed (mix of NULL and non-NULL)\n"); + } + ++failures; + } else if (empty1 == empty2) { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (same non-null)\n"); + } + } else { + if (verbose) { + mbedtls_printf(" CALLOC(1,0): passed (distinct non-null)\n"); } } @@ -121,6 +150,28 @@ static int calloc_self_test(int verbose) } } + for (unsigned int i = 0; i < buffer_3_size; i++) { + if (buffer3[i] != 0) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", + buffer_3_size); + } + break; + } + } + + for (unsigned int i = 0; i < buffer_4_size; i++) { + if (buffer4[i] != 0) { + ++failures; + if (verbose) { + mbedtls_printf(" CALLOC(%u): failed (memory not initialized to 0)\n", + buffer_4_size); + } + break; + } + } + if (verbose) { mbedtls_printf("\n"); } @@ -128,6 +179,8 @@ static int calloc_self_test(int verbose) mbedtls_free(empty2); mbedtls_free(buffer1); mbedtls_free(buffer2); + mbedtls_free(buffer3); + mbedtls_free(buffer4); return failures; } #endif /* MBEDTLS_SELF_TEST */ @@ -251,6 +304,9 @@ const selftest_t selftests[] = #if defined(MBEDTLS_SHA512_C) { "sha512", mbedtls_sha512_self_test }, #endif +#if defined(MBEDTLS_SHA3_C) + { "sha3", mbedtls_sha3_self_test }, +#endif #if defined(MBEDTLS_DES_C) { "des", mbedtls_des_self_test }, #endif @@ -336,6 +392,32 @@ int main(int argc, char *argv[]) #endif void *pointer; + /* + * Check some basic platform requirements as specified in README.md + */ + if (SIZE_MAX < INT_MAX || SIZE_MAX < UINT_MAX) { + mbedtls_printf("SIZE_MAX must be at least as big as INT_MAX and UINT_MAX\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } + + if (sizeof(int) < 4) { + mbedtls_printf("int must be at least 32 bits\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } + + if (sizeof(size_t) < 4) { + mbedtls_printf("size_t must be at least 32 bits\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } + + uint32_t endian_test = 0x12345678; + char *p = (char *) &endian_test; + if (!(p[0] == 0x12 && p[1] == 0x34 && p[2] == 0x56 && p[3] == 0x78) && + !(p[3] == 0x12 && p[2] == 0x34 && p[1] == 0x56 && p[0] == 0x78)) { + mbedtls_printf("Mixed-endian platforms are not supported\n"); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } + /* * The C standard doesn't guarantee that all-bits-0 is the representation * of a NULL pointer. We do however use that in our code for initializing diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index ac527f257..685e336e6 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -644,7 +644,7 @@ void delay_packet(packet *delay) memcpy(&prev[prev_len++], delay, sizeof(packet)); } -int send_delayed() +int send_delayed(void) { uint8_t offset; int ret; diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index 4a25f21b7..5dd367a0c 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -189,7 +189,7 @@ int main(int argc, char *argv[]) memset(buf, 0, sizeof(buf)); memset(der_buffer, 0, sizeof(der_buffer)); - if (argc == 0) { + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 61352387e..51a79ecb5 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -153,6 +153,7 @@ int main(int argc, char *argv[]) mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); mbedtls_x509_crt_init(&cacert); + mbedtls_entropy_init(&entropy); #if defined(MBEDTLS_X509_CRL_PARSE_C) mbedtls_x509_crl_init(&cacrl); #else @@ -161,7 +162,16 @@ int main(int argc, char *argv[]) memset(&cacrl, 0, sizeof(mbedtls_x509_crl)); #endif - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; @@ -338,7 +348,6 @@ usage: mbedtls_printf("\n . Seeding the random number generator..."); fflush(stdout); - mbedtls_entropy_init(&entropy); if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers))) != 0) { @@ -448,6 +457,9 @@ exit: #endif mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 1126e60ae..558d8cc73 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -20,15 +20,17 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" -#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_SHA256_C) || \ +#if !defined(MBEDTLS_X509_CSR_WRITE_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \ + !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_PEM_WRITE_C) + !defined(MBEDTLS_PEM_WRITE_C) || !defined(MBEDTLS_FS_IO) int main(void) { mbedtls_printf("MBEDTLS_X509_CSR_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_PK_PARSE_C and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_PK_PARSE_C and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C " "not defined.\n"); mbedtls_exit(0); @@ -63,6 +65,13 @@ int main(void) " debug_level=%%d default: 0 (disabled)\n" \ " output_file=%%s default: cert.req\n" \ " subject_name=%%s default: CN=Cert,O=mbed TLS,C=UK\n" \ + " san=%%s default: (none)\n" \ + " Semicolon-separated-list of values:\n" \ + " DNS:value\n" \ + " URI:value\n" \ + " RFC822:value\n" \ + " IP:value (Only IPv4 is supported)\n" \ + " DN:list of comma separated key=value pairs\n" \ " key_usage=%%s default: (empty)\n" \ " Comma-separated-list of values:\n" \ " digital_signature\n" \ @@ -96,16 +105,17 @@ int main(void) * global options */ struct options { - const char *filename; /* filename of the key file */ - const char *password; /* password for the key file */ - int debug_level; /* level of debugging */ - const char *output_file; /* where to store the constructed key file */ - const char *subject_name; /* subject name for certificate request */ - unsigned char key_usage; /* key usage flags */ - int force_key_usage; /* Force adding the KeyUsage extension */ - unsigned char ns_cert_type; /* NS cert type */ - int force_ns_cert_type; /* Force adding NsCertType extension */ - mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ + const char *filename; /* filename of the key file */ + const char *password; /* password for the key file */ + int debug_level; /* level of debugging */ + const char *output_file; /* where to store the constructed key file */ + const char *subject_name; /* subject name for certificate request */ + mbedtls_x509_san_list *san_list; /* subjectAltName for certificate request */ + unsigned char key_usage; /* key usage flags */ + int force_key_usage; /* Force adding the KeyUsage extension */ + unsigned char ns_cert_type; /* NS cert type */ + int force_ns_cert_type; /* Force adding NsCertType extension */ + mbedtls_md_type_t md_alg; /* Hash algorithm used for signature. */ } opt; int write_certificate_request(mbedtls_x509write_csr *req, const char *output_file, @@ -150,7 +160,11 @@ int main(int argc, char *argv[]) mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "csr example app"; - + mbedtls_x509_san_list *cur, *prev; + mbedtls_asn1_named_data *ext_san_dirname = NULL; +#if defined(MBEDTLS_X509_CRT_PARSE_C) + uint8_t ip[4] = { 0 }; +#endif /* * Set to sane values */ @@ -158,8 +172,18 @@ int main(int argc, char *argv[]) mbedtls_pk_init(&key); mbedtls_ctr_drbg_init(&ctr_drbg); memset(buf, 0, sizeof(buf)); + mbedtls_entropy_init(&entropy); - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; @@ -175,15 +199,14 @@ usage: opt.ns_cert_type = DFL_NS_CERT_TYPE; opt.force_ns_cert_type = DFL_FORCE_NS_CERT_TYPE; opt.md_alg = DFL_MD_ALG; + opt.san_list = NULL; for (i = 1; i < argc; i++) { - p = argv[i]; if ((q = strchr(p, '=')) == NULL) { goto usage; } *q++ = '\0'; - if (strcmp(p, "filename") == 0) { opt.filename = q; } else if (strcmp(p, "password") == 0) { @@ -197,6 +220,99 @@ usage: } } else if (strcmp(p, "subject_name") == 0) { opt.subject_name = q; + } else if (strcmp(p, "san") == 0) { + char *subtype_value; + prev = NULL; + + while (q != NULL) { + char *semicolon; + r = q; + + /* Find the first non-escaped ; occurrence and remove escaped ones */ + do { + if ((semicolon = strchr(r, ';')) != NULL) { + if (*(semicolon-1) != '\\') { + r = semicolon; + break; + } + /* Remove the escape character */ + size_t size_left = strlen(semicolon); + memmove(semicolon-1, semicolon, size_left); + *(semicolon + size_left - 1) = '\0'; + /* r will now point at the character after the semicolon */ + r = semicolon; + } + + } while (semicolon != NULL); + + if (semicolon != NULL) { + *r++ = '\0'; + } else { + r = NULL; + } + + cur = mbedtls_calloc(1, sizeof(mbedtls_x509_san_list)); + if (cur == NULL) { + mbedtls_printf("Not enough memory for subjectAltName list\n"); + goto usage; + } + + cur->next = NULL; + + if ((subtype_value = strchr(q, ':')) != NULL) { + *subtype_value++ = '\0'; + } + if (strcmp(q, "RFC822") == 0) { + cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; + } else if (strcmp(q, "URI") == 0) { + cur->node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; + } else if (strcmp(q, "DNS") == 0) { + cur->node.type = MBEDTLS_X509_SAN_DNS_NAME; + } else if (strcmp(q, "IP") == 0) { + size_t ip_len = 0; + cur->node.type = MBEDTLS_X509_SAN_IP_ADDRESS; + ip_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip); + if (ip_len == 0) { + mbedtls_printf("mbedtls_x509_crt_parse_cn_inet_pton failed to parse %s\n", + subtype_value); + goto exit; + } + cur->node.san.unstructured_name.p = (unsigned char *) ip; + cur->node.san.unstructured_name.len = sizeof(ip); + } else if (strcmp(q, "DN") == 0) { + cur->node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; + if ((ret = mbedtls_x509_string_to_names(&ext_san_dirname, + subtype_value)) != 0) { + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf( + " failed\n ! mbedtls_x509_string_to_names " + "returned -0x%04x - %s\n\n", + (unsigned int) -ret, buf); + goto exit; + } + cur->node.san.directory_name = *ext_san_dirname; + } else { + mbedtls_free(cur); + goto usage; + } + + if (cur->node.type == MBEDTLS_X509_SAN_RFC822_NAME || + cur->node.type == MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER || + cur->node.type == MBEDTLS_X509_SAN_DNS_NAME) { + q = subtype_value; + cur->node.san.unstructured_name.p = (unsigned char *) q; + cur->node.san.unstructured_name.len = strlen(q); + } + + if (prev == NULL) { + opt.san_list = cur; + } else { + prev->next = cur; + } + + prev = cur; + q = r; + } } else if (strcmp(p, "md") == 0) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_string(q); @@ -274,14 +390,39 @@ usage: } } + /* Set the MD algorithm to use for the signature in the CSR */ mbedtls_x509write_csr_set_md_alg(&req, opt.md_alg); + /* Set the Key Usage Extension flags in the CSR */ if (opt.key_usage || opt.force_key_usage == 1) { - mbedtls_x509write_csr_set_key_usage(&req, opt.key_usage); + ret = mbedtls_x509write_csr_set_key_usage(&req, opt.key_usage); + + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509write_csr_set_key_usage returned %d", ret); + goto exit; + } } + /* Set the Cert Type flags in the CSR */ if (opt.ns_cert_type || opt.force_ns_cert_type == 1) { - mbedtls_x509write_csr_set_ns_cert_type(&req, opt.ns_cert_type); + ret = mbedtls_x509write_csr_set_ns_cert_type(&req, opt.ns_cert_type); + + if (ret != 0) { + mbedtls_printf(" failed\n ! mbedtls_x509write_csr_set_ns_cert_type returned %d", ret); + goto exit; + } + } + + /* Set the SubjectAltName in the CSR */ + if (opt.san_list != NULL) { + ret = mbedtls_x509write_csr_set_subject_alternative_name(&req, opt.san_list); + + if (ret != 0) { + mbedtls_printf( + " failed\n ! mbedtls_x509write_csr_set_subject_alternative_name returned %d", + ret); + goto exit; + } } /* @@ -290,7 +431,6 @@ usage: mbedtls_printf(" . Seeding the random number generator..."); fflush(stdout); - mbedtls_entropy_init(&entropy); if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen(pers))) != 0) { @@ -359,9 +499,21 @@ exit: } mbedtls_x509write_csr_free(&req); + mbedtls_asn1_free_named_data_list(&ext_san_dirname); mbedtls_pk_free(&key); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + cur = opt.san_list; + while (cur != NULL) { + prev = cur; + cur = cur->next; + mbedtls_free(prev); + } + mbedtls_exit(exit_code); } diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 3e134dd6a..40b1871f3 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -20,16 +20,18 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* md.h is included this early since MD_CAN_XXX macros are defined there. */ +#include "mbedtls/md.h" #if !defined(MBEDTLS_X509_CRT_WRITE_C) || \ !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_SHA256_C) || \ + !defined(MBEDTLS_ERROR_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ !defined(MBEDTLS_PEM_WRITE_C) int main(void) { mbedtls_printf("MBEDTLS_X509_CRT_WRITE_C and/or MBEDTLS_X509_CRT_PARSE_C and/or " - "MBEDTLS_FS_IO and/or MBEDTLS_SHA256_C and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_MD_CAN_SHA256 and/or " "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " "MBEDTLS_ERROR_C not defined.\n"); mbedtls_exit(0); @@ -41,12 +43,13 @@ int main(void) #include "mbedtls/oid.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" -#include "mbedtls/md.h" #include "mbedtls/error.h" +#include "test/helpers.h" #include #include #include +#include #define SET_OID(x, oid) \ do { x.len = MBEDTLS_OID_SIZE(oid); x.p = (unsigned char *) oid; } while (0) @@ -75,6 +78,8 @@ int main(void) #define DFL_NOT_BEFORE "20010101000000" #define DFL_NOT_AFTER "20301231235959" #define DFL_SERIAL "1" +#define DFL_SERIAL_HEX "1" +#define DFL_EXT_SUBJECTALTNAME "" #define DFL_SELFSIGN 0 #define DFL_IS_CA 0 #define DFL_MAX_PATHLEN -1 @@ -110,6 +115,13 @@ int main(void) " issuer_pwd=%%s default: (empty)\n" \ " output_file=%%s default: cert.crt\n" \ " serial=%%s default: 1\n" \ + " In decimal format; it can be used as\n" \ + " alternative to serial_hex, but it's\n" \ + " limited in max length to\n" \ + " unsigned long long int\n" \ + " serial_hex=%%s default: 1\n" \ + " In hex format; it can be used as\n" \ + " alternative to serial\n" \ " not_before=%%s default: 20010101000000\n" \ " not_after=%%s default: 20301231235959\n" \ " is_ca=%%d default: 0 (disabled)\n" \ @@ -123,6 +135,13 @@ int main(void) " subject_identifier=%%s default: 1\n" \ " Possible values: 0, 1\n" \ " (Considered for v3 only)\n" \ + " san=%%s default: (none)\n" \ + " Semicolon-separated-list of values:\n" \ + " DNS:value\n" \ + " URI:value\n" \ + " RFC822:value\n" \ + " IP:value (Only IPv4 is supported)\n" \ + " DN:list of comma separated key=value pairs\n" \ " authority_identifier=%%s default: 1\n" \ " Possible values: 0, 1\n" \ " (Considered for v3 only)\n" \ @@ -159,6 +178,11 @@ int main(void) " format=pem|der default: pem\n" \ "\n" +typedef enum { + SERIAL_FRMT_UNSPEC, + SERIAL_FRMT_DEC, + SERIAL_FRMT_HEX +} serial_format_t; /* * global options @@ -172,10 +196,12 @@ struct options { const char *issuer_pwd; /* password for the issuer key file */ const char *output_file; /* where to store the constructed CRT */ const char *subject_name; /* subject name for certificate */ + mbedtls_x509_san_list *san_list; /* subjectAltName for certificate */ const char *issuer_name; /* issuer name for certificate */ const char *not_before; /* validity period not before */ const char *not_after; /* validity period not after */ - const char *serial; /* serial number string */ + const char *serial; /* serial number string (decimal) */ + const char *serial_hex; /* serial number string (hex) */ int selfsign; /* selfsign the certificate */ int is_ca; /* is a CA certificate */ int max_pathlen; /* maximum CA path length */ @@ -235,6 +261,44 @@ int write_certificate(mbedtls_x509write_cert *crt, const char *output_file, return 0; } +int parse_serial_decimal_format(unsigned char *obuf, size_t obufmax, + const char *ibuf, size_t *len) +{ + unsigned long long int dec; + unsigned int remaining_bytes = sizeof(dec); + unsigned char *p = obuf; + unsigned char val; + char *end_ptr = NULL; + + errno = 0; + dec = strtoull(ibuf, &end_ptr, 10); + + if ((errno != 0) || (end_ptr == ibuf)) { + return -1; + } + + *len = 0; + + while (remaining_bytes > 0) { + if (obufmax < (*len + 1)) { + return -1; + } + + val = (dec >> ((remaining_bytes - 1) * 8)) & 0xFF; + + /* Skip leading zeros */ + if ((val != 0) || (*len != 0)) { + *p = val; + (*len)++; + p++; + } + + remaining_bytes--; + } + + return 0; +} + int main(int argc, char *argv[]) { int ret = 1; @@ -252,19 +316,22 @@ int main(int argc, char *argv[]) mbedtls_x509_csr csr; #endif mbedtls_x509write_cert crt; - mbedtls_mpi serial; + serial_format_t serial_frmt = SERIAL_FRMT_UNSPEC; + unsigned char serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN]; + size_t serial_len; mbedtls_asn1_sequence *ext_key_usage; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char *pers = "crt example app"; - + mbedtls_x509_san_list *cur, *prev; + mbedtls_asn1_named_data *ext_san_dirname = NULL; + uint8_t ip[4] = { 0 }; /* * Set to sane values */ mbedtls_x509write_crt_init(&crt); mbedtls_pk_init(&loaded_issuer_key); mbedtls_pk_init(&loaded_subject_key); - mbedtls_mpi_init(&serial); mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); #if defined(MBEDTLS_X509_CSR_PARSE_C) @@ -272,8 +339,18 @@ int main(int argc, char *argv[]) #endif mbedtls_x509_crt_init(&issuer_crt); memset(buf, 0, sizeof(buf)); + memset(serial, 0, sizeof(serial)); - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; @@ -291,6 +368,7 @@ usage: opt.not_before = DFL_NOT_BEFORE; opt.not_after = DFL_NOT_AFTER; opt.serial = DFL_SERIAL; + opt.serial_hex = DFL_SERIAL_HEX; opt.selfsign = DFL_SELFSIGN; opt.is_ca = DFL_IS_CA; opt.max_pathlen = DFL_MAX_PATHLEN; @@ -303,6 +381,7 @@ usage: opt.authority_identifier = DFL_AUTH_IDENT; opt.basic_constraints = DFL_CONSTRAINTS; opt.format = DFL_FORMAT; + opt.san_list = NULL; for (i = 1; i < argc; i++) { @@ -335,7 +414,19 @@ usage: } else if (strcmp(p, "not_after") == 0) { opt.not_after = q; } else if (strcmp(p, "serial") == 0) { + if (serial_frmt != SERIAL_FRMT_UNSPEC) { + mbedtls_printf("Invalid attempt to set the serial more than once\n"); + goto usage; + } + serial_frmt = SERIAL_FRMT_DEC; opt.serial = q; + } else if (strcmp(p, "serial_hex") == 0) { + if (serial_frmt != SERIAL_FRMT_UNSPEC) { + mbedtls_printf("Invalid attempt to set the serial more than once\n"); + goto usage; + } + serial_frmt = SERIAL_FRMT_HEX; + opt.serial_hex = q; } else if (strcmp(p, "authority_identifier") == 0) { opt.authority_identifier = atoi(q); if (opt.authority_identifier != 0 && @@ -439,6 +530,8 @@ usage: SET_OID(ext_key_usage->buf, MBEDTLS_OID_TIME_STAMPING); } else if (strcmp(q, "OCSPSigning") == 0) { SET_OID(ext_key_usage->buf, MBEDTLS_OID_OCSP_SIGNING); + } else if (strcmp(q, "any") == 0) { + SET_OID(ext_key_usage->buf, MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE); } else { mbedtls_printf("Invalid argument for option %s\n", p); goto usage; @@ -447,6 +540,99 @@ usage: *tail = ext_key_usage; tail = &ext_key_usage->next; + q = r; + } + } else if (strcmp(p, "san") == 0) { + char *subtype_value; + prev = NULL; + + while (q != NULL) { + char *semicolon; + r = q; + + /* Find the first non-escaped ; occurrence and remove escaped ones */ + do { + if ((semicolon = strchr(r, ';')) != NULL) { + if (*(semicolon-1) != '\\') { + r = semicolon; + break; + } + /* Remove the escape character */ + size_t size_left = strlen(semicolon); + memmove(semicolon-1, semicolon, size_left); + *(semicolon + size_left - 1) = '\0'; + /* r will now point at the character after the semicolon */ + r = semicolon; + } + + } while (semicolon != NULL); + + if (semicolon != NULL) { + *r++ = '\0'; + } else { + r = NULL; + } + + cur = mbedtls_calloc(1, sizeof(mbedtls_x509_san_list)); + if (cur == NULL) { + mbedtls_printf("Not enough memory for subjectAltName list\n"); + goto usage; + } + + cur->next = NULL; + + if ((subtype_value = strchr(q, ':')) != NULL) { + *subtype_value++ = '\0'; + } + if (strcmp(q, "RFC822") == 0) { + cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; + } else if (strcmp(q, "URI") == 0) { + cur->node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; + } else if (strcmp(q, "DNS") == 0) { + cur->node.type = MBEDTLS_X509_SAN_DNS_NAME; + } else if (strcmp(q, "IP") == 0) { + size_t ip_len = 0; + cur->node.type = MBEDTLS_X509_SAN_IP_ADDRESS; + ip_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip); + if (ip_len == 0) { + mbedtls_printf("mbedtls_x509_crt_parse_cn_inet_pton failed to parse %s\n", + subtype_value); + goto exit; + } + cur->node.san.unstructured_name.p = (unsigned char *) ip; + cur->node.san.unstructured_name.len = sizeof(ip); + } else if (strcmp(q, "DN") == 0) { + cur->node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; + if ((ret = mbedtls_x509_string_to_names(&ext_san_dirname, + subtype_value)) != 0) { + mbedtls_strerror(ret, buf, sizeof(buf)); + mbedtls_printf( + " failed\n ! mbedtls_x509_string_to_names " + "returned -0x%04x - %s\n\n", + (unsigned int) -ret, buf); + goto exit; + } + cur->node.san.directory_name = *ext_san_dirname; + } else { + mbedtls_free(cur); + goto usage; + } + + if (cur->node.type == MBEDTLS_X509_SAN_RFC822_NAME || + cur->node.type == MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER || + cur->node.type == MBEDTLS_X509_SAN_DNS_NAME) { + q = subtype_value; + cur->node.san.unstructured_name.p = (unsigned char *) q; + cur->node.san.unstructured_name.len = strlen(q); + } + + if (prev == NULL) { + opt.san_list = cur; + } else { + prev->next = cur; + } + + prev = cur; q = r; } } else if (strcmp(p, "ns_cert_type") == 0) { @@ -514,10 +700,16 @@ usage: mbedtls_printf(" . Reading serial number..."); fflush(stdout); - if ((ret = mbedtls_mpi_read_string(&serial, 10, opt.serial)) != 0) { - mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" failed\n ! mbedtls_mpi_read_string " - "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); + if (serial_frmt == SERIAL_FRMT_HEX) { + ret = mbedtls_test_unhexify(serial, sizeof(serial), + opt.serial_hex, &serial_len); + } else { // SERIAL_FRMT_DEC || SERIAL_FRMT_UNSPEC + ret = parse_serial_decimal_format(serial, sizeof(serial), + opt.serial, &serial_len); + } + + if (ret != 0) { + mbedtls_printf(" failed\n ! Unable to parse serial\n"); goto exit; } @@ -661,10 +853,10 @@ usage: mbedtls_x509write_crt_set_version(&crt, opt.version); mbedtls_x509write_crt_set_md_alg(&crt, opt.md); - ret = mbedtls_x509write_crt_set_serial(&crt, &serial); + ret = mbedtls_x509write_crt_set_serial_raw(&crt, serial, serial_len); if (ret != 0) { mbedtls_strerror(ret, buf, sizeof(buf)); - mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_serial " + mbedtls_printf(" failed\n ! mbedtls_x509write_crt_set_serial_raw " "returned -0x%04x - %s\n\n", (unsigned int) -ret, buf); goto exit; } @@ -696,7 +888,7 @@ usage: mbedtls_printf(" ok\n"); } -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_MD_CAN_SHA1) if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && opt.subject_identifier != 0) { mbedtls_printf(" . Adding the Subject Key Identifier ..."); @@ -730,7 +922,7 @@ usage: mbedtls_printf(" ok\n"); } -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ if (opt.version == MBEDTLS_X509_CRT_VERSION_3 && opt.key_usage != 0) { @@ -748,6 +940,17 @@ usage: mbedtls_printf(" ok\n"); } + if (opt.san_list != NULL) { + ret = mbedtls_x509write_crt_set_subject_alternative_name(&crt, opt.san_list); + + if (ret != 0) { + mbedtls_printf( + " failed\n ! mbedtls_x509write_crt_set_subject_alternative_name returned %d", + ret); + goto exit; + } + } + if (opt.ext_key_usage) { mbedtls_printf(" . Adding the Extended Key Usage extension ..."); fflush(stdout); @@ -803,13 +1006,16 @@ exit: #if defined(MBEDTLS_X509_CSR_PARSE_C) mbedtls_x509_csr_free(&csr); #endif /* MBEDTLS_X509_CSR_PARSE_C */ + mbedtls_asn1_free_named_data_list(&ext_san_dirname); mbedtls_x509_crt_free(&issuer_crt); mbedtls_x509write_crt_free(&crt); mbedtls_pk_free(&loaded_subject_key); mbedtls_pk_free(&loaded_issuer_key); - mbedtls_mpi_free(&serial); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index f06987c1f..6c671ff3f 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -70,7 +70,16 @@ int main(int argc, char *argv[]) */ mbedtls_x509_crl_init(&crl); - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; @@ -125,6 +134,9 @@ usage: exit: mbedtls_x509_crl_free(&crl); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index 237bd7cab..d024e9822 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -123,6 +123,15 @@ int main(int argc, char *argv[]) struct mbedtls_timing_hr_time timer; unsigned long ms; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (argc <= 1) { mbedtls_printf(USAGE); goto exit; @@ -187,6 +196,9 @@ int main(int argc, char *argv[]) exit_code = MBEDTLS_EXIT_SUCCESS; exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } #endif /* necessary configuration */ diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 8cfe4a441..64b9f0bb2 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -70,7 +70,16 @@ int main(int argc, char *argv[]) */ mbedtls_x509_csr_init(&csr); - if (argc == 0) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n", + (int) status); + goto exit; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if (argc < 2) { usage: mbedtls_printf(USAGE); goto exit; @@ -125,6 +134,9 @@ usage: exit: mbedtls_x509_csr_free(&csr); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_psa_crypto_free(); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_exit(exit_code); } diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index f3aca7070..e8081012a 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -60,6 +60,11 @@ class LostContent(Exception): message = ('Lost content from {}: "{}"'.format(filename, line)) super().__init__(message) +class FilePathError(Exception): + def __init__(self, filenames): + message = ('Changelog filenames do not end with .txt: {}'.format(", ".join(filenames))) + super().__init__(message) + # The category names we use in the changelog. # If you edit this, update ChangeLog.d/README.md. STANDARD_CATEGORIES = ( @@ -443,8 +448,21 @@ def list_files_to_merge(options): """List the entry files to merge, oldest first. "Oldest" is defined by `EntryFileSortKey`. + + Also check for required .txt extension """ - files_to_merge = glob.glob(os.path.join(options.dir, '*.txt')) + files_to_merge = glob.glob(os.path.join(options.dir, '*')) + + # Ignore 00README.md + readme = os.path.join(options.dir, "00README.md") + if readme in files_to_merge: + files_to_merge.remove(readme) + + # Identify files without the required .txt extension + bad_files = [x for x in files_to_merge if not x.endswith(".txt")] + if bad_files: + raise FilePathError(bad_files) + files_to_merge.sort(key=EntryFileSortKey) return files_to_merge @@ -452,6 +470,7 @@ def merge_entries(options): """Merge changelog entries into the changelog file. Read the changelog file from options.input. + Check that all entries have a .txt extension Read entries to merge from the directory options.dir. Write the new changelog to options.output. Remove the merged entries if options.keep_entries is false. diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 7fc8c6c76..19d90bce7 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -131,7 +131,7 @@ cat include/mbedtls/build_info.h | \ sed -e "s/\(# *define *[A-Z]*_VERSION\)_PATCH .\{1,\}/\1_PATCH $PATCH/" | \ sed -e "s/\(# *define *[A-Z]*_VERSION\)_NUMBER .\{1,\}/\1_NUMBER $VERSION_NR/" | \ sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING .\{1,\}/\1_STRING \"$VERSION\"/" | \ - sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING_FULL .\{1,\}/\1_STRING_FULL \"mbed TLS $VERSION\"/" \ + sed -e "s/\(# *define *[A-Z]*_VERSION\)_STRING_FULL .\{1,\}/\1_STRING_FULL \"Mbed TLS $VERSION\"/" \ > tmp mv tmp include/mbedtls/build_info.h @@ -142,7 +142,7 @@ mv tmp tests/suites/test_suite_version.data [ $VERBOSE ] && echo "Bumping PROJECT_NAME in doxygen/mbedtls.doxyfile and doxygen/input/doc_mainpage.h" for i in doxygen/mbedtls.doxyfile doxygen/input/doc_mainpage.h; do - sed -e "s/mbed TLS v[0-9\.]\{1,\}/mbed TLS v$VERSION/g" < $i > tmp + sed -e "s/\\([Mm]bed TLS v\\)[0-9][0-9.]*/\\1$VERSION/g" < $i > tmp mv tmp $i done diff --git a/scripts/ci.requirements.txt b/scripts/ci.requirements.txt index 1ad983fa9..7dbcfe8e0 100644 --- a/scripts/ci.requirements.txt +++ b/scripts/ci.requirements.txt @@ -10,3 +10,11 @@ pylint == 2.4.4 # Use the earliest version of mypy that works with our code base. # See https://github.com/Mbed-TLS/mbedtls/pull/3953 . mypy >= 0.780 + +# At the time of writing, only needed for tests/scripts/audit-validity-dates.py. +# It needs >=35.0.0 for correct operation, and that requires Python >=3.6, +# but our CI has Python 3.5. So let pip install the newest version that's +# compatible with the running Python: this way we get something good enough +# for mypy and pylint under Python 3.5, and we also get something good enough +# to run audit-validity-dates.py on Python >=3.6. +cryptography # >= 35.0.0 diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py index af6ddd4fc..e764e9d22 100755 --- a/scripts/code_size_compare.py +++ b/scripts/code_size_compare.py @@ -1,8 +1,6 @@ #!/usr/bin/env python3 """ -Purpose - This script is for comparing the size of the library files from two different Git revisions within an Mbed TLS repository. The results of the comparison is formatted as csv and stored at a @@ -26,199 +24,941 @@ Note: must be run from Mbed TLS root. # limitations under the License. import argparse +import logging import os +import re +import shutil import subprocess import sys +import typing +from enum import Enum from mbedtls_dev import build_tree +from mbedtls_dev import logging_util +from mbedtls_dev import typing_util + +class SupportedArch(Enum): + """Supported architecture for code size measurement.""" + AARCH64 = 'aarch64' + AARCH32 = 'aarch32' + ARMV8_M = 'armv8-m' + X86_64 = 'x86_64' + X86 = 'x86' -class CodeSizeComparison: - """Compare code size between two Git revisions.""" +class SupportedConfig(Enum): + """Supported configuration for code size measurement.""" + DEFAULT = 'default' + TFM_MEDIUM = 'tfm-medium' - def __init__(self, old_revision, new_revision, result_dir): + +# Static library +MBEDTLS_STATIC_LIB = { + 'CRYPTO': 'library/libmbedcrypto.a', + 'X509': 'library/libmbedx509.a', + 'TLS': 'library/libmbedtls.a', +} + +class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods + """Data structure to store possibly distinct information for code size + comparison.""" + def __init__( #pylint: disable=too-many-arguments + self, + version: str, + git_rev: str, + arch: str, + config: str, + compiler: str, + opt_level: str, + ) -> None: """ - old_revision: revision to compare against - new_revision: - result_dir: directory for comparison result + :param: version: which version to compare with for code size. + :param: git_rev: Git revision to calculate code size. + :param: arch: architecture to measure code size on. + :param: config: Configuration type to calculate code size. + (See SupportedConfig) + :param: compiler: compiler used to build library/*.o. + :param: opt_level: Options that control optimization. (E.g. -Os) + """ + self.version = version + self.git_rev = git_rev + self.arch = arch + self.config = config + self.compiler = compiler + self.opt_level = opt_level + # Note: Variables below are not initialized by class instantiation. + self.pre_make_cmd = [] #type: typing.List[str] + self.make_cmd = '' + + def get_info_indication(self): + """Return a unique string to indicate Code Size Distinct Information.""" + return '{git_rev}-{arch}-{config}-{compiler}'.format(**self.__dict__) + + +class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods + """Data structure to store common information for code size comparison.""" + def __init__( + self, + host_arch: str, + measure_cmd: str, + ) -> None: + """ + :param host_arch: host architecture. + :param measure_cmd: command to measure code size for library/*.o. + """ + self.host_arch = host_arch + self.measure_cmd = measure_cmd + + def get_info_indication(self): + """Return a unique string to indicate Code Size Common Information.""" + return '{measure_tool}'\ + .format(measure_tool=self.measure_cmd.strip().split(' ')[0]) + +class CodeSizeResultInfo: # pylint: disable=too-few-public-methods + """Data structure to store result options for code size comparison.""" + def __init__( #pylint: disable=too-many-arguments + self, + record_dir: str, + comp_dir: str, + with_markdown=False, + stdout=False, + show_all=False, + ) -> None: + """ + :param record_dir: directory to store code size record. + :param comp_dir: directory to store results of code size comparision. + :param with_markdown: write comparision result into a markdown table. + (Default: False) + :param stdout: direct comparison result into sys.stdout. + (Default False) + :param show_all: show all objects in comparison result. (Default False) + """ + self.record_dir = record_dir + self.comp_dir = comp_dir + self.with_markdown = with_markdown + self.stdout = stdout + self.show_all = show_all + + +DETECT_ARCH_CMD = "cc -dM -E - < /dev/null" +def detect_arch() -> str: + """Auto-detect host architecture.""" + cc_output = subprocess.check_output(DETECT_ARCH_CMD, shell=True).decode() + if '__aarch64__' in cc_output: + return SupportedArch.AARCH64.value + if '__arm__' in cc_output: + return SupportedArch.AARCH32.value + if '__x86_64__' in cc_output: + return SupportedArch.X86_64.value + if '__i386__' in cc_output: + return SupportedArch.X86.value + else: + print("Unknown host architecture, cannot auto-detect arch.") + sys.exit(1) + +TFM_MEDIUM_CONFIG_H = 'configs/tfm_mbedcrypto_config_profile_medium.h' +TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/crypto_config_profile_medium.h' + +CONFIG_H = 'include/mbedtls/mbedtls_config.h' +CRYPTO_CONFIG_H = 'include/psa/crypto_config.h' +BACKUP_SUFFIX = '.code_size.bak' + +class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods + """Gather information used to measure code size. + + It collects information about architecture, configuration in order to + infer build command for code size measurement. + """ + + SupportedArchConfig = [ + '-a ' + SupportedArch.AARCH64.value + ' -c ' + SupportedConfig.DEFAULT.value, + '-a ' + SupportedArch.AARCH32.value + ' -c ' + SupportedConfig.DEFAULT.value, + '-a ' + SupportedArch.X86_64.value + ' -c ' + SupportedConfig.DEFAULT.value, + '-a ' + SupportedArch.X86.value + ' -c ' + SupportedConfig.DEFAULT.value, + '-a ' + SupportedArch.ARMV8_M.value + ' -c ' + SupportedConfig.TFM_MEDIUM.value, + ] + + def __init__( + self, + size_dist_info: CodeSizeDistinctInfo, + host_arch: str, + logger: logging.Logger, + ) -> None: + """ + :param size_dist_info: + CodeSizeDistinctInfo containing info for code size measurement. + - size_dist_info.arch: architecture to measure code size on. + - size_dist_info.config: configuration type to measure + code size with. + - size_dist_info.compiler: compiler used to build library/*.o. + - size_dist_info.opt_level: Options that control optimization. + (E.g. -Os) + :param host_arch: host architecture. + :param logger: logging module + """ + self.arch = size_dist_info.arch + self.config = size_dist_info.config + self.compiler = size_dist_info.compiler + self.opt_level = size_dist_info.opt_level + + self.make_cmd = ['make', '-j', 'lib'] + + self.host_arch = host_arch + self.logger = logger + + def check_correctness(self) -> bool: + """Check whether we are using proper / supported combination + of information to build library/*.o.""" + + # default config + if self.config == SupportedConfig.DEFAULT.value and \ + self.arch == self.host_arch: + return True + # TF-M + elif self.arch == SupportedArch.ARMV8_M.value and \ + self.config == SupportedConfig.TFM_MEDIUM.value: + return True + + return False + + def infer_pre_make_command(self) -> typing.List[str]: + """Infer command to set up proper configuration before running make.""" + pre_make_cmd = [] #type: typing.List[str] + if self.config == SupportedConfig.TFM_MEDIUM.value: + pre_make_cmd.append('cp {src} {dest}' + .format(src=TFM_MEDIUM_CONFIG_H, dest=CONFIG_H)) + pre_make_cmd.append('cp {src} {dest}' + .format(src=TFM_MEDIUM_CRYPTO_CONFIG_H, + dest=CRYPTO_CONFIG_H)) + + return pre_make_cmd + + def infer_make_cflags(self) -> str: + """Infer CFLAGS by instance attributes in CodeSizeDistinctInfo.""" + cflags = [] #type: typing.List[str] + + # set optimization level + cflags.append(self.opt_level) + # set compiler by config + if self.config == SupportedConfig.TFM_MEDIUM.value: + self.compiler = 'armclang' + cflags.append('-mcpu=cortex-m33') + # set target + if self.compiler == 'armclang': + cflags.append('--target=arm-arm-none-eabi') + + return ' '.join(cflags) + + def infer_make_command(self) -> str: + """Infer make command by CFLAGS and CC.""" + + if self.check_correctness(): + # set CFLAGS= + self.make_cmd.append('CFLAGS=\'{}\''.format(self.infer_make_cflags())) + # set CC= + self.make_cmd.append('CC={}'.format(self.compiler)) + return ' '.join(self.make_cmd) + else: + self.logger.error("Unsupported combination of architecture: {} " \ + "and configuration: {}.\n" + .format(self.arch, + self.config)) + self.logger.error("Please use supported combination of " \ + "architecture and configuration:") + for comb in CodeSizeBuildInfo.SupportedArchConfig: + self.logger.error(comb) + self.logger.error("") + self.logger.error("For your system, please use:") + for comb in CodeSizeBuildInfo.SupportedArchConfig: + if "default" in comb and self.host_arch not in comb: + continue + self.logger.error(comb) + sys.exit(1) + + +class CodeSizeCalculator: + """ A calculator to calculate code size of library/*.o based on + Git revision and code size measurement tool. + """ + + def __init__( #pylint: disable=too-many-arguments + self, + git_rev: str, + pre_make_cmd: typing.List[str], + make_cmd: str, + measure_cmd: str, + logger: logging.Logger, + ) -> None: + """ + :param git_rev: Git revision. (E.g: commit) + :param pre_make_cmd: command to set up proper config before running make. + :param make_cmd: command to build library/*.o. + :param measure_cmd: command to measure code size for library/*.o. + :param logger: logging module """ self.repo_path = "." - self.result_dir = os.path.abspath(result_dir) - os.makedirs(self.result_dir, exist_ok=True) - - self.csv_dir = os.path.abspath("code_size_records/") - os.makedirs(self.csv_dir, exist_ok=True) - - self.old_rev = old_revision - self.new_rev = new_revision self.git_command = "git" - self.make_command = "make" + self.make_clean = 'make clean' + + self.git_rev = git_rev + self.pre_make_cmd = pre_make_cmd + self.make_cmd = make_cmd + self.measure_cmd = measure_cmd + self.logger = logger @staticmethod - def validate_revision(revision): + def validate_git_revision(git_rev: str) -> str: result = subprocess.check_output(["git", "rev-parse", "--verify", - revision + "^{commit}"], shell=False) - return result + git_rev + "^{commit}"], + shell=False, universal_newlines=True) + return result[:7] - def _create_git_worktree(self, revision): - """Make a separate worktree for revision. - Do not modify the current worktree.""" + def _create_git_worktree(self) -> str: + """Create a separate worktree for Git revision. + If Git revision is current, use current worktree instead.""" - if revision == "current": - print("Using current work directory.") + if self.git_rev == 'current': + self.logger.debug("Using current work directory.") git_worktree_path = self.repo_path else: - print("Creating git worktree for", revision) - git_worktree_path = os.path.join(self.repo_path, "temp-" + revision) + self.logger.debug("Creating git worktree for {}." + .format(self.git_rev)) + git_worktree_path = os.path.join(self.repo_path, + "temp-" + self.git_rev) subprocess.check_output( [self.git_command, "worktree", "add", "--detach", - git_worktree_path, revision], cwd=self.repo_path, + git_worktree_path, self.git_rev], cwd=self.repo_path, stderr=subprocess.STDOUT ) + return git_worktree_path - def _build_libraries(self, git_worktree_path): - """Build libraries in the specified worktree.""" - - my_environment = os.environ.copy() - subprocess.check_output( - [self.make_command, "-j", "lib"], env=my_environment, - cwd=git_worktree_path, stderr=subprocess.STDOUT, - ) - - def _gen_code_size_csv(self, revision, git_worktree_path): - """Generate code size csv file.""" - - csv_fname = revision + ".csv" - if revision == "current": - print("Measuring code size in current work directory.") + @staticmethod + def backup_config_files(restore: bool) -> None: + """Backup / Restore config files.""" + if restore: + shutil.move(CONFIG_H + BACKUP_SUFFIX, CONFIG_H) + shutil.move(CRYPTO_CONFIG_H + BACKUP_SUFFIX, CRYPTO_CONFIG_H) else: - print("Measuring code size for", revision) - result = subprocess.check_output( - ["size library/*.o"], cwd=git_worktree_path, shell=True - ) - size_text = result.decode() - csv_file = open(os.path.join(self.csv_dir, csv_fname), "w") - for line in size_text.splitlines()[1:]: - data = line.split() - csv_file.write("{}, {}\n".format(data[5], data[3])) + shutil.copy(CONFIG_H, CONFIG_H + BACKUP_SUFFIX) + shutil.copy(CRYPTO_CONFIG_H, CRYPTO_CONFIG_H + BACKUP_SUFFIX) - def _remove_worktree(self, git_worktree_path): + def _build_libraries(self, git_worktree_path: str) -> None: + """Build library/*.o in the specified worktree.""" + + self.logger.debug("Building library/*.o for {}." + .format(self.git_rev)) + my_environment = os.environ.copy() + try: + if self.git_rev == 'current': + self.backup_config_files(restore=False) + for pre_cmd in self.pre_make_cmd: + subprocess.check_output( + pre_cmd, env=my_environment, shell=True, + cwd=git_worktree_path, stderr=subprocess.STDOUT, + universal_newlines=True + ) + subprocess.check_output( + self.make_clean, env=my_environment, shell=True, + cwd=git_worktree_path, stderr=subprocess.STDOUT, + universal_newlines=True + ) + subprocess.check_output( + self.make_cmd, env=my_environment, shell=True, + cwd=git_worktree_path, stderr=subprocess.STDOUT, + universal_newlines=True + ) + if self.git_rev == 'current': + self.backup_config_files(restore=True) + except subprocess.CalledProcessError as e: + self._handle_called_process_error(e, git_worktree_path) + + def _gen_raw_code_size(self, git_worktree_path: str) -> typing.Dict[str, str]: + """Measure code size by a tool and return in UTF-8 encoding.""" + + self.logger.debug("Measuring code size for {} by `{}`." + .format(self.git_rev, + self.measure_cmd.strip().split(' ')[0])) + + res = {} + for mod, st_lib in MBEDTLS_STATIC_LIB.items(): + try: + result = subprocess.check_output( + [self.measure_cmd + ' ' + st_lib], cwd=git_worktree_path, + shell=True, universal_newlines=True + ) + res[mod] = result + except subprocess.CalledProcessError as e: + self._handle_called_process_error(e, git_worktree_path) + + return res + + def _remove_worktree(self, git_worktree_path: str) -> None: """Remove temporary worktree.""" if git_worktree_path != self.repo_path: - print("Removing temporary worktree", git_worktree_path) + self.logger.debug("Removing temporary worktree {}." + .format(git_worktree_path)) subprocess.check_output( [self.git_command, "worktree", "remove", "--force", git_worktree_path], cwd=self.repo_path, stderr=subprocess.STDOUT ) - def _get_code_size_for_rev(self, revision): - """Generate code size csv file for the specified git revision.""" + def _handle_called_process_error(self, e: subprocess.CalledProcessError, + git_worktree_path: str) -> None: + """Handle a CalledProcessError and quit the program gracefully. + Remove any extra worktrees so that the script may be called again.""" - # Check if the corresponding record exists - csv_fname = revision + ".csv" - if (revision != "current") and \ - os.path.exists(os.path.join(self.csv_dir, csv_fname)): - print("Code size csv file for", revision, "already exists.") - else: - git_worktree_path = self._create_git_worktree(revision) + # Tell the user what went wrong + self.logger.error(e, exc_info=True) + self.logger.error("Process output:\n {}".format(e.output)) + + # Quit gracefully by removing the existing worktree + self._remove_worktree(git_worktree_path) + sys.exit(-1) + + def cal_libraries_code_size(self) -> typing.Dict[str, str]: + """Do a complete round to calculate code size of library/*.o + by measurement tool. + + :return A dictionary of measured code size + - typing.Dict[mod: str] + """ + + git_worktree_path = self._create_git_worktree() + try: self._build_libraries(git_worktree_path) - self._gen_code_size_csv(revision, git_worktree_path) + res = self._gen_raw_code_size(git_worktree_path) + finally: self._remove_worktree(git_worktree_path) - def compare_code_size(self): - """Generate results of the size changes between two revisions, - old and new. Measured code size results of these two revisions - must be available.""" + return res - old_file = open(os.path.join(self.csv_dir, self.old_rev + ".csv"), "r") - new_file = open(os.path.join(self.csv_dir, self.new_rev + ".csv"), "r") - res_file = open(os.path.join(self.result_dir, "compare-" + self.old_rev - + "-" + self.new_rev + ".csv"), "w") - res_file.write("file_name, this_size, old_size, change, change %\n") - print("Generating comparison results.") +class CodeSizeGenerator: + """ A generator based on size measurement tool for library/*.o. - old_ds = {} - for line in old_file.readlines()[1:]: - cols = line.split(", ") - fname = cols[0] - size = int(cols[1]) - if size != 0: - old_ds[fname] = size + This is an abstract class. To use it, derive a class that implements + write_record and write_comparison methods, then call both of them with + proper arguments. + """ + def __init__(self, logger: logging.Logger) -> None: + """ + :param logger: logging module + """ + self.logger = logger - new_ds = {} - for line in new_file.readlines()[1:]: - cols = line.split(", ") - fname = cols[0] - size = int(cols[1]) - new_ds[fname] = size + def write_record( + self, + git_rev: str, + code_size_text: typing.Dict[str, str], + output: typing_util.Writable + ) -> None: + """Write size record into a file. - for fname in new_ds: - this_size = new_ds[fname] - if fname in old_ds: - old_size = old_ds[fname] - change = this_size - old_size - change_pct = change / old_size - res_file.write("{}, {}, {}, {}, {:.2%}\n".format(fname, \ - this_size, old_size, change, float(change_pct))) + :param git_rev: Git revision. (E.g: commit) + :param code_size_text: + string output (utf-8) from measurement tool of code size. + - typing.Dict[mod: str] + :param output: output stream which the code size record is written to. + (Note: Normally write code size record into File) + """ + raise NotImplementedError + + def write_comparison( #pylint: disable=too-many-arguments + self, + old_rev: str, + new_rev: str, + output: typing_util.Writable, + with_markdown=False, + show_all=False + ) -> None: + """Write a comparision result into a stream between two Git revisions. + + :param old_rev: old Git revision to compared with. + :param new_rev: new Git revision to compared with. + :param output: output stream which the code size record is written to. + (File / sys.stdout) + :param with_markdown: write comparision result in a markdown table. + (Default: False) + :param show_all: show all objects in comparison result. (Default False) + """ + raise NotImplementedError + + +class CodeSizeGeneratorWithSize(CodeSizeGenerator): + """Code Size Base Class for size record saving and writing.""" + + class SizeEntry: # pylint: disable=too-few-public-methods + """Data Structure to only store information of code size.""" + def __init__(self, text: int, data: int, bss: int, dec: int): + self.text = text + self.data = data + self.bss = bss + self.total = dec # total <=> dec + + def __init__(self, logger: logging.Logger) -> None: + """ Variable code_size is used to store size info for any Git revisions. + :param code_size: + Data Format as following: + code_size = { + git_rev: { + module: { + file_name: SizeEntry, + ... + }, + ... + }, + ... + } + """ + super().__init__(logger) + self.code_size = {} #type: typing.Dict[str, typing.Dict] + self.mod_total_suffix = '-' + 'TOTALS' + + def _set_size_record(self, git_rev: str, mod: str, size_text: str) -> None: + """Store size information for target Git revision and high-level module. + + size_text Format: text data bss dec hex filename + """ + size_record = {} + for line in size_text.splitlines()[1:]: + data = line.split() + if re.match(r'\s*\(TOTALS\)', data[5]): + data[5] = mod + self.mod_total_suffix + # file_name: SizeEntry(text, data, bss, dec) + size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry( + int(data[0]), int(data[1]), int(data[2]), int(data[3])) + self.code_size.setdefault(git_rev, {}).update({mod: size_record}) + + def read_size_record(self, git_rev: str, fname: str) -> None: + """Read size information from csv file and write it into code_size. + + fname Format: filename text data bss dec + """ + mod = "" + size_record = {} + with open(fname, 'r') as csv_file: + for line in csv_file: + data = line.strip().split() + # check if we find the beginning of a module + if data and data[0] in MBEDTLS_STATIC_LIB: + mod = data[0] + continue + + if mod: + # file_name: SizeEntry(text, data, bss, dec) + size_record[data[0]] = CodeSizeGeneratorWithSize.SizeEntry( + int(data[1]), int(data[2]), int(data[3]), int(data[4])) + + # check if we hit record for the end of a module + m = re.match(r'\w+' + self.mod_total_suffix, line) + if m: + if git_rev in self.code_size: + self.code_size[git_rev].update({mod: size_record}) + else: + self.code_size[git_rev] = {mod: size_record} + mod = "" + size_record = {} + + def write_record( + self, + git_rev: str, + code_size_text: typing.Dict[str, str], + output: typing_util.Writable + ) -> None: + """Write size information to a file. + + Writing Format: filename text data bss total(dec) + """ + for mod, size_text in code_size_text.items(): + self._set_size_record(git_rev, mod, size_text) + + format_string = "{:<30} {:>7} {:>7} {:>7} {:>7}\n" + output.write(format_string.format("filename", + "text", "data", "bss", "total")) + + for mod, f_size in self.code_size[git_rev].items(): + output.write("\n" + mod + "\n") + for fname, size_entry in f_size.items(): + output.write(format_string + .format(fname, + size_entry.text, size_entry.data, + size_entry.bss, size_entry.total)) + + def write_comparison( #pylint: disable=too-many-arguments + self, + old_rev: str, + new_rev: str, + output: typing_util.Writable, + with_markdown=False, + show_all=False + ) -> None: + # pylint: disable=too-many-locals + """Write comparison result into a file. + + Writing Format: + Markdown Output: + filename new(text) new(data) change(text) change(data) + CSV Output: + filename new(text) new(data) old(text) old(data) change(text) change(data) + """ + header_line = ["filename", "new(text)", "old(text)", "change(text)", + "new(data)", "old(data)", "change(data)"] + if with_markdown: + dash_line = [":----", "----:", "----:", "----:", + "----:", "----:", "----:"] + # | filename | new(text) | new(data) | change(text) | change(data) | + line_format = "| {0:<30} | {1:>9} | {4:>9} | {3:>12} | {6:>12} |\n" + bold_text = lambda x: '**' + str(x) + '**' + else: + # filename new(text) new(data) old(text) old(data) change(text) change(data) + line_format = "{0:<30} {1:>9} {4:>9} {2:>10} {5:>10} {3:>12} {6:>12}\n" + + def cal_sect_change( + old_size: typing.Optional[CodeSizeGeneratorWithSize.SizeEntry], + new_size: typing.Optional[CodeSizeGeneratorWithSize.SizeEntry], + sect: str + ) -> typing.List: + """Inner helper function to calculate size change for a section. + + Convention for special cases: + - If the object has been removed in new Git revision, + the size is minus code size of old Git revision; + the size change is marked as `Removed`, + - If the object only exists in new Git revision, + the size is code size of new Git revision; + the size change is marked as `None`, + + :param: old_size: code size for objects in old Git revision. + :param: new_size: code size for objects in new Git revision. + :param: sect: section to calculate from `size` tool. This could be + any instance variable in SizeEntry. + :return: List of [section size of objects for new Git revision, + section size of objects for old Git revision, + section size change of objects between two Git revisions] + """ + if old_size and new_size: + new_attr = new_size.__dict__[sect] + old_attr = old_size.__dict__[sect] + delta = new_attr - old_attr + change_attr = '{0:{1}}'.format(delta, '+' if delta else '') + elif old_size: + new_attr = 'Removed' + old_attr = old_size.__dict__[sect] + delta = - old_attr + change_attr = '{0:{1}}'.format(delta, '+' if delta else '') + elif new_size: + new_attr = new_size.__dict__[sect] + old_attr = 'NotCreated' + delta = new_attr + change_attr = '{0:{1}}'.format(delta, '+' if delta else '') else: - res_file.write("{}, {}\n".format(fname, this_size)) - return 0 + # Should never happen + new_attr = 'Error' + old_attr = 'Error' + change_attr = 'Error' + return [new_attr, old_attr, change_attr] - def get_comparision_results(self): - """Compare size of library/*.o between self.old_rev and self.new_rev, - and generate the result file.""" + # sort dictionary by key + sort_by_k = lambda item: item[0].lower() + def get_results( + f_rev_size: + typing.Dict[str, + typing.Dict[str, + CodeSizeGeneratorWithSize.SizeEntry]] + ) -> typing.List: + """Return List of results in the format of: + [filename, new(text), old(text), change(text), + new(data), old(data), change(data)] + """ + res = [] + for fname, revs_size in sorted(f_rev_size.items(), key=sort_by_k): + old_size = revs_size.get(old_rev) + new_size = revs_size.get(new_rev) + + text_sect = cal_sect_change(old_size, new_size, 'text') + data_sect = cal_sect_change(old_size, new_size, 'data') + # skip the files that haven't changed in code size + if not show_all and text_sect[-1] == '0' and data_sect[-1] == '0': + continue + + res.append([fname, *text_sect, *data_sect]) + return res + + # write header + output.write(line_format.format(*header_line)) + if with_markdown: + output.write(line_format.format(*dash_line)) + for mod in MBEDTLS_STATIC_LIB: + # convert self.code_size to: + # { + # file_name: { + # old_rev: SizeEntry, + # new_rev: SizeEntry + # }, + # ... + # } + f_rev_size = {} #type: typing.Dict[str, typing.Dict] + for fname, size_entry in self.code_size[old_rev][mod].items(): + f_rev_size.setdefault(fname, {}).update({old_rev: size_entry}) + for fname, size_entry in self.code_size[new_rev][mod].items(): + f_rev_size.setdefault(fname, {}).update({new_rev: size_entry}) + + mod_total_sz = f_rev_size.pop(mod + self.mod_total_suffix) + res = get_results(f_rev_size) + total_clm = get_results({mod + self.mod_total_suffix: mod_total_sz}) + if with_markdown: + # bold row of mod-TOTALS in markdown table + total_clm = [[bold_text(j) for j in i] for i in total_clm] + res += total_clm + + # write comparison result + for line in res: + output.write(line_format.format(*line)) + + +class CodeSizeComparison: + """Compare code size between two Git revisions.""" + + def __init__( #pylint: disable=too-many-arguments + self, + old_size_dist_info: CodeSizeDistinctInfo, + new_size_dist_info: CodeSizeDistinctInfo, + size_common_info: CodeSizeCommonInfo, + result_options: CodeSizeResultInfo, + logger: logging.Logger, + ) -> None: + """ + :param old_size_dist_info: CodeSizeDistinctInfo containing old distinct + info to compare code size with. + :param new_size_dist_info: CodeSizeDistinctInfo containing new distinct + info to take as comparision base. + :param size_common_info: CodeSizeCommonInfo containing common info for + both old and new size distinct info and + measurement tool. + :param result_options: CodeSizeResultInfo containing results options for + code size record and comparision. + :param logger: logging module + """ + + self.logger = logger + + self.old_size_dist_info = old_size_dist_info + self.new_size_dist_info = new_size_dist_info + self.size_common_info = size_common_info + # infer pre make command + self.old_size_dist_info.pre_make_cmd = CodeSizeBuildInfo( + self.old_size_dist_info, self.size_common_info.host_arch, + self.logger).infer_pre_make_command() + self.new_size_dist_info.pre_make_cmd = CodeSizeBuildInfo( + self.new_size_dist_info, self.size_common_info.host_arch, + self.logger).infer_pre_make_command() + # infer make command + self.old_size_dist_info.make_cmd = CodeSizeBuildInfo( + self.old_size_dist_info, self.size_common_info.host_arch, + self.logger).infer_make_command() + self.new_size_dist_info.make_cmd = CodeSizeBuildInfo( + self.new_size_dist_info, self.size_common_info.host_arch, + self.logger).infer_make_command() + # initialize size parser with corresponding measurement tool + self.code_size_generator = self.__generate_size_parser() + + self.result_options = result_options + self.csv_dir = os.path.abspath(self.result_options.record_dir) + os.makedirs(self.csv_dir, exist_ok=True) + self.comp_dir = os.path.abspath(self.result_options.comp_dir) + os.makedirs(self.comp_dir, exist_ok=True) + + def __generate_size_parser(self): + """Generate a parser for the corresponding measurement tool.""" + if re.match(r'size', self.size_common_info.measure_cmd.strip()): + return CodeSizeGeneratorWithSize(self.logger) + else: + self.logger.error("Unsupported measurement tool: `{}`." + .format(self.size_common_info.measure_cmd + .strip().split(' ')[0])) + sys.exit(1) + + def cal_code_size( + self, + size_dist_info: CodeSizeDistinctInfo + ) -> typing.Dict[str, str]: + """Calculate code size of library/*.o in a UTF-8 encoding""" + + return CodeSizeCalculator(size_dist_info.git_rev, + size_dist_info.pre_make_cmd, + size_dist_info.make_cmd, + self.size_common_info.measure_cmd, + self.logger).cal_libraries_code_size() + + def gen_code_size_report(self, size_dist_info: CodeSizeDistinctInfo) -> None: + """Generate code size record and write it into a file.""" + + self.logger.info("Start to generate code size record for {}." + .format(size_dist_info.git_rev)) + output_file = os.path.join( + self.csv_dir, + '{}-{}.csv' + .format(size_dist_info.get_info_indication(), + self.size_common_info.get_info_indication())) + # Check if the corresponding record exists + if size_dist_info.git_rev != "current" and \ + os.path.exists(output_file): + self.logger.debug("Code size csv file for {} already exists." + .format(size_dist_info.git_rev)) + self.code_size_generator.read_size_record( + size_dist_info.git_rev, output_file) + else: + # measure code size + code_size_text = self.cal_code_size(size_dist_info) + + self.logger.debug("Generating code size csv for {}." + .format(size_dist_info.git_rev)) + output = open(output_file, "w") + self.code_size_generator.write_record( + size_dist_info.git_rev, code_size_text, output) + + def gen_code_size_comparison(self) -> None: + """Generate results of code size changes between two Git revisions, + old and new. + + - Measured code size result of these two Git revisions must be available. + - The result is directed into either file / stdout depending on + the option, size_common_info.result_options.stdout. (Default: file) + """ + + self.logger.info("Start to generate comparision result between "\ + "{} and {}." + .format(self.old_size_dist_info.git_rev, + self.new_size_dist_info.git_rev)) + if self.result_options.stdout: + output = sys.stdout + else: + output_file = os.path.join( + self.comp_dir, + '{}-{}-{}.{}' + .format(self.old_size_dist_info.get_info_indication(), + self.new_size_dist_info.get_info_indication(), + self.size_common_info.get_info_indication(), + 'md' if self.result_options.with_markdown else 'csv')) + output = open(output_file, "w") + + self.logger.debug("Generating comparison results between {} and {}." + .format(self.old_size_dist_info.git_rev, + self.new_size_dist_info.git_rev)) + if self.result_options.with_markdown or self.result_options.stdout: + print("Measure code size between {} and {} by `{}`." + .format(self.old_size_dist_info.get_info_indication(), + self.new_size_dist_info.get_info_indication(), + self.size_common_info.get_info_indication()), + file=output) + self.code_size_generator.write_comparison( + self.old_size_dist_info.git_rev, + self.new_size_dist_info.git_rev, + output, self.result_options.with_markdown, + self.result_options.show_all) + + def get_comparision_results(self) -> None: + """Compare size of library/*.o between self.old_size_dist_info and + self.old_size_dist_info and generate the result file.""" build_tree.check_repo_path() - self._get_code_size_for_rev(self.old_rev) - self._get_code_size_for_rev(self.new_rev) - return self.compare_code_size() + self.gen_code_size_report(self.old_size_dist_info) + self.gen_code_size_report(self.new_size_dist_info) + self.gen_code_size_comparison() def main(): - parser = argparse.ArgumentParser( - description=( - """This script is for comparing the size of the library files - from two different Git revisions within an Mbed TLS repository. - The results of the comparison is formatted as csv, and stored at - a configurable location. - Note: must be run from Mbed TLS root.""" - ) - ) - parser.add_argument( - "-r", "--result-dir", type=str, default="comparison", - help="directory where comparison result is stored, \ - default is comparison", - ) - parser.add_argument( - "-o", "--old-rev", type=str, help="old revision for comparison.", - required=True, - ) - parser.add_argument( - "-n", "--new-rev", type=str, default=None, - help="new revision for comparison, default is the current work \ - directory, including uncommitted changes." - ) + parser = argparse.ArgumentParser(description=(__doc__)) + group_required = parser.add_argument_group( + 'required arguments', + 'required arguments to parse for running ' + os.path.basename(__file__)) + group_required.add_argument( + '-o', '--old-rev', type=str, required=True, + help='old Git revision for comparison.') + + group_optional = parser.add_argument_group( + 'optional arguments', + 'optional arguments to parse for running ' + os.path.basename(__file__)) + group_optional.add_argument( + '--record-dir', type=str, default='code_size_records', + help='directory where code size record is stored. ' + '(Default: code_size_records)') + group_optional.add_argument( + '--comp-dir', type=str, default='comparison', + help='directory where comparison result is stored. ' + '(Default: comparison)') + group_optional.add_argument( + '-n', '--new-rev', type=str, default='current', + help='new Git revision as comparison base. ' + '(Default is the current work directory, including uncommitted ' + 'changes.)') + group_optional.add_argument( + '-a', '--arch', type=str, default=detect_arch(), + choices=list(map(lambda s: s.value, SupportedArch)), + help='Specify architecture for code size comparison. ' + '(Default is the host architecture.)') + group_optional.add_argument( + '-c', '--config', type=str, default=SupportedConfig.DEFAULT.value, + choices=list(map(lambda s: s.value, SupportedConfig)), + help='Specify configuration type for code size comparison. ' + '(Default is the current Mbed TLS configuration.)') + group_optional.add_argument( + '--markdown', action='store_true', dest='markdown', + help='Show comparision of code size in a markdown table. ' + '(Only show the files that have changed).') + group_optional.add_argument( + '--stdout', action='store_true', dest='stdout', + help='Set this option to direct comparison result into sys.stdout. ' + '(Default: file)') + group_optional.add_argument( + '--show-all', action='store_true', dest='show_all', + help='Show all the objects in comparison result, including the ones ' + 'that haven\'t changed in code size. (Default: False)') + group_optional.add_argument( + '--verbose', action='store_true', dest='verbose', + help='Show logs in detail for code size measurement. ' + '(Default: False)') comp_args = parser.parse_args() - if os.path.isfile(comp_args.result_dir): - print("Error: {} is not a directory".format(comp_args.result_dir)) - parser.exit() + logger = logging.getLogger() + logging_util.configure_logger(logger, split_level=logging.NOTSET) + logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO) - validate_res = CodeSizeComparison.validate_revision(comp_args.old_rev) - old_revision = validate_res.decode().replace("\n", "") + if os.path.isfile(comp_args.record_dir): + logger.error("record directory: {} is not a directory" + .format(comp_args.record_dir)) + sys.exit(1) + if os.path.isfile(comp_args.comp_dir): + logger.error("comparison directory: {} is not a directory" + .format(comp_args.comp_dir)) + sys.exit(1) - if comp_args.new_rev is not None: - validate_res = CodeSizeComparison.validate_revision(comp_args.new_rev) - new_revision = validate_res.decode().replace("\n", "") - else: - new_revision = "current" + comp_args.old_rev = CodeSizeCalculator.validate_git_revision( + comp_args.old_rev) + if comp_args.new_rev != 'current': + comp_args.new_rev = CodeSizeCalculator.validate_git_revision( + comp_args.new_rev) - result_dir = comp_args.result_dir - size_compare = CodeSizeComparison(old_revision, new_revision, result_dir) - return_code = size_compare.get_comparision_results() - sys.exit(return_code) + # version, git_rev, arch, config, compiler, opt_level + old_size_dist_info = CodeSizeDistinctInfo( + 'old', comp_args.old_rev, comp_args.arch, comp_args.config, 'cc', '-Os') + new_size_dist_info = CodeSizeDistinctInfo( + 'new', comp_args.new_rev, comp_args.arch, comp_args.config, 'cc', '-Os') + # host_arch, measure_cmd + size_common_info = CodeSizeCommonInfo( + detect_arch(), 'size -t') + # record_dir, comp_dir, with_markdown, stdout, show_all + result_options = CodeSizeResultInfo( + comp_args.record_dir, comp_args.comp_dir, + comp_args.markdown, comp_args.stdout, comp_args.show_all) + logger.info("Measure code size between {} and {} by `{}`." + .format(old_size_dist_info.get_info_indication(), + new_size_dist_info.get_info_indication(), + size_common_info.get_info_indication())) + CodeSizeComparison(old_size_dist_info, new_size_dist_info, + size_common_info, result_options, + logger).get_comparision_results() if __name__ == "__main__": main() diff --git a/scripts/code_style.py b/scripts/code_style.py index aae3e2492..ddd0a9800 100755 --- a/scripts/code_style.py +++ b/scripts/code_style.py @@ -1,9 +1,7 @@ #!/usr/bin/env python3 """Check or fix the code style by running Uncrustify. -Note: The code style enforced by this script is not yet introduced to -Mbed TLS. At present this script will only be used to prepare for a future -change of code style. +This script must be run from the root of a Git work tree containing Mbed TLS. """ # Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 @@ -20,23 +18,28 @@ change of code style. # See the License for the specific language governing permissions and # limitations under the License. import argparse -import io import os import re import subprocess import sys -from typing import FrozenSet, List +from typing import FrozenSet, List, Optional UNCRUSTIFY_SUPPORTED_VERSION = "0.75.1" CONFIG_FILE = ".uncrustify.cfg" UNCRUSTIFY_EXE = "uncrustify" UNCRUSTIFY_ARGS = ["-c", CONFIG_FILE] -STDOUT_UTF8 = io.TextIOWrapper(sys.stdout.buffer, encoding='utf-8') -STDERR_UTF8 = io.TextIOWrapper(sys.stderr.buffer, encoding='utf-8') CHECK_GENERATED_FILES = "tests/scripts/check-generated-files.sh" def print_err(*args): - print("Error: ", *args, file=STDERR_UTF8) + print("Error: ", *args, file=sys.stderr) + +# Print the file names that will be skipped and the help message +def print_skip(files_to_skip): + print() + print(*files_to_skip, sep=", SKIP\n", end=", SKIP\n") + print("Warning: The listed files will be skipped because\n" + "they are not known to git.") + print() # Match FILENAME(s) in "check SCRIPT (FILENAME...)" CHECK_CALL_RE = re.compile(r"\n\s*check\s+[^\s#$&*?;|]+([^\n#$&*?;|]+)", @@ -60,38 +63,50 @@ def list_generated_files() -> FrozenSet[str]: checks = re.findall(CHECK_CALL_RE, content) return frozenset(word for s in checks for word in s.split()) -def get_src_files() -> List[str]: +def get_src_files(since: Optional[str]) -> List[str]: """ - Use git ls-files to get a list of the source files + Use git to get a list of the source files. + + The optional argument since is a commit, indicating to only list files + that have changed since that commit. Without this argument, list all + files known to git. + + Only C files are included, and certain files (generated, or 3rdparty) + are excluded. """ - git_ls_files_cmd = ["git", "ls-files", - "*.[hc]", - "tests/suites/*.function", - "scripts/data_files/*.fmt"] + file_patterns = ["*.[hc]", + "tests/suites/*.function", + "scripts/data_files/*.fmt"] + output = subprocess.check_output(["git", "ls-files"] + file_patterns, + universal_newlines=True) + src_files = output.split() + if since: + # get all files changed in commits since the starting point + cmd = ["git", "log", since + "..HEAD", "--name-only", "--pretty=", "--"] + src_files + output = subprocess.check_output(cmd, universal_newlines=True) + committed_changed_files = output.split() + # and also get all files with uncommitted changes + cmd = ["git", "diff", "--name-only", "--"] + src_files + output = subprocess.check_output(cmd, universal_newlines=True) + uncommitted_changed_files = output.split() + src_files = list(set(committed_changed_files + uncommitted_changed_files)) - result = subprocess.run(git_ls_files_cmd, stdout=subprocess.PIPE, \ - stderr=STDERR_UTF8, check=False) - - if result.returncode != 0: - print_err("git ls-files returned: " + str(result.returncode)) - return [] - else: - generated_files = list_generated_files() - src_files = str(result.stdout, "utf-8").split() - # Don't correct style for third-party files (and, for simplicity, - # companion files in the same subtree), or for automatically - # generated files (we're correcting the templates instead). - src_files = [filename for filename in src_files - if not (filename.startswith("3rdparty/") or - filename in generated_files)] - return src_files + generated_files = list_generated_files() + # Don't correct style for third-party files (and, for simplicity, + # companion files in the same subtree), or for automatically + # generated files (we're correcting the templates instead). + src_files = [filename for filename in src_files + if not (filename.startswith("3rdparty/") or + filename in generated_files)] + return src_files def get_uncrustify_version() -> str: """ Get the version string from Uncrustify """ - result = subprocess.run([UNCRUSTIFY_EXE, "--version"], \ - stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False) + result = subprocess.run([UNCRUSTIFY_EXE, "--version"], + stdout=subprocess.PIPE, stderr=subprocess.PIPE, + check=False) if result.returncode != 0: print_err("Could not get Uncrustify version:", str(result.stderr, "utf-8")) return "" @@ -106,26 +121,25 @@ def check_style_is_correct(src_file_list: List[str]) -> bool: style_correct = True for src_file in src_file_list: uncrustify_cmd = [UNCRUSTIFY_EXE] + UNCRUSTIFY_ARGS + [src_file] - result = subprocess.run(uncrustify_cmd, stdout=subprocess.PIPE, \ - stderr=subprocess.PIPE, check=False) + result = subprocess.run(uncrustify_cmd, stdout=subprocess.PIPE, + stderr=subprocess.PIPE, check=False) if result.returncode != 0: - print_err("Uncrustify returned " + str(result.returncode) + \ - " correcting file " + src_file) + print_err("Uncrustify returned " + str(result.returncode) + + " correcting file " + src_file) return False # Uncrustify makes changes to the code and places the result in a new # file with the extension ".uncrustify". To get the changes (if any) # simply diff the 2 files. diff_cmd = ["diff", "-u", src_file, src_file + ".uncrustify"] - result = subprocess.run(diff_cmd, stdout=subprocess.PIPE, \ - stderr=STDERR_UTF8, check=False) - if len(result.stdout) > 0: - print(src_file + " - Incorrect code style.", file=STDOUT_UTF8) - print("File changed - diff:", file=STDOUT_UTF8) - print(str(result.stdout, "utf-8"), file=STDOUT_UTF8) + cp = subprocess.run(diff_cmd, check=False) + + if cp.returncode == 1: + print(src_file + " changed - code style is incorrect.") style_correct = False - else: - print(src_file + " - OK.", file=STDOUT_UTF8) + elif cp.returncode != 0: + raise subprocess.CalledProcessError(cp.returncode, cp.args, + cp.stdout, cp.stderr) # Tidy up artifact os.remove(src_file + ".uncrustify") @@ -139,12 +153,11 @@ def fix_style_single_pass(src_file_list: List[str]) -> bool: code_change_args = UNCRUSTIFY_ARGS + ["--no-backup"] for src_file in src_file_list: uncrustify_cmd = [UNCRUSTIFY_EXE] + code_change_args + [src_file] - result = subprocess.run(uncrustify_cmd, check=False, \ - stdout=STDOUT_UTF8, stderr=STDERR_UTF8) + result = subprocess.run(uncrustify_cmd, check=False) if result.returncode != 0: - print_err("Uncrustify with file returned: " + \ - str(result.returncode) + " correcting file " + \ - src_file) + print_err("Uncrustify with file returned: " + + str(result.returncode) + " correcting file " + + src_file) return False return True @@ -160,7 +173,7 @@ def fix_style(src_file_list: List[str]) -> int: # Guard against future changes that cause the codebase to require # more passes. if not check_style_is_correct(src_file_list): - print("Code style still incorrect after second run of Uncrustify.") + print_err("Code style still incorrect after second run of Uncrustify.") return 1 else: return 0 @@ -171,24 +184,48 @@ def main() -> int: """ uncrustify_version = get_uncrustify_version().strip() if UNCRUSTIFY_SUPPORTED_VERSION not in uncrustify_version: - print("Warning: Using unsupported Uncrustify version '" \ - + uncrustify_version + "' (Note: The only supported version" \ - "is " + UNCRUSTIFY_SUPPORTED_VERSION + ")", file=STDOUT_UTF8) - - src_files = get_src_files() + print("Warning: Using unsupported Uncrustify version '" + + uncrustify_version + "'") + print("Note: The only supported version is " + + UNCRUSTIFY_SUPPORTED_VERSION) parser = argparse.ArgumentParser() - parser.add_argument('-f', '--fix', action='store_true', \ - help='modify source files to fix the code style') + parser.add_argument('-f', '--fix', action='store_true', + help=('modify source files to fix the code style ' + '(default: print diff, do not modify files)')) + parser.add_argument('-s', '--since', metavar='COMMIT', const='development', nargs='?', + help=('only check files modified since the specified commit' + ' (e.g. --since=HEAD~3 or --since=development). If no' + ' commit is specified, default to development.')) + # --subset is almost useless: it only matters if there are no files + # ('code_style.py' without arguments checks all files known to Git, + # 'code_style.py --subset' does nothing). In particular, + # 'code_style.py --fix --subset ...' is intended as a stable ("porcelain") + # way to restyle a possibly empty set of files. + parser.add_argument('--subset', action='store_true', + help='only check the specified files (default with non-option arguments)') + parser.add_argument('operands', nargs='*', metavar='FILE', + help='files to check (files MUST be known to git, if none: check all)') args = parser.parse_args() + covered = frozenset(get_src_files(args.since)) + # We only check files that are known to git + if args.subset or args.operands: + src_files = [f for f in args.operands if f in covered] + skip_src_files = [f for f in args.operands if f not in covered] + if skip_src_files: + print_skip(skip_src_files) + else: + src_files = list(covered) + if args.fix: # Fix mode return fix_style(src_files) else: # Check mode if check_style_is_correct(src_files): + print("Checked {} files, style ok.".format(len(src_files))) return 0 else: return 1 diff --git a/scripts/config.py b/scripts/config.py index a53c470f0..17fbe653a 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -2,7 +2,7 @@ """Mbed TLS configuration file manipulation library and tool -Basic usage, to read the Mbed TLS or Mbed Crypto configuration: +Basic usage, to read the Mbed TLS configuration: config = ConfigFile() if 'MBEDTLS_RSA_C' in config: print('RSA is enabled') """ @@ -189,11 +189,14 @@ def realfull_adapter(_name, active, section): # * Options that remove features. EXCLUDE_FROM_FULL = frozenset([ #pylint: disable=line-too-long + 'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY + 'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options 'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS 'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation + 'MBEDTLS_ECP_WITH_MPI_UINT', # disables the default ECP and is experimental 'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_HAVE_SSE2', # hardware dependency 'MBEDTLS_MEMORY_BACKTRACE', # depends on MEMORY_BUFFER_ALLOC_C @@ -203,15 +206,16 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature 'MBEDTLS_NO_PLATFORM_ENTROPY', # removes a feature 'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum + 'MBEDTLS_PSA_P256M_DRIVER_ENABLED', # influences SECP256R1 KeyGen/ECDH/ECDSA 'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature - 'MBEDTLS_PSA_CRYPTO_CONFIG', # toggles old/new style PSA config 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG', # behavior change + build dependency 'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # incompatible with USE_PSA_CRYPTO 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) - 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) + 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) 'MBEDTLS_X509_REMOVE_INFO', # removes a feature @@ -229,7 +233,12 @@ def is_seamless_alt(name): Exclude alternative implementations of library functions since they require an implementation of the relevant functions and an xxx_alt.h header. """ - if name == 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT': + if name in ( + 'MBEDTLS_PLATFORM_GMTIME_R_ALT', + 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', + 'MBEDTLS_PLATFORM_MS_TIME_ALT', + 'MBEDTLS_PLATFORM_ZEROIZE_ALT', + ): # Similar to non-platform xxx_ALT, requires platform_alt.h return False return name.startswith('MBEDTLS_PLATFORM_') @@ -465,7 +474,7 @@ if __name__ == '__main__': def main(): """Command line mbedtls_config.h manipulation tool.""" parser = argparse.ArgumentParser(description=""" - Mbed TLS and Mbed Crypto configuration file manipulation tool. + Mbed TLS configuration file manipulation tool. """) parser.add_argument('--file', '-f', help="""File to read (and modify if requested). diff --git a/scripts/data_files/driver_jsons/driverlist.json b/scripts/data_files/driver_jsons/driverlist.json index 50ad81604..42c186adb 100644 --- a/scripts/data_files/driver_jsons/driverlist.json +++ b/scripts/data_files/driver_jsons/driverlist.json @@ -1 +1 @@ -["mbedtls_test_opaque_driver.json","mbedtls_test_transparent_driver.json"] +["mbedtls_test_opaque_driver.json","mbedtls_test_transparent_driver.json","p256_transparent_driver.json"] diff --git a/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json b/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json index 9eb259f65..b9b2d6847 100644 --- a/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json +++ b/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json @@ -7,7 +7,7 @@ { "_comment": "The Mbed TLS transparent driver supports import key/export key", "mbedtls/c_condition": "defined(PSA_CRYPTO_DRIVER_TEST)", - "entry_points": ["import_key", "export_key"], + "entry_points": ["import_key"], "fallback": true }, { diff --git a/scripts/data_files/driver_jsons/p256_transparent_driver.json b/scripts/data_files/driver_jsons/p256_transparent_driver.json new file mode 100644 index 000000000..7d2aabfb3 --- /dev/null +++ b/scripts/data_files/driver_jsons/p256_transparent_driver.json @@ -0,0 +1,20 @@ +{ + "prefix": "p256", + "type": "transparent", + "mbedtls/h_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)", + "headers": ["../3rdparty/p256-m/p256-m_driver_entrypoints.h"], + "capabilities": [ + { + "mbedtls/c_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)", + "_comment_entry_points": "This is not the complete list of entry points supported by this driver, only those that are currently supported in JSON. See docs/psa-driver-example-and-guide.md", + "entry_points": ["import_key", "export_public_key"], + "algorithms": ["PSA_ALG_ECDH", "PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)"], + "key_types": [ + "PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1)", + "PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1)" + ], + "key_sizes": [256], + "fallback": false + } + ] +} diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja similarity index 81% rename from scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja rename to scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index e716e409f..8670bbde5 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -25,18 +25,19 @@ #include "psa_crypto_aead.h" #include "psa_crypto_cipher.h" #include "psa_crypto_core.h" -#include "psa_crypto_driver_wrappers.h" +#include "psa_crypto_driver_wrappers_no_static.h" #include "psa_crypto_hash.h" #include "psa_crypto_mac.h" +#include "psa_crypto_pake.h" #include "psa_crypto_rsa.h" #include "mbedtls/platform.h" +#include "mbedtls/constant_time.h" /* END-common headers */ #if defined(MBEDTLS_PSA_CRYPTO_C) /* BEGIN-driver headers */ -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) {% for driver in drivers -%} /* Headers for {{driver.prefix}} {{driver.type}} driver */ {% if driver['mbedtls/h_condition'] is defined -%} @@ -49,7 +50,6 @@ #endif {% endif -%} {% endfor %} -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ /* END-driver headers */ /* Auto-generated values depending on which drivers are registered. @@ -82,7 +82,7 @@ #include "psa_crypto_se.h" #endif -psa_status_t psa_driver_wrapper_init( void ) +static inline psa_status_t psa_driver_wrapper_init( void ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -106,7 +106,7 @@ psa_status_t psa_driver_wrapper_init( void ) return( PSA_SUCCESS ); } -void psa_driver_wrapper_free( void ) +static inline void psa_driver_wrapper_free( void ) { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Unregister all secure element drivers, so that we restart from @@ -121,7 +121,7 @@ void psa_driver_wrapper_free( void ) } /* Start delegation functions */ -psa_status_t psa_driver_wrapper_sign_message( +static inline psa_status_t psa_driver_wrapper_sign_message( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -196,7 +196,7 @@ psa_status_t psa_driver_wrapper_sign_message( signature_length ) ); } -psa_status_t psa_driver_wrapper_verify_message( +static inline psa_status_t psa_driver_wrapper_verify_message( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -267,7 +267,7 @@ psa_status_t psa_driver_wrapper_verify_message( signature_length ) ); } -psa_status_t psa_driver_wrapper_sign_hash( +static inline psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -317,6 +317,26 @@ psa_status_t psa_driver_wrapper_sign_hash( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) + if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) && + PSA_ALG_IS_ECDSA(alg) && + !PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) && + PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) == PSA_ECC_FAMILY_SECP_R1 && + attributes->core.bits == 256 ) + { + status = p256_transparent_sign_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + } +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ return( psa_sign_hash_builtin( attributes, @@ -351,7 +371,7 @@ psa_status_t psa_driver_wrapper_sign_hash( } } -psa_status_t psa_driver_wrapper_verify_hash( +static inline psa_status_t psa_driver_wrapper_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -401,6 +421,25 @@ psa_status_t psa_driver_wrapper_verify_hash( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#if defined (MBEDTLS_PSA_P256M_DRIVER_ENABLED) + if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) && + PSA_ALG_IS_ECDSA(alg) && + !PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) && + PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) == PSA_ECC_FAMILY_SECP_R1 && + attributes->core.bits == 256 ) + { + status = p256_transparent_verify_hash( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + } +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ return( psa_verify_hash_builtin( attributes, @@ -433,6 +472,234 @@ psa_status_t psa_driver_wrapper_verify_hash( } } +static inline uint32_t psa_driver_wrapper_sign_hash_get_num_ops( + psa_sign_hash_interruptible_operation_t *operation ) +{ + switch( operation->id ) + { + /* If uninitialised, return 0, as no work can have been done. */ + case 0: + return 0; + + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return(mbedtls_psa_sign_hash_get_num_ops(&operation->ctx.mbedtls_ctx)); + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* Add test driver tests here */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + } + + /* Can't happen (see discussion in #8271) */ + return 0; +} + +static inline uint32_t psa_driver_wrapper_verify_hash_get_num_ops( + psa_verify_hash_interruptible_operation_t *operation ) +{ + switch( operation->id ) + { + /* If uninitialised, return 0, as no work can have been done. */ + case 0: + return 0; + + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return (mbedtls_psa_verify_hash_get_num_ops(&operation->ctx.mbedtls_ctx)); + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* Add test driver tests here */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + + } + + /* Can't happen (see discussion in #8271) */ + return 0; +} + +static inline psa_status_t psa_driver_wrapper_sign_hash_start( + psa_sign_hash_interruptible_operation_t *operation, + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( + attributes->core.lifetime ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + + /* Add test driver tests here */ + + /* Declared with fallback == true */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + + /* Fell through, meaning no accelerator supports this operation */ + operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + status = mbedtls_psa_sign_hash_start( &operation->ctx.mbedtls_ctx, + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length ); + break; + + /* Add cases for opaque driver here */ + + default: + /* Key is declared with a lifetime not known to us */ + status = PSA_ERROR_INVALID_ARGUMENT; + break; + } + + return( status ); +} + +static inline psa_status_t psa_driver_wrapper_sign_hash_complete( + psa_sign_hash_interruptible_operation_t *operation, + uint8_t *signature, size_t signature_size, + size_t *signature_length ) +{ + switch( operation->id ) + { + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_sign_hash_complete( &operation->ctx.mbedtls_ctx, + signature, signature_size, + signature_length ) ); + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* Add test driver tests here */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + } + + ( void ) signature; + ( void ) signature_size; + ( void ) signature_length; + + return( PSA_ERROR_INVALID_ARGUMENT ); +} + +static inline psa_status_t psa_driver_wrapper_sign_hash_abort( + psa_sign_hash_interruptible_operation_t *operation ) +{ + switch( operation->id ) + { + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_sign_hash_abort( &operation->ctx.mbedtls_ctx ) ); + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* Add test driver tests here */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + } + + return( PSA_ERROR_INVALID_ARGUMENT ); +} + +static inline psa_status_t psa_driver_wrapper_verify_hash_start( + psa_verify_hash_interruptible_operation_t *operation, + const psa_key_attributes_t *attributes, const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( + attributes->core.lifetime ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + + /* Add test driver tests here */ + + /* Declared with fallback == true */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + + /* Fell through, meaning no accelerator supports this operation */ + operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; + status = mbedtls_psa_verify_hash_start( &operation->ctx.mbedtls_ctx, + attributes, + key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ); + break; + + /* Add cases for opaque driver here */ + + default: + /* Key is declared with a lifetime not known to us */ + status = PSA_ERROR_INVALID_ARGUMENT; + break; + } + + return( status ); +} + +static inline psa_status_t psa_driver_wrapper_verify_hash_complete( + psa_verify_hash_interruptible_operation_t *operation ) +{ + switch( operation->id ) + { + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_verify_hash_complete( + &operation->ctx.mbedtls_ctx + ) ); + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* Add test driver tests here */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + } + + return( PSA_ERROR_INVALID_ARGUMENT ); +} + +static inline psa_status_t psa_driver_wrapper_verify_hash_abort( + psa_verify_hash_interruptible_operation_t *operation ) +{ + switch( operation->id ) + { + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_verify_hash_abort( &operation->ctx.mbedtls_ctx + ) ); + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + /* Add test driver tests here */ + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + } + + return( PSA_ERROR_INVALID_ARGUMENT ); +} + /** Calculate the key buffer size required to store the key material of a key * associated with an opaque driver from input key data. * @@ -441,11 +708,11 @@ psa_status_t psa_driver_wrapper_verify_hash( * \param[in] data_length The input data length. * \param[out] key_buffer_size Minimum buffer size to contain the key material. * - * \retval #PSA_SUCCESS - * \retval #PSA_ERROR_INVALID_ARGUMENT - * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_SUCCESS \emptydescription + * \retval #PSA_ERROR_INVALID_ARGUMENT \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription */ -psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( +static inline psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, @@ -474,58 +741,7 @@ psa_status_t psa_driver_wrapper_get_key_buffer_size_from_key_data( } } -/** Get the key buffer size required to store the key material of a key - * associated with an opaque driver. - * - * \param[in] attributes The key attributes. - * \param[out] key_buffer_size Minimum buffer size to contain the key material - * - * \retval #PSA_SUCCESS - * The minimum size for a buffer to contain the key material has been - * returned successfully. - * \retval #PSA_ERROR_NOT_SUPPORTED - * The type and/or the size in bits of the key or the combination of - * the two is not supported. - * \retval #PSA_ERROR_INVALID_ARGUMENT - * The key is declared with a lifetime not known to us. - */ -psa_status_t psa_driver_wrapper_get_key_buffer_size( - const psa_key_attributes_t *attributes, - size_t *key_buffer_size ) -{ - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); - psa_key_type_t key_type = attributes->core.type; - size_t key_bits = attributes->core.bits; - - *key_buffer_size = 0; - switch( location ) - { -#if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LOCATION: -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - /* Emulate property 'builtin_key_size' */ - if( psa_key_id_is_builtin( - MBEDTLS_SVC_KEY_ID_GET_KEY_ID( - psa_get_key_id( attributes ) ) ) ) - { - *key_buffer_size = sizeof( psa_drv_slot_number_t ); - return( PSA_SUCCESS ); - } -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - *key_buffer_size = mbedtls_test_opaque_size_function( key_type, - key_bits ); - return( ( *key_buffer_size != 0 ) ? - PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); -#endif /* PSA_CRYPTO_DRIVER_TEST */ - - default: - (void)key_type; - (void)key_bits; - return( PSA_ERROR_INVALID_ARGUMENT ); - } -} - -psa_status_t psa_driver_wrapper_generate_key( +static inline psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) { @@ -570,6 +786,20 @@ psa_status_t psa_driver_wrapper_generate_key( if( status != PSA_ERROR_NOT_SUPPORTED ) break; #endif /* PSA_CRYPTO_DRIVER_TEST */ +#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) + if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) && + attributes->core.type == PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) && + attributes->core.bits == 256 ) + { + status = p256_transparent_generate_key( attributes, + key_buffer, + key_buffer_size, + key_buffer_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + break; + } + +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ } #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ @@ -597,7 +827,7 @@ psa_status_t psa_driver_wrapper_generate_key( return( status ); } -psa_status_t psa_driver_wrapper_import_key( +static inline psa_status_t psa_driver_wrapper_import_key( const psa_key_attributes_t *attributes, const uint8_t *data, size_t data_length, @@ -678,7 +908,7 @@ bits {% endwith %} } -psa_status_t psa_driver_wrapper_export_key( +static inline psa_status_t psa_driver_wrapper_export_key( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, uint8_t *data, size_t data_size, size_t *data_length ) @@ -740,108 +970,7 @@ data_length {% endwith %} } -psa_status_t psa_driver_wrapper_export_public_key( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - uint8_t *data, size_t data_size, size_t *data_length ) - -{ -{% with entry_point = "export_public_key" -%} -{% macro entry_point_param(driver) -%} -attributes, -key_buffer, -key_buffer_size, -data, -data_size, -data_length -{% endmacro %} - psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( - psa_get_key_lifetime( attributes ) ); - - /* Try dynamically-registered SE interface first */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - const psa_drv_se_t *drv; - psa_drv_se_context_t *drv_context; - - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( ( drv->key_management == NULL ) || - ( drv->key_management->p_export_public == NULL ) ) - { - return( PSA_ERROR_NOT_SUPPORTED ); - } - - return( drv->key_management->p_export_public( - drv_context, - *( (psa_key_slot_number_t *)key_buffer ), - data, data_size, data_length ) ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - - switch( location ) - { - case PSA_KEY_LOCATION_LOCAL_STORAGE: - /* Key is stored in the slot in export representation, so - * cycle through all known transparent accelerators */ -#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) -{% with nest_indent=12 %} -{% include "OS-template-transparent.jinja" -%} -{% endwith -%} -#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - /* Fell through, meaning no accelerator supports this operation */ - return( psa_export_public_key_internal( attributes, - key_buffer, - key_buffer_size, - data, - data_size, - data_length ) ); - - /* Add cases for opaque driver here */ -#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) -{% with nest_indent=8 %} -{% include "OS-template-opaque.jinja" -%} -{% endwith -%} -#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - default: - /* Key is declared with a lifetime not known to us */ - return( status ); - } -{% endwith %} -} - -psa_status_t psa_driver_wrapper_get_builtin_key( - psa_drv_slot_number_t slot_number, - psa_key_attributes_t *attributes, - uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) -{ -{% with entry_point = "get_builtin_key" -%} -{% macro entry_point_param(driver) -%} -slot_number, -attributes, -key_buffer, -key_buffer_size, -key_buffer_length -{% endmacro %} - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); - switch( location ) - { -#if defined(PSA_CRYPTO_DRIVER_TEST) -{% with nest_indent=8 %} -{% include "OS-template-opaque.jinja" -%} -{% endwith -%} -#endif /* PSA_CRYPTO_DRIVER_TEST */ - default: - (void) slot_number; - (void) key_buffer; - (void) key_buffer_size; - (void) key_buffer_length; - return( PSA_ERROR_DOES_NOT_EXIST ); - } -{% endwith %} -} - -psa_status_t psa_driver_wrapper_copy_key( +static inline psa_status_t psa_driver_wrapper_copy_key( psa_key_attributes_t *attributes, const uint8_t *source_key, size_t source_key_length, uint8_t *target_key_buffer, size_t target_key_buffer_size, @@ -893,7 +1022,7 @@ target_key_buffer_length /* * Cipher functions */ -psa_status_t psa_driver_wrapper_cipher_encrypt( +static inline psa_status_t psa_driver_wrapper_cipher_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -985,7 +1114,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt( } } -psa_status_t psa_driver_wrapper_cipher_decrypt( +static inline psa_status_t psa_driver_wrapper_cipher_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -1067,7 +1196,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt( } } -psa_status_t psa_driver_wrapper_cipher_encrypt_setup( +static inline psa_status_t psa_driver_wrapper_cipher_encrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -1140,7 +1269,7 @@ psa_status_t psa_driver_wrapper_cipher_encrypt_setup( } } -psa_status_t psa_driver_wrapper_cipher_decrypt_setup( +static inline psa_status_t psa_driver_wrapper_cipher_decrypt_setup( psa_cipher_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -1182,8 +1311,9 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; return( status ); -#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ +#else /* MBEDTLS_PSA_BUILTIN_CIPHER */ return( PSA_ERROR_NOT_SUPPORTED ); +#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */ /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) @@ -1212,7 +1342,7 @@ psa_status_t psa_driver_wrapper_cipher_decrypt_setup( } } -psa_status_t psa_driver_wrapper_cipher_set_iv( +static inline psa_status_t psa_driver_wrapper_cipher_set_iv( psa_cipher_operation_t *operation, const uint8_t *iv, size_t iv_length ) @@ -1247,7 +1377,7 @@ psa_status_t psa_driver_wrapper_cipher_set_iv( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_cipher_update( +static inline psa_status_t psa_driver_wrapper_cipher_update( psa_cipher_operation_t *operation, const uint8_t *input, size_t input_length, @@ -1293,7 +1423,7 @@ psa_status_t psa_driver_wrapper_cipher_update( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_cipher_finish( +static inline psa_status_t psa_driver_wrapper_cipher_finish( psa_cipher_operation_t *operation, uint8_t *output, size_t output_size, @@ -1331,7 +1461,7 @@ psa_status_t psa_driver_wrapper_cipher_finish( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_cipher_abort( +static inline psa_status_t psa_driver_wrapper_cipher_abort( psa_cipher_operation_t *operation ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; @@ -1371,7 +1501,7 @@ psa_status_t psa_driver_wrapper_cipher_abort( /* * Hashing functions */ -psa_status_t psa_driver_wrapper_hash_compute( +static inline psa_status_t psa_driver_wrapper_hash_compute( psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -1407,7 +1537,7 @@ psa_status_t psa_driver_wrapper_hash_compute( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t psa_driver_wrapper_hash_setup( +static inline psa_status_t psa_driver_wrapper_hash_setup( psa_hash_operation_t *operation, psa_algorithm_t alg ) { @@ -1440,7 +1570,7 @@ psa_status_t psa_driver_wrapper_hash_setup( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t psa_driver_wrapper_hash_clone( +static inline psa_status_t psa_driver_wrapper_hash_clone( const psa_hash_operation_t *source_operation, psa_hash_operation_t *target_operation ) { @@ -1465,7 +1595,7 @@ psa_status_t psa_driver_wrapper_hash_clone( } } -psa_status_t psa_driver_wrapper_hash_update( +static inline psa_status_t psa_driver_wrapper_hash_update( psa_hash_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -1490,7 +1620,7 @@ psa_status_t psa_driver_wrapper_hash_update( } } -psa_status_t psa_driver_wrapper_hash_finish( +static inline psa_status_t psa_driver_wrapper_hash_finish( psa_hash_operation_t *operation, uint8_t *hash, size_t hash_size, @@ -1517,7 +1647,7 @@ psa_status_t psa_driver_wrapper_hash_finish( } } -psa_status_t psa_driver_wrapper_hash_abort( +static inline psa_status_t psa_driver_wrapper_hash_abort( psa_hash_operation_t *operation ) { switch( operation->id ) @@ -1536,7 +1666,7 @@ psa_status_t psa_driver_wrapper_hash_abort( } } -psa_status_t psa_driver_wrapper_aead_encrypt( +static inline psa_status_t psa_driver_wrapper_aead_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -1588,7 +1718,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt( } } -psa_status_t psa_driver_wrapper_aead_decrypt( +static inline psa_status_t psa_driver_wrapper_aead_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, @@ -1640,7 +1770,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt( } } -psa_status_t psa_driver_wrapper_aead_encrypt_setup( +static inline psa_status_t psa_driver_wrapper_aead_encrypt_setup( psa_aead_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -1688,7 +1818,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt_setup( } } -psa_status_t psa_driver_wrapper_aead_decrypt_setup( +static inline psa_status_t psa_driver_wrapper_aead_decrypt_setup( psa_aead_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -1738,7 +1868,7 @@ psa_status_t psa_driver_wrapper_aead_decrypt_setup( } } -psa_status_t psa_driver_wrapper_aead_set_nonce( +static inline psa_status_t psa_driver_wrapper_aead_set_nonce( psa_aead_operation_t *operation, const uint8_t *nonce, size_t nonce_length ) @@ -1772,7 +1902,7 @@ psa_status_t psa_driver_wrapper_aead_set_nonce( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_aead_set_lengths( +static inline psa_status_t psa_driver_wrapper_aead_set_lengths( psa_aead_operation_t *operation, size_t ad_length, size_t plaintext_length ) @@ -1806,7 +1936,7 @@ psa_status_t psa_driver_wrapper_aead_set_lengths( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_aead_update_ad( +static inline psa_status_t psa_driver_wrapper_aead_update_ad( psa_aead_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -1840,7 +1970,7 @@ psa_status_t psa_driver_wrapper_aead_update_ad( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_aead_update( +static inline psa_status_t psa_driver_wrapper_aead_update( psa_aead_operation_t *operation, const uint8_t *input, size_t input_length, @@ -1882,7 +2012,7 @@ psa_status_t psa_driver_wrapper_aead_update( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_aead_finish( +static inline psa_status_t psa_driver_wrapper_aead_finish( psa_aead_operation_t *operation, uint8_t *ciphertext, size_t ciphertext_size, @@ -1927,7 +2057,7 @@ psa_status_t psa_driver_wrapper_aead_finish( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_aead_verify( +static inline psa_status_t psa_driver_wrapper_aead_verify( psa_aead_operation_t *operation, uint8_t *plaintext, size_t plaintext_size, @@ -1955,7 +2085,7 @@ psa_status_t psa_driver_wrapper_aead_verify( if( status == PSA_SUCCESS ) { if( tag_length != check_tag_length || - mbedtls_psa_safer_memcmp( tag, check_tag, tag_length ) + mbedtls_ct_memcmp( tag, check_tag, tag_length ) != 0 ) status = PSA_ERROR_INVALID_SIGNATURE; } @@ -1990,7 +2120,7 @@ psa_status_t psa_driver_wrapper_aead_verify( return( PSA_ERROR_INVALID_ARGUMENT ); } -psa_status_t psa_driver_wrapper_aead_abort( +static inline psa_status_t psa_driver_wrapper_aead_abort( psa_aead_operation_t *operation ) { switch( operation->id ) @@ -2019,7 +2149,7 @@ psa_status_t psa_driver_wrapper_aead_abort( /* * MAC functions */ -psa_status_t psa_driver_wrapper_mac_compute( +static inline psa_status_t psa_driver_wrapper_mac_compute( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -2087,7 +2217,7 @@ psa_status_t psa_driver_wrapper_mac_compute( } } -psa_status_t psa_driver_wrapper_mac_sign_setup( +static inline psa_status_t psa_driver_wrapper_mac_sign_setup( psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, @@ -2159,7 +2289,7 @@ psa_status_t psa_driver_wrapper_mac_sign_setup( } } -psa_status_t psa_driver_wrapper_mac_verify_setup( +static inline psa_status_t psa_driver_wrapper_mac_verify_setup( psa_mac_operation_t *operation, const psa_key_attributes_t *attributes, const uint8_t *key_buffer, @@ -2231,7 +2361,7 @@ psa_status_t psa_driver_wrapper_mac_verify_setup( } } -psa_status_t psa_driver_wrapper_mac_update( +static inline psa_status_t psa_driver_wrapper_mac_update( psa_mac_operation_t *operation, const uint8_t *input, size_t input_length ) @@ -2264,7 +2394,7 @@ psa_status_t psa_driver_wrapper_mac_update( } } -psa_status_t psa_driver_wrapper_mac_sign_finish( +static inline psa_status_t psa_driver_wrapper_mac_sign_finish( psa_mac_operation_t *operation, uint8_t *mac, size_t mac_size, @@ -2299,7 +2429,7 @@ psa_status_t psa_driver_wrapper_mac_sign_finish( } } -psa_status_t psa_driver_wrapper_mac_verify_finish( +static inline psa_status_t psa_driver_wrapper_mac_verify_finish( psa_mac_operation_t *operation, const uint8_t *mac, size_t mac_length ) @@ -2332,7 +2462,7 @@ psa_status_t psa_driver_wrapper_mac_verify_finish( } } -psa_status_t psa_driver_wrapper_mac_abort( +static inline psa_status_t psa_driver_wrapper_mac_abort( psa_mac_operation_t *operation ) { switch( operation->id ) @@ -2360,7 +2490,7 @@ psa_status_t psa_driver_wrapper_mac_abort( /* * Asymmetric cryptography */ -psa_status_t psa_driver_wrapper_asymmetric_encrypt( +static inline psa_status_t psa_driver_wrapper_asymmetric_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, @@ -2418,7 +2548,7 @@ psa_status_t psa_driver_wrapper_asymmetric_encrypt( } } -psa_status_t psa_driver_wrapper_asymmetric_decrypt( +static inline psa_status_t psa_driver_wrapper_asymmetric_decrypt( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, @@ -2476,7 +2606,7 @@ psa_status_t psa_driver_wrapper_asymmetric_decrypt( } } -psa_status_t psa_driver_wrapper_key_agreement( +static inline psa_status_t psa_driver_wrapper_key_agreement( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -2487,7 +2617,7 @@ psa_status_t psa_driver_wrapper_key_agreement( size_t shared_secret_size, size_t *shared_secret_length ) - { +{ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); @@ -2507,6 +2637,25 @@ psa_status_t psa_driver_wrapper_key_agreement( if( status != PSA_ERROR_NOT_SUPPORTED ) return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ +#if defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED) + if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) && + PSA_ALG_IS_ECDH(alg) && + PSA_KEY_TYPE_ECC_GET_FAMILY(attributes->core.type) == PSA_ECC_FAMILY_SECP_R1 && + attributes->core.bits == 256 ) + { + status = p256_transparent_key_agreement( attributes, + key_buffer, + key_buffer_size, + alg, + peer_key, + peer_key_length, + shared_secret, + shared_secret_size, + shared_secret_length ); + if( status != PSA_ERROR_NOT_SUPPORTED) + return( status ); + } +#endif /* MBEDTLS_PSA_P256M_DRIVER_ENABLED */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Software Fallback */ @@ -2542,6 +2691,163 @@ psa_status_t psa_driver_wrapper_key_agreement( return( PSA_ERROR_NOT_SUPPORTED ); } - } +} + +static inline psa_status_t psa_driver_wrapper_pake_setup( + psa_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( psa_get_key_lifetime( &inputs->attributes ) ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ + status = PSA_ERROR_NOT_SUPPORTED; +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_pake_setup( + &operation->data.ctx.transparent_test_driver_ctx, + inputs ); + if( status == PSA_SUCCESS ) + operation->id = MBEDTLS_TEST_TRANSPARENT_DRIVER_ID; + /* Declared with fallback == true */ + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ +#if defined(MBEDTLS_PSA_BUILTIN_PAKE) + status = mbedtls_psa_pake_setup( &operation->data.ctx.mbedtls_ctx, + inputs ); + if( status == PSA_SUCCESS ) + operation->id = PSA_CRYPTO_MBED_TLS_DRIVER_ID; +#endif + return status; + /* Add cases for opaque driver here */ + default: + /* Key is declared with a lifetime not known to us */ + (void)operation; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + +static inline psa_status_t psa_driver_wrapper_pake_output( + psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length ) +{ + switch( operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_PAKE) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_pake_output( &operation->data.ctx.mbedtls_ctx, step, + output, output_size, output_length ) ); +#endif /* MBEDTLS_PSA_BUILTIN_PAKE */ + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: + return( mbedtls_test_transparent_pake_output( + &operation->data.ctx.transparent_test_driver_ctx, + step, output, output_size, output_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + (void) step; + (void) output; + (void) output_size; + (void) output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + +static inline psa_status_t psa_driver_wrapper_pake_input( + psa_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length ) +{ + switch( operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_PAKE) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_pake_input( &operation->data.ctx.mbedtls_ctx, + step, input, + input_length ) ); +#endif /* MBEDTLS_PSA_BUILTIN_PAKE */ + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: + return( mbedtls_test_transparent_pake_input( + &operation->data.ctx.transparent_test_driver_ctx, + step, + input, input_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + (void) step; + (void) input; + (void) input_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + +static inline psa_status_t psa_driver_wrapper_pake_get_implicit_key( + psa_pake_operation_t *operation, + uint8_t *output, size_t output_size, + size_t *output_length ) +{ + switch( operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_PAKE) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_pake_get_implicit_key( &operation->data.ctx.mbedtls_ctx, + output, output_size, output_length ) ); +#endif /* MBEDTLS_PSA_BUILTIN_PAKE */ + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: + return( mbedtls_test_transparent_pake_get_implicit_key( + &operation->data.ctx.transparent_test_driver_ctx, + output, output_size, output_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + (void) output; + (void) output_size; + (void) output_length; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + +static inline psa_status_t psa_driver_wrapper_pake_abort( + psa_pake_operation_t * operation ) +{ + switch( operation->id ) + { +#if defined(MBEDTLS_PSA_BUILTIN_PAKE) + case PSA_CRYPTO_MBED_TLS_DRIVER_ID: + return( mbedtls_psa_pake_abort( &operation->data.ctx.mbedtls_ctx ) ); +#endif /* MBEDTLS_PSA_BUILTIN_PAKE */ + +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case MBEDTLS_TEST_TRANSPARENT_DRIVER_ID: + return( mbedtls_test_transparent_pake_abort( + &operation->data.ctx.transparent_test_driver_ctx ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja new file mode 100644 index 000000000..dbe424c03 --- /dev/null +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja @@ -0,0 +1,236 @@ +/* + * Functions to delegate cryptographic operations to an available + * and appropriate accelerator. + * Warning: This file is now auto-generated. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +/* BEGIN-common headers */ +#include "common.h" +#include "psa_crypto_aead.h" +#include "psa_crypto_cipher.h" +#include "psa_crypto_core.h" +#include "psa_crypto_driver_wrappers_no_static.h" +#include "psa_crypto_hash.h" +#include "psa_crypto_mac.h" +#include "psa_crypto_pake.h" +#include "psa_crypto_rsa.h" + +#include "mbedtls/platform.h" +/* END-common headers */ + +#if defined(MBEDTLS_PSA_CRYPTO_C) + +/* BEGIN-driver headers */ +{% for driver in drivers -%} +/* Headers for {{driver.prefix}} {{driver.type}} driver */ +{% if driver['mbedtls/h_condition'] is defined -%} +#if {{ driver['mbedtls/h_condition'] }} +{% endif -%} +{% for header in driver.headers -%} +#include "{{ header }}" +{% endfor %} +{% if driver['mbedtls/h_condition'] is defined -%} +#endif +{% endif -%} +{% endfor %} +/* END-driver headers */ + +/* Auto-generated values depending on which drivers are registered. + * ID 0 is reserved for unallocated operations. + * ID 1 is reserved for the Mbed TLS software driver. */ +/* BEGIN-driver id definition */ +#define PSA_CRYPTO_MBED_TLS_DRIVER_ID (1) +{% for driver in drivers -%} +#define {{(driver.prefix + "_" + driver.type + "_driver_id").upper()}} ({{ loop.index + 1 }}) +{% endfor %} +/* END-driver id */ + +/* BEGIN-Common Macro definitions */ +{% macro entry_point_name(capability, entry_point, driver) -%} + {% if capability.name is defined and entry_point in capability.names.keys() -%} + {{ capability.names[entry_point]}} + {% else -%} + {{driver.prefix}}_{{driver.type}}_{{entry_point}} + {% endif -%} +{% endmacro %} +/* END-Common Macro definitions */ + +/* Support the 'old' SE interface when asked to */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +/* PSA_CRYPTO_DRIVER_PRESENT is defined when either a new-style or old-style + * SE driver is present, to avoid unused argument errors at compile time. */ +#ifndef PSA_CRYPTO_DRIVER_PRESENT +#define PSA_CRYPTO_DRIVER_PRESENT +#endif +#include "psa_crypto_se.h" +#endif + +/** Get the key buffer size required to store the key material of a key + * associated with an opaque driver. + * + * \param[in] attributes The key attributes. + * \param[out] key_buffer_size Minimum buffer size to contain the key material + * + * \retval #PSA_SUCCESS + * The minimum size for a buffer to contain the key material has been + * returned successfully. + * \retval #PSA_ERROR_NOT_SUPPORTED + * The type and/or the size in bits of the key or the combination of + * the two is not supported. + * \retval #PSA_ERROR_INVALID_ARGUMENT + * The key is declared with a lifetime not known to us. + */ +psa_status_t psa_driver_wrapper_get_key_buffer_size( + const psa_key_attributes_t *attributes, + size_t *key_buffer_size ) +{ + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + psa_key_type_t key_type = attributes->core.type; + size_t key_bits = attributes->core.bits; + + *key_buffer_size = 0; + switch( location ) + { +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LOCATION: +#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) + /* Emulate property 'builtin_key_size' */ + if( psa_key_id_is_builtin( + MBEDTLS_SVC_KEY_ID_GET_KEY_ID( + psa_get_key_id( attributes ) ) ) ) + { + *key_buffer_size = sizeof( psa_drv_slot_number_t ); + return( PSA_SUCCESS ); + } +#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ + *key_buffer_size = mbedtls_test_opaque_size_function( key_type, + key_bits ); + return( ( *key_buffer_size != 0 ) ? + PSA_SUCCESS : PSA_ERROR_NOT_SUPPORTED ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ + + default: + (void)key_type; + (void)key_bits; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + +psa_status_t psa_driver_wrapper_export_public_key( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + uint8_t *data, size_t data_size, size_t *data_length ) + +{ +{% with entry_point = "export_public_key" -%} +{% macro entry_point_param(driver) -%} +attributes, +key_buffer, +key_buffer_size, +data, +data_size, +data_length +{% endmacro %} + psa_status_t status = PSA_ERROR_INVALID_ARGUMENT; + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( + psa_get_key_lifetime( attributes ) ); + + /* Try dynamically-registered SE interface first */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + if( ( drv->key_management == NULL ) || + ( drv->key_management->p_export_public == NULL ) ) + { + return( PSA_ERROR_NOT_SUPPORTED ); + } + + return( drv->key_management->p_export_public( + drv_context, + *( (psa_key_slot_number_t *)key_buffer ), + data, data_size, data_length ) ); + } +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +{% with nest_indent=12 %} +{% include "OS-template-transparent.jinja" -%} +{% endwith -%} +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + /* Fell through, meaning no accelerator supports this operation */ + return( psa_export_public_key_internal( attributes, + key_buffer, + key_buffer_size, + data, + data_size, + data_length ) ); + + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +{% with nest_indent=8 %} +{% include "OS-template-opaque.jinja" -%} +{% endwith -%} +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + /* Key is declared with a lifetime not known to us */ + return( status ); + } +{% endwith %} +} + +psa_status_t psa_driver_wrapper_get_builtin_key( + psa_drv_slot_number_t slot_number, + psa_key_attributes_t *attributes, + uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) +{ +{% with entry_point = "get_builtin_key" -%} +{% macro entry_point_param(driver) -%} +slot_number, +attributes, +key_buffer, +key_buffer_size, +key_buffer_length +{% endmacro %} + psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + switch( location ) + { +#if defined(PSA_CRYPTO_DRIVER_TEST) +{% with nest_indent=8 %} +{% include "OS-template-opaque.jinja" -%} +{% endwith -%} +#endif /* PSA_CRYPTO_DRIVER_TEST */ + default: + (void) slot_number; + (void) key_buffer; + (void) key_buffer_size; + (void) key_buffer_length; + return( PSA_ERROR_DOES_NOT_EXIST ); + } +{% endwith %} +} + +#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt index d3217a191..0e4059760 100644 --- a/scripts/data_files/version_features.fmt +++ b/scripts/data_files/version_features.fmt @@ -44,6 +44,12 @@ int mbedtls_version_check_feature(const char *feature) return -1; } + if (strncmp(feature, "MBEDTLS_", 8)) { + return -1; + } + + feature += 8; + while (*idx != NULL) { if (!strcmp(*idx, feature)) { return 0; diff --git a/scripts/data_files/vs2010-app-template.vcxproj b/scripts/data_files/vs2013-app-template.vcxproj similarity index 89% rename from scripts/data_files/vs2010-app-template.vcxproj rename to scripts/data_files/vs2013-app-template.vcxproj index 039fd09a2..2fe9cf33b 100644 --- a/scripts/data_files/vs2010-app-template.vcxproj +++ b/scripts/data_files/vs2013-app-template.vcxproj @@ -99,7 +99,7 @@ INCLUDE_DIRECTORIES Console true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + bcrypt.lib;%(AdditionalDependencies) Debug @@ -118,7 +118,7 @@ INCLUDE_DIRECTORIES Console true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + bcrypt.lib;%(AdditionalDependencies) Debug @@ -142,7 +142,7 @@ INCLUDE_DIRECTORIES true true Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) + bcrypt.lib;%(AdditionalDependencies) @@ -162,7 +162,7 @@ INCLUDE_DIRECTORIES true true Release - %(AdditionalDependencies); + bcrypt.lib;%(AdditionalDependencies) diff --git a/scripts/data_files/vs2010-main-template.vcxproj b/scripts/data_files/vs2013-main-template.vcxproj similarity index 94% rename from scripts/data_files/vs2010-main-template.vcxproj rename to scripts/data_files/vs2013-main-template.vcxproj index c0f3a3c1f..51861e16c 100644 --- a/scripts/data_files/vs2010-main-template.vcxproj +++ b/scripts/data_files/vs2013-main-template.vcxproj @@ -91,6 +91,7 @@ INCLUDE_DIRECTORIES Windows true + bcrypt.lib;%(AdditionalDependencies) @@ -106,6 +107,7 @@ INCLUDE_DIRECTORIES Windows true + bcrypt.lib;%(AdditionalDependencies) @@ -124,6 +126,7 @@ INCLUDE_DIRECTORIES true true true + bcrypt.lib;%(AdditionalDependencies) diff --git a/scripts/data_files/vs2010-sln-template.sln b/scripts/data_files/vs2013-sln-template.sln similarity index 85% rename from scripts/data_files/vs2010-sln-template.sln rename to scripts/data_files/vs2013-sln-template.sln index fc65a0be5..615ce0423 100644 --- a/scripts/data_files/vs2010-sln-template.sln +++ b/scripts/data_files/vs2013-sln-template.sln @@ -1,6 +1,8 @@  -Microsoft Visual Studio Solution File, Format Version 11.00 -# Visual C++ Express 2010 +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 2013 +VisualStudioVersion = 12.0.31101.0 +MinimumVisualStudioVersion = 10.0.40219.1 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}" EndProject APP_ENTRIES diff --git a/scripts/data_files/vs6-app-template.dsp b/scripts/data_files/vs6-app-template.dsp deleted file mode 100644 index 87dbea247..000000000 --- a/scripts/data_files/vs6-app-template.dsp +++ /dev/null @@ -1,101 +0,0 @@ -# Microsoft Developer Studio Project File - Name="" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG= - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f ".mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f ".mak" CFG=" - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE " - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE " - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == " - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "" -# PROP BASE Intermediate_Dir "temp" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "" -# PROP Intermediate_Dir "temp" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x40c /d "NDEBUG" -# ADD RSC /l 0x40c /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == " - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "" -# PROP BASE Intermediate_Dir "temp" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "" -# PROP Intermediate_Dir "temp" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /W3 /Gm /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD BASE RSC /l 0x40c /d "_DEBUG" -# ADD RSC /l 0x40c /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name " - Win32 Release" -# Name " - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=..\..\programs\.c -# ADD CPP /I "../../include" -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/scripts/data_files/vs6-main-template.dsp b/scripts/data_files/vs6-main-template.dsp deleted file mode 100644 index 89d3fc731..000000000 --- a/scripts/data_files/vs6-main-template.dsp +++ /dev/null @@ -1,94 +0,0 @@ -# Microsoft Developer Studio Project File - Name="mbedtls" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Static Library" 0x0104 - -CFG=mbedtls - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "mbedtls.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "mbedtls.mak" CFG="mbedtls - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "mbedtls - Win32 Release" (based on "Win32 (x86) Static Library") -!MESSAGE "mbedtls - Win32 Debug" (based on "Win32 (x86) Static Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "mbedtls - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "" -# PROP BASE Intermediate_Dir "temp" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "" -# PROP Intermediate_Dir "temp" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /YX /FD /c -# ADD CPP /nologo /W3 /GX /O2 /I "../../include" /D "NDEBUG" /D "WIN32" /D "_MBCS" /D "_LIB" /YX /FD /c -# ADD BASE RSC /l 0x40c /d "NDEBUG" -# ADD RSC /l 0x40c /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LIB32=link.exe -lib -# ADD BASE LIB32 /nologo -# ADD LIB32 /nologo - -!ELSEIF "$(CFG)" == "mbedtls - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "" -# PROP BASE Intermediate_Dir "temp" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "" -# PROP Intermediate_Dir "temp" -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /Z7 /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c -# ADD CPP /nologo /W3 /GX /Z7 /Od /I "../../include" /D "_DEBUG" /D "WIN32" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c -# ADD BASE RSC /l 0x40c /d "_DEBUG" -# ADD RSC /l 0x40c /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LIB32=link.exe -lib -# ADD BASE LIB32 /nologo -# ADD LIB32 /nologo - -!ENDIF - -# Begin Target - -# Name "mbedtls - Win32 Release" -# Name "mbedtls - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -SOURCE_ENTRIES -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -HEADER_ENTRIES -# End Group -# End Target -# End Project diff --git a/scripts/data_files/vs6-workspace-template.dsw b/scripts/data_files/vs6-workspace-template.dsw deleted file mode 100644 index ef90098f4..000000000 --- a/scripts/data_files/vs6-workspace-template.dsw +++ /dev/null @@ -1,18 +0,0 @@ -Microsoft Developer Studio Workspace File, Format Version 6.00 -# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! - -APP_ENTRIES -############################################################################### - -Global: - -Package=<5> -{{{ -}}} - -Package=<3> -{{{ -}}} - -############################################################################### - diff --git a/scripts/driver.requirements.txt b/scripts/driver.requirements.txt index 9e26b3c1c..7b002ec78 100644 --- a/scripts/driver.requirements.txt +++ b/scripts/driver.requirements.txt @@ -14,6 +14,6 @@ markupsafe < 2.1 Jinja2 >= 2.10.1; python_version < '3.10' Jinja2 >= 2.10.3; python_version >= '3.10' # Jinja2 >=2.10, <3.0 needs a separate package for type annotations -types-Jinja2 +types-Jinja2 >= 2.11.9 jsonschema >= 3.2.0 -types-jsonschema +types-jsonschema >= 3.2.0 diff --git a/scripts/footprint.sh b/scripts/footprint.sh index 6c0fc2554..ae95db4a1 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -17,7 +17,7 @@ # # Purpose # -# This script determines ROM size (or code size) for the standard mbed TLS +# This script determines ROM size (or code size) for the standard Mbed TLS # configurations, when built for a Cortex M3/M4 target. # # Configurations included: @@ -108,7 +108,7 @@ else fi log "" -log "mbed TLS $MBEDTLS_VERSION$GIT_VERSION" +log "Mbed TLS $MBEDTLS_VERSION$GIT_VERSION" log "$( arm-none-eabi-gcc --version | head -n1 )" log "CFLAGS=$ARMGCC_FLAGS" diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index e0c479350..e0f282792 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -1,9 +1,10 @@ #!/usr/bin/env python3 -"""Generate library/psa_crypto_driver_wrappers.c +"""Generate library/psa_crypto_driver_wrappers.h + library/psa_crypto_driver_wrappers_no_static.c This module is invoked by the build scripts to auto generate the - psa_crypto_driver_wrappers.c based on template files in - script/data_files/driver_templates/. + psa_crypto_driver_wrappers.h and psa_crypto_driver_wrappers_no_static + based on template files in script/data_files/driver_templates/. """ # Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 @@ -59,19 +60,19 @@ def render(template_path: str, driver_jsoncontext: list) -> str: return template.render(drivers=driver_jsoncontext) - def generate_driver_wrapper_file(template_dir: str, output_dir: str, + template_file_name: str, driver_jsoncontext: list) -> None: """ Generate the file psa_crypto_driver_wrapper.c. """ driver_wrapper_template_filename = \ - os.path.join(template_dir, "psa_crypto_driver_wrappers.c.jinja") + os.path.join(template_dir, template_file_name) result = render(driver_wrapper_template_filename, driver_jsoncontext) - with open(file=os.path.join(output_dir, "psa_crypto_driver_wrappers.c"), + with open(file=os.path.join(output_dir, os.path.splitext(template_file_name)[0]), mode='w', encoding='UTF-8') as out_file: out_file.write(result) @@ -167,6 +168,9 @@ def trace_exception(e: Exception, file=sys.stderr) -> None: ), file) +TEMPLATE_FILENAMES = ["psa_crypto_driver_wrappers.h.jinja", + "psa_crypto_driver_wrappers_no_static.c.jinja"] + def main() -> int: """ Main with command line arguments. @@ -207,7 +211,9 @@ def main() -> int: except DriverReaderException as e: trace_exception(e) return 1 - generate_driver_wrapper_file(template_directory, output_directory, merged_driver_json) + for template_filename in TEMPLATE_FILENAMES: + generate_driver_wrapper_file(template_directory, output_directory, + template_filename, merged_driver_json) return 0 diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 878cfba33..664a349e9 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -49,7 +49,7 @@ my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES ENTROPY ERROR GCM HKDF HMAC_DRBG LMS MD5 NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160 - SHA1 SHA256 SHA512 THREADING ); + SHA1 SHA256 SHA512 SHA3 THREADING ); my @high_level_modules = qw( CIPHER DHM ECP MD PEM PK PKCS12 PKCS5 RSA SSL X509 PKCS7 ); diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index b99c637c5..49cca2ec3 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -39,8 +39,8 @@ if( @ARGV ) { my $feature_format_file = $data_dir.'/version_features.fmt'; -my @sections = ( "System support", "mbed TLS modules", - "mbed TLS feature support" ); +my @sections = ( "System support", "Mbed TLS modules", + "Mbed TLS feature support" ); my $line_separator = $/; undef $/; @@ -66,11 +66,14 @@ while (my $line = ) $in_section = 0; next; } - - my ($define) = $line =~ /#define (\w+)/; - $feature_defines .= "#if defined(${define})\n"; - $feature_defines .= " \"${define}\",\n"; - $feature_defines .= "#endif /* ${define} */\n"; + # Strip leading MBEDTLS_ to save binary size + my ($mbedtls_prefix, $define) = $line =~ /#define (MBEDTLS_)?(\w+)/; + if (!$mbedtls_prefix) { + die "Feature does not start with 'MBEDTLS_': $line\n"; + } + $feature_defines .= "#if defined(MBEDTLS_${define})\n"; + $feature_defines .= " \"${define}\", //no-check-names\n"; + $feature_defines .= "#endif /* MBEDTLS_${define} */\n"; } if (!$in_section) { diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index ddbebfa44..69eca8344 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -7,15 +7,16 @@ # form (if any). This facilitates querying the compile time configuration of # the library, for example, for testing. # -# The query_config.c is generated from the current configuration at -# include/mbedtls/mbedtls_config.h. The idea is that the mbedtls_config.h contains ALL the +# The query_config.c is generated from the default configuration files +# include/mbedtls/mbedtls_config.h and include/psa/crypto_config.h. +# The idea is that mbedtls_config.h and crypto_config.h contain ALL the # compile time configurations available in Mbed TLS (commented or uncommented). -# This script extracts the configuration macros from the mbedtls_config.h and this +# This script extracts the configuration macros from the two files and this # information is used to automatically generate the body of the query_config() # function by using the template in scripts/data_files/query_config.fmt. # # Usage: scripts/generate_query_config.pl without arguments, or -# generate_query_config.pl mbedtls_config_file template_file output_file [psa_crypto_config_file] +# generate_query_config.pl mbedtls_config_file psa_crypto_config_file template_file output_file # # Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 @@ -34,29 +35,25 @@ use strict; -my ($mbedtls_config_file, $query_config_format_file, $query_config_file, $psa_crypto_config_file); +my ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file); my $default_mbedtls_config_file = "./include/mbedtls/mbedtls_config.h"; +my $default_psa_crypto_config_file = "./include/psa/crypto_config.h"; my $default_query_config_format_file = "./scripts/data_files/query_config.fmt"; my $default_query_config_file = "./programs/test/query_config.c"; -my $default_psa_crypto_config_file = "./include/psa/crypto_config.h"; if( @ARGV ) { - die "Invalid number of arguments - usage: $0 [CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 3; - ($mbedtls_config_file, $query_config_format_file, $query_config_file) = @ARGV; + die "Invalid number of arguments - usage: $0 [MBED_TLS_CONFIG_FILE PSA_CRYPTO_CONFIG_FILE TEMPLATE_FILE OUTPUT_FILE]" if scalar @ARGV != 4; + ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file) = @ARGV; -f $mbedtls_config_file or die "No such file: $mbedtls_config_file"; + -f $psa_crypto_config_file or die "No such file: $psa_crypto_config_file"; -f $query_config_format_file or die "No such file: $query_config_format_file"; - if (defined($psa_crypto_config_file) && length($psa_crypto_config_file)) { - -f $psa_crypto_config_file or die "No such file: $psa_crypto_config_file"; - } else { - $psa_crypto_config_file = (-f $default_psa_crypto_config_file) ? $default_psa_crypto_config_file : undef; - } } else { $mbedtls_config_file = $default_mbedtls_config_file; + $psa_crypto_config_file = $default_psa_crypto_config_file; $query_config_format_file = $default_query_config_format_file; $query_config_file = $default_query_config_file; - $psa_crypto_config_file = $default_psa_crypto_config_file; unless(-f $mbedtls_config_file && -f $query_config_format_file && -f $psa_crypto_config_file) { chdir '..' or die; diff --git a/scripts/generate_ssl_debug_helpers.py b/scripts/generate_ssl_debug_helpers.py index 3127afcee..19be41521 100755 --- a/scripts/generate_ssl_debug_helpers.py +++ b/scripts/generate_ssl_debug_helpers.py @@ -209,24 +209,18 @@ class EnumDefinition: continue member = field.strip().split()[0] translation_table.append( - '{space}[{member}] = "{member}",'.format(member=member, - space=' '*8) + '{space}case {member}:\n{space} return "{member}";' + .format(member=member, space=' '*8) ) body = textwrap.dedent('''\ const char *{name}_str( {prototype} in ) {{ - const char * in_to_str[]= - {{ + switch (in) {{ {translation_table} - }}; - - if( in > ( sizeof( in_to_str )/sizeof( in_to_str[0]) - 1 ) || - in_to_str[ in ] == NULL ) - {{ - return "UNKNOWN_VALUE"; + default: + return "UNKNOWN_VALUE"; }} - return in_to_str[ in ]; }} ''') body = body.format(translation_table='\n'.join(translation_table), diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 5500c6fad..4fad322a6 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -1,9 +1,9 @@ #!/usr/bin/env perl -# Generate main file, individual apps and solution files for MS Visual Studio -# 2010 +# Generate main file, individual apps and solution files for +# MS Visual Studio 2013 # -# Must be run from mbedTLS root or scripts directory. +# Must be run from Mbed TLS root or scripts directory. # Takes no argument. # # Copyright The Mbed TLS Contributors @@ -25,12 +25,12 @@ use warnings; use strict; use Digest::MD5 'md5_hex'; -my $vsx_dir = "visualc/VS2010"; +my $vsx_dir = "visualc/VS2013"; my $vsx_ext = "vcxproj"; -my $vsx_app_tpl_file = "scripts/data_files/vs2010-app-template.$vsx_ext"; -my $vsx_main_tpl_file = "scripts/data_files/vs2010-main-template.$vsx_ext"; +my $vsx_app_tpl_file = "scripts/data_files/vs2013-app-template.$vsx_ext"; +my $vsx_main_tpl_file = "scripts/data_files/vs2013-main-template.$vsx_ext"; my $vsx_main_file = "$vsx_dir/mbedTLS.$vsx_ext"; -my $vsx_sln_tpl_file = "scripts/data_files/vs2010-sln-template.sln"; +my $vsx_sln_tpl_file = "scripts/data_files/vs2013-sln-template.sln"; my $vsx_sln_file = "$vsx_dir/mbedTLS.sln"; my $programs_dir = 'programs'; @@ -58,7 +58,7 @@ my @include_directories = qw( include 3rdparty/everest/include/ 3rdparty/everest/include/everest - 3rdparty/everest/include/everest/vs2010 + 3rdparty/everest/include/everest/vs2013 3rdparty/everest/include/everest/kremlib tests/include ); @@ -256,7 +256,7 @@ sub del_vsx_files { sub main { if( ! check_dirs() ) { chdir '..' or die; - check_dirs or die "Must but run from mbedTLS root or scripts dir\n"; + check_dirs or die "Must be run from Mbed TLS root or scripts dir\n"; } # Remove old files to ensure that, for example, project files from deleted diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 8d141eedf..6bba02fd2 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -51,7 +51,7 @@ lcov_library_report () { lcov --rc lcov_branch_coverage=1 --add-tracefile Coverage/tmp/files.info --add-tracefile Coverage/tmp/tests.info -o Coverage/tmp/all.info lcov --rc lcov_branch_coverage=1 --remove Coverage/tmp/all.info -o Coverage/tmp/final.info '*.h' gendesc tests/Descriptions.txt -o Coverage/tmp/descriptions - genhtml --title "mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info + genhtml --title "Mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info rm -f Coverage/tmp/*.info Coverage/tmp/descriptions echo "Coverage report in: Coverage/index.html" } diff --git a/scripts/make_generated_files.bat b/scripts/make_generated_files.bat index e9d92758a..abcfc3945 100644 --- a/scripts/make_generated_files.bat +++ b/scripts/make_generated_files.bat @@ -1,7 +1,7 @@ @rem Generate automatically-generated configuration-independent source files @rem and build scripts. @rem Perl and Python 3 must be on the PATH. -@rem psa_crypto_driver_wrappers.c needs to be generated prior to +@rem psa_crypto_driver_wrappers.h needs to be generated prior to @rem generate_visualc_files.pl being invoked. python scripts\generate_driver_wrappers.py || exit /b 1 perl scripts\generate_errors.pl || exit /b 1 @@ -11,4 +11,5 @@ python scripts\generate_ssl_debug_helpers.py || exit /b 1 perl scripts\generate_visualc_files.pl || exit /b 1 python scripts\generate_psa_constants.py || exit /b 1 python tests\scripts\generate_bignum_tests.py || exit /b 1 +python tests\scripts\generate_ecp_tests.py || exit /b 1 python tests\scripts\generate_psa_tests.py || exit /b 1 diff --git a/scripts/mbedtls_dev/bignum_common.py b/scripts/mbedtls_dev/bignum_common.py index 242217554..3bef16db6 100644 --- a/scripts/mbedtls_dev/bignum_common.py +++ b/scripts/mbedtls_dev/bignum_common.py @@ -17,7 +17,9 @@ from abc import abstractmethod import enum from typing import Iterator, List, Tuple, TypeVar, Any +from copy import deepcopy from itertools import chain +from math import ceil from . import test_case from . import test_data_generation @@ -68,12 +70,39 @@ def bound_mpi_limbs(limbs: int, bits_in_limb: int) -> int: def limbs_mpi(val: int, bits_in_limb: int) -> int: """Return the number of limbs required to store value.""" - return (val.bit_length() + bits_in_limb - 1) // bits_in_limb + bit_length = max(val.bit_length(), 1) + return (bit_length + bits_in_limb - 1) // bits_in_limb def combination_pairs(values: List[T]) -> List[Tuple[T, T]]: """Return all pair combinations from input values.""" return [(x, y) for x in values for y in values] +def bits_to_limbs(bits: int, bits_in_limb: int) -> int: + """ Return the appropriate ammount of limbs needed to store + a number contained in input bits""" + return ceil(bits / bits_in_limb) + +def hex_digits_for_limb(limbs: int, bits_in_limb: int) -> int: + """ Return the hex digits need for a number of limbs. """ + return 2 * ((limbs * bits_in_limb) // 8) + +def hex_digits_max_int(val: str, bits_in_limb: int) -> int: + """ Return the first number exceeding maximum the limb space + required to store the input hex-string value. This method + weights on the input str_len rather than numerical value + and works with zero-padded inputs""" + n = ((1 << (len(val) * 4)) - 1) + l = limbs_mpi(n, bits_in_limb) + return bound_mpi_limbs(l, bits_in_limb) + +def zfill_match(reference: str, target: str) -> str: + """ Zero pad target hex-string to match the limb size of + the reference input """ + lt = len(target) + lr = len(reference) + target_len = lr if lt < lr else lt + return "{:x}".format(int(target, 16)).zfill(target_len) + class OperationCommon(test_data_generation.BaseTest): """Common features for bignum binary operations. @@ -99,6 +128,7 @@ class OperationCommon(test_data_generation.BaseTest): symbol = "" input_values = INPUTS_DEFAULT # type: List[str] input_cases = [] # type: List[Any] + dependencies = [] # type: List[Any] unique_combinations_only = False input_styles = ["variable", "fixed", "arch_split"] # type: List[str] input_style = "variable" # type: str @@ -114,10 +144,11 @@ class OperationCommon(test_data_generation.BaseTest): # provides earlier/more robust input validation. self.int_a = hex_to_int(val_a) self.int_b = hex_to_int(val_b) + self.dependencies = deepcopy(self.dependencies) if bits_in_limb not in self.limb_sizes: raise ValueError("Invalid number of bits in limb!") if self.input_style == "arch_split": - self.dependencies = ["MBEDTLS_HAVE_INT{:d}".format(bits_in_limb)] + self.dependencies.append("MBEDTLS_HAVE_INT{:d}".format(bits_in_limb)) self.bits_in_limb = bits_in_limb @property @@ -138,7 +169,7 @@ class OperationCommon(test_data_generation.BaseTest): @property def hex_digits(self) -> int: - return 2 * (self.limbs * self.bits_in_limb // 8) + return hex_digits_for_limb(self.limbs, self.bits_in_limb) def format_arg(self, val: str) -> str: if self.input_style not in self.input_styles: @@ -384,43 +415,3 @@ class ModOperationCommon(OperationCommon): lambda test_object: test_object.is_valid, chain(test_objects, special_cases) )) - -# BEGIN MERGE SLOT 1 - -# END MERGE SLOT 1 - -# BEGIN MERGE SLOT 2 - -# END MERGE SLOT 2 - -# BEGIN MERGE SLOT 3 - -# END MERGE SLOT 3 - -# BEGIN MERGE SLOT 4 - -# END MERGE SLOT 4 - -# BEGIN MERGE SLOT 5 - -# END MERGE SLOT 5 - -# BEGIN MERGE SLOT 6 - -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 - -# END MERGE SLOT 7 - -# BEGIN MERGE SLOT 8 - -# END MERGE SLOT 8 - -# BEGIN MERGE SLOT 9 - -# END MERGE SLOT 9 - -# BEGIN MERGE SLOT 10 - -# END MERGE SLOT 10 diff --git a/scripts/mbedtls_dev/bignum_core.py b/scripts/mbedtls_dev/bignum_core.py index 24d37cbc7..563492b29 100644 --- a/scripts/mbedtls_dev/bignum_core.py +++ b/scripts/mbedtls_dev/bignum_core.py @@ -21,6 +21,7 @@ from typing import Dict, Iterator, List, Tuple from . import test_case from . import test_data_generation from . import bignum_common +from .bignum_data import ADD_SUB_DATA class BignumCoreTarget(test_data_generation.BaseTarget): #pylint: disable=abstract-method, too-few-public-methods @@ -68,6 +69,68 @@ class BignumCoreShiftR(BignumCoreTarget, test_data_generation.BaseTest): for count in counts: yield cls(input_hex, descr, count).create_test_case() + +class BignumCoreShiftL(BignumCoreTarget, bignum_common.ModOperationCommon): + """Test cases for mbedtls_bignum_core_shift_l().""" + + BIT_SHIFT_VALUES = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', + '1f', '20', '21', '3f', '40', '41', '47', '48', '4f', + '50', '51', '58', '80', '81', '88'] + DATA = ["0", "1", "40", "dee5ca1a7ef10a75", "a1055eb0bb1efa1150ff", + "002e7ab0070ad57001", "020100000000000000001011121314151617", + "1946e2958a85d8863ae21f4904fcc49478412534ed53eaf321f63f2a222" + "7a3c63acbf50b6305595f90cfa8327f6db80d986fe96080bcbb5df1bdbe" + "9b74fb8dedf2bddb3f8215b54dffd66409323bcc473e45a8fe9d08e77a51" + "1698b5dad0416305db7fcf"] + arity = 1 + test_function = "mpi_core_shift_l" + test_name = "Core shift(L)" + input_style = "arch_split" + symbol = "<<" + input_values = BIT_SHIFT_VALUES + moduli = DATA + + @property + def val_n_max_limbs(self) -> int: + """ Return the limb count required to store the maximum number that can + fit in a the number of digits used by val_n """ + m = bignum_common.hex_digits_max_int(self.val_n, self.bits_in_limb) - 1 + return bignum_common.limbs_mpi(m, self.bits_in_limb) + + def arguments(self) -> List[str]: + return [bignum_common.quote_str(self.val_n), + str(self.int_a) + ] + self.result() + + def description(self) -> str: + """ Format the output as: + #{count} {hex input} ({input bits} {limbs capacity}) << {bit shift} """ + bits = "({} bits in {} limbs)".format(self.int_n.bit_length(), self.val_n_max_limbs) + return "{} #{} {} {} {} {}".format(self.test_name, + self.count, + self.val_n, + bits, + self.symbol, + self.int_a) + + def format_result(self, res: int) -> str: + # Override to match zero-pading for leading digits between the output and input. + res_str = bignum_common.zfill_match(self.val_n, "{:x}".format(res)) + return bignum_common.quote_str(res_str) + + def result(self) -> List[str]: + result = (self.int_n << self.int_a) + # Calculate if there is space for shifting to the left(leading zero limbs) + mx = bignum_common.hex_digits_max_int(self.val_n, self.bits_in_limb) + # If there are empty limbs ahead, adjust the bitmask accordingly + result = result & (mx - 1) + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + class BignumCoreCTLookup(BignumCoreTarget, test_data_generation.BaseTest): """Test cases for mbedtls_mpi_core_ct_uint_table_lookup().""" test_function = "mpi_core_ct_uint_table_lookup" @@ -114,6 +177,7 @@ class BignumCoreAddAndAddIf(BignumCoreTarget, bignum_common.OperationCommon): test_function = "mpi_core_add_and_add_if" test_name = "mpi_core_add_and_add_if" input_style = "arch_split" + input_values = ADD_SUB_DATA unique_combinations_only = True def result(self) -> List[str]: @@ -134,6 +198,7 @@ class BignumCoreSub(BignumCoreTarget, bignum_common.OperationCommon): symbol = "-" test_function = "mpi_core_sub" test_name = "mbedtls_mpi_core_sub" + input_values = ADD_SUB_DATA def result(self) -> List[str]: if self.int_a >= self.int_b: @@ -230,6 +295,31 @@ class BignumCoreMLA(BignumCoreTarget, bignum_common.OperationCommon): yield cur_op.create_test_case() +class BignumCoreMul(BignumCoreTarget, bignum_common.OperationCommon): + """Test cases for bignum core multiplication.""" + count = 0 + input_style = "arch_split" + symbol = "*" + test_function = "mpi_core_mul" + test_name = "mbedtls_mpi_core_mul" + arity = 2 + unique_combinations_only = True + + def format_arg(self, val: str) -> str: + return val + + def format_result(self, res: int) -> str: + res_str = '{:x}'.format(res) + a_limbs = bignum_common.limbs_mpi(self.int_a, self.bits_in_limb) + b_limbs = bignum_common.limbs_mpi(self.int_b, self.bits_in_limb) + hex_digits = bignum_common.hex_digits_for_limb(a_limbs + b_limbs, self.bits_in_limb) + return bignum_common.quote_str(self.format_arg(res_str).zfill(hex_digits)) + + def result(self) -> List[str]: + result = self.int_a * self.int_b + return [self.format_result(result)] + + class BignumCoreMontmul(BignumCoreTarget, test_data_generation.BaseTest): """Test cases for Montgomery multiplication.""" count = 0 @@ -749,7 +839,6 @@ def mpi_modmul_case_generate() -> None: i += 1 print(generated_inputs) -# BEGIN MERGE SLOT 1 class BignumCoreExpMod(BignumCoreTarget, bignum_common.ModOperationCommon): """Test cases for bignum core exponentiation.""" @@ -771,13 +860,6 @@ class BignumCoreExpMod(BignumCoreTarget, bignum_common.ModOperationCommon): # the modulus (see for example exponent blinding) return bool(self.int_a < self.int_n) -# END MERGE SLOT 1 - -# BEGIN MERGE SLOT 2 - -# END MERGE SLOT 2 - -# BEGIN MERGE SLOT 3 class BignumCoreSubInt(BignumCoreTarget, bignum_common.OperationCommon): """Test cases for bignum core sub int.""" @@ -823,33 +905,3 @@ class BignumCoreZeroCheckCT(BignumCoreTarget, bignum_common.OperationCommon): def result(self) -> List[str]: result = 1 if self.int_a == 0 else 0 return [str(result)] - -# END MERGE SLOT 3 - -# BEGIN MERGE SLOT 4 - -# END MERGE SLOT 4 - -# BEGIN MERGE SLOT 5 - -# END MERGE SLOT 5 - -# BEGIN MERGE SLOT 6 - -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 - -# END MERGE SLOT 7 - -# BEGIN MERGE SLOT 8 - -# END MERGE SLOT 8 - -# BEGIN MERGE SLOT 9 - -# END MERGE SLOT 9 - -# BEGIN MERGE SLOT 10 - -# END MERGE SLOT 10 diff --git a/scripts/mbedtls_dev/bignum_data.py b/scripts/mbedtls_dev/bignum_data.py index 0a48e538d..897e31989 100644 --- a/scripts/mbedtls_dev/bignum_data.py +++ b/scripts/mbedtls_dev/bignum_data.py @@ -106,6 +106,29 @@ INPUTS_DEFAULT = [ RANDOM_1024_BIT_SEED_4_NO2, # largest (not a prime) ] +ADD_SUB_DATA = [ + "0", "1", "3", "f", "fe", "ff", "100", "ff00", + "fffe", "ffff", "10000", # 2^16 - 1, 2^16, 2^16 + 1 + "fffffffe", "ffffffff", "100000000", # 2^32 - 1, 2^32, 2^32 + 1 + "1f7f7f7f7f7f7f", + "8000000000000000", "fefefefefefefefe", + "fffffffffffffffe", "ffffffffffffffff", "10000000000000000", # 2^64 - 1, 2^64, 2^64 + 1 + "1234567890abcdef0", + "fffffffffffffffffffffffe", + "ffffffffffffffffffffffff", + "1000000000000000000000000", + "fffffffffffffffffefefefefefefefe", + "fffffffffffffffffffffffffffffffe", + "ffffffffffffffffffffffffffffffff", + "100000000000000000000000000000000", + "1234567890abcdef01234567890abcdef0", + "fffffffffffffffffffffffffffffffffffffffffffffffffefefefefefefefe", + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe", + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "10000000000000000000000000000000000000000000000000000000000000000", + "1234567890abcdef01234567890abcdef01234567890abcdef01234567890abcdef0", + ] + # Only odd moduli are present as in the new bignum code only odd moduli are # supported for now. MODULI_DEFAULT = [ diff --git a/scripts/mbedtls_dev/bignum_mod.py b/scripts/mbedtls_dev/bignum_mod.py index a83e1360a..77c7b1bbd 100644 --- a/scripts/mbedtls_dev/bignum_mod.py +++ b/scripts/mbedtls_dev/bignum_mod.py @@ -25,11 +25,6 @@ class BignumModTarget(test_data_generation.BaseTarget): """Target for bignum mod test case generation.""" target_basename = 'test_suite_bignum_mod.generated' -# BEGIN MERGE SLOT 1 - -# END MERGE SLOT 1 - -# BEGIN MERGE SLOT 2 class BignumModMul(bignum_common.ModOperationCommon, BignumModTarget): @@ -51,9 +46,6 @@ class BignumModMul(bignum_common.ModOperationCommon, result = (self.int_a * self.int_b) % self.int_n return [self.format_result(self.to_montgomery(result))] -# END MERGE SLOT 2 - -# BEGIN MERGE SLOT 3 class BignumModSub(bignum_common.ModOperationCommon, BignumModTarget): """Test cases for bignum mpi_mod_sub().""" @@ -105,13 +97,7 @@ class BignumModInvMont(bignum_common.ModOperationCommon, BignumModTarget): # generated cases return [self.format_result(mont_result), "0"] -# END MERGE SLOT 3 -# BEGIN MERGE SLOT 4 - -# END MERGE SLOT 4 - -# BEGIN MERGE SLOT 5 class BignumModAdd(bignum_common.ModOperationCommon, BignumModTarget): """Test cases for bignum mpi_mod_add().""" count = 0 @@ -125,26 +111,3 @@ class BignumModAdd(bignum_common.ModOperationCommon, BignumModTarget): # To make negative tests easier, append "0" for success to the # generated cases return [self.format_result(result), "0"] - - -# END MERGE SLOT 5 - -# BEGIN MERGE SLOT 6 - -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 - -# END MERGE SLOT 7 - -# BEGIN MERGE SLOT 8 - -# END MERGE SLOT 8 - -# BEGIN MERGE SLOT 9 - -# END MERGE SLOT 9 - -# BEGIN MERGE SLOT 10 - -# END MERGE SLOT 10 diff --git a/scripts/mbedtls_dev/bignum_mod_raw.py b/scripts/mbedtls_dev/bignum_mod_raw.py index f9d9899f6..7121f2f49 100644 --- a/scripts/mbedtls_dev/bignum_mod_raw.py +++ b/scripts/mbedtls_dev/bignum_mod_raw.py @@ -26,11 +26,6 @@ class BignumModRawTarget(test_data_generation.BaseTarget): """Target for bignum mod_raw test case generation.""" target_basename = 'test_suite_bignum_mod_raw.generated' -# BEGIN MERGE SLOT 1 - -# END MERGE SLOT 1 - -# BEGIN MERGE SLOT 2 class BignumModRawSub(bignum_common.ModOperationCommon, BignumModRawTarget): @@ -51,6 +46,37 @@ class BignumModRawSub(bignum_common.ModOperationCommon, result = (self.int_a - self.int_b) % self.int_n return [self.format_result(result)] +class BignumModRawFixQuasiReduction(bignum_common.ModOperationCommon, + BignumModRawTarget): + """Test cases for ecp quasi_reduction().""" + symbol = "-" + test_function = "mpi_mod_raw_fix_quasi_reduction" + test_name = "fix_quasi_reduction" + input_style = "fixed" + arity = 1 + + # Extend the default values with n < x < 2n + input_values = bignum_common.ModOperationCommon.input_values + [ + "73", + + # First number generated by random.getrandbits(1024) - seed(3,2) + "ea7b5bf55eb561a4216363698b529b4a97b750923ceb3ffd", + + # First number generated by random.getrandbits(1024) - seed(1,2) + ("cd447e35b8b6d8fe442e3d437204e52db2221a58008a05a6c4647159c324c985" + "9b810e766ec9d28663ca828dd5f4b3b2e4b06ce60741c7a87ce42c8218072e8c" + "35bf992dc9e9c616612e7696a6cecc1b78e510617311d8a3c2ce6f447ed4d57b" + "1e2feb89414c343c1027c4d1c386bbc4cd613e30d8f16adf91b7584a2265b1f5") + ] # type: List[str] + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return bool(self.int_a < 2 * self.int_n) + class BignumModRawMul(bignum_common.ModOperationCommon, BignumModRawTarget): """Test cases for bignum mpi_mod_raw_mul().""" @@ -70,9 +96,6 @@ class BignumModRawMul(bignum_common.ModOperationCommon, result = (self.int_a * self.int_b) % self.int_n return [self.format_result(self.to_montgomery(result))] -# END MERGE SLOT 2 - -# BEGIN MERGE SLOT 3 class BignumModRawInvPrime(bignum_common.ModOperationCommon, BignumModRawTarget): @@ -92,13 +115,6 @@ class BignumModRawInvPrime(bignum_common.ModOperationCommon, mont_result = self.to_montgomery(result) return [self.format_result(mont_result)] -# END MERGE SLOT 3 - -# BEGIN MERGE SLOT 4 - -# END MERGE SLOT 4 - -# BEGIN MERGE SLOT 5 class BignumModRawAdd(bignum_common.ModOperationCommon, BignumModRawTarget): @@ -113,9 +129,6 @@ class BignumModRawAdd(bignum_common.ModOperationCommon, result = (self.int_a + self.int_b) % self.int_n return [self.format_result(result)] -# END MERGE SLOT 5 - -# BEGIN MERGE SLOT 6 class BignumModRawConvertRep(bignum_common.ModOperationCommon, BignumModRawTarget): @@ -199,9 +212,6 @@ class BignumModRawModulusToCanonicalRep(BignumModRawConvertRep): def result(self) -> List[str]: return [self.format_result(self.int_a)] -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 class BignumModRawConvertToMont(bignum_common.ModOperationCommon, BignumModRawTarget): @@ -241,16 +251,3 @@ class BignumModRawModNegate(bignum_common.ModOperationCommon, def result(self) -> List[str]: result = (self.int_n - self.int_a) % self.int_n return [self.format_result(result)] -# END MERGE SLOT 7 - -# BEGIN MERGE SLOT 8 - -# END MERGE SLOT 8 - -# BEGIN MERGE SLOT 9 - -# END MERGE SLOT 9 - -# BEGIN MERGE SLOT 10 - -# END MERGE SLOT 10 diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index f52b785d9..2e10c88e2 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -19,12 +19,19 @@ import os import inspect +def looks_like_tf_psa_crypto_root(path: str) -> bool: + """Whether the given directory looks like the root of the PSA Crypto source tree.""" + return all(os.path.isdir(os.path.join(path, subdir)) + for subdir in ['include', 'core', 'drivers', 'programs', 'tests']) def looks_like_mbedtls_root(path: str) -> bool: """Whether the given directory looks like the root of the Mbed TLS source tree.""" return all(os.path.isdir(os.path.join(path, subdir)) for subdir in ['include', 'library', 'programs', 'tests']) +def looks_like_root(path: str) -> bool: + return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path) + def check_repo_path(): """ Check that the current working directory is the project root, and throw @@ -42,7 +49,7 @@ def chdir_to_root() -> None: for d in [os.path.curdir, os.path.pardir, os.path.join(os.path.pardir, os.path.pardir)]: - if looks_like_mbedtls_root(d): + if looks_like_root(d): os.chdir(d) return raise Exception('Mbed TLS source tree not found') @@ -62,6 +69,6 @@ def guess_mbedtls_root(): if d in dirs: continue dirs.add(d) - if looks_like_mbedtls_root(d): + if looks_like_root(d): return d raise Exception('Mbed TLS source tree not found') diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 459afba42..9bd17d608 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -89,6 +89,37 @@ int main(void) } ''') +def compile_c_file(c_filename, exe_filename, include_dirs): + """Compile a C source file with the host compiler. + + * ``c_filename``: the name of the source file to compile. + * ``exe_filename``: the name for the executable to be created. + * ``include_dirs``: a list of paths to include directories to be passed + with the -I switch. + """ + # Respect $HOSTCC if it is set + cc = os.getenv('HOSTCC', None) + if cc is None: + cc = os.getenv('CC', 'cc') + cmd = [cc] + + proc = subprocess.Popen(cmd, + stdout=subprocess.DEVNULL, + stderr=subprocess.PIPE, + universal_newlines=True) + cc_is_msvc = 'Microsoft (R) C/C++' in proc.communicate()[1] + + cmd += ['-I' + dir for dir in include_dirs] + if cc_is_msvc: + # MSVC has deprecated using -o to specify the output file, + # and produces an object file in the working directory by default. + obj_filename = exe_filename[:-4] + '.obj' + cmd += ['-Fe' + exe_filename, '-Fo' + obj_filename] + else: + cmd += ['-o' + exe_filename] + + subprocess.check_call(cmd + [c_filename]) + def get_c_expression_values( cast_to, printf_format, expressions, @@ -128,24 +159,8 @@ def get_c_expression_values( expressions) ) c_file.close() - cc = os.getenv('CC', 'cc') - cmd = [cc] - proc = subprocess.Popen(cmd, - stdout=subprocess.DEVNULL, - stderr=subprocess.PIPE, - universal_newlines=True) - cc_is_msvc = 'Microsoft (R) C/C++' in proc.communicate()[1] - - cmd += ['-I' + dir for dir in include_path] - if cc_is_msvc: - # MSVC has deprecated using -o to specify the output file, - # and produces an object file in the working directory by default. - obj_name = exe_name[:-4] + '.obj' - cmd += ['-Fe' + exe_name, '-Fo' + obj_name] - else: - cmd += ['-o' + exe_name] - subprocess.check_call(cmd + [c_name]) + compile_c_file(c_name, exe_name, include_path) if keep_c: sys.stderr.write('List of {} tests kept at {}\n' .format(caller, c_name)) diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py new file mode 100644 index 000000000..7593952da --- /dev/null +++ b/scripts/mbedtls_dev/crypto_data_tests.py @@ -0,0 +1,123 @@ +"""Generate test data for cryptographic mechanisms. + +This module is a work in progress, only implementing a few cases for now. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import hashlib +from typing import Callable, Dict, Iterator, List, Optional #pylint: disable=unused-import + +from . import crypto_knowledge +from . import psa_information +from . import test_case + + +def psa_low_level_dependencies(*expressions: str) -> List[str]: + """Infer dependencies of a PSA low-level test case by looking for PSA_xxx symbols. + + This function generates MBEDTLS_PSA_BUILTIN_xxx symbols. + """ + high_level = psa_information.automatic_dependencies(*expressions) + for dep in high_level: + assert dep.startswith('PSA_WANT_') + return ['MBEDTLS_PSA_BUILTIN_' + dep[9:] for dep in high_level] + + +class HashPSALowLevel: + """Generate test cases for the PSA low-level hash interface.""" + + def __init__(self, info: psa_information.Information) -> None: + self.info = info + base_algorithms = sorted(info.constructors.algorithms) + all_algorithms = \ + [crypto_knowledge.Algorithm(expr) + for expr in info.constructors.generate_expressions(base_algorithms)] + self.algorithms = \ + [alg + for alg in all_algorithms + if (not alg.is_wildcard and + alg.can_do(crypto_knowledge.AlgorithmCategory.HASH))] + + # CALCULATE[alg] = function to return the hash of its argument in hex + # TO-DO: implement the None entries with a third-party library, because + # hashlib might not have everything, depending on the Python version and + # the underlying OpenSSL. On Ubuntu 16.04, truncated sha512 and sha3/shake + # are not available. On Ubuntu 22.04, md2, md4 and ripemd160 are not + # available. + CALCULATE = { + 'PSA_ALG_MD5': lambda data: hashlib.md5(data).hexdigest(), + 'PSA_ALG_RIPEMD160': None, #lambda data: hashlib.new('ripdemd160').hexdigest() + 'PSA_ALG_SHA_1': lambda data: hashlib.sha1(data).hexdigest(), + 'PSA_ALG_SHA_224': lambda data: hashlib.sha224(data).hexdigest(), + 'PSA_ALG_SHA_256': lambda data: hashlib.sha256(data).hexdigest(), + 'PSA_ALG_SHA_384': lambda data: hashlib.sha384(data).hexdigest(), + 'PSA_ALG_SHA_512': lambda data: hashlib.sha512(data).hexdigest(), + 'PSA_ALG_SHA_512_224': None, #lambda data: hashlib.new('sha512_224').hexdigest() + 'PSA_ALG_SHA_512_256': None, #lambda data: hashlib.new('sha512_256').hexdigest() + 'PSA_ALG_SHA3_224': None, #lambda data: hashlib.sha3_224(data).hexdigest(), + 'PSA_ALG_SHA3_256': None, #lambda data: hashlib.sha3_256(data).hexdigest(), + 'PSA_ALG_SHA3_384': None, #lambda data: hashlib.sha3_384(data).hexdigest(), + 'PSA_ALG_SHA3_512': None, #lambda data: hashlib.sha3_512(data).hexdigest(), + 'PSA_ALG_SHAKE256_512': None, #lambda data: hashlib.shake_256(data).hexdigest(64), + } #type: Dict[str, Optional[Callable[[bytes], str]]] + + @staticmethod + def one_test_case(alg: crypto_knowledge.Algorithm, + function: str, note: str, + arguments: List[str]) -> test_case.TestCase: + """Construct one test case involving a hash.""" + tc = test_case.TestCase() + tc.set_description('{}{} {}' + .format(function, + ' ' + note if note else '', + alg.short_expression())) + tc.set_dependencies(psa_low_level_dependencies(alg.expression)) + tc.set_function(function) + tc.set_arguments([alg.expression] + + ['"{}"'.format(arg) for arg in arguments]) + return tc + + def test_cases_for_hash(self, + alg: crypto_knowledge.Algorithm + ) -> Iterator[test_case.TestCase]: + """Enumerate all test cases for one hash algorithm.""" + calc = self.CALCULATE[alg.expression] + if calc is None: + return # not implemented yet + + short = b'abc' + hash_short = calc(short) + long = (b'Hello, world. Here are 16 unprintable bytes: [' + b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a' + b'\x80\x81\x82\x83\xfe\xff]. ' + b' This message was brought to you by a natural intelligence. ' + b' If you can read this, good luck with your debugging!') + hash_long = calc(long) + + yield self.one_test_case(alg, 'hash_empty', '', [calc(b'')]) + yield self.one_test_case(alg, 'hash_valid_one_shot', '', + [short.hex(), hash_short]) + for n in [0, 1, 64, len(long) - 1, len(long)]: + yield self.one_test_case(alg, 'hash_valid_multipart', + '{} + {}'.format(n, len(long) - n), + [long[:n].hex(), calc(long[:n]), + long[n:].hex(), hash_long]) + + def all_test_cases(self) -> Iterator[test_case.TestCase]: + """Enumerate all test cases for all hash algorithms.""" + for alg in self.algorithms: + yield from self.test_cases_for_hash(alg) diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 1a033210b..45d253b9b 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -20,7 +20,7 @@ This module is entirely based on the PSA API. import enum import re -from typing import FrozenSet, Iterable, List, Optional, Tuple +from typing import FrozenSet, Iterable, List, Optional, Tuple, Dict from .asymmetric_key_data import ASYMMETRIC_KEY_DATA @@ -34,7 +34,7 @@ def short_expression(original: str, level: int = 0) -> str: unambiguous, but ad hoc way. """ short = original - short = re.sub(r'\bPSA_(?:ALG|ECC_FAMILY|KEY_[A-Z]+)_', r'', short) + short = re.sub(r'\bPSA_(?:ALG|DH_FAMILY|ECC_FAMILY|KEY_[A-Z]+)_', r'', short) short = re.sub(r' +', r'', short) if level >= 1: short = re.sub(r'PUBLIC_KEY\b', r'PUB', short) @@ -138,6 +138,9 @@ class KeyType: """Whether the key type is for public keys.""" return self.name.endswith('_PUBLIC_KEY') + DH_KEY_SIZES = { + 'PSA_DH_FAMILY_RFC7919': (2048, 3072, 4096, 6144, 8192), + } # type: Dict[str, Tuple[int, ...]] ECC_KEY_SIZES = { 'PSA_ECC_FAMILY_SECP_K1': (192, 224, 256), 'PSA_ECC_FAMILY_SECP_R1': (225, 256, 384, 521), @@ -148,7 +151,7 @@ class KeyType: 'PSA_ECC_FAMILY_BRAINPOOL_P_R1': (160, 192, 224, 256, 320, 384, 512), 'PSA_ECC_FAMILY_MONTGOMERY': (255, 448), 'PSA_ECC_FAMILY_TWISTED_EDWARDS': (255, 448), - } + } # type: Dict[str, Tuple[int, ...]] KEY_TYPE_SIZES = { 'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive 'PSA_KEY_TYPE_ARIA': (128, 192, 256), # exhaustive @@ -162,7 +165,7 @@ class KeyType: 'PSA_KEY_TYPE_PEPPER': (128, 256), # sample 'PSA_KEY_TYPE_RAW_DATA': (8, 40, 128), # sample 'PSA_KEY_TYPE_RSA_KEY_PAIR': (1024, 1536), # small sample - } + } # type: Dict[str, Tuple[int, ...]] def sizes_to_test(self) -> Tuple[int, ...]: """Return a tuple of key sizes to test. @@ -175,6 +178,9 @@ class KeyType: if self.private_type == 'PSA_KEY_TYPE_ECC_KEY_PAIR': assert self.params is not None return self.ECC_KEY_SIZES[self.params[0]] + if self.private_type == 'PSA_KEY_TYPE_DH_KEY_PAIR': + assert self.params is not None + return self.DH_KEY_SIZES[self.params[0]] return self.KEY_TYPE_SIZES[self.private_type] # "48657265006973206b6579a064617461" @@ -214,9 +220,7 @@ class KeyType: This function does not currently handle key derivation or PAKE. """ #pylint: disable=too-many-branches,too-many-return-statements - if alg.is_wildcard: - return False - if alg.is_invalid_truncation(): + if not alg.is_valid_for_operation(): return False if self.head == 'HMAC' and alg.head == 'HMAC': return True @@ -248,6 +252,8 @@ class KeyType: # So a public key object with a key agreement algorithm is not # a valid combination. return False + if alg.is_invalid_key_agreement_with_derivation(): + return False if self.head == 'ECC': assert self.params is not None eccc = EllipticCurveCategory.from_family(self.params[0]) @@ -261,6 +267,8 @@ class KeyType: if alg.head in {'PURE_EDDSA', 'EDDSA_PREHASH'} and \ eccc == EllipticCurveCategory.TWISTED_EDWARDS: return True + if self.head == 'DH' and alg.head == 'FFDH': + return True return False @@ -414,17 +422,38 @@ class Algorithm: self.category = self.determine_category(self.base_expression, self.head) self.is_wildcard = self.determine_wildcard(self.expression) - def is_key_agreement_with_derivation(self) -> bool: - """Whether this is a combined key agreement and key derivation algorithm.""" + def get_key_agreement_derivation(self) -> Optional[str]: + """For a combined key agreement and key derivation algorithm, get the derivation part. + + For anything else, return None. + """ if self.category != AlgorithmCategory.KEY_AGREEMENT: - return False + return None m = re.match(r'PSA_ALG_KEY_AGREEMENT\(\w+,\s*(.*)\)\Z', self.expression) if not m: - return False + return None kdf_alg = m.group(1) # Assume kdf_alg is either a valid KDF or 0. - return not re.match(r'(?:0[Xx])?0+\s*\Z', kdf_alg) + if re.match(r'(?:0[Xx])?0+\s*\Z', kdf_alg): + return None + return kdf_alg + KEY_DERIVATIONS_INCOMPATIBLE_WITH_AGREEMENT = frozenset([ + 'PSA_ALG_TLS12_ECJPAKE_TO_PMS', # secret input in specific format + ]) + def is_valid_key_agreement_with_derivation(self) -> bool: + """Whether this is a valid combined key agreement and key derivation algorithm.""" + kdf_alg = self.get_key_agreement_derivation() + if kdf_alg is None: + return False + return kdf_alg not in self.KEY_DERIVATIONS_INCOMPATIBLE_WITH_AGREEMENT + + def is_invalid_key_agreement_with_derivation(self) -> bool: + """Whether this is an invalid combined key agreement and key derivation algorithm.""" + kdf_alg = self.get_key_agreement_derivation() + if kdf_alg is None: + return False + return kdf_alg in self.KEY_DERIVATIONS_INCOMPATIBLE_WITH_AGREEMENT def short_expression(self, level: int = 0) -> str: """Abbreviate the expression, keeping it human-readable. @@ -498,13 +527,26 @@ class Algorithm: return True return False + def is_valid_for_operation(self) -> bool: + """Whether this algorithm construction is valid for an operation. + + This function assumes that the algorithm is constructed in a + "grammatically" correct way, and only rejects semantically invalid + combinations. + """ + if self.is_wildcard: + return False + if self.is_invalid_truncation(): + return False + return True + def can_do(self, category: AlgorithmCategory) -> bool: """Whether this algorithm can perform operations in the given category. """ if category == self.category: return True if category == AlgorithmCategory.KEY_DERIVATION and \ - self.is_key_agreement_with_derivation(): + self.is_valid_key_agreement_with_derivation(): return True return False diff --git a/scripts/mbedtls_dev/ecp.py b/scripts/mbedtls_dev/ecp.py new file mode 100644 index 000000000..410c77e11 --- /dev/null +++ b/scripts/mbedtls_dev/ecp.py @@ -0,0 +1,886 @@ +"""Framework classes for generation of ecp test cases.""" +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from typing import List + +from . import test_data_generation +from . import bignum_common + + +class EcpTarget(test_data_generation.BaseTarget): + #pylint: disable=abstract-method, too-few-public-methods + """Target for ecp test case generation.""" + target_basename = 'test_suite_ecp.generated' + + +class EcpP192R1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P192 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p192_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP192R1_ENABLED", + "MBEDTLS_ECP_NIST_OPTIM"] + + moduli = ["fffffffffffffffffffffffffffffffeffffffffffffffff"] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + "fffffffffffffffffffffffffffffffefffffffffffffffe", + + # Modulus + 1 + "ffffffffffffffffffffffffffffffff0000000000000000", + + # 2^192 - 1 + "ffffffffffffffffffffffffffffffffffffffffffffffff", + + # Maximum canonical P192 multiplication result + ("fffffffffffffffffffffffffffffffdfffffffffffffffc" + "000000000000000100000000000000040000000000000004"), + + # Generate an overflow during reduction + ("00000000000000000000000000000001ffffffffffffffff" + "ffffffffffffffffffffffffffffffff0000000000000000"), + + # Generate an overflow during carry reduction + ("ffffffffffffffff00000000000000010000000000000000" + "fffffffffffffffeffffffffffffffff0000000000000000"), + + # First 8 number generated by random.getrandbits(384) - seed(2,2) + ("cf1822ffbc6887782b491044d5e341245c6e433715ba2bdd" + "177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("ffed9235288bc781ae66267594c9c9500925e4749b575bd1" + "3653f8dd9b1f282e4067c3584ee207f8da94e3e8ab73738f"), + ("ef8acd128b4f2fc15f3f57ebf30b94fa82523e86feac7eb7" + "dc38f519b91751dacdbd47d364be8049a372db8f6e405d93"), + ("e8624fab5186ee32ee8d7ee9770348a05d300cb90706a045" + "defc044a09325626e6b58de744ab6cce80877b6f71e1f6d2"), + ("2d3d854e061b90303b08c6e33c7295782d6c797f8f7d9b78" + "2a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f"), + ("fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f1" + "5c14bc4a829e07b0829a48d422fe99a22c70501e533c9135"), + ("97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561" + "867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2"), + ("bd143fa9b714210c665d7435c1066932f4767f26294365b2" + "721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b"), + + # Next 2 number generated by random.getrandbits(192) + "47733e847d718d733ff98ff387c56473a7a83ee0761ebfd2", + "cbd4d3e2d4dec9ef83f0be4e80371eb97f81375eecc1cb63" + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self)-> List[str]: + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP192R1"] + args + + +class EcpP224R1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P224 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p224_raw" + input_style = "arch_split" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP224R1_ENABLED", + "MBEDTLS_ECP_NIST_OPTIM"] + + moduli = ["ffffffffffffffffffffffffffffffff000000000000000000000001"] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + "ffffffffffffffffffffffffffffffff000000000000000000000000", + + # Modulus + 1 + "ffffffffffffffffffffffffffffffff000000000000000000000002", + + # 2^224 - 1 + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + + # Maximum canonical P224 multiplication result + ("fffffffffffffffffffffffffffffffe000000000000000000000000" + "00000001000000000000000000000000000000000000000000000000"), + + # Generate an overflow during reduction + ("00000000000000000000000000010000000070000000002000001000" + "ffffffffffff9fffffffffe00000efff000070000000002000001003"), + + # Generate an underflow during reduction + ("00000001000000000000000000000000000000000000000000000000" + "00000000000dc0000000000000000001000000010000000100000003"), + + # First 8 number generated by random.getrandbits(448) - seed(2,2) + ("da94e3e8ab73738fcf1822ffbc6887782b491044d5e341245c6e4337" + "15ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("cdbd47d364be8049a372db8f6e405d93ffed9235288bc781ae662675" + "94c9c9500925e4749b575bd13653f8dd9b1f282e4067c3584ee207f8"), + ("defc044a09325626e6b58de744ab6cce80877b6f71e1f6d2ef8acd12" + "8b4f2fc15f3f57ebf30b94fa82523e86feac7eb7dc38f519b91751da"), + ("2d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c50556c71c4a6" + "6148a86fe8624fab5186ee32ee8d7ee9770348a05d300cb90706a045"), + ("8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0829a48d4" + "22fe99a22c70501e533c91352d3d854e061b90303b08c6e33c729578"), + ("97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561867e5e15" + "bc01bfce6a27e0dfcbf8754472154e76e4c11ab2fec3f6b32e8d4b8a"), + ("a7a83ee0761ebfd2bd143fa9b714210c665d7435c1066932f4767f26" + "294365b2721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b"), + ("74667bffe202849da9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e" + "80371eb97f81375eecc1cb6347733e847d718d733ff98ff387c56473"), + + # Next 2 number generated by random.getrandbits(224) + "eb9ac688b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a", + "f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f258ebdbfe3" + ] + + @property + def arg_a(self) -> str: + limbs = 2 * bignum_common.bits_to_limbs(224, self.bits_in_limb) + hex_digits = bignum_common.hex_digits_for_limb(limbs, self.bits_in_limb) + return super().format_arg('{:x}'.format(self.int_a)).zfill(hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self)-> List[str]: + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP224R1"] + args + + +class EcpP256R1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P256 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p256_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP256R1_ENABLED", + "MBEDTLS_ECP_NIST_OPTIM"] + + moduli = ["ffffffff00000001000000000000000000000000ffffffffffffffffffffffff"] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + "ffffffff00000001000000000000000000000000fffffffffffffffffffffffe", + + # Modulus + 1 + "ffffffff00000001000000000000000000000001000000000000000000000000", + + # 2^256 - 1 + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + + # Maximum canonical P256 multiplication result + ("fffffffe00000002fffffffe0000000100000001fffffffe00000001fffffffc" + "00000003fffffffcfffffffffffffffffffffffc000000000000000000000004"), + + # Generate an overflow during reduction + ("0000000000000000000000010000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000ffffffff"), + + # Generate an underflow during reduction + ("0000000000000000000000000000000000000000000000000000000000000010" + "ffffffff00000000000000000000000000000000000000000000000000000000"), + + # Generate an overflow during carry reduction + ("aaaaaaaa00000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000aaaaaaacaaaaaaaaaaaaaaaa00000000"), + + # Generate an underflow during carry reduction + ("000000000000000000000001ffffffff00000000000000000000000000000000" + "0000000000000000000000000000000000000002000000020000000100000002"), + + # First 8 number generated by random.getrandbits(512) - seed(2,2) + ("4067c3584ee207f8da94e3e8ab73738fcf1822ffbc6887782b491044d5e34124" + "5c6e433715ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("82523e86feac7eb7dc38f519b91751dacdbd47d364be8049a372db8f6e405d93" + "ffed9235288bc781ae66267594c9c9500925e4749b575bd13653f8dd9b1f282e"), + ("e8624fab5186ee32ee8d7ee9770348a05d300cb90706a045defc044a09325626" + "e6b58de744ab6cce80877b6f71e1f6d2ef8acd128b4f2fc15f3f57ebf30b94fa"), + ("829a48d422fe99a22c70501e533c91352d3d854e061b90303b08c6e33c729578" + "2d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f"), + ("e89204e2e8168561867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2" + "fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0"), + ("bd143fa9b714210c665d7435c1066932f4767f26294365b2721dea3bf63f23d0" + "dbe53fcafb2147df5ca495fa5a91c89b97eeab64ca2ce6bc5d3fd983c34c769f"), + ("74667bffe202849da9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e80371eb9" + "7f81375eecc1cb6347733e847d718d733ff98ff387c56473a7a83ee0761ebfd2"), + ("d08f1bb2531d6460f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f25" + "8ebdbfe3eb9ac688b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a"), + + # Next 2 number generated by random.getrandbits(256) + "c5e2486c44a4a8f69dc8db48e86ec9c6e06f291b2a838af8d5c44a4eb3172062", + "d4c0dca8b4c9e755cc9c3adcf515a8234da4daeb4f3f87777ad1f45ae9500ec9" + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self)-> List[str]: + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP256R1"] + args + + +class EcpP384R1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P384 fast reduction.""" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p384_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP384R1_ENABLED", + "MBEDTLS_ECP_NIST_OPTIM"] + + moduli = [("ffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffeffffffff0000000000000000ffffffff") + ] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + ("ffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffeffffffff0000000000000000fffffffe"), + + # Modulus + 1 + ("ffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffeffffffff000000000000000100000000"), + + # 2^384 - 1 + ("ffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffff"), + + # Maximum canonical P384 multiplication result + ("ffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffdfffffffe0000000000000001fffffffc" + "000000000000000000000000000000010000000200000000" + "fffffffe000000020000000400000000fffffffc00000004"), + + # Testing with overflow in A(12) + A(21) + A(20); + ("497811378624857a2c2af60d70583376545484cfae5c812f" + "e2999fc1abb51d18b559e8ca3b50aaf263fdf8f24bdfb98f" + "ffffffff20e65bf9099e4e73a5e8b517cf4fbeb8fd1750fd" + "ae6d43f2e53f82d5ffffffffffffffffcc6f1e06111c62e0"), + + # Testing with underflow in A(13) + A(22) + A(23) - A(12) - A(20); + ("dfdd25e96777406b3c04b8c7b406f5fcf287e1e576003a09" + "2852a6fbe517f2712b68abef41dbd35183a0614fb7222606" + "ffffffff84396eee542f18a9189d94396c784059c17a9f18" + "f807214ef32f2f10ffffffff8a77fac20000000000000000"), + + # Testing with overflow in A(23) + A(20) + A(19) - A(22); + ("783753f8a5afba6c1862eead1deb2fcdd907272be3ffd185" + "42b24a71ee8b26cab0aa33513610ff973042bbe1637cc9fc" + "99ad36c7f703514572cf4f5c3044469a8f5be6312c19e5d3" + "f8fc1ac6ffffffffffffffff8c86252400000000ffffffff"), + + # Testing with underflow in A(23) + A(20) + A(19) - A(22); + ("65e1d2362fce922663b7fd517586e88842a9b4bd092e93e6" + "251c9c69f278cbf8285d99ae3b53da5ba36e56701e2b17c2" + "25f1239556c5f00117fa140218b46ebd8e34f50d0018701f" + "a8a0a5cc00000000000000004410bcb4ffffffff00000000"), + + # Testing the second round of carry reduction + ("000000000000000000000000ffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff0000000000000000" + "0000000000000000ffffffff000000000000000000000001" + "00000000000000000000000000000000ffffffff00000001"), + + # First 8 number generated by random.getrandbits(768) - seed(2,2) + ("ffed9235288bc781ae66267594c9c9500925e4749b575bd1" + "3653f8dd9b1f282e4067c3584ee207f8da94e3e8ab73738f" + "cf1822ffbc6887782b491044d5e341245c6e433715ba2bdd" + "177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("e8624fab5186ee32ee8d7ee9770348a05d300cb90706a045" + "defc044a09325626e6b58de744ab6cce80877b6f71e1f6d2" + "ef8acd128b4f2fc15f3f57ebf30b94fa82523e86feac7eb7" + "dc38f519b91751dacdbd47d364be8049a372db8f6e405d93"), + ("fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f1" + "5c14bc4a829e07b0829a48d422fe99a22c70501e533c9135" + "2d3d854e061b90303b08c6e33c7295782d6c797f8f7d9b78" + "2a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f"), + ("bd143fa9b714210c665d7435c1066932f4767f26294365b2" + "721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b" + "97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561" + "867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2"), + ("8ebdbfe3eb9ac688b9d39cca91551e8259cc60b17604e4b4" + "e73695c3e652c71a74667bffe202849da9643a295a9ac6de" + "cbd4d3e2d4dec9ef83f0be4e80371eb97f81375eecc1cb63" + "47733e847d718d733ff98ff387c56473a7a83ee0761ebfd2"), + ("d4c0dca8b4c9e755cc9c3adcf515a8234da4daeb4f3f8777" + "7ad1f45ae9500ec9c5e2486c44a4a8f69dc8db48e86ec9c6" + "e06f291b2a838af8d5c44a4eb3172062d08f1bb2531d6460" + "f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f25"), + ("0227eeb7b9d7d01f5769da05d205bbfcc8c69069134bccd3" + "e1cf4f589f8e4ce0af29d115ef24bd625dd961e6830b54fa" + "7d28f93435339774bb1e386c4fd5079e681b8f5896838b76" + "9da59b74a6c3181c81e220df848b1df78feb994a81167346"), + ("d322a7353ead4efe440e2b4fda9c025a22f1a83185b98f5f" + "c11e60de1b343f52ea748db9e020307aaeb6db2c3a038a70" + "9779ac1f45e9dd320c855fdfa7251af0930cdbd30f0ad2a8" + "1b2d19a2beaa14a7ff3fe32a30ffc4eed0a7bd04e85bfcdd"), + + # Next 2 number generated by random.getrandbits(384) + ("5c3747465cc36c270e8a35b10828d569c268a20eb78ac332" + "e5e138e26c4454b90f756132e16dce72f18e859835e1f291"), + ("eb2b5693babb7fbb0a76c196067cfdcb11457d9cf45e2fa0" + "1d7f4275153924800600571fac3a5b263fdf57cd2c006497") + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self)-> List[str]: + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP384R1"] + args + + +class EcpP521R1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P521 fast reduction.""" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p521_raw" + input_style = "arch_split" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP521R1_ENABLED", + "MBEDTLS_ECP_NIST_OPTIM"] + + moduli = [("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff") + ] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + ("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe"), + + # Modulus + 1 + ("020000000000000000000000000000000000000000000000000000000000000000" + "000000000000000000000000000000000000000000000000000000000000000000"), + + # Maximum canonical P521 multiplication result + ("0003ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffff800" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000004"), + + # Test case for overflow during addition + ("0001efffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "000001ef" + "0000000000000000000000000000000000000000000000000000000000000000" + "000000000000000000000000000000000000000000000000000000000f000000"), + + # First 8 number generated by random.getrandbits(1042) - seed(2,2) + ("0003cc2e82523e86feac7eb7dc38f519b91751dacdbd47d364be8049a372db8f" + "6e405d93ffed9235288bc781ae66267594c9c9500925e4749b575bd13653f8dd" + "9b1f282e" + "4067c3584ee207f8da94e3e8ab73738fcf1822ffbc6887782b491044d5e34124" + "5c6e433715ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("00017052829e07b0829a48d422fe99a22c70501e533c91352d3d854e061b9030" + "3b08c6e33c7295782d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c5055" + "6c71c4a6" + "6148a86fe8624fab5186ee32ee8d7ee9770348a05d300cb90706a045defc044a" + "09325626e6b58de744ab6cce80877b6f71e1f6d2ef8acd128b4f2fc15f3f57eb"), + ("00021f15a7a83ee0761ebfd2bd143fa9b714210c665d7435c1066932f4767f26" + "294365b2721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b97eeab64" + "ca2ce6bc" + "5d3fd983c34c769fe89204e2e8168561867e5e15bc01bfce6a27e0dfcbf87544" + "72154e76e4c11ab2fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f1"), + ("000381bc2a838af8d5c44a4eb3172062d08f1bb2531d6460f0caeef038c89b38" + "a8acb5137c9260dc74e088a9b9492f258ebdbfe3eb9ac688b9d39cca91551e82" + "59cc60b1" + "7604e4b4e73695c3e652c71a74667bffe202849da9643a295a9ac6decbd4d3e2" + "d4dec9ef83f0be4e80371eb97f81375eecc1cb6347733e847d718d733ff98ff3"), + ("00034816c8c69069134bccd3e1cf4f589f8e4ce0af29d115ef24bd625dd961e6" + "830b54fa7d28f93435339774bb1e386c4fd5079e681b8f5896838b769da59b74" + "a6c3181c" + "81e220df848b1df78feb994a81167346d4c0dca8b4c9e755cc9c3adcf515a823" + "4da4daeb4f3f87777ad1f45ae9500ec9c5e2486c44a4a8f69dc8db48e86ec9c6"), + ("000397846c4454b90f756132e16dce72f18e859835e1f291d322a7353ead4efe" + "440e2b4fda9c025a22f1a83185b98f5fc11e60de1b343f52ea748db9e020307a" + "aeb6db2c" + "3a038a709779ac1f45e9dd320c855fdfa7251af0930cdbd30f0ad2a81b2d19a2" + "beaa14a7ff3fe32a30ffc4eed0a7bd04e85bfcdd0227eeb7b9d7d01f5769da05"), + ("00002c3296e6bc4d62b47204007ee4fab105d83e85e951862f0981aebc1b00d9" + "2838e766ef9b6bf2d037fe2e20b6a8464174e75a5f834da70569c018eb2b5693" + "babb7fbb" + "0a76c196067cfdcb11457d9cf45e2fa01d7f4275153924800600571fac3a5b26" + "3fdf57cd2c0064975c3747465cc36c270e8a35b10828d569c268a20eb78ac332"), + ("00009d23b4917fc09f20dbb0dcc93f0e66dfe717c17313394391b6e2e6eacb0f" + "0bb7be72bd6d25009aeb7fa0c4169b148d2f527e72daf0a54ef25c0707e33868" + "7d1f7157" + "5653a45c49390aa51cf5192bbf67da14be11d56ba0b4a2969d8055a9f03f2d71" + "581d8e830112ff0f0948eccaf8877acf26c377c13f719726fd70bddacb4deeec"), + + # Next 2 number generated by random.getrandbits(521) + ("12b84ae65e920a63ac1f2b64df6dff07870c9d531ae72a47403063238da1a1fe" + "3f9d6a179fa50f96cd4aff9261aa92c0e6f17ec940639bc2ccdf572df00790813e3"), + ("166049dd332a73fa0b26b75196cf87eb8a09b27ec714307c68c425424a1574f1" + "eedf5b0f16cdfdb839424d201e653f53d6883ca1c107ca6e706649889c0c7f38608") + ] + + @property + def arg_a(self) -> str: + # Number of limbs: 2 * N + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self)-> List[str]: + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP521R1"] + args + + +class EcpP192K1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P192K1 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p192k1_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP192K1_ENABLED"] + + moduli = ["fffffffffffffffffffffffffffffffffffffffeffffee37"] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + "fffffffffffffffffffffffffffffffffffffffeffffee36", + + # Modulus + 1 + "fffffffffffffffffffffffffffffffffffffffeffffee38", + + # 2^192 - 1 + "ffffffffffffffffffffffffffffffffffffffffffffffff", + + # Maximum canonical P192K1 multiplication result + ("fffffffffffffffffffffffffffffffffffffffdffffdc6c" + "0000000000000000000000000000000100002394013c7364"), + + # Test case for overflow during addition + ("00000007ffff71b809e27dd832cfd5e04d9d2dbb9f8da217" + "0000000000000000000000000000000000000000520834f0"), + + # First 8 number generated by random.getrandbits(384) - seed(2,2) + ("cf1822ffbc6887782b491044d5e341245c6e433715ba2bdd" + "177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("ffed9235288bc781ae66267594c9c9500925e4749b575bd1" + "3653f8dd9b1f282e4067c3584ee207f8da94e3e8ab73738f"), + ("ef8acd128b4f2fc15f3f57ebf30b94fa82523e86feac7eb7" + "dc38f519b91751dacdbd47d364be8049a372db8f6e405d93"), + ("e8624fab5186ee32ee8d7ee9770348a05d300cb90706a045" + "defc044a09325626e6b58de744ab6cce80877b6f71e1f6d2"), + ("2d3d854e061b90303b08c6e33c7295782d6c797f8f7d9b78" + "2a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f"), + ("fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f1" + "5c14bc4a829e07b0829a48d422fe99a22c70501e533c9135"), + ("97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561" + "867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2"), + ("bd143fa9b714210c665d7435c1066932f4767f26294365b2" + "721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b"), + + # Next 2 number generated by random.getrandbits(192) + "47733e847d718d733ff98ff387c56473a7a83ee0761ebfd2", + "cbd4d3e2d4dec9ef83f0be4e80371eb97f81375eecc1cb63" + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self): + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP192K1"] + args + + +class EcpP224K1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P224 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p224k1_raw" + input_style = "arch_split" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP224K1_ENABLED"] + + moduli = ["fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d"] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + "fffffffffffffffffffffffffffffffffffffffffffffffeffffe56c", + + # Modulus + 1 + "fffffffffffffffffffffffffffffffffffffffffffffffeffffe56e", + + # 2^224 - 1 + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + + # Maximum canonical P224K1 multiplication result + ("fffffffffffffffffffffffffffffffffffffffffffffffdffffcad8" + "00000000000000000000000000000000000000010000352802c26590"), + + # Test case for overflow during addition + ("0000007ffff2b68161180fd8cd92e1a109be158a19a99b1809db8032" + "0000000000000000000000000000000000000000000000000bf04f49"), + + # First 8 number generated by random.getrandbits(448) - seed(2,2) + ("da94e3e8ab73738fcf1822ffbc6887782b491044d5e341245c6e4337" + "15ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("cdbd47d364be8049a372db8f6e405d93ffed9235288bc781ae662675" + "94c9c9500925e4749b575bd13653f8dd9b1f282e4067c3584ee207f8"), + ("defc044a09325626e6b58de744ab6cce80877b6f71e1f6d2ef8acd12" + "8b4f2fc15f3f57ebf30b94fa82523e86feac7eb7dc38f519b91751da"), + ("2d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c50556c71c4a6" + "6148a86fe8624fab5186ee32ee8d7ee9770348a05d300cb90706a045"), + ("8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0829a48d4" + "22fe99a22c70501e533c91352d3d854e061b90303b08c6e33c729578"), + ("97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561867e5e15" + "bc01bfce6a27e0dfcbf8754472154e76e4c11ab2fec3f6b32e8d4b8a"), + ("a7a83ee0761ebfd2bd143fa9b714210c665d7435c1066932f4767f26" + "294365b2721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b"), + ("74667bffe202849da9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e" + "80371eb97f81375eecc1cb6347733e847d718d733ff98ff387c56473"), + + # Next 2 number generated by random.getrandbits(224) + ("eb9ac688b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a"), + ("f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f258ebdbfe3"), + ] + + @property + def arg_a(self) -> str: + limbs = 2 * bignum_common.bits_to_limbs(224, self.bits_in_limb) + hex_digits = bignum_common.hex_digits_for_limb(limbs, self.bits_in_limb) + return super().format_arg('{:x}'.format(self.int_a)).zfill(hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self): + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP224K1"] + args + + +class EcpP256K1Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P256 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p256k1_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_SECP256K1_ENABLED"] + + moduli = ["fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", + + # Modulus + 1 + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30", + + # 2^256 - 1 + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + + # Maximum canonical P256K1 multiplication result + ("fffffffffffffffffffffffffffffffffffffffffffffffffffffffdfffff85c" + "000000000000000000000000000000000000000000000001000007a4000e9844"), + + # Test case for overflow during addition + ("0000fffffc2f000e90a0c86a0a63234e5ba641f43a7e4aecc4040e67ec850562" + "00000000000000000000000000000000000000000000000000000000585674fd"), + + # Test case for overflow during addition + ("0000fffffc2f000e90a0c86a0a63234e5ba641f43a7e4aecc4040e67ec850562" + "00000000000000000000000000000000000000000000000000000000585674fd"), + + # First 8 number generated by random.getrandbits(512) - seed(2,2) + ("4067c3584ee207f8da94e3e8ab73738fcf1822ffbc6887782b491044d5e34124" + "5c6e433715ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("82523e86feac7eb7dc38f519b91751dacdbd47d364be8049a372db8f6e405d93" + "ffed9235288bc781ae66267594c9c9500925e4749b575bd13653f8dd9b1f282e"), + ("e8624fab5186ee32ee8d7ee9770348a05d300cb90706a045defc044a09325626" + "e6b58de744ab6cce80877b6f71e1f6d2ef8acd128b4f2fc15f3f57ebf30b94fa"), + ("829a48d422fe99a22c70501e533c91352d3d854e061b90303b08c6e33c729578" + "2d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f"), + ("e89204e2e8168561867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2" + "fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0"), + ("bd143fa9b714210c665d7435c1066932f4767f26294365b2721dea3bf63f23d0" + "dbe53fcafb2147df5ca495fa5a91c89b97eeab64ca2ce6bc5d3fd983c34c769f"), + ("74667bffe202849da9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e80371eb9" + "7f81375eecc1cb6347733e847d718d733ff98ff387c56473a7a83ee0761ebfd2"), + ("d08f1bb2531d6460f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f25" + "8ebdbfe3eb9ac688b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a"), + + # Next 2 number generated by random.getrandbits(256) + ("c5e2486c44a4a8f69dc8db48e86ec9c6e06f291b2a838af8d5c44a4eb3172062"), + ("d4c0dca8b4c9e755cc9c3adcf515a8234da4daeb4f3f87777ad1f45ae9500ec9"), + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self): + args = super().arguments() + return ["MBEDTLS_ECP_DP_SECP256K1"] + args + + +class EcpP255Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP 25519 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "mbedtls_ecp_mod_p255_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_CURVE25519_ENABLED"] + + moduli = [("7fffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffed")] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + ("7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec"), + + # Modulus + 1 + ("7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffee"), + + # 2^255 - 1 + ("7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"), + + # Maximum canonical P255 multiplication result + ("3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec" + "0000000000000000000000000000000000000000000000000000000000000190"), + + # First 8 number generated by random.getrandbits(510) - seed(2,2) + ("1019f0d64ee207f8da94e3e8ab73738fcf1822ffbc6887782b491044d5e34124" + "5c6e433715ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973"), + ("20948fa1feac7eb7dc38f519b91751dacdbd47d364be8049a372db8f6e405d93" + "ffed9235288bc781ae66267594c9c9500925e4749b575bd13653f8dd9b1f282e"), + ("3a1893ea5186ee32ee8d7ee9770348a05d300cb90706a045defc044a09325626" + "e6b58de744ab6cce80877b6f71e1f6d2ef8acd128b4f2fc15f3f57ebf30b94fa"), + ("20a6923522fe99a22c70501e533c91352d3d854e061b90303b08c6e33c729578" + "2d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c50556c71c4a66148a86f"), + ("3a248138e8168561867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2" + "fec3f6b32e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0"), + ("2f450feab714210c665d7435c1066932f4767f26294365b2721dea3bf63f23d0" + "dbe53fcafb2147df5ca495fa5a91c89b97eeab64ca2ce6bc5d3fd983c34c769f"), + ("1d199effe202849da9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e80371eb9" + "7f81375eecc1cb6347733e847d718d733ff98ff387c56473a7a83ee0761ebfd2"), + ("3423c6ec531d6460f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f25" + "8ebdbfe3eb9ac688b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a"), + + # Next 2 number generated by random.getrandbits(255) + ("62f1243644a4a8f69dc8db48e86ec9c6e06f291b2a838af8d5c44a4eb3172062"), + ("6a606e54b4c9e755cc9c3adcf515a8234da4daeb4f3f87777ad1f45ae9500ec9"), + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self)-> List[str]: + args = super().arguments() + return ["MBEDTLS_ECP_DP_CURVE25519"] + args + + +class EcpP448Raw(bignum_common.ModOperationCommon, + EcpTarget): + """Test cases for ECP P448 fast reduction.""" + symbol = "-" + test_function = "ecp_mod_p_generic_raw" + test_name = "ecp_mod_p448_raw" + input_style = "fixed" + arity = 1 + dependencies = ["MBEDTLS_ECP_DP_CURVE448_ENABLED"] + + moduli = [("fffffffffffffffffffffffffffffffffffffffffffffffffffffffe" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff")] # type: List[str] + + input_values = [ + "0", "1", + + # Modulus - 1 + ("fffffffffffffffffffffffffffffffffffffffffffffffffffffffe" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffe"), + + # Modulus + 1 + ("ffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "00000000000000000000000000000000000000000000000000000000"), + + # 2^448 - 1 + ("ffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff"), + + # Maximum canonical P448 multiplication result + ("fffffffffffffffffffffffffffffffffffffffffffffffffffffffd" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffd" + "00000000000000000000000000000000000000000000000000000004" + "00000000000000000000000000000000000000000000000000000004"), + + # First 8 number generated by random.getrandbits(896) - seed(2,2) + ("74667bffe202849da9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e" + "80371eb97f81375eecc1cb6347733e847d718d733ff98ff387c56473" + "a7a83ee0761ebfd2bd143fa9b714210c665d7435c1066932f4767f26" + "294365b2721dea3bf63f23d0dbe53fcafb2147df5ca495fa5a91c89b"), + ("4da4daeb4f3f87777ad1f45ae9500ec9c5e2486c44a4a8f69dc8db48" + "e86ec9c6e06f291b2a838af8d5c44a4eb3172062d08f1bb2531d6460" + "f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f258ebdbfe3" + "eb9ac688b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a"), + ("bc1b00d92838e766ef9b6bf2d037fe2e20b6a8464174e75a5f834da7" + "0569c018eb2b5693babb7fbb0a76c196067cfdcb11457d9cf45e2fa0" + "1d7f4275153924800600571fac3a5b263fdf57cd2c0064975c374746" + "5cc36c270e8a35b10828d569c268a20eb78ac332e5e138e26c4454b9"), + ("8d2f527e72daf0a54ef25c0707e338687d1f71575653a45c49390aa5" + "1cf5192bbf67da14be11d56ba0b4a2969d8055a9f03f2d71581d8e83" + "0112ff0f0948eccaf8877acf26c377c13f719726fd70bddacb4deeec" + "0b0c995e96e6bc4d62b47204007ee4fab105d83e85e951862f0981ae"), + ("84ae65e920a63ac1f2b64df6dff07870c9d531ae72a47403063238da" + "1a1fe3f9d6a179fa50f96cd4aff9261aa92c0e6f17ec940639bc2ccd" + "f572df00790813e32748dd1db4917fc09f20dbb0dcc93f0e66dfe717" + "c17313394391b6e2e6eacb0f0bb7be72bd6d25009aeb7fa0c4169b14"), + ("2bb3b36f29421c4021b7379f0897246a40c270b00e893302aba9e7b8" + "23fc5ad2f58105748ed5d1b7b310b730049dd332a73fa0b26b75196c" + "f87eb8a09b27ec714307c68c425424a1574f1eedf5b0f16cdfdb8394" + "24d201e653f53d6883ca1c107ca6e706649889c0c7f3860895bfa813"), + ("af3f5d7841b1256d5c1dc12fb5a1ae519fb8883accda6559caa538a0" + "9fc9370d3a6b86a7975b54a31497024640332b0612d4050771d7b14e" + "b6c004cc3b8367dc3f2bb31efe9934ad0809eae3ef232a32b5459d83" + "fbc46f1aea990e94821d46063b4dbf2ca294523d74115c86188b1044"), + ("7430051376e31f5aab63ad02854efa600641b4fa37a47ce41aeffafc" + "3b45402ac02659fe2e87d4150511baeb198ababb1a16daff3da95cd2" + "167b75dfb948f82a8317cba01c75f67e290535d868a24b7f627f2855" + "09167d4126af8090013c3273c02c6b9586b4625b475b51096c4ad652"), + + # Corner case which causes maximum overflow + ("f4ae65e920a63ac1f2b64df6dff07870c9d531ae72a47403063238da1" + "a1fe3f9d6a179fa50f96cd4aff9261aa92c0e6f17ec940639bc2ccd0B" + "519A16DF59C53E0D49B209200F878F362ACE518D5B8BFCF9CDC725E5E" + "01C06295E8605AF06932B5006D9E556D3F190E8136BF9C643D332"), + + # Next 2 number generated by random.getrandbits(448) + ("8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0829a48d4" + "22fe99a22c70501e533c91352d3d854e061b90303b08c6e33c729578"), + ("97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561867e5e15" + "bc01bfce6a27e0dfcbf8754472154e76e4c11ab2fec3f6b32e8d4b8a"), + + ] + + @property + def arg_a(self) -> str: + return super().format_arg('{:x}'.format(self.int_a)).zfill(2 * self.hex_digits) + + def result(self) -> List[str]: + result = self.int_a % self.int_n + return [self.format_result(result)] + + @property + def is_valid(self) -> bool: + return True + + def arguments(self): + args = super().arguments() + return ["MBEDTLS_ECP_DP_CURVE448"] + args diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py new file mode 100644 index 000000000..db1ebfe5c --- /dev/null +++ b/scripts/mbedtls_dev/logging_util.py @@ -0,0 +1,57 @@ +"""Auxiliary functions used for logging module. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import logging +import sys + +def configure_logger( + logger: logging.Logger, + log_format="[%(levelname)s]: %(message)s", + split_level=logging.WARNING + ) -> None: + """ + Configure the logging.Logger instance so that: + - Format is set to any log_format. + Default: "[%(levelname)s]: %(message)s" + - loglevel >= split_level are printed to stderr. + - loglevel < split_level are printed to stdout. + Default: logging.WARNING + """ + class MaxLevelFilter(logging.Filter): + # pylint: disable=too-few-public-methods + def __init__(self, max_level, name=''): + super().__init__(name) + self.max_level = max_level + + def filter(self, record: logging.LogRecord) -> bool: + return record.levelno <= self.max_level + + log_formatter = logging.Formatter(log_format) + + # set loglevel >= split_level to be printed to stderr + stderr_hdlr = logging.StreamHandler(sys.stderr) + stderr_hdlr.setLevel(split_level) + stderr_hdlr.setFormatter(log_formatter) + + # set loglevel < split_level to be printed to stdout + stdout_hdlr = logging.StreamHandler(sys.stdout) + stdout_hdlr.addFilter(MaxLevelFilter(split_level - 1)) + stdout_hdlr.setFormatter(log_formatter) + + logger.addHandler(stderr_hdlr) + logger.addHandler(stdout_hdlr) diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py new file mode 100644 index 000000000..a82df41df --- /dev/null +++ b/scripts/mbedtls_dev/psa_information.py @@ -0,0 +1,162 @@ +"""Collect information about PSA cryptographic mechanisms. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import re +from typing import Dict, FrozenSet, List, Optional + +from . import macro_collector + + +class Information: + """Gather information about PSA constructors.""" + + def __init__(self) -> None: + self.constructors = self.read_psa_interface() + + @staticmethod + def remove_unwanted_macros( + constructors: macro_collector.PSAMacroEnumerator + ) -> None: + # Mbed TLS does not support finite-field DSA. + # Don't attempt to generate any related test case. + constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR') + constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY') + + def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator: + """Return the list of known key types, algorithms, etc.""" + constructors = macro_collector.InputsForTest() + header_file_names = ['include/psa/crypto_values.h', + 'include/psa/crypto_extra.h'] + test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] + for header_file_name in header_file_names: + constructors.parse_header(header_file_name) + for test_cases in test_suites: + constructors.parse_test_cases(test_cases) + self.remove_unwanted_macros(constructors) + constructors.gather_arguments() + return constructors + + +def psa_want_symbol(name: str) -> str: + """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature.""" + if name.startswith('PSA_'): + return name[:4] + 'WANT_' + name[4:] + else: + raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name) + +def finish_family_dependency(dep: str, bits: int) -> str: + """Finish dep if it's a family dependency symbol prefix. + + A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be + qualified by the key size. If dep is such a symbol, finish it by adjusting + the prefix and appending the key size. Other symbols are left unchanged. + """ + return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep) + +def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]: + """Finish any family dependency symbol prefixes. + + Apply `finish_family_dependency` to each element of `dependencies`. + """ + return [finish_family_dependency(dep, bits) for dep in dependencies] + +SYMBOLS_WITHOUT_DEPENDENCY = frozenset([ + 'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies + 'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier + 'PSA_ALG_ANY_HASH', # only in policies + 'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies + 'PSA_ALG_KEY_AGREEMENT', # chaining + 'PSA_ALG_TRUNCATED_MAC', # modifier +]) +def automatic_dependencies(*expressions: str) -> List[str]: + """Infer dependencies of a test case by looking for PSA_xxx symbols. + + The arguments are strings which should be C expressions. Do not use + string literals or comments as this function is not smart enough to + skip them. + """ + used = set() + for expr in expressions: + used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr)) + used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY) + return sorted(psa_want_symbol(name) for name in used) + +# Define set of regular expressions and dependencies to optionally append +# extra dependencies for test case. +AES_128BIT_ONLY_DEP_REGEX = r'AES\s(192|256)' +AES_128BIT_ONLY_DEP = ["!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"] + +DEPENDENCY_FROM_KEY = { + AES_128BIT_ONLY_DEP_REGEX: AES_128BIT_ONLY_DEP +}#type: Dict[str, List[str]] +def generate_key_dependencies(description: str) -> List[str]: + """Return additional dependencies based on pairs of REGEX and dependencies. + """ + deps = [] + for regex, dep in DEPENDENCY_FROM_KEY.items(): + if re.search(regex, description): + deps += dep + + return deps + +# A temporary hack: at the time of writing, not all dependency symbols +# are implemented yet. Skip test cases for which the dependency symbols are +# not available. Once all dependency symbols are available, this hack must +# be removed so that a bug in the dependency symbols properly leads to a test +# failure. +def read_implemented_dependencies(filename: str) -> FrozenSet[str]: + return frozenset(symbol + for line in open(filename) + for symbol in re.findall(r'\bPSA_WANT_\w+\b', line)) +_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name +def hack_dependencies_not_implemented(dependencies: List[str]) -> None: + global _implemented_dependencies #pylint: disable=global-statement,invalid-name + if _implemented_dependencies is None: + _implemented_dependencies = \ + read_implemented_dependencies('include/psa/crypto_config.h') + if not all((dep.lstrip('!') in _implemented_dependencies or + not dep.lstrip('!').startswith('PSA_WANT')) + for dep in dependencies): + dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET') + +def tweak_key_pair_dependency(dep: str, usage: str): + """ + This helper function add the proper suffix to PSA_WANT_KEY_TYPE_xxx_KEY_PAIR + symbols according to the required usage. + """ + ret_list = list() + if dep.endswith('KEY_PAIR'): + if usage == "BASIC": + # BASIC automatically includes IMPORT and EXPORT for test purposes (see + # config_psa.h). + ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_BASIC', dep)) + ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_IMPORT', dep)) + ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_EXPORT', dep)) + elif usage == "GENERATE": + ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_GENERATE', dep)) + else: + # No replacement to do in this case + ret_list.append(dep) + return ret_list + +def fix_key_pair_dependencies(dep_list: List[str], usage: str): + new_list = [new_deps + for dep in dep_list + for new_deps in tweak_key_pair_dependency(dep, usage)] + + return new_list diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index bae99383d..737760fd4 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -27,6 +27,7 @@ from typing import Dict, List, Optional, Set, Union import unittest from . import c_build_helper +from . import build_tree class Expr: @@ -51,13 +52,16 @@ class Expr: def update_cache(self) -> None: """Update `value_cache` for expressions registered in `unknown_values`.""" expressions = sorted(self.unknown_values) + includes = ['include'] + if build_tree.looks_like_tf_psa_crypto_root('.'): + includes.append('drivers/builtin/include') values = c_build_helper.get_c_expression_values( 'unsigned long', '%lu', expressions, header=""" #include """, - include_path=['include']) #type: List[str] + include_path=includes) #type: List[str] for e, v in zip(expressions, values): self.value_cache[e] = int(v, 0) self.unknown_values.clear() diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 1d9e0faeb..535613298 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -105,9 +105,37 @@ echo print_version "gcc" "--version" "" "head -n 1" echo +if [ -n "${GCC_EARLIEST+set}" ]; then + print_version "${GCC_EARLIEST}" "--version" "" "head -n 1" +else + echo " GCC_EARLIEST : Not configured." +fi +echo + +if [ -n "${GCC_LATEST+set}" ]; then + print_version "${GCC_LATEST}" "--version" "" "head -n 1" +else + echo " GCC_LATEST : Not configured." +fi +echo + print_version "clang" "--version" "" "head -n 2" echo +if [ -n "${CLANG_EARLIEST+set}" ]; then + print_version "${CLANG_EARLIEST}" "--version" "" "head -n 2" +else + echo " CLANG_EARLIEST : Not configured." +fi +echo + +if [ -n "${CLANG_LATEST+set}" ]; then + print_version "${CLANG_LATEST}" "--version" "" "head -n 2" +else + echo " CLANG_LATEST : Not configured." +fi +echo + print_version "ldd" "--version" "" "head -n 1" echo diff --git a/scripts/prepare_release.sh b/scripts/prepare_release.sh new file mode 100755 index 000000000..800383d2c --- /dev/null +++ b/scripts/prepare_release.sh @@ -0,0 +1,82 @@ +#!/bin/bash + +print_usage() +{ + cat <&2 "$0: unknown option: -$OPTLET" + echo 1>&2 "Try '$0 --help' for more information." + exit 3;; + esac +done + + + +#### .gitignore processing #### + +GITIGNORES=$(find . -name ".gitignore") +for GITIGNORE in $GITIGNORES; do + if [ -n "$unrelease" ]; then + sed -i '/###START_COMMENTED_GENERATED_FILES###/,/###END_COMMENTED_GENERATED_FILES###/s/^# //' $GITIGNORE + sed -i 's/###START_COMMENTED_GENERATED_FILES###/###START_GENERATED_FILES###/' $GITIGNORE + sed -i 's/###END_COMMENTED_GENERATED_FILES###/###END_GENERATED_FILES###/' $GITIGNORE + else + sed -i '/###START_GENERATED_FILES###/,/###END_GENERATED_FILES###/s/^/# /' $GITIGNORE + sed -i 's/###START_GENERATED_FILES###/###START_COMMENTED_GENERATED_FILES###/' $GITIGNORE + sed -i 's/###END_GENERATED_FILES###/###END_COMMENTED_GENERATED_FILES###/' $GITIGNORE + fi +done + + + +#### Build scripts #### + +# GEN_FILES defaults on (non-empty) in development, off (empty) in releases +if [ -n "$unrelease" ]; then + r=' yes' +else + r='' +fi +sed -i 's/^\(GEN_FILES[ ?:]*=\)\([^#]*\)/\1'"$r/" Makefile */Makefile + +# GEN_FILES defaults on in development, off in releases +if [ -n "$unrelease" ]; then + r='ON' +else + r='OFF' +fi +sed -i '/[Oo][Ff][Ff] in development/! s/^\( *option *( *GEN_FILES *"[^"]*" *\)\([A-Za-z0-9][A-Za-z0-9]*\)/\1'"$r/" CMakeLists.txt diff --git a/scripts/windows_msbuild.bat b/scripts/windows_msbuild.bat index e41993101..ff2b9f2d1 100644 --- a/scripts/windows_msbuild.bat +++ b/scripts/windows_msbuild.bat @@ -14,7 +14,7 @@ if not "%~1"=="" set "retarget=,PlatformToolset=%1" @rem vcvarsall.bat will silently change the directory to that directory. @rem Setting the VSCMD_START_DIR environment variable causes it to change @rem to that directory instead. -set "VSCMD_START_DIR=%~dp0\..\visualc\VS2010" +set "VSCMD_START_DIR=%~dp0\..\visualc\VS2013" "%vcvarsall%" x64 && ^ msbuild /t:Rebuild /p:Configuration=%cfg%%retarget% /m mbedTLS.sln diff --git a/tests/.gitignore b/tests/.gitignore index 15fce6888..973ebb508 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -1,11 +1,6 @@ *.sln *.vcxproj -# Generated source files -/suites/*.generated.data -/suites/test_suite_psa_crypto_storage_format.v[0-9]*.data -/suites/test_suite_psa_crypto_storage_format.current.data - *.log /test_suite* data_files/mpi_write @@ -13,10 +8,17 @@ data_files/hmac_drbg_seed data_files/ctr_drbg_seed data_files/entropy_seed +include/alt-extra/psa/crypto_platform_alt.h +include/alt-extra/psa/crypto_struct_alt.h include/test/instrument_record_status.h -src/*.o -src/drivers/*.o src/libmbed* libtestdriver1/* + +###START_GENERATED_FILES### +# Generated source files +/suites/*.generated.data +/suites/test_suite_psa_crypto_storage_format.v[0-9]*.data +/suites/test_suite_psa_crypto_storage_format.current.data +###END_GENERATED_FILES### diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 4a7de820a..0869aaa01 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -29,6 +29,18 @@ execute_process( string(REGEX REPLACE "[^;]*/" "" base_bignum_generated_data_files "${base_bignum_generated_data_files}") +execute_process( + COMMAND + ${MBEDTLS_PYTHON_EXECUTABLE} + ${CMAKE_CURRENT_SOURCE_DIR}/../tests/scripts/generate_ecp_tests.py + --list-for-cmake + WORKING_DIRECTORY + ${CMAKE_CURRENT_SOURCE_DIR}/.. + OUTPUT_VARIABLE + base_ecp_generated_data_files) +string(REGEX REPLACE "[^;]*/" "" + base_ecp_generated_data_files "${base_ecp_generated_data_files}") + execute_process( COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} @@ -44,14 +56,18 @@ string(REGEX REPLACE "[^;]*/" "" # Derive generated file paths in the build directory. The generated data # files go into the suites/ subdirectory. set(base_generated_data_files - ${base_bignum_generated_data_files} ${base_psa_generated_data_files}) + ${base_bignum_generated_data_files} ${base_ecp_generated_data_files} ${base_psa_generated_data_files}) string(REGEX REPLACE "([^;]+)" "suites/\\1" all_generated_data_files "${base_generated_data_files}") set(bignum_generated_data_files "") +set(ecp_generated_data_files "") set(psa_generated_data_files "") foreach(file ${base_bignum_generated_data_files}) list(APPEND bignum_generated_data_files ${CMAKE_CURRENT_BINARY_DIR}/suites/${file}) endforeach() +foreach(file ${base_ecp_generated_data_files}) + list(APPEND ecp_generated_data_files ${CMAKE_CURRENT_BINARY_DIR}/suites/${file}) +endforeach() foreach(file ${base_psa_generated_data_files}) list(APPEND psa_generated_data_files ${CMAKE_CURRENT_BINARY_DIR}/suites/${file}) endforeach() @@ -75,6 +91,22 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_case.py ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_data_generation.py ) + add_custom_command( + OUTPUT + ${ecp_generated_data_files} + WORKING_DIRECTORY + ${CMAKE_CURRENT_SOURCE_DIR}/.. + COMMAND + ${MBEDTLS_PYTHON_EXECUTABLE} + ${CMAKE_CURRENT_SOURCE_DIR}/../tests/scripts/generate_ecp_tests.py + --directory ${CMAKE_CURRENT_BINARY_DIR}/suites + DEPENDS + ${CMAKE_CURRENT_SOURCE_DIR}/../tests/scripts/generate_ecp_tests.py + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/bignum_common.py + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/ecp.py + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_case.py + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_data_generation.py + ) add_custom_command( OUTPUT ${psa_generated_data_files} @@ -86,8 +118,10 @@ if(GEN_FILES) --directory ${CMAKE_CURRENT_BINARY_DIR}/suites DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../tests/scripts/generate_psa_tests.py + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/crypto_data_tests.py ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/crypto_knowledge.py ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/macro_collector.py + ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/psa_information.py ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/psa_storage.py ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_case.py ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_data_generation.py @@ -107,6 +141,7 @@ endif() # With this line, only 4 sub-makefiles include the above command, that reduces # the risk of a race. add_custom_target(test_suite_bignum_generated_data DEPENDS ${bignum_generated_data_files}) +add_custom_target(test_suite_ecp_generated_data DEPENDS ${ecp_generated_data_files}) add_custom_target(test_suite_psa_generated_data DEPENDS ${psa_generated_data_files}) # If SKIP_TEST_SUITES is not defined with -D, get it from the environment. if((NOT DEFINED SKIP_TEST_SUITES) AND (DEFINED ENV{SKIP_TEST_SUITES})) @@ -129,6 +164,7 @@ function(add_test_suite suite_name) # Get the test names of the tests with generated .data files # from the generated_data_files list in parent scope. set(bignum_generated_data_names "") + set(ecp_generated_data_names "") set(psa_generated_data_names "") foreach(generated_data_file ${bignum_generated_data_files}) # Get the plain filename @@ -139,6 +175,15 @@ function(add_test_suite suite_name) string(SUBSTRING ${generated_data_name} 11 -1 generated_data_name) list(APPEND bignum_generated_data_names ${generated_data_name}) endforeach() + foreach(generated_data_file ${ecp_generated_data_files}) + # Get the plain filename + get_filename_component(generated_data_name ${generated_data_file} NAME) + # Remove the ".data" extension + get_name_without_last_ext(generated_data_name ${generated_data_name}) + # Remove leading "test_suite_" + string(SUBSTRING ${generated_data_name} 11 -1 generated_data_name) + list(APPEND ecp_generated_data_names ${generated_data_name}) + endforeach() foreach(generated_data_file ${psa_generated_data_files}) # Get the plain filename get_filename_component(generated_data_name ${generated_data_file} NAME) @@ -153,6 +198,10 @@ function(add_test_suite suite_name) set(data_file ${CMAKE_CURRENT_BINARY_DIR}/suites/test_suite_${data_name}.data) set(dependency test_suite_bignum_generated_data) + elseif(";${ecp_generated_data_names};" MATCHES ";${data_name};") + set(data_file + ${CMAKE_CURRENT_BINARY_DIR}/suites/test_suite_${data_name}.data) + set(dependency test_suite_ecp_generated_data) elseif(";${psa_generated_data_names};" MATCHES ";${data_name};") set(data_file ${CMAKE_CURRENT_BINARY_DIR}/suites/test_suite_${data_name}.data) @@ -160,7 +209,7 @@ function(add_test_suite suite_name) else() set(data_file ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data) - set(dependency test_suite_bignum_generated_data test_suite_psa_generated_data) + set(dependency test_suite_bignum_generated_data test_suite_ecp_generated_data test_suite_psa_generated_data) endif() add_custom_command( @@ -190,7 +239,9 @@ function(add_test_suite suite_name) test_suite_${data_name}.datax ) - add_executable(test_suite_${data_name} test_suite_${data_name}.c $) + add_executable(test_suite_${data_name} test_suite_${data_name}.c + $ + $) add_dependencies(test_suite_${data_name} ${dependency}) target_link_libraries(test_suite_${data_name} ${libs}) # Include test-specific header files from ./include and private header diff --git a/tests/Makefile b/tests/Makefile index f0373381e..2249a55df 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -49,7 +49,7 @@ endif ifdef WINDOWS_BUILD DLEXT=dll EXEXT=.exe -LOCAL_LDFLAGS += -lws2_32 +LOCAL_LDFLAGS += -lws2_32 -lbcrypt ifdef SHARED SHARED_SUFFIX=.$(DLEXT) endif @@ -65,6 +65,14 @@ else PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif +# See root Makefile +GEN_FILES ?= yes +ifdef GEN_FILES +gen_file_dep = +else +gen_file_dep = | +endif + .PHONY: generated_files GENERATED_BIGNUM_DATA_FILES := $(patsubst tests/%,%,$(shell \ $(PYTHON) scripts/generate_bignum_tests.py --list || \ @@ -73,6 +81,13 @@ GENERATED_BIGNUM_DATA_FILES := $(patsubst tests/%,%,$(shell \ ifeq ($(GENERATED_BIGNUM_DATA_FILES),FAILED) $(error "$(PYTHON) scripts/generate_bignum_tests.py --list" failed) endif +GENERATED_ECP_DATA_FILES := $(patsubst tests/%,%,$(shell \ + $(PYTHON) scripts/generate_ecp_tests.py --list || \ + echo FAILED \ +)) +ifeq ($(GENERATED_ECP_DATA_FILES),FAILED) +$(error "$(PYTHON) scripts/generate_ecp_tests.py --list" failed) +endif GENERATED_PSA_DATA_FILES := $(patsubst tests/%,%,$(shell \ $(PYTHON) scripts/generate_psa_tests.py --list || \ echo FAILED \ @@ -80,7 +95,7 @@ GENERATED_PSA_DATA_FILES := $(patsubst tests/%,%,$(shell \ ifeq ($(GENERATED_PSA_DATA_FILES),FAILED) $(error "$(PYTHON) scripts/generate_psa_tests.py --list" failed) endif -GENERATED_FILES := $(GENERATED_PSA_DATA_FILES) $(GENERATED_BIGNUM_DATA_FILES) +GENERATED_FILES := $(GENERATED_PSA_DATA_FILES) $(GENERATED_ECP_DATA_FILES) $(GENERATED_BIGNUM_DATA_FILES) generated_files: $(GENERATED_FILES) # generate_bignum_tests.py and generate_psa_tests.py spend more time analyzing @@ -89,8 +104,8 @@ generated_files: $(GENERATED_FILES) # It's rare not to want all the outputs. So always generate all of its outputs. # Use an intermediate phony dependency so that parallel builds don't run # a separate instance of the recipe for each output file. -.SECONDARY: generated_bignum_test_data generated_psa_test_data -$(GENERATED_BIGNUM_DATA_FILES): generated_bignum_test_data +.SECONDARY: generated_bignum_test_data generated_ecp_test_data generated_psa_test_data +$(GENERATED_BIGNUM_DATA_FILES): $(gen_file_dep) generated_bignum_test_data generated_bignum_test_data: scripts/generate_bignum_tests.py generated_bignum_test_data: ../scripts/mbedtls_dev/bignum_common.py generated_bignum_test_data: ../scripts/mbedtls_dev/bignum_core.py @@ -102,10 +117,22 @@ generated_bignum_test_data: echo " Gen $(GENERATED_BIGNUM_DATA_FILES)" $(PYTHON) scripts/generate_bignum_tests.py -$(GENERATED_PSA_DATA_FILES): generated_psa_test_data +$(GENERATED_ECP_DATA_FILES): $(gen_file_dep) generated_ecp_test_data +generated_ecp_test_data: scripts/generate_ecp_tests.py +generated_ecp_test_data: ../scripts/mbedtls_dev/bignum_common.py +generated_ecp_test_data: ../scripts/mbedtls_dev/ecp.py +generated_ecp_test_data: ../scripts/mbedtls_dev/test_case.py +generated_ecp_test_data: ../scripts/mbedtls_dev/test_data_generation.py +generated_ecp_test_data: + echo " Gen $(GENERATED_ECP_DATA_FILES)" + $(PYTHON) scripts/generate_ecp_tests.py + +$(GENERATED_PSA_DATA_FILES): $(gen_file_dep) generated_psa_test_data generated_psa_test_data: scripts/generate_psa_tests.py +generated_psa_test_data: ../scripts/mbedtls_dev/crypto_data_tests.py generated_psa_test_data: ../scripts/mbedtls_dev/crypto_knowledge.py generated_psa_test_data: ../scripts/mbedtls_dev/macro_collector.py +generated_psa_test_data: ../scripts/mbedtls_dev/psa_information.py generated_psa_test_data: ../scripts/mbedtls_dev/psa_storage.py generated_psa_test_data: ../scripts/mbedtls_dev/test_case.py generated_psa_test_data: ../scripts/mbedtls_dev/test_data_generation.py @@ -143,7 +170,7 @@ all: $(BINARIES) $(MBEDLIBS): $(MAKE) -C ../library -MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c)) +MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c)) mbedtls_test: $(MBEDTLS_TEST_OBJS) @@ -164,6 +191,10 @@ src/drivers/%.o : src/drivers/%.c echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $< +src/test_helpers/%.o : src/test_helpers/%.c + echo " CC $<" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $< + C_FILES := $(addsuffix .c,$(APPS)) c: $(C_FILES) @@ -200,15 +231,18 @@ $(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS) clean: ifndef WINDOWS rm -rf $(BINARIES) *.c *.datax - rm -f src/*.o src/drivers/*.o src/libmbed* + rm -f src/*.o src/drivers/*.o src/test_helpers/*.o src/libmbed* rm -f include/test/instrument_record_status.h + rm -f include/alt-extra/*/*_alt.h rm -rf libtestdriver1 + rm -f ../library/libtestdriver1.a else if exist *.c del /Q /F *.c if exist *.exe del /Q /F *.exe if exist *.datax del /Q /F *.datax if exist src/*.o del /Q /F src/*.o if exist src/drivers/*.o del /Q /F src/drivers/*.o + if exist src/test_helpers/*.o del /Q /F src/test_helpers/*.o if exist src/libmbed* del /Q /F src/libmed* if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h endif @@ -226,6 +260,10 @@ check: $(BINARIES) test: check +# Generate variants of some headers for testing +include/alt-extra/%_alt.h: ../include/%.h + perl -p -e 's/^(# *(define|ifndef) +\w+_)H\b/$${1}ALT_H/' $< >$@ + # Generate test library # Perl code that is executed to transform each original line from a library diff --git a/tests/compat.sh b/tests/compat.sh index fc2bfab7a..252736bb2 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -30,6 +30,11 @@ set -u # where it may output seemingly unlimited length error logs. ulimit -f 20971520 +ORIGINAL_PWD=$PWD +if ! cd "$(dirname "$0")"; then + exit 125 +fi + # initialise counters TESTS=0 FAILED=0 @@ -77,6 +82,17 @@ else PEER_GNUTLS="" fi +guess_config_name() { + if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then + echo "default" + else + echo "unknown" + fi +} +: ${MBEDTLS_TEST_OUTCOME_FILE=} +: ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"} +: ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} + # default values for options # /!\ keep this synchronised with: # - basic-build-test.sh @@ -89,7 +105,7 @@ FILTER="" # - NULL: excluded from our default config + requires OpenSSL legacy # - ARIA: requires OpenSSL >= 1.1.1 # - ChachaPoly: requires OpenSSL >= 1.1.0 -EXCLUDE='NULL\|ARIA\|CHACHA20-POLY1305' +EXCLUDE='NULL\|ARIA\|CHACHA20_POLY1305' VERBOSE="" MEMCHECK=0 PEERS="OpenSSL$PEER_GNUTLS mbedTLS" @@ -110,6 +126,39 @@ print_usage() { printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" printf " -M|--memcheck\tCheck memory leaks and errors.\n" printf " -v|--verbose\tSet verbose output.\n" + printf " --list-test-case\tList all potential test cases (No Execution)\n" + printf " --outcome-file\tFile where test outcomes are written\n" + printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" +} + +# print_test_case +print_test_case() { + for i in $3; do + uniform_title $1 $2 $i + echo $TITLE + done +} + +# list_test_case lists all potential test cases in compat.sh without execution +list_test_case() { + reset_ciphersuites + for TYPE in $TYPES; do + add_common_ciphersuites + add_openssl_ciphersuites + add_gnutls_ciphersuites + add_mbedtls_ciphersuites + done + + for VERIFY in $VERIFIES; do + VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') + for MODE in $MODES; do + print_test_case m O "$O_CIPHERS" + print_test_case O m "$O_CIPHERS" + print_test_case m G "$G_CIPHERS" + print_test_case G m "$G_CIPHERS" + print_test_case m m "$M_CIPHERS" + done + done } get_options() { @@ -139,6 +188,15 @@ get_options() { -M|--memcheck) MEMCHECK=1 ;; + # Please check scripts/check_test_cases.py correspondingly + # if you have to modify option, --list-test-case + --list-test-case) + list_test_case + exit $? + ;; + --outcome-file) + shift; MBEDTLS_TEST_OUTCOME_FILE=$1 + ;; -h|--help) print_usage exit 0 @@ -200,22 +258,11 @@ filter() echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//' } -# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for -# PSK ciphersuites with DTLS, which is incorrect, so disable them for now -check_openssl_server_bug() -{ - if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \ - echo "$1" | grep "^TLS-PSK" >/dev/null; - then - SKIP_NEXT="YES" - fi -} - filter_ciphersuites() { if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ]; then - # Ciphersuite for mbed TLS + # Ciphersuite for Mbed TLS M_CIPHERS=$( filter "$M_CIPHERS" ) # Ciphersuite for OpenSSL @@ -225,9 +272,9 @@ filter_ciphersuites() G_CIPHERS=$( filter "$G_CIPHERS" ) fi - # For GnuTLS client -> mbed TLS server, + # For GnuTLS client -> Mbed TLS server, # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails - if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then + if is_dtls "$MODE" && [ "X$VERIFY" = "XYES" ]; then G_CIPHERS="" fi } @@ -239,9 +286,14 @@ reset_ciphersuites() G_CIPHERS="" } -check_translation() +# translate_ciphers {g|m|o} {STANDARD_CIPHER_SUITE_NAME...} +# Set $ciphers to the cipher suite name translations for the specified +# program (gnutls, mbedtls or openssl). $ciphers is a space-separated +# list of entries of the form "STANDARD_NAME=PROGRAM_NAME". +translate_ciphers() { - if [ $1 -ne 0 ]; then + ciphers=$(scripts/translate_ciphers.py "$@") + if [ $? -ne 0 ]; then echo "translate_ciphers.py failed with exit code $1" >&2 echo "$2" >&2 exit 1 @@ -258,71 +310,66 @@ add_common_ciphersuites() "ECDSA") CIPHERS="$CIPHERS \ - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \ - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ - TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \ - TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-NULL-SHA \ + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA \ + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 \ + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \ + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA \ + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 \ + TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 \ + TLS_ECDHE_ECDSA_WITH_NULL_SHA \ " ;; "RSA") CIPHERS="$CIPHERS \ - TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ - TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \ - TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-AES-256-CBC-SHA \ - TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \ - TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \ - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \ - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \ - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \ - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \ - TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \ - TLS-ECDHE-RSA-WITH-NULL-SHA \ - TLS-RSA-WITH-AES-128-CBC-SHA \ - TLS-RSA-WITH-AES-128-CBC-SHA256 \ - TLS-RSA-WITH-AES-128-GCM-SHA256 \ - TLS-RSA-WITH-AES-256-CBC-SHA \ - TLS-RSA-WITH-AES-256-CBC-SHA256 \ - TLS-RSA-WITH-AES-256-GCM-SHA384 \ - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \ - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \ - TLS-RSA-WITH-NULL-MD5 \ - TLS-RSA-WITH-NULL-SHA \ - TLS-RSA-WITH-NULL-SHA256 \ + TLS_DHE_RSA_WITH_AES_128_CBC_SHA \ + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 \ + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 \ + TLS_DHE_RSA_WITH_AES_256_CBC_SHA \ + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 \ + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 \ + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA \ + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA \ + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA \ + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 \ + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 \ + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA \ + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 \ + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 \ + TLS_ECDHE_RSA_WITH_NULL_SHA \ + TLS_RSA_WITH_AES_128_CBC_SHA \ + TLS_RSA_WITH_AES_128_CBC_SHA256 \ + TLS_RSA_WITH_AES_128_GCM_SHA256 \ + TLS_RSA_WITH_AES_256_CBC_SHA \ + TLS_RSA_WITH_AES_256_CBC_SHA256 \ + TLS_RSA_WITH_AES_256_GCM_SHA384 \ + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA \ + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA \ + TLS_RSA_WITH_NULL_MD5 \ + TLS_RSA_WITH_NULL_SHA \ + TLS_RSA_WITH_NULL_SHA256 \ " ;; "PSK") CIPHERS="$CIPHERS \ - TLS-PSK-WITH-AES-128-CBC-SHA \ - TLS-PSK-WITH-AES-256-CBC-SHA \ + TLS_PSK_WITH_AES_128_CBC_SHA \ + TLS_PSK_WITH_AES_256_CBC_SHA \ " ;; esac + O_CIPHERS="$O_CIPHERS $CIPHERS" + G_CIPHERS="$G_CIPHERS $CIPHERS" M_CIPHERS="$M_CIPHERS $CIPHERS" - - T=$(./scripts/translate_ciphers.py g $CIPHERS) - check_translation $? "$T" - G_CIPHERS="$G_CIPHERS $T" - - T=$(./scripts/translate_ciphers.py o $CIPHERS) - check_translation $? "$T" - O_CIPHERS="$O_CIPHERS $T" } # Ciphersuites usable only with Mbed TLS and OpenSSL -# A list of ciphersuites in the Mbed TLS convention is compiled and -# appended to the list of Mbed TLS ciphersuites $M_CIPHERS. The same list -# is translated to the OpenSSL naming convention and appended to the list of -# OpenSSL ciphersuites $O_CIPHERS. +# A list of ciphersuites in the standard naming convention is appended +# to the list of Mbed TLS ciphersuites $M_CIPHERS and +# to the list of OpenSSL ciphersuites $O_CIPHERS respectively. +# Based on client's naming convention, all ciphersuite names will be +# translated into another naming format before sent to the client. # # NOTE: for some reason RSA-PSK doesn't work with OpenSSL, # so RSA-PSK ciphersuites need to go in other sections, see @@ -337,57 +384,55 @@ add_openssl_ciphersuites() "ECDSA") CIPHERS="$CIPHERS \ - TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \ - TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ - TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \ - TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \ - TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \ - TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \ - TLS-ECDH-ECDSA-WITH-NULL-SHA \ - TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA \ + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 \ + TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 \ + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA \ + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 \ + TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 \ + TLS_ECDH_ECDSA_WITH_NULL_SHA \ + TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 \ + TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 \ + TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 \ " ;; "RSA") CIPHERS="$CIPHERS \ - TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-RSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-RSA-WITH-ARIA-256-GCM-SHA384 \ + TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 \ + TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 \ + TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 \ + TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 \ + TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 \ + TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 \ + TLS_RSA_WITH_ARIA_128_GCM_SHA256 \ + TLS_RSA_WITH_ARIA_256_GCM_SHA384 \ " ;; "PSK") CIPHERS="$CIPHERS \ - TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \ - TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ - TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-PSK-WITH-ARIA-128-GCM-SHA256 \ - TLS-PSK-WITH-ARIA-256-GCM-SHA384 \ - TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \ + TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 \ + TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 \ + TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \ + TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 \ + TLS_PSK_WITH_ARIA_128_GCM_SHA256 \ + TLS_PSK_WITH_ARIA_256_GCM_SHA384 \ + TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 \ " ;; esac + O_CIPHERS="$O_CIPHERS $CIPHERS" M_CIPHERS="$M_CIPHERS $CIPHERS" - - T=$(./scripts/translate_ciphers.py o $CIPHERS) - check_translation $? "$T" - O_CIPHERS="$O_CIPHERS $T" } # Ciphersuites usable only with Mbed TLS and GnuTLS -# A list of ciphersuites in the Mbed TLS convention is compiled and -# appended to the list of Mbed TLS ciphersuites $M_CIPHERS. The same list -# is translated to the GnuTLS naming convention and appended to the list of -# GnuTLS ciphersuites $G_CIPHERS. +# A list of ciphersuites in the standard naming convention is appended +# to the list of Mbed TLS ciphersuites $M_CIPHERS and +# to the list of GnuTLS ciphersuites $G_CIPHERS respectively. +# Based on client's naming convention, all ciphersuite names will be +# translated into another naming format before sent to the client. add_gnutls_ciphersuites() { CIPHERS="" @@ -395,107 +440,104 @@ add_gnutls_ciphersuites() "ECDSA") CIPHERS="$CIPHERS \ - TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ - TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ - TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ - TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS_ECDHE_ECDSA_WITH_AES_128_CCM \ + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 \ + TLS_ECDHE_ECDSA_WITH_AES_256_CCM \ + TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 \ + TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \ " ;; "RSA") CIPHERS="$CIPHERS \ - TLS-DHE-RSA-WITH-AES-128-CCM \ - TLS-DHE-RSA-WITH-AES-128-CCM-8 \ - TLS-DHE-RSA-WITH-AES-256-CCM \ - TLS-DHE-RSA-WITH-AES-256-CCM-8 \ - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ - TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-RSA-WITH-AES-128-CCM \ - TLS-RSA-WITH-AES-128-CCM-8 \ - TLS-RSA-WITH-AES-256-CCM \ - TLS-RSA-WITH-AES-256-CCM-8 \ - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ - TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ + TLS_DHE_RSA_WITH_AES_128_CCM \ + TLS_DHE_RSA_WITH_AES_128_CCM_8 \ + TLS_DHE_RSA_WITH_AES_256_CCM \ + TLS_DHE_RSA_WITH_AES_256_CCM_8 \ + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 \ + TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \ + TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \ + TLS_RSA_WITH_AES_128_CCM \ + TLS_RSA_WITH_AES_128_CCM_8 \ + TLS_RSA_WITH_AES_256_CCM \ + TLS_RSA_WITH_AES_256_CCM_8 \ + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 \ + TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 \ " ;; "PSK") CIPHERS="$CIPHERS \ - TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ - TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-DHE-PSK-WITH-AES-128-CCM \ - TLS-DHE-PSK-WITH-AES-128-CCM-8 \ - TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \ - TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ - TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-DHE-PSK-WITH-AES-256-CCM \ - TLS-DHE-PSK-WITH-AES-256-CCM-8 \ - TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \ - TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-DHE-PSK-WITH-NULL-SHA256 \ - TLS-DHE-PSK-WITH-NULL-SHA384 \ - TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ - TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ - TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDHE-PSK-WITH-NULL-SHA256 \ - TLS-ECDHE-PSK-WITH-NULL-SHA384 \ - TLS-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-PSK-WITH-AES-128-CCM \ - TLS-PSK-WITH-AES-128-CCM-8 \ - TLS-PSK-WITH-AES-128-GCM-SHA256 \ - TLS-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-PSK-WITH-AES-256-CCM \ - TLS-PSK-WITH-AES-256-CCM-8 \ - TLS-PSK-WITH-AES-256-GCM-SHA384 \ - TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-PSK-WITH-NULL-SHA256 \ - TLS-PSK-WITH-NULL-SHA384 \ - TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ - TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ - TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \ - TLS-RSA-PSK-WITH-AES-256-CBC-SHA \ - TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \ - TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-RSA-PSK-WITH-NULL-SHA256 \ - TLS-RSA-PSK-WITH-NULL-SHA384 \ + TLS_DHE_PSK_WITH_AES_128_CBC_SHA \ + TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 \ + TLS_DHE_PSK_WITH_AES_128_CCM \ + TLS_DHE_PSK_WITH_AES_128_CCM_8 \ + TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 \ + TLS_DHE_PSK_WITH_AES_256_CBC_SHA \ + TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 \ + TLS_DHE_PSK_WITH_AES_256_CCM \ + TLS_DHE_PSK_WITH_AES_256_CCM_8 \ + TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 \ + TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 \ + TLS_DHE_PSK_WITH_NULL_SHA256 \ + TLS_DHE_PSK_WITH_NULL_SHA384 \ + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA \ + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 \ + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA \ + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 \ + TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_ECDHE_PSK_WITH_NULL_SHA256 \ + TLS_ECDHE_PSK_WITH_NULL_SHA384 \ + TLS_PSK_WITH_AES_128_CBC_SHA256 \ + TLS_PSK_WITH_AES_128_CCM \ + TLS_PSK_WITH_AES_128_CCM_8 \ + TLS_PSK_WITH_AES_128_GCM_SHA256 \ + TLS_PSK_WITH_AES_256_CBC_SHA384 \ + TLS_PSK_WITH_AES_256_CCM \ + TLS_PSK_WITH_AES_256_CCM_8 \ + TLS_PSK_WITH_AES_256_GCM_SHA384 \ + TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 \ + TLS_PSK_WITH_NULL_SHA256 \ + TLS_PSK_WITH_NULL_SHA384 \ + TLS_RSA_PSK_WITH_AES_128_CBC_SHA \ + TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 \ + TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 \ + TLS_RSA_PSK_WITH_AES_256_CBC_SHA \ + TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 \ + TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 \ + TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 \ + TLS_RSA_PSK_WITH_NULL_SHA256 \ + TLS_RSA_PSK_WITH_NULL_SHA384 \ " ;; esac + G_CIPHERS="$G_CIPHERS $CIPHERS" M_CIPHERS="$M_CIPHERS $CIPHERS" - - T=$(./scripts/translate_ciphers.py g $CIPHERS) - check_translation $? "$T" - G_CIPHERS="$G_CIPHERS $T" } # Ciphersuites usable only with Mbed TLS (not currently supported by another -# peer usable in this script). This provide only very rudimentaty testing, as +# peer usable in this script). This provides only very rudimentaty testing, as # this is not interop testing, but it's better than nothing. add_mbedtls_ciphersuites() { @@ -503,53 +545,63 @@ add_mbedtls_ciphersuites() "ECDSA") M_CIPHERS="$M_CIPHERS \ - TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \ - TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ - TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ - TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \ + TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 \ + TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 \ + TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 \ + TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 \ + TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \ + TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \ + TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \ + TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \ + TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 \ + TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 \ " ;; "RSA") M_CIPHERS="$M_CIPHERS \ - TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \ - TLS-RSA-WITH-ARIA-128-CBC-SHA256 \ - TLS-RSA-WITH-ARIA-256-CBC-SHA384 \ + TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 \ + TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 \ + TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 \ + TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 \ + TLS_RSA_WITH_ARIA_128_CBC_SHA256 \ + TLS_RSA_WITH_ARIA_256_CBC_SHA384 \ " ;; "PSK") - # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15 + # *PSK_NULL_SHA suites supported by GnuTLS 3.3.5 but not 3.2.15 M_CIPHERS="$M_CIPHERS \ - TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-DHE-PSK-WITH-NULL-SHA \ - TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-ECDHE-PSK-WITH-NULL-SHA \ - TLS-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-PSK-WITH-NULL-SHA \ - TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \ - TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \ - TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \ - TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \ - TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \ - TLS-RSA-PSK-WITH-NULL-SHA \ + TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 \ + TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 \ + TLS_DHE_PSK_WITH_NULL_SHA \ + TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 \ + TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 \ + TLS_ECDHE_PSK_WITH_NULL_SHA \ + TLS_PSK_WITH_ARIA_128_CBC_SHA256 \ + TLS_PSK_WITH_ARIA_256_CBC_SHA384 \ + TLS_PSK_WITH_NULL_SHA \ + TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 \ + TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 \ + TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 \ + TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 \ + TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 \ + TLS_RSA_PSK_WITH_NULL_SHA \ " ;; esac } +# o_check_ciphersuite STANDARD_CIPHER_SUITE +o_check_ciphersuite() +{ + if [ "${O_SUPPORT_ECDH}" = "NO" ]; then + case "$1" in + *ECDH_*) SKIP_NEXT="YES" + esac + fi +} + setup_arguments() { O_MODE="" @@ -604,7 +656,6 @@ setup_arguments() M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE" O_CLIENT_ARGS="-connect localhost:$PORT -$O_MODE" G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE" - G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL" # Newer versions of OpenSSL have a syntax to enable all "ciphers", even # low-security ones. This covers not just cipher suites but also protocol @@ -620,6 +671,11 @@ setup_arguments() ;; esac + case $($OPENSSL ciphers ALL) in + *ECDH-ECDSA*|*ECDH-RSA*) O_SUPPORT_ECDH="YES";; + *) O_SUPPORT_ECDH="NO";; + esac + if [ "X$VERIFY" = "XYES" ]; then M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" @@ -684,7 +740,11 @@ setup_arguments() # is_mbedtls is_mbedtls() { - echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null + case $1 in + *ssl_client2*) true;; + *ssl_server2*) true;; + *) false;; + esac } # has_mem_err @@ -753,15 +813,17 @@ start_server() { echo "$SERVER_CMD" > $SRV_OUT # for servers without -www or equivalent while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 & - PROCESS_ID=$! + SRV_PID=$! - wait_server_start "$PORT" "$PROCESS_ID" + wait_server_start "$PORT" "$SRV_PID" } # terminate the running server stop_server() { - kill $PROCESS_ID 2>/dev/null - wait $PROCESS_ID 2>/dev/null + # For Ubuntu 22.04, `Terminated` message is outputed by wait command. + # To remove it from stdout, redirect stdout/stderr to SRV_OUT + kill $SRV_PID >/dev/null 2>&1 + wait $SRV_PID >> $SRV_OUT 2>&1 if [ "$MEMCHECK" -gt 0 ]; then if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then @@ -777,7 +839,7 @@ stop_server() { # kill the running server (used when killed by signal) cleanup() { rm -f $SRV_OUT $CLI_OUT - kill $PROCESS_ID >/dev/null 2>&1 + kill $SRV_PID >/dev/null 2>&1 kill $WATCHDOG_PID >/dev/null 2>&1 exit 1 } @@ -790,30 +852,70 @@ wait_client_done() { ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) & WATCHDOG_PID=$! - wait $CLI_PID + # For Ubuntu 22.04, `Terminated` message is outputed by wait command. + # To remove it from stdout, redirect stdout/stderr to CLI_OUT + wait $CLI_PID >> $CLI_OUT 2>&1 EXIT=$? - kill $WATCHDOG_PID - wait $WATCHDOG_PID + kill $WATCHDOG_PID >/dev/null 2>&1 + wait $WATCHDOG_PID >> $CLI_OUT 2>&1 echo "EXIT: $EXIT" >> $CLI_OUT } -# run_client +# uniform_title +# $TITLE is considered as test case description for both --list-test-case and +# MBEDTLS_TEST_OUTCOME_FILE. This function aims to control the format of +# each test case description. +uniform_title() { + TITLE="$1->$2 $MODE,$VERIF $3" +} + +# record_outcome [] +record_outcome() { + echo "$1" + if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then + # The test outcome file has the format (in single line): + # platform;configuration; + # test suite name;test case description; + # PASS/FAIL/SKIP;[failure cause] + printf '%s;%s;%s;%s;%s;%s\n' \ + "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \ + "compat" "$TITLE" \ + "$1" "${2-}" \ + >> "$MBEDTLS_TEST_OUTCOME_FILE" + fi +} + +# display additional information if test case fails +report_fail() { + FAIL_PROMPT="outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" + record_outcome "FAIL" "$FAIL_PROMPT" + cp $SRV_OUT c-srv-${TESTS}.log + cp $CLI_OUT c-cli-${TESTS}.log + echo " ! $FAIL_PROMPT" + + if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then + echo " ! server output:" + cat c-srv-${TESTS}.log + echo " ! ===================================================" + echo " ! client output:" + cat c-cli-${TESTS}.log + fi +} + +# run_client PROGRAM_NAME STANDARD_CIPHER_SUITE PROGRAM_CIPHER_SUITE run_client() { # announce what we're going to do TESTS=$(( $TESTS + 1 )) - VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') - TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`" - TITLE="$TITLE $MODE,$VERIF $2" - printf "%s " "$TITLE" - LEN=$(( 72 - `echo "$TITLE" | wc -c` )) - for i in `seq 1 $LEN`; do printf '.'; done; printf ' ' + uniform_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2 + DOTS72="........................................................................" + printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72" # should we skip? if [ "X$SKIP_NEXT" = "XYES" ]; then SKIP_NEXT="NO" - echo "SKIP" + record_outcome "SKIP" SKIPPED=$(( $SKIPPED + 1 )) return fi @@ -821,7 +923,7 @@ run_client() { # run the command and interpret result case $1 in [Oo]pen*) - CLIENT_CMD="$OPENSSL s_client $O_CLIENT_ARGS -cipher $2" + CLIENT_CMD="$OPENSSL s_client $O_CLIENT_ARGS -cipher $3" log "$CLIENT_CMD" echo "$CLIENT_CMD" > $CLI_OUT printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & @@ -830,7 +932,7 @@ run_client() { if [ $EXIT -eq 0 ]; then RESULT=0 else - # If the cipher isn't supported... + # If it is NULL cipher ... if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then RESULT=1 else @@ -846,7 +948,7 @@ run_client() { else G_HOST="localhost" fi - CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 $G_HOST" + CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$3 $G_HOST" log "$CLIENT_CMD" echo "$CLIENT_CMD" > $CLI_OUT printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & @@ -868,7 +970,7 @@ run_client() { ;; mbed*) - CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$2" + CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$3" if [ "$MEMCHECK" -gt 0 ]; then CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD" fi @@ -907,26 +1009,14 @@ run_client() { # report and count result case $RESULT in "0") - echo PASS + record_outcome "PASS" ;; "1") - echo SKIP + record_outcome "SKIP" SKIPPED=$(( $SKIPPED + 1 )) ;; "2") - echo FAIL - cp $SRV_OUT c-srv-${TESTS}.log - cp $CLI_OUT c-cli-${TESTS}.log - echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" - - if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then - echo " ! server output:" - cat c-srv-${TESTS}.log - echo " ! ===================================================" - echo " ! client output:" - cat c-cli-${TESTS}.log - fi - + report_fail FAILED=$(( $FAILED + 1 )) ;; esac @@ -938,13 +1028,16 @@ run_client() { # MAIN # -if cd $( dirname $0 ); then :; else - echo "cd $( dirname $0 ) failed" >&2 - exit 1 -fi - get_options "$@" +# Make the outcome file path relative to the original directory, not +# to .../tests +case "$MBEDTLS_TEST_OUTCOME_FILE" in + [!/]*) + MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" + ;; +esac + # sanity checks, avoid an avalanche of errors if [ ! -x "$M_SRV" ]; then echo "Command '$M_SRV' is not an executable file" >&2 @@ -1000,9 +1093,20 @@ SKIP_NEXT="NO" trap cleanup INT TERM HUP -for VERIFY in $VERIFIES; do - for MODE in $MODES; do - for TYPE in $TYPES; do +for MODE in $MODES; do + for TYPE in $TYPES; do + + # PSK cipher suites do not allow client certificate verification. + # This means PSK test cases with VERIFY=YES should be replaced by + # VERIFY=NO or be ignored. SUB_VERIFIES variable is used to constrain + # verification option for PSK test cases. + SUB_VERIFIES=$VERIFIES + if [ "$TYPE" = "PSK" ]; then + SUB_VERIFIES="NO" + fi + + for VERIFY in $SUB_VERIFIES; do + VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') for PEER in $PEERS; do setup_arguments @@ -1031,17 +1135,20 @@ for VERIFY in $VERIFIES; do if [ "X" != "X$M_CIPHERS" ]; then start_server "OpenSSL" - for i in $M_CIPHERS; do - check_openssl_server_bug $i - run_client mbedTLS $i + translate_ciphers m $M_CIPHERS + for i in $ciphers; do + o_check_ciphersuite "${i%%=*}" + run_client mbedTLS ${i%%=*} ${i#*=} done stop_server fi if [ "X" != "X$O_CIPHERS" ]; then start_server "mbedTLS" - for i in $O_CIPHERS; do - run_client OpenSSL $i + translate_ciphers o $O_CIPHERS + for i in $ciphers; do + o_check_ciphersuite "${i%%=*}" + run_client OpenSSL ${i%%=*} ${i#*=} done stop_server fi @@ -1057,16 +1164,18 @@ for VERIFY in $VERIFIES; do if [ "X" != "X$M_CIPHERS" ]; then start_server "GnuTLS" - for i in $M_CIPHERS; do - run_client mbedTLS $i + translate_ciphers m $M_CIPHERS + for i in $ciphers; do + run_client mbedTLS ${i%%=*} ${i#*=} done stop_server fi if [ "X" != "X$G_CIPHERS" ]; then start_server "mbedTLS" - for i in $G_CIPHERS; do - run_client GnuTLS $i + translate_ciphers g $G_CIPHERS + for i in $ciphers; do + run_client GnuTLS ${i%%=*} ${i#*=} done stop_server fi @@ -1084,8 +1193,9 @@ for VERIFY in $VERIFIES; do if [ "X" != "X$M_CIPHERS" ]; then start_server "mbedTLS" - for i in $M_CIPHERS; do - run_client mbedTLS $i + translate_ciphers m $M_CIPHERS + for i in $ciphers; do + run_client mbedTLS ${i%%=*} ${i#*=} done stop_server fi @@ -1106,8 +1216,7 @@ done echo "------------------------------------------------------------------------" -if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; -then +if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; then printf "FAILED" else printf "PASSED" @@ -1123,4 +1232,9 @@ PASSED=$(( $TESTS - $FAILED )) echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))" FAILED=$(( $FAILED + $SRVMEM )) +if [ $FAILED -gt 255 ]; then + # Clamp at 255 as caller gets exit code & 0xFF + # (so 256 would be 0, or success, etc) + FAILED=255 +fi exit $FAILED diff --git a/tests/configs/tls13-only.h b/tests/configs/tls13-only.h index 963086f31..38286d1fd 100644 --- a/tests/configs/tls13-only.h +++ b/tests/configs/tls13-only.h @@ -29,10 +29,12 @@ /* Disable TLS 1.2 and 1.2-specific features */ #undef MBEDTLS_SSL_ENCRYPT_THEN_MAC #undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET +#undef MBEDTLS_SSL_RENEGOTIATION #undef MBEDTLS_SSL_PROTO_TLS1_2 #undef MBEDTLS_SSL_PROTO_DTLS #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY #undef MBEDTLS_SSL_DTLS_HELLO_VERIFY +#undef MBEDTLS_SSL_DTLS_SRTP #undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE #undef MBEDTLS_SSL_DTLS_CONNECTION_ID #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h index 444a4bf00..a9386a236 100644 --- a/tests/configs/user-config-for-test.h +++ b/tests/configs/user-config-for-test.h @@ -23,16 +23,40 @@ */ #if defined(PSA_CRYPTO_DRIVER_TEST_ALL) +/* PSA_CRYPTO_DRIVER_TEST_ALL activates test drivers while keeping the + * built-in implementations active. Normally setting MBEDTLS_PSA_ACCEL_xxx + * would disable MBEDTLS_PSA_BUILTIN_xxx unless fallback is activated, but + * here we arrange to have both active so that psa_crypto_*.c includes + * the built-in implementations and the driver code can call the built-in + * implementations. + * + * The point of this test mode is to verify that the + * driver entry points are called when they should be in a lightweight + * way, without requiring an actual driver. This is different from builds + * with libtestdriver1, where we make a copy of the library source code + * and use that as an external driver. + */ /* Enable the use of the test driver in the library, and build the generic * part of the test driver. */ #define PSA_CRYPTO_DRIVER_TEST +/* With MBEDTLS_PSA_CRYPTO_CONFIG, if we set up the acceleration, the + * built-in implementations won't be enabled. */ +#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#error \ + "PSA_CRYPTO_DRIVER_TEST_ALL sets up a nonstandard configuration that is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG" +#endif + /* Use the accelerator driver for all cryptographic mechanisms for which * the test driver implemented. */ #define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES #define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE #define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR #define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING #define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 @@ -55,3 +79,23 @@ #define MBEDTLS_PSA_ACCEL_ALG_HMAC #endif /* PSA_CRYPTO_DRIVER_TEST_ALL */ + + + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform + * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO + * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions + * is to read and write from the entropy seed file, which is located + * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID. + * (These could have been provided as library functions, but for historical + * reasons, they weren't, and so each integrator has to provide a copy + * of these functions.) + * + * Provide implementations of these functions for testing. */ +#include +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len); +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len); +#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_test_inject_entropy_seed_read +#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_test_inject_entropy_seed_write +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/user-config-malloc-0-null.h similarity index 90% rename from tests/configs/config-wrapper-malloc-0-null.h rename to tests/configs/user-config-malloc-0-null.h index fc649bf14..226f4d187 100644 --- a/tests/configs/config-wrapper-malloc-0-null.h +++ b/tests/configs/user-config-malloc-0-null.h @@ -1,4 +1,4 @@ -/* mbedtls_config.h wrapper that forces calloc(0) to return NULL. +/* mbedtls_config.h modifier that forces calloc(0) to return NULL. * Used for testing. */ /* @@ -18,8 +18,6 @@ * limitations under the License. */ -#include "mbedtls/mbedtls_config.h" - #include #ifndef MBEDTLS_PLATFORM_STD_CALLOC diff --git a/tests/configs/user-config-zeroize-memset.h b/tests/configs/user-config-zeroize-memset.h new file mode 100644 index 000000000..fcdd1f099 --- /dev/null +++ b/tests/configs/user-config-zeroize-memset.h @@ -0,0 +1,29 @@ +/* mbedtls_config.h modifier that defines mbedtls_platform_zeroize() to be + * memset(), so that the compile can check arguments for us. + * Used for testing. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +/* Define _ALT so we don't get the built-in implementation. The test code will + * also need to define MBEDTLS_TEST_DEFINES_ZEROIZE so we don't get the + * declaration. */ +#define MBEDTLS_PLATFORM_ZEROIZE_ALT + +#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len) diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 388b0ce41..21ca489c1 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1,7 +1,7 @@ ## This file contains a record of how some of the test data was ## generated. The final build products are committed to the repository ## as well to make sure that the test data is identical. You do not -## need to use this makefile unless you're extending mbed TLS's tests. +## need to use this makefile unless you're extending Mbed TLS's tests. ## Many data files were generated prior to the existence of this ## makefile, so the method of their generation was not recorded. @@ -41,22 +41,33 @@ test_ca_key_file_rsa = test-ca.key test_ca_pwd_rsa = PolarSSLTest test_ca_config_file = test-ca.opensslconf +$(test_ca_key_file_rsa): + $(OPENSSL) genrsa -aes-128-cbc -passout pass:$(test_ca_pwd_rsa) -out $@ 2048 +all_final += $(test_ca_key_file_rsa) + test-ca.req.sha256: $(test_ca_key_file_rsa) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256 all_intermediate += test-ca.req.sha256 -test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 +parse_input/test-ca.crt test-ca.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ all_final += test-ca.crt -test-ca.crt.der: test-ca.crt +parse_input/test-ca.crt.der: parse_input/test-ca.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -all_final += test-ca.crt.der test-ca.key.der: $(test_ca_key_file_rsa) $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)" all_final += test-ca.key.der +# This is only used for generating cert_example_multi_nocn.crt +test-ca_nocn.crt: $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 selfsign=1 \ + subject_key=$(test_ca_key_file_rsa) subject_pwd=$(test_ca_pwd_rsa) subject_name="C=NL" \ + issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) issuer_name="C=NL" \ + not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ +all_intermediate += test-ca_nocn.crt + test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@ all_final += test-ca-sha1.crt @@ -90,8 +101,71 @@ test_ca_key_file_rsa_alt = test-ca-alt.key cert_example_multi.csr: rsa_pkcs1_1024_clear.pem $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=www.example.com" -set_serial 17 -config $(test_ca_config_file) -extensions dns_alt_names -days 3650 -key rsa_pkcs1_1024_clear.pem -out $@ -cert_example_multi.crt: cert_example_multi.csr - $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@ +parse_input/cert_example_multi.crt cert_example_multi.crt: cert_example_multi.csr + $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -extfile $(test_ca_config_file) -extensions dns_alt_names \ + -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 \ + -in $< > $@ + +cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem + $(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL' +all_intermediate += cert_example_multi_nocn.csr + +parse_input/cert_example_multi_nocn.crt cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt + $(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) \ + -extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" \ + -set_serial 0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@ +all_final += cert_example_multi_nocn.crt + +parse_input/test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage +parse_input/test_csr_v3_subjectAltName.csr.der: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_subjectAltName +parse_input/test_csr_v3_nsCertType.csr.der: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_nsCertType +parse_input/test_csr_v3_all.csr.der: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_all +parse_input/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/300B0603551D0F040403/200B0603551D0F040403/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_id_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/0603551D0F0404030201/0703551D0F0404030201/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_data_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/050403020102302F0603/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_data_len1.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040503020102302F0603/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_data_len2.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/040403020102302F0603/040303020102302F0603/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/03020102302F0603551D/04020102302F0603551D/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/3026A02406082B060105/4026A02406082B060105/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/03020780300D06092A86/04020780300D06092A86/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_duplicated_extension.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551D0F/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_extension_type_oid.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/551D11/551DFF/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/406006092A864886F70D/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_id_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D0109/07092A864886F70D0109/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_extension_request.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/2A864886F70D01090E/2A864886F70D01090F/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/31533051300B0603551D/32533051300B0603551D/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3151300B0603551D0F04/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_len1.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/306106092A864886F70D/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_len2.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/306006092A864886F70D/305906092A864886F70D/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3052300B0603551D0F04/" | xxd -r -p ) > $@ +parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der: parse_input/test_csr_v3_all.csr.der + (hexdump -ve '1/1 "%.2X"' $< | sed "s/3051300B0603551D0F04/3050300B0603551D0F04/" | xxd -r -p ) > $@ + +parse_input/test_cert_rfc822name.crt.der: cert_example_multi.csr + $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -outform DER -extensions rfc822name_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@ $(test_ca_key_file_rsa_alt):test-ca.opensslconf $(OPENSSL) genrsa -out $@ 2048 @@ -112,44 +186,78 @@ test_ca_crt_file_ec = test-ca2.crt test_ca_key_file_ec = test-ca2.key test-ca2.req.sha256: $(test_ca_key_file_ec) - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256 + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) \ + subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256 all_intermediate += test-ca2.req.sha256 test-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 - $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@ -all_final += test-ca.crt + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 selfsign=1 \ + request_file=test-ca2.req.sha256 \ + issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" \ + issuer_key=$(test_ca_key_file_ec) \ + not_before=20190210144400 not_after=20290210144400 \ + md=SHA256 version=3 output_file=$@ +all_final += test-ca2.crt -test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 - $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ -all_final += test-ca-any_policy.crt +test-ca2.ku-%.crt: test-ca2.ku-%.crt.openssl.v3_ext $(test_ca_key_file_ec) test-ca2.req.sha256 + $(OPENSSL) x509 -req -in test-ca2.req.sha256 -extfile $< \ + -signkey $(test_ca_key_file_ec) -days 3653 -out $@ -test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 - $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ -all_final += test-ca-any_policy_ec.crt +all_final += test-ca2.ku-crl.crt \ + test-ca2.ku-crt.crt \ + test-ca2.ku-crt_crl.crt \ + test-ca2.ku-ds.crt -test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 +test-ca2-future.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 + $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 \ + issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) \ + not_before=20290210144400 not_after=20390210144400 md=SHA256 version=3 output_file=$@ +all_intermediate += test-ca2-future.crt + +test_ca_ec_cat := # files that concatenate different crt +test-ca2_cat-future-invalid.crt: test-ca2-future.crt server6.crt +test_ca_ec_cat += test-ca2_cat-future-invalid.crt +test-ca2_cat-future-present.crt: test-ca2-future.crt test-ca2.crt +test_ca_ec_cat += test-ca2_cat-future-present.crt +test-ca2_cat-present-future.crt: test-ca2.crt test-ca2-future.crt +test_ca_ec_cat += test-ca2_cat-present-future.crt +test-ca2_cat-present-past.crt: test-ca2.crt test-ca2-expired.crt +test_ca_ec_cat += test-ca2_cat-present-past.crt +test-ca2_cat-past-invalid.crt: test-ca2-expired.crt server6.crt +test_ca_ec_cat += test-ca2_cat-past-invalid.crt +test-ca2_cat-past-present.crt: test-ca2-expired.crt test-ca2.crt +test_ca_ec_cat += test-ca2_cat-past-present.crt +$(test_ca_ec_cat): + cat $^ > $@ +all_final += $(test_ca_ec_cat) + +parse_input/test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 + $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \ + -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" \ + -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ + +parse_input/test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 + $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \ + -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 \ + -in test-ca.req_ec.sha256 -out $@ + +parse_input/test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ -all_final += test-ca-any_policy_with_qualifier.crt -test-ca-any_policy_with_qualifier_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 +parse_input/test-ca-any_policy_with_qualifier_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ -all_final += test-ca-any_policy_with_qualifier_ec.crt -test-ca-multi_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 +parse_input/test-ca-multi_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ -all_final += test-ca-multi_policy.crt -test-ca-multi_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 +parse_input/test-ca-multi_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_multi_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ -all_final += test-ca-multi_policy_ec.crt -test-ca-unsupported_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 +parse_input/test-ca-unsupported_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@ -all_final += test-ca-unsupported_policy.crt -test-ca-unsupported_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 +parse_input/test-ca-unsupported_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256 $(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_unsupported_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@ -all_final += test-ca-unsupported_policy_ec.crt test-ca.req_ec.sha256: $(test_ca_key_file_ec) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL, O=PolarSSL, CN=Polarssl Test EC CA" md=SHA256 @@ -175,20 +283,45 @@ all_final += $(test_ca_crt_cat21) test-int-ca.csr: test-int-ca.key $(test_ca_config_file) $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca.key -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate CA" -out $@ -all_intermediate += test-int-ca.csr + +test-int-ca2.csr: test-int-ca2.key $(test_ca_config_file) + $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca2.key \ + -subj "/C=NL/O=PolarSSL/CN=PolarSSL Test Intermediate EC CA" -out $@ + +test-int-ca3.csr: test-int-ca3.key $(test_ca_config_file) + $(OPENSSL) req -new -config $(test_ca_config_file) -key test-int-ca3.key \ + -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -out $@ + +all_intermediate += test-int-ca.csr test-int-ca2.csr test-int-ca3.csr + +test-int-ca.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr + $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca \ + -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ + -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ + +test-int-ca2.crt: $(test_ca_key_file_rsa) $(test_ca_crt) $(test_ca_config_file) test-int-ca2.csr + $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt) \ + -CAkey $(test_ca_key_file_rsa) -set_serial 15 -days 3653 -sha256 -in test-int-ca2.csr \ + -passin "pass:$(test_ca_pwd_rsa)" -out $@ + +# Note: This requests openssl version >= 3.x.xx +test-int-ca3.crt: test-int-ca2.crt test-int-ca2.key $(test_ca_config_file) test-int-ca3.csr + $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions no_subj_auth_id \ + -CA test-int-ca2.crt -CAkey test-int-ca2.key -set_serial 77 -days 3653 \ + -sha256 -in test-int-ca3.csr -out $@ + test-int-ca-exp.crt: $(test_ca_crt_file_ec) $(test_ca_key_file_ec) $(test_ca_config_file) test-int-ca.csr $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(test_ca_config_file) -extensions v3_ca -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) -set_serial 14 -days 3653 -sha256 -in test-int-ca.csr -out $@ -all_final += test-int-ca-exp.crt + +all_final += test-int-ca-exp.crt test-int-ca.crt test-int-ca2.crt test-int-ca3.crt enco-cert-utf8str.pem: rsa_pkcs1_1024_clear.pem $(MBEDTLS_CERT_WRITE) subject_key=rsa_pkcs1_1024_clear.pem subject_name="CN=dw.yonan.net" issuer_crt=enco-ca-prstr.pem issuer_key=rsa_pkcs1_1024_clear.pem not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ -crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) +parse_input/crl-idp.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp -out $@ -all_final += crl-idp.pem -crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) +parse_input/crl-idpnc.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_config_file) -name test_ca -md sha256 -crldays 3653 -crlexts crl_ext_idp_nc -out $@ -all_final += crl-idpnc.pem cli_crt_key_file_rsa = cli-rsa.key cli_crt_extensions_file = cli.opensslconf @@ -208,34 +341,82 @@ cli-rsa-sha256.crt.der: cli-rsa-sha256.crt $(OPENSSL) x509 -in $< -out $@ -inform PEM -outform DER all_final += cli-rsa-sha256.crt.der -cli-rsa-sha256-badalg.crt.der: cli-rsa-sha256.crt.der +parse_input/cli-rsa-sha256-badalg.crt.der: cli-rsa-sha256.crt.der hexdump -ve '1/1 "%.2X"' $< | sed "s/06092A864886F70D01010B0500/06092A864886F70D01010B0900/2" | xxd -r -p > $@ -all_final += cli-rsa-sha256-badalg.crt.der cli-rsa.key.der: $(cli_crt_key_file_rsa) $(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER all_final += cli-rsa.key.der test_ca_int_rsa1 = test-int-ca.crt +test_ca_int_ec = test-int-ca2.crt +test_ca_int_key_file_ec = test-int-ca2.key + +# server7* server7.csr: server7.key $(OPENSSL) req -new -key server7.key -subj "/C=NL/O=PolarSSL/CN=localhost" -out $@ all_intermediate += server7.csr + +server7.crt: server7.csr $(test_ca_int_rsa1) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key \ + -set_serial 16 -days 3653 -sha256 -in server7.csr > $@ +all_final += server7.crt + server7-expired.crt: server7.csr $(test_ca_int_rsa1) $(FAKETIME) -f -3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ all_final += server7-expired.crt + server7-future.crt: server7.csr $(test_ca_int_rsa1) $(FAKETIME) -f +3653d $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA $(test_ca_int_rsa1) -CAkey test-int-ca.key -set_serial 16 -days 3653 -sha256 -in server7.csr | cat - $(test_ca_int_rsa1) > $@ all_final += server7-future.crt + server7-badsign.crt: server7.crt $(test_ca_int_rsa1) { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; cat $(test_ca_int_rsa1); } > $@ all_final += server7-badsign.crt + +parse_input/server7_int-ca.crt server7_int-ca.crt: server7.crt $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_rsa1) > $@ +all_final += server7_int-ca.crt + +parse_input/server7_pem_space.crt: server7.crt $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_rsa1) | sed '4s/\(.\)$$/ \1/' > $@ + +parse_input/server7_all_space.crt: server7.crt $(test_ca_int_rsa1) + { cat server7.crt | sed '4s/\(.\)$$/ \1/'; cat test-int-ca.crt | sed '4s/\(.\)$$/ \1/'; } > $@ + +parse_input/server7_trailing_space.crt: server7.crt $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_rsa1) | sed 's/\(.\)$$/\1 /' > $@ + +server7_int-ca_ca2.crt: server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) + cat server7.crt $(test_ca_int_rsa1) $(test_ca_crt_file_ec) > $@ +all_final += server7_int-ca_ca2.crt + server7_int-ca-exp.crt: server7.crt test-int-ca-exp.crt cat server7.crt test-int-ca-exp.crt > $@ all_final += server7_int-ca-exp.crt +server7_spurious_int-ca.crt: server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) + cat server7.crt $(test_ca_int_ec) $(test_ca_int_rsa1) > $@ +all_final += server7_spurious_int-ca.crt + +# server8* + +server8.crt: server8.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL, O=PolarSSL, CN=localhost" serial=17 \ + issuer_crt=$(test_ca_int_ec) issuer_key=$(test_ca_int_key_file_ec) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=3 output_file=$@ +all_final += server8.crt + +server8_int-ca2.crt: server8.crt $(test_ca_int_ec) + cat $^ > $@ +all_final += server8_int-ca2.crt + cli2.req.sha256: cli2.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test Client 2" md=SHA256 +all_intermediate += cli2.req.sha256 all_final += server1.req.sha1 cli2.crt: cli2.req.sha256 @@ -270,37 +451,172 @@ all_final += server5-ss-expired.crt # try to forge a copy of test-int-ca3 with different key server5-ss-forgeca.crt: server5.key - $(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@ + $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" \ + -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca \ + -days 3650 -sha256 -key $< -out $@ all_final += server5-ss-forgeca.crt -server5-othername.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -out $@ +server5-selfsigned.crt: server5.key + openssl req -x509 -key server5.key \ + -sha256 -days 3650 -nodes \ + -addext basicConstraints=critical,CA:FALSE \ + -addext keyUsage=critical,digitalSignature \ + -addext subjectKeyIdentifier=hash \ + -addext authorityKeyIdentifier=none \ + -set_serial 0x53a2cb4b124ead837da894b2 \ + -subj "/CN=selfsigned/OU=testing/O=PolarSSL/C=NL" \ + -out $@ +all_final += server5-selfsigned.crt -server5-nonprintable_othername.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS non-printable othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions nonprintable_othername_san -days 3650 -sha256 -key $< -out $@ +parse_input/server5-othername.crt.der: server5.key + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -outform der -out $@ -server5-unsupported_othername.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupported_othername_san -days 3650 -sha256 -key $< -out $@ +parse_input/server5-nonprintable_othername.crt.der: server5.key + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS non-printable othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions nonprintable_othername_san -days 3650 -sha256 -key $< -outform der -out $@ -server5-fan.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -out $@ +parse_input/server5-unsupported_othername.crt.der: server5.key + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS unsupported othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions unsupported_othername_san -days 3650 -sha256 -key $< -outform der -out $@ -server5-tricky-ip-san.crt: server5.key - $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@ -all_final += server5-tricky-ip-san.crt +parse_input/server5-fan.crt.der: server5.key + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS FAN" -set_serial 77 -config $(test_ca_config_file) -extensions fan_cert -days 3650 -sha256 -key server5.key -outform der -out $@ +server5-tricky-ip-san.crt.der: server5.key + $(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -outform der -out $@ + +all_final += server5-tricky-ip-san.crt.der + +# malformed IP length +server5-tricky-ip-san-malformed-len.crt.der: server5-tricky-ip-san.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/87046162636487106162/87056162636487106162/" | xxd -r -p > $@ + +parse_input/server5-directoryname.crt.der: server5.key + $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@ + +parse_input/server5-two-directorynames.crt.der: server5.key + $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@ + +server5-der0.crt: server5.crt.der + cp $< $@ +server5-der1a.crt: server5.crt.der + cp $< $@ + echo '00' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der1b.crt: server5.crt.der + cp $< $@ + echo 'c1' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der2.crt: server5.crt.der + cp $< $@ + echo 'b90a' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der4.crt: server5.crt.der + cp $< $@ + echo 'a710945f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der8.crt: server5.crt.der + cp $< $@ + echo 'a4a7ff27267aaa0f' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +server5-der9.crt: server5.crt.der + cp $< $@ + echo 'cff8303376ffa47a29' | xxd -r -p | dd of=$@ bs=1 seek=$$(wc -c <$<) conv=notrunc +all_final += server5-der0.crt server5-der1b.crt server5-der4.crt \ + server5-der9.crt server5-der1a.crt server5-der2.crt \ + server5-der8.crt + +# directoryname sequence tag malformed +parse_input/server5-directoryname-seq-malformed.crt.der: parse_input/server5-two-directorynames.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/62A4473045310B/62A4473145310B/" | xxd -r -p > $@ + +# Second directoryname OID length malformed 03 -> 15 +parse_input/server5-second-directoryname-oid-malformed.crt.der: parse_input/server5-two-directorynames.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p > $@ + +parse_input/rsa_single_san_uri.crt.der rsa_single_san_uri.crt.der: rsa_single_san_uri.key + $(OPENSSL) req -x509 -outform der -nodes -days 7300 -newkey rsa:2048 -key $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" + +parse_input/rsa_multiple_san_uri.crt.der: rsa_multiple_san_uri.key + $(OPENSSL) req -x509 -outform der -nodes -days 7300 -newkey rsa:2048 -key $< -out $@ -addext "subjectAltName = URI:urn:example.com:5ff40f78-9210-494f-8206-c2c082f0609c, URI:urn:example.com:5ff40f78-9210-494f-8206-abcde1234567" -extensions 'v3_req' -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS URI SAN" + +test-int-ca3-badsign.crt: test-int-ca3.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += test-int-ca3-badsign.crt + +# server9* + +server9.csr: server9.key + $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ + -key $< -out $@ +parse_input/server9.crt server9.crt: server9-sha1.crt + cp $< $@ +all_final += server9.crt +all_intermediate += server9.csr server9-sha1.crt + +server9-%.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -set_serial $(SERVER9_CRT_SERIAL) -days 3653 \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \ + -sigopt rsa_mgf1_md:$(@F:server9-%.crt=%) -$(@F:server9-%.crt=%) \ + -in $< -out $@ +server9-sha1.crt: SERVER9_CRT_SERIAL=22 +parse_input/server9-sha224.crt server9-sha224.crt: SERVER9_CRT_SERIAL=23 +parse_input/server9-sha256.crt server9-sha256.crt: SERVER9_CRT_SERIAL=24 +parse_input/server9-sha384.crt server9-sha384.crt: SERVER9_CRT_SERIAL=25 +parse_input/server9-sha512.crt server9-sha512.crt: SERVER9_CRT_SERIAL=26 +all_final += server9-sha224.crt server9-sha256.crt server9-sha384.crt server9-sha512.crt + +server9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -set_serial 72 -days 3653 \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max -sha1 \ + -in $< -out $@ +all_final += server9-defaults.crt + +server9-badsign.crt: server9.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server9-badsign.crt + +server9-with-ca.crt: server9.crt $(test_ca_crt) + cat $^ > $@ +all_final += server9-with-ca.crt + +# FIXME: This file needs special sequence. It should be update manually +server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + false + +server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) + $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ + -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ + -set_serial 24 -days 3653 \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \ + -sigopt rsa_mgf1_md:sha224 -sha256 \ + -in $< -out $@ +all_final += server9-bad-mgfhash.crt + +# server10* + +server10.crt: server10.key test-int-ca3.crt test-int-ca3.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="CN=localhost" serial=75 \ + issuer_crt=test-int-ca3.crt issuer_key=test-int-ca3.key \ + subject_identifier=0 authority_identifier=0 \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=3 output_file=$@ +all_final += server10.crt server10-badsign.crt: server10.crt { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ all_final += server10-badsign.crt server10-bs_int3.pem: server10-badsign.crt test-int-ca3.crt cat server10-badsign.crt test-int-ca3.crt > $@ all_final += server10-bs_int3.pem -test-int-ca3-badsign.crt: test-int-ca3.crt - { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ -all_final += test-int-ca3-badsign.crt server10_int3-bs.pem: server10.crt test-int-ca3-badsign.crt cat server10.crt test-int-ca3-badsign.crt > $@ all_final += server10_int3-bs.pem +server10_int3_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) + cat $^ > $@ +all_final += server10_int3_int-ca2.crt +server10_int3_int-ca2_ca.crt: server10.crt test-int-ca3.crt $(test_ca_int_ec) $(test_ca_crt) + cat $^ > $@ +all_final += server10_int3_int-ca2_ca.crt +server10_int3_spurious_int-ca2.crt: server10.crt test-int-ca3.crt $(test_ca_int_rsa1) $(test_ca_int_ec) + cat $^ > $@ +all_final += server10_int3_spurious_int-ca2.crt rsa_pkcs1_2048_public.pem: server8.key $(OPENSSL) rsa -in $< -outform PEM -RSAPublicKey_out -out $@ @@ -318,6 +634,61 @@ rsa_pkcs8_2048_public.der: rsa_pkcs8_2048_public.pem $(OPENSSL) rsa -pubin -in $< -outform DER -pubout -out $@ all_final += rsa_pkcs8_2048_public.der +# Generate crl_cat_*.pem +# - crt_cat_*.pem: (1+2) concatenations in various orders: +# ec = crl-ec-sha256.pem, ecfut = crl-future.pem +# rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem + +crl_cat_ec-rsa.pem:crl-ec-sha256.pem crl.pem + cat $^ > $@ + +crl_cat_rsa-ec.pem:crl.pem crl-ec-sha256.pem + cat $^ > $@ + +all_final += crl_cat_ec-rsa.pem crl_cat_rsa-ec.pem + +authorityKeyId_subjectKeyId.crt.der: + $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req' -set_serial 593828494303792449134898749208168108403991951034 + +authorityKeyId_no_keyid.crt.der: + $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req_authorityKeyId_no_keyid' -set_serial 593828494303792449134898749208168108403991951034 + +authorityKeyId_no_issuer.crt.der: + $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req_authorityKeyId_no_issuer' + +authorityKeyId_no_authorityKeyId.crt.der: + $(OPENSSL) req -x509 -nodes -days 7300 -key server2.key -outform DER -out $@ -config authorityKeyId_subjectKeyId.conf -extensions 'v3_req_no_authorityKeyId' + +authorityKeyId_subjectKeyId_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/0414A505E864B8DCDF600F50124D60A864AF4D8B4393/0114A505E864B8DCDF600F50124D60A864AF4D8B4393/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_tag_len_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/0414A505E864B8DCDF600F50124D60A864AF4D8B4393/0413A505E864B8DCDF600F50124D60A864AF4D8B4393/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_length_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/306D8014A505E864B8DC/306C8014A505E864B8DC/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_sequence_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/6F306D8014A505E864B8/6F006D8014A505E864B8/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_keyid_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/306D8014A505E864B8DC/306D0014A505E864B8DC/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_keyid_tag_len_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/306D8014A505E864B8DC/306D80FFA505E864B8DC/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_issuer_tag1_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/A13FA43D303B310B3009/003FA43D303B310B3009/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_issuer_tag2_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/A43D303B310B30090603/003D303B310B30090603/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_sn_tag_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/8214680430CD074DE63F/8114680430CD074DE63F/" | xxd -r -p > $@ + +authorityKeyId_subjectKeyId_sn_len_malformed.crt.der: authorityKeyId_subjectKeyId.crt.der + hexdump -ve '1/1 "%.2X"' $< | sed "s/8214680430CD074DE63F/8213680430CD074DE63F/" | xxd -r -p > $@ + ################################################################ #### Generate various RSA keys ################################################################ @@ -864,36 +1235,186 @@ ec_prv.pk8param.pem: ec_prv.pk8param.der $(OPENSSL) pkey -in $< -inform DER -out $@ all_final += ec_prv.pk8param.pem +ec_pub.pem: ec_prv.sec1.der + $(OPENSSL) pkey -in $< -inform DER -outform PEM -pubout -out $@ +all_final += ec_pub.pem + +ec_prv.sec1.comp.pem: ec_prv.sec1.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_prv.sec1.comp.pem + +ec_224_prv.comp.pem: ec_224_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_224_prv.comp.pem + +ec_256_prv.comp.pem: ec_256_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_256_prv.comp.pem + +ec_384_prv.comp.pem: ec_384_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_384_prv.comp.pem + +ec_521_prv.comp.pem: ec_521_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_521_prv.comp.pem + +ec_bp256_prv.comp.pem: ec_bp256_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_bp256_prv.comp.pem + +ec_bp384_prv.comp.pem: ec_bp384_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_bp384_prv.comp.pem + +ec_bp512_prv.comp.pem: ec_bp512_prv.pem + $(OPENSSL) ec -in $< -out $@ -conv_form compressed +all_final += ec_bp512_prv.comp.pem + +ec_pub.comp.pem: ec_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_pub.comp.pem + +ec_224_pub.comp.pem: ec_224_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_224_pub.comp.pem + +ec_256_pub.comp.pem: ec_256_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_256_pub.comp.pem + +ec_384_pub.comp.pem: ec_384_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_384_pub.comp.pem + +ec_521_pub.comp.pem: ec_521_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_521_pub.comp.pem + +ec_bp256_pub.comp.pem: ec_bp256_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_bp256_pub.comp.pem + +ec_bp384_pub.comp.pem: ec_bp384_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_bp384_pub.comp.pem + +ec_bp512_pub.comp.pem: ec_bp512_pub.pem + $(OPENSSL) ec -pubin -in $< -out $@ -conv_form compressed +all_final += ec_bp512_pub.comp.pem + +ec_x25519_prv.der: + $(OPENSSL) genpkey -algorithm X25519 -out $@ -outform DER +all_final += ec_x25519_prv.der + +ec_x25519_pub.der: ec_x25519_prv.der + $(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER -pubout +all_final += ec_x25519_pub.der + +ec_x25519_prv.pem: ec_x25519_prv.der + $(OPENSSL) pkey -in $< -inform DER -out $@ +all_final += ec_x25519_prv.pem + +ec_x25519_pub.pem: ec_x25519_prv.der + $(OPENSSL) pkey -in $< -inform DER -out $@ -pubout +all_final += ec_x25519_pub.pem + +ec_x448_prv.der: + $(OPENSSL) genpkey -algorithm X448 -out $@ -outform DER +all_final += ec_x448_prv.der + +ec_x448_pub.der: ec_x448_prv.der + $(OPENSSL) pkey -in $< -inform DER -out $@ -outform DER -pubout +all_final += ec_x448_pub.der + +ec_x448_prv.pem: ec_x448_prv.der + $(OPENSSL) pkey -in $< -inform DER -out $@ +all_final += ec_x448_prv.pem + +ec_x448_pub.pem: ec_x448_prv.der + $(OPENSSL) pkey -in $< -inform DER -out $@ -pubout +all_final += ec_x448_pub.pem + +################################################################ +#### Convert PEM keys to DER format +################################################################ +server1.pubkey.der: server1.pubkey + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += server1.pubkey.der + +rsa4096_pub.der: rsa4096_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += rsa4096_pub.der + +ec_pub.der: ec_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += ec_pub.der + +ec_521_pub.der: ec_521_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += ec_521_pub.der + +ec_bp512_pub.der: ec_bp512_pub.pem + $(OPENSSL) pkey -pubin -in $< -out $@ -outform DER +all_final += ec_bp512_pub.der + +server1.key.der: server1.key + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += server1.key.der + +rsa4096_prv.der: rsa4096_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += rsa4096_prv.der + +ec_prv.sec1.der: ec_prv.sec1.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_prv.sec1.der + +ec_256_long_prv.der: ec_256_long_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_256_long_prv.der + +ec_521_prv.der: ec_521_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_521_prv.der + +ec_521_short_prv.der: ec_521_short_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_521_short_prv.der + +ec_bp512_prv.der: ec_bp512_prv.pem + $(OPENSSL) pkey -in $< -out $@ -outform DER +all_final += ec_bp512_prv.der + ################################################################ ### Generate CSRs for X.509 write test suite ################################################################ -server1.req.sha1: server1.key +parse_input/server1.req.sha1 server1.req.sha1: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 all_final += server1.req.sha1 -server1.req.md5: server1.key +parse_input/server1.req.md5 server1.req.md5: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5 all_final += server1.req.md5 -server1.req.sha224: server1.key +parse_input/server1.req.sha224 server1.req.sha224: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA224 all_final += server1.req.sha224 -server1.req.sha256: server1.key +parse_input/server1.req.sha256 server1.req.sha256: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA256 all_final += server1.req.sha256 server1.req.sha256.ext: server1.key # Generating this with OpenSSL as a comparison point to test we're getting the same result - openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -addext "extendedKeyUsage=serverAuth" -all_final += server1.req.sha256.ext + openssl req -new -out $@ -key $< -subj '/C=NL/O=PolarSSL/CN=PolarSSL Server 1' -sha256 -config server1.req.sha256.conf -server1.req.sha384: server1.key +parse_input/server1.req.sha384 server1.req.sha384: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA384 all_final += server1.req.sha384 -server1.req.sha512: server1.key +parse_input/server1.req.sha512 server1.req.sha512: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA512 all_final += server1.req.sha512 @@ -917,10 +1438,17 @@ server1.req.cert_type_empty: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 force_ns_cert_type=1 all_final += server1.req.cert_type_empty -server1.req.commas.sha256: server1.key +parse_input/server1.req.commas.sha256: server1.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL\, Commas,CN=PolarSSL Server 1" md=SHA256 -all_final += server1.req.commas.sha256 +parse_input/server1.req.hashsymbol.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=\#PolarSSL,CN=PolarSSL Server 1" md=SHA256 + +parse_input/server1.req.spaces.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O= PolarSSL ,CN=PolarSSL Server 1" md=SHA256 + +parse_input/server1.req.asciichars.sha256: server1.key + $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=极地SSL,CN=PolarSSL Server 1" md=SHA256 # server2* server2_pwd_ec = PolarSSLTest @@ -929,7 +1457,9 @@ server2.req.sha256: server2.key $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=localhost" md=SHA256 all_intermediate += server2.req.sha256 +parse_input/server2.crt.der: parse_input/server2.crt server2.crt.der: server2.crt +parse_input/server2.crt.der server2.crt.der: $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ all_final += server2.crt.der @@ -947,11 +1477,77 @@ all_final += server2.key.enc # server5* +server5.csr: server5.key + $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ + -key $< -out $@ +all_intermediate += server5.csr +parse_input/server5.crt server5.crt: server5-sha256.crt + cp $< $@ +all_intermediate += server5-sha256.crt +server5-sha%.crt: server5.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) server5.crt.openssl.v3_ext + $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ + -extfile server5.crt.openssl.v3_ext -set_serial 9 -days 3650 \ + -sha$(@F:server5-sha%.crt=%) -in $< -out $@ +all_final += server5.crt server5-sha1.crt server5-sha224.crt server5-sha384.crt server5-sha512.crt + +server5-badsign.crt: server5.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server5-badsign.crt + # The use of 'Server 1' in the DN is intentional here, as the DN is hardcoded in the x509_write test suite.' server5.req.ku.sha1: server5.key - $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1 + $(OPENSSL) req -key $< -out $@ -new -nodes -subj "/C=NL/O=PolarSSL/CN=PolarSSL Server 1" -sha1 -addext keyUsage=digitalSignature,nonRepudiation all_final += server5.req.ku.sha1 +server5.ku-ds.crt: SERVER5_CRT_SERIAL=45 +server5.ku-ds.crt: SERVER5_KEY_USAGE=digital_signature +server5.ku-ka.crt: SERVER5_CRT_SERIAL=46 +server5.ku-ka.crt: SERVER5_KEY_USAGE=key_agreement +server5.ku-ke.crt: SERVER5_CRT_SERIAL=47 +server5.ku-ke.crt: SERVER5_KEY_USAGE=key_encipherment +server5.eku-cs.crt: SERVER5_CRT_SERIAL=58 +server5.eku-cs.crt: SERVER5_EXT_KEY_USAGE=codeSigning +server5.eku-cs_any.crt: SERVER5_CRT_SERIAL=59 +server5.eku-cs_any.crt: SERVER5_EXT_KEY_USAGE=codeSigning,any +server5.eku-cli.crt: SERVER5_CRT_SERIAL=60 +server5.eku-cli.crt: SERVER5_EXT_KEY_USAGE=clientAuth +server5.eku-srv_cli.crt: SERVER5_CRT_SERIAL=61 +server5.eku-srv_cli.crt: SERVER5_EXT_KEY_USAGE=serverAuth,clientAuth +server5.eku-srv.crt: SERVER5_CRT_SERIAL=62 +server5.eku-srv.crt: SERVER5_EXT_KEY_USAGE=serverAuth +server5.ku-%.crt: SERVER5_EXT_OPTS=key_usage=$(SERVER5_KEY_USAGE) +server5.eku-%.crt: SERVER5_EXT_OPTS=ext_key_usage=$(SERVER5_EXT_KEY_USAGE) +server5.%.crt: server5.key + $(MBEDTLS_CERT_WRITE) \ + subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=$(SERVER5_CRT_SERIAL) \ + issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) $(SERVER5_EXT_OPTS) \ + not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ +all_final += server5.ku-ka.crt server5.ku-ke.crt server5.ku-ds.crt +all_final += server5.eku-cs.crt server5.eku-cs_any.crt server5.eku-cli.crt server5.eku-srv_cli.crt server5.eku-srv.crt + +# server6* + +server6.csr: server6.key + $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \ + -key $< -out $@ +all_intermediate += server6.csr +server6.crt: server6.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec) + $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \ + -extfile server5.crt.openssl.v3_ext -set_serial 10 -days 3650 -sha256 -in $< -out $@ +all_final += server6.crt + +server6-ss-child.csr : server6.key + $(OPENSSL) req -new -subj "/CN=selfsigned-child/OU=testing/O=PolarSSL/C=NL" \ + -key $< -out $@ +all_intermediate += server6-ss-child.csr +server6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key server6-ss-child.crt.openssl.v3_ext + $(OPENSSL) x509 -req -CA server5-selfsigned.crt -CAkey server5.key \ + -extfile server6-ss-child.crt.openssl.v3_ext \ + -set_serial 0x53a2cb5822399474a7ec79ec \ + -days 3650 -sha256 -in $< -out $@ +all_final += server6-ss-child.crt + + ################################################################ ### Generate certificates for CRT write check tests ################################################################ @@ -970,28 +1566,62 @@ test_ca_server1_config_file = test-ca.server1.opensslconf # server1* -server1.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +parse_input/server1.crt: parse_input/server1.req.sha256 +server1.crt: server1.req.sha256 +parse_input/server1.crt server1.crt: $(test_ca_crt) $(test_ca_key_file_rsa) +parse_input/server1.crt server1.crt: + $(MBEDTLS_CERT_WRITE) request_file=$(@D)/server1.req.sha256 \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) version=1 \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA1 version=3 output_file=$@ +server1.allSubjectAltNames.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ san=URI:http://pki.example.com\;IP:1.2.3.4\;DN:C=UK,O="Mbed TLS",CN="SubjectAltName test"\;DNS:example.com\;RFC822:mail@example.com +server1.long_serial.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + echo "112233445566778899aabbccddeeff0011223344" > test-ca.server1.tmp.serial + $(OPENSSL) ca -in server1.req.sha256 -key PolarSSLTest -config test-ca.server1.test_serial.opensslconf -notext -batch -out $@ +server1.80serial.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + echo "8011223344" > test-ca.server1.tmp.serial + $(OPENSSL) ca -in server1.req.sha256 -key PolarSSLTest -config test-ca.server1.test_serial.opensslconf -notext -batch -out $@ +server1.long_serial_FF.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + echo "ffffffffffffffffffffffffffffffff" > test-ca.server1.tmp.serial + $(OPENSSL) ca -in server1.req.sha256 -key PolarSSLTest -config test-ca.server1.test_serial.opensslconf -notext -batch -out $@ server1.noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ -server1.crt.der: server1.crt - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 authority_identifier=0 version=3 output_file=$@ +parse_input/server1.crt.der: parse_input/server1.crt + $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA1 authority_identifier=0 version=3 output_file=$@ server1.der: server1.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ -server1.commas.crt: server1.key server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ -all_final += server1.crt server1.noauthid.crt server1.crt.der server1.commas.crt +server1.commas.crt: server1.key parse_input/server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +server1.hashsymbol.crt: server1.key parse_input/server1.req.hashsymbol.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.hashsymbol.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +server1.spaces.crt: server1.key parse_input/server1.req.spaces.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.spaces.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +server1.asciichars.crt: server1.key parse_input/server1.req.asciichars.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) + $(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.asciichars.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt server1.hashsymbol.crt server1.spaces.crt server1.asciichars.crt -server1.key_usage.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ +parse_input/server1.key_usage.crt: parse_input/server1.req.sha256 +server1.key_usage.crt: server1.req.sha256 +parse_input/server1.key_usage.crt server1.key_usage.crt: $(test_ca_crt) $(test_ca_key_file_rsa) +parse_input/server1.key_usage.crt server1.key_usage.crt: + $(MBEDTLS_CERT_WRITE) request_file=$(@D)/server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment version=3 output_file=$@ server1.key_usage_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 key_usage=digital_signature,non_repudiation,key_encipherment authority_identifier=0 version=3 output_file=$@ server1.key_usage.der: server1.key_usage.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ all_final += server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.der -server1.cert_type.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) - $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@ +parse_input/server1.cert_type.crt: parse_input/server1.req.sha256 +server1.cert_type.crt: server1.req.sha256 +parse_input/server1.cert_type.crt server1.cert_type.crt: $(test_ca_crt) $(test_ca_key_file_rsa) +parse_input/server1.cert_type.crt server1.cert_type.crt: + $(MBEDTLS_CERT_WRITE) request_file=$(@D)/server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server version=3 output_file=$@ server1.cert_type_noauthid.crt: server1.key server1.req.sha256 $(test_ca_crt) $(test_ca_key_file_rsa) $(MBEDTLS_CERT_WRITE) request_file=server1.req.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 ns_cert_type=ssl_server authority_identifier=0 version=3 output_file=$@ server1.cert_type.der: server1.cert_type.crt @@ -1012,27 +1642,37 @@ server1.ca.der: server1.ca.crt $(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@ all_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der +server1-nospace.crt: server1.key test-ca.crt + $(MBEDTLS_CERT_WRITE) subject_key=$< serial=31\ + subject_name="C=NL,O=PolarSSL,CN=polarssl.example" \ + issuer_crt=test-ca.crt issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=3 authority_identifier=1 \ + output_file=$@ +all_final += server1-nospace.crt + server1_ca.crt: server1.crt $(test_ca_crt) cat server1.crt $(test_ca_crt) > $@ all_final += server1_ca.crt -cert_sha1.crt: server1.key +parse_input/cert_sha1.crt cert_sha1.crt: server1.key $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1" serial=7 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ all_final += cert_sha1.crt -cert_sha224.crt: server1.key +parse_input/cert_sha224.crt cert_sha224.crt: server1.key $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224" serial=8 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA224 version=3 output_file=$@ all_final += cert_sha224.crt -cert_sha256.crt: server1.key +parse_input/cert_sha256.crt cert_sha256.crt: server1.key $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256" serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ all_final += cert_sha256.crt -cert_sha384.crt: server1.key +parse_input/cert_sha384.crt cert_sha384.crt: server1.key $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384" serial=10 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA384 version=3 output_file=$@ all_final += cert_sha384.crt -cert_sha512.crt: server1.key +parse_input/cert_sha512.crt cert_sha512.crt: server1.key $(MBEDTLS_CERT_WRITE) subject_key=server1.key subject_name="C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512" serial=11 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA512 version=3 output_file=$@ all_final += cert_sha512.crt @@ -1070,14 +1710,19 @@ server1.v1.der.openssl: server1.v1.crt.openssl crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@ -crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) test-ca.server1.future-crl.db test-ca.server1.future-crl.opensslconf - $(FAKETIME) '2028-12-31' $(OPENSSL) ca -gencrl -config test-ca.server1.future-crl.opensslconf -crldays 365 -passin "pass:$(test_ca_pwd_rsa)" -out $@ +crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) \ + $(test_ca_config_file) \ + test-ca.server1.future-crl.db \ + test-ca.server1.future-crl.opensslconf + $(FAKETIME) -f '+10y' $(OPENSSL) ca -gencrl \ + -config test-ca.server1.future-crl.opensslconf -crldays 365 \ + -passin "pass:$(test_ca_pwd_rsa)" -out $@ server1_all: crl.pem crl-futureRevocationDate.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl # server2* -server2.crt: server2.req.sha256 +parse_input/server2.crt server2.crt: server2.req.sha256 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ all_final += server2.crt @@ -1089,6 +1734,43 @@ server2-sha256.crt: server2.req.sha256 $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@ all_final += server2-sha256.crt +server2.ku-ka.crt: SERVER2_CRT_SERIAL=42 +server2.ku-ka.crt: SERVER2_KEY_USAGE=key_agreement +server2.ku-ke.crt: SERVER2_CRT_SERIAL=43 +server2.ku-ke.crt: SERVER2_KEY_USAGE=key_encipherment +server2.ku-ds.crt: SERVER2_CRT_SERIAL=44 +server2.ku-ds.crt: SERVER2_KEY_USAGE=digital_signature +server2.ku-ds_ke.crt: SERVER2_CRT_SERIAL=48 +server2.ku-ds_ke.crt: SERVER2_KEY_USAGE=digital_signature,key_encipherment +server2.ku-%.crt: server2.req.sha256 + $(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=$(SERVER2_CRT_SERIAL) \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ + key_usage="$(SERVER2_KEY_USAGE)" \ + not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@ +all_final += server2.ku-ka.crt server2.ku-ke.crt server2.ku-ds.crt server2.ku-ds_ke.crt + +server2-badsign.crt: server2.crt + { head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@ +all_final += server2-badsign.crt + +# server3* + +parse_input/server3.crt server3.crt: server3.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA1 version=3 output_file=$@ +all_final += server3.crt + +# server4* + +parse_input/server4.crt server4.crt: server4.key + $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=8 \ + issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) \ + not_before=20190210144400 not_after=20290210144400 \ + md=SHA256 version=3 output_file=$@ +all_final += server4.crt + # MD5 test certificate cert_md_test_key = $(cli_crt_key_file_rsa) @@ -1097,8 +1779,12 @@ cert_md5.csr: $(cert_md_test_key) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5 all_intermediate += cert_md5.csr -cert_md5.crt: cert_md5.csr - $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@ +parse_input/cert_md5.crt cert_md5.crt: cert_md5.csr + $(MBEDTLS_CERT_WRITE) request_file=$< serial=6 \ + issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20000101121212 not_after=20300101121212 \ + md=MD5 version=3 output_file=$@ all_final += cert_md5.crt # TLSv1.3 test certificates @@ -1142,27 +1828,46 @@ tls13_certs: ecdsa_secp521r1.crt ecdsa_secp521r1.key # PKCS7 test data pkcs7_test_cert_1 = pkcs7-rsa-sha256-1.crt pkcs7_test_cert_2 = pkcs7-rsa-sha256-2.crt +pkcs7_test_cert_3 = pkcs7-rsa-sha256-3.crt pkcs7_test_file = pkcs7_data.bin $(pkcs7_test_file): - echo -e "Hello\xd" > $@ + printf "Hello\15\n" > $@ all_final += $(pkcs7_test_file) +pkcs7_zerolendata.bin: + printf '' > $@ +all_final += pkcs7_zerolendata.bin + pkcs7_data_1.bin: - echo -e "2\xd" > $@ + printf "2\15\n" > $@ all_final += pkcs7_data_1.bin # Generate signing cert pkcs7-rsa-sha256-1.crt: - $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 1" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-1.key -out pkcs7-rsa-sha256-1.crt + $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 1" -sha256 -nodes -days 3653 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-1.key -out pkcs7-rsa-sha256-1.crt cat pkcs7-rsa-sha256-1.crt pkcs7-rsa-sha256-1.key > pkcs7-rsa-sha256-1.pem all_final += pkcs7-rsa-sha256-1.crt pkcs7-rsa-sha256-2.crt: - $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 2" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-2.key -out pkcs7-rsa-sha256-2.crt + $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 2" -sha256 -nodes -days 3653 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-2.key -out pkcs7-rsa-sha256-2.crt cat pkcs7-rsa-sha256-2.crt pkcs7-rsa-sha256-2.key > pkcs7-rsa-sha256-2.pem all_final += pkcs7-rsa-sha256-2.crt +pkcs7-rsa-sha256-3.crt: + $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert 3" -sha256 -nodes -days 3653 -newkey rsa:2048 -keyout pkcs7-rsa-sha256-3.key -out pkcs7-rsa-sha256-3.crt + cat pkcs7-rsa-sha256-3.crt pkcs7-rsa-sha256-3.key > pkcs7-rsa-sha256-3.pem +all_final += pkcs7-rsa-sha256-3.crt + +pkcs7-rsa-expired.crt: + $(FAKETIME) -f -3650d $(OPENSSL) req -x509 -subj="/C=NL/O=PKCS7/CN=PKCS7 Cert Expired" -sha256 -nodes -days 365 -newkey rsa:2048 -keyout pkcs7-rsa-expired.key -out pkcs7-rsa-expired.crt +all_final += pkcs7-rsa-expired.crt + +# File with an otherwise valid signature signed with an expired cert +pkcs7_data_rsa_expired.der: pkcs7-rsa-expired.key pkcs7-rsa-expired.crt pkcs7_data.bin + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -inkey pkcs7-rsa-expired.key -signer pkcs7-rsa-expired.crt -noattr -outform DER -out $@ +all_final += pkcs7_data_rsa_expired.der + # Convert signing certs to DER for testing PEM-free builds pkcs7-rsa-sha256-1.der: $(pkcs7_test_cert_1) $(OPENSSL) x509 -in pkcs7-rsa-sha256-1.crt -out $@ -outform DER @@ -1172,6 +1877,15 @@ pkcs7-rsa-sha256-2.der: $(pkcs7_test_cert_2) $(OPENSSL) x509 -in pkcs7-rsa-sha256-2.crt -out $@ -outform DER all_final += pkcs7-rsa-sha256-2.der +pkcs7-rsa-expired.der: pkcs7-rsa-expired.crt + $(OPENSSL) x509 -in pkcs7-rsa-expired.crt -out $@ -outform DER +all_final += pkcs7-rsa-expired.der + +# pkcs7 signature file over zero-len data +pkcs7_zerolendata_detached.der: pkcs7_zerolendata.bin pkcs7-rsa-sha256-1.key pkcs7-rsa-sha256-1.crt + $(OPENSSL) smime -sign -md sha256 -nocerts -noattr -in pkcs7_zerolendata.bin -inkey pkcs7-rsa-sha256-1.key -outform DER -binary -signer pkcs7-rsa-sha256-1.crt -out pkcs7_zerolendata_detached.der +all_final += pkcs7_zerolendata_detached.der + # pkcs7 signature file with CERT pkcs7_data_cert_signed_sha256.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -noattr -outform DER -out $@ @@ -1192,11 +1906,21 @@ pkcs7_data_without_cert_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -nocerts -noattr -outform DER -out $@ all_final += pkcs7_data_without_cert_signed.der -# pkcs7 signature file with multiple signers +# pkcs7 signature file with signature +pkcs7_data_with_signature.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -nocerts -noattr -nodetach -outform DER -out $@ +all_final += pkcs7_data_with_signature.der + +# pkcs7 signature file with two signers pkcs7_data_multiple_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -nocerts -noattr -outform DER -out $@ all_final += pkcs7_data_multiple_signed.der +# pkcs7 signature file with three signers +pkcs7_data_3_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) $(pkcs7_test_cert_3) + $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -signer pkcs7-rsa-sha256-3.pem -nocerts -noattr -outform DER -out $@ +all_final += pkcs7_data_3_signed.der + # pkcs7 signature file with multiple certificates pkcs7_data_multiple_certs_signed.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) $(pkcs7_test_cert_2) $(OPENSSL) smime -sign -binary -in pkcs7_data.bin -out $@ -md sha256 -signer pkcs7-rsa-sha256-1.pem -signer pkcs7-rsa-sha256-2.pem -noattr -outform DER -out $@ @@ -1205,19 +1929,63 @@ all_final += pkcs7_data_multiple_certs_signed.der # pkcs7 signature file with corrupted CERT pkcs7_data_signed_badcert.der: pkcs7_data_cert_signed_sha256.der cp pkcs7_data_cert_signed_sha256.der $@ - echo -en '\xa1' | dd of=$@ bs=1 seek=547 conv=notrunc + echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=547 conv=notrunc all_final += pkcs7_data_signed_badcert.der # pkcs7 signature file with corrupted signer info pkcs7_data_signed_badsigner.der: pkcs7_data_cert_signed_sha256.der cp pkcs7_data_cert_signed_sha256.der $@ - echo -en '\xa1' | dd of=$@ bs=1 seek=918 conv=notrunc + echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=918 conv=notrunc all_final += pkcs7_data_signed_badsigner.der +# pkcs7 signature file with invalid tag in signerInfo[1].serial after long issuer name +pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der: pkcs7_data_multiple_signed.der + cp $< $@ + echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=498 conv=notrunc +all_final += pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der + +# pkcs7 signature file with invalid tag in signerInfo[2] +pkcs7_signerInfo_2_invalid_tag.der: pkcs7_data_3_signed.der + cp $< $@ + echo 'a1' | xxd -r -p | dd of=$@ bs=1 seek=810 conv=notrunc +all_final += pkcs7_signerInfo_2_invalid_tag.der + +# pkcs7 signature file with corrupted signer info[1] +pkcs7_data_signed_badsigner1_badsize.der: pkcs7_data_3_signed.der + cp pkcs7_data_3_signed.der $@ + echo '72' | xxd -p -r | dd of=$@ bs=1 seek=438 conv=notrunc +all_final += pkcs7_data_signed_badsigner1_badsize.der + +pkcs7_data_signed_badsigner1_badtag.der: pkcs7_data_3_signed.der + cp pkcs7_data_3_signed.der $@ + echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=442 conv=notrunc +all_final += pkcs7_data_signed_badsigner1_badtag.der + +pkcs7_data_signed_badsigner1_fuzzbad.der: pkcs7_data_3_signed.der + cp pkcs7_data_3_signed.der $@ + echo 'a1' | xxd -p -r | dd of=$@ bs=1 seek=550 conv=notrunc +all_final += pkcs7_data_signed_badsigner1_fuzzbad.der + +# pkcs7 signature file with corrupted signer info[2] +pkcs7_data_signed_badsigner2_badsize.der: pkcs7_data_3_signed.der + cp pkcs7_data_3_signed.der $@ + echo '72'| xxd -p -r | dd of=$@ bs=1 seek=813 conv=notrunc +all_final += pkcs7_data_signed_badsigner2_badsize.der + +pkcs7_data_signed_badsigner2_badtag.der: pkcs7_data_3_signed.der + cp pkcs7_data_3_signed.der $@ + echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=817 conv=notrunc +all_final += pkcs7_data_signed_badsigner2_badtag.der + +pkcs7_data_signed_badsigner2_fuzzbad.der: pkcs7_data_3_signed.der + cp pkcs7_data_3_signed.der $@ + echo 'a1'| xxd -p -r | dd of=$@ bs=1 seek=925 conv=notrunc +all_final += pkcs7_data_signed_badsigner2_fuzzbad.der + # pkcs7 file with version 2 pkcs7_data_cert_signed_v2.der: pkcs7_data_cert_signed_sha256.der cp pkcs7_data_cert_signed_sha256.der $@ - echo -en '\x02' | dd of=$@ bs=1 seek=25 conv=notrunc + echo '02' | xxd -r -p | dd of=$@ bs=1 seek=25 conv=notrunc all_final += pkcs7_data_cert_signed_v2.der pkcs7_data_cert_encrypted.der: $(pkcs7_test_file) $(pkcs7_test_cert_1) @@ -1228,12 +1996,12 @@ all_final += pkcs7_data_cert_encrypted.der # For some interesting sizes, what happens if we make them off-by-one? pkcs7_signerInfo_issuer_invalid_size.der: pkcs7_data_cert_signed_sha256.der cp $< $@ - echo -en '\x35' | dd of=$@ seek=919 bs=1 conv=notrunc + echo '35' | xxd -r -p | dd of=$@ seek=919 bs=1 conv=notrunc all_final += pkcs7_signerInfo_issuer_invalid_size.der pkcs7_signerInfo_serial_invalid_size.der: pkcs7_data_cert_signed_sha256.der cp $< $@ - echo -en '\x15' | dd of=$@ seek=973 bs=1 conv=notrunc + echo '15' | xxd -r -p | dd of=$@ seek=973 bs=1 conv=notrunc all_final += pkcs7_signerInfo_serial_invalid_size.der # pkcs7 signature file just with signed data @@ -1241,6 +2009,107 @@ pkcs7_data_cert_signeddata_sha256.der: pkcs7_data_cert_signed_sha256.der dd if=pkcs7_data_cert_signed_sha256.der of=$@ skip=19 bs=1 all_final += pkcs7_data_cert_signeddata_sha256.der +# - test-ca-v1.crt: v1 "CA", signs +# server1-v1.crt: v1 "intermediate CA", signs +# server2-v1*.crt: EE cert (without of with chain in same file) + +test-ca-v1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256 + $(MBEDTLS_CERT_WRITE) is_ca=1 serial_hex=53a2b68e05400e555c9395e5 \ + request_file=test-ca.req.sha256 \ + selfsign=1 issuer_name="CN=PolarSSL Test CA v1,OU=testing,O=PolarSSL,C=NL" \ + issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144400 not_after=20290210144400 md=SHA256 version=1 \ + output_file=$@ +all_final += test-ca-v1.crt + +server1-v1.crt: server1.key test-ca-v1.crt + $(MBEDTLS_CERT_WRITE) subject_key=$< serial_hex=53a2b6c704cd4d8ebc800bc1\ + subject_name="CN=server1/int-ca-v1,OU=testing,O=PolarSSL,C=NL" \ + issuer_crt=test-ca-v1.crt issuer_key=$(test_ca_key_file_rsa) \ + issuer_pwd=$(test_ca_pwd_rsa) \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=1 \ + output_file=$@ +all_final += server1-v1.crt + +server2-v1.crt: server2.key server1-v1.crt + $(MBEDTLS_CERT_WRITE) subject_key=$< serial_hex=53a2b6d9235dbc4573f9b76c\ + subject_name="CN=server2,OU=testing,O=PolarSSL,C=NL" \ + issuer_crt=server1-v1.crt issuer_key=server1.key \ + not_before=20190210144406 not_after=20290210144406 \ + md=SHA256 version=1 \ + output_file=$@ +all_final += server2-v1.crt + +server2-v1-chain.crt: server2-v1.crt server1-v1.crt + cat $^ > $@ + +################################################################ +#### Generate C format test certs header +################################################################ + +TEST_CERTS_H_INPUT_FILES=test-ca2.crt \ + test-ca2.crt.der \ + test-ca2.key.enc \ + test-ca2.key.der \ + test-ca-sha256.crt \ + test-ca-sha256.crt.der \ + test-ca-sha1.crt \ + test-ca-sha1.crt.der \ + test-ca.key \ + test-ca.key.der \ + server5.crt \ + server5.crt.der \ + server5.key \ + server5.key.der \ + server2-sha256.crt \ + server2-sha256.crt.der \ + server2.crt \ + server2.crt.der \ + server2.key \ + server2.key.der \ + cli2.crt \ + cli2.crt.der \ + cli2.key \ + cli2.key.der \ + cli-rsa-sha256.crt \ + cli-rsa-sha256.crt.der \ + cli-rsa.key \ + cli-rsa.key.der +../src/test_certs.h: ../scripts/generate_test_cert_macros.py \ + $(TEST_CERTS_H_INPUT_FILES) + ../scripts/generate_test_cert_macros.py --output $@ \ + --string TEST_CA_CRT_EC_PEM=test-ca2.crt \ + --binary TEST_CA_CRT_EC_DER=test-ca2.crt.der \ + --string TEST_CA_KEY_EC_PEM=test-ca2.key.enc \ + --password TEST_CA_PWD_EC_PEM=PolarSSLTest \ + --binary TEST_CA_KEY_EC_DER=test-ca2.key.der \ + --string TEST_CA_CRT_RSA_SHA256_PEM=test-ca-sha256.crt \ + --binary TEST_CA_CRT_RSA_SHA256_DER=test-ca-sha256.crt.der \ + --string TEST_CA_CRT_RSA_SHA1_PEM=test-ca-sha1.crt \ + --binary TEST_CA_CRT_RSA_SHA1_DER=test-ca-sha1.crt.der \ + --string TEST_CA_KEY_RSA_PEM=test-ca.key \ + --password TEST_CA_PWD_RSA_PEM=PolarSSLTest \ + --binary TEST_CA_KEY_RSA_DER=test-ca.key.der \ + --string TEST_SRV_CRT_EC_PEM=server5.crt \ + --binary TEST_SRV_CRT_EC_DER=server5.crt.der \ + --string TEST_SRV_KEY_EC_PEM=server5.key \ + --binary TEST_SRV_KEY_EC_DER=server5.key.der \ + --string TEST_SRV_CRT_RSA_SHA256_PEM=server2-sha256.crt \ + --binary TEST_SRV_CRT_RSA_SHA256_DER=server2-sha256.crt.der \ + --string TEST_SRV_CRT_RSA_SHA1_PEM=server2.crt \ + --binary TEST_SRV_CRT_RSA_SHA1_DER=server2.crt.der \ + --string TEST_SRV_KEY_RSA_PEM=server2.key \ + --binary TEST_SRV_KEY_RSA_DER=server2.key.der \ + --string TEST_CLI_CRT_EC_PEM=cli2.crt \ + --binary TEST_CLI_CRT_EC_DER=cli2.crt.der \ + --string TEST_CLI_KEY_EC_PEM=cli2.key \ + --binary TEST_CLI_KEY_EC_DER=cli2.key.der \ + --string TEST_CLI_CRT_RSA_PEM=cli-rsa-sha256.crt \ + --binary TEST_CLI_CRT_RSA_DER=cli-rsa-sha256.crt.der \ + --string TEST_CLI_KEY_RSA_PEM=cli-rsa.key \ + --binary TEST_CLI_KEY_RSA_DER=cli-rsa.key.der + ################################################################ #### Diffie-Hellman parameters ################################################################ @@ -1251,6 +2120,7 @@ dh.998.pem: dh.999.pem: $(OPENSSL) dhparam -out $@ -text 999 + ################################################################ #### Meta targets ################################################################ @@ -1285,3 +2155,5 @@ clean: neat: clean rm -f $(all_final) .PHONY: clean neat + +.SECONDARY: $(all_intermediate) diff --git a/tests/data_files/Readme-x509.txt b/tests/data_files/Readme-x509.txt index 84c775fd9..82f93d230 100644 --- a/tests/data_files/Readme-x509.txt +++ b/tests/data_files/Readme-x509.txt @@ -76,6 +76,10 @@ List of certificates: -badsign.crt: S5 with corrupted signature -expired.crt: S5 with "not after" date in the past -future.crt: S5 with "not before" date in the future + -non-compliant.crt: S5, RFC non-compliant + (with forbidden EC algorithm identifier NULL parameter) + generated by (before fix): + cert_write subject_key=server5.key subject_name="CN=Test EC RFC non-compliant" issuer_crt=test-ca2.crt issuer_key=test-ca2.key -selfsigned.crt: Self-signed cert with S5 key -ss-expired.crt: Self-signed cert with S5 key, expired -ss-forgeca.crt: Copy of test-int-ca3 self-signed with S5 key diff --git a/tests/data_files/authorityKeyId_no_authorityKeyId.crt.der b/tests/data_files/authorityKeyId_no_authorityKeyId.crt.der new file mode 100644 index 000000000..452d9d135 Binary files /dev/null and b/tests/data_files/authorityKeyId_no_authorityKeyId.crt.der differ diff --git a/tests/data_files/authorityKeyId_no_issuer.crt.der b/tests/data_files/authorityKeyId_no_issuer.crt.der new file mode 100644 index 000000000..175ee3f30 Binary files /dev/null and b/tests/data_files/authorityKeyId_no_issuer.crt.der differ diff --git a/tests/data_files/authorityKeyId_no_keyid.crt.der b/tests/data_files/authorityKeyId_no_keyid.crt.der new file mode 100644 index 000000000..4ac5f0076 Binary files /dev/null and b/tests/data_files/authorityKeyId_no_keyid.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId.conf b/tests/data_files/authorityKeyId_subjectKeyId.conf new file mode 100644 index 000000000..296fac863 --- /dev/null +++ b/tests/data_files/authorityKeyId_subjectKeyId.conf @@ -0,0 +1,19 @@ +[req] +distinguished_name = req_distinguished_name +x509_extensions = v3_req +prompt = no +[req_distinguished_name] +countryName = NL +organizationalUnitName = PolarSSL +commonName = PolarSSL Test CA +[v3_req] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +[v3_req_authorityKeyId_no_keyid] +subjectKeyIdentifier = hash +authorityKeyIdentifier = issuer:always +[v3_req_authorityKeyId_no_issuer] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always +[v3_req_no_authorityKeyId] +subjectKeyIdentifier = hash diff --git a/tests/data_files/authorityKeyId_subjectKeyId.crt.der b/tests/data_files/authorityKeyId_subjectKeyId.crt.der new file mode 100644 index 000000000..a6ca46958 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_issuer_tag1_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_issuer_tag1_malformed.crt.der new file mode 100644 index 000000000..0e3f57898 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_issuer_tag1_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_issuer_tag2_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_issuer_tag2_malformed.crt.der new file mode 100644 index 000000000..1c8519b64 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_issuer_tag2_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_keyid_tag_len_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_keyid_tag_len_malformed.crt.der new file mode 100644 index 000000000..469493ea0 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_keyid_tag_len_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_keyid_tag_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_keyid_tag_malformed.crt.der new file mode 100644 index 000000000..3e360868a Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_keyid_tag_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_length_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_length_malformed.crt.der new file mode 100644 index 000000000..55d5dd061 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_length_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_sequence_tag_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_sequence_tag_malformed.crt.der new file mode 100644 index 000000000..45ac8f4c4 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_sequence_tag_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_sn_len_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_sn_len_malformed.crt.der new file mode 100644 index 000000000..009fcf292 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_sn_len_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_sn_tag_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_sn_tag_malformed.crt.der new file mode 100644 index 000000000..93fb1e30b Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_sn_tag_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_tag_len_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_tag_len_malformed.crt.der new file mode 100644 index 000000000..89e1f4b98 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_tag_len_malformed.crt.der differ diff --git a/tests/data_files/authorityKeyId_subjectKeyId_tag_malformed.crt.der b/tests/data_files/authorityKeyId_subjectKeyId_tag_malformed.crt.der new file mode 100644 index 000000000..53063f841 Binary files /dev/null and b/tests/data_files/authorityKeyId_subjectKeyId_tag_malformed.crt.der differ diff --git a/tests/data_files/cert_example_multi_nocn.crt b/tests/data_files/cert_example_multi_nocn.crt index 1634846e1..08bf63c9d 100644 --- a/tests/data_files/cert_example_multi_nocn.crt +++ b/tests/data_files/cert_example_multi_nocn.crt @@ -1,13 +1,16 @@ -----BEGIN CERTIFICATE----- -MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV -BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE -BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt -WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz -UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ -81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD +MIICfjCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV +BAYTAk5MMB4XDTIzMDUxODAyMDUwMVoXDTMzMDUxODAyMDUwMVowDTELMAkGA1UE +BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMc4ksXD9HAQCGv4EzXs +8wEciiUPlYI2HqoelhJVGqz4e3UzC3BXM5zZlfFNTEQ3yL7EoD/kZDzT88kCQz3D +fFuOeaoJhK6CEzcKv4VpvSo1Ymyx/uSs4EKyQXx75J0nFJssB2uOQz0/bHY6Rpoc +cA0lnbwIx0D82AI3Yv996/wtAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 -dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB -ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB -bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm -EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 +dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4IB +AQAuomKlMLwSkP3zvGuA9awDdITM/uCzfd77yi60zMNtFHDMu2YZ2npQSl0czab6 +/8fX9goaU8V3cx4KXSLMx7i9AsP1r559Uo3c/4oTZd3xBsElMAn/TXiuujZ2RwdL +RcMOJerlThOE0dtNdniJj7lPaan70CELP/CUn8KgeWgztQJj4ghfUwnLn6RnpLfl +YyM/Xq2YbwnQWHXSe3CPTy5RCWalt3SgZf6IDcD6CNq1Q2l14iR78OWnlxGTFmjP +ez3OzxNT2BZz0AiP0WvTbUtvfuxw9G3fHHe5ClsAopIA3tD246jHOAlqAnOEBC/x +IABbWjY/briP9U4R6x+mg2ck -----END CERTIFICATE----- diff --git a/tests/data_files/clusterfuzz-testcase-minimized-fuzz_x509crt-6666050834661376.crt.der b/tests/data_files/clusterfuzz-testcase-minimized-fuzz_x509crt-6666050834661376.crt.der new file mode 100644 index 000000000..64a490011 Binary files /dev/null and b/tests/data_files/clusterfuzz-testcase-minimized-fuzz_x509crt-6666050834661376.crt.der differ diff --git a/tests/data_files/crl-ec-sha1.pem b/tests/data_files/crl-ec-sha1.pem index 8358640a0..f82d94674 100644 --- a/tests/data_files/crl-ec-sha1.pem +++ b/tests/data_files/crl-ec-sha1.pem @@ -1,10 +1,10 @@ -----BEGIN X509 CRL----- -MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ -b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz -MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G +MIIBbjCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQ +b2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMjMwNTE3MDcx +NDM5WhcNMzMwNTE3MDcxNDM5WjAUMBICAQoXDTIzMDUxNzA3MTQzOVqgcjBwMG4G A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg -Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW -svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm -56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= +TDERMA8GA1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMg +Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2gAMGUCMQCRAtXd7kXgijlMXHXr6m0B +IzDbpAAwDwCJtgOzarF5hZKGDZeDp6vptGZK0y40NsoCMACxRrXIV+6KUBipFarI +36yXDoBNol2xzst6p9fOg+prl6p7vO1sRYrIGg1WJGA5wQ== -----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha256.pem b/tests/data_files/crl-ec-sha256.pem index adfd5f893..b9fad50fc 100644 --- a/tests/data_files/crl-ec-sha256.pem +++ b/tests/data_files/crl-ec-sha256.pem @@ -1,10 +1,10 @@ -----BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3 +MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n +zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq +NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw== -----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/tests/data_files/crl-rsa-pss-sha1-badsign.pem index 7e2a59677..d236910d9 100644 --- a/tests/data_files/crl-rsa-pss-sha1-badsign.pem +++ b/tests/data_files/crl-rsa-pss-sha1-badsign.pem @@ -1,14 +1,14 @@ -----BEGIN X509 CRL----- MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY +ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y +MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5 +WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM +MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi +8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz +ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf +Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk +M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27 +IXSTrZJj4WeQMk289pIccMHj5DUSo4u0 -----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha1.pem b/tests/data_files/crl-rsa-pss-sha1.pem index 59ca4f703..c129c0c81 100644 --- a/tests/data_files/crl-rsa-pss-sha1.pem +++ b/tests/data_files/crl-rsa-pss-sha1.pem @@ -1,14 +1,14 @@ -----BEGIN X509 CRL----- MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x -NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 -WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 -1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM -MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC -AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS -4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 -MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo -mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O -7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa -y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ +ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y +MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5 +WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM +MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi +8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz +ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf +Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk +M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27 +IXSTrZJj4WeQMk289pIccMHj5DUSo4uO -----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha224.pem b/tests/data_files/crl-rsa-pss-sha224.pem index a51d5d911..1108b3ddb 100644 --- a/tests/data_files/crl-rsa-pss-sha224.pem +++ b/tests/data_files/crl-rsa-pss-sha224.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI -i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v -TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e -Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 -NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB -f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D -a6JSqCIMRCQY2JOUn0A= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4jA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla +MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgQFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA +4gOCAQEANsElK5qMavcgBXsqgysCIIwEPj+dXdBOwXW17HWh2jcSwAssFNRxhiIc +PoUjj2fNlbOWXLPoxXBitgkJ31UAYCteGSv3j5P3WEuriVwCG889JEoMWn9U4+f9 +f5jSVNfynyiAOiwpA0TrOhZOAs9SEj742S1pzhsb9yaOXeQXNnDv8HYe3uX9/D9w +ynot+/EwCYEuvK8XQ6qnV6588NHEAd9x+OcV9pxWrmUE8Muz1KffBwD5+SOW+Taj +4fKQPcKJoRXOKyLXpOz7yMl/6fCf6h3Qj/H4YI/2gsWI0iduKoXDsuQkMEdPTZvk +7P88YK3/4MReaZS3sDyhhUrojELPXw== -----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha256.pem b/tests/data_files/crl-rsa-pss-sha256.pem index f16a49118..26f7935cc 100644 --- a/tests/data_files/crl-rsa-pss-sha256.pem +++ b/tests/data_files/crl-rsa-pss-sha256.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 -oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC -FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo -IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X -ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB -r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb -XLdJyyak33CLBKu+nJc= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3jA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla +MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA +3gOCAQEAHLzvRF0RVQL48ZGVFnTk1nsOHXVHS0UVMItsILurXJ4XrOgN1I7iTzu2 +wYNtgr+T15jwsPdgU+Gg3127vb2Djm0IUX0dCfYpSFRUv8BjaK962ZPjM0rkWhC6 +JUTWSLMAMy4ScqcoC7e4vuN2h4kPOzlvDBIhzWKA03+taAtuIOWjXZu2/Cyeggxs +oXARKI8BEv4b94xwiFJMoMuzcYAkuDIH4MRYANVgOS/zncCRS9D5ZerfoBt70LKX +nzJtT4a0XoxbUJeU8MZ0fR5aAHUQulAPA9CMmBsHkSx7pzAAhCwx/vXbnWPyhA6G +XG6gCKcDR5PZQvQNgi29SLlhRTT5TA== -----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha384.pem b/tests/data_files/crl-rsa-pss-sha384.pem index 50f7e4cd2..45431f013 100644 --- a/tests/data_files/crl-rsa-pss-sha384.pem +++ b/tests/data_files/crl-rsa-pss-sha384.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco -SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR -a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 -EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs -y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k -q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u -KUH/xf1jEnNzbYNGiZw= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzjA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa +MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIA +zgOCAQEAnZvMo3nmKXPV+q4m1CdMA7jUtdanJBHDAv2+LZLq4T1QpyN+nmLEB1yX +ARN8/5Px47zm7XyZw6HI1Il34MjblAKIPBVXoswj4YLRceijwiG1bxkh1Kz3lcV0 +GCNPNo7tMPii9iATWlVzWBCzx2rLmt/ys0DtNRCMISOYGW1HkyuO28dwA6nUJwSS +Ddjr3iilavnBdpzddH9AiN5Fm0sfrFBANx79Qyp0/r8hqrv7rT33maeRKj3S4e9G +zpO6uHPAh9Obo93DxpKpXoMwxDiHv+bwHPO4J1YOiryy/KZmHhzUMPfvP09pGg9f +zGO/bOyiHGH0Lf4F9JVMxpfitdbtwg== -----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha512.pem b/tests/data_files/crl-rsa-pss-sha512.pem index 0f1d6510b..71f2b7cd5 100644 --- a/tests/data_files/crl-rsa-pss-sha512.pem +++ b/tests/data_files/crl-rsa-pss-sha512.pem @@ -1,16 +1,16 @@ -----BEGIN X509 CRL----- -MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq -hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw -MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB -FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r -PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG -A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG -SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F -ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq -1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 -t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU -p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 -sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 -enMfMvwScA5AImzu9xA= +MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEcMBoG +CSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvjA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz +MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa +MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV +ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx +GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN +BglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIA +vgOCAQEAtMPpQMet9BfMRLg0AW9QfL3QkktV7xk++BqYFOYynBiqxjQH4AKu3wU8 +eiGd3+2xNpQd2/sG7UUNo1Vnl9gCHRiT4bje6+CdvvqaZKSgpmsiztbgBAYORriF +flKOKOOQTxaikqJ4t7vp727JmstADuyizTgOBE0k3V1glas8B0G122YheeHF02S4 ++33Nss4hbfbTilR0RccOaqiXzF9bkFsTlD5KgyUFZbFtdy+1zHZLnRUAJA1HmDeP +r5p2mJxKwXmZzLnw/FPa8fUH665TKYk08AuIpN+VHdPwiBoYHJ2YZJWgM+1qHq1y +tlyoAOC6beqsh9OfxcQZaEiWbUI9yQ== -----END X509 CRL----- diff --git a/tests/data_files/crl.pem b/tests/data_files/crl.pem index df7417e8e..5a1bdd35a 100644 --- a/tests/data_files/crl.pem +++ b/tests/data_files/crl.pem @@ -1,11 +1,11 @@ -----BEGIN X509 CRL----- MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI -UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTE5MDIwNjE2MzQ0 -NloXDTI5MDIwNjE2MzQ0NlowKDASAgEBFw0xMTAyMTIxMjQ0MDdaMBICAQMXDTEx -MDIxMjEyNDQwN1owDQYJKoZIhvcNAQEFBQADggEBAGHkRHGDz2HsoiXzfJDBpkfg -I+yK34O9zoHMyGcDZbF9fj4NVyyNA6XCgY3IgQYe3boA1edO6+8ImjqiZjYK+GWt -4ne7YhapRFAoFbKQY5hgy8mlpSRlNfmRVVCDDKannMac4tQff1LCFHN8msk/uG1b -WHWAsL6dzLVojhbUFY6mZTb6nqjm5YgqcsNsz37n4dyrCDftB99FQdE/aAec2RXP -Jgy9DnY5jMotPqHLZtMyfVNEoivDb7YJA5Vv6NSyiYVTjyWyTHNRsFEXRtHqjpqs -oZdBgLZAAQsUvuVpMbDKQ4FrZjOaOW/xLtKPlh/HNA5p7hNtwIiCAIvp7uQti0w= +UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz +OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz +MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S +CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0 +e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66 +pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA +C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx +7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU= -----END X509 CRL----- diff --git a/tests/data_files/crl_cat_ec-rsa.pem b/tests/data_files/crl_cat_ec-rsa.pem index 3cda8ff03..cafa1d411 100644 --- a/tests/data_files/crl_cat_ec-rsa.pem +++ b/tests/data_files/crl_cat_ec-rsa.pem @@ -1,21 +1,21 @@ -----BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3 +MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n +zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq +NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw== -----END X509 CRL----- -----BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz +OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz +MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S +CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0 +e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66 +pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA +C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx +7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU= -----END X509 CRL----- diff --git a/tests/data_files/crl_cat_rsa-ec.pem b/tests/data_files/crl_cat_rsa-ec.pem index ded369d89..92ecccc6d 100644 --- a/tests/data_files/crl_cat_rsa-ec.pem +++ b/tests/data_files/crl_cat_rsa-ec.pem @@ -1,21 +1,21 @@ -----BEGIN X509 CRL----- -MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjI1 -OVoXDTE5MTEyNTEwMjI1OVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx -MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAJYuWdKPdblMVWCnxpMnchuL -dqWzK2BA0RelCaGjpxuwX3NmLDm+5hKja/DJxaRqTOf4RSC3kcX8CdIldsLO96dz -//wAQdFPDhy6AFT5vKTO8ItPHDb7qFOqFqpeJi5XN1yoZGTB1ei0mgD3xBaKbp6U -yCOZJSIFomt7piT4GcgWVHLUmpyHDDeodNhYPrN0jf2mr+ECd9fQJYdz1qm0Xx+Q -NbKXDiPRmPX0qVleCZSeSp1JAmU4GoCO+96qQUpjgll+6xWya3UNj61f9sh0Zzr7 -5ug2LZo5uBM/LpNR1K3TLxNCcg7uUPTn9r143d7ivJhPl3tEJn4PXjv6mlLoOgU= +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIzMDUxNzA3MTQz +OFoXDTMzMDUxNzA3MTQzOFowKDASAgEBFw0yMzA1MTcwNzE0MzhaMBICAQMXDTIz +MDUxNzA3MTQzOFowDQYJKoZIhvcNAQEFBQADggEBAEKGf/KYnv3EpFiEsPii5f3S +CEgD0NL44rYIU7n9oBIqgqxP93tDeqwqvv/oDYBA41fugxU63nO5qKn4xszKN/w0 +e3GDg6ihFFz2wO6NE37Wfn3lVIvMbboNyMGqH1CTqTbNcsam8DhvILCMkG60kV66 +pSVGVIJftDzE+33mUundQMYz4wN4QJFGRSfHW745iowF9ejiPsfAn4gO9eLDrRmA +C0oedNyRLj6jfGRtaQddlCjCAGwNlIJBe/IhixafW9g8deGPHJu8RSlJ/Q77pgjx +7WccwCz+dWP+uqi8fwgerHYdTjiAvFVu1Yd4KA5WTndzI3wzJwbdZZ08OfDLmyU= -----END X509 CRL----- -----BEGIN X509 CRL----- -MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI -UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 -MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwI +UG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTIzMDUxNzA3 +MTQ0MFoXDTMzMDUxNzA3MTQ0MFowFDASAgEKFw0yMzA1MTcwNzE0NDBaoHIwcDBu BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC -TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD -IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln -S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX -g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAOFCq4tS7s27+KShmh4n +zavpLBQUbqyjkH9dJk0jg862YXjirOu9oCOoWtZQz6/LhQIxAJbtOSwJNq0F/FTq +NYhP7ibE1jad9Tbs6igtZ7Z9NN7V5upnnL4SVETU9pvy9zh+tw== -----END X509 CRL----- diff --git a/tests/data_files/ec_224_prv.comp.pem b/tests/data_files/ec_224_prv.comp.pem new file mode 100644 index 000000000..e7ed53878 --- /dev/null +++ b/tests/data_files/ec_224_prv.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MEwCAQEEHGhJ+X0QZvaZd1ljfH44mUZM7j7HrJcGU6C+B0KgBwYFK4EEACGhIAMe +AAMWk6KQ9/C1cf4rQdXYSwEydjH0qGD5lfozLAl/ +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_224_pub.comp.pem b/tests/data_files/ec_224_pub.comp.pem new file mode 100644 index 000000000..159366cda --- /dev/null +++ b/tests/data_files/ec_224_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MDIwEAYHKoZIzj0CAQYFK4EEACEDHgADFpOikPfwtXH+K0HV2EsBMnYx9Khg+ZX6 +MywJfw== +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_256_long_prv.der b/tests/data_files/ec_256_long_prv.der new file mode 100644 index 000000000..96e329e20 Binary files /dev/null and b/tests/data_files/ec_256_long_prv.der differ diff --git a/tests/data_files/ec_256_prv.comp.pem b/tests/data_files/ec_256_prv.comp.pem new file mode 100644 index 000000000..9ef8c97e1 --- /dev/null +++ b/tests/data_files/ec_256_prv.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MFcCAQEEIEnJqMGMS4hWOMQxzx3xyZQTFgm1gNT9Q6DKsX2y8T7uoAoGCCqGSM49 +AwEHoSQDIgADd3Jlb4FLOZJ51eHxeB+sbwmaPFyhsONTUYNLCLZeC1c= +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_256_pub.comp.pem b/tests/data_files/ec_256_pub.comp.pem new file mode 100644 index 000000000..bf9655db1 --- /dev/null +++ b/tests/data_files/ec_256_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADd3Jlb4FLOZJ51eHxeB+sbwmaPFyh +sONTUYNLCLZeC1c= +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_384_prv.comp.pem b/tests/data_files/ec_384_prv.comp.pem new file mode 100644 index 000000000..3125b419f --- /dev/null +++ b/tests/data_files/ec_384_prv.comp.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHQCAQEEMD9djZvigLVpbMXMn5TPivfmth3WWSsqsrOkxgdFBBfsMn3Nyu18EAU9 +cZoFdPCnaqAHBgUrgQQAIqE0AzIAA9nGYrULopykeZBFDgQ66vTwxpsVZ20RL2Iq +cckwWa+ZlpHFaA0rRNERV52xL0pBOg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_384_pub.comp.pem b/tests/data_files/ec_384_pub.comp.pem new file mode 100644 index 000000000..ccb67024d --- /dev/null +++ b/tests/data_files/ec_384_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEYwEAYHKoZIzj0CAQYFK4EEACIDMgAD2cZitQuinKR5kEUOBDrq9PDGmxVnbREv +YipxyTBZr5mWkcVoDStE0RFXnbEvSkE6 +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_521_prv.comp.pem b/tests/data_files/ec_521_prv.comp.pem new file mode 100644 index 000000000..314c39324 --- /dev/null +++ b/tests/data_files/ec_521_prv.comp.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PRIVATE KEY----- +MIGYAgEBBEIBsbatB7t55zINpZhg6ijgVShPYFjyed5mbgbUNdKve9oo2Z+ke33Q +lj4WsAcweO6LijjZZqWC9G0Z/5XfOtloWq6gBwYFK4EEACOhRgNEAAMAHeFC1U9p +6wOO5LevnTygdzb9nPcZ6zVNaYee5/PBNvsPv58I+Gvl+hKOwaBR0+bGQ+ha2o/6 +zzZjwmC9LIRLb1Y= +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_521_prv.der b/tests/data_files/ec_521_prv.der new file mode 100644 index 000000000..734714aa3 Binary files /dev/null and b/tests/data_files/ec_521_prv.der differ diff --git a/tests/data_files/ec_521_pub.comp.pem b/tests/data_files/ec_521_pub.comp.pem new file mode 100644 index 000000000..4bb8c2b6c --- /dev/null +++ b/tests/data_files/ec_521_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFgwEAYHKoZIzj0CAQYFK4EEACMDRAADAB3hQtVPaesDjuS3r508oHc2/Zz3Ges1 +TWmHnufzwTb7D7+fCPhr5foSjsGgUdPmxkPoWtqP+s82Y8JgvSyES29W +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_521_pub.der b/tests/data_files/ec_521_pub.der new file mode 100644 index 000000000..5b685deb3 Binary files /dev/null and b/tests/data_files/ec_521_pub.der differ diff --git a/tests/data_files/ec_521_short_prv.der b/tests/data_files/ec_521_short_prv.der new file mode 100644 index 000000000..0a1f18c32 Binary files /dev/null and b/tests/data_files/ec_521_short_prv.der differ diff --git a/tests/data_files/ec_bp256_prv.comp.pem b/tests/data_files/ec_bp256_prv.comp.pem new file mode 100644 index 000000000..198d21dcb --- /dev/null +++ b/tests/data_files/ec_bp256_prv.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MFgCAQEEICFh1vLbdlJvpiwW81aoDwHzL3dnhLNqqZeZqLdmIID/oAsGCSskAwMC +CAEBB6EkAyIAA3aMjK5KvKYwbbDtgbDEpiFcN4Bm7G1hbBRuE/HH34Cb +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_bp256_pub.comp.pem b/tests/data_files/ec_bp256_pub.comp.pem new file mode 100644 index 000000000..ecd07bcdb --- /dev/null +++ b/tests/data_files/ec_bp256_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MDowFAYHKoZIzj0CAQYJKyQDAwIIAQEHAyIAA3aMjK5KvKYwbbDtgbDEpiFcN4Bm +7G1hbBRuE/HH34Cb +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_bp384_prv.comp.pem b/tests/data_files/ec_bp384_prv.comp.pem new file mode 100644 index 000000000..c0e2393b4 --- /dev/null +++ b/tests/data_files/ec_bp384_prv.comp.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHgCAQEEMD3ZLnUNkNfTn8GIXNitEuqUQfIrkzS02WUgKtsUSM4kxYCKhd2a/CKa +8KMST3Vby6ALBgkrJAMDAggBAQuhNAMyAAJxn50JOmJ+DTUDhcZhzr8AxhkjVm/p +AGoxB68dhxvGu2iYX9ci6jK+MW+OeDt80ZU= +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_bp384_pub.comp.pem b/tests/data_files/ec_bp384_pub.comp.pem new file mode 100644 index 000000000..638666d24 --- /dev/null +++ b/tests/data_files/ec_bp384_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEowFAYHKoZIzj0CAQYJKyQDAwIIAQELAzIAAnGfnQk6Yn4NNQOFxmHOvwDGGSNW +b+kAajEHrx2HG8a7aJhf1yLqMr4xb454O3zRlQ== +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_bp512_prv.comp.pem b/tests/data_files/ec_bp512_prv.comp.pem new file mode 100644 index 000000000..73b1c0726 --- /dev/null +++ b/tests/data_files/ec_bp512_prv.comp.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PRIVATE KEY----- +MIGYAgEBBEA3LJd49p9ybLyj9KJo8WtNYX0QKA15pqApzVGHn+EBKTTf5TlUVTN9 +9pBtx9bS7qTbsgZcAij3Oz7XFkgOfXHSoAsGCSskAwMCCAEBDaFEA0IAAji37JK2 +HFxsf7wopOx1nUj81OLjdN79XElopU2+91EOUXiG+/w46jmqUpNZ1wpxVsNdPLrH +zndr2yUd1kvOcSM= +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_bp512_prv.der b/tests/data_files/ec_bp512_prv.der new file mode 100644 index 000000000..2d9a3de27 Binary files /dev/null and b/tests/data_files/ec_bp512_prv.der differ diff --git a/tests/data_files/ec_bp512_pub.comp.pem b/tests/data_files/ec_bp512_pub.comp.pem new file mode 100644 index 000000000..c2fbdcab9 --- /dev/null +++ b/tests/data_files/ec_bp512_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFowFAYHKoZIzj0CAQYJKyQDAwIIAQENA0IAAji37JK2HFxsf7wopOx1nUj81OLj +dN79XElopU2+91EOUXiG+/w46jmqUpNZ1wpxVsNdPLrHzndr2yUd1kvOcSM= +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_bp512_pub.der b/tests/data_files/ec_bp512_pub.der new file mode 100644 index 000000000..6a8c4c79f Binary files /dev/null and b/tests/data_files/ec_bp512_pub.der differ diff --git a/tests/data_files/ec_prv.sec1.comp.pem b/tests/data_files/ec_prv.sec1.comp.pem new file mode 100644 index 000000000..ada14c258 --- /dev/null +++ b/tests/data_files/ec_prv.sec1.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MEcCAQEEGDOOhqiB4jj1Sb1vBVNJS3Pj1hEw/cbJbaAKBggqhkjOPQMBAaEcAxoA +A1F1vN8wo3DznVOT5hJyiNgBZ7X0tLd2xg== +-----END EC PRIVATE KEY----- diff --git a/tests/data_files/ec_pub.comp.pem b/tests/data_files/ec_pub.comp.pem new file mode 100644 index 000000000..55fac0843 --- /dev/null +++ b/tests/data_files/ec_pub.comp.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MDEwEwYHKoZIzj0CAQYIKoZIzj0DAQEDGgADUXW83zCjcPOdU5PmEnKI2AFntfS0 +t3bG +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_pub.der b/tests/data_files/ec_pub.der index 74c5951f6..e4e59158a 100644 Binary files a/tests/data_files/ec_pub.der and b/tests/data_files/ec_pub.der differ diff --git a/tests/data_files/ec_pub.pem b/tests/data_files/ec_pub.pem index d677d27eb..d54dc944c 100644 --- a/tests/data_files/ec_pub.pem +++ b/tests/data_files/ec_pub.pem @@ -1,4 +1,4 @@ -----BEGIN PUBLIC KEY----- -MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEvHl9s65/COw9SWtPtBGz9iClWKUB -4CItCM/g3Irsixp78kvpKVHMW6G+uyR0kJrg +MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEUXW83zCjcPOdU5PmEnKI2AFntfS0 +t3bGdPfG81S30iQGLB9oVLWnrw/leOryWPAn -----END PUBLIC KEY----- diff --git a/tests/data_files/ec_x25519_prv.der b/tests/data_files/ec_x25519_prv.der new file mode 100644 index 000000000..ea2373374 Binary files /dev/null and b/tests/data_files/ec_x25519_prv.der differ diff --git a/tests/data_files/ec_x25519_prv.pem b/tests/data_files/ec_x25519_prv.pem new file mode 100644 index 000000000..007224040 --- /dev/null +++ b/tests/data_files/ec_x25519_prv.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VuBCIEILBtgpZVVDpRy6NuU1IrwKz9YK9ZRmVV+z4eeWhyqxpZ +-----END PRIVATE KEY----- diff --git a/tests/data_files/ec_x25519_pub.der b/tests/data_files/ec_x25519_pub.der new file mode 100644 index 000000000..922cb7618 Binary files /dev/null and b/tests/data_files/ec_x25519_pub.der differ diff --git a/tests/data_files/ec_x25519_pub.pem b/tests/data_files/ec_x25519_pub.pem new file mode 100644 index 000000000..2a36b5be9 --- /dev/null +++ b/tests/data_files/ec_x25519_pub.pem @@ -0,0 +1,3 @@ +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VuAyEAm8Ow6T2CM/5qi6YTiUjMEqkTYtXC7YFYTbBatUGcnRE= +-----END PUBLIC KEY----- diff --git a/tests/data_files/ec_x448_prv.der b/tests/data_files/ec_x448_prv.der new file mode 100644 index 000000000..f6d52f7ae Binary files /dev/null and b/tests/data_files/ec_x448_prv.der differ diff --git a/tests/data_files/ec_x448_prv.pem b/tests/data_files/ec_x448_prv.pem new file mode 100644 index 000000000..7bca6618e --- /dev/null +++ b/tests/data_files/ec_x448_prv.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEYCAQAwBQYDK2VvBDoEOGTpCDYD9atLDMYwDnjdwUTkjO4ZMB/uacXKw+4iUiED +oe50tXsIxi5REqWe2YOoL7eD7npOGRPt +-----END PRIVATE KEY----- diff --git a/tests/data_files/ec_x448_pub.der b/tests/data_files/ec_x448_pub.der new file mode 100644 index 000000000..7c44c91f1 Binary files /dev/null and b/tests/data_files/ec_x448_pub.der differ diff --git a/tests/data_files/ec_x448_pub.pem b/tests/data_files/ec_x448_pub.pem new file mode 100644 index 000000000..306e10c2d --- /dev/null +++ b/tests/data_files/ec_x448_pub.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEIwBQYDK2VvAzkAlrVhn5KDNBt3nL38B9mqGKqrPwnah3ynJgaWQ5IcLzv6zZT+ +TIjhGQ1NFGWwgtOV8UqU2tO4pYQ= +-----END PUBLIC KEY----- diff --git a/tests/data_files/bitstring-in-dn.pem b/tests/data_files/parse_input/bitstring-in-dn.pem similarity index 100% rename from tests/data_files/bitstring-in-dn.pem rename to tests/data_files/parse_input/bitstring-in-dn.pem diff --git a/tests/data_files/parse_input/cert_example_multi.crt b/tests/data_files/parse_input/cert_example_multi.crt new file mode 100644 index 000000000..0e3295dc7 --- /dev/null +++ b/tests/data_files/parse_input/cert_example_multi.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICojCCAYqgAwIBAgIBETANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwNzEwMTEyNzUyWhcNMjkwNzEwMTEyNzUyWjA6MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEAxziSxcP0cBAIa/gTNezzARyKJQ+VgjYeqh6W +ElUarPh7dTMLcFcznNmV8U1MRDfIvsSgP+RkPNPzyQJDPcN8W455qgmEroITNwq/ +hWm9KjVibLH+5KzgQrJBfHvknScUmywHa45DPT9sdjpGmhxwDSWdvAjHQPzYAjdi +/33r/C0CAwEAAaM2MDQwMgYDVR0RBCswKYILZXhhbXBsZS5jb22CC2V4YW1wbGUu +bmV0gg0qLmV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQCJbFizurHz804x +6NbsvsPPgLcESq0OcGOEXOCOe8seZqomhSYTXtHBzrFtRp2/gmtORq2oapoDDiq+ +I+xRLJYsUBut2NdkZmEIRSW4n4sXJwqb0fXTTkd7EAXBvGNWbERab5Sbf84oqd4t +yjjz2u+Hvx8hZCHJG2V9qg3zaw5zJT1AfAsMbjXqi8CfU7U+Fcor+O3GeuUVgpJC +QCXb2Qjj3ZmrCvGZA9x59XtnEN6m2O4pWkmqR/Z7MlQrZzQ80vcQMk9+qoKIr2EJ +RcJhAtE+dLV19IlccwsDlGx5kT5N5zSYLK9nARV1/AjK48bUxGH353A1Y2MCfy0E +dXDReJa1 +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_example_multi_nocn.crt b/tests/data_files/parse_input/cert_example_multi_nocn.crt new file mode 100644 index 000000000..1634846e1 --- /dev/null +++ b/tests/data_files/parse_input/cert_example_multi_nocn.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV +BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE +BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt +WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz +UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ +81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD +AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3 +dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB +ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB +bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm +EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3 +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_md5.crt b/tests/data_files/parse_input/cert_md5.crt new file mode 100644 index 000000000..e514fd631 --- /dev/null +++ b/tests/data_files/parse_input/cert_md5.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBBjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ1MIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f +M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu +1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw +MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v +4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/ +/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQQFAAOC +AQEAF4QcMshVtVbYgvvU7f2lWakubbAISM/k+FW/f7u63m0MSSoSFeYflBOC1Wf4 +imgDEnWcWTH5V7sxsLNogxfpfTuFUaKfHeQmRhAK4UgqbDEs4dZvgo3wZ/w92G0/ +QNntJefnqaFiITXZTn6J8hxeoEq4QbucbWgeY6fTAwXtIv40BvMOSakkuIFAyIvV +90VY1j4vnx0/xv5lIBAxah1HdtXhqtDu/sUfdCtWX5SCcVUwwM3gZ4Q1ZdWQmlvF +737ZG7XaINxsDaI04sJxc7qvuRYhLdCwUPnZL5TGEQJ8jNa/39eEbnkvs7hbTU98 +6qG8UAYsSI7aMe1j7DZpkoPL9w== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_sha1.crt b/tests/data_files/parse_input/cert_sha1.crt new file mode 100644 index 000000000..1e23585c5 --- /dev/null +++ b/tests/data_files/parse_input/cert_sha1.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBBzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGzAZBgNVBAMMElBvbGFyU1NMIENlcnQgU0hBMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAFAHuWfjOp+GaM5dP3NBaUayXmjbrsY5fo/ysfOVV9xipzbPWvE2Bu679iU1 +Eg+5hME9VlMmQejGzG09ReXE+30gyhtO3vWA8U21YrsL3ybvS6EREHGKk238bIBh +yDP/b0VuoNsS3xRn9WyH3TRu5re0vK68OSkLIWPd01fgvcfl6YyUY+WuuSrpYcDv +nrgKvFZws/EE4RNldtRC1Blwy497AtmWBQWs65zj5JkNdNnm4JJqXZAArNh2GSZo +83C/1ZSFrNo9GONsCJ0GVGEt7IK7FPqXYW7rXi30BRse33ziU7RPWGDT13bh9Rdz +RqsoZ5h5VjtHOnMUUD99gIWinBE= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_sha224.crt b/tests/data_files/parse_input/cert_sha224.crt new file mode 100644 index 000000000..c8a209d0c --- /dev/null +++ b/tests/data_files/parse_input/cert_sha224.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCDANBgkqhkiG9w0BAQ4FADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMjI0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ4F +AAOCAQEATdo7p7dok8gcxS0dYGluXMOsAEALyHAgvAJSZUt0x8RxemJfpquv4XG/ +rppQmtA5aPf59Fo0z5GcS0zzYFLTQIcLHKnuuG0W6yjhx3e+5J1hjLbv///vvKGN +jq55z+CANkragMk6XQ/t+iXkh/Fq00FS+zbf1JLaMXOLst5dfv3uPQaJHwzX/EaE +VdognXxWudNQgIvemindk9TTQon27zBS/z6nwcBCIXMDfesAjcHuBCfxl6pofK6E +28qs4up/JayptG2CX98LGsEyAgegwTMSYGLJoWcHhrUcbF0fNOcXPgQKGTcZO4Tg +yPYGbkG9FjgaASc2gTrYVPRZ6mY19g== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_sha256.crt b/tests/data_files/parse_input/cert_sha256.crt new file mode 100644 index 000000000..e56d42853 --- /dev/null +++ b/tests/data_files/parse_input/cert_sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMjU2MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsF +AAOCAQEAuo8kRDdQj3+rgqbz7bS3ZfBVCqgbQfruRZncP0s3IQJ6g7k6BNfCTO+N +tIgnCDhnhjK9DS4l1LTkQJKfcd6sfuwBxjHKWGZUqTqHWFm/O5MJwfMpxI305xXE +evDzh8LK1W3moX5OcT4bx3QsY9I4nqXQkOzjGidxhOXYA2v+X5OhRt3IJ2dzmQQu +BVXnDbzuchUfP5aeCwW6l7VX+RJOE2zlqO5yt0ejT02E44qtC5sBf24V9ko5LORw +1J7Zk34QwsKrSPSGxOuoWNwH3fJpgZQImKgJIQCsksJ+A45CK6iz0km8oTiI3Hoo +2LpE6UNx2M8jiZWVzH1L4tkg4fcCoQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_sha384.crt b/tests/data_files/parse_input/cert_sha384.crt new file mode 100644 index 000000000..f8ec10b66 --- /dev/null +++ b/tests/data_files/parse_input/cert_sha384.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCjANBgkqhkiG9w0BAQwFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBMzg0MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQwF +AAOCAQEAeyHm+emo4/QHqEVKj/MYPOsPrrcr5MupNE7WmoUA7SilVUlceIy8ApWR +MUdwnh7UPkCa6K1yvayknEbHzD2Lv9BLEf5A1/a+F/LmFXiV0kXIFue13u+z7laV +N/s/jphPVgjPwZiC1ZtOoD7WvSkIInB53j4Q3VCH6EpZxZuDO/u8CGBQ0g+9Eqhn +W3+4GFnxUPYeN17u/opt16mEPx6WFbRl9hs5wUvND/FCDEJ/9uVNiVYlPYyHKzzq +e3WXCHLYUKGESQX+85IrnmlwbAb33bM+sAM6naFafXTZEimeEpX3iYrHzhoU7aR7 +piojwAE+Yb3Ac+Hu1fY4CRO4ZHL6Zg== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/cert_sha512.crt b/tests/data_files/parse_input/cert_sha512.crt new file mode 100644 index 000000000..b2254fa72 --- /dev/null +++ b/tests/data_files/parse_input/cert_sha512.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIBCzANBgkqhkiG9w0BAQ0FADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA/MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHTAbBgNVBAMMFFBvbGFyU1NMIENlcnQgU0hBNTEyMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVh +Xom/uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq +1UFDd185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPht +gSVfCrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1l +LGTrlZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsu +pk9wbp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQID +AQABo00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kC +pjAfBgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQ0F +AAOCAQEABnuq7gMU6EWqcmEcj2/wiqOFUBeH9ro0tni9JZzaDAKkBMwoeJ3RP/59 +wY92UZC/SoWPm0yLK25KTwxJhd645a5ZeRk+yi1SG+oXNgZFS03F1Orat0bM5u94 +RtzLRInGzTxhlVS8HPRya2+nEaPT9YNO25vORczPDjtrI82UnysaWiKx1OCPhdP3 +ZySAkX/zE1U8Te0+948C0vmg2aTWCSk5zutryFgHH5UojmmWAkBHpX3tIm8JMRG9 +tvp6fbIDan0LmSsVK8rq5OPSwAKMso6GF4Iuxou/jP2gI+NutenX26wrffSjlPiW +KksLNj8oL6vIUap28Oh+Gwph02biSQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/cli-rsa-sha256-badalg.crt.der b/tests/data_files/parse_input/cli-rsa-sha256-badalg.crt.der similarity index 100% rename from tests/data_files/cli-rsa-sha256-badalg.crt.der rename to tests/data_files/parse_input/cli-rsa-sha256-badalg.crt.der diff --git a/tests/data_files/parse_input/crl-ec-sha1.pem b/tests/data_files/parse_input/crl-ec-sha1.pem new file mode 100644 index 000000000..8358640a0 --- /dev/null +++ b/tests/data_files/parse_input/crl-ec-sha1.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBbzCB9gIBATAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ +b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQRcNMTMwOTI0MTYz +MTA4WhcNMjMwOTIyMTYzMTA4WjAUMBICAQoXDTEzMDkyNDE2MjgzOFqgcjBwMG4G +A1UdIwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMg +Q0GCCQDBQ+J+YkPM6DAJBgcqhkjOPQQBA2kAMGYCMQDVG95rrSSl4dJgbJ5vR1GW +svEuEsAh35EhF1WrcadMuCeMQVX9cUPupFfQUpHyMfoCMQCKf0yv8pN9BAoi3FVm +56meWPhUekgLKKMAobt2oJJY6feuiFU2YFGs1aF0rV6Bj+U= +-----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha224.pem b/tests/data_files/parse_input/crl-ec-sha224.pem similarity index 100% rename from tests/data_files/crl-ec-sha224.pem rename to tests/data_files/parse_input/crl-ec-sha224.pem diff --git a/tests/data_files/parse_input/crl-ec-sha256.pem b/tests/data_files/parse_input/crl-ec-sha256.pem new file mode 100644 index 000000000..adfd5f893 --- /dev/null +++ b/tests/data_files/parse_input/crl-ec-sha256.pem @@ -0,0 +1,10 @@ +-----BEGIN X509 CRL----- +MIIBcTCB9wIBATAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EXDTEzMDkyNDE2 +MzEwOFoXDTIzMDkyMjE2MzEwOFowFDASAgEKFw0xMzA5MjQxNjI4MzhaoHIwcDBu +BgNVHSMEZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMC +TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD +IENBggkAwUPifmJDzOgwCgYIKoZIzj0EAwIDaQAwZgIxAKuQ684s7gyhtxKJr6Ln +S2BQ02f1jjPHrZVdXaZvm3C5tGi2cKkoK1aMiyC3LsRCuAIxAIMhj0TmcuIZr5fX +g5RByD7zUnZBpoEAdgxFy4JPJ2IViWOPekSGh8b/JY1VNS6Zbw== +-----END X509 CRL----- diff --git a/tests/data_files/crl-ec-sha384.pem b/tests/data_files/parse_input/crl-ec-sha384.pem similarity index 100% rename from tests/data_files/crl-ec-sha384.pem rename to tests/data_files/parse_input/crl-ec-sha384.pem diff --git a/tests/data_files/crl-ec-sha512.pem b/tests/data_files/parse_input/crl-ec-sha512.pem similarity index 100% rename from tests/data_files/crl-ec-sha512.pem rename to tests/data_files/parse_input/crl-ec-sha512.pem diff --git a/tests/data_files/crl-idp.pem b/tests/data_files/parse_input/crl-idp.pem similarity index 100% rename from tests/data_files/crl-idp.pem rename to tests/data_files/parse_input/crl-idp.pem diff --git a/tests/data_files/crl-idpnc.pem b/tests/data_files/parse_input/crl-idpnc.pem similarity index 100% rename from tests/data_files/crl-idpnc.pem rename to tests/data_files/parse_input/crl-idpnc.pem diff --git a/tests/data_files/crl-malformed-trailing-spaces.pem b/tests/data_files/parse_input/crl-malformed-trailing-spaces.pem similarity index 100% rename from tests/data_files/crl-malformed-trailing-spaces.pem rename to tests/data_files/parse_input/crl-malformed-trailing-spaces.pem diff --git a/tests/data_files/parse_input/crl-rsa-pss-sha1.pem b/tests/data_files/parse_input/crl-rsa-pss-sha1.pem new file mode 100644 index 000000000..59ca4f703 --- /dev/null +++ b/tests/data_files/parse_input/crl-rsa-pss-sha1.pem @@ -0,0 +1,14 @@ +-----BEGIN X509 CRL----- +MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x +NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 +WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM +MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS +4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 +MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo +mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O +7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa +y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ +-----END X509 CRL----- diff --git a/tests/data_files/parse_input/crl-rsa-pss-sha224.pem b/tests/data_files/parse_input/crl-rsa-pss-sha224.pem new file mode 100644 index 000000000..a51d5d911 --- /dev/null +++ b/tests/data_files/parse_input/crl-rsa-pss-sha224.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI +i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v +TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e +Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 +NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB +f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D +a6JSqCIMRCQY2JOUn0A= +-----END X509 CRL----- diff --git a/tests/data_files/parse_input/crl-rsa-pss-sha256.pem b/tests/data_files/parse_input/crl-rsa-pss-sha256.pem new file mode 100644 index 000000000..f16a49118 --- /dev/null +++ b/tests/data_files/parse_input/crl-rsa-pss-sha256.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 +oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC +FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo +IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X +ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB +r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb +XLdJyyak33CLBKu+nJc= +-----END X509 CRL----- diff --git a/tests/data_files/parse_input/crl-rsa-pss-sha384.pem b/tests/data_files/parse_input/crl-rsa-pss-sha384.pem new file mode 100644 index 000000000..50f7e4cd2 --- /dev/null +++ b/tests/data_files/parse_input/crl-rsa-pss-sha384.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco +SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR +a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 +EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs +y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k +q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u +KUH/xf1jEnNzbYNGiZw= +-----END X509 CRL----- diff --git a/tests/data_files/parse_input/crl-rsa-pss-sha512.pem b/tests/data_files/parse_input/crl-rsa-pss-sha512.pem new file mode 100644 index 000000000..0f1d6510b --- /dev/null +++ b/tests/data_files/parse_input/crl-rsa-pss-sha512.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F +ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq +1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 +t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU +p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 +sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 +enMfMvwScA5AImzu9xA= +-----END X509 CRL----- diff --git a/tests/data_files/parse_input/crl_expired.pem b/tests/data_files/parse_input/crl_expired.pem new file mode 100644 index 000000000..cf60ae4d7 --- /dev/null +++ b/tests/data_files/parse_input/crl_expired.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIyMDEwMjQx +OVoXDTExMDIyMDExMjQxOVowKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEFBQADggEBAKgP1XmCIPbfY1/UO+SVFQir +jArZ94QnQdoan4tJ29d8DmTxJ+z9/KyWNoGeOwc9P/2GQQaZahQOBr0f6lYd67Ct +wFVh/Q2zF8FgRcrQV7u/vJM33Q2yEsQkMGlM7rE5lC972vUKWu/NKq8bN9W/tWxZ +SFbvTXpv024aI0IRudpOCALnIy8SFhVb2/52IN2uR6qrFizDexMEdSckgpHuJzGS +IiANhIMn5LdQYJFjPgBzQU12tDdgzcpxtGhT10y4uQre+UbSjw+iVyml3issw59k +OSmkWFb06LamRC215JAMok3YQO5RnxCR8EjqPcJr+7+O9a1O1++yiaitg4bUjEA= +-----END X509 CRL----- diff --git a/tests/data_files/crl_md5.pem b/tests/data_files/parse_input/crl_md5.pem similarity index 100% rename from tests/data_files/crl_md5.pem rename to tests/data_files/parse_input/crl_md5.pem diff --git a/tests/data_files/crl_sha1.pem b/tests/data_files/parse_input/crl_sha1.pem similarity index 100% rename from tests/data_files/crl_sha1.pem rename to tests/data_files/parse_input/crl_sha1.pem diff --git a/tests/data_files/crl_sha224.pem b/tests/data_files/parse_input/crl_sha224.pem similarity index 100% rename from tests/data_files/crl_sha224.pem rename to tests/data_files/parse_input/crl_sha224.pem diff --git a/tests/data_files/parse_input/crl_sha256.pem b/tests/data_files/parse_input/crl_sha256.pem new file mode 100644 index 000000000..c3ca25699 --- /dev/null +++ b/tests/data_files/parse_input/crl_sha256.pem @@ -0,0 +1,11 @@ +-----BEGIN X509 CRL----- +MIIBqzCBlDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI +UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw +N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx +MDIxMjE0NDQwN1owDQYJKoZIhvcNAQELBQADggEBAG4mBBgwfNynCYYL2CEnqore +mgKpC32tB6WiUBu9figcvdN3nSX/1wrB8rpiE8R04C8oSFglwhotJCnlWsy42tjb +0pk0Wuizln0PFMc/OypqRNNhwx31SHH42W4KzONiqvq3n/WkH3M1YniR1ZnMlyvi +lJioQn6ZAoc6O6mMP1J9duKYYhiMAOV992PD1/iqXw+jYN31RwdIS8/mGzIs4ake +EdviwhM3E4/sVbNOWCOnZFYV4m+yNAEe29HL1VKw6UXixBczct+brqXNVD3U6T0F +5ovR6BTefZO17eT52Duke5RZGDUyQOGywxOYKI5W+FcOYdp+U5Idk399tAz2Mdw= +-----END X509 CRL----- diff --git a/tests/data_files/crl_sha384.pem b/tests/data_files/parse_input/crl_sha384.pem similarity index 100% rename from tests/data_files/crl_sha384.pem rename to tests/data_files/parse_input/crl_sha384.pem diff --git a/tests/data_files/crl_sha512.pem b/tests/data_files/parse_input/crl_sha512.pem similarity index 100% rename from tests/data_files/crl_sha512.pem rename to tests/data_files/parse_input/crl_sha512.pem diff --git a/tests/data_files/parse_input/keyUsage.decipherOnly.crt b/tests/data_files/parse_input/keyUsage.decipherOnly.crt new file mode 100644 index 000000000..7c379787a --- /dev/null +++ b/tests/data_files/parse_input/keyUsage.decipherOnly.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICFzCCAYCgAwIBAgIJAJsTzkylb95SMA0GCSqGSIb3DQEBBQUAMD8xCzAJBgNV +BAYTAkdCMRIwEAYDVQQHDAlDYW1icmlkZ2UxHDAaBgNVBAoME0RlZmF1bHQgQ29t +cGFueSBMdGQwHhcNMTUwNTEyMTAzNjU1WhcNMTgwNTExMTAzNjU1WjA/MQswCQYD +VQQGEwJHQjESMBAGA1UEBwwJQ2FtYnJpZGdlMRwwGgYDVQQKDBNEZWZhdWx0IENv +bXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9nxYOSbha/Ap4 +6rACrOMH7zfDD+0ZEHhbO0bgGRjc5ElvOaNuD321y9TnyAx+JrqPp/lFrAgNiVo1 +HPurPHfcJ+tNBUgBHboWGNENNaf9ovwFPawsBzEZraGnDaqVPEFcIsUQPVqO1lrQ +CHLUjtqo1hMZDqe/Web0Mw9cZrqOaQIDAQABoxswGTAJBgNVHRMEAjAAMAwGA1Ud +DwQFAwMH4IAwDQYJKoZIhvcNAQEFBQADgYEAJ0NS2wUbgRelK0qKxrR2Ts6jVYEH +bmykx3GHjFyKpscDIn2vNyyB7ygfFglZPcw+2mn3xuVIwOV/mWxFvKHk+j2WrTQL +tDqSC5BhFoR01veFu07JdEYvz+I+NCL5z0IGWXkUrk235Wl4w4WMZDnXTqncMNEk +fLtpo9y79XD00QY= +-----END CERTIFICATE----- diff --git a/tests/data_files/multiple_san.crt b/tests/data_files/parse_input/multiple_san.crt similarity index 100% rename from tests/data_files/multiple_san.crt rename to tests/data_files/parse_input/multiple_san.crt diff --git a/tests/data_files/non-ascii-string-in-issuer.crt b/tests/data_files/parse_input/non-ascii-string-in-issuer.crt similarity index 100% rename from tests/data_files/non-ascii-string-in-issuer.crt rename to tests/data_files/parse_input/non-ascii-string-in-issuer.crt diff --git a/tests/data_files/parse_input/rsa_multiple_san_uri.crt.der b/tests/data_files/parse_input/rsa_multiple_san_uri.crt.der new file mode 100644 index 000000000..ac5fab293 Binary files /dev/null and b/tests/data_files/parse_input/rsa_multiple_san_uri.crt.der differ diff --git a/tests/data_files/parse_input/rsa_single_san_uri.crt.der b/tests/data_files/parse_input/rsa_single_san_uri.crt.der new file mode 100644 index 000000000..22308c6f4 Binary files /dev/null and b/tests/data_files/parse_input/rsa_single_san_uri.crt.der differ diff --git a/tests/data_files/server1-ms.req.sha256 b/tests/data_files/parse_input/server1-ms.req.sha256 similarity index 100% rename from tests/data_files/server1-ms.req.sha256 rename to tests/data_files/parse_input/server1-ms.req.sha256 diff --git a/tests/data_files/parse_input/server1.cert_type.crt b/tests/data_files/parse_input/server1.cert_type.crt new file mode 100644 index 000000000..34fe4f6a4 --- /dev/null +++ b/tests/data_files/parse_input/server1.cert_type.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDUjCCAjqgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o2AwXjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zARBglghkgBhvhCAQEEBAMC +BkAwDQYJKoZIhvcNAQEFBQADggEBAElJPaCG6aFHoymoCrzckPfjENxgXW2czh5t +TsMPshkzX5p2AU89GBGdy0gQwoPuMtcznsDe4adM6Na8f30YDffATsgDECMIWtV1 +XVYKQIwFmZzEt4B+5sUmyMOLtTuuZBThOLPwOw8e4RnILKOYPHnQNRf6Eap4lFDx +lp2pAaiXMDWH88gmWoU5XrGTppllYV0IorzJ4xV9Sg3ittNwNO40ehVQDAseFwZH +iyh9iHz4BqtWjElmQ3hL8N/Cbqp3iN15h2pUgIj8JIt9rCsIZrsG3K42iSlPzEn2 +DCzWQSj9cQNCRVJnwgJAWnC1Hx0YYFQMgQquVxnK15THTGQAeB8= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server1.crt b/tests/data_files/parse_input/server1.crt new file mode 100644 index 000000000..258da5e17 --- /dev/null +++ b/tests/data_files/parse_input/server1.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC +AQEAf2k5OiORp60gBNqioC2mIqSXA0CU/qzllt8IvlcMv1V0PAP9f4IEm5mdkERr +UXjnB1Tr3edrsvXLgZ9vEosbFpNMsKfsmBkpjgWG2ui8pdn8cJiws4k4h5fuueSw +Ps1FLK5Tfpi+GJyPqk4ha9Ojp2p9opuA0aIfLuxI+0UzXH4wgrEW/Yydowv959gf +gGSl766CRdUvJbXOeVryFjFTRfLFFNfTvrftZk1dl8tas1nim8xfWet+BZVvq2zY +C7LeCI9nrfuAxfMJTrWFp17y72+hCDk7NEaB2ZLVuAM/ri7LWrr2V2hLFdIAhfC2 +nUaulRRpGt/ZTISw6uSIumNoNA== +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.crt.der b/tests/data_files/parse_input/server1.crt.der similarity index 100% rename from tests/data_files/server1.crt.der rename to tests/data_files/parse_input/server1.crt.der diff --git a/tests/data_files/server1.ext_ku.crt b/tests/data_files/parse_input/server1.ext_ku.crt similarity index 100% rename from tests/data_files/server1.ext_ku.crt rename to tests/data_files/parse_input/server1.ext_ku.crt diff --git a/tests/data_files/parse_input/server1.key_usage.crt b/tests/data_files/parse_input/server1.key_usage.crt new file mode 100644 index 000000000..9d70b0018 --- /dev/null +++ b/tests/data_files/parse_input/server1.key_usage.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o10wWzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf +BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zAOBgNVHQ8BAf8EBAMCBeAw +DQYJKoZIhvcNAQEFBQADggEBAHM8eESmE8CQvuCw2/w1JSWKaU9cJIvrtpJXavRC +yMEv6SQL0hxrNZBhFPM8vAiq6zBdic2HwuiZ9N/iEXuCf92SOcK4b/2/Flos0JI5 +quu4eGkwoNrOvfZUcO7SB8JHUvmJtTP+avF3QeRfHo9bHRtnyOs9GXqq+CMZiNgO +Bw+/tAOml3tV1Uf+yjp6XroWLRNMbvY1Sor4UW6FFMpOii/vlJ4450OlpcJdRU70 +LpHfxjmPNvc9YOPWve75/+CNF9lMi29UoEUYslxMPylZ/L0vYxi+xuvQBTaLiZeP +CJ59Mc63LEmJNSAwnnV8s2KXL/Okm32lf6sy0fjsrvAdoCc= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.req.commas.sha256 b/tests/data_files/parse_input/server1.req.commas.sha256 similarity index 100% rename from tests/data_files/server1.req.commas.sha256 rename to tests/data_files/parse_input/server1.req.commas.sha256 diff --git a/tests/data_files/parse_input/server1.req.md5 b/tests/data_files/parse_input/server1.req.md5 new file mode 100644 index 000000000..57714ede3 --- /dev/null +++ b/tests/data_files/parse_input/server1.req.md5 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBAUA +A4IBAQCEiv3QM4xyKhYTsoOjyzQdXMhsXK3Kpw+Rh874Hf6pXHxUaYy7xLUZUx6K +x5Bvem1HMHAdmOqYTzsE9ZblAMZNRwv/CKGS3pvMkx/VZwXQhFGlHLFG//fPrgl3 +j4dt20QsWP8LnL4LweYSYI1wt1rjgYRHeF6bG/VIck6BIYQhKOGlzIwWUmfAGym6 +q4SYrd+ObZullSarGGSfNKjIUEpYtfQBz31f5tRsyzSps7oG4uc7Xba4qnl2o9FN +lWOMEER79QGwr7+T41FTHFztFddfJ06CCjoRCfEn0Tcsg11tSMS0851oLkMm8RyY +aozIzO82R3Em7aPhZBiBDy3wZC2l +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/parse_input/server1.req.sha1 b/tests/data_files/parse_input/server1.req.sha1 new file mode 100644 index 000000000..578ec7f79 --- /dev/null +++ b/tests/data_files/parse_input/server1.req.sha1 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBBQUA +A4IBAQCiYQMOv2ALPUeg8wHKn9L5SdDbNxOzuMwhYsCYTw2TJMQO7NLUq6icEzxY +pUIIFt60JUQjZHxQSY3y9cSivwKXQA7pPfaPaFC/aMA2GxG23t2eaIWNQX8MfcWf +XAa8bl/vmC1MTov+mP2DGoXRiKYORrEInyDS2RaTathvHckcAv25nCIx7wYO9tC9 +LUwyoE9bhiQ7fo3KFlz4dK1HukyCM/FoPbJuL7NgdzmKVPyYCLh5Ah+TTD6+sltz +dFc4fj28w1v3jsBXz+tLrgFQidzuUI2poxt5UwU9TKY0dAJaTCtfIRcXW3h6DGG7 +EDR6rim6sbIQkGzYvGqs4TNoJOR+ +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/parse_input/server1.req.sha224 b/tests/data_files/parse_input/server1.req.sha224 new file mode 100644 index 000000000..a4f2af4c1 --- /dev/null +++ b/tests/data_files/parse_input/server1.req.sha224 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDgUA +A4IBAQArYR2mLKU5lsHyAyGHr4PlmC/cfePmCRyC/mj1riGTjDlNC2X3J1VZDqKb +U/uUxLudP7sbuttRksIAREATT74Pa40bMWiPUlBfA/M2mFTmKb/91uXeIISW8DL3 +xM/5BCDrhnZ/cjP23gKDgJRk+IGBNhYZDGz50TIBbDJ2e4GDkFjzANngUW64UcCQ +7hZOYtnYLBnoRvPwtal5jZqHwsgaPPePXu+SQ8mfuAJwJ78MOCAaKw0IP1h1OnPG +iubdl34lSIaYWwbHTdjaqUSQG3SSs4oxEvluYymrpZ6XGKXtphJXEPdTRiLu9d9l +A5NYVgvqHFQPmuXS92zrGzB788pV +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/parse_input/server1.req.sha256 b/tests/data_files/parse_input/server1.req.sha256 new file mode 100644 index 000000000..6d21dc5d9 --- /dev/null +++ b/tests/data_files/parse_input/server1.req.sha256 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4IBAQCVlSU7qeKri7E3u8JCZbCyjsGJTH9iHYyeDZ/nDLig7iKGYvyNmyzJ76Qu ++EntSmL2OtL95Yqooc6h1AQHzoCs+SO2wPoTUs3Ypi9r7vNNVO3ZnnxVtGgqCRVA +W+z9W4p2mHXQhgW1HkuLa5JD1SvJViyZbx9z3ie1BQ9NVKfv++ArPIv70zBtA7O3 +PZNG1JYN30Esz7RsCDRHbz6Npvu9ggUQL/U3mvQQ+Yo+xhwu1yFV+dRH7PebBeQv +vjcD2fXDabeofK3zztIpUIyUULX0GGClM9jslgJ/ZHUlArWKpLZph0AgF1Dzts// +M6c/sRw7gtjXmV0zq2tf2fL4+e2b +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/parse_input/server1.req.sha384 b/tests/data_files/parse_input/server1.req.sha384 new file mode 100644 index 000000000..b857af7f1 --- /dev/null +++ b/tests/data_files/parse_input/server1.req.sha384 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDAUA +A4IBAQBy35zHYLiYaScq1niQkzQ/BScUbdiWd2V90isBsB5Q3NjVoJl/yCaMrla3 +2XfrutpFpdqwenl5jM0o6+enKCmfur+z2/ije69Dju2aBd6A62cx1AEvFiMq7lyF +4DYJ32+2ty6KA8EhzE3NFs7zKXxmD5ybp+oXNEvXoeU3W8a+Ld5c1K/n+Ipa0TUy +cFBs6dCsbYO9wI6npwWqC5Hc9r/0zziMFO+4N5VORdYUFqObq4vCYOMXETpl8ryu +lGZorNUoJ7vV55T31CDqEtb0EE+nO+nT4agfDobncYjvc3WpQuLtUB4UwR5gpZl6 +ZI+j4uwikOgGO9gcx4IjaRP3q63F +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/parse_input/server1.req.sha512 b/tests/data_files/parse_input/server1.req.sha512 new file mode 100644 index 000000000..85d52460d --- /dev/null +++ b/tests/data_files/parse_input/server1.req.sha512 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ +ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ +HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF +W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs +FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBDQUA +A4IBAQBb8jNpt0nkNVWstVoOCepQSF5R1R9hF0yEr7mk3HB9oO/nK07R1Oamgjw+ +CHQReTSjIKUX53o7ZwNZB5E+jBDsGz/2Yyj/vxNHJFk2exELtW30he8K2omVHE1F +XESbftCssWLNpTSDq6ME12+llkEDtgCtkv69oRUkuuF5ESUSZRGIZN4Vledm8SM1 +uGFtaG/PXbBbtUaNwNISDeIWDKRtbuca5web+QEi1djiUH21ZWIGEpOy7mtkYmRs +Qt1D32FoaqFNhafiaxNIXO11yd4lgpaDDlmrOSBsELcTIF9916o3DwMeVXy0GONW +BrwaO8q8rg+C+xvMY7858Kk8kwjb +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1_pathlen_int_max-1.crt b/tests/data_files/parse_input/server1_pathlen_int_max-1.crt similarity index 100% rename from tests/data_files/server1_pathlen_int_max-1.crt rename to tests/data_files/parse_input/server1_pathlen_int_max-1.crt diff --git a/tests/data_files/server1_pathlen_int_max.crt b/tests/data_files/parse_input/server1_pathlen_int_max.crt similarity index 100% rename from tests/data_files/server1_pathlen_int_max.crt rename to tests/data_files/parse_input/server1_pathlen_int_max.crt diff --git a/tests/data_files/parse_input/server2.crt b/tests/data_files/parse_input/server2.crt new file mode 100644 index 000000000..074519676 --- /dev/null +++ b/tests/data_files/parse_input/server2.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN +owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz +NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM +tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P +hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4 +cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A +O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc +KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE +iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp +HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap +Awgk0+4m0T25cNs= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server2.crt.der b/tests/data_files/parse_input/server2.crt.der new file mode 100644 index 000000000..9cfa9ab14 Binary files /dev/null and b/tests/data_files/parse_input/server2.crt.der differ diff --git a/tests/data_files/parse_input/server3.crt b/tests/data_files/parse_input/server3.crt new file mode 100644 index 000000000..ed0d696b4 --- /dev/null +++ b/tests/data_files/parse_input/server3.crt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICojCCAYqgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTMwODA5MDkxNzAzWhcNMjMwODA3MDkxNzAzWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG +CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5 +fQcsej6EFasvlTdJ/6OBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTkF2s2sgaJ +OtleQ7bgZH2Hq33eNzBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/ +pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQ +b2xhclNTTCBUZXN0IENBggEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjmSIjGKD1eH5W +4bl2MXfNIsTwc2vv/MAAhBzBEbTXd3T37+zAGPGjKncvTB+oufUVRGkoKbfoC6Jm +DYSEUuxtnUZOko/C//XlCEtK0TuS2aLEqF3gJjBJTCfthEdAhJCtmPAQDCzeKsdx +CoOtH0NQx6Xl64oDt2wYSQNWUTGLPfRpdsVEvBHhHYATQijkl2ZH8BDjsYcBicrS +qmCeN+0T1B9vrOQVEZe+fwgzVL38n8lkJZNPIbdovA9WLHwXAEzPv4la3w0qh4Tb +kSb8HtILl4I474QxrFywylyXR/p2znPleRIRgB5HtUp9tLSWkB0bwMlqQlg2EHXu +CAQ1sXmQ +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server4.crt b/tests/data_files/parse_input/server4.crt new file mode 100644 index 000000000..96b1aa772 --- /dev/null +++ b/tests/data_files/parse_input/server4.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC6jCCAnCgAwIBAgIBCDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAKvXjL5VfYc7D/truqEpYcZcvlUhnuCNDJctYDJL +vgYYj5uxDxLHBXvnEHLgO5K+lps42p+r/dd4oE64ttRoeZZUvr+7eBnW35n0EpPA +Ik9Gwu+vg7GfxmifgIR8hZnOQkt2OjvvpChPCxvUailtB450Izh+mEK/hYFr+7Jl +NnxR1XQlbbyDM7Ect1HwYcuS3MBlBqq048J+0KEkQXICSjKeHFga9eDCq+Jyfqe5 +bt0K30hl1N0164B7aoh08Eomme+aSuAsz+MsJ3m7AO2DUYdrDxlrky1QrvRWWfX0 +d8djTM+uHTo1DviRM6o9+P9DfoFd53/Z0Km03sVLQWvUrhECAwEAAaOBnTCBmjAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTBuBgNVHSME +ZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkA +wUPifmJDzOgwCgYIKoZIzj0EAwIDaAAwZQIxAPWlxnMcjBaxaVieQYSLBqzizS3/ +O8Na6owRGPk0/UK+j5O9NTBHk+uXW/fQblKamQIwUQl4dl6gkRDE4rBR/yGjZZ1Z +3dEpvL2Wimt3keD7AcLpYB2FJ1mVcY1XQUeK1Vfc +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server5-directoryname-seq-malformed.crt.der b/tests/data_files/parse_input/server5-directoryname-seq-malformed.crt.der new file mode 100644 index 000000000..4b0c3252a Binary files /dev/null and b/tests/data_files/parse_input/server5-directoryname-seq-malformed.crt.der differ diff --git a/tests/data_files/parse_input/server5-directoryname.crt.der b/tests/data_files/parse_input/server5-directoryname.crt.der new file mode 100644 index 000000000..4badea1a2 Binary files /dev/null and b/tests/data_files/parse_input/server5-directoryname.crt.der differ diff --git a/tests/data_files/parse_input/server5-fan.crt.der b/tests/data_files/parse_input/server5-fan.crt.der new file mode 100644 index 000000000..db4e5bda5 Binary files /dev/null and b/tests/data_files/parse_input/server5-fan.crt.der differ diff --git a/tests/data_files/parse_input/server5-non-compliant.crt b/tests/data_files/parse_input/server5-non-compliant.crt new file mode 100644 index 000000000..abea17ddc --- /dev/null +++ b/tests/data_files/parse_input/server5-non-compliant.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBwjCCAUagAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0wMTAxMDEwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMCQxIjAgBgNVBAMMGVRlc3Qg +RUMgUkZDIG5vbi1jb21wbGlhbnQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3 +zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI +wmt3DVXNiioO+gHItO3/o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRQYaWP1AfZ +14IBDOVlf4xjRqcTvjAfBgNVHSMEGDAWgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAM +BggqhkjOPQQDAgUAA2gAMGUCMAJ3J/DooFSaBG2OhzyWai32q6INDZfoS2bToSKf +gy6hbJiIX/G9eFts5+BJQ3QpjgIxALRmIgdR91BDdqpeF5JCmhgjbfbgMQ7mrMeS +ZGfNyFyjS75QnIA6nKryQmgPXo+sCQ== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server5-nonprintable_othername.crt.der b/tests/data_files/parse_input/server5-nonprintable_othername.crt.der new file mode 100644 index 000000000..dd0fc7ed4 Binary files /dev/null and b/tests/data_files/parse_input/server5-nonprintable_othername.crt.der differ diff --git a/tests/data_files/parse_input/server5-othername.crt.der b/tests/data_files/parse_input/server5-othername.crt.der new file mode 100644 index 000000000..0ef31cf14 Binary files /dev/null and b/tests/data_files/parse_input/server5-othername.crt.der differ diff --git a/tests/data_files/parse_input/server5-second-directoryname-oid-malformed.crt.der b/tests/data_files/parse_input/server5-second-directoryname-oid-malformed.crt.der new file mode 100644 index 000000000..7074fd84a Binary files /dev/null and b/tests/data_files/parse_input/server5-second-directoryname-oid-malformed.crt.der differ diff --git a/tests/data_files/parse_input/server5-sha1.crt b/tests/data_files/parse_input/server5-sha1.crt new file mode 100644 index 000000000..73e2d1745 --- /dev/null +++ b/tests/data_files/parse_input/server5-sha1.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAaSgAwIBAgIBEjAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0x +MzA5MjQxNjIxMjdaFw0yMzA5MjIxNjIxMjdaMDQxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDESMBAGA1UEAxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI +KoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDY +IxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6OBnTCBmjAJBgNVHRMEAjAAMB0G +A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjBuBgNVHSMEZzBlgBSdbSAkSQE/ +K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFy +U1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH +KoZIzj0EAQNoADBlAjEAyjvzRWtxbXvkoYTYSQY9gFBpP7/wTZ2q6FbRiAuZULFt +lc0PMPDfVZChgA6iDH+BAjBdkOb73f2pOwZpMRqrOgqSynbt2uWY87mC5lRlNEoR +WXEv1AzIeBCv+81DN1Iuu4w= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server5-sha224.crt b/tests/data_files/parse_input/server5-sha224.crt new file mode 100644 index 000000000..47b11688c --- /dev/null +++ b/tests/data_files/parse_input/server5-sha224.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICIDCCAaWgAwIBAgIBEzAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMBA2kAMGYCMQCj0EyFUzDRmfokWzLVEWN0epR4/sZytfIeozp6BqWH +qaTBdAR2vthIKC7dKuUkg34CMQD6YtB2O9Vso79gbzSen2qh7gK7VvGE+31EVPbR +Ce/oNG/3OfhRSdn3FOvBBg2UErM= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server5-sha384.crt b/tests/data_files/parse_input/server5-sha384.crt new file mode 100644 index 000000000..5d6a79b2f --- /dev/null +++ b/tests/data_files/parse_input/server5-sha384.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBFDAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMDA2gAMGUCMQCnsd/6VB2kLIqMRsWdkJvRaQROyAg78CQExFEY3CMv +9t0kWRXPc4nCMH69RjQVvC4CMB4lk9A7hnX2zQy3bbUhOCOvXcsQdEe8AMgJBviz +5Nob2wThRqsm1wjCF60fyzXWuA== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server5-sha512.crt b/tests/data_files/parse_input/server5-sha512.crt new file mode 100644 index 000000000..16112ac54 --- /dev/null +++ b/tests/data_files/parse_input/server5-sha512.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBFTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMEA2gAMGUCMFPL2OI8arcbRlKAbRb/YfGibo4Mwts8KX3fOuRCbXEn +pDWeb82kBqfXwzPJwamFOwIxAPGzyhWrxn0qEynWV5nzFK02PYBnYFgClISyyudH +HJGHtbEVRc5JA8ALnggaLVpuvg== +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server5-two-directorynames.crt.der b/tests/data_files/parse_input/server5-two-directorynames.crt.der new file mode 100644 index 000000000..c98a018f0 Binary files /dev/null and b/tests/data_files/parse_input/server5-two-directorynames.crt.der differ diff --git a/tests/data_files/parse_input/server5-unsupported_othername.crt.der b/tests/data_files/parse_input/server5-unsupported_othername.crt.der new file mode 100644 index 000000000..1d9c20588 Binary files /dev/null and b/tests/data_files/parse_input/server5-unsupported_othername.crt.der differ diff --git a/tests/data_files/parse_input/server5.crt b/tests/data_files/parse_input/server5.crt new file mode 100644 index 000000000..459742828 --- /dev/null +++ b/tests/data_files/parse_input/server5.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA +2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh +clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S +C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V +fGa5kHvHARBPc8YAIVIqDvHH1Q== +-----END CERTIFICATE----- diff --git a/tests/data_files/server5.req.sha1 b/tests/data_files/parse_input/server5.req.sha1 similarity index 100% rename from tests/data_files/server5.req.sha1 rename to tests/data_files/parse_input/server5.req.sha1 diff --git a/tests/data_files/server5.req.sha224 b/tests/data_files/parse_input/server5.req.sha224 similarity index 100% rename from tests/data_files/server5.req.sha224 rename to tests/data_files/parse_input/server5.req.sha224 diff --git a/tests/data_files/server5.req.sha256 b/tests/data_files/parse_input/server5.req.sha256 similarity index 100% rename from tests/data_files/server5.req.sha256 rename to tests/data_files/parse_input/server5.req.sha256 diff --git a/tests/data_files/server5.req.sha384 b/tests/data_files/parse_input/server5.req.sha384 similarity index 100% rename from tests/data_files/server5.req.sha384 rename to tests/data_files/parse_input/server5.req.sha384 diff --git a/tests/data_files/server5.req.sha512 b/tests/data_files/parse_input/server5.req.sha512 similarity index 100% rename from tests/data_files/server5.req.sha512 rename to tests/data_files/parse_input/server5.req.sha512 diff --git a/tests/data_files/server7_all_space.crt b/tests/data_files/parse_input/server7_all_space.crt similarity index 100% rename from tests/data_files/server7_all_space.crt rename to tests/data_files/parse_input/server7_all_space.crt diff --git a/tests/data_files/parse_input/server7_int-ca.crt b/tests/data_files/parse_input/server7_int-ca.crt new file mode 100644 index 000000000..d3ddc46a8 --- /dev/null +++ b/tests/data_files/parse_input/server7_int-ca.crt @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m +47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS +MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud +IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC +AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr +FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr +8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj ++gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 +QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm +yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK +TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e +deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM +0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b +OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj +VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp +a8Si6UK5 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq +vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR +wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF +CaBCLhhdK1Fjf8HjkT/PkctWnho8NTwivc9+nqRZjXe/eIcqm5HwjDDhu+gz+o0g +Vz9MfZNi1JyCrOyNZcy+cr2QeNnNVGnFq8xTxtu6dLunhpmLFj2mm0Vjwa7Ypj5q +AjpqTMtDvqbRuToyoyzajhMNcCAf7gwzIupJJFVdjdtgYAcQwzikwF5HoITJzzJ2 +qgxF7CmvGZNb7G99mLdLdhtclH3wAQKHYwEGJo7XKyNEuHPQgB+e0cg1SD1HqlAM +uCfGGTWQ6me7Bjan3t0NzoTdDq6IpKTesbaY+/9e2xn8DCrhBKLXQMZFDZqUoLYA +kGPOEGgvlPnIIXAawouxCaNYEh5Uw871YMSPT28rLdFr49dwYOtDg9foA8hDIW2P +d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br +Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg +updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY +a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE +AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG +i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 +Af5cNR8KhzegznL6amRObGGKmX1F +-----END CERTIFICATE----- diff --git a/tests/data_files/server7_pem_space.crt b/tests/data_files/parse_input/server7_pem_space.crt similarity index 100% rename from tests/data_files/server7_pem_space.crt rename to tests/data_files/parse_input/server7_pem_space.crt diff --git a/tests/data_files/server7_trailing_space.crt b/tests/data_files/parse_input/server7_trailing_space.crt similarity index 100% rename from tests/data_files/server7_trailing_space.crt rename to tests/data_files/parse_input/server7_trailing_space.crt diff --git a/tests/data_files/parse_input/server9-sha224.crt b/tests/data_files/parse_input/server9-sha224.crt new file mode 100644 index 000000000..1b05f313a --- /dev/null +++ b/tests/data_files/parse_input/server9-sha224.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo +PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm +g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm +uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR +B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe +l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server9-sha256.crt b/tests/data_files/parse_input/server9-sha256.crt new file mode 100644 index 000000000..7d0aa3956 --- /dev/null +++ b/tests/data_files/parse_input/server9-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg +3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 +yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H +V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE +0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu +zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server9-sha384.crt b/tests/data_files/parse_input/server9-sha384.crt new file mode 100644 index 000000000..aaa63e6ed --- /dev/null +++ b/tests/data_files/parse_input/server9-sha384.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp +B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI +aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX +TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug +qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg +s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server9-sha512.crt b/tests/data_files/parse_input/server9-sha512.crt new file mode 100644 index 000000000..a211b921d --- /dev/null +++ b/tests/data_files/parse_input/server9-sha512.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR +6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu +6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk +tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU +6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ +5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= +-----END CERTIFICATE----- diff --git a/tests/data_files/parse_input/server9.crt b/tests/data_files/parse_input/server9.crt new file mode 100644 index 000000000..a6f9fbc76 --- /dev/null +++ b/tests/data_files/parse_input/server9.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCEG +-----END CERTIFICATE----- diff --git a/tests/data_files/server9.req.sha1 b/tests/data_files/parse_input/server9.req.sha1 similarity index 100% rename from tests/data_files/server9.req.sha1 rename to tests/data_files/parse_input/server9.req.sha1 diff --git a/tests/data_files/server9.req.sha224 b/tests/data_files/parse_input/server9.req.sha224 similarity index 100% rename from tests/data_files/server9.req.sha224 rename to tests/data_files/parse_input/server9.req.sha224 diff --git a/tests/data_files/server9.req.sha256 b/tests/data_files/parse_input/server9.req.sha256 similarity index 100% rename from tests/data_files/server9.req.sha256 rename to tests/data_files/parse_input/server9.req.sha256 diff --git a/tests/data_files/server9.req.sha384 b/tests/data_files/parse_input/server9.req.sha384 similarity index 100% rename from tests/data_files/server9.req.sha384 rename to tests/data_files/parse_input/server9.req.sha384 diff --git a/tests/data_files/server9.req.sha512 b/tests/data_files/parse_input/server9.req.sha512 similarity index 100% rename from tests/data_files/server9.req.sha512 rename to tests/data_files/parse_input/server9.req.sha512 diff --git a/tests/data_files/test-ca-any_policy.crt b/tests/data_files/parse_input/test-ca-any_policy.crt similarity index 100% rename from tests/data_files/test-ca-any_policy.crt rename to tests/data_files/parse_input/test-ca-any_policy.crt diff --git a/tests/data_files/test-ca-any_policy_ec.crt b/tests/data_files/parse_input/test-ca-any_policy_ec.crt similarity index 100% rename from tests/data_files/test-ca-any_policy_ec.crt rename to tests/data_files/parse_input/test-ca-any_policy_ec.crt diff --git a/tests/data_files/test-ca-any_policy_with_qualifier.crt b/tests/data_files/parse_input/test-ca-any_policy_with_qualifier.crt similarity index 100% rename from tests/data_files/test-ca-any_policy_with_qualifier.crt rename to tests/data_files/parse_input/test-ca-any_policy_with_qualifier.crt diff --git a/tests/data_files/test-ca-any_policy_with_qualifier_ec.crt b/tests/data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt similarity index 100% rename from tests/data_files/test-ca-any_policy_with_qualifier_ec.crt rename to tests/data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt diff --git a/tests/data_files/test-ca-multi_policy.crt b/tests/data_files/parse_input/test-ca-multi_policy.crt similarity index 100% rename from tests/data_files/test-ca-multi_policy.crt rename to tests/data_files/parse_input/test-ca-multi_policy.crt diff --git a/tests/data_files/test-ca-multi_policy_ec.crt b/tests/data_files/parse_input/test-ca-multi_policy_ec.crt similarity index 100% rename from tests/data_files/test-ca-multi_policy_ec.crt rename to tests/data_files/parse_input/test-ca-multi_policy_ec.crt diff --git a/tests/data_files/test-ca-unsupported_policy.crt b/tests/data_files/parse_input/test-ca-unsupported_policy.crt similarity index 100% rename from tests/data_files/test-ca-unsupported_policy.crt rename to tests/data_files/parse_input/test-ca-unsupported_policy.crt diff --git a/tests/data_files/test-ca-unsupported_policy_ec.crt b/tests/data_files/parse_input/test-ca-unsupported_policy_ec.crt similarity index 100% rename from tests/data_files/test-ca-unsupported_policy_ec.crt rename to tests/data_files/parse_input/test-ca-unsupported_policy_ec.crt diff --git a/tests/data_files/parse_input/test-ca.crt b/tests/data_files/parse_input/test-ca.crt new file mode 100644 index 000000000..31790b5bb --- /dev/null +++ b/tests/data_files/parse_input/test-ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA +A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL +hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm +8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD +zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ +0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ +mtxyUALj2pQxRitopORFQdn7AOY5 +-----END CERTIFICATE----- diff --git a/tests/data_files/test-ca.crt.der b/tests/data_files/parse_input/test-ca.crt.der similarity index 100% rename from tests/data_files/test-ca.crt.der rename to tests/data_files/parse_input/test-ca.crt.der diff --git a/tests/data_files/parse_input/test_cert_rfc822name.crt.der b/tests/data_files/parse_input/test_cert_rfc822name.crt.der new file mode 100644 index 000000000..cdc8189d0 Binary files /dev/null and b/tests/data_files/parse_input/test_cert_rfc822name.crt.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all.csr.der b/tests/data_files/parse_input/test_csr_v3_all.csr.der new file mode 100644 index 000000000..7e717f357 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request.csr.der new file mode 100644 index 000000000..96a11e873 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der new file mode 100644 index 000000000..f61c7c82b Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der new file mode 100644 index 000000000..e6db2cc66 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der new file mode 100644 index 000000000..620fa7d45 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der new file mode 100644 index 000000000..1d358e5fe Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_id_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_id_tag.csr.der new file mode 100644 index 000000000..f8d06895a Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_id_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_len1.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_len1.csr.der new file mode 100644 index 000000000..01eabffdc Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_len1.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_len2.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_len2.csr.der new file mode 100644 index 000000000..875db767d Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_len2.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der new file mode 100644 index 000000000..38273ca40 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_duplicated_extension.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_duplicated_extension.csr.der new file mode 100644 index 000000000..4e2a22136 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_duplicated_extension.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_len1.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_len1.csr.der new file mode 100644 index 000000000..611611868 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_len1.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_len2.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_len2.csr.der new file mode 100644 index 000000000..a49209abe Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_len2.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_tag.csr.der new file mode 100644 index 000000000..ccae7233b Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_data_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_id_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_id_tag.csr.der new file mode 100644 index 000000000..989e40408 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_id_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der new file mode 100644 index 000000000..a6fd2d7aa Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der new file mode 100644 index 000000000..6fdcfc8f3 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der new file mode 100644 index 000000000..f1090f924 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_type_oid.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_type_oid.csr.der new file mode 100644 index 000000000..36bc61e16 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extension_type_oid.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der b/tests/data_files/parse_input/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der new file mode 100644 index 000000000..fecb15efb Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_keyUsage.csr.der b/tests/data_files/parse_input/test_csr_v3_keyUsage.csr.der new file mode 100644 index 000000000..f8be020b3 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_keyUsage.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_nsCertType.csr.der b/tests/data_files/parse_input/test_csr_v3_nsCertType.csr.der new file mode 100644 index 000000000..cf9588dad Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_nsCertType.csr.der differ diff --git a/tests/data_files/parse_input/test_csr_v3_subjectAltName.csr.der b/tests/data_files/parse_input/test_csr_v3_subjectAltName.csr.der new file mode 100644 index 000000000..2ccb3bb96 Binary files /dev/null and b/tests/data_files/parse_input/test_csr_v3_subjectAltName.csr.der differ diff --git a/tests/data_files/pkcs7-rsa-expired.crt b/tests/data_files/pkcs7-rsa-expired.crt new file mode 100644 index 000000000..ced181d65 --- /dev/null +++ b/tests/data_files/pkcs7-rsa-expired.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDVTCCAj2gAwIBAgIUOrWS2Prj+YfE0116bm4XvxqfRlkwDQYJKoZIhvcNAQEL +BQAwOjELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRswGQYDVQQDDBJQS0NT +NyBDZXJ0IEV4cGlyZWQwHhcNMTIxMjE3MTkyNzE4WhcNMTMxMjE3MTkyNzE4WjA6 +MQswCQYDVQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxGzAZBgNVBAMMElBLQ1M3IENl +cnQgRXhwaXJlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwdVgoF +OCcb8wCxLXbiiRuglTa4iQM/L2pGvQQgJ3HeApAzrbL0zg0SsT02K9YqAsta7z/U +fhVFPawtY3QZU4lg5OukPMJK0JZpYynjDkx4B9mp8fPlzzwalzXDFnrGaS84z0st +jibLDGPs9LL8oRyQSFsum3FSM2CDTw6gFCNYVYB7fz9DLtWh8igOmW1ZmDgxoNYA +ZyWEEcZmzWOG5MSYt8Nx4R5DMuxDa8q50M46sFQ/8kFerlAcvAz7nZQq10F65wdy +JAB/WKZknbdN72ntlHdvbUViax2U4DJNdztuOJYc2GAlLrWmYk09yNorlNsEXjQp +8w5jsjPhlQcnMiECAwEAAaNTMFEwHQYDVR0OBBYEFDOXFiHCdGU5Ebamuhj8tEoU +bGA3MB8GA1UdIwQYMBaAFDOXFiHCdGU5Ebamuhj8tEoUbGA3MA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAA0D8sXvET5XUGs3FwhuBm43ydr8W1u7 +07zxRNvMYO6Qrsfxh4UAw9IlHbLhL2mrdPRn1IF9Dtpf/xA2A8QOfDj5/rAUFmnX +C+GO0Yb7/gSuyo6u2o8ICSFDsTkOKCYldneaDt2LIPLidlmTndrqWV3nzOCQqbtz +0DObTVVK0X/hXvSx2k2R71sf1fRLWSHMQBxwe4MTcyXfXqrjq3eRP2xRzGWrVXhu +0U/PYBVPSW0Bfka4toTf8VpZLkwwVbg+9QOIpvGa0kNMsWWgyezLEOkZB1G1JXYF +3FW6LTDP0h64/8xB8YcnttaGstwgEJjoS1W4CjaRL0tNKmRYS5Mu5+E= +-----END CERTIFICATE----- diff --git a/tests/data_files/pkcs7-rsa-expired.der b/tests/data_files/pkcs7-rsa-expired.der new file mode 100644 index 000000000..508ec5c29 Binary files /dev/null and b/tests/data_files/pkcs7-rsa-expired.der differ diff --git a/tests/data_files/pkcs7-rsa-expired.key b/tests/data_files/pkcs7-rsa-expired.key new file mode 100644 index 000000000..de941d355 --- /dev/null +++ b/tests/data_files/pkcs7-rsa-expired.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCsHVYKBTgnG/MA +sS124okboJU2uIkDPy9qRr0EICdx3gKQM62y9M4NErE9NivWKgLLWu8/1H4VRT2s +LWN0GVOJYOTrpDzCStCWaWMp4w5MeAfZqfHz5c88Gpc1wxZ6xmkvOM9LLY4mywxj +7PSy/KEckEhbLptxUjNgg08OoBQjWFWAe38/Qy7VofIoDpltWZg4MaDWAGclhBHG +Zs1jhuTEmLfDceEeQzLsQ2vKudDOOrBUP/JBXq5QHLwM+52UKtdBeucHciQAf1im +ZJ23Te9p7ZR3b21FYmsdlOAyTXc7bjiWHNhgJS61pmJNPcjaK5TbBF40KfMOY7Iz +4ZUHJzIhAgMBAAECggEAb8pSIwoG0egmarGp7QjwswAXSsaLP4+ftXCivnZACIaB +tbXLQWweFYGpmy9/Q4hf7kNvGE9lYV1q1FVavoLgrl8/8Qno6O19E+T5orA2jlZ8 +CtWGMLt4YfqHckT3aeFLWn+UrKi3Jt1Fe/XhbgwGfS39wTPBhNY2Rp6jD8XLrrRV +jEBwCGZxRaoQxvf1hddyRob9INQiYxiqhkqkZsFRuuKhm28tv/6nrb3UOFEd6h1r +9Cg2m0BGF7unmFRq3ZM/xJvhMSZlQE8UMpyiLAvs6vTUBlN8OKoTGQQgW8JeFwi8 +Dh1oUmw0JOnwiLA/1KPGSc7O6i+54ogNiK4N1U9X0QKBgQDTuB8pHdTyUfXKIm3R +n9/xCAJ/NWJAXjcpUEwoI2BKsZkzhLMlPtT5F86CTOn8P2cxZwZixfgo84z3Mx2A +2D03z4W9FsFsBA7bOY6mpdcupX6IogM7Tgguo+Rh/DwzI7KVgVqio/4YY1zw3kou +FcfIIz5wb79UiFLs12gQUcQQBQKBgQDQHLOood0gGOpCwRTd4BnUnlX43w3WSobR +0Za6rR76qJn13LMF/rBsq5gczvagI1jZ1N96O0qbkL2yPmFeH/ih6vNOgu4uCyv+ +LogBnN5yixXYkapRJ3gXZfAdBl2b9ihXJgvWV1YF/6QuLK2V/JTbUQQ8aboO8Vgv +98WcbojgbQKBgQCYICozrv29h+ql7QsfnlKYq/qvULpiKdBU3R97j7+2q9m6zNS0 +JGt+9/4oXf+agiwxsSdDfaAMPMPDM3U1iSqjmXctINamOFw8ZST81RjCqaM7pb3Q +tQboDFcjmMvgqvu8tQ9c4ZzIBU1YvUBr0LaWNcy9mW3O3Y1IJJbfcwD/yQKBgQCo +QAwfsX0MjhgWj/NGzf8UHk5zPiH5tZb52vB5S61YCScv1pYFqrsHoFMCN3C8Vtdm +hOuH7peK3aH/kN83MbHZdhHuz3uwTefrP8NFSoWtJTUsOdfwdHBqukc9r//OL1y9 +2EyJpWIux1b83bIZKHNQPFeoX/HEUupxHWft6I9QoQKBgQCDsbRTjU3beP+EGv9S +OB7b4EnfTt//JGLjUWQEeZtZbCOCrvtMiZmVfWFmEk9cwBipB5Nczcbzo572jU4X +cjfuoBmvV+IVOki5NfA2OwOwfsxGY6DZdNwIAJSOyr1xqUetW9KE6BJEVroMi5eO +sBaxriPC7PYMrBLGnWX4Ysh1ig== +-----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7-rsa-sha256-1.crt b/tests/data_files/pkcs7-rsa-sha256-1.crt index 9e461cd0c..fe282ab83 100644 --- a/tests/data_files/pkcs7-rsa-sha256-1.crt +++ b/tests/data_files/pkcs7-rsa-sha256-1.crt @@ -1,20 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDSTCCAjGgAwIBAgIUe97d0kRM0c3+XEGoECyJt98ubL8wDQYJKoZIhvcNAQEL +MIIDSTCCAjGgAwIBAgIUI2LNEq0VTrCDZpmJyvSG20rKV+MwDQYJKoZIhvcNAQEL BQAwNDELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRUwEwYDVQQDDAxQS0NT -NyBDZXJ0IDEwHhcNMjIxMDI4MTYxMDU2WhcNMjMxMDI4MTYxMDU2WjA0MQswCQYD +NyBDZXJ0IDEwHhcNMjMwNTA4MTAxOTExWhcNMzMwNTA4MTAxOTExWjA0MQswCQYD VQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxFTATBgNVBAMMDFBLQ1M3IENlcnQgMTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMi2z2mJnNHw67TKZFwF5w4N -Lv7dzGHQicvVFaOaNXm5I0O2HsdQBg+07TeHYzJADkJfHTdsfnXClzMU7fS7MMj4 -3QO5/P+VWiRdSRN61uYAVsrBlVKoZdUhhxh8wELJxJ4+OpwXpTS0U82rwMsRO09j -9bMXS57pkCsZENEUlqJ5p0Mmrc/uEL/Z5+uvuzd76bY5WRZdE91XURccra08HTra -xovIAR1htUz2AXi+NoOaiayRq0GePKN9a6iB0lUYxNtovKb3yDYC9pmoaxf7Hnc7 -y+dLuTpJslGuhkKLV0Dhhoux1vq54ocS6Y7DGa2Pyk1zAQxLCcS4BFiWHnzwg1MC -AwEAAaNTMFEwHQYDVR0OBBYEFIru5ZR8xnxd1RWnbip+zTHuUv3IMB8GA1UdIwQY -MBaAFIru5ZR8xnxd1RWnbip+zTHuUv3IMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAIIda5jNRX3r0rCBrKJ+vs1Pk6zIKEQ7Oeq/+p+k6eRUO0b8 -wx4rW0gXeQPeppaaxKLMZXBlA5DxsI1DpML5dcfti/M1bHIYOAISRRqPEd5GVTy8 -1ltCVN249mg06yHdoqjzO1geFIRVesoblO6JMd3xYDe3pxcTIakZNq/Cf/zjld51 -1fcMuLWu4F/1BwiNZa8eQ5Zs1Cy+b3+s+NrgVd2CIrFpZSFyP4EkUXhZXJha6Rf9 -SzmYdz4al7e9EAhURvQlm8wJpFSSkoLBuJtx7Vh6d14KPUU2NB9F2ulp6AbJb+/H -EGd3bAK6IhIrkZmxTAwowESHUJBwuX890tbZcnM= +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJqiVc1m06wYnKshqXSoOFDl +iFW6F/3I/vVmD6/kyTmsZ425tiCiunmSR2rlJc7/2aWbTH0P3ut3dinnooUsSws8 +EwRTjSdECDzF96QTCIUvhMHINQfpQuxSr9leK3AvoiCPi3XUefKhTuoF1A/bTQx2 +QcNzJluQPAzdvUDFBZLdLImjJ7gid1j7KSRZHjVxnFPnolr1EELXDJs29RVup1in +8fOaBIlHEArWuSgV2aQ7uVLuBHM8Nz0Y810PElgUaOCMxGvo/Ew4TpBJfDipSD2l +WFPisxnBzjmq3byi+mARpr+BHxETvbrZ1uRbaIA6bzGL1PZlw/vMcvuTHu3yKMkC +AwEAAaNTMFEwHQYDVR0OBBYEFBvPc+YWbxPtP3MFjmyrL6lQkJJvMB8GA1UdIwQY +MBaAFBvPc+YWbxPtP3MFjmyrL6lQkJJvMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJK7huNJR+TlkZBHiCtb0KMfljHRWPuAL6fW0mGvBDeZyRTH +OzGdqgjnYzgYZ538pG7TsMGomrSQwlATfICKsf8dNSlnPqOiIPo2fdd8gr/tO7yl +FG/KvXk0v5Dfs4RGUs7UYdmzncEYC2JsToFsD4jja+5tnY//NJRxkJdswfn+wBqH +wN+y4qELdq+AEBKymbQsIwOBt3UdeVUwBBjtqJXFtET9yhqkqVxnb/i0jHrhjyiS +Q/Y+T9s35+A6XlI6nSiJLDxMfgJVCWa2OtGI//aAlzlw+6dHiiJVVBHpZbW0YTY4 +qE7kjhPrddJYlB6k4S3ub9j4e87k0P0IyFptxw8= -----END CERTIFICATE----- diff --git a/tests/data_files/pkcs7-rsa-sha256-1.der b/tests/data_files/pkcs7-rsa-sha256-1.der index 0d799ea33..ed29e4093 100644 Binary files a/tests/data_files/pkcs7-rsa-sha256-1.der and b/tests/data_files/pkcs7-rsa-sha256-1.der differ diff --git a/tests/data_files/pkcs7-rsa-sha256-1.key b/tests/data_files/pkcs7-rsa-sha256-1.key index e31159d56..c6367fb29 100644 --- a/tests/data_files/pkcs7-rsa-sha256-1.key +++ b/tests/data_files/pkcs7-rsa-sha256-1.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDIts9piZzR8Ou0 -ymRcBecODS7+3cxh0InL1RWjmjV5uSNDth7HUAYPtO03h2MyQA5CXx03bH51wpcz -FO30uzDI+N0Dufz/lVokXUkTetbmAFbKwZVSqGXVIYcYfMBCycSePjqcF6U0tFPN -q8DLETtPY/WzF0ue6ZArGRDRFJaieadDJq3P7hC/2efrr7s3e+m2OVkWXRPdV1EX -HK2tPB062saLyAEdYbVM9gF4vjaDmomskatBnjyjfWuogdJVGMTbaLym98g2AvaZ -qGsX+x53O8vnS7k6SbJRroZCi1dA4YaLsdb6ueKHEumOwxmtj8pNcwEMSwnEuARY -lh588INTAgMBAAECggEBAIg+P1B+TurbRMQ11iX5A7wwCsSKPh/vdHneLJAfL0lu -+JcP2piko1iqEZPt3NHRVVyMP8LNbJH3Ardz74p+PkFNXIkZCLlc4hFpGR+V9KWv -eTqsaPXwxR8FYTSoCcHMQCDCUPp/um6qMXCcs4OkMMRVMATfPT+jf28h1p52AUJL -aAoBJfn7gP3WiB0FWq0bRZgSZzNYowE/MhGAQ+DuBGTSASSK3YJcxE94044fBVE8 -EqYKrxoY/x56li5cZ0v9kaURCrvhqCeq2+U5kIkgtvp2l6wF0Mm1du3BLxo2LQEI -Y2j+6BFEV74Mtv48GTwrZcyit787zyo9vVGcviSD5VECgYEA/mgLc5KfF/cQLmM/ -20T4k0edvktkRIJHFUBphowt5Hb0a0wM5C1VM4z3yN3b9ikQK+ZaQXETdPATBXIe -LntX1D1xtbMxdcAfd1FSq8QxAuaPknJZBgtzlpCsx3ZvMnNuzKZN/TU8kR1biwPE -9HaeEG3bouUu+CI/l/DqrBbQRacCgYEAyfiqsLWGhXQ7e3pLk47PDYlMOsjDWPjs -SGcatH1/lIMWyZue4W2IUcFMbpbjA6QWibo3VnOavIRSTn97JNUWYvgc5MmaQ7iX -Iss4m3vJ1LIqx30iUgw3EfDoWdpufEEYssZ/VxJPs3sdmZGALgd3CaqxHJuhuS+U -eVhWzD6LonUCgYBRCbt8GRxsedrBrAPPSO0VnR52W3WZDRavglEa9tQ3jlzVQOhq -VrZpMWJMrb8/bl0kXsApUGeuPDsS5QMQM2IKzXfHNUlwBL8BNvpqlJg4IFFjiOEq -t8MeFv+ymdtZ6sNElUUKf0bHwt5CLfUzGgXHnfb0sKSBjgdL0wYtwyacyQKBgQDJ -NcyG4zEy/srLhtiIFnu8Fo40+hFzL/nlX6JBMc3KHJa1Hy43krF+ET6d5gAffndd -moDKxbzgFksRHPuHhCobSucuHpJq6RjYdvDcJYS7OwxXVRi9+KFcZE52RaBQdWGv -qQTvr7RrMDoa5dN3B8TVgpGT2JBTN02JXjKKo7zkiQKBgCZwKDiXl7qsGidvlFZc -4CEtFsCgnNgdRTzsTL/Pr8q9CBK3BhjZjNzQALF1iGFDC1FdFYFOwI1E3j+MRHJB -rQMF8zbmmlZ6SC5QtqatCSCCKUyrUjD5J+4UfJqWFjiBBdwz+5VJojHw1yijEwl4 -LrS/V2yBrDJVczQQM4psonLF +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCaolXNZtOsGJyr +Ial0qDhQ5YhVuhf9yP71Zg+v5Mk5rGeNubYgorp5kkdq5SXO/9mlm0x9D97rd3Yp +56KFLEsLPBMEU40nRAg8xfekEwiFL4TByDUH6ULsUq/ZXitwL6Igj4t11HnyoU7q +BdQP200MdkHDcyZbkDwM3b1AxQWS3SyJoye4IndY+ykkWR41cZxT56Ja9RBC1wyb +NvUVbqdYp/HzmgSJRxAK1rkoFdmkO7lS7gRzPDc9GPNdDxJYFGjgjMRr6PxMOE6Q +SXw4qUg9pVhT4rMZwc45qt28ovpgEaa/gR8RE7262dbkW2iAOm8xi9T2ZcP7zHL7 +kx7t8ijJAgMBAAECggEACirXl611yERng7iPRO59InOPKOzXID6XpgDHkgYJ5ZcE +iYzvENsGRhFUTQ7jUyafM8x/5V62ZnbYwAVdGiLJDeRtryyDtNPcM0vEfkcqmaA/ +20J72yjvF60RpyoSEtqs7zVlAvK9MHMDBm/q6z59BM9fQFfJSz6y9hkb1R8HQGpc +ktIBxqANvQ3XYzPwxBdECB6YH12t1UkCEFNmOVup7M/TpMBu79h4cd69Q709iOqP +9kIOxABrRE7evWpwYHFCI7QfbRpFeY7I9b94NQULmOLKJm8QfYfXumzfIQ3gqUW2 +WyIOJc5zAftQ/7Ddu5CKbqsL7yBiMGxI4IHQZ/gEcQKBgQDBE3Fl8XW7JpP9J0vw +VvCBGJgPOU7tn9JG082RUr0pi7HRiEo23zL37PvwPwjn81SkWmh9WcIQFm8Ip4Oy +9sUMR0oInjU3PaAI2oRQCOPynod23wC4tVmjLrNBek8T2AnTtkvSZalooACNumgD +Ef/hpMYDa2O9dTbjtqNOp2AOuQKBgQDNB6UGzwY+HDG444Ir/Q2s2XjOD1cvG3q8 +3NaSnIHuxJeUhYlBXmWsygpGLrq4i5h4EWPz8qKWQwBDwsZIBGisJFQcQzsXS9/Z ++F8l555ikb/AsbZHrWw+miTauXT0xe1dbjkqqpAiiYfJFeDss32WqgaAUD28IK9P +djR85p9ikQKBgHuRDPcYZKelFftjpfcoPP3yFodPvxLXQUVxElQaZtPrAp++IPkj +OcRwWAE25mVEVvxknBD1W/zdzqv0QZZM1ml4SopfbmFvQDfKWfm65uAE01+hcx3D +ep20KqcSNv/VONzVA4ug4p4CILiT/zNP1rq7sLrJhOjg1oNABR42goSJAoGAcs1N +Ajr5a92tmbEKOkc/WQGMOxUr5Bym5QlivEUWG/PITElZSVjp5Y5bomCX/K1teg2C +wh2iHDD3/PkavUh6s6jDz+91Lt41QX9pB3hhnx+tFuBrCEd6zLLS4AXoDwakmiQV +rmZCvpPzjAzMHL2EHNCnQ0Gqz6QdhYjSav1XUYECgYBiv8t7WZFLIsi7Baa1oocv +VU9WsohcqTGP8/i+J4fuRRVGDLl/jcBFm5dYzGVSbpBaM0qhfGIyaAmInHozxooR ++izbLM5nSAO3fXEsPROEx9RwLxQmrs2Ee5W4qDajTm3VOhfQXHQf/z5o3xsdnQJt +mbHCXPhmMn9O6jmrDlGeMg== -----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7-rsa-sha256-1.pem b/tests/data_files/pkcs7-rsa-sha256-1.pem index 3795b7188..deee4b2e6 100644 --- a/tests/data_files/pkcs7-rsa-sha256-1.pem +++ b/tests/data_files/pkcs7-rsa-sha256-1.pem @@ -1,48 +1,48 @@ -----BEGIN CERTIFICATE----- -MIIDSTCCAjGgAwIBAgIUe97d0kRM0c3+XEGoECyJt98ubL8wDQYJKoZIhvcNAQEL +MIIDSTCCAjGgAwIBAgIUI2LNEq0VTrCDZpmJyvSG20rKV+MwDQYJKoZIhvcNAQEL BQAwNDELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRUwEwYDVQQDDAxQS0NT -NyBDZXJ0IDEwHhcNMjIxMDI4MTYxMDU2WhcNMjMxMDI4MTYxMDU2WjA0MQswCQYD +NyBDZXJ0IDEwHhcNMjMwNTA4MTAxOTExWhcNMzMwNTA4MTAxOTExWjA0MQswCQYD VQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxFTATBgNVBAMMDFBLQ1M3IENlcnQgMTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMi2z2mJnNHw67TKZFwF5w4N -Lv7dzGHQicvVFaOaNXm5I0O2HsdQBg+07TeHYzJADkJfHTdsfnXClzMU7fS7MMj4 -3QO5/P+VWiRdSRN61uYAVsrBlVKoZdUhhxh8wELJxJ4+OpwXpTS0U82rwMsRO09j -9bMXS57pkCsZENEUlqJ5p0Mmrc/uEL/Z5+uvuzd76bY5WRZdE91XURccra08HTra -xovIAR1htUz2AXi+NoOaiayRq0GePKN9a6iB0lUYxNtovKb3yDYC9pmoaxf7Hnc7 -y+dLuTpJslGuhkKLV0Dhhoux1vq54ocS6Y7DGa2Pyk1zAQxLCcS4BFiWHnzwg1MC -AwEAAaNTMFEwHQYDVR0OBBYEFIru5ZR8xnxd1RWnbip+zTHuUv3IMB8GA1UdIwQY -MBaAFIru5ZR8xnxd1RWnbip+zTHuUv3IMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAIIda5jNRX3r0rCBrKJ+vs1Pk6zIKEQ7Oeq/+p+k6eRUO0b8 -wx4rW0gXeQPeppaaxKLMZXBlA5DxsI1DpML5dcfti/M1bHIYOAISRRqPEd5GVTy8 -1ltCVN249mg06yHdoqjzO1geFIRVesoblO6JMd3xYDe3pxcTIakZNq/Cf/zjld51 -1fcMuLWu4F/1BwiNZa8eQ5Zs1Cy+b3+s+NrgVd2CIrFpZSFyP4EkUXhZXJha6Rf9 -SzmYdz4al7e9EAhURvQlm8wJpFSSkoLBuJtx7Vh6d14KPUU2NB9F2ulp6AbJb+/H -EGd3bAK6IhIrkZmxTAwowESHUJBwuX890tbZcnM= +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJqiVc1m06wYnKshqXSoOFDl +iFW6F/3I/vVmD6/kyTmsZ425tiCiunmSR2rlJc7/2aWbTH0P3ut3dinnooUsSws8 +EwRTjSdECDzF96QTCIUvhMHINQfpQuxSr9leK3AvoiCPi3XUefKhTuoF1A/bTQx2 +QcNzJluQPAzdvUDFBZLdLImjJ7gid1j7KSRZHjVxnFPnolr1EELXDJs29RVup1in +8fOaBIlHEArWuSgV2aQ7uVLuBHM8Nz0Y810PElgUaOCMxGvo/Ew4TpBJfDipSD2l +WFPisxnBzjmq3byi+mARpr+BHxETvbrZ1uRbaIA6bzGL1PZlw/vMcvuTHu3yKMkC +AwEAAaNTMFEwHQYDVR0OBBYEFBvPc+YWbxPtP3MFjmyrL6lQkJJvMB8GA1UdIwQY +MBaAFBvPc+YWbxPtP3MFjmyrL6lQkJJvMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJK7huNJR+TlkZBHiCtb0KMfljHRWPuAL6fW0mGvBDeZyRTH +OzGdqgjnYzgYZ538pG7TsMGomrSQwlATfICKsf8dNSlnPqOiIPo2fdd8gr/tO7yl +FG/KvXk0v5Dfs4RGUs7UYdmzncEYC2JsToFsD4jja+5tnY//NJRxkJdswfn+wBqH +wN+y4qELdq+AEBKymbQsIwOBt3UdeVUwBBjtqJXFtET9yhqkqVxnb/i0jHrhjyiS +Q/Y+T9s35+A6XlI6nSiJLDxMfgJVCWa2OtGI//aAlzlw+6dHiiJVVBHpZbW0YTY4 +qE7kjhPrddJYlB6k4S3ub9j4e87k0P0IyFptxw8= -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDIts9piZzR8Ou0 -ymRcBecODS7+3cxh0InL1RWjmjV5uSNDth7HUAYPtO03h2MyQA5CXx03bH51wpcz -FO30uzDI+N0Dufz/lVokXUkTetbmAFbKwZVSqGXVIYcYfMBCycSePjqcF6U0tFPN -q8DLETtPY/WzF0ue6ZArGRDRFJaieadDJq3P7hC/2efrr7s3e+m2OVkWXRPdV1EX -HK2tPB062saLyAEdYbVM9gF4vjaDmomskatBnjyjfWuogdJVGMTbaLym98g2AvaZ -qGsX+x53O8vnS7k6SbJRroZCi1dA4YaLsdb6ueKHEumOwxmtj8pNcwEMSwnEuARY -lh588INTAgMBAAECggEBAIg+P1B+TurbRMQ11iX5A7wwCsSKPh/vdHneLJAfL0lu -+JcP2piko1iqEZPt3NHRVVyMP8LNbJH3Ardz74p+PkFNXIkZCLlc4hFpGR+V9KWv -eTqsaPXwxR8FYTSoCcHMQCDCUPp/um6qMXCcs4OkMMRVMATfPT+jf28h1p52AUJL -aAoBJfn7gP3WiB0FWq0bRZgSZzNYowE/MhGAQ+DuBGTSASSK3YJcxE94044fBVE8 -EqYKrxoY/x56li5cZ0v9kaURCrvhqCeq2+U5kIkgtvp2l6wF0Mm1du3BLxo2LQEI -Y2j+6BFEV74Mtv48GTwrZcyit787zyo9vVGcviSD5VECgYEA/mgLc5KfF/cQLmM/ -20T4k0edvktkRIJHFUBphowt5Hb0a0wM5C1VM4z3yN3b9ikQK+ZaQXETdPATBXIe -LntX1D1xtbMxdcAfd1FSq8QxAuaPknJZBgtzlpCsx3ZvMnNuzKZN/TU8kR1biwPE -9HaeEG3bouUu+CI/l/DqrBbQRacCgYEAyfiqsLWGhXQ7e3pLk47PDYlMOsjDWPjs -SGcatH1/lIMWyZue4W2IUcFMbpbjA6QWibo3VnOavIRSTn97JNUWYvgc5MmaQ7iX -Iss4m3vJ1LIqx30iUgw3EfDoWdpufEEYssZ/VxJPs3sdmZGALgd3CaqxHJuhuS+U -eVhWzD6LonUCgYBRCbt8GRxsedrBrAPPSO0VnR52W3WZDRavglEa9tQ3jlzVQOhq -VrZpMWJMrb8/bl0kXsApUGeuPDsS5QMQM2IKzXfHNUlwBL8BNvpqlJg4IFFjiOEq -t8MeFv+ymdtZ6sNElUUKf0bHwt5CLfUzGgXHnfb0sKSBjgdL0wYtwyacyQKBgQDJ -NcyG4zEy/srLhtiIFnu8Fo40+hFzL/nlX6JBMc3KHJa1Hy43krF+ET6d5gAffndd -moDKxbzgFksRHPuHhCobSucuHpJq6RjYdvDcJYS7OwxXVRi9+KFcZE52RaBQdWGv -qQTvr7RrMDoa5dN3B8TVgpGT2JBTN02JXjKKo7zkiQKBgCZwKDiXl7qsGidvlFZc -4CEtFsCgnNgdRTzsTL/Pr8q9CBK3BhjZjNzQALF1iGFDC1FdFYFOwI1E3j+MRHJB -rQMF8zbmmlZ6SC5QtqatCSCCKUyrUjD5J+4UfJqWFjiBBdwz+5VJojHw1yijEwl4 -LrS/V2yBrDJVczQQM4psonLF +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCaolXNZtOsGJyr +Ial0qDhQ5YhVuhf9yP71Zg+v5Mk5rGeNubYgorp5kkdq5SXO/9mlm0x9D97rd3Yp +56KFLEsLPBMEU40nRAg8xfekEwiFL4TByDUH6ULsUq/ZXitwL6Igj4t11HnyoU7q +BdQP200MdkHDcyZbkDwM3b1AxQWS3SyJoye4IndY+ykkWR41cZxT56Ja9RBC1wyb +NvUVbqdYp/HzmgSJRxAK1rkoFdmkO7lS7gRzPDc9GPNdDxJYFGjgjMRr6PxMOE6Q +SXw4qUg9pVhT4rMZwc45qt28ovpgEaa/gR8RE7262dbkW2iAOm8xi9T2ZcP7zHL7 +kx7t8ijJAgMBAAECggEACirXl611yERng7iPRO59InOPKOzXID6XpgDHkgYJ5ZcE +iYzvENsGRhFUTQ7jUyafM8x/5V62ZnbYwAVdGiLJDeRtryyDtNPcM0vEfkcqmaA/ +20J72yjvF60RpyoSEtqs7zVlAvK9MHMDBm/q6z59BM9fQFfJSz6y9hkb1R8HQGpc +ktIBxqANvQ3XYzPwxBdECB6YH12t1UkCEFNmOVup7M/TpMBu79h4cd69Q709iOqP +9kIOxABrRE7evWpwYHFCI7QfbRpFeY7I9b94NQULmOLKJm8QfYfXumzfIQ3gqUW2 +WyIOJc5zAftQ/7Ddu5CKbqsL7yBiMGxI4IHQZ/gEcQKBgQDBE3Fl8XW7JpP9J0vw +VvCBGJgPOU7tn9JG082RUr0pi7HRiEo23zL37PvwPwjn81SkWmh9WcIQFm8Ip4Oy +9sUMR0oInjU3PaAI2oRQCOPynod23wC4tVmjLrNBek8T2AnTtkvSZalooACNumgD +Ef/hpMYDa2O9dTbjtqNOp2AOuQKBgQDNB6UGzwY+HDG444Ir/Q2s2XjOD1cvG3q8 +3NaSnIHuxJeUhYlBXmWsygpGLrq4i5h4EWPz8qKWQwBDwsZIBGisJFQcQzsXS9/Z ++F8l555ikb/AsbZHrWw+miTauXT0xe1dbjkqqpAiiYfJFeDss32WqgaAUD28IK9P +djR85p9ikQKBgHuRDPcYZKelFftjpfcoPP3yFodPvxLXQUVxElQaZtPrAp++IPkj +OcRwWAE25mVEVvxknBD1W/zdzqv0QZZM1ml4SopfbmFvQDfKWfm65uAE01+hcx3D +ep20KqcSNv/VONzVA4ug4p4CILiT/zNP1rq7sLrJhOjg1oNABR42goSJAoGAcs1N +Ajr5a92tmbEKOkc/WQGMOxUr5Bym5QlivEUWG/PITElZSVjp5Y5bomCX/K1teg2C +wh2iHDD3/PkavUh6s6jDz+91Lt41QX9pB3hhnx+tFuBrCEd6zLLS4AXoDwakmiQV +rmZCvpPzjAzMHL2EHNCnQ0Gqz6QdhYjSav1XUYECgYBiv8t7WZFLIsi7Baa1oocv +VU9WsohcqTGP8/i+J4fuRRVGDLl/jcBFm5dYzGVSbpBaM0qhfGIyaAmInHozxooR ++izbLM5nSAO3fXEsPROEx9RwLxQmrs2Ee5W4qDajTm3VOhfQXHQf/z5o3xsdnQJt +mbHCXPhmMn9O6jmrDlGeMg== -----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7-rsa-sha256-2.crt b/tests/data_files/pkcs7-rsa-sha256-2.crt index a0df7d93d..2f0becb5c 100644 --- a/tests/data_files/pkcs7-rsa-sha256-2.crt +++ b/tests/data_files/pkcs7-rsa-sha256-2.crt @@ -1,20 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDSTCCAjGgAwIBAgIUVk1VQCWvWZ4ycHmycg7wDfN8+3wwDQYJKoZIhvcNAQEL +MIIDSTCCAjGgAwIBAgIULQiixEME/TOd8CzfFgp/HxWQOj4wDQYJKoZIhvcNAQEL BQAwNDELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRUwEwYDVQQDDAxQS0NT -NyBDZXJ0IDIwHhcNMjIxMDI4MTYxMDU2WhcNMjMxMDI4MTYxMDU2WjA0MQswCQYD +NyBDZXJ0IDIwHhcNMjMwNTA4MTAxOTExWhcNMzMwNTA4MTAxOTExWjA0MQswCQYD VQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxFTATBgNVBAMMDFBLQ1M3IENlcnQgMjCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmVNZZ0/qcT+h/lVNO+gP65 -lERTTudQ15h8QTLjaKhx5SSTLnuUhD0jLbR+ng8PMqdJ8ePkZEh1+7mi9MHzID4Y -c47jH8M+Jc/JdBr6cSjbFd23QHESUjKKmV1IjSHc6Llbxe962z4gEXYjJAMkfr6B -g1iecK3AlnEI4F0BsQfC5dgA4Qce2okvcTuhYgvHtLZ+UN4ca50Kw0o4u5FYdl89 -KDCE4zNp8MaaxGC83xcM4A9XqjHyZ7a2wvACTlmLQ2q/E+RN/8THEel4Y+yv82Uj -j2LqqEaA06dvSdOPdaGz9jUZauqBw7TcuGGVzrrsZ0g/sHXKng9TppehAV/HrJUC -AwEAAaNTMFEwHQYDVR0OBBYEFI5FVrtfLwPXRERcyVX6qBVvfoduMB8GA1UdIwQY -MBaAFI5FVrtfLwPXRERcyVX6qBVvfoduMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAKRl0wgREe6eAduJSV5fs+Ec0s2qs2lHQqt/0JGEIbZBBtka -q1UH9CIMMAd6Kb0kh5GlJT2shg/EAYWoitMwntkeRYTln2k2/B5jux+U5Ph4HyC+ -ad2GqmsoXWDru79rltT7Pv1hS1ofJyQ4Jv88vQA/SuIIRGdTC24VAVgg00JxvDRB -xeqsQ9Pld4ebg4VvqsInnSpmKCcxfWxFhJk/Ax8bK/tV/GnrPiwsvry1j9nZyebS -IyI01/6DwJS2ZhFnsLGyPHFOAFNtomjIdQ6gf2L1wq0qiGOKj/K9IzFNCpCz82a+ -gMgqFzCT5TCZC16kUG2NA2pXAx9O4uppKjRk97U= +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANarbCe4NkIbeBjAEKWuHhA7 +haz080iy8N1Xbdr0Xa6llOLKgsDVNxkzW+WHRgJNZAtN8XgT7IubIrno9ygcBK5B +b1E4/Butpfnw5aSJhW2uI8Wl7/xCvonEDd3jBQUA4cO8x3ie+7WcGJC2mUXlgUuJ +jdvX7/px5DQuJwy0R3Vul0IOSBvzXVo9UOTYkmoQI2e2UcAk6aU3zQKK8Db5dmlR +cA+sVCb9j1tEmSXQAj0XfXv0Sqijwr7MUYB9vUt2wYexC3b0SosqNqg7MYx6eDUJ +adVvPwHW4VQh5Rv9TVYr9Rpc1pyfgjtvlnouPU+yROJ9VO0irbMY5LI2rAIpQksC +AwEAAaNTMFEwHQYDVR0OBBYEFOozYBd7pxAmsVUtJwSQvRGNvKO9MB8GA1UdIwQY +MBaAFOozYBd7pxAmsVUtJwSQvRGNvKO9MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJmOMP3gVqP0/vFqPdMjIa5Pjtwy02z4Z4uLplo/4K8CQp6T ++XMfz+p/UDoglyAuZ34TQ/dnGMM9EFEBgm/O5dJHl442+FrortIEhzGo0QAf+XYK +9HQKVk0a5ecVO9CZw2mduxMJ//r9GyFG0XSqpNqt2yi7UgcPsrq+2OqhzYngYmyr +V5HtQzwBaIqwoXzhHIOX1pJg4GUxrhsaqInrhUM0VTdfpKcRlzFsimQ60LZ6GMcm +rPy3oLs1ioVfYS7et0MnGhgSHIjBeocqYKchzfBk/NnF0eK+lJo+hrGk6F2rDJ4G +ViNKP6MhMBzlZ73yTRTWZcYu6O+sg5cHwjlHhRc= -----END CERTIFICATE----- diff --git a/tests/data_files/pkcs7-rsa-sha256-2.der b/tests/data_files/pkcs7-rsa-sha256-2.der index fc7a3eabf..a10143599 100644 Binary files a/tests/data_files/pkcs7-rsa-sha256-2.der and b/tests/data_files/pkcs7-rsa-sha256-2.der differ diff --git a/tests/data_files/pkcs7-rsa-sha256-2.key b/tests/data_files/pkcs7-rsa-sha256-2.key index 659c01566..fe78b1130 100644 --- a/tests/data_files/pkcs7-rsa-sha256-2.key +++ b/tests/data_files/pkcs7-rsa-sha256-2.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDJlTWWdP6nE/of -5VTTvoD+uZREU07nUNeYfEEy42ioceUkky57lIQ9Iy20fp4PDzKnSfHj5GRIdfu5 -ovTB8yA+GHOO4x/DPiXPyXQa+nEo2xXdt0BxElIyipldSI0h3Oi5W8Xvets+IBF2 -IyQDJH6+gYNYnnCtwJZxCOBdAbEHwuXYAOEHHtqJL3E7oWILx7S2flDeHGudCsNK -OLuRWHZfPSgwhOMzafDGmsRgvN8XDOAPV6ox8me2tsLwAk5Zi0NqvxPkTf/ExxHp -eGPsr/NlI49i6qhGgNOnb0nTj3Whs/Y1GWrqgcO03Lhhlc667GdIP7B1yp4PU6aX -oQFfx6yVAgMBAAECggEBAMVHm3w134qQCHfyroPTqtaftDTx+wRyn6yB3iT5XdGM -NZ8H07Pp80kKBo7gY7uFOiNyQKKxQFuR69sPWc3+LI3YzC8IpGslhUfHdjN46gn7 -73hfAVgnf/4qmlEq0cRUOAY/hIUMjUhNhglB9tqEeu3iPjMaTFgfZJwW/czH/QMD -w4zj5XoLgwRkqVvUceu/dBgV8KP5DpON+q8wpfWtjunv7rg5Nc3BVBrpb5SadJ7T -i5TsS+pZQyp+mTvyCI3A1hkr2Vw5tULWO8SPhuEQkdtC/CL+luCUO7L16lU6KhFB -qP5Fduik5skyLCVvAMUkjKcrC22k0gkhOHvfmMhjaAECgYEA68+hAQIiV9ErZGk9 -ZLu+VJHBSPmEQCkUcbviwzoRo8YSyka12TZERy+NJcvmD9deNgFbp8GyZf01XJWH -slSYt6LyInrJrTpv+3q2Vl5GQp0f+39i7MHnwGGKbWsDbSAm+L9yKTJzYJz1O5fo -in06AiyyGPwnXd1cm5bTXVX+dQECgYEA2tdi6DXF8awE23pv4HphPBhXS5hmYP/D -NC7CtP8wQsxjPdiIxkBFFVEaFCC2njq1VhTyJb5noJM4kOIwcoaQ/zgyyxQa0u7w -+CqvAh1WwG+sT/B7vivrtDmmYeyGQapFo5DRIz+MflKAhzDhtnEyT9vLuCdn8J95 -0YvxZJ9+k5UCgYEAh+e7SER9nJUt6AoLWyIlGMKEXlWIFh5W7RG3KIMwJW6D59aG -+fAfu9M5Cx6PsnOSlZeExpOJCOS9O2Xmti2xcqzT1nFkCJWUcqCPtAlTfxLlmuIZ -FpDOy36r9FHnwJ32OAjGd93ex0DOyZDMcfyoURaHcoTo/10UAYwUt0dXhwECgYAI -xad2TWmA1XdgYNkJM36gTQ16v0IjUz084z70yGHj25OC0CIzaDIct6KG+gS39Px9 -1dsa/jXjLuOOkzKD9LbtNBB9KXIl0GQiXnujZw+qKQ/MKISdS99n2wO7WyLKkQu3 -kb+AXTTBf4cdZC04BfORVesll5bIA2x7pNNpSCdnvQKBgG7VXYcPlIV7iAyi2xFa -uN1jccu/AK7xA0G1jz2SHNlpet74LmWR8XsTujJeo8WG1IRFxSky4h/pAP0XWIFO -0LPK7eeDtnFq6y1/DXpI+/9BWX5T/8+4Yk93p37YrBVWKfd21dhrAklQs11m3rlQ -Qn6c/zyvMKSyrCVxo5pTd5Il +MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQDWq2wnuDZCG3gY +wBClrh4QO4Ws9PNIsvDdV23a9F2upZTiyoLA1TcZM1vlh0YCTWQLTfF4E+yLmyK5 +6PcoHASuQW9ROPwbraX58OWkiYVtriPFpe/8Qr6JxA3d4wUFAOHDvMd4nvu1nBiQ +tplF5YFLiY3b1+/6ceQ0LicMtEd1bpdCDkgb811aPVDk2JJqECNntlHAJOmlN80C +ivA2+XZpUXAPrFQm/Y9bRJkl0AI9F3179Eqoo8K+zFGAfb1LdsGHsQt29EqLKjao +OzGMeng1CWnVbz8B1uFUIeUb/U1WK/UaXNacn4I7b5Z6Lj1PskTifVTtIq2zGOSy +NqwCKUJLAgMBAAECgf8TtKi4/K/+YYckvnzIuLMJymz684FhqwtxRhVPhB8VaR3B +s9VM3kWwioZlC4XhsDj+0KjZ3PpZ1mPZrQkDJY9Ib7lIO3LpF4ek6fgqonUdHF8s +RY9CGN5kxxp+w9gyHWKcFTg6Wl3AzhNzNU/cmrTDulzLUYc19j58i8AJ6oKkxNcT +gie9c38wDjZr67cynARkS9N94WkMsOQzM59TzOfukldsbwYISZahR/L9hgQqzcFL +hxsrQbZ0M5XFziOjuDGzJZswbbTvkupqt0EwEXcI1jnvOtKPC50RaIY9y9sQYRPX +RXFzUaBGKHjLWtEYQd/bXWTtCLx6C4FDRkOsVQUCgYEA69z8xq8lp77lD2gNsh3x +o8cnnx3xcwnj+9bEDDKXgA1RBwnXpQ/Gq5Jme7zm9552xJXDQwckuJQ9/Fd4L8Zy +ZjyOuYC6Mdc4ncwo1yT9Rv6ipSq/dsVKQbMYaOxtQ6Lce1wPyF32slu2mPlwOgIo +w0Adl3MqC+Gk3ANcPWyJha8CgYEA6P86jw8MfaA4qTn6Zy1YEq17+8Chd15PA2E7 +NWdEL75Jr+Im9kTY+niWcZo6q/JKa5FokxrSB988NMK6Qd20d2gZijc1yHprC1fq +W3RP9C2qvEOs+4+w38F63JkBXOyqh6+bqclsEDk5COoe2EdIevF4PQheWuQtbNHv +7G5yECUCgYEApNTDMnakch5OJf4p1BhpDnPXlLNwUVzQHudwCrYweiTUQ371XT0x +MiYVyNOy9cmgZrHiy6zqVLQEvZzDOWAOArS/aZQ0izBFOMG8qN4Iwtyg/ZxqQa6O +vmtS28Cee24Nd4hW30gLZ4oAideIPoHTyt+7zmOFNthyRe9zPtnjIbECgYAfnrOV +wpcRXXMTFDk1U2QGdODEk6nWB0h1zvY4EyGf0RUy92AOP92qcD8Kf8HCoAkVfBBT +Fmq2gscq6dpZIfth0RDWPxPfdy2bxnyZmLlZC/GFxzFsml2IoDtKQMF8mOmzrFNV +wW4W7Y0d9pflBheCB88niUE02I6JnBwRXBPCuQKBgD01VJsGqgFvlvjK0KVpPVCB +KK0GPI5TFNSDjYSIG25Vm4lYmiWwr54iaqWvlK9SFXH0C9R1VAuU+uaY+8tGM4o5 +RO9mk0AvIJ4BC0FZHS2fHDld/37WO3rh66Qym6zgp02ZPYDSLXT18sf0SVMAzU7h +2j60FMMEJPr7clx+n6xU -----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7-rsa-sha256-2.pem b/tests/data_files/pkcs7-rsa-sha256-2.pem index b11a00a19..71004b5f8 100644 --- a/tests/data_files/pkcs7-rsa-sha256-2.pem +++ b/tests/data_files/pkcs7-rsa-sha256-2.pem @@ -1,48 +1,48 @@ -----BEGIN CERTIFICATE----- -MIIDSTCCAjGgAwIBAgIUVk1VQCWvWZ4ycHmycg7wDfN8+3wwDQYJKoZIhvcNAQEL +MIIDSTCCAjGgAwIBAgIULQiixEME/TOd8CzfFgp/HxWQOj4wDQYJKoZIhvcNAQEL BQAwNDELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRUwEwYDVQQDDAxQS0NT -NyBDZXJ0IDIwHhcNMjIxMDI4MTYxMDU2WhcNMjMxMDI4MTYxMDU2WjA0MQswCQYD +NyBDZXJ0IDIwHhcNMjMwNTA4MTAxOTExWhcNMzMwNTA4MTAxOTExWjA0MQswCQYD VQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxFTATBgNVBAMMDFBLQ1M3IENlcnQgMjCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMmVNZZ0/qcT+h/lVNO+gP65 -lERTTudQ15h8QTLjaKhx5SSTLnuUhD0jLbR+ng8PMqdJ8ePkZEh1+7mi9MHzID4Y -c47jH8M+Jc/JdBr6cSjbFd23QHESUjKKmV1IjSHc6Llbxe962z4gEXYjJAMkfr6B -g1iecK3AlnEI4F0BsQfC5dgA4Qce2okvcTuhYgvHtLZ+UN4ca50Kw0o4u5FYdl89 -KDCE4zNp8MaaxGC83xcM4A9XqjHyZ7a2wvACTlmLQ2q/E+RN/8THEel4Y+yv82Uj -j2LqqEaA06dvSdOPdaGz9jUZauqBw7TcuGGVzrrsZ0g/sHXKng9TppehAV/HrJUC -AwEAAaNTMFEwHQYDVR0OBBYEFI5FVrtfLwPXRERcyVX6qBVvfoduMB8GA1UdIwQY -MBaAFI5FVrtfLwPXRERcyVX6qBVvfoduMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAKRl0wgREe6eAduJSV5fs+Ec0s2qs2lHQqt/0JGEIbZBBtka -q1UH9CIMMAd6Kb0kh5GlJT2shg/EAYWoitMwntkeRYTln2k2/B5jux+U5Ph4HyC+ -ad2GqmsoXWDru79rltT7Pv1hS1ofJyQ4Jv88vQA/SuIIRGdTC24VAVgg00JxvDRB -xeqsQ9Pld4ebg4VvqsInnSpmKCcxfWxFhJk/Ax8bK/tV/GnrPiwsvry1j9nZyebS -IyI01/6DwJS2ZhFnsLGyPHFOAFNtomjIdQ6gf2L1wq0qiGOKj/K9IzFNCpCz82a+ -gMgqFzCT5TCZC16kUG2NA2pXAx9O4uppKjRk97U= +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANarbCe4NkIbeBjAEKWuHhA7 +haz080iy8N1Xbdr0Xa6llOLKgsDVNxkzW+WHRgJNZAtN8XgT7IubIrno9ygcBK5B +b1E4/Butpfnw5aSJhW2uI8Wl7/xCvonEDd3jBQUA4cO8x3ie+7WcGJC2mUXlgUuJ +jdvX7/px5DQuJwy0R3Vul0IOSBvzXVo9UOTYkmoQI2e2UcAk6aU3zQKK8Db5dmlR +cA+sVCb9j1tEmSXQAj0XfXv0Sqijwr7MUYB9vUt2wYexC3b0SosqNqg7MYx6eDUJ +adVvPwHW4VQh5Rv9TVYr9Rpc1pyfgjtvlnouPU+yROJ9VO0irbMY5LI2rAIpQksC +AwEAAaNTMFEwHQYDVR0OBBYEFOozYBd7pxAmsVUtJwSQvRGNvKO9MB8GA1UdIwQY +MBaAFOozYBd7pxAmsVUtJwSQvRGNvKO9MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJmOMP3gVqP0/vFqPdMjIa5Pjtwy02z4Z4uLplo/4K8CQp6T ++XMfz+p/UDoglyAuZ34TQ/dnGMM9EFEBgm/O5dJHl442+FrortIEhzGo0QAf+XYK +9HQKVk0a5ecVO9CZw2mduxMJ//r9GyFG0XSqpNqt2yi7UgcPsrq+2OqhzYngYmyr +V5HtQzwBaIqwoXzhHIOX1pJg4GUxrhsaqInrhUM0VTdfpKcRlzFsimQ60LZ6GMcm +rPy3oLs1ioVfYS7et0MnGhgSHIjBeocqYKchzfBk/NnF0eK+lJo+hrGk6F2rDJ4G +ViNKP6MhMBzlZ73yTRTWZcYu6O+sg5cHwjlHhRc= -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDJlTWWdP6nE/of -5VTTvoD+uZREU07nUNeYfEEy42ioceUkky57lIQ9Iy20fp4PDzKnSfHj5GRIdfu5 -ovTB8yA+GHOO4x/DPiXPyXQa+nEo2xXdt0BxElIyipldSI0h3Oi5W8Xvets+IBF2 -IyQDJH6+gYNYnnCtwJZxCOBdAbEHwuXYAOEHHtqJL3E7oWILx7S2flDeHGudCsNK -OLuRWHZfPSgwhOMzafDGmsRgvN8XDOAPV6ox8me2tsLwAk5Zi0NqvxPkTf/ExxHp -eGPsr/NlI49i6qhGgNOnb0nTj3Whs/Y1GWrqgcO03Lhhlc667GdIP7B1yp4PU6aX -oQFfx6yVAgMBAAECggEBAMVHm3w134qQCHfyroPTqtaftDTx+wRyn6yB3iT5XdGM -NZ8H07Pp80kKBo7gY7uFOiNyQKKxQFuR69sPWc3+LI3YzC8IpGslhUfHdjN46gn7 -73hfAVgnf/4qmlEq0cRUOAY/hIUMjUhNhglB9tqEeu3iPjMaTFgfZJwW/czH/QMD -w4zj5XoLgwRkqVvUceu/dBgV8KP5DpON+q8wpfWtjunv7rg5Nc3BVBrpb5SadJ7T -i5TsS+pZQyp+mTvyCI3A1hkr2Vw5tULWO8SPhuEQkdtC/CL+luCUO7L16lU6KhFB -qP5Fduik5skyLCVvAMUkjKcrC22k0gkhOHvfmMhjaAECgYEA68+hAQIiV9ErZGk9 -ZLu+VJHBSPmEQCkUcbviwzoRo8YSyka12TZERy+NJcvmD9deNgFbp8GyZf01XJWH -slSYt6LyInrJrTpv+3q2Vl5GQp0f+39i7MHnwGGKbWsDbSAm+L9yKTJzYJz1O5fo -in06AiyyGPwnXd1cm5bTXVX+dQECgYEA2tdi6DXF8awE23pv4HphPBhXS5hmYP/D -NC7CtP8wQsxjPdiIxkBFFVEaFCC2njq1VhTyJb5noJM4kOIwcoaQ/zgyyxQa0u7w -+CqvAh1WwG+sT/B7vivrtDmmYeyGQapFo5DRIz+MflKAhzDhtnEyT9vLuCdn8J95 -0YvxZJ9+k5UCgYEAh+e7SER9nJUt6AoLWyIlGMKEXlWIFh5W7RG3KIMwJW6D59aG -+fAfu9M5Cx6PsnOSlZeExpOJCOS9O2Xmti2xcqzT1nFkCJWUcqCPtAlTfxLlmuIZ -FpDOy36r9FHnwJ32OAjGd93ex0DOyZDMcfyoURaHcoTo/10UAYwUt0dXhwECgYAI -xad2TWmA1XdgYNkJM36gTQ16v0IjUz084z70yGHj25OC0CIzaDIct6KG+gS39Px9 -1dsa/jXjLuOOkzKD9LbtNBB9KXIl0GQiXnujZw+qKQ/MKISdS99n2wO7WyLKkQu3 -kb+AXTTBf4cdZC04BfORVesll5bIA2x7pNNpSCdnvQKBgG7VXYcPlIV7iAyi2xFa -uN1jccu/AK7xA0G1jz2SHNlpet74LmWR8XsTujJeo8WG1IRFxSky4h/pAP0XWIFO -0LPK7eeDtnFq6y1/DXpI+/9BWX5T/8+4Yk93p37YrBVWKfd21dhrAklQs11m3rlQ -Qn6c/zyvMKSyrCVxo5pTd5Il +MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQDWq2wnuDZCG3gY +wBClrh4QO4Ws9PNIsvDdV23a9F2upZTiyoLA1TcZM1vlh0YCTWQLTfF4E+yLmyK5 +6PcoHASuQW9ROPwbraX58OWkiYVtriPFpe/8Qr6JxA3d4wUFAOHDvMd4nvu1nBiQ +tplF5YFLiY3b1+/6ceQ0LicMtEd1bpdCDkgb811aPVDk2JJqECNntlHAJOmlN80C +ivA2+XZpUXAPrFQm/Y9bRJkl0AI9F3179Eqoo8K+zFGAfb1LdsGHsQt29EqLKjao +OzGMeng1CWnVbz8B1uFUIeUb/U1WK/UaXNacn4I7b5Z6Lj1PskTifVTtIq2zGOSy +NqwCKUJLAgMBAAECgf8TtKi4/K/+YYckvnzIuLMJymz684FhqwtxRhVPhB8VaR3B +s9VM3kWwioZlC4XhsDj+0KjZ3PpZ1mPZrQkDJY9Ib7lIO3LpF4ek6fgqonUdHF8s +RY9CGN5kxxp+w9gyHWKcFTg6Wl3AzhNzNU/cmrTDulzLUYc19j58i8AJ6oKkxNcT +gie9c38wDjZr67cynARkS9N94WkMsOQzM59TzOfukldsbwYISZahR/L9hgQqzcFL +hxsrQbZ0M5XFziOjuDGzJZswbbTvkupqt0EwEXcI1jnvOtKPC50RaIY9y9sQYRPX +RXFzUaBGKHjLWtEYQd/bXWTtCLx6C4FDRkOsVQUCgYEA69z8xq8lp77lD2gNsh3x +o8cnnx3xcwnj+9bEDDKXgA1RBwnXpQ/Gq5Jme7zm9552xJXDQwckuJQ9/Fd4L8Zy +ZjyOuYC6Mdc4ncwo1yT9Rv6ipSq/dsVKQbMYaOxtQ6Lce1wPyF32slu2mPlwOgIo +w0Adl3MqC+Gk3ANcPWyJha8CgYEA6P86jw8MfaA4qTn6Zy1YEq17+8Chd15PA2E7 +NWdEL75Jr+Im9kTY+niWcZo6q/JKa5FokxrSB988NMK6Qd20d2gZijc1yHprC1fq +W3RP9C2qvEOs+4+w38F63JkBXOyqh6+bqclsEDk5COoe2EdIevF4PQheWuQtbNHv +7G5yECUCgYEApNTDMnakch5OJf4p1BhpDnPXlLNwUVzQHudwCrYweiTUQ371XT0x +MiYVyNOy9cmgZrHiy6zqVLQEvZzDOWAOArS/aZQ0izBFOMG8qN4Iwtyg/ZxqQa6O +vmtS28Cee24Nd4hW30gLZ4oAideIPoHTyt+7zmOFNthyRe9zPtnjIbECgYAfnrOV +wpcRXXMTFDk1U2QGdODEk6nWB0h1zvY4EyGf0RUy92AOP92qcD8Kf8HCoAkVfBBT +Fmq2gscq6dpZIfth0RDWPxPfdy2bxnyZmLlZC/GFxzFsml2IoDtKQMF8mOmzrFNV +wW4W7Y0d9pflBheCB88niUE02I6JnBwRXBPCuQKBgD01VJsGqgFvlvjK0KVpPVCB +KK0GPI5TFNSDjYSIG25Vm4lYmiWwr54iaqWvlK9SFXH0C9R1VAuU+uaY+8tGM4o5 +RO9mk0AvIJ4BC0FZHS2fHDld/37WO3rh66Qym6zgp02ZPYDSLXT18sf0SVMAzU7h +2j60FMMEJPr7clx+n6xU -----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7-rsa-sha256-3.crt b/tests/data_files/pkcs7-rsa-sha256-3.crt new file mode 100644 index 000000000..03ce5b35d --- /dev/null +++ b/tests/data_files/pkcs7-rsa-sha256-3.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSTCCAjGgAwIBAgIUT1tppAbQpx6vLbVzRx/54bi0ehowDQYJKoZIhvcNAQEL +BQAwNDELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRUwEwYDVQQDDAxQS0NT +NyBDZXJ0IDMwHhcNMjMwNTA4MTAxOTExWhcNMzMwNTA4MTAxOTExWjA0MQswCQYD +VQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxFTATBgNVBAMMDFBLQ1M3IENlcnQgMzCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO1SO1OUqWVMqINj+MZPgE5s +8sdFrVyXlt/3EqXNs6zUBr12Kj4USt5tmVyF1FxYsw76U1ZpeUUBIrQ62CyQgZtD +l96tipHbxFneWXV0COrp+2rjWUDz3bY0lM39JCrOxlBDx/QYOJHm4HAeWPkg0F1R +26kKLNUYxg54gtjnauleWefrMcV3S69RTJGlf3hVJ1fltz/yw8N9XG8XxANZT0Cz +JV31yzLMxCTm2iBXXALSkw5QDVT+SD0mbkYT26bwtAvXptPjbC7ZrOxYyrmnhk2U +aPVewp5ncrDhZpfKCXVG6qtSQ3zHu6WwBCk3hdZ9RpBMDMOm+VFl+rGgD46p2osC +AwEAAaNTMFEwHQYDVR0OBBYEFGNzo9wwEk9/t6xxxpby/NRmNJRlMB8GA1UdIwQY +MBaAFGNzo9wwEk9/t6xxxpby/NRmNJRlMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAKJEmDyEmw8Q6mbaqREvmNScGrA60wONTQdlX3lny4VzqAzi +MxIeCIfwSvR9Lho0lPmFMErdDPTUKzWmlAXUSlsyjnGrqP5uCixTUBZ9Ic1gaxDz +Mere8nr7yow+I9euYNN1/dNJZP9mcrP269FGyTuM/8Woi+zaJHr0Y8K9TRRXudqP +wu6X/qZ+OeQrW4WMeb1+eZ59FtRadamsQabxvtgkRJhmqNsGQ/i+S0SqGt2t2xvq +lTxshA5p17bLQmTJsNKXbQeVPH99M+ecXvwN0hj3fDnQeDMTjdKOsyFupyZ+vxN+ +pFvT7lP0hrOuU07FFqt36B0xObB1QwZb2DPcEIw= +-----END CERTIFICATE----- diff --git a/tests/data_files/pkcs7-rsa-sha256-3.key b/tests/data_files/pkcs7-rsa-sha256-3.key new file mode 100644 index 000000000..17c4eedb1 --- /dev/null +++ b/tests/data_files/pkcs7-rsa-sha256-3.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDtUjtTlKllTKiD +Y/jGT4BObPLHRa1cl5bf9xKlzbOs1Aa9dio+FErebZlchdRcWLMO+lNWaXlFASK0 +OtgskIGbQ5ferYqR28RZ3ll1dAjq6ftq41lA8922NJTN/SQqzsZQQ8f0GDiR5uBw +Hlj5INBdUdupCizVGMYOeILY52rpXlnn6zHFd0uvUUyRpX94VSdX5bc/8sPDfVxv +F8QDWU9AsyVd9csyzMQk5togV1wC0pMOUA1U/kg9Jm5GE9um8LQL16bT42wu2azs +WMq5p4ZNlGj1XsKeZ3Kw4WaXygl1RuqrUkN8x7ulsAQpN4XWfUaQTAzDpvlRZfqx +oA+OqdqLAgMBAAECggEAU51l9rBJsL2+H7Dw/VoUcE1Vip1Dk/x69YUVRmK/2/RG +Pams/3th15WQ87bZWAIOcIgFJcx6pDPeuNaExMrTR1Oc5iGJ0ZM3TpyXM1lDLRVs +dkAM+eQSKTjEdwEqJYT9/VisUhXYlJteV1Jx8bC8iSymspu5qQkV+xI9s9NxaTAd +19U5NoozZRBS37lU3WxMhPCHCrbl6vwcfvtsZClEICA8YUKyS+wUh0wjzgkQrORT +kaTxY8YyQ/ufSIkA3XKJX1flO1UdNFJcHhseiXWuuUTKUMvWNILUoFpbky5uYb5z +VM7u57ZBF3uVHmvJNYS04iQdNkV1ZkpWH8opuQ1kyQKBgQD2jl6Y0qTy/s+g9aQ7 +ypZ0zi/lhIJaTBDqxwJA18e8+4kq3WEEBDD1X/eT44nVPhGy78ccJZCnw2PBHy1k +6xVCfGAZVV850m9JGf4L/VEN6D5qdB2owJPVCEh7fa6hVvLKYFNCuvs0osKCVnyy +PGq8ixAP5sJp8yoEnlUi0II3UwKBgQD2aU7xdQgba7uMu2rJo0bzDKfxv4q5nUYO +XLBm7l+Mz6Uz68A/scLsKWmdvmdPKy83pmR/2RJ1pp0HNVfa8rL+0DHCqf1PApE+ +jFgcQIdnyzwRFHPDH/9zmrHUy32L5MdiQEWwqg9wP2HYbuv9VbN0Rn3HTFdRVarD +hg36/hSA6QKBgBaH+iMTFNnT6Vt3NzPzln5EHWJnEpZ33w/lcdJFJc6iWe2d33DD +hUnXJEPShlUDYBCvEs4CrM5375TFaZuQVBgIT6vg/lvFXEAc7Pdhhde0goet5sv2 +FUxhfmYynRPHY1aVKOavOaecvBO3HZwYI1TpjGU3nEqcWxmi8nrE/TFbAoGALGaD +XAzLfi1maRBoSJcMNMVmCbCK7bFCK1pWSuXO/892pClpxdBhIC7CIjNp6CEO7Acm +escBhYOVLfRVtVUgHbwkC0CYLUF4LH4bblPOUkyTsTwvM8yzOgB45LAaGjgKGVEd +fZzXFVHGbrpl+YsUv/Hnvh6qaTR3ha3FHSHlTekCgYEA889EzlEOwmu69z06RJsZ +mlYoR0/1xxiYmSNy+hXWoM64G99R94bc/bx/QSJAXu93HX4N0GHPmjjpZvk1IjHL +zQGikdb2jvbKnRcR/4DiXQ1jggk59bCUDaQkpEbBvtCLj/LjMnwxAJAoCOGjuIxG +hmSyoAlNQm47tGD3i+2erv0= +-----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7-rsa-sha256-3.pem b/tests/data_files/pkcs7-rsa-sha256-3.pem new file mode 100644 index 000000000..0dc2fe985 --- /dev/null +++ b/tests/data_files/pkcs7-rsa-sha256-3.pem @@ -0,0 +1,48 @@ +-----BEGIN CERTIFICATE----- +MIIDSTCCAjGgAwIBAgIUT1tppAbQpx6vLbVzRx/54bi0ehowDQYJKoZIhvcNAQEL +BQAwNDELMAkGA1UEBhMCTkwxDjAMBgNVBAoMBVBLQ1M3MRUwEwYDVQQDDAxQS0NT +NyBDZXJ0IDMwHhcNMjMwNTA4MTAxOTExWhcNMzMwNTA4MTAxOTExWjA0MQswCQYD +VQQGEwJOTDEOMAwGA1UECgwFUEtDUzcxFTATBgNVBAMMDFBLQ1M3IENlcnQgMzCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO1SO1OUqWVMqINj+MZPgE5s +8sdFrVyXlt/3EqXNs6zUBr12Kj4USt5tmVyF1FxYsw76U1ZpeUUBIrQ62CyQgZtD +l96tipHbxFneWXV0COrp+2rjWUDz3bY0lM39JCrOxlBDx/QYOJHm4HAeWPkg0F1R +26kKLNUYxg54gtjnauleWefrMcV3S69RTJGlf3hVJ1fltz/yw8N9XG8XxANZT0Cz +JV31yzLMxCTm2iBXXALSkw5QDVT+SD0mbkYT26bwtAvXptPjbC7ZrOxYyrmnhk2U +aPVewp5ncrDhZpfKCXVG6qtSQ3zHu6WwBCk3hdZ9RpBMDMOm+VFl+rGgD46p2osC +AwEAAaNTMFEwHQYDVR0OBBYEFGNzo9wwEk9/t6xxxpby/NRmNJRlMB8GA1UdIwQY +MBaAFGNzo9wwEk9/t6xxxpby/NRmNJRlMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAKJEmDyEmw8Q6mbaqREvmNScGrA60wONTQdlX3lny4VzqAzi +MxIeCIfwSvR9Lho0lPmFMErdDPTUKzWmlAXUSlsyjnGrqP5uCixTUBZ9Ic1gaxDz +Mere8nr7yow+I9euYNN1/dNJZP9mcrP269FGyTuM/8Woi+zaJHr0Y8K9TRRXudqP +wu6X/qZ+OeQrW4WMeb1+eZ59FtRadamsQabxvtgkRJhmqNsGQ/i+S0SqGt2t2xvq +lTxshA5p17bLQmTJsNKXbQeVPH99M+ecXvwN0hj3fDnQeDMTjdKOsyFupyZ+vxN+ +pFvT7lP0hrOuU07FFqt36B0xObB1QwZb2DPcEIw= +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDtUjtTlKllTKiD +Y/jGT4BObPLHRa1cl5bf9xKlzbOs1Aa9dio+FErebZlchdRcWLMO+lNWaXlFASK0 +OtgskIGbQ5ferYqR28RZ3ll1dAjq6ftq41lA8922NJTN/SQqzsZQQ8f0GDiR5uBw +Hlj5INBdUdupCizVGMYOeILY52rpXlnn6zHFd0uvUUyRpX94VSdX5bc/8sPDfVxv +F8QDWU9AsyVd9csyzMQk5togV1wC0pMOUA1U/kg9Jm5GE9um8LQL16bT42wu2azs +WMq5p4ZNlGj1XsKeZ3Kw4WaXygl1RuqrUkN8x7ulsAQpN4XWfUaQTAzDpvlRZfqx +oA+OqdqLAgMBAAECggEAU51l9rBJsL2+H7Dw/VoUcE1Vip1Dk/x69YUVRmK/2/RG +Pams/3th15WQ87bZWAIOcIgFJcx6pDPeuNaExMrTR1Oc5iGJ0ZM3TpyXM1lDLRVs +dkAM+eQSKTjEdwEqJYT9/VisUhXYlJteV1Jx8bC8iSymspu5qQkV+xI9s9NxaTAd +19U5NoozZRBS37lU3WxMhPCHCrbl6vwcfvtsZClEICA8YUKyS+wUh0wjzgkQrORT +kaTxY8YyQ/ufSIkA3XKJX1flO1UdNFJcHhseiXWuuUTKUMvWNILUoFpbky5uYb5z +VM7u57ZBF3uVHmvJNYS04iQdNkV1ZkpWH8opuQ1kyQKBgQD2jl6Y0qTy/s+g9aQ7 +ypZ0zi/lhIJaTBDqxwJA18e8+4kq3WEEBDD1X/eT44nVPhGy78ccJZCnw2PBHy1k +6xVCfGAZVV850m9JGf4L/VEN6D5qdB2owJPVCEh7fa6hVvLKYFNCuvs0osKCVnyy +PGq8ixAP5sJp8yoEnlUi0II3UwKBgQD2aU7xdQgba7uMu2rJo0bzDKfxv4q5nUYO +XLBm7l+Mz6Uz68A/scLsKWmdvmdPKy83pmR/2RJ1pp0HNVfa8rL+0DHCqf1PApE+ +jFgcQIdnyzwRFHPDH/9zmrHUy32L5MdiQEWwqg9wP2HYbuv9VbN0Rn3HTFdRVarD +hg36/hSA6QKBgBaH+iMTFNnT6Vt3NzPzln5EHWJnEpZ33w/lcdJFJc6iWe2d33DD +hUnXJEPShlUDYBCvEs4CrM5375TFaZuQVBgIT6vg/lvFXEAc7Pdhhde0goet5sv2 +FUxhfmYynRPHY1aVKOavOaecvBO3HZwYI1TpjGU3nEqcWxmi8nrE/TFbAoGALGaD +XAzLfi1maRBoSJcMNMVmCbCK7bFCK1pWSuXO/892pClpxdBhIC7CIjNp6CEO7Acm +escBhYOVLfRVtVUgHbwkC0CYLUF4LH4bblPOUkyTsTwvM8yzOgB45LAaGjgKGVEd +fZzXFVHGbrpl+YsUv/Hnvh6qaTR3ha3FHSHlTekCgYEA889EzlEOwmu69z06RJsZ +mlYoR0/1xxiYmSNy+hXWoM64G99R94bc/bx/QSJAXu93HX4N0GHPmjjpZvk1IjHL +zQGikdb2jvbKnRcR/4DiXQ1jggk59bCUDaQkpEbBvtCLj/LjMnwxAJAoCOGjuIxG +hmSyoAlNQm47tGD3i+2erv0= +-----END PRIVATE KEY----- diff --git a/tests/data_files/pkcs7_data_3_signed.der b/tests/data_files/pkcs7_data_3_signed.der new file mode 100644 index 000000000..23181ae82 Binary files /dev/null and b/tests/data_files/pkcs7_data_3_signed.der differ diff --git a/tests/data_files/pkcs7_data_cert_encrypted.der b/tests/data_files/pkcs7_data_cert_encrypted.der index b7b1c8331..c3d864283 100644 Binary files a/tests/data_files/pkcs7_data_cert_encrypted.der and b/tests/data_files/pkcs7_data_cert_encrypted.der differ diff --git a/tests/data_files/pkcs7_data_cert_signed_sha1.der b/tests/data_files/pkcs7_data_cert_signed_sha1.der index fb1deb0fc..878e9ecac 100644 Binary files a/tests/data_files/pkcs7_data_cert_signed_sha1.der and b/tests/data_files/pkcs7_data_cert_signed_sha1.der differ diff --git a/tests/data_files/pkcs7_data_cert_signed_sha256.der b/tests/data_files/pkcs7_data_cert_signed_sha256.der index 8dc2f4c9c..cc48123d4 100644 Binary files a/tests/data_files/pkcs7_data_cert_signed_sha256.der and b/tests/data_files/pkcs7_data_cert_signed_sha256.der differ diff --git a/tests/data_files/pkcs7_data_cert_signed_sha512.der b/tests/data_files/pkcs7_data_cert_signed_sha512.der index a4aa58758..75bdf0fa6 100644 Binary files a/tests/data_files/pkcs7_data_cert_signed_sha512.der and b/tests/data_files/pkcs7_data_cert_signed_sha512.der differ diff --git a/tests/data_files/pkcs7_data_cert_signed_v2.der b/tests/data_files/pkcs7_data_cert_signed_v2.der index 4f4cb047e..950db2099 100644 Binary files a/tests/data_files/pkcs7_data_cert_signed_v2.der and b/tests/data_files/pkcs7_data_cert_signed_v2.der differ diff --git a/tests/data_files/pkcs7_data_cert_signeddata_sha256.der b/tests/data_files/pkcs7_data_cert_signeddata_sha256.der index cb7d75103..cb97b9b6f 100644 Binary files a/tests/data_files/pkcs7_data_cert_signeddata_sha256.der and b/tests/data_files/pkcs7_data_cert_signeddata_sha256.der differ diff --git a/tests/data_files/pkcs7_data_multiple_certs_signed.der b/tests/data_files/pkcs7_data_multiple_certs_signed.der index 4a237e9d1..63d7194c7 100644 Binary files a/tests/data_files/pkcs7_data_multiple_certs_signed.der and b/tests/data_files/pkcs7_data_multiple_certs_signed.der differ diff --git a/tests/data_files/pkcs7_data_multiple_signed.der b/tests/data_files/pkcs7_data_multiple_signed.der index 095b80ce1..cc441fb7c 100644 Binary files a/tests/data_files/pkcs7_data_multiple_signed.der and b/tests/data_files/pkcs7_data_multiple_signed.der differ diff --git a/tests/data_files/pkcs7_data_no_signers.der b/tests/data_files/pkcs7_data_no_signers.der new file mode 100644 index 000000000..b75c9910c Binary files /dev/null and b/tests/data_files/pkcs7_data_no_signers.der differ diff --git a/tests/data_files/pkcs7_data_rsa_expired.der b/tests/data_files/pkcs7_data_rsa_expired.der new file mode 100644 index 000000000..63af49d6a Binary files /dev/null and b/tests/data_files/pkcs7_data_rsa_expired.der differ diff --git a/tests/data_files/pkcs7_data_signed_badcert.der b/tests/data_files/pkcs7_data_signed_badcert.der index ed00f65fa..c74d69dc0 100644 Binary files a/tests/data_files/pkcs7_data_signed_badcert.der and b/tests/data_files/pkcs7_data_signed_badcert.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner.der b/tests/data_files/pkcs7_data_signed_badsigner.der index aa5447c44..ba629dc4f 100644 Binary files a/tests/data_files/pkcs7_data_signed_badsigner.der and b/tests/data_files/pkcs7_data_signed_badsigner.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner1_badsize.der b/tests/data_files/pkcs7_data_signed_badsigner1_badsize.der new file mode 100644 index 000000000..dbe9320f8 Binary files /dev/null and b/tests/data_files/pkcs7_data_signed_badsigner1_badsize.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner1_badtag.der b/tests/data_files/pkcs7_data_signed_badsigner1_badtag.der new file mode 100644 index 000000000..198b92987 Binary files /dev/null and b/tests/data_files/pkcs7_data_signed_badsigner1_badtag.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der b/tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der new file mode 100644 index 000000000..f613e3d82 Binary files /dev/null and b/tests/data_files/pkcs7_data_signed_badsigner1_fuzzbad.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner2_badsize.der b/tests/data_files/pkcs7_data_signed_badsigner2_badsize.der new file mode 100644 index 000000000..0e647671a Binary files /dev/null and b/tests/data_files/pkcs7_data_signed_badsigner2_badsize.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner2_badtag.der b/tests/data_files/pkcs7_data_signed_badsigner2_badtag.der new file mode 100644 index 000000000..caaa3050b Binary files /dev/null and b/tests/data_files/pkcs7_data_signed_badsigner2_badtag.der differ diff --git a/tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der b/tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der new file mode 100644 index 000000000..f7e0df489 Binary files /dev/null and b/tests/data_files/pkcs7_data_signed_badsigner2_fuzzbad.der differ diff --git a/tests/data_files/pkcs7_data_with_signature.der b/tests/data_files/pkcs7_data_with_signature.der new file mode 100644 index 000000000..b98cab6bc Binary files /dev/null and b/tests/data_files/pkcs7_data_with_signature.der differ diff --git a/tests/data_files/pkcs7_data_without_cert_signed.der b/tests/data_files/pkcs7_data_without_cert_signed.der index b47fe927e..390361fe1 100644 Binary files a/tests/data_files/pkcs7_data_without_cert_signed.der and b/tests/data_files/pkcs7_data_without_cert_signed.der differ diff --git a/tests/data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der b/tests/data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der deleted file mode 100644 index 51aef0d09..000000000 Binary files a/tests/data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der and /dev/null differ diff --git a/tests/data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der b/tests/data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der deleted file mode 100644 index ce4fb3bd4..000000000 Binary files a/tests/data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der and /dev/null differ diff --git a/tests/data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der b/tests/data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der new file mode 100644 index 000000000..0fbc65b02 Binary files /dev/null and b/tests/data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der differ diff --git a/tests/data_files/pkcs7_signerInfo_2_invalid_tag.der b/tests/data_files/pkcs7_signerInfo_2_invalid_tag.der new file mode 100644 index 000000000..4f059c270 Binary files /dev/null and b/tests/data_files/pkcs7_signerInfo_2_invalid_tag.der differ diff --git a/tests/data_files/pkcs7_signerInfo_issuer_invalid_size.der b/tests/data_files/pkcs7_signerInfo_issuer_invalid_size.der index 898ca6777..cd77545f3 100644 Binary files a/tests/data_files/pkcs7_signerInfo_issuer_invalid_size.der and b/tests/data_files/pkcs7_signerInfo_issuer_invalid_size.der differ diff --git a/tests/data_files/pkcs7_signerInfo_serial_invalid_size.der b/tests/data_files/pkcs7_signerInfo_serial_invalid_size.der index f4b4e384d..5efa3a94f 100644 Binary files a/tests/data_files/pkcs7_signerInfo_serial_invalid_size.der and b/tests/data_files/pkcs7_signerInfo_serial_invalid_size.der differ diff --git a/tests/data_files/pkcs7_zerolendata.bin b/tests/data_files/pkcs7_zerolendata.bin new file mode 100644 index 000000000..e69de29bb diff --git a/tests/data_files/pkcs7_zerolendata_detached.der b/tests/data_files/pkcs7_zerolendata_detached.der new file mode 100644 index 000000000..5f9b62eda Binary files /dev/null and b/tests/data_files/pkcs7_zerolendata_detached.der differ diff --git a/tests/data_files/rsa4096_prv.der b/tests/data_files/rsa4096_prv.der new file mode 100644 index 000000000..86ea81849 Binary files /dev/null and b/tests/data_files/rsa4096_prv.der differ diff --git a/tests/data_files/rsa4096_pub.der b/tests/data_files/rsa4096_pub.der new file mode 100644 index 000000000..270bf3a01 Binary files /dev/null and b/tests/data_files/rsa4096_pub.der differ diff --git a/tests/data_files/rsa_multiple_san_uri.key b/tests/data_files/rsa_multiple_san_uri.key new file mode 100644 index 000000000..c8c3492bb --- /dev/null +++ b/tests/data_files/rsa_multiple_san_uri.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCxc5q8z8XR6vH2 +1Ko29Mk3dOKpSOrX9Tb5HtmCQMoKIxnTUQrNkVeOQtiQt6XZo05cbA6Z87kWDgGJ +P/5Lxofrx13Rp1xZzZ+0AAPfvUCY5tzZwmicQWvu9st6JwTyaLTCzSt0cPTUs5Hi +hJt9RzSW6GTk5ANjjgoewOMhwh5f84JRURJ2INZjz4namBGe/9f14ZHxKWuxl5in ++z582rSEhLXrPLbaKjT3Jphff51xsusC+pP0xNqkAcrGJ+/Jk0Vk6ClRCd40ZcTB +4SkOqsZ8/uGWnradkrN74PoMMnSKKOuxlsVMPfzMkrlMbuazO4nK/osTAnoSqMUv +COBdXkTtAgMBAAECggEANVlTIQa6K3UeD546GlGXmQOcDVbtu8VuJJFgxScjVs7c +uco4nDrg/tUb9M4xn2/YZDLcZO6AK6BEV/YURsXGIV2L2DcfraQDKoOCpqZoIE/v +/8vR1YBZqbsqy2ulshdGmPZD5Tr8cGIYLui9MnnQ1rnBc4sVdb3DTyGgZ4rLxP6X +0BoHw+LQA0wwSbE/NW71qmeDSEDkSkUQISVg6Rp06U0PZaJAWtYoBNKGAsDGAhjc +vVTXE5B9d+3yOM0InCWFsM/bUvaUv/yxxTcZnVq9Lji3KwDhy63F99pUaFnV6Rf2 +3CKO3VHegWSwMcnYaBbufDqWPHuEDSlZ0nRhrbrKRQKBgQD6dQd0xPHfxIz5l+AC +1kPHIsUKPEirrJKTVHlxQwT0yVpD+yUkF95HY6NgHVHKnRP9qicqr3raIfA01VQc +y+lhXo6xUAqYsKvB9m4njERFWMTCVSVU30Klhic/s4R/1abKlvkax1SiQFIRStqC +onsZ0M1Isw69/I8Yha3mzv/gvwKBgQC1YPXnd5dZmdbe0UibBWjU5X6AQGt+oxL+ ++6EP3EfuRmYI3i3r2bdbB3ELd95f8tgV0UagmjQfFoigBsuRfbhrQEPSHMBWYpAV ++TZKxUvmpJXwLEgxcPv7VTTvxw0qL1u1s/dX6WBfEOUgVzPgcp+IJGEr1MZekTqt +P65coDpZUwKBgAmrLuiBGd1Lly2jgVBauS8c1oJ4pU2LUfVCE5Ydwjk49LUfIuXr +zfbvj8UMHLY3rifiw7RQJev5124StjaOYKoTnmqV7nLKjzbjroj0T0ZmEOJ3qwNF +wyrkrOs2oOzWcKPthBxWiZvh48krHJhicWIjv2kJEI6hC10k+/unDhW9AoGAZyRg +MeRb+OP2wHaapy0IVCi9Kwl3F2h8oOtOx8ooTWNTGq/dxUTlc6pjqnXbyww5vQ5o +72NBSHxz7SxwDqhDexnsd0tKRNV/wj8ZlKNlah8l9JH568OoR2BI3iF/ZwHPUSCq +Ax//YZAl+6IbKgOEnNKzP02cEKLdjy+rY5jqFWkCgYEAmEl4mg1IGoVDM6d3iIPP +JLz5DghV8kP++99vFrJx07D6e/uhzojR73Ye+fq69Vy0yjGXpaRPwwHfvPzDA1hm +ir7rJWsbbskR+iTn2yKvIpB1wBI1u0SQ4lnJ1ZIVJPVlh4yA29JvPT7/7/2nQ/s6 +v0N2oKrfaiKc7BjCz3eYW4Q= +-----END PRIVATE KEY----- diff --git a/tests/data_files/rsa_single_san_uri.crt.der b/tests/data_files/rsa_single_san_uri.crt.der new file mode 100644 index 000000000..22308c6f4 Binary files /dev/null and b/tests/data_files/rsa_single_san_uri.crt.der differ diff --git a/tests/data_files/rsa_single_san_uri.key b/tests/data_files/rsa_single_san_uri.key new file mode 100644 index 000000000..bb6c0ca6b --- /dev/null +++ b/tests/data_files/rsa_single_san_uri.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCng06zdlkhYiBK +43H+cK+vkHYvvRA2RtWbLMw+9rV9IrdGQ+iQQ/X1SZfDl2hWUiKTpabcuGYzY38H +lXW4UXwTB36KEe7G3yF/fbvYzNsdUCAVOzNs/0EMvXJeD/Dm5CBMEsG6V0ovHmkc +c80fQYQiSxgjpWyRpKdP+z/2imGph9onuu7EWOpAXGArozlLL5OixQ2dmutsc5ap +hfgwq6za00uKsFifolRtAhiH86N0vjiAJkzZR83uBlI285sj5+EzRrtjVv+kgsLW +gLDlj3bgsuKQDfxWhe+mpy2PIJ41kqktCz1qew3wyHI2ysE+6htHYQMNbCtkRMdX +/4t1yx95AgMBAAECggEAIIhn6IK7nLgp/WFe6kOIW1h7G5pkY6YuJgz1PeU8Kilr +3sGhkSMhyZmZV+s34EvjWzl4xrUpZCGWsipcyodIyYlTEg2ZihYbs17/9IMUqwS8 +tmLhAfIw+ABzDcGaz7zOaPfbmA0L40rMrzHuTHu05dQfxAyEoWSQ+f+Z1I/bl8jy +GdXQVtqZzqJcWXbXt+3+B4f2/d7K5xzb7lv/8zhAf/zoG9srMByPa6/Do5rVas5Q +NmzJPwXngxE5dJcHsWU4FkHbSbJj0khW858MJ4o5Ddw5ZOPimqlcmpClb01wCdXf +13o2ozKGE/xq3InU7MA4ad0tLMdEM8R7yhUZ9Xe/gQKBgQDYXt4BhiamnSl1tHR8 +MiiyzkcZuVH04/A6FsnUhcbQF9iCqO9szw50k0z7DVIGS9dSY9kmMdEcpsX6m2XC +XfEsxHBm0wmJqLUGq3UzM6oDsyZG1fkTg+eMzbVO0sv4xdhJLPpmsck5yJ8t0TxB +8gIS9yNEw7+w6rZhgSRsMT+WhQKBgQDGMZ0qIdFi1Ae7ueTcBCe+cjgmTG9nXq6+ +qRokU63rPP9y8XTVD6hRmviMRl4skt0F39yGJ7janIQnOBrf2DVEX4Mcf0sY4vDJ +msDV5jkbzgbAEas0ejO4h+dpRqa4mUiU1JR/Pb1jZHNOg7ZfTw45WPqBGsLTEpAt +OsKVUgbZZQKBgCIe+8WjwS6fNC2SspfvVQm1i/Lbjbgfxf9zHor8ObkROZyJRZCU +KoRpwkcI97l0dlVQ16q1SnPJPQljPi3joKfdppggia2CxGFz4nybliEVPGEJV0kj +kP1cZ04x4eauVIhdpnNRcBlDsQ6Jo4YGwxr4jEBI2k7tBKvlsLe7IHr9AoGAeJmi +IAwaBIAvAH16lKL2qD2Ki0uBkq4buSrfHHHK59TjQEdLJ4byjk21pm3/SjJHyhZR +c1TieCw7gj3ypHlE2IkiGAohYVBe4t6HLuF7qL6yfteBjVo69LPGDdqPAs9LSj0c +61xfTQbH32PoapCJgD3zmPH20Ud/cfZKh2A1iL0CgYEAwQgGxHVo+/d3BhLQvQHt +64fE+qrZA5oWWwBh8EzR+98eOnDCF3Gm6chrEs9boOzlwxr9LU4TgiBnpyYrQCEw +AdOA9dhYz91d+chJZjKo635Y9byN9rutr3/EfqZLxWL73k1y5LNAYL+jyAab0Jsw +l2xG6PNj5rItkgO3j50qA7s= +-----END PRIVATE KEY----- diff --git a/tests/data_files/server1-nospace.crt b/tests/data_files/server1-nospace.crt index 932c236a5..4c3cb9019 100644 --- a/tests/data_files/server1-nospace.crt +++ b/tests/data_files/server1-nospace.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDhDCCAmygAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwMzI2MDkyMzEyWhcNMjQwMzIzMDkyMzEyWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G +MIIDPjCCAiagAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFeib+4 6EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rVQUN3 Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2BJV8K sVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUsZOuV m9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6mT3Bu ns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMBAAGj -gZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw -YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBD -QYIBADANBgkqhkiG9w0BAQsFAAOCAQEAXs4vQqlIlxrMbE6IwAHLcGJuz17Ru/en -H9bUnnSh1pxa+NHMKZHBG3GT0iaxsVtXf56/tXH4+HL7ntJjrczGN1PbhMGPyt94 -556ZgDxkHT9k7KjPAIs9BrjFHvl9NyIZzcbwkiC0qGvdzjSfe3AiSYuhXI/9/Hog -uUwReH+T2U/ICEHQ5O8aV5nvpgqL3EeEmyx3bu+YXtZMWQUYzX+ya4TnKVPdqwbf -ebr6v1hLXrUFl6rZ3wEJ6MqUW3SGZRkCVNZUOD6Ky3+EiLwYFhuKGdFqSS0JAAD7 -ZO3yPu5hu3BhAQYavK4Yyfi9IQmubBqxopPwyzjG1HPw2lj+oapH0w== +TTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKmMB8G +A1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IB +AQC8fX3ZiHu6GoYBB5Vo1l6CXXDhHB6r43Pp+BHoOCouiiy4useiPLu5S84gmNoC +v8ZR+b9lAaysCMHAbth9vgtW+aXckBY6xKo8CsmGXcqZqujD6qrDif5q6UpXa4Oe +fr6ITkecY4Z9oN/aN5el5zzUd5zkoyQDI5Bn1gMdvV7AwM7Haq+5gTFwM7HJnphz +GZ8GLxWU1dWeAfsGm58ey6J28OjIkmfP3yL/kBKMhiQZydbH9Y8Yal7YwhayXxES +i7YwhNmPcGAgDBm5Sno7BvHiIqsNX1sssC3aZUaZvldJGY+4Y9fFZHenBwTREj/S +CnEgazC2RJ3kYg3mP/QhE0US -----END CERTIFICATE----- diff --git a/tests/data_files/server1-v1.crt b/tests/data_files/server1-v1.crt index 47f1fff1c..8ca90078b 100644 --- a/tests/data_files/server1-v1.crt +++ b/tests/data_files/server1-v1.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0 -MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV -BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J -v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB -Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl -XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk -65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP -cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA -ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw -WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/ -WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3 -G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz -IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP -krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA== +MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK +DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw +MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH +dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF +kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185 +fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT +xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc +/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O +vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G +CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb +TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN +lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT +Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW +aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ +egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF -----END CERTIFICATE----- diff --git a/tests/data_files/server1.80serial.crt b/tests/data_files/server1.80serial.crt new file mode 100644 index 000000000..3ce8570ea --- /dev/null +++ b/tests/data_files/server1.80serial.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDRDCCAiygAwIBAgIGAIARIjNEMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDwxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDEaMBgGA1UEAwwRUG9sYXJTU0wgU2VydmVyIDEw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUu +FWFeib+46EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQ +g2rVQUN3Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A ++G2BJV8KsVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+ +rWUsZOuVm9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE +2y6mT3Buns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSx +AgMBAAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1D +WQKmMB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQBJKeTUCctb/wCxBte2AIiaTfATzukTVtGhKkdy3cY6U2DVSXc+s+jr +Kut8AYnjp1T6bho98RHbbk+hu+0gBWL2ysJd1+slLBUEotUMTkzgA1YdBXy9J/eM +HJ2a0ydFll/m2rXx7RRJWSbcgPZxQLDfollnNVfhcb75O3GsT3YfEIsjLmon7NHr +rJmTp773trg0cNJ6j5dKMA/2SQH5PL1cmcFgNfVZ+etNRIhwpIQYySWJ/468Mcg5 +ZKPY6nubIIj+HPB3Mhy8d9U3gAJvc9iEdzbKjrkJdVROONsyMYge4vnbjyKUr7/m +ZN1O6pZy9Fvgbdhvx4ZHpfgEsa1qfLCH +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.allSubjectAltNames.crt b/tests/data_files/server1.allSubjectAltNames.crt new file mode 100644 index 000000000..13af87310 --- /dev/null +++ b/tests/data_files/server1.allSubjectAltNames.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDzTCCArWgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/ +uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD +d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf +CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr +lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w +bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB +o4HaMIHXMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKm +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MIGJBgNVHREEgYEwf4EQ +bWFpbEBleGFtcGxlLmNvbYILZXhhbXBsZS5jb22kQDA+MQswCQYDVQQGEwJVSzER +MA8GA1UECgwITWJlZCBUTFMxHDAaBgNVBAMME1N1YmplY3RBbHROYW1lIHRlc3SH +BAECAwSGFmh0dHA6Ly9wa2kuZXhhbXBsZS5jb20wDQYJKoZIhvcNAQEFBQADggEB +AGPFB8YGpe6PRniPkYVlpCf5WwleYCpcP4AEvFHj5dD1UcBcqKjppJRGssg+S0fP +nNwYRjaVjKuhWSGIMrk0nZqsiexnkCma0S8kdFvHtCfbR9c9pQSn44olVMbHx/t8 +dzv7Z48HqsqvG0hn3AwDlZ+KrnTZFzzpWzfLkbPdZko/oHoFmqEekEuyOK9vO3fj +eNm5SzYtqOigw8TxkTb1+Qi9Cj66VEwVESW1y/TL9073Kx0lBoY8wj1Pvfdhplrg +IwYIwrr0HM+7nlYEhEI++NAbZhjQoS2kF5i7xpomUkYH9ePbrwWYBcuN00pljXEm +ioY0KKlx00fRehPH/6TBHZI= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.asciichars.crt b/tests/data_files/server1.asciichars.crt new file mode 100644 index 000000000..824e46e06 --- /dev/null +++ b/tests/data_files/server1.asciichars.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDESMBAG +A1UECgwJ5p6B5ZywU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAHqJLYmgkQ6yqml3PZM6iwbmo+lZLyDEPFpl/thHZm5LI8TTYOeU+wMAZ6KI +VumyjZxypmLF2MiiJ2f3zQooU7H1waAcTpsafTuD6RRYdthYYxs1L9gCm1ZT2Ga8 +fgn3wrugPLUrtSM/TkTj6F4XkSlluzZpEKsSYLSoyde+uQgdbtR+3Tc+3oU8xBMM +N6uq4VQC49avIQkI+598E3vKrjGGt3l2a1Ts1qvXWjo9mpJW5GM4e1zfogKnc8XQ +K1hYQ39wL42l9Hijwre85O0PSBfbNOv1BPSDm8das3VNzGsUIz8InkAKAKCKwxG6 +BCw3D/CE8s6DCnpb+eK1sVJwZ4E= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.hashsymbol.crt b/tests/data_files/server1.hashsymbol.crt new file mode 100644 index 000000000..9db73009d --- /dev/null +++ b/tests/data_files/server1.hashsymbol.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQDCCAiigAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA9MQswCQYDVQQGEwJOTDESMBAG +A1UECgwJI1BvbGFyU1NMMRowGAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J +v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB +Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl +XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk +65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP +cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA +AaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw +HwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQAD +ggEBAJcKcv/Xro61Sxm0GH42pYu7AvtD2b8nynvA8BW9gCHmiIHvHQWNO9NTMuno +1+HdzQVF1JxHC/A/hvXsczxGEc3jVnVeg1fwi8mZ/Fy1XtAVCTA0yJu7JTaaYbg+ +IU2y7Nu36FSOztLpOfHGmwVDoJ1+wCzG/id64hXwJRrHvUfGK4EvIsV97swhk2Do +zSAfDA9N+QNV4zeiF9mLMOpUhCUBq8r41EDqm9lM0wSd3HNen8jwO20F4F1b1dYm +L+bMarvUgHq91f128m2fF3sWNnz4RGoagSI/aOU/AP6Ksq8SUruGHpqrVWLClA6n +EyyTPlNTwYIRCydZt7zlsw1/4h4= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.key.der b/tests/data_files/server1.key.der new file mode 100644 index 000000000..88288d169 Binary files /dev/null and b/tests/data_files/server1.key.der differ diff --git a/tests/data_files/server1.long_serial.crt b/tests/data_files/server1.long_serial.crt new file mode 100644 index 000000000..1bd6955a4 --- /dev/null +++ b/tests/data_files/server1.long_serial.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDUjCCAjqgAwIBAgIUESIzRFVmd4iZqrvM3e7/ABEiM0QwDQYJKoZIhvcNAQEF +BQAwOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQ +b2xhclNTTCBUZXN0IENBMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0NDQwNlow +PDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRowGAYDVQQDDBFQb2xh +clNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkC +Hz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3P +kuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzD +tN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG +1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3Px +LaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p +26twEtxaymsXq1KCVLECAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TW +PynBdHRFOwUSLD2ovUNZAqYwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wDQYJKoZIhvcNAQEFBQADggEBAC9qt4BC8zKb5o00ZVtTX0XYKWchHKYSrHk2 +r+zfW8pRcSaTGRTtMGkF7vozFrCX4Pr4vCKXOYFKQ/UEpWv5WzW7nB0+Ja0g4gnc +9bLtg51n+IIG93ITGDm5+9YpsX6HsXSBpfY0vo9TwKg3bG1X26WG8j6m+V684hwV +yveRUIrSvvgVJOBSe5rhn/pLmcpbI0nkPBGlqPd10qWc0RYSrSAa3bq/dpoqR7hY +BGbbV1/9IgFhr2r44R17bhqevK3VhK4KOPRT5VMXjTh1iG4L13lIxBIuu+Lw0Pc0 +s+gQTGntA/sZkijC7mw0/q3nsRDKhHHXTDf2gjdUhMvFwYzmKBI= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.long_serial_FF.crt b/tests/data_files/server1.long_serial_FF.crt new file mode 100644 index 000000000..8094fd7d6 --- /dev/null +++ b/tests/data_files/server1.long_serial_FF.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTzCCAjegAwIBAgIRAP////////////////////8wDQYJKoZIhvcNAQEFBQAw +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xh +clNTTCBUZXN0IENBMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0NDQwNlowPDEL +MAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRowGAYDVQQDDBFQb2xhclNT +TCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1A +atVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGR +W+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/d +Bh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1Qkl +iXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj +/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26tw +EtxaymsXq1KCVLECAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynB +dHRFOwUSLD2ovUNZAqYwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8w +DQYJKoZIhvcNAQEFBQADggEBADYfhZU2lWxBamt7m3A4XQj6bZ4BZlabv5IbLI32 +nej6w/6/gsXPI85nfZqpIn6IYwAeDRdJo/eUqYkIdoy5DEP+50pgCGJK5HAoBWVJ +THKeVJn/vPH3Dz/CaCYQoHTmSi+ChfIhPh84UUdfVpv2qNInII4RxFlSAHUkRMbV +BX6imMSD5M508G6vWGUUc6G/sx/s7vtVeGGPyNOQPgwMTes60Mewpu9LKKaSwfqQ +DgEa8WzxPrPEyOUiIp7ClwlXe3JECHIjm445qmENgfY/8tlsyAdYKSkotfiuoUWb +daylD6QVUXn67loYDPZALghpDxmSm21VE7feTWOUbOpe14U= +-----END CERTIFICATE----- diff --git a/tests/data_files/server1.pubkey.der b/tests/data_files/server1.pubkey.der new file mode 100644 index 000000000..1a432a45e Binary files /dev/null and b/tests/data_files/server1.pubkey.der differ diff --git a/tests/data_files/server1.req.sha256.conf b/tests/data_files/server1.req.sha256.conf new file mode 100644 index 000000000..0d35818c1 --- /dev/null +++ b/tests/data_files/server1.req.sha256.conf @@ -0,0 +1,17 @@ +req_extensions = req_ext + +[req_ext] +extendedKeyUsage = serverAuth +subjectAltName = @alt_names + +[alt_names] +email = mail@example.com +DNS = example.com +dirName = dirname_sect +IP = 127.0.0.1 +URI = http://pki.example.com + +[dirname_sect] +C=UK +O=Mbed TLS +CN=Mbed TLS directoryName SAN diff --git a/tests/data_files/server1.req.sha256.ext b/tests/data_files/server1.req.sha256.ext index 3f26f09ef..1bb05da96 100644 --- a/tests/data_files/server1.req.sha256.ext +++ b/tests/data_files/server1.req.sha256.ext @@ -1,17 +1,20 @@ -----BEGIN CERTIFICATE REQUEST----- -MIICpzCCAY8CAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow +MIIDPzCCAicCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/ -DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAmMCQGCSqGSIb3DQEJDjEX -MBUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAHi0yEGu -Fh5tuLiLuT95UrRnly55+lTY9xchFiKtlcoEdSheybYxqk3JHuSSqojOFKZBlRdk -oG6Azg56/aMHPWyvtCMSRQX4b+FgjeQsm9IfhYNMquQOxyPxm62vjuU3MfZIofXH -hKdI6Ci2CDF4Fyvw50KBWniV38eE9+kjsvDLdXD3ESZJGhjjuFl8ReUiA2wdBTcP -XEZaXUIc6B4tUnlPeqn/2zp4GBqqWzNZx6TXBpApASGG3BEJnM52FVPC7E9p+8YZ -qIGuiF5Cz/rYZkpwffBWIfS2zZakHLm5TB8FgZkWlyReJU9Ihk2Tl/sZ1kllFdYa -xLPnLCL82KFL1Co= +DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaCBvTCBugYJKoZIhvcNAQkO +MYGsMIGpMBMGA1UdJQQMMAoGCCsGAQUFBwMBMIGRBgNVHREEgYkwgYaBEG1haWxA +ZXhhbXBsZS5jb22CC2V4YW1wbGUuY29tpEcwRTELMAkGA1UEBhMCVUsxETAPBgNV +BAoMCE1iZWQgVExTMSMwIQYDVQQDDBpNYmVkIFRMUyBkaXJlY3RvcnlOYW1lIFNB +TocEfwAAAYYWaHR0cDovL3BraS5leGFtcGxlLmNvbTANBgkqhkiG9w0BAQsFAAOC +AQEAclrNmmgAoa4ctwyBwD1T8jbyBeuxTf+ifc+MQ6pE7YuYSlanHE5l/CoVlW14 +lR5gA01pWJJ7T8RBvo25OqXbvMFSafeGXpSHOG69A6p/7YULtbPuS6uvtdR0m3t+ +2IacL0q5FsSmPw07RNfVGDFniKVqD8eAuYnhFztk0+uZVYD4xGezUckb2wTbzFpu +lUA/NhoWfCyV44TDR5fy23qNXywEhatDU/3nMmSJpBVy4y7J6BQVCl/fbyuKIOqu +0OVP+FvANSO46twA9+38hI+/nPuVwtbBvg1aLBMbLZ3Egi2uozokYFYL22JYNGJo +XORQgR66Sdrvfhiug+F5xmldCg== -----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server1.spaces.crt b/tests/data_files/server1.spaces.crt new file mode 100644 index 000000000..b77132a19 --- /dev/null +++ b/tests/data_files/server1.spaces.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA+MQswCQYDVQQGEwJOTDETMBEG +A1UECgwKIFBvbGFyU1NMIDEaMBgGA1UEAwwRUG9sYXJTU0wgU2VydmVyIDEwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFe +ib+46EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rV +QUN3Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2B +JV8KsVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUs +ZOuVm9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6m +T3Buns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMB +AAGjTTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKm +MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA +A4IBAQBsR3jOFh7uGF5MCvEK8DrSmmvcFJzMmTRp0hCMeb0wEULhrMKeRDIa2yvr +FrHHCUNAk2HjsjJevpCM8f3ibDqecckfbxE2vT9IUCmPrtOWmhQR/Il5TR9FvYns +4BF1KUPRqGUFAXoIN+xKcYdp+myIluGHumM4Bop7tAZ5gg68IV/UJh5RqShxiLgV +rxHzrp6oM1kn199m2wc1Twy2YwcNmfJDSOLV6K4xWjwcc8Eq+rLhuWUs5GNdrSEY +ZjWmF1AlbVVChU3Dl5XOAY8T6+wJst5RIwkf1Fl1TPCZX8FWzGM9HYiYW0cC7cno +IdSS7mVGxNrNe+6/Cu+zfqeiLdN2 +-----END CERTIFICATE----- diff --git a/tests/data_files/server10-badsign.crt b/tests/data_files/server10-badsign.crt index eca171f35..d4ac4b170 100644 --- a/tests/data_files/server10-badsign.crt +++ b/tests/data_files/server10-badsign.crt @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX10= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS0= -----END CERTIFICATE----- diff --git a/tests/data_files/server10-bs_int3.pem b/tests/data_files/server10-bs_int3.pem index b84cee7c3..d824c43f3 100644 --- a/tests/data_files/server10-bs_int3.pem +++ b/tests/data_files/server10-bs_int3.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX10= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS0= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- diff --git a/tests/data_files/server10.crt b/tests/data_files/server10.crt index 96a4040ce..52b5ea0ce 100644 --- a/tests/data_files/server10.crt +++ b/tests/data_files/server10.crt @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3-bs.pem b/tests/data_files/server10_int3-bs.pem index a9e06150b..9a82b1730 100644 --- a/tests/data_files/server10_int3-bs.pem +++ b/tests/data_files/server10_int3-bs.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWf0= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg10== -----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_int-ca2.crt b/tests/data_files/server10_int3_int-ca2.crt index 0df2c653b..b5852927c 100644 --- a/tests/data_files/server10_int3_int-ca2.crt +++ b/tests/data_files/server10_int3_int-ca2.crt @@ -1,40 +1,40 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_int-ca2_ca.crt b/tests/data_files/server10_int3_int-ca2_ca.crt index c25482b8b..3601a2002 100644 --- a/tests/data_files/server10_int3_int-ca2_ca.crt +++ b/tests/data_files/server10_int3_int-ca2_ca.crt @@ -1,120 +1,60 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 -----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny 50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/tests/data_files/server10_int3_spurious_int-ca2.crt b/tests/data_files/server10_int3_spurious_int-ca2.crt index c9d6715f4..87cc476b1 100644 --- a/tests/data_files/server10_int3_spurious_int-ca2.crt +++ b/tests/data_files/server10_int3_spurious_int-ca2.crt @@ -1,30 +1,30 @@ -----BEGIN CERTIFICATE----- -MIIBWjCCAQCgAwIBAgIBSzAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G -A1UEChMIbWJlZCBUTFMxKDAmBgNVBAMTH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTM0NzU1WhcNMjUwODI5MTM0NzU1WjAUMRIwEAYD -VQQDEwlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXq -oZyychmoCRxzrd4Vu96m47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeY -Bmskr22rlKjyow0wCzAJBgNVHRMEAjAAMAoGCCqGSM49BAMCA0gAMEUCIQDLc+Io -rg8VxEbCgVv8iH+kOIEn9MjhpvKzvwUoV+6rjQIgZU/RXAyc1a+H2+soGfNEIOBQ -AzO3pJx7WJAApZuBX1Q= +MIIBXTCCAQKgAwIBAgIBSzAMBggqhkjOPQQDAgUAMEoxCzAJBgNVBAYTAlVLMREw +DwYDVQQKDAhtYmVkIFRMUzEoMCYGA1UEAwwfbWJlZCBUTFMgVGVzdCBpbnRlcm1l +ZGlhdGUgQ0EgMzAeFw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBxt9+na +peqhnLJyGagJHHOt3hW73qbjs08F6G0QLjppN5eAOcF1/77OcAGsC19cFE1DPwBE +h5gGaySvbauUqPKjDTALMAkGA1UdEwQCMAAwDAYIKoZIzj0EAwIFAANHADBEAiBw +JW8c5xNiHIn83+Fx74JiW0IyRKe9TRN3w+MmfcFKwwIgWyjAp/xKOBaQ2ifRqXH6 +3mQUjQNFzHPFpWqjHCp0vS4= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -38,27 +38,27 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/tests/data_files/server2-v1-chain.crt b/tests/data_files/server2-v1-chain.crt index 84bb6b2b9..8ac003b30 100644 --- a/tests/data_files/server2-v1-chain.crt +++ b/tests/data_files/server2-v1-chain.crt @@ -1,38 +1,38 @@ -----BEGIN CERTIFICATE----- -MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD -ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI -UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 -MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx -ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI -p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj -+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ -4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva -i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P -6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG -3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc -ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF -53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW -GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 -o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== +MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD +DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI +UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0 +NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G +A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r +lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2 +2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ +Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i +GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb +y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3 +CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa +zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ +8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z +UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6 +VA+fctBdN0CW4jo+qkOif0l/F8Az -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0 -MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV -BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J -v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB -Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl -XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk -65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP -cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA -ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw -WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/ -WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3 -G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz -IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP -krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA== +MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK +DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw +MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH +dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF +kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185 +fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT +xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc +/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O +vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G +CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb +TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN +lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT +Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW +aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ +egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF -----END CERTIFICATE----- diff --git a/tests/data_files/server2-v1.crt b/tests/data_files/server2-v1.crt index 7ef7968f5..990cd4b52 100644 --- a/tests/data_files/server2-v1.crt +++ b/tests/data_files/server2-v1.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD -ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI -UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2 -MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx -ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI -p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj -+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ -4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva -i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P -6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B -AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG -3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc -ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF -53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW -GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3 -o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw== +MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD +DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI +UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0 +NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G +A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r +lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2 +2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ +Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i +GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb +y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA +A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3 +CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa +zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ +8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z +UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6 +VA+fctBdN0CW4jo+qkOif0l/F8Az -----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ds.crt b/tests/data_files/server2.ku-ds.crt index 3bd07d0fb..d1e1251d9 100644 --- a/tests/data_files/server2.ku-ds.crt +++ b/tests/data_files/server2.ku-ds.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDUxWhcNMjQwNDA2MDg0NDUxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAc4kubASrFXFtplkYp6FUcnUn -Pf/6laS1htI+3y+q1UHWe2PcagZtCHTCUGBSWLeUIiaIBheaIRqv+4sSFVuXB7hV -0PGXpO5btth4R8BHzGqCdObKvPujp5BDq3xgcAFicA3HUMNsJoTDv/RYXY7je1Q5 -ntVyVPeji0AWMUYQjcqHTQQPGBgdJrRTMaYglZh15IhJ16ICNd9rWIeBA0h/+r0y -QuFEBz0nfe7Dvpqct7gJCv+7/5tCujx4LT17z7oK8BZN5SePAGU2ykJsUXk8ZICT -ongaQQVQwS6/GJ6A5V8ecaUvFrTby1h9+2sOW8n2NRGiaaG5gkvxVeayemcmOQ== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3 +DQEBBQUAA4IBAQCcDy5VWW133eL1TesUkejziAz9QNBHvWkKNs0jF6+fRgWgFP5Y +EE87rQX0Z1XiyTDB4LdKfivRi3TMD7EX8o6q9C3H/ilu5anrgha8WziMrtv/s9IF +QjpyHdnXGoXmA9uDqQLtucR5yep3ux4mlwS8GG3IUkpkdysNOrVvSARm0ZagQ9tn +YZyEjGd8wP3jKYNJAB2OdnvX9OqBmEyvSmMucSidkMkdLrUcjmOtz+AkqoRGewwc +eClstlp8NEuP37q2KLYtbQMpio1Kzsr3PCey1UImKNjauypS2Dpzl1RnmBw+c5En +SdLMa+ns3odRhF0IvENDhz/mKZJvwtoz/NBz -----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ds_ke.crt b/tests/data_files/server2.ku-ds_ke.crt index ebee7e1c3..eb23245d8 100644 --- a/tests/data_files/server2.ku-ds_ke.crt +++ b/tests/data_files/server2.ku-ds_ke.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MTAwMjQ5WhcNMjQwNDA2MTAwMjQ5WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAnW7+h85xBP2KJzFSpWfGirVe -ApdC9bX0Z1sVMmD486N+ty9W6BP6kJRxLDX0fOuRc3x7mCy5qZg/Yj40+yQSoA0w -bTNwJjuR8iMqWIqLw9hWR+E9T4lYLZWyGJVjlVTkO4i5wifwhoJE9Doohh/6crn5 -ImWgEkgT/wDVIHoamciO6KU36d0iAEEP2eYgxv2/sVHvjjsseTdvYh3D3VuOmQtS -uUvFxc6H5kYoq/yodJWDaOn3RS8pEpDsiW+abcWyxNTPtHFroJV7e9aaVmhlRSzw -sYDyD/ZyIlavoPSEiD3LTT/Tp6BIpz+zb4WHOHLEvUCsZputqxPVcNoEAi9xuA== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3 +DQEBBQUAA4IBAQB6u7D3tAsB75aZEcUfv2XyeLX4P99mzx2yOBSsPaIDTRyv0XoT +vbgUA7viX/F7I8b2kc6ihRXSu/98c7Vr/uSm0LfV3VMgoAXBCWNg/5c/N3c0YnZ2 +imuv0yeXw5cJI3iYQJmllawdrGgOslfPuO7kqrFt3uGaylITpVLQ7w7iDpPbAFM8 +kPpO6CMyCFi6miQYoZchTTP9X3dpbpNdB2FlSVT55J6TIvH5x4t7XCFJuvYYJxrf +8I3UFR3OnBR625zUHXJ6uV8yHG5ze+4K2n9CHcyX7zuZ+bB0e8wIS6Xf99M+1ApF +ESvXwHI0Fu8s/PJ+leD28CRJQMuAOJIYBMnS -----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ka.crt b/tests/data_files/server2.ku-ka.crt index 90f7c4a99..ce97e8272 100644 --- a/tests/data_files/server2.ku-ka.crt +++ b/tests/data_files/server2.ku-ka.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDIzWhcNMjQwNDA2MDg0NDIzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIDCDANBgkqhkiG9w0BAQUFAAOCAQEAriPloIWfu7U8d1hls97C7OBI -OiE2xFh2UmuN/9hTK2CyW6MtBf8aG3l4jQDrsutHO0gUyoR67ug4yj+s+0S/zETZ -q6mPo7cBbVwjhGciQRiYgufFpdnbXR05HDgOVPK7qqjL6UOZnbu5caIEvIJgdwXn -n8WB9x/Ii4/2S9ysmRdRhDBYekzgH3Ac2UnHJTMh1XaSL817MW6B9BDKHt4xa7pW -cplDzrFKYbmxSSxzALE4Dr+zRvmDx4bcYpBkRRfOhnnR1caQBgaZzPcX/Vu+vw8e -qs2nyBW5RBu8MBCBU1DpqOSo6jl0QTpuq3NzQZIouG9fyckqDJS5ibrxQTutPw== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgMIMA0GCSqGSIb3 +DQEBBQUAA4IBAQAxJDMtlqpFHKw5ymqzgfnm0aY51PZOXpsPfoed7Vz2PzSB2eJ0 +JQc+QuLhippy8hnPmPZg/HQ/gedbxFKPiIiYEh86GvnBFozQ+c8sE0h6tJgVOJJi +ADUNeVJoq03WIroTMqAB0uW0rHB+OFm7uRwIDFr2gWVrKZKg/KsDrxtng2wPOgbU +xvPRtNyaOZjV0GjuBhWxpPTxXw27e5Mq3MS5B9piZgPXmam5lZdOe0LNrbQShfmP +4mk4drjdQaUrL3JLpLt8S4oihZU+dOHkYdZVHSAuuGikZK7qPfEdP/yrZTCgtY54 +vXxv47xT9L+pWtiTosBmsy/ewvWprVJIxLh3 -----END CERTIFICATE----- diff --git a/tests/data_files/server2.ku-ke.crt b/tests/data_files/server2.ku-ke.crt index 8daa0c13d..21e6cf040 100644 --- a/tests/data_files/server2.ku-ke.crt +++ b/tests/data_files/server2.ku-ke.crt @@ -1,21 +1,20 @@ -----BEGIN CERTIFICATE----- -MIIDijCCAnKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNDA5MDg0NDM5WhcNMjQwNDA2MDg0NDM5WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN +MIIDRzCCAi+gAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya -HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME -XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG -A1UdDwQEAwIFIDANBgkqhkiG9w0BAQUFAAOCAQEAqreLAIuxeLGKbhoEROYRqXxO -ndaC6uDcpxhgmEW7B2DW6ZtX8155v3ov61MuMas8fEQjD5STDP9qERxNTePnhW3m -kDZd2jUBE3ioHhTBv47i1PYU+DRe42kY6z0jUmNPK8TsTKfdbqTGXg9THe1KYB7q -hdljqGS08IgBl/q2lK2OOSycu27xhfb9Mo0BcLBab92WgyBu+cFPQsKiL4mD7QyJ -+73Ndb21EuANUjsRDQ3NPklssJcyJB2v85eekwk1acZUG21no3wdTvjxhVE/Xrdz -zUP9WkvAVfUrwGjUzG4YHE8wkHO7xKbKixNt+nQmDhe+tHVbztZjVwFJ8010gg== +HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD +VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw +FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgUgMA0GCSqGSIb3 +DQEBBQUAA4IBAQCeNpH2eSUXpq0CPlE6P1/bJW2f0vKFWMnZ6B3eFCdMCcKJ6LYV +BA1Dn5G5HEW4mBMJfyMwD5sklyEzQDCgIDjws+BRUflMr71AerfesHIGdW4jAw10 +aWwFMeszzZ54ZahX2GHPcwWfTccSf9tpSaRMlNBEIz8lfb2iEZ2HR9eAmAqYgtR1 +RbYcsNfC0oBYOCTRmvXi+wpGcUWn+VbIv6rHrQYnWXiPAuPJUqIpM0x9q0kT6NCi +LfdhaVV2DPnvBYGRcXX78JK5/MQt/sv4JSefRpvxpVQCmbo0amz7hUMHGCflAbro +FpyBlfcpj0lSRoaU9x0mCYzqwDYd+4NJZUGT -----END CERTIFICATE----- diff --git a/tests/data_files/server3.crt b/tests/data_files/server3.crt index ed0d696b4..46987c3ef 100644 --- a/tests/data_files/server3.crt +++ b/tests/data_files/server3.crt @@ -1,17 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICojCCAYqgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwODA5MDkxNzAzWhcNMjMwODA3MDkxNzAzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG +MIICXDCCAUSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBJMBMGByqGSM49AgEG CCqGSM49AwEBAzIABH0AoQyUhPABS38y67uEVs4O3RXmKKrBdUR7/L2QPB8EC2p5 -fQcsej6EFasvlTdJ/6OBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTkF2s2sgaJ -OtleQ7bgZH2Hq33eNzBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/ -pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQ -b2xhclNTTCBUZXN0IENBggEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjmSIjGKD1eH5W -4bl2MXfNIsTwc2vv/MAAhBzBEbTXd3T37+zAGPGjKncvTB+oufUVRGkoKbfoC6Jm -DYSEUuxtnUZOko/C//XlCEtK0TuS2aLEqF3gJjBJTCfthEdAhJCtmPAQDCzeKsdx -CoOtH0NQx6Xl64oDt2wYSQNWUTGLPfRpdsVEvBHhHYATQijkl2ZH8BDjsYcBicrS -qmCeN+0T1B9vrOQVEZe+fwgzVL38n8lkJZNPIbdovA9WLHwXAEzPv4la3w0qh4Tb -kSb8HtILl4I474QxrFywylyXR/p2znPleRIRgB5HtUp9tLSWkB0bwMlqQlg2EHXu -CAQ1sXmQ +fQcsej6EFasvlTdJ/6NNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU5BdrNrIGiTrZ +XkO24GR9h6t93jcwHwYDVR0jBBgwFoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJ +KoZIhvcNAQEFBQADggEBAKSCuGCXcpDrVwRVgHVlUsxACRDUH2QirsLFAUk1CGsR +SniBgWi+5KGK8fd3Tf+GkVeIZocaf7tnKm0YJg8W5QPDnwrMD2L1SjYFgc7r1G4f +579FOo0qRKdJabTV0e022XFyN77JJHAm8RkjZEnzUuW7k8/RohY8NBzh+KACyHOi +96DhGsBp9LG6QIKB1rxiNx4wq3WUygaMgImoaDRqgAFxJjwRBEhcsWtU2AmoOKdO +hzQp+EzEjn04+ScJpMzMF4FY+kLaz9PlvEO61aQuZsC2fUmk+M6q8xcBNEdoFNvv +0cOl5Liuewb32srAZWCMpbHFxaT9Nd3TxJwFxFCJpvc= -----END CERTIFICATE----- diff --git a/tests/data_files/server4.crt b/tests/data_files/server4.crt index 96b1aa772..2b4134d66 100644 --- a/tests/data_files/server4.crt +++ b/tests/data_files/server4.crt @@ -1,18 +1,17 @@ -----BEGIN CERTIFICATE----- -MIIC6jCCAnCgAwIBAgIBCDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKvXjL5VfYc7D/truqEpYcZcvlUhnuCNDJctYDJL -vgYYj5uxDxLHBXvnEHLgO5K+lps42p+r/dd4oE64ttRoeZZUvr+7eBnW35n0EpPA -Ik9Gwu+vg7GfxmifgIR8hZnOQkt2OjvvpChPCxvUailtB450Izh+mEK/hYFr+7Jl -NnxR1XQlbbyDM7Ect1HwYcuS3MBlBqq048J+0KEkQXICSjKeHFga9eDCq+Jyfqe5 -bt0K30hl1N0164B7aoh08Eomme+aSuAsz+MsJ3m7AO2DUYdrDxlrky1QrvRWWfX0 -d8djTM+uHTo1DviRM6o9+P9DfoFd53/Z0Km03sVLQWvUrhECAwEAAaOBnTCBmjAJ -BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTBuBgNVHSME -ZzBlgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkA -wUPifmJDzOgwCgYIKoZIzj0EAwIDaAAwZQIxAPWlxnMcjBaxaVieQYSLBqzizS3/ -O8Na6owRGPk0/UK+j5O9NTBHk+uXW/fQblKamQIwUQl4dl6gkRDE4rBR/yGjZZ1Z -3dEpvL2Wimt3keD7AcLpYB2FJ1mVcY1XQUeK1Vfc +MIICnTCCAiGgAwIBAgIBCDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9eMvlV9hzsP+2u6oSlhxly+VSGe4I0Mly1g +Mku+BhiPm7EPEscFe+cQcuA7kr6Wmzjan6v913igTri21Gh5llS+v7t4GdbfmfQS +k8AiT0bC76+DsZ/GaJ+AhHyFmc5CS3Y6O++kKE8LG9RqKW0HjnQjOH6YQr+FgWv7 +smU2fFHVdCVtvIMzsRy3UfBhy5LcwGUGqrTjwn7QoSRBcgJKMp4cWBr14MKr4nJ+ +p7lu3QrfSGXU3TXrgHtqiHTwSiaZ75pK4CzP4ywnebsA7YNRh2sPGWuTLVCu9FZZ +9fR3x2NMz64dOjUO+JEzqj34/0N+gV3nf9nQqbTexUtBa9SuEQIDAQABo00wSzAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBTAlAm1+0L41mhqYWjFiejsRVrGeTAfBgNVHSME +GDAWgBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDB +ek00E3uHPwnUDBVAPRJThsj2mQr/MSCTwRMNXnNlki9Lux0qGd6uvhp5v31I7V0C +MDiCHwEm55sU4gWrAxYVKVVV9qMTG2Moy4YnJDDlxwpyXPta5Ac2FV+0AbInBXSM +Bg== -----END CERTIFICATE----- diff --git a/tests/data_files/server5-badsign.crt b/tests/data_files/server5-badsign.crt index 0c6507233..b641f7019 100644 --- a/tests/data_files/server5-badsign.crt +++ b/tests/data_files/server5-badsign.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM2WhcNMzMwNTE0MDcxMDM2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S -C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V -fGa5kHvHARBPc8YAIVIqDvHH1A== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQDg6p7PPfr2+n7nGvya3pU4ust3k7Obk4/tZX+uHHRQ +qaccsyULeFNzkyRvWHFeT5sCMQCzDJX79Ii7hILYza/iXWJe/BjJEE8MteCRGXDN +06jC+BLgOH1KQV9ArqEh3AhOhE0= -----END CERTIFICATE----- diff --git a/tests/data_files/server5-der0.crt b/tests/data_files/server5-der0.crt index 08d8dd311..1e0a00894 100644 Binary files a/tests/data_files/server5-der0.crt and b/tests/data_files/server5-der0.crt differ diff --git a/tests/data_files/server5-der1a.crt b/tests/data_files/server5-der1a.crt index 015017b17..c14329882 100644 Binary files a/tests/data_files/server5-der1a.crt and b/tests/data_files/server5-der1a.crt differ diff --git a/tests/data_files/server5-der1b.crt b/tests/data_files/server5-der1b.crt index 6340d9e2e..698967909 100644 Binary files a/tests/data_files/server5-der1b.crt and b/tests/data_files/server5-der1b.crt differ diff --git a/tests/data_files/server5-der2.crt b/tests/data_files/server5-der2.crt index c6e320a36..56ad14c4a 100644 Binary files a/tests/data_files/server5-der2.crt and b/tests/data_files/server5-der2.crt differ diff --git a/tests/data_files/server5-der4.crt b/tests/data_files/server5-der4.crt index 4af05cce1..4ceed41c4 100644 Binary files a/tests/data_files/server5-der4.crt and b/tests/data_files/server5-der4.crt differ diff --git a/tests/data_files/server5-der8.crt b/tests/data_files/server5-der8.crt index 65be7dcae..07ffd2f74 100644 Binary files a/tests/data_files/server5-der8.crt and b/tests/data_files/server5-der8.crt differ diff --git a/tests/data_files/server5-der9.crt b/tests/data_files/server5-der9.crt index 4947f1f83..aa8f9a193 100644 Binary files a/tests/data_files/server5-der9.crt and b/tests/data_files/server5-der9.crt differ diff --git a/tests/data_files/server5-fan.crt b/tests/data_files/server5-fan.crt deleted file mode 100644 index dc1eb380c..000000000 --- a/tests/data_files/server5-fan.crt +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBdTCCARugAwIBAgIBTTAKBggqhkjOPQQDAjA3MQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxFTATBgNVBAMMDE1iZWQgVExTIEZBTjAeFw0xOTAzMjUw -OTAzNDZaFw0yOTAzMjIwOTAzNDZaMDcxCzAJBgNVBAYTAlVLMREwDwYDVQQKDAhN -YmVkIFRMUzEVMBMGA1UEAwwMTWJlZCBUTFMgRkFOMFkwEwYHKoZIzj0CAQYIKoZI -zj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/ -6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6MYMBYwFAYDVR0lBA0wCwYJKwYBBAGC -5CUBMAoGCCqGSM49BAMCA0gAMEUCIQDp/Q5FaVy3YNeJflQKLGycQZoH6V3FQnLq -ERUCeimLIAIgdyiA4KdHxkpQhC1L1KfmxG8YJqu31FBjmNw00Sv8J9k= ------END CERTIFICATE----- diff --git a/tests/data_files/server5-nonprintable_othername.crt b/tests/data_files/server5-nonprintable_othername.crt deleted file mode 100644 index 9470bbe9c..000000000 --- a/tests/data_files/server5-nonprintable_othername.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBwTCCAWagAwIBAgIBTTAKBggqhkjOPQQDAjBPMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxLTArBgNVBAMMJE1iZWQgVExTIG5vbi1wcmludGFibGUg -b3RoZXJuYW1lIFNBTjAeFw0yMjA5MDYxNTU2NDdaFw0zMjA5MDMxNTU2NDdaME8x -CzAJBgNVBAYTAlVLMREwDwYDVQQKDAhNYmVkIFRMUzEtMCsGA1UEAwwkTWJlZCBU -TFMgbm9uLXByaW50YWJsZSBvdGhlcm5hbWUgU0FOMFkwEwYHKoZIzj0CAQYIKoZI -zj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/ -6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6MzMDEwLwYDVR0RBCgwJqAkBggrBgEF -BQcIBKAYMBYGBysGAQQBEQMECzEyM4CBAIGAMzIxMAoGCCqGSM49BAMCA0kAMEYC -IQDATir07PTj5gtf+HAyI+nd27AH9+bdaWdOI2t2bAwUWgIhAO7kvdcsa++yfJdT -3vnWdvcHRIAdXA0kh+mcBMaXk9B0 ------END CERTIFICATE----- diff --git a/tests/data_files/server5-othername.crt b/tests/data_files/server5-othername.crt deleted file mode 100644 index 3be1a772c..000000000 --- a/tests/data_files/server5-othername.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBnzCCAUWgAwIBAgIBTTAKBggqhkjOPQQDAjBBMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxHzAdBgNVBAMMFk1iZWQgVExTIG90aGVybmFtZSBTQU4w -HhcNMTkwMzI0MDkwNjAyWhcNMjkwMzIxMDkwNjAyWjBBMQswCQYDVQQGEwJVSzER -MA8GA1UECgwITWJlZCBUTFMxHzAdBgNVBAMMFk1iZWQgVExTIG90aGVybmFtZSBT -QU4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5 -BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqIwmt3DVXNiioO+gHItO3/oy4w -LDAqBgNVHREEIzAhoB8GCCsGAQUFBwgEoBMwEQYHKwYBBAERAwQGMTIzNDU2MAoG -CCqGSM49BAMCA0gAMEUCIQCijdm1AfArx2p4cLCVciHCTE8UXRiTm8f85k4aNzzf -sgIgCdmLyfZB9jsSPH3A3O1GATAR3O9OTtEDC+YSc+lvxSw= ------END CERTIFICATE----- diff --git a/tests/data_files/server5-selfsigned.crt b/tests/data_files/server5-selfsigned.crt index cb5564751..0eafe7025 100644 --- a/tests/data_files/server5-selfsigned.crt +++ b/tests/data_files/server5-selfsigned.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzTCCAXKgAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV -BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy -U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY0M1oYDzIwMjQwNjE4MTEz -NjQzWjBHMRMwEQYDVQQDEwpzZWxmc2lnbmVkMRAwDgYDVQQLEwd0ZXN0aW5nMREw -DwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIBBggqhkjO -PQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/q -L9I0XV0WvYqIwmt3DVXNiioO+gHItO3/o0AwPjAMBgNVHRMBAf8EAjAAMA8GA1Ud -DwEB/wQFAwMHgAAwHQYDVR0OBBYEFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqG -SM49BAMCA0kAMEYCIQCf/bzFoge0pCOIrtHrABgc1+Cl9kjlsICpduXhdHUMOwIh -AOJ+nBHfaEGyF4PRJvn/jMDeIaH1zisinVzC2v+JQOWq +MIIBxzCCAW2gAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV +BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy +U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwMjQ5NTdaFw0zMzA1MDYwMjQ5NTda +MEcxEzARBgNVBAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNV +BAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqGSM49AwEH +A0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRd +XRa9iojCa3cNVc2KKg76Aci07f+jPzA9MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/ +BAQDAgeAMB0GA1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQD +AgNIADBFAiAXiJxDrd5aLzGB/Uc3kYBIBuSUIMGvol2c8EvwmF3zmQIhAPFrKMgA +s2awzo/PBB5gFTkDub88wRYwS1R9JPYCXUO0 -----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha1.crt b/tests/data_files/server5-sha1.crt index 73e2d1745..6c14183bd 100644 --- a/tests/data_files/server5-sha1.crt +++ b/tests/data_files/server5-sha1.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICHTCCAaSgAwIBAgIBEjAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0x -MzA5MjQxNjIxMjdaFw0yMzA5MjIxNjIxMjdaMDQxCzAJBgNVBAYTAk5MMREwDwYD -VQQKEwhQb2xhclNTTDESMBAGA1UEAxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI +MIICHjCCAaSgAwIBAgIBCTAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD +VQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0y +MzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5MMREwDwYD +VQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYI KoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDY IxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6OBnTCBmjAJBgNVHRMEAjAAMB0G A1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjBuBgNVHSMEZzBlgBSdbSAkSQE/ -K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFy -U1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH -KoZIzj0EAQNoADBlAjEAyjvzRWtxbXvkoYTYSQY9gFBpP7/wTZ2q6FbRiAuZULFt -lc0PMPDfVZChgA6iDH+BAjBdkOb73f2pOwZpMRqrOgqSynbt2uWY87mC5lRlNEoR -WXEv1AzIeBCv+81DN1Iuu4w= +K8t4tRm8fiTJ2/s2fKFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFy +U1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggkAwUPifmJDzOgwCQYH +KoZIzj0EAQNpADBmAjEAnbhJ4O/x6bcBgB0FnX44q9j9pjBYHN9ZK59bHxqerhyJ +12DlVbNoOonlkFYVUsgCAjEAmnUolKu+XUtS2is3d0M2V6cPwZxq5qI0+wBR79/p +NRjFOlyP69OWs9CI2cyYLbGc -----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha224.crt b/tests/data_files/server5-sha224.crt index 47b11688c..ad01b108d 100644 --- a/tests/data_files/server5-sha224.crt +++ b/tests/data_files/server5-sha224.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICIDCCAaWgAwIBAgIBEzAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDATA+MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMBA2kAMGYCMQCj0EyFUzDRmfokWzLVEWN0epR4/sZytfIeozp6BqWH -qaTBdAR2vthIKC7dKuUkg34CMQD6YtB2O9Vso79gbzSen2qh7gK7VvGE+31EVPbR -Ce/oNG/3OfhRSdn3FOvBBg2UErM= +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMBA2gAMGUCMQDlCvtvCAgJDiGQnqOYwzmeafyyNbpSRZwcpV84FSkm +pwKw2jTv3WaXujSNu7B62GoCME97oLBGSgiOMD5QUEdOjABkCV4E2slyvk4Gk71c +9e92VgA3rKPRXlvwACPsbFIQJQ== -----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha384.crt b/tests/data_files/server5-sha384.crt index 5d6a79b2f..7de6f8c5c 100644 --- a/tests/data_files/server5-sha384.crt +++ b/tests/data_files/server5-sha384.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBFDAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAzA+MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMDA2gAMGUCMQCnsd/6VB2kLIqMRsWdkJvRaQROyAg78CQExFEY3CMv -9t0kWRXPc4nCMH69RjQVvC4CMB4lk9A7hnX2zQy3bbUhOCOvXcsQdEe8AMgJBviz -5Nob2wThRqsm1wjCF60fyzXWuA== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMDA2gAMGUCMQDPV3rbJX6rigR5SJQGNzqfreq8Y3O+mlAQkuo9sicU +llVXjN3g41dOJmaEO2yHjMQCMCecXLQsYjQn2wPh/XyE+PL48Yp0+Y6+HEHCjLk3 +JOTQqo73a9xN+yhrud2ssT830w== -----END CERTIFICATE----- diff --git a/tests/data_files/server5-sha512.crt b/tests/data_files/server5-sha512.crt index 16112ac54..8bea8c2bb 100644 --- a/tests/data_files/server5-sha512.crt +++ b/tests/data_files/server5-sha512.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBFTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTYyMTI3WhcNMjMwOTIyMTYyMTI3WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +MIICHjCCAaWgAwIBAgIBCTAKBggqhkjOPQQDBDA+MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMEA2gAMGUCMFPL2OI8arcbRlKAbRb/YfGibo4Mwts8KX3fOuRCbXEn -pDWeb82kBqfXwzPJwamFOwIxAPGzyhWrxn0qEynWV5nzFK02PYBnYFgClISyyudH -HJGHtbEVRc5JA8ALnggaLVpuvg== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMEA2cAMGQCMEekbPD8GQQmK1uJ3wXgC/VdRdfmEBM/urkmXYINcHrz +E6xLpFE/jxZ0wb5SXteLtQIwZ8ZJIDLnxGciX/mtfx0dOII3bna72yRkGfT+0b/C +sj9KvVuQ0y1oaP9Rbg35dbcH -----END CERTIFICATE----- diff --git a/tests/data_files/server5-ss-forgeca.crt b/tests/data_files/server5-ss-forgeca.crt index 2265bf576..cf5bd6db9 100644 --- a/tests/data_files/server5-ss-forgeca.crt +++ b/tests/data_files/server5-ss-forgeca.crt @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE----- -MIIBlDCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G +MIIBkzCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp -YXRlIENBIDMwHhcNMTUwOTAxMTEwODQzWhcNMjUwODI5MTEwODQzWjBKMQswCQYD +YXRlIENBIDMwHhcNMjMwNTE3MDkxNDIxWhcNMzMwNTE0MDkxNDIxWjBKMQswCQYD VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3 zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI -wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0kA -MEYCIQDBFcXh+IloVYbMiHfCFhw6cYJsj7PZXuTdDMMkNbyJNAIhALz7fBVAMYz9 -/g48bLdYT47LOc9QNuaboLIxsq5RseJL +wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gA +MEUCIQD0f3GH9cEJ7cJWPIfwAL/1cGREqO//O/1XggWZv/clnQIgQmlMzGzuUDHq +/mTgGQ9ceSAB9B9im9rcgY6DRFZULnY= -----END CERTIFICATE----- diff --git a/tests/data_files/server5-tricky-ip-san-malformed-len.crt.der b/tests/data_files/server5-tricky-ip-san-malformed-len.crt.der new file mode 100644 index 000000000..a26da6ca0 Binary files /dev/null and b/tests/data_files/server5-tricky-ip-san-malformed-len.crt.der differ diff --git a/tests/data_files/server5-tricky-ip-san.crt b/tests/data_files/server5-tricky-ip-san.crt deleted file mode 100644 index 135830fbe..000000000 --- a/tests/data_files/server5-tricky-ip-san.crt +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBljCCATygAwIBAgIBTTAKBggqhkjOPQQDAjBBMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxHzAdBgNVBAMMFk1iZWQgVExTIFRyaWNreSBJUCBTQU4w -HhcNMjAwNzIzMTAyNzQ2WhcNMzAwNzIxMTAyNzQ2WjBBMQswCQYDVQQGEwJVSzER -MA8GA1UECgwITWJlZCBUTFMxHzAdBgNVBAMMFk1iZWQgVExTIFRyaWNreSBJUCBT -QU4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5 -BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqIwmt3DVXNiioO+gHItO3/oyUw -IzAhBgNVHREEGjAYhwRhYmNkhxBhYmNkLmV4YW1wbGUuY29tMAoGCCqGSM49BAMC -A0gAMEUCIFDc8ZALA/9Zv7dZTWrZOOp/dgPAEJRT+h68nD6KF+XyAiEAs1QqugOo -Dwru0DSEmpYkmj1Keunpd0VopM0joC1cc5A= ------END CERTIFICATE----- diff --git a/tests/data_files/server5-tricky-ip-san.crt.der b/tests/data_files/server5-tricky-ip-san.crt.der new file mode 100644 index 000000000..0bd06f845 Binary files /dev/null and b/tests/data_files/server5-tricky-ip-san.crt.der differ diff --git a/tests/data_files/server5-unsupported_othername.crt b/tests/data_files/server5-unsupported_othername.crt deleted file mode 100644 index b46fc2d96..000000000 --- a/tests/data_files/server5-unsupported_othername.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBtjCCAVygAwIBAgIBTTAKBggqhkjOPQQDAjBNMQswCQYDVQQGEwJVSzERMA8G -A1UECgwITWJlZCBUTFMxKzApBgNVBAMMIk1iZWQgVExTIHVuc3VwcG9ydGVkIG90 -aGVybmFtZSBTQU4wHhcNMTkwNTAxMDkxMDM1WhcNMjkwNDI4MDkxMDM1WjBNMQsw -CQYDVQQGEwJVSzERMA8GA1UECgwITWJlZCBUTFMxKzApBgNVBAMMIk1iZWQgVExT -IHVuc3VwcG9ydGVkIG90aGVybmFtZSBTQU4wWTATBgcqhkjOPQIBBggqhkjOPQMB -BwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0 -XV0WvYqIwmt3DVXNiioO+gHItO3/oy0wKzApBgNVHREEIjAgoB4GAyoDBKAXDBVz -b21lIG90aGVyIGlkZW50aWZpZXIwCgYIKoZIzj0EAwIDSAAwRQIhANkj6n9qHYVi -FLfb0IRZpIsvvuNCjSgT8yBLVjJYQj3nAiBffQKZ7y/F6rfon6L1GZU0BBja8BLX -rXp8WpY7Bc8myQ== ------END CERTIFICATE----- diff --git a/tests/data_files/server5.crt b/tests/data_files/server5.crt index 459742828..2eab9998c 100644 --- a/tests/data_files/server5.crt +++ b/tests/data_files/server5.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- -MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM2WhcNMzMwNTE0MDcxMDM2WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S -C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V -fGa5kHvHARBPc8YAIVIqDvHH1Q== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQDg6p7PPfr2+n7nGvya3pU4ust3k7Obk4/tZX+uHHRQ +qaccsyULeFNzkyRvWHFeT5sCMQCzDJX79Ii7hILYza/iXWJe/BjJEE8MteCRGXDN +06jC+BLgOH1KQV9ArqEh3AhOhEg= -----END CERTIFICATE----- diff --git a/tests/data_files/server5.crt.der b/tests/data_files/server5.crt.der index 08d8dd311..1e0a00894 100644 Binary files a/tests/data_files/server5.crt.der and b/tests/data_files/server5.crt.der differ diff --git a/tests/data_files/server5.crt.openssl.v3_ext b/tests/data_files/server5.crt.openssl.v3_ext new file mode 100644 index 000000000..594e90ad0 --- /dev/null +++ b/tests/data_files/server5.crt.openssl.v3_ext @@ -0,0 +1,3 @@ +basicConstraints = CA:false +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/tests/data_files/server5.eku-cli.crt b/tests/data_files/server5.eku-cli.crt index 8aa2e44a0..8d0455983 100644 --- a/tests/data_files/server5.eku-cli.crt +++ b/tests/data_files/server5.eku-cli.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB5DCCAWmgAwIBAgIBPDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTIxWhcNMjQwNDA3MTcyMTIxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAoGCCqGSM49BAMCA2kA -MGYCMQCzHyEvd56zm1AzfDBi3psz3rDL/m0RN2WnbRBQJxIJqjwEXOrKazko9m9q -owgau88CMQDuI0fsq5tnyiHPaDSAE21/6hlrCR6deNbwzB94OuPIbx1wIas9D1jc -//iSmKtbl8Y= +MIIB6zCCAW6gAwIBAgIBPDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDAYIKoZIzj0E +AwIFAANpADBmAjEAoC1Xxg8Xt3tvM2ZER4jCRv7iSYPWGgNtcYNJj3G0lb0PYi1l +Nd0cqdGxydhm7RJLAjEApAE8koD1ccIPnSFTagT7shOSz1/lOU4wwAWswcwolzt3 +xrvFlMoTeJx3sS3Zqdr8 -----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cs.crt b/tests/data_files/server5.eku-cs.crt index db97b403e..c00bc3bec 100644 --- a/tests/data_files/server5.eku-cs.crt +++ b/tests/data_files/server5.eku-cs.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB4zCCAWmgAwIBAgIBOjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMDQxWhcNMjQwNDA3MTcyMDQxWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMDMAoGCCqGSM49BAMCA2gA -MGUCMQC294oVK6fUjH/abI1xzytTusi8dl7518L0Y19q8zi9K19OtxzPK09h7xyy -gaJRvpUCMFS6hYhrht38yqwwhSVlnmTMVtira58mEUhL6v7Qzw1sz/Dm4aXkW3s6 -JQV1kqqbRw== +MIIB6jCCAW6gAwIBAgIBOjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwMwDAYIKoZIzj0E +AwIFAANoADBlAjBlMU7Fh18cel20P3rY7esvtPLDHQQKWSCO91XHHkZi1zRPq2px +nwVHayXnOS3CPRsCMQCQDYTyVMS8oEIrm0XPI6HrbCMUq2bhPwaYpelU/asOzYI3 +gOjGCDFHtyedJHVK0rs= -----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-cs_any.crt b/tests/data_files/server5.eku-cs_any.crt index 8fa8632dd..912d929b1 100644 --- a/tests/data_files/server5.eku-cs_any.crt +++ b/tests/data_files/server5.eku-cs_any.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB6TCCAW+gAwIBAgIBOzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMDU4WhcNMjQwNDA3MTcyMDU4WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jaDBmMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBkGA1UdJQQSMBAGCCsGAQUFBwMDBgRVHSUAMAoGCCqGSM49 -BAMCA2gAMGUCMQCSYaq/9IKOTkzIrU/eOtpha/3af3JwT6vKh4N3cSX62ksMz0GT -Uxmq4UGMBt4VmBkCMBGpYqof6hS1o92ltNRpDSHuVQ+nke1lOsoQ1plZp4SI+bY1 -bUD/WrUSLlwikZAeng== +MIIB8DCCAXSgAwIBAgIBOzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NrMGkwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwHAYDVR0lAQH/BBIwEAYIKwYBBQUHAwMGBFUdJQAwDAYI +KoZIzj0EAwIFAANoADBlAjEA89+l8gNC0H75Tzdz/75W6EjGSzZ3m50S4cK5jD6+ +ZZLpRcbIqPqMT2MNkCm7ImNpAjAlTkFLVCGnTNX/q7QWOrx8aPXXAeZtY5NFxd66 +EJJb+YHTQ80hZhLWX8/QaAJjniU= -----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-srv.crt b/tests/data_files/server5.eku-srv.crt index 64312f6c4..b173afcda 100644 --- a/tests/data_files/server5.eku-srv.crt +++ b/tests/data_files/server5.eku-srv.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB5DCCAWmgAwIBAgIBPjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTU0WhcNMjQwNDA3MTcyMTU0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kA -MGYCMQDQzjWB0xZs/8IsqJb7owYYtCiT17939Uuc/1yBF69pJRy7KV/qJlHNvlVu -qwWVTx0CMQDNW/0dlX1gU6ashrZv5Ly4sijg/g645fFpfMKCNXysEb9xiBeEj5de -2x5sX/0OSx4= +MIIB6jCCAW6gAwIBAgIBPjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYIKoZIzj0E +AwIFAANoADBlAjEAh+l47FmXR/nUxD8bfnS3sT+QTgc8pXUEqh/gXUs2xINVSoL+ +ZewgcNb2UanzCNheAjAnUY4b0M9YHp/eJjls5RzGX6JXtcWwn9JvO1HqMQnHthcy +hPEQ3lW7XG0DIQS1drk= -----END CERTIFICATE----- diff --git a/tests/data_files/server5.eku-srv_cli.crt b/tests/data_files/server5.eku-srv_cli.crt index 9f58fedd2..be2531ee2 100644 --- a/tests/data_files/server5.eku-srv_cli.crt +++ b/tests/data_files/server5.eku-srv_cli.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB7DCCAXOgAwIBAgIBPTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDEwMTcyMTQyWhcNMjQwNDA3MTcyMTQyWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jbDBqMAkGA1UdEwQCMAAwHQYD -VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r -y3i1Gbx+JMnb+zZ8MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggq -hkjOPQQDAgNnADBkAjAmQjJxxC82ZhBpH/GQkOQXDmaaV/JHRHGok1cWn3j3Xj8A -fqRZkp8JihpGIMse208CMFCMdNAfNd1tv+oPuynoK5Oh6/YlASX/otJT68voEIAN -SmsT1m9VPQMIyUo/3RtYjg== +MIIB8zCCAXigAwIBAgIBPTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NvMG0wCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MAwGCCqGSM49BAMCBQADZwAwZAIwHu/xjSqHK91yEM+KgEFGU8Xc3o9rEVrCBFeW +ChIa3slZZdG4OuIm06Tsabf0pBLHAjBYKjoUwWEuDOOQKbbJZG8gKDzMAgEpe/RW +wAjY7i6CzZ1NKfFQ9fQdwA+yjq2fnlg= -----END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ds.crt b/tests/data_files/server5.ku-ds.crt index 58dd0714b..dafff9b3d 100644 --- a/tests/data_files/server5.ku-ds.crt +++ b/tests/data_files/server5.ku-ds.crt @@ -1,14 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICLTCCAbKgAwIBAgIBLTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0ODM1WhcNMjQwNDA2MDg0ODM1WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEAzp4DkFMq7eDB0x5FeS9gYDaG -Ol8rVnWlRTLQzHZBQjKp+TcBdHZaBPoi8LyXtWA4AjEA6OWhsuTcv/qXOscQT0rL -eEh8wcCQeJK1uNd78lNvx3W0Pcxdb6cd7AhaAKgXL+r4 +MIIB4zCCAWagAwIBAgIBLTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgeAMAwGCCqGSM49BAMCBQADaQAw +ZgIxALHO0QR+4vz+fj4WwBQMa55oJDlp1J0PpqoJYKTf6DRx5rNuZxSbNu2wJQWz +MJ9ekQIxAMPo/Rhu4e9KRkEf9rYU9Ynd7t9/PCsXw4JZuxZfToURDsrAI/Pnqc0H +4+FA/EuPJA== -----END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ka.crt b/tests/data_files/server5.ku-ka.crt index 2447326c2..74a423524 100644 --- a/tests/data_files/server5.ku-ka.crt +++ b/tests/data_files/server5.ku-ka.crt @@ -1,14 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICKzCCAbKgAwIBAgIBLjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0ODUwWhcNMjQwNDA2MDg0ODUwWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIDCDAKBggqhkjOPQQDAgNnADBkAjACzKQ88/NvngMQBFc9rC484+gO -BRkXP28BqRcj8sBt3EfmEGH23BuhkZuB1OFZuMICMC4/pHgbOQtaY9WZPUROUVVZ -OuO6XsVbhiE0rb/mumqmUwuOrCtC/KFdvFZol4BNGA== +MIIB4jCCAWagAwIBAgIBLjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgMIMAwGCCqGSM49BAMCBQADaAAw +ZQIwCVbbPiS8MJUOz8JBmgLHojKDaJOd4lSfSak0GSl02UjT8OiNyRzA+FlFWO94 +YMjyAjEA14/ubZ1ZW3/0hkiFHzhTD2SXbTfYbhDZSq2PR+9sBlUrrx1GhzWw/cOD +3jZd4DQO -----END CERTIFICATE----- diff --git a/tests/data_files/server5.ku-ke.crt b/tests/data_files/server5.ku-ke.crt index 41ae5ada3..6b4e74e24 100644 --- a/tests/data_files/server5.ku-ke.crt +++ b/tests/data_files/server5.ku-ke.crt @@ -1,14 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICKzCCAbKgAwIBAgIBLzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTQwNDA5MDg0OTA0WhcNMjQwNDA2MDg0OTA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA -2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd -BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG -A1UdDwQEAwIFIDAKBggqhkjOPQQDAgNnADBkAjAMl0Cjv9f45bHeJTul5XpYeJeT -52ZaOLTa/uTLy948EnEIi6sj3nFb9fvsUbsOOjECMAXAMY64KOqzixefz3y3XS/d -9miyeArPOmXU2JJ3LGuNbqqj9IbABawB1OD8v8gRmg== +MIIB4TCCAWagAwIBAgIBLzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe +Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO +5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd +BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB +PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgUgMAwGCCqGSM49BAMCBQADZwAw +ZAIwezTY0tigIg6u1dFl90LHYcZ+lJK4BO5Y6U9pn952NFo24NsL8qnG4nxwsL3M +VvV7AjBQ+oZyKSyNp8XRAHYC6lERH7/Gh7HrVWyTRo9iPPL6tE4x/jE7jL9ifgl+ +F6982sk= -----END CERTIFICATE----- diff --git a/tests/data_files/server5.req.ku.sha1 b/tests/data_files/server5.req.ku.sha1 index 3281c9460..c73a0e27d 100644 --- a/tests/data_files/server5.req.ku.sha1 +++ b/tests/data_files/server5.req.ku.sha1 @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE REQUEST----- -MIIBFjCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY +MIIBFDCBvAIBADA8MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGjAY BgNVBAMMEVBvbGFyU1NMIFNlcnZlciAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD QgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/6i/SNF1d Fr2KiMJrdw1VzYoqDvoByLTt/6AeMBwGCSqGSIb3DQEJDjEPMA0wCwYDVR0PBAQD -AgbAMAsGByqGSM49BAEFAANIADBFAiEAnIKF+xKk0iEuN4MHd4FZWNvrznLQgkeg -2n8ejjreTzcCIAH34z2TycuMpWQRhpV+YT988pBWR67LAg7REyZnjSAB +AgbAMAkGByqGSM49BAEDSAAwRQIhAJyChfsSpNIhLjeDB3eBWVjb685y0IJHoNp/ +Ho463k83AiAB9+M9k8nLjKVkEYaVfmE/fPKQVkeuywIO0RMmZ40gAQ== -----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server6-ss-child.crt b/tests/data_files/server6-ss-child.crt index 3c6fd4d1b..fc28f34c2 100644 --- a/tests/data_files/server6-ss-child.crt +++ b/tests/data_files/server6-ss-child.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIIB8jCCAZmgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV -BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy -U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY1NloYDzIwMjQwNjE4MTEz -NjU2WjBNMRkwFwYDVQQDExBzZWxmc2lnbmVkLWNoaWxkMRAwDgYDVQQLEwd0ZXN0 -aW5nMREwDwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIB -BggqhkjOPQMBBwNCAASBWTF2SST6Fa2roDFuDu0zEfqRJVXBsMGcA3I+mLotpHI3 -iR9DN40fjjrY8FfoL0/JAKT323MPssYElNFAOzjjo2EwXzAMBgNVHRMBAf8EAjAA -MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDxZrEo+LvwCNi/afcvLnHqyiZlT -MB8GA1UdIwQYMBaAFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqGSM49BAMCA0cA -MEQCIAMlQ59/NW7S0hP1cu5OTD2zqT087bEmnIfOTBYfj8UFAiBBrrz2dipODVYx -vvTsQmSCzjrm+JtQQoWa+cdnAG3w5g== +MIIB7jCCAZSgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV +BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy +U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwNjA2NDJaFw0zMzA1MDYwNjA2NDJa +ME0xGTAXBgNVBAMMEHNlbGZzaWduZWQtY2hpbGQxEDAOBgNVBAsMB3Rlc3Rpbmcx +ETAPBgNVBAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqG +SM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJH0M3 +jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjYDBeMAwGA1UdEwEB/wQCMAAwDgYD +VR0PAQH/BAQDAgeAMB0GA1UdDgQWBBR+ZY8+MwMU5eG+YLLghX+M52ArezAfBgNV +HSMEGDAWgBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiAl +Y2yXg5sZunmo+McUBzvSao1wRxw+9XBSM+Dph5gfhgIhAPlI+lSvD4mzlBzn01Mg +0tMpKHbY34iadcMWBUgibMiA -----END CERTIFICATE----- diff --git a/tests/data_files/server6-ss-child.crt.openssl.v3_ext b/tests/data_files/server6-ss-child.crt.openssl.v3_ext new file mode 100644 index 000000000..dd9cdaa73 --- /dev/null +++ b/tests/data_files/server6-ss-child.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = critical,CA:false +keyUsage=critical,digitalSignature +subjectKeyIdentifier=hash + diff --git a/tests/data_files/server6.crt b/tests/data_files/server6.crt index 6df671686..51e439319 100644 --- a/tests/data_files/server6.crt +++ b/tests/data_files/server6.crt @@ -1,14 +1,14 @@ -----BEGIN CERTIFICATE----- MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o +ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn +KgfuCEF96BhSjLDXWKB4IFWaXUQ= -----END CERTIFICATE----- diff --git a/tests/data_files/server7-badsign.crt b/tests/data_files/server7-badsign.crt index 954b53a5b..e0d18b0a8 100644 --- a/tests/data_files/server7-badsign.crt +++ b/tests/data_files/server7-badsign.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK0 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO0 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/tests/data_files/server7-expired.crt b/tests/data_files/server7-expired.crt index a25ce4b07..9c423c961 100644 --- a/tests/data_files/server7-expired.crt +++ b/tests/data_files/server7-expired.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTA3MDYwNTA4MTQwM1oXDTE3MDYwNTA4MTQwM1owNDELMAkG +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTEzMDUxNjA3MTAzN1oXDTIzMDUxNzA3MTAzN1owNDELMAkG A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr -d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv -bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggIBAHcG1ysT8yImc0x3Z2O0SOtSYYjCPS1Gc89j -fWdBSoS5YhPHLgEjHQgDA6XdDNL0eUo3afhucEvSexhqLUABLu89cmi7ST+TsTEb -/lu8qZUgpa1bcMOk1+whl0JllfcDEq2y0aclkO0/6M6JftNNJ3egq2qVBDEszTtY -zcYZIr1o04TNp0fAtmPUH6zjpBkNB0DQyKFhgYPJNwTapj6ZDVi1zBK3wwFfZfgK -s3QvwhWNNbHL4B0sPec/6TiF5dY3SeUM4L8oAGdT7/ELE6E74rFyS/EpjJdVzXDs -FfQvUDPb6PJuWZbr4mNg/FANeGPa3VENcPz+4fj+Azi1vV3wD4OKT7W0zIkRZ+Wq -1hLFuwa/JCSHsn1GWFyWd3+qHIoFJUSU3HNxWho+MZqta0Jx/PGvMdOxnJ2az1QX -TaRwrilvN3KwvjGJ+cvGa7V9x8y9seRHZwfXXOx1ZZ0uEYquZ0jxKpBp/SdhRbA5 -zLmq088npt7tgi+LcrXydorgltBaGZA7P+/OJA2JkbIBBwdSjyfG6T07y4pgQ90h -CeRqzu4jFcZE7mjpTdEyxAQRJa2dhHkhFB7Muq7ZTi3jlml5LZnlbUdPlR5iTgOU -yueZsAAEb//A6EU008WmG/K+EY230JxEUzGNf2l1j1H94HcP9OwjY4bn2PJdVzcb -B8PmaiMB +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBAHX0pu54c8rk2F76lxnMKuS+C3Kiwab0KxII +ZkpAgpk5sj2KxiGrNLDhK0ZGjVlVuUjauySVuBUfrr8GfjQ1xE7RUrxwBrEU5fVs +FHKscBF58AaIXIPf5xIuCdc2C487Leuu+LIbGsg9EvKq/pg7avIB9hSjvwn5W3m3 +3o8eL/ahD4t5rh8r7hKptY+7dqeraBrmCnitxsRQToMV+jy2RCGD3vYUDxyJc3x+ +m3o7nWGreyLCqPCRgeEh9RKbbhygcoBtdjojZABZmlGa9BO72hK5lhy2a1QiIOiL +OoBgDFf8gVo81MX02RtSQISZLq/hJ8smtil8oaKgJ+VyGjfCR1uZY7RpaEfP4U+R +tX8gqt/4TJ4mIJOv4xL12XsV65rZuB7+yhZ6rqWRlZx9Aa4/GqxIbALrQPs17uRX +41TPIdz3Pjq3w3x3bdGxbyF0TvJRaeobB60KHlrm6DWltY7k2Ucju9oTko6bJLgp +rCRC1JkTXzWS3jZDqULTVPxDsZjVRqwEl46PPe0gSloB+h/ulq8rNIG1snWTGdNQ +Bovbko9lFHA8md8f7ZULQ6pB8SV/LH2qufSsWb5LY9ZfHUprwH2oBQ+A9eYkk5ZR +LJC879ZC8w8LMQfBGT22fLnOJ2qS6GyguB+y17beF8RMgFpiFTzoD1nPQAd9cyGY +b2ta+9o9 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/tests/data_files/server7-future.crt b/tests/data_files/server7-future.crt index eeb596fc2..b725eb734 100644 --- a/tests/data_files/server7-future.crt +++ b/tests/data_files/server7-future.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTI3MDYwNjA4MTQwM1oXDTM3MDYwNjA4MTQwM1owNDELMAkG +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTMzMDUxNzA3MTAzN1oXDTQzMDUxODA3MTAzN1owNDELMAkG A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr -d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBv -bGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC -MAAwDQYJKoZIhvcNAQELBQADggIBAHF4y9PmCUF1yOlBIUCUAAFMZmXJwOGsMNKI -u0+At0sbs+W8J06PVyYt4UxL4TyIxHM6SOvKndFdCQxG7NQY0KU+HBdLVUM1iZy0 -Kopg7yHvEAZ0YWPptgCd10C/wmTz0b0R3cxhSb8FZjlBjNB7dJKhRQsh0za+GMx/ -LXunH/t0oP5an4yO3zTog+4+7bDGGEY7SymQJ9Z8t2gdZpn/r60j9IGhL5XI2BS/ -+cU96DMF3cMmFk24vAfduYicKc8KowhUpGCsIP0bl+TY8Vq6kepBA2lnj7/YOkDs -/f+wIS/Id/hdw9KxRUPX+cQLUt0/C7JktDVudZ5zLt1y0A971R+23ARtJGUBJGSp -5tkVX8+hK8sT6AVOkcvA51IOBsVxmuoWk/WcjBDdOjyIK2JFdbcJYvR8cpRbL+j8 -HdQEu+LorvGp28m3Q5mBTKZLKgyUeQWrbYDqeub1OvYYkuvZPZWFEDP2VYcS7AXN -IoUSTcMyhLNuncQl/z0Jbkto59+il6cQ2HIqkubLBk2X8uwMw2tloROlmklweHqR -ta6aRlLxBMgccJpK7cU5H8TMb6aR9GJGyzQJ2vET3jPBq/uEwbvK8HRVJ7Ld68k6 -ZMCwXGdTeYuDWt0ngAhf+i+GNexJRSLvzRGt18DOrpmj2X3naarNSTfRArm4EINW -WKW7hd8h +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBAFgzS8NNGRayelUleAee5udbk9+fkkxvYA/p +QEaD+UvuSmgJ7iEU0gx6cJ2RcEbg/NqgrMBni8ayiGptOZRTq4j8bPcrZZCrcsvO +jFk/yXwWIv1hRofQ8wBynPOgbtPJ5J7zYkE0sqXbAPOWeNdya+R0CuSex5DW9kj/ ++tiXGXdGiLKu/FOC9tedfsu67a+ZEK0Q3rbFqsWpHdQcKIEN4A18xPBXNtx/DJuq +0+fcjtIsigpRvLbLSFuvSI5vWP1MFyuMDTLYVKN1PceRg2yxpKecKbsDpeSRX3R9 +Fs444mDSJs75i8fkdXS4GLXfJjJOft3HbRtEEznF5sITppjr40PszMvOj2njWPPn +o3ECca7HbhuhtqIGfM5+2mCwPgmm7fEmYILVYgTihFfPKUhGUKN+4Qp75gOzMKds +7t8NRFTKPEpFmicc1wKfEsp22UWC6azyTu6iVByWlt+fojFbdHjvxDY8iIqBFU6/ +44uLMTxu9r9gMSZK9sX7vGIgeER3RnArP0ZSxAvoxG3lu+QQXwItxnTKQnA3CDra +MkmwSM5kMewO/Ub1bgkdQ3j/DD0uSwreEdg0fvxaAJIH2N/lOFUWPrzbg8TJR1Sb +ohctT+uAKoPQrxsZuSdrz9QHOdgkPR6gp9bdnXkZSa9jGX7Pd5Ur5LDEXljol1ZL +T97oaKB7 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/tests/data_files/server7.crt b/tests/data_files/server7.crt index ed087ef61..c5c2cb8c5 100644 --- a/tests/data_files/server7.crt +++ b/tests/data_files/server7.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca-exp.crt b/tests/data_files/server7_int-ca-exp.crt index fc0051772..a3a8f69dd 100644 --- a/tests/data_files/server7_int-ca-exp.crt +++ b/tests/data_files/server7_int-ca-exp.crt @@ -1,30 +1,30 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwNTE2MDcxMDM3WhcNMjMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX -Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep -773Ap7Gxpk168id1EFhvW22YabKs +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAJH0e4fySJI2nJt1Knd+yU7zn1jTFDAABJMbndhR +07OSM6vwUaGSMVatSzr8ah+UDgIwaI/MBcorSxT92jAQb1W5dJkEudoYSg49fjAf +z0BtLCVhFwQlrzCqgXC98SGfT6sZ -----END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca.crt b/tests/data_files/server7_int-ca.crt index d3ddc46a8..cb108a46f 100644 --- a/tests/data_files/server7_int-ca.crt +++ b/tests/data_files/server7_int-ca.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,9 +39,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/tests/data_files/server7_int-ca_ca2.crt b/tests/data_files/server7_int-ca_ca2.crt index c289c0aad..097447fd0 100644 --- a/tests/data_files/server7_int-ca_ca2.crt +++ b/tests/data_files/server7_int-ca_ca2.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -39,24 +39,22 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/tests/data_files/server7_spurious_int-ca.crt b/tests/data_files/server7_spurious_int-ca.crt index 632c4fd13..fdc114623 100644 --- a/tests/data_files/server7_spurious_int-ca.crt +++ b/tests/data_files/server7_spurious_int-ca.crt @@ -1,49 +1,49 @@ -----BEGIN CERTIFICATE----- MIIDwjCCAaqgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJt -ZWRpYXRlIENBMB4XDTEzMDkyNDE2MTIyNFoXDTIzMDkyMjE2MTIyNFowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw +MA8GA1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJt +ZWRpYXRlIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owNDELMAkG +A1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3Qw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcbffp2qXqoZyychmoCRxzrd4Vu96m 47NPBehtEC46aTeXgDnBdf++znABrAtfXBRNQz8ARIeYBmskr22rlKjyo4GVMIGS -MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNIK06V3H85VsFxGoo5zbL+hYCa7MGYGA1Ud -IwRfMF2AFDh32Gt3nCh3gotO2BupHveUFrcOoUKkQDA+MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC -AQ4wDQYJKoZIhvcNAQELBQADggIBADRoQ5fHKw+vkl0D3aqLX1XrZidb+25AWbhr -FYXdaskN219PrXBL3cV8x5tK6qsPKSyyw1lue80OmhXs/w7PJkOHHUSWRnmTv7lr -8Us3Zr/yOF/VVqzdGs7DlOTpyzEBdugI9uar/aCqHDoltN8wOduOoQB9aojYpROj -+gjlEO0mgt/87XpjYOig1o0jv44QYDQZQzpj1zeIn6WMe6xk9YDwCLMjRIpg++c7 -QyxvcEJTn80wX1SaEBM2gau97G7bORLMwBVkMT4oSY+iKYgpPpawOnMJbqUP73Dm -yfJExDdrW/BbWZ/vKIcSqSZIbkHdkNjUDVHczyVwQxZxzvLFw/B1k9s7jYFsi5eK -TNAdXFa4et1H2sd+uhu24GxsjmJioDrftixcgzPVBjDCjH8QWkBEX292WJ58on0e -deWLpZUnzPdE1B4rsiPw1Vg28mGgr2O1xgBQr/fx6A+8ItNTzAXbZfEcult9ypwM -0b6YDNe5IvdKk8iwz3mof0VNy47K6xoCaE/fxxWkjoXK8x2wfswGeP2QgUzQE93b -OtjdHpsG1c7gIVFQmKATyAPUz4vqmezgNRleXU0oL0PYtoCmKQ51UjNMUfmO9xCj -VJaNa2iTQ5Dgic+CW4TYAgj5/9g9X3WfwnDNxrZ0UxxawGElczHXqbrNleTtPaKp -a8Si6UK5 +MB0GA1UdDgQWBBTSCtOldx/OVbBcRqKOc2y/oWAmuzBmBgNVHSMEXzBdgBQ4d9hr +d5wod4KLTtgbqR73lBa3DqFCpEAwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBv +bGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBggEOMAkGA1UdEwQC +MAAwDQYJKoZIhvcNAQELBQADggIBADU9ZyZWfX1T1Pi0PRBeqpm52pehUX2wMsyi +KudSpLeN++eS9p/R0hpNuB8WvZcsFy/qul0djPARKGpYgYTZQvOQ10VcY40jxttm +ETScnnqKH2lMr0asOpM31kKt/ghJS0njUhI9NY6yAI2XhcDzItSpqOhn6YLC3mrW +DIyBCksLKEu8x/KpRbvj3QK1ez3cHItoxCCe9gy8tMEwb8FE15dtDuL7G7iRb4Dh +VyL6qzBRvJP9AcQKT4PTaOMwu8O+hClDvLllJzCkJX4qZmQr3jwO8Emi9dvQ87ZF +cDpLbxqIgtRF8lkxn00UuhuugMgM8ldTd/aRxZrddIgFVNmEdWIWBu5ZTWmBM/FH +aguuZr3mty7Jh4XZJ0RZ4H7XaYzoVnCK9cA5koRv/gtSQdDh8BiYlJwWx8adqygo +fibinQnIOhZ4HcnlTDshsb5eY+GtkSLmc8735V5rtEt7zrtahFT5I7r2X6dDiPdD +Blvb9/5gIMC3fy0NZigDueBOYF78kpxqMRknt6x86irVdbRXw1fpVux24cfTDc/u +5Eat4YFfM1eKZnuOETumPOoa27jvcYTPMOsUN8+Q8Os6SDkJC8e2obedQoffQC06 +1Xzri3HOHzZrPHLGkwAFNYBynl1/wxGu0vPlmpzJDzc7y0e1FgKqD6YadAQM+APA +ZKasihO3 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBABN3b1ltNlBQ9PhwJhxBWENlMNdy1vyKBGH3EdZ7w4uHJJOm +w8JS5p/B5+9fDIIOThDr80hLq4QOQVJhxAT1/Zsb2OzsTxc1BaCNbBv2Y+FyFcpL +I8EjMF+gnSgbs46kGKce1EJNrZrkvpCngtNj7qqg9qnPXd1en0z349xHJPmYuWEb +9sHdVlwnebPm1n9u1NzpktAChb28UFnBYTWraZCtMBMozuMhz6mo66XOEyH06Ypa +QPOlBmbgW/e+fuXow41QUqP2tvVL6MsmSZFWk8hr45rNRzeTok1M5bW91sZ78We5 +95m3T6IE+qpj2/RILncwy7vWBlFzbuiIA3eSJa8= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -57,9 +57,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/tests/data_files/server8.crt b/tests/data_files/server8.crt index b435b2deb..515b17b3c 100644 --- a/tests/data_files/server8.crt +++ b/tests/data_files/server8.crt @@ -1,18 +1,17 @@ -----BEGIN CERTIFICATE----- -MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 -quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB -ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q -AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr -u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb -J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA -J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz -2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh -2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== +MIICqTCCAi6gAwIBAgIBETAMBggqhkjOPQQDAgUAMEsxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEpMCcGA1UEAwwgUG9sYXJTU0wgVGVzdCBJbnRlcm1l +ZGlhdGUgRUMgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQsw +CQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9z +dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANscfy4Lzb/O0XUQoKK4 +zn2q4gXgethEY4+1vcCwGbk3uBlKDvFddIBnRocG3lt/BgO9wY1eBxXUW/Tc5c89 ++cERLK5quYq9HWdmF+pOvdsVmoKH5PB4w6OFh7D9n6mZX+Mz7MzqC7VhXvFJfj+j +LeoBDMxCmnabxNA307EXAWEBFll+HBfDU/3RcstMYBXafeLqrVDvjuKL1Gp3VdZw +2Wu78e45BDijveLR4GZr4pxHmeko5rb8LspnQ4To1YPWnZhrAT6B3Dx6yvnznPfW +KBsneHzD0NVjp4E0ia0lar3y6u36V/zlNMbBD3Et0ggQG61EQeD+eaBjk4qxXemw +7m8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA +J2F2Dx0wHwYDVR0jBBgwFoAUD4m9Y0Hry14XKP9oMD3BiNCcWDkwDAYIKoZIzj0E +AwIFAANnADBkAjA3KJ1/SvOZnpmtqturkt+0DhQIXGMRDPnPksCuy/wqGHR8DsWS +dEa7PQEgrbA60HoCMCpH2fYtcAfhg5gGg+QxmVsUIt/9Gd9syQlnX7wNCfweUeSS +MxG1isOdUiQTajM1TQ== -----END CERTIFICATE----- diff --git a/tests/data_files/server8_int-ca2.crt b/tests/data_files/server8_int-ca2.crt index 7a8da717d..e99727d36 100644 --- a/tests/data_files/server8_int-ca2.crt +++ b/tests/data_files/server8_int-ca2.crt @@ -1,36 +1,35 @@ -----BEGIN CERTIFICATE----- -MIIC6zCCAnKgAwIBAgIBETAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTEzMDkyNDE2MTI1NloXDTIzMDkyMjE2MTI1NlowNDELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3Qw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbHH8uC82/ztF1EKCiuM59 -quIF4HrYRGOPtb3AsBm5N7gZSg7xXXSAZ0aHBt5bfwYDvcGNXgcV1Fv03OXPPfnB -ESyuarmKvR1nZhfqTr3bFZqCh+TweMOjhYew/Z+pmV/jM+zM6gu1YV7xSX4/oy3q -AQzMQpp2m8TQN9OxFwFhARZZfhwXw1P90XLLTGAV2n3i6q1Q747ii9Rqd1XWcNlr -u/HuOQQ4o73i0eBma+KcR5npKOa2/C7KZ0OE6NWD1p2YawE+gdw8esr585z31igb -J3h8w9DVY6eBNImtJWq98urt+lf85TTGwQ9xLdIIEButREHg/nmgY5OKsV3psO5v -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA -J2F2Dx0wYwYDVR0jBFwwWoAUD4m9Y0Hry14XKP9oMD3BiNCcWDmhP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBDzAKBggqhkjOPQQDAgNnADBkAjBkP1bGlZvxnYySZjdBq4m8lkyz -2cjfqjYs8COEkRkONaVz7888HvFdGpL98uQeFvECMHCyCrHprkGzvq/L9kUnx9Bh -2IHbCzbbi9moYC1XcOxgfsEKmhtVF/uQdf8+3VtGqA== +MIICqTCCAi6gAwIBAgIBETAMBggqhkjOPQQDAgUAMEsxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEpMCcGA1UEAwwgUG9sYXJTU0wgVGVzdCBJbnRlcm1l +ZGlhdGUgRUMgQ0EwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQsw +CQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9z +dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANscfy4Lzb/O0XUQoKK4 +zn2q4gXgethEY4+1vcCwGbk3uBlKDvFddIBnRocG3lt/BgO9wY1eBxXUW/Tc5c89 ++cERLK5quYq9HWdmF+pOvdsVmoKH5PB4w6OFh7D9n6mZX+Mz7MzqC7VhXvFJfj+j +LeoBDMxCmnabxNA307EXAWEBFll+HBfDU/3RcstMYBXafeLqrVDvjuKL1Gp3VdZw +2Wu78e45BDijveLR4GZr4pxHmeko5rb8LspnQ4To1YPWnZhrAT6B3Dx6yvnznPfW +KBsneHzD0NVjp4E0ia0lar3y6u36V/zlNMbBD3Et0ggQG61EQeD+eaBjk4qxXemw +7m8CAwEAAaNNMEswCQYDVR0TBAIwADAdBgNVHQ4EFgQU4j/mLfTnuKaM3G0XpxhA +J2F2Dx0wHwYDVR0jBBgwFoAUD4m9Y0Hry14XKP9oMD3BiNCcWDkwDAYIKoZIzj0E +AwIFAANnADBkAjA3KJ1/SvOZnpmtqturkt+0DhQIXGMRDPnPksCuy/wqGHR8DsWS +dEa7PQEgrbA60HoCMCpH2fYtcAfhg5gGg+QxmVsUIt/9Gd9syQlnX7wNCfweUeSS +MxG1isOdUiQTajM1TQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-mgfhash.crt b/tests/data_files/server9-bad-mgfhash.crt index 34ef69e03..ad299423b 100644 --- a/tests/data_files/server9-bad-mgfhash.crt +++ b/tests/data_files/server9-bad-mgfhash.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3 -Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg -WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV -H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW -KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9 -uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28= +MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDeMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwODM5NDhaFw0zMzA1MTcwODM5NDhaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lfp869UTBj +BgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMC +TkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENB +ggEDMAkGA1UdEwQCMAAwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA3gOCAQEAaQlf1GPhvPHp +hFgTdIB5x5zACVb4a4ONuySVckfMpWk2nlkRSu3Kgv4j8l/jfNpfr+we4lG72xEn +FV3em8dEzxvXd5jXCfR/hWJKYVoWh0055qWw7FpG20vRFKttU8UFclL7KvMs4InZ +vDpbPs5EwBQXTg/manL9TD9t/zqWAUJj1yHWiIISYzfWmsaoTi8jNxSR1+lkmPPP +ZWQwyUJrh82Mw3VwNGxXOfpGIwmjXPia8MafjjH/RtHNx7ukCk+6q1ZlH57NolZJ +dlQTJv21+vxyYr6GZdHXzdJwWMnFSof6VGwayNzetSnVhJb0SQqTBt8Vu5xQtXGa +QcCjGyCAIg== -----END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-saltlen.crt b/tests/data_files/server9-bad-saltlen.crt index f4da8832f..45bf20e27 100644 --- a/tests/data_files/server9-bad-saltlen.crt +++ b/tests/data_files/server9-bad-saltlen.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam -hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl -XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD -yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r -YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6 -JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is= +MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MjIwNzMwMDZaFw0zMzA1MTkwNzMwMDZaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAlQo9OnchZbLQ +PTXs9NgXDoQb4JvUG/Fsq09/e8ivWaHkE7mKeNRrP8qMdAw914Bs1NQf9F75CWJe +5YtmLcE5gSbVj3qa6zVuQWEcrseKz6wpAFLsHKbF6kKfUgcI56xmD2DhhIHny+5B +9ObM0RQpCmAYXjU2CvknXeBzpX2cGOLD/Nexk1oBF6PI0rDUBqg3cexsJ5XfJwYg +tkjkZ321s9N09BsioauH6d9x9/Ysz7Qp7Bqpb1E7dV4bDuT5vwPWwPIUAav897Vt +s0uMZHoVasj57UwqDv8tm0db6f2VOL7r5GBMjbp6newW8Me47uXSBXKy8tFJMolj +yKuEQkKKyA== -----END CERTIFICATE----- diff --git a/tests/data_files/server9-badsign.crt b/tests/data_files/server9-badsign.crt index 9e565419e..8656b1a47 100644 --- a/tests/data_files/server9-badsign.crt +++ b/tests/data_files/server9-badsign.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO +TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCFG +qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw +YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6 +imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344 +/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy +SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7 +loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP +Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi +UYUZ4RiwG1/0 -----END CERTIFICATE----- diff --git a/tests/data_files/server9-defaults.crt b/tests/data_files/server9-defaults.crt index 4ce5c8732..8613f5237 100644 --- a/tests/data_files/server9-defaults.crt +++ b/tests/data_files/server9-defaults.crt @@ -1,19 +1,18 @@ -----BEGIN CERTIFICATE----- -MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B +MIIC+TCCAeGgAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7 E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC -AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf -p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG -A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU -ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy -/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm -f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd -jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a -69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS -BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B -09JqWv4DoLNnwg== +AwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEwYwYDVR0j +BFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREw +DwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBDQYIBAzAJ +BgNVHRMEAjAAMA0GCSqGSIb3DQEBCjAAA4IBAQASsc5y7sDP4prOLGAl2EB5d+Gg +w/Vk9+g3KXpeIUCL6gmECNLENmmBe6zZR8/Ax6R1hUe/Cbflepxsx627Eg29NCZK +Bo/AQoz658kwEzr4jhF8M6y9sdsf5/OauoRxDLcMEywIkgmuFvZIpyEwXix6arsK +mNWnW0FwSr2NaXozD7OquGwTEAvAbtei+5JAeVvvGi1u32D2JPVHk3zv05LXtx8b +8bEmzZLthFk3GbSkGHC3K5rjNgTMwY0BhNBW6qFyY5mL0bHVDbZQxD9RRwDifGty +fTo7odJDAHU1xucWF6dOU5nAqiFKlc3eITdBKt+d10yBSr7qXciHkHpAzCvh -----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha224.crt b/tests/data_files/server9-sha224.crt index 1b05f313a..ed648c8c0 100644 --- a/tests/data_files/server9-sha224.crt +++ b/tests/data_files/server9-sha224.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo -PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm -g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm -uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR -B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe -l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCBAUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDiMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4gOCAQEAjG73ZOe2pQn6 +jqiTHALGM0IG8BBCamo3gzbCjZPz3ZnTpZii1pQSFPGEBaKCgrtKrjvoP21ZDUnq +3HjTUzGtGbHk3h+UJcVYgFuONidguUDaALGtXIPWUlqBBeJL+Y+01zJRnMpC2hV7 +JUOM3es02te8RM6srCdW1fP9x+Lx4G2Kjj7kEzKafEbwFesS4LbBXsWkID8xDPHO +DLKvg66tPeksDBT4n7f7H51eNlyIwwMDKTc+N9Ri5OeW1HOqtbyo/yJlHvQqnCld +E8gW+AVoeZmN6n/4yemnCEkFRqgbRSIGVoPmOY9d/FfGLmClcaZFPcH+w1JDhF71 +3egYnUY/9g== -----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha256.crt b/tests/data_files/server9-sha256.crt index 7d0aa3956..ef37b3f6a 100644 --- a/tests/data_files/server9-sha256.crt +++ b/tests/data_files/server9-sha256.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg -3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 -yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H -V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE -0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu -zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAXcWlfbIjRJX3 +eCkj03eKLvhawFndN6mWMOTVvr20Vdhhn57wngSKYgtsbOZhpT+pIXTTpxhku7uS +Pg6NDU0W13xbrcIsYxkZRcN6AYcnV0NxnhdfkmxwDjLyohgm8IdgvHb04r73OP0j +KmnZfJJpnxkVGD8NFGj2hBCR7ynbVBAfJegl0Lruxc4AlrniG6MW9xfkmE3EfOQg +dwZv3UuhxzEhLmR933BCijwfhBVfyzarGjDtZjQYNwWKhRl+OXM+L14Ofq7htSxz +kSM5KJfCAzLFNd6N2YU84IhqwTS4CZ/bE1HchEYPtXm97bj8Vldrfv2up/4Rc0kF +a8P+xLLmug== -----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha384.crt b/tests/data_files/server9-sha384.crt index aaa63e6ed..2ea0108d4 100644 --- a/tests/data_files/server9-sha384.crt +++ b/tests/data_files/server9-sha384.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp -B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI -aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX -TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug -qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg -s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAgUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAgUAogQCAgDOMDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzgOCAQEAmTU2HqAA7gbB +tJlDAve8nGbdCim4YjRXWceHGCpoFIWrs6onlHCvnZ2Wr8iPk+wnd7ShIpp8vGb/ +476y8pfaA2n8vYWhQKDCTTUXJN4tUc7i8Uz4RGdK48vHVvZCtCT/8MmPPouOIZcU +/Kkenw2jv5R/CpiirVUsjNx6BYcdu1zzEU+uoBLom6sZ6LGRlIB0prFWcxrVjfzx +2C8ZxMW8NWj6EQipQJ2U+CCycA2HkbCmt3FnEXmN5OWThvnKdshoPkMn2HwhAOzn +cjZQhQT3WSufvZ9bYe7HZ5e1e7k6aMXBvW89ECxc12mZfSjlYmlvfHZuO8D2sP2i +RidkcXFMxQ== -----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha512.crt b/tests/data_files/server9-sha512.crt index a211b921d..4abdf6813 100644 --- a/tests/data_files/server9-sha512.crt +++ b/tests/data_files/server9-sha512.crt @@ -1,20 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea -MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx -ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X -DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP -BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C -uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI -i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV -AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy -36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ -BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg -VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG -SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR -6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu -6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk -tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU -6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ -5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= +MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAwUA +oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAwUAogQCAgC+MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M +MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG +SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe +qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv +5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp +C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB +0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7 +MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy +U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEc +MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvgOCAQEAVut9oL/0V/vo +f9VKxAZfyy0zFy+LOHzV1H5qQaPKJnXIAUp/sDtvOjugqHKjamg6dCIVy292Yxcx +rW8WcMR1Bj9MQ5Qrv++TZ0a1e0qet1GYxj4MQkU30XlJq/Jh7ede9Vh/yBxKTQq7 +oaJ6fOTFWcz1JZDrZrKffBOqIp5jQWPARilUDN6FiRNYV3/14aWVGnNbqGfoY8CC +WvpC0iAvrQxjdQQf6nIYrzcGNzvrpRbhpzBPUyUIrM1o+nyiNAJPlyncjFwmfw9g +80FP1XnRIIKmlTTG7ivkjHKzE6WXZSQPjArg0jxQAX1uLKJGFhu+ueKyoPOHQXS0 +O1z3OQn3+w== -----END CERTIFICATE----- diff --git a/tests/data_files/server9-with-ca.crt b/tests/data_files/server9-with-ca.crt index 0478cff85..51c0ada84 100644 --- a/tests/data_files/server9-with-ca.crt +++ b/tests/data_files/server9-with-ca.crt @@ -1,99 +1,39 @@ -----BEGIN CERTIFICATE----- MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO +TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG +qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw +YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6 +imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344 +/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy +SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7 +loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP +Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi +UYUZ4RiwG1/7 -----END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Validity - Not Before: Feb 12 14:44:00 2011 GMT - Not After : Feb 12 14:44:00 2021 GMT - Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: - 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: - 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: - 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: - e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: - cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: - ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: - 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: - c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: - 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: - e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: - 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: - 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: - 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: - e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: - 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: - ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: - a2:d5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - X509v3 Authority Key Identifier: - keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF - DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA - serial:00 - - Signature Algorithm: sha1WithRSAEncryption - b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: - 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: - 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: - 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: - 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: - 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: - 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: - e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: - e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: - 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: - 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: - 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: - 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: - e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: - f7:e0:e9:54 -----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny 50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH -/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV -BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz -dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ -SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H -DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF -pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf -m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ -7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/tests/data_files/server9.crt b/tests/data_files/server9.crt index a6f9fbc76..26567aee9 100644 --- a/tests/data_files/server9.crt +++ b/tests/data_files/server9.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG -EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg -Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO -TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO +TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 -qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ -wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w -OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh -clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR -vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 -te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW -Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj -88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw -JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 -o4Hl/lqjwCEG +qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw +YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT +Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD +QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6 +imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344 +/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy +SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7 +loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP +Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi +UYUZ4RiwG1/7 -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca-v1.crt b/tests/data_files/test-ca-v1.crt index e5a3b1cde..2f10f6d86 100644 --- a/tests/data_files/test-ca-v1.crt +++ b/tests/data_files/test-ca-v1.crt @@ -1,19 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDIzCCAgsCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD -ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK -EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA4MTRaGA8yMDI0 -MDYxODEwMDgxNFowUDEcMBoGA1UEAxMTUG9sYXJTU0wgVGVzdCBDQSB2MTEQMA4G -A1UECxMHdGVzdGluZzERMA8GA1UEChMIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUW -oM0h8ZnU7OrLfBhYCJSl7JvFi98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6j -MFKp8udAcBTLRKJyC8LlQPk+5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8 -Ko/vJ2DDxp/LuuxgfbfmhDK+T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59 -JHJpy0exFECDfWf0hvYxq/F5pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp -/KzbLijRfgJLI6AV8jhlZAnqDG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QID -AQABMA0GCSqGSIb3DQEBCwUAA4IBAQBoXC5AlXI5azyOPvmNse2qHhO7BrXOEjH+ -9g5P/VsrVADhsUGv6x0A2oLoWXtOjGDIWWH53BWHkCUCu4T5D5C6+I47rXWl4pAr -J+h+tQVZo6J0AJxfPse/NnrjsboUSWhunmo/iTrU6S4KJBguIKP6T1DZoD/8EYgU -x+fXDmvRO+MTesWDiY+p+FHEzsu3b9EBtG9dUiR/zzXi/ktFCfrgstKGSuW6+j7m -lcduTxsogi6Uc3tWKtn6qpSGR0uBoCz6emFO7Smmy/tIyVA88lH0+3UnxOvu4TAK -uvjYkOcZqhprDiMfhxBB7pxbfiviEANTbgSfCtZewSNz2RUJ9ocy +MIIDHzCCAgcCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD +DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK +DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDAwWhcNMjkwMjEw +MTQ0NDAwWjBQMRwwGgYDVQQDDBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQL +DAd0ZXN0aW5nMREwDwYDVQQKDAhQb2xhclNTTDELMAkGA1UEBhMCTkwwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAEw +DQYJKoZIhvcNAQELBQADggEBAAtVAWmbymwKDj9v8m7SVLHF0mw4i3gBFVPJqYRQ +y9CnUD68kUr4qK7wyQIv/gDRYuqZVNnBq4Jwzm+tPEBHpYAF5H/7Mynpb4h+uZ3a +6kaWURXKzx53ZuFHLu1FuRov+SZU3ZtXClTYFKeyDb+fcth/8thR9V59v7ZE7zlb +8zbyL+dqfyxvmxZCUzHbNKVrliiUUFXfW53T+B7Ysxner5mnqM1aPxckhXVHEJ47 +TBoIhpBoJ/HmHCiWz8BeoowSpG7u+QOezIKk8l5Pd2f8MeqwyaqIeAy0lh2nP7pB +UtWET/0bsdiPn8SR9B3hWpKUDRvnHDDZuZiKtrdDEqsD04M= -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca.crt b/tests/data_files/test-ca.crt index 31790b5bb..ef7e4c729 100644 --- a/tests/data_files/test-ca.crt +++ b/tests/data_files/test-ca.crt @@ -1,5 +1,5 @@ -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G @@ -9,12 +9,12 @@ mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL -hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm -8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD -zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ -0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ -mtxyUALj2pQxRitopORFQdn7AOY5 +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca.key b/tests/data_files/test-ca.key index 1614e22bc..de8be1ddf 100644 --- a/tests/data_files/test-ca.key +++ b/tests/data_files/test-ca.key @@ -1,30 +1,30 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B +DEK-Info: AES-128-CBC,781840E6B804AE83D2AF71127C4CE314 -9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA -7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq -Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo -PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb -GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9 -gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq -QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w -PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x -vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU -WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X -JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR -KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe -Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J -9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2 -iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/ -tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT -P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL -1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb -nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5 -X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq -rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz -L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l -I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR -wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde -P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2 +etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79 +NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO +bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB +skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV +sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45 +U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G +L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl +UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC +itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM +sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB +/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m +1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV +UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21 +7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG +ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm +cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W +R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts +EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP +90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD +gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR +xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ +0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp +fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX +9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H +PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU -----END RSA PRIVATE KEY----- diff --git a/tests/data_files/test-ca.opensslconf b/tests/data_files/test-ca.opensslconf index b2c2fa1bc..0340e9e27 100644 --- a/tests/data_files/test-ca.opensslconf +++ b/tests/data_files/test-ca.opensslconf @@ -12,6 +12,11 @@ subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = CA:true +[no_subj_auth_id] +subjectKeyIdentifier=none +authorityKeyIdentifier=none +basicConstraints = CA:true + [othername_san] subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:hw_module_name @@ -24,6 +29,9 @@ subjectAltName=otherName:1.2.3.4;UTF8:some other identifier [dns_alt_names] subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org +[rfc822name_names] +subjectAltName=email:my@other.address,email:second@other.address + [alt_names] DNS.1=example.com otherName.1=1.3.6.1.5.5.7.8.4;SEQ:hw_module_name @@ -33,6 +41,11 @@ DNS.3=*.example.org [multiple_san] subjectAltName=@alt_names +[ext_multi_nocn] +basicConstraints = CA:false +keyUsage = digitalSignature, nonRepudiation, keyEncipherment +subjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144 + [hw_module_name] hwtype = OID:1.3.6.1.4.1.17.3 hwserial = OCT:123456 @@ -82,3 +95,31 @@ fullname=URI:http://pki.example.com/ # these IPs are the ascii values for 'abcd' and 'abcd.example.com' [tricky_ip_san] subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d + +[csr_ext_v3_keyUsage] +keyUsage = digitalSignature, keyEncipherment + +[csr_ext_v3_subjectAltName] +subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org + +[csr_ext_v3_nsCertType] +nsCertType=server + +[csr_ext_v3_all] +keyUsage = cRLSign +subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name +nsCertType=client + +[directory_name_san] +subjectAltName=dirName:dirname_sect + +[two_directorynames] +subjectAltName=dirName:dirname_sect, dirName:dirname_to_malform + +[dirname_sect] +C=UK +O=Mbed TLS +CN=Mbed TLS directoryName SAN + +[dirname_to_malform] +O=MALFORM_ME diff --git a/tests/data_files/test-ca.req.sha256 b/tests/data_files/test-ca.req.sha256 new file mode 100644 index 000000000..111433879 --- /dev/null +++ b/tests/data_files/test-ca.req.sha256 @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICgDCCAWgCAQAwOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUWoM0h8ZnU7OrLfBhYCJSl7JvFi98a +Hpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6jMFKp8udAcBTLRKJyC8LlQPk+5aYO +s/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8Ko/vJ2DDxp/LuuxgfbfmhDK+T/tY +JiIDW9S01fv145YucMDkLr38Lu7iQVXANC59JHJpy0exFECDfWf0hvYxq/F5pLK1 +LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp/KzbLijRfgJLI6AV8jhlZAnqDG6O +Gxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QIDAQABoAAwDQYJKoZIhvcNAQELBQAD +ggEBAKI+q840+CyPj6DJDJr9mP/aE8U+VyxbarQuZHxbiyS2HDuNQNFvP2TmCDRx +juERTU8yDOj3F2p7JhFF4QkCP2TP4JFYjLlOE7ISxYegGdJNNO6W00btMHG1s0aW +uPcPIIy9HxGiOFFmjYz7Jo8mcFl+bl4ET7zPoj21R4dOl7E3oYLtEZqTuiWnfW2H ++whurU13PYyog3jvJex99VIL8ZRliUSKgdmQ7A4GMvE6kf6Uk+441ynZ7RQr4jF9 +xsVIrR7cyt/SsVEYF+2SfJi0dO9pf6yV3PdwtpU2URTyZoitlneqEINXKi7Qx6E+ ++f5fAI8FbCJtgKEKf2TfqiH6sCI= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca.req_ec.sha256 b/tests/data_files/test-ca.req_ec.sha256 new file mode 100644 index 000000000..6d46b2ad8 --- /dev/null +++ b/tests/data_files/test-ca.req_ec.sha256 @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBOTCBvQIBADA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxHDAa +BgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AATD2is0QTdYL4dW/vyJuilDS07gbsMOV1MzOVjUUrSRlTkLI99fFyRiSPwalSnO +LC2HwohSgK/Waqsh3bjTHG5YuMrosmmO80GtKcO0X3WnR2/VGSlVaZpTOyC0ZhZg +Mx6gADAMBggqhkjOPQQDAgUAA2kAMGYCMQDElef9+KfRbZOA29ZyU750fB3ob82E +8R711+hk9HOsk0G9Uccp3tT+1nhCcMNhnWsCMQD6Y8e9jcEaKSPiWWfgCZ5NaQ5l +pvPDUdcPV8sZt2cgNS8fcRIIHblQKvr6miHXl9Y= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca.server1.test_serial.opensslconf b/tests/data_files/test-ca.server1.test_serial.opensslconf new file mode 100644 index 000000000..43a520ee2 --- /dev/null +++ b/tests/data_files/test-ca.server1.test_serial.opensslconf @@ -0,0 +1,25 @@ + [ ca ] + default_ca = test-ca + + [ test-ca ] + certificate = test-ca.crt + private_key = test-ca.key + serial = test-ca.server1.tmp.serial + default_md = sha1 + default_startdate = 20190210144406Z + default_enddate = 20290210144406Z + x509_extensions = v3_ca + new_certs_dir = ./ + database = ./test-ca.server1.db + policy = policy_match + unique_subject = no + + [v3_ca] + basicConstraints = CA:false + subjectKeyIdentifier=hash + authorityKeyIdentifier=keyid:always + + [policy_match] + countryName = supplied + organizationName = supplied + commonName = supplied diff --git a/tests/data_files/test-ca2.crt b/tests/data_files/test-ca2.crt index 7ac79e440..b974f4c5b 100644 --- a/tests/data_files/test-ca2.crt +++ b/tests/data_files/test-ca2.crt @@ -1,13 +1,13 @@ -----BEGIN CERTIFICATE----- -MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO 4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK -6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/ -MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk -SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a -LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ -hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg== +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2.crt.der b/tests/data_files/test-ca2.crt.der index 2c8e21743..70d6abca4 100644 Binary files a/tests/data_files/test-ca2.crt.der and b/tests/data_files/test-ca2.crt.der differ diff --git a/tests/data_files/test-ca2.ku-crl.crt b/tests/data_files/test-ca2.ku-crl.crt index 4fb40838c..303a2c00b 100644 --- a/tests/data_files/test-ca2.ku-crl.crt +++ b/tests/data_files/test-ca2.ku-crl.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzDCCAVOgAwIBAgIJAP6mZLzh0IPSMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTIzMzhaFw0yNDA0MDYxMTIzMzhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCAQIwCgYIKoZIzj0EAwIDZwAwZAIwZOCKY0EHXYzI4cQsFnfOrxm1 -ufvNeZ4ZcSZWrkTBazW2OBCuCP9SLznec3SFOUvvAjAKe/qycfxkHivjieCEG1Kt -m2D4QKSJELUhTHr4zdkeqbzgui0y3iouaoyWsKvetNg= +MIIB2DCCAV6gAwIBAgIUN3DAVq0Kn9k3FPUPZGW2d3rZn28wCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwIBAjAKBggqhkjOPQQDAgNoADBlAjAxoq/Q4PEA +8SDd3cQaVIwx8oJVEzfJo1BB2w1LnjvUXZrQydjNXMU4Jgorm/2/uLgCMQCyI6cZ +EAIgKPYlT6/zJHBj45qejs527OfI4Xn+kQ7OvHQtHaCAzQw4h7Jfx+gXaUo= -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext new file mode 100644 index 000000000..4bc5d3c24 --- /dev/null +++ b/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = cRLSign + diff --git a/tests/data_files/test-ca2.ku-crt.crt b/tests/data_files/test-ca2.ku-crt.crt index edacc64c9..5cad7b2fc 100644 --- a/tests/data_files/test-ca2.ku-crt.crt +++ b/tests/data_files/test-ca2.ku-crt.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzTCCAVOgAwIBAgIJAODh6PAeD9/vMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTIzNTRaFw0yNDA0MDYxMTIzNTRaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCAgQwCgYIKoZIzj0EAwIDaAAwZQIwGGlbynd1jU3WkUx6Irhk9Lob -z2B+1eIO6+eu3En8B3rh8Ipfxo0e0hpfaRFYP1MUAjEAjxxBchRWJAzZ6/47Wg/7 -UoasRINgP5B/uJhTnftS1bqyuWHastb4LW5/YLOvPbMQ +MIIB2DCCAV6gAwIBAgIUYDcYIJ6EBbKafKeXLgPLE+RsJZowCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxMjEwMzEwNVoXDTMzMDUxMjEwMzEwNVow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwICBDAKBggqhkjOPQQDAgNoADBlAjBwsfyYiZB6 +PpDgIbYRbZ4VT9GGFNE3L4C1IH8RNwzvywLvQfVp3ocRAkzEoRpmKAsCMQDOGm48 +d7zKl7IzmBuOWXYlukWDDWwpNI67z7g0JawfypKIxcPTZFiQXVtDdTdkrGY= -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext new file mode 100644 index 000000000..997c8930b --- /dev/null +++ b/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = keyCertSign + diff --git a/tests/data_files/test-ca2.ku-crt_crl.crt b/tests/data_files/test-ca2.ku-crt_crl.crt index ac74e402a..4c69582f3 100644 --- a/tests/data_files/test-ca2.ku-crt_crl.crt +++ b/tests/data_files/test-ca2.ku-crt_crl.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzDCCAVOgAwIBAgIJAPejOupCJS65MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTIyMjVaFw0yNDA0MDYxMTIyMjVaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCAQYwCgYIKoZIzj0EAwIDZwAwZAIwMKLVXB4YBQ0Ha4dEvFPcJtau -TS5Vd4UqG3xQ10YcJogweuqaGHSFgdnEUfoX+4p5AjApMnYXFfUjSmlyfJmTaswO -gaR5sUnnw33NA9j1ercem3asCYz6a8T0zo8/rR33XVU= +MIIB2TCCAV6gAwIBAgIUd5f42F4ahjkx9AIN035pcF4WFikwCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNpADBmAjEA6IUvQwSw +vEkHjU9YNsPcUsJf0UTHUW1T8mNbgk+zCl6fzeU73oCXH6zoi5q6vLgjAjEAv63C +xknmJJ4H3Zlc+O5GlcX9VQNZDn1xV7hf2yW1Gf7wLTnSWTf5bXATaIQ6QLO1 -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext new file mode 100644 index 000000000..0fd73a25a --- /dev/null +++ b/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = keyCertSign, cRLSign + diff --git a/tests/data_files/test-ca2.ku-ds.crt b/tests/data_files/test-ca2.ku-ds.crt index c28e17b22..2907aa734 100644 --- a/tests/data_files/test-ca2.ku-ds.crt +++ b/tests/data_files/test-ca2.ku-ds.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBzDCCAVOgAwIBAgIJAPOkPR3wsvm5MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xNDA0MDkxMTI0MTNaFw0yNDA0MDYxMTI0MTNaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL -BgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIwGRCmU/rWNjW13g8ITuq3pMXb -jgwTFJHVlbMDiFJwUrRvytPV9doJOfzJ8nAQ0cZ1AjAbJ8QAV2e+DmYZpWc/p6Ug -nQdac59ev+lH+ju6wET3jNDjUthUPrdgqa54+UWQ5r4= +MIIB2TCCAV6gAwIBAgIUb5xsO6FEmAz+XpGFHpW7ODFvup0wCgYIKoZIzj0EAwIw +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow +PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh +cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H +Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr +Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV +HRMEBTADAQH/MAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA44HVvGYv +meA3SpaNJmubLKjsQlGNnEUUo1IO0NBP5yWG0dRFkX8NQ0bzH/1n6FJcAjEAm9wj +xdmEPUr6PY54c0IQJNeeF76L1/+EszXrSDQ7TLv1YC4d4uMNmqwR9EGuUX+/ -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext new file mode 100644 index 000000000..08e49d475 --- /dev/null +++ b/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:true +subjectKeyIdentifier=none +keyUsage = digitalSignature + diff --git a/tests/data_files/test-ca2.req.sha256 b/tests/data_files/test-ca2.req.sha256 new file mode 100644 index 000000000..6d46b2ad8 --- /dev/null +++ b/tests/data_files/test-ca2.req.sha256 @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBOTCBvQIBADA+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxHDAa +BgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AATD2is0QTdYL4dW/vyJuilDS07gbsMOV1MzOVjUUrSRlTkLI99fFyRiSPwalSnO +LC2HwohSgK/Waqsh3bjTHG5YuMrosmmO80GtKcO0X3WnR2/VGSlVaZpTOyC0ZhZg +Mx6gADAMBggqhkjOPQQDAgUAA2kAMGYCMQDElef9+KfRbZOA29ZyU750fB3ob82E +8R711+hk9HOsk0G9Uccp3tT+1nhCcMNhnWsCMQD6Y8e9jcEaKSPiWWfgCZ5NaQ5l +pvPDUdcPV8sZt2cgNS8fcRIIHblQKvr6miHXl9Y= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test-ca2_cat-future-invalid.crt b/tests/data_files/test-ca2_cat-future-invalid.crt index b1cfbf054..833e497fa 100644 --- a/tests/data_files/test-ca2_cat-future-invalid.crt +++ b/tests/data_files/test-ca2_cat-future-invalid.crt @@ -1,27 +1,27 @@ -----BEGIN CERTIFICATE----- +MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ +5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj +vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe -Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2 -MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5 -WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p -w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E -FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ -vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH -qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2 -+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw== +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o +ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn +KgfuCEF96BhSjLDXWKB4IFWaXUQ= -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2_cat-future-present.crt b/tests/data_files/test-ca2_cat-future-present.crt index 776e725cb..649cca05a 100644 --- a/tests/data_files/test-ca2_cat-future-present.crt +++ b/tests/data_files/test-ca2_cat-future-present.crt @@ -1,28 +1,26 @@ -----BEGIN CERTIFICATE----- -MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe -Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2 -MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5 -WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p -w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E -FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ -vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH -qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2 -+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw== +MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ +5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj +vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2_cat-past-invalid.crt b/tests/data_files/test-ca2_cat-past-invalid.crt index febad7408..a0b0a2f86 100644 --- a/tests/data_files/test-ca2_cat-past-invalid.crt +++ b/tests/data_files/test-ca2_cat-past-invalid.crt @@ -13,15 +13,15 @@ l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIICIDCCAaWgAwIBAgIBCjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE0MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJ H0M3jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjgZ0wgZowCQYDVR0TBAIwADAd BgNVHQ4EFgQUfmWPPjMDFOXhvmCy4IV/jOdgK3swbgYDVR0jBGcwZYAUnW0gJEkB -PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh -clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG -CCqGSM49BAMCA2kAMGYCMQCsYTyleBFuI4nizuxo/ie5dxJnD0ynwCnRJ+84PZP4 -AQA3HdUz0qNYs4CZ2am9Gz0CMQDr2TNLFA3C3S3pmgXMT0eKzR1Ca1/Nulf0llQZ -Xj09kLboxuemP40IIqhQnpYptMg= +PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh +clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG +CCqGSM49BAMCA2kAMGYCMQC7mlP+bq/c4hKB3zfJgPdwSnzzQOkXwdA2O6QumC2o +ZuHyjUYV5/ZyU8QQ7cNnKnYCMQD9ByA7ddpVE2Gk+OVuBPGfwV4O2COgFrasfrTn +KgfuCEF96BhSjLDXWKB4IFWaXUQ= -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2_cat-past-present.crt b/tests/data_files/test-ca2_cat-past-present.crt index bc1ba9a2e..24e05c642 100644 --- a/tests/data_files/test-ca2_cat-past-present.crt +++ b/tests/data_files/test-ca2_cat-past-present.crt @@ -12,17 +12,15 @@ tRBXQiGPMzUvmKBk7gM7bF4iFPsdJikyXHmuwv3RAjEA8vtUX8fAAB3fbh5dEXRm l7tz0Sw/RW6AHFtaIauGkhHqeKIaKIi6WSgHu6x97uyg -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2_cat-present-future.crt b/tests/data_files/test-ca2_cat-present-future.crt index d62ed09cd..6539479e6 100644 --- a/tests/data_files/test-ca2_cat-present-future.crt +++ b/tests/data_files/test-ca2_cat-present-future.crt @@ -1,28 +1,26 @@ -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIB+zCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAe -Fw0yMzA5MjIxNTQ5NDlaFw0zMDEyMzEyMzU5NTlaMD4xCzAJBgNVBAYTAk5MMREw -DwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTB2 -MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBuww5XUzM5 -WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiyaY7zQa0p -w7RfdadHb9UZKVVpmlM7ILRmFmAzHqNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4E -FgQUnW0gJEkBPyvLeLUZvH4kydv7NnwwHwYDVR0jBBgwFoAUnW0gJEkBPyvLeLUZ -vH4kydv7NnwwDAYIKoZIzj0EAwIFAANnADBkAjB1ZNdOM7KRJiPo45hP17A1sJSH -qHFPEJbml6KdNevoVZ1HqvP8AoFGcPJRpQVtzC0CMDa7JEqn0dOss8EmW9pVF/N2 -+XvzNczj89mWMgPhJJlT+MONQx3LFQO+TMSI9hLdkw== +MIICBjCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTI5MDIxMDE0NDQwMFoXDTM5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2cAMGQCMCDwxpvV0mzZ +5nyr3tpLILyaERGyVuSGHAJqd88fsWEiV6/xmiOTeIGlN8WLVL03FQIwJYnSIeCj +vwuQaWzeIypEnGIT2A2eJ2IIrJrFr9xpafqN1vRDSK5VZuM1B4RtW2OU -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca2_cat-present-past.crt b/tests/data_files/test-ca2_cat-present-past.crt index a321d5dd7..08aeeea12 100644 --- a/tests/data_files/test-ca2_cat-present-past.crt +++ b/tests/data_files/test-ca2_cat-present-past.crt @@ -1,17 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIB/TCCAYCgAwIBAgIBATAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw diff --git a/tests/data_files/test-ca_cat12.crt b/tests/data_files/test-ca_cat12.crt index 892814463..c54bcc178 100644 --- a/tests/data_files/test-ca_cat12.crt +++ b/tests/data_files/test-ca_cat12.crt @@ -1,5 +1,5 @@ -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G @@ -9,27 +9,25 @@ mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL -hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm -8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD -zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ -0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ -mtxyUALj2pQxRitopORFQdn7AOY5 +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- diff --git a/tests/data_files/test-ca_cat21.crt b/tests/data_files/test-ca_cat21.crt index 7234863c7..b090dc6ec 100644 --- a/tests/data_files/test-ca_cat21.crt +++ b/tests/data_files/test-ca_cat21.crt @@ -1,20 +1,18 @@ -----BEGIN CERTIFICATE----- -MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT -Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF -QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu -ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy -aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g -JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56 -t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv -uCjn8pwUOkABXK8Mss90fzCfCEOtIA== +MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE +BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0 +IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO +4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK +6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd +bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq +6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29 +N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G @@ -24,12 +22,12 @@ mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj -UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/ -MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA -A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL -hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm -8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD -zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ -0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/ -mtxyUALj2pQxRitopORFQdn7AOY5 +UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68 +x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB +BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T +hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/ +G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf +7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH +9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf +hlf8qotOhNvFXpEsCGwZUywayo7c4DtO -----END CERTIFICATE----- diff --git a/tests/data_files/test-int-ca-exp.crt b/tests/data_files/test-int-ca-exp.crt index c549654b0..835c7dbbf 100644 --- a/tests/data_files/test-int-ca-exp.crt +++ b/tests/data_files/test-int-ca-exp.crt @@ -1,7 +1,7 @@ -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MDcwNjI3MTAzODM3WhcNMTcwNjI3MTAzODM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MTMwNTE2MDcxMDM3WhcNMjMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR @@ -16,9 +16,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPu/FDEPvIC/BnzPQDAr1bQakGiwBsE9zGKRgXgX -Y3Q+XJKhMEKZ8h1m+S5c6taO0gIwNB14zmJ1gJ9X3+tPDfriWrVaNMG54Kr57/Ep -773Ap7Gxpk168id1EFhvW22YabKs +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAJH0e4fySJI2nJt1Knd+yU7zn1jTFDAABJMbndhR +07OSM6vwUaGSMVatSzr8ah+UDgIwaI/MBcorSxT92jAQb1W5dJkEudoYSg49fjAf +z0BtLCVhFwQlrzCqgXC98SGfT6sZ -----END CERTIFICATE----- diff --git a/tests/data_files/test-int-ca.crt b/tests/data_files/test-int-ca.crt index cbe99e0a6..8b2846d3b 100644 --- a/tests/data_files/test-int-ca.crt +++ b/tests/data_files/test-int-ca.crt @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- MIIEATCCA4egAwIBAgIBDjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN -MTMwOTI0MTU1NTE0WhcNMjMwOTIyMTU1NTE0WjBIMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxJjAkBgNVBAMTHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN +MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjBIMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxJjAkBgNVBAMMHVBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo1Oc8nr6fMTq vowV+CpC55i5BZGFGc50Eb4RLBSRTH1e7JepdFjAVbBtyQRJSiY1ja0tgLQDDKZR wfEI+b4azse460InPHv7C1TN0upXlxuj6m9B1IlP+sBaM7WBC6dVfPO+jVMIxgkF @@ -16,9 +16,9 @@ d6KXbrZteesvA1nYzEOs+3AjrbT79Md2W8Bz9bqBVNlNOESSqm4kiCJFmslm/6br Np0MSQd+o22PQ4xRtmP6UsTfU0ueiMpYc8TYYhMbfnfFyo4m707ebcflPbBEN2dg updQ66cvfCJB0QJt9upafY0lpdV1qUkCAwEAAaOBoDCBnTAdBgNVHQ4EFgQUOHfY a3ecKHeCi07YG6ke95QWtw4wbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7 -NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE -AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w -CgYIKoZIzj0EAwIDaAAwZQIxAPyE+u+eP7gRrSFjQicmpYg8jiFUCYEowWY2zuOG -i1HXYwmpDHfasQ3rNSuf/gHvjwIwbSSjumDk+uYNci/KMELDsD0MFHxZhhBc9Hp9 -Af5cNR8KhzegznL6amRObGGKmX1F +NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xhclNTTDEcMBoGA1UE +AwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w +CgYIKoZIzj0EAwIDaAAwZQIxAOAch+gz4rHfI/pm8MIDssMtJCqzS6xtOvQHJZ9l +fdgWfJV5cSHJpOIWGXeFKKR18wIwODTRnTIioy+bYacNq8TQPjzdVlT9XbYkWIYN +JAuV9fLJJdB5nZUG3l85Dt27VNkT -----END CERTIFICATE----- diff --git a/tests/data_files/test-int-ca2.crt b/tests/data_files/test-int-ca2.crt index 9ce44c231..80f39b9cf 100644 --- a/tests/data_files/test-int-ca2.crt +++ b/tests/data_files/test-int-ca2.crt @@ -1,18 +1,18 @@ -----BEGIN CERTIFICATE----- MIIC6TCCAdGgAwIBAgIBDzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER -MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTMwOTI0MTYwODQyWhcNMjMwOTIyMTYwODQyWjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MjMwNTE3MDkyNzAyWhcNMzMwNTE3MDkyNzAyWjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp YXRlIEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8Oih3fX5SLeN1dmFncQl WMw9+Y6sXblhlrXBxhXxjwdwpCHENn+foUVdrqYVYa7Suv3QVeO6nJ19H3QNixW8 ik1P+hxsbaq8bta78vAyHmC4EmXQLg1w7oxb9Q82qX1Yo4GVMIGSMB0GA1UdDgQW BBQPib1jQevLXhco/2gwPcGI0JxYOTBjBgNVHSMEXDBagBS0WuSls97SUva51aaV -D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkw -FwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAAjeaTUaCBiXT1CYLVr6UFSeRNZBrDPnj6PwqUQTvgB5I5n6 -yXqoE4RYDaEL0Lg24juFxI26itBuypto6vscgGq77cfrP/avSdxU+xeZ4bCWvh3M -ddj9lmko2U8I8GhBcHpSuIiTvgKDB8eKkjeq3AsLGchHDvip8pB3IhcNfL7W94Zf -7/lH9VQiE3/px7amD32cidoPvWLA9U3f1FsPmJESUz0wwNfINpDjmPr8dGbkCN+M -CFhxo6sCfK8KLYG4nYX8FwxVR86kpSrO9e84AX0YYbdzxprbc2XOaebJ8+BDmzut -ARkD7DTXrodN1wV7jQJkrUuEwPj9Rhvk+MFRkaw= +D+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRkw +FwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAHTN0URrP2MpwD8vODymjjq7iaB7WFZ4CWUjx9LWu3PPZbX2 +12MxzkyFaVR7rnPKZSFHJJEmNaPDJWwYhGQRXLCoD6NiJy6De4fa5gSYoXthRGFf +GnFXZu3e37GDKoKP87TZ+VXcyx6PHvPxJB3/9N94Vj2Yh3hCs7F72GmwfDww6ooj +whIqhxBYOhPleANs70FZ7Y7tjZV1RtQ1/9sRcbyv9OvdPuWvukBVq1KM6nqVHBZ3 +/4kHBWaFaWMq/AAxMxaTGFAOA8S2yU56jkB65viQrpQQWffBJWK+WfrcgxRWqR33 +hqG3yT1IWbJ5E11XL9TCKD+DReqeXHyYawx8fBU= -----END CERTIFICATE----- diff --git a/tests/data_files/test-int-ca3-badsign.crt b/tests/data_files/test-int-ca3-badsign.crt index 2087056e8..8c363152b 100644 --- a/tests/data_files/test-int-ca3-badsign.crt +++ b/tests/data_files/test-int-ca3-badsign.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWf0= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg10== -----END CERTIFICATE----- diff --git a/tests/data_files/test-int-ca3.crt b/tests/data_files/test-int-ca3.crt index 7e724b241..3aa64b137 100644 --- a/tests/data_files/test-int-ca3.crt +++ b/tests/data_files/test-int-ca3.crt @@ -1,12 +1,12 @@ -----BEGIN CERTIFICATE----- -MIIBtDCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G -A1UEChMIUG9sYXJTU0wxKTAnBgNVBAMTIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp -YXRlIEVDIENBMB4XDTE1MDkwMTE0MDg0M1oXDTI1MDgyOTE0MDg0M1owSjELMAkG -A1UEBhMCVUsxETAPBgNVBAoTCG1iZWQgVExTMSgwJgYDVQQDEx9tYmVkIFRMUyBU +MIIBszCCATqgAwIBAgIBTTAKBggqhkjOPQQDAjBLMQswCQYDVQQGEwJOTDERMA8G +A1UECgwIUG9sYXJTU0wxKTAnBgNVBAMMIFBvbGFyU1NMIFRlc3QgSW50ZXJtZWRp +YXRlIEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1owSjELMAkG +A1UEBhMCVUsxETAPBgNVBAoMCG1iZWQgVExTMSgwJgYDVQQDDB9tYmVkIFRMUyBU ZXN0IGludGVybWVkaWF0ZSBDQSAzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE 732fWHLNPMPsP1U1ibXvb55erlEVMlpXBGsj+KYwVqU1XCmW9Z9hhP7X/5js/DX9 -2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNo -ADBlAjAJRxbGRas3NBmk9MnGWXg7PT1xnRELHRWWIvfLdVQt06l1/xFg3ZuPdQdt -Qh7CK80CMQD7wa1o1a8qyDKBfLN636uKmKGga0E+vYXBeFCy9oARBangGCB0B2vt -pz590JvGWfM= +2J/utoHyjUtVpQOzdTrbsaMQMA4wDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNn +ADBkAjAZx8k0q+DtT/LJd1FjPcG/peoQDfMBL2jS/6PwxW+3+ZPMpHZn0r+JpCaF ++V/sM9kCMGqcxQwx/bsMaK0y9zqshC7/S5hVlA+WRVyMfEGJmXnfbdwh6CByKIwv +1GRe86dg1A== -----END CERTIFICATE----- diff --git a/tests/data_files/test_certs.h.jinja2 b/tests/data_files/test_certs.h.jinja2 new file mode 100644 index 000000000..92131ddc1 --- /dev/null +++ b/tests/data_files/test_certs.h.jinja2 @@ -0,0 +1,54 @@ +/* + * X.509 test certificates + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ +/* *INDENT-OFF* */ + +{% for mode, name, value in macros %} + {% if mode == 'string' %} +/* This is taken from {{value}}. */ +/* BEGIN FILE string macro {{name}} {{value}} */ +#define {{name}}{{ '\\' | put_to_column(position=80-9-name|length)}} + {% for line in value | read_lines %} + "{{line}}\r\n"{% if not loop.last %}{{ '\\' | put_to_column(position=80-10-1-line|length)}} + {% endif %} + {% endfor %} + +/* END FILE */ + {% endif %} + {% if mode == 'binary' %} +/* This is generated from {{value}}. */ +/* BEGIN FILE binary macro {{name}} {{value}} */ +#define {{name}} {% raw -%} { {%- endraw %} {{ '\\' | put_to_column(position=80-11-name|length)}} + {% for line in value | read_as_c_array %} + {% if not loop.last %} + {{line}},{{ '\\' | put_to_column(position=80-9-line|length)}} + {% else %} + {{line}}{{ '\\' | put_to_column(position=80-8-line|length)}} + {% endif %} + {% endfor %} +{% raw -%} } {%- endraw %} + +/* END FILE */ + {% endif %} + {% if mode == 'password' %} +#define {{name}} "{{value}}" + {% endif %} + +{% endfor %} diff --git a/tests/include/alt-extra/psa/crypto.h b/tests/include/alt-extra/psa/crypto.h new file mode 100644 index 000000000..005f3aeea --- /dev/null +++ b/tests/include/alt-extra/psa/crypto.h @@ -0,0 +1,7 @@ +/* The goal of the include/alt-extra directory is to test what happens + * if certain files come _after_ the normal include directory. + * Make sure that if the alt-extra directory comes before the normal + * directory (so we wouldn't be achieving our test objective), the build + * will fail. + */ +#error "The normal include directory must come first in the include path" diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h index a79ce1738..de842642d 100644 --- a/tests/include/spe/crypto_spe.h +++ b/tests/include/spe/crypto_spe.h @@ -19,13 +19,13 @@ /** * \file crypto_spe.h * - * \brief When Mbed Crypto is built with the MBEDTLS_PSA_CRYPTO_SPM option - * enabled, this header is included by all .c files in Mbed Crypto that + * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option + * enabled, this header is included by all .c files in Mbed TLS that * use PSA Crypto function names. This avoids duplication of symbols - * between TF-M and Mbed Crypto. + * between TF-M and Mbed TLS. * * \note This file should be included before including any PSA Crypto headers - * from Mbed Crypto. + * from Mbed TLS. */ #ifndef CRYPTO_SPE_H diff --git a/tests/include/test/arguments.h b/tests/include/test/arguments.h new file mode 100644 index 000000000..74bbbd569 --- /dev/null +++ b/tests/include/test/arguments.h @@ -0,0 +1,38 @@ +/** + * \file arguments.h + * + * \brief Manipulation of test arguments. + * + * Much of the code is in host_test.function, to be migrated here later. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_ARGUMENTS_H +#define TEST_ARGUMENTS_H + +#include "mbedtls/build_info.h" +#include +#include + +typedef union { + size_t len; + intmax_t sint; +} mbedtls_test_argument_t; + +#endif /* TEST_ARGUMENTS_H */ diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 22518bfc4..81f988339 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -39,6 +39,7 @@ #define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 #define MBEDTLS_CTR_DRBG_C #define MBEDTLS_ENTROPY_C +#define MBEDTLS_ENTROPY_FORCE_SHA256 /* * Configuration options that may need to be additionally enabled for the @@ -52,7 +53,4 @@ //#define MBEDTLS_PEM_PARSE_C //#define MBEDTLS_BASE64_C -#include "mbedtls/config_psa.h" -#include "mbedtls/check_config.h" - #endif /* MBEDTLS_CONFIG_H */ diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index fbfe8da7a..ef8c88a66 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -6,6 +6,8 @@ * supports. */ +#include "psa/crypto_legacy.h" + #if defined(PSA_WANT_ALG_CBC_NO_PADDING) #if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) #undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING @@ -62,6 +64,14 @@ #endif #endif +#if defined(PSA_WANT_ALG_FFDH) +#if defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) +#undef MBEDTLS_PSA_ACCEL_ALG_FFDH +#else +#define MBEDTLS_PSA_ACCEL_ALG_FFDH 1 +#endif +#endif + #if defined(PSA_WANT_ALG_MD5) #if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) #undef MBEDTLS_PSA_ACCEL_ALG_MD5 @@ -142,6 +152,38 @@ #endif #endif +#if defined(PSA_WANT_ALG_SHA3_224) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_224 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_224 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_256) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_256 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_256 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_384) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_384 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_384 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_SHA3_512) +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#undef MBEDTLS_PSA_ACCEL_ALG_SHA3_512 +#else +#define MBEDTLS_PSA_ACCEL_ALG_SHA3_512 1 +#endif +#endif + #if defined(PSA_WANT_ALG_XTS) #if defined(MBEDTLS_PSA_ACCEL_ALG_XTS) #undef MBEDTLS_PSA_ACCEL_ALG_XTS @@ -158,6 +200,14 @@ #endif #endif +#if defined(PSA_WANT_ALG_JPAKE) +#if defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) +#undef MBEDTLS_PSA_ACCEL_ALG_JPAKE +#else +#define MBEDTLS_PSA_ACCEL_ALG_JPAKE 1 +#endif +#endif + #if defined(PSA_WANT_KEY_TYPE_AES) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) #undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES @@ -182,19 +232,131 @@ #endif #endif -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) -#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC #else -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 #endif #endif -#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) -#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT #else -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR 1 +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY +#else +#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY 1 #endif #endif @@ -206,6 +368,31 @@ #endif #endif + +#if defined(PSA_WANT_ALG_TLS12_PRF) +#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF) +#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF +#else +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS) +#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS +#else +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) +#if defined(MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS) +#undef MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS +#else +#define MBEDTLS_PSA_ACCEL_ALG_TLS12_ECJPAKE_TO_PMS 1 +#endif +#endif + #define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 #define MBEDTLS_PSA_ACCEL_ALG_CCM 1 #define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 @@ -218,11 +405,10 @@ #define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 #define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 #define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 -#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1 -#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1 -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) && \ + defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) #define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1 #define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1 #define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1 @@ -237,11 +423,8 @@ #define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1 #define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1 #endif -#endif #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1 -#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1 diff --git a/tests/include/test/drivers/pake.h b/tests/include/test/drivers/pake.h new file mode 100644 index 000000000..331ee49da --- /dev/null +++ b/tests/include/test/drivers/pake.h @@ -0,0 +1,87 @@ +/* + * Test driver for PAKE driver entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H +#define PSA_CRYPTO_TEST_DRIVERS_PAKE_H + +#include "mbedtls/build_info.h" + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include + +typedef struct { + /* If not PSA_SUCCESS, return this error code instead of processing the + * function call. */ + psa_status_t forced_status; + /* PAKE driver setup is executed on the first call to + pake_output/pake_input (added to distinguish forced statuses). */ + psa_status_t forced_setup_status; + /* Count the amount of times PAKE driver functions are called. */ + struct { + unsigned long total; + unsigned long setup; + unsigned long input; + unsigned long output; + unsigned long implicit_key; + unsigned long abort; + } hits; + /* Status returned by the last PAKE driver function call. */ + psa_status_t driver_status; + /* Output returned by pake_output */ + void *forced_output; + size_t forced_output_length; +} mbedtls_test_driver_pake_hooks_t; + +#define MBEDTLS_TEST_DRIVER_PAKE_INIT { PSA_SUCCESS, PSA_SUCCESS, { 0, 0, 0, 0, 0, 0 }, PSA_SUCCESS, \ + NULL, 0 } +static inline mbedtls_test_driver_pake_hooks_t +mbedtls_test_driver_pake_hooks_init(void) +{ + const mbedtls_test_driver_pake_hooks_t v = MBEDTLS_TEST_DRIVER_PAKE_INIT; + return v; +} + +extern mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks; + +psa_status_t mbedtls_test_transparent_pake_setup( + mbedtls_transparent_test_driver_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs); + +psa_status_t mbedtls_test_transparent_pake_output( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length); + +psa_status_t mbedtls_test_transparent_pake_input( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length); + +psa_status_t mbedtls_test_transparent_pake_get_implicit_key( + mbedtls_transparent_test_driver_pake_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length); + +psa_status_t mbedtls_test_transparent_pake_abort( + mbedtls_transparent_test_driver_pake_operation_t *operation); + +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_TEST_DRIVERS_PAKE_H */ diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 0a65b40bf..541ee03d0 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -38,6 +38,7 @@ #include "test/drivers/signature.h" #include "test/drivers/asymmetric_encryption.h" #include "test/drivers/key_agreement.h" +#include "test/drivers/pake.h" #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_TEST_DRIVER_H */ diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 83a48cd1e..3bfbe3333 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -33,6 +33,7 @@ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #include "mbedtls/memory_buffer_alloc.h" #endif +#include "common.h" /** * \brief This macro tests the expression passed to it as a test step or @@ -60,6 +61,16 @@ } \ } while (0) +/** This macro asserts fails the test with given output message. + * + * \param MESSAGE The message to be outputed on assertion + */ +#define TEST_FAIL(MESSAGE) \ + do { \ + mbedtls_test_fail(MESSAGE, __LINE__, __FILE__); \ + goto exit; \ + } while (0) + /** Evaluate two integer expressions and fail the test case if they have * different values. * @@ -72,7 +83,7 @@ #define TEST_EQUAL(expr1, expr2) \ do { \ if (!mbedtls_test_equal( #expr1 " == " #expr2, __LINE__, __FILE__, \ - expr1, expr2)) \ + (unsigned long long) (expr1), (unsigned long long) (expr2))) \ goto exit; \ } while (0) @@ -106,52 +117,84 @@ * The allocated memory will be filled with zeros. * * You must set \p pointer to \c NULL before calling this macro and - * put `mbedtls_free( pointer )` in the test's cleanup code. + * put `mbedtls_free(pointer)` in the test's cleanup code. * - * If \p length is zero, the resulting \p pointer will be \c NULL. + * If \p item_count is zero, the resulting \p pointer will be \c NULL. * This is usually what we want in tests since API functions are * supposed to accept null pointers when a buffer size is zero. * * This macro expands to an instruction, not an expression. * It may jump to the \c exit label. * - * \param pointer An lvalue where the address of the allocated buffer - * will be stored. - * This expression may be evaluated multiple times. - * \param length Number of elements to allocate. - * This expression may be evaluated multiple times. + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param item_count Number of elements to allocate. + * This expression may be evaluated multiple times. * */ -#define ASSERT_ALLOC(pointer, length) \ - do \ - { \ - TEST_ASSERT((pointer) == NULL); \ - if ((length) != 0) \ - { \ - (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ - (length)); \ - TEST_ASSERT((pointer) != NULL); \ - } \ - } \ - while (0) +#define TEST_CALLOC(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + if ((item_count) != 0) { \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (item_count)); \ + TEST_ASSERT((pointer) != NULL); \ + } \ + } while (0) + +/** Allocate memory dynamically and fail the test case if this fails. + * The allocated memory will be filled with zeros. + * + * You must set \p pointer to \c NULL before calling this macro and + * put `mbedtls_free(pointer)` in the test's cleanup code. + * + * If \p item_count is zero, the resulting \p pointer will not be \c NULL. + * + * This macro expands to an instruction, not an expression. + * It may jump to the \c exit label. + * + * \param pointer An lvalue where the address of the allocated buffer + * will be stored. + * This expression may be evaluated multiple times. + * \param item_count Number of elements to allocate. + * This expression may be evaluated multiple times. + * + * Note: if passing size 0, mbedtls_calloc may return NULL. In this case, + * we reattempt to allocate with the smallest possible buffer to assure a + * non-NULL pointer. + */ +#define TEST_CALLOC_NONNULL(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (item_count)); \ + if (((pointer) == NULL) && ((item_count) == 0)) { \ + (pointer) = mbedtls_calloc(1, 1); \ + } \ + TEST_ASSERT((pointer) != NULL); \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_ALLOC(pointer, item_count) TEST_CALLOC(pointer, item_count) /** Allocate memory dynamically. If the allocation fails, skip the test case. * - * This macro behaves like #ASSERT_ALLOC, except that if the allocation + * This macro behaves like #TEST_CALLOC, except that if the allocation * fails, it marks the test as skipped rather than failed. */ -#define ASSERT_ALLOC_WEAK(pointer, length) \ - do \ - { \ - TEST_ASSERT((pointer) == NULL); \ - if ((length) != 0) \ - { \ - (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ - (length)); \ - TEST_ASSUME((pointer) != NULL); \ - } \ - } \ - while (0) +#define TEST_CALLOC_OR_SKIP(pointer, item_count) \ + do { \ + TEST_ASSERT((pointer) == NULL); \ + if ((item_count) != 0) { \ + (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ + (item_count)); \ + TEST_ASSUME((pointer) != NULL); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_ALLOC_WEAK(pointer, item_count) TEST_CALLOC_OR_SKIP(pointer, item_count) /** Compare two buffers and fail the test case if they differ. * @@ -165,14 +208,16 @@ * \param size2 Size of the second buffer in bytes. * This expression may be evaluated multiple times. */ -#define ASSERT_COMPARE(p1, size1, p2, size2) \ - do \ - { \ - TEST_ASSERT((size1) == (size2)); \ - if ((size1) != 0) \ - TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0); \ - } \ - while (0) +#define TEST_MEMORY_COMPARE(p1, size1, p2, size2) \ + do { \ + TEST_EQUAL((size1), (size2)); \ + if ((size1) != 0) { \ + TEST_ASSERT(memcmp((p1), (p2), (size1)) == 0); \ + } \ + } while (0) + +/* For backwards compatibility */ +#define ASSERT_COMPARE(p1, size1, p2, size2) TEST_MEMORY_COMPARE(p1, size1, p2, size2) /** * \brief This macro tests the expression passed to it and skips the @@ -196,45 +241,6 @@ mbedtls_exit(1); \ } -/** \def ARRAY_LENGTH - * Return the number of elements of a static or stack array. - * - * \param array A value of array (not pointer) type. - * - * \return The number of elements of the array. - */ -/* A correct implementation of ARRAY_LENGTH, but which silently gives - * a nonsensical result if called with a pointer rather than an array. */ -#define ARRAY_LENGTH_UNSAFE(array) \ - (sizeof(array) / sizeof(*(array))) - -#if defined(__GNUC__) -/* Test if arg and &(arg)[0] have the same type. This is true if arg is - * an array but not if it's a pointer. */ -#define IS_ARRAY_NOT_POINTER(arg) \ - (!__builtin_types_compatible_p(__typeof__(arg), \ - __typeof__(&(arg)[0]))) -/* A compile-time constant with the value 0. If `const_expr` is not a - * compile-time constant with a nonzero value, cause a compile-time error. */ -#define STATIC_ASSERT_EXPR(const_expr) \ - (0 && sizeof(struct { unsigned int STATIC_ASSERT : 1 - 2 * !(const_expr); })) - -/* Return the scalar value `value` (possibly promoted). This is a compile-time - * constant if `value` is. `condition` must be a compile-time constant. - * If `condition` is false, arrange to cause a compile-time error. */ -#define STATIC_ASSERT_THEN_RETURN(condition, value) \ - (STATIC_ASSERT_EXPR(condition) ? 0 : (value)) - -#define ARRAY_LENGTH(array) \ - (STATIC_ASSERT_THEN_RETURN(IS_ARRAY_NOT_POINTER(array), \ - ARRAY_LENGTH_UNSAFE(array))) - -#else -/* If we aren't sure the compiler supports our non-standard tricks, - * fall back to the unsafe implementation. */ -#define ARRAY_LENGTH(array) ARRAY_LENGTH_UNSAFE(array) -#endif - /** Return the smaller of two values. * * \param x An integer-valued expression without side effects. @@ -253,27 +259,4 @@ */ #define MAX(x, y) ((x) > (y) ? (x) : (y)) -/* - * 32-bit integer manipulation macros (big endian) - */ -#ifndef GET_UINT32_BE -#define GET_UINT32_BE(n, b, i) \ - { \ - (n) = ((uint32_t) (b)[(i)] << 24) \ - | ((uint32_t) (b)[(i) + 1] << 16) \ - | ((uint32_t) (b)[(i) + 2] << 8) \ - | ((uint32_t) (b)[(i) + 3]); \ - } -#endif - -#ifndef PUT_UINT32_BE -#define PUT_UINT32_BE(n, b, i) \ - { \ - (b)[(i)] = (unsigned char) ((n) >> 24); \ - (b)[(i) + 1] = (unsigned char) ((n) >> 16); \ - (b)[(i) + 2] = (unsigned char) ((n) >> 8); \ - (b)[(i) + 3] = (unsigned char) ((n)); \ - } -#endif - #endif /* TEST_MACROS_H */ diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 19a0483cc..9ba7dbcd9 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -24,15 +24,43 @@ #include "test/helpers.h" #if defined(MBEDTLS_PSA_CRYPTO_C) - #include "test/psa_helpers.h" - #include - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "mbedtls/psa_util.h" #endif +#if defined(MBEDTLS_MD_LIGHT) +#include "mbedtls/md.h" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) +/** Initialize the PSA Crypto subsystem. */ +#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) + +/** Shut down the PSA Crypto subsystem and destroy persistent keys. + * Expect a clean shutdown, with no slots in use. + * + * If some key slots are still in use, record the test case as failed, + * but continue executing. This macro is suitable (and primarily intended) + * for use in the cleanup section of test functions. + * + * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before + * creating them. + */ +#define PSA_DONE() \ + do \ + { \ + mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ + mbedtls_test_psa_purge_key_storage(); \ + mbedtls_psa_crypto_free(); \ + } \ + while (0) +#else /*MBEDTLS_PSA_CRYPTO_C */ +#define PSA_INIT() ((void) 0) +#define PSA_DONE() ((void) 0) +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_C) + #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) /* Internal function for #TEST_USES_KEY_ID. Return 1 on success, 0 on failure. */ @@ -86,8 +114,6 @@ void mbedtls_test_psa_purge_key_cache(void); #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#define PSA_INIT() PSA_ASSERT(psa_crypto_init()) - /** Check for things that have not been cleaned up properly in the * PSA subsystem. * @@ -104,30 +130,11 @@ const char *mbedtls_test_helper_is_psa_leaking(void); * `TEST_ASSERT( ! mbedtls_test_helper_is_psa_leaking( ) )` * but with a more informative message. */ -#define ASSERT_PSA_PRISTINE() \ +#define ASSERT_PSA_PRISTINE() \ do \ { \ - if (test_fail_if_psa_leaking(__LINE__, __FILE__)) \ - goto exit; \ - } \ - while (0) - -/** Shut down the PSA Crypto subsystem and destroy persistent keys. - * Expect a clean shutdown, with no slots in use. - * - * If some key slots are still in use, record the test case as failed, - * but continue executing. This macro is suitable (and primarily intended) - * for use in the cleanup section of test functions. - * - * \note Persistent keys must be recorded with #TEST_USES_KEY_ID before - * creating them. - */ -#define PSA_DONE() \ - do \ - { \ - test_fail_if_psa_leaking(__LINE__, __FILE__); \ - mbedtls_test_psa_purge_key_storage(); \ - mbedtls_psa_crypto_free(); \ + if (mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__)) \ + goto exit; \ } \ while (0) @@ -193,6 +200,51 @@ psa_status_t mbedtls_test_record_status(psa_status_t status, */ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags); +/** Check that no PSA Crypto key slots are in use. + * + * If any slots are in use, mark the current test as failed. + * + * \return 0 if the key store is empty, 1 otherwise. + */ +int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename); + + + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform + * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO + * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions + * is to read and write from the entropy seed file, which is located + * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID. + * (These could have been provided as library functions, but for historical + * reasons, they weren't, and so each integrator has to provide a copy + * of these functions.) + * + * Provide implementations of these functions for testing. */ +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len); +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len); + + +/** Make sure that the injected entropy is present. + * + * When MBEDTLS_PSA_INJECT_ENTROPY is enabled, psa_crypto_init() + * will fail if the PSA entropy seed is not present. + * This function must be called at least once in a test suite or other + * program before any call to psa_crypto_init(). + * It does not need to be called in each test case. + * + * The test framework calls this function before running any test case. + * + * The few tests that might remove the entropy file must call this function + * in their cleanup. + */ +int mbedtls_test_inject_entropy_restore(void); +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + +/** Parse binary string and convert it to a long integer + */ +uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); + /** Skip a test case if the given key is a 192 bits AES key and the AES * implementation is at least partially provided by an accelerator or * alternative implementation. @@ -277,30 +329,24 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags) } \ while (0) -#if !defined(MBEDTLS_MD_C) -#define PSA_INIT_IF_NO_MD() PSA_INIT() -#define PSA_DONE_IF_NO_MD() PSA_DONE() -#endif #endif /* MBEDTLS_PSA_CRYPTO_C */ -#if defined(MBEDTLS_MD_C) -#define PSA_INIT_IF_NO_MD() ((void) 0) -#define PSA_DONE_IF_NO_MD() ((void) 0) -#endif /** \def USE_PSA_INIT * * Call this macro to initialize the PSA subsystem if #MBEDTLS_USE_PSA_CRYPTO * or #MBEDTLS_SSL_PROTO_TLS1_3 (In contrast to TLS 1.2 implementation, the * TLS 1.3 one uses PSA independently of the definition of - * #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise. If the - * initialization fails, mark the test case as failed and jump to the \p exit - * label. + * #MBEDTLS_USE_PSA_CRYPTO) is enabled and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. */ /** \def USE_PSA_DONE * * Call this macro at the end of a test case if you called #USE_PSA_INIT. - * This is like #PSA_DONE, except that it does nothing if - * #MBEDTLS_USE_PSA_CRYPTO is disabled. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #USE_PSA_INIT. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) #define USE_PSA_INIT() PSA_INIT() @@ -313,4 +359,52 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags) #define USE_PSA_DONE() ((void) 0) #endif /* !MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_SSL_PROTO_TLS1_3 */ +/** \def MD_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if MD uses a driver, + * and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def MD_PSA_DONE + * + * Call this macro at the end of a test case if you called #MD_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #MD_PSA_INIT. + */ +#if defined(MBEDTLS_MD_SOME_PSA) +#define MD_PSA_INIT() PSA_INIT() +#define MD_PSA_DONE() PSA_DONE() +#else /* MBEDTLS_MD_SOME_PSA */ +#define MD_PSA_INIT() ((void) 0) +#define MD_PSA_DONE() ((void) 0) +#endif /* MBEDTLS_MD_SOME_PSA */ + +/** \def MD_OR_USE_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if MD uses a driver, + * or if #MBEDTLS_USE_PSA_CRYPTO or #MBEDTLS_SSL_PROTO_TLS1_3 is enabled, + * and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def MD_OR_USE_PSA_DONE + * + * Call this macro at the end of a test case if you called #MD_OR_USE_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #MD_OR_USE_PSA_INIT. + */ +#if defined(MBEDTLS_MD_SOME_PSA) || \ + defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) +#define MD_OR_USE_PSA_INIT() PSA_INIT() +#define MD_OR_USE_PSA_DONE() PSA_DONE() +#else +#define MD_OR_USE_PSA_INIT() ((void) 0) +#define MD_OR_USE_PSA_DONE() ((void) 0) +#endif + #endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index eb69fc661..46f4d0810 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -34,7 +34,7 @@ */ #if defined(PSA_WANT_ALG_MD5) #define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5 -/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of +/* PSA_WANT_ALG_RIPEMD160 omitted. This is necessary for the sake of * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160 * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be * implausible anyway. */ @@ -119,6 +119,7 @@ * The inputs \p input1 and \p input2 are, in order: * - HKDF: salt, info. * - TKS 1.2 PRF, TLS 1.2 PSK-to-MS: seed, label. + * - PBKDF2: input cost, salt. * * \param operation The operation object to use. * It must be in the initialized state. diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h new file mode 100644 index 000000000..ddbd6a39e --- /dev/null +++ b/tests/include/test/ssl_helpers.h @@ -0,0 +1,640 @@ +/** \file ssl_helpers.h + * + * \brief This file contains helper functions to set up a TLS connection. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SSL_HELPERS_H +#define SSL_HELPERS_H + +#include "mbedtls/build_info.h" + +#include + +#include +#include +#include +#include + +#if defined(MBEDTLS_SSL_TLS_C) +#include +#include +#include + +#include "test/certs.h" + +#if defined(MBEDTLS_SSL_CACHE_C) +#include "mbedtls/ssl_cache.h" +#endif + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define PSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ + psa_to_ssl_errors, \ + psa_generic_status_to_mbedtls) +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_MD_CAN_SHA384) +#define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384 +#endif +#if defined(MBEDTLS_MD_CAN_SHA256) +#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256 +#endif +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256) +#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256 +#define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256 +#endif +#endif /* MBEDTLS_AES_C */ +#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256) +#define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256 +#endif + +#if defined(MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256) || \ + defined(MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256) +#define MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +#endif + +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) +#define MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +#endif +enum { +#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ + tls13_label_ ## name, + MBEDTLS_SSL_TLS1_3_LABEL_LIST +#undef MBEDTLS_SSL_TLS1_3_LABEL +}; + +typedef struct mbedtls_test_ssl_log_pattern { + const char *pattern; + size_t counter; +} mbedtls_test_ssl_log_pattern; + +typedef struct mbedtls_test_handshake_test_options { + const char *cipher; + mbedtls_ssl_protocol_version client_min_version; + mbedtls_ssl_protocol_version client_max_version; + mbedtls_ssl_protocol_version server_min_version; + mbedtls_ssl_protocol_version server_max_version; + mbedtls_ssl_protocol_version expected_negotiated_version; + int expected_handshake_result; + int expected_ciphersuite; + int pk_alg; + int opaque_alg; + int opaque_alg2; + int opaque_usage; + data_t *psk_str; + int dtls; + int srv_auth_mode; + int serialize; + int mfl; + int cli_msg_len; + int srv_msg_len; + int expected_cli_fragments; + int expected_srv_fragments; + int renegotiate; + int legacy_renegotiation; + void *srv_log_obj; + void *cli_log_obj; + void (*srv_log_fun)(void *, int, const char *, int, const char *); + void (*cli_log_fun)(void *, int, const char *, int, const char *); + int resize_buffers; +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_context *cache; +#endif +} mbedtls_test_handshake_test_options; + +/* + * Buffer structure for custom I/O callbacks. + */ +typedef struct mbedtls_test_ssl_buffer { + size_t start; + size_t content_length; + size_t capacity; + unsigned char *buffer; +} mbedtls_test_ssl_buffer; + +/* + * Context for a message metadata queue (fifo) that is on top of the ring buffer. + */ +typedef struct mbedtls_test_ssl_message_queue { + size_t *messages; + int pos; + int num; + int capacity; +} mbedtls_test_ssl_message_queue; + +/* + * Context for the I/O callbacks simulating network connection. + */ + +#define MBEDTLS_MOCK_SOCKET_CONNECTED 1 + +typedef struct mbedtls_test_mock_socket { + int status; + mbedtls_test_ssl_buffer *input; + mbedtls_test_ssl_buffer *output; + struct mbedtls_test_mock_socket *peer; +} mbedtls_test_mock_socket; + +/* Errors used in the message socket mocks */ + +#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 +#define MBEDTLS_TEST_ERROR_SEND_FAILED -66 +#define MBEDTLS_TEST_ERROR_RECV_FAILED -77 + +/* + * Structure used as an addon, or a wrapper, around the mocked sockets. + * Contains an input queue, to which the other socket pushes metadata, + * and an output queue, to which this one pushes metadata. This context is + * considered as an owner of the input queue only, which is initialized and + * freed in the respective setup and free calls. + */ +typedef struct mbedtls_test_message_socket_context { + mbedtls_test_ssl_message_queue *queue_input; + mbedtls_test_ssl_message_queue *queue_output; + mbedtls_test_mock_socket *socket; +} mbedtls_test_message_socket_context; + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + +/* + * Structure with endpoint's certificates for SSL communication tests. + */ +typedef struct mbedtls_test_ssl_endpoint_certificate { + mbedtls_x509_crt *ca_cert; + mbedtls_x509_crt *cert; + mbedtls_pk_context *pkey; +} mbedtls_test_ssl_endpoint_certificate; + +/* + * Endpoint structure for SSL communication tests. + */ +typedef struct mbedtls_test_ssl_endpoint { + const char *name; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + mbedtls_test_mock_socket socket; + mbedtls_test_ssl_endpoint_certificate cert; +} mbedtls_test_ssl_endpoint; + +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +/* + * This function can be passed to mbedtls to receive output logs from it. In + * this case, it will count the instances of a mbedtls_test_ssl_log_pattern + * in the received logged messages. + */ +void mbedtls_test_ssl_log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str); + +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts); + +void mbedtls_test_free_handshake_options( + mbedtls_test_handshake_test_options *opts); + +/* + * Initialises \p buf. After calling this function it is safe to call + * `mbedtls_test_ssl_buffer_free()` on \p buf. + */ +void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf); + +/* + * Sets up \p buf. After calling this function it is safe to call + * `mbedtls_test_ssl_buffer_put()` and `mbedtls_test_ssl_buffer_get()` + * on \p buf. + */ +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity); + +void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf); + +/* + * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf. + * + * \p buf must have been initialized and set up by calling + * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`. + * + * \retval \p input_len, if the data fits. + * \retval 0 <= value < \p input_len, if the data does not fit. + * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not + * zero and \p input is NULL. + */ +int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, + const unsigned char *input, size_t input_len); + +/* + * Gets \p output_len bytes from the ring buffer \p buf into the + * \p output buffer. The output buffer can be NULL, in this case a part of the + * ring buffer will be dropped, if the requested length is available. + * + * \p buf must have been initialized and set up by calling + * `mbedtls_test_ssl_buffer_init()` and `mbedtls_test_ssl_buffer_setup()`. + * + * \retval \p output_len, if the data is available. + * \retval 0 <= value < \p output_len, if the data is not available. + * \retval -1, if \buf is NULL or it hasn't been set up. + */ +int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, + unsigned char *output, size_t output_len); + +/* + * Errors used in the message transport mock tests + */ + #define MBEDTLS_TEST_ERROR_ARG_NULL -11 + #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44 + +/* + * Setup and free functions for the message metadata queue. + * + * \p capacity describes the number of message metadata chunks that can be held + * within the queue. + * + * \retval 0, if a metadata queue of a given length can be allocated. + * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. + */ +int mbedtls_test_ssl_message_queue_setup( + mbedtls_test_ssl_message_queue *queue, size_t capacity); + +void mbedtls_test_ssl_message_queue_free( + mbedtls_test_ssl_message_queue *queue); + +/* + * Push message length information onto the message metadata queue. + * This will become the last element to leave it (fifo). + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. + * \retval \p len, if the push was successful. + */ +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len); + +/* + * Pop information about the next message length from the queue. This will be + * the oldest inserted message length(fifo). \p msg_len can be null, in which + * case the data will be popped from the queue but not copied anywhere. + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. + * \retval message length, if the pop was successful, up to the given + \p buf_len. + */ +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len); + +/* + * Setup and teardown functions for mock sockets. + */ +void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket); + +/* + * Closes the socket \p socket. + * + * \p socket must have been previously initialized by calling + * mbedtls_test_mock_socket_init(). + * + * This function frees all allocated resources and both sockets are aware of the + * new connection state. + * + * That is, this function does not simulate half-open TCP connections and the + * phenomenon that when closing a UDP connection the peer is not aware of the + * connection having been closed. + */ +void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket); + +/* + * Establishes a connection between \p peer1 and \p peer2. + * + * \p peer1 and \p peer2 must have been previously initialized by calling + * mbedtls_test_mock_socket_init(). + * + * The capacities of the internal buffers are set to \p bufsize. Setting this to + * the correct value allows for simulation of MTU, sanity testing the mock + * implementation and mocking TCP connections with lower memory cost. + */ +int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, + mbedtls_test_mock_socket *peer2, + size_t bufsize); + + +/* + * Callbacks for simulating blocking I/O over connection-oriented transport. + */ +int mbedtls_test_mock_tcp_send_b(void *ctx, + const unsigned char *buf, size_t len); + +int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len); + +/* + * Callbacks for simulating non-blocking I/O over connection-oriented transport. + */ +int mbedtls_test_mock_tcp_send_nb(void *ctx, + const unsigned char *buf, size_t len); + +int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len); + +void mbedtls_test_message_socket_init( + mbedtls_test_message_socket_context *ctx); + +/* + * Setup a given message socket context including initialization of + * input/output queues to a chosen capacity of messages. Also set the + * corresponding mock socket. + * + * \retval 0, if everything succeeds. + * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message + * queue failed. + */ +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx); + +/* + * Close a given message socket context, along with the socket itself. Free the + * memory allocated by the input queue. + */ +void mbedtls_test_message_socket_close( + mbedtls_test_message_socket_context *ctx); + +/* + * Send one message through a given message socket context. + * + * \retval \p len, if everything succeeds. + * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context + * elements or the context itself is null. + * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if + * mbedtls_test_mock_tcp_send_b failed. + * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. + * + * This function will also return any error from + * mbedtls_test_ssl_message_queue_push_info. + */ +int mbedtls_test_mock_tcp_send_msg(void *ctx, + const unsigned char *buf, size_t len); + +/* + * Receive one message from a given message socket context and return message + * length or an error. + * + * \retval message length, if everything succeeds. + * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context + * elements or the context itself is null. + * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if + * mbedtls_test_mock_tcp_recv_b failed. + * + * This function will also return any error other than + * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from test_ssl_message_queue_peek_info. + */ +int mbedtls_test_mock_tcp_recv_msg(void *ctx, + unsigned char *buf, size_t buf_len); + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + +/* + * Initializes \p ep_cert structure and assigns it to endpoint + * represented by \p ep. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg, + int opaque_alg, int opaque_alg2, + int opaque_usage); + +/* + * Initializes \p ep structure. It is important to call + * `mbedtls_test_ssl_endpoint_free()` after calling this function + * even if it fails. + * + * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or + * MBEDTLS_SSL_IS_CLIENT. + * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and + * MBEDTLS_PK_ECDSA are supported. + * \p dtls_context - in case of DTLS - this is the context handling metadata. + * \p input_queue - used only in case of DTLS. + * \p output_queue - used only in case of DTLS. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, + mbedtls_test_handshake_test_options *options, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue, + uint16_t *group_list); + +/* + * Deinitializes endpoint represented by \p ep. + */ +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context); + +/* + * This function moves ssl handshake from \p ssl to prescribed \p state. + * /p second_ssl is used as second endpoint and their sockets have to be + * connected before calling this function. + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state); + +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +/* + * Helper function setting up inverse record transformations + * using given cipher, hash, EtM mode, authentication tag length, + * and version. + */ +#define CHK(x) \ + do \ + { \ + if (!(x)) \ + { \ + ret = -1; \ + goto cleanup; \ + } \ + } while (0) + +#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX +#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX +#else +#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) +int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, + const unsigned char *iv, + size_t iv_len, + const unsigned char *input, + size_t ilen, + unsigned char *output, + size_t *olen); +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && + MBEDTLS_AES_C */ + +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, + mbedtls_ssl_protocol_version tls_version, + size_t cid0_len, + size_t cid1_len); + +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +/** + * \param[in,out] record The record to prepare. + * It must contain the data to MAC at offset + * `record->data_offset`, of length + * `record->data_length`. + * On success, write the MAC immediately + * after the data and increment + * `record->data_length` accordingly. + * \param[in,out] transform_out The out transform, typically prepared by + * mbedtls_test_ssl_build_transforms(). + * Its HMAC context may be used. Other than that + * it is treated as an input parameter. + * + * \return 0 on success, an `MBEDTLS_ERR_xxx` error code + * or -1 on error. + */ +int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, + mbedtls_ssl_transform *transform_out); +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + +/* + * Populate a session structure for serialization tests. + * Choose dummy values, mostly non-0 to distinguish from the init default. + */ +int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file); + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + +/* + * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the + * message was sent in the correct number of fragments. + * + * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both + * of them must be initialized and connected + * beforehand. + * /p msg_len_1 and /p msg_len_2 specify the size of the message to send. + * /p expected_fragments_1 and /p expected_fragments_2 determine in how many + * fragments the message should be sent. + * expected_fragments is 0: can be used for DTLS testing while the message + * size is larger than MFL. In that case the message + * cannot be fragmented and sent to the second + * endpoint. + * This value can be used for negative tests. + * expected_fragments is 1: can be used for TLS/DTLS testing while the + * message size is below MFL + * expected_fragments > 1: can be used for TLS testing while the message + * size is larger than MFL + * + * \retval 0 on success, otherwise error code. + */ +int mbedtls_test_ssl_exchange_data( + mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2); + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options); +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_TEST_HOOKS) +/* + * Tweak vector lengths in a TLS 1.3 Certificate message + * + * \param[in] buf Buffer containing the Certificate message to tweak + * \param[in]]out] end End of the buffer to parse + * \param tweak Tweak identifier (from 1 to the number of tweaks). + * \param[out] expected_result Error code expected from the parsing function + * \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that + * is expected to fail. All zeroes if no + * MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected. + */ +int mbedtls_test_tweak_tls13_certificate_msg_vector_len( + unsigned char *buf, unsigned char **end, int tweak, + int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args); +#endif /* MBEDTLS_TEST_HOOKS */ + +#define ECJPAKE_TEST_PWD "bla" + +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \ + ret = (use_opaque_arg) ? \ + mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \ + mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \ + TEST_EQUAL(ret, exp_ret_val) +#else +#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \ + ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \ + pwd_string, pwd_len); \ + TEST_EQUAL(ret, exp_ret_val) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \ + TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \ + group_id_); \ + TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \ + tls_id_); \ + TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \ + &psa_type, &psa_bits), PSA_SUCCESS); \ + TEST_EQUAL(psa_family_, PSA_KEY_TYPE_ECC_GET_FAMILY(psa_type)); \ + TEST_EQUAL(psa_bits_, psa_bits); + +#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \ + TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \ + MBEDTLS_ECP_DP_NONE); \ + TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \ + 0); \ + TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \ + &psa_type, &psa_bits), \ + PSA_ERROR_NOT_SUPPORTED); + +#endif /* MBEDTLS_SSL_TLS_C */ + +#endif /* SSL_HELPERS_H */ diff --git a/tests/opt-testcases/tls13-compat.sh b/tests/opt-testcases/tls13-compat.sh index 7f9d46fe4..56d2e2959 100755 --- a/tests/opt-testcases/tls13-compat.sh +++ b/tests/opt-testcases/tls13-compat.sh @@ -29,9 +29,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -45,9 +46,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -61,9 +63,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -78,9 +81,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -94,9 +98,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -110,9 +115,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -126,9 +132,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -143,9 +150,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -159,9 +167,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -175,9 +184,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -191,9 +201,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -208,9 +219,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -224,9 +236,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -240,9 +253,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -256,9 +270,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -273,9 +288,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -289,9 +305,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -305,9 +322,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -321,9 +339,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -338,9 +357,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -354,9 +374,79 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -370,9 +460,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -386,9 +477,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -403,9 +495,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -419,9 +512,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -435,9 +529,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -451,9 +546,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -468,9 +564,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -484,9 +581,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -500,9 +598,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -516,9 +615,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -533,9 +633,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -549,9 +650,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -565,9 +667,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -581,9 +684,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -598,9 +702,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -614,9 +719,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -630,9 +736,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -646,9 +753,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -663,9 +771,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -679,9 +788,79 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -695,9 +874,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -711,9 +891,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -728,9 +909,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -744,9 +926,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -760,9 +943,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -776,9 +960,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -793,9 +978,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -809,9 +995,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -825,9 +1012,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -841,9 +1029,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -858,9 +1047,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -874,9 +1064,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -890,9 +1081,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -906,9 +1098,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -923,9 +1116,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -939,9 +1133,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -955,9 +1150,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -971,9 +1167,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -988,9 +1185,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1004,9 +1202,79 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1020,9 +1288,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1036,9 +1305,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1053,9 +1323,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1069,9 +1340,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1085,9 +1357,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1101,9 +1374,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1118,9 +1392,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1134,9 +1409,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1150,9 +1426,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1166,9 +1443,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1183,9 +1461,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1199,9 +1478,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1215,9 +1495,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1231,9 +1512,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1248,9 +1530,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1264,9 +1547,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1280,9 +1564,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1296,9 +1581,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1313,9 +1599,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1329,9 +1616,79 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1345,9 +1702,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1361,9 +1719,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1378,9 +1737,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1394,9 +1754,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1410,9 +1771,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1426,9 +1788,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1443,9 +1806,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1459,9 +1823,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1475,9 +1840,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1491,9 +1857,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1508,9 +1875,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1524,9 +1892,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1540,9 +1909,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1556,9 +1926,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1573,9 +1944,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1589,9 +1961,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1605,9 +1978,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1621,9 +1995,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1638,9 +2013,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1654,11 +2030,81 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca_cat12.crt -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1672,11 +2118,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1690,11 +2137,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1709,11 +2157,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1727,11 +2176,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1745,11 +2195,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1763,11 +2214,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1782,11 +2234,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1800,11 +2253,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1818,11 +2272,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1836,11 +2291,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1855,11 +2311,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1873,11 +2330,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1891,11 +2349,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1909,11 +2368,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1928,11 +2388,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1946,11 +2407,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1964,11 +2426,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -1982,11 +2445,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2001,11 +2465,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2019,11 +2484,89 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2037,11 +2580,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2055,11 +2599,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2074,11 +2619,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2092,11 +2638,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2110,11 +2657,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2128,11 +2676,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2147,11 +2696,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2165,11 +2715,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2183,11 +2734,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2201,11 +2753,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2220,11 +2773,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2238,11 +2792,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2256,11 +2811,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2274,11 +2830,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2293,11 +2850,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2311,11 +2869,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2329,11 +2888,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2347,11 +2907,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2366,11 +2927,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2384,11 +2946,89 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2402,11 +3042,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2420,11 +3061,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2439,11 +3081,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2457,11 +3100,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2475,11 +3119,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2493,11 +3138,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2512,11 +3158,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2530,11 +3177,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2548,11 +3196,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2566,11 +3215,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2585,11 +3235,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2603,11 +3254,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2621,11 +3273,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2639,11 +3292,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2658,11 +3312,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2676,11 +3331,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2694,11 +3350,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2712,11 +3369,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2731,11 +3389,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2749,11 +3408,89 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2767,11 +3504,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2785,11 +3523,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2804,11 +3543,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2822,11 +3562,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2840,11 +3581,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2858,11 +3600,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2877,11 +3620,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2895,11 +3639,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2913,11 +3658,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2931,11 +3677,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2950,11 +3697,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2968,11 +3716,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -2986,11 +3735,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3004,11 +3754,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3023,11 +3774,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3041,11 +3793,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3059,11 +3812,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3077,11 +3831,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3096,11 +3851,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3114,11 +3870,89 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3132,11 +3966,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3150,11 +3985,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3169,11 +4005,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3187,11 +4024,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3205,11 +4043,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3223,11 +4062,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3242,11 +4082,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3260,11 +4101,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3278,11 +4120,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3296,11 +4139,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3315,11 +4159,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3333,11 +4178,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3351,11 +4197,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3369,11 +4216,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3388,11 +4236,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3406,11 +4255,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3424,11 +4274,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3442,11 +4293,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3461,11 +4313,12 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -3475,14 +4328,92 @@ run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ -s "Certificate verification was skipped" \ -C "received HelloRetryRequest message" +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3497,9 +4428,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3514,9 +4446,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3532,9 +4465,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3549,9 +4483,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3566,9 +4501,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3583,9 +4519,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3601,9 +4538,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3618,9 +4556,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3635,9 +4574,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3652,9 +4592,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3670,9 +4611,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3687,9 +4629,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3704,9 +4647,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3721,9 +4665,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3739,9 +4684,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3756,9 +4702,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3773,9 +4720,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3790,9 +4738,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3808,9 +4757,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3820,14 +4770,88 @@ run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \ -c "Verifying peer X.509 certificate... ok" \ -C "received HelloRetryRequest message" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3842,9 +4866,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3859,9 +4884,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3877,9 +4903,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3894,9 +4921,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3911,9 +4939,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3928,9 +4957,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3946,9 +4976,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3963,9 +4994,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3980,9 +5012,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -3997,9 +5030,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4015,9 +5049,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4032,9 +5067,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4049,9 +5085,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4066,9 +5103,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4084,9 +5122,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4101,9 +5140,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4118,9 +5158,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4135,9 +5176,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4153,9 +5195,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4165,14 +5208,88 @@ run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \ -c "Verifying peer X.509 certificate... ok" \ -C "received HelloRetryRequest message" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4187,9 +5304,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4204,9 +5322,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4222,9 +5341,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4239,9 +5359,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4256,9 +5377,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4273,9 +5395,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4291,9 +5414,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4308,9 +5432,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4325,9 +5450,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4342,9 +5468,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4360,9 +5487,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4377,9 +5505,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4394,9 +5523,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4411,9 +5541,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4429,9 +5560,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4446,9 +5578,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4463,9 +5596,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4480,9 +5614,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4498,9 +5633,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4510,14 +5646,88 @@ run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \ -c "Verifying peer X.509 certificate... ok" \ -C "received HelloRetryRequest message" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4532,9 +5742,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4549,9 +5760,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4567,9 +5779,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4584,9 +5797,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4601,9 +5815,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4618,9 +5833,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4636,9 +5852,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4653,9 +5870,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4670,9 +5888,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4687,9 +5906,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4705,9 +5925,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4722,9 +5943,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4739,9 +5961,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4756,9 +5979,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4774,9 +5998,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4791,9 +6016,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4808,9 +6034,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4825,9 +6052,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4843,9 +6071,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4855,14 +6084,88 @@ run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \ -c "Verifying peer X.509 certificate... ok" \ -C "received HelloRetryRequest message" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4877,9 +6180,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4894,9 +6198,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4912,9 +6217,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4929,9 +6235,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4946,9 +6253,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4963,9 +6271,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4981,9 +6290,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -4998,9 +6308,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5015,9 +6326,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5032,9 +6344,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5050,9 +6363,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5067,9 +6381,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5084,9 +6399,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5101,9 +6417,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5119,9 +6436,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5136,9 +6454,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5153,9 +6472,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5170,9 +6490,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5188,9 +6509,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -5200,6 +6522,79 @@ run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ -c "Verifying peer X.509 certificate... ok" \ -C "received HelloRetryRequest message" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -5207,9 +6602,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5226,9 +6622,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5245,9 +6642,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5265,9 +6663,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5284,9 +6683,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5303,9 +6703,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5322,9 +6723,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5342,9 +6744,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5361,9 +6764,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5380,9 +6784,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5399,9 +6804,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5419,9 +6825,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5438,9 +6845,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5457,9 +6865,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5476,9 +6885,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5496,9 +6906,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5515,9 +6926,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5534,9 +6946,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5553,9 +6966,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5573,9 +6987,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5592,9 +7007,91 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5611,9 +7108,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5630,9 +7128,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5650,9 +7149,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5669,9 +7169,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5688,9 +7189,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5707,9 +7209,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5727,9 +7230,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5746,9 +7250,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5765,9 +7270,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5784,9 +7290,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5804,9 +7311,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5823,9 +7331,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5842,9 +7351,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5861,9 +7371,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5881,9 +7392,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5900,9 +7412,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5919,9 +7432,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5938,9 +7452,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5958,9 +7473,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5977,9 +7493,91 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -5996,9 +7594,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6015,9 +7614,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6035,9 +7635,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6054,9 +7655,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6073,9 +7675,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6092,9 +7695,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6112,9 +7716,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6131,9 +7736,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6150,9 +7756,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6169,9 +7776,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6189,9 +7797,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6208,9 +7817,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6227,9 +7837,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6246,9 +7857,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6266,9 +7878,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6285,9 +7898,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6304,9 +7918,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6323,9 +7938,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6343,9 +7959,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6362,9 +7979,91 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6381,9 +8080,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6400,9 +8100,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6420,9 +8121,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6439,9 +8141,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6458,9 +8161,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6477,9 +8181,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6497,9 +8202,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6516,9 +8222,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6535,9 +8242,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6554,9 +8262,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6574,9 +8283,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6593,9 +8303,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6612,9 +8323,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6631,9 +8343,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6651,9 +8364,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6670,9 +8384,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6689,9 +8404,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6708,9 +8424,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6728,9 +8445,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6747,9 +8465,91 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6766,9 +8566,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6785,9 +8586,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6805,9 +8607,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6824,9 +8627,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6843,9 +8647,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6862,9 +8667,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6882,9 +8688,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6901,9 +8708,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6920,9 +8728,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6939,9 +8748,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6959,9 +8769,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6978,9 +8789,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -6997,9 +8809,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7016,9 +8829,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7036,9 +8850,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7055,9 +8870,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7074,9 +8890,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7093,9 +8910,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7113,9 +8931,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -7125,17 +8944,100 @@ run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ -c "Verifying peer X.509 certificate... ok" \ -C "received HelloRetryRequest message" -requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7153,13 +9055,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7177,13 +9081,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7202,14 +9108,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7227,13 +9135,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7251,13 +9161,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7275,13 +9187,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7300,14 +9214,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7325,13 +9241,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7349,13 +9267,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7373,13 +9293,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7398,14 +9320,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7423,13 +9347,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7447,13 +9373,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7471,13 +9399,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7496,14 +9426,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7521,13 +9453,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7545,13 +9479,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7569,13 +9505,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7594,14 +9532,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ @@ -7619,13 +9559,121 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7643,13 +9691,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7667,13 +9717,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7692,14 +9744,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7717,13 +9771,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7741,13 +9797,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7765,13 +9823,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7790,14 +9850,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7815,13 +9877,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7839,13 +9903,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7863,13 +9929,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7888,14 +9956,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7913,13 +9983,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7937,13 +10009,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7961,13 +10035,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -7986,14 +10062,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -8011,13 +10089,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -8035,13 +10115,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -8059,13 +10141,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -8084,14 +10168,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ @@ -8109,13 +10195,121 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-256-GCM-SHA384 ( id=4866 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8133,13 +10327,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8157,13 +10353,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8182,14 +10380,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8207,13 +10407,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8231,13 +10433,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8255,13 +10459,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8280,14 +10486,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8305,13 +10513,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8329,13 +10539,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8353,13 +10565,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8378,14 +10592,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8403,13 +10619,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8427,13 +10645,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8451,13 +10671,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8476,14 +10698,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8501,13 +10725,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8525,13 +10751,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8549,13 +10777,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8574,14 +10804,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ @@ -8599,13 +10831,121 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-CHACHA20-POLY1305-SHA256 ( id=4867 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8623,13 +10963,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8647,13 +10989,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8672,14 +11016,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8697,13 +11043,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8721,13 +11069,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8745,13 +11095,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8770,14 +11122,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8795,13 +11149,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8819,13 +11175,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8843,13 +11201,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8868,14 +11228,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8893,13 +11255,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8917,13 +11281,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8941,13 +11307,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8966,14 +11334,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -8991,13 +11361,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -9015,13 +11387,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -9039,13 +11413,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -9064,14 +11440,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ @@ -9089,13 +11467,121 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-SHA256 ( id=4868 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9113,13 +11599,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9137,13 +11625,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9162,14 +11652,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9187,13 +11679,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9211,13 +11705,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9235,13 +11731,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9260,14 +11758,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9285,13 +11785,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9309,13 +11811,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9333,13 +11837,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9358,14 +11864,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9383,13 +11891,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9407,13 +11917,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9431,13 +11943,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9456,14 +11970,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9481,13 +11997,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9505,13 +12023,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \ - "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9529,13 +12049,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \ - "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9554,14 +12076,16 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \ - "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ @@ -9579,9 +12103,116 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x403" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0403 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ + "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x503" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0503 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ + "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x603" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0603 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-CCM-8-SHA256 ( id=4869 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp256r1 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-256:P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9593,9 +12224,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp256r1 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-256:P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9607,9 +12239,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp256r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-256:X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9621,9 +12254,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp256r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-256:X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9635,9 +12269,25 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR secp256r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-256:ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp384r1 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-384:P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9649,9 +12299,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp384r1 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-384:P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9663,9 +12314,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp384r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-384:X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9677,9 +12329,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp384r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-384:X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9691,9 +12344,25 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR secp384r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-384:ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp521r1 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-521:P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9705,9 +12374,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp521r1 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-521:P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9719,9 +12389,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp521r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-521:X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9733,9 +12404,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR secp521r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-521:X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9747,9 +12419,25 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR secp521r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups P-521:ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x25519 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X25519:P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9761,9 +12449,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x25519 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X25519:P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9775,9 +12464,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x25519 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X25519:P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9789,9 +12479,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x25519 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X25519:X448 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9803,9 +12494,25 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR x25519 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X25519:ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x448 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X448:P-256 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9817,9 +12524,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x448 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X448:P-384 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9831,9 +12539,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x448 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X448:P-521 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9845,9 +12554,10 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_openssl_tls1_3 run_test "TLS 1.3 O->m: HRR x448 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X448:X25519 -msg -tls1_3" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9859,11 +12569,102 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR x448 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups X448:ffdhe2048 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR ffdhe2048 -> secp256r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups ffdhe2048:P-256 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp256r1(0017)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: secp256r1" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR ffdhe2048 -> secp384r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups ffdhe2048:P-384 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp384r1(0018)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: secp384r1" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR ffdhe2048 -> secp521r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups ffdhe2048:P-521 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp521r1(0019)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: secp521r1" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR ffdhe2048 -> x25519" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups ffdhe2048:X25519 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: x25519(001d)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: x25519" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_openssl_tls1_3_with_ffdh +run_test "TLS 1.3 O->m: HRR ffdhe2048 -> x448" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$O_NEXT_CLI_NO_CERT -CAfile data_files/test-ca2.crt -groups ffdhe2048:X448 -msg -tls1_3" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: x448(001e)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: x448" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp256r1 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9875,11 +12676,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp256r1 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9891,11 +12693,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp256r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9907,11 +12710,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp256r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9923,11 +12727,29 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR secp256r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp384r1 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9939,11 +12761,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp384r1 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9955,11 +12778,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp384r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9971,11 +12795,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp384r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -9987,11 +12812,29 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR secp384r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp521r1 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10003,11 +12846,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp521r1 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10019,11 +12863,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp521r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10035,11 +12880,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR secp521r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10051,11 +12897,29 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR secp521r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x25519 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10067,11 +12931,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x25519 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10083,11 +12948,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x25519 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10099,11 +12965,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x25519 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10115,11 +12982,29 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR x25519 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x448 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10131,11 +13016,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x448 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10147,11 +13033,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x448 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10163,11 +13050,12 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat run_test "TLS 1.3 G->m: HRR x448 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -10175,14 +13063,117 @@ run_test "TLS 1.3 G->m: HRR x448 -> x25519" \ -s "Certificate verification was skipped" \ -s "HRR selected_group: x25519" +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR x448 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: ffdhe2048" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR ffdhe2048 -> secp256r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp256r1(0017)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: secp256r1" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR ffdhe2048 -> secp384r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp384r1(0018)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: secp384r1" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR ffdhe2048 -> secp521r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp521r1(0019)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: secp521r1" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR ffdhe2048 -> x25519" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: x25519(001d)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: x25519" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: HRR ffdhe2048 -> x448" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca2.crt --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: x448(001e)" \ + -s "Certificate verification was skipped" \ + -s "HRR selected_group: x448" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp256r1 -> secp384r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10197,9 +13188,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp256r1 -> secp521r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10214,9 +13206,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp256r1 -> x25519" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10231,9 +13224,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp256r1 -> x448" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10243,14 +13237,34 @@ run_test "TLS 1.3 m->O: HRR secp256r1 -> x448" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 30 )" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR secp256r1 -> ffdhe2048" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp256r1 ( 17 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp384r1 -> secp256r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10265,9 +13279,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp384r1 -> secp521r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10282,9 +13297,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp384r1 -> x25519" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10299,9 +13315,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp384r1 -> x448" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10311,14 +13328,34 @@ run_test "TLS 1.3 m->O: HRR secp384r1 -> x448" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 30 )" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR secp384r1 -> ffdhe2048" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp384r1 ( 18 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp521r1 -> secp256r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10333,9 +13370,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp521r1 -> secp384r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10350,9 +13388,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp521r1 -> x25519" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10367,9 +13406,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR secp521r1 -> x448" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10379,14 +13419,34 @@ run_test "TLS 1.3 m->O: HRR secp521r1 -> x448" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 30 )" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR secp521r1 -> ffdhe2048" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp521r1 ( 19 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x25519 -> secp256r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10401,9 +13461,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x25519 -> secp384r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10418,9 +13479,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x25519 -> secp521r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10435,9 +13497,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x25519 -> x448" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,x448" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10447,14 +13510,34 @@ run_test "TLS 1.3 m->O: HRR x25519 -> x448" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 30 )" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR x25519 -> ffdhe2048" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: x25519 ( 1d )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + requires_openssl_tls1_3 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x448 -> secp256r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp256r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10469,9 +13552,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x448 -> secp384r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp384r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10486,9 +13570,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x448 -> secp521r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp521r1" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10503,9 +13588,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->O: HRR x448 -> x25519" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,x25519" \ 0 \ -c "HTTP/1.0 200 ok" \ -c "Protocol is TLSv1.3" \ @@ -10515,6 +13601,120 @@ run_test "TLS 1.3 m->O: HRR x448 -> x25519" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 29 )" +requires_openssl_tls1_3_with_ffdh +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR x448 -> ffdhe2048" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: x448 ( 1e )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR ffdhe2048 -> secp256r1" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp256r1" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp256r1 ( 17 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 23 )" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR ffdhe2048 -> secp384r1" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp384r1" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp384r1 ( 18 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 24 )" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR ffdhe2048 -> secp521r1" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp521r1" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp521r1 ( 19 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 25 )" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR ffdhe2048 -> x25519" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x25519" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: x25519 ( 1d )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 29 )" + +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->O: HRR ffdhe2048 -> x448" \ + "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x448" \ + 0 \ + -c "HTTP/1.0 200 ok" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: x448 ( 1e )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 30 )" + requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -10522,9 +13722,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp256r1 -> secp384r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10541,9 +13742,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp256r1 -> secp521r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10560,9 +13762,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp256r1 -> x25519" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10579,9 +13782,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp256r1 -> x448" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10598,9 +13802,31 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR secp256r1 -> ffdhe2048" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp256r1 ( 17 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp384r1 -> secp256r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10617,9 +13843,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp384r1 -> secp521r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10636,9 +13863,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp384r1 -> x25519" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10655,9 +13883,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp384r1 -> x448" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10674,9 +13903,31 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR secp384r1 -> ffdhe2048" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp384r1 ( 18 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp521r1 -> secp256r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10693,9 +13944,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp521r1 -> secp384r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10712,9 +13964,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp521r1 -> x25519" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10731,9 +13984,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR secp521r1 -> x448" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10750,9 +14004,31 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR secp521r1 -> ffdhe2048" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp521r1 ( 19 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x25519 -> secp256r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10769,9 +14045,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x25519 -> secp384r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10788,9 +14065,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x25519 -> secp521r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10807,9 +14085,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x25519 -> x448" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,x448" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10826,9 +14105,31 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR x25519 -> ffdhe2048" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: x25519 ( 1d )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x448 -> secp256r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp256r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10845,9 +14146,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x448 -> secp384r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp384r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10864,9 +14166,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x448 -> secp521r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp521r1" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10883,9 +14186,10 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->G: HRR x448 -> x25519" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519 force_version=tls13" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,x25519" \ 0 \ -c "HTTP/1.0 200 OK" \ -c "Protocol is TLSv1.3" \ @@ -10895,17 +14199,145 @@ run_test "TLS 1.3 m->G: HRR x448 -> x25519" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 29 )" -requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR x448 -> ffdhe2048" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,ffdhe2048" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: x448 ( 1e )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR ffdhe2048 -> secp256r1" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp256r1" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp256r1 ( 17 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 23 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR ffdhe2048 -> secp384r1" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp384r1" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp384r1 ( 18 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 24 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR ffdhe2048 -> secp521r1" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp521r1" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp521r1 ( 19 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 25 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR ffdhe2048 -> x25519" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x25519" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: x25519 ( 1d )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 29 )" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: HRR ffdhe2048 -> x448" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x448" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: x448 ( 1e )" \ + -c "Verifying peer X.509 certificate... ok" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 30 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp256r1 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp384r1(0018)" \ @@ -10922,13 +14354,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp256r1 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp521r1(0019)" \ @@ -10945,13 +14379,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp256r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x25519(001d)" \ @@ -10968,13 +14404,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp256r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1,x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x448(001e)" \ @@ -10991,13 +14429,41 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR secp256r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp256r1 ( 17 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: ffdhe2048" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp384r1 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp256r1(0017)" \ @@ -11014,13 +14480,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp384r1 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp521r1(0019)" \ @@ -11037,13 +14505,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp384r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x25519(001d)" \ @@ -11060,13 +14530,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp384r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x448(001e)" \ @@ -11083,13 +14555,41 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR secp384r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp384r1 ( 18 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: ffdhe2048" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp521r1 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp256r1(0017)" \ @@ -11106,13 +14606,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp521r1 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp384r1(0018)" \ @@ -11129,13 +14631,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp521r1 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x25519(001d)" \ @@ -11152,13 +14656,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR secp521r1 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x448(001e)" \ @@ -11175,13 +14681,41 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR secp521r1 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: secp521r1 ( 19 )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: ffdhe2048" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x25519 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp256r1(0017)" \ @@ -11198,13 +14732,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x25519 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp384r1(0018)" \ @@ -11221,13 +14757,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x25519 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp521r1(0019)" \ @@ -11244,13 +14782,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x25519 -> x448" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,x448 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,x448" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x448(001e)" \ @@ -11267,13 +14807,41 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR x25519 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: x25519 ( 1d )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: ffdhe2048" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x448 -> secp256r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp256r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp256r1(0017)" \ @@ -11290,13 +14858,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x448 -> secp384r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp384r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp384r1(0018)" \ @@ -11313,13 +14883,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x448 -> secp521r1" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp521r1 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,secp521r1" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: secp521r1(0019)" \ @@ -11336,13 +14908,15 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 m->m: HRR x448 -> x25519" \ - "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x25519 force_version=tls13 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ - "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 curves=x448,x25519 force_version=tls13" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,x25519" \ 0 \ -s "Protocol is TLSv1.3" \ -s "got named group: x25519(001d)" \ @@ -11354,3 +14928,159 @@ run_test "TLS 1.3 m->m: HRR x448 -> x25519" \ -s "HRR selected_group: x25519" \ -c "received HelloRetryRequest message" \ -c "selected_group ( 29 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR x448 -> ffdhe2048" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,ffdhe2048" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: ffdhe2048(0100)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: x448 ( 1e )" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: ffdhe2048" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 256 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR ffdhe2048 -> secp256r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp256r1" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp256r1(0017)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp256r1 ( 17 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: secp256r1" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 23 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR ffdhe2048 -> secp384r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp384r1" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp384r1(0018)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp384r1 ( 18 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: secp384r1" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 24 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR ffdhe2048 -> secp521r1" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp521r1" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: secp521r1(0019)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: secp521r1 ( 19 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: secp521r1" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 25 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR ffdhe2048 -> x25519" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x25519" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: x25519(001d)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: x25519 ( 1d )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: x25519" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 29 )" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled PSA_WANT_ALG_ECDH +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->m: HRR ffdhe2048 -> x448" \ + "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x448" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "got named group: x448(001e)" \ + -s "Certificate verification was skipped" \ + -c "Protocol is TLSv1.3" \ + -c "NamedGroup: ffdhe2048 ( 100 )" \ + -c "NamedGroup: x448 ( 1e )" \ + -c "Verifying peer X.509 certificate... ok" \ + -s "HRR selected_group: x448" \ + -c "received HelloRetryRequest message" \ + -c "selected_group ( 30 )" diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index 974d513d8..758da1da5 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -25,7 +25,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: all/psk, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -44,7 +44,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: all/psk, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -62,7 +62,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: all/psk, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -80,7 +80,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -99,7 +99,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -117,7 +117,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -135,7 +135,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -154,7 +154,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -172,7 +172,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -190,7 +190,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -209,7 +209,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -227,7 +227,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -245,7 +245,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_ephemeral, fail, no common kex mode" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -263,7 +263,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -283,7 +283,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -302,7 +302,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -321,7 +321,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -341,7 +341,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_all, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -360,7 +360,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -379,7 +379,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -399,7 +399,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -418,7 +418,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -437,7 +437,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -457,7 +457,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -476,7 +476,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -495,7 +495,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/ephemeral_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -515,7 +515,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/ephemeral_all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -534,7 +534,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -553,7 +553,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -574,7 +574,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -595,7 +595,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -615,7 +615,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -635,7 +635,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -656,7 +656,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername wrong_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -676,7 +676,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -696,7 +696,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -717,7 +717,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -736,7 +736,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -756,7 +756,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_or_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -776,7 +776,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: all/psk_or_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -795,7 +795,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -815,7 +815,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATI requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:-ECDHE-PSK:-DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f71 \ localhost" \ @@ -832,8 +832,9 @@ run_test "TLS 1.3: G->m: psk_or_ephemeral/psk_or_ephemeral, fail, key materia requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -846,8 +847,9 @@ run_test "TLS 1.3: G->m: psk_ephemeral group(secp256r1) check, good" \ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP384R1 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -860,8 +862,9 @@ run_test "TLS 1.3: G->m: psk_ephemeral group(secp384r1) check, good" \ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP521R1 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -874,8 +877,9 @@ run_test "TLS 1.3: G->m: psk_ephemeral group(secp521r1) check, good" \ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X25519 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -888,8 +892,9 @@ run_test "TLS 1.3: G->m: psk_ephemeral group(x25519) check, good" \ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3: G->m: psk_ephemeral group(x448) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-X448 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -903,7 +908,7 @@ requires_openssl_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk, fail, no common kex mode" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -919,7 +924,7 @@ requires_openssl_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: O->m: all/psk, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -937,7 +942,7 @@ requires_openssl_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: O->m: all/psk, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -954,7 +959,7 @@ requires_openssl_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -967,11 +972,11 @@ run_test "TLS 1.3: O->m: all/psk, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -985,11 +990,11 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -1002,11 +1007,11 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1019,11 +1024,11 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_ephemeral, fail, key material mism -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1037,11 +1042,11 @@ run_test "TLS 1.3: O->m: all/psk_ephemeral, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -1054,11 +1059,11 @@ run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key id mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1071,12 +1076,12 @@ run_test "TLS 1.3: O->m: all/psk_ephemeral, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1090,12 +1095,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_all, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -1108,12 +1113,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key id mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1126,12 +1131,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_all, fail, key material mismatch" -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1145,12 +1150,12 @@ run_test "TLS 1.3: O->m: all/psk_all, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -1163,12 +1168,12 @@ run_test "TLS 1.3: O->m: all/psk_all, fail, key id mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1181,12 +1186,12 @@ run_test "TLS 1.3: O->m: all/psk_all, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1200,12 +1205,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1218,12 +1223,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, good, key id mismatch, -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1236,12 +1241,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/ephemeral_all, fail, key material mism -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/ephemeral_all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1255,12 +1260,12 @@ run_test "TLS 1.3: O->m: all/ephemeral_all, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1273,12 +1278,12 @@ run_test "TLS 1.3: O->m: all/ephemeral_all, good, key id mismatch, dhe." \ -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=ephemeral_all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1291,13 +1296,13 @@ run_test "TLS 1.3: O->m: all/ephemeral_all, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1311,13 +1316,13 @@ run_test "TLS 1.3: O->m: ephemeral_all/all, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1330,13 +1335,13 @@ run_test "TLS 1.3: O->m: ephemeral_all/all, good, key id mismatch, dhe." \ -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1349,13 +1354,13 @@ run_test "TLS 1.3: O->m: ephemeral_all/all, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/all, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1369,13 +1374,13 @@ run_test "TLS 1.3: O->m: all/all, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity wrong_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1388,13 +1393,13 @@ run_test "TLS 1.3: O->m: all/all, good, key id mismatch, dhe." \ -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1407,12 +1412,12 @@ run_test "TLS 1.3: O->m: all/all, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1426,12 +1431,12 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \ -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1445,12 +1450,12 @@ run_test "TLS 1.3: O->m: all/psk_or_ephemeral, good" \ -S "key exchange mode: psk_ephemeral" \ -s "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk_or_ephemeral debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f71" \ 1 \ @@ -1463,11 +1468,11 @@ run_test "TLS 1.3: O->m: all/psk_or_ephemeral, fail, key material mismatch" \ -S "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups P-256 \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1476,11 +1481,11 @@ run_test "TLS 1.3: O->m: psk_ephemeral group(secp256r1) check, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp384r1 \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1489,11 +1494,11 @@ run_test "TLS 1.3: O->m: psk_ephemeral group(secp384r1) check, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups secp521r1 \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1502,11 +1507,11 @@ run_test "TLS 1.3: O->m: psk_ephemeral group(secp521r1) check, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X25519 \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1515,11 +1520,11 @@ run_test "TLS 1.3: O->m: psk_ephemeral group(x25519) check, good" \ -s "key exchange mode: psk_ephemeral" \ -S "key exchange mode: ephemeral" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -groups X448 \ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 0 \ @@ -1529,10 +1534,10 @@ run_test "TLS 1.3: O->m: psk_ephemeral group(x448) check, good" \ -S "key exchange mode: ephemeral" requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \ "$O_NEXT_CLI_NO_CERT -tls1_3 -msg -allow_no_dhe_kex -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70 -groups P-256:P-384" \ 0 \ -s "write selected_group: secp384r1" \ @@ -1546,8 +1551,9 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3 G->m: psk_ephemeral group(secp256r1->secp384r1) check, good" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef curves=secp384r1" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef groups=secp384r1" \ "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1 --pskusername Client_identity --pskkey 6162636465666768696a6b6c6d6e6f70 localhost" \ 0 \ -s "write selected_group: secp384r1" \ @@ -1566,7 +1572,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: m->m: psk/psk, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1580,7 +1586,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: m->m: psk/psk, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1593,7 +1599,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: m->m: psk/psk, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1607,7 +1613,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/psk_ephemeral, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1621,7 +1627,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/ephemeral, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1636,7 +1642,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/ephemeral_all, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1650,7 +1656,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/psk_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1665,7 +1671,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/psk_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1680,7 +1686,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/psk_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1695,7 +1701,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1711,7 +1717,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1727,7 +1733,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk/all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1742,7 +1748,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1755,7 +1761,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1769,7 +1775,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1783,7 +1789,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1798,7 +1804,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1811,7 +1817,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1827,7 +1833,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1841,7 +1847,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/ephemeral_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c psk=040506 tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1855,7 +1861,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1870,7 +1876,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1885,7 +1891,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/psk_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1900,7 +1906,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1916,7 +1922,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1931,7 +1937,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_ephemeral/all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -1946,7 +1952,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral/psk, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1 \ -s "ClientHello message misses mandatory extensions." @@ -1957,7 +1963,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral/psk_ephemeral, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1 \ -s "ClientHello message misses mandatory extensions." @@ -1967,7 +1973,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral/ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ -c "Selected key exchange mode: ephemeral" \ @@ -1979,7 +1985,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral/ephemeral_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ -c "Selected key exchange mode: ephemeral" \ @@ -1992,7 +1998,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral/psk_all, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 1 \ -s "ClientHello message misses mandatory extensions." @@ -2004,7 +2010,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral/all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ -c "Selected key exchange mode: ephemeral" \ @@ -2018,7 +2024,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2032,7 +2038,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2047,7 +2053,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2061,7 +2067,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2075,7 +2081,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2091,7 +2097,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2106,7 +2112,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all,good,key id mismatch,fallback" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2121,7 +2127,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2136,7 +2142,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2152,7 +2158,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2168,7 +2174,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/psk_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2183,7 +2189,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2199,7 +2205,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/all, good, key id mismatch, fallback" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=ephemeral_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2215,7 +2221,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: ephemeral_all/all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2230,7 +2236,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2245,7 +2251,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2259,7 +2265,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2273,7 +2279,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2288,7 +2294,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2303,7 +2309,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2318,7 +2324,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/ephemeral, fail - no common kex mode" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2332,7 +2338,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/ephemeral_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2348,7 +2354,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2363,7 +2369,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2377,7 +2383,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2392,7 +2398,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2407,7 +2413,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/psk_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2422,7 +2428,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2438,7 +2444,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2453,7 +2459,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: psk_all/all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2469,7 +2475,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2485,7 +2491,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2501,7 +2507,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2516,7 +2522,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk_ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2532,7 +2538,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2548,7 +2554,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk_ephemeral, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2563,7 +2569,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/ephemeral, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2579,7 +2585,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/ephemeral_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2595,7 +2601,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/ephemeral_all, good, key id mismatch, fallback" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2612,7 +2618,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/ephemeral_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2627,7 +2633,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk_all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2643,7 +2649,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk_all, fail, key id mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2659,7 +2665,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/psk_all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2674,7 +2680,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/all, good" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2690,7 +2696,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/all, good, key id mismatch, fallback" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=010203 psk_identity=0d0e0f tls13_kex_modes=all" \ 0 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2706,7 +2712,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->m: all/all, fail, key material mismatch" \ - "$P_SRV nbio=2 debug_level=5 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_SRV nbio=2 debug_level=5 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ "$P_CLI nbio=2 debug_level=5 psk=040506 psk_identity=0a0b0c tls13_kex_modes=all" \ 1 \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2723,7 +2729,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: m->O: psk/all, good" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2751,7 +2757,7 @@ run_test "TLS 1.3: m->O: psk/ephemeral_all, fail - no common kex mode" \ -c "Last error was: -0x7780 - SSL - A fatal alert message was received from our peer" #OPENSSL-SERVER psk_all mode -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2760,7 +2766,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->O: psk_all/all, good" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2770,7 +2776,7 @@ run_test "TLS 1.3: m->O: psk_all/all, good" \ -c "Selected key exchange mode: psk_ephemeral" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2790,7 +2796,7 @@ run_test "TLS 1.3: m->O: psk_all/ephemeral_all, good" \ -c "HTTP/1.0 200 ok" #OPENSSL-SERVER psk_ephemeral mode -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2798,7 +2804,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2808,7 +2814,7 @@ run_test "TLS 1.3: m->O: psk_ephemeral/all, good" \ -c "Selected key exchange mode: psk_ephemeral" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2827,7 +2833,7 @@ run_test "TLS 1.3: m->O: psk_ephemeral/ephemeral_all, good" \ -c "HTTP/1.0 200 ok" #OPENSSL-SERVER ephemeral mode -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2835,12 +2841,12 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: m->O: ephemeral/all, good" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ -c "Selected key exchange mode: ephemeral" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2854,7 +2860,7 @@ run_test "TLS 1.3: m->O: ephemeral/ephemeral_all, good" \ -c "HTTP/1.0 200 ok" #OPENSSL-SERVER ephemeral_all mode -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2863,7 +2869,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->O: ephemeral_all/all, good" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2873,7 +2879,7 @@ run_test "TLS 1.3: m->O: ephemeral_all/all, good" \ -c "<= write client hello" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2893,7 +2899,7 @@ run_test "TLS 1.3: m->O: ephemeral_all/ephemeral_all, good" \ -c "HTTP/1.0 200 ok" #OPENSSL-SERVER all mode -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2903,7 +2909,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->O: all/all, good" \ "$O_NEXT_SRV -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2913,7 +2919,7 @@ run_test "TLS 1.3: m->O: all/all, good" \ -c "<= write client hello" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C @@ -2942,7 +2948,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: m->G: psk/all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2962,7 +2968,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: m->G: psk/ephemeral_all, fail - no common kex mode" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk" \ 1 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -2983,7 +2989,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: psk_all/all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3004,7 +3010,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: psk_all/ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3025,7 +3031,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: psk_ephemeral/all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3045,7 +3051,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: psk_ephemeral/ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk_ephemeral" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3066,7 +3072,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: ephemeral/all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ -c "Selected key exchange mode: ephemeral" \ -c "HTTP/1.0 200 OK" @@ -3079,7 +3085,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: ephemeral/ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral" \ 0 \ -c "Selected key exchange mode: ephemeral" \ -c "HTTP/1.0 200 OK" @@ -3094,7 +3100,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: ephemeral_all/all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3115,7 +3121,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: ephemeral_all/ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=ephemeral_all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3138,7 +3144,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: all/all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ @@ -3160,7 +3166,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: m->G: all/ephemeral_all, good" \ "$G_NEXT_SRV -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK --pskpasswd=data_files/simplepass.psk" \ - "$P_CLI debug_level=4 force_version=tls13 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + "$P_CLI debug_level=4 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ 0 \ -c "=> write client hello" \ -c "client hello, adding pre_shared_key extension, omitting PSK binder list" \ diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index ab45a39ff..cd01355cb 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -26,7 +26,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -45,7 +45,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: PSK: No valid ciphersuite. O->m" \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$O_NEXT_CLI -tls1_3 -msg -allow_no_dhe_kex -ciphersuites TLS_AES_256_GCM_SHA384\ -psk_identity Client_identity -psk 6162636465666768696a6b6c6d6e6f70" \ 1 \ @@ -59,8 +59,8 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Multiple PSKs: valid ticket, reconnect with ticket" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \ - "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8" \ + "$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 2" \ -s "sent selected_identity: 0" \ @@ -73,8 +73,8 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Multiple PSKs: invalid ticket, reconnect with PSK" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \ - "$P_CLI force_version=tls13 tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ + "$P_SRV tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 tickets=8 dummy_ticket=1" \ + "$P_CLI tls13_kex_modes=psk_ephemeral debug_level=5 psk_identity=Client_identity psk=6162636465666768696a6b6c6d6e6f70 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 2" \ -s "sent selected_identity: 1" \ @@ -88,7 +88,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=1" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=1" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -107,7 +107,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=2" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=2" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -126,7 +126,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=3" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=3" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -145,7 +145,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=4" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=4" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -164,7 +164,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too young." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=5" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=5" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -183,7 +183,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SESSION_TICKET MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window, too old." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=8 dummy_ticket=6" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=8 dummy_ticket=6" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -201,7 +201,7 @@ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3: G->m: ephemeral_all/psk, fail, no common kex mode" \ - "$P_SRV force_version=tls13 tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=psk debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:-PSK:+VERS-TLS1.3 \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -221,7 +221,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_ requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: PSK: configured psk only, good." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -239,7 +239,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_ requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: PSK: configured psk_ephemeral only, good." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -257,7 +257,7 @@ requires_all_configs_enabled MBEDTLS_SSL_PROTO_TLS1_3 MBEDTLS_SSL_SRV_C MBEDTLS_ requires_all_configs_disabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: G->m: PSK: configured ephemeral only, good." \ - "$P_SRV force_version=tls13 tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ + "$P_SRV tls13_kex_modes=all debug_level=5 $(get_srv_psk_list)" \ "$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK:+VERS-TLS1.3:+GROUP-ALL \ --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \ localhost" \ @@ -275,14 +275,16 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --earlydata --disable-client-cert" \ "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ - 1 \ + 0 \ -c "Reconnecting with saved session" \ -c "NewSessionTicket: early_data(42) extension received." \ -c "ClientHello: early_data(42) extension exists." \ -c "EncryptedExtensions: early_data(42) extension received." \ -c "EncryptedExtensions: early_data(42) extension exists." \ + -c "<= write EndOfEarlyData" \ -s "Parsing extension 'Early Data/42' (0 bytes)" \ -s "Sending extension Early Data/42 (0 bytes)" \ + -s "END OF EARLY DATA (5) was received." \ -s "early data accepted" requires_gnutls_tls1_3 @@ -315,7 +317,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3, ext PSK, early data" \ "$O_NEXT_SRV_EARLY_DATA -msg -debug -tls1_3 -psk_identity 0a0b0c -psk 010203 -allow_no_dhe_kex -nocert" \ - "$P_CLI debug_level=5 force_version=tls13 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \ + "$P_CLI debug_level=5 tls13_kex_modes=psk early_data=1 psk=010203 psk_identity=0a0b0c" \ 1 \ -c "Reconnecting with saved session" \ -c "NewSessionTicket: early_data(42) extension received." \ @@ -328,7 +330,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/none." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -344,7 +346,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -357,7 +359,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_ephemeral." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -373,7 +375,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ "$P_CLI debug_level=4 tls13_kex_modes=psk_or_ephemeral reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -386,7 +388,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/none." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -402,7 +404,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -418,7 +420,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_ephemeral." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -431,7 +433,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_all." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ "$P_CLI debug_level=4 tls13_kex_modes=ephemeral_all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -445,7 +447,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/none." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=7" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=7" \ "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -462,7 +464,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=8" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=8" \ "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -476,7 +478,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_ephemeral." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=9" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=9" \ "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ @@ -490,7 +492,7 @@ requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 dummy_ticket=10" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key dummy_ticket=10" \ "$P_CLI debug_level=4 tls13_kex_modes=all reconnect=1" \ 0 \ -c "Pre-configured PSK number = 1" \ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6b11346d1..19f927d69 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -123,25 +123,40 @@ set -e -o pipefail -u # Enable ksh/bash extended file matching patterns shopt -s extglob +in_mbedtls_repo () { + test -d include -a -d library -a -d programs -a -d tests +} + +in_tf_psa_crypto_repo () { + test -d include -a -d core -a -d drivers -a -d programs -a -d tests +} + pre_check_environment () { - if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + if in_mbedtls_repo || in_tf_psa_crypto_repo; then :; else + echo "Must be run from Mbed TLS / TF-PSA-Crypto root" >&2 exit 1 fi } pre_initialize_variables () { - CONFIG_H='include/mbedtls/mbedtls_config.h' + if in_mbedtls_repo; then + CONFIG_H='include/mbedtls/mbedtls_config.h' + else + CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' + fi CRYPTO_CONFIG_H='include/psa/crypto_config.h' + CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' # Files that are clobbered by some jobs will be backed up. Use a different # suffix from auxiliary scripts so that all.sh and auxiliary scripts can # independently decide when to remove the backup file. backup_suffix='.all.bak' # Files clobbered by config.py - files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H" - # Files clobbered by in-tree cmake - files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" + files_to_back_up="$CONFIG_H $CRYPTO_CONFIG_H $CONFIG_TEST_DRIVER_H" + if in_mbedtls_repo; then + # Files clobbered by in-tree cmake + files_to_back_up="$files_to_back_up Makefile library/Makefile programs/Makefile tests/Makefile programs/fuzz/Makefile" + fi append_outcome=0 MEMORY=0 @@ -175,7 +190,10 @@ pre_initialize_variables () { : ${ARMC6_BIN_DIR:=/usr/bin} : ${ARM_NONE_EABI_GCC_PREFIX:=arm-none-eabi-} : ${ARM_LINUX_GNUEABI_GCC_PREFIX:=arm-linux-gnueabi-} - + : ${CLANG_LATEST:="clang-latest"} + : ${CLANG_EARLIEST:="clang-earliest"} + : ${GCC_LATEST:="gcc-latest"} + : ${GCC_EARLIEST:="gcc-earliest"} # if MAKEFLAGS is not set add the -j option to speed up invocations of make if [ -z "${MAKEFLAGS+set}" ]; then export MAKEFLAGS="-j$(all_sh_nproc)" @@ -188,11 +206,13 @@ pre_initialize_variables () { # default to -O2, use -Ox _after_ this if you want another level ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + # Platform tests have an allocation that returns null + export ASAN_OPTIONS="allocator_may_return_null=1" + export MSAN_OPTIONS="allocator_may_return_null=1" + # Gather the list of available components. These are the functions # defined in this script whose name starts with "component_". - # Parse the script with sed. This way we get the functions in the order - # they are defined. - ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0") + ALL_COMPONENTS=$(compgen -A function component_ | sed 's/component_//') # Exclude components that are not supported on this platform. SUPPORTED_COMPONENTS= @@ -274,6 +294,10 @@ General options: Tool path options: --armc5-bin-dir= ARM Compiler 5 bin directory. --armc6-bin-dir= ARM Compiler 6 bin directory. + --clang-earliest= Earliest version of clang available + --clang-latest= Latest version of clang available + --gcc-earliest= Earliest version of GCC available + --gcc-latest= Latest version of GCC available --gnutls-cli= GnuTLS client executable to use for most tests. --gnutls-serv= GnuTLS server executable to use for most tests. --gnutls-legacy-cli= GnuTLS client executable to use for legacy tests. @@ -289,7 +313,9 @@ EOF # Does not remove generated source files. cleanup() { - command make clean + if in_mbedtls_repo; then + command make clean + fi # Remove CMake artefacts find . -name .git -prune -o \ @@ -387,7 +413,7 @@ armc6_build_test() msg "build: ARM Compiler 6 ($FLAGS)" ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ - WARNING_CFLAGS='-xc -std=c99' make lib + WARNING_CFLAGS='-Werror -xc -std=c99' make lib msg "size: ARM Compiler 6 ($FLAGS)" "$ARMC6_FROMELF" -z library/*.o @@ -402,14 +428,26 @@ err_msg() check_tools() { - for TOOL in "$@"; do - if ! `type "$TOOL" >/dev/null 2>&1`; then - err_msg "$TOOL not found!" + for tool in "$@"; do + if ! `type "$tool" >/dev/null 2>&1`; then + err_msg "$tool not found!" exit 1 fi done } +pre_parse_command_line_for_dirs () { + # Make an early pass through the options given, so we can set directories + # for Arm compilers, before SUPPORTED_COMPONENTS is determined. + while [ $# -gt 0 ]; do + case "$1" in + --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; + --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; + esac + shift + done +} + pre_parse_command_line () { COMMAND_LINE_COMPONENTS= all_except=0 @@ -426,11 +464,15 @@ pre_parse_command_line () { --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";; --armcc) no_armcc=;; - --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; - --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; + --armc5-bin-dir) shift; ;; # assignment to ARMC5_BIN_DIR done in pre_parse_command_line_for_dirs + --armc6-bin-dir) shift; ;; # assignment to ARMC6_BIN_DIR done in pre_parse_command_line_for_dirs + --clang-earliest) shift; CLANG_EARLIEST="$1";; + --clang-latest) shift; CLANG_LATEST="$1";; --error-test) error_test=$((error_test + 1));; --except) all_except=1;; --force|-f) FORCE=1;; + --gcc-earliest) shift; GCC_EARLIEST="$1";; + --gcc-latest) shift; GCC_LATEST="$1";; --gnutls-cli) shift; GNUTLS_CLI="$1";; --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; @@ -529,8 +571,8 @@ pre_check_git () { exit 1 fi - if ! git diff --quiet include/mbedtls/mbedtls_config.h; then - err_msg "Warning - the configuration file 'include/mbedtls/mbedtls_config.h' has been edited. " + if ! git diff --quiet "$CONFIG_H"; then + err_msg "Warning - the configuration file '$CONFIG_H' has been edited. " echo "You can either delete or preserve your work, or force the test by rerunning the" echo "script as: $0 --force" exit 1 @@ -794,7 +836,142 @@ pre_generate_files() { fi } +################################################################ +#### Helpers for components using libtestdriver1 +################################################################ +# How to use libtestdriver1 +# ------------------------- +# +# 1. Define the list algorithms and key types to accelerate, +# designated the same way as PSA_WANT_ macros but without PSA_WANT_. +# Examples: +# - loc_accel_list="ALG_JPAKE" +# - loc_accel_list="ALG_FFDH KEY_TYPE_DH_KEY_PAIR KEY_TYPE_DH_PUBLIC_KEY" +# 2. Make configurations changes for the driver and/or main libraries. +# 2a. Call helper_libtestdriver1_adjust_config , where the argument +# can be either "default" to start with the default config, or a name +# supported by scripts/config.py (for example, "full"). This selects +# the base to use, and makes common adjustments. +# 2b. If desired, adjust the PSA_WANT symbols in psa/crypto_config.h. +# These changes affect both the driver and the main libraries. +# (Note: they need to have the same set of PSA_WANT symbols, as that +# determines the ABI between them.) +# 2c. Adjust MBEDTLS_ symbols in mbedtls_config.h. This only affects the +# main libraries. Typically, you want to disable the module(s) that are +# being accelerated. You may need to also disable modules that depend +# on them or options that are not supported with drivers. +# 2d. On top of psa/crypto_config.h, the driver library uses its own config +# file: tests/include/test/drivers/config_test_driver.h. You usually +# don't need to edit it: using loc_extra_list (see below) is preferred. +# However, when there's no PSA symbol for what you want to enable, +# calling scripts/config.py on this file remains the only option. +# 3. Build the driver library, then the main libraries, test, and programs. +# 3a. Call helper_libtestdriver1_make_drivers "$loc_accel_list". You may +# need to enable more algorithms here, typically hash algorithms when +# accelerating some signature algorithms (ECDSA, RSAv2). This is done +# by passing a 2nd argument listing the extra algorithms. +# Example: +# loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" +# helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" +# 4b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any +# additional arguments will be passed to make: this can be useful if +# you don't want to build everything when iterating during development. +# Example: +# helper_libtestdriver1_make_main "$loc_accel_list" -C tests test_suite_foo +# 4. Run the tests you want. + +# Adjust the configuration - for both libtestdriver1 and main library, +# as they should have the same PSA_WANT macros. +helper_libtestdriver1_adjust_config() { + base_config=$1 + # Select the base configuration + if [ "$base_config" != "default" ]; then + scripts/config.py "$base_config" + fi + + # Enable PSA-based config (necessary to use drivers) + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + + # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having + # partial support for cipher operations in the driver test library. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + + # Dynamic secure element support is a deprecated feature and needs to be disabled here. + # This is done to have the same form of psa_key_attributes_s for libdriver and library. + scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C +} + +# When called with no parameter this function disables all builtin curves. +# The function optionally accepts 1 parameter: a space-separated list of the +# curves that should be kept enabled. +helper_disable_builtin_curves() { + allowed_list="${1:-}" + scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" + + for curve in $allowed_list; do + scripts/config.py set $curve + done +} + +# Helper returning the list of supported elliptic curves from CRYPTO_CONFIG_H, +# without the "PSA_WANT_" prefix. This becomes handy for accelerating curves +# in the following helpers. +helper_get_psa_curve_list () { + loc_list="" + for item in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + loc_list="$loc_list $item" + done + + echo "$loc_list" +} + +# Get the list of uncommented PSA_WANT_KEY_TYPE_xxx_ from CRYPTO_CONFIG_H. This +# is useful to easily get a list of key type symbols to accelerate. +# The function accepts a single argument which is the key type: ECC, DH, RSA. +helper_get_psa_key_type_list() { + key_type="$1" + loc_list="" + for item in $(sed -n "s/^#define PSA_WANT_\(KEY_TYPE_${key_type}_[0-9A-Z_a-z]*\).*/\1/p" <"$CRYPTO_CONFIG_H"); do + # Skip DERIVE for elliptic keys since there is no driver dispatch for + # it so it cannot be accelerated. + if [ "$item" != "KEY_TYPE_ECC_KEY_PAIR_DERIVE" ]; then + loc_list="$loc_list $item" + fi + done + + echo "$loc_list" +} + +# Build the drivers library libtestdriver1.a (with ASan). +# +# Parameters: +# 1. a space-separated list of things to accelerate; +# 2. optional: a space-separate list of things to also support. +# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. +helper_libtestdriver1_make_drivers() { + loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" +} + +# Build the main libraries, programs and tests, +# linking to the drivers library (with ASan). +# +# Parameters: +# 1. a space-separated list of things to accelerate; +# *. remaining arguments if any are passed directly to make +# (examples: lib, -C tests test_suite_xxx, etc.) +# Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. +helper_libtestdriver1_make_main() { + loc_accel_list=$1 + shift + + # we need flags both with and without the LIBTESTDRIVER1_ prefix + loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) + loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" + make CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" +} ################################################################ #### Basic checks @@ -919,6 +1096,28 @@ component_test_default_cmake_gcc_asan () { tests/context-info.sh } +component_test_default_cmake_gcc_asan_new_bignum () { + msg "build: cmake, gcc, ASan" # ~ 1 min 50s + scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + + msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s + make test + + msg "test: selftest (ASan build)" # ~ 10s + programs/test/selftest + + msg "test: ssl-opt.sh (ASan build)" # ~ 1 min + tests/ssl-opt.sh + + msg "test: compat.sh (ASan build)" # ~ 6 min + tests/compat.sh + + msg "test: context-info.sh (ASan build)" # ~ 15 sec + tests/context-info.sh +} + component_test_full_cmake_gcc_asan () { msg "build: full config, cmake, gcc, ASan" scripts/config.py full @@ -939,19 +1138,30 @@ component_test_full_cmake_gcc_asan () { msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec tests/context-info.sh +} - msg "test: check direct ECP dependencies in TLS and X.509" - docs/architecture/psa-migration/syms.sh full - # TODO: replace "mbedtls_ecp_curve" with "mbedtls_ecp" also for - # "full-tls-external" once Issue6839 is completed - not grep mbedtls_ecp_curve full-tls-external - not grep mbedtls_ecp full-x509-external +component_test_full_cmake_gcc_asan_new_bignum () { + msg "build: full config, cmake, gcc, ASan" + scripts/config.py full + scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make - rm full-tls-external \ - full-tls-modules \ - full-x509-external \ - full-x509-modules + msg "test: main suites (inc. selftests) (full config, ASan build)" + make test + + msg "test: selftest (ASan build)" # ~ 10s + programs/test/selftest + + msg "test: ssl-opt.sh (full config, ASan build)" + tests/ssl-opt.sh + + msg "test: compat.sh (full config, ASan build)" + tests/compat.sh + + msg "test: context-info.sh (full config, ASan build)" # ~ 15 sec + tests/context-info.sh } component_test_psa_crypto_key_id_encodes_owner () { @@ -1218,19 +1428,71 @@ component_test_psa_external_rng_no_drbg_use_psa () { tests/ssl-opt.sh -f 'Default\|opaque' } -component_test_crypto_full_no_md () { - msg "build: crypto_full minus MD" +component_test_psa_external_rng_use_psa_crypto () { + msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" + scripts/config.py full + scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG + scripts/config.py set MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_CTR_DRBG_C + make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + + msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" + make test + + msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" + tests/ssl-opt.sh -f 'Default\|opaque' +} + +component_test_psa_inject_entropy () { + msg "build: full + MBEDTLS_PSA_INJECT_ENTROPY" + scripts/config.py full + scripts/config.py set MBEDTLS_PSA_INJECT_ENTROPY + scripts/config.py set MBEDTLS_ENTROPY_NV_SEED + scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES + scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT + scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ + scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE + make CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" + + msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" + make test +} + +component_test_sw_inet_pton () { + msg "build: default plus MBEDTLS_TEST_SW_INET_PTON" + + # MBEDTLS_TEST_HOOKS required for x509_crt_parse_cn_inet_pton + scripts/config.py set MBEDTLS_TEST_HOOKS + make CFLAGS="-DMBEDTLS_TEST_SW_INET_PTON" + + msg "test: default plus MBEDTLS_TEST_SW_INET_PTON" + make test +} + +component_test_crypto_full_md_light_only () { + msg "build: crypto_full with only the light subset of MD" scripts/config.py crypto_full + scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG + # Disable MD scripts/config.py unset MBEDTLS_MD_C - # Direct dependencies + # Disable direct dependencies of MD_C scripts/config.py unset MBEDTLS_HKDF_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_PKCS7_C - # Indirect dependencies - scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC - make + # Disable indirect dependencies of MD_C + scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # needs HMAC_DRBG + # Disable things that would auto-enable MD_C + scripts/config.py unset MBEDTLS_PKCS5_C - msg "test: crypto_full minus MD" + # Note: MD-light is auto-enabled in build_info.h by modules that need it, + # which we haven't disabled, so no need to explicitly enable it. + make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + # Make sure we don't have the HMAC functions, but the hashing functions + not grep mbedtls_md_hmac library/md.o + grep mbedtls_md library/md.o + + msg "test: crypto_full with only the light subset of MD" make test } @@ -1238,6 +1500,9 @@ component_test_full_no_cipher () { msg "build: full minus CIPHER" scripts/config.py full scripts/config.py unset MBEDTLS_CIPHER_C + # Don't pull in cipher via PSA mechanisms + # (currently ignored anyway because we completely disable PSA) + scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG # Direct dependencies scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CMAC_C @@ -1266,30 +1531,6 @@ component_test_full_no_cipher () { make test } -component_test_crypto_full_no_cipher () { - msg "build: crypto_full minus CIPHER" - scripts/config.py crypto_full - scripts/config.py unset MBEDTLS_CIPHER_C - # Direct dependencies - scripts/config.py unset MBEDTLS_CCM_C - scripts/config.py unset MBEDTLS_CMAC_C - scripts/config.py unset MBEDTLS_GCM_C - scripts/config.py unset MBEDTLS_NIST_KW_C - scripts/config.py unset MBEDTLS_PKCS12_C - scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PSA_CRYPTO_C - # Indirect dependencies - scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C - scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_LMS_C - scripts/config.py unset MBEDTLS_LMS_PRIVATE - make - - msg "test: crypto_full minus CIPHER" - make test -} - component_test_full_no_bignum () { msg "build: full minus bignum" scripts/config.py full @@ -1303,6 +1544,9 @@ component_test_full_no_bignum () { scripts/config.py unset MBEDTLS_ECDSA_C scripts/config.py unset MBEDTLS_ECJPAKE_C scripts/config.py unset MBEDTLS_ECP_RESTARTABLE + # Disable what auto-enables ECP_LIGHT + scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED + scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED # Indirect dependencies of ECP scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED @@ -1505,6 +1749,9 @@ component_test_tls1_2_default_cbc_legacy_cbc_etm_cipher_only_use_psa () { component_test_tls1_2_ecjpake_compatibility() { msg "build: TLS1.2 server+client w/ EC-JPAKE w/o USE_PSA" scripts/config.py set MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + # Explicitly make lib first to avoid a race condition: + # https://github.com/Mbed-TLS/mbedtls/issues/8229 + make lib make -C programs ssl/ssl_server2 ssl/ssl_client2 cp programs/ssl/ssl_server2 s2_no_use_psa cp programs/ssl/ssl_client2 c2_no_use_psa @@ -1512,6 +1759,7 @@ component_test_tls1_2_ecjpake_compatibility() { msg "build: TLS1.2 server+client w/ EC-JPAKE w/ USE_PSA" scripts/config.py set MBEDTLS_USE_PSA_CRYPTO make clean + make lib make -C programs ssl/ssl_server2 ssl/ssl_client2 make -C programs test/udp_proxy test/query_compile_time_config @@ -1527,21 +1775,6 @@ component_test_tls1_2_ecjpake_compatibility() { rm s2_no_use_psa c2_no_use_psa } -component_test_psa_external_rng_use_psa_crypto () { - msg "build: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_CTR_DRBG_C - make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" - - msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" - make test - - msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" - tests/ssl-opt.sh -f 'Default\|opaque' -} - component_test_everest () { msg "build: Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED @@ -1567,9 +1800,7 @@ component_test_everest_curve25519_only () { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED scripts/config.py unset MBEDTLS_ECJPAKE_C # Disable all curves - for c in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do - scripts/config.py unset "$c" - done + scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" @@ -1665,6 +1896,16 @@ skip_suites_without_constant_flow () { export SKIP_TEST_SUITES } +skip_all_except_given_suite () { + # Skip all but the given test suite + SKIP_TEST_SUITES=$( + ls -1 tests/suites/test_suite_*.function | + grep -v $1.function | + sed 's/tests.suites.test_suite_//; s/\.function$//' | + tr '\n' ,) + export SKIP_TEST_SUITES +} + component_test_memsan_constant_flow () { # This tests both (1) accesses to undefined memory, and (2) branches or # memory access depending on secret values. To distinguish between those: @@ -1724,6 +1965,16 @@ component_test_valgrind_constant_flow () { # details are left in Testing//DynamicAnalysis.xml msg "test: some suites (full minus MBEDTLS_USE_PSA_CRYPTO, valgrind + constant flow)" make memcheck + + # Test asm path in constant time module - by default, it will test the plain C + # path under Valgrind or Memsan. Running only the constant_time tests is fast (<1s) + msg "test: valgrind asm constant_time" + scripts/config.py --force set MBEDTLS_TEST_CONSTANT_FLOW_ASM + skip_all_except_given_suite test_suite_constant_time + cmake -D CMAKE_BUILD_TYPE:String=Release . + make clean + make + make memcheck } component_test_valgrind_constant_flow_psa () { @@ -1767,6 +2018,9 @@ component_test_full_no_deprecated () { msg "test: make, full_no_deprecated config" # ~ 5s make test + + msg "test: ensure that X509 has no direct dependency on BIGNUM_C" + not grep mbedtls_mpi library/libmbedx509.a } component_test_full_no_deprecated_deprecated_warning () { @@ -1948,6 +2202,18 @@ component_test_depends_py_pkalgs_psa () { tests/scripts/depends.py pkalgs } +component_build_no_pk_rsa_alt_support () { + msg "build: !MBEDTLS_PK_RSA_ALT_SUPPORT" # ~30s + + scripts/config.py full + scripts/config.py unset MBEDTLS_PK_RSA_ALT_SUPPORT + scripts/config.py set MBEDTLS_RSA_C + scripts/config.py set MBEDTLS_X509_CRT_WRITE_C + + # Only compile - this is primarily to test for compile issues + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' +} + component_build_module_alt () { msg "build: MBEDTLS_XXX_ALT" # ~30s scripts/config.py full @@ -1956,6 +2222,7 @@ component_build_module_alt () { # aesni.c and padlock.c reference mbedtls_aes_context fields directly. scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AESCE_C # MBEDTLS_ECP_RESTARTABLE is documented as incompatible. scripts/config.py unset MBEDTLS_ECP_RESTARTABLE # You can only have one threading implementation: alt or pthread, not both. @@ -2026,91 +2293,988 @@ component_test_no_use_psa_crypto_full_cmake_asan() { } component_test_psa_crypto_config_accel_ecdsa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" + msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + $(helper_get_psa_key_type_list "ECC")" - # These hashes are needed for some ECDSA signature tests. - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C + # Note: Those are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" - loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + # Configure + # --------- - # Restore test driver base configuration - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA384_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C + # Start from default config (no USE_PSA) + TLS 1.3 + helper_libtestdriver1_adjust_config "default" + scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + # Disable the module that's accelerated scripts/config.py unset MBEDTLS_ECDSA_C + + # Disable things that depend on it scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + # Build + # ----- + # These hashes are needed for some ECDSA signature tests. + loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o + # Run the tests + # ------------- + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA" make test } component_test_psa_crypto_config_accel_ecdh () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" + msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDH \ + $(helper_get_psa_key_type_list "ECC")" - loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + # Note: Those are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + # Configure + # --------- + + # Start from default config (no TLS 1.3, no USE_PSA) + helper_libtestdriver1_adjust_config "default" + + # Disable the module that's accelerated scripts/config.py unset MBEDTLS_ECDH_C + + # Disable things that depend on it scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + # Build + # ----- + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_ecdh_ library/ecdh.o + # Run the tests + # ------------- + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH" make test } +component_test_psa_crypto_config_accel_ffdh () { + msg "build: full with accelerated FFDH" + + # Algorithms and key types to accelerate + loc_accel_list="ALG_FFDH \ + $(helper_get_psa_key_type_list "DH")" + + # Configure + # --------- + + # start with full (USE_PSA and TLS 1.3) + helper_libtestdriver1_adjust_config "full" + + # Disable the module that's accelerated + scripts/config.py unset MBEDTLS_DHM_C + + # Disable things that depend on it + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + + # Build + # ----- + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure this was not re-enabled by accident (additive config) + not grep mbedtls_dhm_ library/dhm.o + + # Run the tests + # ------------- + + msg "test: full with accelerated FFDH" + make test + + msg "ssl-opt: full with accelerated FFDH alg" + tests/ssl-opt.sh -f "ffdh" +} + +component_test_psa_crypto_config_reference_ffdh () { + msg "build: full with non-accelerated FFDH" + + # Start with full (USE_PSA and TLS 1.3) + helper_libtestdriver1_adjust_config "full" + + # Disable things that are not supported + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + make + + msg "test suites: full with non-accelerated FFDH alg" + make test + + msg "ssl-opt: full with non-accelerated FFDH alg" + tests/ssl-opt.sh -f "ffdh" +} + +component_test_psa_crypto_config_accel_pake() { + msg "build: full with accelerated PAKE" + + loc_accel_list="ALG_JPAKE \ + $(helper_get_psa_key_type_list "ECC")" + + # Note: Those are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" + + # Configure + # --------- + + helper_libtestdriver1_adjust_config "full" + + # Make built-in fallback not available + scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED + + # Build + # ----- + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # Make sure this was not re-enabled by accident (additive config) + not grep mbedtls_ecjpake_init library/ecjpake.o + + # Run the tests + # ------------- + + msg "test: full with accelerated PAKE" + make test +} + +component_test_psa_crypto_config_accel_ecc_some_key_types () { + msg "build: full with accelerated EC algs and some key types" + + # Algorithms and key types to accelerate + # For key types, use an explicitly list to omit GENERATE (and DERIVE) + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + KEY_TYPE_ECC_PUBLIC_KEY \ + KEY_TYPE_ECC_KEY_PAIR_BASIC \ + KEY_TYPE_ECC_KEY_PAIR_IMPORT \ + KEY_TYPE_ECC_KEY_PAIR_EXPORT" + + # Note: Curves are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" + + # Configure + # --------- + + # start with config full for maximum coverage (also enables USE_PSA) + helper_libtestdriver1_adjust_config "full" + + # Disable modules that are accelerated - some will be re-enabled + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_ECP_C + + # Disable all curves - those that aren't accelerated should be re-enabled + helper_disable_builtin_curves + + # Restartable feature is not yet supported by PSA. Once it will in + # the future, the following line could be removed (see issues + # 6061, 6332 and following ones) + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE + + # this is not supported by the driver API yet + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + + # Build + # ----- + + # These hashes are needed for some ECDSA signature tests. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # ECP should be re-enabled but not the others + not grep mbedtls_ecdh_ library/ecdh.o + not grep mbedtls_ecdsa library/ecdsa.o + not grep mbedtls_ecjpake library/ecjpake.o + grep mbedtls_ecp library/ecp.o + + # Run the tests + # ------------- + + msg "test suites: full with accelerated EC algs and some key types" + make test +} + +# Run tests with only (non-)Weierstrass accelerated +# Common code used in: +# - component_test_psa_crypto_config_accel_ecc_weierstrass_curves +# - component_test_psa_crypto_config_accel_ecc_non_weierstrass_curves +common_test_psa_crypto_config_accel_ecc_some_curves () { + weierstrass=$1 + if [ $weierstrass -eq 1 ]; then + desc="Weierstrass" + else + desc="non-Weierstrass" + fi + + msg "build: crypto_full minus PK with accelerated EC algs and $desc curves" + + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + $(helper_get_psa_key_type_list "ECC")" + + # Note: Curves are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + # Note: the following loop is a modified version of + # helper_get_psa_curve_list that only keeps Weierstrass families. + loc_weierstrass_list="" + loc_non_weierstrass_list="" + for item in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + case $item in + ECC_BRAINPOOL*|ECC_SECP*) + loc_weierstrass_list="$loc_weierstrass_list $item" + ;; + *) + loc_non_weierstrass_list="$loc_non_weierstrass_list $item" + ;; + esac + done + if [ $weierstrass -eq 1 ]; then + loc_curve_list=$loc_weierstrass_list + else + loc_curve_list=$loc_non_weierstrass_list + fi + + # Configure + # --------- + + # Start with config crypto_full and remove PK_C: + # that's what's supported now, see docs/driver-only-builds.md. + helper_libtestdriver1_adjust_config "crypto_full" + scripts/config.py unset MBEDTLS_PK_C + scripts/config.py unset MBEDTLS_PK_PARSE_C + scripts/config.py unset MBEDTLS_PK_WRITE_C + # We need to disable RSA too or PK will be re-enabled. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + + # Disable modules that are accelerated - some will be re-enabled + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_ECP_C + + # Disable all curves - those that aren't accelerated should be re-enabled + helper_disable_builtin_curves + + # Restartable feature is not yet supported by PSA. Once it will in + # the future, the following line could be removed (see issues + # 6061, 6332 and following ones) + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE + + # this is not supported by the driver API yet + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + + # Build + # ----- + + # These hashes are needed for some ECDSA signature tests. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # We expect ECDH to be re-enabled for the missing curves + grep mbedtls_ecdh_ library/ecdh.o + # We expect ECP to be re-enabled, however the parts specific to the + # families of curves that are accelerated should be ommited. + # - functions with mxz in the name are specific to Montgomery curves + # - ecp_muladd is specific to Weierstrass curves + ##nm library/ecp.o | tee ecp.syms + if [ $weierstrass -eq 1 ]; then + not grep mbedtls_ecp_muladd library/ecp.o + grep mxz library/ecp.o + else + grep mbedtls_ecp_muladd library/ecp.o + not grep mxz library/ecp.o + fi + # We expect ECDSA and ECJPAKE to be re-enabled only when + # Weierstrass curves are not accelerated + if [ $weierstrass -eq 1 ]; then + not grep mbedtls_ecdsa library/ecdsa.o + not grep mbedtls_ecjpake library/ecjpake.o + else + grep mbedtls_ecdsa library/ecdsa.o + grep mbedtls_ecjpake library/ecjpake.o + fi + + # Run the tests + # ------------- + + msg "test suites: crypto_full minus PK with accelerated EC algs and $desc curves" + make test +} + +component_test_psa_crypto_config_accel_ecc_weierstrass_curves () { + common_test_psa_crypto_config_accel_ecc_some_curves 1 +} + +component_test_psa_crypto_config_accel_ecc_non_weierstrass_curves () { + common_test_psa_crypto_config_accel_ecc_some_curves 0 +} + +# Auxiliary function to build config for all EC based algorithms (EC-JPAKE, +# ECDH, ECDSA) with and without drivers. +# The input parameter is a boolean value which indicates: +# - 0 keep built-in EC algs, +# - 1 exclude built-in EC algs (driver only). +# +# This is used by the two following components to ensure they always use the +# same config, except for the use of driver or built-in EC algorithms: +# - component_test_psa_crypto_config_accel_ecc_ecp_light_only; +# - component_test_psa_crypto_config_reference_ecc_ecp_light_only. +# This supports comparing their test coverage with analyze_outcomes.py. +config_psa_crypto_config_ecp_light_only () { + driver_only="$1" + # start with config full for maximum coverage (also enables USE_PSA) + helper_libtestdriver1_adjust_config "full" + if [ "$driver_only" -eq 1 ]; then + # Disable modules that are accelerated + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + scripts/config.py unset MBEDTLS_ECP_C + fi + + # Restartable feature is not yet supported by PSA. Once it will in + # the future, the following line could be removed (see issues + # 6061, 6332 and following ones) + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE +} + +# Keep in sync with component_test_psa_crypto_config_reference_ecc_ecp_light_only +component_test_psa_crypto_config_accel_ecc_ecp_light_only () { + msg "build: full with accelerated EC algs" + + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + $(helper_get_psa_key_type_list "ECC")" + + # Note: Those are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" + + # Configure + # --------- + + # Use the same config as reference, only without built-in EC algs + config_psa_crypto_config_ecp_light_only 1 + + # Do not disable builtin curves because that support is required for: + # - MBEDTLS_PK_PARSE_EC_EXTENDED + # - MBEDTLS_PK_PARSE_EC_COMPRESSED + + # Build + # ----- + + # These hashes are needed for some ECDSA signature tests. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # Make sure any built-in EC alg was not re-enabled by accident (additive config) + not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdh_ library/ecdh.o + not grep mbedtls_ecjpake_ library/ecjpake.o + not grep mbedtls_ecp_mul library/ecp.o + + # Run the tests + # ------------- + + msg "test suites: full with accelerated EC algs" + make test + + msg "ssl-opt: full with accelerated EC algs" + tests/ssl-opt.sh +} + +# Keep in sync with component_test_psa_crypto_config_accel_ecc_ecp_light_only +component_test_psa_crypto_config_reference_ecc_ecp_light_only () { + msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with non-accelerated EC algs" + + config_psa_crypto_config_ecp_light_only 0 + + make + + msg "test suites: full with non-accelerated EC algs" + make test + + msg "ssl-opt: full with non-accelerated EC algs" + tests/ssl-opt.sh +} + +# This helper function is used by: +# - component_test_psa_crypto_config_accel_ecc_no_ecp_at_all() +# - component_test_psa_crypto_config_reference_ecc_no_ecp_at_all() +# to ensure that both tests use the same underlying configuration when testing +# driver's coverage with analyze_outcomes.py. +# +# This functions accepts 1 boolean parameter as follows: +# - 1: building with accelerated EC algorithms (ECDSA, ECDH, ECJPAKE), therefore +# excluding their built-in implementation as well as ECP_C & ECP_LIGHT +# - 0: include built-in implementation of EC algorithms. +# +# PK_C and RSA_C are always disabled to ensure there is no remaining dependency +# on the ECP module. +config_psa_crypto_no_ecp_at_all () { + driver_only="$1" + # start with full config for maximum coverage (also enables USE_PSA) + helper_libtestdriver1_adjust_config "full" + + if [ "$driver_only" -eq 1 ]; then + # Disable modules that are accelerated + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + # Disable ECP module (entirely) + scripts/config.py unset MBEDTLS_ECP_C + fi + + # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) + scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED + scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + + # Restartable feature is not yet supported by PSA. Once it will in + # the future, the following line could be removed (see issues + # 6061, 6332 and following ones) + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE +} + +# Build and test a configuration where driver accelerates all EC algs while +# all support and dependencies from ECP and ECP_LIGHT are removed on the library +# side. +# +# Keep in sync with component_test_psa_crypto_config_reference_ecc_no_ecp_at_all() +component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () { + msg "build: full + accelerated EC algs - ECP" + + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + $(helper_get_psa_key_type_list "ECC")" + + # Note: Those are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" + + # Configure + # --------- + + # Set common configurations between library's and driver's builds + config_psa_crypto_no_ecp_at_all 1 + # Disable all the builtin curves. All the required algs are accelerated. + helper_disable_builtin_curves + + # Build + # ----- + + # Things we wanted supported in libtestdriver1, but not accelerated in the main library: + # SHA-1 and all SHA-2/3 variants, as they are used by ECDSA deterministic. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # Make sure any built-in EC alg was not re-enabled by accident (additive config) + not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdh_ library/ecdh.o + not grep mbedtls_ecjpake_ library/ecjpake.o + # Also ensure that ECP module was not re-enabled + not grep mbedtls_ecp_ library/ecp.o + + # Run the tests + # ------------- + + msg "test: full + accelerated EC algs - ECP" + make test + + msg "ssl-opt: full + accelerated EC algs - ECP" + tests/ssl-opt.sh +} + +# Reference function used for driver's coverage analysis in analyze_outcomes.py +# in conjunction with component_test_psa_crypto_config_accel_ecc_no_ecp_at_all(). +# Keep in sync with its accelerated counterpart. +component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { + msg "build: full + non accelerated EC algs" + + config_psa_crypto_no_ecp_at_all 0 + + make + + msg "test: full + non accelerated EC algs" + make test + + msg "ssl-opt: full + non accelerated EC algs" + tests/ssl-opt.sh +} + +# This is a common configuration helper used directly from: +# - common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum +# - common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum +# and indirectly from: +# - component_test_psa_crypto_config_accel_ecc_no_bignum +# - accelerate all EC algs, disable RSA and FFDH +# - component_test_psa_crypto_config_reference_ecc_no_bignum +# - this is the reference component of the above +# - it still disables RSA and FFDH, but it uses builtin EC algs +# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum +# - accelerate all EC and FFDH algs, disable only RSA +# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum +# - this is the reference component of the above +# - it still disables RSA, but it uses builtin EC and FFDH algs +# +# This function accepts 2 parameters: +# $1: a boolean value which states if we are testing an accelerated scenario +# or not. +# $2: a string value which states which components are tested. Allowed values +# are "ECC" or "ECC_DH". +config_psa_crypto_config_accel_ecc_ffdh_no_bignum() { + driver_only="$1" + test_target="$2" + # start with full config for maximum coverage (also enables USE_PSA) + helper_libtestdriver1_adjust_config "full" + + if [ "$driver_only" -eq 1 ]; then + # Disable modules that are accelerated + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_ECJPAKE_C + # Disable ECP module (entirely) + scripts/config.py unset MBEDTLS_ECP_C + # Also disable bignum + scripts/config.py unset MBEDTLS_BIGNUM_C + fi + + # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) + scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED + scripts/config.py unset MBEDTLS_PK_PARSE_EC_COMPRESSED + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + + # RSA support is intentionally disabled on this test because RSA_C depends + # on BIGNUM_C. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + # Also disable key exchanges that depend on RSA + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + + if [ "$test_target" = "ECC" ]; then + # When testing ECC only, we disable FFDH support, both from builtin and + # PSA sides, and also disable the key exchanges that depend on DHM. + scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" + scripts/config.py unset MBEDTLS_DHM_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + else + # When testing ECC and DH instead, we disable DHM and depending key + # exchanges only in the accelerated build + if [ "$driver_only" -eq 1 ]; then + scripts/config.py unset MBEDTLS_DHM_C + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + fi + fi + + # Restartable feature is not yet supported by PSA. Once it will in + # the future, the following line could be removed (see issues + # 6061, 6332 and following ones) + scripts/config.py unset MBEDTLS_ECP_RESTARTABLE +} + +# Common helper used by: +# - component_test_psa_crypto_config_accel_ecc_no_bignum +# - component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum +# +# The goal is to build and test accelerating either: +# - ECC only or +# - both ECC and FFDH +# +# It is meant to be used in conjunction with +# common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum() for drivers +# coverage analysis in the "analyze_outcomes.py" script. +common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { + test_target="$1" + + # This is an internal helper to simplify text message handling + if [ "$test_target" = "ECC_DH" ]; then + accel_text="ECC/FFDH" + removed_text="ECP - DH" + else + accel_text="ECC" + removed_text="ECP" + fi + + msg "build: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM" + + # By default we accelerate all EC keys/algs + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + $(helper_get_psa_key_type_list "ECC")" + # Optionally we can also add DH to the list of accelerated items + if [ "$test_target" = "ECC_DH" ]; then + loc_accel_list="$loc_accel_list \ + ALG_FFDH \ + $(helper_get_psa_key_type_list "DH")" + fi + + # Note: Those are handled in a special way by the libtestdriver machinery, + # so we only want to include them in the accel list when building the main + # libraries, hence the use of a separate variable. + loc_curve_list="$(helper_get_psa_curve_list)" + + # Configure + # --------- + + # Set common configurations between library's and driver's builds + config_psa_crypto_config_accel_ecc_ffdh_no_bignum 1 "$test_target" + # Disable all the builtin curves. All the required algs are accelerated. + helper_disable_builtin_curves + + # Build + # ----- + + # Things we wanted supported in libtestdriver1, but not accelerated in the main library: + # SHA-1 and all SHA-2/3 variants, as they are used by ECDSA deterministic. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + + # Make sure any built-in EC alg was not re-enabled by accident (additive config) + not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdh_ library/ecdh.o + not grep mbedtls_ecjpake_ library/ecjpake.o + # Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled + not grep mbedtls_ecp_ library/ecp.o + not grep mbedtls_rsa_ library/rsa.o + not grep mbedtls_mpi_ library/bignum.o + not grep mbedtls_dhm_ library/dhm.o + + # Run the tests + # ------------- + + msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM" + + make test + + msg "ssl-opt: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM" + tests/ssl-opt.sh +} + +# Common helper used by: +# - component_test_psa_crypto_config_reference_ecc_no_bignum +# - component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum +# +# The goal is to build and test a reference scenario (i.e. with builtin +# components) compared to the ones used in +# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() above. +# +# It is meant to be used in conjunction with +# common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum() for drivers' +# coverage analysis in "analyze_outcomes.py" script. +common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { + test_target="$1" + + # This is an internal helper to simplify text message handling + if [ "$test_target" = "ECC_DH" ]; then + accel_text="ECC/FFDH" + else + accel_text="ECC" + fi + + msg "build: full + non accelerated $accel_text algs + USE_PSA" + + config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$test_target" + + make + + msg "test suites: full + non accelerated EC algs + USE_PSA" + make test + + msg "ssl-opt: full + non accelerated $accel_text algs + USE_PSA" + tests/ssl-opt.sh +} + +component_test_psa_crypto_config_accel_ecc_no_bignum () { + common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC" +} + +component_test_psa_crypto_config_reference_ecc_no_bignum () { + common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC" +} + +component_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { + common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum "ECC_DH" +} + +component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { + common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum "ECC_DH" +} + +# Helper for setting common configurations between: +# - component_test_tfm_config_p256m_driver_accel_ec() +# - component_test_tfm_config() +common_tfm_config () { + # Enable TF-M config + cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" + cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + + # Adjust for the fact that we're building outside the TF-M environment. + # + # TF-M has separation, our build doesn't + scripts/config.py unset MBEDTLS_PSA_CRYPTO_SPM + scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER + # TF-M provdes its own (dummy) implemenation, from their tree + scripts/config.py unset MBEDTLS_AES_DECRYPT_ALT + scripts/config.py unset MBEDTLS_AES_SETKEY_DEC_ALT + # We have an OS that provides entropy, use it + scripts/config.py unset MBEDTLS_NO_PLATFORM_ENTROPY + + # Other config adjustments to make the tests pass. + # Those should probably be adopted upstream. + # + # - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS + echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H" + # pkparse.c and pkwrite.c fail to link without this + echo "#define MBEDTLS_OID_C" >> "$CONFIG_H" + # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite + echo "#define MBEDTLS_ASN1_PARSE_C" >> "$CONFIG_H" + echo "#define MBEDTLS_ASN1_WRITE_C" >> "$CONFIG_H" + # - MD_C for HKDF_C + echo "#define MBEDTLS_MD_C" >> "$CONFIG_H" + + # Config adjustments for better test coverage in our environment. + # These are not needed just to build and pass tests. + # + # Enable filesystem I/O for the benefit of PK parse/write tests. + echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H" + # Disable this for maximal ASan efficiency + scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C + + # Config adjustments for features that are not supported + # when using only drivers / by p256-m + # + # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE + # Disable deterministic ECDSA as p256-m only does randomized + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA + +} + +# Keep this in sync with component_test_tfm_config() as they are both meant +# to be used in analyze_outcomes.py for driver's coverage analysis. +component_test_tfm_config_p256m_driver_accel_ec () { + msg "build: TF-M config + p256m driver + accel ECDH(E)/ECDSA" + + common_tfm_config + + # Build crypto library specifying we want to use P256M code for EC operations + make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_PSA_P256M_DRIVER_ENABLED -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS" + + # Make sure any built-in EC alg was not re-enabled by accident (additive config) + not grep mbedtls_ecdsa_ library/ecdsa.o + not grep mbedtls_ecdh_ library/ecdh.o + not grep mbedtls_ecjpake_ library/ecjpake.o + # Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled + not grep mbedtls_ecp_ library/ecp.o + not grep mbedtls_rsa_ library/rsa.o + not grep mbedtls_dhm_ library/dhm.o + not grep mbedtls_mpi_ library/bignum.o + + # Run the tests + msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA" + make test +} + +# Keep this in sync with component_test_tfm_config_p256m_driver_accel_ec() as +# they are both meant to be used in analyze_outcomes.py for driver's coverage +# analysis. +component_test_tfm_config() { + common_tfm_config + + msg "build: TF-M config" + make CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' tests + + msg "test: TF-M config" + make test +} + +# Common helper for component_full_without_ecdhe_ecdsa() and +# component_full_without_ecdhe_ecdsa_and_tls13() which: +# - starts from the "full" configuration minus the list of symbols passed in +# as 1st parameter +# - build +# - test only TLS (i.e. test_suite_tls and ssl-opt) +build_full_minus_something_and_test_tls () { + symbols_to_disable="$1" + + msg "build: full minus something, test TLS" + + scripts/config.py full + for sym in $symbols_to_disable; do + echo "Disabling $sym" + scripts/config.py unset $sym + done + + make + + msg "test: full minus something, test TLS" + ( cd tests; ./test_suite_ssl ) + + msg "ssl-opt: full minus something, test TLS" + tests/ssl-opt.sh +} + +component_full_without_ecdhe_ecdsa () { + build_full_minus_something_and_test_tls "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED" +} + +component_full_without_ecdhe_ecdsa_and_tls13 () { + build_full_minus_something_and_test_tls "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + MBEDTLS_SSL_PROTO_TLS1_3" +} + +# This is an helper used by: +# - component_test_psa_ecc_key_pair_no_derive +# - component_test_psa_ecc_key_pair_no_generate +# The goal is to test with all PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy symbols +# enabled, but one. Input arguments are as follows: +# - $1 is the key type under test, i.e. ECC/RSA/DH +# - $2 is the key option to be unset (i.e. generate, derive, etc) +build_and_test_psa_want_key_pair_partial() { + key_type=$1 + unset_option=$2 + disabled_psa_want="PSA_WANT_KEY_TYPE_${key_type}_KEY_PAIR_${unset_option}" + + msg "build: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" + scripts/config.py full + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + + # All the PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy are enabled by default in + # crypto_config.h so we just disable the one we don't want. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want" + + make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + + msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" + make test +} + +component_test_psa_ecc_key_pair_no_derive() { + build_and_test_psa_want_key_pair_partial "ECC" "DERIVE" +} + +component_test_psa_ecc_key_pair_no_generate() { + build_and_test_psa_want_key_pair_partial "ECC" "GENERATE" +} + component_test_psa_crypto_config_accel_rsa_signature () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" + + # Configure + # --------- + + # Start from default config (no TLS 1.3, no USE_PSA) + helper_libtestdriver1_adjust_config "default" # It seems it is not possible to remove only the support for RSA signature # in the library. Thus we have to remove all RSA support (signature and # encryption/decryption). AS there is no driver support for asymmetric # encryption/decryption so far remove RSA encryption/decryption from the # application algorithm list. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + + # Remove RSA support and its dependencies + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED + scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED # Make sure both the library and the test library support the SHA hash # algorithms and only those ones (SHA256 is included by default). That way: @@ -2124,35 +3288,54 @@ component_test_psa_crypto_config_accel_rsa_signature () { # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash # algorithm based on the hashes supported by the library is also # supported by the test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C + # Disable unwanted hashes here, we'll enable hashes we want in loc_extra_list. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160_C + scripts/config.py unset MBEDTLS_MD5_C + scripts/config.py unset MBEDTLS_RIPEMD160_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C - # We need to define either MD_C or all of the PSA_WANT_ALG_SHAxxx. - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_MD_C # We need PEM parsing in the test library as well to support the import # of PEM encoded RSA keys. - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_PEM_PARSE_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_BASE64_C + scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_PEM_PARSE_C + scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_BASE64_C - loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + # Build + # ----- - # Restore test driver base configuration - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA224_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_MD_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C - scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_BASE64_C + # These hashes are needed for some RSA-PSS signature tests. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + helper_libtestdriver1_make_main "$loc_accel_list" - # Mbed TLS library build - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + # Make sure this was not re-enabled by accident (additive config) + not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o + not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + + # Run the tests + # ------------- + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" + make test +} + +# This is a temporary test to verify that full RSA support is present even when +# only one single new symbols (PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) is defined. +component_test_new_psa_want_key_pair_symbol() { + msg "Build: crypto config - MBEDTLS_RSA_C + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" + + # Create a temporary output file unless there is already one set + if [ "$MBEDTLS_TEST_OUTCOME_FILE" ]; then + REMOVE_OUTCOME_ON_EXIT="no" + else + REMOVE_OUTCOME_ON_EXIT="yes" + MBEDTLS_TEST_OUTCOME_FILE="$PWD/out.csv" + export MBEDTLS_TEST_OUTCOME_FILE + fi + + # Start from crypto configuration + scripts/config.py crypto # Remove RSA support and its dependencies scripts/config.py unset MBEDTLS_PKCS1_V15 @@ -2165,61 +3348,101 @@ component_test_psa_crypto_config_accel_rsa_signature () { scripts/config.py unset MBEDTLS_RSA_C scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT - scripts/config.py unset MBEDTLS_MD5_C - scripts/config.py unset MBEDTLS_RIPEMD160_C - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1 - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1 - scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING + # Enable PSA support + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + # Keep only PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC enabled in order to ensure + # that proper translations is done in crypto_legacy.h. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE - not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o - not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + make - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" + msg "Test: crypto config - MBEDTLS_RSA_C + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC" make test + + # Parse only 1 relevant line from the outcome file, i.e. a test which is + # performing RSA signature. + msg "Verify that 'RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA)' is PASS" + cat $MBEDTLS_TEST_OUTCOME_FILE | grep 'RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA)' | grep -q "PASS" + + if [ "$REMOVE_OUTCOME_ON_EXIT" == "yes" ]; then + rm $MBEDTLS_TEST_OUTCOME_FILE + fi } component_test_psa_crypto_config_accel_hash () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \ + ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" - loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + # Configure + # --------- - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + # Start from default config (no TLS 1.3, no USE_PSA) + helper_libtestdriver1_adjust_config "default" + + # Disable the things that are being accelerated scripts/config.py unset MBEDTLS_MD5_C scripts/config.py unset MBEDTLS_RIPEMD160_C scripts/config.py unset MBEDTLS_SHA1_C - # Don't unset MBEDTLS_SHA256_C as it is needed by PSA crypto core. + scripts/config.py unset MBEDTLS_SHA224_C + scripts/config.py unset MBEDTLS_SHA256_C scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_SHA3_C - not grep mbedtls_sha512_init library/sha512.o - not grep mbedtls_sha1_init library/sha1.o + # Build + # ----- + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # There's a risk of something getting re-enabled via config_psa.h; + # make sure it did not happen. Note: it's OK for MD_C to be enabled. + not grep mbedtls_md5 library/md5.o + not grep mbedtls_sha1 library/sha1.o + not grep mbedtls_sha256 library/sha256.o + not grep mbedtls_sha512 library/sha512.o + not grep mbedtls_ripemd160 library/ripemd160.o + + # Run the tests + # ------------- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash" make test } +component_test_psa_crypto_config_accel_hash_keep_builtins () { + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated+builtin hash" + # This component ensures that all the test cases for + # md_psa_dynamic_dispatch with legacy+driver in test_suite_md are run. + + loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \ + ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" + + # Start from default config (no TLS 1.3, no USE_PSA) + helper_libtestdriver1_adjust_config "default" + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated+builtin hash" + make test +} + # Auxiliary function to build config for hashes with and without drivers config_psa_crypto_hash_use_psa () { - DRIVER_ONLY="$1" + driver_only="$1" # start with config full for maximum coverage (also enables USE_PSA) - scripts/config.py full - # enable support for drivers and configuring PSA-only algorithms - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - if [ "$DRIVER_ONLY" -eq 1 ]; then + helper_libtestdriver1_adjust_config "full" + if [ "$driver_only" -eq 1 ]; then # disable the built-in implementation of hashes scripts/config.py unset MBEDTLS_MD5_C scripts/config.py unset MBEDTLS_RIPEMD160_C @@ -2230,67 +3453,55 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA3_C fi - # Use an external RNG as currently internal RNGs depend on entropy.c - # which in turn hard-depends on SHA256_C (or SHA512_C). - # See component_test_psa_external_rng_no_drbg_use_psa. - scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG - scripts/config.py unset MBEDTLS_ENTROPY_C - scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED # depends on ENTROPY_C - scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT # depends on former - # Also unset MD_C and things that depend on it; - # see component_test_crypto_full_no_md. - if [ "$DRIVER_ONLY" -eq 1 ]; then - scripts/config.py unset MBEDTLS_MD_C - fi - scripts/config.py unset MBEDTLS_HKDF_C # has independent PSA implementation - scripts/config.py unset MBEDTLS_HMAC_DRBG_C - scripts/config.py unset MBEDTLS_PKCS7_C - scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_DETERMINISTIC_ECDSA } # Note that component_test_psa_crypto_config_reference_hash_use_psa # is related to this component and both components need to be kept in sync. # For details please see comments for component_test_psa_crypto_config_reference_hash_use_psa. component_test_psa_crypto_config_accel_hash_use_psa () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash and USE_PSA" + msg "test: full with accelerated hashes" - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 \ + ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" - loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + # Configure + # --------- config_psa_crypto_hash_use_psa 1 - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" all + # Build + # ----- + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" # There's a risk of something getting re-enabled via config_psa.h; - # make sure it did not happen. - not grep mbedtls_md library/md.o + # make sure it did not happen. Note: it's OK for MD_C to be enabled. not grep mbedtls_md5 library/md5.o not grep mbedtls_sha1 library/sha1.o not grep mbedtls_sha256 library/sha256.o not grep mbedtls_sha512 library/sha512.o not grep mbedtls_ripemd160 library/ripemd160.o - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash and USE_PSA" + # Run the tests + # ------------- + + msg "test: full with accelerated hashes" make test # This is mostly useful so that we can later compare outcome files with # the reference config in analyze_outcomes.py, to check that the # dependency declarations in ssl-opt.sh and in TLS code are correct. - msg "test: ssl-opt.sh, MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash and USE_PSA" + msg "test: ssl-opt.sh, full with accelerated hashes" tests/ssl-opt.sh # This is to make sure all ciphersuites are exercised, but we don't need # interop testing (besides, we already got some from ssl-opt.sh). - msg "test: compat.sh, MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash and USE_PSA" + msg "test: compat.sh, full with accelerated hashes" tests/compat.sh -p mbedTLS -V YES } @@ -2299,19 +3510,16 @@ component_test_psa_crypto_config_accel_hash_use_psa () { # script to find regression in test coverage when accelerated hash is used (tests and ssl-opt). # Both components need to be kept in sync. component_test_psa_crypto_config_reference_hash_use_psa() { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG without accelerated hash and USE_PSA" - - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING + msg "test: full without accelerated hashes" config_psa_crypto_hash_use_psa 0 make - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG without accelerated hash and USE_PSA" + msg "test: full without accelerated hashes" make test - msg "test: ssl-opt.sh, MBEDTLS_PSA_CRYPTO_CONFIG without accelerated hash and USE_PSA" + msg "test: ssl-opt.sh, full without accelerated hashes" tests/ssl-opt.sh } @@ -2319,21 +3527,22 @@ component_test_psa_crypto_config_accel_cipher () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + # Configure + # --------- - # There is no intended accelerator support for ALG STREAM_CIPHER and - # ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the - # inclusion of the Mbed TLS cipher operations. As we want to test here with - # cipher operations solely supported by accelerators, disabled those - # PSA configuration options. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC + # Start from the default config (no TLS 1.3, no USE_PSA) + helper_libtestdriver1_adjust_config "default" + # There is no intended accelerator support for ALG CMAC. Therefore, asking + # for it in the build implies the inclusion of the Mbed TLS cipher + # operations. As we want to test here with cipher operations solely + # supported by accelerators, disabled this PSA configuration option. + # (Note: the same applies to STREAM_CIPHER and ECB_NO_PADDING, which are + # already disabled by helper_libtestdriver1_adjust_config above.) + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC + + # Disable the things that are being accelerated scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR @@ -2342,11 +3551,19 @@ component_test_psa_crypto_config_accel_cipher () { scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + # Build + # ----- + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_des* library/des.o + # Run the tests + # ------------- + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" make test } @@ -2354,18 +3571,15 @@ component_test_psa_crypto_config_accel_cipher () { component_test_psa_crypto_config_accel_aead () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING - loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" - loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + # Configure + # --------- + # Start from default config (no TLS 1.3, no USE_PSA) + helper_libtestdriver1_adjust_config "default" + + # Disable things that are being accelerated scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CHACHAPOLY_C @@ -2373,54 +3587,65 @@ component_test_psa_crypto_config_accel_aead () { scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION scripts/config.py unset MBEDTLS_SSL_TICKET_C - loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" + # Build + # ----- - # There's a risk of something getting re-enabled via config_psa.h - # make sure it did not happen. + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_ccm library/ccm.o not grep mbedtls_gcm library/gcm.o not grep mbedtls_chachapoly library/chachapoly.o + # Run the tests + # ------------- + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" make test } -component_test_psa_crypto_config_no_driver() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" +component_test_aead_chachapoly_disabled() { + msg "build: full minus CHACHAPOLY" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py unset MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" - msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS" + msg "test: full minus CHACHAPOLY" make test } -component_test_psa_crypto_config_chachapoly_disabled() { - # full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305 - msg "build: full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305" +component_test_aead_only_ccm() { + msg "build: full minus CHACHAPOLY and GCM" scripts/config.py full scripts/config.py unset MBEDTLS_CHACHAPOLY_C - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_GCM - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CHACHA20_POLY1305 + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" - msg "test: full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305" + msg "test: full minus CHACHAPOLY and GCM" + make test +} + +component_test_ccm_aes_sha256() { + msg "build: CCM + AES + SHA256 configuration" + + cp "$CONFIG_TEST_DRIVER_H" "$CONFIG_H" + cp configs/crypto-config-ccm-aes-sha256.h "$CRYPTO_CONFIG_H" + + make CC=gcc + + msg "test: CCM + AES + SHA256 configuration" make test } # This should be renamed to test and updated once the accelerator ECDH code is in place and ready to test. component_build_psa_accel_alg_ecdh() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_ECDH - # without MBEDTLS_ECDH_C - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 scripts/config.py unset MBEDTLS_ECDH_C @@ -2433,43 +3658,10 @@ component_build_psa_accel_alg_ecdh() { make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } -# This should be renamed to test and updated once the accelerator ECC key pair code is in place and ready to test. -component_build_psa_accel_key_type_ecc_key_pair() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_ECC_KEY_PAIR - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_KEY_PAIR" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 - # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" -} - -# This should be renamed to test and updated once the accelerator ECC public key code is in place and ready to test. -component_build_psa_accel_key_type_ecc_public_key() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR - # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" -} - # This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. component_build_psa_accel_alg_hmac() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_HMAC - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HMAC" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HMAC" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver @@ -2478,12 +3670,8 @@ component_build_psa_accel_alg_hmac() { # This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. component_build_psa_accel_alg_hkdf() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_HKDF - # without MBEDTLS_HKDF_C - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 scripts/config.py unset MBEDTLS_HKDF_C @@ -2495,20 +3683,17 @@ component_build_psa_accel_alg_hkdf() { # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. component_build_psa_accel_alg_md5() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD5 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD5 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_MD5 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver @@ -2517,20 +3702,17 @@ component_build_psa_accel_alg_md5() { # This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. component_build_psa_accel_alg_ripemd160() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RIPEMD160 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RIPEMD160 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RIPEMD160 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver @@ -2539,20 +3721,17 @@ component_build_psa_accel_alg_ripemd160() { # This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. component_build_psa_accel_alg_sha1() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_1 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_1 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_1 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver @@ -2561,57 +3740,48 @@ component_build_psa_accel_alg_sha1() { # This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. component_build_psa_accel_alg_sha224() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_224 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_224 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_224 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. component_build_psa_accel_alg_sha256() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_256 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_256 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_256 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. component_build_psa_accel_alg_sha384() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_384 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_384 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_384 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver @@ -2620,20 +3790,17 @@ component_build_psa_accel_alg_sha384() { # This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. component_build_psa_accel_alg_sha512() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_SHA_512 without other hashes - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_512 - other hashes" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_SHA_512 - other hashes" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_256 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver @@ -2642,102 +3809,157 @@ component_build_psa_accel_alg_sha512() { # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PKCS1V15_CRYPT - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_pkcs1v15_sign() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PKCS1V15_SIGN and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_oaep() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_OAEP and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_OAEP 1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PSS + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_OAEP 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_alg_rsa_pss() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_RSA_PSS and PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1 - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_key_type_rsa_key_pair() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_RSA_KEY_PAIR and PSA_WANT_ALG_RSA_PSS - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR + PSA_WANT_ALG_RSA_PSS" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_xxx + PSA_WANT_ALG_RSA_PSS" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. component_build_psa_accel_key_type_rsa_public_key() { - # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY and PSA_WANT_ALG_RSA_PSS - msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS" + msg "build: full - MBEDTLS_USE_PSA_CRYPTO + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1 - scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 + scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" } + +support_build_tfm_armcc () { + armc6_cc="$ARMC6_BIN_DIR/armclang" + (check_tools "$armc6_cc" > /dev/null 2>&1) +} + +component_build_tfm_armcc() { + # test the TF-M configuration can build cleanly with various warning flags enabled + cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" + cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + + msg "build: TF-M config, armclang armv7-m thumb2" + make clean + armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" +} + +component_build_tfm() { + # test the TF-M configuration can build cleanly with various warning flags enabled + cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" + cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + + msg "build: TF-M config, clang, armv7-m thumb2" + make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" + + msg "build: TF-M config, gcc native build" + make clean + make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" +} + +component_build_aes_variations() { # ~45s + # aes.o has many #if defined(...) guards that intersect in complex ways. + # Test that all the combinations build cleanly. The most common issue is + # unused variables/functions, so ensure -Wunused is set. + + msg "build: aes.o for all combinations of relevant config options" + + for a in set unset; do + for b in set unset; do + for c in set unset; do + for d in set unset; do + for e in set unset; do + for f in set unset; do + for g in set unset; do + echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + echo ./scripts/config.py $g MBEDTLS_PADLOCK_C + + ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT + ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT + ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES + ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT + ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT + ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES + ./scripts/config.py $g MBEDTLS_PADLOCK_C + + rm -f library/aes.o + make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + done + done + done + done + done + done + done +} + component_test_no_platform () { # Full configuration build, without platform support, file IO and net sockets. # This should catch missing mbedtls_printf definitions, and by disabling file @@ -2963,7 +4185,7 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - make CC=gcc CFLAGS="'-DMBEDTLS_CONFIG_FILE=\"$PWD/tests/configs/config-wrapper-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -2982,6 +4204,202 @@ component_test_malloc_0_null () { tests/ssl-opt.sh -e 'proxy' } +support_test_aesni() { + # Check that gcc targets x86_64 (we can build AESNI), and check for + # AESNI support on the host (we can run AESNI). + # + # The name of this function is possibly slightly misleading, but needs to align + # with the name of the corresponding test, component_test_aesni. + # + # In principle 32-bit x86 can support AESNI, but our implementation does not + # support 32-bit x86, so we check for x86-64. + # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux + (gcc -v 2>&1 | grep Target | grep -q x86_64) && + [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] && + (lscpu | grep -qw aes) +} + +component_test_aesni () { # ~ 60s + # This tests the two AESNI implementations (intrinsics and assembly), and also the plain C + # fallback. It also tests the logic that is used to select which implementation(s) to build. + # + # This test does not require the host to have support for AESNI (if it doesn't, the run-time + # AESNI detection will fallback to the plain C implementation, so the tests will instead + # exercise the plain C impl). + + msg "build: default config with different AES implementations" + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + scripts/config.py set MBEDTLS_HAVE_ASM + + # test the intrinsics implementation + msg "AES tests, test intrinsics" + make clean + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' + # check that we built intrinsics - this should be used by default when supported by the compiler + ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics" + + # test the asm implementation + msg "AES tests, test assembly" + make clean + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' + # check that we built assembly - this should be built if the compiler does not support intrinsics + ./programs/test/selftest aes | grep "AESNI code" | grep -q "assembly" + + # test the plain C implementation + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + msg "AES tests, plain C" + make clean + make CC=gcc CFLAGS='-O2 -Werror' + # check that there is no AESNI code present + ./programs/test/selftest aes | not grep -q "AESNI code" + not grep -q "AES note: using AESNI" ./programs/test/selftest + grep -q "AES note: built-in implementation." ./programs/test/selftest + + # test the intrinsics implementation + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY + msg "AES tests, test AESNI only" + make clean + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' + ./programs/test/selftest aes | grep -q "AES note: using AESNI" + ./programs/test/selftest aes | not grep -q "AES note: built-in implementation." + grep -q "AES note: using AESNI" ./programs/test/selftest + not grep -q "AES note: built-in implementation." ./programs/test/selftest +} + + + +support_test_aesni_m32() { + support_test_m32_o0 && (lscpu | grep -qw aes) +} + +component_test_aesni_m32 () { # ~ 60s + # This tests are duplicated from component_test_aesni for i386 target + # + # AESNI intrinsic code supports i386 and assembly code does not support it. + + msg "build: default config with different AES implementations" + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + scripts/config.py set MBEDTLS_HAVE_ASM + + # test the intrinsics implementation + msg "AES tests, test intrinsics" + make clean + make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32' + # check that we built intrinsics - this should be used by default when supported by the compiler + ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics" + grep -q "AES note: using AESNI" ./programs/test/selftest + grep -q "AES note: built-in implementation." ./programs/test/selftest + grep -q "AES note: using VIA Padlock" ./programs/test/selftest + grep -q mbedtls_aesni_has_support ./programs/test/selftest + + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C + scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY + msg "AES tests, test AESNI only" + make clean + make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32' + ./programs/test/selftest aes | grep -q "AES note: using AESNI" + ./programs/test/selftest aes | not grep -q "AES note: built-in implementation." + grep -q "AES note: using AESNI" ./programs/test/selftest + not grep -q "AES note: built-in implementation." ./programs/test/selftest + not grep -q "AES note: using VIA Padlock" ./programs/test/selftest + not grep -q mbedtls_aesni_has_support ./programs/test/selftest +} + +# For timebeing, no aarch64 gcc available in CI and no arm64 CI node. +component_build_aes_aesce_armcc () { + msg "Build: AESCE test on arm64 platform without plain C." + scripts/config.py baremetal + + # armc[56] don't support SHA-512 intrinsics + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + + # Stop armclang warning about feature detection for A64_CRYPTO. + # With this enabled, the library does build correctly under armclang, + # but in baremetal builds (as tested here), feature detection is + # unavailable, and the user is notified via a #warning. So enabling + # this feature would prevent us from building with -Werror on + # armclang. Tracked in #7198. + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_HAVE_ASM + + msg "AESCE, build with default configuration." + scripts/config.py set MBEDTLS_AESCE_C + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" + + msg "AESCE, build AESCE only" + scripts/config.py set MBEDTLS_AESCE_C + scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY + armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" +} + +# For timebeing, no VIA Padlock platform available. +component_build_aes_via_padlock () { + + msg "AES:VIA PadLock, build with default configuration." + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + grep -q mbedtls_padlock_has_support ./programs/test/selftest + +} + +support_build_aes_via_padlock_only () { + ( [ "$MBEDTLS_TEST_PLATFORM" == "Linux-x86_64" ] || \ + [ "$MBEDTLS_TEST_PLATFORM" == "Linux-amd64" ] ) && \ + [ "`dpkg --print-foreign-architectures`" == "i386" ] +} + +support_build_aes_aesce_armcc () { + support_build_armcc +} + +component_test_aes_only_128_bit_keys () { + msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH" + scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + scripts/config.py unset MBEDTLS_PADLOCK_C + + make CC=gcc CFLAGS='-Werror -Wall -Wextra' + + msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH" + make test +} + +component_test_no_ctr_drbg_aes_only_128_bit_keys () { + msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH - CTR_DRBG_C" + scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + scripts/config.py unset MBEDTLS_CTR_DRBG_C + scripts/config.py unset MBEDTLS_PADLOCK_C + + make CC=clang CFLAGS='-Werror -Wall -Wextra' + + msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - CTR_DRBG_C" + make test +} + +component_test_aes_only_128_bit_keys_have_builtins () { + msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" + scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + scripts/config.py unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_AESCE_C + + make CC=gcc CFLAGS='-Werror -Wall -Wextra' + + msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" + make test + + msg "selftest: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" + programs/test/selftest +} + component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES @@ -3057,17 +4475,16 @@ component_test_se_default () { } component_test_psa_crypto_drivers () { - msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks" + msg "build: full + test drivers dispatching to builtins" scripts/config.py full - scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS - scripts/config.py set MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL" loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" loc_cflags="${loc_cflags} -I../tests/include -O2" make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" - msg "test: full + MBEDTLS_PSA_CRYPTO_DRIVERS" + msg "test: full + test drivers dispatching to builtins" make test } @@ -3089,6 +4506,7 @@ component_test_cmake_shared () { test_build_opt () { info=$1 cc=$2; shift 2 + $cc --version for opt in "$@"; do msg "build/test: $cc $opt, $info" # ~ 30s make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" @@ -3101,14 +4519,45 @@ test_build_opt () { done } -component_test_clang_opt () { +# For FreeBSD we invoke the function by name so this condition is added +# to disable the existing test_clang_opt function for linux. +if [[ $(uname) != "Linux" ]]; then + component_test_clang_opt () { + scripts/config.py full + test_build_opt 'full config' clang -O0 -Os -O2 + } +fi + +component_test_clang_latest_opt () { scripts/config.py full - test_build_opt 'full config' clang -O0 -Os -O2 + test_build_opt 'full config' "$CLANG_LATEST" -O0 -Os -O2 +} +support_test_clang_latest_opt () { + type "$CLANG_LATEST" >/dev/null 2>/dev/null } -component_test_gcc_opt () { +component_test_clang_earliest_opt () { scripts/config.py full - test_build_opt 'full config' gcc -O0 -Os -O2 + test_build_opt 'full config' "$CLANG_EARLIEST" -O0 +} +support_test_clang_earliest_opt () { + type "$CLANG_EARLIEST" >/dev/null 2>/dev/null +} + +component_test_gcc_latest_opt () { + scripts/config.py full + test_build_opt 'full config' "$GCC_LATEST" -O0 -Os -O2 +} +support_test_gcc_latest_opt () { + type "$GCC_LATEST" >/dev/null 2>/dev/null +} + +component_test_gcc_earliest_opt () { + scripts/config.py full + test_build_opt 'full config' "$GCC_EARLIEST" -O0 +} +support_test_gcc_earliest_opt () { + type "$GCC_EARLIEST" >/dev/null 2>/dev/null } component_build_mbedtls_config_file () { @@ -3151,11 +4600,33 @@ component_build_psa_config_file () { rm -f psa_test_config.h psa_user_config.h } +component_build_psa_alt_headers () { + msg "build: make with PSA alt headers" # ~20s + + # Generate alternative versions of the substitutable headers with the + # same content except different include guards. + make -C tests include/alt-extra/psa/crypto_platform_alt.h include/alt-extra/psa/crypto_struct_alt.h + + # Build the library and some programs. + # Don't build the fuzzers to avoid having to go through hoops to set + # a correct include path for programs/fuzz/Makefile. + make CFLAGS="-I ../tests/include/alt-extra -DMBEDTLS_PSA_CRYPTO_PLATFORM_FILE='\"psa/crypto_platform_alt.h\"' -DMBEDTLS_PSA_CRYPTO_STRUCT_FILE='\"psa/crypto_struct_alt.h\"'" lib + make -C programs -o fuzz CFLAGS="-I ../tests/include/alt-extra -DMBEDTLS_PSA_CRYPTO_PLATFORM_FILE='\"psa/crypto_platform_alt.h\"' -DMBEDTLS_PSA_CRYPTO_STRUCT_FILE='\"psa/crypto_struct_alt.h\"'" + + # Check that we're getting the alternative include guards and not the + # original include guards. + programs/test/query_included_headers | grep -x PSA_CRYPTO_PLATFORM_ALT_H + programs/test/query_included_headers | grep -x PSA_CRYPTO_STRUCT_ALT_H + programs/test/query_included_headers | not grep -x PSA_CRYPTO_PLATFORM_H + programs/test/query_included_headers | not grep -x PSA_CRYPTO_STRUCT_H +} + component_test_m32_o0 () { # Build without optimization, so as to use portable C code (in a 32-bit # build) and not the i386-specific inline assembly. msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s scripts/config.py full + scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" @@ -3163,7 +4634,7 @@ component_test_m32_o0 () { } support_test_m32_o0 () { case $(uname -m) in - *64*) true;; + amd64|x86_64) true;; *) false;; esac } @@ -3173,6 +4644,7 @@ component_test_m32_o2 () { # and go faster for tests. msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full + scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" @@ -3188,6 +4660,7 @@ support_test_m32_o2 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED + scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s @@ -3234,6 +4707,7 @@ component_test_have_int32 () { scripts/config.py unset MBEDTLS_HAVE_ASM scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AESCE_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' msg "test: gcc, force 32-bit bignum limbs" @@ -3245,12 +4719,27 @@ component_test_have_int64 () { scripts/config.py unset MBEDTLS_HAVE_ASM scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AESCE_C make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' msg "test: gcc, force 64-bit bignum limbs" make test } +component_test_have_int32_cmake_new_bignum () { + msg "build: gcc, force 32-bit bignum limbs, new bignum interface, test hooks (ASan build)" + scripts/config.py unset MBEDTLS_HAVE_ASM + scripts/config.py unset MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AESCE_C + scripts/config.py set MBEDTLS_TEST_HOOKS + scripts/config.py set MBEDTLS_ECP_WITH_MPI_UINT + make CC=gcc CFLAGS="$ASAN_CFLAGS -Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32" LDFLAGS="$ASAN_CFLAGS" + + msg "test: gcc, force 32-bit bignum limbs, new bignum interface, test hooks (ASan build)" + make test +} + component_test_no_udbl_division () { msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s scripts/config.py full @@ -3305,7 +4794,7 @@ component_build_arm_none_eabi_gcc () { make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -O1' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug" - ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o + ${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o } component_build_arm_linux_gnueabi_gcc_arm5vte () { @@ -3319,7 +4808,7 @@ component_build_arm_linux_gnueabi_gcc_arm5vte () { make CC="${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc" AR="${ARM_LINUX_GNUEABI_GCC_PREFIX}ar" CFLAGS='-Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug" - ${ARM_LINUX_GNUEABI_GCC_PREFIX}size library/*.o + ${ARM_LINUX_GNUEABI_GCC_PREFIX}size -t library/*.o } support_build_arm_linux_gnueabi_gcc_arm5vte () { type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1 @@ -3334,7 +4823,7 @@ component_build_arm_none_eabi_gcc_arm5vte () { make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" CFLAGS='-std=c99 -Werror -Wall -Wextra -march=armv5te -O1' LDFLAGS='-march=armv5te' SHELL='sh -x' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug" - ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o + ${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o } component_build_arm_none_eabi_gcc_m0plus () { @@ -3343,7 +4832,11 @@ component_build_arm_none_eabi_gcc_m0plus () { make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra -mthumb -mcpu=cortex-m0plus -Os' lib msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os, baremetal_size" - ${ARM_NONE_EABI_GCC_PREFIX}size library/*.o + ${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o + for lib in library/*.a; do + echo "$lib:" + ${ARM_NONE_EABI_GCC_PREFIX}size -t $lib | grep TOTALS + done } component_build_arm_none_eabi_gcc_no_udbl_division () { @@ -3364,11 +4857,39 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () { not grep __aeabi_lmul library/*.o } +component_build_arm_clang_thumb () { + # ~ 30s + + scripts/config.py baremetal + + msg "build: clang thumb 2, make" + make clean + make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -march=armv7-m -mthumb' lib + + # Some Thumb 1 asm is sensitive to optimisation level, so test both -O0 and -Os + msg "build: clang thumb 1 -O0, make" + make clean + make CC="clang" CFLAGS='-std=c99 -Werror -O0 --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib + + msg "build: clang thumb 1 -Os, make" + make clean + make CC="clang" CFLAGS='-std=c99 -Werror -Os --target=arm-linux-gnueabihf -mcpu=arm1136j-s -mthumb' lib +} + component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + + # Stop armclang warning about feature detection for A64_CRYPTO. + # With this enabled, the library does build correctly under armclang, + # but in baremetal builds (as tested here), feature detection is + # unavailable, and the user is notified via a #warning. So enabling + # this feature would prevent us from building with -Werror on + # armclang. Tracked in #7198. + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_HAVE_ASM make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib @@ -3378,7 +4899,7 @@ component_build_armcc () { make clean - # Compile with -O1 since some Arm inline assembly is disabled for -O0. + # Compile mostly with -O1 since some Arm inline assembly is disabled for -O0. # ARM Compiler 6 - Target ARMv7-A armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv7-a" @@ -3397,6 +4918,18 @@ component_build_armcc () { # ARM Compiler 6 - Target ARMv8.2-A - AArch64 armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8.2-a+crypto" + + # ARM Compiler 6 - Target Cortex-M0 - no optimisation + armc6_build_test "-O0 --target=arm-arm-none-eabi -mcpu=cortex-m0" + + # ARM Compiler 6 - Target Cortex-M0 + armc6_build_test "-Os --target=arm-arm-none-eabi -mcpu=cortex-m0" +} + +support_build_armcc () { + armc5_cc="$ARMC5_BIN_DIR/armcc" + armc6_cc="$ARMC6_BIN_DIR/armclang" + (check_tools "$armc5_cc" "$armc6_cc" > /dev/null 2>&1) } component_test_tls13_only () { @@ -3416,6 +4949,7 @@ component_test_tls13_only_psk () { scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED scripts/config.py unset MBEDTLS_ECDH_C + scripts/config.py unset MBEDTLS_DHM_C scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION @@ -3446,6 +4980,22 @@ component_test_tls13_only_ephemeral () { tests/ssl-opt.sh } +component_test_tls13_only_ephemeral_ffdh () { + msg "build: TLS 1.3 only from default, only ephemeral ffdh key exchange mode" + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_ECDH_C + + make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" + + msg "test_suite_ssl: TLS 1.3 only, only ephemeral ffdh key exchange mode" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only ephemeral ffdh key exchange mode" + tests/ssl-opt.sh +} + component_test_tls13_only_psk_ephemeral () { msg "build: TLS 1.3 only from default, only PSK ephemeral key exchange mode" scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED @@ -3466,6 +5016,27 @@ component_test_tls13_only_psk_ephemeral () { tests/ssl-opt.sh } +component_test_tls13_only_psk_ephemeral_ffdh () { + msg "build: TLS 1.3 only from default, only PSK ephemeral ffdh key exchange mode" + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED + scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED + scripts/config.py unset MBEDTLS_X509_CRT_PARSE_C + scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + scripts/config.py unset MBEDTLS_SSL_SERVER_NAME_INDICATION + scripts/config.py unset MBEDTLS_ECDSA_C + scripts/config.py unset MBEDTLS_PKCS1_V21 + scripts/config.py unset MBEDTLS_PKCS7_C + scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py unset MBEDTLS_ECDH_C + make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" + + msg "test_suite_ssl: TLS 1.3 only, only PSK ephemeral ffdh key exchange mode" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: TLS 1.3 only, only PSK ephemeral ffdh key exchange mode" + tests/ssl-opt.sh +} + component_test_tls13_only_psk_all () { msg "build: TLS 1.3 only from default, without ephemeral key exchange mode" scripts/config.py unset MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED @@ -3526,8 +5097,24 @@ component_test_tls13_no_compatibility_mode () { tests/ssl-opt.sh } +component_test_tls13_only_record_size_limit () { + msg "build: TLS 1.3 only from default, record size limit extension enabled" + scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT + make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" + + msg "test_suite_ssl: TLS 1.3 only, record size limit extension enabled" + cd tests; ./test_suite_ssl; cd .. + + msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension tests only)" + # Both the server and the client will currently abort the handshake when they encounter the + # record size limit extension. There is no way to prevent gnutls-cli from sending the extension + # which makes all G_NEXT_CLI + P_SRV tests fail. Thus, run only the tests for the this extension. + tests/ssl-opt.sh -f "Record Size Limit" +} + component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s + scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs # note Make tests only builds the tests, but doesn't run them @@ -3540,8 +5127,8 @@ component_build_mingw () { make WINDOWS_BUILD=1 clean } support_build_mingw() { - case $(i686-w64-mingw32-gcc -dumpversion) in - [0-5]*) false;; + case $(i686-w64-mingw32-gcc -dumpversion 2>/dev/null) in + [0-5]*|"") false;; *) true;; esac } @@ -3636,11 +5223,16 @@ support_test_cmake_out_of_source () { } component_test_cmake_out_of_source () { + # Remove existing generated files so that we use the ones cmake + # generates + make neat + msg "build: cmake 'out-of-source' build" MBEDTLS_ROOT_DIR="$PWD" mkdir "$OUT_OF_SOURCE_DIR" cd "$OUT_OF_SOURCE_DIR" - cmake -D CMAKE_BUILD_TYPE:String=Check "$MBEDTLS_ROOT_DIR" + # Note: Explicitly generate files as these are turned off in releases + cmake -D CMAKE_BUILD_TYPE:String=Check -D GEN_FILES=ON "$MBEDTLS_ROOT_DIR" make msg "test: cmake 'out-of-source' build" @@ -3661,9 +5253,14 @@ component_test_cmake_out_of_source () { } component_test_cmake_as_subdirectory () { + # Remove existing generated files so that we use the ones CMake + # generates + make neat + msg "build: cmake 'as-subdirectory' build" cd programs/test/cmake_subproject - cmake . + # Note: Explicitly generate files as these are turned off in releases + cmake -D GEN_FILES=ON . make ./cmake_subproject } @@ -3672,6 +5269,10 @@ support_test_cmake_as_subdirectory () { } component_test_cmake_as_package () { + # Remove existing generated files so that we use the ones CMake + # generates + make neat + msg "build: cmake 'as-package' build" cd programs/test/cmake_package cmake . @@ -3683,6 +5284,10 @@ support_test_cmake_as_package () { } component_test_cmake_as_package_install () { + # Remove existing generated files so that we use the ones CMake + # generates + make neat + msg "build: cmake 'as-installed-package' build" cd programs/test/cmake_package_install cmake . @@ -3693,6 +5298,79 @@ support_test_cmake_as_package_install () { support_test_cmake_out_of_source } +component_build_cmake_custom_config_file () { + # Make a copy of config file to use for the in-tree test + cp "$CONFIG_H" include/mbedtls_config_in_tree_copy.h + + MBEDTLS_ROOT_DIR="$PWD" + mkdir "$OUT_OF_SOURCE_DIR" + cd "$OUT_OF_SOURCE_DIR" + + # Build once to get the generated files (which need an intact config file) + cmake "$MBEDTLS_ROOT_DIR" + make + + msg "build: cmake with -DMBEDTLS_CONFIG_FILE" + scripts/config.py -w full_config.h full + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h "$MBEDTLS_ROOT_DIR" + make + + msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h "$MBEDTLS_ROOT_DIR" + make + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h + + cd "$MBEDTLS_ROOT_DIR" + rm -rf "$OUT_OF_SOURCE_DIR" + + # Now repeat the test for an in-tree build: + + # Restore config for the in-tree test + mv include/mbedtls_config_in_tree_copy.h "$CONFIG_H" + + # Build once to get the generated files (which need an intact config) + cmake . + make + + msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE" + scripts/config.py -w full_config.h full + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h . + make + + msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h . + make + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h +} +support_build_cmake_custom_config_file () { + support_test_cmake_out_of_source +} + + +component_build_zeroize_checks () { + msg "build: check for obviously wrong calls to mbedtls_platform_zeroize()" + + scripts/config.py full + + # Only compile - we're looking for sizeof-pointer-memaccess warnings + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" +} + + component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by # different combinations of compilers and optimization flags by using an @@ -3741,20 +5419,12 @@ support_test_psa_compliance () { [ "$ver_major" -eq 3 ] && [ "$ver_minor" -ge 10 ] } -component_test_corrected_code_style () { - ./scripts/code_style.py --fix - - msg "build: make, default config (out-of-box), corrected code style" - make - - msg "test: main suites make, default config (out-of-box), corrected code style" - make test - - # Clean up code-style corrections - git checkout -- . +component_check_code_style () { + msg "Check C code style" + ./scripts/code_style.py } -support_test_corrected_code_style() { +support_check_code_style() { case $(uncrustify --version) in *0.75.1*) true;; *) false;; @@ -3777,6 +5447,7 @@ component_check_test_helpers () { python3 -m unittest tests/scripts/translate_ciphers.py 2>&1 } + ################################################################ #### Termination ################################################################ @@ -3867,6 +5538,7 @@ run_component () { # Preliminary setup pre_check_environment +pre_parse_command_line_for_dirs "$@" pre_initialize_variables pre_parse_command_line "$@" @@ -3882,7 +5554,9 @@ pre_prepare_outcome_file pre_print_configuration pre_check_tools cleanup -pre_generate_files +if in_mbedtls_repo; then + pre_generate_files +fi # Run the requested tests. for ((error_test_i=1; error_test_i <= error_test; error_test_i++)); do diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index bb4439653..1f20734b1 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -10,6 +10,8 @@ import argparse import sys import traceback import re +import subprocess +import os import check_test_cases @@ -51,34 +53,69 @@ class TestCaseOutcomes: """ return len(self.successes) + len(self.failures) -def analyze_coverage(results, outcomes): +def execute_reference_driver_tests(ref_component, driver_component, outcome_file): + """Run the tests specified in ref_component and driver_component. Results + are stored in the output_file and they will be used for the following + coverage analysis""" + # If the outcome file already exists, we assume that the user wants to + # perform the comparison analysis again without repeating the tests. + if os.path.exists(outcome_file): + Results.log("Outcome file (" + outcome_file + ") already exists. " + \ + "Tests will be skipped.") + return + + shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ + " " + ref_component + " " + driver_component + Results.log("Running: " + shell_command) + ret_val = subprocess.run(shell_command.split(), check=False).returncode + + if ret_val != 0: + Results.log("Error: failed to run reference/driver components") + sys.exit(ret_val) + +def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() for key in available: hits = outcomes[key].hits() if key in outcomes else 0 - if hits == 0: - # Make this a warning, not an error, as long as we haven't - # fixed this branch to have full coverage of test cases. - results.warning('Test case not executed: {}', key) + if hits == 0 and key not in allow_list: + if full_coverage: + results.error('Test case not executed: {}', key) + else: + results.warning('Test case not executed: {}', key) + elif hits != 0 and key in allow_list: + # Test Case should be removed from the allow list. + if full_coverage: + results.error('Allow listed test case was executed: {}', key) + else: + results.warning('Allow listed test case was executed: {}', key) -def analyze_driver_vs_reference(outcomes, component_ref, component_driver, ignored_tests): +def analyze_driver_vs_reference(outcomes, component_ref, component_driver, + ignored_suites, ignored_test=None): """Check that all tests executed in the reference component are also executed in the corresponding driver component. - Skip test suites provided in ignored_tests list. + Skip: + - full test suites provided in ignored_suites list + - only some specific test inside a test suite, for which the corresponding + output string is provided """ available = check_test_cases.collect_available_test_cases() result = True for key in available: - # Skip ignored test suites - test_suite = key.split(';')[0] # retrieve test suit name - test_suite = test_suite.split('.')[0] # retrieve main part of test suit name - if test_suite in ignored_tests: - continue # Continue if test was not executed by any component hits = outcomes[key].hits() if key in outcomes else 0 if hits == 0: continue + # Skip ignored test suites + full_test_suite = key.split(';')[0] # retrieve full test suite name + test_string = key.split(';')[1] # retrieve the text string of this test + test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name + if test_suite in ignored_suites or full_test_suite in ignored_suites: + continue + if ((full_test_suite in ignored_test) and + (test_string in ignored_test[full_test_suite])): + continue # Search for tests that run in reference component and not in driver component driver_test_passed = False reference_test_passed = False @@ -87,15 +124,16 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, ignor driver_test_passed = True if component_ref in entry: reference_test_passed = True - if(driver_test_passed is False and reference_test_passed is True): - print('{}: driver: skipped/failed; reference: passed'.format(key)) + if(reference_test_passed and not driver_test_passed): + Results.log(key) result = False return result -def analyze_outcomes(outcomes): +def analyze_outcomes(outcomes, args): """Run all analyses on the given outcome collection.""" results = Results() - analyze_coverage(results, outcomes) + analyze_coverage(results, outcomes, args['allow_list'], + args['full_coverage']) return results def read_outcome_file(outcome_file): @@ -121,32 +159,485 @@ by a semicolon. def do_analyze_coverage(outcome_file, args): """Perform coverage analysis.""" - del args # unused outcomes = read_outcome_file(outcome_file) - results = analyze_outcomes(outcomes) + Results.log("\n*** Analyze coverage ***\n") + results = analyze_outcomes(outcomes, args) return results.error_count == 0 def do_analyze_driver_vs_reference(outcome_file, args): """Perform driver vs reference analyze.""" - ignored_tests = ['test_suite_' + x for x in args['ignored_suites']] + execute_reference_driver_tests(args['component_ref'], \ + args['component_driver'], outcome_file) + + ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) + Results.log("\n*** Analyze driver {} vs reference {} ***\n".format( + args['component_driver'], args['component_ref'])) return analyze_driver_vs_reference(outcomes, args['component_ref'], - args['component_driver'], ignored_tests) + args['component_driver'], ignored_suites, + args['ignored_tests']) # List of tasks with a function that can handle this task and additional arguments if required TASKS = { 'analyze_coverage': { 'test_function': do_analyze_coverage, - 'args': {}}, + 'args': { + 'allow_list': [ + # Algorithm not supported yet + 'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA', + # Algorithm not supported yet + 'test_suite_psa_crypto_metadata;Cipher: XTS', + ], + 'full_coverage': False, + } + }, + # There are 2 options to use analyze_driver_vs_reference_xxx locally: + # 1. Run tests and then analysis: + # - tests/scripts/all.sh --outcome-file "$PWD/out.csv" + # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx + # 2. Let this script run both automatically: + # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx 'analyze_driver_vs_reference_hash': { 'test_function': do_analyze_driver_vs_reference, 'args': { 'component_ref': 'test_psa_crypto_config_reference_hash_use_psa', 'component_driver': 'test_psa_crypto_config_accel_hash_use_psa', - 'ignored_suites': ['shax', 'mdx', # the software implementations that are being excluded - 'md', # the legacy abstraction layer that's being excluded - ]}} + 'ignored_suites': [ + 'shax', 'mdx', # the software implementations that are being excluded + 'md.psa', # purposefully depends on whether drivers are present + 'psa_crypto_low_hash.generated', # testing the builtins + ], + 'ignored_tests': { + } + } + }, + 'analyze_driver_vs_reference_ecp_light_only': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ecc_ecp_light_only', + 'component_driver': 'test_psa_crypto_config_accel_ecc_ecp_light_only', + 'ignored_suites': [ + 'ecdsa', + 'ecdh', + 'ecjpake', + ], + 'ignored_tests': { + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + # In the accelerated test ECP_C is not set (only ECP_LIGHT is) + # so we must ignore disparities in the tests for which ECP_C + # is required. + 'test_suite_ecp': [ + 'ECP check public-private #1 (OK)', + 'ECP check public-private #2 (group none)', + 'ECP check public-private #3 (group mismatch)', + 'ECP check public-private #4 (Qx mismatch)', + 'ECP check public-private #5 (Qy mismatch)', + 'ECP check public-private #6 (wrong Qx)', + 'ECP check public-private #7 (wrong Qy)', + 'ECP gen keypair [#1]', + 'ECP gen keypair [#2]', + 'ECP gen keypair [#3]', + 'ECP gen keypair wrapper', + 'ECP point muladd secp256r1 #1', + 'ECP point muladd secp256r1 #2', + 'ECP point multiplication Curve25519 (element of order 2: origin) #3', + 'ECP point multiplication Curve25519 (element of order 4: 1) #4', + 'ECP point multiplication Curve25519 (element of order 8) #5', + 'ECP point multiplication Curve25519 (normalized) #1', + 'ECP point multiplication Curve25519 (not normalized) #2', + 'ECP point multiplication rng fail Curve25519', + 'ECP point multiplication rng fail secp256r1', + 'ECP test vectors Curve25519', + 'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)', + 'ECP test vectors brainpoolP256r1 rfc 7027', + 'ECP test vectors brainpoolP384r1 rfc 7027', + 'ECP test vectors brainpoolP512r1 rfc 7027', + 'ECP test vectors secp192k1', + 'ECP test vectors secp192r1 rfc 5114', + 'ECP test vectors secp224k1', + 'ECP test vectors secp224r1 rfc 5114', + 'ECP test vectors secp256k1', + 'ECP test vectors secp256r1 rfc 5114', + 'ECP test vectors secp384r1 rfc 5114', + 'ECP test vectors secp521r1 rfc 5114', + ], + 'test_suite_psa_crypto': [ + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', + ], + 'test_suite_ssl': [ + 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', + ], + } + } + }, + 'analyze_driver_vs_reference_no_ecp_at_all': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ecc_no_ecp_at_all', + 'component_driver': 'test_psa_crypto_config_accel_ecc_no_ecp_at_all', + 'ignored_suites': [ + # Ignore test suites for the modules that are disabled in the + # accelerated test case. + 'ecp', + 'ecdsa', + 'ecdh', + 'ecjpake', + ], + 'ignored_tests': { + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + 'test_suite_psa_crypto': [ + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', + 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', + ], + 'test_suite_pkparse': [ + # When PK_PARSE_C and ECP_C are defined then PK_PARSE_EC_COMPRESSED + # is automatically enabled in build_info.h (backward compatibility) + # even if it is disabled in config_psa_crypto_no_ecp_at_all(). As a + # consequence compressed points are supported in the reference + # component but not in the accelerated one, so they should be skipped + # while checking driver's coverage. + 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', + 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', + 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', + 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', + 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', + 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', + 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', + 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', + 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', + 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', + 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', + 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', + 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', + 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', + 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', + 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + ], + 'test_suite_ssl': [ + 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', + ], + } + } + }, + 'analyze_driver_vs_reference_ecc_no_bignum': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum', + 'component_driver': 'test_psa_crypto_config_accel_ecc_no_bignum', + 'ignored_suites': [ + # Ignore test suites for the modules that are disabled in the + # accelerated test case. + 'ecp', + 'ecdsa', + 'ecdh', + 'ecjpake', + 'bignum_core', + 'bignum_random', + 'bignum_mod', + 'bignum_mod_raw', + 'bignum.generated', + 'bignum.misc', + ], + 'ignored_tests': { + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + 'test_suite_psa_crypto': [ + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', + 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', + ], + 'test_suite_pkparse': [ + # See the description provided above in the + # analyze_driver_vs_reference_no_ecp_at_all component. + 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', + 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', + 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', + 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', + 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', + 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', + 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', + 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', + 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', + 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', + 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', + 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', + 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', + 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', + 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', + 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + ], + 'test_suite_asn1parse': [ + # This test depends on BIGNUM_C + 'INTEGER too large for mpi', + ], + 'test_suite_asn1write': [ + # Following tests depends on BIGNUM_C + 'ASN.1 Write mpi 0 (1 limb)', + 'ASN.1 Write mpi 0 (null)', + 'ASN.1 Write mpi 0x100', + 'ASN.1 Write mpi 0x7f', + 'ASN.1 Write mpi 0x7f with leading 0 limb', + 'ASN.1 Write mpi 0x80', + 'ASN.1 Write mpi 0x80 with leading 0 limb', + 'ASN.1 Write mpi 0xff', + 'ASN.1 Write mpi 1', + 'ASN.1 Write mpi, 127*8 bits', + 'ASN.1 Write mpi, 127*8+1 bits', + 'ASN.1 Write mpi, 127*8-1 bits', + 'ASN.1 Write mpi, 255*8 bits', + 'ASN.1 Write mpi, 255*8-1 bits', + 'ASN.1 Write mpi, 256*8-1 bits', + ], + 'test_suite_debug': [ + # Following tests depends on BIGNUM_C + 'Debug print mbedtls_mpi #2: 3 bits', + 'Debug print mbedtls_mpi: 0 (empty representation)', + 'Debug print mbedtls_mpi: 0 (non-empty representation)', + 'Debug print mbedtls_mpi: 49 bits', + 'Debug print mbedtls_mpi: 759 bits', + 'Debug print mbedtls_mpi: 764 bits #1', + 'Debug print mbedtls_mpi: 764 bits #2', + ], + 'test_suite_ssl': [ + 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', + ], + } + } + }, + 'analyze_driver_vs_reference_ecc_ffdh_no_bignum': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum', + 'component_driver': 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum', + 'ignored_suites': [ + # Ignore test suites for the modules that are disabled in the + # accelerated test case. + 'ecp', + 'ecdsa', + 'ecdh', + 'ecjpake', + 'bignum_core', + 'bignum_random', + 'bignum_mod', + 'bignum_mod_raw', + 'bignum.generated', + 'bignum.misc', + 'dhm', + ], + 'ignored_tests': { + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + 'test_suite_psa_crypto': [ + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', + 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', + ], + 'test_suite_pkparse': [ + # See the description provided above in the + # analyze_driver_vs_reference_no_ecp_at_all component. + 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', + 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', + 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', + 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', + 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', + 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', + 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', + 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', + 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', + 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', + 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', + 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', + 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', + 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', + 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', + 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + ], + 'test_suite_asn1parse': [ + # This test depends on BIGNUM_C + 'INTEGER too large for mpi', + ], + 'test_suite_asn1write': [ + # Following tests depends on BIGNUM_C + 'ASN.1 Write mpi 0 (1 limb)', + 'ASN.1 Write mpi 0 (null)', + 'ASN.1 Write mpi 0x100', + 'ASN.1 Write mpi 0x7f', + 'ASN.1 Write mpi 0x7f with leading 0 limb', + 'ASN.1 Write mpi 0x80', + 'ASN.1 Write mpi 0x80 with leading 0 limb', + 'ASN.1 Write mpi 0xff', + 'ASN.1 Write mpi 1', + 'ASN.1 Write mpi, 127*8 bits', + 'ASN.1 Write mpi, 127*8+1 bits', + 'ASN.1 Write mpi, 127*8-1 bits', + 'ASN.1 Write mpi, 255*8 bits', + 'ASN.1 Write mpi, 255*8-1 bits', + 'ASN.1 Write mpi, 256*8-1 bits', + ], + 'test_suite_debug': [ + # Following tests depends on BIGNUM_C + 'Debug print mbedtls_mpi #2: 3 bits', + 'Debug print mbedtls_mpi: 0 (empty representation)', + 'Debug print mbedtls_mpi: 0 (non-empty representation)', + 'Debug print mbedtls_mpi: 49 bits', + 'Debug print mbedtls_mpi: 759 bits', + 'Debug print mbedtls_mpi: 764 bits #1', + 'Debug print mbedtls_mpi: 764 bits #2', + ], + 'test_suite_ssl': [ + 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', + ], + } + } + }, + 'analyze_driver_vs_reference_ffdh_alg': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_ffdh', + 'component_driver': 'test_psa_crypto_config_accel_ffdh', + 'ignored_suites': ['dhm'], + 'ignored_tests': {} + } + }, + 'analyze_driver_vs_reference_tfm_config': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_tfm_config', + 'component_driver': 'test_tfm_config_p256m_driver_accel_ec', + 'ignored_suites': [ + # Ignore test suites for the modules that are disabled in the + # accelerated test case. + 'ecp', + 'ecdsa', + 'ecdh', + 'ecjpake', + 'bignum_core', + 'bignum_random', + 'bignum_mod', + 'bignum_mod_raw', + 'bignum.generated', + 'bignum.misc', + ], + 'ignored_tests': { + # Ignore all tests that require DERIVE support which is disabled + # in the driver version + 'test_suite_psa_crypto': [ + 'PSA key agreement setup: ECDH + HKDF-SHA-256: good', + ('PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader ' + 'than required'), + 'PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve', + 'PSA key agreement setup: KDF instead of a key agreement algorithm', + 'PSA key agreement setup: bad key agreement algorithm', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32', + 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0', + 'PSA key derivation: ECDH on P256 with HKDF-SHA256, info first', + 'PSA key derivation: ECDH on P256 with HKDF-SHA256, key output', + 'PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info', + 'PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt', + 'PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output', + 'PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret', + 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case', + 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label', + 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret', + 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', + 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', + 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 0+48, ka', + 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 24+24, ka', + 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 48+0, ka', + 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #1, ka', + 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #3, ka', + 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #4, ka', + 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', + 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', + 'PSA raw key agreement: ECDH SECP256R1 (RFC 5903)', + ], + 'test_suite_random': [ + 'PSA classic wrapper: ECDSA signature (SECP256R1)', + ], + 'test_suite_psa_crypto_pake': [ + 'PSA PAKE: ecjpake size macros', + ], + 'test_suite_asn1parse': [ + # This test depends on BIGNUM_C + 'INTEGER too large for mpi', + ], + 'test_suite_asn1write': [ + # Following tests depends on BIGNUM_C + 'ASN.1 Write mpi 0 (1 limb)', + 'ASN.1 Write mpi 0 (null)', + 'ASN.1 Write mpi 0x100', + 'ASN.1 Write mpi 0x7f', + 'ASN.1 Write mpi 0x7f with leading 0 limb', + 'ASN.1 Write mpi 0x80', + 'ASN.1 Write mpi 0x80 with leading 0 limb', + 'ASN.1 Write mpi 0xff', + 'ASN.1 Write mpi 1', + 'ASN.1 Write mpi, 127*8 bits', + 'ASN.1 Write mpi, 127*8+1 bits', + 'ASN.1 Write mpi, 127*8-1 bits', + 'ASN.1 Write mpi, 255*8 bits', + 'ASN.1 Write mpi, 255*8-1 bits', + 'ASN.1 Write mpi, 256*8-1 bits', + ], + } + } + } } def main(): @@ -161,11 +652,16 @@ def main(): 'comma/space-separated list of tasks. ') parser.add_argument('--list', action='store_true', help='List all available tasks and exit.') + parser.add_argument('--require-full-coverage', action='store_true', + dest='full_coverage', help="Require all available " + "test cases to be executed and issue an error " + "otherwise. This flag is ignored if 'task' is " + "neither 'all' nor 'analyze_coverage'") options = parser.parse_args() if options.list: for task in TASKS: - print(task) + Results.log(task) sys.exit(0) result = True @@ -177,9 +673,12 @@ def main(): for task in tasks: if task not in TASKS: - print('Error: invalid task: {}'.format(task)) + Results.log('Error: invalid task: {}'.format(task)) sys.exit(1) + TASKS['analyze_coverage']['args']['full_coverage'] = \ + options.full_coverage + for task in TASKS: if task in tasks: if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']): @@ -187,7 +686,7 @@ def main(): if result is False: sys.exit(1) - print("SUCCESS :-)") + Results.log("SUCCESS :-)") except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. traceback.print_exc() diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py new file mode 100755 index 000000000..5128dc788 --- /dev/null +++ b/tests/scripts/audit-validity-dates.py @@ -0,0 +1,481 @@ +#!/usr/bin/env python3 +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Audit validity date of X509 crt/crl/csr. + +This script is used to audit the validity date of crt/crl/csr used for testing. +It prints the information about X.509 objects excluding the objects that +are valid throughout the desired validity period. The data are collected +from tests/data_files/ and tests/suites/*.data files by default. +""" + +import os +import re +import typing +import argparse +import datetime +import glob +import logging +import hashlib +from enum import Enum + +# The script requires cryptography >= 35.0.0 which is only available +# for Python >= 3.6. +import cryptography +from cryptography import x509 + +from generate_test_code import FileWrapper + +import scripts_path # pylint: disable=unused-import +from mbedtls_dev import build_tree +from mbedtls_dev import logging_util + +def check_cryptography_version(): + match = re.match(r'^[0-9]+', cryptography.__version__) + if match is None or int(match.group(0)) < 35: + raise Exception("audit-validity-dates requires cryptography >= 35.0.0" + + "({} is too old)".format(cryptography.__version__)) + +class DataType(Enum): + CRT = 1 # Certificate + CRL = 2 # Certificate Revocation List + CSR = 3 # Certificate Signing Request + + +class DataFormat(Enum): + PEM = 1 # Privacy-Enhanced Mail + DER = 2 # Distinguished Encoding Rules + + +class AuditData: + """Store data location, type and validity period of X.509 objects.""" + #pylint: disable=too-few-public-methods + def __init__(self, data_type: DataType, x509_obj): + self.data_type = data_type + # the locations that the x509 object could be found + self.locations = [] # type: typing.List[str] + self.fill_validity_duration(x509_obj) + self._obj = x509_obj + encoding = cryptography.hazmat.primitives.serialization.Encoding.DER + self._identifier = hashlib.sha1(self._obj.public_bytes(encoding)).hexdigest() + + @property + def identifier(self): + """ + Identifier of the underlying X.509 object, which is consistent across + different runs. + """ + return self._identifier + + def fill_validity_duration(self, x509_obj): + """Read validity period from an X.509 object.""" + # Certificate expires after "not_valid_after" + # Certificate is invalid before "not_valid_before" + if self.data_type == DataType.CRT: + self.not_valid_after = x509_obj.not_valid_after + self.not_valid_before = x509_obj.not_valid_before + # CertificateRevocationList expires after "next_update" + # CertificateRevocationList is invalid before "last_update" + elif self.data_type == DataType.CRL: + self.not_valid_after = x509_obj.next_update + self.not_valid_before = x509_obj.last_update + # CertificateSigningRequest is always valid. + elif self.data_type == DataType.CSR: + self.not_valid_after = datetime.datetime.max + self.not_valid_before = datetime.datetime.min + else: + raise ValueError("Unsupported file_type: {}".format(self.data_type)) + + +class X509Parser: + """A parser class to parse crt/crl/csr file or data in PEM/DER format.""" + PEM_REGEX = br'-{5}BEGIN (?P.*?)-{5}(?P.*?)-{5}END (?P=type)-{5}' + PEM_TAG_REGEX = br'-{5}BEGIN (?P.*?)-{5}\n' + PEM_TAGS = { + DataType.CRT: 'CERTIFICATE', + DataType.CRL: 'X509 CRL', + DataType.CSR: 'CERTIFICATE REQUEST' + } + + def __init__(self, + backends: + typing.Dict[DataType, + typing.Dict[DataFormat, + typing.Callable[[bytes], object]]]) \ + -> None: + self.backends = backends + self.__generate_parsers() + + def __generate_parser(self, data_type: DataType): + """Parser generator for a specific DataType""" + tag = self.PEM_TAGS[data_type] + pem_loader = self.backends[data_type][DataFormat.PEM] + der_loader = self.backends[data_type][DataFormat.DER] + def wrapper(data: bytes): + pem_type = X509Parser.pem_data_type(data) + # It is in PEM format with target tag + if pem_type == tag: + return pem_loader(data) + # It is in PEM format without target tag + if pem_type: + return None + # It might be in DER format + try: + result = der_loader(data) + except ValueError: + result = None + return result + wrapper.__name__ = "{}.parser[{}]".format(type(self).__name__, tag) + return wrapper + + def __generate_parsers(self): + """Generate parsers for all support DataType""" + self.parsers = {} + for data_type, _ in self.PEM_TAGS.items(): + self.parsers[data_type] = self.__generate_parser(data_type) + + def __getitem__(self, item): + return self.parsers[item] + + @staticmethod + def pem_data_type(data: bytes) -> typing.Optional[str]: + """Get the tag from the data in PEM format + + :param data: data to be checked in binary mode. + :return: PEM tag or "" when no tag detected. + """ + m = re.search(X509Parser.PEM_TAG_REGEX, data) + if m is not None: + return m.group('type').decode('UTF-8') + else: + return None + + @staticmethod + def check_hex_string(hex_str: str) -> bool: + """Check if the hex string is possibly DER data.""" + hex_len = len(hex_str) + # At least 6 hex char for 3 bytes: Type + Length + Content + if hex_len < 6: + return False + # Check if Type (1 byte) is SEQUENCE. + if hex_str[0:2] != '30': + return False + # Check LENGTH (1 byte) value + content_len = int(hex_str[2:4], base=16) + consumed = 4 + if content_len in (128, 255): + # Indefinite or Reserved + return False + elif content_len > 127: + # Definite, Long + length_len = (content_len - 128) * 2 + content_len = int(hex_str[consumed:consumed+length_len], base=16) + consumed += length_len + # Check LENGTH + if hex_len != content_len * 2 + consumed: + return False + return True + + +class Auditor: + """ + A base class that uses X509Parser to parse files to a list of AuditData. + + A subclass must implement the following methods: + - collect_default_files: Return a list of file names that are defaultly + used for parsing (auditing). The list will be stored in + Auditor.default_files. + - parse_file: Method that parses a single file to a list of AuditData. + + A subclass may override the following methods: + - parse_bytes: Defaultly, it parses `bytes` that contains only one valid + X.509 data(DER/PEM format) to an X.509 object. + - walk_all: Defaultly, it iterates over all the files in the provided + file name list, calls `parse_file` for each file and stores the results + by extending the `results` passed to the function. + """ + def __init__(self, logger): + self.logger = logger + self.default_files = self.collect_default_files() + self.parser = X509Parser({ + DataType.CRT: { + DataFormat.PEM: x509.load_pem_x509_certificate, + DataFormat.DER: x509.load_der_x509_certificate + }, + DataType.CRL: { + DataFormat.PEM: x509.load_pem_x509_crl, + DataFormat.DER: x509.load_der_x509_crl + }, + DataType.CSR: { + DataFormat.PEM: x509.load_pem_x509_csr, + DataFormat.DER: x509.load_der_x509_csr + }, + }) + + def collect_default_files(self) -> typing.List[str]: + """Collect the default files for parsing.""" + raise NotImplementedError + + def parse_file(self, filename: str) -> typing.List[AuditData]: + """ + Parse a list of AuditData from file. + + :param filename: name of the file to parse. + :return list of AuditData parsed from the file. + """ + raise NotImplementedError + + def parse_bytes(self, data: bytes): + """Parse AuditData from bytes.""" + for data_type in list(DataType): + try: + result = self.parser[data_type](data) + except ValueError as val_error: + result = None + self.logger.warning(val_error) + if result is not None: + audit_data = AuditData(data_type, result) + return audit_data + return None + + def walk_all(self, + results: typing.Dict[str, AuditData], + file_list: typing.Optional[typing.List[str]] = None) \ + -> None: + """ + Iterate over all the files in the list and get audit data. The + results will be written to `results` passed to this function. + + :param results: The dictionary used to store the parsed + AuditData. The keys of this dictionary should + be the identifier of the AuditData. + """ + if file_list is None: + file_list = self.default_files + for filename in file_list: + data_list = self.parse_file(filename) + for d in data_list: + if d.identifier in results: + results[d.identifier].locations.extend(d.locations) + else: + results[d.identifier] = d + + @staticmethod + def find_test_dir(): + """Get the relative path for the Mbed TLS test directory.""" + return os.path.relpath(build_tree.guess_mbedtls_root() + '/tests') + + +class TestDataAuditor(Auditor): + """Class for auditing files in `tests/data_files/`""" + + def collect_default_files(self): + """Collect all files in `tests/data_files/`""" + test_dir = self.find_test_dir() + test_data_glob = os.path.join(test_dir, 'data_files/**') + data_files = [f for f in glob.glob(test_data_glob, recursive=True) + if os.path.isfile(f)] + return data_files + + def parse_file(self, filename: str) -> typing.List[AuditData]: + """ + Parse a list of AuditData from data file. + + :param filename: name of the file to parse. + :return list of AuditData parsed from the file. + """ + with open(filename, 'rb') as f: + data = f.read() + + results = [] + # Try to parse all PEM blocks. + is_pem = False + for idx, m in enumerate(re.finditer(X509Parser.PEM_REGEX, data, flags=re.S), 1): + is_pem = True + result = self.parse_bytes(data[m.start():m.end()]) + if result is not None: + result.locations.append("{}#{}".format(filename, idx)) + results.append(result) + + # Might be DER format. + if not is_pem: + result = self.parse_bytes(data) + if result is not None: + result.locations.append("{}".format(filename)) + results.append(result) + + return results + + +def parse_suite_data(data_f): + """ + Parses .data file for test arguments that possiblly have a + valid X.509 data. If you need a more precise parser, please + use generate_test_code.parse_test_data instead. + + :param data_f: file object of the data file. + :return: Generator that yields test function argument list. + """ + for line in data_f: + line = line.strip() + # Skip comments + if line.startswith('#'): + continue + + # Check parameters line + match = re.search(r'\A\w+(.*:)?\"', line) + if match: + # Read test vectors + parts = re.split(r'(?[0-9a-fA-F]+)"', test_arg) + if not match: + continue + if not X509Parser.check_hex_string(match.group('data')): + continue + audit_data = self.parse_bytes(bytes.fromhex(match.group('data'))) + if audit_data is None: + continue + audit_data.locations.append("{}:{}:#{}".format(filename, + data_f.line_no, + idx + 1)) + audit_data_list.append(audit_data) + + return audit_data_list + + +def list_all(audit_data: AuditData): + for loc in audit_data.locations: + print("{}\t{:20}\t{:20}\t{:3}\t{}".format( + audit_data.identifier, + audit_data.not_valid_before.isoformat(timespec='seconds'), + audit_data.not_valid_after.isoformat(timespec='seconds'), + audit_data.data_type.name, + loc)) + + +def main(): + """ + Perform argument parsing. + """ + parser = argparse.ArgumentParser(description=__doc__) + + parser.add_argument('-a', '--all', + action='store_true', + help='list the information of all the files') + parser.add_argument('-v', '--verbose', + action='store_true', dest='verbose', + help='show logs') + parser.add_argument('--from', dest='start_date', + help=('Start of desired validity period (UTC, YYYY-MM-DD). ' + 'Default: today'), + metavar='DATE') + parser.add_argument('--to', dest='end_date', + help=('End of desired validity period (UTC, YYYY-MM-DD). ' + 'Default: --from'), + metavar='DATE') + parser.add_argument('--data-files', action='append', nargs='*', + help='data files to audit', + metavar='FILE') + parser.add_argument('--suite-data-files', action='append', nargs='*', + help='suite data files to audit', + metavar='FILE') + + args = parser.parse_args() + + # start main routine + # setup logger + logger = logging.getLogger() + logging_util.configure_logger(logger) + logger.setLevel(logging.DEBUG if args.verbose else logging.ERROR) + + td_auditor = TestDataAuditor(logger) + sd_auditor = SuiteDataAuditor(logger) + + data_files = [] + suite_data_files = [] + if args.data_files is None and args.suite_data_files is None: + data_files = td_auditor.default_files + suite_data_files = sd_auditor.default_files + else: + if args.data_files is not None: + data_files = [x for l in args.data_files for x in l] + if args.suite_data_files is not None: + suite_data_files = [x for l in args.suite_data_files for x in l] + + # validity period start date + if args.start_date: + start_date = datetime.datetime.fromisoformat(args.start_date) + else: + start_date = datetime.datetime.today() + # validity period end date + if args.end_date: + end_date = datetime.datetime.fromisoformat(args.end_date) + else: + end_date = start_date + + # go through all the files + audit_results = {} + td_auditor.walk_all(audit_results, data_files) + sd_auditor.walk_all(audit_results, suite_data_files) + + logger.info("Total: {} objects found!".format(len(audit_results))) + + # we filter out the files whose validity duration covers the provided + # duration. + filter_func = lambda d: (start_date < d.not_valid_before) or \ + (d.not_valid_after < end_date) + + sortby_end = lambda d: d.not_valid_after + + if args.all: + filter_func = None + + # filter and output the results + for d in sorted(filter(filter_func, audit_results.values()), key=sortby_end): + list_all(d) + + logger.debug("Done!") + +check_cryptography_version() +if __name__ == "__main__": + main() diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 32be0eef1..43a91eed2 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -43,7 +43,7 @@ set -eu if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi diff --git a/tests/scripts/check-doxy-blocks.pl b/tests/scripts/check-doxy-blocks.pl index 3ed7069c5..dd955301f 100755 --- a/tests/scripts/check-doxy-blocks.pl +++ b/tests/scripts/check-doxy-blocks.pl @@ -68,7 +68,7 @@ sub check_dir { # Check that the script is being run from the project's root directory. for my $dir (@directories) { if (! -d $dir) { - die "This script must be run from the mbed TLS root directory"; + die "This script must be run from the Mbed TLS root directory"; } else { check_dir($dir) } diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 946794c1d..d03e5cf6d 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -35,7 +35,7 @@ EOF fi if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi @@ -128,13 +128,14 @@ check() check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c -check scripts/generate_driver_wrappers.py library/psa_crypto_driver_wrappers.c +check scripts/generate_driver_wrappers.py library/psa_crypto_driver_wrappers.h library/psa_crypto_driver_wrappers_no_static.c check scripts/generate_features.pl library/version_features.c check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c # generate_visualc_files enumerates source files (library/*.c). It doesn't # care about their content, but the files must exist. So it must run after # the step that creates or updates these files. -check scripts/generate_visualc_files.pl visualc/VS2010 +check scripts/generate_visualc_files.pl visualc/VS2013 check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list) +check tests/scripts/generate_ecp_tests.py $(tests/scripts/generate_ecp_tests.py --list) check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index d20ec2e9e..352b55eaa 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -268,7 +268,7 @@ class UnicodeIssueTracker(LineIssueTracker): heading = "Invalid UTF-8 or forbidden character:" - # Only allow valid UTF-8, and only white-listed characters. + # Only allow valid UTF-8, and only other explicitly allowed characters. # We deliberately exclude all characters that aren't a simple non-blank, # non-zero-width glyph, apart from a very small set (tab, ordinary space, # line breaks, "basic" no-break space and soft hyphen). In particular, @@ -285,6 +285,7 @@ class UnicodeIssueTracker(LineIssueTracker): '\u2070\u2071\u2074-\u208E\u2090-\u209C', # Superscripts and Subscripts '\u2190-\u21FF', # Arrows '\u2200-\u22FF', # Mathematical Symbols + '\u2500-\u257F' # Box Drawings characters used in markdown trees ]) # Allow any of the characters and ranges above, and anything classified # as a word constituent. diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 7398f3c2d..86a7c0903 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -268,13 +268,13 @@ class CodeParser(): "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" ]) - identifiers = self.parse_identifiers([ + identifiers, excluded_identifiers = self.parse_identifiers([ "include/mbedtls/*.h", "include/psa/*.h", "library/*.h", "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" - ]) + ], ["3rdparty/p256-m/p256-m/p256-m.h"]) mbed_psa_words = self.parse_mbed_psa_words([ "include/mbedtls/*.h", "include/psa/*.h", @@ -284,7 +284,7 @@ class CodeParser(): "library/*.c", "3rdparty/everest/library/everest.c", "3rdparty/everest/library/x25519.c" - ], ["library/psa_crypto_driver_wrappers.c"]) + ], ["library/psa_crypto_driver_wrappers.h"]) symbols = self.parse_symbols() # Remove identifier macros like mbedtls_printf or mbedtls_calloc @@ -311,6 +311,7 @@ class CodeParser(): "private_macros": all_macros["private"], "enum_consts": enum_consts, "identifiers": identifiers, + "excluded_identifiers": excluded_identifiers, "symbols": symbols, "mbed_psa_words": mbed_psa_words } @@ -324,12 +325,42 @@ class CodeParser(): return True return False - def get_files(self, include_wildcards, exclude_wildcards): + def get_all_files(self, include_wildcards, exclude_wildcards): """ - Get all files that match any of the UNIX-style wildcards. While the - check_names script is designed only for use on UNIX/macOS (due to nm), - this function alone would work fine on Windows even with forward slashes - in the wildcard. + Get all files that match any of the included UNIX-style wildcards + and filter them into included and excluded lists. + While the check_names script is designed only for use on UNIX/macOS + (due to nm), this function alone will work fine on Windows even with + forward slashes in the wildcard. + + Args: + * include_wildcards: a List of shell-style wildcards to match filepaths. + * exclude_wildcards: a List of shell-style wildcards to exclude. + + Returns: + * inc_files: A List of relative filepaths for included files. + * exc_files: A List of relative filepaths for excluded files. + """ + accumulator = set() + all_wildcards = include_wildcards + (exclude_wildcards or []) + for wildcard in all_wildcards: + accumulator = accumulator.union(glob.iglob(wildcard)) + + inc_files = [] + exc_files = [] + for path in accumulator: + if self.is_file_excluded(path, exclude_wildcards): + exc_files.append(path) + else: + inc_files.append(path) + return (inc_files, exc_files) + + def get_included_files(self, include_wildcards, exclude_wildcards): + """ + Get all files that match any of the included UNIX-style wildcards. + While the check_names script is designed only for use on UNIX/macOS + (due to nm), this function alone will work fine on Windows even with + forward slashes in the wildcard. Args: * include_wildcards: a List of shell-style wildcards to match filepaths. @@ -360,7 +391,7 @@ class CodeParser(): "asm", "inline", "EMIT", "_CRT_SECURE_NO_DEPRECATE", "MULADDC_" ) - files = self.get_files(include, exclude) + files = self.get_included_files(include, exclude) self.log.debug("Looking for macros in {} files".format(len(files))) macros = [] @@ -395,7 +426,7 @@ class CodeParser(): mbed_regex = re.compile(r"\b(MBED.+?|PSA)_[A-Z0-9_]*") exclusions = re.compile(r"// *no-check-names|#error") - files = self.get_files(include, exclude) + files = self.get_included_files(include, exclude) self.log.debug( "Looking for MBED|PSA words in {} files" .format(len(files)) @@ -428,7 +459,7 @@ class CodeParser(): Returns a List of Match objects for the findings. """ - files = self.get_files(include, exclude) + files = self.get_included_files(include, exclude) self.log.debug("Looking for enum consts in {} files".format(len(files))) # Emulate a finite state machine to parse enum declarations. @@ -611,23 +642,34 @@ class CodeParser(): """ Parse all lines of a header where a function/enum/struct/union/typedef identifier is declared, based on some regex and heuristics. Highly - dependent on formatting style. + dependent on formatting style. Identifiers in excluded files are still + parsed Args: * include: A List of glob expressions to look for files through. * exclude: A List of glob expressions for excluding files. - Returns a List of Match objects with identifiers. + Returns: a Tuple of two Lists of Match objects with identifiers. + * included_identifiers: A List of Match objects with identifiers from + included files. + * excluded_identifiers: A List of Match objects with identifiers from + excluded files. """ - files = self.get_files(include, exclude) - self.log.debug("Looking for identifiers in {} files".format(len(files))) + included_files, excluded_files = \ + self.get_all_files(include, exclude) - identifiers = [] - for header_file in files: - self.parse_identifiers_in_file(header_file, identifiers) + self.log.debug("Looking for included identifiers in {} files".format \ + (len(included_files))) - return identifiers + included_identifiers = [] + excluded_identifiers = [] + for header_file in included_files: + self.parse_identifiers_in_file(header_file, included_identifiers) + for header_file in excluded_files: + self.parse_identifiers_in_file(header_file, excluded_identifiers) + + return (included_identifiers, excluded_identifiers) def parse_symbols(self): """ @@ -789,10 +831,12 @@ class NameChecker(): Returns the number of problems that need fixing. """ problems = [] + all_identifiers = self.parse_result["identifiers"] + \ + self.parse_result["excluded_identifiers"] for symbol in self.parse_result["symbols"]: found_symbol_declared = False - for identifier_match in self.parse_result["identifiers"]: + for identifier_match in all_identifiers: if symbol == identifier_match.name: found_symbol_declared = True break @@ -897,7 +941,7 @@ def main(): "This script confirms that the naming of all symbols and identifiers " "in Mbed TLS are consistent with the house style and are also " "self-consistent.\n\n" - "Expected to be run from the MbedTLS root directory.") + "Expected to be run from the Mbed TLS root directory.") ) parser.add_argument( "-v", "--verbose", diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index d84ed042c..1395d4d90 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -25,6 +25,7 @@ import argparse import glob import os import re +import subprocess import sys class Results: @@ -111,6 +112,19 @@ state may override this method. self.process_test_case(descriptions, file_name, line_number, description) + def walk_compat_sh(self, file_name): + """Iterate over the test cases compat.sh with a similar format.""" + descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none + compat_cmd = ['sh', file_name, '--list-test-case'] + compat_output = subprocess.check_output(compat_cmd) + # Assume compat.sh is responsible for printing identical format of + # test case description between --list-test-case and its OUTCOME.CSV + description = compat_output.strip().split(b'\n') + # idx indicates the number of test case since there is no line number + # in `compat.sh` for each test case. + for idx, descrip in enumerate(description): + self.process_test_case(descriptions, file_name, idx, descrip) + @staticmethod def collect_test_directories(): """Get the relative path for the TLS and Crypto test directories.""" @@ -136,6 +150,9 @@ state may override this method. for ssl_opt_file_name in glob.glob(os.path.join(directory, 'opt-testcases', '*.sh')): self.walk_ssl_opt_sh(ssl_opt_file_name) + compat_sh = os.path.join(directory, 'compat.sh') + if os.path.exists(compat_sh): + self.walk_compat_sh(compat_sh) class TestDescriptions(TestDescriptionExplorer): """Collect the available test cases.""" diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index d4fe4fdc1..e92564151 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -23,7 +23,7 @@ Test Mbed TLS with a subset of algorithms. This script can be divided into several steps: First, include/mbedtls/mbedtls_config.h or a different config file passed -in the arguments is parsed to extract any configuration options (collect_config_symbols). +in the arguments is parsed to extract any configuration options (using config.py). Then, test domains (groups of jobs, tests) are built based on predefined data collected in the DomainData class. Here, each domain has five major traits: @@ -65,6 +65,11 @@ import shutil import subprocess import sys import traceback +from typing import Union + +# Add the Mbed TLS Python library directory to the module search path +import scripts_path # pylint: disable=unused-import +import config class Colors: # pylint: disable=too-few-public-methods """Minimalistic support for colored output. @@ -74,6 +79,7 @@ that outputting start switches the text color to the desired color and stop switches the text color back to the default.""" red = None green = None + cyan = None bold_red = None bold_green = None def __init__(self, options=None): @@ -89,6 +95,7 @@ stop switches the text color back to the default.""" normal = '\033[0m' self.red = ('\033[31m', normal) self.green = ('\033[32m', normal) + self.cyan = ('\033[36m', normal) self.bold_red = ('\033[1;31m', normal) self.bold_green = ('\033[1;32m', normal) NO_COLORS = Colors(None) @@ -124,34 +131,39 @@ Remove the backup file if it was saved earlier.""" else: shutil.copy(options.config_backup, options.config) -def run_config_py(options, args): - """Run scripts/config.py with the specified arguments.""" - cmd = ['scripts/config.py'] - if options.config != 'include/mbedtls/mbedtls_config.h': - cmd += ['--file', options.config] - cmd += args - log_command(cmd) - subprocess.check_call(cmd) +def option_exists(conf, option): + return option in conf.settings -def set_reference_config(options): +def set_config_option_value(conf, option, colors, value: Union[bool, str]): + """Set/unset a configuration option, optionally specifying a value. +value can be either True/False (set/unset config option), or a string, +which will make a symbol defined with a certain value.""" + if not option_exists(conf, option): + log_line('Symbol {} was not found in {}'.format(option, conf.filename), color=colors.red) + return False + + if value is False: + log_command(['config.py', 'unset', option]) + conf.unset(option) + elif value is True: + log_command(['config.py', 'set', option]) + conf.set(option) + else: + log_command(['config.py', 'set', option, value]) + conf.set(option, value) + return True + +def set_reference_config(conf, options, colors): """Change the library configuration file (mbedtls_config.h) to the reference state. The reference state is the one from which the tested configurations are derived.""" # Turn off options that are not relevant to the tests and slow them down. - run_config_py(options, ['full']) - run_config_py(options, ['unset', 'MBEDTLS_TEST_HOOKS']) + log_command(['config.py', 'full']) + conf.adapt(config.full_adapter) + set_config_option_value(conf, 'MBEDTLS_TEST_HOOKS', colors, False) + set_config_option_value(conf, 'MBEDTLS_PSA_CRYPTO_CONFIG', colors, False) if options.unset_use_psa: - run_config_py(options, ['unset', 'MBEDTLS_USE_PSA_CRYPTO']) - -def collect_config_symbols(options): - """Read the list of settings from mbedtls_config.h. -Return them in a generator.""" - with open(options.config, encoding="utf-8") as config_file: - rx = re.compile(r'\s*(?://\s*)?#define\s+(\w+)\s*(?:$|/[/*])') - for line in config_file: - m = re.match(rx, line) - if m: - yield m.group(1) + set_config_option_value(conf, 'MBEDTLS_USE_PSA_CRYPTO', colors, False) class Job: """A job builds the library in a specific configuration and runs some tests.""" @@ -179,19 +191,16 @@ If what is False, announce that the job has failed.''' elif what is False: log_line(self.name + ' FAILED', color=colors.red) else: - log_line('starting ' + self.name) + log_line('starting ' + self.name, color=colors.cyan) - def configure(self, options): + def configure(self, conf, options, colors): '''Set library configuration options as required for the job.''' - set_reference_config(options) + set_reference_config(conf, options, colors) for key, value in sorted(self.config_settings.items()): - if value is True: - args = ['set', key] - elif value is False: - args = ['unset', key] - else: - args = ['set', key, value] - run_config_py(options, args) + ret = set_config_option_value(conf, key, colors, value) + if ret is False: + return False + return True def test(self, options): '''Run the job's build and test commands. @@ -229,6 +238,8 @@ REVERSE_DEPENDENCIES = { 'MBEDTLS_ECDH_C', 'MBEDTLS_ECJPAKE_C', 'MBEDTLS_ECP_RESTARTABLE', + 'MBEDTLS_PK_PARSE_EC_EXTENDED', + 'MBEDTLS_PK_PARSE_EC_COMPRESSED', 'MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED', 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED', 'MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED', @@ -269,7 +280,7 @@ REVERSE_DEPENDENCIES = { # if a given define is the only one enabled from an exclusive group. EXCLUSIVE_GROUPS = { 'MBEDTLS_SHA512_C': ['-MBEDTLS_SSL_COOKIE_C', - '-MBEDTLS_SSL_PROTO_TLS1_3'], + '-MBEDTLS_SSL_TLS_C'], 'MBEDTLS_ECP_DP_CURVE448_ENABLED': ['-MBEDTLS_ECDSA_C', '-MBEDTLS_ECDSA_DETERMINISTIC', '-MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED', @@ -382,11 +393,11 @@ class DomainData: return [symbol for symbol in self.all_config_symbols if re.match(regexp, symbol)] - def __init__(self, options): + def __init__(self, options, conf): """Gather data about the library and establish a list of domains to test.""" build_command = [options.make_command, 'CFLAGS=-Werror'] build_and_test = [build_command, [options.make_command, 'test']] - self.all_config_symbols = set(collect_config_symbols(options)) + self.all_config_symbols = set(conf.settings.keys()) # Find hash modules by name. hash_symbols = self.config_symbols_matching(r'MBEDTLS_(MD|RIPEMD|SHA)[0-9]+_C\Z') # Find elliptic curve enabling macros by name. @@ -418,12 +429,10 @@ class DomainData: 'hashes': DualDomain(hash_symbols, build_and_test, exclude=r'MBEDTLS_(MD|RIPEMD|SHA1_)' \ '|MBEDTLS_SHA224_' \ - '|MBEDTLS_SHA384_'), - # Key exchange types. Only build the library and the sample - # programs. - 'kex': ExclusiveDomain(key_exchange_symbols, - [build_command + ['lib'], - build_command + ['-C', 'programs']]), + '|MBEDTLS_SHA384_' \ + '|MBEDTLS_SHA3_'), + # Key exchange types. + 'kex': ExclusiveDomain(key_exchange_symbols, build_and_test), 'pkalgs': ComplementaryDomain(['MBEDTLS_ECDSA_C', 'MBEDTLS_ECP_C', 'MBEDTLS_PKCS1_V21', @@ -445,16 +454,19 @@ A name can either be the name of a domain or the name of one specific job.""" else: return [self.jobs[name]] -def run(options, job, colors=NO_COLORS): +def run(options, job, conf, colors=NO_COLORS): """Run the specified job (a Job instance).""" subprocess.check_call([options.make_command, 'clean']) job.announce(colors, None) - job.configure(options) + if not job.configure(conf, options, colors): + job.announce(colors, False) + return False + conf.write() success = job.test(options) job.announce(colors, success) return success -def run_tests(options, domain_data): +def run_tests(options, domain_data, conf): """Run the desired jobs. domain_data should be a DomainData instance that describes the available domains and jobs. @@ -470,7 +482,7 @@ Run the jobs listed in options.tasks.""" backup_config(options) try: for job in jobs: - success = run(options, job, colors=colors) + success = run(options, job, conf, colors=colors) if not success: if options.keep_going: failures.append(job.name) @@ -536,7 +548,9 @@ def main(): default=True) options = parser.parse_args() os.chdir(options.directory) - domain_data = DomainData(options) + conf = config.ConfigFile(options.config) + domain_data = DomainData(options, conf) + if options.tasks is True: options.tasks = sorted(domain_data.domains.keys()) if options.list: @@ -545,7 +559,7 @@ def main(): print(domain_name) sys.exit(0) else: - sys.exit(0 if run_tests(options, domain_data) else 1) + sys.exit(0 if run_tests(options, domain_data, conf) else 1) except Exception: # pylint: disable=broad-except traceback.print_exc() sys.exit(3) diff --git a/tests/scripts/doxygen.sh b/tests/scripts/doxygen.sh index 2c523ba78..cb87829e2 100755 --- a/tests/scripts/doxygen.sh +++ b/tests/scripts/doxygen.sh @@ -17,11 +17,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Abort on errors (and uninitiliased variables) +# Abort on errors (and uninitialised variables) set -eu if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from mbed TLS root" >&2 + echo "Must be run from Mbed TLS root" >&2 exit 1 fi @@ -35,7 +35,7 @@ cat doc.out doc.err | \ grep -v "warning: ignoring unsupported tag" \ > doc.filtered -if egrep "(warning|error):" doc.filtered; then +if grep -E "(warning|error):" doc.filtered; then echo "FAIL" >&2 exit 1; fi diff --git a/tests/scripts/generate-afl-tests.sh b/tests/scripts/generate-afl-tests.sh index a640b566d..a51fbc965 100755 --- a/tests/scripts/generate-afl-tests.sh +++ b/tests/scripts/generate-afl-tests.sh @@ -41,7 +41,7 @@ THIS_DIR=$(basename $PWD) if [ -d ../library -a -d ../include -a -d ../tests -a $THIS_DIR == "tests" ]; then :; else - echo " [!] Must be run from mbed TLS tests directory" >&2 + echo " [!] Must be run from Mbed TLS tests directory" >&2 exit 1 fi diff --git a/tests/scripts/generate_ecp_tests.py b/tests/scripts/generate_ecp_tests.py new file mode 100755 index 000000000..abbfda55f --- /dev/null +++ b/tests/scripts/generate_ecp_tests.py @@ -0,0 +1,34 @@ +#!/usr/bin/env python3 +"""Generate test data for ecp functions. + +The command line usage, class structure and available methods are the same +as in generate_bignum_tests.py. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import sys + +import scripts_path # pylint: disable=unused-import +from mbedtls_dev import test_data_generation +# Import modules containing additional test classes +# Test function classes in these modules will be registered by +# the framework +from mbedtls_dev import ecp # pylint: disable=unused-import + +if __name__ == '__main__': + # Use the section of the docstring relevant to the CLI as description + test_data_generation.main(sys.argv[1:], "\n".join(__doc__.splitlines()[:4])) diff --git a/tests/scripts/generate_pkcs7_tests.py b/tests/scripts/generate_pkcs7_tests.py new file mode 100755 index 000000000..0e7385043 --- /dev/null +++ b/tests/scripts/generate_pkcs7_tests.py @@ -0,0 +1,195 @@ +#!/usr/bin/env python3 +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +""" +Make fuzz like testing for pkcs7 tests +Given a valid DER pkcs7 file add tests to the test_suite_pkcs7.data file + - It is expected that the pkcs7_asn1_fail( data_t *pkcs7_buf ) + function is defined in test_suite_pkcs7.function + - This is not meant to be portable code, if anything it is meant to serve as + documentation for showing how those ugly tests in test_suite_pkcs7.data were created +""" + + +import sys +from os.path import exists + +PKCS7_TEST_FILE = "../suites/test_suite_pkcs7.data" + +class Test: # pylint: disable=too-few-public-methods + """ + A instance of a test in test_suite_pkcs7.data + """ + def __init__(self, name, depends, func_call): + self.name = name + self.depends = depends + self.func_call = func_call + + # pylint: disable=no-self-use + def to_string(self): + return "\n" + self.name + "\n" + self.depends + "\n" + self.func_call + "\n" + +class TestData: + """ + Take in test_suite_pkcs7.data file. + Allow for new tests to be added. + """ + mandatory_dep = "MBEDTLS_MD_CAN_SHA256" + test_name = "PKCS7 Parse Failure Invalid ASN1" + test_function = "pkcs7_asn1_fail:" + def __init__(self, file_name): + self.file_name = file_name + self.last_test_num, self.old_tests = self.read_test_file(file_name) + self.new_tests = [] + + # pylint: disable=no-self-use + def read_test_file(self, file): + """ + Parse the test_suite_pkcs7.data file. + """ + tests = [] + if not exists(file): + print(file + " Does not exist") + sys.exit() + with open(file, "r", encoding='UTF-8') as fp: + data = fp.read() + lines = [line.strip() for line in data.split('\n') if len(line.strip()) > 1] + i = 0 + while i < len(lines): + if "depends" in lines[i+1]: + tests.append(Test(lines[i], lines[i+1], lines[i+2])) + i += 3 + else: + tests.append(Test(lines[i], None, lines[i+1])) + i += 2 + latest_test_num = float(tests[-1].name.split('#')[1]) + return latest_test_num, tests + + def add(self, name, func_call): + self.last_test_num += 1 + self.new_tests.append(Test(self.test_name + ": " + name + " #" + \ + str(self.last_test_num), "depends_on:" + self.mandatory_dep, \ + self.test_function + '"' + func_call + '"')) + + def write_changes(self): + with open(self.file_name, 'a', encoding='UTF-8') as fw: + fw.write("\n") + for t in self.new_tests: + fw.write(t.to_string()) + + +def asn1_mutate(data): + """ + We have been given an asn1 structure representing a pkcs7. + We want to return an array of slightly modified versions of this data + they should be modified in a way which makes the structure invalid + + We know that asn1 structures are: + |---1 byte showing data type---|----byte(s) for length of data---|---data content--| + We know that some data types can contain other data types. + Return a dictionary of reasons and mutated data types. + """ + + # off the bat just add bytes to start and end of the buffer + mutations = [] + reasons = [] + mutations.append(["00"] + data) + reasons.append("Add null byte to start") + mutations.append(data + ["00"]) + reasons.append("Add null byte to end") + # for every asn1 entry we should attempt to: + # - change the data type tag + # - make the length longer than actual + # - make the length shorter than actual + i = 0 + while i < len(data): + tag_i = i + leng_i = tag_i + 1 + data_i = leng_i + 1 + (int(data[leng_i][1], 16) if data[leng_i][0] == '8' else 0) + if data[leng_i][0] == '8': + length = int(''.join(data[leng_i + 1: data_i]), 16) + else: + length = int(data[leng_i], 16) + + tag = data[tag_i] + print("Looking at ans1: offset " + str(i) + " tag = " + tag + \ + ", length = " + str(length)+ ":") + print(''.join(data[data_i:data_i+length])) + # change tag to something else + if tag == "02": + # turn integers into octet strings + new_tag = "04" + else: + # turn everything else into an integer + new_tag = "02" + mutations.append(data[:tag_i] + [new_tag] + data[leng_i:]) + reasons.append("Change tag " + tag + " to " + new_tag) + + # change lengths to too big + # skip any edge cases which would cause carry over + if int(data[data_i - 1], 16) < 255: + new_length = str(hex(int(data[data_i - 1], 16) + 1))[2:] + if len(new_length) == 1: + new_length = "0"+new_length + mutations.append(data[:data_i -1] + [new_length] + data[data_i:]) + reasons.append("Change length from " + str(length) + " to " \ + + str(length + 1)) + # we can add another test here for tags that contain other tags \ + # where they have more data than there containing tags account for + if tag in ["30", "a0", "31"]: + mutations.append(data[:data_i -1] + [new_length] + \ + data[data_i:data_i + length] + ["00"] + \ + data[data_i + length:]) + reasons.append("Change contents of tag " + tag + " to contain \ + one unaccounted extra byte") + # change lengths to too small + if int(data[data_i - 1], 16) > 0: + new_length = str(hex(int(data[data_i - 1], 16) - 1))[2:] + if len(new_length) == 1: + new_length = "0"+new_length + mutations.append(data[:data_i -1] + [new_length] + data[data_i:]) + reasons.append("Change length from " + str(length) + " to " + str(length - 1)) + + # some tag types contain other tag types so we should iterate into the data + if tag in ["30", "a0", "31"]: + i = data_i + else: + i = data_i + length + + return list(zip(reasons, mutations)) + +if __name__ == "__main__": + if len(sys.argv) < 2: + print("USAGE: " + sys.argv[0] + " ") + sys.exit() + + DATA_FILE = sys.argv[1] + TEST_DATA = TestData(PKCS7_TEST_FILE) + with open(DATA_FILE, 'rb') as f: + DATA_STR = f.read().hex() + # make data an array of byte strings eg ['de','ad','be','ef'] + HEX_DATA = list(map(''.join, [[DATA_STR[i], DATA_STR[i+1]] for i in range(0, len(DATA_STR), \ + 2)])) + # returns tuples of test_names and modified data buffers + MUT_ARR = asn1_mutate(HEX_DATA) + + print("made " + str(len(MUT_ARR)) + " new tests") + for new_test in MUT_ARR: + TEST_DATA.add(new_test[0], ''.join(new_test[1])) + + TEST_DATA.write_changes() diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index b27104843..b6f83c111 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -26,108 +26,15 @@ import sys from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional import scripts_path # pylint: disable=unused-import +from mbedtls_dev import crypto_data_tests from mbedtls_dev import crypto_knowledge -from mbedtls_dev import macro_collector +from mbedtls_dev import macro_collector #pylint: disable=unused-import +from mbedtls_dev import psa_information from mbedtls_dev import psa_storage from mbedtls_dev import test_case from mbedtls_dev import test_data_generation -def psa_want_symbol(name: str) -> str: - """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature.""" - if name.startswith('PSA_'): - return name[:4] + 'WANT_' + name[4:] - else: - raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name) - -def finish_family_dependency(dep: str, bits: int) -> str: - """Finish dep if it's a family dependency symbol prefix. - - A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be - qualified by the key size. If dep is such a symbol, finish it by adjusting - the prefix and appending the key size. Other symbols are left unchanged. - """ - return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep) - -def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]: - """Finish any family dependency symbol prefixes. - - Apply `finish_family_dependency` to each element of `dependencies`. - """ - return [finish_family_dependency(dep, bits) for dep in dependencies] - -SYMBOLS_WITHOUT_DEPENDENCY = frozenset([ - 'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies - 'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier - 'PSA_ALG_ANY_HASH', # only in policies - 'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies - 'PSA_ALG_KEY_AGREEMENT', # chaining - 'PSA_ALG_TRUNCATED_MAC', # modifier -]) -def automatic_dependencies(*expressions: str) -> List[str]: - """Infer dependencies of a test case by looking for PSA_xxx symbols. - - The arguments are strings which should be C expressions. Do not use - string literals or comments as this function is not smart enough to - skip them. - """ - used = set() - for expr in expressions: - used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr)) - used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY) - return sorted(psa_want_symbol(name) for name in used) - -# A temporary hack: at the time of writing, not all dependency symbols -# are implemented yet. Skip test cases for which the dependency symbols are -# not available. Once all dependency symbols are available, this hack must -# be removed so that a bug in the dependency symbols properly leads to a test -# failure. -def read_implemented_dependencies(filename: str) -> FrozenSet[str]: - return frozenset(symbol - for line in open(filename) - for symbol in re.findall(r'\bPSA_WANT_\w+\b', line)) -_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name -def hack_dependencies_not_implemented(dependencies: List[str]) -> None: - global _implemented_dependencies #pylint: disable=global-statement,invalid-name - if _implemented_dependencies is None: - _implemented_dependencies = \ - read_implemented_dependencies('include/psa/crypto_config.h') - if not all((dep.lstrip('!') in _implemented_dependencies or 'PSA_WANT' not in dep) - for dep in dependencies): - dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET') - - -class Information: - """Gather information about PSA constructors.""" - - def __init__(self) -> None: - self.constructors = self.read_psa_interface() - - @staticmethod - def remove_unwanted_macros( - constructors: macro_collector.PSAMacroEnumerator - ) -> None: - # Mbed TLS doesn't support finite-field DH yet and will not support - # finite-field DSA. Don't attempt to generate any related test case. - constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR') - constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY') - constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR') - constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY') - - def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator: - """Return the list of known key types, algorithms, etc.""" - constructors = macro_collector.InputsForTest() - header_file_names = ['include/psa/crypto_values.h', - 'include/psa/crypto_extra.h'] - test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] - for header_file_name in header_file_names: - constructors.parse_header(header_file_name) - for test_cases in test_suites: - constructors.parse_test_cases(test_cases) - self.remove_unwanted_macros(constructors) - constructors.gather_arguments() - return constructors - def test_case_for_key_type_not_supported( verb: str, key_type: str, bits: int, @@ -138,7 +45,7 @@ def test_case_for_key_type_not_supported( """Return one test case exercising a key creation method for an unsupported key type or size. """ - hack_dependencies_not_implemented(dependencies) + psa_information.hack_dependencies_not_implemented(dependencies) tc = test_case.TestCase() short_key_type = crypto_knowledge.short_expression(key_type) adverb = 'not' if dependencies else 'never' @@ -151,14 +58,16 @@ def test_case_for_key_type_not_supported( tc.set_arguments([key_type] + list(args)) return tc -class NotSupported: - """Generate test cases for when something is not supported.""" +class KeyTypeNotSupported: + """Generate test cases for when a key type is not supported.""" - def __init__(self, info: Information) -> None: + def __init__(self, info: psa_information.Information) -> None: self.constructors = info.constructors ALWAYS_SUPPORTED = frozenset([ 'PSA_KEY_TYPE_DERIVE', + 'PSA_KEY_TYPE_PASSWORD', + 'PSA_KEY_TYPE_PASSWORD_HASH', 'PSA_KEY_TYPE_RAW_DATA', 'PSA_KEY_TYPE_HMAC' ]) @@ -179,19 +88,22 @@ class NotSupported: # They would be skipped in all configurations, which is noise. return import_dependencies = [('!' if param is None else '') + - psa_want_symbol(kt.name)] + psa_information.psa_want_symbol(kt.name)] if kt.params is not None: import_dependencies += [('!' if param == i else '') + - psa_want_symbol(sym) + psa_information.psa_want_symbol(sym) for i, sym in enumerate(kt.params)] if kt.name.endswith('_PUBLIC_KEY'): generate_dependencies = [] else: - generate_dependencies = import_dependencies + generate_dependencies = \ + psa_information.fix_key_pair_dependencies(import_dependencies, 'GENERATE') + import_dependencies = \ + psa_information.fix_key_pair_dependencies(import_dependencies, 'BASIC') for bits in kt.sizes_to_test(): yield test_case_for_key_type_not_supported( 'import', kt.expression, bits, - finish_family_dependencies(import_dependencies, bits), + psa_information.finish_family_dependencies(import_dependencies, bits), test_case.hex_string(kt.key_material(bits)), param_descr=param_descr, ) @@ -205,7 +117,7 @@ class NotSupported: if not kt.is_public(): yield test_case_for_key_type_not_supported( 'generate', kt.expression, bits, - finish_family_dependencies(generate_dependencies, bits), + psa_information.finish_family_dependencies(generate_dependencies, bits), str(bits), param_descr=param_descr, ) @@ -213,12 +125,16 @@ class NotSupported: ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR', 'PSA_KEY_TYPE_ECC_PUBLIC_KEY') + DH_KEY_TYPES = ('PSA_KEY_TYPE_DH_KEY_PAIR', + 'PSA_KEY_TYPE_DH_PUBLIC_KEY') def test_cases_for_not_supported(self) -> Iterator[test_case.TestCase]: """Generate test cases that exercise the creation of keys of unsupported types.""" for key_type in sorted(self.constructors.key_types): if key_type in self.ECC_KEY_TYPES: continue + if key_type in self.DH_KEY_TYPES: + continue kt = crypto_knowledge.KeyType(key_type) yield from self.test_cases_for_key_type_not_supported(kt) for curve_family in sorted(self.constructors.ecc_curves): @@ -228,6 +144,13 @@ class NotSupported: kt, param_descr='type') yield from self.test_cases_for_key_type_not_supported( kt, 0, param_descr='curve') + for dh_family in sorted(self.constructors.dh_groups): + for constr in self.DH_KEY_TYPES: + kt = crypto_knowledge.KeyType(constr, [dh_family]) + yield from self.test_cases_for_key_type_not_supported( + kt, param_descr='type') + yield from self.test_cases_for_key_type_not_supported( + kt, 0, param_descr='group') def test_case_for_key_generation( key_type: str, bits: int, @@ -237,7 +160,7 @@ def test_case_for_key_generation( ) -> test_case.TestCase: """Return one test case exercising a key generation. """ - hack_dependencies_not_implemented(dependencies) + psa_information.hack_dependencies_not_implemented(dependencies) tc = test_case.TestCase() short_key_type = crypto_knowledge.short_expression(key_type) tc.set_description('PSA {} {}-bit' @@ -251,11 +174,13 @@ def test_case_for_key_generation( class KeyGenerate: """Generate positive and negative (invalid argument) test cases for key generation.""" - def __init__(self, info: Information) -> None: + def __init__(self, info: psa_information.Information) -> None: self.constructors = info.constructors ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR', 'PSA_KEY_TYPE_ECC_PUBLIC_KEY') + DH_KEY_TYPES = ('PSA_KEY_TYPE_DH_KEY_PAIR', + 'PSA_KEY_TYPE_DH_PUBLIC_KEY') @staticmethod def test_cases_for_key_type_key_generation( @@ -268,9 +193,9 @@ class KeyGenerate: """ result = 'PSA_SUCCESS' - import_dependencies = [psa_want_symbol(kt.name)] + import_dependencies = [psa_information.psa_want_symbol(kt.name)] if kt.params is not None: - import_dependencies += [psa_want_symbol(sym) + import_dependencies += [psa_information.psa_want_symbol(sym) for i, sym in enumerate(kt.params)] if kt.name.endswith('_PUBLIC_KEY'): # The library checks whether the key type is a public key generically, @@ -279,13 +204,17 @@ class KeyGenerate: generate_dependencies = [] result = 'PSA_ERROR_INVALID_ARGUMENT' else: - generate_dependencies = import_dependencies - if kt.name == 'PSA_KEY_TYPE_RSA_KEY_PAIR': - generate_dependencies.append("MBEDTLS_GENPRIME") + generate_dependencies = \ + psa_information.fix_key_pair_dependencies(import_dependencies, 'GENERATE') for bits in kt.sizes_to_test(): + if kt.name == 'PSA_KEY_TYPE_RSA_KEY_PAIR': + size_dependency = "PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= " + str(bits) + test_dependencies = generate_dependencies + [size_dependency] + else: + test_dependencies = generate_dependencies yield test_case_for_key_generation( kt.expression, bits, - finish_family_dependencies(generate_dependencies, bits), + psa_information.finish_family_dependencies(test_dependencies, bits), str(bits), result ) @@ -295,12 +224,18 @@ class KeyGenerate: for key_type in sorted(self.constructors.key_types): if key_type in self.ECC_KEY_TYPES: continue + if key_type in self.DH_KEY_TYPES: + continue kt = crypto_knowledge.KeyType(key_type) yield from self.test_cases_for_key_type_key_generation(kt) for curve_family in sorted(self.constructors.ecc_curves): for constr in self.ECC_KEY_TYPES: kt = crypto_knowledge.KeyType(constr, [curve_family]) yield from self.test_cases_for_key_type_key_generation(kt) + for dh_family in sorted(self.constructors.dh_groups): + for constr in self.DH_KEY_TYPES: + kt = crypto_knowledge.KeyType(constr, [dh_family]) + yield from self.test_cases_for_key_type_key_generation(kt) class OpFail: """Generate test cases for operations that must fail.""" @@ -312,7 +247,7 @@ class OpFail: INCOMPATIBLE = 2 PUBLIC = 3 - def __init__(self, info: Information) -> None: + def __init__(self, info: psa_information.Information) -> None: self.constructors = info.constructors key_type_expressions = self.constructors.generate_expressions( sorted(self.constructors.key_types) @@ -349,13 +284,14 @@ class OpFail: pretty_alg, pretty_reason, ' with ' + pretty_type if pretty_type else '')) - dependencies = automatic_dependencies(alg.base_expression, key_type) + dependencies = psa_information.automatic_dependencies(alg.base_expression, key_type) + dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC') for i, dep in enumerate(dependencies): if dep in not_deps: dependencies[i] = '!' + dep tc.set_dependencies(dependencies) tc.set_function(category.name.lower() + '_fail') - arguments = [] + arguments = [] # type: List[str] if kt: key_material = kt.key_material(kt.sizes_to_test()[0]) arguments += [key_type, test_case.hex_string(key_material)] @@ -376,7 +312,7 @@ class OpFail: """Generate failure test cases for keyless operations with the specified algorithm.""" if alg.can_do(category): # Compatible operation, unsupported algorithm - for dep in automatic_dependencies(alg.base_expression): + for dep in psa_information.automatic_dependencies(alg.base_expression): yield self.make_test_case(alg, category, self.Reason.NOT_SUPPORTED, not_deps=frozenset([dep])) @@ -394,7 +330,7 @@ class OpFail: key_is_compatible = kt.can_do(alg) if key_is_compatible and alg.can_do(category): # Compatible key and operation, unsupported algorithm - for dep in automatic_dependencies(alg.base_expression): + for dep in psa_information.automatic_dependencies(alg.base_expression): yield self.make_test_case(alg, category, self.Reason.NOT_SUPPORTED, kt=kt, not_deps=frozenset([dep])) @@ -500,7 +436,7 @@ class StorageTestData(StorageKey): class StorageFormat: """Storage format stability test cases.""" - def __init__(self, info: Information, version: int, forward: bool) -> None: + def __init__(self, info: psa_information.Information, version: int, forward: bool) -> None: """Prepare to generate test cases for storage format stability. * `info`: information about the API. See the `Information` class. @@ -522,7 +458,7 @@ class StorageFormat: key_type: psa_storage.Expr, bits: int, alg: psa_storage.Expr ) -> bool: - """Whether to the given key with the given algorithm. + """Whether to exercise the given key with the given algorithm. Normally only the type and algorithm matter for compatibility, and this is handled in crypto_knowledge.KeyType.can_do(). This function @@ -567,11 +503,13 @@ class StorageFormat: verb = 'save' if self.forward else 'read' tc = test_case.TestCase() tc.set_description(verb + ' ' + key.description) - dependencies = automatic_dependencies( + dependencies = psa_information.automatic_dependencies( key.lifetime.string, key.type.string, key.alg.string, key.alg2.string, ) - dependencies = finish_family_dependencies(dependencies, key.bits) + dependencies = psa_information.finish_family_dependencies(dependencies, key.bits) + dependencies += psa_information.generate_key_dependencies(key.description) + dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC') tc.set_dependencies(dependencies) tc.set_function('key_storage_' + verb) if self.forward: @@ -776,13 +714,13 @@ class StorageFormat: class StorageFormatForward(StorageFormat): """Storage format stability test cases for forward compatibility.""" - def __init__(self, info: Information, version: int) -> None: + def __init__(self, info: psa_information.Information, version: int) -> None: super().__init__(info, version, True) class StorageFormatV0(StorageFormat): """Storage format stability test cases for version 0 compatibility.""" - def __init__(self, info: Information) -> None: + def __init__(self, info: psa_information.Information) -> None: super().__init__(info, 0, False) def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]: @@ -892,6 +830,7 @@ class StorageFormatV0(StorageFormat): yield from super().generate_all_keys() yield from self.all_keys_for_implicit_usage() + class PSATestGenerator(test_data_generation.TestGenerator): """Test generator subclass including PSA targets and info.""" # Note that targets whose names contain 'test_format' have their content @@ -900,21 +839,24 @@ class PSATestGenerator(test_data_generation.TestGenerator): 'test_suite_psa_crypto_generate_key.generated': lambda info: KeyGenerate(info).test_cases_for_key_generation(), 'test_suite_psa_crypto_not_supported.generated': - lambda info: NotSupported(info).test_cases_for_not_supported(), + lambda info: KeyTypeNotSupported(info).test_cases_for_not_supported(), + 'test_suite_psa_crypto_low_hash.generated': + lambda info: crypto_data_tests.HashPSALowLevel(info).all_test_cases(), 'test_suite_psa_crypto_op_fail.generated': lambda info: OpFail(info).all_test_cases(), 'test_suite_psa_crypto_storage_format.current': lambda info: StorageFormatForward(info, 0).all_test_cases(), 'test_suite_psa_crypto_storage_format.v0': lambda info: StorageFormatV0(info).all_test_cases(), - } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]] + } #type: Dict[str, Callable[[psa_information.Information], Iterable[test_case.TestCase]]] def __init__(self, options): super().__init__(options) - self.info = Information() + self.info = psa_information.Information() def generate_target(self, name: str, *target_args) -> None: super().generate_target(name, self.info) + if __name__ == '__main__': test_data_generation.main(sys.argv[1:], __doc__, PSATestGenerator) diff --git a/tests/scripts/generate_test_cert_macros.py b/tests/scripts/generate_test_cert_macros.py new file mode 100755 index 000000000..4494917ef --- /dev/null +++ b/tests/scripts/generate_test_cert_macros.py @@ -0,0 +1,107 @@ +#!/usr/bin/env python3 + +""" +Generate `tests/src/test_certs.h` which includes certficaties/keys/certificate list for testing. +""" + +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import os +import sys +import argparse +import jinja2 + +class MacroDefineAction(argparse.Action): + #pylint: disable=signature-differs, too-few-public-methods + def __call__(self, parser, namespace, values, option_string): + if not hasattr(namespace, 'values'): + setattr(namespace, 'values', []) + macro_name, filename = values + if self.dest in ('string', 'binary') and not os.path.exists(filename): + raise argparse.ArgumentError( + None, '`{}`: Input file does not exist.'.format(filename)) + namespace.values.append((self.dest, macro_name, filename)) + + +def macro_define_type(value): + ret = value.split('=', 1) + if len(ret) != 2: + raise argparse.ArgumentTypeError( + '`{}` is not MACRO=value format'.format(value)) + return ret + + +def build_argparser(parser): + parser.description = __doc__ + parser.add_argument('--string', type=macro_define_type, action=MacroDefineAction, + metavar='MACRO_NAME=path/to/file', help='PEM to C string. ') + parser.add_argument('--binary', type=macro_define_type, action=MacroDefineAction, + metavar='MACRO_NAME=path/to/file', + help='DER to C arrary.') + parser.add_argument('--password', type=macro_define_type, action=MacroDefineAction, + metavar='MACRO_NAME=password', help='Password to C string.') + parser.add_argument('--output', type=str, required=True) + + +def main(): + parser = argparse.ArgumentParser() + build_argparser(parser) + args = parser.parse_args() + return generate(**vars(args)) + +#pylint: disable=dangerous-default-value, unused-argument +def generate(values=[], output=None, **kwargs): + """Generate C header file. + """ + this_dir = os.path.dirname(os.path.abspath(__file__)) + template_loader = jinja2.FileSystemLoader( + searchpath=os.path.join(this_dir, '..', 'data_files')) + template_env = jinja2.Environment( + loader=template_loader, lstrip_blocks=True, trim_blocks=True) + + def read_as_c_array(filename): + with open(filename, 'rb') as f: + data = f.read(12) + while data: + yield ', '.join(['{:#04x}'.format(b) for b in data]) + data = f.read(12) + + def read_lines(filename): + with open(filename) as f: + try: + for line in f: + yield line.strip() + except: + print(filename) + raise + + def put_to_column(value, position=0): + return ' '*position + value + + template_env.filters['read_as_c_array'] = read_as_c_array + template_env.filters['read_lines'] = read_lines + template_env.filters['put_to_column'] = put_to_column + + template = template_env.get_template('test_certs.h.jinja2') + + with open(output, 'w') as f: + f.write(template.render(macros=values)) + + +if __name__ == '__main__': + sys.exit(main()) diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index f19d30b61..76806de95 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -163,7 +163,6 @@ __MBEDTLS_TEST_TEMPLATE__PLATFORM_CODE """ -import io import os import re import sys @@ -171,6 +170,28 @@ import string import argparse +# Types recognized as signed integer arguments in test functions. +SIGNED_INTEGER_TYPES = frozenset([ + 'char', + 'short', + 'short int', + 'int', + 'int8_t', + 'int16_t', + 'int32_t', + 'int64_t', + 'intmax_t', + 'long', + 'long int', + 'long long int', + 'mbedtls_mpi_sint', + 'psa_status_t', +]) +# Types recognized as string arguments in test functions. +STRING_TYPES = frozenset(['char*', 'const char*', 'char const*']) +# Types recognized as hex data arguments in test functions. +DATA_TYPES = frozenset(['data_t*', 'const data_t*', 'data_t const*']) + BEGIN_HEADER_REGEX = r'/\*\s*BEGIN_HEADER\s*\*/' END_HEADER_REGEX = r'/\*\s*END_HEADER\s*\*/' @@ -192,9 +213,6 @@ CONDITION_REGEX = r'({})(?:\s*({})\s*({}))?$'.format(C_IDENTIFIER_REGEX, CONDITION_OPERATOR_REGEX, CONDITION_VALUE_REGEX) TEST_FUNCTION_VALIDATION_REGEX = r'\s*void\s+(?P\w+)\s*\(' -INT_CHECK_REGEX = r'int\s+.*' -CHAR_CHECK_REGEX = r'char\s*\*\s*.*' -DATA_T_CHECK_REGEX = r'data_t\s*\*\s*.*' FUNCTION_ARG_LIST_END_REGEX = r'.*\)' EXIT_LABEL_REGEX = r'^exit:' @@ -208,43 +226,57 @@ class GeneratorInputError(Exception): pass -class FileWrapper(io.FileIO): +class FileWrapper: """ - This class extends built-in io.FileIO class with attribute line_no, + This class extends the file object with attribute line_no, that indicates line number for the line that is read. """ - def __init__(self, file_name): + def __init__(self, file_name) -> None: """ - Instantiate the base class and initialize the line number to 0. + Instantiate the file object and initialize the line number to 0. :param file_name: File path to open. """ - super().__init__(file_name, 'r') + # private mix-in file object + self._f = open(file_name, 'rb') self._line_no = 0 + def __iter__(self): + return self + def __next__(self): """ - This method overrides base class's __next__ method and extends it - method to count the line numbers as each line is read. + This method makes FileWrapper iterable. + It counts the line numbers as each line is read. :return: Line read from file. """ - line = super().__next__() - if line is not None: - self._line_no += 1 - # Convert byte array to string with correct encoding and - # strip any whitespaces added in the decoding process. - return line.decode(sys.getdefaultencoding()).rstrip() + '\n' - return None + line = self._f.__next__() + self._line_no += 1 + # Convert byte array to string with correct encoding and + # strip any whitespaces added in the decoding process. + return line.decode(sys.getdefaultencoding()).rstrip()+ '\n' - def get_line_no(self): + def __enter__(self): + return self + + def __exit__(self, exc_type, exc_val, exc_tb): + self._f.__exit__(exc_type, exc_val, exc_tb) + + @property + def line_no(self): """ - Gives current line number. + Property that indicates line number for the line that is read. """ return self._line_no - line_no = property(get_line_no) + @property + def name(self): + """ + Property that indicates name of the file that is read. + """ + return self._f.name def split_dep(dep): @@ -303,7 +335,7 @@ def gen_function_wrapper(name, local_vars, args_dispatch): :param name: Test function name :param local_vars: Local variables declaration code :param args_dispatch: List of dispatch arguments. - Ex: ['(char *)params[0]', '*((int *)params[1])'] + Ex: ['(char *) params[0]', '*((int *) params[1])'] :return: Test function wrapper. """ # Then create the wrapper @@ -444,6 +476,49 @@ def parse_function_dependencies(line): return dependencies +ARGUMENT_DECLARATION_REGEX = re.compile(r'(.+?) ?(?:\bconst\b)? ?(\w+)\Z', re.S) +def parse_function_argument(arg, arg_idx, args, local_vars, args_dispatch): + """ + Parses one test function's argument declaration. + + :param arg: argument declaration. + :param arg_idx: current wrapper argument index. + :param args: accumulator of arguments' internal types. + :param local_vars: accumulator of internal variable declarations. + :param args_dispatch: accumulator of argument usage expressions. + :return: the number of new wrapper arguments, + or None if the argument declaration is invalid. + """ + # Normalize whitespace + arg = arg.strip() + arg = re.sub(r'\s*\*\s*', r'*', arg) + arg = re.sub(r'\s+', r' ', arg) + # Extract name and type + m = ARGUMENT_DECLARATION_REGEX.search(arg) + if not m: + # E.g. "int x[42]" + return None + typ, _ = m.groups() + if typ in SIGNED_INTEGER_TYPES: + args.append('int') + args_dispatch.append('((mbedtls_test_argument_t *) params[%d])->sint' % arg_idx) + return 1 + if typ in STRING_TYPES: + args.append('char*') + args_dispatch.append('(char *) params[%d]' % arg_idx) + return 1 + if typ in DATA_TYPES: + args.append('hex') + # create a structure + pointer_initializer = '(uint8_t *) params[%d]' % arg_idx + len_initializer = '((mbedtls_test_argument_t *) params[%d])->len' % (arg_idx+1) + local_vars.append(' data_t data%d = {%s, %s};\n' % + (arg_idx, pointer_initializer, len_initializer)) + args_dispatch.append('&data%d' % arg_idx) + return 2 + return None + +ARGUMENT_LIST_REGEX = re.compile(r'\((.*?)\)', re.S) def parse_function_arguments(line): """ Parses test function signature for validation and generates @@ -455,42 +530,27 @@ def parse_function_arguments(line): :return: argument list, local variables for wrapper function and argument dispatch code. """ - args = [] - local_vars = '' - args_dispatch = [] - arg_idx = 0 - # Remove characters before arguments - line = line[line.find('(') + 1:] # Process arguments, ex: arg1, arg2 ) # This script assumes that the argument list is terminated by ')' # i.e. the test functions will not have a function pointer # argument. - for arg in line[:line.find(')')].split(','): - arg = arg.strip() - if arg == '': - continue - if re.search(INT_CHECK_REGEX, arg.strip()): - args.append('int') - args_dispatch.append('*( (int *) params[%d] )' % arg_idx) - elif re.search(CHAR_CHECK_REGEX, arg.strip()): - args.append('char*') - args_dispatch.append('(char *) params[%d]' % arg_idx) - elif re.search(DATA_T_CHECK_REGEX, arg.strip()): - args.append('hex') - # create a structure - pointer_initializer = '(uint8_t *) params[%d]' % arg_idx - len_initializer = '*( (uint32_t *) params[%d] )' % (arg_idx+1) - local_vars += """ data_t data%d = {%s, %s}; -""" % (arg_idx, pointer_initializer, len_initializer) - - args_dispatch.append('&data%d' % arg_idx) - arg_idx += 1 - else: + m = ARGUMENT_LIST_REGEX.search(line) + arg_list = m.group(1).strip() + if arg_list in ['', 'void']: + return [], '', [] + args = [] + local_vars = [] + args_dispatch = [] + arg_idx = 0 + for arg in arg_list.split(','): + indexes = parse_function_argument(arg, arg_idx, + args, local_vars, args_dispatch) + if indexes is None: raise ValueError("Test function arguments can only be 'int', " "'char *' or 'data_t'\n%s" % line) - arg_idx += 1 + arg_idx += indexes - return args, local_vars, args_dispatch + return args, ''.join(local_vars), args_dispatch def generate_function_code(name, code, local_vars, args_dispatch, @@ -607,6 +667,11 @@ def parse_function_code(funcs_f, dependencies, suite_dependencies): code = code.replace(name, 'test_' + name, 1) name = 'test_' + name + # If a test function has no arguments then add 'void' argument to + # avoid "-Wstrict-prototypes" warnings from clang + if len(args) == 0: + code = code.replace('()', '(void)', 1) + for line in funcs_f: if re.search(END_CASE_REGEX, line): break @@ -705,7 +770,7 @@ def parse_test_data(data_f): execution. :param data_f: file object of the data file. - :return: Generator that yields test name, function name, + :return: Generator that yields line number, test name, function name, dependency list and function argument list. """ __state_read_name = 0 @@ -748,7 +813,7 @@ def parse_test_data(data_f): parts = escaped_split(line, ':') test_function = parts[0] args = parts[1:] - yield name, test_function, dependencies, args + yield data_f.line_no, name, test_function, dependencies, args dependencies = [] state = __state_read_name if state == __state_read_args: @@ -846,6 +911,14 @@ def write_dependencies(out_data_f, test_dependencies, unique_dependencies): return dep_check_code +INT_VAL_REGEX = re.compile(r'-?(\d+|0x[0-9a-f]+)$', re.I) +def val_is_int(val: str) -> bool: + """Whether val is suitable as an 'int' parameter in the .datax file.""" + if not INT_VAL_REGEX.match(val): + return False + # Limit the range to what is guaranteed to get through strtol() + return abs(int(val, 0)) <= 0x7fffffff + def write_parameters(out_data_f, test_args, func_args, unique_expressions): """ Writes test parameters to the intermediate data file, replacing @@ -864,9 +937,9 @@ def write_parameters(out_data_f, test_args, func_args, unique_expressions): typ = func_args[i] val = test_args[i] - # check if val is a non literal int val (i.e. an expression) - if typ == 'int' and not re.match(r'(\d+|0x[0-9a-f]+)$', - val, re.I): + # Pass small integer constants literally. This reduces the size of + # the C code. Register anything else as an expression. + if typ == 'int' and not val_is_int(val): typ = 'exp' if val not in unique_expressions: unique_expressions.append(val) @@ -909,6 +982,24 @@ def gen_suite_dep_checks(suite_dependencies, dep_check_code, expression_code): return dep_check_code, expression_code +def get_function_info(func_info, function_name, line_no): + """Look up information about a test function by name. + + Raise an informative expression if function_name is not found. + + :param func_info: dictionary mapping function names to their information. + :param function_name: the function name as written in the .function and + .data files. + :param line_no: line number for error messages. + :return Function information (id, args). + """ + test_function_name = 'test_' + function_name + if test_function_name not in func_info: + raise GeneratorInputError("%d: Function %s not found!" % + (line_no, test_function_name)) + return func_info[test_function_name] + + def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies): """ This function reads test case name, dependencies and test vectors @@ -931,7 +1022,7 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies): unique_expressions = [] dep_check_code = '' expression_code = '' - for test_name, function_name, test_dependencies, test_args in \ + for line_no, test_name, function_name, test_dependencies, test_args in \ parse_test_data(data_f): out_data_f.write(test_name + '\n') @@ -940,18 +1031,15 @@ def gen_from_test_data(data_f, out_data_f, func_info, suite_dependencies): unique_dependencies) # Write test function name - test_function_name = 'test_' + function_name - if test_function_name not in func_info: - raise GeneratorInputError("Function %s not found!" % - test_function_name) - func_id, func_args = func_info[test_function_name] + func_id, func_args = \ + get_function_info(func_info, function_name, line_no) out_data_f.write(str(func_id)) # Write parameters if len(test_args) != len(func_args): - raise GeneratorInputError("Invalid number of arguments in test " + raise GeneratorInputError("%d: Invalid number of arguments in test " "%s. See function %s signature." % - (test_name, function_name)) + (line_no, test_name, function_name)) expression_code += write_parameters(out_data_f, test_args, func_args, unique_expressions) diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py index 1d665e046..05d80a532 100755 --- a/tests/scripts/generate_tls13_compat_tests.py +++ b/tests/scripts/generate_tls13_compat_tests.py @@ -67,9 +67,10 @@ NAMED_GROUP_IANA_VALUE = { 'secp521r1': 0x19, 'x25519': 0x1d, 'x448': 0x1e, + # Only one finite field group to keep testing time within reasonable bounds. + 'ffdhe2048': 0x100, } - class TLSProgram: """ Base class for generate server/client command. @@ -146,6 +147,7 @@ class OpenSSLBase(TLSProgram): 'secp521r1': 'P-521', 'x25519': 'X25519', 'x448': 'X448', + 'ffdhe2048': 'ffdhe2048', } def cmd(self): @@ -173,7 +175,15 @@ class OpenSSLBase(TLSProgram): return ret def pre_checks(self): - return ["requires_openssl_tls1_3"] + ret = ["requires_openssl_tls1_3"] + + # ffdh groups require at least openssl 3.0 + ffdh_groups = ['ffdhe2048'] + + if any(x in ffdh_groups for x in self._named_groups): + ret = ["requires_openssl_tls1_3_with_ffdh"] + + return ret class OpenSSLServ(OpenSSLBase): @@ -245,6 +255,7 @@ class GnuTLSBase(TLSProgram): 'secp521r1': ['GROUP-SECP521R1'], 'x25519': ['GROUP-X25519'], 'x448': ['GROUP-X448'], + 'ffdhe2048': ['GROUP-FFDHE2048'], } def pre_checks(self): @@ -351,8 +362,7 @@ class MbedTLSBase(TLSProgram): if self._named_groups: named_groups = ','.join(self._named_groups) - ret += ["curves={named_groups}".format(named_groups=named_groups)] - ret += ['force_version=tls13'] + ret += ["groups={named_groups}".format(named_groups=named_groups)] return ret def pre_checks(self): @@ -365,6 +375,16 @@ class MbedTLSBase(TLSProgram): if 'rsa_pss_rsae_sha256' in self._sig_algs + self._cert_sig_algs: ret.append( 'requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT') + + ec_groups = ['secp256r1', 'secp384r1', 'secp521r1', 'x25519', 'x448'] + ffdh_groups = ['ffdhe2048'] + + if any(x in ec_groups for x in self._named_groups): + ret.append('requires_config_enabled PSA_WANT_ALG_ECDH') + + if any(x in ffdh_groups for x in self._named_groups): + ret.append('requires_config_enabled PSA_WANT_ALG_FFDH') + return ret diff --git a/tests/scripts/list_internal_identifiers.py b/tests/scripts/list_internal_identifiers.py index 779a16ffb..6b41607e3 100755 --- a/tests/scripts/list_internal_identifiers.py +++ b/tests/scripts/list_internal_identifiers.py @@ -46,7 +46,7 @@ def main(): result = name_check.parse_identifiers([ "include/mbedtls/*_internal.h", "library/*.h" - ]) + ])[0] result.sort(key=lambda x: x.name) identifiers = ["{}\n".format(match.name) for match in result] diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py index b086793c4..f685bab8e 100755 --- a/tests/scripts/psa_collect_statuses.py +++ b/tests/scripts/psa_collect_statuses.py @@ -1,13 +1,13 @@ #!/usr/bin/env python3 """Describe the test coverage of PSA functions in terms of return statuses. -1. Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG +1. Build Mbed TLS with -DRECORD_PSA_STATUS_COVERAGE_LOG 2. Run psa_collect_statuses.py The output is a series of line of the form "psa_foo PSA_ERROR_XXX". Each function/status combination appears only once. -This script must be run from the top of an Mbed Crypto source tree. +This script must be run from the top of an Mbed TLS source tree. The build command is "make -DRECORD_PSA_STATUS_COVERAGE_LOG", which is only supported with make (as opposed to CMake or other build methods). """ @@ -46,7 +46,7 @@ class Statuses: def collect_log(self, log_file_name): """Read logs from RECORD_PSA_STATUS_COVERAGE_LOG. - Read logs produced by running Mbed Crypto test suites built with + Read logs produced by running Mbed TLS test suites built with -DRECORD_PSA_STATUS_COVERAGE_LOG. """ with open(log_file_name) as log: @@ -82,7 +82,7 @@ class Statuses: def collect_status_logs(options): """Build and run unit tests and report observed function return statuses. - Build Mbed Crypto with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the + Build Mbed TLS with -DRECORD_PSA_STATUS_COVERAGE_LOG, run the test suites and display information about observed return statuses. """ rebuilt = False diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py index d23d74219..b32d18423 100755 --- a/tests/scripts/test_generate_test_code.py +++ b/tests/scripts/test_generate_test_code.py @@ -485,9 +485,10 @@ class ParseFuncSignature(TestCase): args, local, arg_dispatch = parse_function_arguments(line) self.assertEqual(args, ['char*', 'int', 'int']) self.assertEqual(local, '') - self.assertEqual(arg_dispatch, ['(char *) params[0]', - '*( (int *) params[1] )', - '*( (int *) params[2] )']) + self.assertEqual(arg_dispatch, + ['(char *) params[0]', + '((mbedtls_test_argument_t *) params[1])->sint', + '((mbedtls_test_argument_t *) params[2])->sint']) def test_hex_params(self): """ @@ -499,22 +500,22 @@ class ParseFuncSignature(TestCase): self.assertEqual(args, ['char*', 'hex', 'int']) self.assertEqual(local, ' data_t data1 = {(uint8_t *) params[1], ' - '*( (uint32_t *) params[2] )};\n') + '((mbedtls_test_argument_t *) params[2])->len};\n') self.assertEqual(arg_dispatch, ['(char *) params[0]', '&data1', - '*( (int *) params[3] )']) + '((mbedtls_test_argument_t *) params[3])->sint']) def test_unsupported_arg(self): """ - Test unsupported arguments (not among int, char * and data_t) + Test unsupported argument type :return: """ - line = 'void entropy_threshold( char * a, data_t * h, char result )' + line = 'void entropy_threshold( char * a, data_t * h, unknown_t result )' self.assertRaises(ValueError, parse_function_arguments, line) - def test_no_params(self): + def test_empty_params(self): """ - Test no parameters. + Test no parameters (nothing between parentheses). :return: """ line = 'void entropy_threshold()' @@ -523,6 +524,39 @@ class ParseFuncSignature(TestCase): self.assertEqual(local, '') self.assertEqual(arg_dispatch, []) + def test_blank_params(self): + """ + Test no parameters (space between parentheses). + :return: + """ + line = 'void entropy_threshold( )' + args, local, arg_dispatch = parse_function_arguments(line) + self.assertEqual(args, []) + self.assertEqual(local, '') + self.assertEqual(arg_dispatch, []) + + def test_void_params(self): + """ + Test no parameters (void keyword). + :return: + """ + line = 'void entropy_threshold(void)' + args, local, arg_dispatch = parse_function_arguments(line) + self.assertEqual(args, []) + self.assertEqual(local, '') + self.assertEqual(arg_dispatch, []) + + def test_void_space_params(self): + """ + Test no parameters (void with spaces). + :return: + """ + line = 'void entropy_threshold( void )' + args, local, arg_dispatch = parse_function_arguments(line) + self.assertEqual(args, []) + self.assertEqual(local, '') + self.assertEqual(arg_dispatch, []) + class ParseFunctionCode(TestCase): """ @@ -613,7 +647,7 @@ void func() self.assertEqual(arg, []) expected = '''#line 1 "test_suite_ut.function" -void test_func() +void test_func(void) { ba ba black sheep have you any wool @@ -656,7 +690,7 @@ exit: expected = '''#line 1 "test_suite_ut.function" -void test_func() +void test_func(void) { ba ba black sheep have you any wool @@ -716,7 +750,7 @@ exit: void -test_func() +test_func(void) { ba ba black sheep have you any wool @@ -769,7 +803,7 @@ exit: -void test_func() +void test_func(void) { ba ba black sheep have you any wool @@ -1105,7 +1139,7 @@ void func2() #if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_FS_IO) #line 13 "test_suite_ut.function" -void test_func1() +void test_func1(void) { exit: ; @@ -1122,7 +1156,7 @@ void test_func1_wrapper( void ** params ) #if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_FS_IO) #line 19 "test_suite_ut.function" -void test_func2() +void test_func2(void) { exit: ; @@ -1264,29 +1298,33 @@ dhm_selftest: # List of (name, function_name, dependencies, args) tests = list(parse_test_data(stream)) test1, test2, test3, test4 = tests - self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1') - self.assertEqual(test1[1], 'dhm_do_dhm') - self.assertEqual(test1[2], []) - self.assertEqual(test1[3], ['10', '"23"', '10', '"5"']) + self.assertEqual(test1[0], 3) + self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1') + self.assertEqual(test1[2], 'dhm_do_dhm') + self.assertEqual(test1[3], []) + self.assertEqual(test1[4], ['10', '"23"', '10', '"5"']) - self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2') - self.assertEqual(test2[1], 'dhm_do_dhm') - self.assertEqual(test2[2], []) - self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"', + self.assertEqual(test2[0], 6) + self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2') + self.assertEqual(test2[2], 'dhm_do_dhm') + self.assertEqual(test2[3], []) + self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"', '10', '"9345098304850938450983409622"']) - self.assertEqual(test3[0], 'Diffie-Hellman full exchange #3') - self.assertEqual(test3[1], 'dhm_do_dhm') - self.assertEqual(test3[2], []) - self.assertEqual(test3[3], ['10', + self.assertEqual(test3[0], 9) + self.assertEqual(test3[1], 'Diffie-Hellman full exchange #3') + self.assertEqual(test3[2], 'dhm_do_dhm') + self.assertEqual(test3[3], []) + self.assertEqual(test3[4], ['10', '"9345098382739712938719287391879381271"', '10', '"9345098792137312973297123912791271"']) - self.assertEqual(test4[0], 'Diffie-Hellman selftest') - self.assertEqual(test4[1], 'dhm_selftest') - self.assertEqual(test4[2], []) + self.assertEqual(test4[0], 12) + self.assertEqual(test4[1], 'Diffie-Hellman selftest') + self.assertEqual(test4[2], 'dhm_selftest') self.assertEqual(test4[3], []) + self.assertEqual(test4[4], []) def test_with_dependencies(self): """ @@ -1306,15 +1344,17 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622" # List of (name, function_name, dependencies, args) tests = list(parse_test_data(stream)) test1, test2 = tests - self.assertEqual(test1[0], 'Diffie-Hellman full exchange #1') - self.assertEqual(test1[1], 'dhm_do_dhm') - self.assertEqual(test1[2], ['YAHOO']) - self.assertEqual(test1[3], ['10', '"23"', '10', '"5"']) + self.assertEqual(test1[0], 4) + self.assertEqual(test1[1], 'Diffie-Hellman full exchange #1') + self.assertEqual(test1[2], 'dhm_do_dhm') + self.assertEqual(test1[3], ['YAHOO']) + self.assertEqual(test1[4], ['10', '"23"', '10', '"5"']) - self.assertEqual(test2[0], 'Diffie-Hellman full exchange #2') - self.assertEqual(test2[1], 'dhm_do_dhm') - self.assertEqual(test2[2], []) - self.assertEqual(test2[3], ['10', '"93450983094850938450983409623"', + self.assertEqual(test2[0], 7) + self.assertEqual(test2[1], 'Diffie-Hellman full exchange #2') + self.assertEqual(test2[2], 'dhm_do_dhm') + self.assertEqual(test2[3], []) + self.assertEqual(test2[4], ['10', '"93450983094850938450983409623"', '10', '"9345098304850938450983409622"']) def test_no_args(self): @@ -1335,7 +1375,7 @@ dhm_do_dhm:10:"93450983094850938450983409623":10:"9345098304850938450983409622" stream = StringIOWrapper('test_suite_ut.function', data) err = None try: - for _, _, _, _ in parse_test_data(stream): + for _, _, _, _, _ in parse_test_data(stream): pass except GeneratorInputError as err: self.assertEqual(type(err), GeneratorInputError) @@ -1353,7 +1393,7 @@ depends_on:YAHOO stream = StringIOWrapper('test_suite_ut.function', data) err = None try: - for _, _, _, _ in parse_test_data(stream): + for _, _, _, _, _ in parse_test_data(stream): pass except GeneratorInputError as err: self.assertEqual(type(err), GeneratorInputError) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 92db4171a..9cd220f85 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -1,10 +1,10 @@ #!/usr/bin/env python3 """Run the PSA Crypto API compliance test suite. Clone the repo and check out the commit specified by PSA_ARCH_TEST_REPO and PSA_ARCH_TEST_REF, -then compile and run the test suite. The clone is stored at /psa-arch-tests. -Known defects in either the test suite or mbedtls - identified by their test number - are ignored, -while unexpected failures AND successes are reported as errors, -to help keep the list of known defects as up to date as possible. +then compile and run the test suite. The clone is stored at /psa-arch-tests. +Known defects in either the test suite or mbedtls / TF-PSA-Crypto - identified by their test +number - are ignored, while unexpected failures AND successes are reported as errors, to help +keep the list of known defects as up to date as possible. """ # Copyright The Mbed TLS Contributors @@ -22,13 +22,20 @@ to help keep the list of known defects as up to date as possible. # See the License for the specific language governing permissions and # limitations under the License. +import argparse import os import re import shutil import subprocess import sys +from typing import List -# PSA Compliance tests we expect to fail due to known defects in Mbed TLS (or the test suite) +#pylint: disable=unused-import +import scripts_path +from mbedtls_dev import build_tree + +# PSA Compliance tests we expect to fail due to known defects in Mbed TLS / +# TF-PSA-Crypto (or the test suite). # The test numbers correspond to the numbers used by the console output of the test suite. # Test number 2xx corresponds to the files in the folder # psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx @@ -39,7 +46,7 @@ EXPECTED_FAILURES = { } # We currently use a fork of ARM-software/psa-arch-tests, with a couple of downstream patches -# that allow it to build with MbedTLS 3, and fixes a couple of issues in the compliance test suite. +# that allow it to build with Mbed TLS 3, and fixes a couple of issues in the compliance test suite. # These fixes allow the tests numbered 216, 248 and 249 to complete successfully. # # Once all the fixes are upstreamed, this fork should be replaced with an upstream commit/tag. @@ -49,12 +56,32 @@ EXPECTED_FAILURES = { PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git' PSA_ARCH_TESTS_REF = 'fix-pr-5736' -#pylint: disable=too-many-branches,too-many-statements -def main(): - mbedtls_dir = os.getcwd() +#pylint: disable=too-many-branches,too-many-statements,too-many-locals +def main(library_build_dir: str): + root_dir = os.getcwd() - if not os.path.exists('library/libmbedcrypto.a'): - subprocess.check_call(['make', '-C', 'library', 'libmbedcrypto.a']) + in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) + + if in_tf_psa_crypto_repo: + crypto_name = 'tfpsacrypto' + library_subdir = 'core' + else: + crypto_name = 'mbedcrypto' + library_subdir = 'library' + + crypto_lib_filename = (library_build_dir + '/' + + library_subdir + '/' + + 'lib' + crypto_name + '.a') + + if not os.path.exists(crypto_lib_filename): + #pylint: disable=bad-continuation + subprocess.check_call([ + 'cmake', '.', + '-GUnix Makefiles', + '-B' + library_build_dir + ]) + subprocess.check_call(['cmake', '--build', library_build_dir, + '--target', crypto_name]) psa_arch_tests_dir = 'psa-arch-tests' os.makedirs(psa_arch_tests_dir, exist_ok=True) @@ -74,6 +101,9 @@ def main(): os.mkdir(build_dir) os.chdir(build_dir) + extra_includes = (';{}/drivers/builtin/include'.format(root_dir) + if in_tf_psa_crypto_repo else '') + #pylint: disable=bad-continuation subprocess.check_call([ 'cmake', '..', @@ -81,8 +111,9 @@ def main(): '-DTARGET=tgt_dev_apis_stdc', '-DTOOLCHAIN=HOST_GCC', '-DSUITE=CRYPTO', - '-DPSA_CRYPTO_LIB_FILENAME={}/library/libmbedcrypto.a'.format(mbedtls_dir), - '-DPSA_INCLUDE_PATHS={}/include'.format(mbedtls_dir) + '-DPSA_CRYPTO_LIB_FILENAME={}/{}'.format(root_dir, + crypto_lib_filename), + ('-DPSA_INCLUDE_PATHS={}/include' + extra_includes).format(root_dir) ]) subprocess.check_call(['cmake', '--build', '.']) @@ -95,8 +126,11 @@ def main(): ) test = -1 unexpected_successes = set(EXPECTED_FAILURES) - expected_failures = [] - unexpected_failures = [] + expected_failures = [] # type: List[int] + unexpected_failures = [] # type: List[int] + if proc.stdout is None: + return 1 + for line in proc.stdout: print(line, end='') match = test_re.match(line) @@ -136,7 +170,18 @@ def main(): print('SUCCESS') return 0 finally: - os.chdir(mbedtls_dir) + os.chdir(root_dir) if __name__ == '__main__': - sys.exit(main()) + BUILD_DIR = 'out_of_source_build' + + # pylint: disable=invalid-name + parser = argparse.ArgumentParser() + parser.add_argument('--build-dir', nargs=1, + help='path to Mbed TLS / TF-PSA-Crypto build directory') + args = parser.parse_args() + + if args.build_dir is not None: + BUILD_DIR = args.build_dir[0] + + sys.exit(main(BUILD_DIR)) diff --git a/tests/scripts/translate_ciphers.py b/tests/scripts/translate_ciphers.py index d5f847fd5..a8db4bb35 100755 --- a/tests/scripts/translate_ciphers.py +++ b/tests/scripts/translate_ciphers.py @@ -18,8 +18,7 @@ # limitations under the License. """ -Translate ciphersuite names in Mbed TLS format to OpenSSL and GNUTLS -standards. +Translate standard ciphersuite names to GnuTLS, OpenSSL and Mbed TLS standards. To test the translation functions run: python3 -m unittest translate_cipher.py @@ -36,124 +35,158 @@ class TestTranslateCiphers(unittest.TestCase): """ def test_translate_all_cipher_names(self): """ - Translate MbedTLS ciphersuite names to their OpenSSL and - GnuTLS counterpart. Use only a small subset of ciphers - that exercise each step of the translate functions + Translate standard ciphersuite names to GnuTLS, OpenSSL and + Mbed TLS counterpart. Use only a small subset of ciphers + that exercise each step of the translation functions """ ciphers = [ - ("TLS-ECDHE-ECDSA-WITH-NULL-SHA", + ("TLS_ECDHE_ECDSA_WITH_NULL_SHA", "+ECDHE-ECDSA:+NULL:+SHA1", - "ECDHE-ECDSA-NULL-SHA"), - ("TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", + "ECDHE-ECDSA-NULL-SHA", + "TLS-ECDHE-ECDSA-WITH-NULL-SHA"), + ("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "+ECDHE-ECDSA:+AES-128-GCM:+AEAD", - "ECDHE-ECDSA-AES128-GCM-SHA256"), - ("TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", + "ECDHE-ECDSA-AES128-GCM-SHA256", + "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256"), + ("TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "+DHE-RSA:+3DES-CBC:+SHA1", - "EDH-RSA-DES-CBC3-SHA"), - ("TLS-RSA-WITH-AES-256-CBC-SHA", + "EDH-RSA-DES-CBC3-SHA", + "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA"), + ("TLS_RSA_WITH_AES_256_CBC_SHA", "+RSA:+AES-256-CBC:+SHA1", - "AES256-SHA"), - ("TLS-PSK-WITH-3DES-EDE-CBC-SHA", + "AES256-SHA", + "TLS-RSA-WITH-AES-256-CBC-SHA"), + ("TLS_PSK_WITH_3DES_EDE_CBC_SHA", "+PSK:+3DES-CBC:+SHA1", - "PSK-3DES-EDE-CBC-SHA"), - ("TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", + "PSK-3DES-EDE-CBC-SHA", + "TLS-PSK-WITH-3DES-EDE-CBC-SHA"), + ("TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", None, - "ECDHE-ECDSA-CHACHA20-POLY1305"), - ("TLS-ECDHE-ECDSA-WITH-AES-128-CCM", + "ECDHE-ECDSA-CHACHA20-POLY1305", + "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256"), + ("TLS_ECDHE_ECDSA_WITH_AES_128_CCM", "+ECDHE-ECDSA:+AES-128-CCM:+AEAD", - None), - ("TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", None, - "ECDHE-ARIA256-GCM-SHA384"), + "TLS-ECDHE-ECDSA-WITH-AES-128-CCM"), + ("TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", + None, + "ECDHE-ARIA256-GCM-SHA384", + "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384"), ] - for m, g_exp, o_exp in ciphers: + for s, g_exp, o_exp, m_exp in ciphers: if g_exp is not None: - g = translate_gnutls(m) + g = translate_gnutls(s) self.assertEqual(g, g_exp) if o_exp is not None: - o = translate_ossl(m) + o = translate_ossl(s) self.assertEqual(o, o_exp) -def translate_gnutls(m_cipher): + if m_exp is not None: + m = translate_mbedtls(s) + self.assertEqual(m, m_exp) + +def translate_gnutls(s_cipher): """ - Translate m_cipher from Mbed TLS ciphersuite naming convention + Translate s_cipher from standard ciphersuite naming convention and return the GnuTLS naming convention """ - m_cipher = re.sub(r'\ATLS-', '+', m_cipher) - m_cipher = m_cipher.replace("-WITH-", ":+") - m_cipher = m_cipher.replace("-EDE", "") + # Replace "_" with "-" to handle ciphersuite names based on Mbed TLS + # naming convention + s_cipher = s_cipher.replace("_", "-") + + s_cipher = re.sub(r'\ATLS-', '+', s_cipher) + s_cipher = s_cipher.replace("-WITH-", ":+") + s_cipher = s_cipher.replace("-EDE", "") # SHA in Mbed TLS == SHA1 GnuTLS, # if the last 3 chars are SHA append 1 - if m_cipher[-3:] == "SHA": - m_cipher = m_cipher+"1" + if s_cipher[-3:] == "SHA": + s_cipher = s_cipher+"1" # CCM or CCM-8 should be followed by ":+AEAD" # Replace "GCM:+SHAxyz" with "GCM:+AEAD" - if "CCM" in m_cipher or "GCM" in m_cipher: - m_cipher = re.sub(r"GCM-SHA\d\d\d", "GCM", m_cipher) - m_cipher = m_cipher+":+AEAD" + if "CCM" in s_cipher or "GCM" in s_cipher: + s_cipher = re.sub(r"GCM-SHA\d\d\d", "GCM", s_cipher) + s_cipher = s_cipher+":+AEAD" # Replace the last "-" with ":+" else: - index = m_cipher.rindex("-") - m_cipher = m_cipher[:index] + ":+" + m_cipher[index+1:] + index = s_cipher.rindex("-") + s_cipher = s_cipher[:index] + ":+" + s_cipher[index+1:] - return m_cipher + return s_cipher -def translate_ossl(m_cipher): +def translate_ossl(s_cipher): """ - Translate m_cipher from Mbed TLS ciphersuite naming convention + Translate s_cipher from standard ciphersuite naming convention and return the OpenSSL naming convention """ - m_cipher = re.sub(r'^TLS-', '', m_cipher) - m_cipher = m_cipher.replace("-WITH", "") + # Replace "_" with "-" to handle ciphersuite names based on Mbed TLS + # naming convention + s_cipher = s_cipher.replace("_", "-") + + s_cipher = re.sub(r'^TLS-', '', s_cipher) + s_cipher = s_cipher.replace("-WITH", "") # Remove the "-" from "ABC-xyz" - m_cipher = m_cipher.replace("AES-", "AES") - m_cipher = m_cipher.replace("CAMELLIA-", "CAMELLIA") - m_cipher = m_cipher.replace("ARIA-", "ARIA") + s_cipher = s_cipher.replace("AES-", "AES") + s_cipher = s_cipher.replace("CAMELLIA-", "CAMELLIA") + s_cipher = s_cipher.replace("ARIA-", "ARIA") # Remove "RSA" if it is at the beginning - m_cipher = re.sub(r'^RSA-', r'', m_cipher) + s_cipher = re.sub(r'^RSA-', r'', s_cipher) # For all circumstances outside of PSK - if "PSK" not in m_cipher: - m_cipher = m_cipher.replace("-EDE", "") - m_cipher = m_cipher.replace("3DES-CBC", "DES-CBC3") + if "PSK" not in s_cipher: + s_cipher = s_cipher.replace("-EDE", "") + s_cipher = s_cipher.replace("3DES-CBC", "DES-CBC3") # Remove "CBC" if it is not prefixed by DES - m_cipher = re.sub(r'(?p); mbedtls_mpi_mod_modulus_free(N); } +#endif /* MBEDTLS_ECP_WITH_MPI_UINT */ int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s) { diff --git a/tests/src/certs.c b/tests/src/certs.c index 1fcdc42c4..b834e4aa1 100644 --- a/tests/src/certs.c +++ b/tests/src/certs.c @@ -23,1263 +23,9 @@ #include "mbedtls/build_info.h" -#include "mbedtls/legacy_or_psa.h" +#include "mbedtls/pk.h" -/* - * Test CA Certificates - * - * We define test CA certificates for each choice of the following parameters: - * - PEM or DER encoding - * - SHA-1 or SHA-256 hash - * - RSA or EC key - * - * Things to add: - * - multiple EC curve types - * - */ - -/* This is taken from tests/data_files/test-ca2.crt */ -/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM tests/data_files/test-ca2.crt */ -#define TEST_CA_CRT_EC_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIICBDCCAYigAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \ - "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ - "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \ - "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ - "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \ - "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \ - "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1AwTjAMBgNVHRMEBTADAQH/\r\n" \ - "MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSdbSAk\r\n" \ - "SQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMFHKrjAPpHB0BN1a\r\n" \ - "LH8TwcJ3vh0AxeKZj30mRdOKBmg/jLS3rU3g8VQBHpn8sOTTBwIxANxPO5AerimZ\r\n" \ - "hCjMe0d4CTHf1gFZMF70+IqEP+o5VHsIp2Cqvflb0VGWFC5l9a4cQg==\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is generated from tests/data_files/test-ca2.crt.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER tests/data_files/test-ca2.crt.der */ -#define TEST_CA_CRT_EC_DER { \ - 0x30, 0x82, 0x02, 0x04, 0x30, 0x82, 0x01, 0x88, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \ - 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \ - 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ - 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ - 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ - 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ - 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \ - 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \ - 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \ - 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ - 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ - 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ - 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ - 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \ - 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \ - 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \ - 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \ - 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \ - 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \ - 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \ - 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \ - 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \ - 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \ - 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x0c, \ - 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, \ - 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x9d, \ - 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \ - 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, 0x06, 0x03, 0x55, \ - 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, \ - 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, \ - 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, \ - 0x30, 0x51, 0xca, 0xae, 0x30, 0x0f, 0xa4, 0x70, 0x74, 0x04, 0xdd, 0x5a, \ - 0x2c, 0x7f, 0x13, 0xc1, 0xc2, 0x77, 0xbe, 0x1d, 0x00, 0xc5, 0xe2, 0x99, \ - 0x8f, 0x7d, 0x26, 0x45, 0xd3, 0x8a, 0x06, 0x68, 0x3f, 0x8c, 0xb4, 0xb7, \ - 0xad, 0x4d, 0xe0, 0xf1, 0x54, 0x01, 0x1e, 0x99, 0xfc, 0xb0, 0xe4, 0xd3, \ - 0x07, 0x02, 0x31, 0x00, 0xdc, 0x4f, 0x3b, 0x90, 0x1e, 0xae, 0x29, 0x99, \ - 0x84, 0x28, 0xcc, 0x7b, 0x47, 0x78, 0x09, 0x31, 0xdf, 0xd6, 0x01, 0x59, \ - 0x30, 0x5e, 0xf4, 0xf8, 0x8a, 0x84, 0x3f, 0xea, 0x39, 0x54, 0x7b, 0x08, \ - 0xa7, 0x60, 0xaa, 0xbd, 0xf9, 0x5b, 0xd1, 0x51, 0x96, 0x14, 0x2e, 0x65, \ - 0xf5, 0xae, 0x1c, 0x42 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/test-ca2.key.enc */ -/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM tests/data_files/test-ca2.key.enc */ -#define TEST_CA_KEY_EC_PEM \ - "-----BEGIN EC PRIVATE KEY-----\r\n" \ - "Proc-Type: 4,ENCRYPTED\r\n" \ - "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" \ - "\r\n" \ - "IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" \ - "ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" \ - "UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" \ - "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" \ - "-----END EC PRIVATE KEY-----\r\n" -/* END FILE */ - -#define TEST_CA_PWD_EC_PEM "PolarSSLTest" - -/* This is generated from tests/data_files/test-ca2.key.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER tests/data_files/test-ca2.key.der */ -#define TEST_CA_KEY_EC_DER { \ - 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \ - 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \ - 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \ - 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \ - 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \ - 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \ - 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \ - 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \ - 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \ - 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \ - 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \ - 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \ - 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \ - 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \ -} -/* END FILE */ - -/* This is taken from tests/data_files/test-ca-sha256.crt. */ -/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM tests/data_files/test-ca-sha256.crt */ -#define TEST_CA_CRT_RSA_SHA256_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ - "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ - "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ - "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ - "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ - "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ - "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ - "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ - "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ - "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \ - "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA\r\n" \ - "A4IBAQA4qFSCth2q22uJIdE4KGHJsJjVEfw2/xn+MkTvCMfxVrvmRvqCtjE4tKDl\r\n" \ - "oK4MxFOek07oDZwvtAT9ijn1hHftTNS7RH9zd/fxNpfcHnMZXVC4w4DNA1fSANtW\r\n" \ - "5sY1JB5Je9jScrsLSS+mAjyv0Ow3Hb2Bix8wu7xNNrV5fIf7Ubm+wt6SqEBxu3Kb\r\n" \ - "+EfObAT4huf3czznhH3C17ed6NSbXwoXfby7stWUDeRJv08RaFOykf/Aae7bY5PL\r\n" \ - "yTVrkAnikMntJ9YI+hNNYt3inqq11A5cN0+rVTst8UKCxzQ4GpvroSwPKTFkbMw4\r\n" \ - "/anT1dVxr/BtwJfiESoK3/4CeXR1\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is generated from tests/data_files/test-ca-sha256.crt.der - * using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER tests/data_files/test-ca-sha256.crt.der */ -#define TEST_CA_CRT_RSA_SHA256_DER { \ - 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ - 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ - 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ - 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ - 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ - 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ - 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ - 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ - 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ - 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ - 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ - 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ - 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ - 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ - 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ - 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ - 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ - 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ - 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ - 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ - 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ - 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ - 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ - 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ - 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ - 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ - 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ - 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \ - 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \ - 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \ - 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \ - 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \ - 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \ - 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \ - 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \ - 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \ - 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \ - 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \ - 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \ - 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \ - 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \ - 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \ - 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \ - 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \ - 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \ - 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \ - 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \ - 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \ - 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/test-ca-sha1.crt. */ -/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM tests/data_files/test-ca-sha1.crt */ -#define TEST_CA_CRT_RSA_SHA1_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ - "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ - "MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ - "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ - "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ - "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ - "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ - "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ - "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ - "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \ - "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA\r\n" \ - "A4IBAQABE3OEPfEd/bcJW5ZdU3/VgPNS4tMzh8gnJP/V2FcvFtGylMpQq6YnEBYI\r\n" \ - "yBHAL4DRvlMY5rnXGBp3ODR8MpqHC6AquRTCLzjS57iYff//4QFQqW9n92zctspv\r\n" \ - "czkaPKgjqo1No3Uq0Xaz10rcxyTUPrf5wNVRZ2V0KvllvAAVSzbI4mpdUXztjhST\r\n" \ - "S5A2BeWQAAOr0zq1F7TSRVJpJs7jmB2ai/igkh1IAjcuwV6VwlP+sbw0gjQ0NpGM\r\n" \ - "iHpnlzRAi/tIbtOvMIGOBU2TIfax/5jq1agUx5aPmT5TWAiJPOOP6l5xXnDwxeYS\r\n" \ - "NWqiX9GyusBZjezaCaHabjDLU0qQ\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is taken from tests/data_files/test-ca-sha1.crt.der. */ -/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER tests/data_files/test-ca-sha1.crt.der */ -#define TEST_CA_CRT_RSA_SHA1_DER { \ - 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ - 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ - 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ - 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ - 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ - 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ - 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ - 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ - 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ - 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ - 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ - 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ - 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ - 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ - 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ - 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ - 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ - 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ - 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ - 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ - 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ - 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ - 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ - 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ - 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ - 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ - 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ - 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ - 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ - 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \ - 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x13, 0x73, 0x84, 0x3d, 0xf1, 0x1d, \ - 0xfd, 0xb7, 0x09, 0x5b, 0x96, 0x5d, 0x53, 0x7f, 0xd5, 0x80, 0xf3, 0x52, \ - 0xe2, 0xd3, 0x33, 0x87, 0xc8, 0x27, 0x24, 0xff, 0xd5, 0xd8, 0x57, 0x2f, \ - 0x16, 0xd1, 0xb2, 0x94, 0xca, 0x50, 0xab, 0xa6, 0x27, 0x10, 0x16, 0x08, \ - 0xc8, 0x11, 0xc0, 0x2f, 0x80, 0xd1, 0xbe, 0x53, 0x18, 0xe6, 0xb9, 0xd7, \ - 0x18, 0x1a, 0x77, 0x38, 0x34, 0x7c, 0x32, 0x9a, 0x87, 0x0b, 0xa0, 0x2a, \ - 0xb9, 0x14, 0xc2, 0x2f, 0x38, 0xd2, 0xe7, 0xb8, 0x98, 0x7d, 0xff, 0xff, \ - 0xe1, 0x01, 0x50, 0xa9, 0x6f, 0x67, 0xf7, 0x6c, 0xdc, 0xb6, 0xca, 0x6f, \ - 0x73, 0x39, 0x1a, 0x3c, 0xa8, 0x23, 0xaa, 0x8d, 0x4d, 0xa3, 0x75, 0x2a, \ - 0xd1, 0x76, 0xb3, 0xd7, 0x4a, 0xdc, 0xc7, 0x24, 0xd4, 0x3e, 0xb7, 0xf9, \ - 0xc0, 0xd5, 0x51, 0x67, 0x65, 0x74, 0x2a, 0xf9, 0x65, 0xbc, 0x00, 0x15, \ - 0x4b, 0x36, 0xc8, 0xe2, 0x6a, 0x5d, 0x51, 0x7c, 0xed, 0x8e, 0x14, 0x93, \ - 0x4b, 0x90, 0x36, 0x05, 0xe5, 0x90, 0x00, 0x03, 0xab, 0xd3, 0x3a, 0xb5, \ - 0x17, 0xb4, 0xd2, 0x45, 0x52, 0x69, 0x26, 0xce, 0xe3, 0x98, 0x1d, 0x9a, \ - 0x8b, 0xf8, 0xa0, 0x92, 0x1d, 0x48, 0x02, 0x37, 0x2e, 0xc1, 0x5e, 0x95, \ - 0xc2, 0x53, 0xfe, 0xb1, 0xbc, 0x34, 0x82, 0x34, 0x34, 0x36, 0x91, 0x8c, \ - 0x88, 0x7a, 0x67, 0x97, 0x34, 0x40, 0x8b, 0xfb, 0x48, 0x6e, 0xd3, 0xaf, \ - 0x30, 0x81, 0x8e, 0x05, 0x4d, 0x93, 0x21, 0xf6, 0xb1, 0xff, 0x98, 0xea, \ - 0xd5, 0xa8, 0x14, 0xc7, 0x96, 0x8f, 0x99, 0x3e, 0x53, 0x58, 0x08, 0x89, \ - 0x3c, 0xe3, 0x8f, 0xea, 0x5e, 0x71, 0x5e, 0x70, 0xf0, 0xc5, 0xe6, 0x12, \ - 0x35, 0x6a, 0xa2, 0x5f, 0xd1, 0xb2, 0xba, 0xc0, 0x59, 0x8d, 0xec, 0xda, \ - 0x09, 0xa1, 0xda, 0x6e, 0x30, 0xcb, 0x53, 0x4a, 0x90 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/test-ca.key */ -/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM tests/data_files/test-ca.key */ -#define TEST_CA_KEY_RSA_PEM \ - "-----BEGIN RSA PRIVATE KEY-----\r\n" \ - "Proc-Type: 4,ENCRYPTED\r\n" \ - "DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" \ - "\r\n" \ - "9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" \ - "7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" \ - "Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" \ - "PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" \ - "GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" \ - "gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" \ - "QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" \ - "PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" \ - "vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" \ - "WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" \ - "JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" \ - "KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" \ - "Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" \ - "9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" \ - "iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" \ - "tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" \ - "P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" \ - "1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" \ - "nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" \ - "X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" \ - "rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" \ - "L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" \ - "I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" \ - "wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" \ - "P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" \ - "-----END RSA PRIVATE KEY-----\r\n" -/* END FILE */ - -#define TEST_CA_PWD_RSA_PEM "PolarSSLTest" - -/* This was generated from test-ca.key.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER tests/data_files/test-ca.key.der */ -#define TEST_CA_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \ - 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \ - 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \ - 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \ - 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \ - 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \ - 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \ - 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \ - 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \ - 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \ - 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \ - 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \ - 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \ - 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \ - 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \ - 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \ - 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \ - 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \ - 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \ - 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \ - 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \ - 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \ - 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \ - 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \ - 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \ - 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \ - 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \ - 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \ - 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \ - 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \ - 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \ - 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \ - 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \ - 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \ - 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \ - 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \ - 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \ - 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \ - 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \ - 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \ - 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \ - 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \ - 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \ - 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \ - 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \ - 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \ - 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \ - 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \ - 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \ - 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \ - 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \ - 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \ - 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \ - 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \ - 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \ - 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \ - 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \ - 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \ - 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \ - 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \ - 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \ - 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \ - 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \ - 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \ - 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \ - 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \ - 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \ - 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \ - 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \ - 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \ - 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \ - 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \ - 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \ - 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \ - 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \ - 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \ - 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \ - 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \ - 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \ - 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \ - 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \ - 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \ - 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \ - 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \ - 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \ - 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \ - 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \ - 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \ - 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \ - 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \ - 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \ - 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \ - 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \ - 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \ - 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \ - 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \ - 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \ - 0xa8, 0xc2, 0x8f, 0x0d \ -} -/* END FILE */ - -/* - * Test server Certificates - * - * Test server certificates are defined for each choice - * of the following parameters: - * - PEM or DER encoding - * - SHA-1 or SHA-256 hash - * - RSA or EC key - * - * Things to add: - * - multiple EC curve types - */ - -/* This is taken from tests/data_files/server5.crt. */ -/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM tests/data_files/server5.crt */ -#define TEST_SRV_CRT_EC_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \ - "MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \ - "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \ - "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \ - "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \ - "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n" \ - "clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \ - "CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n" \ - "C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n" \ - "fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is generated from tests/data_files/server5.crt.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER tests/data_files/server5.crt.der */ -#define TEST_SRV_CRT_EC_DER { \ - 0x30, 0x82, 0x02, 0x1f, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ - 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ - 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x33, 0x30, 0x39, 0x32, 0x34, 0x31, 0x35, 0x35, 0x32, 0x30, 0x34, \ - 0x5a, 0x17, 0x0d, 0x32, 0x33, 0x30, 0x39, 0x32, 0x32, 0x31, 0x35, 0x35, \ - 0x32, 0x30, 0x34, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ - 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ - 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \ - 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \ - 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \ - 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \ - 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \ - 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \ - 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \ - 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \ - 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \ - 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \ - 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ - 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x13, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ - 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ - 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x68, 0x00, \ - 0x30, 0x65, 0x02, 0x31, 0x00, 0x9a, 0x2c, 0x5c, 0xd7, 0xa6, 0xdb, 0xa2, \ - 0xe5, 0x64, 0x0d, 0xf0, 0xb9, 0x4e, 0xdd, 0xd7, 0x61, 0xd6, 0x13, 0x31, \ - 0xc7, 0xab, 0x73, 0x80, 0xbb, 0xd3, 0xd3, 0x73, 0x13, 0x54, 0xad, 0x92, \ - 0x0b, 0x5d, 0xab, 0xd0, 0xbc, 0xf7, 0xae, 0x2f, 0xe6, 0xa1, 0x21, 0x29, \ - 0x35, 0x95, 0xaa, 0x3e, 0x39, 0x02, 0x30, 0x21, 0x36, 0x7f, 0x9d, 0xc6, \ - 0x5d, 0xc6, 0x0b, 0xab, 0x27, 0xf2, 0x25, 0x1d, 0x3b, 0xf1, 0xcf, 0xf1, \ - 0x35, 0x25, 0x14, 0xe7, 0xe5, 0xf1, 0x97, 0xb5, 0x59, 0xe3, 0x5e, 0x15, \ - 0x7c, 0x66, 0xb9, 0x90, 0x7b, 0xc7, 0x01, 0x10, 0x4f, 0x73, 0xc6, 0x00, \ - 0x21, 0x52, 0x2a, 0x0e, 0xf1, 0xc7, 0xd5 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/server5.key. */ -/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM tests/data_files/server5.key */ -#define TEST_SRV_KEY_EC_PEM \ - "-----BEGIN EC PRIVATE KEY-----\r\n" \ - "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" \ - "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" \ - "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" \ - "-----END EC PRIVATE KEY-----\r\n" -/* END FILE */ - -/* This is generated from tests/data_files/server5.key.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER tests/data_files/server5.key.der */ -#define TEST_SRV_KEY_EC_DER { \ - 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \ - 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \ - 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \ - 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \ - 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \ - 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \ - 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \ - 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \ - 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \ - 0xff \ -} -/* END FILE */ - -/* This is taken from tests/data_files/server2-sha256.crt. */ -/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM tests/data_files/server2-sha256.crt */ -#define TEST_SRV_CRT_RSA_SHA256_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ - "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ - "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ - "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ - "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ - "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ - "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ - "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ - "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ - "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ - "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJh\r\n" \ - "Pqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6U\r\n" \ - "HoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq9\r\n" \ - "1C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sv\r\n" \ - "a1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0\r\n" \ - "e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbo\r\n" \ - "pMZqLmbBm/7WPLc=\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is taken from tests/data_files/server2-sha256.crt.der. */ -/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER tests/data_files/server2-sha256.crt.der */ -#define TEST_SRV_CRT_RSA_SHA256_DER { \ - 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ - 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ - 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ - 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ - 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ - 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ - 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ - 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ - 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ - 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ - 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ - 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ - 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ - 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ - 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ - 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ - 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ - 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ - 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ - 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ - 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ - 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ - 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ - 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ - 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ - 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \ - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \ - 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \ - 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \ - 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \ - 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \ - 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \ - 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \ - 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \ - 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \ - 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \ - 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \ - 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \ - 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \ - 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \ - 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \ - 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \ - 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \ - 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \ - 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \ - 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \ - 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \ - 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/server2.crt. */ -/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM tests/data_files/server2.crt */ -#define TEST_SRV_CRT_RSA_SHA1_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ - "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ - "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ - "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ - "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ - "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ - "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ - "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ - "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ - "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ - "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \ - "cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \ - "O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \ - "KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \ - "iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \ - "HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \ - "Awgk0+4m0T25cNs=\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is taken from tests/data_files/server2.crt.der. */ -/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER tests/data_files/server2.crt.der */ -#define TEST_SRV_CRT_RSA_SHA1_DER { \ - 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x32, 0x31, 0x32, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ - 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ - 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ - 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ - 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ - 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ - 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ - 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ - 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ - 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ - 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ - 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ - 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ - 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ - 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ - 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ - 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ - 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ - 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ - 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ - 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ - 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ - 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ - 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ - 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ - 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ - 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ - 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ - 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \ - 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x01, 0x73, 0x0b, 0x4a, 0xc5, \ - 0xcb, 0xa0, 0xde, 0xf1, 0x63, 0x1c, 0x76, 0x04, 0x2b, 0x13, 0x0d, 0xc0, \ - 0x84, 0x11, 0xc5, 0x8f, 0x3a, 0xa7, 0xc5, 0x9c, 0x35, 0x7a, 0x77, 0xb8, \ - 0x20, 0x14, 0x82, 0xee, 0x54, 0xf0, 0xf2, 0xb0, 0x52, 0xcb, 0x78, 0xce, \ - 0x59, 0x07, 0x4f, 0x51, 0x69, 0xfe, 0xd3, 0x2f, 0xe9, 0x09, 0xe7, 0x85, \ - 0x92, 0xd8, 0xba, 0xb1, 0xeb, 0xc5, 0x76, 0x5d, 0x61, 0x2d, 0xe9, 0x86, \ - 0xb5, 0xde, 0x2a, 0xf9, 0x3f, 0x53, 0x28, 0x42, 0x86, 0x83, 0x73, 0x43, \ - 0xe0, 0x04, 0x5f, 0x07, 0x90, 0x14, 0x65, 0x9f, 0x6e, 0x10, 0x7a, 0xbc, \ - 0x58, 0x19, 0x22, 0xc2, 0xeb, 0x39, 0x72, 0x51, 0x92, 0xd7, 0xb4, 0x1d, \ - 0x75, 0x2f, 0xd3, 0x3a, 0x2b, 0x01, 0xe7, 0xdb, 0x50, 0xae, 0xe2, 0xf1, \ - 0xd4, 0x4d, 0x5b, 0x3c, 0xbb, 0x41, 0x2b, 0x2a, 0xa4, 0xe2, 0x4a, 0x02, \ - 0xe5, 0x60, 0x14, 0x2c, 0x9c, 0x1f, 0xa6, 0xcc, 0x06, 0x4b, 0x25, 0x89, \ - 0x4e, 0x96, 0x30, 0x22, 0x9c, 0x5c, 0x58, 0x4d, 0xc3, 0xda, 0xd0, 0x6e, \ - 0x50, 0x1e, 0x8c, 0x65, 0xf5, 0xd9, 0x17, 0x35, 0xa6, 0x58, 0x43, 0xb2, \ - 0x29, 0xb7, 0xa8, 0x5e, 0x35, 0xde, 0xf0, 0x60, 0x42, 0x1a, 0x01, 0xcb, \ - 0xcb, 0x0b, 0xd8, 0x0e, 0xc1, 0x90, 0xdf, 0xa1, 0xd2, 0x1a, 0xd1, 0x2c, \ - 0x02, 0xf4, 0x76, 0x41, 0xa4, 0xcb, 0x4b, 0x15, 0x98, 0x71, 0xf9, 0x35, \ - 0x7d, 0xb0, 0xe7, 0xe2, 0x34, 0x96, 0x91, 0xbe, 0x32, 0x67, 0x2d, 0x6b, \ - 0xd3, 0x55, 0x04, 0x8a, 0x01, 0x50, 0xb4, 0xe3, 0x62, 0x78, 0x6c, 0x11, \ - 0x15, 0xa5, 0x2a, 0x11, 0xc1, 0x49, 0x1c, 0x9b, 0xc4, 0x10, 0x65, 0x60, \ - 0x87, 0xd9, 0x1e, 0x69, 0x59, 0x4e, 0x8f, 0x6b, 0xeb, 0xc1, 0xfe, 0x6b, \ - 0xe2, 0x63, 0x78, 0x95, 0x6e, 0xe0, 0x2d, 0xd7, 0xa7, 0x37, 0xa8 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/server2.key. */ -/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM tests/data_files/server2.key */ -#define TEST_SRV_KEY_RSA_PEM \ - "-----BEGIN RSA PRIVATE KEY-----\r\n" \ - "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" \ - "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" \ - "2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" \ - "Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" \ - "GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" \ - "y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" \ - "++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" \ - "Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" \ - "/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" \ - "WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" \ - "GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" \ - "TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" \ - "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" \ - "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" \ - "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" \ - "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" \ - "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" \ - "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" \ - "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" \ - "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" \ - "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" \ - "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" \ - "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" \ - "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" \ - "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" \ - "-----END RSA PRIVATE KEY-----\r\n" -/* END FILE */ - -/* This was generated from tests/data_files/server2.key.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER tests/data_files/server2.key.der */ -#define TEST_SRV_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \ - 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \ - 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \ - 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \ - 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \ - 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \ - 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \ - 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \ - 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \ - 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \ - 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \ - 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \ - 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \ - 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \ - 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \ - 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \ - 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \ - 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \ - 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \ - 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \ - 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \ - 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \ - 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \ - 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \ - 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \ - 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \ - 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \ - 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \ - 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \ - 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \ - 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \ - 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \ - 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \ - 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \ - 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \ - 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \ - 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \ - 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \ - 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \ - 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \ - 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \ - 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \ - 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \ - 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \ - 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \ - 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \ - 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \ - 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \ - 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \ - 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \ - 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \ - 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \ - 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \ - 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \ - 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \ - 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \ - 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \ - 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \ - 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \ - 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \ - 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \ - 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \ - 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \ - 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \ - 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \ - 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \ - 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \ - 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \ - 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \ - 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \ - 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \ - 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \ - 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \ - 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \ - 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \ - 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \ - 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \ - 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \ - 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \ - 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \ - 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \ - 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \ - 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \ - 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \ - 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \ - 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \ - 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \ - 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \ - 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \ - 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \ - 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \ - 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \ - 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \ - 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \ - 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \ - 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \ - 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \ - 0x06, 0x21, 0x2e, 0x56 \ -} -/* END FILE */ - -/* - * Test client Certificates - * - * Test client certificates are defined for each choice - * of the following parameters: - * - PEM or DER encoding - * - RSA or EC key - * - * Things to add: - * - hash type - * - multiple EC curve types - */ - -/* This is taken from tests/data_files/cli2.crt. */ -/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM tests/data_files/cli2.crt */ -#define TEST_CLI_CRT_EC_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIIB3zCCAWOgAwIBAgIBDTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw\r\n" \ - "DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJTU0wgVGVzdCBFQyBDQTAe\r\n" \ - "Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMEExCzAJBgNVBAYTAk5MMREw\r\n" \ - "DwYDVQQKDAhQb2xhclNTTDEfMB0GA1UEAwwWUG9sYXJTU0wgVGVzdCBDbGllbnQg\r\n" \ - "MjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFflrrFz39Osu5O4gf8Sru7mU6zO\r\n" \ - "VVP2NA7MLuNjJQvfmOLzXGA2lsDVGBRw5X+f1UtFGOWwbNVc+JaPh3Cj5MejTTBL\r\n" \ - "MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMB8GA1Ud\r\n" \ - "IwQYMBaAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8MAwGCCqGSM49BAMCBQADaAAwZQIx\r\n" \ - "AMqme4DKMldUlplDET9Q6Eptre7uUWKhsLOF+zPkKDlfzpIkJYEFgcloDHGYw80u\r\n" \ - "IgIwNftyPXsabTqMM7iEHgVpX/GRozKklY9yQI/5eoA6gGW7Y+imuGR/oao5ySOb\r\n" \ - "a9Vk\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This is generated from tests/data_files/cli2.crt.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER tests/data_files/cli2.crt.der */ -#define TEST_CLI_CRT_EC_DER { \ - 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ - 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \ - 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \ - 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \ - 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \ - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ - 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ - 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \ - 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ - 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \ - 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \ - 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \ - 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \ - 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \ - 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \ - 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \ - 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \ - 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \ - 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \ - 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \ - 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \ - 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \ - 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \ - 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \ - 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \ - 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \ - 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \ - 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \ - 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \ - 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \ - 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \ - 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \ - 0x6b, 0xd5, 0x64 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/cli2.key. */ -/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM tests/data_files/cli2.key */ -#define TEST_CLI_KEY_EC_PEM \ - "-----BEGIN EC PRIVATE KEY-----\r\n" \ - "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" \ - "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" \ - "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" \ - "-----END EC PRIVATE KEY-----\r\n" -/* END FILE */ - -/* This is generated from tests/data_files/cli2.key.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER tests/data_files/cli2.key.der */ -#define TEST_CLI_KEY_EC_DER { \ - 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \ - 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \ - 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \ - 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ - 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \ - 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \ - 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \ - 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \ - 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \ - 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \ - 0xc7 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/cli-rsa-sha256.crt. */ -/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM tests/data_files/cli-rsa-sha256.crt */ -#define TEST_CLI_CRT_RSA_PEM \ - "-----BEGIN CERTIFICATE-----\r\n" \ - "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ - "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ - "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" \ - "A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" \ - "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" \ - "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" \ - "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" \ - "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" \ - "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" \ - "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" \ - "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" \ - "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" \ - "AQEAXidv1d4pLlBiKWED95rMycBdgDcgyNqJxakFkRfRyA2y1mlyTn7uBXRkNLY5\r\n" \ - "ZFzK82GCjk2Q2OD4RZSCPAJJqLpHHU34t71ciffvy2KK81YvrxczRhMAE64i+qna\r\n" \ - "yP3Td2XuWJR05PVPoSemsNELs9gWttdnYy3ce+EY2Y0n7Rsi7982EeLIAA7H6ca4\r\n" \ - "2Es/NUH//JZJT32OP0doMxeDRA+vplkKqTLLWf7dX26LIriBkBaRCgR5Yv9LBPFc\r\n" \ - "NOtpzu/LbrY7QFXKJMI+JXDudCsOn8KCmiA4d6Emisqfh3V3485l7HEQNcvLTxlD\r\n" \ - "6zDQyi0/ykYUYZkwQTK1N2Nvlw==\r\n" \ - "-----END CERTIFICATE-----\r\n" -/* END FILE */ - -/* This was generated from tests/data_files/cli-rsa-sha256.crt.der - using `xxd -i.` */ -/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER tests/data_files/cli-rsa-sha256.crt.der */ -#define TEST_CLI_CRT_RSA_DER { \ - 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \ - 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ - 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ - 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ - 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ - 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ - 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ - 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ - 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ - 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ - 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ - 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ - 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \ - 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \ - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \ - 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \ - 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \ - 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \ - 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \ - 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \ - 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \ - 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \ - 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \ - 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \ - 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \ - 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \ - 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \ - 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \ - 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \ - 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \ - 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \ - 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \ - 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \ - 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \ - 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \ - 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \ - 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \ - 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \ - 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \ - 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ - 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \ - 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \ - 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \ - 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \ - 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \ - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \ - 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \ - 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \ - 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \ - 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \ - 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \ - 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \ - 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \ - 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \ - 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \ - 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \ - 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \ - 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \ - 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \ - 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \ - 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \ - 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \ - 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \ - 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \ - 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \ - 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \ - 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \ - 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \ -} -/* END FILE */ - -/* This is taken from tests/data_files/cli-rsa.key. */ -/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM tests/data_files/cli-rsa.key */ -#define TEST_CLI_KEY_RSA_PEM \ - "-----BEGIN RSA PRIVATE KEY-----\r\n" \ - "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" \ - "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" \ - "bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" \ - "Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" \ - "7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" \ - "dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" \ - "yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" \ - "4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" \ - "ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" \ - "zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" \ - "l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" \ - "DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" \ - "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" \ - "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" \ - "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" \ - "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" \ - "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" \ - "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" \ - "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" \ - "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" \ - "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" \ - "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" \ - "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" \ - "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" \ - "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" \ - "-----END RSA PRIVATE KEY-----\r\n"/* END FILE */ - -/* This was generated from tests/data_files/cli-rsa.key.der using `xxd -i`. */ -/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER tests/data_files/cli-rsa.key.der */ -#define TEST_CLI_KEY_RSA_DER { \ - 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ - 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \ - 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \ - 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \ - 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \ - 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \ - 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \ - 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \ - 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \ - 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \ - 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \ - 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \ - 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \ - 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \ - 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \ - 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \ - 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \ - 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \ - 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \ - 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \ - 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \ - 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \ - 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ - 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \ - 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \ - 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \ - 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \ - 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \ - 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \ - 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \ - 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \ - 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \ - 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \ - 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \ - 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \ - 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \ - 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \ - 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \ - 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \ - 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \ - 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \ - 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \ - 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \ - 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \ - 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \ - 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \ - 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \ - 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \ - 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \ - 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \ - 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \ - 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \ - 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \ - 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \ - 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \ - 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \ - 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \ - 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \ - 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \ - 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \ - 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \ - 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \ - 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \ - 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \ - 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \ - 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \ - 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \ - 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \ - 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \ - 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \ - 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \ - 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \ - 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \ - 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \ - 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \ - 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \ - 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \ - 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \ - 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \ - 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \ - 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \ - 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \ - 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \ - 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \ - 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \ - 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \ - 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \ - 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \ - 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \ - 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \ - 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \ - 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \ - 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \ - 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \ - 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \ - 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \ - 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \ - 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \ - 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \ - 0x8b, 0x87, 0xc3, 0x00 \ -} -/* END FILE */ +#include "test_certs.h" /* * @@ -1567,13 +313,13 @@ const size_t mbedtls_test_cli_crt_ec_len = * Dispatch between SHA-1 and SHA-256 */ -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) #define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA256 #define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA256 #else #define TEST_CA_CRT_RSA TEST_CA_CRT_RSA_SHA1 #define TEST_SRV_CRT_RSA TEST_SRV_CRT_RSA_SHA1 -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA256 */ const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA; const char mbedtls_test_srv_crt_rsa[] = TEST_SRV_CRT_RSA; @@ -1672,25 +418,25 @@ const size_t mbedtls_test_cli_crt_len = /* List of CAs in PEM or DER, depending on config */ const char *mbedtls_test_cas[] = { -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1) mbedtls_test_ca_crt_rsa_sha1, #endif -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) mbedtls_test_ca_crt_rsa_sha256, #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) mbedtls_test_ca_crt_ec, #endif NULL }; const size_t mbedtls_test_cas_len[] = { -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA1) sizeof(mbedtls_test_ca_crt_rsa_sha1), #endif -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) sizeof(mbedtls_test_ca_crt_rsa_sha256), #endif -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) sizeof(mbedtls_test_ca_crt_ec), #endif 0 @@ -1699,31 +445,31 @@ const size_t mbedtls_test_cas_len[] = { /* List of all available CA certificates in DER format */ const unsigned char *mbedtls_test_cas_der[] = { #if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) mbedtls_test_ca_crt_rsa_sha256_der, -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) mbedtls_test_ca_crt_rsa_sha1_der, -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) mbedtls_test_ca_crt_ec_der, -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ NULL }; const size_t mbedtls_test_cas_der_len[] = { #if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) sizeof(mbedtls_test_ca_crt_rsa_sha256_der), -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) sizeof(mbedtls_test_ca_crt_rsa_sha1_der), -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) sizeof(mbedtls_test_ca_crt_ec_der), -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ 0 }; @@ -1731,16 +477,16 @@ const size_t mbedtls_test_cas_der_len[] = { #if defined(MBEDTLS_PEM_PARSE_C) const char mbedtls_test_cas_pem[] = #if defined(MBEDTLS_RSA_C) -#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#if defined(MBEDTLS_MD_CAN_SHA256) TEST_CA_CRT_RSA_SHA256_PEM -#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ -#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA) +#endif /* MBEDTLS_MD_CAN_SHA256 */ +#if defined(MBEDTLS_MD_CAN_SHA1) TEST_CA_CRT_RSA_SHA1_PEM -#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +#endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SOME) TEST_CA_CRT_EC_PEM -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */ ""; const size_t mbedtls_test_cas_pem_len = sizeof(mbedtls_test_cas_pem); #endif /* MBEDTLS_PEM_PARSE_C */ diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 7487e8450..8fb198277 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -19,7 +19,7 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa_crypto_hash.h" #include "test/drivers/hash.h" @@ -208,4 +208,4 @@ psa_status_t mbedtls_test_transparent_hash_abort( return mbedtls_test_driver_hash_hooks.driver_status; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 4bf2a86e2..6dadf5282 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -19,12 +19,14 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa_crypto_aead.h" #include "psa_crypto_core.h" #include "test/drivers/aead.h" +#include "mbedtls/constant_time.h" + #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) #include "libtestdriver1/library/psa_crypto_aead.h" #endif @@ -431,7 +433,7 @@ psa_status_t mbedtls_test_transparent_aead_verify( if (mbedtls_test_driver_aead_hooks.driver_status == PSA_SUCCESS) { if (tag_length != check_tag_length || - mbedtls_psa_safer_memcmp(tag, check_tag, tag_length) + mbedtls_ct_memcmp(tag, check_tag, tag_length) != 0) { mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_INVALID_SIGNATURE; @@ -469,4 +471,4 @@ psa_status_t mbedtls_test_transparent_aead_abort( return mbedtls_test_driver_aead_hooks.driver_status; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index 8c5e207ad..cf0e90cae 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -19,7 +19,7 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "mbedtls/rsa.h" #include "psa_crypto_rsa.h" @@ -160,4 +160,4 @@ psa_status_t mbedtls_test_opaque_asymmetric_decrypt( return PSA_ERROR_NOT_SUPPORTED; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index f0cb6b262..42e79c490 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -20,7 +20,7 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "psa_crypto_cipher.h" #include "psa_crypto_core.h" @@ -433,4 +433,4 @@ psa_status_t mbedtls_test_opaque_cipher_finish( (void) output_length; return PSA_ERROR_NOT_SUPPORTED; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index d1fd891e7..9cf82a37a 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -19,11 +19,12 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" +#include "psa_crypto_ffdh.h" #include "test/drivers/key_agreement.h" #include "test/drivers/test_driver.h" @@ -33,6 +34,7 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) #include "libtestdriver1/include/psa/crypto.h" #include "libtestdriver1/library/psa_crypto_ecp.h" +#include "libtestdriver1/library/psa_crypto_ffdh.h" #endif mbedtls_test_driver_key_agreement_hooks_t @@ -93,6 +95,37 @@ psa_status_t mbedtls_test_transparent_key_agreement( (void) shared_secret_size; (void) shared_secret_length; return PSA_ERROR_NOT_SUPPORTED; +#endif + } + if (PSA_ALG_IS_FFDH(alg)) { +#if (defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_FFDH)) + return libtestdriver1_mbedtls_psa_ffdh_key_agreement( + (const libtestdriver1_psa_key_attributes_t *) attributes, + peer_key, peer_key_length, + key_buffer, key_buffer_size, + shared_secret, shared_secret_size, + shared_secret_length); +#elif defined(MBEDTLS_PSA_BUILTIN_ALG_FFDH) + return mbedtls_psa_ffdh_key_agreement( + attributes, + peer_key, + peer_key_length, + key_buffer, + key_buffer_size, + shared_secret, + shared_secret_size, + shared_secret_length); +#else + (void) attributes; + (void) key_buffer; + (void) key_buffer_size; + (void) peer_key; + (void) peer_key_length; + (void) shared_secret; + (void) shared_secret_size; + (void) shared_secret_length; + return PSA_ERROR_NOT_SUPPORTED; #endif } else { return PSA_ERROR_INVALID_ARGUMENT; @@ -123,4 +156,4 @@ psa_status_t mbedtls_test_opaque_key_agreement( return PSA_ERROR_NOT_SUPPORTED; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 4e340aae6..19da47ad6 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -20,11 +20,12 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" #include "psa_crypto_rsa.h" +#include "psa_crypto_ffdh.h" #include "mbedtls/ecp.h" #include "mbedtls/error.h" @@ -36,6 +37,7 @@ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) #include "libtestdriver1/library/psa_crypto_ecp.h" #include "libtestdriver1/library/psa_crypto_rsa.h" +#include "libtestdriver1/library/psa_crypto_ffdh.h" #endif #include @@ -222,23 +224,34 @@ psa_status_t mbedtls_test_transparent_generate_key( if (PSA_KEY_TYPE_IS_ECC(psa_get_key_type(attributes)) && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) return libtestdriver1_mbedtls_psa_ecp_generate_key( (const libtestdriver1_psa_key_attributes_t *) attributes, key, key_size, key_length); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) return mbedtls_psa_ecp_generate_key( attributes, key, key_size, key_length); #endif } else if (psa_get_key_type(attributes) == PSA_KEY_TYPE_RSA_KEY_PAIR) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) return libtestdriver1_mbedtls_psa_rsa_generate_key( (const libtestdriver1_psa_key_attributes_t *) attributes, key, key_size, key_length); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE) return mbedtls_psa_rsa_generate_key( attributes, key, key_size, key_length); +#endif + } else if (PSA_KEY_TYPE_IS_DH(psa_get_key_type(attributes)) + && PSA_KEY_TYPE_IS_KEY_PAIR(psa_get_key_type(attributes))) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE) + return libtestdriver1_mbedtls_psa_ffdh_generate_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key, key_size, key_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) + return mbedtls_psa_ffdh_generate_key( + attributes, key, key_size, key_length); #endif } @@ -277,14 +290,14 @@ psa_status_t mbedtls_test_transparent_import_key( if (PSA_KEY_TYPE_IS_ECC(type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) return libtestdriver1_mbedtls_psa_ecp_import_key( (const libtestdriver1_psa_key_attributes_t *) attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) return mbedtls_psa_ecp_import_key( attributes, @@ -294,23 +307,39 @@ psa_status_t mbedtls_test_transparent_import_key( #endif } else if (PSA_KEY_TYPE_IS_RSA(type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) return libtestdriver1_mbedtls_psa_rsa_import_key( (const libtestdriver1_psa_key_attributes_t *) attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) return mbedtls_psa_rsa_import_key( attributes, data, data_length, key_buffer, key_buffer_size, key_buffer_length, bits); +#endif + } else if (PSA_KEY_TYPE_IS_DH(type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ffdh_import_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) + return mbedtls_psa_ffdh_import_key( + attributes, + data, data_length, + key_buffer, key_buffer_size, + key_buffer_length, bits); #endif } - (void) data; (void) data_length; (void) key_buffer; @@ -375,7 +404,7 @@ psa_status_t mbedtls_test_opaque_import_key( data, data_length, key_buffer_temp, key_buffer_size, key_buffer_length, bits); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) status = mbedtls_psa_ecp_import_key( attributes, @@ -397,7 +426,7 @@ psa_status_t mbedtls_test_opaque_import_key( data, data_length, key_buffer_temp, key_buffer_size, key_buffer_length, bits); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) status = mbedtls_psa_rsa_import_key( attributes, @@ -532,13 +561,13 @@ psa_status_t mbedtls_test_transparent_export_public_key( if (PSA_KEY_TYPE_IS_ECC(key_type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)) return libtestdriver1_mbedtls_psa_ecp_export_public_key( (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, data, data_size, data_length); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) return mbedtls_psa_ecp_export_public_key( attributes, @@ -547,18 +576,33 @@ psa_status_t mbedtls_test_transparent_export_public_key( #endif } else if (PSA_KEY_TYPE_IS_RSA(key_type)) { #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)) return libtestdriver1_mbedtls_psa_rsa_export_public_key( (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, data, data_size, data_length); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) return mbedtls_psa_rsa_export_public_key( attributes, key_buffer, key_buffer_size, data, data_size, data_length); +#endif + } else if (PSA_KEY_TYPE_IS_DH(key_type)) { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY)) + return libtestdriver1_mbedtls_psa_ffdh_export_public_key( + (const libtestdriver1_psa_key_attributes_t *) attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) + return mbedtls_psa_ffdh_export_public_key( + attributes, + key_buffer, key_buffer_size, + data, data_size, data_length); #endif } @@ -595,7 +639,7 @@ psa_status_t mbedtls_test_opaque_export_public_key( (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer_temp, *data_length, data, data_size, data_length); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) status = mbedtls_psa_ecp_export_public_key( attributes, @@ -616,7 +660,7 @@ psa_status_t mbedtls_test_opaque_export_public_key( (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer_temp, *data_length, data, data_size, data_length); -#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \ +#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) status = mbedtls_psa_rsa_export_public_key( attributes, @@ -748,4 +792,4 @@ psa_status_t mbedtls_test_opaque_copy_key( return PSA_SUCCESS; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index ea09cf43f..96c1685f5 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -19,7 +19,7 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa_crypto_mac.h" #include "test/drivers/mac.h" @@ -431,4 +431,4 @@ psa_status_t mbedtls_test_opaque_mac_abort( return mbedtls_test_driver_mac_hooks.driver_status; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c new file mode 100644 index 000000000..69bd4ffe2 --- /dev/null +++ b/tests/src/drivers/test_driver_pake.c @@ -0,0 +1,214 @@ +/* + * Test driver for MAC entry points. + */ +/* Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#if defined(PSA_CRYPTO_DRIVER_TEST) +#include "psa_crypto_pake.h" + +#include "test/drivers/pake.h" +#include "string.h" + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) +#include "libtestdriver1/library/psa_crypto_pake.h" +#endif + +mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks = + MBEDTLS_TEST_DRIVER_PAKE_INIT; + + +psa_status_t mbedtls_test_transparent_pake_setup( + mbedtls_transparent_test_driver_pake_operation_t *operation, + const psa_crypto_driver_pake_inputs_t *inputs) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.setup++; + + if (mbedtls_test_driver_pake_hooks.forced_setup_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_setup_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_setup( + operation, (const libtestdriver1_psa_crypto_driver_pake_inputs_t *) inputs); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_setup( + operation, inputs); +#else + (void) operation; + (void) inputs; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_output( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + uint8_t *output, + size_t output_size, + size_t *output_length) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.output++; + + if (mbedtls_test_driver_pake_hooks.forced_output != NULL) { + if (output_size < mbedtls_test_driver_pake_hooks.forced_output_length) { + return PSA_ERROR_BUFFER_TOO_SMALL; + } + + memcpy(output, + mbedtls_test_driver_pake_hooks.forced_output, + mbedtls_test_driver_pake_hooks.forced_output_length); + *output_length = mbedtls_test_driver_pake_hooks.forced_output_length; + + return mbedtls_test_driver_pake_hooks.forced_status; + } + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_output( + operation, (libtestdriver1_psa_crypto_driver_pake_step_t) step, + output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_output( + operation, step, output, output_size, output_length); +#else + (void) operation; + (void) step; + (void) output; + (void) output_size; + (void) output_length; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_input( + mbedtls_transparent_test_driver_pake_operation_t *operation, + psa_crypto_driver_pake_step_t step, + const uint8_t *input, + size_t input_length) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.input++; + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_input( + operation, (libtestdriver1_psa_crypto_driver_pake_step_t) step, + input, input_length); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_input( + operation, step, input, input_length); +#else + (void) operation; + (void) step; + (void) input; + (void) input_length; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_get_implicit_key( + mbedtls_transparent_test_driver_pake_operation_t *operation, + uint8_t *output, size_t output_size, size_t *output_length) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.implicit_key++; + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } else { +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_get_implicit_key( + operation, output, output_size, output_length); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_get_implicit_key( + operation, output, output_size, output_length); +#else + (void) operation; + (void) output; + (void) output_size; + (void) output_length; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + } + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +psa_status_t mbedtls_test_transparent_pake_abort( + mbedtls_transparent_test_driver_pake_operation_t *operation) +{ + mbedtls_test_driver_pake_hooks.hits.total++; + mbedtls_test_driver_pake_hooks.hits.abort++; + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + libtestdriver1_mbedtls_psa_pake_abort( + operation); +#elif defined(MBEDTLS_PSA_BUILTIN_PAKE) + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_psa_pake_abort( + operation); +#else + (void) operation; + mbedtls_test_driver_pake_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED; +#endif + + + if (mbedtls_test_driver_pake_hooks.forced_status != PSA_SUCCESS && + mbedtls_test_driver_pake_hooks.driver_status == PSA_SUCCESS) { + mbedtls_test_driver_pake_hooks.driver_status = + mbedtls_test_driver_pake_hooks.forced_status; + } + + + return mbedtls_test_driver_pake_hooks.driver_status; +} + +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 11815b03f..c312477c8 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -21,7 +21,7 @@ #include -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST) +#if defined(PSA_CRYPTO_DRIVER_TEST) #include "psa/crypto.h" #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" @@ -414,4 +414,4 @@ psa_status_t mbedtls_test_opaque_signature_verify_hash( return PSA_ERROR_NOT_SUPPORTED; } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_DRIVER_TEST */ diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 30fd362c0..7cac6e0a0 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -20,6 +20,11 @@ #include #include +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include +#include +#endif + /*----------------------------------------------------------------------------*/ /* Static global variables */ @@ -35,9 +40,22 @@ mbedtls_test_info_t mbedtls_test_info; int mbedtls_test_platform_setup(void) { int ret = 0; + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + /* Make sure that injected entropy is present. Otherwise + * psa_crypto_init() will fail. This is not necessary for test suites + * that don't use PSA, but it's harmless (except for leaving a file + * behind). */ + ret = mbedtls_test_inject_entropy_restore(); + if (ret != 0) { + return ret; + } +#endif + #if defined(MBEDTLS_PLATFORM_C) ret = mbedtls_platform_setup(&platform_ctx); #endif /* MBEDTLS_PLATFORM_C */ + return ret; } diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index 06274d388..52ff03186 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -138,4 +138,71 @@ psa_key_usage_t mbedtls_test_update_key_usage_flags(psa_key_usage_t usage_flags) return updated_usage; } +int mbedtls_test_fail_if_psa_leaking(int line_no, const char *filename) +{ + const char *msg = mbedtls_test_helper_is_psa_leaking(); + if (msg == NULL) { + return 0; + } else { + mbedtls_test_fail(msg, line_no, filename); + return 1; + } +} + +uint64_t mbedtls_test_parse_binary_string(data_t *bin_string) +{ + uint64_t result = 0; + TEST_LE_U(bin_string->len, 8); + for (size_t i = 0; i < bin_string->len; i++) { + result = result << 8 | bin_string->x[i]; + } +exit: + return result; /* returns 0 if len > 8 */ +} + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) + +#include +#include + +int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len) +{ + size_t actual_len = 0; + psa_status_t status = psa_its_get(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + 0, len, buf, &actual_len); + if (status != 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } + if (actual_len != len) { + return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; + } + return 0; +} + +int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len) +{ + psa_status_t status = psa_its_set(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + len, buf, 0); + if (status != 0) { + return MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR; + } + return 0; +} + +int mbedtls_test_inject_entropy_restore(void) +{ + unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; + for (size_t i = 0; i < sizeof(buf); i++) { + buf[i] = (unsigned char) i; + } + psa_status_t status = mbedtls_psa_inject_entropy(buf, sizeof(buf)); + /* It's ok if the file was just created, or if it already exists. */ + if (status != PSA_SUCCESS && status != PSA_ERROR_NOT_PERMITTED) { + return status; + } + return PSA_SUCCESS; +} + +#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ + #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index ecd1ec4cd..c4488b56f 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -72,7 +72,7 @@ static int check_key_attributes_sanity(mbedtls_svc_key_id_t key) psa_key_slot_number_t slot_number = 0xec94d4a5058a1a21; psa_status_t status = psa_get_key_slot_number(&attributes, &slot_number); if (lifetime_is_dynamic_secure_element(lifetime)) { - /* Mbed Crypto currently always exposes the slot number to + /* Mbed TLS currently always exposes the slot number to * applications. This is not mandated by the PSA specification * and may change in future versions. */ TEST_EQUAL(status, 0); @@ -295,7 +295,8 @@ static int exercise_signature_key(mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg) { - if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH)) { + if (usage & (PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH) && + PSA_ALG_IS_SIGN_HASH(alg)) { unsigned char payload[PSA_HASH_MAX_SIZE] = { 1 }; size_t payload_length = 16; unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = { 0 }; @@ -308,7 +309,7 @@ static int exercise_signature_key(mbedtls_svc_key_id_t key, hash_alg = KNOWN_SUPPORTED_HASH_ALG; alg ^= PSA_ALG_ANY_HASH ^ hash_alg; #else - TEST_ASSERT(!"No hash algorithm for hash-and-sign testing"); + TEST_FAIL("No hash algorithm for hash-and-sign testing"); #endif } @@ -436,8 +437,19 @@ int mbedtls_test_psa_setup_key_derivation_wrap( PSA_ASSERT(psa_key_derivation_input_bytes(operation, PSA_KEY_DERIVATION_INPUT_LABEL, input2, input2_length)); + } else if (PSA_ALG_IS_PBKDF2(alg)) { + PSA_ASSERT(psa_key_derivation_input_integer(operation, + PSA_KEY_DERIVATION_INPUT_COST, + 1U)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input2, + input2_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_PASSWORD, + key)); } else { - TEST_ASSERT(!"Key derivation algorithm not supported"); + TEST_FAIL("Key derivation algorithm not supported"); } if (capacity != SIZE_MAX) { @@ -505,7 +517,7 @@ psa_status_t mbedtls_test_psa_key_agreement_with_self( key_bits = psa_get_key_bits(&attributes); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); - ASSERT_ALLOC(public_key, public_key_length); + TEST_CALLOC(public_key, public_key_length); PSA_ASSERT(psa_export_public_key(key, public_key, public_key_length, &public_key_length)); @@ -547,7 +559,7 @@ psa_status_t mbedtls_test_psa_raw_key_agreement_with_self( key_bits = psa_get_key_bits(&attributes); public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(private_key_type); public_key_length = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_key_type, key_bits); - ASSERT_ALLOC(public_key, public_key_length); + TEST_CALLOC(public_key, public_key_length); PSA_ASSERT(psa_export_public_key(key, public_key, public_key_length, &public_key_length)); @@ -727,14 +739,12 @@ int mbedtls_test_psa_exported_key_sanity_check( } else #endif /* MBEDTLS_ASN1_PARSE_C */ -#if defined(MBEDTLS_ECP_C) if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { /* Just the secret value */ TEST_EQUAL(exported_length, PSA_BITS_TO_BYTES(bits)); TEST_ASSERT(exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE); } else -#endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_ASN1_PARSE_C) if (type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) { @@ -766,7 +776,6 @@ int mbedtls_test_psa_exported_key_sanity_check( } else #endif /* MBEDTLS_ASN1_PARSE_C */ -#if defined(MBEDTLS_ECP_C) if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { TEST_ASSERT(exported_length <= @@ -778,6 +787,10 @@ int mbedtls_test_psa_exported_key_sanity_check( /* The representation of an ECC Montgomery public key is * the raw compressed point */ TEST_EQUAL(PSA_BITS_TO_BYTES(bits), exported_length); + } else if (PSA_KEY_TYPE_ECC_GET_FAMILY(type) == PSA_ECC_FAMILY_TWISTED_EDWARDS) { + /* The representation of an ECC Edwards public key is + * the raw compressed point */ + TEST_EQUAL(PSA_BITS_TO_BYTES(bits + 1), exported_length); } else { /* The representation of an ECC Weierstrass public key is: * - The byte 0x04; @@ -789,11 +802,14 @@ int mbedtls_test_psa_exported_key_sanity_check( TEST_EQUAL(exported[0], 4); } } else -#endif /* MBEDTLS_ECP_C */ - - { + if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type) || PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) { + TEST_ASSERT(exported_length == + PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(type, bits)); + TEST_ASSERT(exported_length <= + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } else { (void) exported; - TEST_ASSERT(!"Sanity check not implemented for this key type"); + TEST_FAIL("Sanity check not implemented for this key type"); } #if defined(MBEDTLS_DES_C) @@ -833,7 +849,7 @@ static int exercise_export_key(mbedtls_svc_key_id_t key, exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type(&attributes), psa_get_key_bits(&attributes)); - ASSERT_ALLOC(exported, exported_size); + TEST_CALLOC(exported, exported_size); if ((usage & PSA_KEY_USAGE_EXPORT) == 0 && !PSA_KEY_TYPE_IS_PUBLIC_KEY(psa_get_key_type(&attributes))) { @@ -876,7 +892,7 @@ static int exercise_export_public_key(mbedtls_svc_key_id_t key) exported_size = PSA_EXPORT_KEY_OUTPUT_SIZE( psa_get_key_type(&attributes), psa_get_key_bits(&attributes)); - ASSERT_ALLOC(exported, exported_size); + TEST_CALLOC(exported, exported_size); TEST_EQUAL(psa_export_public_key(key, exported, exported_size, &exported_length), @@ -889,7 +905,7 @@ static int exercise_export_public_key(mbedtls_svc_key_id_t key) psa_get_key_type(&attributes)); exported_size = PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, psa_get_key_bits(&attributes)); - ASSERT_ALLOC(exported, exported_size); + TEST_CALLOC(exported, exported_size); PSA_ASSERT(psa_export_public_key(key, exported, exported_size, @@ -938,7 +954,7 @@ int mbedtls_test_psa_exercise_key(mbedtls_svc_key_id_t key, } else if (PSA_ALG_IS_KEY_AGREEMENT(alg)) { ok = exercise_key_agreement_key(key, usage, alg); } else { - TEST_ASSERT(!"No code to exercise this category of algorithm"); + TEST_FAIL("No code to exercise this category of algorithm"); } ok = ok && exercise_export_key(key, usage); diff --git a/tests/src/random.c b/tests/src/random.c index e74e68954..d20103c35 100644 --- a/tests/src/random.c +++ b/tests/src/random.c @@ -36,6 +36,7 @@ #include #include +#include int mbedtls_test_rnd_std_rand(void *rng_state, unsigned char *output, @@ -137,7 +138,7 @@ int mbedtls_test_rnd_pseudo_rand(void *rng_state, + info->v0) ^ (sum + k[(sum>>11) & 3]); } - PUT_UINT32_BE(info->v0, result, 0); + MBEDTLS_PUT_UINT32_BE(info->v0, result, 0); memcpy(out, result, use_len); len -= use_len; out += 4; diff --git a/tests/src/test_certs.h b/tests/src/test_certs.h new file mode 100644 index 000000000..866d1e003 --- /dev/null +++ b/tests/src/test_certs.h @@ -0,0 +1,1238 @@ +/* + * X.509 test certificates + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ +/* *INDENT-OFF* */ + +/* This is taken from test-ca2.crt. */ +/* BEGIN FILE string macro TEST_CA_CRT_EC_PEM test-ca2.crt */ +#define TEST_CA_CRT_EC_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIICBzCCAYugAwIBAgIJAMFD4n5iQ8zoMAwGCCqGSM49BAMCBQAwPjELMAkGA1UE\r\n" \ + "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ + "IEVDIENBMB4XDTE5MDIxMDE0NDQwMFoXDTI5MDIxMDE0NDQwMFowPjELMAkGA1UE\r\n" \ + "BhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0\r\n" \ + "IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+HVv78ibopQ0tO\r\n" \ + "4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqrId240xxuWLjK\r\n" \ + "6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeo1MwUTAPBgNVHRMBAf8EBTAD\r\n" \ + "AQH/MB0GA1UdDgQWBBSdbSAkSQE/K8t4tRm8fiTJ2/s2fDAfBgNVHSMEGDAWgBSd\r\n" \ + "bSAkSQE/K8t4tRm8fiTJ2/s2fDAMBggqhkjOPQQDAgUAA2gAMGUCMQDpNWfBIlzq\r\n" \ + "6xV2UwQD/1YGz9fQUM7AfNKzVa2PVBpf/QD1TAylTYTF4GI6qlb6EPYCMF/YVa29\r\n" \ + "N5yC1mFAir19jb9Pl9iiIkRm17dM4y6m5VIMepEPm/VlWAa8H5p1+BPbGw==\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from test-ca2.crt.der. */ +/* BEGIN FILE binary macro TEST_CA_CRT_EC_DER test-ca2.crt.der */ +#define TEST_CA_CRT_EC_DER { \ + 0x30, 0x82, 0x02, 0x07, 0x30, 0x82, 0x01, 0x8b, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x09, 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, \ + 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, \ + 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ + 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ + 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ + 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ + 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x39, \ + 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x17, \ + 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, \ + 0x30, 0x5a, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, \ + 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, \ + 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x13, 0x50, \ + 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, 0x73, 0x74, \ + 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, \ + 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, \ + 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xc3, 0xda, 0x2b, 0x34, 0x41, 0x37, \ + 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, 0xba, 0x29, 0x43, 0x4b, 0x4e, \ + 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, 0x39, 0x58, 0xd4, 0x52, 0xb4, \ + 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, 0x17, 0x24, 0x62, 0x48, 0xfc, \ + 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, 0xc2, 0x88, 0x52, 0x80, 0xaf, \ + 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, 0x1c, 0x6e, 0x58, 0xb8, 0xca, \ + 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, 0x29, 0xc3, 0xb4, 0x5f, 0x75, \ + 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, 0x69, 0x9a, 0x53, 0x3b, 0x20, \ + 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x0f, \ + 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, \ + 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ + 0x04, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, \ + 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x1f, \ + 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, \ + 0x6d, 0x20, 0x24, 0x49, 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, \ + 0x7e, 0x24, 0xc9, 0xdb, 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, \ + 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, \ + 0x30, 0x65, 0x02, 0x31, 0x00, 0xe9, 0x35, 0x67, 0xc1, 0x22, 0x5c, 0xea, \ + 0xeb, 0x15, 0x76, 0x53, 0x04, 0x03, 0xff, 0x56, 0x06, 0xcf, 0xd7, 0xd0, \ + 0x50, 0xce, 0xc0, 0x7c, 0xd2, 0xb3, 0x55, 0xad, 0x8f, 0x54, 0x1a, 0x5f, \ + 0xfd, 0x00, 0xf5, 0x4c, 0x0c, 0xa5, 0x4d, 0x84, 0xc5, 0xe0, 0x62, 0x3a, \ + 0xaa, 0x56, 0xfa, 0x10, 0xf6, 0x02, 0x30, 0x5f, 0xd8, 0x55, 0xad, 0xbd, \ + 0x37, 0x9c, 0x82, 0xd6, 0x61, 0x40, 0x8a, 0xbd, 0x7d, 0x8d, 0xbf, 0x4f, \ + 0x97, 0xd8, 0xa2, 0x22, 0x44, 0x66, 0xd7, 0xb7, 0x4c, 0xe3, 0x2e, 0xa6, \ + 0xe5, 0x52, 0x0c, 0x7a, 0x91, 0x0f, 0x9b, 0xf5, 0x65, 0x58, 0x06, 0xbc, \ + 0x1f, 0x9a, 0x75, 0xf8, 0x13, 0xdb, 0x1b \ +} +/* END FILE */ + +/* This is taken from test-ca2.key.enc. */ +/* BEGIN FILE string macro TEST_CA_KEY_EC_PEM test-ca2.key.enc */ +#define TEST_CA_KEY_EC_PEM \ + "-----BEGIN EC PRIVATE KEY-----\r\n" \ + "Proc-Type: 4,ENCRYPTED\r\n" \ + "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" \ + "\r\n" \ + "IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n" \ + "ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n" \ + "UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n" \ + "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" \ + "-----END EC PRIVATE KEY-----\r\n" +/* END FILE */ + +#define TEST_CA_PWD_EC_PEM "PolarSSLTest" + +/* This is generated from test-ca2.key.der. */ +/* BEGIN FILE binary macro TEST_CA_KEY_EC_DER test-ca2.key.der */ +#define TEST_CA_KEY_EC_DER { \ + 0x30, 0x81, 0xa4, 0x02, 0x01, 0x01, 0x04, 0x30, 0x83, 0xd9, 0x15, 0x0e, \ + 0xa0, 0x71, 0xf0, 0x57, 0x10, 0x33, 0xa3, 0x38, 0xb8, 0x86, 0xc1, 0xa6, \ + 0x11, 0x5d, 0x6d, 0xb4, 0x03, 0xe1, 0x29, 0x76, 0x45, 0xd7, 0x87, 0x6f, \ + 0x23, 0xab, 0x44, 0x20, 0xea, 0x64, 0x7b, 0x85, 0xb1, 0x76, 0xe7, 0x85, \ + 0x95, 0xaa, 0x74, 0xd6, 0xd1, 0xa4, 0x5e, 0xea, 0xa0, 0x07, 0x06, 0x05, \ + 0x2b, 0x81, 0x04, 0x00, 0x22, 0xa1, 0x64, 0x03, 0x62, 0x00, 0x04, 0xc3, \ + 0xda, 0x2b, 0x34, 0x41, 0x37, 0x58, 0x2f, 0x87, 0x56, 0xfe, 0xfc, 0x89, \ + 0xba, 0x29, 0x43, 0x4b, 0x4e, 0xe0, 0x6e, 0xc3, 0x0e, 0x57, 0x53, 0x33, \ + 0x39, 0x58, 0xd4, 0x52, 0xb4, 0x91, 0x95, 0x39, 0x0b, 0x23, 0xdf, 0x5f, \ + 0x17, 0x24, 0x62, 0x48, 0xfc, 0x1a, 0x95, 0x29, 0xce, 0x2c, 0x2d, 0x87, \ + 0xc2, 0x88, 0x52, 0x80, 0xaf, 0xd6, 0x6a, 0xab, 0x21, 0xdd, 0xb8, 0xd3, \ + 0x1c, 0x6e, 0x58, 0xb8, 0xca, 0xe8, 0xb2, 0x69, 0x8e, 0xf3, 0x41, 0xad, \ + 0x29, 0xc3, 0xb4, 0x5f, 0x75, 0xa7, 0x47, 0x6f, 0xd5, 0x19, 0x29, 0x55, \ + 0x69, 0x9a, 0x53, 0x3b, 0x20, 0xb4, 0x66, 0x16, 0x60, 0x33, 0x1e \ +} +/* END FILE */ + +/* This is taken from test-ca-sha256.crt. */ +/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA256_PEM test-ca-sha256.crt */ +#define TEST_CA_CRT_RSA_SHA256_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ + "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ + "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ + "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ + "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ + "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ + "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ + "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \ + "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUA\r\n" \ + "A4IBAQA4qFSCth2q22uJIdE4KGHJsJjVEfw2/xn+MkTvCMfxVrvmRvqCtjE4tKDl\r\n" \ + "oK4MxFOek07oDZwvtAT9ijn1hHftTNS7RH9zd/fxNpfcHnMZXVC4w4DNA1fSANtW\r\n" \ + "5sY1JB5Je9jScrsLSS+mAjyv0Ow3Hb2Bix8wu7xNNrV5fIf7Ubm+wt6SqEBxu3Kb\r\n" \ + "+EfObAT4huf3czznhH3C17ed6NSbXwoXfby7stWUDeRJv08RaFOykf/Aae7bY5PL\r\n" \ + "yTVrkAnikMntJ9YI+hNNYt3inqq11A5cN0+rVTst8UKCxzQ4GpvroSwPKTFkbMw4\r\n" \ + "/anT1dVxr/BtwJfiESoK3/4CeXR1\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from test-ca-sha256.crt.der. */ +/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA256_DER test-ca-sha256.crt.der */ +#define TEST_CA_CRT_RSA_SHA256_DER { \ + 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ + 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ + 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ + 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ + 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ + 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ + 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ + 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ + 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ + 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ + 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ + 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ + 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ + 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ + 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ + 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ + 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ + 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ + 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ + 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ + 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ + 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ + 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ + 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ + 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ + 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ + 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ + 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x01, 0x00, 0x38, 0xa8, 0x54, 0x82, 0xb6, 0x1d, 0xaa, \ + 0xdb, 0x6b, 0x89, 0x21, 0xd1, 0x38, 0x28, 0x61, 0xc9, 0xb0, 0x98, 0xd5, \ + 0x11, 0xfc, 0x36, 0xff, 0x19, 0xfe, 0x32, 0x44, 0xef, 0x08, 0xc7, 0xf1, \ + 0x56, 0xbb, 0xe6, 0x46, 0xfa, 0x82, 0xb6, 0x31, 0x38, 0xb4, 0xa0, 0xe5, \ + 0xa0, 0xae, 0x0c, 0xc4, 0x53, 0x9e, 0x93, 0x4e, 0xe8, 0x0d, 0x9c, 0x2f, \ + 0xb4, 0x04, 0xfd, 0x8a, 0x39, 0xf5, 0x84, 0x77, 0xed, 0x4c, 0xd4, 0xbb, \ + 0x44, 0x7f, 0x73, 0x77, 0xf7, 0xf1, 0x36, 0x97, 0xdc, 0x1e, 0x73, 0x19, \ + 0x5d, 0x50, 0xb8, 0xc3, 0x80, 0xcd, 0x03, 0x57, 0xd2, 0x00, 0xdb, 0x56, \ + 0xe6, 0xc6, 0x35, 0x24, 0x1e, 0x49, 0x7b, 0xd8, 0xd2, 0x72, 0xbb, 0x0b, \ + 0x49, 0x2f, 0xa6, 0x02, 0x3c, 0xaf, 0xd0, 0xec, 0x37, 0x1d, 0xbd, 0x81, \ + 0x8b, 0x1f, 0x30, 0xbb, 0xbc, 0x4d, 0x36, 0xb5, 0x79, 0x7c, 0x87, 0xfb, \ + 0x51, 0xb9, 0xbe, 0xc2, 0xde, 0x92, 0xa8, 0x40, 0x71, 0xbb, 0x72, 0x9b, \ + 0xf8, 0x47, 0xce, 0x6c, 0x04, 0xf8, 0x86, 0xe7, 0xf7, 0x73, 0x3c, 0xe7, \ + 0x84, 0x7d, 0xc2, 0xd7, 0xb7, 0x9d, 0xe8, 0xd4, 0x9b, 0x5f, 0x0a, 0x17, \ + 0x7d, 0xbc, 0xbb, 0xb2, 0xd5, 0x94, 0x0d, 0xe4, 0x49, 0xbf, 0x4f, 0x11, \ + 0x68, 0x53, 0xb2, 0x91, 0xff, 0xc0, 0x69, 0xee, 0xdb, 0x63, 0x93, 0xcb, \ + 0xc9, 0x35, 0x6b, 0x90, 0x09, 0xe2, 0x90, 0xc9, 0xed, 0x27, 0xd6, 0x08, \ + 0xfa, 0x13, 0x4d, 0x62, 0xdd, 0xe2, 0x9e, 0xaa, 0xb5, 0xd4, 0x0e, 0x5c, \ + 0x37, 0x4f, 0xab, 0x55, 0x3b, 0x2d, 0xf1, 0x42, 0x82, 0xc7, 0x34, 0x38, \ + 0x1a, 0x9b, 0xeb, 0xa1, 0x2c, 0x0f, 0x29, 0x31, 0x64, 0x6c, 0xcc, 0x38, \ + 0xfd, 0xa9, 0xd3, 0xd5, 0xd5, 0x71, 0xaf, 0xf0, 0x6d, 0xc0, 0x97, 0xe2, \ + 0x11, 0x2a, 0x0a, 0xdf, 0xfe, 0x02, 0x79, 0x74, 0x75 \ +} +/* END FILE */ + +/* This is taken from test-ca-sha1.crt. */ +/* BEGIN FILE string macro TEST_CA_CRT_RSA_SHA1_PEM test-ca-sha1.crt */ +#define TEST_CA_CRT_RSA_SHA1_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDQTCCAimgAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \ + "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \ + "mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \ + "50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \ + "YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \ + "R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \ + "KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \ + "UDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/\r\n" \ + "MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUA\r\n" \ + "A4IBAQB0ZiNRFdia6kskaPnhrqejIRq8YMEGAf2oIPnyZ78xoyERgc35lHGyMtsL\r\n" \ + "hWicNjP4d/hS9As4j5KA2gdNGi5ETA1X7SowWOGsryivSpMSHVy1+HdfWlsYQOzm\r\n" \ + "8o+faQNUm8XzPVmttfAVspxeHSxJZ36Oo+QWZ5wZlCIEyjEdLUId+Tm4Bz3B5jRD\r\n" \ + "zZa/SaqDokq66N2zpbgKKAl3GU2O++fBqP2dSkdQykmTxhLLWRN8FJqhYATyQntZ\r\n" \ + "0QSi3W9HfSZPnFTcPIXeoiPd2pLlxt1hZu8dws2LTXE63uP6MM4LHvWxiuJaWkP/\r\n" \ + "mtxyUALj2pQxRitopORFQdn7AOY5\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from test-ca-sha1.crt.der. */ +/* BEGIN FILE binary macro TEST_CA_CRT_RSA_SHA1_DER test-ca-sha1.crt.der */ +#define TEST_CA_CRT_RSA_SHA1_DER { \ + 0x30, 0x82, 0x03, 0x41, 0x30, 0x82, 0x02, 0x29, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x03, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x30, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x30, 0x5a, 0x30, 0x3b, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, \ + 0x86, 0xde, 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, \ + 0x99, 0xd4, 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, \ + 0x9b, 0xc5, 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, \ + 0xc0, 0x8d, 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, \ + 0x93, 0xe8, 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, \ + 0xe7, 0x40, 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, \ + 0xf9, 0x3e, 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, \ + 0x29, 0x00, 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, \ + 0xbd, 0x83, 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, \ + 0x60, 0xc3, 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, \ + 0x32, 0xbe, 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, \ + 0xfb, 0xf5, 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, \ + 0xee, 0xe2, 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, \ + 0x47, 0xb1, 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, \ + 0xf1, 0x79, 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, \ + 0x6f, 0x27, 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, \ + 0xa1, 0x30, 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, \ + 0x28, 0xd1, 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, \ + 0x09, 0xea, 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, \ + 0xc9, 0xab, 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, \ + 0x9e, 0x99, 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, \ + 0x50, 0x30, 0x4e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, \ + 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, \ + 0x04, 0x16, 0x04, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, \ + 0xf6, 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, \ + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, \ + 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, \ + 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, \ + 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, \ + 0x03, 0x82, 0x01, 0x01, 0x00, 0x74, 0x66, 0x23, 0x51, 0x15, 0xd8, 0x9a, \ + 0xea, 0x4b, 0x24, 0x68, 0xf9, 0xe1, 0xae, 0xa7, 0xa3, 0x21, 0x1a, 0xbc, \ + 0x60, 0xc1, 0x06, 0x01, 0xfd, 0xa8, 0x20, 0xf9, 0xf2, 0x67, 0xbf, 0x31, \ + 0xa3, 0x21, 0x11, 0x81, 0xcd, 0xf9, 0x94, 0x71, 0xb2, 0x32, 0xdb, 0x0b, \ + 0x85, 0x68, 0x9c, 0x36, 0x33, 0xf8, 0x77, 0xf8, 0x52, 0xf4, 0x0b, 0x38, \ + 0x8f, 0x92, 0x80, 0xda, 0x07, 0x4d, 0x1a, 0x2e, 0x44, 0x4c, 0x0d, 0x57, \ + 0xed, 0x2a, 0x30, 0x58, 0xe1, 0xac, 0xaf, 0x28, 0xaf, 0x4a, 0x93, 0x12, \ + 0x1d, 0x5c, 0xb5, 0xf8, 0x77, 0x5f, 0x5a, 0x5b, 0x18, 0x40, 0xec, 0xe6, \ + 0xf2, 0x8f, 0x9f, 0x69, 0x03, 0x54, 0x9b, 0xc5, 0xf3, 0x3d, 0x59, 0xad, \ + 0xb5, 0xf0, 0x15, 0xb2, 0x9c, 0x5e, 0x1d, 0x2c, 0x49, 0x67, 0x7e, 0x8e, \ + 0xa3, 0xe4, 0x16, 0x67, 0x9c, 0x19, 0x94, 0x22, 0x04, 0xca, 0x31, 0x1d, \ + 0x2d, 0x42, 0x1d, 0xf9, 0x39, 0xb8, 0x07, 0x3d, 0xc1, 0xe6, 0x34, 0x43, \ + 0xcd, 0x96, 0xbf, 0x49, 0xaa, 0x83, 0xa2, 0x4a, 0xba, 0xe8, 0xdd, 0xb3, \ + 0xa5, 0xb8, 0x0a, 0x28, 0x09, 0x77, 0x19, 0x4d, 0x8e, 0xfb, 0xe7, 0xc1, \ + 0xa8, 0xfd, 0x9d, 0x4a, 0x47, 0x50, 0xca, 0x49, 0x93, 0xc6, 0x12, 0xcb, \ + 0x59, 0x13, 0x7c, 0x14, 0x9a, 0xa1, 0x60, 0x04, 0xf2, 0x42, 0x7b, 0x59, \ + 0xd1, 0x04, 0xa2, 0xdd, 0x6f, 0x47, 0x7d, 0x26, 0x4f, 0x9c, 0x54, 0xdc, \ + 0x3c, 0x85, 0xde, 0xa2, 0x23, 0xdd, 0xda, 0x92, 0xe5, 0xc6, 0xdd, 0x61, \ + 0x66, 0xef, 0x1d, 0xc2, 0xcd, 0x8b, 0x4d, 0x71, 0x3a, 0xde, 0xe3, 0xfa, \ + 0x30, 0xce, 0x0b, 0x1e, 0xf5, 0xb1, 0x8a, 0xe2, 0x5a, 0x5a, 0x43, 0xff, \ + 0x9a, 0xdc, 0x72, 0x50, 0x02, 0xe3, 0xda, 0x94, 0x31, 0x46, 0x2b, 0x68, \ + 0xa4, 0xe4, 0x45, 0x41, 0xd9, 0xfb, 0x00, 0xe6, 0x39 \ +} +/* END FILE */ + +/* This is taken from test-ca.key. */ +/* BEGIN FILE string macro TEST_CA_KEY_RSA_PEM test-ca.key */ +#define TEST_CA_KEY_RSA_PEM \ + "-----BEGIN RSA PRIVATE KEY-----\r\n" \ + "Proc-Type: 4,ENCRYPTED\r\n" \ + "DEK-Info: AES-128-CBC,781840E6B804AE83D2AF71127C4CE314\r\n" \ + "\r\n" \ + "etQ3xgGLbuYF9vR1km03TH5fwfly1hOlix0PtfQ+t9HG065vTtSEHYc/OyHwdy79\r\n" \ + "NCLX5RUrPh06E/XlKzMNVHAXqkwFnIwNzRLsOozeP1L7iZEZb9QMeiN5Org+btCO\r\n" \ + "bylXPB4YirfuE7GSJalWY/pq3FQtD33zTIKmNhXfVj3sbwGI/8D9XjaKUb8PODOB\r\n" \ + "skOalmx6RvYRvg0lmRxB3+T3wejIsrrDPweYqte9B6dVHIVG1ZmvoA6/wnKZZZeV\r\n" \ + "sjj8OpL3OwUBrjuGSknE9Rs6kCuSCbHOYVK8VzcZmCYpie0TFnb3Sk8M6vjfW+45\r\n" \ + "U7WUMlSAPxKH6lJDzWdwHqLvsVJwuNnaAaBXg9/8U/rzQEWuq8Ar3s8fw2Jg3F1G\r\n" \ + "L6N5ZAEfCz3Sa0N9WKafR/RSQj+rq8Z3w4POAafhbzk249uo5K8B1Z3cQwLxeXIl\r\n" \ + "UbRQz1TZy4oNTfQzCahYruPNyvwgTkfwAFFvbLAdaiJd2ZtLBoqYE64TYakYnvcC\r\n" \ + "itim1bmySIKoxlMfBGFmMuF03epT0pSx701jlGzGi0l0m16NEjoVxDwo5j93SmiM\r\n" \ + "sQdjC1lOGk2iCLkphIQqHFjFJYWjvh1UUIqWZf+ZWOOxlf4x9a1pUVj6FvtECxNB\r\n" \ + "/mA/m4Iq4LAuVXHE1MpHeq067lJ6wWlrsb2WVmiNGfQ2AC7fMtpcPuunBVT9NV1m\r\n" \ + "1rbDzIgLIWAzqz/cy3N8Q8vfxnrFtmNUyM191Zyq+YF14hIKWX9J1qR4LXwWAzVV\r\n" \ + "UrC8IL4pA2mtRkW4qFsB0EmHAxO/cedDTPjVFty5WSzhNuvYZxX45HAkGIfK6d21\r\n" \ + "7WHPhHG+zaaUTWMUVixB0IcKp6RecjYPFzBHS0YeX88Ue2cyT/90jMiQ9ssOgRrG\r\n" \ + "ZJRJvZAc3TSCnY9sNPYoGrJPiZuCnlUj3ENNurYVy12ai0WFxwnNUZjRUhDS6hjm\r\n" \ + "cDHD5TlI9MZ6M+Mb/Bw4Ig8HuTHOtQBYD9vhtXsG+B7H/j6cS+1umaKjrnG/kK4W\r\n" \ + "R6YXwM2faAi+DwgjjoMXSzRqSTF8PdTIWbAXo3bc2qsXPTMBA8PEp4nb5scHZ4Ts\r\n" \ + "EcBNp2jv0j4gBkRmGIab17cWMrlagjFy89DhqZUFwKdeZs+yJ92A5xstWxOUfpEP\r\n" \ + "90T/bsp1G5d7WW5fl2TRJvYJNDM+djkKIh0zCkduiZ36oVM6nDdbjmXqjQXopeSD\r\n" \ + "gtOourBRF8g99W0fW8QT+yPhP0Pkyz6EG8eQO6Zwh439xdoVwu9jUzQAPmZ0uNeR\r\n" \ + "xTXXihYyv72z27rInjLiIPXL25K9eDVLlcSR3RyG7YYgjdQAL2VJDLcBz5jox1uQ\r\n" \ + "0guoD5wmfu2FWLqYE7HeTYntdY53lCflwq0GHRMjrrsVpx+5VDQ6Yi47Ny9SWLcp\r\n" \ + "fPI3iBkXuGRWupzs6N4pQdSO0dU28KfpMM5QvFoLIn67brCHEQij4dgFrCTYEyBX\r\n" \ + "9+jiNImUFYUhAFuxvUbfZt4O/ABLIElvHLfJs1oYCmI/nWpvLFqXB5rnzPNfEi0H\r\n" \ + "PGGe1Hj/t+CJIp/6ios3yNy2QtXO754TZH2UVu51Ykyig5PFjZVoUkbRvHQYcWfU\r\n" \ + "-----END RSA PRIVATE KEY-----\r\n" +/* END FILE */ + +#define TEST_CA_PWD_RSA_PEM "PolarSSLTest" + +/* This is generated from test-ca.key.der. */ +/* BEGIN FILE binary macro TEST_CA_KEY_RSA_DER test-ca.key.der */ +#define TEST_CA_KEY_RSA_DER { \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc0, 0xdf, 0x37, 0xfc, 0x17, 0xbb, 0xe0, 0x96, 0x9d, 0x3f, 0x86, 0xde, \ + 0x96, 0x32, 0x7d, 0x44, 0xa5, 0x16, 0xa0, 0xcd, 0x21, 0xf1, 0x99, 0xd4, \ + 0xec, 0xea, 0xcb, 0x7c, 0x18, 0x58, 0x08, 0x94, 0xa5, 0xec, 0x9b, 0xc5, \ + 0x8b, 0xdf, 0x1a, 0x1e, 0x99, 0x38, 0x99, 0x87, 0x1e, 0x7b, 0xc0, 0x8d, \ + 0x39, 0xdf, 0x38, 0x5d, 0x70, 0x78, 0x07, 0xd3, 0x9e, 0xd9, 0x93, 0xe8, \ + 0xb9, 0x72, 0x51, 0xc5, 0xce, 0xa3, 0x30, 0x52, 0xa9, 0xf2, 0xe7, 0x40, \ + 0x70, 0x14, 0xcb, 0x44, 0xa2, 0x72, 0x0b, 0xc2, 0xe5, 0x40, 0xf9, 0x3e, \ + 0xe5, 0xa6, 0x0e, 0xb3, 0xf9, 0xec, 0x4a, 0x63, 0xc0, 0xb8, 0x29, 0x00, \ + 0x74, 0x9c, 0x57, 0x3b, 0xa8, 0xa5, 0x04, 0x90, 0x71, 0xf1, 0xbd, 0x83, \ + 0xd9, 0x3f, 0xd6, 0xa5, 0xe2, 0x3c, 0x2a, 0x8f, 0xef, 0x27, 0x60, 0xc3, \ + 0xc6, 0x9f, 0xcb, 0xba, 0xec, 0x60, 0x7d, 0xb7, 0xe6, 0x84, 0x32, 0xbe, \ + 0x4f, 0xfb, 0x58, 0x26, 0x22, 0x03, 0x5b, 0xd4, 0xb4, 0xd5, 0xfb, 0xf5, \ + 0xe3, 0x96, 0x2e, 0x70, 0xc0, 0xe4, 0x2e, 0xbd, 0xfc, 0x2e, 0xee, 0xe2, \ + 0x41, 0x55, 0xc0, 0x34, 0x2e, 0x7d, 0x24, 0x72, 0x69, 0xcb, 0x47, 0xb1, \ + 0x14, 0x40, 0x83, 0x7d, 0x67, 0xf4, 0x86, 0xf6, 0x31, 0xab, 0xf1, 0x79, \ + 0xa4, 0xb2, 0xb5, 0x2e, 0x12, 0xf9, 0x84, 0x17, 0xf0, 0x62, 0x6f, 0x27, \ + 0x3e, 0x13, 0x58, 0xb1, 0x54, 0x0d, 0x21, 0x9a, 0x73, 0x37, 0xa1, 0x30, \ + 0xcf, 0x6f, 0x92, 0xdc, 0xf6, 0xe9, 0xfc, 0xac, 0xdb, 0x2e, 0x28, 0xd1, \ + 0x7e, 0x02, 0x4b, 0x23, 0xa0, 0x15, 0xf2, 0x38, 0x65, 0x64, 0x09, 0xea, \ + 0x0c, 0x6e, 0x8e, 0x1b, 0x17, 0xa0, 0x71, 0xc8, 0xb3, 0x9b, 0xc9, 0xab, \ + 0xe9, 0xc3, 0xf2, 0xcf, 0x87, 0x96, 0x8f, 0x80, 0x02, 0x32, 0x9e, 0x99, \ + 0x58, 0x6f, 0xa2, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x00, 0x3f, 0xf7, 0x07, 0xd3, 0x34, 0x6f, 0xdb, 0xc9, 0x37, 0xb7, 0x84, \ + 0xdc, 0x37, 0x45, 0xe1, 0x63, 0xad, 0xb8, 0xb6, 0x75, 0xb1, 0xc7, 0x35, \ + 0xb4, 0x77, 0x2a, 0x5b, 0x77, 0xf9, 0x7e, 0xe0, 0xc1, 0xa3, 0xd1, 0xb7, \ + 0xcb, 0xa9, 0x5a, 0xc1, 0x87, 0xda, 0x5a, 0xfa, 0x17, 0xe4, 0xd5, 0x38, \ + 0x03, 0xde, 0x68, 0x98, 0x81, 0xec, 0xb5, 0xf2, 0x2a, 0x8d, 0xe9, 0x2c, \ + 0xf3, 0xa6, 0xe5, 0x32, 0x17, 0x7f, 0x33, 0x81, 0xe8, 0x38, 0x72, 0xd5, \ + 0x9c, 0xfa, 0x4e, 0xfb, 0x26, 0xf5, 0x15, 0x0b, 0xaf, 0x84, 0x66, 0xab, \ + 0x02, 0xe0, 0x18, 0xd5, 0x91, 0x7c, 0xd6, 0x8f, 0xc9, 0x4b, 0x76, 0x08, \ + 0x2b, 0x1d, 0x81, 0x68, 0x30, 0xe1, 0xfa, 0x70, 0x6c, 0x13, 0x4e, 0x10, \ + 0x03, 0x35, 0x3e, 0xc5, 0xca, 0x58, 0x20, 0x8a, 0x21, 0x18, 0x38, 0xa0, \ + 0x0f, 0xed, 0xc4, 0xbb, 0x45, 0x6f, 0xf5, 0x84, 0x5b, 0xb0, 0xcf, 0x4e, \ + 0x9d, 0x58, 0x13, 0x6b, 0x35, 0x35, 0x69, 0xa1, 0xd2, 0xc4, 0xf2, 0xc1, \ + 0x48, 0x04, 0x20, 0x51, 0xb9, 0x6b, 0xa4, 0x5d, 0xa5, 0x4b, 0x84, 0x88, \ + 0x43, 0x48, 0x99, 0x2c, 0xbb, 0xa4, 0x97, 0xd6, 0xd6, 0x18, 0xf6, 0xec, \ + 0x5c, 0xd1, 0x31, 0x49, 0xc9, 0xf2, 0x8f, 0x0b, 0x4d, 0xef, 0x09, 0x02, \ + 0xfe, 0x7d, 0xfd, 0xbb, 0xaf, 0x2b, 0x83, 0x94, 0x22, 0xc4, 0xa7, 0x3e, \ + 0x66, 0xf5, 0xe0, 0x57, 0xdc, 0xf2, 0xed, 0x2c, 0x3e, 0x81, 0x74, 0x76, \ + 0x1e, 0x96, 0x6f, 0x74, 0x1e, 0x32, 0x0e, 0x14, 0x31, 0xd0, 0x74, 0xf0, \ + 0xf4, 0x07, 0xbd, 0xc3, 0xd1, 0x22, 0xc2, 0xa8, 0x95, 0x92, 0x06, 0x7f, \ + 0x43, 0x02, 0x91, 0xbc, 0xdd, 0x23, 0x01, 0x89, 0x94, 0x20, 0x44, 0x64, \ + 0xf5, 0x1d, 0x67, 0xd2, 0x8f, 0xe8, 0x69, 0xa5, 0x29, 0x25, 0xe6, 0x50, \ + 0x9c, 0xe3, 0xe9, 0xcb, 0x75, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x29, 0x3e, \ + 0xaa, 0x6b, 0xd5, 0x59, 0x1e, 0x9c, 0xe6, 0x47, 0xd5, 0xb6, 0xd7, 0xe3, \ + 0xf1, 0x8e, 0x9e, 0xe9, 0x83, 0x5f, 0x10, 0x9f, 0x63, 0xec, 0x04, 0x44, \ + 0xcc, 0x3f, 0xf8, 0xd9, 0x3a, 0x17, 0xe0, 0x4f, 0xfe, 0xd8, 0x4d, 0xcd, \ + 0x46, 0x54, 0x74, 0xbf, 0x0a, 0xc4, 0x67, 0x9c, 0xa7, 0xd8, 0x89, 0x65, \ + 0x4c, 0xfd, 0x58, 0x2a, 0x47, 0x0f, 0xf4, 0x37, 0xb6, 0x55, 0xb0, 0x1d, \ + 0xed, 0xa7, 0x39, 0xfc, 0x4f, 0xa3, 0xc4, 0x75, 0x3a, 0xa3, 0x98, 0xa7, \ + 0x45, 0xf5, 0x66, 0xcb, 0x7c, 0x65, 0xfb, 0x80, 0x23, 0xe6, 0xff, 0xfd, \ + 0x99, 0x1f, 0x8e, 0x6b, 0xff, 0x5e, 0x93, 0x66, 0xdf, 0x6c, 0x6f, 0xc3, \ + 0xf6, 0x38, 0x2e, 0xff, 0x69, 0xb5, 0xac, 0xae, 0xbb, 0xc6, 0x71, 0x16, \ + 0x6b, 0xd0, 0xf8, 0x22, 0xd9, 0xf8, 0xa2, 0x72, 0x20, 0xd2, 0xe2, 0x3a, \ + 0x70, 0x4b, 0xde, 0xab, 0x2f, 0x02, 0x81, 0x81, 0x00, 0xda, 0x51, 0x9b, \ + 0xb8, 0xb2, 0x2a, 0x14, 0x75, 0x58, 0x40, 0x8d, 0x27, 0x70, 0xfa, 0x31, \ + 0x48, 0xb0, 0x20, 0x21, 0x34, 0xfa, 0x4c, 0x57, 0xa8, 0x11, 0x88, 0xf3, \ + 0xa7, 0xae, 0x21, 0xe9, 0xb6, 0x2b, 0xd1, 0xcd, 0xa7, 0xf8, 0xd8, 0x0c, \ + 0x8a, 0x76, 0x22, 0x35, 0x44, 0xce, 0x3f, 0x25, 0x29, 0x83, 0x7d, 0x79, \ + 0xa7, 0x31, 0xd6, 0xec, 0xb2, 0xbf, 0xda, 0x34, 0xb6, 0xf6, 0xb2, 0x3b, \ + 0xf3, 0x78, 0x5a, 0x04, 0x83, 0x33, 0x3e, 0xa2, 0xe2, 0x81, 0x82, 0x13, \ + 0xd4, 0x35, 0x17, 0x63, 0x9b, 0x9e, 0xc4, 0x8d, 0x91, 0x4c, 0x03, 0x77, \ + 0xc7, 0x71, 0x5b, 0xee, 0x83, 0x6d, 0xd5, 0x78, 0x88, 0xf6, 0x2c, 0x79, \ + 0xc2, 0x4a, 0xb4, 0x79, 0x90, 0x70, 0xbf, 0xdf, 0x34, 0x56, 0x96, 0x71, \ + 0xe3, 0x0e, 0x68, 0x91, 0xbc, 0xea, 0xcb, 0x33, 0xc0, 0xbe, 0x45, 0xd7, \ + 0xfc, 0x30, 0xfd, 0x01, 0x3b, 0x02, 0x81, 0x81, 0x00, 0xd2, 0x9f, 0x2a, \ + 0xb7, 0x38, 0x19, 0xc7, 0x17, 0x95, 0x73, 0x78, 0xae, 0xf5, 0xcb, 0x75, \ + 0x83, 0x7f, 0x19, 0x4b, 0xcb, 0x86, 0xfb, 0x4a, 0x15, 0x9a, 0xb6, 0x17, \ + 0x04, 0x49, 0x07, 0x8d, 0xf6, 0x66, 0x4a, 0x06, 0xf6, 0x05, 0xa7, 0xdf, \ + 0x66, 0x82, 0x3c, 0xff, 0xb6, 0x1d, 0x57, 0x89, 0x33, 0x5f, 0x9c, 0x05, \ + 0x75, 0x7f, 0xf3, 0x5d, 0xdc, 0x34, 0x65, 0x72, 0x85, 0x22, 0xa4, 0x14, \ + 0x1b, 0x41, 0xc3, 0xe4, 0xd0, 0x9e, 0x69, 0xd5, 0xeb, 0x38, 0x74, 0x70, \ + 0x43, 0xdc, 0xd9, 0x50, 0xe4, 0x97, 0x6d, 0x73, 0xd6, 0xfb, 0xc8, 0xa7, \ + 0xfa, 0xb4, 0xc2, 0xc4, 0x9d, 0x5d, 0x0c, 0xd5, 0x9f, 0x79, 0xb3, 0x54, \ + 0xc2, 0xb7, 0x6c, 0x3d, 0x7d, 0xcb, 0x2d, 0xf8, 0xc4, 0xf3, 0x78, 0x5a, \ + 0x33, 0x2a, 0xb8, 0x0c, 0x6d, 0x06, 0xfa, 0xf2, 0x62, 0xd3, 0x42, 0xd0, \ + 0xbd, 0xc8, 0x4a, 0xa5, 0x0d, 0x02, 0x81, 0x81, 0x00, 0xd4, 0xa9, 0x90, \ + 0x15, 0xde, 0xbf, 0x2c, 0xc4, 0x8d, 0x9d, 0xfb, 0xa1, 0xc2, 0xe4, 0x83, \ + 0xe3, 0x79, 0x65, 0x22, 0xd3, 0xb7, 0x49, 0x6c, 0x4d, 0x94, 0x1f, 0x22, \ + 0xb1, 0x60, 0xe7, 0x3a, 0x00, 0xb1, 0x38, 0xa2, 0xab, 0x0f, 0xb4, 0x6c, \ + 0xaa, 0xe7, 0x9e, 0x34, 0xe3, 0x7c, 0x40, 0x78, 0x53, 0xb2, 0xf9, 0x23, \ + 0xea, 0xa0, 0x9a, 0xea, 0x60, 0xc8, 0x8f, 0xa6, 0xaf, 0xdf, 0x29, 0x09, \ + 0x4b, 0x06, 0x1e, 0x31, 0xad, 0x17, 0xda, 0xd8, 0xd1, 0xe9, 0x33, 0xab, \ + 0x5b, 0x18, 0x08, 0x5b, 0x87, 0xf8, 0xa5, 0x1f, 0xfd, 0xbb, 0xdc, 0xd8, \ + 0xed, 0x97, 0x57, 0xe4, 0xc3, 0x73, 0xd6, 0xf0, 0x9e, 0x01, 0xa6, 0x9b, \ + 0x48, 0x8e, 0x7a, 0xb4, 0xbb, 0xe5, 0x88, 0x91, 0xc5, 0x2a, 0xdf, 0x4b, \ + 0xba, 0xd0, 0x8b, 0x3e, 0x03, 0x97, 0x77, 0x2f, 0x47, 0x7e, 0x51, 0x0c, \ + 0xae, 0x65, 0x8d, 0xde, 0x87, 0x02, 0x81, 0x80, 0x20, 0x24, 0x0f, 0xd2, \ + 0xaf, 0xc2, 0x28, 0x3b, 0x97, 0x20, 0xb2, 0x92, 0x49, 0xeb, 0x09, 0x68, \ + 0x40, 0xb2, 0xbe, 0xd1, 0xc3, 0x83, 0x94, 0x34, 0x38, 0xd6, 0xc9, 0xec, \ + 0x34, 0x09, 0xf9, 0x41, 0x6d, 0x5c, 0x42, 0x94, 0xf7, 0x04, 0xfc, 0x32, \ + 0x39, 0x69, 0xbc, 0x1c, 0xfb, 0x3e, 0x61, 0x98, 0xc0, 0x80, 0xd8, 0x36, \ + 0x47, 0xc3, 0x6d, 0xc2, 0x2e, 0xe7, 0x81, 0x2a, 0x17, 0x34, 0x64, 0x30, \ + 0x4e, 0x96, 0xbb, 0x26, 0x16, 0xb9, 0x41, 0x36, 0xfe, 0x8a, 0xd6, 0x53, \ + 0x7c, 0xaa, 0xec, 0x39, 0x42, 0x50, 0xef, 0xe3, 0xb3, 0x01, 0x28, 0x32, \ + 0xca, 0x6d, 0xf5, 0x9a, 0x1e, 0x9f, 0x37, 0xbe, 0xfe, 0x38, 0x20, 0x22, \ + 0x91, 0x8c, 0xcd, 0x95, 0x02, 0xf2, 0x4d, 0x6f, 0x1a, 0xb4, 0x43, 0xf0, \ + 0x19, 0xdf, 0x65, 0xc0, 0x92, 0xe7, 0x9d, 0x2f, 0x09, 0xe7, 0xec, 0x69, \ + 0xa8, 0xc2, 0x8f, 0x0d \ +} +/* END FILE */ + +/* This is taken from server5.crt. */ +/* BEGIN FILE string macro TEST_SRV_CRT_EC_PEM server5.crt */ +#define TEST_SRV_CRT_EC_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIICIDCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxHDAaBgNVBAMME1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" \ + "MjMwNTE3MDcxMDM2WhcNMzMwNTE0MDcxMDM2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n" \ + "CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n" \ + "2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n" \ + "BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n" \ + "PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKDAhQb2xh\r\n" \ + "clNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n" \ + "CCqGSM49BAMCA2kAMGYCMQDg6p7PPfr2+n7nGvya3pU4ust3k7Obk4/tZX+uHHRQ\r\n" \ + "qaccsyULeFNzkyRvWHFeT5sCMQCzDJX79Ii7hILYza/iXWJe/BjJEE8MteCRGXDN\r\n" \ + "06jC+BLgOH1KQV9ArqEh3AhOhEg=\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from server5.crt.der. */ +/* BEGIN FILE binary macro TEST_SRV_CRT_EC_DER server5.crt.der */ +#define TEST_SRV_CRT_EC_DER { \ + 0x30, 0x82, 0x02, 0x20, 0x30, 0x82, 0x01, 0xa5, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x09, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, 0x54, 0x65, \ + 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x32, 0x33, 0x30, 0x35, 0x31, 0x37, 0x30, 0x37, 0x31, 0x30, 0x33, 0x36, \ + 0x5a, 0x17, 0x0d, 0x33, 0x33, 0x30, 0x35, 0x31, 0x34, 0x30, 0x37, 0x31, \ + 0x30, 0x33, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x59, \ + 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, \ + 0x04, 0x37, 0xcc, 0x56, 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, \ + 0x59, 0x2d, 0xff, 0x20, 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, \ + 0xad, 0x14, 0xb5, 0xf7, 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, \ + 0xd8, 0x23, 0x11, 0xff, 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, \ + 0x8a, 0x88, 0xc2, 0x6b, 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, \ + 0x01, 0xc8, 0xb4, 0xed, 0xff, 0xa3, 0x81, 0x9d, 0x30, 0x81, 0x9a, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, \ + 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x50, 0x61, 0xa5, \ + 0x8f, 0xd4, 0x07, 0xd9, 0xd7, 0x82, 0x01, 0x0c, 0xe5, 0x65, 0x7f, 0x8c, \ + 0x63, 0x46, 0xa7, 0x13, 0xbe, 0x30, 0x6e, 0x06, 0x03, 0x55, 0x1d, 0x23, \ + 0x04, 0x67, 0x30, 0x65, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, 0x01, \ + 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, 0xfb, \ + 0x36, 0x7c, 0xa1, 0x42, 0xa4, 0x40, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x73, 0x73, 0x6c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x82, 0x09, \ + 0x00, 0xc1, 0x43, 0xe2, 0x7e, 0x62, 0x43, 0xcc, 0xe8, 0x30, 0x0a, 0x06, \ + 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x69, 0x00, \ + 0x30, 0x66, 0x02, 0x31, 0x00, 0xe0, 0xea, 0x9e, 0xcf, 0x3d, 0xfa, 0xf6, \ + 0xfa, 0x7e, 0xe7, 0x1a, 0xfc, 0x9a, 0xde, 0x95, 0x38, 0xba, 0xcb, 0x77, \ + 0x93, 0xb3, 0x9b, 0x93, 0x8f, 0xed, 0x65, 0x7f, 0xae, 0x1c, 0x74, 0x50, \ + 0xa9, 0xa7, 0x1c, 0xb3, 0x25, 0x0b, 0x78, 0x53, 0x73, 0x93, 0x24, 0x6f, \ + 0x58, 0x71, 0x5e, 0x4f, 0x9b, 0x02, 0x31, 0x00, 0xb3, 0x0c, 0x95, 0xfb, \ + 0xf4, 0x88, 0xbb, 0x84, 0x82, 0xd8, 0xcd, 0xaf, 0xe2, 0x5d, 0x62, 0x5e, \ + 0xfc, 0x18, 0xc9, 0x10, 0x4f, 0x0c, 0xb5, 0xe0, 0x91, 0x19, 0x70, 0xcd, \ + 0xd3, 0xa8, 0xc2, 0xf8, 0x12, 0xe0, 0x38, 0x7d, 0x4a, 0x41, 0x5f, 0x40, \ + 0xae, 0xa1, 0x21, 0xdc, 0x08, 0x4e, 0x84, 0x48 \ +} +/* END FILE */ + +/* This is taken from server5.key. */ +/* BEGIN FILE string macro TEST_SRV_KEY_EC_PEM server5.key */ +#define TEST_SRV_KEY_EC_PEM \ + "-----BEGIN EC PRIVATE KEY-----\r\n" \ + "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" \ + "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" \ + "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" \ + "-----END EC PRIVATE KEY-----\r\n" +/* END FILE */ + +/* This is generated from server5.key.der. */ +/* BEGIN FILE binary macro TEST_SRV_KEY_EC_DER server5.key.der */ +#define TEST_SRV_KEY_EC_DER { \ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf1, 0x2a, 0x13, 0x20, 0x76, \ + 0x02, 0x70, 0xa8, 0x3c, 0xbf, 0xfd, 0x53, 0xf6, 0x03, 0x1e, 0xf7, 0x6a, \ + 0x5d, 0x86, 0xc8, 0xa2, 0x04, 0xf2, 0xc3, 0x0c, 0xa9, 0xeb, 0xf5, 0x1f, \ + 0x0f, 0x0e, 0xa7, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x37, 0xcc, 0x56, \ + 0xd9, 0x76, 0x09, 0x1e, 0x5a, 0x72, 0x3e, 0xc7, 0x59, 0x2d, 0xff, 0x20, \ + 0x6e, 0xee, 0x7c, 0xf9, 0x06, 0x91, 0x74, 0xd0, 0xad, 0x14, 0xb5, 0xf7, \ + 0x68, 0x22, 0x59, 0x62, 0x92, 0x4e, 0xe5, 0x00, 0xd8, 0x23, 0x11, 0xff, \ + 0xea, 0x2f, 0xd2, 0x34, 0x5d, 0x5d, 0x16, 0xbd, 0x8a, 0x88, 0xc2, 0x6b, \ + 0x77, 0x0d, 0x55, 0xcd, 0x8a, 0x2a, 0x0e, 0xfa, 0x01, 0xc8, 0xb4, 0xed, \ + 0xff \ +} +/* END FILE */ + +/* This is taken from server2-sha256.crt. */ +/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA256_PEM server2-sha256.crt */ +#define TEST_SRV_CRT_RSA_SHA256_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ + "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ + "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ + "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ + "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ + "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ + "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ + "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ + "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQELBQADggEBAC465FJh\r\n" \ + "Pqel7zJngHIHJrqj/wVAxGAFOTF396XKATGAp+HRCqJ81Ry60CNK1jDzk8dv6M6U\r\n" \ + "HoS7RIFiM/9rXQCbJfiPD5xMTejZp5n5UYHAmxsxDaazfA5FuBhkfokKK6jD4Eq9\r\n" \ + "1C94xGKb6X4/VkaPF7cqoBBw/bHxawXc0UEPjqayiBpCYU/rJoVZgLqFVP7Px3sv\r\n" \ + "a1nOrNx8rPPI1hJ+ZOg8maiPTxHZnBVLakSSLQy/sWeWyazO1RnrbxjrbgQtYKz0\r\n" \ + "e3nwGpu1w13vfckFmUSBhHXH7AAS/HpKC4IH7G2GAk3+n8iSSN71sZzpxonQwVbo\r\n" \ + "pMZqLmbBm/7WPLc=\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from server2-sha256.crt.der. */ +/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA256_DER server2-sha256.crt.der */ +#define TEST_SRV_CRT_RSA_SHA256_DER { \ + 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ + 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ + 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ + 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ + 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ + 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ + 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ + 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ + 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ + 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ + 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ + 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ + 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ + 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ + 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ + 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ + 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ + 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ + 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ + 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ + 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ + 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ + 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ + 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ + 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ + 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, \ + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2e, 0x3a, 0xe4, 0x52, 0x61, \ + 0x3e, 0xa7, 0xa5, 0xef, 0x32, 0x67, 0x80, 0x72, 0x07, 0x26, 0xba, 0xa3, \ + 0xff, 0x05, 0x40, 0xc4, 0x60, 0x05, 0x39, 0x31, 0x77, 0xf7, 0xa5, 0xca, \ + 0x01, 0x31, 0x80, 0xa7, 0xe1, 0xd1, 0x0a, 0xa2, 0x7c, 0xd5, 0x1c, 0xba, \ + 0xd0, 0x23, 0x4a, 0xd6, 0x30, 0xf3, 0x93, 0xc7, 0x6f, 0xe8, 0xce, 0x94, \ + 0x1e, 0x84, 0xbb, 0x44, 0x81, 0x62, 0x33, 0xff, 0x6b, 0x5d, 0x00, 0x9b, \ + 0x25, 0xf8, 0x8f, 0x0f, 0x9c, 0x4c, 0x4d, 0xe8, 0xd9, 0xa7, 0x99, 0xf9, \ + 0x51, 0x81, 0xc0, 0x9b, 0x1b, 0x31, 0x0d, 0xa6, 0xb3, 0x7c, 0x0e, 0x45, \ + 0xb8, 0x18, 0x64, 0x7e, 0x89, 0x0a, 0x2b, 0xa8, 0xc3, 0xe0, 0x4a, 0xbd, \ + 0xd4, 0x2f, 0x78, 0xc4, 0x62, 0x9b, 0xe9, 0x7e, 0x3f, 0x56, 0x46, 0x8f, \ + 0x17, 0xb7, 0x2a, 0xa0, 0x10, 0x70, 0xfd, 0xb1, 0xf1, 0x6b, 0x05, 0xdc, \ + 0xd1, 0x41, 0x0f, 0x8e, 0xa6, 0xb2, 0x88, 0x1a, 0x42, 0x61, 0x4f, 0xeb, \ + 0x26, 0x85, 0x59, 0x80, 0xba, 0x85, 0x54, 0xfe, 0xcf, 0xc7, 0x7b, 0x2f, \ + 0x6b, 0x59, 0xce, 0xac, 0xdc, 0x7c, 0xac, 0xf3, 0xc8, 0xd6, 0x12, 0x7e, \ + 0x64, 0xe8, 0x3c, 0x99, 0xa8, 0x8f, 0x4f, 0x11, 0xd9, 0x9c, 0x15, 0x4b, \ + 0x6a, 0x44, 0x92, 0x2d, 0x0c, 0xbf, 0xb1, 0x67, 0x96, 0xc9, 0xac, 0xce, \ + 0xd5, 0x19, 0xeb, 0x6f, 0x18, 0xeb, 0x6e, 0x04, 0x2d, 0x60, 0xac, 0xf4, \ + 0x7b, 0x79, 0xf0, 0x1a, 0x9b, 0xb5, 0xc3, 0x5d, 0xef, 0x7d, 0xc9, 0x05, \ + 0x99, 0x44, 0x81, 0x84, 0x75, 0xc7, 0xec, 0x00, 0x12, 0xfc, 0x7a, 0x4a, \ + 0x0b, 0x82, 0x07, 0xec, 0x6d, 0x86, 0x02, 0x4d, 0xfe, 0x9f, 0xc8, 0x92, \ + 0x48, 0xde, 0xf5, 0xb1, 0x9c, 0xe9, 0xc6, 0x89, 0xd0, 0xc1, 0x56, 0xe8, \ + 0xa4, 0xc6, 0x6a, 0x2e, 0x66, 0xc1, 0x9b, 0xfe, 0xd6, 0x3c, 0xb7 \ +} +/* END FILE */ + +/* This is taken from server2.crt. */ +/* BEGIN FILE string macro TEST_SRV_CRT_RSA_SHA1_PEM server2.crt */ +#define TEST_SRV_CRT_RSA_SHA1_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n" \ + "AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n" \ + "owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n" \ + "NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n" \ + "tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n" \ + "hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n" \ + "HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n" \ + "VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n" \ + "FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJklg3Q4\r\n" \ + "cB7v7BzsxM/vLyKccO6op0/gZzM4ghuLq2Y32kl0sM6kSNUUmduuq3u/+GmUZN2A\r\n" \ + "O/7c+Hw7hDFEIvZk98aBGjCLqn3DmgHIv8ToQ67nellQxx2Uj309PdgjNi/r9HOc\r\n" \ + "KNAYPbBcg6MJGWWj2TI6vNaceios/DhOYx5V0j5nfqSJ/pnU0g9Ign2LAhgYpGJE\r\n" \ + "iEM9wW7hEMkwmk0h/sqZsrJsGH5YsF/VThSq/JVO1e2mZH2vruyZKJVBq+8tDNYp\r\n" \ + "HkK6tSyVYQhzIt3StMJWKMl/o5k2AYz6tSC164+1oG+ML3LWg8XrGKa91H4UOKap\r\n" \ + "Awgk0+4m0T25cNs=\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from server2.crt.der. */ +/* BEGIN FILE binary macro TEST_SRV_CRT_RSA_SHA1_DER server2.crt.der */ +#define TEST_SRV_CRT_RSA_SHA1_DER { \ + 0x30, 0x82, 0x03, 0x37, 0x30, 0x82, 0x02, 0x1f, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x34, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x09, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, 0x30, 0x82, \ + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, \ + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, \ + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, \ + 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, 0xb8, 0x99, 0xac, 0x0e, 0x78, \ + 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, 0x16, 0xd0, 0x5a, 0xe4, 0xcd, \ + 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, 0x96, 0xa7, 0x52, 0xb4, 0x90, \ + 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, 0xfc, 0xb6, 0x34, 0xac, 0x24, \ + 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, 0xb0, 0x28, 0x7d, 0xa1, 0xda, \ + 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, 0xfe, 0xc1, 0x04, 0x52, 0xb3, \ + 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, 0xd8, 0x90, 0xc1, 0x61, 0xb4, \ + 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, 0xab, 0x74, 0x5e, 0x07, 0x7d, \ + 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, 0xd9, 0x0d, 0x1c, 0x2d, 0x49, \ + 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, 0x0b, 0x8a, 0x4f, 0x69, 0x0c, \ + 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, 0x66, 0x7d, 0xae, 0x54, 0x2b, \ + 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, 0xc3, 0xcd, 0x40, 0x49, 0x08, \ + 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, 0x46, 0xbf, 0xd0, 0xb8, 0xaa, \ + 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, 0x1e, 0x44, 0x18, 0x0f, 0x0f, \ + 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, 0x18, 0xc6, 0x62, 0x2f, 0xc7, \ + 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, 0x27, 0x89, 0x29, 0x01, 0xc5, \ + 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, 0x4a, 0x0e, 0xef, 0xd6, 0xde, \ + 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, 0x7a, 0xc4, 0x02, 0x3c, 0x9a, \ + 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, 0xcb, 0x73, 0x4b, 0x52, 0x96, \ + 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, 0x39, 0x5a, 0xd3, 0x0f, 0xb0, \ + 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, 0x12, 0x01, 0x30, 0x97, 0x02, \ + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, \ + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa5, 0x05, 0xe8, 0x64, 0xb8, 0xdc, \ + 0xdf, 0x60, 0x0f, 0x50, 0x12, 0x4d, 0x60, 0xa8, 0x64, 0xaf, 0x4d, 0x8b, \ + 0x43, 0x93, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, \ + 0x16, 0x80, 0x14, 0xb4, 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, \ + 0xb9, 0xd5, 0xa6, 0x95, 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, \ + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, \ + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x99, 0x25, 0x83, 0x74, 0x38, \ + 0x70, 0x1e, 0xef, 0xec, 0x1c, 0xec, 0xc4, 0xcf, 0xef, 0x2f, 0x22, 0x9c, \ + 0x70, 0xee, 0xa8, 0xa7, 0x4f, 0xe0, 0x67, 0x33, 0x38, 0x82, 0x1b, 0x8b, \ + 0xab, 0x66, 0x37, 0xda, 0x49, 0x74, 0xb0, 0xce, 0xa4, 0x48, 0xd5, 0x14, \ + 0x99, 0xdb, 0xae, 0xab, 0x7b, 0xbf, 0xf8, 0x69, 0x94, 0x64, 0xdd, 0x80, \ + 0x3b, 0xfe, 0xdc, 0xf8, 0x7c, 0x3b, 0x84, 0x31, 0x44, 0x22, 0xf6, 0x64, \ + 0xf7, 0xc6, 0x81, 0x1a, 0x30, 0x8b, 0xaa, 0x7d, 0xc3, 0x9a, 0x01, 0xc8, \ + 0xbf, 0xc4, 0xe8, 0x43, 0xae, 0xe7, 0x7a, 0x59, 0x50, 0xc7, 0x1d, 0x94, \ + 0x8f, 0x7d, 0x3d, 0x3d, 0xd8, 0x23, 0x36, 0x2f, 0xeb, 0xf4, 0x73, 0x9c, \ + 0x28, 0xd0, 0x18, 0x3d, 0xb0, 0x5c, 0x83, 0xa3, 0x09, 0x19, 0x65, 0xa3, \ + 0xd9, 0x32, 0x3a, 0xbc, 0xd6, 0x9c, 0x7a, 0x2a, 0x2c, 0xfc, 0x38, 0x4e, \ + 0x63, 0x1e, 0x55, 0xd2, 0x3e, 0x67, 0x7e, 0xa4, 0x89, 0xfe, 0x99, 0xd4, \ + 0xd2, 0x0f, 0x48, 0x82, 0x7d, 0x8b, 0x02, 0x18, 0x18, 0xa4, 0x62, 0x44, \ + 0x88, 0x43, 0x3d, 0xc1, 0x6e, 0xe1, 0x10, 0xc9, 0x30, 0x9a, 0x4d, 0x21, \ + 0xfe, 0xca, 0x99, 0xb2, 0xb2, 0x6c, 0x18, 0x7e, 0x58, 0xb0, 0x5f, 0xd5, \ + 0x4e, 0x14, 0xaa, 0xfc, 0x95, 0x4e, 0xd5, 0xed, 0xa6, 0x64, 0x7d, 0xaf, \ + 0xae, 0xec, 0x99, 0x28, 0x95, 0x41, 0xab, 0xef, 0x2d, 0x0c, 0xd6, 0x29, \ + 0x1e, 0x42, 0xba, 0xb5, 0x2c, 0x95, 0x61, 0x08, 0x73, 0x22, 0xdd, 0xd2, \ + 0xb4, 0xc2, 0x56, 0x28, 0xc9, 0x7f, 0xa3, 0x99, 0x36, 0x01, 0x8c, 0xfa, \ + 0xb5, 0x20, 0xb5, 0xeb, 0x8f, 0xb5, 0xa0, 0x6f, 0x8c, 0x2f, 0x72, 0xd6, \ + 0x83, 0xc5, 0xeb, 0x18, 0xa6, 0xbd, 0xd4, 0x7e, 0x14, 0x38, 0xa6, 0xa9, \ + 0x03, 0x08, 0x24, 0xd3, 0xee, 0x26, 0xd1, 0x3d, 0xb9, 0x70, 0xdb \ +} +/* END FILE */ + +/* This is taken from server2.key. */ +/* BEGIN FILE string macro TEST_SRV_KEY_RSA_PEM server2.key */ +#define TEST_SRV_KEY_RSA_PEM \ + "-----BEGIN RSA PRIVATE KEY-----\r\n" \ + "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" \ + "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" \ + "2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n" \ + "Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n" \ + "GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n" \ + "y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n" \ + "++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n" \ + "Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n" \ + "/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n" \ + "WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n" \ + "GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n" \ + "TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n" \ + "CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n" \ + "nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n" \ + "AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n" \ + "sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n" \ + "mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n" \ + "BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n" \ + "whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n" \ + "vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n" \ + "3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n" \ + "3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n" \ + "ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n" \ + "4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n" \ + "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" \ + "-----END RSA PRIVATE KEY-----\r\n" +/* END FILE */ + +/* This is generated from server2.key.der. */ +/* BEGIN FILE binary macro TEST_SRV_KEY_RSA_DER server2.key.der */ +#define TEST_SRV_KEY_RSA_DER { \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc1, 0x4d, 0xa3, 0xdd, 0xe7, 0xcd, 0x1d, 0xd1, 0x04, 0xd7, 0x49, 0x72, \ + 0xb8, 0x99, 0xac, 0x0e, 0x78, 0xe4, 0x3a, 0x3c, 0x4a, 0xcf, 0x3a, 0x13, \ + 0x16, 0xd0, 0x5a, 0xe4, 0xcd, 0xa3, 0x00, 0x88, 0xa7, 0xee, 0x1e, 0x6b, \ + 0x96, 0xa7, 0x52, 0xb4, 0x90, 0xef, 0x2d, 0x72, 0x7a, 0x3e, 0x24, 0x9a, \ + 0xfc, 0xb6, 0x34, 0xac, 0x24, 0xf5, 0x77, 0xe0, 0x26, 0x64, 0x8c, 0x9c, \ + 0xb0, 0x28, 0x7d, 0xa1, 0xda, 0xea, 0x8c, 0xe6, 0xc9, 0x1c, 0x96, 0xbc, \ + 0xfe, 0xc1, 0x04, 0x52, 0xb3, 0x36, 0xd4, 0xa3, 0xfa, 0xe1, 0xb1, 0x76, \ + 0xd8, 0x90, 0xc1, 0x61, 0xb4, 0x66, 0x52, 0x36, 0xa2, 0x26, 0x53, 0xaa, \ + 0xab, 0x74, 0x5e, 0x07, 0x7d, 0x19, 0x82, 0xdb, 0x2a, 0xd8, 0x1f, 0xa0, \ + 0xd9, 0x0d, 0x1c, 0x2d, 0x49, 0x66, 0xf7, 0x5b, 0x25, 0x73, 0x46, 0xe8, \ + 0x0b, 0x8a, 0x4f, 0x69, 0x0c, 0xb5, 0x00, 0x90, 0xe1, 0xda, 0x82, 0x10, \ + 0x66, 0x7d, 0xae, 0x54, 0x2b, 0x8b, 0x65, 0x79, 0x91, 0xa1, 0xe2, 0x61, \ + 0xc3, 0xcd, 0x40, 0x49, 0x08, 0xee, 0x68, 0x0c, 0xf1, 0x8b, 0x86, 0xd2, \ + 0x46, 0xbf, 0xd0, 0xb8, 0xaa, 0x11, 0x03, 0x1e, 0x7f, 0x56, 0xa8, 0x1a, \ + 0x1e, 0x44, 0x18, 0x0f, 0x0f, 0x85, 0x8b, 0xda, 0x8b, 0x44, 0x5e, 0xe2, \ + 0x18, 0xc6, 0x62, 0x2f, 0xc7, 0x66, 0x8d, 0xfa, 0x5d, 0xd8, 0x7d, 0xf3, \ + 0x27, 0x89, 0x29, 0x01, 0xc5, 0x90, 0x0e, 0x3f, 0x27, 0xf1, 0x30, 0xc8, \ + 0x4a, 0x0e, 0xef, 0xd6, 0xde, 0xc7, 0xc7, 0x27, 0x6b, 0xc7, 0x05, 0x3d, \ + 0x7a, 0xc4, 0x02, 0x3c, 0x9a, 0x1d, 0x3e, 0x0f, 0xe8, 0x34, 0x98, 0x5b, \ + 0xcb, 0x73, 0x4b, 0x52, 0x96, 0xd8, 0x11, 0xa2, 0x2c, 0x80, 0x88, 0x69, \ + 0x39, 0x5a, 0xd3, 0x0f, 0xb0, 0xde, 0x59, 0x2f, 0x11, 0xc7, 0xf7, 0xea, \ + 0x12, 0x01, 0x30, 0x97, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x01, 0x00, 0x97, 0x47, 0x44, 0xbc, 0x10, 0x81, 0xc5, 0x18, 0xe4, 0x59, \ + 0xfb, 0xe0, 0x2d, 0x3a, 0x0e, 0x9e, 0x10, 0xdc, 0x43, 0xfb, 0x15, 0x6c, \ + 0xd1, 0xfd, 0x48, 0x78, 0x6c, 0xf9, 0xed, 0x38, 0xe8, 0xdd, 0x09, 0xd7, \ + 0x5f, 0xb5, 0x41, 0x64, 0xd7, 0x63, 0xfa, 0x9d, 0x44, 0x0a, 0xf8, 0x42, \ + 0x13, 0xf1, 0xbb, 0x5e, 0x79, 0x20, 0x53, 0x98, 0x4b, 0x65, 0x7f, 0x86, \ + 0x67, 0x48, 0xe4, 0xcf, 0xfb, 0x6a, 0x24, 0xe2, 0x34, 0xbd, 0x14, 0x9d, \ + 0x2c, 0x16, 0xe2, 0xa4, 0x79, 0xd6, 0xa2, 0xec, 0x81, 0x43, 0x87, 0xbf, \ + 0x03, 0x5c, 0x88, 0x25, 0xd9, 0x41, 0xb6, 0xa5, 0xf1, 0x27, 0x52, 0x84, \ + 0xfe, 0x2b, 0x6e, 0x1d, 0x16, 0xcd, 0x73, 0x88, 0xf8, 0x90, 0xbf, 0x19, \ + 0xfe, 0xbe, 0xa9, 0xbf, 0x09, 0xd3, 0x23, 0x43, 0xd2, 0xc7, 0x61, 0x2a, \ + 0xb3, 0x4e, 0x3c, 0x61, 0xd4, 0xbd, 0xd8, 0xb4, 0xfa, 0xa8, 0x0b, 0xf8, \ + 0x7e, 0x56, 0xcd, 0x0f, 0x13, 0x27, 0xda, 0xe6, 0x3b, 0xb3, 0x8c, 0x9c, \ + 0x4b, 0x84, 0x3c, 0xc3, 0x52, 0x57, 0x9c, 0x27, 0x9a, 0x02, 0x76, 0x26, \ + 0x59, 0x82, 0x39, 0xc3, 0x13, 0xbe, 0x6e, 0xf4, 0x44, 0x2d, 0x1d, 0x8c, \ + 0x73, 0x3e, 0x43, 0x99, 0x59, 0xcb, 0xf2, 0x34, 0x72, 0x9a, 0x5e, 0xa5, \ + 0xeb, 0x9f, 0x36, 0x6d, 0x2b, 0xf9, 0xa2, 0xe7, 0xd1, 0x78, 0x52, 0x1b, \ + 0xc8, 0xf6, 0x5b, 0x41, 0x69, 0x57, 0x81, 0x89, 0xe9, 0xbb, 0xa1, 0xde, \ + 0x19, 0x37, 0x3b, 0x13, 0x5c, 0xca, 0x61, 0x01, 0x86, 0xff, 0xdf, 0x83, \ + 0x41, 0x49, 0x7f, 0xd6, 0xf4, 0x2e, 0x08, 0xfa, 0x90, 0xc2, 0x7c, 0xb4, \ + 0xb5, 0x0a, 0x17, 0xdb, 0x0e, 0x6d, 0x75, 0x8a, 0x5d, 0x31, 0xd5, 0x66, \ + 0xfb, 0x39, 0x0b, 0xb5, 0xb6, 0xa3, 0xcd, 0xd4, 0xef, 0x88, 0x92, 0x5a, \ + 0x4d, 0x6c, 0xcb, 0xea, 0x5b, 0x79, 0x02, 0x81, 0x81, 0x00, 0xdf, 0x3a, \ + 0xf9, 0x25, 0x5e, 0x24, 0x37, 0x26, 0x40, 0x97, 0x2f, 0xe0, 0x4a, 0xba, \ + 0x52, 0x1b, 0x51, 0xaf, 0x84, 0x06, 0x32, 0x24, 0x0c, 0xcf, 0x44, 0xa8, \ + 0x77, 0xa7, 0xad, 0xb5, 0x8c, 0x58, 0xcc, 0xc8, 0x31, 0xb7, 0x0d, 0xbc, \ + 0x08, 0x8a, 0xe0, 0xa6, 0x8c, 0xc2, 0x73, 0xe5, 0x1a, 0x64, 0x92, 0xe8, \ + 0xed, 0x4c, 0x6f, 0x0b, 0xa6, 0xa7, 0xf3, 0x9a, 0xf5, 0x6f, 0x69, 0xca, \ + 0x3c, 0x22, 0xd0, 0x15, 0xa8, 0x20, 0x27, 0x41, 0xf8, 0x43, 0x42, 0x7f, \ + 0xb1, 0x93, 0xa1, 0x04, 0x85, 0xda, 0xa0, 0x1c, 0xd6, 0xc6, 0xf7, 0x8a, \ + 0x9e, 0xea, 0x5c, 0x78, 0xa7, 0x55, 0xc4, 0x6b, 0x05, 0x8b, 0xc0, 0x83, \ + 0xcb, 0xce, 0x83, 0x05, 0xf8, 0xb2, 0x16, 0x2b, 0xdf, 0x06, 0x3f, 0xb8, \ + 0xec, 0x16, 0xda, 0x43, 0x33, 0xc1, 0x8f, 0xb0, 0xb8, 0xac, 0xae, 0xd4, \ + 0x94, 0xb8, 0xda, 0x6f, 0x6a, 0xc3, 0x02, 0x81, 0x81, 0x00, 0xdd, 0xae, \ + 0x00, 0xcd, 0xa0, 0x72, 0x1a, 0x05, 0x8a, 0xee, 0x2f, 0xd4, 0x71, 0x4b, \ + 0xf0, 0x3e, 0xe5, 0xc1, 0xe1, 0x29, 0x8b, 0xa6, 0x67, 0x30, 0x98, 0xe7, \ + 0x12, 0xef, 0xdd, 0x12, 0x01, 0x90, 0x24, 0x58, 0xf0, 0x76, 0x92, 0xe7, \ + 0x3d, 0xbb, 0x23, 0xe1, 0xce, 0xf9, 0xa1, 0xd4, 0x38, 0x1b, 0x3f, 0x20, \ + 0xb3, 0x0f, 0x65, 0x6a, 0x8f, 0x55, 0x57, 0x36, 0xee, 0xb2, 0x84, 0x44, \ + 0xfc, 0x91, 0x88, 0xe1, 0xa4, 0xdd, 0x3b, 0x4a, 0x40, 0x4d, 0x7c, 0x86, \ + 0xed, 0xe1, 0xb5, 0x42, 0xef, 0xb9, 0x61, 0xcd, 0x58, 0x19, 0x77, 0x02, \ + 0xae, 0x58, 0x80, 0xdb, 0x13, 0x3d, 0xc7, 0x1f, 0x9d, 0xed, 0xff, 0xac, \ + 0x98, 0xfc, 0xcd, 0xf9, 0x62, 0x04, 0x83, 0x91, 0x89, 0x0d, 0x86, 0x43, \ + 0x8c, 0x0c, 0xc7, 0x1b, 0x90, 0x4d, 0xbe, 0x2f, 0xc5, 0x7c, 0xcd, 0x42, \ + 0xf5, 0xd3, 0xad, 0x8e, 0xfd, 0x9d, 0x02, 0x81, 0x80, 0x17, 0x4b, 0x79, \ + 0x2a, 0x6c, 0x1b, 0x8d, 0x61, 0xc1, 0x85, 0xc5, 0x6a, 0x3b, 0x82, 0x1c, \ + 0x05, 0x5b, 0xcd, 0xdc, 0x12, 0x25, 0x73, 0x5b, 0x9e, 0xd9, 0x84, 0x57, \ + 0x10, 0x39, 0x71, 0x63, 0x96, 0xf4, 0xaf, 0xc3, 0x78, 0x5d, 0xc7, 0x8c, \ + 0x80, 0xa9, 0x96, 0xd7, 0xc3, 0x87, 0x02, 0x96, 0x71, 0x7e, 0x5f, 0x2e, \ + 0x3c, 0x36, 0xae, 0x59, 0x92, 0xd7, 0x3a, 0x09, 0x78, 0xb9, 0xea, 0x6f, \ + 0xc2, 0x16, 0x42, 0xdc, 0x4b, 0x96, 0xad, 0x2c, 0xb2, 0x20, 0x23, 0x61, \ + 0x2d, 0x8d, 0xb5, 0x02, 0x1e, 0xe1, 0x6c, 0x81, 0x01, 0x3c, 0x5d, 0xcb, \ + 0xdd, 0x9b, 0x0e, 0xc0, 0x2f, 0x94, 0x12, 0xb2, 0xfe, 0x75, 0x75, 0x8b, \ + 0x74, 0x1e, 0x7a, 0x26, 0x0c, 0xb7, 0x81, 0x96, 0x81, 0x79, 0x6e, 0xdb, \ + 0xbc, 0x3a, 0xc4, 0x9e, 0x87, 0x09, 0x6e, 0xa0, 0xa6, 0xec, 0x8b, 0xa4, \ + 0x85, 0x71, 0xce, 0x04, 0xaf, 0x02, 0x81, 0x81, 0x00, 0xc2, 0xa7, 0x47, \ + 0x07, 0x48, 0x6a, 0xc8, 0xd4, 0xb3, 0x20, 0xe1, 0x98, 0xee, 0xff, 0x5a, \ + 0x6f, 0x30, 0x7a, 0xa5, 0x47, 0x40, 0xdc, 0x16, 0x62, 0x42, 0xf1, 0x2c, \ + 0xdc, 0xb8, 0xc7, 0x55, 0xde, 0x07, 0x3c, 0x9d, 0xb1, 0xd0, 0xdf, 0x02, \ + 0x82, 0xb0, 0x48, 0x58, 0xe1, 0x34, 0xab, 0xcf, 0xb4, 0x85, 0x23, 0x26, \ + 0x78, 0x4f, 0x7a, 0x59, 0x6f, 0xfb, 0x8c, 0x3d, 0xdf, 0x3d, 0x6c, 0x02, \ + 0x47, 0x9c, 0xe5, 0x5e, 0x49, 0xf1, 0x05, 0x0b, 0x1f, 0xbf, 0x48, 0x0f, \ + 0xdc, 0x10, 0xb9, 0x3d, 0x1d, 0x10, 0x77, 0x2a, 0x73, 0xf9, 0xdf, 0xbd, \ + 0xcd, 0xf3, 0x1f, 0xeb, 0x6e, 0x64, 0xca, 0x2b, 0x78, 0x4f, 0xf8, 0x73, \ + 0xc2, 0x10, 0xef, 0x79, 0x95, 0x33, 0x1e, 0x79, 0x35, 0x09, 0xff, 0x88, \ + 0x1b, 0xb4, 0x3e, 0x4c, 0xe1, 0x27, 0x2e, 0x75, 0x80, 0x58, 0x11, 0x03, \ + 0x21, 0x23, 0x96, 0x9a, 0xb5, 0x02, 0x81, 0x80, 0x05, 0x12, 0x64, 0x71, \ + 0x83, 0x00, 0x1c, 0xfe, 0xef, 0x83, 0xea, 0xdd, 0x2c, 0xc8, 0x2c, 0x00, \ + 0x62, 0x1e, 0x8f, 0x3a, 0xdb, 0x1c, 0xab, 0xd6, 0x34, 0x8b, 0xd1, 0xb2, \ + 0x5a, 0x4f, 0x3d, 0x37, 0x38, 0x02, 0xe0, 0xd7, 0x70, 0xc1, 0xb0, 0x47, \ + 0xe0, 0x08, 0x1a, 0x84, 0xec, 0x48, 0xc5, 0x7c, 0x76, 0x83, 0x12, 0x67, \ + 0xab, 0x7c, 0x9f, 0x90, 0x97, 0xc8, 0x8f, 0x07, 0xf4, 0xb3, 0x60, 0xf2, \ + 0x3f, 0x49, 0x18, 0xdb, 0x2e, 0x94, 0x6b, 0x53, 0x9e, 0xa2, 0x63, 0xde, \ + 0x63, 0xd9, 0xab, 0x21, 0x2e, 0x2d, 0x0a, 0xe0, 0xd0, 0xe8, 0xba, 0xc4, \ + 0x4c, 0x1e, 0xa5, 0xf5, 0x51, 0xa8, 0xc4, 0x92, 0xf8, 0x7f, 0x21, 0xe7, \ + 0x65, 0xbf, 0x0b, 0xe6, 0x01, 0xaf, 0x9c, 0x1d, 0x5b, 0x6c, 0x3f, 0x1c, \ + 0x2f, 0xa6, 0x0f, 0x68, 0x38, 0x8e, 0x85, 0xc4, 0x6c, 0x78, 0x2f, 0x6f, \ + 0x06, 0x21, 0x2e, 0x56 \ +} +/* END FILE */ + +/* This is taken from cli2.crt. */ +/* BEGIN FILE string macro TEST_CLI_CRT_EC_PEM cli2.crt */ +#define TEST_CLI_CRT_EC_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIB3zCCAWOgAwIBAgIBDTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw\r\n" \ + "DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJTU0wgVGVzdCBFQyBDQTAe\r\n" \ + "Fw0xOTAyMTAxNDQ0MDBaFw0yOTAyMTAxNDQ0MDBaMEExCzAJBgNVBAYTAk5MMREw\r\n" \ + "DwYDVQQKDAhQb2xhclNTTDEfMB0GA1UEAwwWUG9sYXJTU0wgVGVzdCBDbGllbnQg\r\n" \ + "MjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFflrrFz39Osu5O4gf8Sru7mU6zO\r\n" \ + "VVP2NA7MLuNjJQvfmOLzXGA2lsDVGBRw5X+f1UtFGOWwbNVc+JaPh3Cj5MejTTBL\r\n" \ + "MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMB8GA1Ud\r\n" \ + "IwQYMBaAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8MAwGCCqGSM49BAMCBQADaAAwZQIx\r\n" \ + "AMqme4DKMldUlplDET9Q6Eptre7uUWKhsLOF+zPkKDlfzpIkJYEFgcloDHGYw80u\r\n" \ + "IgIwNftyPXsabTqMM7iEHgVpX/GRozKklY9yQI/5eoA6gGW7Y+imuGR/oao5ySOb\r\n" \ + "a9Vk\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from cli2.crt.der. */ +/* BEGIN FILE binary macro TEST_CLI_CRT_EC_DER cli2.crt.der */ +#define TEST_CLI_CRT_EC_DER { \ + 0x30, 0x82, 0x01, 0xdf, 0x30, 0x82, 0x01, 0x63, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x0d, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, \ + 0x3d, 0x04, 0x03, 0x02, 0x05, 0x00, 0x30, 0x3e, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1c, 0x30, 0x1a, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x13, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x45, 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, \ + 0x17, 0x0d, 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, \ + 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, \ + 0x34, 0x34, 0x34, 0x30, 0x30, 0x5a, 0x30, 0x41, 0x31, 0x0b, 0x30, 0x09, \ + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, \ + 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, \ + 0x72, 0x53, 0x53, 0x4c, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, \ + 0x03, 0x0c, 0x16, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, \ + 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, \ + 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, \ + 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, 0xb1, 0x73, 0xdf, 0xd3, 0xac, \ + 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, 0xee, 0xe6, 0x53, 0xac, 0xce, \ + 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, 0xe3, 0x63, 0x25, 0x0b, 0xdf, \ + 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, 0xc0, 0xd5, 0x18, 0x14, 0x70, \ + 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, \ + 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, 0xc7, 0xa3, 0x4d, 0x30, 0x4b, \ + 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, \ + 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x7a, 0x00, \ + 0x5f, 0x86, 0x64, 0xfc, 0xe0, 0x5d, 0xe5, 0x11, 0x10, 0x3b, 0xb2, 0xe6, \ + 0x3b, 0xc4, 0x26, 0x3f, 0xcf, 0xe2, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, \ + 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x9d, 0x6d, 0x20, 0x24, 0x49, \ + 0x01, 0x3f, 0x2b, 0xcb, 0x78, 0xb5, 0x19, 0xbc, 0x7e, 0x24, 0xc9, 0xdb, \ + 0xfb, 0x36, 0x7c, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x04, 0x03, 0x02, 0x05, 0x00, 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, \ + 0x00, 0xca, 0xa6, 0x7b, 0x80, 0xca, 0x32, 0x57, 0x54, 0x96, 0x99, 0x43, \ + 0x11, 0x3f, 0x50, 0xe8, 0x4a, 0x6d, 0xad, 0xee, 0xee, 0x51, 0x62, 0xa1, \ + 0xb0, 0xb3, 0x85, 0xfb, 0x33, 0xe4, 0x28, 0x39, 0x5f, 0xce, 0x92, 0x24, \ + 0x25, 0x81, 0x05, 0x81, 0xc9, 0x68, 0x0c, 0x71, 0x98, 0xc3, 0xcd, 0x2e, \ + 0x22, 0x02, 0x30, 0x35, 0xfb, 0x72, 0x3d, 0x7b, 0x1a, 0x6d, 0x3a, 0x8c, \ + 0x33, 0xb8, 0x84, 0x1e, 0x05, 0x69, 0x5f, 0xf1, 0x91, 0xa3, 0x32, 0xa4, \ + 0x95, 0x8f, 0x72, 0x40, 0x8f, 0xf9, 0x7a, 0x80, 0x3a, 0x80, 0x65, 0xbb, \ + 0x63, 0xe8, 0xa6, 0xb8, 0x64, 0x7f, 0xa1, 0xaa, 0x39, 0xc9, 0x23, 0x9b, \ + 0x6b, 0xd5, 0x64 \ +} +/* END FILE */ + +/* This is taken from cli2.key. */ +/* BEGIN FILE string macro TEST_CLI_KEY_EC_PEM cli2.key */ +#define TEST_CLI_KEY_EC_PEM \ + "-----BEGIN EC PRIVATE KEY-----\r\n" \ + "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" \ + "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" \ + "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" \ + "-----END EC PRIVATE KEY-----\r\n" +/* END FILE */ + +/* This is generated from cli2.key.der. */ +/* BEGIN FILE binary macro TEST_CLI_KEY_EC_DER cli2.key.der */ +#define TEST_CLI_KEY_EC_DER { \ + 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xf6, 0xf7, 0x86, 0x64, 0xf1, \ + 0x67, 0x7f, 0xe6, 0x64, 0x8d, 0xef, 0xca, 0x4e, 0xe9, 0xdd, 0x4d, 0xf0, \ + 0x05, 0xff, 0x96, 0x22, 0x8a, 0x7a, 0x84, 0x38, 0x64, 0x17, 0x32, 0x61, \ + 0x98, 0xb7, 0x2a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, \ + 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x57, 0xe5, 0xae, \ + 0xb1, 0x73, 0xdf, 0xd3, 0xac, 0xbb, 0x93, 0xb8, 0x81, 0xff, 0x12, 0xae, \ + 0xee, 0xe6, 0x53, 0xac, 0xce, 0x55, 0x53, 0xf6, 0x34, 0x0e, 0xcc, 0x2e, \ + 0xe3, 0x63, 0x25, 0x0b, 0xdf, 0x98, 0xe2, 0xf3, 0x5c, 0x60, 0x36, 0x96, \ + 0xc0, 0xd5, 0x18, 0x14, 0x70, 0xe5, 0x7f, 0x9f, 0xd5, 0x4b, 0x45, 0x18, \ + 0xe5, 0xb0, 0x6c, 0xd5, 0x5c, 0xf8, 0x96, 0x8f, 0x87, 0x70, 0xa3, 0xe4, \ + 0xc7 \ +} +/* END FILE */ + +/* This is taken from cli-rsa-sha256.crt. */ +/* BEGIN FILE string macro TEST_CLI_CRT_RSA_PEM cli-rsa-sha256.crt */ +#define TEST_CLI_CRT_RSA_PEM \ + "-----BEGIN CERTIFICATE-----\r\n" \ + "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n" \ + "MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \ + "MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" \ + "A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" \ + "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" \ + "M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" \ + "1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" \ + "MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" \ + "4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" \ + "/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" \ + "o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" \ + "BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQsFAAOC\r\n" \ + "AQEAXidv1d4pLlBiKWED95rMycBdgDcgyNqJxakFkRfRyA2y1mlyTn7uBXRkNLY5\r\n" \ + "ZFzK82GCjk2Q2OD4RZSCPAJJqLpHHU34t71ciffvy2KK81YvrxczRhMAE64i+qna\r\n" \ + "yP3Td2XuWJR05PVPoSemsNELs9gWttdnYy3ce+EY2Y0n7Rsi7982EeLIAA7H6ca4\r\n" \ + "2Es/NUH//JZJT32OP0doMxeDRA+vplkKqTLLWf7dX26LIriBkBaRCgR5Yv9LBPFc\r\n" \ + "NOtpzu/LbrY7QFXKJMI+JXDudCsOn8KCmiA4d6Emisqfh3V3485l7HEQNcvLTxlD\r\n" \ + "6zDQyi0/ykYUYZkwQTK1N2Nvlw==\r\n" \ + "-----END CERTIFICATE-----\r\n" +/* END FILE */ + +/* This is generated from cli-rsa-sha256.crt.der. */ +/* BEGIN FILE binary macro TEST_CLI_CRT_RSA_DER cli-rsa-sha256.crt.der */ +#define TEST_CLI_CRT_RSA_DER { \ + 0x30, 0x82, 0x03, 0x3f, 0x30, 0x82, 0x02, 0x27, 0xa0, 0x03, 0x02, 0x01, \ + 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, \ + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3b, 0x31, 0x0b, 0x30, \ + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, \ + 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, \ + 0x61, 0x72, 0x53, 0x53, 0x4c, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, \ + 0x04, 0x03, 0x0c, 0x10, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, \ + 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, \ + 0x31, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, 0x34, 0x30, 0x36, \ + 0x5a, 0x17, 0x0d, 0x32, 0x39, 0x30, 0x32, 0x31, 0x30, 0x31, 0x34, 0x34, \ + 0x34, 0x30, 0x36, 0x5a, 0x30, 0x3c, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, \ + 0x55, 0x04, 0x06, 0x13, 0x02, 0x4e, 0x4c, 0x31, 0x11, 0x30, 0x0f, 0x06, \ + 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, \ + 0x53, 0x4c, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, \ + 0x11, 0x50, 0x6f, 0x6c, 0x61, 0x72, 0x53, 0x53, 0x4c, 0x20, 0x43, 0x6c, \ + 0x69, 0x65, 0x6e, 0x74, 0x20, 0x32, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, \ + 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, \ + 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, \ + 0x01, 0x01, 0x00, 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, \ + 0x45, 0xd9, 0x14, 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, \ + 0x33, 0xad, 0x0d, 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, \ + 0xcc, 0x66, 0x85, 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, \ + 0x9e, 0x0a, 0x6e, 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, \ + 0x93, 0x86, 0x49, 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, \ + 0xd4, 0x2f, 0x77, 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, \ + 0x48, 0x70, 0xf5, 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, \ + 0xe6, 0x43, 0xea, 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, \ + 0x57, 0x4e, 0xa9, 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, \ + 0x32, 0x30, 0xd5, 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, \ + 0x5f, 0xf9, 0x3d, 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, \ + 0xfb, 0xe5, 0x0c, 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, \ + 0x7f, 0xca, 0xad, 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, \ + 0xe0, 0x9b, 0xf8, 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, \ + 0x04, 0x66, 0xc7, 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, \ + 0x06, 0x67, 0xf4, 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, \ + 0x3c, 0x8b, 0x35, 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, \ + 0xfc, 0x36, 0x6b, 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, \ + 0x00, 0xcf, 0xaf, 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, \ + 0xe7, 0x50, 0x71, 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, \ + 0xe4, 0xc4, 0xfd, 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, \ + 0xa3, 0x4d, 0x30, 0x4b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, \ + 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, \ + 0x04, 0x14, 0x71, 0xa1, 0x00, 0x73, 0x72, 0x40, 0x2f, 0x54, 0x76, 0x5e, \ + 0x33, 0xfc, 0x52, 0x8f, 0xbc, 0xf1, 0xdd, 0x6b, 0x46, 0x21, 0x30, 0x1f, \ + 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xb4, \ + 0x5a, 0xe4, 0xa5, 0xb3, 0xde, 0xd2, 0x52, 0xf6, 0xb9, 0xd5, 0xa6, 0x95, \ + 0x0f, 0xeb, 0x3e, 0xbc, 0xc7, 0xfd, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, \ + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, \ + 0x01, 0x01, 0x00, 0x5e, 0x27, 0x6f, 0xd5, 0xde, 0x29, 0x2e, 0x50, 0x62, \ + 0x29, 0x61, 0x03, 0xf7, 0x9a, 0xcc, 0xc9, 0xc0, 0x5d, 0x80, 0x37, 0x20, \ + 0xc8, 0xda, 0x89, 0xc5, 0xa9, 0x05, 0x91, 0x17, 0xd1, 0xc8, 0x0d, 0xb2, \ + 0xd6, 0x69, 0x72, 0x4e, 0x7e, 0xee, 0x05, 0x74, 0x64, 0x34, 0xb6, 0x39, \ + 0x64, 0x5c, 0xca, 0xf3, 0x61, 0x82, 0x8e, 0x4d, 0x90, 0xd8, 0xe0, 0xf8, \ + 0x45, 0x94, 0x82, 0x3c, 0x02, 0x49, 0xa8, 0xba, 0x47, 0x1d, 0x4d, 0xf8, \ + 0xb7, 0xbd, 0x5c, 0x89, 0xf7, 0xef, 0xcb, 0x62, 0x8a, 0xf3, 0x56, 0x2f, \ + 0xaf, 0x17, 0x33, 0x46, 0x13, 0x00, 0x13, 0xae, 0x22, 0xfa, 0xa9, 0xda, \ + 0xc8, 0xfd, 0xd3, 0x77, 0x65, 0xee, 0x58, 0x94, 0x74, 0xe4, 0xf5, 0x4f, \ + 0xa1, 0x27, 0xa6, 0xb0, 0xd1, 0x0b, 0xb3, 0xd8, 0x16, 0xb6, 0xd7, 0x67, \ + 0x63, 0x2d, 0xdc, 0x7b, 0xe1, 0x18, 0xd9, 0x8d, 0x27, 0xed, 0x1b, 0x22, \ + 0xef, 0xdf, 0x36, 0x11, 0xe2, 0xc8, 0x00, 0x0e, 0xc7, 0xe9, 0xc6, 0xb8, \ + 0xd8, 0x4b, 0x3f, 0x35, 0x41, 0xff, 0xfc, 0x96, 0x49, 0x4f, 0x7d, 0x8e, \ + 0x3f, 0x47, 0x68, 0x33, 0x17, 0x83, 0x44, 0x0f, 0xaf, 0xa6, 0x59, 0x0a, \ + 0xa9, 0x32, 0xcb, 0x59, 0xfe, 0xdd, 0x5f, 0x6e, 0x8b, 0x22, 0xb8, 0x81, \ + 0x90, 0x16, 0x91, 0x0a, 0x04, 0x79, 0x62, 0xff, 0x4b, 0x04, 0xf1, 0x5c, \ + 0x34, 0xeb, 0x69, 0xce, 0xef, 0xcb, 0x6e, 0xb6, 0x3b, 0x40, 0x55, 0xca, \ + 0x24, 0xc2, 0x3e, 0x25, 0x70, 0xee, 0x74, 0x2b, 0x0e, 0x9f, 0xc2, 0x82, \ + 0x9a, 0x20, 0x38, 0x77, 0xa1, 0x26, 0x8a, 0xca, 0x9f, 0x87, 0x75, 0x77, \ + 0xe3, 0xce, 0x65, 0xec, 0x71, 0x10, 0x35, 0xcb, 0xcb, 0x4f, 0x19, 0x43, \ + 0xeb, 0x30, 0xd0, 0xca, 0x2d, 0x3f, 0xca, 0x46, 0x14, 0x61, 0x99, 0x30, \ + 0x41, 0x32, 0xb5, 0x37, 0x63, 0x6f, 0x97 \ +} +/* END FILE */ + +/* This is taken from cli-rsa.key. */ +/* BEGIN FILE string macro TEST_CLI_KEY_RSA_PEM cli-rsa.key */ +#define TEST_CLI_KEY_RSA_PEM \ + "-----BEGIN RSA PRIVATE KEY-----\r\n" \ + "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" \ + "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" \ + "bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" \ + "Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" \ + "7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" \ + "dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" \ + "yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" \ + "4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" \ + "ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" \ + "zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" \ + "l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" \ + "DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" \ + "VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" \ + "Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" \ + "wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" \ + "c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" \ + "33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" \ + "ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" \ + "BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" \ + "KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" \ + "UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" \ + "7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" \ + "gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" \ + "bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" \ + "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" \ + "-----END RSA PRIVATE KEY-----\r\n" +/* END FILE */ + +/* This is generated from cli-rsa.key.der. */ +/* BEGIN FILE binary macro TEST_CLI_KEY_RSA_DER cli-rsa.key.der */ +#define TEST_CLI_KEY_RSA_DER { \ + 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, \ + 0xc8, 0x74, 0xc4, 0xcc, 0xb9, 0xf9, 0xb5, 0x79, 0xe9, 0x45, 0xd9, 0x14, \ + 0x60, 0xb0, 0x7d, 0xbb, 0x93, 0xf2, 0x6b, 0x1e, 0x9f, 0x33, 0xad, 0x0d, \ + 0x8f, 0x8a, 0x3c, 0x56, 0x65, 0xe5, 0xdc, 0x44, 0xd9, 0xcc, 0x66, 0x85, \ + 0x07, 0xd5, 0xf8, 0x27, 0xb0, 0x4a, 0x35, 0xd0, 0x63, 0x9e, 0x0a, 0x6e, \ + 0x1b, 0xb7, 0xda, 0xf0, 0x7e, 0xab, 0xee, 0x0c, 0x10, 0x93, 0x86, 0x49, \ + 0x18, 0x34, 0xf3, 0xa8, 0x2a, 0xd2, 0x57, 0xf5, 0x2e, 0xd4, 0x2f, 0x77, \ + 0x29, 0x84, 0x61, 0x4d, 0x82, 0x50, 0x8f, 0xa7, 0x95, 0x48, 0x70, 0xf5, \ + 0x6e, 0x4d, 0xb2, 0xd5, 0x13, 0xc3, 0xd2, 0x1a, 0xed, 0xe6, 0x43, 0xea, \ + 0x42, 0x14, 0xeb, 0x74, 0xea, 0xc0, 0xed, 0x1f, 0xd4, 0x57, 0x4e, 0xa9, \ + 0xf3, 0xa8, 0xed, 0xd2, 0xe0, 0xc1, 0x30, 0x71, 0x30, 0x32, 0x30, 0xd5, \ + 0xd3, 0xf6, 0x08, 0xd0, 0x56, 0x4f, 0x46, 0x8e, 0xf2, 0x5f, 0xf9, 0x3d, \ + 0x67, 0x91, 0x88, 0x30, 0x2e, 0x42, 0xb2, 0xdf, 0x7d, 0xfb, 0xe5, 0x0c, \ + 0x77, 0xff, 0xec, 0x31, 0xc0, 0x78, 0x8f, 0xbf, 0xc2, 0x7f, 0xca, 0xad, \ + 0x6c, 0x21, 0xd6, 0x8d, 0xd9, 0x8b, 0x6a, 0x8e, 0x6f, 0xe0, 0x9b, 0xf8, \ + 0x10, 0x56, 0xcc, 0xb3, 0x8e, 0x13, 0x15, 0xe6, 0x34, 0x04, 0x66, 0xc7, \ + 0xee, 0xf9, 0x36, 0x0e, 0x6a, 0x95, 0xf6, 0x09, 0x9a, 0x06, 0x67, 0xf4, \ + 0x65, 0x71, 0xf8, 0xca, 0xa4, 0xb1, 0x25, 0xe0, 0xfe, 0x3c, 0x8b, 0x35, \ + 0x04, 0x67, 0xba, 0xe0, 0x4f, 0x76, 0x85, 0xfc, 0x7f, 0xfc, 0x36, 0x6b, \ + 0xb5, 0xe9, 0xcd, 0x2d, 0x03, 0x62, 0x4e, 0xb3, 0x3d, 0x00, 0xcf, 0xaf, \ + 0x76, 0xa0, 0x69, 0x56, 0x83, 0x6a, 0xd2, 0xa8, 0xd4, 0xe7, 0x50, 0x71, \ + 0xe6, 0xb5, 0x36, 0x05, 0x77, 0x05, 0x6d, 0x7b, 0xc8, 0xe4, 0xc4, 0xfd, \ + 0x4c, 0xd5, 0x21, 0x5f, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, \ + 0x00, 0x67, 0x4d, 0xb5, 0xf6, 0x03, 0x89, 0xaa, 0x7a, 0x6f, 0x3b, 0x2d, \ + 0xca, 0x10, 0xa2, 0x23, 0xc9, 0xbd, 0x4e, 0xda, 0xe1, 0x67, 0x0e, 0x0c, \ + 0x8a, 0xc6, 0x84, 0x68, 0xdf, 0xe5, 0x97, 0x75, 0xd2, 0x8d, 0xa3, 0x86, \ + 0xd9, 0xdb, 0xd5, 0xeb, 0x13, 0x19, 0x08, 0xc5, 0x7e, 0xe5, 0x37, 0x97, \ + 0x0c, 0x73, 0x80, 0x66, 0x76, 0x35, 0xf1, 0x88, 0xb5, 0xf2, 0xfc, 0xf3, \ + 0xe1, 0x4b, 0x76, 0x4e, 0x73, 0x45, 0xce, 0x2c, 0xc2, 0x10, 0x26, 0x0d, \ + 0x68, 0x0d, 0x9f, 0x49, 0x3d, 0xd6, 0x80, 0x89, 0xe7, 0xc5, 0x49, 0x15, \ + 0xdd, 0x85, 0xc0, 0xc8, 0xfe, 0x82, 0x37, 0x12, 0x5a, 0x0a, 0x6b, 0xf6, \ + 0x68, 0x0d, 0x32, 0x16, 0xbd, 0xa4, 0x15, 0x54, 0x9e, 0x68, 0xa1, 0xad, \ + 0xca, 0x6b, 0xe5, 0x8c, 0xda, 0x76, 0x35, 0x59, 0x2f, 0x9b, 0xb4, 0xe1, \ + 0xf1, 0xf0, 0x50, 0x04, 0xee, 0xc8, 0xec, 0x05, 0xe1, 0xcf, 0x8d, 0xe4, \ + 0xd2, 0x64, 0x7b, 0x5e, 0x63, 0xe0, 0x7b, 0x07, 0xbc, 0x02, 0x96, 0x4e, \ + 0x1b, 0x78, 0x6c, 0xb6, 0x43, 0x9a, 0x32, 0xf6, 0xd6, 0x02, 0xf5, 0x80, \ + 0xcc, 0x26, 0x6e, 0xa5, 0xd0, 0xe3, 0x65, 0x88, 0xce, 0x26, 0xa9, 0x40, \ + 0xe1, 0xe1, 0x00, 0xe0, 0x7f, 0x3f, 0xc3, 0xb1, 0x7c, 0xde, 0xbe, 0x42, \ + 0xba, 0x07, 0x81, 0x13, 0xc2, 0xe0, 0x11, 0x11, 0x23, 0x2c, 0xf8, 0xb2, \ + 0x7a, 0x3a, 0xd4, 0xe4, 0x7d, 0x5f, 0xb9, 0xb1, 0x18, 0xfa, 0x1d, 0x1d, \ + 0x97, 0x91, 0xd9, 0x04, 0x9e, 0xbc, 0xc9, 0xb4, 0xd7, 0x7d, 0x0e, 0x54, \ + 0xf6, 0x8f, 0xd0, 0x28, 0x0d, 0xdd, 0x77, 0x4b, 0x68, 0x04, 0x48, 0x61, \ + 0x75, 0x15, 0x03, 0x1b, 0x35, 0xad, 0x8e, 0xfc, 0x24, 0x11, 0x07, 0xea, \ + 0x17, 0x5a, 0xde, 0x19, 0x68, 0xff, 0xb6, 0x87, 0x7f, 0x80, 0x2a, 0x5f, \ + 0x0c, 0x58, 0xba, 0x5f, 0x41, 0x02, 0x81, 0x81, 0x00, 0xe3, 0x03, 0xaf, \ + 0xfe, 0x98, 0xd2, 0x0b, 0x7b, 0x72, 0xe9, 0x3b, 0x8e, 0xbc, 0xa5, 0xf6, \ + 0xac, 0xe5, 0x22, 0x06, 0xb2, 0xd7, 0x5e, 0xfd, 0x89, 0x4b, 0x16, 0x67, \ + 0x32, 0x83, 0x22, 0x58, 0x8e, 0x62, 0xa4, 0xb4, 0x2d, 0xf9, 0x16, 0x13, \ + 0x54, 0xf6, 0x9f, 0x2f, 0xf9, 0xbb, 0x0e, 0x7e, 0x8c, 0x6f, 0x08, 0xda, \ + 0xc8, 0xe9, 0x1c, 0x66, 0x10, 0x70, 0x93, 0x90, 0x8d, 0xcf, 0x90, 0x3a, \ + 0x43, 0x89, 0x49, 0xeb, 0x83, 0x2a, 0xfe, 0x5a, 0x87, 0xce, 0x74, 0x42, \ + 0x41, 0x0d, 0x8c, 0x73, 0x51, 0xbc, 0x7b, 0x20, 0xc5, 0xfd, 0xf6, 0x0b, \ + 0x65, 0xed, 0xa9, 0x2e, 0xfc, 0x0f, 0xf5, 0x50, 0xf9, 0x8d, 0x37, 0x36, \ + 0x9a, 0x20, 0xdf, 0xc3, 0xe3, 0x27, 0xbc, 0x98, 0x72, 0xc1, 0x14, 0x4b, \ + 0x71, 0xe9, 0x83, 0x14, 0xff, 0x24, 0xe2, 0x14, 0x15, 0xb6, 0x6f, 0x0f, \ + 0x32, 0x9d, 0xd9, 0x98, 0xd1, 0x02, 0x81, 0x81, 0x00, 0xe2, 0x0c, 0xfb, \ + 0xc3, 0x33, 0x9b, 0x47, 0x88, 0x27, 0xf2, 0x26, 0xde, 0xeb, 0x5e, 0xee, \ + 0x40, 0xf6, 0x63, 0x5b, 0x35, 0x23, 0xf5, 0xd5, 0x07, 0x61, 0xdf, 0xa2, \ + 0x9f, 0x58, 0x30, 0x04, 0x22, 0x2b, 0xb4, 0xd9, 0xda, 0x46, 0x7f, 0x48, \ + 0xf5, 0x4f, 0xd0, 0xea, 0xd7, 0xa0, 0x45, 0x8a, 0x62, 0x8b, 0x8c, 0xac, \ + 0x73, 0x5e, 0xfa, 0x36, 0x65, 0x3e, 0xba, 0x6c, 0xba, 0x5e, 0x6b, 0x92, \ + 0x29, 0x5e, 0x6a, 0x0f, 0xd6, 0xd2, 0xa5, 0x95, 0x86, 0xda, 0x72, 0xc5, \ + 0x9e, 0xc9, 0x6b, 0x37, 0x5e, 0x4b, 0x9b, 0x77, 0xe1, 0x67, 0x1a, 0x1e, \ + 0x30, 0xd8, 0x41, 0x68, 0x40, 0xd3, 0x9c, 0xb4, 0xf6, 0xeb, 0x2a, 0x22, \ + 0xdf, 0x78, 0x29, 0xd2, 0x64, 0x92, 0x5b, 0x2f, 0x78, 0x64, 0x4a, 0xa2, \ + 0xa6, 0x6b, 0x3e, 0x50, 0xb1, 0x7a, 0xb1, 0x8d, 0x59, 0xb4, 0x55, 0xba, \ + 0xb6, 0x91, 0x85, 0xa3, 0x2f, 0x02, 0x81, 0x80, 0x10, 0x1e, 0x19, 0xe7, \ + 0xbc, 0x97, 0xe5, 0x22, 0xcd, 0xa4, 0xcb, 0x8a, 0xb5, 0xd0, 0x1e, 0xb4, \ + 0x65, 0xcc, 0x45, 0xa7, 0x7a, 0xed, 0x0e, 0x99, 0x29, 0xd0, 0x9c, 0x61, \ + 0x14, 0xb8, 0x62, 0x8b, 0x31, 0x6b, 0xba, 0x33, 0x2d, 0x65, 0x28, 0xd8, \ + 0x36, 0x6e, 0x54, 0xec, 0xa9, 0x20, 0x3d, 0x51, 0xe1, 0x2c, 0x42, 0xc4, \ + 0x52, 0xf0, 0xa6, 0x3a, 0x72, 0x93, 0xb7, 0x86, 0xa9, 0xfe, 0xf6, 0x74, \ + 0x07, 0x12, 0x4d, 0x7b, 0x51, 0x99, 0x1f, 0x7a, 0x56, 0xe9, 0x20, 0x2f, \ + 0x18, 0x34, 0x29, 0x97, 0xdb, 0x06, 0xee, 0xeb, 0xbf, 0xbd, 0x31, 0x4f, \ + 0xfa, 0x50, 0xb1, 0xba, 0x49, 0xb3, 0xc4, 0x1d, 0x03, 0xae, 0xb0, 0xdc, \ + 0xbe, 0x8a, 0xc4, 0x90, 0xa3, 0x28, 0x9b, 0xb6, 0x42, 0x09, 0x1b, 0xd6, \ + 0x29, 0x9b, 0x19, 0xe9, 0x87, 0x87, 0xd9, 0x9f, 0x35, 0x05, 0xab, 0x91, \ + 0x8f, 0x6d, 0x7c, 0x91, 0x02, 0x81, 0x81, 0x00, 0x94, 0x57, 0xf0, 0xe0, \ + 0x28, 0xfd, 0xbd, 0xf3, 0x9c, 0x43, 0x4d, 0x3e, 0xfd, 0x37, 0x4f, 0x23, \ + 0x52, 0x8d, 0xe1, 0x4c, 0xfe, 0x4c, 0x55, 0x80, 0x82, 0xba, 0x3f, 0xfe, \ + 0x51, 0xe1, 0x30, 0xd5, 0x3b, 0xd9, 0x73, 0x1d, 0xcb, 0x25, 0xbc, 0xbb, \ + 0x3f, 0xa5, 0xda, 0x77, 0xa6, 0xb5, 0xfc, 0x1a, 0xaf, 0x79, 0xa1, 0xb2, \ + 0x14, 0xa2, 0x1f, 0x10, 0x52, 0x1a, 0x05, 0x40, 0x48, 0xb6, 0x4f, 0x34, \ + 0xd6, 0xc0, 0xc3, 0xa4, 0x36, 0x98, 0x73, 0x88, 0x0b, 0xd3, 0x45, 0xdc, \ + 0xee, 0x51, 0x6e, 0x04, 0x73, 0x99, 0x93, 0x12, 0x58, 0x96, 0xcb, 0x39, \ + 0x42, 0xb1, 0xa9, 0xb8, 0xe1, 0x25, 0xf5, 0x9c, 0x14, 0xb7, 0x92, 0x2b, \ + 0x14, 0xb0, 0x5d, 0x61, 0xa2, 0xaa, 0x34, 0x7c, 0xcd, 0x54, 0x2d, 0x69, \ + 0x08, 0xf7, 0xdb, 0xfc, 0x9c, 0x87, 0xe8, 0x3a, 0xf6, 0x1d, 0x4c, 0x6a, \ + 0x83, 0x15, 0x30, 0x01, 0x02, 0x81, 0x81, 0x00, 0x9c, 0x53, 0xa1, 0xb6, \ + 0x2f, 0xc0, 0x06, 0xf5, 0xdf, 0x5c, 0xd1, 0x4a, 0x4e, 0xc8, 0xbd, 0x6d, \ + 0x32, 0xf1, 0x5e, 0xe5, 0x3b, 0x70, 0xd0, 0xa8, 0xe5, 0x41, 0x57, 0x6c, \ + 0x87, 0x53, 0x0f, 0xeb, 0x28, 0xa0, 0x62, 0x8f, 0x43, 0x62, 0xec, 0x2e, \ + 0x6c, 0x71, 0x55, 0x5b, 0x6a, 0xf4, 0x74, 0x14, 0xea, 0x7a, 0x03, 0xf6, \ + 0xfc, 0xa4, 0xce, 0xc4, 0xac, 0xda, 0x1d, 0xf0, 0xb5, 0xa9, 0xfd, 0x11, \ + 0x18, 0x3b, 0x14, 0xa0, 0x90, 0x8d, 0x26, 0xb7, 0x75, 0x73, 0x0a, 0x02, \ + 0x2c, 0x6f, 0x0f, 0xd8, 0x41, 0x78, 0xc3, 0x73, 0x81, 0xac, 0xaa, 0xaf, \ + 0xf2, 0xee, 0x32, 0xb5, 0x8d, 0x05, 0xf9, 0x59, 0x5a, 0x9e, 0x3e, 0x65, \ + 0x9b, 0x74, 0xda, 0xa0, 0x74, 0x95, 0x17, 0x5f, 0x8d, 0x58, 0xfc, 0x8e, \ + 0x4e, 0x2c, 0x1e, 0xbc, 0x81, 0x02, 0x18, 0xac, 0x12, 0xc6, 0xf9, 0x64, \ + 0x8b, 0x87, 0xc3, 0x00 \ +} +/* END FILE */ + diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c new file mode 100644 index 000000000..5c305cb0a --- /dev/null +++ b/tests/src/test_helpers/ssl_helpers.c @@ -0,0 +1,2304 @@ +/** \file ssl_helpers.c + * + * \brief Helper functions to set up a TLS connection. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "md_psa.h" + +#if defined(MBEDTLS_SSL_TLS_C) +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +static int rng_seed = 0xBEEF; +static int rng_get(void *p_rng, unsigned char *output, size_t output_len) +{ + (void) p_rng; + for (size_t i = 0; i < output_len; i++) { + output[i] = rand(); + } + + return 0; +} +#endif + +void mbedtls_test_ssl_log_analyzer(void *ctx, int level, + const char *file, int line, + const char *str) +{ + mbedtls_test_ssl_log_pattern *p = (mbedtls_test_ssl_log_pattern *) ctx; + + (void) level; + (void) line; + (void) file; + + if (NULL != p && + NULL != p->pattern && + NULL != strstr(str, p->pattern)) { + p->counter++; + } +} + +void mbedtls_test_init_handshake_options( + mbedtls_test_handshake_test_options *opts) +{ +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + srand(rng_seed); + rng_seed += 0xD0; +#endif + opts->cipher = ""; + opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; + opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3; + opts->expected_handshake_result = 0; + opts->expected_ciphersuite = 0; + opts->pk_alg = MBEDTLS_PK_RSA; + opts->opaque_alg = 0; + opts->opaque_alg2 = 0; + opts->opaque_usage = 0; + opts->psk_str = NULL; + opts->dtls = 0; + opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; + opts->serialize = 0; + opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; + opts->cli_msg_len = 100; + opts->srv_msg_len = 100; + opts->expected_cli_fragments = 1; + opts->expected_srv_fragments = 1; + opts->renegotiate = 0; + opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; + opts->srv_log_obj = NULL; + opts->srv_log_obj = NULL; + opts->srv_log_fun = NULL; + opts->cli_log_fun = NULL; + opts->resize_buffers = 1; +#if defined(MBEDTLS_SSL_CACHE_C) + opts->cache = NULL; + TEST_CALLOC(opts->cache, 1); + mbedtls_ssl_cache_init(opts->cache); +#if defined(MBEDTLS_HAVE_TIME) + TEST_EQUAL(mbedtls_ssl_cache_get_timeout(opts->cache), + MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT); +#endif +exit: + return; +#endif +} + +void mbedtls_test_free_handshake_options( + mbedtls_test_handshake_test_options *opts) +{ +#if defined(MBEDTLS_SSL_CACHE_C) + mbedtls_ssl_cache_free(opts->cache); + mbedtls_free(opts->cache); +#else + (void) opts; +#endif +} + +#if defined(MBEDTLS_TEST_HOOKS) +static void set_chk_buf_ptr_args( + mbedtls_ssl_chk_buf_ptr_args *args, + unsigned char *cur, unsigned char *end, size_t need) +{ + args->cur = cur; + args->end = end; + args->need = need; +} + +static void reset_chk_buf_ptr_args(mbedtls_ssl_chk_buf_ptr_args *args) +{ + memset(args, 0, sizeof(*args)); +} +#endif /* MBEDTLS_TEST_HOOKS */ + +void mbedtls_test_ssl_buffer_init(mbedtls_test_ssl_buffer *buf) +{ + memset(buf, 0, sizeof(*buf)); +} + +int mbedtls_test_ssl_buffer_setup(mbedtls_test_ssl_buffer *buf, + size_t capacity) +{ + buf->buffer = (unsigned char *) mbedtls_calloc(capacity, + sizeof(unsigned char)); + if (NULL == buf->buffer) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + buf->capacity = capacity; + + return 0; +} + +void mbedtls_test_ssl_buffer_free(mbedtls_test_ssl_buffer *buf) +{ + if (buf->buffer != NULL) { + mbedtls_free(buf->buffer); + } + + memset(buf, 0, sizeof(*buf)); +} + +int mbedtls_test_ssl_buffer_put(mbedtls_test_ssl_buffer *buf, + const unsigned char *input, size_t input_len) +{ + size_t overflow = 0; + + if ((buf == NULL) || (buf->buffer == NULL)) { + return -1; + } + + /* Reduce input_len to a number that fits in the buffer. */ + if ((buf->content_length + input_len) > buf->capacity) { + input_len = buf->capacity - buf->content_length; + } + + if (input == NULL) { + return (input_len == 0) ? 0 : -1; + } + + /* Check if the buffer has not come full circle and free space is not in + * the middle */ + if (buf->start + buf->content_length < buf->capacity) { + + /* Calculate the number of bytes that need to be placed at lower memory + * address */ + if (buf->start + buf->content_length + input_len + > buf->capacity) { + overflow = (buf->start + buf->content_length + input_len) + % buf->capacity; + } + + memcpy(buf->buffer + buf->start + buf->content_length, input, + input_len - overflow); + memcpy(buf->buffer, input + input_len - overflow, overflow); + + } else { + /* The buffer has come full circle and free space is in the middle */ + memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, + input, input_len); + } + + buf->content_length += input_len; + return (input_len > INT_MAX) ? INT_MAX : (int) input_len; +} + +int mbedtls_test_ssl_buffer_get(mbedtls_test_ssl_buffer *buf, + unsigned char *output, size_t output_len) +{ + size_t overflow = 0; + + if ((buf == NULL) || (buf->buffer == NULL)) { + return -1; + } + + if (output == NULL && output_len == 0) { + return 0; + } + + if (buf->content_length < output_len) { + output_len = buf->content_length; + } + + /* Calculate the number of bytes that need to be drawn from lower memory + * address */ + if (buf->start + output_len > buf->capacity) { + overflow = (buf->start + output_len) % buf->capacity; + } + + if (output != NULL) { + memcpy(output, buf->buffer + buf->start, output_len - overflow); + memcpy(output + output_len - overflow, buf->buffer, overflow); + } + + buf->content_length -= output_len; + buf->start = (buf->start + output_len) % buf->capacity; + + return (output_len > INT_MAX) ? INT_MAX : (int) output_len; +} + +int mbedtls_test_ssl_message_queue_setup( + mbedtls_test_ssl_message_queue *queue, size_t capacity) +{ + queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); + if (NULL == queue->messages) { + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + + queue->capacity = (capacity > INT_MAX) ? INT_MAX : (int) capacity; + queue->pos = 0; + queue->num = 0; + + return 0; +} + +void mbedtls_test_ssl_message_queue_free( + mbedtls_test_ssl_message_queue *queue) +{ + if (queue == NULL) { + return; + } + + if (queue->messages != NULL) { + mbedtls_free(queue->messages); + } + + memset(queue, 0, sizeof(*queue)); +} + +int mbedtls_test_ssl_message_queue_push_info( + mbedtls_test_ssl_message_queue *queue, size_t len) +{ + int place; + if (queue == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + + if (queue->num >= queue->capacity) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + place = (queue->pos + queue->num) % queue->capacity; + queue->messages[place] = len; + queue->num++; + return (len > INT_MAX) ? INT_MAX : (int) len; +} + +int mbedtls_test_ssl_message_queue_pop_info( + mbedtls_test_ssl_message_queue *queue, size_t buf_len) +{ + size_t message_length; + if (queue == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + if (queue->num == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + message_length = queue->messages[queue->pos]; + queue->messages[queue->pos] = 0; + queue->num--; + queue->pos++; + queue->pos %= queue->capacity; + if (queue->pos < 0) { + queue->pos += queue->capacity; + } + + return (message_length > INT_MAX && buf_len > INT_MAX) ? INT_MAX : + (message_length > buf_len) ? (int) buf_len : (int) message_length; +} + +/* + * Take a peek on the info about the next message length from the queue. + * This will be the oldest inserted message length(fifo). + * + * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. + * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. + * \retval 0, if the peek was successful. + * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is + * too small to fit the message. In this case the \p msg_len will be + * set to the full message length so that the + * caller knows what portion of the message can be dropped. + */ +static int test_ssl_message_queue_peek_info( + mbedtls_test_ssl_message_queue *queue, + size_t buf_len, size_t *msg_len) +{ + if (queue == NULL || msg_len == NULL) { + return MBEDTLS_TEST_ERROR_ARG_NULL; + } + if (queue->num == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + *msg_len = queue->messages[queue->pos]; + return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; +} + +void mbedtls_test_mock_socket_init(mbedtls_test_mock_socket *socket) +{ + memset(socket, 0, sizeof(*socket)); +} + +void mbedtls_test_mock_socket_close(mbedtls_test_mock_socket *socket) +{ + if (socket == NULL) { + return; + } + + if (socket->input != NULL) { + mbedtls_test_ssl_buffer_free(socket->input); + mbedtls_free(socket->input); + } + + if (socket->output != NULL) { + mbedtls_test_ssl_buffer_free(socket->output); + mbedtls_free(socket->output); + } + + if (socket->peer != NULL) { + memset(socket->peer, 0, sizeof(*socket->peer)); + } + + memset(socket, 0, sizeof(*socket)); +} + +int mbedtls_test_mock_socket_connect(mbedtls_test_mock_socket *peer1, + mbedtls_test_mock_socket *peer2, + size_t bufsize) +{ + int ret = -1; + + peer1->output = + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); + if (peer1->output == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_test_ssl_buffer_init(peer1->output); + if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer1->output, bufsize))) { + goto exit; + } + + peer2->output = + (mbedtls_test_ssl_buffer *) mbedtls_calloc( + 1, sizeof(mbedtls_test_ssl_buffer)); + if (peer2->output == NULL) { + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; + } + mbedtls_test_ssl_buffer_init(peer2->output); + if (0 != (ret = mbedtls_test_ssl_buffer_setup(peer2->output, bufsize))) { + goto exit; + } + + peer1->peer = peer2; + peer2->peer = peer1; + peer1->input = peer2->output; + peer2->input = peer1->output; + + peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; + ret = 0; + +exit: + + if (ret != 0) { + mbedtls_test_mock_socket_close(peer1); + mbedtls_test_mock_socket_close(peer2); + } + + return ret; +} + +int mbedtls_test_mock_tcp_send_b(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + return mbedtls_test_ssl_buffer_put(socket->output, buf, len); +} + +int mbedtls_test_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + return mbedtls_test_ssl_buffer_get(socket->input, buf, len); +} + +int mbedtls_test_mock_tcp_send_nb(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + if (socket->output->capacity == socket->output->content_length) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + return mbedtls_test_ssl_buffer_put(socket->output, buf, len); +} + +int mbedtls_test_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) +{ + mbedtls_test_mock_socket *socket = (mbedtls_test_mock_socket *) ctx; + + if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { + return -1; + } + + if (socket->input->content_length == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + + return mbedtls_test_ssl_buffer_get(socket->input, buf, len); +} + +void mbedtls_test_message_socket_init( + mbedtls_test_message_socket_context *ctx) +{ + ctx->queue_input = NULL; + ctx->queue_output = NULL; + ctx->socket = NULL; +} + +int mbedtls_test_message_socket_setup( + mbedtls_test_ssl_message_queue *queue_input, + mbedtls_test_ssl_message_queue *queue_output, + size_t queue_capacity, + mbedtls_test_mock_socket *socket, + mbedtls_test_message_socket_context *ctx) +{ + int ret = mbedtls_test_ssl_message_queue_setup(queue_input, queue_capacity); + if (ret != 0) { + return ret; + } + ctx->queue_input = queue_input; + ctx->queue_output = queue_output; + ctx->socket = socket; + mbedtls_test_mock_socket_init(socket); + + return 0; +} + +void mbedtls_test_message_socket_close( + mbedtls_test_message_socket_context *ctx) +{ + if (ctx == NULL) { + return; + } + + mbedtls_test_ssl_message_queue_free(ctx->queue_input); + mbedtls_test_mock_socket_close(ctx->socket); + memset(ctx, 0, sizeof(*ctx)); +} + +int mbedtls_test_mock_tcp_send_msg(void *ctx, + const unsigned char *buf, size_t len) +{ + mbedtls_test_ssl_message_queue *queue; + mbedtls_test_mock_socket *socket; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; + + if (context == NULL || context->socket == NULL + || context->queue_output == NULL) { + return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; + } + + queue = context->queue_output; + socket = context->socket; + + if (queue->num >= queue->capacity) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + + if (mbedtls_test_mock_tcp_send_b(socket, buf, len) != (int) len) { + return MBEDTLS_TEST_ERROR_SEND_FAILED; + } + + return mbedtls_test_ssl_message_queue_push_info(queue, len); +} + +int mbedtls_test_mock_tcp_recv_msg(void *ctx, + unsigned char *buf, size_t buf_len) +{ + mbedtls_test_ssl_message_queue *queue; + mbedtls_test_mock_socket *socket; + mbedtls_test_message_socket_context *context = + (mbedtls_test_message_socket_context *) ctx; + size_t drop_len = 0; + size_t msg_len; + int ret; + + if (context == NULL || context->socket == NULL + || context->queue_input == NULL) { + return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; + } + + queue = context->queue_input; + socket = context->socket; + + /* Peek first, so that in case of a socket error the data remains in + * the queue. */ + ret = test_ssl_message_queue_peek_info(queue, buf_len, &msg_len); + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { + /* Calculate how much to drop */ + drop_len = msg_len - buf_len; + + /* Set the requested message len to be buffer length */ + msg_len = buf_len; + } else if (ret != 0) { + return ret; + } + + if (mbedtls_test_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { + return MBEDTLS_TEST_ERROR_RECV_FAILED; + } + + if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { + /* Drop the remaining part of the message */ + if (mbedtls_test_mock_tcp_recv_b(socket, NULL, drop_len) != + (int) drop_len) { + /* Inconsistent state - part of the message was read, + * and a part couldn't. Not much we can do here, but it should not + * happen in test environment, unless forced manually. */ + } + } + mbedtls_test_ssl_message_queue_pop_info(queue, buf_len); + + return (msg_len > INT_MAX) ? INT_MAX : (int) msg_len; +} + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) + +/* + * Deinitializes certificates from endpoint represented by \p ep. + */ +static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) +{ + mbedtls_test_ssl_endpoint_certificate *cert = &(ep->cert); + if (cert != NULL) { + if (cert->ca_cert != NULL) { + mbedtls_x509_crt_free(cert->ca_cert); + mbedtls_free(cert->ca_cert); + cert->ca_cert = NULL; + } + if (cert->cert != NULL) { + mbedtls_x509_crt_free(cert->cert); + mbedtls_free(cert->cert); + cert->cert = NULL; + } + if (cert->pkey != NULL) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { + psa_destroy_key(cert->pkey->priv_id); + } +#endif + mbedtls_pk_free(cert->pkey); + mbedtls_free(cert->pkey); + cert->pkey = NULL; + } + } +} + +int mbedtls_test_ssl_endpoint_certificate_init(mbedtls_test_ssl_endpoint *ep, + int pk_alg, + int opaque_alg, int opaque_alg2, + int opaque_usage) +{ + int i = 0; + int ret = -1; + mbedtls_test_ssl_endpoint_certificate *cert = NULL; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; +#endif + + if (ep == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + cert = &(ep->cert); + TEST_CALLOC(cert->ca_cert, 1); + TEST_CALLOC(cert->cert, 1); + TEST_CALLOC(cert->pkey, 1); + + mbedtls_x509_crt_init(cert->ca_cert); + mbedtls_x509_crt_init(cert->cert); + mbedtls_pk_init(cert->pkey); + + /* Load the trusted CA */ + + for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { + ret = mbedtls_x509_crt_parse_der( + cert->ca_cert, + (const unsigned char *) mbedtls_test_cas_der[i], + mbedtls_test_cas_der_len[i]); + TEST_ASSERT(ret == 0); + } + + /* Load own certificate and private key */ + + if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, + mbedtls_test_srv_crt_rsa_sha256_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_rsa_der, + mbedtls_test_srv_key_rsa_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_srv_crt_ec_der, + mbedtls_test_srv_crt_ec_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_srv_key_ec_der, + mbedtls_test_srv_key_ec_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } + } else { + if (pk_alg == MBEDTLS_PK_RSA) { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_rsa_der, + mbedtls_test_cli_crt_rsa_der_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_rsa_der, + mbedtls_test_cli_key_rsa_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } else { + ret = mbedtls_x509_crt_parse( + cert->cert, + (const unsigned char *) mbedtls_test_cli_crt_ec_der, + mbedtls_test_cli_crt_ec_len); + TEST_ASSERT(ret == 0); + + ret = mbedtls_pk_parse_key( + cert->pkey, + (const unsigned char *) mbedtls_test_cli_key_ec_der, + mbedtls_test_cli_key_ec_der_len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL); + TEST_ASSERT(ret == 0); + } + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (opaque_alg != 0) { + TEST_EQUAL(mbedtls_pk_wrap_as_opaque(cert->pkey, &key_slot, + opaque_alg, opaque_usage, + opaque_alg2), 0); + } +#else + (void) opaque_alg; + (void) opaque_alg2; + (void) opaque_usage; +#endif + + mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, + cert->pkey); + TEST_ASSERT(ret == 0); + TEST_ASSERT(ep->conf.key_cert != NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL); + TEST_ASSERT(ret == 0); + TEST_ASSERT(ep->conf.key_cert == NULL); + + ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, + cert->pkey); + TEST_ASSERT(ret == 0); + +exit: + if (ret != 0) { + test_ssl_endpoint_certificate_free(ep); + } + + return ret; +} + +int mbedtls_test_ssl_endpoint_init( + mbedtls_test_ssl_endpoint *ep, int endpoint_type, + mbedtls_test_handshake_test_options *options, + mbedtls_test_message_socket_context *dtls_context, + mbedtls_test_ssl_message_queue *input_queue, + mbedtls_test_ssl_message_queue *output_queue, + uint16_t *group_list) +{ + int ret = -1; + uintptr_t user_data_n; + + if (dtls_context != NULL && + (input_queue == NULL || output_queue == NULL)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + + } + + if (ep == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + memset(ep, 0, sizeof(*ep)); + + ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; + + mbedtls_ssl_init(&(ep->ssl)); + mbedtls_ssl_config_init(&(ep->conf)); + mbedtls_ssl_conf_rng(&(ep->conf), rng_get, NULL); + + TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL); + TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0); + TEST_ASSERT(mbedtls_ssl_get_user_data_p(&ep->ssl) == NULL); + TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0); + + (void) mbedtls_test_rnd_std_rand(NULL, + (void *) &user_data_n, + sizeof(user_data_n)); + mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n); + mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n); + + if (dtls_context != NULL) { + TEST_ASSERT(mbedtls_test_message_socket_setup(input_queue, output_queue, + 100, &(ep->socket), + dtls_context) == 0); + } else { + mbedtls_test_mock_socket_init(&(ep->socket)); + } + + /* Non-blocking callbacks without timeout */ + if (dtls_context != NULL) { + mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, + mbedtls_test_mock_tcp_send_msg, + mbedtls_test_mock_tcp_recv_msg, + NULL); + } else { + mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), + mbedtls_test_mock_tcp_send_nb, + mbedtls_test_mock_tcp_recv_nb, + NULL); + } + + ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, + (dtls_context != NULL) ? + MBEDTLS_SSL_TRANSPORT_DATAGRAM : + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT); + TEST_ASSERT(ret == 0); + + if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) { + if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_min_tls_version(&(ep->conf), + options->client_min_version); + } + + if (options->client_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_max_tls_version(&(ep->conf), + options->client_max_version); + } + } else { + if (options->server_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_min_tls_version(&(ep->conf), + options->server_min_version); + } + + if (options->server_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { + mbedtls_ssl_conf_max_tls_version(&(ep->conf), + options->server_max_version); + } + } + + if (group_list != NULL) { + mbedtls_ssl_conf_groups(&(ep->conf), group_list); + } + + mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED); + +#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) { + mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache, + mbedtls_ssl_cache_get, + mbedtls_ssl_cache_set); + } +#endif + + ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); + TEST_ASSERT(ret == 0); + +#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { + mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); + } +#endif + + ret = mbedtls_test_ssl_endpoint_certificate_init(ep, options->pk_alg, + options->opaque_alg, + options->opaque_alg2, + options->opaque_usage); + TEST_ASSERT(ret == 0); + + TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n); + mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep); + TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n); + mbedtls_ssl_set_user_data_p(&ep->ssl, ep); + +exit: + return ret; +} + +void mbedtls_test_ssl_endpoint_free( + mbedtls_test_ssl_endpoint *ep, + mbedtls_test_message_socket_context *context) +{ + test_ssl_endpoint_certificate_free(ep); + + mbedtls_ssl_free(&(ep->ssl)); + mbedtls_ssl_config_free(&(ep->conf)); + + if (context != NULL) { + mbedtls_test_message_socket_close(context); + } else { + mbedtls_test_mock_socket_close(&(ep->socket)); + } +} + +int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, + mbedtls_ssl_context *second_ssl, + int state) +{ + enum { BUFFSIZE = 1024 }; + int max_steps = 1000; + int ret = 0; + + if (ssl == NULL || second_ssl == NULL) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + /* Perform communication via connected sockets */ + while ((ssl->state != state) && (--max_steps >= 0)) { + /* If /p second_ssl ends the handshake procedure before /p ssl then + * there is no need to call the next step */ + if (!mbedtls_ssl_is_handshake_over(second_ssl)) { + ret = mbedtls_ssl_handshake_step(second_ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + + /* We only care about the \p ssl state and returns, so we call it last, + * to leave the iteration as soon as the state is as expected. */ + ret = mbedtls_ssl_handshake_step(ssl); + if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && + ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + return ret; + } + } + + return (max_steps >= 0) ? ret : -1; +} + +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +/* + * Write application data. Increase write counter if necessary. + */ +int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, + unsigned char *buf, int buf_len, + int *written, + const int expected_fragments) +{ + int ret; + /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is + * a valid no-op for TLS connections. */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_ASSERT(mbedtls_ssl_write(ssl, NULL, 0) == 0); + } + + ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); + if (ret > 0) { + *written += ret; + } + + if (expected_fragments == 0) { + /* Used for DTLS and the message size larger than MFL. In that case + * the message can not be fragmented and the library should return + * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned + * to prevent a dead loop inside mbedtls_test_ssl_exchange_data(). */ + return ret; + } else if (expected_fragments == 1) { + /* Used for TLS/DTLS and the message size lower than MFL */ + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + /* Used for TLS and the message size larger than MFL */ + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } + + return 0; + +exit: + /* Some of the tests failed */ + return -1; +} + +/* + * Read application data and increase read counter and fragments counter + * if necessary. + */ +int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, + unsigned char *buf, int buf_len, + int *read, int *fragments, + const int expected_fragments) +{ + int ret; + /* Verify that calling mbedtls_ssl_write with a NULL buffer and zero length is + * a valid no-op for TLS connections. */ + if (ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_ASSERT(mbedtls_ssl_read(ssl, NULL, 0) == 0); + } + + ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); + if (ret > 0) { + (*fragments)++; + *read += ret; + } + + if (expected_fragments == 0) { + TEST_ASSERT(ret == 0); + } else if (expected_fragments == 1) { + TEST_ASSERT(ret == buf_len || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } else { + TEST_ASSERT(expected_fragments > 1); + TEST_ASSERT((ret >= 0 && ret <= buf_len) || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + } + + return 0; + +exit: + /* Some of the tests failed */ + return -1; +} + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +static void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, + int *forced_ciphersuite) +{ + const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); + forced_ciphersuite[1] = 0; + + ciphersuite_info = + mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); + + TEST_ASSERT(ciphersuite_info != NULL); + TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version); + TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version); + + if (conf->max_tls_version > ciphersuite_info->max_tls_version) { + conf->max_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->max_tls_version; + } + if (conf->min_tls_version < ciphersuite_info->min_tls_version) { + conf->min_tls_version = (mbedtls_ssl_protocol_version) ciphersuite_info->min_tls_version; + } + + mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); + +exit: + return; +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ + defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) && \ + defined(MBEDTLS_SSL_SRV_C) +static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, + const unsigned char *name, size_t name_len) +{ + (void) p_info; + (void) ssl; + (void) name; + (void) name_len; + + return 0; +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && + MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED && + MBEDTLS_SSL_SRV_C */ + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) +int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, + const unsigned char *iv, + size_t iv_len, + const unsigned char *input, + size_t ilen, + unsigned char *output, + size_t *olen) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; + size_t part_len; + + status = psa_cipher_encrypt_setup(&cipher_op, + transform->psa_key_enc, + transform->psa_alg); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + status = psa_cipher_set_iv(&cipher_op, iv, iv_len); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + status = psa_cipher_update(&cipher_op, input, ilen, output, ilen, olen); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + status = psa_cipher_finish(&cipher_op, output + *olen, ilen - *olen, + &part_len); + + if (status != PSA_SUCCESS) { + return PSA_TO_MBEDTLS_ERR(status); + } + + *olen += part_len; + return 0; +#else + return mbedtls_cipher_crypt(&transform->cipher_ctx_enc, + iv, iv_len, input, ilen, output, olen); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && + MBEDTLS_AES_C */ + +int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, + mbedtls_ssl_transform *t_out, + int cipher_type, int hash_id, + int etm, int tag_mode, + mbedtls_ssl_protocol_version tls_version, + size_t cid0_len, + size_t cid1_len) +{ + mbedtls_cipher_info_t const *cipher_info; + int ret = 0; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_key_type_t key_type; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_algorithm_t alg; + size_t key_bits; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; +#endif + + size_t keylen, maclen, ivlen; + unsigned char *key0 = NULL, *key1 = NULL; + unsigned char *md0 = NULL, *md1 = NULL; + unsigned char iv_enc[16], iv_dec[16]; + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + unsigned char cid0[SSL_CID_LEN_MIN]; + unsigned char cid1[SSL_CID_LEN_MIN]; + + mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); + mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); +#else + ((void) cid0_len); + ((void) cid1_len); +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + maclen = 0; + + /* Pick cipher */ + cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); + CHK(cipher_info != NULL); + CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); + CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); + + /* Pick keys */ + keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; + /* Allocate `keylen + 1` bytes to ensure that we get + * a non-NULL pointers from `mbedtls_calloc` even if + * `keylen == 0` in the case of the NULL cipher. */ + CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); + CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); + memset(key0, 0x1, keylen); + memset(key1, 0x2, keylen); + +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + /* Setup cipher contexts */ + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); + CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); + +#if defined(MBEDTLS_CIPHER_MODE_CBC) + if (cipher_info->mode == MBEDTLS_MODE_CBC) { + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, + MBEDTLS_PADDING_NONE) == 0); + CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, + MBEDTLS_PADDING_NONE) == 0); + } +#endif /* MBEDTLS_CIPHER_MODE_CBC */ + + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_ENCRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_DECRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_ENCRYPT) + == 0); + CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, + (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, + MBEDTLS_DECRYPT) + == 0); +#endif + + /* Setup MAC contexts */ +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) + if (cipher_info->mode == MBEDTLS_MODE_CBC || + cipher_info->mode == MBEDTLS_MODE_STREAM) { +#if !defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) hash_id); + CHK(md_info != NULL); +#endif + maclen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) hash_id); + CHK(maclen != 0); + /* Pick hash keys */ + CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); + CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); + memset(md0, 0x5, maclen); + memset(md1, 0x6, maclen); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + alg = mbedtls_md_psa_alg_from_type(hash_id); + + CHK(alg != 0); + + t_out->psa_mac_alg = PSA_ALG_HMAC(alg); + t_in->psa_mac_alg = PSA_ALG_HMAC(alg); + t_in->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; + t_out->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; + t_in->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; + t_out->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; + + psa_reset_key_attributes(&attributes); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); + psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(alg)); + psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); + + CHK(psa_import_key(&attributes, + md0, maclen, + &t_in->psa_mac_enc) == PSA_SUCCESS); + + CHK(psa_import_key(&attributes, + md1, maclen, + &t_out->psa_mac_enc) == PSA_SUCCESS); + + if (cipher_info->mode == MBEDTLS_MODE_STREAM || + etm == MBEDTLS_SSL_ETM_DISABLED) { + /* mbedtls_ct_hmac() requires the key to be exportable */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_VERIFY_HASH); + } else { + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + } + + CHK(psa_import_key(&attributes, + md1, maclen, + &t_in->psa_mac_dec) == PSA_SUCCESS); + + CHK(psa_import_key(&attributes, + md0, maclen, + &t_out->psa_mac_dec) == PSA_SUCCESS); +#else + CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); + CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); + + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, + md0, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, + md1, maclen) == 0); + CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, + md0, maclen) == 0); +#endif + } +#else + ((void) hash_id); +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + + + /* Pick IV's (regardless of whether they + * are being used by the transform). */ + ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); + memset(iv_enc, 0x3, sizeof(iv_enc)); + memset(iv_dec, 0x4, sizeof(iv_dec)); + + /* + * Setup transforms + */ + +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ + defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) + t_out->encrypt_then_mac = etm; + t_in->encrypt_then_mac = etm; +#else + ((void) etm); +#endif + + t_out->tls_version = tls_version; + t_in->tls_version = tls_version; + t_out->ivlen = ivlen; + t_in->ivlen = ivlen; + + switch (cipher_info->mode) { + case MBEDTLS_MODE_GCM: + case MBEDTLS_MODE_CCM: +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { + t_out->fixed_ivlen = 12; + t_in->fixed_ivlen = 12; + } else +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + { + t_out->fixed_ivlen = 4; + t_in->fixed_ivlen = 4; + } + t_out->maclen = 0; + t_in->maclen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->taglen = 16; + t_in->taglen = 16; + break; + case 1: /* Partial tag */ + t_out->taglen = 8; + t_in->taglen = 8; + break; + default: + ret = 1; + goto cleanup; + } + break; + + case MBEDTLS_MODE_CHACHAPOLY: + t_out->fixed_ivlen = 12; + t_in->fixed_ivlen = 12; + t_out->maclen = 0; + t_in->maclen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->taglen = 16; + t_in->taglen = 16; + break; + case 1: /* Partial tag */ + t_out->taglen = 8; + t_in->taglen = 8; + break; + default: + ret = 1; + goto cleanup; + } + break; + + case MBEDTLS_MODE_STREAM: + case MBEDTLS_MODE_CBC: + t_out->fixed_ivlen = 0; /* redundant, must be 0 */ + t_in->fixed_ivlen = 0; /* redundant, must be 0 */ + t_out->taglen = 0; + t_in->taglen = 0; + switch (tag_mode) { + case 0: /* Full tag */ + t_out->maclen = maclen; + t_in->maclen = maclen; + break; + default: + ret = 1; + goto cleanup; + } + break; + default: + ret = 1; + goto cleanup; + break; + } + + /* Setup IV's */ + + memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); + memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); + memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); + +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + /* Add CID */ + memcpy(&t_in->in_cid, cid0, cid0_len); + memcpy(&t_in->out_cid, cid1, cid1_len); + t_in->in_cid_len = (uint8_t) cid0_len; + t_in->out_cid_len = (uint8_t) cid1_len; + memcpy(&t_out->in_cid, cid1, cid1_len); + memcpy(&t_out->out_cid, cid0, cid0_len); + t_out->in_cid_len = (uint8_t) cid1_len; + t_out->out_cid_len = (uint8_t) cid0_len; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + status = mbedtls_ssl_cipher_to_psa(cipher_type, + t_in->taglen, + &alg, + &key_type, + &key_bits); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + t_in->psa_alg = alg; + t_out->psa_alg = alg; + + if (alg != MBEDTLS_SSL_NULL_CIPHER) { + psa_reset_key_attributes(&attributes); + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + status = psa_import_key(&attributes, + key0, + PSA_BITS_TO_BYTES(key_bits), + &t_in->psa_key_enc); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + status = psa_import_key(&attributes, + key1, + PSA_BITS_TO_BYTES(key_bits), + &t_out->psa_key_enc); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); + + status = psa_import_key(&attributes, + key1, + PSA_BITS_TO_BYTES(key_bits), + &t_in->psa_key_dec); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + + status = psa_import_key(&attributes, + key0, + PSA_BITS_TO_BYTES(key_bits), + &t_out->psa_key_dec); + + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto cleanup; + } + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +cleanup: + + mbedtls_free(key0); + mbedtls_free(key1); + + mbedtls_free(md0); + mbedtls_free(md1); + + return ret; +} + +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) +int mbedtls_test_ssl_prepare_record_mac(mbedtls_record *record, + mbedtls_ssl_transform *transform_out) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; +#endif + + /* Serialized version of record header for MAC purposes */ + unsigned char add_data[13]; + memcpy(add_data, record->ctr, 8); + add_data[8] = record->type; + add_data[9] = record->ver[0]; + add_data[10] = record->ver[1]; + add_data[11] = (record->data_len >> 8) & 0xff; + add_data[12] = (record->data_len >> 0) & 0xff; + + /* MAC with additional data */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + size_t sign_mac_length = 0; + TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_setup(&operation, + transform_out->psa_mac_enc, + transform_out->psa_mac_alg)); + TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, add_data, 13)); + TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, + record->buf + record->data_offset, + record->data_len)); + /* Use a temporary buffer for the MAC, because with the truncated HMAC + * extension, there might not be enough room in the record for the + * full-length MAC. */ + unsigned char mac[PSA_HASH_MAX_SIZE]; + TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_finish(&operation, + mac, sizeof(mac), + &sign_mac_length)); +#else + TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, add_data, 13)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&transform_out->md_ctx_enc, + record->buf + record->data_offset, + record->data_len)); + /* Use a temporary buffer for the MAC, because with the truncated HMAC + * extension, there might not be enough room in the record for the + * full-length MAC. */ + unsigned char mac[MBEDTLS_MD_MAX_SIZE]; + TEST_EQUAL(0, mbedtls_md_hmac_finish(&transform_out->md_ctx_enc, mac)); +#endif + memcpy(record->buf + record->data_offset + record->data_len, mac, transform_out->maclen); + record->data_len += transform_out->maclen; + + return 0; + +exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_mac_abort(&operation); +#endif + return -1; +} +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ + +int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, + int ticket_len, + const char *crt_file) +{ +#if defined(MBEDTLS_HAVE_TIME) + session->start = mbedtls_time(NULL) - 42; +#endif + session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; + session->ciphersuite = 0xabcd; + session->id_len = sizeof(session->id); + memset(session->id, 66, session->id_len); + memset(session->master, 17, sizeof(session->master)); + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO) + if (crt_file != NULL && strlen(crt_file) != 0) { + mbedtls_x509_crt tmp_crt; + int ret; + + mbedtls_x509_crt_init(&tmp_crt); + ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); + if (ret != 0) { + return ret; + } + +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* Move temporary CRT. */ + session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); + if (session->peer_cert == NULL) { + return -1; + } + *session->peer_cert = tmp_crt; + memset(&tmp_crt, 0, sizeof(tmp_crt)); +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + /* Calculate digest of temporary CRT. */ + session->peer_cert_digest = + mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); + if (session->peer_cert_digest == NULL) { + return -1; + } + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE); + size_t hash_size = 0; + psa_status_t status = psa_hash_compute( + psa_alg, tmp_crt.raw.p, + tmp_crt.raw.len, + session->peer_cert_digest, + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN, + &hash_size); + ret = PSA_TO_MBEDTLS_ERR(status); +#else + ret = mbedtls_md(mbedtls_md_info_from_type( + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), + tmp_crt.raw.p, tmp_crt.raw.len, + session->peer_cert_digest); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + if (ret != 0) { + return ret; + } + session->peer_cert_digest_type = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; + session->peer_cert_digest_len = + MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + mbedtls_x509_crt_free(&tmp_crt); + } +#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ + (void) crt_file; +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ + session->verify_result = 0xdeadbeef; + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) + if (ticket_len != 0) { + session->ticket = mbedtls_calloc(1, ticket_len); + if (session->ticket == NULL) { + return -1; + } + memset(session->ticket, 33, ticket_len); + } + session->ticket_len = ticket_len; + session->ticket_lifetime = 86401; +#else + (void) ticket_len; +#endif + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + session->mfl_code = 1; +#endif +#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) + session->encrypt_then_mac = 1; +#endif + + return 0; +} + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, + int ticket_len, + int endpoint_type) +{ + ((void) ticket_len); + session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; + session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ? + MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER; + session->ciphersuite = 0xabcd; + session->ticket_age_add = 0x87654321; + session->ticket_flags = 0x7; + + session->resumption_key_len = 32; + memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); + +#if defined(MBEDTLS_HAVE_TIME) + if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { + session->start = mbedtls_time(NULL) - 42; + } +#endif + +#if defined(MBEDTLS_SSL_CLI_C) + if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { +#if defined(MBEDTLS_HAVE_TIME) + session->ticket_received = mbedtls_time(NULL) - 40; +#endif + session->ticket_lifetime = 0xfedcba98; + + session->ticket_len = ticket_len; + if (ticket_len != 0) { + session->ticket = mbedtls_calloc(1, ticket_len); + if (session->ticket == NULL) { + return -1; + } + memset(session->ticket, 33, ticket_len); + } + } +#endif /* MBEDTLS_SSL_CLI_C */ + + return 0; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ + +int mbedtls_test_ssl_exchange_data( + mbedtls_ssl_context *ssl_1, + int msg_len_1, const int expected_fragments_1, + mbedtls_ssl_context *ssl_2, + int msg_len_2, const int expected_fragments_2) +{ + unsigned char *msg_buf_1 = malloc(msg_len_1); + unsigned char *msg_buf_2 = malloc(msg_len_2); + unsigned char *in_buf_1 = malloc(msg_len_2); + unsigned char *in_buf_2 = malloc(msg_len_1); + int msg_type, ret = -1; + + /* Perform this test with two message types. At first use a message + * consisting of only 0x00 for the client and only 0xFF for the server. + * At the second time use message with generated data */ + for (msg_type = 0; msg_type < 2; msg_type++) { + int written_1 = 0; + int written_2 = 0; + int read_1 = 0; + int read_2 = 0; + int fragments_1 = 0; + int fragments_2 = 0; + + if (msg_type == 0) { + memset(msg_buf_1, 0x00, msg_len_1); + memset(msg_buf_2, 0xff, msg_len_2); + } else { + int i, j = 0; + for (i = 0; i < msg_len_1; i++) { + msg_buf_1[i] = j++ & 0xFF; + } + for (i = 0; i < msg_len_2; i++) { + msg_buf_2[i] = (j -= 5) & 0xFF; + } + } + + while (read_1 < msg_len_2 || read_2 < msg_len_1) { + /* ssl_1 sending */ + if (msg_len_1 > written_1) { + ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, + msg_len_1, &written_1, + expected_fragments_1); + if (expected_fragments_1 == 0) { + /* This error is expected when the message is too large and + * cannot be fragmented */ + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); + msg_len_1 = 0; + } else { + TEST_ASSERT(ret == 0); + } + } + + /* ssl_2 sending */ + if (msg_len_2 > written_2) { + ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, + msg_len_2, &written_2, + expected_fragments_2); + if (expected_fragments_2 == 0) { + /* This error is expected when the message is too large and + * cannot be fragmented */ + TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); + msg_len_2 = 0; + } else { + TEST_ASSERT(ret == 0); + } + } + + /* ssl_1 reading */ + if (read_1 < msg_len_2) { + ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, + msg_len_2, &read_1, + &fragments_2, + expected_fragments_2); + TEST_ASSERT(ret == 0); + } + + /* ssl_2 reading */ + if (read_2 < msg_len_1) { + ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, + msg_len_1, &read_2, + &fragments_1, + expected_fragments_1); + TEST_ASSERT(ret == 0); + } + } + + ret = -1; + TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); + TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); + TEST_ASSERT(fragments_1 == expected_fragments_1); + TEST_ASSERT(fragments_2 == expected_fragments_2); + } + + ret = 0; + +exit: + free(msg_buf_1); + free(in_buf_1); + free(msg_buf_2); + free(in_buf_2); + + return ret; +} + +/* + * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints + * must be initialized and connected beforehand. + * + * \retval 0 on success, otherwise error code. + */ +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && \ + (defined(MBEDTLS_SSL_RENEGOTIATION) || \ + defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)) +static int exchange_data(mbedtls_ssl_context *ssl_1, + mbedtls_ssl_context *ssl_2) +{ + return mbedtls_test_ssl_exchange_data(ssl_1, 256, 1, + ssl_2, 256, 1); +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && + (MBEDTLS_SSL_RENEGOTIATION || + MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +static int check_ssl_version( + mbedtls_ssl_protocol_version expected_negotiated_version, + const mbedtls_ssl_context *ssl) +{ + const char *version_string = mbedtls_ssl_get_version(ssl); + mbedtls_ssl_protocol_version version_number = + mbedtls_ssl_get_version_number(ssl); + + TEST_EQUAL(ssl->tls_version, expected_negotiated_version); + + if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { + TEST_EQUAL(version_string[0], 'D'); + ++version_string; + } + + switch (expected_negotiated_version) { + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2); + TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0); + break; + + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3); + TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0); + break; + + default: + TEST_FAIL( + "Version check not implemented for this protocol version"); + } + + return 1; + +exit: + return 0; +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) +void mbedtls_test_ssl_perform_handshake( + mbedtls_test_handshake_test_options *options) +{ + /* forced_ciphersuite needs to last until the end of the handshake */ + int forced_ciphersuite[2]; + enum { BUFFSIZE = 17000 }; + mbedtls_test_ssl_endpoint client, server; +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) + const char *psk_identity = "foo"; +#endif +#if defined(MBEDTLS_TIMING_C) + mbedtls_timing_delay_context timer_client, timer_server; +#endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + unsigned char *context_buf = NULL; + size_t context_buf_len; +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + int ret = -1; +#endif + int expected_handshake_result = options->expected_handshake_result; + + MD_OR_USE_PSA_INIT(); + mbedtls_platform_zeroize(&client, sizeof(client)); + mbedtls_platform_zeroize(&server, sizeof(server)); + mbedtls_test_ssl_message_queue server_queue, client_queue; + mbedtls_test_message_socket_context server_context, client_context; + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + + /* Client side */ + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, + options, &client_context, + &client_queue, + &server_queue, NULL) == 0); +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif + } else { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, + MBEDTLS_SSL_IS_CLIENT, + options, NULL, NULL, + NULL, NULL) == 0); + } + + if (strlen(options->cipher) > 0) { + set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); + } + +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun) { + mbedtls_debug_set_threshold(4); + mbedtls_ssl_conf_dbg(&client.conf, options->cli_log_fun, + options->cli_log_obj); + } +#endif + + /* Server side */ + if (options->dtls != 0) { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, + options, &server_context, + &server_queue, + &client_queue, NULL) == 0); +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif + } else { + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, + MBEDTLS_SSL_IS_SERVER, + options, NULL, NULL, NULL, + NULL) == 0); + } + + mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); + +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), + (unsigned char) options->mfl) + == 0); + TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), + (unsigned char) options->mfl) + == 0); +#else + TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); +#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ + +#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) + if (options->psk_str != NULL && options->psk_str->len > 0) { + TEST_ASSERT(mbedtls_ssl_conf_psk( + &client.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); + + TEST_ASSERT(mbedtls_ssl_conf_psk( + &server.conf, options->psk_str->x, + options->psk_str->len, + (const unsigned char *) psk_identity, + strlen(psk_identity)) == 0); +#if defined(MBEDTLS_SSL_SRV_C) + mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); +#endif + } +#endif +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if (options->renegotiate) { + mbedtls_ssl_conf_renegotiation(&(server.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + mbedtls_ssl_conf_renegotiation(&(client.conf), + MBEDTLS_SSL_RENEGOTIATION_ENABLED); + + mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), + options->legacy_renegotiation); + mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), + options->legacy_renegotiation); + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_DEBUG_C) + if (options->srv_log_fun) { + mbedtls_debug_set_threshold(4); + mbedtls_ssl_conf_dbg(&server.conf, options->srv_log_fun, + options->srv_log_obj); + } +#endif + + TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE) == 0); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + + if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) { + expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; + } + + TEST_ASSERT(mbedtls_test_move_handshake_to_state(&(client.ssl), + &(server.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER) + == expected_handshake_result); + + if (expected_handshake_result != 0) { + /* Connection will have failed by this point, skip to cleanup */ + goto exit; + } + + TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1); + + /* Make sure server state is moved to HANDSHAKE_OVER also. */ + TEST_EQUAL(mbedtls_test_move_handshake_to_state(&(server.ssl), + &(client.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), + 0); + + TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); + /* Check that both sides have negotiated the expected version. */ + mbedtls_test_set_step(0); + if (!check_ssl_version(options->expected_negotiated_version, + &client.ssl)) { + goto exit; + } + + mbedtls_test_set_step(1); + if (!check_ssl_version(options->expected_negotiated_version, + &server.ssl)) { + goto exit; + } + + if (options->expected_ciphersuite != 0) { + TEST_EQUAL(server.ssl.session->ciphersuite, + options->expected_ciphersuite); + } + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* A server, when using DTLS, might delay a buffer resize to happen + * after it receives a message, so we force it. */ + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif + + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + /* Start data exchanging test */ + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); + } +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if (options->serialize == 1) { + TEST_ASSERT(options->dtls == 1); + + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, + 0, &context_buf_len) + == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); + + context_buf = mbedtls_calloc(1, context_buf_len); + TEST_ASSERT(context_buf != NULL); + + TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, + context_buf_len, + &context_buf_len) + == 0); + + mbedtls_ssl_free(&(server.ssl)); + mbedtls_ssl_init(&(server.ssl)); + + TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); + + mbedtls_ssl_set_bio(&(server.ssl), &server_context, + mbedtls_test_mock_tcp_send_msg, + mbedtls_test_mock_tcp_recv_msg, + NULL); + + mbedtls_ssl_set_user_data_p(&server.ssl, &server); + +#if defined(MBEDTLS_TIMING_C) + mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, + mbedtls_timing_set_delay, + mbedtls_timing_get_delay); +#endif +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, + context_buf_len) == 0); + +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + /* Validate buffer sizes after context deserialization */ + if (options->resize_buffers != 0) { + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif + /* Retest writing/reading */ + if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options->cli_msg_len, + options->expected_cli_fragments, + &(server.ssl), options->srv_msg_len, + options->expected_srv_fragments) + == 0); + } + } +#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ + +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if (options->renegotiate) { + /* Start test with renegotiation */ + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + /* After calling this function for the server, it only sends a handshake + * request. All renegotiation should happen during data exchanging */ + TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_PENDING); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_INITIAL_HANDSHAKE); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + + /* After calling mbedtls_ssl_renegotiate for the client, + * all renegotiation should happen inside this function. + * However in this test, we cannot perform simultaneous communication + * between client and server so this function will return waiting error + * on the socket. All rest of renegotiation should happen + * during data exchanging */ + ret = mbedtls_ssl_renegotiate(&(client.ssl)); +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + if (options->resize_buffers != 0) { + /* Ensure that the buffer sizes are appropriate before resizes */ + TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); + TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); + } +#endif + TEST_ASSERT(ret == 0 || + ret == MBEDTLS_ERR_SSL_WANT_READ || + ret == MBEDTLS_ERR_SSL_WANT_WRITE); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); + + TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); + TEST_ASSERT(server.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); + TEST_ASSERT(client.ssl.renego_status == + MBEDTLS_SSL_RENEGOTIATION_DONE); +#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) + /* Validate buffer sizes after renegotiation */ + if (options->resize_buffers != 0) { + TEST_ASSERT(client.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&client.ssl)); + TEST_ASSERT(client.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&client.ssl)); + TEST_ASSERT(server.ssl.out_buf_len == + mbedtls_ssl_get_output_buflen(&server.ssl)); + TEST_ASSERT(server.ssl.in_buf_len == + mbedtls_ssl_get_input_buflen(&server.ssl)); + } +#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ + } +#endif /* MBEDTLS_SSL_RENEGOTIATION */ + + TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client); + TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client); + TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server); + TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); + +exit: + mbedtls_test_ssl_endpoint_free(&client, + options->dtls != 0 ? &client_context : NULL); + mbedtls_test_ssl_endpoint_free(&server, + options->dtls != 0 ? &server_context : NULL); +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun || options->srv_log_fun) { + mbedtls_debug_set_threshold(0); + } +#endif +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) + if (context_buf != NULL) { + mbedtls_free(context_buf); + } +#endif + MD_OR_USE_PSA_DONE(); +} +#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ + +#if defined(MBEDTLS_TEST_HOOKS) +int mbedtls_test_tweak_tls13_certificate_msg_vector_len( + unsigned char *buf, unsigned char **end, int tweak, + int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args) +{ +/* + * The definition of the tweaks assume that the certificate list contains only + * one certificate. + */ + +/* + * struct { + * opaque cert_data<1..2^24-1>; + * Extension extensions<0..2^16-1>; + * } CertificateEntry; + * + * struct { + * opaque certificate_request_context<0..2^8-1>; + * CertificateEntry certificate_list<0..2^24-1>; + * } Certificate; + */ + unsigned char *p_certificate_request_context_len = buf; + size_t certificate_request_context_len = buf[0]; + + unsigned char *p_certificate_list_len = + buf + 1 + certificate_request_context_len; + unsigned char *certificate_list = p_certificate_list_len + 3; + size_t certificate_list_len = + MBEDTLS_GET_UINT24_BE(p_certificate_list_len, 0); + + unsigned char *p_cert_data_len = certificate_list; + unsigned char *cert_data = p_cert_data_len + 3; + size_t cert_data_len = MBEDTLS_GET_UINT24_BE(p_cert_data_len, 0); + + unsigned char *p_extensions_len = cert_data + cert_data_len; + unsigned char *extensions = p_extensions_len + 2; + size_t extensions_len = MBEDTLS_GET_UINT16_BE(p_extensions_len, 0); + + *expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR; + + switch (tweak) { + case 1: + /* Failure when checking if the certificate request context length + * and certificate list length can be read + */ + *end = buf + 3; + set_chk_buf_ptr_args(args, buf, *end, 4); + break; + + case 2: + /* Invalid certificate request context length. + */ + *p_certificate_request_context_len = + (unsigned char) certificate_request_context_len + 1; + reset_chk_buf_ptr_args(args); + break; + + case 3: + /* Failure when checking if certificate_list data can be read. */ + MBEDTLS_PUT_UINT24_BE(certificate_list_len + 1, + p_certificate_list_len, 0); + set_chk_buf_ptr_args(args, certificate_list, *end, + certificate_list_len + 1); + break; + + case 4: + /* Failure when checking if the cert_data length can be read. */ + MBEDTLS_PUT_UINT24_BE(2, p_certificate_list_len, 0); + set_chk_buf_ptr_args(args, p_cert_data_len, certificate_list + 2, 3); + break; + + case 5: + /* Failure when checking if cert_data data can be read. */ + MBEDTLS_PUT_UINT24_BE(certificate_list_len - 3 + 1, + p_cert_data_len, 0); + set_chk_buf_ptr_args(args, cert_data, + certificate_list + certificate_list_len, + certificate_list_len - 3 + 1); + break; + + case 6: + /* Failure when checking if the extensions length can be read. */ + MBEDTLS_PUT_UINT24_BE(certificate_list_len - extensions_len - 1, + p_certificate_list_len, 0); + set_chk_buf_ptr_args( + args, p_extensions_len, + certificate_list + certificate_list_len - extensions_len - 1, 2); + break; + + case 7: + /* Failure when checking if extensions data can be read. */ + MBEDTLS_PUT_UINT16_BE(extensions_len + 1, p_extensions_len, 0); + + set_chk_buf_ptr_args( + args, extensions, + certificate_list + certificate_list_len, extensions_len + 1); + break; + + default: + return -1; + } + + return 0; +} +#endif /* MBEDTLS_TEST_HOOKS */ +#endif /* MBEDTLS_SSL_TLS_C */ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c206283a2..efcbd2686 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -177,6 +177,9 @@ get_options() { -p|--preserve-logs) PRESERVE_LOGS=1 ;; + --outcome-file) + shift; MBEDTLS_TEST_OUTCOME_FILE=$1 + ;; --port) shift; SRV_PORT=$1 ;; @@ -200,14 +203,6 @@ get_options() { done } -# Make the outcome file path relative to the original directory, not -# to .../tests -case "$MBEDTLS_TEST_OUTCOME_FILE" in - [!/]*) - MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" - ;; -esac - # Read boolean configuration options from mbedtls_config.h for easy and quick # testing. Skip non-boolean options (with something other than spaces # and a comment after "#define SYMBOL"). The variable contains a @@ -221,6 +216,15 @@ skip_next_test() { SKIP_NEXT="YES" } +# Check if the required configuration ($1) is enabled +is_config_enabled() +{ + case $CONFIGS_ENABLED in + *" $1"[\ =]*) return 0;; + *) return 1;; + esac +} + # skip next test if the flag is not enabled in mbedtls_config.h requires_config_enabled() { case $CONFIGS_ENABLED in @@ -272,6 +276,15 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \ MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED" +TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED" + +TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ + MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED" + requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() { if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2 then @@ -351,33 +364,84 @@ requires_ciphersuite_enabled() { esac } -# detect_required_features CMD [RUN_TEST_OPTION...] -# If CMD (call to a TLS client or server program) requires certain features, -# arrange to only run the following test case if those features are enabled. +# Automatically detect required features based on command line parameters. +# Parameters are: +# - $1 = command line (call to a TLS client or server program) +# - $2 = client/server +# - $3 = TLS version (TLS12 or TLS13) +# - $4 = Use an external tool without ECDH support +# - $5 = run test options detect_required_features() { - case "$1" in + CMD_LINE=$1 + ROLE=$2 + TLS_VERSION=$3 + EXT_WO_ECDH=$4 + TEST_OPTIONS=${5:-} + + case "$CMD_LINE" in *\ force_version=*) - tmp="${1##*\ force_version=}" + tmp="${CMD_LINE##*\ force_version=}" tmp="${tmp%%[!-0-9A-Z_a-z]*}" requires_protocol_version "$tmp";; esac - case "$1" in + case "$CMD_LINE" in *\ force_ciphersuite=*) - tmp="${1##*\ force_ciphersuite=}" + tmp="${CMD_LINE##*\ force_ciphersuite=}" tmp="${tmp%%[!-0-9A-Z_a-z]*}" requires_ciphersuite_enabled "$tmp";; esac - case " $1 " in + case " $CMD_LINE " in *[-_\ =]tickets=[^0]*) requires_config_enabled MBEDTLS_SSL_TICKET_C;; esac - case " $1 " in + case " $CMD_LINE " in *[-_\ =]alpn=*) requires_config_enabled MBEDTLS_SSL_ALPN;; esac + case "$CMD_LINE" in + *server5*|\ + *server7*|\ + *dir-maxpath*) + if [ "$TLS_VERSION" = "TLS13" ]; then + # In case of TLS13 the support for ECDSA is enough + requires_pk_alg "ECDSA" + else + # For TLS12 requirements are different between server and client + if [ "$ROLE" = "server" ]; then + # If the server uses "server5*" certificates, then an ECDSA based + # key exchange is required. However gnutls also does not + # support ECDH, so this limit the choice to ECDHE-ECDSA + if [ "$EXT_WO_ECDH" = "yes" ]; then + requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED + else + requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT + fi + elif [ "$ROLE" = "client" ]; then + # On the client side it is enough to have any certificate + # based authentication together with support for ECDSA. + # Of course the GnuTLS limitation mentioned above applies + # also here. + if [ "$EXT_WO_ECDH" = "yes" ]; then + requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH + else + requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT + fi + requires_pk_alg "ECDSA" + fi + fi + ;; + esac + + case "$CMD_LINE" in + *server2*|\ + *server7*) + # server2 and server7 certificates use RSA encryption + requires_config_enabled "MBEDTLS_RSA_C" + esac + unset tmp } @@ -460,12 +524,9 @@ check_for_hash_alg() { CURR_ALG="INVALID"; USE_PSA="NO" - case $CONFIGS_ENABLED in - *" MBEDTLS_USE_PSA_CRYPTO"[\ =]*) - USE_PSA="YES"; - ;; - *) :;; - esac + if is_config_enabled "MBEDTLS_USE_PSA_CRYPTO"; then + USE_PSA="YES"; + fi if [ $USE_PSA = "YES" ]; then CURR_ALG=PSA_WANT_ALG_${1} else @@ -517,6 +578,23 @@ requires_hash_alg() { fi } +# Skip next test if the given pk alg is not enabled +requires_pk_alg() { + case $1 in + ECDSA) + if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then + requires_config_enabled PSA_WANT_ALG_ECDSA + else + requires_config_enabled MBEDTLS_ECDSA_C + fi + ;; + *) + echo "Unknown/unimplemented case $1 in requires_pk_alg" + exit 1 + ;; + esac +} + # skip next test if OpenSSL doesn't support FALLBACK_SCSV requires_openssl_with_fallback_scsv() { if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then @@ -593,6 +671,39 @@ requires_openssl_next() { fi } +# skip next test if openssl version is lower than 3.0 +requires_openssl_3_x() { + requires_openssl_next + if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then + OPENSSL_3_X_AVAILABLE="NO" + fi + if [ -z "${OPENSSL_3_X_AVAILABLE:-}" ]; then + if $OPENSSL_NEXT version 2>&1 | grep "OpenSSL 3." >/dev/null + then + OPENSSL_3_X_AVAILABLE="YES" + else + OPENSSL_3_X_AVAILABLE="NO" + fi + fi + if [ "$OPENSSL_3_X_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + +# skip next test if openssl does not support ffdh keys +requires_openssl_tls1_3_with_ffdh() { + requires_openssl_3_x +} + +# skip next test if openssl cannot handle ephemeral key exchange +requires_openssl_tls1_3_with_compatible_ephemeral() { + requires_openssl_next + + if !(is_config_enabled "PSA_WANT_ALG_ECDH"); then + requires_openssl_tls1_3_with_ffdh + fi +} + # skip next test if tls1_3 is not available requires_openssl_tls1_3() { requires_openssl_next @@ -669,6 +780,19 @@ requires_gnutls_next_disable_tls13_compat() { fi } +# skip next test if GnuTLS does not support the record size limit extension +requires_gnutls_record_size_limit() { + requires_gnutls_next + if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then + GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE="NO" + else + GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE="YES" + fi + if [ "$GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE" = "NO" ]; then + SKIP_NEXT="YES" + fi +} + # skip next test if IPv6 isn't available on this host requires_ipv6() { if [ -z "${HAS_IPV6:-}" ]; then @@ -1037,6 +1161,28 @@ is_gnutls() { esac } +# Some external tools (gnutls or openssl) might not have support for static ECDH +# and this limit the tests that can be run with them. This function checks server +# and client command lines, given as input, to verify if the current test +# is using one of these tools. +use_ext_tool_without_ecdh_support() { + case "$1" in + *$GNUTLS_SERV*|\ + *${GNUTLS_NEXT_SERV:-"gnutls-serv-dummy"}*|\ + *${OPENSSL_NEXT:-"openssl-dummy"}*) + echo "yes" + return;; + esac + case "$2" in + *$GNUTLS_CLI*|\ + *${GNUTLS_NEXT_CLI:-"gnutls-cli-dummy"}*|\ + *${OPENSSL_NEXT:-"openssl-dummy"}*) + echo "yes" + return;; + esac + echo "no" +} + # Generate random psk_list argument for ssl_server2 get_srv_psk_list () { @@ -1377,6 +1523,62 @@ do_run_test_once() { fi } +# Detect if the current test is going to use TLS 1.3 or TLS 1.2. +# $1 and $2 contain the server and client command lines, respectively. +# +# Note: this function only provides some guess about TLS version by simply +# looking at the server/client command lines. Even thought this works +# for the sake of tests' filtering (especially in conjunction with the +# detect_required_features() function), it does NOT guarantee that the +# result is accurate. It does not check other conditions, such as: +# - we can force a ciphersuite which contains "WITH" in its name, meaning +# that we are going to use TLS 1.2 +# - etc etc +get_tls_version() { + # First check if the version is forced on an Mbed TLS peer + case $1 in + *tls12*) + echo "TLS12" + return;; + *tls13*) + echo "TLS13" + return;; + esac + case $2 in + *tls12*) + echo "TLS12" + return;; + *tls13*) + echo "TLS13" + return;; + esac + # Second check if the version is forced on an OpenSSL or GnuTLS peer + case $1 in + tls1_2*) + echo "TLS12" + return;; + *tls1_3) + echo "TLS13" + return;; + esac + case $2 in + *tls1_2) + echo "TLS12" + return;; + *tls1_3) + echo "TLS13" + return;; + esac + # Third if the version is not forced, if TLS 1.3 is enabled then the test + # is aimed to run a TLS 1.3 handshake. + if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_3 + then + echo "TLS13" + else + echo "TLS12" + fi +} + # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] # Options: -s pattern pattern that must be present in server output # -c pattern pattern that must be present in client output @@ -1433,10 +1635,20 @@ run_test() { requires_config_enabled MBEDTLS_SSL_PROTO_DTLS fi + # Check if we are trying to use an external tool wich does not support ECDH + EXT_WO_ECDH=$(use_ext_tool_without_ecdh_support "$SRV_CMD" "$CLI_CMD") + + # Guess the TLS version which is going to be used + if [ "$EXT_WO_ECDH" = "no" ]; then + TLS_VERSION=$(get_tls_version "$SRV_CMD" "$CLI_CMD") + else + TLS_VERSION="TLS12" + fi + # If the client or server requires certain features that can be detected - # from their command-line arguments, check that they're enabled. - detect_required_features "$SRV_CMD" "$@" - detect_required_features "$CLI_CMD" "$@" + # from their command-line arguments, check whether they're enabled. + detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" + detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" # If we're in a PSK-only build and the test can be adapted to PSK, do that. maybe_adapt_for_psk "$@" @@ -1502,8 +1714,8 @@ run_test_psa_force_curve() { requires_config_enabled MBEDTLS_USE_PSA_CRYPTO set_maybe_calc_verify none run_test "PSA - ECDH with $1" \ - "$P_SRV debug_level=4 force_version=tls12 curves=$1" \ - "$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \ + "$P_SRV debug_level=4 force_version=tls12 groups=$1" \ + "$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 groups=$1" \ 0 \ -c "$maybe_calc_verify" \ -c "calc PSA finished" \ @@ -1586,6 +1798,14 @@ cleanup() { get_options "$@" +# Make the outcome file path relative to the original directory, not +# to .../tests +case "$MBEDTLS_TEST_OUTCOME_FILE" in + [!/]*) + MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" + ;; +esac + populate_enabled_hash_algs # Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell @@ -1751,13 +1971,13 @@ trap cleanup INT TERM HUP # Checks that: # - things work with all ciphersuites active (used with config-full in all.sh) # - the expected parameters are selected -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 requires_hash_alg SHA_512 # "signature_algorithm ext: 6" -requires_config_enabled MBEDTLS_ECP_DP_CURVE25519_ENABLED -run_test "Default" \ +requires_any_configs_enabled "MBEDTLS_ECP_DP_CURVE25519_ENABLED \ + PSA_WANT_ECC_MONTGOMERY_255" +run_test "Default, TLS 1.2" \ "$P_SRV debug_level=3" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -s "Protocol is TLSv1.2" \ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ @@ -1775,14 +1995,71 @@ run_test "Default, DTLS" \ -s "Protocol is DTLSv1.2" \ -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" +# GnuTLS can be setup to send a ClientHello containing a supported versions +# extension proposing TLS 1.2 (preferred) and then TLS 1.3. In that case, +# a TLS 1.3 and TLS 1.2 capable server is supposed to negotiate TLS 1.2 and +# to indicate in the ServerHello that it downgrades from TLS 1.3. The GnuTLS +# client then detects the downgrade indication and aborts the handshake even +# if TLS 1.2 was its preferred version. Keeping the test even if the +# handshake fails eventually as it exercices parts of the Mbed TLS +# implementation that are otherwise not exercised. +requires_gnutls_tls1_3 +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +run_test "Server selecting TLS 1.2 over TLS 1.3" \ + "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" \ + 1 \ + -c "Detected downgrade to TLS 1.2 from TLS 1.3" + +requires_gnutls_tls1_3 +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +run_test "Server selecting TLS 1.2" \ + "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" \ + 0 \ + -s "Protocol is TLSv1.2" \ + -c "HTTP/1.0 200 OK" + +requires_gnutls_tls1_3 +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Server selecting TLS 1.3, over TLS 1.2 if supported" \ + "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:%DISABLE_TLS13_COMPAT_MODE" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -c "HTTP/1.0 200 OK" + +requires_gnutls_tls1_3 +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +run_test "Server selecting TLS 1.3, over TLS 1.2 if supported - compat mode enabled" \ + "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -c "HTTP/1.0 200 OK" + +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "TLS client auth: required" \ "$P_SRV auth_mode=required" \ "$P_CLI" \ 0 \ -s "Verifying peer X.509 certificate... ok" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "key size: TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ @@ -1790,7 +2067,6 @@ run_test "key size: TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ -c "Key size is 256" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ @@ -1798,53 +2074,44 @@ run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ -c "Key size is 128" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 run_test "TLS: password protected client key" \ - "$P_SRV auth_mode=required" \ + "$P_SRV force_version=tls12 auth_mode=required" \ "$P_CLI crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 run_test "TLS: password protected server key" \ "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 run_test "TLS: password protected server key, two certificates" \ - "$P_SRV \ + "$P_SRV force_version=tls12\ key_file=data_files/server5.key.enc key_pwd=PolarSSLTest crt_file=data_files/server5.crt \ key_file2=data_files/server2.key.enc key_pwd2=PolarSSLTest crt_file2=data_files/server2.crt" \ "$P_CLI" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "CA callback on client" \ "$P_SRV debug_level=3" \ - "$P_CLI ca_callback=1 debug_level=3 " \ + "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 " \ 0 \ -c "use CA callback for X.509 CRT verification" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 run_test "CA callback on server" \ - "$P_SRV auth_mode=required" \ + "$P_SRV force_version=tls12 auth_mode=required" \ "$P_CLI ca_callback=1 debug_level=3 crt_file=data_files/server5.crt \ key_file=data_files/server5.key" \ 0 \ @@ -1854,13 +2121,12 @@ run_test "CA callback on server" \ -C "error" # Test using an EC opaque private key for client authentication -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 run_test "Opaque key for client authentication: ECDHE-ECDSA" \ - "$P_SRV auth_mode=required crt_file=data_files/server5.crt \ + "$P_SRV force_version=tls12 auth_mode=required crt_file=data_files/server5.crt \ key_file=data_files/server5.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ @@ -1873,14 +2139,13 @@ run_test "Opaque key for client authentication: ECDHE-ECDSA" \ -C "error" # Test using a RSA opaque private key for client authentication -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED requires_hash_alg SHA_256 run_test "Opaque key for client authentication: ECDHE-RSA" \ - "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \ + "$P_SRV force_version=tls12 auth_mode=required crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ @@ -1892,13 +2157,12 @@ run_test "Opaque key for client authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 run_test "Opaque key for client authentication: DHE-RSA" \ - "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \ + "$P_SRV force_version=tls12 auth_mode=required crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key" \ "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -1912,15 +2176,14 @@ run_test "Opaque key for client authentication: DHE-RSA" \ -C "error" # Test using an EC opaque private key for server authentication -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 run_test "Opaque key for server authentication: ECDHE-ECDSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -1929,16 +2192,14 @@ run_test "Opaque key for server authentication: ECDHE-ECDSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 run_test "Opaque key for server authentication: ECDH-" \ - "$P_SRV force_version=tls12 auth_mode=required key_opaque=1\ + "$P_SRV auth_mode=required key_opaque=1\ crt_file=data_files/server5.ku-ka.crt\ key_file=data_files/server5.key key_opaque_algs=ecdh,none" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDH-" \ @@ -1947,24 +2208,21 @@ run_test "Opaque key for server authentication: ECDH-" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE requires_hash_alg SHA_256 run_test "Opaque key for server authentication: invalid key: decrypt with ECC key, no async" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ debug_level=1" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 1 \ -s "key types: Opaque, none" \ -s "error" \ -c "error" \ -c "Public key type mismatch" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_ECDSA_C @@ -1975,34 +2233,30 @@ run_test "Opaque key for server authentication: invalid key: ecdh with RSA ke "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=ecdh,none \ debug_level=1" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 1 \ -s "key types: Opaque, none" \ -s "error" \ -c "error" \ -c "Public key type mismatch" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_hash_alg SHA_256 run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key, async" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \ debug_level=1" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 1 \ -s "key types: Opaque, none" \ -s "got ciphersuites in common, but none of them usable" \ -s "error" \ -c "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_hash_alg SHA_256 @@ -2010,42 +2264,39 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=ecdh,none \ debug_level=1" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 1 \ -s "key types: Opaque, none" \ -s "got ciphersuites in common, but none of them usable" \ -s "error" \ -c "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_CCM_C run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdh,none \ debug_level=1" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ + "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 1 \ -s "key types: Opaque, none" \ -s "got ciphersuites in common, but none of them usable" \ -s "error" \ -c "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \ - "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \ + "$P_SRV force_version=tls12 key_opaque=1 crt_file=data_files/server7.crt \ key_file=data_files/server7.key key_opaque_algs=ecdh,none \ crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ key_opaque_algs2=ecdsa-sign,none" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -2055,10 +2306,8 @@ run_test "Opaque keys for server authentication: EC keys with different algs, -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_384 requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \ @@ -2066,7 +2315,7 @@ run_test "Opaque keys for server authentication: EC keys with different algs, key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \ crt_file2=data_files/server5.crt key_file2=data_files/server5.key \ key_opaque_algs2=ecdh,none debug_level=3" \ - "$P_CLI force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \ + "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDH-ECDSA" \ @@ -2076,10 +2325,8 @@ run_test "Opaque keys for server authentication: EC keys with different algs, -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_384 requires_config_enabled MBEDTLS_CCM_C requires_config_disabled MBEDTLS_X509_REMOVE_INFO @@ -2088,7 +2335,7 @@ run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \ crt_file2=data_files/server2-sha256.crt \ key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ - "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ + "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-ECDSA" \ @@ -2104,10 +2351,9 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3 opaque key: no suitable algorithm found" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \ + "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \ "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 1 \ - -s "The SSL configuration is tls13 only" \ -c "key type: Opaque" \ -s "key types: Opaque, Opaque" \ -c "error" \ @@ -2119,10 +2365,9 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3 opaque key: suitable algorithm found" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ + "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 0 \ - -s "The SSL configuration is tls13 only" \ -c "key type: Opaque" \ -s "key types: Opaque, Opaque" \ -C "error" \ @@ -2134,10 +2379,9 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3 opaque key: first client sig alg not suitable" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \ + "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \ "$P_CLI debug_level=4 sig_algs=rsa_pss_rsae_sha256,rsa_pss_rsae_sha512" \ 0 \ - -s "The SSL configuration is tls13 only" \ -s "key types: Opaque, Opaque" \ -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \ -s "CertificateVerify signature with rsa_pss_rsae_sha512" \ @@ -2150,26 +2394,24 @@ requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ + "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 0 \ - -s "The SSL configuration is tls13 only" \ -c "key type: Opaque" \ -s "key types: Opaque, Opaque" \ -C "error" \ -S "error" \ # Test using a RSA opaque private key for server authentication -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED requires_hash_alg SHA_256 run_test "Opaque key for server authentication: ECDHE-RSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-RSA" \ @@ -2178,16 +2420,14 @@ run_test "Opaque key for server authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 run_test "Opaque key for server authentication: DHE-RSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ - "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ + "$P_CLI force_version=tls12 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-DHE-RSA" \ @@ -2196,7 +2436,6 @@ run_test "Opaque key for server authentication: DHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C @@ -2204,7 +2443,7 @@ requires_hash_alg SHA_256 run_test "Opaque key for server authentication: RSA-PSK" \ "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \ psk=abc123 psk_identity=foo" \ - "$P_CLI force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ + "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ psk=abc123 psk_identity=foo" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ @@ -2214,14 +2453,13 @@ run_test "Opaque key for server authentication: RSA-PSK" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 run_test "Opaque key for server authentication: RSA-" \ "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \ + "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-RSA-" \ @@ -2230,10 +2468,8 @@ run_test "Opaque key for server authentication: RSA-" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \ @@ -2247,19 +2483,18 @@ run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1 -s "error" \ -c "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_disabled MBEDTLS_X509_REMOVE_INFO +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED run_test "Opaque keys for server authentication: RSA keys with different algs" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ + "$P_SRV force_version=tls12 auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \ crt_file2=data_files/server4.crt \ key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -c "Verifying peer X.509 certificate... ok" \ -c "Ciphersuite is TLS-ECDHE-RSA" \ @@ -2269,10 +2504,8 @@ run_test "Opaque keys for server authentication: RSA keys with different algs -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_384 requires_config_enabled MBEDTLS_GCM_C @@ -2293,13 +2526,12 @@ run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ -C "error" # Test using an EC opaque private key for client/server authentication -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_hash_alg SHA_256 run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \ - "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ + "$P_SRV force_version=tls12 auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \ @@ -2314,16 +2546,15 @@ run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \ -C "error" # Test using a RSA opaque private key for client/server authentication -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED run_test "Opaque key for client/server authentication: ECDHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ - "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \ + "$P_CLI force_version=tls12 key_opaque=1 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 0 \ -c "key type: Opaque" \ @@ -2335,10 +2566,8 @@ run_test "Opaque key for client/server authentication: ECDHE-RSA" \ -S "error" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 run_test "Opaque key for client/server authentication: DHE-RSA" \ @@ -2399,17 +2628,15 @@ requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED run_test_psa_force_curve "secp192k1" # Test current time in ServerHello -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_HAVE_TIME run_test "ServerHello contains gmt_unix_time" \ "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ + "$P_CLI force_version=tls12 debug_level=3" \ 0 \ -f "check_server_hello_time" \ -F "check_server_hello_time" # Test for uniqueness of IVs in AEAD ciphersuites -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Unique IV in GCM" \ "$P_SRV exchanges=20 debug_level=4" \ "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ @@ -2418,23 +2645,24 @@ run_test "Unique IV in GCM" \ -U "IV used" # Test for correctness of sent single supported algorithm -requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_any_configs_enabled "MBEDTLS_ECP_DP_SECP256R1_ENABLED \ + PSA_WANT_ECC_SECP_R1_256" requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_ECDSA_C +requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_pk_alg "ECDSA" requires_hash_alg SHA_256 run_test "Single supported algorithm sending: mbedtls client" \ "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \ - "$P_CLI sig_algs=ecdsa_secp256r1_sha256 debug_level=3" \ + "$P_CLI force_version=tls12 sig_algs=ecdsa_secp256r1_sha256 debug_level=3" \ 0 \ -c "Supported Signature Algorithm found: 04 03" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_SRV_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_any_configs_enabled "MBEDTLS_ECP_DP_SECP256R1_ENABLED \ + PSA_WANT_ECC_SECP_R1_256" requires_hash_alg SHA_256 run_test "Single supported algorithm sending: openssl client" \ "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \ @@ -2443,10 +2671,9 @@ run_test "Single supported algorithm sending: openssl client" \ 0 # Tests for certificate verification callback -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Configuration-specific CRT verification callback" \ "$P_SRV debug_level=3" \ - "$P_CLI context_crt_cb=0 debug_level=3" \ + "$P_CLI force_version=tls12 context_crt_cb=0 debug_level=3" \ 0 \ -S "error" \ -c "Verify requested for " \ @@ -2454,10 +2681,9 @@ run_test "Configuration-specific CRT verification callback" \ -C "Use context-specific verification callback" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Context-specific CRT verification callback" \ "$P_SRV debug_level=3" \ - "$P_CLI context_crt_cb=1 debug_level=3" \ + "$P_CLI force_version=tls12 context_crt_cb=1 debug_level=3" \ 0 \ -S "error" \ -c "Verify requested for " \ @@ -2466,101 +2692,38 @@ run_test "Context-specific CRT verification callback" \ -C "error" # Tests for SHA-1 support -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SHA-1 forbidden by default in server certificate" \ "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ - "$P_CLI debug_level=2 allow_sha1=0" \ + "$P_CLI debug_level=2 force_version=tls12 allow_sha1=0" \ 1 \ -c "The certificate is signed with an unacceptable hash" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SHA-1 explicitly allowed in server certificate" \ "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ - "$P_CLI allow_sha1=1" \ + "$P_CLI force_version=tls12 allow_sha1=1" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SHA-256 allowed by default in server certificate" \ "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \ - "$P_CLI allow_sha1=0" \ + "$P_CLI force_version=tls12 allow_sha1=0" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SHA-1 forbidden by default in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=0" \ + "$P_SRV force_version=tls12 auth_mode=required allow_sha1=0" \ "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ 1 \ -s "The certificate is signed with an unacceptable hash" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SHA-1 explicitly allowed in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=1" \ + "$P_SRV force_version=tls12 auth_mode=required allow_sha1=1" \ "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SHA-256 allowed by default in client certificate" \ - "$P_SRV auth_mode=required allow_sha1=0" \ + "$P_SRV force_version=tls12 auth_mode=required allow_sha1=0" \ "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \ 0 -# Dummy TLS 1.3 test -# Currently only checking that passing TLS 1.3 key exchange modes to -# ssl_client2/ssl_server2 example programs works. -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "TLS 1.3: key exchange mode parameter passing: PSK only" \ - "$P_SRV tls13_kex_modes=psk debug_level=4" \ - "$P_CLI tls13_kex_modes=psk debug_level=4" \ - 0 - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "TLS 1.3: key exchange mode parameter passing: PSK-ephemeral only" \ - "$P_SRV tls13_kex_modes=psk_ephemeral" \ - "$P_CLI tls13_kex_modes=psk_ephemeral" \ - 0 - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "TLS 1.3: key exchange mode parameter passing: Pure-ephemeral only" \ - "$P_SRV tls13_kex_modes=ephemeral" \ - "$P_CLI tls13_kex_modes=ephemeral" \ - 0 - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "TLS 1.3: key exchange mode parameter passing: All ephemeral" \ - "$P_SRV tls13_kex_modes=ephemeral_all" \ - "$P_CLI tls13_kex_modes=ephemeral_all" \ - 0 - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "TLS 1.3: key exchange mode parameter passing: All PSK" \ - "$P_SRV tls13_kex_modes=psk_all" \ - "$P_CLI tls13_kex_modes=psk_all" \ - 0 - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "TLS 1.3: key exchange mode parameter passing: All" \ - "$P_SRV tls13_kex_modes=all" \ - "$P_CLI tls13_kex_modes=all" \ - 0 - # Tests for datagram packing requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS: multiple records in same datagram, client and server" \ @@ -2596,7 +2759,6 @@ run_test "DTLS: multiple records in same datagram, neither client nor server" # Tests for Context serialization -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, client serializes, CCM" \ "$P_SRV dtls=1 serialize=0 exchanges=2" \ @@ -2605,7 +2767,6 @@ run_test "Context serialization, client serializes, CCM" \ -c "Deserializing connection..." \ -S "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, client serializes, ChaChaPoly" \ "$P_SRV dtls=1 serialize=0 exchanges=2" \ @@ -2614,7 +2775,6 @@ run_test "Context serialization, client serializes, ChaChaPoly" \ -c "Deserializing connection..." \ -S "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, client serializes, GCM" \ "$P_SRV dtls=1 serialize=0 exchanges=2" \ @@ -2641,7 +2801,6 @@ run_test "Context serialization, server serializes, CCM" \ -C "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, server serializes, ChaChaPoly" \ "$P_SRV dtls=1 serialize=1 exchanges=2" \ @@ -2650,7 +2809,6 @@ run_test "Context serialization, server serializes, ChaChaPoly" \ -C "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, server serializes, GCM" \ "$P_SRV dtls=1 serialize=1 exchanges=2" \ @@ -2669,7 +2827,6 @@ run_test "Context serialization, server serializes, with CID" \ -C "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, both serialize, CCM" \ "$P_SRV dtls=1 serialize=1 exchanges=2" \ @@ -2678,7 +2835,6 @@ run_test "Context serialization, both serialize, CCM" \ -c "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, both serialize, ChaChaPoly" \ "$P_SRV dtls=1 serialize=1 exchanges=2" \ @@ -2687,7 +2843,6 @@ run_test "Context serialization, both serialize, ChaChaPoly" \ -c "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, both serialize, GCM" \ "$P_SRV dtls=1 serialize=1 exchanges=2" \ @@ -2723,7 +2878,6 @@ run_test "Context serialization, re-init, client serializes, ChaChaPoly" \ -c "Deserializing connection..." \ -S "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, re-init, client serializes, GCM" \ "$P_SRV dtls=1 serialize=0 exchanges=2" \ @@ -2750,7 +2904,6 @@ run_test "Context serialization, re-init, server serializes, CCM" \ -C "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, re-init, server serializes, ChaChaPoly" \ "$P_SRV dtls=1 serialize=2 exchanges=2" \ @@ -2759,7 +2912,6 @@ run_test "Context serialization, re-init, server serializes, ChaChaPoly" \ -C "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, re-init, server serializes, GCM" \ "$P_SRV dtls=1 serialize=2 exchanges=2" \ @@ -2778,7 +2930,6 @@ run_test "Context serialization, re-init, server serializes, with CID" \ -C "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, re-init, both serialize, CCM" \ "$P_SRV dtls=1 serialize=2 exchanges=2" \ @@ -2787,7 +2938,6 @@ run_test "Context serialization, re-init, both serialize, CCM" \ -c "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, re-init, both serialize, ChaChaPoly" \ "$P_SRV dtls=1 serialize=2 exchanges=2" \ @@ -2796,7 +2946,6 @@ run_test "Context serialization, re-init, both serialize, ChaChaPoly" \ -c "Deserializing connection..." \ -s "Deserializing connection..." -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION run_test "Context serialization, re-init, both serialize, GCM" \ "$P_SRV dtls=1 serialize=2 exchanges=2" \ @@ -3017,7 +3166,6 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \ -S "Use of Connection ID has been negotiated" \ -C "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ @@ -3038,7 +3186,6 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8 -s "Use of Connection ID has been negotiated" \ -c "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ @@ -3059,7 +3206,6 @@ run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \ -s "Use of Connection ID has been negotiated" \ -c "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \ "$P_SRV debug_level=3 dtls=1 cid=1" \ @@ -3080,7 +3226,6 @@ run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \ -s "Use of Connection ID has been negotiated" \ -c "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \ "$P_SRV debug_level=3 dtls=1 cid=1" \ @@ -3099,7 +3244,6 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \ -S "Use of Connection ID has been negotiated" \ -C "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ @@ -3120,7 +3264,6 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" -s "Use of Connection ID has been negotiated" \ -c "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ @@ -3141,7 +3284,6 @@ run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \ -s "Use of Connection ID has been negotiated" \ -c "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \ "$P_SRV debug_level=3 dtls=1 cid=1" \ @@ -3162,7 +3304,6 @@ run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \ -s "Use of Connection ID has been negotiated" \ -c "Use of Connection ID has been negotiated" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \ "$P_SRV debug_level=3 dtls=1 cid=1" \ @@ -3421,7 +3562,6 @@ run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" # This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the # tests check that the buffer contents are reallocated when the message is # larger than the buffer. -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH requires_max_content_len 513 @@ -3436,7 +3576,6 @@ run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \ -s "Reallocating in_buf" \ -s "Reallocating out_buf" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH requires_max_content_len 1025 @@ -3453,7 +3592,6 @@ run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" # Tests for Encrypt-then-MAC extension -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Encrypt then MAC: default" \ "$P_SRV debug_level=3 \ force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ @@ -3466,7 +3604,6 @@ run_test "Encrypt then MAC: default" \ -c "using encrypt then mac" \ -s "using encrypt then mac" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Encrypt then MAC: client enabled, server disabled" \ "$P_SRV debug_level=3 etm=0 \ force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ @@ -3479,7 +3616,6 @@ run_test "Encrypt then MAC: client enabled, server disabled" \ -C "using encrypt then mac" \ -S "using encrypt then mac" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Encrypt then MAC: client enabled, aead cipher" \ "$P_SRV debug_level=3 etm=1 \ force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ @@ -3492,7 +3628,6 @@ run_test "Encrypt then MAC: client enabled, aead cipher" \ -C "using encrypt then mac" \ -S "using encrypt then mac" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Encrypt then MAC: client disabled, server enabled" \ "$P_SRV debug_level=3 etm=1 \ force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ @@ -3507,11 +3642,10 @@ run_test "Encrypt then MAC: client disabled, server enabled" \ # Tests for Extended Master Secret extension -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET run_test "Extended Master Secret: default" \ "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3" \ + "$P_CLI force_version=tls12 debug_level=3" \ 0 \ -c "client hello, adding extended_master_secret extension" \ -s "found extended master secret extension" \ @@ -3520,11 +3654,10 @@ run_test "Extended Master Secret: default" \ -c "session hash for extended master secret" \ -s "session hash for extended master secret" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET run_test "Extended Master Secret: client enabled, server disabled" \ "$P_SRV debug_level=3 extended_ms=0" \ - "$P_CLI debug_level=3 extended_ms=1" \ + "$P_CLI force_version=tls12 debug_level=3 extended_ms=1" \ 0 \ -c "client hello, adding extended_master_secret extension" \ -s "found extended master secret extension" \ @@ -3533,10 +3666,9 @@ run_test "Extended Master Secret: client enabled, server disabled" \ -C "session hash for extended master secret" \ -S "session hash for extended master secret" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET run_test "Extended Master Secret: client disabled, server enabled" \ - "$P_SRV debug_level=3 extended_ms=1" \ + "$P_SRV force_version=tls12 debug_level=3 extended_ms=1" \ "$P_CLI debug_level=3 extended_ms=0" \ 0 \ -C "client hello, adding extended_master_secret extension" \ @@ -3548,7 +3680,6 @@ run_test "Extended Master Secret: client disabled, server enabled" \ # Test sending and receiving empty application data records -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Encrypt then MAC: empty application data record" \ "$P_SRV auth_mode=none debug_level=4 etm=1" \ "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ @@ -3565,7 +3696,6 @@ run_test "Encrypt then MAC: disabled, empty application data record" \ -s "dumping 'input payload after decrypt' (0 bytes)" \ -c "0 bytes written in 1 fragments" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Encrypt then MAC, DTLS: empty application data record" \ "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \ "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \ @@ -3595,10 +3725,9 @@ run_test "CBC Record splitting: TLS 1.2, no splitting" \ # Tests for Session Tickets -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: basic" \ "$P_SRV debug_level=3 tickets=1" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3610,10 +3739,9 @@ run_test "Session resume using tickets: basic" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: manual rotation" \ "$P_SRV debug_level=3 tickets=1 ticket_rotate=1" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3625,10 +3753,9 @@ run_test "Session resume using tickets: manual rotation" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: cache disabled" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3640,10 +3767,9 @@ run_test "Session resume using tickets: cache disabled" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: timeout" \ "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2000" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1 reco_delay=2000" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3655,10 +3781,9 @@ run_test "Session resume using tickets: timeout" \ -S "a session has been resumed" \ -C "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: session copy" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_mode=0" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1 reco_mode=0" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3693,10 +3818,9 @@ run_test "Session resume using tickets: openssl client" \ -s "session successfully restored from ticket" \ -s "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: AES-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3708,10 +3832,9 @@ run_test "Session resume using tickets: AES-128-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: AES-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3723,10 +3846,9 @@ run_test "Session resume using tickets: AES-192-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: AES-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3738,10 +3860,9 @@ run_test "Session resume using tickets: AES-128-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: AES-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3753,10 +3874,9 @@ run_test "Session resume using tickets: AES-192-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: AES-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3768,10 +3888,9 @@ run_test "Session resume using tickets: AES-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: CAMELLIA-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3783,10 +3902,9 @@ run_test "Session resume using tickets: CAMELLIA-128-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: CAMELLIA-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3798,10 +3916,9 @@ run_test "Session resume using tickets: CAMELLIA-192-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: CAMELLIA-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3813,10 +3930,9 @@ run_test "Session resume using tickets: CAMELLIA-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: ARIA-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3828,10 +3944,9 @@ run_test "Session resume using tickets: ARIA-128-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: ARIA-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3843,10 +3958,9 @@ run_test "Session resume using tickets: ARIA-192-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: ARIA-256-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3858,10 +3972,9 @@ run_test "Session resume using tickets: ARIA-256-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: ARIA-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3873,10 +3986,9 @@ run_test "Session resume using tickets: ARIA-128-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: ARIA-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3888,10 +4000,9 @@ run_test "Session resume using tickets: ARIA-192-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: ARIA-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -3903,10 +4014,9 @@ run_test "Session resume using tickets: ARIA-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Session resume using tickets: CHACHA20-POLY1305" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -4008,11 +4118,10 @@ run_test "Session resume using tickets, DTLS: openssl client" \ # Tests for Session Resume based on session-ID and cache -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: tickets enabled on client" \ "$P_SRV debug_level=3 tickets=0" \ - "$P_CLI debug_level=3 tickets=1 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 0 \ -c "client hello, adding session ticket extension" \ -s "found session ticket extension" \ @@ -4024,11 +4133,10 @@ run_test "Session resume using cache: tickets enabled on client" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: tickets enabled on server" \ "$P_SRV debug_level=3 tickets=1" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 0 \ -C "client hello, adding session ticket extension" \ -S "found session ticket extension" \ @@ -4040,76 +4148,85 @@ run_test "Session resume using cache: tickets enabled on server" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: cache_max=0" \ "$P_SRV debug_level=3 tickets=0 cache_max=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 0 \ -S "session successfully restored from cache" \ -S "session successfully restored from ticket" \ -S "a session has been resumed" \ -C "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: cache_max=1" \ "$P_SRV debug_level=3 tickets=0 cache_max=1" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 0 \ -s "session successfully restored from cache" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_CACHE_C +run_test "Session resume using cache: cache removed" \ + "$P_SRV debug_level=3 tickets=0 cache_remove=1" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "client hello, adding session ticket extension" \ + -S "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -S "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -S "a session has been resumed" \ + -C "a session has been resumed" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: timeout > delay" \ "$P_SRV debug_level=3 tickets=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ 0 \ -s "session successfully restored from cache" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: timeout < delay" \ "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \ 0 \ -S "session successfully restored from cache" \ -S "session successfully restored from ticket" \ -S "a session has been resumed" \ -C "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: no timeout" \ "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \ 0 \ -s "session successfully restored from cache" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: session copy" \ "$P_SRV debug_level=3 tickets=0" \ - "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \ + "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_mode=0" \ 0 \ -s "session successfully restored from cache" \ -S "session successfully restored from ticket" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "Session resume using cache: openssl client" \ - "$P_SRV debug_level=3 tickets=0" \ + "$P_SRV force_version=tls12 debug_level=3 tickets=0" \ "( $O_CLI -sess_out $SESSION; \ $O_CLI -sess_in $SESSION; \ rm -f $SESSION )" \ @@ -4363,10 +4480,9 @@ run_test "Max fragment length, DTLS: disabled, larger message" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: used by client" \ "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 max_frag_len=4096" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=4096" \ 0 \ -c "Maximum incoming record payload length is 4096" \ -c "Maximum outgoing record payload length is 4096" \ @@ -4379,10 +4495,9 @@ run_test "Max fragment length: used by client" \ requires_max_content_len 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 512, server 1024" \ "$P_SRV debug_level=3 max_frag_len=1024" \ - "$P_CLI debug_level=3 max_frag_len=512" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=512" \ 0 \ -c "Maximum incoming record payload length is 512" \ -c "Maximum outgoing record payload length is 512" \ @@ -4395,10 +4510,9 @@ run_test "Max fragment length: client 512, server 1024" \ requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 512, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ - "$P_CLI debug_level=3 max_frag_len=512" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=512" \ 0 \ -c "Maximum incoming record payload length is 512" \ -c "Maximum outgoing record payload length is 512" \ @@ -4411,10 +4525,9 @@ run_test "Max fragment length: client 512, server 2048" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 512, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ - "$P_CLI debug_level=3 max_frag_len=512" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=512" \ 0 \ -c "Maximum incoming record payload length is 512" \ -c "Maximum outgoing record payload length is 512" \ @@ -4427,9 +4540,8 @@ run_test "Max fragment length: client 512, server 4096" \ requires_max_content_len 1024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 1024, server 512" \ - "$P_SRV debug_level=3 max_frag_len=512" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=512" \ "$P_CLI debug_level=3 max_frag_len=1024" \ 0 \ -c "Maximum incoming record payload length is 1024" \ @@ -4443,10 +4555,9 @@ run_test "Max fragment length: client 1024, server 512" \ requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 1024, server 2048" \ "$P_SRV debug_level=3 max_frag_len=2048" \ - "$P_CLI debug_level=3 max_frag_len=1024" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=1024" \ 0 \ -c "Maximum incoming record payload length is 1024" \ -c "Maximum outgoing record payload length is 1024" \ @@ -4459,10 +4570,9 @@ run_test "Max fragment length: client 1024, server 2048" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 1024, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ - "$P_CLI debug_level=3 max_frag_len=1024" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=1024" \ 0 \ -c "Maximum incoming record payload length is 1024" \ -c "Maximum outgoing record payload length is 1024" \ @@ -4475,9 +4585,8 @@ run_test "Max fragment length: client 1024, server 4096" \ requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 2048, server 512" \ - "$P_SRV debug_level=3 max_frag_len=512" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=512" \ "$P_CLI debug_level=3 max_frag_len=2048" \ 0 \ -c "Maximum incoming record payload length is 2048" \ @@ -4491,9 +4600,8 @@ run_test "Max fragment length: client 2048, server 512" \ requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 2048, server 1024" \ - "$P_SRV debug_level=3 max_frag_len=1024" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=1024" \ "$P_CLI debug_level=3 max_frag_len=2048" \ 0 \ -c "Maximum incoming record payload length is 2048" \ @@ -4507,10 +4615,9 @@ run_test "Max fragment length: client 2048, server 1024" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 2048, server 4096" \ "$P_SRV debug_level=3 max_frag_len=4096" \ - "$P_CLI debug_level=3 max_frag_len=2048" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=2048" \ 0 \ -c "Maximum incoming record payload length is 2048" \ -c "Maximum outgoing record payload length is 2048" \ @@ -4523,9 +4630,8 @@ run_test "Max fragment length: client 2048, server 4096" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 4096, server 512" \ - "$P_SRV debug_level=3 max_frag_len=512" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=512" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ -c "Maximum incoming record payload length is 4096" \ @@ -4539,9 +4645,8 @@ run_test "Max fragment length: client 4096, server 512" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 4096, server 1024" \ - "$P_SRV debug_level=3 max_frag_len=1024" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=1024" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ -c "Maximum incoming record payload length is 4096" \ @@ -4555,9 +4660,8 @@ run_test "Max fragment length: client 4096, server 1024" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client 4096, server 2048" \ - "$P_SRV debug_level=3 max_frag_len=2048" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=2048" \ "$P_CLI debug_level=3 max_frag_len=4096" \ 0 \ -c "Maximum incoming record payload length is 4096" \ @@ -4571,9 +4675,8 @@ run_test "Max fragment length: client 4096, server 2048" \ requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: used by server" \ - "$P_SRV debug_level=3 max_frag_len=4096" \ + "$P_SRV force_version=tls12 debug_level=3 max_frag_len=4096" \ "$P_CLI debug_level=3" \ 0 \ -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ @@ -4600,10 +4703,9 @@ run_test "Max fragment length: gnutls server" \ requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client, message just fits" \ "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=2048 request_size=2048" \ 0 \ -c "Maximum incoming record payload length is 2048" \ -c "Maximum outgoing record payload length is 2048" \ @@ -4618,10 +4720,9 @@ run_test "Max fragment length: client, message just fits" \ requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: client, larger message" \ "$P_SRV debug_level=3" \ - "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \ + "$P_CLI force_version=tls12 debug_level=3 max_frag_len=2048 request_size=2345" \ 0 \ -c "Maximum incoming record payload length is 2048" \ -c "Maximum outgoing record payload length is 2048" \ @@ -4652,13 +4753,46 @@ run_test "Max fragment length: DTLS client, larger message" \ -c "found max_fragment_length extension" \ -c "fragment larger than.*maximum" +# Tests for Record Size Limit extension + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server-side parsing, debug output and fatal alert" \ + "$P_SRV debug_level=3 force_version=tls13" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ + 1 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 16385 Bytes" \ + -c "Received alert \[110]: An unsupported extension was sent" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Client-side parsing, debug output and fatal alert" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \ + "$P_CLI debug_level=4 force_version=tls13" \ + 0 \ + -s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'" +# The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send +# a response in its EncryptedExtensions record. +# -s "Parsing extension 'Record Size Limit/28 (2 bytes)" \ +# -s "Sending extension Record Size Limit/28 (2 bytes)" \ +# -c "EncryptedExtensions: record_size_limit(28) extension received."\ +# -c "found record_size_limit extension" \ +# -c "RecordSizeLimit: 16385 Bytes" \ +# -s "Received alert \[110]: An unsupported extension was sent" + # Tests for renegotiation # Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: none, for reference" \ "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=2" \ 0 \ -C "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4670,10 +4804,9 @@ run_test "Renegotiation: none, for reference" \ -S "write hello request" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: client-initiated" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4685,9 +4818,8 @@ run_test "Renegotiation: client-initiated" \ -S "write hello request" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: server-initiated" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 0 \ -c "client hello, adding renegotiation extension" \ @@ -4703,10 +4835,9 @@ run_test "Renegotiation: server-initiated" \ # the server did not parse the Signature Algorithm extension. This test is valid only if an MD # algorithm stronger than SHA-1 is enabled in mbedtls_config.h requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4722,9 +4853,8 @@ run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ # the server did not parse the Signature Algorithm extension. This test is valid only if an MD # algorithm stronger than SHA-1 is enabled in mbedtls_config.h requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 0 \ -c "client hello, adding renegotiation extension" \ @@ -4738,10 +4868,9 @@ run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \ -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: double" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4755,9 +4884,8 @@ run_test "Renegotiation: double" \ requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation with max fragment length: client 2048, server 512" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 \ -c "Maximum incoming record payload length is 2048" \ @@ -4778,10 +4906,9 @@ run_test "Renegotiation with max fragment length: client 2048, server 512" \ -s "write hello request" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: client-initiated, server-rejected" \ "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 1 \ -c "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4795,9 +4922,8 @@ run_test "Renegotiation: client-initiated, server-rejected" \ -c "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: server-initiated, client-rejected, default" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 0 \ -C "client hello, adding renegotiation extension" \ @@ -4812,9 +4938,8 @@ run_test "Renegotiation: server-initiated, client-rejected, default" \ -S "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ renego_delay=-1 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 0 \ @@ -4831,9 +4956,8 @@ run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ # delay 2 for 1 alert record + 1 application data record requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ renego_delay=2 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 0 \ @@ -4849,9 +4973,8 @@ run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ -S "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ renego_delay=0 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 0 \ @@ -4866,9 +4989,8 @@ run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ -s "SSL - An unexpected message was received from our peer" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ - "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ renego_delay=0 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 0 \ @@ -4884,10 +5006,9 @@ run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ -S "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: periodic, just below period" \ "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1" \ 0 \ -C "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4903,9 +5024,8 @@ run_test "Renegotiation: periodic, just below period" \ # one extra exchange to be able to complete renego requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: periodic, just above period" \ - "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ 0 \ -c "client hello, adding renegotiation extension" \ @@ -4921,10 +5041,9 @@ run_test "Renegotiation: periodic, just above period" \ -S "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: periodic, two times period" \ "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ - "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=7 renegotiation=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4939,9 +5058,8 @@ run_test "Renegotiation: periodic, two times period" \ -S "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: periodic, above period, disabled" \ - "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ + "$P_SRV force_version=tls12 debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ 0 \ -C "client hello, adding renegotiation extension" \ @@ -4957,10 +5075,9 @@ run_test "Renegotiation: periodic, above period, disabled" \ -S "failed" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: nbio, client-initiated" \ "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \ - "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ + "$P_CLI force_version=tls12 debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ @@ -4972,9 +5089,8 @@ run_test "Renegotiation: nbio, client-initiated" \ -S "write hello request" requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: nbio, server-initiated" \ - "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ + "$P_SRV force_version=tls12 debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \ 0 \ -c "client hello, adding renegotiation extension" \ @@ -5255,23 +5371,20 @@ run_test "Authentication: server badcert, client required" \ -c "! mbedtls_ssl_handshake returned" \ -c "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server badcert, client optional" \ "$P_SRV crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ - "$P_CLI debug_level=1 auth_mode=optional" \ + "$P_CLI force_version=tls12 debug_level=1 auth_mode=optional" \ 0 \ -c "x509_verify_cert() returned" \ -c "! The certificate is not correctly signed by the trusted CA" \ -C "! mbedtls_ssl_handshake returned" \ -C "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server goodcert, client optional, no trusted CA" \ "$P_SRV" \ - "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ + "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ 0 \ -c "x509_verify_cert() returned" \ -c "! The certificate is not correctly signed by the trusted CA" \ @@ -5298,43 +5411,34 @@ run_test "Authentication: server goodcert, client required, no trusted CA" \ # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a # different means to have the server ignoring the client's supported curve list. -requires_config_enabled MBEDTLS_ECP_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \ "$P_SRV debug_level=1 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \ + "$P_CLI force_version=tls12 debug_level=3 auth_mode=required groups=secp521r1" \ 1 \ -c "bad certificate (EC key curve)"\ -c "! Certificate verification flags"\ -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage -requires_config_enabled MBEDTLS_ECP_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \ "$P_SRV debug_level=1 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \ + "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional groups=secp521r1" \ 1 \ -c "bad certificate (EC key curve)"\ -c "! Certificate verification flags"\ -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server badcert, client none" \ "$P_SRV crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ - "$P_CLI debug_level=1 auth_mode=none" \ + "$P_CLI force_version=tls12 debug_level=1 auth_mode=none" \ 0 \ -C "x509_verify_cert() returned" \ -C "! The certificate is not correctly signed by the trusted CA" \ -C "! mbedtls_ssl_handshake returned" \ -C "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: client SHA256, server required" \ "$P_SRV auth_mode=required" \ @@ -5345,7 +5449,6 @@ run_test "Authentication: client SHA256, server required" \ -c "Supported Signature Algorithm found: 04 " \ -c "Supported Signature Algorithm found: 05 " -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: client SHA384, server required" \ "$P_SRV auth_mode=required" \ @@ -5479,11 +5582,11 @@ run_test "Authentication: client no cert, server optional" \ -C "! mbedtls_ssl_handshake returned" \ -S "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_openssl_tls1_3_with_compatible_ephemeral +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: openssl client no cert, server optional" \ "$P_SRV debug_level=3 auth_mode=optional" \ - "$O_CLI" \ + "$O_NEXT_CLI_NO_CERT -no_middlebox" \ 0 \ -S "skip write certificate request" \ -s "skip parse certificate verify" \ @@ -5492,7 +5595,6 @@ run_test "Authentication: openssl client no cert, server optional" \ -S "X509 - Certificate verification failed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: client no cert, openssl server optional" \ "$O_SRV -verify 10 -tls1_2" \ "$P_CLI debug_level=3 crt_file=none key_file=none" \ @@ -5504,7 +5606,6 @@ run_test "Authentication: client no cert, openssl server optional" \ -C "! mbedtls_ssl_handshake returned" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: client no cert, openssl server required" \ "$O_SRV -Verify 10 -tls1_2" \ "$P_CLI debug_level=3 crt_file=none key_file=none" \ @@ -5527,7 +5628,6 @@ MAX_IM_CA='8' # are in place so that the semantics are consistent with the test description. requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: server max_int chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ key_file=data_files/dir-maxpath/09.key" \ @@ -5537,7 +5637,6 @@ run_test "Authentication: server max_int chain, client default" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: server max_int+1 chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ @@ -5547,31 +5646,26 @@ run_test "Authentication: server max_int+1 chain, client default" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server max_int+1 chain, client optional" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ + "$P_CLI force_version=tls12 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ auth_mode=optional" \ 1 \ -c "X509 - A fatal error occurred" requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: server max_int+1 chain, client none" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ + "$P_CLI force_version=tls12 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ auth_mode=none" \ 0 \ -C "X509 - A fatal error occurred" requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: client max_int+1 chain, server default" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ @@ -5581,7 +5675,6 @@ run_test "Authentication: client max_int+1 chain, server default" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: client max_int+1 chain, server optional" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ @@ -5591,7 +5684,6 @@ run_test "Authentication: client max_int+1 chain, server optional" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: client max_int+1 chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ @@ -5601,7 +5693,6 @@ run_test "Authentication: client max_int+1 chain, server required" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer -requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Authentication: client max_int chain, server required" \ "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \ @@ -5611,28 +5702,24 @@ run_test "Authentication: client max_int chain, server required" \ # Tests for CA list in CertificateRequest messages -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: send CA list in CertificateRequest (default)" \ "$P_SRV debug_level=3 auth_mode=required" \ - "$P_CLI crt_file=data_files/server6.crt \ + "$P_CLI force_version=tls12 crt_file=data_files/server6.crt \ key_file=data_files/server6.key" \ 0 \ -s "requested DN" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: do not send CA list in CertificateRequest" \ "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ - "$P_CLI crt_file=data_files/server6.crt \ + "$P_CLI force_version=tls12 crt_file=data_files/server6.crt \ key_file=data_files/server6.key" \ 0 \ -S "requested DN" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: send CA list in CertificateRequest, client self signed" \ - "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ + "$P_SRV force_version=tls12 debug_level=3 auth_mode=required cert_req_ca_list=0" \ "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ key_file=data_files/server5.key" \ 1 \ @@ -5643,37 +5730,34 @@ run_test "Authentication: send CA list in CertificateRequest, client self sig -c "! mbedtls_ssl_handshake returned" \ -s "X509 - Certificate verification failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: send alt conf DN hints in CertificateRequest" \ "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \ crt_file2=data_files/server1.crt \ key_file2=data_files/server1.key" \ - "$P_CLI debug_level=3 auth_mode=optional \ + "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional \ crt_file=data_files/server6.crt \ key_file=data_files/server6.key" \ 0 \ -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: send alt conf DN hints in CertificateRequest (2)" \ "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \ crt_file2=data_files/server2.crt \ key_file2=data_files/server2.key" \ - "$P_CLI debug_level=3 auth_mode=optional \ + "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional \ crt_file=data_files/server6.crt \ key_file=data_files/server6.key" \ 0 \ -c "DN hint: C=NL, O=PolarSSL, CN=localhost" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication: send alt hs DN hints in CertificateRequest" \ "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=3 \ crt_file2=data_files/server1.crt \ key_file2=data_files/server1.key" \ - "$P_CLI debug_level=3 auth_mode=optional \ + "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional \ crt_file=data_files/server6.crt \ key_file=data_files/server6.key" \ 0 \ @@ -5683,12 +5767,10 @@ run_test "Authentication: send alt hs DN hints in CertificateRequest" \ # When updating these tests, modify the matching authentication tests accordingly requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server badcert, client required" \ "$P_SRV crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ - "$P_CLI ca_callback=1 debug_level=3 auth_mode=required" \ + "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 auth_mode=required" \ 1 \ -c "use CA callback for X.509 CRT verification" \ -c "x509_verify_cert() returned" \ @@ -5697,12 +5779,10 @@ run_test "Authentication, CA callback: server badcert, client required" \ -c "X509 - Certificate verification failed" requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server badcert, client optional" \ "$P_SRV crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ - "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional" \ + "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 auth_mode=optional" \ 0 \ -c "use CA callback for X.509 CRT verification" \ -c "x509_verify_cert() returned" \ @@ -5717,28 +5797,22 @@ run_test "Authentication, CA callback: server badcert, client optional" \ # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a # different means to have the server ignoring the client's supported curve list. -requires_config_enabled MBEDTLS_ECP_C requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \ "$P_SRV debug_level=1 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI ca_callback=1 debug_level=3 auth_mode=required curves=secp521r1" \ + "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 auth_mode=required groups=secp521r1" \ 1 \ -c "use CA callback for X.509 CRT verification" \ -c "bad certificate (EC key curve)" \ -c "! Certificate verification flags" \ -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage -requires_config_enabled MBEDTLS_ECP_C requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \ "$P_SRV debug_level=1 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ka.crt" \ - "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional curves=secp521r1" \ + "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 auth_mode=optional groups=secp521r1" \ 1 \ -c "use CA callback for X.509 CRT verification" \ -c "bad certificate (EC key curve)"\ @@ -5746,7 +5820,6 @@ run_test "Authentication, CA callback: server ECDH p256v1, client optional, p -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client SHA256, server required" \ "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ @@ -5759,7 +5832,6 @@ run_test "Authentication, CA callback: client SHA256, server required" \ -c "Supported Signature Algorithm found: 05 " requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client SHA384, server required" \ "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ @@ -5772,10 +5844,8 @@ run_test "Authentication, CA callback: client SHA384, server required" \ -c "Supported Signature Algorithm found: 05 " requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client badcert, server required" \ - "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ + "$P_SRV force_version=tls12 ca_callback=1 debug_level=3 auth_mode=required" \ "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ 1 \ @@ -5797,10 +5867,8 @@ run_test "Authentication, CA callback: client badcert, server required" \ # before reading the alert message. requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client cert not trusted, server required" \ - "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ + "$P_SRV force_version=tls12 ca_callback=1 debug_level=3 auth_mode=required" \ "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \ key_file=data_files/server5.key" \ 1 \ @@ -5818,10 +5886,8 @@ run_test "Authentication, CA callback: client cert not trusted, server requir -s "X509 - Certificate verification failed" requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client badcert, server optional" \ - "$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \ + "$P_SRV force_version=tls12 ca_callback=1 debug_level=3 auth_mode=optional" \ "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ 0 \ @@ -5841,12 +5907,10 @@ run_test "Authentication, CA callback: client badcert, server optional" \ requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server max_int chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \ key_file=data_files/dir-maxpath/09.key" \ - "$P_CLI ca_callback=1 debug_level=3 server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \ + "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \ 0 \ -c "use CA callback for X.509 CRT verification" \ -C "X509 - A fatal error occurred" @@ -5854,12 +5918,10 @@ run_test "Authentication, CA callback: server max_int chain, client default" requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server max_int+1 chain, client default" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI debug_level=3 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \ + "$P_CLI force_version=tls12 debug_level=3 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \ 1 \ -c "use CA callback for X.509 CRT verification" \ -c "X509 - A fatal error occurred" @@ -5867,12 +5929,10 @@ run_test "Authentication, CA callback: server max_int+1 chain, client default requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: server max_int+1 chain, client optional" \ "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ - "$P_CLI ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ + "$P_CLI force_version=tls12 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \ debug_level=3 auth_mode=optional" \ 1 \ -c "use CA callback for X.509 CRT verification" \ @@ -5881,10 +5941,8 @@ run_test "Authentication, CA callback: server max_int+1 chain, client optiona requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client max_int+1 chain, server optional" \ - "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ + "$P_SRV force_version=tls12 ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ 1 \ @@ -5894,10 +5952,8 @@ run_test "Authentication, CA callback: client max_int+1 chain, server optiona requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client max_int+1 chain, server required" \ - "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ + "$P_SRV force_version=tls12 ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \ key_file=data_files/dir-maxpath/10.key" \ 1 \ @@ -5907,10 +5963,8 @@ run_test "Authentication, CA callback: client max_int+1 chain, server require requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA requires_full_size_output_buffer requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Authentication, CA callback: client max_int chain, server required" \ - "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ + "$P_SRV force_version=tls12 ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \ "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \ key_file=data_files/dir-maxpath/09.key" \ 0 \ @@ -6245,8 +6299,7 @@ run_test "Non-blocking I/O: client auth" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Non-blocking I/O: ticket" \ "$P_SRV nbio=2 tickets=1 auth_mode=none" \ "$P_CLI nbio=2 tickets=1" \ @@ -6255,8 +6308,7 @@ run_test "Non-blocking I/O: ticket" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Non-blocking I/O: ticket + client auth" \ "$P_SRV nbio=2 tickets=1 auth_mode=required" \ "$P_CLI nbio=2 tickets=1" \ @@ -6265,9 +6317,19 @@ run_test "Non-blocking I/O: ticket + client auth" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT -run_test "Non-blocking I/O: ticket + client auth + resume" \ +run_test "Non-blocking I/O: TLS 1.2 + ticket + client auth + resume" \ + "$P_SRV nbio=2 tickets=1 auth_mode=required" \ + "$P_CLI force_version=tls12 nbio=2 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "Non-blocking I/O: TLS 1.3 + ticket + client auth + resume" \ "$P_SRV nbio=2 tickets=1 auth_mode=required" \ "$P_CLI nbio=2 tickets=1 reconnect=1" \ 0 \ @@ -6275,9 +6337,19 @@ run_test "Non-blocking I/O: ticket + client auth + resume" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT -run_test "Non-blocking I/O: ticket + resume" \ +run_test "Non-blocking I/O: TLS 1.2 + ticket + resume" \ + "$P_SRV nbio=2 tickets=1 auth_mode=none" \ + "$P_CLI force_version=tls12 nbio=2 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "Non-blocking I/O: TLS 1.3 + ticket + resume" \ "$P_SRV nbio=2 tickets=1 auth_mode=none" \ "$P_CLI nbio=2 tickets=1 reconnect=1" \ 0 \ @@ -6285,11 +6357,10 @@ run_test "Non-blocking I/O: ticket + resume" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Non-blocking I/O: session-id resume" \ "$P_SRV nbio=2 tickets=0 auth_mode=none" \ - "$P_CLI nbio=2 tickets=0 reconnect=1" \ + "$P_CLI force_version=tls12 nbio=2 tickets=0 reconnect=1" \ 0 \ -S "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \ @@ -6315,8 +6386,7 @@ run_test "Event-driven I/O: client auth" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Event-driven I/O: ticket" \ "$P_SRV event=1 tickets=1 auth_mode=none" \ "$P_CLI event=1 tickets=1" \ @@ -6325,8 +6395,7 @@ run_test "Event-driven I/O: ticket" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "Event-driven I/O: ticket + client auth" \ "$P_SRV event=1 tickets=1 auth_mode=required" \ "$P_CLI event=1 tickets=1" \ @@ -6335,9 +6404,19 @@ run_test "Event-driven I/O: ticket + client auth" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT -run_test "Event-driven I/O: ticket + client auth + resume" \ +run_test "Event-driven I/O: TLS 1.2 + ticket + client auth + resume" \ + "$P_SRV event=1 tickets=1 auth_mode=required" \ + "$P_CLI force_version=tls12 event=1 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "Event-driven I/O: TLS 1.3 + ticket + client auth + resume" \ "$P_SRV event=1 tickets=1 auth_mode=required" \ "$P_CLI event=1 tickets=1 reconnect=1" \ 0 \ @@ -6345,9 +6424,19 @@ run_test "Event-driven I/O: ticket + client auth + resume" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT -run_test "Event-driven I/O: ticket + resume" \ +run_test "Event-driven I/O: TLS 1.2 + ticket + resume" \ + "$P_SRV event=1 tickets=1 auth_mode=none" \ + "$P_CLI force_version=tls12 event=1 tickets=1 reconnect=1" \ + 0 \ + -S "mbedtls_ssl_handshake returned" \ + -C "mbedtls_ssl_handshake returned" \ + -c "Read from server: .* bytes read" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "Event-driven I/O: TLS 1.3 + ticket + resume" \ "$P_SRV event=1 tickets=1 auth_mode=none" \ "$P_CLI event=1 tickets=1 reconnect=1" \ 0 \ @@ -6355,11 +6444,10 @@ run_test "Event-driven I/O: ticket + resume" \ -C "mbedtls_ssl_handshake returned" \ -c "Read from server: .* bytes read" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT run_test "Event-driven I/O: session-id resume" \ "$P_SRV event=1 tickets=0 auth_mode=none" \ - "$P_CLI event=1 tickets=0 reconnect=1" \ + "$P_CLI force_version=tls12 event=1 tickets=0 reconnect=1" \ 0 \ -S "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \ @@ -6429,10 +6517,9 @@ run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \ # Tests for version negotiation -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Version check: all -> 1.2" \ "$P_SRV" \ - "$P_CLI" \ + "$P_CLI force_version=tls12" \ 0 \ -S "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \ @@ -6576,50 +6663,45 @@ run_test "ALPN: both, no common" \ # Tests for keyUsage in leaf certificates, part 1: # server-side certificate/suite selection -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \ - "$P_SRV key_file=data_files/server2.key \ + "$P_SRV force_version=tls12 key_file=data_files/server2.key \ crt_file=data_files/server2.ku-ds.crt" \ "$P_CLI" \ 0 \ -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \ - "$P_SRV key_file=data_files/server2.key \ + "$P_SRV force_version=tls12 key_file=data_files/server2.key \ crt_file=data_files/server2.ku-ke.crt" \ "$P_CLI" \ 0 \ -c "Ciphersuite is TLS-RSA-WITH-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage srv: RSA, keyAgreement -> fail" \ - "$P_SRV key_file=data_files/server2.key \ + "$P_SRV force_version=tls12 key_file=data_files/server2.key \ crt_file=data_files/server2.ku-ka.crt" \ "$P_CLI" \ 1 \ -C "Ciphersuite is " -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \ - "$P_SRV key_file=data_files/server5.key \ + "$P_SRV force_version=tls12 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ds.crt" \ "$P_CLI" \ 0 \ -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \ - "$P_SRV key_file=data_files/server5.key \ + "$P_SRV force_version=tls12 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ka.crt" \ "$P_CLI" \ 0 \ -c "Ciphersuite is TLS-ECDH-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \ - "$P_SRV key_file=data_files/server5.key \ + "$P_SRV force_version=tls12 key_file=data_files/server5.key \ crt_file=data_files/server5.ku-ke.crt" \ "$P_CLI" \ 1 \ @@ -6628,7 +6710,6 @@ run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \ # Tests for keyUsage in leaf certificates, part 2: # client-side checking of server cert -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ds_ke.crt" \ @@ -6639,7 +6720,6 @@ run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ds_ke.crt" \ @@ -6650,7 +6730,6 @@ run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: KeyEncipherment, RSA: OK" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ke.crt" \ @@ -6661,7 +6740,6 @@ run_test "keyUsage cli: KeyEncipherment, RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ke.crt" \ @@ -6672,7 +6750,6 @@ run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is TLS-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ke.crt" \ @@ -6684,7 +6761,6 @@ run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \ -c "Ciphersuite is TLS-" \ -c "! Usage does not match the keyUsage extension" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ds.crt" \ @@ -6695,7 +6771,6 @@ run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is TLS-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: DigitalSignature, RSA: fail" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ds.crt" \ @@ -6706,7 +6781,6 @@ run_test "keyUsage cli: DigitalSignature, RSA: fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is TLS-" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ "$O_SRV -tls1_2 -key data_files/server2.key \ -cert data_files/server2.ku-ds.crt" \ @@ -6718,7 +6792,7 @@ run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \ -c "Ciphersuite is TLS-" \ -c "! Usage does not match the keyUsage extension" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \ @@ -6730,7 +6804,7 @@ run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail" \ @@ -6742,7 +6816,7 @@ run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail" \ @@ -6754,7 +6828,7 @@ run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \ @@ -6766,7 +6840,7 @@ run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail" \ @@ -6778,7 +6852,7 @@ run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: fail" \ @@ -6840,7 +6914,7 @@ run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \ -s "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \ @@ -6852,7 +6926,7 @@ run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \ @@ -6863,7 +6937,7 @@ run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \ -s "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \ @@ -6875,7 +6949,7 @@ run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \ @@ -6888,28 +6962,28 @@ run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \ # Tests for extendedKeyUsage, part 1: server-side certificate/suite selection -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "extKeyUsage srv: serverAuth -> OK" \ "$P_SRV key_file=data_files/server5.key \ crt_file=data_files/server5.eku-srv.crt" \ "$P_CLI" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ "$P_SRV key_file=data_files/server5.key \ crt_file=data_files/server5.eku-srv.crt" \ "$P_CLI" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ "$P_SRV key_file=data_files/server5.key \ crt_file=data_files/server5.eku-cs_any.crt" \ "$P_CLI" \ 0 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_key_exchange_with_cert_in_tls12_or_tls13_enabled run_test "extKeyUsage srv: codeSign -> fail" \ "$P_SRV key_file=data_files/server5.key \ crt_file=data_files/server5.eku-cli.crt" \ @@ -6958,7 +7032,7 @@ run_test "extKeyUsage cli: codeSign -> fail" \ -c "Processing of the Certificate handshake message failed" \ -C "Ciphersuite is TLS-" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli 1.3: serverAuth -> OK" \ @@ -6970,7 +7044,7 @@ run_test "extKeyUsage cli 1.3: serverAuth -> OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \ @@ -6982,7 +7056,7 @@ run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \ @@ -6994,7 +7068,7 @@ run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \ -C "Processing of the Certificate handshake message failed" \ -c "Ciphersuite is" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli 1.3: codeSign -> fail" \ @@ -7053,7 +7127,7 @@ run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \ -s "bad certificate (usage extensions)" \ -s "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \ @@ -7064,7 +7138,7 @@ run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \ @@ -7075,7 +7149,7 @@ run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \ @@ -7086,7 +7160,7 @@ run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \ -S "bad certificate (usage extensions)" \ -S "Processing of the Certificate handshake message failed" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \ @@ -7099,7 +7173,6 @@ run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \ # Tests for DHM parameters loading -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM parameters: reference" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7108,7 +7181,6 @@ run_test "DHM parameters: reference" \ -c "value of 'DHM: P ' (2048 bits)" \ -c "value of 'DHM: G ' (2 bits)" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM parameters: other parameters" \ "$P_SRV dhm_file=data_files/dhparams.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7119,7 +7191,6 @@ run_test "DHM parameters: other parameters" \ # Tests for DHM client-side size checking -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server default, client default, OK" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7127,7 +7198,6 @@ run_test "DHM size: server default, client default, OK" \ 0 \ -C "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server default, client 2048, OK" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7135,7 +7205,6 @@ run_test "DHM size: server default, client 2048, OK" \ 0 \ -C "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 1024, client default, OK" \ "$P_SRV dhm_file=data_files/dhparams.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7143,7 +7212,6 @@ run_test "DHM size: server 1024, client default, OK" \ 0 \ -C "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 999, client 999, OK" \ "$P_SRV dhm_file=data_files/dh.999.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7151,7 +7219,6 @@ run_test "DHM size: server 999, client 999, OK" \ 0 \ -C "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 1000, client 1000, OK" \ "$P_SRV dhm_file=data_files/dh.1000.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7159,7 +7226,6 @@ run_test "DHM size: server 1000, client 1000, OK" \ 0 \ -C "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 1000, client default, rejected" \ "$P_SRV dhm_file=data_files/dh.1000.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7167,7 +7233,6 @@ run_test "DHM size: server 1000, client default, rejected" \ 1 \ -c "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 1000, client 1001, rejected" \ "$P_SRV dhm_file=data_files/dh.1000.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7175,7 +7240,6 @@ run_test "DHM size: server 1000, client 1001, rejected" \ 1 \ -c "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 999, client 1000, rejected" \ "$P_SRV dhm_file=data_files/dh.999.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7183,7 +7247,6 @@ run_test "DHM size: server 999, client 1000, rejected" \ 1 \ -c "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server 998, client 999, rejected" \ "$P_SRV dhm_file=data_files/dh.998.pem" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7191,7 +7254,6 @@ run_test "DHM size: server 998, client 999, rejected" \ 1 \ -c "DHM prime too short:" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DHM size: server default, client 2049, rejected" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ @@ -7201,7 +7263,6 @@ run_test "DHM size: server default, client 2049, rejected" \ # Tests for PSK callback -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: psk, no callback" \ "$P_SRV psk=abc123 psk_identity=foo" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7212,7 +7273,6 @@ run_test "PSK callback: psk, no callback" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7225,7 +7285,6 @@ run_test "PSK callback: opaque psk on client, no callback" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7238,7 +7297,6 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7251,7 +7309,6 @@ run_test "PSK callback: opaque psk on client, no callback, EMS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7264,7 +7321,6 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque rsa-psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ @@ -7277,7 +7333,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7290,7 +7345,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ @@ -7303,7 +7357,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7316,7 +7369,6 @@ run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque ecdhe-psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ @@ -7329,7 +7381,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7342,7 +7393,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ @@ -7355,7 +7405,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7368,7 +7417,6 @@ run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque dhe-psk on client, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ @@ -7381,7 +7429,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7394,7 +7441,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ @@ -7407,7 +7453,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7420,7 +7465,6 @@ run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7433,7 +7477,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7446,7 +7489,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7460,7 +7502,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7474,7 +7515,6 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ @@ -7487,7 +7527,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7500,7 +7539,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7514,7 +7552,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7528,7 +7565,6 @@ run_test "PSK callback: raw rsa-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ @@ -7541,7 +7577,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7554,7 +7589,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7568,7 +7602,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7582,7 +7615,6 @@ run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \ "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ @@ -7595,7 +7627,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7608,7 +7639,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7622,7 +7652,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7636,7 +7665,6 @@ run_test "PSK callback: raw dhe-psk on client, static opaque on server, no ca -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7649,7 +7677,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7662,7 +7689,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7676,7 +7702,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7690,7 +7715,6 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ @@ -7703,7 +7727,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7716,7 +7739,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7730,7 +7752,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7744,7 +7765,6 @@ run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ @@ -7757,7 +7777,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7770,7 +7789,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7784,7 +7802,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7798,7 +7815,6 @@ run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on serve -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ @@ -7811,7 +7827,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ @@ -7824,7 +7839,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ @@ -7838,7 +7852,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ @@ -7852,7 +7865,6 @@ run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, o -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7865,7 +7877,6 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7878,7 +7889,6 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7891,7 +7901,6 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7904,7 +7913,6 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7912,7 +7920,6 @@ run_test "PSK callback: raw psk on client, matching opaque PSK on server, wro 1 \ -s "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: no psk, no callback" \ "$P_SRV" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7922,7 +7929,6 @@ run_test "PSK callback: no psk, no callback" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: callback overrides other settings" \ "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7932,7 +7938,6 @@ run_test "PSK callback: callback overrides other settings" \ -s "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: first id matches" \ "$P_SRV psk_list=abc,dead,def,beef" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7942,7 +7947,6 @@ run_test "PSK callback: first id matches" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: second id matches" \ "$P_SRV psk_list=abc,dead,def,beef" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7952,7 +7956,6 @@ run_test "PSK callback: second id matches" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: no match" \ "$P_SRV psk_list=abc,dead,def,beef" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7962,7 +7965,6 @@ run_test "PSK callback: no match" \ -s "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "PSK callback: wrong key" \ "$P_SRV psk_list=abc,dead,def,beef" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ @@ -7990,7 +7992,6 @@ run_test "ECJPAKE: client not configured" \ -S "SSL - The handshake negotiation failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: server not configured" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 ecjpake_pw=bla \ @@ -8008,7 +8009,6 @@ run_test "ECJPAKE: server not configured" \ # Note: if the name of this test is changed, then please adjust the corresponding # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_CLI debug_level=3 ecjpake_pw=bla \ @@ -8027,7 +8027,6 @@ run_test "ECJPAKE: working, TLS" \ requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: opaque password client+server, working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ @@ -8050,7 +8049,6 @@ run_test "ECJPAKE: opaque password client+server, working, TLS" \ # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: opaque password client only, working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ @@ -8073,7 +8071,6 @@ run_test "ECJPAKE: opaque password client only, working, TLS" \ # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: opaque password server only, working, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_CLI debug_level=3 ecjpake_pw=bla\ @@ -8094,7 +8091,6 @@ run_test "ECJPAKE: opaque password server only, working, TLS" \ server_needs_more_time 1 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: password mismatch, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_CLI debug_level=3 ecjpake_pw=bad \ @@ -8106,7 +8102,6 @@ run_test "ECJPAKE: password mismatch, TLS" \ server_needs_more_time 1 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED requires_config_enabled MBEDTLS_USE_PSA_CRYPTO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE_OPAQUE_PW: opaque password mismatch, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ "$P_CLI debug_level=3 ecjpake_pw=bad ecjpake_pw_opaque=1 \ @@ -8118,7 +8113,6 @@ run_test "ECJPAKE_OPAQUE_PW: opaque password mismatch, TLS" \ -s "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: working, DTLS" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ @@ -8128,7 +8122,6 @@ run_test "ECJPAKE: working, DTLS" \ -S "SSL - Verification of the message MAC failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: working, DTLS, no cookie" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ @@ -8139,7 +8132,6 @@ run_test "ECJPAKE: working, DTLS, no cookie" \ server_needs_more_time 1 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: password mismatch, DTLS" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ @@ -8150,7 +8142,6 @@ run_test "ECJPAKE: password mismatch, DTLS" \ # for tests with configs/config-thread.h requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ECJPAKE: working, DTLS, nolog" \ "$P_SRV dtls=1 ecjpake_pw=bla" \ "$P_CLI dtls=1 ecjpake_pw=bla \ @@ -8160,9 +8151,8 @@ run_test "ECJPAKE: working, DTLS, nolog" \ # Test for ClientHello without extensions requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ClientHello without extensions" \ - "$P_SRV debug_level=3" \ + "$P_SRV force_version=tls12 debug_level=3" \ "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \ 0 \ -s "dumping 'client hello extensions' (0 bytes)" @@ -8238,7 +8228,7 @@ run_test "Small client packet TLS 1.2 AEAD shorter tag" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Small client packet TLS 1.3 AEAD" \ - "$P_SRV force_version=tls13" \ + "$P_SRV" \ "$P_CLI request_size=1 \ force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 0 \ @@ -8246,7 +8236,7 @@ run_test "Small client packet TLS 1.3 AEAD" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Small client packet TLS 1.3 AEAD shorter tag" \ - "$P_SRV force_version=tls13" \ + "$P_SRV" \ "$P_CLI request_size=1 \ force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 0 \ @@ -8304,14 +8294,14 @@ run_test "Small server packet TLS 1.2 AEAD shorter tag" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Small server packet TLS 1.3 AEAD" \ - "$P_SRV response_size=1 force_version=tls13" \ + "$P_SRV response_size=1" \ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 0 \ -c "Read from server: 1 bytes read" requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Small server packet TLS 1.3 AEAD shorter tag" \ - "$P_SRV response_size=1 force_version=tls13" \ + "$P_SRV response_size=1" \ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 0 \ -c "Read from server: 1 bytes read" @@ -8382,7 +8372,7 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large client packet TLS 1.3 AEAD" \ - "$P_SRV force_version=tls13" \ + "$P_SRV" \ "$P_CLI request_size=16384 \ force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 0 \ @@ -8391,7 +8381,7 @@ run_test "Large client packet TLS 1.3 AEAD" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large client packet TLS 1.3 AEAD shorter tag" \ - "$P_SRV force_version=tls13" \ + "$P_SRV" \ "$P_CLI request_size=16384 \ force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 0 \ @@ -8439,14 +8429,14 @@ run_test "Large server packet TLS 1.2 AEAD shorter tag" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large server packet TLS 1.3 AEAD" \ - "$P_SRV response_size=16384 force_version=tls13" \ + "$P_SRV response_size=16384" \ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 0 \ -c "Read from server: 16384 bytes read" requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large server packet TLS 1.3 AEAD shorter tag" \ - "$P_SRV response_size=16384 force_version=tls13" \ + "$P_SRV response_size=16384" \ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 0 \ -c "Read from server: 16384 bytes read" @@ -8457,9 +8447,8 @@ run_test "Large server packet TLS 1.3 AEAD shorter tag" \ requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "EC restart: TLS, default" \ - "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1" \ @@ -8471,9 +8460,8 @@ run_test "EC restart: TLS, default" \ requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "EC restart: TLS, max_ops=0" \ - "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=0" \ @@ -8485,9 +8473,8 @@ run_test "EC restart: TLS, max_ops=0" \ requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "EC restart: TLS, max_ops=65535" \ - "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=65535" \ @@ -8500,10 +8487,9 @@ run_test "EC restart: TLS, max_ops=65535" \ # With USE_PSA disabled we expect full restartable behaviour. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=1000" \ @@ -8517,10 +8503,9 @@ run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \ # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=1000" \ @@ -8534,9 +8519,8 @@ run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \ # we abort as soon as we determined the cert is bad. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "EC restart: TLS, max_ops=1000, badsign" \ - "$P_SRV curves=secp256r1 auth_mode=required \ + "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -8554,10 +8538,9 @@ run_test "EC restart: TLS, max_ops=1000, badsign" \ # With USE_PSA disabled we expect full restartable behaviour. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required \ + "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -8576,10 +8559,9 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_P # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required \ + "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -8597,10 +8579,9 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA) # With USE_PSA disabled we expect full restartable behaviour. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required \ + "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -8619,10 +8600,9 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)" # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required \ + "$P_SRV groups=secp256r1 auth_mode=required \ crt_file=data_files/server5-badsign.crt \ key_file=data_files/server5.key" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ @@ -8640,10 +8620,9 @@ run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \ # With USE_PSA disabled we expect full restartable behaviour. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required dtls=1" \ + "$P_SRV groups=secp256r1 auth_mode=required dtls=1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ dtls=1 debug_level=1 ec_max_ops=1000" \ @@ -8657,10 +8636,9 @@ run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \ # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \ - "$P_SRV curves=secp256r1 auth_mode=required dtls=1" \ + "$P_SRV groups=secp256r1 auth_mode=required dtls=1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ dtls=1 debug_level=1 ec_max_ops=1000" \ @@ -8673,10 +8651,9 @@ run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \ # With USE_PSA disabled we expect full restartable behaviour. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \ - "$P_SRV curves=secp256r1" \ + "$P_SRV groups=secp256r1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ debug_level=1 ec_max_ops=1000" \ 0 \ @@ -8690,10 +8667,9 @@ run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \ # everything except ECDH (where TLS calls PSA directly). requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \ - "$P_SRV curves=secp256r1" \ + "$P_SRV groups=secp256r1" \ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ debug_level=1 ec_max_ops=1000" \ 0 \ @@ -8708,9 +8684,8 @@ run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \ # and all 4 assertions negated. requires_config_enabled MBEDTLS_ECP_RESTARTABLE requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "EC restart: TLS, max_ops=1000, ECDHE-RSA" \ - "$P_SRV curves=secp256r1 auth_mode=required" \ + "$P_SRV groups=secp256r1 auth_mode=required" \ "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ key_file=data_files/server5.key crt_file=data_files/server5.crt \ debug_level=1 ec_max_ops=1000" \ @@ -8723,9 +8698,8 @@ run_test "EC restart: TLS, max_ops=1000, ECDHE-RSA" \ # Tests of asynchronous private key support in SSL requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, delay=0" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=0 async_private_delay2=0" \ "$P_CLI" \ 0 \ @@ -8733,9 +8707,8 @@ run_test "SSL async private: sign, delay=0" \ -s "Async resume (slot [0-9]): sign done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, delay=1" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1" \ "$P_CLI" \ 0 \ @@ -8744,9 +8717,8 @@ run_test "SSL async private: sign, delay=1" \ -s "Async resume (slot [0-9]): sign done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, delay=2" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=2 async_private_delay2=2" \ "$P_CLI" \ 0 \ @@ -8758,9 +8730,8 @@ run_test "SSL async private: sign, delay=2" \ requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_disabled MBEDTLS_X509_REMOVE_INFO -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, SNI" \ - "$P_SRV debug_level=3 \ + "$P_SRV force_version=tls12 debug_level=3 \ async_operations=s async_private_delay1=0 async_private_delay2=0 \ crt_file=data_files/server5.crt key_file=data_files/server5.key \ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ @@ -8773,7 +8744,6 @@ run_test "SSL async private: sign, SNI" \ -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt, delay=0" \ "$P_SRV \ async_operations=d async_private_delay1=0 async_private_delay2=0" \ @@ -8783,7 +8753,6 @@ run_test "SSL async private: decrypt, delay=0" \ -s "Async resume (slot [0-9]): decrypt done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt, delay=1" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1" \ @@ -8794,7 +8763,6 @@ run_test "SSL async private: decrypt, delay=1" \ -s "Async resume (slot [0-9]): decrypt done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt RSA-PSK, delay=0" \ "$P_SRV psk=abc123 \ async_operations=d async_private_delay1=0 async_private_delay2=0" \ @@ -8805,7 +8773,6 @@ run_test "SSL async private: decrypt RSA-PSK, delay=0" \ -s "Async resume (slot [0-9]): decrypt done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt RSA-PSK, delay=1" \ "$P_SRV psk=abc123 \ async_operations=d async_private_delay1=1 async_private_delay2=1" \ @@ -8817,11 +8784,10 @@ run_test "SSL async private: decrypt RSA-PSK, delay=1" \ -s "Async resume (slot [0-9]): decrypt done, status=0" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign callback not present" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1" \ - "$P_CLI; [ \$? -eq 1 ] && + "$P_CLI force_version=tls12; [ \$? -eq 1 ] && $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 0 \ -S "Async sign callback" \ @@ -8831,12 +8797,11 @@ run_test "SSL async private: sign callback not present" \ -s "Successful connection" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt callback not present" \ "$P_SRV debug_level=1 \ async_operations=s async_private_delay1=1 async_private_delay2=1" \ "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA; - [ \$? -eq 1 ] && $P_CLI" \ + [ \$? -eq 1 ] && $P_CLI force_version=tls12" \ 0 \ -S "Async decrypt callback" \ -s "! mbedtls_ssl_handshake returned" \ @@ -8846,7 +8811,6 @@ run_test "SSL async private: decrypt callback not present" \ # key1: ECDSA, key2: RSA; use key1 from slot 0 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: slot 0 used with key1" \ "$P_SRV \ async_operations=s async_private_delay1=1 \ @@ -8860,7 +8824,6 @@ run_test "SSL async private: slot 0 used with key1" \ # key1: ECDSA, key2: RSA; use key2 from slot 0 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: slot 0 used with key2" \ "$P_SRV \ async_operations=s async_private_delay2=1 \ @@ -8874,7 +8837,6 @@ run_test "SSL async private: slot 0 used with key2" \ # key1: ECDSA, key2: RSA; use key2 from slot 1 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: slot 1 used with key2" \ "$P_SRV \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ @@ -8888,7 +8850,6 @@ run_test "SSL async private: slot 1 used with key2" \ # key1: ECDSA, key2: RSA; use key2 directly requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: fall back to transparent key" \ "$P_SRV \ async_operations=s async_private_delay1=1 \ @@ -8899,9 +8860,8 @@ run_test "SSL async private: fall back to transparent key" \ -s "Async sign callback: no key matches this certificate." requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, error in start" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ async_private_error=1" \ "$P_CLI" \ @@ -8912,9 +8872,8 @@ run_test "SSL async private: sign, error in start" \ -s "! mbedtls_ssl_handshake returned" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, cancel after start" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ async_private_error=2" \ "$P_CLI" \ @@ -8924,9 +8883,8 @@ run_test "SSL async private: sign, cancel after start" \ -s "Async cancel" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: sign, error in resume" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ async_private_error=3" \ "$P_CLI" \ @@ -8937,7 +8895,6 @@ run_test "SSL async private: sign, error in resume" \ -s "! mbedtls_ssl_handshake returned" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt, error in start" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ @@ -8950,7 +8907,6 @@ run_test "SSL async private: decrypt, error in start" \ -s "! mbedtls_ssl_handshake returned" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt, cancel after start" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ @@ -8962,7 +8918,6 @@ run_test "SSL async private: decrypt, cancel after start" \ -s "Async cancel" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: decrypt, error in resume" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ @@ -8975,9 +8930,8 @@ run_test "SSL async private: decrypt, error in resume" \ -s "! mbedtls_ssl_handshake returned" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: cancel after start then operate correctly" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ async_private_error=-2" \ "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ @@ -8988,9 +8942,8 @@ run_test "SSL async private: cancel after start then operate correctly" \ -s "Successful connection" requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: error in resume then operate correctly" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ async_private_error=-3" \ "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ @@ -9001,7 +8954,10 @@ run_test "SSL async private: error in resume then operate correctly" \ # key1: ECDSA, key2: RSA; use key1 through async, then key2 directly requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +# Note: the function "detect_required_features()" is not able to detect more than +# one "force_ciphersuite" per client/server and it only picks the 2nd one. +# Therefore the 1st one is added explicitly here +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED run_test "SSL async private: cancel after start then fall back to transparent key" \ "$P_SRV \ async_operations=s async_private_delay1=1 async_private_error=-2 \ @@ -9020,7 +8976,10 @@ run_test "SSL async private: cancel after start then fall back to transparent # key1: ECDSA, key2: RSA; use key1 through async, then key2 directly requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +# Note: the function "detect_required_features()" is not able to detect more than +# one "force_ciphersuite" per client/server and it only picks the 2nd one. +# Therefore the 1st one is added explicitly here +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED run_test "SSL async private: sign, error in resume then fall back to transparent key" \ "$P_SRV \ async_operations=s async_private_delay1=1 async_private_error=-3 \ @@ -9037,9 +8996,8 @@ run_test "SSL async private: sign, error in resume then fall back to transpar requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: renegotiation: client-initiated, sign" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ exchanges=2 renegotiation=1" \ "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \ @@ -9049,9 +9007,8 @@ run_test "SSL async private: renegotiation: client-initiated, sign" \ requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: renegotiation: server-initiated, sign" \ - "$P_SRV \ + "$P_SRV force_version=tls12 \ async_operations=s async_private_delay1=1 async_private_delay2=1 \ exchanges=2 renegotiation=1 renegotiate=1" \ "$P_CLI exchanges=2 renegotiation=1" \ @@ -9061,7 +9018,6 @@ run_test "SSL async private: renegotiation: server-initiated, sign" \ requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: renegotiation: client-initiated, decrypt" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ @@ -9074,7 +9030,6 @@ run_test "SSL async private: renegotiation: client-initiated, decrypt" \ requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "SSL async private: renegotiation: server-initiated, decrypt" \ "$P_SRV \ async_operations=d async_private_delay1=1 async_private_delay2=1 \ @@ -9091,7 +9046,6 @@ requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Force a non ECC ciphersuite in the client side" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ @@ -9105,7 +9059,6 @@ requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Force a non ECC ciphersuite in the server side" \ "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ "$P_CLI debug_level=3" \ @@ -9116,8 +9069,6 @@ run_test "Force a non ECC ciphersuite in the server side" \ requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Force an ECC ciphersuite in the client side" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ @@ -9130,8 +9081,6 @@ run_test "Force an ECC ciphersuite in the client side" \ requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Force an ECC ciphersuite in the server side" \ "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ "$P_CLI debug_level=3" \ @@ -9284,7 +9233,6 @@ run_test "DTLS client auth: none, client has no cert" \ -c "skip write certificate$" \ -s "! Certificate verification was skipped" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS wrong PSK: badmac alert" \ "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \ "$P_CLI dtls=1 psk=abc124" \ @@ -9370,7 +9318,7 @@ run_test "DTLS reassembly: no fragmentation (openssl server)" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS reassembly: some fragmentation (openssl server)" \ - "$O_SRV -dtls -mtu 768" \ + "$O_SRV -dtls -mtu 256" \ "$P_CLI dtls=1 debug_level=2" \ 0 \ -c "found fragmented DTLS handshake message" \ @@ -9406,7 +9354,6 @@ run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9428,7 +9375,6 @@ run_test "DTLS fragmenting: none (for reference)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9454,7 +9400,6 @@ run_test "DTLS fragmenting: server only (max_frag_len)" \ # `client-initiated, server only (max_frag_len)` below. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9476,7 +9421,6 @@ run_test "DTLS fragmenting: server only (more) (max_frag_len)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9505,7 +9449,6 @@ run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \ # negotiated MFL are sent. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9528,7 +9471,6 @@ run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), pro requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9557,7 +9499,6 @@ run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \ # negotiated MFL are sent. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 @@ -9580,7 +9521,6 @@ run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: none (for reference) (MTU)" \ @@ -9601,7 +9541,6 @@ run_test "DTLS fragmenting: none (for reference) (MTU)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 4096 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: client (MTU)" \ @@ -9622,7 +9561,6 @@ run_test "DTLS fragmenting: client (MTU)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: server (MTU)" \ @@ -9643,7 +9581,6 @@ run_test "DTLS fragmenting: server (MTU)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: both (MTU=1024)" \ @@ -9666,13 +9603,10 @@ run_test "DTLS fragmenting: both (MTU=1024)" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: both (MTU=512)" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9700,12 +9634,9 @@ run_test "DTLS fragmenting: both (MTU=512)" \ not_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ -p "$P_PXY mtu=508" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9726,12 +9657,9 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ only_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ -p "$P_PXY mtu=508" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9754,7 +9682,6 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ @@ -9782,12 +9709,9 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9810,7 +9734,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 2048 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ @@ -9835,12 +9758,9 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9873,12 +9793,9 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ -p "$P_PXY mtu=1450" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9903,13 +9820,10 @@ run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_CHACHAPOLY_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9936,14 +9850,11 @@ run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ -p "$P_PXY mtu=512" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -9970,14 +9881,11 @@ run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CCM_C requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -10004,15 +9912,12 @@ run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -10039,14 +9944,11 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_CIPHER_MODE_CBC requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ -p "$P_PXY mtu=1024" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -10071,13 +9973,10 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C client_needs_more_time 2 requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU + 3d" \ -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \ @@ -10097,13 +9996,10 @@ run_test "DTLS fragmenting: proxy MTU + 3d" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED requires_config_enabled MBEDTLS_AES_C requires_config_enabled MBEDTLS_GCM_C client_needs_more_time 2 requires_max_content_len 2048 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ "$P_SRV dtls=1 debug_level=2 auth_mode=required \ @@ -10126,7 +10022,6 @@ run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ # pleases other implementations, so we don't need the peer to fragment requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_gnutls requires_max_content_len 2048 run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ @@ -10148,7 +10043,6 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ # GnuTLS continue the connection nonetheless. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_gnutls requires_not_i686 requires_max_content_len 2048 @@ -10163,7 +10057,6 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 2048 run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ "$O_SRV -dtls1_2 -verify 10" \ @@ -10177,7 +10070,6 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C requires_max_content_len 2048 run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ "$P_SRV dtls=1 debug_level=2 \ @@ -10195,7 +10087,6 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ @@ -10212,7 +10103,6 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ @@ -10230,7 +10120,6 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ requires_openssl_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ @@ -10249,7 +10138,6 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ skip_next_test requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C client_needs_more_time 4 requires_max_content_len 2048 run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ @@ -11137,7 +11025,6 @@ run_test "DTLS reordering: Buffer encrypted Finished message" \ # handshake, omitting CRTs. requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 190 requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 230 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \ -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \ "$P_SRV mtu=140 response_size=90 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \ @@ -11152,7 +11039,6 @@ run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragme # Tests for "randomly unreliable connection": try a variety of flows and peers client_needs_more_time 2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -11164,7 +11050,6 @@ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ -c "HTTP/1.0 200 OK" client_needs_more_time 2 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ @@ -11226,7 +11111,6 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \ -c "HTTP/1.0 200 OK" client_needs_more_time 4 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "DTLS proxy: 3d, min handshake, resumption" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ @@ -11242,7 +11126,6 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \ -c "HTTP/1.0 200 OK" client_needs_more_time 4 -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ @@ -11259,7 +11142,6 @@ run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ client_needs_more_time 4 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -11275,7 +11157,6 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ client_needs_more_time 4 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -11291,7 +11172,6 @@ run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ client_needs_more_time 4 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -11308,7 +11188,6 @@ run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ client_needs_more_time 4 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ @@ -11398,7 +11277,7 @@ run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "export keys functionality" \ "$P_SRV eap_tls=1 debug_level=3" \ - "$P_CLI eap_tls=1 debug_level=3" \ + "$P_CLI force_version=tls12 eap_tls=1 debug_level=3" \ 0 \ -c "EAP-TLS key material is:"\ -s "EAP-TLS key material is:"\ @@ -11426,7 +11305,21 @@ run_test "TLS 1.3: Test gnutls tls1_3 feature" \ -c "Version: TLS1.3" # TLS1.3 test cases -requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_ciphersuite_enabled TLS1-3-CHACHA20-POLY1305-SHA256 +requires_any_configs_enabled "PSA_WANT_ECC_MONTGOMERY_255" +requires_any_configs_enabled "PSA_WANT_ECC_SECP_R1_256" +run_test "TLS 1.3: Default" \ + "$P_SRV allow_sha1=0 debug_level=3 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13" \ + "$P_CLI allow_sha1=0" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "Ciphersuite is TLS1-3-CHACHA20-POLY1305-SHA256" \ + -s "ECDH/FFDH group: " \ + -s "selected signature algorithm ecdsa_secp256r1_sha256" + +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -11446,8 +11339,8 @@ run_test "TLS 1.3: minimal feature sets - openssl" \ -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ -c "<= ssl_tls13_process_server_hello" \ - -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ - -c "ECDH curve: x25519" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "DHE group name: " \ -c "=> ssl_tls13_process_server_hello" \ -c "<= parse encrypted extensions" \ -c "Certificate verification flags clear" \ @@ -11480,8 +11373,8 @@ run_test "TLS 1.3: minimal feature sets - gnutls" \ -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ -c "<= ssl_tls13_process_server_hello" \ - -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ - -c "ECDH curve: x25519" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "DHE group name: " \ -c "=> ssl_tls13_process_server_hello" \ -c "<= parse encrypted extensions" \ -c "Certificate verification flags clear" \ @@ -11492,7 +11385,7 @@ run_test "TLS 1.3: minimal feature sets - gnutls" \ -c "Protocol is TLSv1.3" \ -c "HTTP/1.0 200 OK" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_ALPN @@ -11513,8 +11406,8 @@ run_test "TLS 1.3: alpn - openssl" \ -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ -c "<= ssl_tls13_process_server_hello" \ - -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ - -c "ECDH curve: x25519" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "DHE group name: " \ -c "=> ssl_tls13_process_server_hello" \ -c "<= parse encrypted extensions" \ -c "Certificate verification flags clear" \ @@ -11549,8 +11442,8 @@ run_test "TLS 1.3: alpn - gnutls" \ -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ -c "<= ssl_tls13_process_server_hello" \ - -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ - -c "ECDH curve: x25519" \ + -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ + -c "DHE group name: " \ -c "=> ssl_tls13_process_server_hello" \ -c "<= parse encrypted extensions" \ -c "Certificate verification flags clear" \ @@ -11562,13 +11455,13 @@ run_test "TLS 1.3: alpn - gnutls" \ -c "HTTP/1.0 200 OK" \ -c "Application Layer Protocol is h2" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_ALPN requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: server alpn - openssl" \ - "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 alpn=h2" \ + "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key alpn=h2" \ "$O_NEXT_CLI -msg -tls1_3 -no_middlebox -alpn h2" \ 0 \ -s "found alpn extension" \ @@ -11583,7 +11476,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_ALPN requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: server alpn - gnutls" \ - "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 alpn=h2" \ + "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key alpn=h2" \ "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V --alpn h2" \ 0 \ -s "found alpn extension" \ @@ -11674,7 +11567,7 @@ run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.2" \ -S "Version: TLS1.2" \ -C "Protocol : TLSv1.2" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -11706,7 +11599,7 @@ run_test "TLS 1.3: Client authentication, no client certificate - gnutls" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED @@ -11734,7 +11627,7 @@ run_test "TLS 1.3: Client authentication, no server middlebox compat - gnutls -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -11765,7 +11658,7 @@ run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - gnutls" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -11796,7 +11689,7 @@ run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - gnutls" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -11827,7 +11720,7 @@ run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - gnutls" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -11860,7 +11753,7 @@ run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - gnutls" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -11868,7 +11761,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ - "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \ + "$P_CLI debug_level=4 crt_file=data_files/cert_sha256.crt \ key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384" \ 0 \ -c "got a certificate request" \ @@ -11885,7 +11778,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ - "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \ + "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384" \ 0 \ -c "got a certificate request" \ @@ -11893,7 +11786,7 @@ run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - gnutls" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -11901,7 +11794,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ - "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \ + "$P_CLI debug_level=4 crt_file=data_files/cert_sha256.crt \ key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512" \ 0 \ -c "got a certificate request" \ @@ -11918,7 +11811,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ - "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \ + "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512" \ 0 \ -c "got a certificate request" \ @@ -11926,7 +11819,7 @@ run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - gnutls" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -11941,8 +11834,7 @@ run_test "TLS 1.3: Client authentication, client alg not in server list - ope -c "got a certificate request" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ - -c "no suitable signature algorithm" \ - -C "unknown pk type" + -c "no suitable signature algorithm" requires_gnutls_tls1_3 requires_gnutls_next_no_ticket @@ -11959,11 +11851,10 @@ run_test "TLS 1.3: Client authentication, client alg not in server list - gnu -c "got a certificate request" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ - -c "no suitable signature algorithm" \ - -C "unknown pk type" + -c "no suitable signature algorithm" # Test using an opaque private key for client authentication -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -11993,7 +11884,7 @@ run_test "TLS 1.3: Client authentication - opaque key, no server middlebox co -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -12026,7 +11917,7 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -12059,7 +11950,7 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_USE_PSA_CRYPTO @@ -12092,7 +11983,7 @@ run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -12127,7 +12018,7 @@ run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -12136,7 +12027,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ - "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \ + "$P_CLI debug_level=4 crt_file=data_files/cert_sha256.crt \ key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384 key_opaque=1" \ 0 \ -c "got a certificate request" \ @@ -12154,7 +12045,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ - "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \ + "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384 key_opaque=1" \ 0 \ -c "got a certificate request" \ @@ -12162,7 +12053,7 @@ run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -12171,7 +12062,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \ "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ - "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \ + "$P_CLI debug_level=4 crt_file=data_files/cert_sha256.crt \ key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512 key_opaque=1" \ 0 \ -c "got a certificate request" \ @@ -12189,7 +12080,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ - "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \ + "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \ key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512 key_opaque=1" \ 0 \ -c "got a certificate request" \ @@ -12197,7 +12088,7 @@ run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ -c "Protocol is TLSv1.3" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_RSA_C @@ -12213,8 +12104,7 @@ run_test "TLS 1.3: Client authentication - opaque key, client alg not in serv -c "got a certificate request" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ - -c "no suitable signature algorithm" \ - -C "unkown pk type" + -c "no suitable signature algorithm" requires_gnutls_tls1_3 requires_gnutls_next_no_ticket @@ -12232,10 +12122,9 @@ run_test "TLS 1.3: Client authentication - opaque key, client alg not in serv -c "got a certificate request" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ - -c "no suitable signature algorithm" \ - -C "unkown pk type" + -c "no suitable signature algorithm" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -12250,7 +12139,7 @@ run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - openssl" \ -c "Protocol is TLSv1.3" \ -c "HTTP/1.0 200 ok" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -12269,6 +12158,7 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled PSA_WANT_ALG_ECDH requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - gnutls" \ @@ -12285,6 +12175,7 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled PSA_WANT_ALG_ECDH requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - gnutls" \ @@ -12297,12 +12188,12 @@ run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - gnutls" \ -c "Protocol is TLSv1.3" \ -c "HTTP/1.0 200 OK" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - openssl" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$O_NEXT_CLI -msg -debug -tls1_3 -no_middlebox" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ @@ -12314,12 +12205,12 @@ run_test "TLS 1.3: Server side check - openssl" \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \ -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - openssl with client authentication" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$O_NEXT_CLI -msg -debug -cert data_files/server5.crt -key data_files/server5.key -tls1_3 -no_middlebox" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ @@ -12339,7 +12230,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - gnutls" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ @@ -12358,7 +12249,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - gnutls with client authentication" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$G_NEXT_CLI localhost -d 4 --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ @@ -12377,8 +12268,8 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - mbedtls" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ - "$P_CLI debug_level=4 force_version=tls13" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ + "$P_CLI debug_level=4" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ @@ -12396,8 +12287,8 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - mbedtls with client authentication" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ - "$P_CLI debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13" \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ + "$P_CLI debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ @@ -12413,8 +12304,8 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - mbedtls with client empty certificate" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ - "$P_CLI debug_level=4 crt_file=none key_file=none force_version=tls13" \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ + "$P_CLI debug_level=4 crt_file=none key_file=none" \ 1 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ @@ -12431,8 +12322,8 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - mbedtls with optional client authentication" \ - "$P_SRV debug_level=4 auth_mode=optional crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ - "$P_CLI debug_level=4 force_version=tls13 crt_file=none key_file=none" \ + "$P_SRV debug_level=4 auth_mode=optional crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ + "$P_CLI debug_level=4 crt_file=none key_file=none" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ @@ -12447,9 +12338,10 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled PSA_WANT_ALG_ECDH run_test "TLS 1.3: server: HRR check - mbedtls" \ - "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1" \ - "$P_CLI debug_level=4 force_version=tls13 curves=secp256r1,secp384r1" \ + "$P_SRV debug_level=4 groups=secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ @@ -12465,19 +12357,19 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check, no server certificate available" \ - "$P_SRV debug_level=4 crt_file=none key_file=none force_version=tls13" \ - "$P_CLI debug_level=4 force_version=tls13" \ + "$P_SRV debug_level=4 crt_file=none key_file=none" \ + "$P_CLI debug_level=4" \ 1 \ -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ -s "No certificate available." -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - openssl with sni" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0 \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0 \ sni=localhost,data_files/server5.crt,data_files/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ "$O_NEXT_CLI -msg -debug -servername localhost -CAfile data_files/test-ca_cat12.crt -cert data_files/server5.crt -key data_files/server5.key -tls1_3" \ 0 \ @@ -12490,7 +12382,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - gnutls with sni" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0 \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0 \ sni=localhost,data_files/server5.crt,data_files/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ "$G_NEXT_CLI localhost -d 4 --sni-hostname=localhost --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS -V" \ 0 \ @@ -12503,10 +12395,9 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Server side check - mbedtls with sni" \ - "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0 \ + "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0 \ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ - "$P_CLI debug_level=4 server_name=localhost crt_file=data_files/server5.crt key_file=data_files/server5.key \ - force_version=tls13" \ + "$P_CLI debug_level=4 server_name=localhost crt_file=data_files/server5.crt key_file=data_files/server5.key" \ 0 \ -s "parse ServerName extension" \ -s "HTTP/1.0 200 OK" @@ -12526,7 +12417,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m both peers do not support middlebox compatibility" \ - "$P_SRV debug_level=4 force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 tickets=0" \ "$P_CLI debug_level=4" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12540,7 +12431,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m both with middlebox compat support" \ - "$P_SRV debug_level=4 force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 tickets=0" \ "$P_CLI debug_level=4" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12548,7 +12439,7 @@ run_test "TLS 1.3 m->m both with middlebox compat support" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -12561,7 +12452,7 @@ run_test "TLS 1.3 m->O both peers do not support middlebox compatibility" \ -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \ -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -12572,7 +12463,7 @@ run_test "TLS 1.3 m->O server with middlebox compat support, not client" \ 1 \ -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -12624,38 +12515,38 @@ run_test "TLS 1.3 m->G both with middlebox compat support" \ -c "Protocol is TLSv1.3" \ -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m both peers do not support middlebox compatibility" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$O_NEXT_CLI -msg -debug -no_middlebox" \ 0 \ -s "Protocol is TLSv1.3" \ -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ -C "14 03 03 00 01" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m server with middlebox compat support, not client" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$O_NEXT_CLI -msg -debug -no_middlebox" \ 0 \ -s "Protocol is TLSv1.3" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m both with middlebox compat support" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$O_NEXT_CLI -msg -debug" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12670,7 +12561,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m both peers do not support middlebox compatibility" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$G_NEXT_CLI localhost --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12685,7 +12576,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m server with middlebox compat support, not client" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12701,7 +12592,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m both with middlebox compat support" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=0" \ "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12714,8 +12605,8 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m HRR both peers do not support middlebox compatibility" \ - "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1 tickets=0" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_SRV debug_level=4 groups=secp384r1 tickets=0" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -c "Protocol is TLSv1.3" \ @@ -12726,11 +12617,12 @@ run_test "TLS 1.3 m->m HRR both peers do not support middlebox compatibility" requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled PSA_WANT_ALG_ECDH requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->m HRR both with middlebox compat support" \ - "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1 tickets=0" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_SRV debug_level=4 groups=secp384r1 tickets=0" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -s "Protocol is TLSv1.3" \ -c "Protocol is TLSv1.3" \ @@ -12738,40 +12630,40 @@ run_test "TLS 1.3 m->m HRR both with middlebox compat support" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->O HRR both peers do not support middlebox compatibility" \ "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -no_middlebox -num_tickets 0 -no_cache" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -c "Protocol is TLSv1.3" \ -c "received HelloRetryRequest message" \ -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \ -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->O HRR server with middlebox compat support, not client" \ "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_cache" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 1 \ -c "received HelloRetryRequest message" \ -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->O HRR both with middlebox compat support" \ "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_resume_ephemeral -no_cache" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -c "Protocol is TLSv1.3" \ -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" @@ -12785,7 +12677,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->G HRR both peers do not support middlebox compatibility" \ "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -c "Protocol is TLSv1.3" \ -c "received HelloRetryRequest message" \ @@ -12800,7 +12692,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->G HRR server with middlebox compat support, not client" \ "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 1 \ -c "received HelloRetryRequest message" \ -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" @@ -12809,47 +12701,48 @@ requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled PSA_WANT_ALG_ECDH requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 m->G HRR both with middlebox compat support" \ "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \ - "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \ + "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 0 \ -c "Protocol is TLSv1.3" \ -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m HRR both peers do not support middlebox compatibility" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key groups=secp384r1 tickets=0" \ "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \ 0 \ -s "Protocol is TLSv1.3" \ -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ -C "14 03 03 00 01" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m HRR server with middlebox compat support, not client" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key groups=secp384r1 tickets=0" \ "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \ 0 \ -s "Protocol is TLSv1.3" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 O->m HRR both with middlebox compat support" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key groups=secp384r1 tickets=0" \ "$O_NEXT_CLI -msg -debug -groups P-256:P-384" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12864,7 +12757,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m HRR both peers do not support middlebox compatibility" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key groups=secp384r1 tickets=0" \ "$G_NEXT_CLI localhost --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12876,10 +12769,11 @@ requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled PSA_WANT_ALG_ECDH requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m HRR server with middlebox compat support, not client" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key groups=secp384r1 tickets=0" \ "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Protocol is TLSv1.3" \ @@ -12892,17 +12786,18 @@ requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled PSA_WANT_ALG_ECDH requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m HRR both with middlebox compat support" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key groups=secp384r1 tickets=0" \ "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 0 \ -s "Protocol is TLSv1.3" \ -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ -c "SSL 3.3 ChangeCipherSpec packet received" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -12940,7 +12835,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check signature algorithm order, m->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ @@ -12953,13 +12848,13 @@ run_test "TLS 1.3: Check signature algorithm order, m->m" \ -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" \ -c "HTTP/1.0 200 [Oo][Kk]" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check signature algorithm order, O->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ @@ -12977,7 +12872,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check signature algorithm order, G->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ @@ -12996,7 +12891,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check server no suitable signature algorithm, G->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256 " \ @@ -13006,13 +12901,13 @@ run_test "TLS 1.3: Check server no suitable signature algorithm, G->m" \ 1 \ -S "ssl_tls13_pick_key_cert:check signature algorithm" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check server no suitable signature algorithm, O->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256" \ @@ -13028,7 +12923,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check server no suitable signature algorithm, m->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256 " \ @@ -13043,7 +12938,7 @@ requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check server no suitable certificate, G->m" \ - "$P_SRV debug_level=4 force_version=tls13 + "$P_SRV debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \ @@ -13051,13 +12946,13 @@ run_test "TLS 1.3: Check server no suitable certificate, G->m" \ 1 \ -s "ssl_tls13_pick_key_cert:no suitable certificate found" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_SRV_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check server no suitable certificate, O->m" \ - "$P_SRV debug_level=4 force_version=tls13 + "$P_SRV debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \ @@ -13071,7 +12966,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check server no suitable certificate, m->m" \ - "$P_SRV debug_level=4 force_version=tls13 + "$P_SRV debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ "$P_CLI allow_sha1=0 debug_level=4 \ @@ -13079,7 +12974,7 @@ run_test "TLS 1.3: Check server no suitable certificate, m->m" \ 1 \ -s "ssl_tls13_pick_key_cert:no suitable certificate found" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -13113,7 +13008,7 @@ requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "TLS 1.3: Check client no signature algorithm, m->m" \ - "$P_SRV debug_level=4 force_version=tls13 auth_mode=required + "$P_SRV debug_level=4 auth_mode=required crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key crt_file=data_files/server5.crt key_file=data_files/server5.key sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp521r1_sha512" \ @@ -13122,7 +13017,7 @@ run_test "TLS 1.3: Check client no signature algorithm, m->m" \ 1 \ -c "no suitable signature algorithm" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ @@ -13155,7 +13050,7 @@ run_test "TLS 1.3: NewSessionTicket: Basic check, m->G" \ -c "HTTP/1.0 200 OK" \ -s "This is a resumed session" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_DEBUG_C @@ -13166,7 +13061,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ # Until now, OpenSSL client does not support reconnect. skip_next_test run_test "TLS 1.3: NewSessionTicket: Basic check, O->m" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=4" \ "$O_NEXT_CLI -msg -debug -tls1_3 -reconnect" \ 0 \ -s "=> write NewSessionTicket msg" \ @@ -13181,7 +13076,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: NewSessionTicket: Basic check, G->m" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=4" \ "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -r" \ 0 \ -c "Connecting again- trying to resume previous session" \ @@ -13193,6 +13088,31 @@ run_test "TLS 1.3: NewSessionTicket: Basic check, G->m" \ -s "key exchange mode: psk_ephemeral" \ -s "found pre_shared_key extension" +requires_gnutls_tls1_3 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +# Test the session resumption when the cipher suite for the original session is +# TLS1-3-AES-256-GCM-SHA384. In that case, the PSK is 384 bits long and not +# 256 bits long as with all the other TLS 1.3 cipher suites. +requires_ciphersuite_enabled TLS1-3-AES-256-GCM-SHA384 +run_test "TLS 1.3: NewSessionTicket: Basic check with AES-256-GCM only, G->m" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \ + "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM -V -r" \ + 0 \ + -c "Connecting again- trying to resume previous session" \ + -c "NEW SESSION TICKET (4) was received" \ + -s "Ciphersuite is TLS1-3-AES-256-GCM-SHA384" \ + -s "=> write NewSessionTicket msg" \ + -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \ + -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \ + -s "key exchange mode: ephemeral" \ + -s "key exchange mode: psk_ephemeral" \ + -s "found pre_shared_key extension" + requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -13201,7 +13121,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: NewSessionTicket: Basic check, m->m" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=4" \ "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \ 0 \ -c "Protocol is TLSv1.3" \ @@ -13216,7 +13136,7 @@ run_test "TLS 1.3: NewSessionTicket: Basic check, m->m" \ -s "key exchange mode: psk_ephemeral" \ -s "found pre_shared_key extension" -requires_openssl_tls1_3 +requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C @@ -13255,7 +13175,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: NewSessionTicket: servername check, m->m" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=4 \ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ "$P_CLI debug_level=4 server_name=localhost reco_mode=1 reconnect=1" \ 0 \ @@ -13279,7 +13199,7 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \ - "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \ + "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key tickets=4 \ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \ "$P_CLI debug_level=4 server_name=localhost reco_server_name=remote reco_mode=1 reconnect=1" \ 1 \ @@ -13292,6 +13212,187 @@ run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \ -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \ -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe3072 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE3072:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe3072(0101)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE3072:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe3072" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe3072 ( 101 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe4096 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE4096:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe4096(0102)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE4096:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe4096" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe4096 ( 102 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe6144 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE6144:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe6144(0103)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE6144:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe6144" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe6144 ( 103 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +client_needs_more_time 4 +run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \ + "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe8192 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ + "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE8192:+VERS-TLS1.3:%NO_TICKETS" \ + 0 \ + -s "Protocol is TLSv1.3" \ + -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ + -s "received signature algorithm: 0x804" \ + -s "got named group: ffdhe8192(0104)" \ + -s "Certificate verification was skipped" \ + -C "received HelloRetryRequest message" + +requires_gnutls_tls1_3 +requires_gnutls_next_no_ticket +requires_gnutls_next_disable_tls13_compat +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT +requires_config_enabled PSA_WANT_ALG_FFDH +client_needs_more_time 4 +run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \ + "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE8192:+VERS-TLS1.3:%NO_TICKETS" \ + "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe8192" \ + 0 \ + -c "HTTP/1.0 200 OK" \ + -c "Protocol is TLSv1.3" \ + -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ + -c "Certificate Verify: Signature algorithm ( 0804 )" \ + -c "NamedGroup: ffdhe8192 ( 104 )" \ + -c "Verifying peer X.509 certificate... ok" \ + -C "received HelloRetryRequest message" + +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_SRV_C +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "TLS 1.3: no HRR in case of PSK key exchange mode" \ + "$P_SRV nbio=2 psk=010203 psk_identity=0a0b0c tls13_kex_modes=psk groups=none" \ + "$P_CLI nbio=2 debug_level=3 psk=010203 psk_identity=0a0b0c tls13_kex_modes=all" \ + 0 \ + -C "received HelloRetryRequest message" \ + -c "Selected key exchange mode: psk$" \ + -c "HTTP/1.0 200 OK" + # Test heap memory usage after handshake requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_MEMORY_DEBUG @@ -13312,4 +13413,9 @@ fi PASSES=$(( $TESTS - $FAILS )) echo " ($PASSES / $TESTS tests ($SKIPS skipped))" +if [ $FAILS -gt 255 ]; then + # Clamp at 255 as caller gets exit code & 0xFF + # (so 256 would be 0, or success, etc) + FAILS=255 +fi exit $FAILS diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 313459e4f..86ff5b489 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -2,13 +2,18 @@ /*----------------------------------------------------------------------------*/ /* Headers */ +#include #include #include #include #include #include +#include +#include +#include #include +#include #if defined(MBEDTLS_ERROR_C) #include "mbedtls/error.h" @@ -19,23 +24,6 @@ #include "mbedtls/memory_buffer_alloc.h" #endif -#ifdef _MSC_VER -#include -typedef UINT8 uint8_t; -typedef INT32 int32_t; -typedef UINT32 uint32_t; -#define strncasecmp _strnicmp -#define strcasecmp _stricmp -#else -#include -#endif - -#include - -#if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) || defined(__MINGW32__) -#include -#endif - #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) #include #endif @@ -76,25 +64,6 @@ typedef UINT32 uint32_t; /*----------------------------------------------------------------------------*/ /* Helper Functions */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -/** Check that no PSA Crypto key slots are in use. - * - * If any slots are in use, mark the current test as failed. - * - * \return 0 if the key store is empty, 1 otherwise. - */ -int test_fail_if_psa_leaking(int line_no, const char *filename) -{ - const char *msg = mbedtls_test_helper_is_psa_leaking(); - if (msg == NULL) { - return 0; - } else { - mbedtls_test_fail(msg, line_no, filename); - return 1; - } -} -#endif /* defined(MBEDTLS_PSA_CRYPTO_C) */ - #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) static int redirect_output(FILE *out_stream, const char *path) { diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 475a9c835..06f391fa4 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -28,50 +28,28 @@ int verify_string(char **str) * integer value. * * \param str Input string. - * \param value Pointer to int for output value. + * \param p_value Pointer to output value. * * \return 0 if success else 1 */ -int verify_int(char *str, int32_t *value) +int verify_int(char *str, intmax_t *p_value) { - size_t i; - int minus = 0; - int digits = 1; - int hex = 0; - - for (i = 0; i < strlen(str); i++) { - if (i == 0 && str[i] == '-') { - minus = 1; - continue; - } - - if (((minus && i == 2) || (!minus && i == 1)) && - str[i - 1] == '0' && (str[i] == 'x' || str[i] == 'X')) { - hex = 1; - continue; - } - - if (!((str[i] >= '0' && str[i] <= '9') || - (hex && ((str[i] >= 'a' && str[i] <= 'f') || - (str[i] >= 'A' && str[i] <= 'F'))))) { - digits = 0; - break; - } + char *end = NULL; + errno = 0; + /* Limit the range to long: for large integers, the test framework will + * use expressions anyway. */ + long value = strtol(str, &end, 0); + if (errno == EINVAL || *end != '\0') { + mbedtls_fprintf(stderr, + "Expected integer for parameter and got: %s\n", str); + return KEY_VALUE_MAPPING_NOT_FOUND; } - - if (digits) { - if (hex) { - *value = strtol(str, NULL, 16); - } else { - *value = strtol(str, NULL, 10); - } - - return 0; + if (errno == ERANGE) { + mbedtls_fprintf(stderr, "Integer out of range: %s\n", str); + return KEY_VALUE_MAPPING_NOT_FOUND; } - - mbedtls_fprintf(stderr, - "Expected integer for parameter and got: %s\n", str); - return KEY_VALUE_MAPPING_NOT_FOUND; + *p_value = value; + return 0; } @@ -180,24 +158,24 @@ static int parse_arguments(char *buf, size_t len, char **params, p++; } - /* Replace newlines, question marks and colons in strings */ + /* Replace backslash escapes in strings */ for (i = 0; i < cnt; i++) { p = params[i]; q = params[i]; while (*p != '\0') { - if (*p == '\\' && *(p + 1) == 'n') { - p += 2; - *(q++) = '\n'; - } else if (*p == '\\' && *(p + 1) == ':') { - p += 2; - *(q++) = ':'; - } else if (*p == '\\' && *(p + 1) == '?') { - p += 2; - *(q++) = '?'; - } else { - *(q++) = *(p++); + if (*p == '\\') { + ++p; + switch (*p) { + case 'n': + *p = '\n'; + break; + default: + // Fall through to copying *p + break; + } } + *(q++) = *(p++); } *q = '\0'; } @@ -223,7 +201,8 @@ static int parse_arguments(char *buf, size_t len, char **params, * * \return 0 for success else 1 */ -static int convert_params(size_t cnt, char **params, int32_t *int_params_store) +static int convert_params(size_t cnt, char **params, + mbedtls_test_argument_t *int_params_store) { char **cur = params; char **out = params; @@ -241,7 +220,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store) break; } } else if (strcmp(type, "int") == 0) { - if (verify_int(val, int_params_store) == 0) { + if (verify_int(val, &int_params_store->sint) == 0) { *out++ = (char *) int_params_store++; } else { ret = (DISPATCH_INVALID_TEST_DATA); @@ -255,7 +234,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store) mbedtls_test_unhexify((unsigned char *) val, strlen(val), val, &len) == 0); - *int_params_store = len; + int_params_store->len = len; *out++ = val; *out++ = (char *) (int_params_store++); } else { @@ -264,7 +243,7 @@ static int convert_params(size_t cnt, char **params, int32_t *int_params_store) } } else if (strcmp(type, "exp") == 0) { int exp_id = strtol(val, NULL, 10); - if (get_expression(exp_id, int_params_store) == 0) { + if (get_expression(exp_id, &int_params_store->sint) == 0) { *out++ = (char *) int_params_store++; } else { ret = (DISPATCH_INVALID_TEST_DATA); @@ -483,7 +462,7 @@ int execute_tests(int argc, const char **argv) char buf[5000]; char *params[50]; /* Store for processed integer params. */ - int32_t int_params[50]; + mbedtls_test_argument_t int_params[50]; void *pointer; #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) int stdout_fd = -1; diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 11a009afe..6c8d98e8b 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -69,7 +69,7 @@ __MBEDTLS_TEST_TEMPLATE__FUNCTIONS_CODE * * \return 0 if exp_id is found. 1 otherwise. */ -int get_expression(int32_t exp_id, int32_t *out_value) +int get_expression(int32_t exp_id, intmax_t *out_value) { int ret = KEY_VALUE_MAPPING_FOUND; diff --git a/tests/suites/test_suite_aes.cbc.data b/tests/suites/test_suite_aes.cbc.data index 95a9eee4e..21fb37aa7 100644 --- a/tests/suites/test_suite_aes.cbc.data +++ b/tests/suites/test_suite_aes.cbc.data @@ -71,145 +71,193 @@ AES-128-CBC Decrypt NIST KAT #12 aes_decrypt_cbc:"00000000000000000000000000000000":"00000000000000000000000000000000":"39bde67d5c8ed8a8b1c37eb8fa9f5ac0":"fffffffffffffffffffffffffffffffc":0 AES-192-CBC Encrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"fffffffffffffffffffffffffffffffffffffffffffffe00":"00000000000000000000000000000000":"00000000000000000000000000000000":"ddb505e6cc1384cbaec1df90b80beb20":0 AES-192-CBC Encrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"ffffffffffffffffffffffffffffffffffffffffffffff00":"00000000000000000000000000000000":"00000000000000000000000000000000":"5674a3bed27bf4bd3622f9f5fe208306":0 AES-192-CBC Encrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"ffffffffffffffffffffffffffffffffffffffffffffff80":"00000000000000000000000000000000":"00000000000000000000000000000000":"b687f26a89cfbfbb8e5eeac54055315e":0 AES-192-CBC Encrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"25a39dbfd8034f71a81f9ceb55026e4037f8f6aa30ab44ce":"00000000000000000000000000000000":"00000000000000000000000000000000":"3608c344868e94555d23a120f8a5502d":0 AES-192-CBC Encrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"e08c15411774ec4a908b64eadc6ac4199c7cd453f3aaef53":"00000000000000000000000000000000":"00000000000000000000000000000000":"77da2021935b840b7f5dcc39132da9e5":0 AES-192-CBC Encrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"3b375a1ff7e8d44409696e6326ec9dec86138e2ae010b980":"00000000000000000000000000000000":"00000000000000000000000000000000":"3b7c24f825e3bf9873c9f14d39a0e6f4":0 AES-192-CBC Encrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0 AES-192-CBC Encrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"26aa49dcfe7629a8901a69a9914e6dfd":"d5e08bf9a182e857cf40b3a36ee248cc":0 AES-192-CBC Encrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"941a4773058224e1ef66d10e0a6ee782":"067cd9d3749207791841562507fa9626":0 AES-192-CBC Encrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ffc00000000000000000000000000000":"030d7e5b64f380a7e4ea5387b5cd7f49":0 AES-192-CBC Encrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ffe00000000000000000000000000000":"0dc9a2610037009b698f11bb7e86c83e":0 AES-192-CBC Encrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"fff00000000000000000000000000000":"0046612c766d1840c226364f1fa7ed72":0 AES-192-CBC Decrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"902d88d13eae52089abd6143cfe394e9":"ffffffffe00000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d49bceb3b823fedd602c305345734bd2":"fffffffff00000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"707b1dbb0ffa40ef7d95def421233fae":"fffffffff80000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"fffffffffffffffffffc0000000000000000000000000000":"00000000000000000000000000000000":"8dfd999be5d0cfa35732c0ddc88ff5a5":"00000000000000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"fffffffffffffffffffe0000000000000000000000000000":"00000000000000000000000000000000":"02647c76a300c3173b841487eb2bae9f":"00000000000000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"ffffffffffffffffffff0000000000000000000000000000":"00000000000000000000000000000000":"172df8b02f04b53adab028b4e01acd87":"00000000000000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"b3ad5cea1dddc214ca969ac35f37dae1a9a9d1528f89bb35":"00000000000000000000000000000000":"3cf5e1d21a17956d1dffad6a7c41c659":"00000000000000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"45899367c3132849763073c435a9288a766c8b9ec2308516":"00000000000000000000000000000000":"69fd12e8505f8ded2fdcb197a121b362":"00000000000000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"ec250e04c3903f602647b85a401a1ae7ca2f02f67fa4253e":"00000000000000000000000000000000":"8aa584e2cc4d17417a97cb9a28ba29c8":"00000000000000000000000000000000":0 AES-192-CBC Decrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d":"9c2d8842e5f48f57648205d39a239af1":0 AES-192-CBC Decrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440":"bff52510095f518ecca60af4205444bb":0 AES-192-CBC Decrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"4f354592ff7c8847d2d0870ca9481b7c":"51719783d3185a535bd75adc65071ce1":0 AES-256-CBC Encrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"8000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"e35a6dcb19b201a01ebcfa8aa22b5759":0 AES-256-CBC Encrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"c000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"b29169cdcf2d83e838125a12ee6aa400":0 AES-256-CBC Encrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"e000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"d8f3a72fc3cdf74dfaf6c3e6b97b2fa6":0 AES-256-CBC Encrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"dc0eba1f2232a7879ded34ed8428eeb8769b056bbaf8ad77cb65c3541430b4cf":"00000000000000000000000000000000":"00000000000000000000000000000000":"fc6aec906323480005c58e7e1ab004ad":0 AES-256-CBC Encrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"00000000000000000000000000000000":"00000000000000000000000000000000":"a3944b95ca0b52043584ef02151926a8":0 AES-256-CBC Encrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"797f8b3d176dac5b7e34a2d539c4ef367a16f8635f6264737591c5c07bf57a3e":"00000000000000000000000000000000":"00000000000000000000000000000000":"a74289fe73a4c123ca189ea1e1b49ad5":0 AES-256-CBC Encrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"623a52fcea5d443e48d9181ab32c7421":0 AES-256-CBC Encrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"38f2c7ae10612415d27ca190d27da8b4":0 AES-256-CBC Encrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"91fbef2d15a97816060bee1feaa49afe":"1bc704f1bce135ceb810341b216d7abe":0 AES-256-CBC Encrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ffffffffffffff800000000000000000":"0d9ac756eb297695eed4d382eb126d26":0 AES-256-CBC Encrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ffffffffffffffc00000000000000000":"56ede9dda3f6f141bff1757fa689c3e1":0 AES-256-CBC Encrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ffffffffffffffe00000000000000000":"768f520efe0f23e61d3ec8ad9ce91774":0 AES-256-CBC Decrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"49af6b372135acef10132e548f217b17":"ff000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"8bcd40f94ebb63b9f7909676e667f1e7":"ff800000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"fe1cffb83f45dcfb38b29be438dbd3ab":"ffc00000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc00":"00000000000000000000000000000000":"cca7c3086f5f9511b31233da7cab9160":"00000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00":"00000000000000000000000000000000":"5b40ff4ec9be536ba23035fa4f06064c":"00000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":"00000000000000000000000000000000":"60eb5af8416b257149372194e8b88749":"00000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"90143ae20cd78c5d8ebdd6cb9dc1762427a96c78c639bccc41a61424564eafe1":"00000000000000000000000000000000":"798c7c005dee432b2c8ea5dfa381ecc3":"00000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"b7a5794d52737475d53d5a377200849be0260a67a2b22ced8bbef12882270d07":"00000000000000000000000000000000":"637c31dc2591a07636f646b72daabbe7":"00000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"fca02f3d5011cfc5c1e23165d413a049d4526a991827424d896fe3435e0bf68e":"00000000000000000000000000000000":"179a49c712154bbffbe6e7a84a18e220":"00000000000000000000000000000000":0 AES-256-CBC Decrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0 AES-256-CBC Decrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"a9ff75bd7cf6613d3731c77c3b6d0c04":"0b24af36193ce4665f2825d7b4749c98":0 AES-256-CBC Decrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0 diff --git a/tests/suites/test_suite_aes.cfb.data b/tests/suites/test_suite_aes.cfb.data index 3f4953f52..e9d3f667d 100644 --- a/tests/suites/test_suite_aes.cfb.data +++ b/tests/suites/test_suite_aes.cfb.data @@ -95,195 +95,195 @@ depends_on:MBEDTLS_CIPHER_MODE_CFB aes_decrypt_cfb128:"00000000000000000000000000000000":"ffffffffffffffffc000000000000000":"10d3ed7a6fe15ab4d91acbc7d0767ab1":"00000000000000000000000000000000" AES-192-CFB128 Encrypt NIST KAT #1 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"fffffffffffffffffffc0000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"8dfd999be5d0cfa35732c0ddc88ff5a5" AES-192-CFB128 Encrypt NIST KAT #2 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"fffffffffffffffffffe0000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"02647c76a300c3173b841487eb2bae9f" AES-192-CFB128 Encrypt NIST KAT #3 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"ffffffffffffffffffff0000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"172df8b02f04b53adab028b4e01acd87" AES-192-CFB128 Encrypt NIST KAT #4 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"d184c36cf0dddfec39e654195006022237871a47c33d3198":"00000000000000000000000000000000":"00000000000000000000000000000000":"2e19fb60a3e1de0166f483c97824a978" AES-192-CFB128 Encrypt NIST KAT #5 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"4c6994ffa9dcdc805b60c2c0095334c42d95a8fc0ca5b080":"00000000000000000000000000000000":"00000000000000000000000000000000":"7656709538dd5fec41e0ce6a0f8e207d" AES-192-CFB128 Encrypt NIST KAT #6 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"c88f5b00a4ef9a6840e2acaf33f00a3bdc4e25895303fa72":"00000000000000000000000000000000":"00000000000000000000000000000000":"a67cf333b314d411d3c0ae6e1cfcd8f5" AES-192-CFB128 Encrypt NIST KAT #7 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"000000000000000000000000000000000000000000000000":"9c2d8842e5f48f57648205d39a239af1":"00000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d" AES-192-CFB128 Encrypt NIST KAT #8 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"000000000000000000000000000000000000000000000000":"bff52510095f518ecca60af4205444bb":"00000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440" AES-192-CFB128 Encrypt NIST KAT #9 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"000000000000000000000000000000000000000000000000":"51719783d3185a535bd75adc65071ce1":"00000000000000000000000000000000":"4f354592ff7c8847d2d0870ca9481b7c" AES-192-CFB128 Encrypt NIST KAT #10 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"000000000000000000000000000000000000000000000000":"ffffffffffffffe00000000000000000":"00000000000000000000000000000000":"f34e4a6324ea4a5c39a661c8fe5ada8f" AES-192-CFB128 Encrypt NIST KAT #11 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"000000000000000000000000000000000000000000000000":"fffffffffffffff00000000000000000":"00000000000000000000000000000000":"0882a16f44088d42447a29ac090ec17e" AES-192-CFB128 Encrypt NIST KAT #12 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"000000000000000000000000000000000000000000000000":"fffffffffffffff80000000000000000":"00000000000000000000000000000000":"3a3c15bfc11a9537c130687004e136ee" AES-192-CFB128 Decrypt NIST KAT #1 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"ffffffffffffffffffffffffffffffffffffffffffe00000":"00000000000000000000000000000000":"60136703374f64e860b48ce31f930716":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #2 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"fffffffffffffffffffffffffffffffffffffffffff00000":"00000000000000000000000000000000":"8d63a269b14d506ccc401ab8a9f1b591":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #3 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"fffffffffffffffffffffffffffffffffffffffffff80000":"00000000000000000000000000000000":"d317f81dc6aa454aee4bd4a5a5cff4bd":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #4 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"98c6b8e01e379fbd14e61af6af891596583565f2a27d59e9":"00000000000000000000000000000000":"19c80ec4a6deb7e5ed1033dda933498f":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #5 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"b3ad5cea1dddc214ca969ac35f37dae1a9a9d1528f89bb35":"00000000000000000000000000000000":"3cf5e1d21a17956d1dffad6a7c41c659":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #6 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"45899367c3132849763073c435a9288a766c8b9ec2308516":"00000000000000000000000000000000":"69fd12e8505f8ded2fdcb197a121b362":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #7 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #8 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000":"9c2d8842e5f48f57648205d39a239af1":"c9b8135ff1b5adc413dfd053b21bd96d":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #9 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000":"bff52510095f518ecca60af4205444bb":"4a3650c3371ce2eb35e389a171427440":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #10 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000":"ffffffffffffffffffff000000000000":"54d632d03aba0bd0f91877ebdd4d09cb":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #11 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000":"ffffffffffffffffffff800000000000":"d3427be7e4d27cd54f5fe37b03cf0897":"00000000000000000000000000000000" AES-192-CFB128 Decrypt NIST KAT #12 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"000000000000000000000000000000000000000000000000":"ffffffffffffffffffffc00000000000":"b2099795e88cc158fd75ea133d7e7fbe":"00000000000000000000000000000000" AES-256-CFB128 Encrypt NIST KAT #1 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"ffffffe000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"bbd1097a62433f79449fa97d4ee80dbf" AES-256-CFB128 Encrypt NIST KAT #2 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"fffffff000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"07058e408f5b99b0e0f061a1761b5b3b" AES-256-CFB128 Encrypt NIST KAT #3 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"fffffff800000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"5fd1f13fa0f31e37fabde328f894eac2" AES-256-CFB128 Encrypt NIST KAT #4 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"13428b5e4c005e0636dd338405d173ab135dec2a25c22c5df0722d69dcc43887":"00000000000000000000000000000000":"00000000000000000000000000000000":"649a71545378c783e368c9ade7114f6c" AES-256-CFB128 Encrypt NIST KAT #5 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"07eb03a08d291d1b07408bf3512ab40c91097ac77461aad4bb859647f74f00ee":"00000000000000000000000000000000":"00000000000000000000000000000000":"47cb030da2ab051dfc6c4bf6910d12bb" AES-256-CFB128 Encrypt NIST KAT #6 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"90143ae20cd78c5d8ebdd6cb9dc1762427a96c78c639bccc41a61424564eafe1":"00000000000000000000000000000000":"00000000000000000000000000000000":"798c7c005dee432b2c8ea5dfa381ecc3" AES-256-CFB128 Encrypt NIST KAT #7 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"0b24af36193ce4665f2825d7b4749c98":"00000000000000000000000000000000":"a9ff75bd7cf6613d3731c77c3b6d0c04" AES-256-CFB128 Encrypt NIST KAT #8 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421" AES-256-CFB128 Encrypt NIST KAT #9 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"00000000000000000000000000000000":"38f2c7ae10612415d27ca190d27da8b4" AES-256-CFB128 Encrypt NIST KAT #10 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffffffffffffffffffffe0000000":"00000000000000000000000000000000":"2be1fae5048a25582a679ca10905eb80" AES-256-CFB128 Encrypt NIST KAT #11 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"fffffffffffffffffffffffff0000000":"00000000000000000000000000000000":"da86f292c6f41ea34fb2068df75ecc29" AES-256-CFB128 Encrypt NIST KAT #12 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"fffffffffffffffffffffffff8000000":"00000000000000000000000000000000":"220df19f85d69b1b562fa69a3c5beca5" AES-256-CFB128 Decrypt NIST KAT #1 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"ffffffffff800000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"be66cfea2fecd6bf0ec7b4352c99bcaa":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #2 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"ffffffffffc00000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"df31144f87a2ef523facdcf21a427804":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #3 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"ffffffffffe00000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"b5bb0f5629fb6aae5e1839a3c3625d63":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #4 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"1d85a181b54cde51f0e098095b2962fdc93b51fe9b88602b3f54130bf76a5bd9":"00000000000000000000000000000000":"531c2c38344578b84d50b3c917bbb6e1":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #5 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"dc0eba1f2232a7879ded34ed8428eeb8769b056bbaf8ad77cb65c3541430b4cf":"00000000000000000000000000000000":"fc6aec906323480005c58e7e1ab004ad":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #6 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"00000000000000000000000000000000":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #7 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"623a52fcea5d443e48d9181ab32c7421":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #8 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"38f2c7ae10612415d27ca190d27da8b4":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #9 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"91fbef2d15a97816060bee1feaa49afe":"1bc704f1bce135ceb810341b216d7abe":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #10 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"e0000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #11 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"f0000000000000000000000000000000":"7f2c5ece07a98d8bee13c51177395ff7":"00000000000000000000000000000000" AES-256-CFB128 Decrypt NIST KAT #12 -depends_on:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb128:"0000000000000000000000000000000000000000000000000000000000000000":"f8000000000000000000000000000000":"7818d800dcf6f4be1e0e94f403d1e4c2":"00000000000000000000000000000000" AES-128-CFB8 Encrypt NIST MMT #0 @@ -347,121 +347,161 @@ AES-128-CFB8 Decrypt NIST MMT #9 aes_decrypt_cfb8:"6399c1dc068ba3509845628fa9ed1a96":"1157c2766c86b754df485be9dd5851df":"c9c284e9abbfe6fb11fe":"feff4e2e2458addf2a54" AES-192-CFB8 Encrypt NIST MMT #0 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"32a1b0e3da368db563d7316b9779d3327e53d9a6d287ed97":"3dd0e7e21f09d5842f3a699da9b57346":"54":"6d" AES-192-CFB8 Encrypt NIST MMT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"a6381dcc18dd85d7729c1dce90743bbe1df580d857f5b9c4":"c0ac501fad7f4a1465daf32e18fc1a4f":"a456":"8fb6" AES-192-CFB8 Encrypt NIST MMT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"d08dbee4732c7ffc544c1695b201d30e795037325ef0aa18":"a1e39aeeb972a8d70aa0fc7d6fac6eac":"fd115d":"c4c016" AES-192-CFB8 Encrypt NIST MMT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"277185a4a440869920f523c4d578fc5bedd33aee8d2ebaf7":"67be00572f82aabc13d6e5a2e51d1f08":"88e07061":"8bb630ba" AES-192-CFB8 Encrypt NIST MMT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"83f70fdce47306fcbb8c21b6a8b3209f7ec185fef4deebd4":"ff73b310cf7e62ce6f501092fa6cc888":"36664e222d":"20855555d1" AES-192-CFB8 Encrypt NIST MMT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"c5be271a29f4a29e085e8e98196601dcb88ccc03e559a304":"9f51fa2eb8a084718f7240e47d135dce":"b57f12342a62":"73ff9bf3ec4b" AES-192-CFB8 Encrypt NIST MMT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"9c55322e6d495be01076d4b80371ad1479ae5636ff9861f5":"2b79cfc1ff37254dedf5924a6b61e3e0":"6dcede43c2ee65":"7c897658282220" AES-192-CFB8 Encrypt NIST MMT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"6e78ccece7d1b2a3c08cf0de738bee33cbbbf78d9bf4922c":"4bbe15b1e94a7b97250a2136d8804e46":"ceda42527871f802":"d92ff89045b1917f" AES-192-CFB8 Encrypt NIST MMT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"13c98665746f7825b37b404916240adbd1e4364be1d05c63":"0e479fbd5f3961f38b8a26be1f2d65c5":"1b0a63d73464ab3c8a":"5485847e5d3c2e2cc4" AES-192-CFB8 Encrypt NIST MMT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"537e7bf661fd4024a024613f15b13690f7d0c847c1e18965":"3a81f9d9d3c155b0caad5d73349476fc":"d3d8b9b984adc24237ee":"3879fea72ac99929e53a" AES-192-CFB8 Decrypt NIST MMT #0 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"7dbdc15ad4034ed828dc862799b7adc9abd68eaf9d526d5d":"4359683af5a3a85c248fb7f5506f317b":"25":"2d" AES-192-CFB8 Decrypt NIST MMT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"3a2cdf9c9608c1dd6233d03dd855293b0885915114b25279":"e7a28ee34acc52128ddae658ec6398a2":"0678":"7b04" AES-192-CFB8 Decrypt NIST MMT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"c984b99a6cc5bc88003143cbe4b755e6e30ba94114f7ad1e":"41e3b8fd138f8c358dfeef420302f634":"037cf6":"658d0a" AES-192-CFB8 Decrypt NIST MMT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"39747da225bdc0c53c3463fd686dbe19d14157535171f91d":"77d3a5ad8bbdb169f8d29e5f21798651":"0fb0cee2":"2d191f2f" AES-192-CFB8 Decrypt NIST MMT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"4cd13179dfa16d01c6a8633dfc8783e723e72114c9b0d50a":"6657c46c99d642474c330d8016b71dbe":"09d914cf0b":"105a64c872" AES-192-CFB8 Decrypt NIST MMT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"5dcc9b8d8a456e9917cd8d54d7f7100b34964b4ed2d398a0":"4fa295a8987f1b010ce4e011fbf94156":"288c752d9fac":"98f332d37b78" AES-192-CFB8 Decrypt NIST MMT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"c8baf0204ef80b8e0125efe43a0bccdfd0f356b62e6c75fe":"e9144bf2cbc5720a1b4cb6f37d11edff":"c9981a34b7aa89":"56bb4c3cae53b3" AES-192-CFB8 Decrypt NIST MMT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"64e40763f38a63ae378c32052b0ae3aa538bb868a04ac985":"aacf65089e4b285438451ffdcd0f6389":"d8fcf83a88510a0d":"b567411bc61b0a76" AES-192-CFB8 Decrypt NIST MMT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"7bfdca9605f17253f203efffc92da96fde023007d22cdad0":"45c09e44036070f8a7737a5176b8cf26":"9c195b1944c4af5bfb":"89358df65c3ef14d26" AES-192-CFB8 Decrypt NIST MMT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"baf08b76317a65c5f07ae6f57eb0e65488659324d29709e3":"0a02846b62abb693ef31d754842eed29":"729c0b6deb75fa6eb5e8":"9895932402393dc33a60" AES-256-CFB8 Encrypt NIST MMT #0 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"34e8091cee09f1bd3ebf1e8f05f51bfbd4899ef2ae006a3a0f7875052cdd46c8":"43eb4dcc4b04a80216a20e4a09a7abb5":"f9":"28" AES-256-CFB8 Encrypt NIST MMT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"e04e43173113109e1343393842fe6caef3f8a2e506d7f55f83dcb10444c6ad23":"a38b88a293b077fb5546636aad90d663":"2914":"69a6" AES-256-CFB8 Encrypt NIST MMT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"064874092f7a13cc4462247ad423d0e96edf42e8b67a5a23b7a0a6477b098e66":"338c552ff1eca14408e05d8cf9f3b31b":"b974fa":"1cff95" AES-256-CFB8 Encrypt NIST MMT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"56794adb0ef04aeddeabd650de736531d408837954b919002c33edfdff976cc2":"71b5526facea4236d33f1f4107e4b04f":"db774912":"f04d9d4f" AES-256-CFB8 Encrypt NIST MMT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"dddd7f234e7d0e6ec64560b96430986a856f2ee9805443a7946e31601ef6679d":"e20f39db0025eb24491bd06012887108":"ad1d5311ea":"19cc97a662" AES-256-CFB8 Encrypt NIST MMT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"ec73a760272c83f91771b3ab7b188715c6d6afb9c554feae83856e966a3863d0":"ae7bfa38fd25778fcf66ce8157f6e42e":"02fe724fbc5d":"b0eca63405f4" AES-256-CFB8 Encrypt NIST MMT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"a66874ca0b70fb98b37c033ec96413f339adae02acade015b9f016b459db3309":"6ed480d9e4ed031cf66bb1e07f8d5514":"b4777e6bcd9a05":"8c017397ad5bab" AES-256-CFB8 Encrypt NIST MMT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"a3dbbb775ada92b0b8ed1632444e21c1c86ff3eba8f628307306e766b8c15b5c":"4ec56a8e541f5cfe7b8ab947bfa4fd08":"1d70a5a82badf5ea":"1e22bebebeacd81d" AES-256-CFB8 Encrypt NIST MMT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"64135e67c0ca1acef3360d930afcd726c5b04861a69c1b6a48bde1daf20f3b1f":"5377a154d5f948189f9aa57b466c16b2":"a36ca5ea382a322eef":"3105016567d3174aed" AES-256-CFB8 Encrypt NIST MMT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cfb8:"ebbb4566b5e182e0f072466b0b311df38f9175bc0213a5530bce2ec4d74f400d":"0956a48e01002c9e16376d6e308dbad1":"b0fe25ac8d3d28a2f471":"638c6823e7256fb5626e" AES-256-CFB8 Decrypt NIST MMT #0 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"1687831580cb764321a9d674dbd0a9640f668b0f58ef01b87a710b3095d5f855":"6cd5bec6d6e1fd23afc543b8f80d3f89":"6f":"98" AES-256-CFB8 Decrypt NIST MMT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"b6b504e8b7065373ea31cd549e52eda7cb96fd1db14eddacbc420085ab48b747":"870ecd45b1241803ddaf8bad15a025d7":"17d4":"3572" AES-256-CFB8 Decrypt NIST MMT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"6ad3105e15fb5b742bf4fe1eb8e98c6c1ffea653107c84f6b42ed1232a0bbc21":"17534c89c4eae5dea6ea353dde7b1623":"a9841e":"f9411a" AES-256-CFB8 Decrypt NIST MMT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"758f3fa8b2b289f19fd59e7316be40b904eff7f565caac4570f972360e0da787":"b21335ae980898fa92c4b3069e532973":"84b35e25":"47887872" AES-256-CFB8 Decrypt NIST MMT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"802e854eb799500975d960a67885820d195e02ab23d51f15e5cdbcee86a1580c":"94478c4e44e2fa8d2e6bc43d384597e6":"d1e96bf1e8":"ed414b5689" AES-256-CFB8 Decrypt NIST MMT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"3a0c03ca9d1e5d49bb37f9041f88d159c3f1d5ce26c798f59ed54a93f0a0e600":"9aae38ba832e4b093b50444074517d20":"74410ccd12da":"8207eee2a7ab" AES-256-CFB8 Decrypt NIST MMT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"ee05462128fea75e919f6f436cb198f222847d698a283f5767df682d33d3ce77":"d2ad55e41887075184635112a22fc093":"ff039e89877b44":"aff3aa4c24e353" AES-256-CFB8 Decrypt NIST MMT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"08abbdcc3eb9c1717db1faa38dcd0893afd5e16e2596747af58f8d61ebedf9cd":"b925c8dc9a9b55a4372ea6d37d21c1eb":"e176ba99ea602fd9":"b7370050288bf600" AES-256-CFB8 Decrypt NIST MMT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"56d404a893fb3b3f594aab18939230b096646a37a781629fbd9270f3891a5cea":"e5906b36f2d97e6f2db19b6c7a3ce319":"c55a9a917a809a784b":"e44995bbb0fff40fee" AES-256-CFB8 Decrypt NIST MMT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cfb8:"ec13062551e4d7291e320f565b749eea1809b663b26f2c4d53b52058b833e0ad":"fbfa5a528e20863012790c2abafb5a0c":"2bfc3f0209307140101a":"547bfd642cf6e12ed942" diff --git a/tests/suites/test_suite_aes.ecb.data b/tests/suites/test_suite_aes.ecb.data index b468ac30b..2253a3e5d 100644 --- a/tests/suites/test_suite_aes.ecb.data +++ b/tests/suites/test_suite_aes.ecb.data @@ -86,148 +86,204 @@ AES-128-ECB Decrypt NIST KAT #11 aes_decrypt_ecb:"ffffffffffffffff8000000000000000":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0 AES-192-ECB Encrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0 AES-192-ECB Encrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffc0000000000":"15eec9ebf42b9ca76897d2cd6c5a12e2":0 AES-192-ECB Encrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffe0000000000":"db0d3a6fdcc13f915e2b302ceeb70fd8":0 AES-192-ECB Encrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"000000000000000000000000000000000000000000000000":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0 AES-192-ECB Encrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"000000000000000000000000000000000000000000000000":"26aa49dcfe7629a8901a69a9914e6dfd":"d5e08bf9a182e857cf40b3a36ee248cc":0 AES-192-ECB Encrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"000000000000000000000000000000000000000000000000":"941a4773058224e1ef66d10e0a6ee782":"067cd9d3749207791841562507fa9626":0 AES-192-ECB Encrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0 AES-192-ECB Encrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"982215f4e173dfa0fcffe5d3da41c4812c7bcc8ed3540f93":"00000000000000000000000000000000":"d4f0aae13c8fe9339fbf9e69ed0ad74d":0 AES-192-ECB Encrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"98c6b8e01e379fbd14e61af6af891596583565f2a27d59e9":"00000000000000000000000000000000":"19c80ec4a6deb7e5ed1033dda933498f":0 AES-192-ECB Encrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"fffffffffffffffffffffffffff800000000000000000000":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0 AES-192-ECB Encrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"fffffffffffffffffffffffffffc00000000000000000000":"00000000000000000000000000000000":"9d6bdc8f4ce5feb0f3bed2e4b9a9bb0b":0 AES-192-ECB Encrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46":0 AES-192-ECB Decrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"fffffffffffffffffffffffffffffffff800000000000000":"1b9f5fbd5e8a4264c0a85b80409afa5e":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"fffffffffffffffffffffffffffffffffc00000000000000":"30dab809f85a917fe924733f424ac589":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"b0ab0a6a818baef2d11fa33eac947284fb7d748cfb75e570":"d2eafd86f63b109b91f5dbb3a3fb7e13":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"ee053aa011c8b428cdcc3636313c54d6a03cac01c71579d6":"9b9fdd1c5975655f539998b306a324af":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"000000000000000000000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0 AES-192-ECB Decrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"000000000000000000000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d":"9c2d8842e5f48f57648205d39a239af1":0 AES-192-ECB Decrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"000000000000000000000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440":"bff52510095f518ecca60af4205444bb":0 AES-192-ECB Decrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"000000000000000000000000000000000000000000000000":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0 AES-192-ECB Decrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"000000000000000000000000000000000000000000000000":"a6cae46fb6fadfe7a2c302a34242817b":"ffffffffffffffffffffe00000000000":0 AES-192-ECB Decrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"000000000000000000000000000000000000000000000000":"026a7024d6a902e0b3ffccbaa910cc3f":"fffffffffffffffffffff00000000000":0 AES-256-ECB Encrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0 AES-256-ECB Encrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"984ca75f4ee8d706f46c2d98c0bf4a45f5b00d791c2dfeb191b5ed8e420fd627":"00000000000000000000000000000000":"4307456a9e67813b452e15fa8fffe398":0 AES-256-ECB Encrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"b43d08a447ac8609baadae4ff12918b9f68fc1653f1269222f123981ded7a92f":"00000000000000000000000000000000":"4663446607354989477a5c6f0f007ef4":0 AES-256-ECB Encrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0 AES-256-ECB Encrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"623a52fcea5d443e48d9181ab32c7421":0 AES-256-ECB Encrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"38f2c7ae10612415d27ca190d27da8b4":0 AES-256-ECB Encrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0 AES-256-ECB Encrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffc0000000000000000000000000":"1f8eedea0f62a1406d58cfc3ecea72cf":0 AES-256-ECB Encrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffe0000000000000000000000000":"abf4154a3375a1d3e6b1d454438f95a6":0 AES-256-ECB Encrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0 AES-256-ECB Encrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"ffffffffffffffffffffffffffffffffffffc000000000000000000000000000":"00000000000000000000000000000000":"b4da5df4becb5462e03a0ed00d295629":0 AES-256-ECB Encrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ecb:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b":0 AES-256-ECB Decrypt NIST KAT #1 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #2 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"fffffffffffffffffffffffffffffffffffffffffffffff80000000000000000":"6168b00ba7859e0970ecfd757efecf7c":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #3 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"fffffffffffffffffffffffffffffffffffffffffffffffc0000000000000000":"d1415447866230d28bb1ea18a4cdfd02":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #4 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #5 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"797f8b3d176dac5b7e34a2d539c4ef367a16f8635f6264737591c5c07bf57a3e":"a74289fe73a4c123ca189ea1e1b49ad5":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #6 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"6838d40caf927749c13f0329d331f448e202c73ef52c5f73a37ca635d4c47707":"b91d4ea4488644b56cf0812fa7fcf5fc":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #7 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0 AES-256-ECB Decrypt NIST KAT #8 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"38f2c7ae10612415d27ca190d27da8b4":"8a560769d605868ad80d819bdba03771":0 AES-256-ECB Decrypt NIST KAT #9 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"1bc704f1bce135ceb810341b216d7abe":"91fbef2d15a97816060bee1feaa49afe":0 AES-256-ECB Decrypt NIST KAT #10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"0a6bdc6d4c1e6280301fd8e97ddbe601":"c0000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_ecb:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0 -AES-256-ECB Copy Context NIST KAT #1 -aes_ecb_copy_context:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000" +AES-128-ECB Copy context +aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f" + +AES-192-ECB Copy context +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f1011121314151617" + +AES-256-ECB Copy context +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +aes_ecb_copy_context:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index d95503ad8..d495b49ed 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -1,5 +1,61 @@ /* BEGIN_HEADER */ #include "mbedtls/aes.h" + +/* Test AES with a copied context. + * + * master, enc and dec must be AES context objects. They don't need to + * be initialized, and are left freed. + */ +static int test_copy(const data_t *key, + mbedtls_aes_context *master, + mbedtls_aes_context *enc, + mbedtls_aes_context *dec) +{ + unsigned char plaintext[16] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + }; + unsigned char ciphertext[16]; + unsigned char output[16]; + + // Set key and encrypt with original context + mbedtls_aes_init(master); + TEST_ASSERT(mbedtls_aes_setkey_enc(master, key->x, + key->len * 8) == 0); + TEST_ASSERT(mbedtls_aes_crypt_ecb(master, MBEDTLS_AES_ENCRYPT, + plaintext, ciphertext) == 0); + *enc = *master; + + // Set key for decryption with original context + mbedtls_aes_init(master); + TEST_ASSERT(mbedtls_aes_setkey_dec(master, key->x, + key->len * 8) == 0); + *dec = *master; + + // Wipe the original context to make sure nothing from it is used + memset(master, 0, sizeof(*master)); + + // Encrypt with copied context + TEST_ASSERT(mbedtls_aes_crypt_ecb(enc, MBEDTLS_AES_ENCRYPT, + plaintext, output) == 0); + TEST_MEMORY_COMPARE(ciphertext, 16, output, 16); + mbedtls_aes_free(enc); + + // Decrypt with copied context + TEST_ASSERT(mbedtls_aes_crypt_ecb(dec, MBEDTLS_AES_DECRYPT, + ciphertext, output) == 0); + TEST_MEMORY_COMPARE(plaintext, 16, output, 16); + mbedtls_aes_free(dec); + + return 1; + +exit: + /* Bug: we may be leaving something unfreed. This is harmless + * in our built-in implementations, but might cause a memory leak + * with alternative implementations. */ + return 0; +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -468,32 +524,89 @@ void aes_misc_params() /* END_CASE */ /* BEGIN_CASE */ -void aes_ecb_copy_context(data_t *key_str, data_t *src_str) +void aes_ecb_copy_context(data_t *key) { - unsigned char output1[16], output2[16], plain[16]; - mbedtls_aes_context ctx1, ctx2, ctx3; + /* We test context copying multiple times, with different alignments + * of the original and of the copies. */ - // Set key and encrypt with original context - mbedtls_aes_init(&ctx1); - TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx1, key_str->x, - key_str->len * 8) == 0); - TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx1, MBEDTLS_AES_ENCRYPT, - src_str->x, output1) == 0); + struct align0 { + mbedtls_aes_context ctx; + }; + struct align0 *src0 = NULL; + struct align0 *enc0 = NULL; + struct align0 *dec0 = NULL; - ctx2 = ctx1; - TEST_ASSERT(mbedtls_aes_setkey_dec(&ctx1, key_str->x, - key_str->len * 8) == 0); - ctx3 = ctx1; - memset(&ctx1, 0, sizeof(ctx1)); + struct align1 { + char bump; + mbedtls_aes_context ctx; + }; + struct align1 *src1 = NULL; + struct align1 *enc1 = NULL; + struct align1 *dec1 = NULL; - // Encrypt and decrypt with copied context - TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx2, MBEDTLS_AES_ENCRYPT, - src_str->x, output2) == 0); - TEST_ASSERT(mbedtls_aes_crypt_ecb(&ctx3, MBEDTLS_AES_DECRYPT, - output1, plain) == 0); + /* All peak alignment */ + TEST_CALLOC(src0, 1); + TEST_CALLOC(enc0, 1); + TEST_CALLOC(dec0, 1); + if (!test_copy(key, &src0->ctx, &enc0->ctx, &dec0->ctx)) { + goto exit; + } + mbedtls_free(src0); + src0 = NULL; + mbedtls_free(enc0); + enc0 = NULL; + mbedtls_free(dec0); + dec0 = NULL; - TEST_ASSERT(mbedtls_test_hexcmp(output1, output2, 16, 16) == 0); - TEST_ASSERT(mbedtls_test_hexcmp(src_str->x, plain, src_str->len, 16) == 0); + /* Original shifted */ + TEST_CALLOC(src1, 1); + TEST_CALLOC(enc0, 1); + TEST_CALLOC(dec0, 1); + if (!test_copy(key, &src1->ctx, &enc0->ctx, &dec0->ctx)) { + goto exit; + } + mbedtls_free(src1); + src1 = NULL; + mbedtls_free(enc0); + enc0 = NULL; + mbedtls_free(dec0); + dec0 = NULL; + + /* Copies shifted */ + TEST_CALLOC(src0, 1); + TEST_CALLOC(enc1, 1); + TEST_CALLOC(dec1, 1); + if (!test_copy(key, &src0->ctx, &enc1->ctx, &dec1->ctx)) { + goto exit; + } + mbedtls_free(src0); + src0 = NULL; + mbedtls_free(enc1); + enc1 = NULL; + mbedtls_free(dec1); + dec1 = NULL; + + /* Source and copies shifted */ + TEST_CALLOC(src1, 1); + TEST_CALLOC(enc1, 1); + TEST_CALLOC(dec1, 1); + if (!test_copy(key, &src1->ctx, &enc1->ctx, &dec1->ctx)) { + goto exit; + } + mbedtls_free(src1); + src1 = NULL; + mbedtls_free(enc1); + enc1 = NULL; + mbedtls_free(dec1); + dec1 = NULL; + +exit: + mbedtls_free(src0); + mbedtls_free(enc0); + mbedtls_free(dec0); + mbedtls_free(src1); + mbedtls_free(enc1); + mbedtls_free(dec1); } /* END_CASE */ diff --git a/tests/suites/test_suite_aes.ofb.data b/tests/suites/test_suite_aes.ofb.data index 4b9d80e8d..015df8391 100644 --- a/tests/suites/test_suite_aes.ofb.data +++ b/tests/suites/test_suite_aes.ofb.data @@ -18,18 +18,18 @@ depends_on:MBEDTLS_CIPHER_MODE_OFB aes_encrypt_ofb:16:"2b7e151628aed2a6abf7158809cf4f3c":"000102030405060708090a0b0c0d0e0f":"3b3fd92eb72dad20333449f8e83cfb4a7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710" OFB-AES192.Encrypt - Test NIST SP800-38A - F.4.3 -depends_on:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ofb:16:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a" OFB-AES192.Decrypt - Test NIST SP800-38A - F.4.4 -depends_on:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ofb:16:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":"000102030405060708090a0b0c0d0e0f":"cdc80d6fddf18cab34c25909c99a4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710" OFB-AES256.Encrypt - Test NIST SP800-38A - F.4.5 -depends_on:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ofb:16:"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4":"000102030405060708090a0b0c0d0e0f":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484" OFB-AES256.Decrypt - Test NIST SP800-38A - F.4.6 -depends_on:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_ofb:16:"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4":"000102030405060708090a0b0c0d0e0f":"dc7e84bfda79164b7ecd8486985d38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710" diff --git a/tests/suites/test_suite_aes.rest.data b/tests/suites/test_suite_aes.rest.data index 3b43c90cd..63a5d9e9e 100644 --- a/tests/suites/test_suite_aes.rest.data +++ b/tests/suites/test_suite_aes.rest.data @@ -5,9 +5,11 @@ AES-ECB Decrypt (Invalid keylength) aes_decrypt_ecb:"000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":MBEDTLS_ERR_AES_INVALID_KEY_LENGTH AES-256-CBC Encrypt (Invalid input length) +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ffffffffffffffe000000000000000":"":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH AES-256-CBC Decrypt (Invalid input length) +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_cbc:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c74":"":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH AES - Mode Parameter Validation diff --git a/tests/suites/test_suite_aes.xts.data b/tests/suites/test_suite_aes.xts.data index 647819e0d..b17ba6d8d 100644 --- a/tests/suites/test_suite_aes.xts.data +++ b/tests/suites/test_suite_aes.xts.data @@ -23,6 +23,7 @@ AES-64-XTS Setkey Fail Invalid Key Length aes_crypt_xts_keysize:16:MBEDTLS_ERR_AES_INVALID_KEY_LENGTH AES-192-XTS Setkey Fail Invalid Key Length +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_crypt_xts_keysize:48:MBEDTLS_ERR_AES_INVALID_KEY_LENGTH AES-384-XTS Setkey Fail Invalid Key Length @@ -68,18 +69,23 @@ aes_encrypt_xts:"271828182845904523536028747135263141592653589793238462643383279 # 256-bit keys with 512 byte sector # AES-256-XTS Encrypt IEEE P1619/D16 Vector 10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ff000000000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"1c3b3a102f770386e4836c99e370cf9bea00803f5e482357a4ae12d414a3e63b5d31e276f8fe4a8d66b317f9ac683f44680a86ac35adfc3345befecb4bb188fd5776926c49a3095eb108fd1098baec70aaa66999a72a82f27d848b21d4a741b0c5cd4d5fff9dac89aeba122961d03a757123e9870f8acf1000020887891429ca2a3e7a7d7df7b10355165c8b9a6d0a7de8b062c4500dc4cd120c0f7418dae3d0b5781c34803fa75421c790dfe1de1834f280d7667b327f6c8cd7557e12ac3a0f93ec05c52e0493ef31a12d3d9260f79a289d6a379bc70c50841473d1a8cc81ec583e9645e07b8d9670655ba5bbcfecc6dc3966380ad8fecb17b6ba02469a020a84e18e8f84252070c13e9f1f289be54fbc481457778f616015e1327a02b140f1505eb309326d68378f8374595c849d84f4c333ec4423885143cb47bd71c5edae9be69a2ffeceb1bec9de244fbe15992b11b77c040f12bd8f6a975a44a0f90c29a9abc3d4d893927284c58754cce294529f8614dcd2aba991925fedc4ae74ffac6e333b93eb4aff0479da9a410e4450e0dd7ae4c6e2910900575da401fc07059f645e8b7e9bfdef33943054ff84011493c27b3429eaedb4ed5376441a77ed43851ad77f16f541dfd269d50d6a5f14fb0aab1cbb4c1550be97f7ab4066193c4caa773dad38014bd2092fa755c824bb5e54c4f36ffda9fcea70b9c6e693e148c151" AES-256-XTS Encrypt IEEE P1619/D16 Vector 11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffff0000000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"77a31251618a15e6b92d1d66dffe7b50b50bad552305ba0217a610688eff7e11e1d0225438e093242d6db274fde801d4cae06f2092c728b2478559df58e837c2469ee4a4fa794e4bbc7f39bc026e3cb72c33b0888f25b4acf56a2a9804f1ce6d3d6e1dc6ca181d4b546179d55544aa7760c40d06741539c7e3cd9d2f6650b2013fd0eeb8c2b8e3d8d240ccae2d4c98320a7442e1c8d75a42d6e6cfa4c2eca1798d158c7aecdf82490f24bb9b38e108bcda12c3faf9a21141c3613b58367f922aaa26cd22f23d708dae699ad7cb40a8ad0b6e2784973dcb605684c08b8d6998c69aac049921871ebb65301a4619ca80ecb485a31d744223ce8ddc2394828d6a80470c092f5ba413c3378fa6054255c6f9df4495862bbb3287681f931b687c888abf844dfc8fc28331e579928cd12bd2390ae123cf03818d14dedde5c0c24c8ab018bfca75ca096f2d531f3d1619e785f1ada437cab92e980558b3dce1474afb75bfedbf8ff54cb2618e0244c9ac0d3c66fb51598cd2db11f9be39791abe447c63094f7c453b7ff87cb5bb36b7c79efb0872d17058b83b15ab0866ad8a58656c5a7e20dbdf308b2461d97c0ec0024a2715055249cf3b478ddd4740de654f75ca686e0d7345c69ed50cdc2a8b332b1f8824108ac937eb050585608ee734097fc09054fbff89eeaeea791f4a7ab1f9868294a4f9e27b42af8100cb9d59cef9645803" AES-256-XTS Encrypt IEEE P1619/D16 Vector 12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffffff00000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"e387aaa58ba483afa7e8eb469778317ecf4cf573aa9d4eac23f2cdf914e4e200a8b490e42ee646802dc6ee2b471b278195d60918ececb44bf79966f83faba0499298ebc699c0c8634715a320bb4f075d622e74c8c932004f25b41e361025b5a87815391f6108fc4afa6a05d9303c6ba68a128a55705d415985832fdeaae6c8e19110e84d1b1f199a2692119edc96132658f09da7c623efcec712537a3d94c0bf5d7e352ec94ae5797fdb377dc1551150721adf15bd26a8efc2fcaad56881fa9e62462c28f30ae1ceaca93c345cf243b73f542e2074a705bd2643bb9f7cc79bb6e7091ea6e232df0f9ad0d6cf502327876d82207abf2115cdacf6d5a48f6c1879a65b115f0f8b3cb3c59d15dd8c769bc014795a1837f3901b5845eb491adfefe097b1fa30a12fc1f65ba22905031539971a10f2f36c321bb51331cdefb39e3964c7ef079994f5b69b2edd83a71ef549971ee93f44eac3938fcdd61d01fa71799da3a8091c4c48aa9ed263ff0749df95d44fef6a0bb578ec69456aa5408ae32c7af08ad7ba8921287e3bbee31b767be06a0e705c864a769137df28292283ea81a2480241b44d9921cdbec1bc28dc1fda114bd8e5217ac9d8ebafa720e9da4f9ace231cc949e5b96fe76ffc21063fddc83a6b8679c00d35e09576a875305bed5f36ed242c8900dd1fa965bc950dfce09b132263a1eef52dd6888c309f5a7d712826" AES-256-XTS Encrypt IEEE P1619/D16 Vector 13 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffffffff000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"bf53d2dade78e822a4d949a9bc6766b01b06a8ef70d26748c6a7fc36d80ae4c5520f7c4ab0ac8544424fa405162fef5a6b7f229498063618d39f0003cb5fb8d1c86b643497da1ff945c8d3bedeca4f479702a7a735f043ddb1d6aaade3c4a0ac7ca7f3fa5279bef56f82cd7a2f38672e824814e10700300a055e1630b8f1cb0e919f5e942010a416e2bf48cb46993d3cb6a51c19bacf864785a00bc2ecff15d350875b246ed53e68be6f55bd7e05cfc2b2ed6432198a6444b6d8c247fab941f569768b5c429366f1d3f00f0345b96123d56204c01c63b22ce78baf116e525ed90fdea39fa469494d3866c31e05f295ff21fea8d4e6e13d67e47ce722e9698a1c1048d68ebcde76b86fcf976eab8aa9790268b7068e017a8b9b749409514f1053027fd16c3786ea1bac5f15cb79711ee2abe82f5cf8b13ae73030ef5b9e4457e75d1304f988d62dd6fc4b94ed38ba831da4b7634971b6cd8ec325d9c61c00f1df73627ed3745a5e8489f3a95c69639c32cd6e1d537a85f75cc844726e8a72fc0077ad22000f1d5078f6b866318c668f1ad03d5a5fced5219f2eabbd0aa5c0f460d183f04404a0d6f469558e81fab24a167905ab4c7878502ad3e38fdbe62a41556cec37325759533ce8f25f367c87bb5578d667ae93f9e2fd99bcbc5f2fbba88cf6516139420fcff3b7361d86322c4bd84c82f335abb152c4a93411373aaa8220" AES-256-XTS Encrypt IEEE P1619/D16 Vector 14 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_encrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffffffffff0000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"64497e5a831e4a932c09be3e5393376daa599548b816031d224bbf50a818ed2350eae7e96087c8a0db51ad290bd00c1ac1620857635bf246c176ab463be30b808da548081ac847b158e1264be25bb0910bbc92647108089415d45fab1b3d2604e8a8eff1ae4020cfa39936b66827b23f371b92200be90251e6d73c5f86de5fd4a950781933d79a28272b782a2ec313efdfcc0628f43d744c2dc2ff3dcb66999b50c7ca895b0c64791eeaa5f29499fb1c026f84ce5b5c72ba1083cddb5ce45434631665c333b60b11593fb253c5179a2c8db813782a004856a1653011e93fb6d876c18366dd8683f53412c0c180f9c848592d593f8609ca736317d356e13e2bff3a9f59cd9aeb19cd482593d8c46128bb32423b37a9adfb482b99453fbe25a41bf6feb4aa0bef5ed24bf73c762978025482c13115e4015aac992e5613a3b5c2f685b84795cb6e9b2656d8c88157e52c42f978d8634c43d06fea928f2822e465aa6576e9bf419384506cc3ce3c54ac1a6f67dc66f3b30191e698380bc999b05abce19dc0c6dcc2dd001ec535ba18deb2df1a101023108318c75dc98611a09dc48a0acdec676fabdf222f07e026f059b672b56e5cbc8e1d21bbd867dd927212054681d70ea737134cdfce93b6f82ae22423274e58a0821cc5502e2d0ab4585e94de6975be5e0b4efce51cd3e70c25a1fbbbd609d273ad5b0d59631c531f6a0a57b9" # @@ -128,18 +134,23 @@ AES-128-XTS Decrypt IEEE P1619/D16 Vector 9 aes_decrypt_xts:"2718281828459045235360287471352631415926535897932384626433832795":"ff000000000000000000000000000000":"72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a":"3260ae8dad1f4a32c5cafe3ab0eb95549d461a67ceb9e5aa2d3afb62dece0553193ba50c75be251e08d1d08f1088576c7efdfaaf3f459559571e12511753b07af073f35da06af0ce0bbf6b8f5ccc5cea500ec1b211bd51f63b606bf6528796ca12173ba39b8935ee44ccce646f90a45bf9ccc567f0ace13dc2d53ebeedc81f58b2e41179dddf0d5a5c42f5d8506c1a5d2f8f59f3ea873cbcd0eec19acbf325423bd3dcb8c2b1bf1d1eaed0eba7f0698e4314fbeb2f1566d1b9253008cbccf45a2b0d9c5c9c21474f4076e02be26050b99dee4fd68a4cf890e496e4fcae7b70f94ea5a9062da0daeba1993d2ccd1dd3c244b8428801495a58b216547e7e847c46d1d756377b6242d2e5fb83bf752b54e0df71e889f3a2bb0f4c10805bf3c590376e3c24e22ff57f7fa965577375325cea5d920db94b9c336b455f6e894c01866fe9fbb8c8d3f70a2957285f6dfb5dcd8cbf54782f8fe7766d4723819913ac773421e3a31095866bad22c86a6036b2518b2059b4229d18c8c2ccbdf906c6cc6e82464ee57bddb0bebcb1dc645325bfb3e665ef7251082c88ebb1cf203bd779fdd38675713c8daadd17e1cabee432b09787b6ddf3304e38b731b45df5df51b78fcfb3d32466028d0ba36555e7e11ab0ee0666061d1645d962444bc47a38188930a84b4d561395c73c087021927ca638b7afc8a8679ccb84c26555440ec7f10445cd" AES-256-XTS Decrypt IEEE P1619/D16 Vector 10 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ff000000000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"1c3b3a102f770386e4836c99e370cf9bea00803f5e482357a4ae12d414a3e63b5d31e276f8fe4a8d66b317f9ac683f44680a86ac35adfc3345befecb4bb188fd5776926c49a3095eb108fd1098baec70aaa66999a72a82f27d848b21d4a741b0c5cd4d5fff9dac89aeba122961d03a757123e9870f8acf1000020887891429ca2a3e7a7d7df7b10355165c8b9a6d0a7de8b062c4500dc4cd120c0f7418dae3d0b5781c34803fa75421c790dfe1de1834f280d7667b327f6c8cd7557e12ac3a0f93ec05c52e0493ef31a12d3d9260f79a289d6a379bc70c50841473d1a8cc81ec583e9645e07b8d9670655ba5bbcfecc6dc3966380ad8fecb17b6ba02469a020a84e18e8f84252070c13e9f1f289be54fbc481457778f616015e1327a02b140f1505eb309326d68378f8374595c849d84f4c333ec4423885143cb47bd71c5edae9be69a2ffeceb1bec9de244fbe15992b11b77c040f12bd8f6a975a44a0f90c29a9abc3d4d893927284c58754cce294529f8614dcd2aba991925fedc4ae74ffac6e333b93eb4aff0479da9a410e4450e0dd7ae4c6e2910900575da401fc07059f645e8b7e9bfdef33943054ff84011493c27b3429eaedb4ed5376441a77ed43851ad77f16f541dfd269d50d6a5f14fb0aab1cbb4c1550be97f7ab4066193c4caa773dad38014bd2092fa755c824bb5e54c4f36ffda9fcea70b9c6e693e148c151" AES-256-XTS Decrypt IEEE P1619/D16 Vector 11 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffff0000000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"77a31251618a15e6b92d1d66dffe7b50b50bad552305ba0217a610688eff7e11e1d0225438e093242d6db274fde801d4cae06f2092c728b2478559df58e837c2469ee4a4fa794e4bbc7f39bc026e3cb72c33b0888f25b4acf56a2a9804f1ce6d3d6e1dc6ca181d4b546179d55544aa7760c40d06741539c7e3cd9d2f6650b2013fd0eeb8c2b8e3d8d240ccae2d4c98320a7442e1c8d75a42d6e6cfa4c2eca1798d158c7aecdf82490f24bb9b38e108bcda12c3faf9a21141c3613b58367f922aaa26cd22f23d708dae699ad7cb40a8ad0b6e2784973dcb605684c08b8d6998c69aac049921871ebb65301a4619ca80ecb485a31d744223ce8ddc2394828d6a80470c092f5ba413c3378fa6054255c6f9df4495862bbb3287681f931b687c888abf844dfc8fc28331e579928cd12bd2390ae123cf03818d14dedde5c0c24c8ab018bfca75ca096f2d531f3d1619e785f1ada437cab92e980558b3dce1474afb75bfedbf8ff54cb2618e0244c9ac0d3c66fb51598cd2db11f9be39791abe447c63094f7c453b7ff87cb5bb36b7c79efb0872d17058b83b15ab0866ad8a58656c5a7e20dbdf308b2461d97c0ec0024a2715055249cf3b478ddd4740de654f75ca686e0d7345c69ed50cdc2a8b332b1f8824108ac937eb050585608ee734097fc09054fbff89eeaeea791f4a7ab1f9868294a4f9e27b42af8100cb9d59cef9645803" AES-256-XTS Decrypt IEEE P1619/D16 Vector 12 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffffff00000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"e387aaa58ba483afa7e8eb469778317ecf4cf573aa9d4eac23f2cdf914e4e200a8b490e42ee646802dc6ee2b471b278195d60918ececb44bf79966f83faba0499298ebc699c0c8634715a320bb4f075d622e74c8c932004f25b41e361025b5a87815391f6108fc4afa6a05d9303c6ba68a128a55705d415985832fdeaae6c8e19110e84d1b1f199a2692119edc96132658f09da7c623efcec712537a3d94c0bf5d7e352ec94ae5797fdb377dc1551150721adf15bd26a8efc2fcaad56881fa9e62462c28f30ae1ceaca93c345cf243b73f542e2074a705bd2643bb9f7cc79bb6e7091ea6e232df0f9ad0d6cf502327876d82207abf2115cdacf6d5a48f6c1879a65b115f0f8b3cb3c59d15dd8c769bc014795a1837f3901b5845eb491adfefe097b1fa30a12fc1f65ba22905031539971a10f2f36c321bb51331cdefb39e3964c7ef079994f5b69b2edd83a71ef549971ee93f44eac3938fcdd61d01fa71799da3a8091c4c48aa9ed263ff0749df95d44fef6a0bb578ec69456aa5408ae32c7af08ad7ba8921287e3bbee31b767be06a0e705c864a769137df28292283ea81a2480241b44d9921cdbec1bc28dc1fda114bd8e5217ac9d8ebafa720e9da4f9ace231cc949e5b96fe76ffc21063fddc83a6b8679c00d35e09576a875305bed5f36ed242c8900dd1fa965bc950dfce09b132263a1eef52dd6888c309f5a7d712826" AES-256-XTS Decrypt IEEE P1619/D16 Vector 13 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffffffff000000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"bf53d2dade78e822a4d949a9bc6766b01b06a8ef70d26748c6a7fc36d80ae4c5520f7c4ab0ac8544424fa405162fef5a6b7f229498063618d39f0003cb5fb8d1c86b643497da1ff945c8d3bedeca4f479702a7a735f043ddb1d6aaade3c4a0ac7ca7f3fa5279bef56f82cd7a2f38672e824814e10700300a055e1630b8f1cb0e919f5e942010a416e2bf48cb46993d3cb6a51c19bacf864785a00bc2ecff15d350875b246ed53e68be6f55bd7e05cfc2b2ed6432198a6444b6d8c247fab941f569768b5c429366f1d3f00f0345b96123d56204c01c63b22ce78baf116e525ed90fdea39fa469494d3866c31e05f295ff21fea8d4e6e13d67e47ce722e9698a1c1048d68ebcde76b86fcf976eab8aa9790268b7068e017a8b9b749409514f1053027fd16c3786ea1bac5f15cb79711ee2abe82f5cf8b13ae73030ef5b9e4457e75d1304f988d62dd6fc4b94ed38ba831da4b7634971b6cd8ec325d9c61c00f1df73627ed3745a5e8489f3a95c69639c32cd6e1d537a85f75cc844726e8a72fc0077ad22000f1d5078f6b866318c668f1ad03d5a5fced5219f2eabbd0aa5c0f460d183f04404a0d6f469558e81fab24a167905ab4c7878502ad3e38fdbe62a41556cec37325759533ce8f25f367c87bb5578d667ae93f9e2fd99bcbc5f2fbba88cf6516139420fcff3b7361d86322c4bd84c82f335abb152c4a93411373aaa8220" AES-256-XTS Decrypt IEEE P1619/D16 Vector 14 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_decrypt_xts:"27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592":"ffffffffff0000000000000000000000":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"64497e5a831e4a932c09be3e5393376daa599548b816031d224bbf50a818ed2350eae7e96087c8a0db51ad290bd00c1ac1620857635bf246c176ab463be30b808da548081ac847b158e1264be25bb0910bbc92647108089415d45fab1b3d2604e8a8eff1ae4020cfa39936b66827b23f371b92200be90251e6d73c5f86de5fd4a950781933d79a28272b782a2ec313efdfcc0628f43d744c2dc2ff3dcb66999b50c7ca895b0c64791eeaa5f29499fb1c026f84ce5b5c72ba1083cddb5ce45434631665c333b60b11593fb253c5179a2c8db813782a004856a1653011e93fb6d876c18366dd8683f53412c0c180f9c848592d593f8609ca736317d356e13e2bff3a9f59cd9aeb19cd482593d8c46128bb32423b37a9adfb482b99453fbe25a41bf6feb4aa0bef5ed24bf73c762978025482c13115e4015aac992e5613a3b5c2f685b84795cb6e9b2656d8c88157e52c42f978d8634c43d06fea928f2822e465aa6576e9bf419384506cc3ce3c54ac1a6f67dc66f3b30191e698380bc999b05abce19dc0c6dcc2dd001ec535ba18deb2df1a101023108318c75dc98611a09dc48a0acdec676fabdf222f07e026f059b672b56e5cbc8e1d21bbd867dd927212054681d70ea737134cdfce93b6f82ae22423274e58a0821cc5502e2d0ab4585e94de6975be5e0b4efce51cd3e70c25a1fbbbd609d273ad5b0d59631c531f6a0a57b9" AES-128-XTS Decrypt IEEE P1619/D16 Vector 15 diff --git a/tests/suites/test_suite_alignment.function b/tests/suites/test_suite_alignment.function index 6c98f233a..842101fc9 100644 --- a/tests/suites/test_suite_alignment.function +++ b/tests/suites/test_suite_alignment.function @@ -1,30 +1,26 @@ /* BEGIN_HEADER */ -#include "../library/alignment.h" +#include #include #if defined(__clang__) #pragma clang diagnostic ignored "-Wunreachable-code" #endif -#include /* * Convert a string of the form "abcd" (case-insensitive) to a uint64_t. */ int parse_hex_string(char *hex_string, uint64_t *result) { - uint8_t raw[8]; + uint8_t raw[8] = { 0 }; size_t olen; if (mbedtls_test_unhexify(raw, sizeof(raw), hex_string, &olen) != 0) { return 0; } + *result = 0; for (size_t i = 0; i < olen; i++) { - if (MBEDTLS_IS_BIG_ENDIAN) { - *result |= ((uint64_t) raw[i]) << (i * 8); - } else { - *result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8); - } + *result |= ((uint64_t) raw[i]) << ((olen - i - 1) * 8); } return 1; } @@ -58,44 +54,29 @@ void mbedtls_unaligned_access(int size, int offset) break; } - /* Generate expected result */ + /* Define expected result by manually aligning the raw bytes, and + * reading back with a normal pointer access. */ + uint64_t raw_aligned_64; + uint16_t *raw_aligned_16 = (uint16_t *) &raw_aligned_64; + uint32_t *raw_aligned_32 = (uint32_t *) &raw_aligned_64; + memcpy(&raw_aligned_64, ((uint8_t *) &raw) + offset, size / 8); + /* Make a 16/32/64 byte read from the aligned location, and copy to expected */ uint64_t expected = 0; - for (uint8_t i = 0; i < 8; i++) { - uint8_t shift; - if (MBEDTLS_IS_BIG_ENDIAN) { - /* - * Similar to little-endian case described below, but the shift needs - * to be inverted - */ - shift = 7 - (i * 8); - } else { - /* example for offset == 1: - * expected = (( 1 + 0 ) << (0 * 8)) | (( 1 + 1 ) << (1 * 8)) | (( 1 + 2 ) << (2 * 8))) - * = (1 << 0) | (2 << 8) | (3 << 16) ... - * = 0x0807060504030201 - * x = { 0, 1, 2, 3, ... } - * ie expected is the value that would be read from x on a LE system, when - * byte swapping is not performed - */ - shift = i * 8; - } - uint64_t b = offset + i; - expected |= b << shift; - } - - /* Mask out excess bits from expected result */ switch (size) { case 16: - expected &= 0xffff; + expected = *raw_aligned_16; break; case 32: - expected &= 0xffffffff; + expected = *raw_aligned_32; + break; + case 64: + expected = raw_aligned_64; break; } TEST_EQUAL(r, expected); - /* Write sentinel to the part of the array we will testing writing to */ + /* Write sentinel to the part of the array we will test writing to */ for (size_t i = 0; i < (size_t) (size / 8); i++) { x[i + offset] = 0xff; } @@ -123,7 +104,7 @@ void mbedtls_unaligned_access(int size, int offset) /* BEGIN_CASE */ void mbedtls_byteswap(char *input_str, int size, char *expected_str) { - uint64_t input, expected; + uint64_t input = 0, expected = 0; TEST_ASSERT(parse_hex_string(input_str, &input)); TEST_ASSERT(parse_hex_string(expected_str, &expected)); @@ -140,7 +121,7 @@ void mbedtls_byteswap(char *input_str, int size, char *expected_str) r = MBEDTLS_BSWAP64(input); break; default: - TEST_ASSERT(!"size must be 16, 32 or 64"); + TEST_FAIL("size must be 16, 32 or 64"); } TEST_EQUAL(r, expected); @@ -316,7 +297,7 @@ void unaligned_access_endian_aware(int size, int offset, int big_endian) /* Verify read */ TEST_EQUAL(read, expected); - /* Test writing back to memory. First write sentiel */ + /* Test writing back to memory. First write sentinel */ for (size_t i = 0; i < (size_t) (size / 8); i++) { x[i + offset] = 0xff; } diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index 9e4db2cb6..579dddf3b 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -77,8 +77,8 @@ void aria_encrypt_ecb(data_t *key_str, data_t *src_str, output + i) == 0); } - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: @@ -105,8 +105,8 @@ void aria_decrypt_ecb(data_t *key_str, data_t *src_str, output + i) == 0); } - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: @@ -130,8 +130,8 @@ void aria_encrypt_cbc(data_t *key_str, data_t *iv_str, src_str->len, iv_str->x, src_str->x, output) == cbc_result); if (cbc_result == 0) { - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: @@ -155,8 +155,8 @@ void aria_decrypt_cbc(data_t *key_str, data_t *iv_str, src_str->len, iv_str->x, src_str->x, output) == cbc_result); if (cbc_result == 0) { - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); } exit: @@ -182,8 +182,8 @@ void aria_encrypt_cfb128(data_t *key_str, data_t *iv_str, iv_str->x, src_str->x, output) == result); - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: mbedtls_aria_free(&ctx); @@ -208,8 +208,8 @@ void aria_decrypt_cfb128(data_t *key_str, data_t *iv_str, iv_str->x, src_str->x, output) == result); - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: mbedtls_aria_free(&ctx); @@ -234,8 +234,8 @@ void aria_encrypt_ctr(data_t *key_str, data_t *iv_str, iv_str->x, blk, src_str->x, output) == result); - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: mbedtls_aria_free(&ctx); @@ -260,8 +260,8 @@ void aria_decrypt_ctr(data_t *key_str, data_t *iv_str, iv_str->x, blk, src_str->x, output) == result); - ASSERT_COMPARE(output, expected_output->len, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, expected_output->len, + expected_output->x, expected_output->len); exit: mbedtls_aria_free(&ctx); diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function index e1a26b732..01a091b06 100644 --- a/tests/suites/test_suite_asn1parse.function +++ b/tests/suites/test_suite_asn1parse.function @@ -135,11 +135,11 @@ int get_len_step(const data_t *input, size_t buffer_size, /* Allocate a new buffer of exactly the length to parse each time. * This gives memory sanitizers a chance to catch buffer overreads. */ if (buffer_size == 0) { - ASSERT_ALLOC(buf, 1); + TEST_CALLOC(buf, 1); end = buf + 1; p = end; } else { - ASSERT_ALLOC_WEAK(buf, buffer_size); + TEST_CALLOC_OR_SKIP(buf, buffer_size); if (buffer_size > input->len) { memcpy(buf, input->x, input->len); memset(buf + input->len, 'A', buffer_size - input->len); @@ -247,7 +247,7 @@ void parse_prefixes(const data_t *input, mbedtls_test_set_step(buffer_size); /* Allocate a new buffer of exactly the length to parse each time. * This gives memory sanitizers a chance to catch buffer overreads. */ - ASSERT_ALLOC(buf, buffer_size); + TEST_CALLOC(buf, buffer_size); memcpy(buf, input->x, buffer_size); p = buf; ret = nested_parse(&p, buf + buffer_size); @@ -506,7 +506,7 @@ void get_mpi_too_large() mbedtls_mpi_init(&actual_mpi); - ASSERT_ALLOC(buf, size); + TEST_CALLOC(buf, size); buf[0] = 0x02; /* tag: INTEGER */ buf[1] = 0x84; /* 4-octet length */ buf[2] = (too_many_octets >> 24) & 0xff; @@ -729,10 +729,10 @@ void free_named_data(int with_oid, int with_val, int with_next) { { 0x06, 0, NULL }, { 0, 0, NULL }, NULL, 0 }; if (with_oid) { - ASSERT_ALLOC(head.oid.p, 1); + TEST_CALLOC(head.oid.p, 1); } if (with_val) { - ASSERT_ALLOC(head.val.p, 1); + TEST_CALLOC(head.val.p, 1); } if (with_next) { head.next = &next; @@ -758,7 +758,7 @@ void free_named_data_list(int length) for (i = 0; i < length; i++) { mbedtls_asn1_named_data *new = NULL; - ASSERT_ALLOC(new, 1); + TEST_CALLOC(new, 1); new->next = head; head = new; } diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function index ce0d0f388..469b971c7 100644 --- a/tests/suites/test_suite_asn1write.function +++ b/tests/suites/test_suite_asn1write.function @@ -17,7 +17,7 @@ int generic_write_start_step(generic_write_data_t *data) mbedtls_test_set_step(data->size); mbedtls_free(data->output); data->output = NULL; - ASSERT_ALLOC(data->output, data->size == 0 ? 1 : data->size); + TEST_CALLOC(data->output, data->size == 0 ? 1 : data->size); data->end = data->output + data->size; data->p = data->end; data->start = data->end - data->size; @@ -37,8 +37,8 @@ int generic_write_finish_step(generic_write_data_t *data, TEST_EQUAL(ret, data->end - data->p); TEST_ASSERT(data->p >= data->start); TEST_ASSERT(data->p <= data->end); - ASSERT_COMPARE(data->p, (size_t) (data->end - data->p), - expected->x, expected->len); + TEST_MEMORY_COMPARE(data->p, (size_t) (data->end - data->p), + expected->x, expected->len); } ok = 1; @@ -296,7 +296,7 @@ void mbedtls_asn1_write_algorithm_identifier(data_t *oid, size_t len_complete = data_len + par_len; unsigned char expected_params_tag; size_t expected_params_len; - ASSERT_ALLOC(buf_complete, len_complete); + TEST_CALLOC(buf_complete, len_complete); unsigned char *end_complete = buf_complete + len_complete; memcpy(buf_complete, data.p, data_len); if (par_len == 0) { @@ -316,13 +316,13 @@ void mbedtls_asn1_write_algorithm_identifier(data_t *oid, buf_complete[data_len + 2] = (unsigned char) (expected_params_len >> 8); buf_complete[data_len + 3] = (unsigned char) (expected_params_len); } else { - TEST_ASSERT(!"Bad test data: invalid length of ASN.1 element"); + TEST_FAIL("Bad test data: invalid length of ASN.1 element"); } unsigned char *p = buf_complete; TEST_EQUAL(mbedtls_asn1_get_alg(&p, end_complete, &alg, ¶ms), 0); TEST_EQUAL(alg.tag, MBEDTLS_ASN1_OID); - ASSERT_COMPARE(alg.p, alg.len, oid->x, oid->len); + TEST_MEMORY_COMPARE(alg.p, alg.len, oid->x, oid->len); TEST_EQUAL(params.tag, expected_params_tag); TEST_EQUAL(params.len, expected_params_len); mbedtls_free(buf_complete); @@ -404,7 +404,7 @@ void test_asn1_write_bitstrings(data_t *bitstring, int bits, TEST_ASSERT(bitstring->len >= byte_length); #if defined(MBEDTLS_ASN1_PARSE_C) - ASSERT_ALLOC(masked_bitstring, byte_length); + TEST_CALLOC(masked_bitstring, byte_length); if (byte_length != 0) { memcpy(masked_bitstring, bitstring->x, byte_length); if (bits % 8 != 0) { @@ -440,8 +440,8 @@ void test_asn1_write_bitstrings(data_t *bitstring, int bits, mbedtls_asn1_bitstring read = { 0, 0, NULL }; TEST_EQUAL(mbedtls_asn1_get_bitstring(&data.p, data.end, &read), 0); - ASSERT_COMPARE(read.p, read.len, - masked_bitstring, byte_length); + TEST_MEMORY_COMPARE(read.p, read.len, + masked_bitstring, byte_length); TEST_EQUAL(read.unused_bits, 8 * byte_length - value_bits); } #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -477,7 +477,7 @@ void store_named_data_find(data_t *oid0, data_t *oid1, } pointers[ARRAY_LENGTH(nd)] = NULL; for (i = 0; i < ARRAY_LENGTH(nd); i++) { - ASSERT_ALLOC(nd[i].oid.p, oid[i]->len); + TEST_CALLOC(nd[i].oid.p, oid[i]->len); memcpy(nd[i].oid.p, oid[i]->x, oid[i]->len); nd[i].oid.len = oid[i]->len; nd[i].next = pointers[i+1]; @@ -529,7 +529,7 @@ void store_named_data_val_found(int old_len, int new_len) unsigned char *new_val = (unsigned char *) "new value"; if (old_len != 0) { - ASSERT_ALLOC(nd.val.p, (size_t) old_len); + TEST_CALLOC(nd.val.p, (size_t) old_len); old_val = nd.val.p; nd.val.len = old_len; memset(old_val, 'x', old_len); @@ -545,8 +545,8 @@ void store_named_data_val_found(int old_len, int new_len) TEST_ASSERT(found == head); if (new_val != NULL) { - ASSERT_COMPARE(found->val.p, found->val.len, - new_val, (size_t) new_len); + TEST_MEMORY_COMPARE(found->val.p, found->val.len, + new_val, (size_t) new_len); } if (new_len == 0) { TEST_ASSERT(found->val.p == NULL); @@ -580,15 +580,15 @@ void store_named_data_val_new(int new_len, int set_new_val) TEST_ASSERT(found != NULL); TEST_ASSERT(found == head); TEST_ASSERT(found->oid.p != oid); - ASSERT_COMPARE(found->oid.p, found->oid.len, oid, oid_len); + TEST_MEMORY_COMPARE(found->oid.p, found->oid.len, oid, oid_len); if (new_len == 0) { TEST_ASSERT(found->val.p == NULL); } else if (new_val == NULL) { TEST_ASSERT(found->val.p != NULL); } else { TEST_ASSERT(found->val.p != new_val); - ASSERT_COMPARE(found->val.p, found->val.len, - new_val, (size_t) new_len); + TEST_MEMORY_COMPARE(found->val.p, found->val.len, + new_val, (size_t) new_len); } exit: diff --git a/tests/suites/test_suite_base64.data b/tests/suites/test_suite_base64.data index 555666807..3999e73bf 100644 --- a/tests/suites/test_suite_base64.data +++ b/tests/suites/test_suite_base64.data @@ -1,27 +1,3 @@ -mask_of_range empty (1..0) -mask_of_range:1:0 - -mask_of_range empty (255..0) -mask_of_range:255:0 - -mask_of_range empty (42..7) -mask_of_range:42:7 - -mask_of_range 0..0 -mask_of_range:0:0 - -mask_of_range 42..42 -mask_of_range:42:42 - -mask_of_range 255..255 -mask_of_range:255:255 - -mask_of_range 0..255 -mask_of_range:0:255 - -mask_of_range 'A'..'Z' -mask_of_range:65:90 - enc_char (all digits) enc_chars: diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function index ce6bd42b7..e351ad8a2 100644 --- a/tests/suites/test_suite_base64.function +++ b/tests/suites/test_suite_base64.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/base64.h" +#include "base64_internal.h" #include "constant_time_internal.h" -#include "constant_time_invasive.h" #include #if defined(MBEDTLS_TEST_HOOKS) @@ -16,26 +16,6 @@ static const char base64_digits[] = * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ -void mask_of_range(int low_arg, int high_arg) -{ - unsigned char low = low_arg, high = high_arg; - unsigned c; - for (c = 0; c <= 0xff; c++) { - mbedtls_test_set_step(c); - TEST_CF_SECRET(&c, sizeof(c)); - unsigned char m = mbedtls_ct_uchar_mask_of_range(low, high, c); - TEST_CF_PUBLIC(&c, sizeof(c)); - TEST_CF_PUBLIC(&m, sizeof(m)); - if (low <= c && c <= high) { - TEST_EQUAL(m, 0xff); - } else { - TEST_EQUAL(m, 0); - } - } -} -/* END_CASE */ - /* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ void enc_chars() { diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function index cefbfc37f..c90f1bbbb 100644 --- a/tests/suites/test_suite_bignum.function +++ b/tests/suites/test_suite_bignum.function @@ -133,7 +133,7 @@ void mpi_read_write_string(int radix_X, char *input_X, int radix_A, TEST_ASSERT(sign_is_valid(&X)); TEST_ASSERT(mbedtls_mpi_write_string(&X, radix_A, str, output_size, &len) == result_write); if (result_write == 0) { - TEST_ASSERT(strcasecmp(str, input_A) == 0); + TEST_ASSERT(strcmp(str, input_A) == 0); TEST_ASSERT(str[len] == '!'); } } @@ -438,7 +438,7 @@ void mpi_lt_mpi_ct(int size_X, char *input_X, TEST_ASSERT(mbedtls_mpi_lt_mpi_ct(&X, &Y, &ret) == input_err); if (input_err == 0) { - TEST_ASSERT(ret == input_uret); + TEST_EQUAL(ret, input_uret); } exit: @@ -834,7 +834,7 @@ void mpi_mul_int(char *input_X, int input_Y, } else if (strcmp(result_comparison, "!=") == 0) { TEST_ASSERT(mbedtls_mpi_cmp_mpi(&Z, &A) != 0); } else { - TEST_ASSERT("unknown operator" == 0); + TEST_FAIL("unknown operator"); } exit: @@ -923,47 +923,16 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void mpi_mod_int(char *input_X, char *input_Y, - char *input_A, int mod_result) +void mpi_mod_int(char *input_X, mbedtls_mpi_sint y, + mbedtls_mpi_sint a, int mod_result) { mbedtls_mpi X; - mbedtls_mpi Y; - mbedtls_mpi A; int res; mbedtls_mpi_uint r; mbedtls_mpi_init(&X); - mbedtls_mpi_init(&Y); - mbedtls_mpi_init(&A); - /* We use MPIs to read Y and A since the test framework limits us to - * ints, so we can't have 64-bit values */ TEST_EQUAL(mbedtls_test_read_mpi(&X, input_X), 0); - TEST_EQUAL(mbedtls_test_read_mpi(&Y, input_Y), 0); - TEST_EQUAL(mbedtls_test_read_mpi(&A, input_A), 0); - - TEST_EQUAL(Y.n, 1); - TEST_EQUAL(A.n, 1); - - /* Convert the MPIs for Y and A to (signed) mbedtls_mpi_sints */ - - /* Since we're converting sign+magnitude to two's complement, we lose one - * bit of value in the output. This means there are some values we can't - * represent, e.g. (hex) -A0000000 on 32-bit systems. These are technically - * invalid test cases, so could be considered "won't happen", but they are - * easy to test for, and this helps guard against human error. */ - - mbedtls_mpi_sint y = (mbedtls_mpi_sint) Y.p[0]; - TEST_ASSERT(y >= 0); /* If y < 0 here, we can't make negative y */ - if (Y.s == -1) { - y = -y; - } - - mbedtls_mpi_sint a = (mbedtls_mpi_sint) A.p[0]; - TEST_ASSERT(a >= 0); /* Same goes for a */ - if (A.s == -1) { - a = -a; - } res = mbedtls_mpi_mod_int(&r, &X, y); TEST_EQUAL(res, mod_result); @@ -973,8 +942,6 @@ void mpi_mod_int(char *input_X, char *input_Y, exit: mbedtls_mpi_free(&X); - mbedtls_mpi_free(&Y); - mbedtls_mpi_free(&A); } /* END_CASE */ diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data index 5eda4c11a..9d068f146 100644 --- a/tests/suites/test_suite_bignum.misc.data +++ b/tests/suites/test_suite_bignum.misc.data @@ -56,10 +56,10 @@ Test mpi_read_write_string #5 (Illegal output radix) mpi_read_write_string:16:"-23":17:"-23":4:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Test mpi_read_write_string #6 (Output radix of 15) -mpi_read_write_string:10:"29":15:"1e":100:0:0 +mpi_read_write_string:10:"29":15:"1E":100:0:0 Test mpi_read_write_string #7 -mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0 +mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424":200:0:0 Test mpi_read_write_string #8 (Empty MPI hex -> hex) mpi_read_write_string:16:"":16:"":4:0:0 @@ -1229,45 +1229,45 @@ Test mbedtls_mpi_mod_mpi: -0 (null) % -42 mpi_mod_mpi:"-":"-2a":"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE Base test mbedtls_mpi_mod_int #1 -mpi_mod_int:"3e8":"d":"c":0 +mpi_mod_int:"3e8":0xd:0xc:0 Base test mbedtls_mpi_mod_int #2 (Divide by zero) -mpi_mod_int:"3e8":"0":"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO +mpi_mod_int:"3e8":0x0:0x0:MBEDTLS_ERR_MPI_DIVISION_BY_ZERO Base test mbedtls_mpi_mod_int #3 -mpi_mod_int:"-3e8":"d":"1":0 +mpi_mod_int:"-3e8":0xd:0x1:0 Base test mbedtls_mpi_mod_int #4 (Negative modulo) -mpi_mod_int:"3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE +mpi_mod_int:"3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE Base test mbedtls_mpi_mod_int #5 (Negative modulo) -mpi_mod_int:"-3e8":"-d":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE +mpi_mod_int:"-3e8":-0xd:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE Base test mbedtls_mpi_mod_int #6 (By 1) -mpi_mod_int:"3e8":"1":"0":0 +mpi_mod_int:"3e8":0x1:0x0:0 Base test mbedtls_mpi_mod_int #7 (By 2) -mpi_mod_int:"3e9":"2":"1":0 +mpi_mod_int:"3e9":0x2:0x1:0 Base test mbedtls_mpi_mod_int #8 (By 2) -mpi_mod_int:"3e8":"2":"0":0 +mpi_mod_int:"3e8":0x2:0x0:0 Test mbedtls_mpi_mod_int: 0 (null) % 1 -mpi_mod_int:"":"1":"0":0 +mpi_mod_int:"":0x1:0x0:0 Test mbedtls_mpi_mod_int: 0 (null) % 2 -mpi_mod_int:"":"2":"0":0 +mpi_mod_int:"":0x2:0x0:0 Test mbedtls_mpi_mod_int: 0 (null) % -1 -mpi_mod_int:"":"-1":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE +mpi_mod_int:"":-0x1:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE Test mbedtls_mpi_mod_int: 0 (null) % -2 -mpi_mod_int:"":"-2":"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE +mpi_mod_int:"":-0x2:0x0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE # CURRENTLY FAILS - SEE GITHUB ISSUE #6540 #Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810 #depends_on:MBEDTLS_HAVE_INT64 -#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0 +#mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA4847DCCA48:0x2EFE6F1A7D28035A:0 Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 5178236083361335880 -> 3386266129388798810 mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D28035A":0 @@ -1275,7 +1275,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA4847DCCA48":"2EFE6F1A7D280 # CURRENTLY FAILS - SEE GITHUB ISSUE #6540 #Test mbedtls_mpi_mod_int: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0 #depends_on:MBEDTLS_HAVE_INT64 -#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0 +#mpi_mod_int:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":0x47DCCA4847DCCA48:0x0:0 Test mbedtls_mpi_mod_mpi: 230772460340062999996714233870911201200 % 5178236083361335880 -> 0 mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0 @@ -1283,7 +1283,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDC2584FEF03A6DFB0":"47DCCA4847DCCA48":"0":0 # CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE Test mbedtls_mpi_mod_int: 230772460340063000000100500000300000010 % 1205652040 -> 3644370 depends_on:MBEDTLS_HAVE_INT64 -mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0 +mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980CEE30A":0x47DCCA48:0x379BD2:0 Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000300000010 % 1205652040 -> 3644370 mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0 @@ -1291,7 +1291,7 @@ mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980CEE30A":"47DCCA48":"379BD2":0 # CURRENTLY FAILS WHEN MPIS ARE 32-BIT (ISSUE #6450): WHEN FIXED, REMOVE "depends_on" LINE Test mbedtls_mpi_mod_int: 230772460340063000000100500000296355640 % 1205652040 -> 0 depends_on:MBEDTLS_HAVE_INT64 -mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0 +mpi_mod_int:"AD9D28BF6C4E98FDF156BF0980974738":0x47DCCA48:0x0:0 Test mbedtls_mpi_mod_mpi: 230772460340063000000100500000296355640 % 1205652040 -> 0 mpi_mod_mpi:"AD9D28BF6C4E98FDF156BF0980974738":"47DCCA48":"0":0 diff --git a/tests/suites/test_suite_bignum_core.function b/tests/suites/test_suite_bignum_core.function index 408eb0be4..db84d6238 100644 --- a/tests/suites/test_suite_bignum_core.function +++ b/tests/suites/test_suite_bignum_core.function @@ -34,45 +34,45 @@ static int mpi_core_verify_add(mbedtls_mpi_uint *A, /* A + B => correct result and carry */ TEST_EQUAL(carry, mbedtls_mpi_core_add(X, A, B, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* A + B; alias output and first operand => correct result and carry */ memcpy(X, A, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_add(X, X, B, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* A + B; alias output and second operand => correct result and carry */ memcpy(X, B, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_add(X, A, X, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); if (memcmp(A, B, bytes) == 0) { /* A == B, so test where A and B are aliased */ /* A + A => correct result and carry */ TEST_EQUAL(carry, mbedtls_mpi_core_add(X, A, A, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* A + A, output aliased to both operands => correct result and carry */ memcpy(X, A, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_add(X, X, X, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); } else { /* A != B, so test B + A */ /* B + A => correct result and carry */ TEST_EQUAL(carry, mbedtls_mpi_core_add(X, B, A, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* B + A; alias output and first operand => correct result and carry */ memcpy(X, B, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_add(X, X, A, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* B + A; alias output and second operand => correct result and carry */ memcpy(X, A, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_add(X, B, X, limbs)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); } ret = 1; @@ -111,11 +111,11 @@ static int mpi_core_verify_add_if(mbedtls_mpi_uint *A, /* cond = 0 => X unchanged, no carry */ memcpy(X, A, bytes); TEST_EQUAL(0, mbedtls_mpi_core_add_if(X, B, limbs, 0)); - ASSERT_COMPARE(X, bytes, A, bytes); + TEST_MEMORY_COMPARE(X, bytes, A, bytes); /* cond = 1 => correct result and carry */ TEST_EQUAL(carry, mbedtls_mpi_core_add_if(X, B, limbs, 1)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); if (memcmp(A, B, bytes) == 0) { /* A == B, so test where A and B are aliased */ @@ -123,22 +123,22 @@ static int mpi_core_verify_add_if(mbedtls_mpi_uint *A, /* cond = 0 => X unchanged, no carry */ memcpy(X, B, bytes); TEST_EQUAL(0, mbedtls_mpi_core_add_if(X, X, limbs, 0)); - ASSERT_COMPARE(X, bytes, B, bytes); + TEST_MEMORY_COMPARE(X, bytes, B, bytes); /* cond = 1 => correct result and carry */ TEST_EQUAL(carry, mbedtls_mpi_core_add_if(X, X, limbs, 1)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); } else { /* A != B, so test B + A */ /* cond = 0 => d unchanged, no carry */ memcpy(X, B, bytes); TEST_EQUAL(0, mbedtls_mpi_core_add_if(X, A, limbs, 0)); - ASSERT_COMPARE(X, bytes, B, bytes); + TEST_MEMORY_COMPARE(X, bytes, B, bytes); /* cond = 1 => correct result and carry */ TEST_EQUAL(carry, mbedtls_mpi_core_add_if(X, A, limbs, 1)); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); } ret = 1; @@ -309,6 +309,36 @@ exit: } /* END_CASE */ + +/* BEGIN_CASE */ +void mpi_core_clz(int leading_zeros, int trailing_zeros) +{ + if ((size_t) (leading_zeros + trailing_zeros) >= (sizeof(mbedtls_mpi_uint) * 8)) { + // can't fit required number of leading and trailing zeros - skip test + goto exit; + } + + // Construct a test input value where the count of leading zeros and + // trailing zeros is given in the test case, and we add ones to fill + // the gap. + mbedtls_mpi_uint x; + if ((leading_zeros + trailing_zeros) > 0) { + // some zero bits + uint32_t s = (sizeof(mbedtls_mpi_uint) * 8 - leading_zeros - trailing_zeros); + x = ((((mbedtls_mpi_uint) 1) << s) - 1) << trailing_zeros; + } else { + // all bits set + x = ~((mbedtls_mpi_uint) 0); + } + + size_t n = mbedtls_mpi_core_clz(x); + TEST_EQUAL(n, leading_zeros); +exit: + ; +} +/* END_CASE */ + + /* BEGIN_CASE */ void mpi_core_lt_ct(char *input_X, char *input_Y, int exp_ret) { @@ -328,7 +358,7 @@ void mpi_core_lt_ct(char *input_X, char *input_Y, int exp_ret) TEST_CF_SECRET(Y, X_limbs * sizeof(mbedtls_mpi_uint)); ret = mbedtls_mpi_core_lt_ct(X, Y, X_limbs); - TEST_EQUAL(ret, exp_ret); + TEST_EQUAL(!!ret, exp_ret); exit: mbedtls_free(X); @@ -354,25 +384,25 @@ void mpi_core_uint_le_mpi(char *input_A) TEST_CF_SECRET(A, A_limbs * sizeof(*A)); - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi(0, A, A_limbs), 1); - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi(A[0], A, A_limbs), 1); + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi(0, A, A_limbs), 1); + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi(A[0], A, A_limbs), 1); if (is_large) { - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi(A[0] + 1, - A, A_limbs), 1); - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1) >> 1, - A, A_limbs), 1); - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1), - A, A_limbs), 1); + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi(A[0] + 1, + A, A_limbs), 1); + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1) >> 1, + A, A_limbs), 1); + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1), + A, A_limbs), 1); } else { - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi(A[0] + 1, - A, A_limbs), + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi(A[0] + 1, + A, A_limbs), A[0] + 1 <= A[0]); - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1) >> 1, - A, A_limbs), + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1) >> 1, + A, A_limbs), (mbedtls_mpi_uint) (-1) >> 1 <= A[0]); - TEST_EQUAL(mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1), - A, A_limbs), + TEST_EQUAL(!!mbedtls_mpi_core_uint_le_mpi((mbedtls_mpi_uint) (-1), + A, A_limbs), (mbedtls_mpi_uint) (-1) <= A[0]); } @@ -417,7 +447,7 @@ void mpi_core_cond_assign(char *input_X, TEST_CF_SECRET(X, bytes); TEST_CF_SECRET(Y, bytes); - mbedtls_mpi_core_cond_assign(X, Y, copy_limbs, 1); + mbedtls_mpi_core_cond_assign(X, Y, copy_limbs, mbedtls_ct_bool(1)); TEST_CF_PUBLIC(X, bytes); TEST_CF_PUBLIC(Y, bytes); @@ -428,10 +458,10 @@ void mpi_core_cond_assign(char *input_X, TEST_CF_PUBLIC(X, bytes); TEST_CF_PUBLIC(Y, bytes); - ASSERT_COMPARE(X, copy_bytes, Y, copy_bytes); + TEST_MEMORY_COMPARE(X, copy_bytes, Y, copy_bytes); TEST_ASSERT(memcmp(X, Y, bytes) != 0); } else { - ASSERT_COMPARE(X, bytes, Y, bytes); + TEST_MEMORY_COMPARE(X, bytes, Y, bytes); } exit: @@ -463,10 +493,10 @@ void mpi_core_cond_swap(char *input_X, TEST_EQUAL(limbs_X, limbs_Y); TEST_ASSERT(copy_limbs <= limbs); - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); memcpy(X, tmp_X, bytes); - ASSERT_ALLOC(Y, limbs); + TEST_CALLOC(Y, limbs); memcpy(Y, tmp_Y, bytes); /* condition is false */ @@ -478,14 +508,14 @@ void mpi_core_cond_swap(char *input_X, TEST_CF_PUBLIC(X, bytes); TEST_CF_PUBLIC(Y, bytes); - ASSERT_COMPARE(X, bytes, tmp_X, bytes); - ASSERT_COMPARE(Y, bytes, tmp_Y, bytes); + TEST_MEMORY_COMPARE(X, bytes, tmp_X, bytes); + TEST_MEMORY_COMPARE(Y, bytes, tmp_Y, bytes); /* condition is true */ TEST_CF_SECRET(X, bytes); TEST_CF_SECRET(Y, bytes); - mbedtls_mpi_core_cond_swap(X, Y, copy_limbs, 1); + mbedtls_mpi_core_cond_swap(X, Y, copy_limbs, mbedtls_ct_bool(1)); TEST_CF_PUBLIC(X, bytes); TEST_CF_PUBLIC(Y, bytes); @@ -493,15 +523,15 @@ void mpi_core_cond_swap(char *input_X, /* Check if the given length is copied even it is smaller than the length of the given MPIs. */ if (copy_limbs < limbs) { - ASSERT_COMPARE(X, copy_bytes, tmp_Y, copy_bytes); - ASSERT_COMPARE(Y, copy_bytes, tmp_X, copy_bytes); + TEST_MEMORY_COMPARE(X, copy_bytes, tmp_Y, copy_bytes); + TEST_MEMORY_COMPARE(Y, copy_bytes, tmp_X, copy_bytes); TEST_ASSERT(memcmp(X, tmp_X, bytes) != 0); TEST_ASSERT(memcmp(X, tmp_Y, bytes) != 0); TEST_ASSERT(memcmp(Y, tmp_X, bytes) != 0); TEST_ASSERT(memcmp(Y, tmp_Y, bytes) != 0); } else { - ASSERT_COMPARE(X, bytes, tmp_Y, bytes); - ASSERT_COMPARE(Y, bytes, tmp_X, bytes); + TEST_MEMORY_COMPARE(X, bytes, tmp_Y, bytes); + TEST_MEMORY_COMPARE(Y, bytes, tmp_X, bytes); } exit: @@ -524,7 +554,27 @@ void mpi_core_shift_r(char *input, int count, char *result) TEST_EQUAL(limbs, n); mbedtls_mpi_core_shift_r(X, limbs, count); - ASSERT_COMPARE(X, limbs * ciL, Y, limbs * ciL); + TEST_MEMORY_COMPARE(X, limbs * ciL, Y, limbs * ciL); + +exit: + mbedtls_free(X); + mbedtls_free(Y); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mpi_core_shift_l(char *input, int count, char *result) +{ + mbedtls_mpi_uint *X = NULL; + mbedtls_mpi_uint *Y = NULL; + size_t limbs, n; + + TEST_EQUAL(0, mbedtls_test_read_mpi_core(&X, &limbs, input)); + TEST_EQUAL(0, mbedtls_test_read_mpi_core(&Y, &n, result)); + TEST_EQUAL(limbs, n); + + mbedtls_mpi_core_shift_l(X, limbs, count); + TEST_MEMORY_COMPARE(X, limbs * ciL, Y, limbs * ciL); exit: mbedtls_free(X); @@ -551,7 +601,7 @@ void mpi_core_add_and_add_if(char *input_A, char *input_B, TEST_EQUAL(A_limbs, S_limbs); size_t limbs = A_limbs; - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); TEST_ASSERT(mpi_core_verify_add(A, B, limbs, S, carry, X)); TEST_ASSERT(mpi_core_verify_add_if(A, B, limbs, S, carry, X)); @@ -596,15 +646,15 @@ void mpi_core_sub(char *input_A, char *input_B, /* Now let's get arrays of mbedtls_mpi_uints, rather than MPI structures */ - /* ASSERT_ALLOC() uses calloc() under the hood, so these do get zeroed */ - ASSERT_ALLOC(a, bytes); - ASSERT_ALLOC(b, bytes); - ASSERT_ALLOC(x, bytes); - ASSERT_ALLOC(r, bytes); + /* TEST_CALLOC() uses calloc() under the hood, so these do get zeroed */ + TEST_CALLOC(a, bytes); + TEST_CALLOC(b, bytes); + TEST_CALLOC(x, bytes); + TEST_CALLOC(r, bytes); /* Populate the arrays. As the mbedtls_mpi_uint[]s in mbedtls_mpis (and as * processed by mbedtls_mpi_core_sub()) are little endian, we can just - * copy what we have as long as MSBs are 0 (which they are from ASSERT_ALLOC()) + * copy what we have as long as MSBs are 0 (which they are from TEST_CALLOC()) */ memcpy(a, A.p, A.n * sizeof(mbedtls_mpi_uint)); memcpy(b, B.p, B.n * sizeof(mbedtls_mpi_uint)); @@ -614,7 +664,7 @@ void mpi_core_sub(char *input_A, char *input_B, TEST_EQUAL(carry, mbedtls_mpi_core_sub(r, a, b, limbs)); /* 1b) r = a - b => we should get the correct result */ - ASSERT_COMPARE(r, bytes, x, bytes); + TEST_MEMORY_COMPARE(r, bytes, x, bytes); /* 2 and 3 test "r may be aliased to a or b" */ /* 2a) r = a; r -= b => we should get the correct carry (use r to avoid clobbering a) */ @@ -622,20 +672,20 @@ void mpi_core_sub(char *input_A, char *input_B, TEST_EQUAL(carry, mbedtls_mpi_core_sub(r, r, b, limbs)); /* 2b) r -= b => we should get the correct result */ - ASSERT_COMPARE(r, bytes, x, bytes); + TEST_MEMORY_COMPARE(r, bytes, x, bytes); /* 3a) r = b; r = a - r => we should get the correct carry (use r to avoid clobbering b) */ memcpy(r, b, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_sub(r, a, r, limbs)); /* 3b) r = a - b => we should get the correct result */ - ASSERT_COMPARE(r, bytes, x, bytes); + TEST_MEMORY_COMPARE(r, bytes, x, bytes); /* 4 tests "r may be aliased to [...] both" */ if (A.n == B.n && memcmp(A.p, B.p, bytes) == 0) { memcpy(r, b, bytes); TEST_EQUAL(carry, mbedtls_mpi_core_sub(r, r, r, limbs)); - ASSERT_COMPARE(r, bytes, x, bytes); + TEST_MEMORY_COMPARE(r, bytes, x, bytes); } exit: @@ -709,13 +759,13 @@ void mpi_core_mla(char *input_A, char *input_B, char *input_S, /* Now let's get arrays of mbedtls_mpi_uints, rather than MPI structures */ - /* ASSERT_ALLOC() uses calloc() under the hood, so these do get zeroed */ - ASSERT_ALLOC(a, bytes); - ASSERT_ALLOC(x, bytes); + /* TEST_CALLOC() uses calloc() under the hood, so these do get zeroed */ + TEST_CALLOC(a, bytes); + TEST_CALLOC(x, bytes); /* Populate the arrays. As the mbedtls_mpi_uint[]s in mbedtls_mpis (and as * processed by mbedtls_mpi_core_mla()) are little endian, we can just - * copy what we have as long as MSBs are 0 (which they are from ASSERT_ALLOC()). + * copy what we have as long as MSBs are 0 (which they are from TEST_CALLOC()). */ memcpy(a, A.p, A.n * sizeof(mbedtls_mpi_uint)); memcpy(x, X->p, X->n * sizeof(mbedtls_mpi_uint)); @@ -724,13 +774,13 @@ void mpi_core_mla(char *input_A, char *input_B, char *input_S, TEST_EQUAL(mbedtls_mpi_core_mla(a, limbs, B.p, B.n, *S.p), *cy->p); /* 1b) A += B * s => we should get the correct result */ - ASSERT_COMPARE(a, bytes, x, bytes); + TEST_MEMORY_COMPARE(a, bytes, x, bytes); if (A.n == B.n && memcmp(A.p, B.p, bytes) == 0) { /* Check when A and B are aliased */ memcpy(a, A.p, A.n * sizeof(mbedtls_mpi_uint)); TEST_EQUAL(mbedtls_mpi_core_mla(a, limbs, a, limbs, *S.p), *cy->p); - ASSERT_COMPARE(a, bytes, x, bytes); + TEST_MEMORY_COMPARE(a, bytes, x, bytes); } exit: @@ -840,14 +890,14 @@ void mpi_core_montmul(int limbs_AN4, int limbs_B4, mbedtls_mpi_core_montmul(R.p, A.p, B.p, B.n, N.p, N.n, mm, T.p); size_t bytes = N.n * sizeof(mbedtls_mpi_uint); - ASSERT_COMPARE(R.p, bytes, X->p, bytes); + TEST_MEMORY_COMPARE(R.p, bytes, X->p, bytes); /* The output (R, above) may be aliased to A - use R to save the value of A */ memcpy(R.p, A.p, bytes); mbedtls_mpi_core_montmul(A.p, A.p, B.p, B.n, N.p, N.n, mm, T.p); - ASSERT_COMPARE(A.p, bytes, X->p, bytes); + TEST_MEMORY_COMPARE(A.p, bytes, X->p, bytes); memcpy(A.p, R.p, bytes); /* restore A */ @@ -856,7 +906,7 @@ void mpi_core_montmul(int limbs_AN4, int limbs_B4, memcpy(R.p, N.p, bytes); mbedtls_mpi_core_montmul(N.p, A.p, B.p, B.n, N.p, N.n, mm, T.p); - ASSERT_COMPARE(N.p, bytes, X->p, bytes); + TEST_MEMORY_COMPARE(N.p, bytes, X->p, bytes); memcpy(N.p, R.p, bytes); @@ -867,7 +917,7 @@ void mpi_core_montmul(int limbs_AN4, int limbs_B4, * don't bother with yet another test with only A and B aliased */ mbedtls_mpi_core_montmul(B.p, B.p, B.p, B.n, N.p, N.n, mm, T.p); - ASSERT_COMPARE(B.p, bytes, X->p, bytes); + TEST_MEMORY_COMPARE(B.p, bytes, X->p, bytes); memcpy(B.p, A.p, bytes); /* restore B from equal value A */ } @@ -875,7 +925,7 @@ void mpi_core_montmul(int limbs_AN4, int limbs_B4, /* The output may be aliased to B - last test, so we don't save B */ mbedtls_mpi_core_montmul(B.p, A.p, B.p, B.n, N.p, N.n, mm, T.p); - ASSERT_COMPARE(B.p, bytes, X->p, bytes); + TEST_MEMORY_COMPARE(B.p, bytes, X->p, bytes); } exit: @@ -967,8 +1017,8 @@ void mpi_core_ct_uint_table_lookup(int bitlen, int window_size) mbedtls_mpi_uint *table = NULL; mbedtls_mpi_uint *dest = NULL; - ASSERT_ALLOC(table, limbs * count); - ASSERT_ALLOC(dest, limbs); + TEST_CALLOC(table, limbs * count); + TEST_CALLOC(dest, limbs); /* * Fill the table with a unique counter so that differences are easily @@ -996,8 +1046,8 @@ void mpi_core_ct_uint_table_lookup(int bitlen, int window_size) TEST_CF_PUBLIC(dest, limbs * sizeof(*dest)); TEST_CF_PUBLIC(table, count * limbs * sizeof(*table)); - ASSERT_COMPARE(dest, limbs * sizeof(*dest), - current, limbs * sizeof(*current)); + TEST_MEMORY_COMPARE(dest, limbs * sizeof(*dest), + current, limbs * sizeof(*current)); TEST_CF_PUBLIC(&i, sizeof(i)); } @@ -1020,7 +1070,7 @@ void mpi_core_fill_random(int wanted_bytes_arg, int extra_rng_bytes, int ret; /* Prepare an RNG with known output, limited to rng_bytes. */ - ASSERT_ALLOC(rnd_data, rng_bytes); + TEST_CALLOC(rnd_data, rng_bytes); TEST_EQUAL(0, mbedtls_test_rnd_std_rand(NULL, rnd_data, rng_bytes)); rnd_info.buf = rnd_data; @@ -1028,7 +1078,7 @@ void mpi_core_fill_random(int wanted_bytes_arg, int extra_rng_bytes, * extra_limbs may be negative but the total limb count must be positive. * Fill the MPI with the byte value in before. */ TEST_LE_U(1, X_limbs); - ASSERT_ALLOC(X, X_limbs); + TEST_CALLOC(X, X_limbs); memset(X, before, X_limbs * sizeof(*X)); ret = mbedtls_mpi_core_fill_random(X, X_limbs, wanted_bytes, @@ -1057,7 +1107,71 @@ exit: } /* END_CASE */ -/* BEGIN MERGE SLOT 1 */ +/* BEGIN_CASE */ +void mpi_core_mul(char *input_A, + char *input_B, + char *result) +{ + mbedtls_mpi_uint *A = NULL; + mbedtls_mpi_uint *A_orig = NULL; + mbedtls_mpi_uint *B = NULL; + mbedtls_mpi_uint *B_orig = NULL; + mbedtls_mpi_uint *R = NULL; + mbedtls_mpi_uint *X = NULL; + size_t A_limbs, B_limbs, R_limbs; + + TEST_EQUAL(mbedtls_test_read_mpi_core(&A, &A_limbs, input_A), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&B, &B_limbs, input_B), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&R, &R_limbs, result), 0); + + TEST_EQUAL(R_limbs, A_limbs + B_limbs); + + const size_t X_limbs = A_limbs + B_limbs; + const size_t X_bytes = X_limbs * sizeof(mbedtls_mpi_uint); + TEST_CALLOC(X, X_limbs); + + const size_t A_bytes = A_limbs * sizeof(mbedtls_mpi_uint); + TEST_CALLOC(A_orig, A_limbs); + memcpy(A_orig, A, A_bytes); + + const size_t B_bytes = B_limbs * sizeof(mbedtls_mpi_uint); + TEST_CALLOC(B_orig, B_limbs); + memcpy(B_orig, B, B_bytes); + + /* Set result to something that is unlikely to be correct */ + memset(X, '!', X_bytes); + + /* 1. X = A * B - result should be correct, A and B unchanged */ + mbedtls_mpi_core_mul(X, A, A_limbs, B, B_limbs); + TEST_MEMORY_COMPARE(X, X_bytes, R, X_bytes); + TEST_MEMORY_COMPARE(A, A_bytes, A_orig, A_bytes); + TEST_MEMORY_COMPARE(B, B_bytes, B_orig, B_bytes); + + /* 2. A == B: alias A and B - result should be correct, A and B unchanged */ + if (A_bytes == B_bytes && memcmp(A, B, A_bytes) == 0) { + memset(X, '!', X_bytes); + mbedtls_mpi_core_mul(X, A, A_limbs, A, A_limbs); + TEST_MEMORY_COMPARE(X, X_bytes, R, X_bytes); + TEST_MEMORY_COMPARE(A, A_bytes, A_orig, A_bytes); + } + /* 3. X = B * A - result should be correct, A and B unchanged */ + else { + memset(X, '!', X_bytes); + mbedtls_mpi_core_mul(X, B, B_limbs, A, A_limbs); + TEST_MEMORY_COMPARE(X, X_bytes, R, X_bytes); + TEST_MEMORY_COMPARE(A, A_bytes, A_orig, A_bytes); + TEST_MEMORY_COMPARE(B, B_bytes, B_orig, B_bytes); + } + +exit: + mbedtls_free(A); + mbedtls_free(A_orig); + mbedtls_free(B); + mbedtls_free(B_orig); + mbedtls_free(R); + mbedtls_free(X); +} +/* END_CASE */ /* BEGIN_CASE */ void mpi_core_exp_mod(char *input_N, char *input_A, @@ -1081,7 +1195,7 @@ void mpi_core_exp_mod(char *input_N, char *input_A, TEST_EQUAL(0, mbedtls_test_read_mpi_core(&E, &E_limbs, input_E)); TEST_EQUAL(0, mbedtls_test_read_mpi_core(&N, &N_limbs, input_N)); TEST_EQUAL(0, mbedtls_test_read_mpi_core(&X, &X_limbs, input_X)); - ASSERT_ALLOC(Y, N_limbs); + TEST_CALLOC(Y, N_limbs); TEST_EQUAL(A_limbs, N_limbs); TEST_EQUAL(X_limbs, N_limbs); @@ -1113,7 +1227,7 @@ void mpi_core_exp_mod(char *input_N, char *input_A, TEST_LE_U(mbedtls_mpi_core_montmul_working_limbs(N_limbs), working_limbs); - ASSERT_ALLOC(T, working_limbs); + TEST_CALLOC(T, working_limbs); mbedtls_mpi_core_exp_mod(Y, A, N, N_limbs, E, E_limbs, R2, T); @@ -1138,14 +1252,6 @@ exit: } /* END_CASE */ -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ - /* BEGIN_CASE */ void mpi_core_sub_int(char *input_A, char *input_B, char *input_X, int borrow) @@ -1171,10 +1277,11 @@ void mpi_core_sub_int(char *input_A, char *input_B, TEST_EQUAL(A_limbs, X_limbs); size_t limbs = A_limbs; - ASSERT_ALLOC(R, limbs); + TEST_CALLOC(R, limbs); #define TEST_COMPARE_CORE_MPIS(A, B, limbs) \ - ASSERT_COMPARE(A, (limbs) * sizeof(mbedtls_mpi_uint), B, (limbs) * sizeof(mbedtls_mpi_uint)) + TEST_MEMORY_COMPARE(A, (limbs) * sizeof(mbedtls_mpi_uint), \ + B, (limbs) * sizeof(mbedtls_mpi_uint)) /* 1. R = A - b. Result and borrow should be correct */ TEST_EQUAL(mbedtls_mpi_core_sub_int(R, A, B[0], limbs), borrow); @@ -1210,33 +1317,3 @@ exit: mbedtls_free(X); } /* END_CASE */ - -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ - -/* END MERGE SLOT 5 */ - -/* BEGIN MERGE SLOT 6 */ - -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ - -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ diff --git a/tests/suites/test_suite_bignum_core.misc.data b/tests/suites/test_suite_bignum_core.misc.data index 81a767a0c..ba8602997 100644 --- a/tests/suites/test_suite_bignum_core.misc.data +++ b/tests/suites/test_suite_bignum_core.misc.data @@ -491,42 +491,35 @@ mpi_core_fill_random:42:0:-1:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA Fill random core: 42 bytes, 5 missing limbs mpi_core_fill_random:42:0:-5:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA -# BEGIN MERGE SLOT 1 +CLZ: 0 0: all ones +mpi_core_clz:0:0 -# END MERGE SLOT 1 +CLZ: 1 0 +mpi_core_clz:1:0 -# BEGIN MERGE SLOT 2 +CLZ: 1 1 +mpi_core_clz:1:1 -# END MERGE SLOT 2 +CLZ: 4 5 +mpi_core_clz:4:5 -# BEGIN MERGE SLOT 3 +CLZ: 8 16 +mpi_core_clz:8:16 -# END MERGE SLOT 3 +CLZ: 31 0 +mpi_core_clz:31:0 -# BEGIN MERGE SLOT 4 +CLZ: 32 0 +mpi_core_clz:32:0 -# END MERGE SLOT 4 +CLZ: 33 0 +mpi_core_clz:33:0 -# BEGIN MERGE SLOT 5 +CLZ: 63 0 +mpi_core_clz:63:0 -# END MERGE SLOT 5 +CLZ: 64 0 +mpi_core_clz:64:0 -# BEGIN MERGE SLOT 6 - -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 - -# END MERGE SLOT 7 - -# BEGIN MERGE SLOT 8 - -# END MERGE SLOT 8 - -# BEGIN MERGE SLOT 9 - -# END MERGE SLOT 9 - -# BEGIN MERGE SLOT 10 - -# END MERGE SLOT 10 +CLZ: 100000 0: skip overly long input +mpi_core_clz:100000:0 diff --git a/tests/suites/test_suite_bignum_mod.function b/tests/suites/test_suite_bignum_mod.function index ded4c0cb4..9d0fe939f 100644 --- a/tests/suites/test_suite_bignum_mod.function +++ b/tests/suites/test_suite_bignum_mod.function @@ -7,23 +7,8 @@ #include "test/constant_flow.h" #define TEST_COMPARE_MPI_RESIDUES(a, b) \ - ASSERT_COMPARE((a).p, (a).limbs * sizeof(mbedtls_mpi_uint), \ - (b).p, (b).limbs * sizeof(mbedtls_mpi_uint)) - -static int test_read_modulus(mbedtls_mpi_mod_modulus *m, - mbedtls_mpi_mod_rep_selector int_rep, - char *input) -{ - mbedtls_mpi_uint *p = NULL; - size_t limbs; - - int ret = mbedtls_test_read_mpi_core(&p, &limbs, input); - if (ret != 0) { - return ret; - } - - return mbedtls_mpi_mod_modulus_setup(m, p, limbs, int_rep); -} + TEST_MEMORY_COMPARE((a).p, (a).limbs * sizeof(mbedtls_mpi_uint), \ + (b).p, (b).limbs * sizeof(mbedtls_mpi_uint)) static int test_read_residue(mbedtls_mpi_mod_residue *r, const mbedtls_mpi_mod_modulus *m, @@ -50,7 +35,7 @@ static int test_read_residue(mbedtls_mpi_mod_residue *r, /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C + * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_ECP_WITH_MPI_UINT * END_DEPENDENCIES */ @@ -65,7 +50,19 @@ void mpi_mod_setup(int int_rep, int iret) memset(mp, 0xFF, sizeof(mp)); mbedtls_mpi_mod_modulus_init(&m); - ret = mbedtls_mpi_mod_modulus_setup(&m, mp, MLIMBS, int_rep); + + switch (int_rep) { + case MBEDTLS_MPI_MOD_REP_MONTGOMERY: + ret = mbedtls_mpi_mod_modulus_setup(&m, mp, MLIMBS); + break; + case MBEDTLS_MPI_MOD_REP_OPT_RED: + ret = mbedtls_mpi_mod_optred_modulus_setup(&m, mp, MLIMBS, NULL); + break; + default: + ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA; + break; + } + TEST_EQUAL(ret, iret); /* Only test if the constants have been set-up */ @@ -96,12 +93,6 @@ exit: } /* END_CASE */ -/* BEGIN MERGE SLOT 1 */ - -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - /* BEGIN_CASE */ void mpi_mod_mul(char *input_A, char *input_B, @@ -118,8 +109,8 @@ void mpi_mod_mul(char *input_A, mbedtls_mpi_mod_modulus m; mbedtls_mpi_mod_modulus_init(&m); - TEST_EQUAL(test_read_modulus(&m, MBEDTLS_MPI_MOD_REP_MONTGOMERY, input_N), - 0); + TEST_EQUAL(mbedtls_test_read_mpi_modulus(&m, input_N, + MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0); TEST_EQUAL(test_read_residue(&rA, &m, input_A, 0), 0); TEST_EQUAL(test_read_residue(&rB, &m, input_B, 0), 0); @@ -132,47 +123,47 @@ void mpi_mod_mul(char *input_A, TEST_EQUAL(rB.limbs, limbs); TEST_EQUAL(rR.limbs, limbs); - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); TEST_EQUAL(mbedtls_mpi_mod_residue_setup(&rX, &m, X, limbs), 0); TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rA, &rB, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); /* alias X to A */ memcpy(rX.p, rA.p, bytes); TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rX, &rB, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); /* alias X to B */ memcpy(rX.p, rB.p, bytes); TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rA, &rX, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); /* A == B: alias A and B */ if (memcmp(rA.p, rB.p, bytes) == 0) { TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rA, &rA, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); /* X, A, B all aliased together */ memcpy(rX.p, rA.p, bytes); TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rX, &rX, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); } /* A != B: test B * A */ else { TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rB, &rA, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); /* B * A: alias X to A */ memcpy(rX.p, rA.p, bytes); TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rB, &rX, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); /* B + A: alias X to B */ memcpy(rX.p, rB.p, bytes); TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rX, &rA, &m), 0); - ASSERT_COMPARE(rX.p, bytes, rR.p, bytes); + TEST_MEMORY_COMPARE(rX.p, bytes, rR.p, bytes); } exit: @@ -206,8 +197,8 @@ void mpi_mod_mul_neg(char *input_A, mbedtls_mpi_mod_modulus fake_m; mbedtls_mpi_mod_modulus_init(&fake_m); - TEST_EQUAL(test_read_modulus(&m, MBEDTLS_MPI_MOD_REP_MONTGOMERY, input_N), - 0); + TEST_EQUAL(mbedtls_test_read_mpi_modulus(&m, input_N, + MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0); TEST_EQUAL(test_read_residue(&rA, &m, input_A, 1), 0); TEST_EQUAL(test_read_residue(&rB, &m, input_B, 1), 0); @@ -215,7 +206,7 @@ void mpi_mod_mul_neg(char *input_A, const size_t limbs = m.limbs; - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); TEST_EQUAL(mbedtls_mpi_mod_residue_setup(&rX, &m, X, limbs), 0); rX.limbs = rR.limbs; @@ -238,9 +229,6 @@ exit: } /* END_CASE */ -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ /* BEGIN_CASE */ void mpi_mod_sub(char *input_N, char *input_A, char *input_B, @@ -256,7 +244,8 @@ void mpi_mod_sub(char *input_N, mbedtls_mpi_mod_modulus_init(&m); TEST_EQUAL(0, - test_read_modulus(&m, MBEDTLS_MPI_MOD_REP_MONTGOMERY, input_N)); + mbedtls_test_read_mpi_modulus(&m, input_N, + MBEDTLS_MPI_MOD_REP_MONTGOMERY)); /* test_read_residue() normally checks that inputs have the same number of * limbs as the modulus. For negative testing we can ask it to skip this @@ -270,7 +259,7 @@ void mpi_mod_sub(char *input_N, if (expected_ret == 0) { /* Negative test with too many limbs in output */ - ASSERT_ALLOC(X_raw, limbs + 1); + TEST_CALLOC(X_raw, limbs + 1); x.p = X_raw; x.limbs = limbs + 1; @@ -282,7 +271,7 @@ void mpi_mod_sub(char *input_N, /* Negative test with too few limbs in output */ if (limbs > 1) { - ASSERT_ALLOC(X_raw, limbs - 1); + TEST_CALLOC(X_raw, limbs - 1); x.p = X_raw; x.limbs = limbs - 1; @@ -297,7 +286,7 @@ void mpi_mod_sub(char *input_N, * manually-written test cases with expected_ret != 0. */ } - ASSERT_ALLOC(X_raw, limbs); + TEST_CALLOC(X_raw, limbs); TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&x, &m, X_raw, limbs)); @@ -357,7 +346,8 @@ void mpi_mod_inv_mont(char *input_N, mbedtls_mpi_mod_modulus_init(&N); TEST_EQUAL(0, - test_read_modulus(&N, MBEDTLS_MPI_MOD_REP_MONTGOMERY, input_N)); + mbedtls_test_read_mpi_modulus(&N, input_N, + MBEDTLS_MPI_MOD_REP_MONTGOMERY)); /* test_read_residue() normally checks that inputs have the same number of * limbs as the modulus. For negative testing we can ask it to skip this @@ -368,7 +358,7 @@ void mpi_mod_inv_mont(char *input_N, size_t limbs = N.limbs; size_t bytes = limbs * sizeof(*X_raw); - ASSERT_ALLOC(X_raw, limbs); + TEST_CALLOC(X_raw, limbs); TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&x, &N, X_raw, limbs)); @@ -406,7 +396,8 @@ void mpi_mod_inv_non_mont(char *input_N, mbedtls_mpi_mod_modulus_init(&N); TEST_EQUAL(0, - test_read_modulus(&N, MBEDTLS_MPI_MOD_REP_OPT_RED, input_N)); + mbedtls_test_read_mpi_modulus(&N, input_N, + MBEDTLS_MPI_MOD_REP_OPT_RED)); /* test_read_residue() normally checks that inputs have the same number of * limbs as the modulus. For negative testing we can ask it to skip this @@ -417,7 +408,7 @@ void mpi_mod_inv_non_mont(char *input_N, size_t limbs = N.limbs; size_t bytes = limbs * sizeof(*X_raw); - ASSERT_ALLOC(X_raw, limbs); + TEST_CALLOC(X_raw, limbs); TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&x, &N, X_raw, limbs)); @@ -440,13 +431,7 @@ exit: mbedtls_free(X_raw); } /* END_CASE */ -/* END MERGE SLOT 3 */ -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ /* BEGIN_CASE */ void mpi_mod_add(char *input_N, char *input_A, char *input_B, @@ -462,7 +447,8 @@ void mpi_mod_add(char *input_N, mbedtls_mpi_mod_modulus_init(&m); TEST_EQUAL(0, - test_read_modulus(&m, MBEDTLS_MPI_MOD_REP_MONTGOMERY, input_N)); + mbedtls_test_read_mpi_modulus(&m, input_N, + MBEDTLS_MPI_MOD_REP_MONTGOMERY)); /* test_read_residue() normally checks that inputs have the same number of * limbs as the modulus. For negative testing we can ask it to skip this @@ -476,7 +462,7 @@ void mpi_mod_add(char *input_N, if (expected_ret == 0) { /* Negative test with too many limbs in output */ - ASSERT_ALLOC(X_raw, limbs + 1); + TEST_CALLOC(X_raw, limbs + 1); x.p = X_raw; x.limbs = limbs + 1; @@ -488,7 +474,7 @@ void mpi_mod_add(char *input_N, /* Negative test with too few limbs in output */ if (limbs > 1) { - ASSERT_ALLOC(X_raw, limbs - 1); + TEST_CALLOC(X_raw, limbs - 1); x.p = X_raw; x.limbs = limbs - 1; @@ -504,7 +490,7 @@ void mpi_mod_add(char *input_N, } /* Allocate correct number of limbs for X_raw */ - ASSERT_ALLOC(X_raw, limbs); + TEST_CALLOC(X_raw, limbs); TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&x, &m, X_raw, limbs)); @@ -549,13 +535,7 @@ exit: mbedtls_free(X_raw); } /* END_CASE */ -/* END MERGE SLOT 5 */ -/* BEGIN MERGE SLOT 6 */ - -/* END MERGE SLOT 6 */ - -/* BEGIN MERGE SLOT 7 */ /* BEGIN_CASE */ void mpi_residue_setup(char *input_N, char *input_R, int ret) { @@ -571,8 +551,7 @@ void mpi_residue_setup(char *input_N, char *input_R, int ret) TEST_EQUAL(0, mbedtls_test_read_mpi_core(&N, &n_limbs, input_N)); TEST_EQUAL(0, mbedtls_test_read_mpi_core(&R, &r_limbs, input_R)); - TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs)); TEST_EQUAL(ret, mbedtls_mpi_mod_residue_setup(&r, &m, R, r_limbs)); @@ -603,7 +582,7 @@ void mpi_mod_io_neg(char *input_N, data_t *buf, int ret) size_t n_limbs; TEST_EQUAL(0, mbedtls_test_read_mpi_core(&N, &n_limbs, input_N)); size_t r_limbs = n_limbs; - ASSERT_ALLOC(R, r_limbs); + TEST_CALLOC(R, r_limbs); /* modulus->p == NULL || residue->p == NULL ( m has not been set-up ) */ TEST_EQUAL(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, @@ -613,8 +592,7 @@ void mpi_mod_io_neg(char *input_N, data_t *buf, int ret) mbedtls_mpi_mod_write(&r, &m, buf->x, buf->len, endian)); /* Set up modulus and test with residue->p == NULL */ - TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs)); TEST_EQUAL(MBEDTLS_ERR_MPI_BAD_INPUT_DATA, mbedtls_mpi_mod_read(&r, &m, buf->x, buf->len, endian)); @@ -680,15 +658,14 @@ void mpi_mod_io(char *input_N, data_t *input_A, int endian) a_bytes = input_A->len; /* Allocate the memory for intermediate data structures */ - ASSERT_ALLOC(R, n_bytes); - ASSERT_ALLOC(R_COPY, n_bytes); + TEST_CALLOC(R, n_bytes); + TEST_CALLOC(R_COPY, n_bytes); /* Test that input's size is not greater to modulo's */ TEST_LE_U(a_bytes, n_bytes); /* Init Structures */ - TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs)); /* Enforcing p_limbs >= m->limbs */ TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&r, &m, R, n_limbs)); @@ -721,14 +698,14 @@ void mpi_mod_io(char *input_N, data_t *input_A, int endian) obuf_sizes[2] = a_bytes + 8; for (size_t i = 0; i < obuf_sizes_len; i++) { - ASSERT_ALLOC(obuf, obuf_sizes[i]); + TEST_CALLOC(obuf, obuf_sizes[i]); TEST_EQUAL(0, mbedtls_mpi_mod_write(&r, &m, obuf, obuf_sizes[i], endian)); /* Make sure that writing didn't corrupt the value of r */ - ASSERT_COMPARE(r.p, r.limbs, r_copy.p, r_copy.limbs); + TEST_MEMORY_COMPARE(r.p, r.limbs, r_copy.p, r_copy.limbs); /* Set up reference output for checking the result */ - ASSERT_ALLOC(ref_buf, obuf_sizes[i]); + TEST_CALLOC(ref_buf, obuf_sizes[i]); switch (endian) { case MBEDTLS_MPI_MOD_EXT_REP_LE: memcpy(ref_buf, input_A->x, a_bytes_trimmed); @@ -746,7 +723,7 @@ void mpi_mod_io(char *input_N, data_t *input_A, int endian) } /* Check the result */ - ASSERT_COMPARE(obuf, obuf_sizes[i], ref_buf, obuf_sizes[i]); + TEST_MEMORY_COMPARE(obuf, obuf_sizes[i], ref_buf, obuf_sizes[i]); mbedtls_free(ref_buf); ref_buf = NULL; @@ -760,18 +737,6 @@ exit: mbedtls_free(R); mbedtls_free(R_COPY); mbedtls_free(obuf); + mbedtls_free(ref_buf); } /* END_CASE */ -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ diff --git a/tests/suites/test_suite_bignum_mod.misc.data b/tests/suites/test_suite_bignum_mod.misc.data index e36921141..780e0cfef 100644 --- a/tests/suites/test_suite_bignum_mod.misc.data +++ b/tests/suites/test_suite_bignum_mod.misc.data @@ -7,11 +7,6 @@ mpi_mod_setup:MBEDTLS_MPI_MOD_REP_OPT_RED:0 Test mbedtls_mpi_mod_setup #7 (Montgomery representation) mpi_mod_setup:MBEDTLS_MPI_MOD_REP_MONTGOMERY:0 -# BEGIN MERGE SLOT 1 - -# END MERGE SLOT 1 - -# BEGIN MERGE SLOT 2 Test mpi_mod_mul #1 N->limbs != A->limbs mpi_mod_mul_neg:"1":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA @@ -20,9 +15,6 @@ mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"0":"f00000000000000000000000 Test mpi_mod_mul #3 N->limbs != X->limbs mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA -# END MERGE SLOT 2 - -# BEGIN MERGE SLOT 3 mpi_mod_sub base case for negative testing (N, a, b all >= 1 limb) mpi_mod_sub:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"013fe57440828b4a0008aa4159":0 @@ -89,13 +81,6 @@ mbedtls_mpi_mod_inv 64-bit Mont. form - A too short depends_on:MBEDTLS_HAVE_INT64 mpi_mod_inv_mont:"0000000000000000000000000000152d02c7e14af67fe0bf":"00000000000009545642424381c611fb":"000000000000000000000000000009545642424381c611fb":MBEDTLS_ERR_MPI_BAD_INPUT_DATA -# END MERGE SLOT 3 - -# BEGIN MERGE SLOT 4 - -# END MERGE SLOT 4 - -# BEGIN MERGE SLOT 5 mpi_mod_add base case for negative testing (N, a, b all >= 1 limb) mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"00033b3096f574ee9a919c815a":0 @@ -116,13 +101,7 @@ mpi_mod_add:"014320a022ccb75bdf470ddf25":"a99c71c7":"00033b2e3c9fd0803ce8000f93" mpi_mod_add with second input too short mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"e8000f93":"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA -# END MERGE SLOT 5 -# BEGIN MERGE SLOT 6 - -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 Test mbedtls_mpi_residue_setup #1 m > r mpi_residue_setup:"fe":"01":0 diff --git a/tests/suites/test_suite_bignum_mod_raw.data b/tests/suites/test_suite_bignum_mod_raw.data index 8cbd918f8..2af1d7d1b 100644 --- a/tests/suites/test_suite_bignum_mod_raw.data +++ b/tests/suites/test_suite_bignum_mod_raw.data @@ -179,42 +179,3 @@ mpi_mod_raw_cond_swap:"000000001111111122222222333333334444444455555555666666667 mbedtls_mpi_mod_raw_cond_swap: copy half of the limbs mpi_mod_raw_cond_swap:"00000000FFFFFFFF55555555AAAAAAAA":"FEDCBA9876543210FEDCBA9876543210":8 -# BEGIN MERGE SLOT 1 - -# END MERGE SLOT 1 - -# BEGIN MERGE SLOT 2 - -# END MERGE SLOT 2 - -# BEGIN MERGE SLOT 3 - -# END MERGE SLOT 3 - -# BEGIN MERGE SLOT 4 - -# END MERGE SLOT 4 - -# BEGIN MERGE SLOT 5 - -# END MERGE SLOT 5 - -# BEGIN MERGE SLOT 6 - -# END MERGE SLOT 6 - -# BEGIN MERGE SLOT 7 - -# END MERGE SLOT 7 - -# BEGIN MERGE SLOT 8 - -# END MERGE SLOT 8 - -# BEGIN MERGE SLOT 9 - -# END MERGE SLOT 9 - -# BEGIN MERGE SLOT 10 - -# END MERGE SLOT 10 diff --git a/tests/suites/test_suite_bignum_mod_raw.function b/tests/suites/test_suite_bignum_mod_raw.function index 9310b0e65..f7f8a5914 100644 --- a/tests/suites/test_suite_bignum_mod_raw.function +++ b/tests/suites/test_suite_bignum_mod_raw.function @@ -6,10 +6,12 @@ #include "constant_time_internal.h" #include "test/constant_flow.h" +#include "bignum_mod_raw_invasive.h" + /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C + * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_ECP_WITH_MPI_UINT * END_DEPENDENCIES */ @@ -52,8 +54,7 @@ void mpi_mod_raw_io(data_t *input, int nb_int, int nx_32_int, mbedtls_mpi_uint init[sizeof(X) / sizeof(X[0])]; memset(init, 0xFF, sizeof(init)); - int ret = mbedtls_mpi_mod_modulus_setup(&m, init, nx, - MBEDTLS_MPI_MOD_REP_MONTGOMERY); + int ret = mbedtls_mpi_mod_modulus_setup(&m, init, nx); TEST_EQUAL(ret, 0); if (iendian == MBEDTLS_MPI_MOD_EXT_REP_INVALID && iret != 0) { @@ -132,11 +133,10 @@ void mpi_mod_raw_cond_assign(char *input_X, TEST_EQUAL(limbs_X, limbs_Y); TEST_ASSERT(copy_limbs <= limbs); - ASSERT_ALLOC(buff_m, copy_limbs); + TEST_CALLOC(buff_m, copy_limbs); memset(buff_m, 0xFF, copy_limbs); TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( - &m, buff_m, copy_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0); + &m, buff_m, copy_limbs), 0); /* condition is false */ TEST_CF_SECRET(X, bytes); @@ -161,10 +161,10 @@ void mpi_mod_raw_cond_assign(char *input_X, /* Check if the given length is copied even it is smaller than the length of the given MPIs. */ if (copy_limbs < limbs) { - ASSERT_COMPARE(X, copy_bytes, Y, copy_bytes); + TEST_MEMORY_COMPARE(X, copy_bytes, Y, copy_bytes); TEST_ASSERT(memcmp(X, Y, bytes) != 0); } else { - ASSERT_COMPARE(X, bytes, Y, bytes); + TEST_MEMORY_COMPARE(X, bytes, Y, bytes); } exit: @@ -203,16 +203,15 @@ void mpi_mod_raw_cond_swap(char *input_X, TEST_EQUAL(limbs_X, limbs_Y); TEST_ASSERT(copy_limbs <= limbs); - ASSERT_ALLOC(buff_m, copy_limbs); + TEST_CALLOC(buff_m, copy_limbs); memset(buff_m, 0xFF, copy_limbs); TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( - &m, buff_m, copy_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0); + &m, buff_m, copy_limbs), 0); - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); memcpy(X, tmp_X, bytes); - ASSERT_ALLOC(Y, bytes); + TEST_CALLOC(Y, bytes); memcpy(Y, tmp_Y, bytes); /* condition is false */ @@ -224,8 +223,8 @@ void mpi_mod_raw_cond_swap(char *input_X, TEST_CF_PUBLIC(X, bytes); TEST_CF_PUBLIC(Y, bytes); - ASSERT_COMPARE(X, bytes, tmp_X, bytes); - ASSERT_COMPARE(Y, bytes, tmp_Y, bytes); + TEST_MEMORY_COMPARE(X, bytes, tmp_X, bytes); + TEST_MEMORY_COMPARE(Y, bytes, tmp_Y, bytes); /* condition is true */ TEST_CF_SECRET(X, bytes); @@ -239,15 +238,15 @@ void mpi_mod_raw_cond_swap(char *input_X, /* Check if the given length is copied even it is smaller than the length of the given MPIs. */ if (copy_limbs < limbs) { - ASSERT_COMPARE(X, copy_bytes, tmp_Y, copy_bytes); - ASSERT_COMPARE(Y, copy_bytes, tmp_X, copy_bytes); + TEST_MEMORY_COMPARE(X, copy_bytes, tmp_Y, copy_bytes); + TEST_MEMORY_COMPARE(Y, copy_bytes, tmp_X, copy_bytes); TEST_ASSERT(memcmp(X, tmp_X, bytes) != 0); TEST_ASSERT(memcmp(X, tmp_Y, bytes) != 0); TEST_ASSERT(memcmp(Y, tmp_X, bytes) != 0); TEST_ASSERT(memcmp(Y, tmp_Y, bytes) != 0); } else { - ASSERT_COMPARE(X, bytes, tmp_Y, bytes); - ASSERT_COMPARE(Y, bytes, tmp_X, bytes); + TEST_MEMORY_COMPARE(X, bytes, tmp_Y, bytes); + TEST_MEMORY_COMPARE(Y, bytes, tmp_X, bytes); } exit: @@ -261,12 +260,6 @@ exit: } /* END_CASE */ -/* BEGIN MERGE SLOT 1 */ - -/* END MERGE SLOT 1 */ - -/* BEGIN MERGE SLOT 2 */ - /* BEGIN_CASE */ void mpi_mod_raw_sub(char *input_A, char *input_B, @@ -298,34 +291,33 @@ void mpi_mod_raw_sub(char *input_A, TEST_EQUAL(limbs_B, limbs); TEST_EQUAL(limbs_res, limbs); - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( - &m, N, limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0); + &m, N, limbs), 0); mbedtls_mpi_mod_raw_sub(X, A, B, &m); - ASSERT_COMPARE(X, bytes, res, bytes); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); /* alias X to A */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_sub(X, X, B, &m); - ASSERT_COMPARE(X, bytes, res, bytes); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); /* alias X to B */ memcpy(X, B, bytes); mbedtls_mpi_mod_raw_sub(X, A, X, &m); - ASSERT_COMPARE(X, bytes, res, bytes); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); /* A == B: alias A and B */ if (memcmp(A, B, bytes) == 0) { mbedtls_mpi_mod_raw_sub(X, A, A, &m); - ASSERT_COMPARE(X, bytes, res, bytes); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); /* X, A, B all aliased together */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_sub(X, X, X, &m); - ASSERT_COMPARE(X, bytes, res, bytes); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); } exit: mbedtls_free(A); @@ -338,6 +330,55 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */ +void mpi_mod_raw_fix_quasi_reduction(char *input_N, + char *input_X, + char *result) +{ + mbedtls_mpi_uint *X = NULL; + mbedtls_mpi_uint *N = NULL; + mbedtls_mpi_uint *res = NULL; + mbedtls_mpi_uint *tmp = NULL; + size_t limbs_X; + size_t limbs_N; + size_t limbs_res; + + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_modulus_init(&m); + + TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0); + + size_t limbs = limbs_N; + size_t bytes = limbs * sizeof(mbedtls_mpi_uint); + + TEST_EQUAL(limbs_X, limbs); + TEST_EQUAL(limbs_res, limbs); + + TEST_CALLOC(tmp, limbs); + memcpy(tmp, X, bytes); + + /* Check that 0 <= X < 2N */ + mbedtls_mpi_uint c = mbedtls_mpi_core_sub(tmp, X, N, limbs); + TEST_ASSERT(c || mbedtls_mpi_core_lt_ct(tmp, N, limbs)); + + TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( + &m, N, limbs), 0); + + mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); + +exit: + mbedtls_free(X); + mbedtls_free(res); + mbedtls_free(tmp); + + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_free(N); +} +/* END_CASE */ + /* BEGIN_CASE */ void mpi_mod_raw_mul(char *input_A, char *input_B, @@ -370,52 +411,51 @@ void mpi_mod_raw_mul(char *input_A, TEST_EQUAL(limbs_B, limbs); TEST_EQUAL(limbs_R, limbs); - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( - &m, N, limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY), 0); + &m, N, limbs), 0); const size_t limbs_T = limbs * 2 + 1; - ASSERT_ALLOC(T, limbs_T); + TEST_CALLOC(T, limbs_T); mbedtls_mpi_mod_raw_mul(X, A, B, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); /* alias X to A */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_mul(X, X, B, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); /* alias X to B */ memcpy(X, B, bytes); mbedtls_mpi_mod_raw_mul(X, A, X, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); /* A == B: alias A and B */ if (memcmp(A, B, bytes) == 0) { mbedtls_mpi_mod_raw_mul(X, A, A, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); /* X, A, B all aliased together */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_mul(X, X, X, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); } /* A != B: test B * A */ else { mbedtls_mpi_mod_raw_mul(X, B, A, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); /* B * A: alias X to A */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_mul(X, B, X, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); /* B + A: alias X to B */ memcpy(X, B, bytes); mbedtls_mpi_mod_raw_mul(X, X, A, &m, T); - ASSERT_COMPARE(X, bytes, R, bytes); + TEST_MEMORY_COMPARE(X, bytes, R, bytes); } exit: @@ -430,10 +470,6 @@ exit: } /* END_CASE */ -/* END MERGE SLOT 2 */ - -/* BEGIN MERGE SLOT 3 */ - /* BEGIN_CASE */ void mpi_mod_raw_inv_prime(char *input_N, char *input_A, char *input_X) { @@ -453,7 +489,7 @@ void mpi_mod_raw_inv_prime(char *input_N, char *input_A, char *input_X) TEST_EQUAL(0, mbedtls_test_read_mpi_core(&A, &A_limbs, input_A)); TEST_EQUAL(0, mbedtls_test_read_mpi_core(&N, &N_limbs, input_N)); TEST_EQUAL(0, mbedtls_test_read_mpi_core(&X, &X_limbs, input_X)); - ASSERT_ALLOC(Y, N_limbs); + TEST_CALLOC(Y, N_limbs); TEST_EQUAL(A_limbs, N_limbs); TEST_EQUAL(X_limbs, N_limbs); @@ -483,7 +519,7 @@ void mpi_mod_raw_inv_prime(char *input_N, char *input_A, char *input_X) TEST_LE_U(mbedtls_mpi_core_montmul_working_limbs(N_limbs), working_limbs); - ASSERT_ALLOC(T, working_limbs); + TEST_CALLOC(T, working_limbs); mbedtls_mpi_mod_raw_inv_prime(Y, A, N, N_limbs, R2, T); @@ -507,14 +543,6 @@ exit: } /* END_CASE */ -/* END MERGE SLOT 3 */ - -/* BEGIN MERGE SLOT 4 */ - -/* END MERGE SLOT 4 */ - -/* BEGIN MERGE SLOT 5 */ - /* BEGIN_CASE */ void mpi_mod_raw_add(char *input_N, char *input_A, char *input_B, @@ -543,54 +571,52 @@ void mpi_mod_raw_add(char *input_N, TEST_EQUAL(B_limbs, limbs); TEST_EQUAL(S_limbs, limbs); - ASSERT_ALLOC(X, limbs); + TEST_CALLOC(X, limbs); TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( - &m, N, limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY - ), 0); + &m, N, limbs), 0); /* A + B => Correct result */ mbedtls_mpi_mod_raw_add(X, A, B, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* A + B: alias X to A => Correct result */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_add(X, X, B, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* A + B: alias X to B => Correct result */ memcpy(X, B, bytes); mbedtls_mpi_mod_raw_add(X, A, X, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); if (memcmp(A, B, bytes) == 0) { /* A == B: alias A and B */ /* A + A => Correct result */ mbedtls_mpi_mod_raw_add(X, A, A, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* A + A: X, A, B all aliased together => Correct result */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_add(X, X, X, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); } else { /* A != B: test B + A */ /* B + A => Correct result */ mbedtls_mpi_mod_raw_add(X, B, A, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* B + A: alias X to A => Correct result */ memcpy(X, A, bytes); mbedtls_mpi_mod_raw_add(X, B, X, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); /* B + A: alias X to B => Correct result */ memcpy(X, B, bytes); mbedtls_mpi_mod_raw_add(X, X, A, &m); - ASSERT_COMPARE(X, bytes, S, bytes); + TEST_MEMORY_COMPARE(X, bytes, S, bytes); } exit: @@ -603,9 +629,7 @@ exit: mbedtls_free(X); } /* END_CASE */ -/* END MERGE SLOT 5 */ -/* BEGIN MERGE SLOT 6 */ /* BEGIN_CASE */ void mpi_mod_raw_canonical_to_modulus_rep(const char *input_N, int rep, const char *input_A, @@ -623,8 +647,8 @@ void mpi_mod_raw_canonical_to_modulus_rep(const char *input_N, int rep, TEST_EQUAL(0, mbedtls_test_read_mpi_core(&X, &X_limbs, input_X)); TEST_EQUAL(0, mbedtls_mpi_mod_raw_canonical_to_modulus_rep(A, &N)); - ASSERT_COMPARE(A, A_limbs * sizeof(mbedtls_mpi_uint), - X, X_limbs * sizeof(mbedtls_mpi_uint)); + TEST_MEMORY_COMPARE(A, A_limbs * sizeof(mbedtls_mpi_uint), + X, X_limbs * sizeof(mbedtls_mpi_uint)); exit: mbedtls_test_mpi_mod_modulus_free_with_limbs(&N); @@ -650,8 +674,8 @@ void mpi_mod_raw_modulus_to_canonical_rep(const char *input_N, int rep, TEST_EQUAL(0, mbedtls_test_read_mpi_core(&X, &X_limbs, input_X)); TEST_EQUAL(0, mbedtls_mpi_mod_raw_modulus_to_canonical_rep(A, &N)); - ASSERT_COMPARE(A, A_limbs * sizeof(mbedtls_mpi_uint), - X, X_limbs * sizeof(mbedtls_mpi_uint)); + TEST_MEMORY_COMPARE(A, A_limbs * sizeof(mbedtls_mpi_uint), + X, X_limbs * sizeof(mbedtls_mpi_uint)); exit: mbedtls_test_mpi_mod_modulus_free_with_limbs(&N); @@ -659,9 +683,7 @@ exit: mbedtls_free(X); } /* END_CASE */ -/* END MERGE SLOT 6 */ -/* BEGIN MERGE SLOT 7 */ /* BEGIN_CASE */ void mpi_mod_raw_to_mont_rep(char *input_N, char *input_A, char *input_X) { @@ -690,32 +712,31 @@ void mpi_mod_raw_to_mont_rep(char *input_N, char *input_A, char *input_X) size_t limbs = n_limbs; size_t bytes = limbs * sizeof(mbedtls_mpi_uint); - TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs)); /* 1. Test low-level function first */ /* It has separate output, and requires temporary working storage */ size_t temp_limbs = mbedtls_mpi_core_montmul_working_limbs(limbs); - ASSERT_ALLOC(T, temp_limbs); - ASSERT_ALLOC(R, limbs); + TEST_CALLOC(T, temp_limbs); + TEST_CALLOC(R, limbs); mbedtls_mpi_core_to_mont_rep(R, A, N, n_limbs, m.rep.mont.mm, m.rep.mont.rr, T); /* Test that the low-level function gives the required value */ - ASSERT_COMPARE(R, bytes, X, bytes); + TEST_MEMORY_COMPARE(R, bytes, X, bytes); /* Test when output is aliased to input */ memcpy(R, A, bytes); mbedtls_mpi_core_to_mont_rep(R, R, N, n_limbs, m.rep.mont.mm, m.rep.mont.rr, T); - ASSERT_COMPARE(R, bytes, X, bytes); + TEST_MEMORY_COMPARE(R, bytes, X, bytes); /* 2. Test higher-level cannonical to Montgomery conversion */ TEST_EQUAL(0, mbedtls_mpi_mod_raw_to_mont_rep(A, &m)); /* The result matches expected value */ - ASSERT_COMPARE(A, bytes, X, bytes); + TEST_MEMORY_COMPARE(A, bytes, X, bytes); exit: mbedtls_mpi_mod_modulus_free(&m); @@ -755,32 +776,31 @@ void mpi_mod_raw_from_mont_rep(char *input_N, char *input_A, char *input_X) size_t limbs = n_limbs; size_t bytes = limbs * sizeof(mbedtls_mpi_uint); - TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs)); /* 1. Test low-level function first */ /* It has separate output, and requires temporary working storage */ size_t temp_limbs = mbedtls_mpi_core_montmul_working_limbs(limbs); - ASSERT_ALLOC(T, temp_limbs); - ASSERT_ALLOC(R, limbs); + TEST_CALLOC(T, temp_limbs); + TEST_CALLOC(R, limbs); mbedtls_mpi_core_from_mont_rep(R, A, N, n_limbs, m.rep.mont.mm, T); /* Test that the low-level function gives the required value */ - ASSERT_COMPARE(R, bytes, X, bytes); + TEST_MEMORY_COMPARE(R, bytes, X, bytes); /* Test when output is aliased to input */ memcpy(R, A, bytes); mbedtls_mpi_core_from_mont_rep(R, R, N, n_limbs, m.rep.mont.mm, T); - ASSERT_COMPARE(R, bytes, X, bytes); + TEST_MEMORY_COMPARE(R, bytes, X, bytes); /* 2. Test higher-level Montgomery to cannonical conversion */ TEST_EQUAL(0, mbedtls_mpi_mod_raw_from_mont_rep(A, &m)); /* The result matches expected value */ - ASSERT_COMPARE(A, bytes, X, bytes); + TEST_MEMORY_COMPARE(A, bytes, X, bytes); exit: mbedtls_mpi_mod_modulus_free(&m); @@ -814,27 +834,26 @@ void mpi_mod_raw_neg(char *input_N, char *input_A, char *input_X) TEST_EQUAL(x_limbs, n_limbs); bytes = n_limbs * sizeof(mbedtls_mpi_uint); - ASSERT_ALLOC(R, n_limbs); - ASSERT_ALLOC(Z, n_limbs); + TEST_CALLOC(R, n_limbs); + TEST_CALLOC(Z, n_limbs); - TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs, - MBEDTLS_MPI_MOD_REP_MONTGOMERY)); + TEST_EQUAL(0, mbedtls_mpi_mod_modulus_setup(&m, N, n_limbs)); /* Neg( A == 0 ) => Zero result */ mbedtls_mpi_mod_raw_neg(R, Z, &m); - ASSERT_COMPARE(R, bytes, Z, bytes); + TEST_MEMORY_COMPARE(R, bytes, Z, bytes); /* Neg( A == N ) => Zero result */ mbedtls_mpi_mod_raw_neg(R, N, &m); - ASSERT_COMPARE(R, bytes, Z, bytes); + TEST_MEMORY_COMPARE(R, bytes, Z, bytes); /* Neg( A ) => Correct result */ mbedtls_mpi_mod_raw_neg(R, A, &m); - ASSERT_COMPARE(R, bytes, X, bytes); + TEST_MEMORY_COMPARE(R, bytes, X, bytes); /* Neg( A ): alias A to R => Correct result */ mbedtls_mpi_mod_raw_neg(A, A, &m); - ASSERT_COMPARE(A, bytes, X, bytes); + TEST_MEMORY_COMPARE(A, bytes, X, bytes); exit: mbedtls_mpi_mod_modulus_free(&m); mbedtls_free(N); @@ -844,17 +863,3 @@ exit: mbedtls_free(Z); } /* END_CASE */ - -/* END MERGE SLOT 7 */ - -/* BEGIN MERGE SLOT 8 */ - -/* END MERGE SLOT 8 */ - -/* BEGIN MERGE SLOT 9 */ - -/* END MERGE SLOT 9 */ - -/* BEGIN MERGE SLOT 10 */ - -/* END MERGE SLOT 10 */ diff --git a/tests/suites/test_suite_bignum_random.function b/tests/suites/test_suite_bignum_random.function index e4db3d7ac..b43b1e713 100644 --- a/tests/suites/test_suite_bignum_random.function +++ b/tests/suites/test_suite_bignum_random.function @@ -124,9 +124,9 @@ void mpi_core_random_basic(int min, char *bound_bytes, int expected_ret) TEST_EQUAL(0, mbedtls_test_read_mpi_core(&upper_bound, &limbs, bound_bytes)); - ASSERT_ALLOC(lower_bound, limbs); + TEST_CALLOC(lower_bound, limbs); lower_bound[0] = min; - ASSERT_ALLOC(result, limbs); + TEST_CALLOC(result, limbs); TEST_EQUAL(expected_ret, mbedtls_mpi_core_random(result, min, upper_bound, limbs, @@ -134,7 +134,7 @@ void mpi_core_random_basic(int min, char *bound_bytes, int expected_ret) if (expected_ret == 0) { TEST_EQUAL(0, mbedtls_mpi_core_lt_ct(result, lower_bound, limbs)); - TEST_EQUAL(1, mbedtls_mpi_core_lt_ct(result, upper_bound, limbs)); + TEST_ASSERT(0 != mbedtls_mpi_core_lt_ct(result, upper_bound, limbs)); } exit: @@ -159,7 +159,7 @@ void mpi_legacy_random_values(int min, char *max_hex) TEST_EQUAL(0, mbedtls_test_read_mpi(&max_legacy, max_hex)); size_t limbs = max_legacy.n; - ASSERT_ALLOC(R_core, limbs); + TEST_CALLOC(R_core, limbs); /* Call the legacy function and the core function with the same random * stream. */ @@ -174,16 +174,16 @@ void mpi_legacy_random_values(int min, char *max_hex) * same number, with the same limb count. */ TEST_EQUAL(core_ret, legacy_ret); if (core_ret == 0) { - ASSERT_COMPARE(R_core, limbs * ciL, - R_legacy.p, R_legacy.n * ciL); + TEST_MEMORY_COMPARE(R_core, limbs * ciL, + R_legacy.p, R_legacy.n * ciL); } /* Also check that they have consumed the RNG in the same way. */ /* This may theoretically fail on rare platforms with padding in * the structure! If this is a problem in practice, change to a * field-by-field comparison. */ - ASSERT_COMPARE(&rnd_core, sizeof(rnd_core), - &rnd_legacy, sizeof(rnd_legacy)); + TEST_MEMORY_COMPARE(&rnd_core, sizeof(rnd_core), + &rnd_legacy, sizeof(rnd_legacy)); exit: mbedtls_mpi_free(&max_legacy); @@ -192,7 +192,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_WITH_MPI_UINT */ void mpi_mod_random_values(int min, char *max_hex, int rep) { /* Same RNG as in mpi_core_random_basic */ @@ -209,9 +209,9 @@ void mpi_mod_random_values(int min, char *max_hex, int rep) mbedtls_mpi_mod_modulus_init(&N); TEST_EQUAL(mbedtls_test_read_mpi_modulus(&N, max_hex, rep), 0); - ASSERT_ALLOC(R_core, N.limbs); - ASSERT_ALLOC(R_mod_raw, N.limbs); - ASSERT_ALLOC(R_mod_digits, N.limbs); + TEST_CALLOC(R_core, N.limbs); + TEST_CALLOC(R_mod_raw, N.limbs); + TEST_CALLOC(R_mod_digits, N.limbs); TEST_EQUAL(mbedtls_mpi_mod_residue_setup(&R_mod, &N, R_mod_digits, N.limbs), 0); @@ -237,22 +237,22 @@ void mpi_mod_random_values(int min, char *max_hex, int rep) if (core_ret == 0) { TEST_EQUAL(mbedtls_mpi_mod_raw_modulus_to_canonical_rep(R_mod_raw, &N), 0); - ASSERT_COMPARE(R_core, N.limbs * ciL, - R_mod_raw, N.limbs * ciL); + TEST_MEMORY_COMPARE(R_core, N.limbs * ciL, + R_mod_raw, N.limbs * ciL); TEST_EQUAL(mbedtls_mpi_mod_raw_modulus_to_canonical_rep(R_mod_digits, &N), 0); - ASSERT_COMPARE(R_core, N.limbs * ciL, - R_mod_digits, N.limbs * ciL); + TEST_MEMORY_COMPARE(R_core, N.limbs * ciL, + R_mod_digits, N.limbs * ciL); } /* Also check that they have consumed the RNG in the same way. */ /* This may theoretically fail on rare platforms with padding in * the structure! If this is a problem in practice, change to a * field-by-field comparison. */ - ASSERT_COMPARE(&rnd_core, sizeof(rnd_core), - &rnd_mod_raw, sizeof(rnd_mod_raw)); - ASSERT_COMPARE(&rnd_core, sizeof(rnd_core), - &rnd_mod, sizeof(rnd_mod)); + TEST_MEMORY_COMPARE(&rnd_core, sizeof(rnd_core), + &rnd_mod_raw, sizeof(rnd_mod_raw)); + TEST_MEMORY_COMPARE(&rnd_core, sizeof(rnd_core), + &rnd_mod, sizeof(rnd_mod)); exit: mbedtls_test_mpi_mod_modulus_free_with_limbs(&N); @@ -287,7 +287,7 @@ void mpi_random_many(int min, char *bound_hex, int iterations) TEST_EQUAL(0, mbedtls_test_read_mpi_core(&upper_bound, &limbs, bound_hex)); - ASSERT_ALLOC(result, limbs); + TEST_CALLOC(result, limbs); n_bits = mbedtls_mpi_core_bitlen(upper_bound, limbs); /* Consider a bound "small" if it's less than 2^5. This value is chosen @@ -302,7 +302,7 @@ void mpi_random_many(int min, char *bound_hex, int iterations) full_stats = 0; stats_len = n_bits; } - ASSERT_ALLOC(stats, stats_len); + TEST_CALLOC(stats, stats_len); for (i = 0; i < (size_t) iterations; i++) { mbedtls_test_set_step(i); @@ -312,8 +312,8 @@ void mpi_random_many(int min, char *bound_hex, int iterations) /* Temporarily use a legacy MPI for analysis, because the * necessary auxiliary functions don't exist yet in core. */ - mbedtls_mpi B = { 1, limbs, upper_bound }; - mbedtls_mpi R = { 1, limbs, result }; + mbedtls_mpi B = { .s = 1, .n = limbs, .p = upper_bound }; + mbedtls_mpi R = { .s = 1, .n = limbs, .p = result }; TEST_ASSERT(mbedtls_mpi_cmp_mpi(&R, &B) < 0); TEST_ASSERT(mbedtls_mpi_cmp_int(&R, min) >= 0); @@ -340,7 +340,7 @@ void mpi_random_many(int min, char *bound_hex, int iterations) } } else { bound_bytes.len = limbs * sizeof(mbedtls_mpi_uint); - ASSERT_ALLOC(bound_bytes.x, bound_bytes.len); + TEST_CALLOC(bound_bytes.x, bound_bytes.len); mbedtls_mpi_core_write_be(upper_bound, limbs, bound_bytes.x, bound_bytes.len); int statistically_safe_all_the_way = @@ -403,7 +403,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_WITH_MPI_UINT */ void mpi_mod_random_validation(int min, char *bound_hex, int result_limbs_delta, int expected_ret) @@ -416,7 +416,7 @@ void mpi_mod_random_validation(int min, char *bound_hex, MBEDTLS_MPI_MOD_REP_OPT_RED), 0); size_t result_limbs = N.limbs + result_limbs_delta; - ASSERT_ALLOC(result_digits, result_limbs); + TEST_CALLOC(result_digits, result_limbs); /* Build a reside that might not match the modulus, to test that * the library function rejects that as expected. */ mbedtls_mpi_mod_residue result = { result_digits, result_limbs }; @@ -429,8 +429,7 @@ void mpi_mod_random_validation(int min, char *bound_hex, * size as the modulus, otherwise it's a mistake in the test data. */ TEST_EQUAL(result_limbs, N.limbs); /* Sanity check: check that the result is in range */ - TEST_EQUAL(mbedtls_mpi_core_lt_ct(result_digits, N.p, N.limbs), - 1); + TEST_ASSERT(0 != mbedtls_mpi_core_lt_ct(result_digits, N.p, N.limbs)); /* Check result >= min (changes result) */ TEST_EQUAL(mbedtls_mpi_core_sub_int(result_digits, result_digits, min, result_limbs), @@ -444,8 +443,7 @@ void mpi_mod_random_validation(int min, char *bound_hex, mbedtls_test_rnd_std_rand, NULL), expected_ret); if (expected_ret == 0) { - TEST_EQUAL(mbedtls_mpi_core_lt_ct(result_digits, N.p, N.limbs), - 1); + TEST_ASSERT(0 != mbedtls_mpi_core_lt_ct(result_digits, N.p, N.limbs)); TEST_EQUAL(mbedtls_mpi_core_sub_int(result_digits, result.p, min, result_limbs), 0); diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index 2c4ccc467..caf9a742d 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -207,59 +207,59 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4189351b5caea375a0299e81c621bf43":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" CCM encrypt and tag NIST VTT AES-192 #1 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11fd45743d946e6d37341fec49947e8c70482494a8f07fcc":"ee7e6075ba52846de5d6254959a18affc4faf59c8ef63489":"c6aeebcb146cfafaae66f78aab":"7dc8c52144a7cb65b3e5a846e8fd7eae37bf6996c299b56e49144ebf43a1770f":"137d9da59baf5cbfd46620c5f298fc766de10ac68e774edf1f2c5bad" CCM encrypt and tag NIST VTT AES-192 #2 (P=24, N=13, A=32, T=6) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"146a163bbf10746e7c1201546ba46de769be23f9d7cc2c80":"473b6600559aefb67f7976f0a5cc744fb456efd86f615648":"f5827e51707d8d64bb522985bb":"599b12ebd3347a5ad098772c44c49eed954ec27c3ba6206d899ddaabca23a762":"26d2be30e171439d54a0fec291c6024d1de09d61b44f53258ba1360406f9" CCM encrypt and tag NIST VTT AES-192 #3 (P=24, N=13, A=32, T=8) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bdf277af2226f03ec1a0ba7a8532ade6aea9b3d519fe2d38":"0ff89eff92a530b66684cd75a39481e7e069a7d05e89b692":"cc3c596be884e7caed503315c0":"4d6546167b3ed55f01c62bd384e02e1039c0d67ef7abe33291fecb136272f73b":"6ef66a52c866bd5df20ec5096de92167ad83cab0e095ad0c778a299f1224f10c" CCM encrypt and tag NIST VTT AES-192 #4 (P=24, N=13, A=32, T=10) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"62f8eba1c2c5f66215493a6fa6ae007aae5be92f7880336a":"f5522e3405d9b77cbf3257db2b9675e618e8744a0ee03f0f":"15769753f503aa324f4b0e8ee0":"1bc05440ee3e34d0f25e90ca1ecbb555d0fb92b311621d171be6f2b719923d23":"b9103942dbbb93e15086751c9bb0a3d33112b55f95b7d4f32ff0bb90a8879812683f" CCM encrypt and tag NIST VTT AES-192 #5 (P=24, N=13, A=32, T=12) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a5667197f46b8027980d0a3166c0a419713d4df0629a860":"d0e4024d6e33daafc011fe463545ed20f172872f6f33cefa":"6236b01079d180fce156fbaab4":"29bdf65b29394d363d5243d4249bad087520f8d733a763daa1356be458d487e5":"479f3d408bfa00d1cd1c8bf11a167ce7ae4bcdb011f04e38733013b8ebe5e92b1917640c" CCM encrypt and tag NIST VTT AES-192 #6 (P=24, N=13, A=32, T=14) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d2d4482ea8e98c1cf309671895a16610152ce283434bca38":"78168e5cc3cddf4b90d5bc11613465030903e0196f1fe443":"6ee177d48f59bd37045ec03731":"9ef2d0d556d05cf9d1ee9dab9b322a389c75cd4e9dee2c0d08eea961efce8690":"e2324a6d5643dfc8aea8c08cbbc245494a3dcbcb800c797c3abcdb0563978785bf7fd71c6c1f" CCM encrypt and tag NIST VTT AES-192 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7177fd129674c6c91c1c89f4408139afe187026b8114893":"2cea0f7304860a4f40a28c8b890db60f3891b9982478495e":"31bb28f0e1e63c36ca3959dd18":"2529a834668187213f5342a1f3deea0dc2765478c7d71c9c21b9eb1351a5f6cb":"5bb7aa6ab9c02a5712d62343fbe61f774e598d6b87545612380ea23dcffc9574f672bca92e306411" CCM encrypt and tag NIST VTT AES-256 #1 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9074b1ae4ca3342fe5bf6f14bcf2f27904f0b15179d95a654f61e699692e6f71":"239029f150bccbd67edbb67f8ae456b4ea066a4beee065f9":"2e1e0132468500d4bd47862563":"3c5f5404370abdcb1edde99de60d0682c600b034e063b7d3237723da70ab7552":"9c8d5dd227fd9f81237601830afee4f0115636c8e5d5fd743cb9afed" CCM encrypt and tag NIST VTT AES-256 #2 (P=24, N=13, A=32, T=6) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8596a69890b0e47d43aeeca54b52029331da06fae63aa3249faaca94e2605feb":"f0b065da6ecb9ddcab855152d3b4155037adfa758ba96070":"20442e1c3f3c88919c39978b78":"4e0d3aa502bd03fe1761b167c4e0df1d228301d3ebaa4a0281becd813266e255":"d6a0f377f7c1b14dcdba729cae5271b027e71cc7850173ec265867a29eb3" CCM encrypt and tag NIST VTT AES-256 #3 (P=24, N=13, A=32, T=8) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae73483de27b581a7c13f178a6d7bda168c1b4a1cb9180512a13e3ab914eb61":"28ef408d57930086011b167ac04b866e5b58fe6690a0b9c3":"daf54faef6e4fc7867624b76f2":"7022eaa52c9da821da72d2edd98f6b91dfe474999b75b34699aeb38465f70c1c":"356367c6cee4453658418d9517f7c6faddcd7c65aef460138cf050f48c505151" CCM encrypt and tag NIST VTT AES-256 #4 (P=24, N=13, A=32, T=10) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5b321b0ac2fedce0933d57d12195c7b9941f4caa95529125ed21c41fac43374":"6aa6ea668df60b0db85592d0a819c9df9e1099916272aafb":"b35fb2262edfa14938a0fba03e":"ba762bbda601d711e2dfc9dbe3003d39df1043ca845612b8e9dc9ff5c5d06ec4":"97027de5effd82c58f8dbfb909d7696fbe2d54916262912001a4d765bc1c95c90a95" CCM encrypt and tag NIST VTT AES-256 #5 (P=24, N=13, A=32, T=12) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f4af6765cad1d511db07e33aaafd57646ec279db629048aa6770af24849aa0d":"7ebef26bf4ecf6f0ebb2eb860edbf900f27b75b4a6340fdb":"dde2a362ce81b2b6913abc3095":"404f5df97ece7431987bc098cce994fc3c063b519ffa47b0365226a0015ef695":"353022db9c568bd7183a13c40b1ba30fcc768c54264aa2cd2927a053c9244d3217a7ad05" CCM encrypt and tag NIST VTT AES-256 #6 (P=24, N=13, A=32, T=14) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c8b59d3e7986c277d5ad51e4a2233251076809ebf59463f47cd10b4aa951f8c":"138ee53b1914d3322c2dd0a4e02faab2236555131d5eea08":"21ff892b743d661189e205c7f3":"f1e0af185180d2eb63e50e37ba692647cac2c6a149d70c81dbd34685ed78feaa":"5b2f3026f30fdd50accc40ddd093b7997f23d7c6d3c8bc425f82c828413643b8794494cb5236" CCM encrypt and tag NIST VTT AES-256 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"60823b64e0b2da3a7eb772bd5941c534e6ff94ea96b564e2b38f82c78bb54522":"a8be794613835c4366e75817d228438f011a2ec8a86f9797":"48526f1bffc97dd65e42906983":"fab62b3e5deda7a9c1128663cc81c44b74ab1bfe70bc1c9dec7c7fd08173b80a":"cc3efe04d84a4ec5cb6a6c28dc2c2d386a359d9550dbdec963ddd56464aed6d0613159d1aa181dcb" CCM encrypt and tag NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) @@ -363,203 +363,203 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c1142877d9f450e12d7b6db47a85ba":"b506a6ba900c1147c806775324b36eb376aa01d4c3eef6f5":"76becd9d27ca8a026215f32712":"6a59aacadd416e465264c15e1a1e9bfa084687492710f9bda832e2571e468224":"14b14fe5b317411392861638ec383ae40ba95fefe34255dc2ec067887114bc370281de6f00836ce4" CCM encrypt and tag NIST VPT AES-192 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"086e2967cde99e90faaea8a94e168bf0e066c503a849a9f3":"":"929542cd690f1babcf1696cb03":"58f70bab24e0a6137e5cd3eb18656f2b5ccddc3f538a0000c65190e4a3668e71":"3bf9d93af6ffac9ac84cd3202d4e0cc8" CCM encrypt and tag NIST VPT AES-192 #2 (P=1, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"992d38768b11a236945bd4b327c3728fac24c091238b6553":"1c":"b248a90b84b0122a5ad8e12760":"27cabc40da0e1eda0ea5f8abbb7c179e30776250a7b30d711b0e106c5ee9d84a":"1a96f58c3f38c44d1a345f3e2da6679f20" CCM encrypt and tag NIST VPT AES-192 #3 (P=2, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5012db40ff6ae23c1e1ce43768c5936c4400b0e79ae77f30":"0c6c":"b67e500b35d60ad7264240027c":"40affd355416200191ba64edec8d7d27ead235a7b2e01a12662273deb36379b8":"c996ef3d6ef9f981557506ecc8797bbaaaa7" CCM encrypt and tag NIST VPT AES-192 #4 (P=3, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fa15cc7f0de294d7341b1fd79326c8be78e67822343c1992":"bcb898":"e5257aed2bda0495aa44591db4":"31a0338c3839931fa1dd5131cb796c4c6cfde9fb336d8a80ac35dec463be7a94":"68f08298d9a2147776dca9c1a42382bce323b2" CCM encrypt and tag NIST VPT AES-192 #5 (P=4, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5330a8447d74a7987fb718cfae246b5c7e057991064eeaf":"b46b343e":"2ef29d62b40d8643848797cde8":"1225b036e6044df52314016760e92750de0936120395de750a2c54a7fa0cea82":"c2c39d6f9344e2de064f269d065a2a6108605916" CCM encrypt and tag NIST VPT AES-192 #6 (P=5, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30419145ae966591b408c29e5fd14d9112542909be5363f7":"8ceaeb89fd":"27e6b2a482bbc6f13702005708":"e04e81e860daf9696098c723085d8023c240ebe7a643131e35359ab04bd650fe":"ec9d5ed36243ddf77b33d8cf2963ba76fd4e19f3c5" CCM encrypt and tag NIST VPT AES-192 #7 (P=6, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"748ad503388a34041a7bdae6361d57894357c333bacf02ca":"24d6880aed7e":"518b79d194579b19f2d8845b70":"691dd98f61fd213b0840ec5a6f06ef9a1420be0d59bde5e43546347a2a865a94":"270120f9634ec15536e21d961c675070ec4cff9037bc" CCM encrypt and tag NIST VPT AES-192 #8 (P=7, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b930cca30a3fd230c237c8f3cc6792d0c4084dff5c18d775":"2a755e362373ef":"7574802fd82fe96c05431acd40":"1cf83928b6a9e525fe578c5c0f40c322be71b3092239bff954dd6883738d6d71":"f06238b0450fd1f4b6cab1383adb420c4724aa7bdfefb7" CCM encrypt and tag NIST VPT AES-192 #9 (P=8, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"314c136999e41d137bd7ba17201a9fa406025868334e39b3":"4d54d8b06b204445":"65f7a0f4c0f5bba9d26f7e0ddb":"5c7ce4819b30b975ae6ce58dcc1bfa29a8b6dda8f4b76c7e23516487745e829c":"2baf90c490b11f9607482362ab3f157c42d0e9c6c5cffcf0" CCM encrypt and tag NIST VPT AES-192 #10 (P=9, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a19f6be062ec0aaf33046bd52734f3336c85d8368bef86ab":"13511ae5ff6c6860a1":"7f2d07f8169c5672b4df7f6cac":"d68d5f763db6111c5d6324d694cb0236beab877daae8115ecb75d60530777b58":"b3859b757802ebd048467fd8e139eb9ee8fcdca45ed87dc1c8" CCM encrypt and tag NIST VPT AES-192 #11 (P=10, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"de1c8263345081d2dfa9afdf37675971135e178df554a4d8":"f777aba1fa70f94e6de9":"a301bb82f91a582db01355c388":"9ad52c041390d0d4aaf65a4667c3239c95e7eae6178acc23fb4e70a852d483c6":"9d8bff6d2dcde77104ac6aba025abc01416a7ca9f096ab2529cb" CCM encrypt and tag NIST VPT AES-192 #12 (P=11, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"248d36bd15f58e47fcf1c948272355821f8492e6e69f3661":"33709d9c7906e2f82dd9e2":"9e8d492c304cf6ad59102bca0e":"9ec08c7ed6b70823d819e9ab019e9929249f966fdb2069311a0ddc680ac468f5":"9114d36b79b1918b2720f40cddce66df9b4802f737bea4bd8f5378" CCM encrypt and tag NIST VPT AES-192 #13 (P=12, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a67fb504b961028633321111aac2c30eb6d71a8cf72056":"10554c062d269ff6dcd98493":"acadc0330194906f8c75ac287f":"8c18486d52571f70f2ba6a747aaa3d4b3ebc2e481ee1b70907dddb94bdfa0ca6":"7f8b0cad79b545e5addf0b04ff4b0f2b2a5067283210aba8630d0306" CCM encrypt and tag NIST VPT AES-192 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d423519e4110c06063061323f8c7c95387776b6ee4e4b6e":"4021ff104ff1dbd91e46db249f":"39abe53826d9b8e300fe747533":"cdd9bf1b4f865e922c678ec4947ea0cb02e78bd5c1538f33aeb818ad3f47e519":"7953d3cd66d093785d123f65ba37f16761dd6aedbfc789ad96edf1490d" CCM encrypt and tag NIST VPT AES-192 #15 (P=14, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a60cf7ceb62bf3118532bc61daa25ce946991047f951b536":"d64f9426febce6a84c954dd5ded5":"7499494faa44a7576f9ed5580d":"baa482c64eefd09118549a8968f44cfea7a436913a428e30aa4ab44802a4ba35":"f7580f17266d68237747bf57c7ed8242ac1a1979c5a9e7bc67d7698c7efa" CCM encrypt and tag NIST VPT AES-192 #16 (P=15, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82d4bc9aac298b09112073277205e1bf42176d1e6339b76c":"25a53fd3e476dc0860eeeea25fcb0c":"70325ef19e581b743095cd5eb1":"6d14bb2635c5d0ae83687f1824279cf141173527e1b32d1baf8a27f7fe34a542":"4a1cfd0023557a184b929965b0a445cb3993ca35acf354cb2b4254ff672e7f" CCM encrypt and tag NIST VPT AES-192 #17 (P=16, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6873f1c6c30975aff6f08470264321130a6e5984ade324e9":"5051a0b0b6766cd6ea29a672769d40fe":"7c4d2f7cec04361f187f0726d5":"77743b5d83a00d2c8d5f7e10781531b496e09f3bc9295d7ae9799e64668ef8c5":"0ce5ac8d6b256fb7580bf6acc76426af40bce58fd4cd6548df90a0337c842004" CCM encrypt and tag NIST VPT AES-192 #18 (P=17, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3cf8da27d5be1af024158985f725fd7a6242cbe0041f2c17":"f6dd2c64bf597e63263ccae1c54e0805fe":"07f77f114d7264a122a7e9db4f":"30457e99616f0247f1339b101974ea231904d0ef7bd0d5ee9b57c6c16761a282":"ce3031c3a70600e9340b2ddfe56aa72cffdc5e53e68c51ee55b276eb3f85d2cf63" CCM encrypt and tag NIST VPT AES-192 #19 (P=18, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b46a3a24c66eb846ca6413c001153dc6998970c12e7acd5a":"56d18d3e2e496440d0a5c9e1bcb464faf5bc":"b79c33c96a0a90030694163e2a":"ea9405d6a46cac9783a7b48ac2e25cc9a3a519c4658b2a8770a37240d41587fb":"01baba2e0d5b49d600d03a7ed84ee878926c0ca478f40a6fbde01f584d938a1c91bf" CCM encrypt and tag NIST VPT AES-192 #20 (P=19, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b71045ccef735bd0c5bea3cf3b7e16e58d9c62061a204e0":"890d05420d57e3b3d8dbef117fe60c3fa6a095":"2b9ecfd179242c295fe6c6fa55":"b89166f97deb9cc7fdeb63639eeafb145895b307749ec1a293b27115f3aa8232":"f842ff6662684de8785af275fa2d82d587de0687ebe35e883cbd53b82f2a4624c03894" CCM encrypt and tag NIST VPT AES-192 #21 (P=20, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc7c67715f2709e150cceff020aaacf88a1e7568191acbcf":"f383bd3e6270876b74abbb5d35e7d4f11d83412c":"da56ea046990c70fa216e5e6c4":"f799818d91be7bab555a2e39f1f45810a94d07179f94fe1151d95ab963c47611":"377b5df263c5c74f63603692cbb61ea37b6d686c743f71e15490ca41d245768988719ede" CCM encrypt and tag NIST VPT AES-192 #22 (P=21, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f41e369a1599627e76983e9a4fc2e963dab4960b09ebe390":"81ad3f386bedcbf656ff535c63580d1f87e3c72326":"68ef8285b90f28bcd3cb1bacea":"dbe3e82e49624d968f5463ceb8af189fb3ad8b3b4122142b110d848a286dae71":"9f6028153e06d14d30b862a99a35413413c04a49dc6f68a03a11cf00d58f062a7b36465d13" CCM encrypt and tag NIST VPT AES-192 #23 (P=22, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3289e59e3a7b29bf4a309afc253030bba4b9bdd64f0722f9":"53911a67b65738f87fc7c20d6db8044bde1af95838d1":"30259ce106e9bd7a8bacbaf212":"2870bd9a26c510e9a256920899bbc77a4eb9b53f927045a943d5ed6b13638cf3":"70cf37d4b6f7e707376b1574ce17c040b5143da47abb2fe9afafc2fccd98ccf63b0fdec30eac" CCM encrypt and tag NIST VPT AES-192 #24 (P=23, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40f1aff2e44d05f12126097a0f07ac0359ba1a609356a4e6":"8d98c580fb366f330dbfda20f91d99a0878b47efd14c6d":"0df3fc6396f851785fca9aa5ff":"e9699b20b0574fce8b5cbc4ef792eb96e2c1cce36b1b1f06ea2a95fe300633cc":"579cdf9da62a2df471e03450516adb4ce99ae0f70b1776a39c3b429a1f922fac0b59e29a122e43" CCM encrypt and tag NIST VPT AES-192 #25 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91f9d636a071c3aad1743137e0644a73de9e47bd76acd919":"4eaf9384cad976f65f98042d561d760b5a787330dc658f6c":"1bf491ac320d660eb2dd45c6c3":"3bdfd7f18d2b6d0804d779f0679aaa2d7d32978c2df8015ae4b758d337be81dd":"635530cab14e3d0a135bb6eebb5829412676e6dd4995f99cb7e17f235bd660e7e17b2c65320e9fd4" CCM encrypt and tag NIST VPT AES-256 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c6c14c655e52c8a4c7e8d54e974d698e1f21ee3ba717a0adfa6136d02668c476":"":"291e91b19de518cd7806de44f6":"b4f8326944a45d95f91887c2a6ac36b60eea5edef84c1c358146a666b6878335":"ca482c674b599046cc7d7ee0d00eec1e" CCM encrypt and tag NIST VPT AES-256 #2 (P=1, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc49d4a397887cb57bc92c8a8c26a7aac205c653ef4011c1f48390ad35f5df14":"1a":"6df8c5c28d1728975a0b766cd7":"080f82469505118842e5fa70df5323de175a37609904ee5e76288f94ca84b3c5":"a5f24e87a11a95374d4c190945bf08ef2f" CCM encrypt and tag NIST VPT AES-256 #3 (P=2, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"36b0175379e7ae19c277fe656a2252a82796309be0f0d4e1c07fdde88aca4510":"be80":"021bd8b551947be4c18cf1a455":"b5c6e8313b9c68e6bb84bffd65fa4108d243f580eab99bb80563ed1050c8266b":"ecacc3152e43d9efea26e16c1d1793e2a8c4" CCM encrypt and tag NIST VPT AES-256 #4 (P=3, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddb739acda6c56ec9aefc4f4cbc258587f443da4e76ddfa85dbe0813a8784944":"db457c":"0bddf342121b82f906368b0d7b":"887486fff7922768186363ef17eb78e5cf2fab8f47a4eb327de8b16d63b02acb":"54473c3f65d6be431e79700378049ac06f2599" CCM encrypt and tag NIST VPT AES-256 #5 (P=4, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"62b82637e567ad27c3066d533ed76e314522ac5c53851a8c958ce6c64b82ffd0":"87294078":"5bc2896d8b81999546f88232ab":"fffb40b0d18cb23018aac109bf62d849adca42629d8a9ad1299b83fe274f9a63":"2bc22735ab21dfdcfe95bd83592fb6b4168d9a23" CCM encrypt and tag NIST VPT AES-256 #6 (P=5, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bc29a16e19cfbe32bf4948e8e4484159bc819b7eec504e4441a1a98ca210e576":"3e8c6d1b12":"4f18bcc8ee0bbb80de30a9e086":"574931ae4b24bdf7e9217eca6ce2a07287999e529f6e106e3721c42dacf00f5d":"45f3795fcf9c66e1a43103d9a18f5fba5fab83f994" CCM encrypt and tag NIST VPT AES-256 #7 (P=6, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f4b4f97b6aa48adb3336c451aac377fde4adf47897fd9ccdf139f33be76b18c":"1b62ad19dcac":"7a76eac44486afdb112fc4aab9":"a66c980f6621e03ff93b55d5a148615c4ad36d6cbdd0b22b173b4b1479fb8ff7":"4ad1fcf57c12b14e0e659a6305b4aeffae82f8a66c94" CCM encrypt and tag NIST VPT AES-256 #8 (P=7, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7aaeff3a1dc0cc5ecf220c67ad9f6dda060b4f1be3cc609cb4f18b2342a88a2":"d48daa2919348d":"d0d6871b9adc8623ac63faf00f":"e97175c23c5b47da8ce67811c6d60a7499b3b7e1347ad860519285b67201fe38":"eb32ab153a8e092fa325bafc176a07c31e6cc0a852d288" CCM encrypt and tag NIST VPT AES-256 #9 (P=8, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"493e14623cd250058a7fc66a3fee0c24b6e363b966c2314aff53b276b6c2ea7b":"e5653e512d8b0b70":"fe2d8ae8da94a6df563f89ce00":"579a637e37a0974cd2fc3b735d9ed088e8e488ffe210f043e0f9d2079a015ad6":"75d31f8d47bee5c4e2ba537355ae8ab25cc9ed3511ff5053" CCM encrypt and tag NIST VPT AES-256 #10 (P=9, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b23255372455c69244a0210e6a9e13b155a5ec9d6d0900e54a8f4d9f7a255e3a":"615d724ae94a5daf8d":"274846196d78f0af2df5860231":"69adcae8a1e9a3f2fe9e62591f7b4c5b19d3b50e769521f67e7ea8d7b58d9fc8":"f019ae51063239287d896e7127f17d13f98013b420219eb877" CCM encrypt and tag NIST VPT AES-256 #11 (P=10, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbf06366f766e2811ecd5d4384d6d08336adc37e0824d620cf0d9e7fd1e7afa9":"2e3cf0af8c96c7b22719":"b3503ed4e277ed9769b20c10c0":"9ae5a04baa9d02c8854e609899c6240851cbc83f81f752bc04c71affa4eed385":"e317df43ab46eb31be7e76f2730d771d56099a0c8d2703d7a24e" CCM encrypt and tag NIST VPT AES-256 #12 (P=11, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4dd555bd3a5253a90b68b5d4d46bd050340ee07ddad3a72048c657b5d76bb207":"8015c0f07a7acd4b1cbdd2":"bdb1b82ba864893c2ee8f7426c":"9bcc5848e928ba0068f7a867e79e83a6f93593354a8bfcfc306aeeb9821c1da1":"8e9f80c726980b3d42e43a6512a0481255b729a10f9edb5f07c60c" CCM encrypt and tag NIST VPT AES-256 #13 (P=12, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3ad8cda9a0d91a205c4c05665728bb255d50a83403c9ab9243fcbbe95ae7906":"a203aeb635e195bc33fd42fa":"0b5f69697eb1af24e8e6fcb605":"ea26ea68facdac3c75ba0cdf7b1ad703c9474af83b3fbfc58e548d776b2529b9":"62666297a809c982b50722bd56bc555899345e0404b2938edf33168e" CCM encrypt and tag NIST VPT AES-256 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e300fc7a5b96806382c35af5b2c2e8e26382751b59010d4b1cfc90a4a9cb06df":"8714eb9ecf8bdb13e919de40f9":"55b59eb434dd1ba3723ee0dc72":"9b1d85384cb6f47c0b13514a303d4e1d95af4c6442691f314a401135f07829ec":"ba6063824d314aa3cbab14b8c54c6520dac0f073856d9b9010b7857736" CCM encrypt and tag NIST VPT AES-256 #15 (P=14, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ae5be5904bae62609ac525e2d1cad90133447573d7b608975a6a2b16cb2efc0":"959403e0771c21a416bd03f38983":"61bf06b9fa5a450d094f3ddcb5":"0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd":"37a346bc4909965c5497838251826385a52c68914e9d1f63fd297ee6e7ed" CCM encrypt and tag NIST VPT AES-256 #16 (P=15, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab62b3e5deda7a9c1128663cc81c44b74ab1bfe70bc1c9dec7c7fd08173b80a":"54be71705e453177b53c92bbf2ab13":"a5c1b146c82c34b2e6ebeceb58":"5e60b02b26e2d5f752eb55ea5f50bb354a6f01b800cea5c815ff0030b8c7d475":"788db949697b8cd9abbc74ed9aa40cd6852dc829469368491149d6bb140071" CCM encrypt and tag NIST VPT AES-256 #17 (P=16, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ee8ce187169779d13e443d6428e38b38b55dfb90f0228a8a4e62f8f535806e62":"d15f98f2c6d670f55c78a06648332bc9":"121642c4218b391c98e6269c8a":"718d13e47522ac4cdf3f828063980b6d452fcdcd6e1a1904bf87f548a5fd5a05":"cc17bf8794c843457d899391898ed22a6f9d28fcb64234e1cd793c4144f1da50" CCM encrypt and tag NIST VPT AES-256 #18 (P=17, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7da6ef35ad594a09cb74daf27e50a6b30d6b4160cf0de41ee32bbf2a208b911d":"b0053d1f490809794250d856062d0aaa92":"98a32d7fe606583e2906420297":"217d130408a738e6a833931e69f8696960c817407301560bbe5fbd92361488b4":"a6341ee3d60eb34a8a8bc2806d50dd57a3f628ee49a8c2005c7d07d354bf80994d" CCM encrypt and tag NIST VPT AES-256 #19 (P=18, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0786706f680c27b792d054faa63f499a8e6b5ddb90502946235bf74c022d772c":"6a26677836d65bd0d35a027d278b2534e7df":"f61ef1c8c10a863efeb4a1de86":"67874c808600a27fcab34d6f69cc5c730831ad4589075dd82479823cb9b41dc3":"d1c1f3c60603359c7d6a707f05ecb2296f8e52f2210b7a798ad5c778ee7cfd7fe6e0" CCM encrypt and tag NIST VPT AES-256 #20 (P=19, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bac55f9847d93325bf5071c220c0a3dfeb38f214292d47b4acb7b0a597fe056f":"c1a994dc198f5676ea85801cd27cc8f47267ec":"05b50c458adbba16c55fcc454d":"89ad6ae1e550975eaa916a62615e6b6a66366a17a7e06380a95ea5cdcc1d3302":"7c9b138177590edaafec4728c4663e77458ffbe3243faec177de4a2e4a293952073e43" CCM encrypt and tag NIST VPT AES-256 #21 (P=20, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8beedeb85d42c2a7fa6f7237b05acb197dd8e1672471ac878064fe5319eab876":"7b125c3b9612a8b554913d0384f4795c90cd387c":"8479bdfad28ebe781e9c01a3f6":"7aebdfd955d6e8a19a701d387447a4bdd59a9382156ab0c0dcd37b89419d6eff":"6cc611d816b18c6847b348e46a4119465104254a04e2dfeeeac9c3255f6227704848d5b2" CCM encrypt and tag NIST VPT AES-256 #22 (P=21, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c3a0c126cad581012151c25cf85a44472c23f83b6095b6004f4f32cd60ec2db2":"73b09d18554471309141aa33b687f9248b50fe3154":"94ab51ce75db8b046d6ab92830":"2a243246bfe5b5ab05f51bf5f401af52d5bbaa2549cf57a18e197597fe15dd8c":"b7e8264ca70fd2a4fb76f20a8ad5da3c37f5893fb12abeeaef1187f815ca481ed8ddd3dd37" CCM encrypt and tag NIST VPT AES-256 #23 (P=22, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9cdebaeee8690b68751070691f49593668a6de12d3a948b38ddbd3f75218b2d4":"3cbb08f133270e4454bcaaa0f20f6d63c38b6572e766":"af1a97d43151f5ea9c48ad36a3":"f5353fb6bfc8f09d556158132d6cbb97d9045eacdc71f782bcef62d258b1950a":"3966930a2ae8fdd8f40e7007f3fde0bd6eb48a46e6d26eef83da9f6384b1a2bda10790dadb3f" CCM encrypt and tag NIST VPT AES-256 #24 (P=23, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d34264a12c35cdd67ac105e2826b071e46f8131d1e325f8e0ae80a6447375135":"79ac1a6a9eca5e07ce635bfd666ef72b16f3f2e140d56c":"3891e308b9f44c5b5a8b59004a":"0cda000ed754456a844c9ed61843deea9dadf5e723ea1448057712996d660f8c":"1abcc9b1649deaa0bfa7dcd23508282d9c50ca7fee72486950608d7bcb39dcf03a2cab01587f61" CCM encrypt and tag NIST VPT AES-256 #25 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4ad98dbef0fb2a188b6c49a859c920967214b998435a00b93d931b5acecaf976":"9cea3b061e5c402d48497ea4948d75b8af7746d4e570c848":"00d772b07788536b688ff2b84a":"5f8b1400920891e8057639618183c9c847821c1aae79f2a90d75f114db21e975":"f28ec535c2d834963c85814ec4173c0b8983dff8dc4a2d4e0f73bfb28ad42aa8f75f549a93594dd4" CCM encrypt and tag NIST VNT AES-128 #1 (P=24, N=7, A=32, T=16) @@ -591,59 +591,59 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac87fef3b76e725d66d905625a387e82":"959403e0771c21a416bd03f3898390e90d0a0899f69f9552":"61bf06b9fa5a450d094f3ddcb5":"0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd":"cabf8aa613d5357aa3e70173d43f1f202b628a61d18e8b572eb66bb8213a515aa61e5f0945cd57f4" CCM encrypt and tag NIST VNT AES-192 #1 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ceb009aea4454451feadf0e6b36f45555dd04723baa448e8":"c8d275f919e17d7fe69c2a1f58939dfe4d403791b5df1310":"764043c49460b7":"6e80dd7f1badf3a1c9ab25c75f10bde78c23fa0eb8f9aaa53adefbf4cbf78fe4":"8a0f3d8229e48e7487fd95a28ad392c80b3681d4fbc7bbfd2dd6ef1c45d4ccb723dc074414db506d" CCM encrypt and tag NIST VNT AES-192 #2 (P=24, N=8, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dd56442fa09a42890b1b4274b950770ea8beea2e048193d":"bd92d6744cde446fc8621625658fc4bc00dcb97f06195ad7":"ad749d596d88a4b4":"c67219909828adef64422286008e1e306867a1c0b3da95444507a68b45c953e4":"076cffd0ca978fe2bad411ced45a090abafb22a99896f6a75a1969276aa2b0cdb37ccaf2845dbf6e" CCM encrypt and tag NIST VNT AES-192 #3 (P=24, N=9, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8cc622645065c72d0d2aca75802cf1bbbd81096721627c08":"597b3614ff9cd567afd1aad4e5f52cc3fa4ca32b9b213c55":"cd84acbe9abb6a990a":"447b6f36acdad2d1cfd6e9a92f4055ad90142e61f4a19927caea9dbe634d3208":"2d7fb83e6621eed9073e0386d032c6941bef37b2cf36a4c6c5e36222d17c6fb0631c3f560a3ce4a4" CCM encrypt and tag NIST VNT AES-192 #4 (P=24, N=10, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab72eef2aba30205c986e2052d6e2c67881d24ae5fceaa8f":"2a794b84fc9e4a7e6d70a82b5141fd132177a86b4e8fc13a":"d7a46e726ed43f1580eb":"baa86f14271b2be7dbb37ddc7c95ce4857e57aa94624d594d7bd6ceeaada8d5f":"2d7f76464417613bb61d3657481346b74fc9d6abc6a3babd39365dce86859cd82395d11bfc8cf188" CCM encrypt and tag NIST VNT AES-192 #5 (P=24, N=11, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"af84c6f302c59aeee6d5728ed5da2e3c64a5a781c52c4d1b":"6db41aeb5f7c24df8929dbc30483b3c7934b3bd1cdce5bb9":"df990c42a268950677c433":"a6ab5d78427f297a4b7e21f1091ff3a5b20caa3fe1cbcb09459d9df596a6c8e1":"8c9328258bf71970d33e23a3ff81cc1c9cbe196a1294264bfd6a7255e4801963bb30a63de3fc5b82" CCM encrypt and tag NIST VNT AES-192 #6 (P=24, N=12, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d49b255aed8be1c02eb6d8ae2bac6dcd7901f1f61df3bbf5":"062eafb0cd09d26e65108c0f56fcc7a305f31c34e0f3a24c":"1af29e721c98e81fb6286370":"64f8a0eee5487a4958a489ed35f1327e2096542c1bdb2134fb942ca91804c274":"721344e2fd05d2ee50713531052d75e4071103ab0436f65f0af2a663da51bac626c9f4128ba5ec0b" CCM encrypt and tag NIST VNT AES-192 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"36ad1e3fb630d1b1fbccfd685f44edd8984427b78deae7a9":"8b9db1c8f9b4892a5654c85467bcffa2e15e28392c938952":"3af625df8be9d7685a842f260e":"308443033ecd4a814475672b814b7c6d813d0ec2a0caeecbcaba18a2840cdb6c":"6bc6890fee299c712fb8d9df9c141f24ee1572b8f15112c2f8c99ccf2d82788cf613a61d60dae458" CCM encrypt and tag NIST VNT AES-256 #1 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"553521a765ab0c3fd203654e9916330e189bdf951feee9b44b10da208fee7acf":"644eb34b9a126e437b5e015eea141ca1a88020f2d5d6cc2c":"aaa23f101647d8":"a355d4c611812e5f9258d7188b3df8851477094ffc2af2cf0c8670db903fbbe0":"27ed90668174ebf8241a3c74b35e1246b6617e4123578f153bdb67062a13ef4e986f5bb3d0bb4307" CCM encrypt and tag NIST VNT AES-256 #2 (P=24, N=8, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"472bf7946bce1d3c6f168f4475e5bb3a67d5df2fa01e64bce8bb6e43a6c8b177":"59eb45bbbeb054b0b97334d53580ce03f699ac2a7e490143":"790134a8db83f2da":"a7a86a4407b7ecebc89434baa65ef173e88bd2dad9899b717ca578867c2d916f":"db4961070f528ccd1a5a0681ee4d0ce3515fb890bccedc2dbc00b1d8b2bc393a8d09e87af7811f55" CCM encrypt and tag NIST VNT AES-256 #3 (P=24, N=9, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"58ae7965a508e8dd2eda69b5d888a28a1cb3783bad55d59d5b0da87137b72e93":"e61bad17640ecff926d0b0238271ee4c9f8e801dd7243e9e":"caa3d928d2bf2b7f2c":"304678b3ffd3200e33a8912bcb556b3cfec53ca17f70ecba00d359f9f51d3e3b":"7bb1137c14cb4d324a4a8f1115c619ebf74927f0bed60a8d5a9140ff50dc4da375c7d2de80de097f" CCM encrypt and tag NIST VNT AES-256 #4 (P=24, N=10, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aecc5e18088bf9fd7b17f089bdd5607b69903b04b726361f8a81e221b1c91891":"d4291c99901345afe29f58912a414a7498f37b44362bdf3c":"c527d309ab29ee91c5fc":"8f9a73e7bc1c11e2919020ba3a404cbddf861e9e78477218e3be2cd4337b278d":"392784a9e0b14bcd37639ec5409d6ead3e75f855e5a92c33ffc040ef3977e0035ce6ea6d157c18d3" CCM encrypt and tag NIST VNT AES-256 #5 (P=24, N=11, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97bc7482a87ba005475dfa3448f59d4b3f9c4c969d08b39b1b21ef965c0f5125":"b99bf4dc781795fc4d3a8467b06e1665d4e543657f23129f":"0bcf78103ec52d6df28887":"049c10f0cb37ae08eae2d0766563b7c5a8454f841c2061a4f71a0a2158ae6ce5":"0d3891fa0caac1f7ebe41b480920ffd34d4155064c24f3b17a483163dd8f228d1f20cd4f86cf38fd" CCM encrypt and tag NIST VNT AES-256 #6 (P=24, N=12, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6ff67379a2ead2ca87aa4f29536258f9fb9fc2e91b0ed18e7b9f5df332dd1dc":"98626ffc6c44f13c964e7fcb7d16e988990d6d063d012d33":"2f1d0717a822e20c7cd28f0a":"d50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c83997630":"50e22db70ac2bab6d6af7059c90d00fbf0fb52eee5eb650e08aca7dec636170f481dcb9fefb85c05" CCM encrypt and tag NIST VNT AES-256 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a75ff2f66dae2935403cce27e829ad8be98185c73f8bc61d3ce950a83007e11":"205f2a664a8512e18321a91c13ec13b9e6b633228c57cc1e":"46eb390b175e75da6193d7edb6":"282f05f734f249c0535ee396282218b7c4913c39b59ad2a03ffaf5b0e9b0f780":"58f1584f761983bef4d0060746b5d5ee610ecfda31101a7f5460e9b7856d60a5ad9803c0762f8176" CCM encrypt and tag NIST VADT AES-128 #1 (P=24, N=13, A=0, T=16) @@ -779,267 +779,267 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a33980e71e7d67fd6cf171454dc96e5":"a34dfa24847c365291ce1b54bcf8d9a75d861e5133cc3a74":"33ae68ebb8010c6b3da6b9cb29":"eca622a37570df619e10ebb18bebadb2f2b49c4d2b2ff715873bb672e30fc0ff":"7a60fa7ee8859e283cce378fb6b95522ab8b70efcdb0265f7c4b4fa597666b86dd1353e400f28864" CCM encrypt and tag NIST VADT AES-192 #1 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"39f08a2af1d8da6212550639b91fb2573e39a8eb5d801de8":"15b369889699b6de1fa3ee73e5":"":"6342b8700edec97a960eb16e7cb1eb4412fb4e263ddd2206b090155d34a76c8324e5550c3ef426ed" CCM encrypt and tag NIST VADT AES-192 #2 (P=24, N=13, A=1, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9748798c0f3cc766795c8ce0e4c979c1930dfe7faefea84a":"100fa71462277d76ca81f2cfdb3d39d3894b0ca28074a0f0":"cdf4ba655acfe8e2134fa0542f":"67":"36e2415b4f888a6072f260d7e786d803be16f8b9cbee112d7ff74e3b05b7d7c13284573bd3e7e481" CCM encrypt and tag NIST VADT AES-192 #3 (P=24, N=13, A=2, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"393dcac5a28d77297946d7ab471ae03bd303ba3499e2ce26":"262f4ac988812500cb437f52f0c182148e85a0bec67a2736":"fe7329f343f6e726a90b11ae37":"1c8b":"e6d43f822ad168aa9c2e29c07f4592d7bbeb0203f418f3020ecdbc200be353112faf20e2be711908" CCM encrypt and tag NIST VADT AES-192 #4 (P=24, N=13, A=3, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a74abc4347e4be0acb0a73bb8f7d25c35bae13b77f80233a":"6372824bf416cd072a7ad0ae5f9f596c6127520c1b688ab4":"6a850e94940da8781159ba97ef":"a4490e":"b14a07bdc119d87611342c4c6935c5786ff1f9ae2eb49e6191c88a3cb4fbafcb8a4a157d587d7e39" CCM encrypt and tag NIST VADT AES-192 #5 (P=24, N=13, A=4, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"df052e95aea3769a433ce4e4e800b8418649bbe8c6297eb0":"e8c1a89228d8212f75c136bab7923a89f9fea18e781cb836":"ba356d392c3f700f4f2706a4ca":"8ffc0e3d":"66b5d782323925e1bd0a8413a9a5a881356453d5df2cbeb199b2e1e803550dcdde55fd66ecb45edd" CCM encrypt and tag NIST VADT AES-192 #6 (P=24, N=13, A=5, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16d345606a315ad2406abbcb43cd8cabe948107ba6d17a72":"d3bef460223c81e4579c9d1d463ac5e0881685de1420a411":"d4ef3e9e04f1b7f20ffc5a022e":"a468f08d07":"abb85db49a9b1c8724ecbc734cc8373bd20083cfa4007b1cfe4d3a3bb25f89f692884be230c6035c" CCM encrypt and tag NIST VADT AES-192 #7 (P=24, N=13, A=6, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c476cfd7dd300d961fd3f24a6fe0e80742b00851676ca63":"6f3938932b5c1280311e892280d8a822a828a0be7fdb1bcd":"e300fc7a5b96806382c35af5b2":"28130f938c45":"df48662fe134e75a85abc2cece2c3b6236c88a70fa792e9beadc9601adf9fbdf4e3e94b395b0a332" CCM encrypt and tag NIST VADT AES-192 #8 (P=24, N=13, A=7, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"79d1e38a70df1cf239be168833dcd0570bc8f37b3aa26c37":"83c24f3a77b83b4ef45277ba90225f3ba1722312f52b1a07":"8229d6d7e9e21fdc789bff5dcf":"076887d2abe900":"19d880f1d959a68f162de243d4a45747ace704613359b27218d1531a066de60a95d2924a6910e990" CCM encrypt and tag NIST VADT AES-192 #9 (P=24, N=13, A=8, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"72e6cebdaf88205c4e74428664bc0d7eb4687a272217b7ca":"54bc7e3c227df4e83252a5848fea12dfdb2d14b9e67c1629":"3820db475c7cb04a0f74d8e449":"f427c47e10c45bb3":"91e7baff2b42af63e26c87ce6991af22422c1f82906858b1721961de5c768f4d19bd3034f44f08d2" CCM encrypt and tag NIST VADT AES-192 #10 (P=24, N=13, A=9, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39c03a0c8634047b1635348f284d3dc1e752ab40548eb337":"0662e63c88e963d3e0cf2c4653515ae4474a2c78ab0394c0":"9e2ea8eb7f56087ee506925648":"28d157f09a71da80dd":"01dcd4dd3b8c1369518136ce45e8bb9df565b0ad231a887b02ada34addf0aa2f4744ed2e07995491" CCM encrypt and tag NIST VADT AES-192 #11 (P=24, N=13, A=10, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a92ffbb0b5eb68cb82687f12449fae5167d375131b0b10":"048c9ba4597c3bb595bfd5048e5e9a1296f30e5c0118b177":"441ad5e1382e083a95224f395d":"2352648299b0413cb2ce":"25247a258e4ac0a988d8def60cc174a9d4578cd5346fb5150c96e8ab8774baa421f39c64a386c418" CCM encrypt and tag NIST VADT AES-192 #12 (P=24, N=13, A=11, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef1ad3eb0bde7d4728389da2255d1f8a66ecb72e6f2f1ac4":"9f580cc6c62a05ce125c6bec109a48ca527ee26a64b14b68":"8e7d8a44244daa7df2b340993e":"521583c25eb4a3b2e46120":"ff0ff95bcb0bccd5e4aadd77ac6770f5013654eb3c6386fded2c87135861b43a99f258b6938f66e3" CCM encrypt and tag NIST VADT AES-192 #13 (P=24, N=13, A=12, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"44cba20b7204ed85327c9c71c6fea00b47ce7bdde9dea490":"6333bde218b784ccd8370492f7c8c722f8ef143af66d71d7":"f3329154d8908f4e4a5b079992":"f1e0af185180d2eb63e50e37":"b9401a4927b34dc15e9193db00212f85f0c319781ec90e3b4484d93cb422cb564acc63d3d18e169c" CCM encrypt and tag NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181":"fd80e88f07dad09eed5569a4f9bb65c42ef426dda40450119503d811701642143013f28ce384d912" CCM encrypt and tag NIST VADT AES-192 #15 (P=24, N=13, A=14, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13f179aa2a23bc90a85660306394940e9bb226ce3885ec01":"d3b36c6289ad6ae7c5d885fe83d62a76270689ce05fa3b48":"aaa52c63ca1f74a203d08c2078":"5cc924222692979a8e28ab1e0018":"bc4fcef401c2e1d1c335734ff23ea52c3474d2e6f31648a7f58649400ac9e825b038d67f0c2a6f1c" CCM encrypt and tag NIST VADT AES-192 #16 (P=24, N=13, A=15, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c1dfc48273d406a3a7b9176f80b2dc4e9a7f68134bab66d2":"67d9728a88f1fac3af43ed6d634ba902896bd226858697d9":"1ac53ba965cdaeeef7326a37e4":"39ba54a410a58a5d11615a2163cc3b":"360f0fc714994e3b59448b50cdd61d511b4f09e0e5fb5ac826a51fe5b9b598a17eb3da10f936813b" CCM encrypt and tag NIST VADT AES-192 #17 (P=24, N=13, A=16, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8a662ab8449bd037da0346a24565683a3bbbbd1800e3c1c":"61fdd10938557080191d13dd6c3002dd445d9af988029199":"166fb8d0e110124c09013e0568":"1c1c082eeb5b8548283d50cc2ace1c35":"23c05927502a4ee6e61e4e10552d49b020643eab476eeacc867601fe79a122a7817819655183283e" CCM encrypt and tag NIST VADT AES-192 #18 (P=24, N=13, A=17, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"116f4855121d6aa53e8b8b43a2e23d468c8568c744f49de5":"1bd3b5db392402790be16e8d0a715453928f17f3384c13a7":"924322a3ef0c64412f460a91b2":"03c2d22a3bb08bbb96b2811ce4b1110a83":"ad736402626df0f9393fe4491eb812725ad39d6facf20b5b2f9340b0d48a17ae1cc71d7515e61ee9" CCM encrypt and tag NIST VADT AES-192 #19 (P=24, N=13, A=18, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e67f3ba11282d61fe36e38cab7b559c2fd9cbe8bf7eb5863":"d7a954dae563b93385c02c82e0143b6c17ce3067d8b54120":"a727ed373886dd872859b92ccd":"68d199e8fced02b7aeba31aa94068a25d27a":"c6cfaa1f54d041089bd81f89197e57a53b2880cefc3f9d877e30b2bcc3f1ea9ec2b8f28bf0af4ecf" CCM encrypt and tag NIST VADT AES-192 #20 (P=24, N=13, A=19, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e0a29a2c7840cf9b41de49780b9ee92d646a4bfc5b9da74a":"344dc8b6bd66a1fbbe330a95af5dd2a8783dc264d6a9267d":"fc9fd876b1edded09f70b18824":"36e15baafa0002efbb4bb26503b7e3b79f6c68":"43b3b96aa5a54378f3bb573ffda3e154aa7f425fc3008175b60a77b9d38740356b544b1c0f259086" CCM encrypt and tag NIST VADT AES-192 #21 (P=24, N=13, A=20, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26d0a3a8509d97f81379d21981fe1a02c579121ab7356ca0":"37ab2a0b7b69942278e21032fc83eba6cdc34f5285a8b711":"8015c0f07a7acd4b1cbdd21b54":"093ed26ada5628cfb8cfc1391526b3bcc4af97d9":"a3a60b422eb070b499cf6da0a404b13a05cedda549c6b93e6ca0e07e04674f21a46df2659a5905fb" CCM encrypt and tag NIST VADT AES-192 #22 (P=24, N=13, A=21, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aac60835c309d837aacc635931af95702a4784c214283ebb":"e8610756528f75607b83926597ef515f4b32a8386437e6d4":"0e20602d4dc38baa1ebf94ded5":"796e55fbe7bed46d025599c258964a99574c523f6a":"e0a3d5f43e688ce104f4ae1a4fcd85500aa6b8fdbcd1b8d3003c0c3b7369e79339433e1754c0937f" CCM encrypt and tag NIST VADT AES-192 #23 (P=24, N=13, A=22, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"671544bf2988056f7f9ccd526861391a27233793a23f811f":"576b069ae2713f53d2924c1fd68f786cb2eec68892f9e1be":"0a259148a1d081e0df381ecd0c":"61dafc237cb52f83ab773ba8a885462b6f77d4924611":"ce06b3d09b02921f290544032a081a7766612940048867281bb089af0245792c16e6320cf5ffa19e" CCM encrypt and tag NIST VADT AES-192 #24 (P=24, N=13, A=23, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"90e2c63b6e5394b1aeec03f95a9d13a01a7d4e9d58610786":"44dd098b1f869d670a8a841900c4bef023a1946a0c278354":"dada5465eb9b7229807a39e557":"f5629ca0eea589f6cf963d875a7d2efb656983f2dd2231":"6b38ca85450e05e7b9362ed7e6e291a130ff233b5a561cdef7ec84dd992fdf98514f845dac8f656e" CCM encrypt and tag NIST VADT AES-192 #25 (P=24, N=13, A=24, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13cdaaa4f5721c6d7e709cc048063cfb8b9d92e6425903e6":"d7c837971b973f5f651102bf8d032e7dcd10e306739a0d6c":"f97b532259babac5322e9d9a79":"ad6622279832502839a82348486d42e9b38626e8f06317c4":"4709600418f2839841e6d126359f6982bdb53acc7ff209635623d15b24184481eadc63bb8c878fc4" CCM encrypt and tag NIST VADT AES-192 #26 (P=24, N=13, A=25, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"90851933d4d3257137984cdb9cba2ca737322dac4dbd64bc":"ba1785a149cb8b69a4e011c11a3ff06f6d7218f525ac81b5":"be02df3a840322df8d448c600c":"69a9dd9ac8be489c3a3f7f070bdaca10699171f66ab3da9351":"89ab2efefa8406336d9e2245199fbc9454f0ef650b9ed0f446c7246bd3130803bf8d703ef5bdf15c" CCM encrypt and tag NIST VADT AES-192 #27 (P=24, N=13, A=26, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c5d02c93faa74a848e5046fc52f236049e28cd8096dcac6":"b4da43ebfe9396b68f4689fba8837c68d0064841c6ddd4a7":"54cbf2889437673b8875a0f567":"09fc21ac4a1f43de29621cacf3ad84e055c6b220721af7ce33bb":"d40725397229021a18f3481e3a85f70445557bb2a85e4ae8101a34c777e918e16186fda05a386572" CCM encrypt and tag NIST VADT AES-192 #28 (P=24, N=13, A=27, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0234dae5bd7ae66c67ff0c1a3f1a191a0d7bceb451bc2b7d":"0f960a89a7e806f8709047cb7a2e7c4211ad724692c88a05":"16d345606a315ad2406abbcb43":"c37fdf7449fd7e943595d75e977089c623be0a3926e63fdbbfdf4a":"3907880d25f910eab12dd14e704d1b33ea7c453634d54da2a461f44dac1112ae3f9c65671a931d3e" CCM encrypt and tag NIST VADT AES-192 #29 (P=24, N=13, A=28, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6351a67fd6daabd2fd49ee944dd41dd37301f958dd17fcc3":"0c0663dd69ccbffbbd0c8c2e9473d0354451ae7a20fa3695":"b8d517b033754058128d13d11a":"511c6924fa96db716f6b053b7a48aebdc1504145a56cd02d6be2590d":"19f2745df5007619c79c84d174e4521b942776478a0601d982c560fede4741e2fd3b54b3a48f3e38" CCM encrypt and tag NIST VADT AES-192 #30 (P=24, N=13, A=29, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a5a9560baed3b8e0e90b92655d4e5f33889e5d7253d9f6c":"5bbe9c1fb2563e3e82999fe097b28da4dc6ff2e020f3b4f3":"c0049382cdd8646756d4e6bff5":"c95a86d52088a8b0107cc5b437a8938b2c9e74e46e2e03bb9bceecdbe3":"6d5401db42b5c48b79203b6ad82806d7460ac4c82ad0809b811020480e834f6fe55900a162a4e61a" CCM encrypt and tag NIST VADT AES-192 #31 (P=24, N=13, A=30, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e61094c80df0053e86d43fccf4e1d3ee2cdb862d3237b0a":"1fada8f4c7daea0d1c370184c169485b80a278708ed41451":"63f00b2488809fdc49ca5f05d5":"a08763ca936abdeece06467bef8c3c47c3a473636a039d4db540c867d3e3":"680dd22f16a1290bde42c9792dfa997aed24d5bd2265b6e095aa6b99d3f894d3790c2aa2dae1ba2c" CCM encrypt and tag NIST VADT AES-192 #32 (P=24, N=13, A=31, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5664dd6ed435df006052f6ded74bb7ce9482ca9229886f7":"0b6de49b530703affc94010c2b793ddc6de0c44d48037ff2":"7a1649896f3e030c18f0205599":"c5f1a26351e53e6509c8bbbed03c42c23ad81c65fccec7ffa1cb494c7f1fc4":"56b02fea595cc24e798691ae905be3d466ca68ca744005dba260b5ea3b047020b73b5bafa17e5084" CCM encrypt and tag NIST VADT AES-192 #33 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50925853a84a33ff392154e4e737efc18dcfc98f4d5235a9":"718f061e8b972a3adcf465d66c5b28e8661f080127f6722f":"809343e986f6ff47f54d4cac22":"d70aef3532bdc5293a3ebb11589ac1f801c9f93ea0d656e1d04068facf9f768b":"bad3b0e6772e9c4c9c631c095e259d99692292932efb72b8966e91a19617bb748f3495aa433585bb" CCM encrypt and tag NIST VADT AES-256 #1 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"72a60f345a1978fb40f28a2fa4":"":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e935753e601b79db4ae730b6ae3500731" CCM encrypt and tag NIST VADT AES-256 #2 (P=24, N=13, A=1, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a4490ed6ab51dbfccd6f3702a857575dad44da3a27eaf31178abc97da60d1e4b":"1b5cc6b1651dec4bbbf5130343852e971c7ff1774100d9be":"26ceaf6e3b28190a17c4f0c378":"9e":"789bce069a725a96c484e64a9e54dcb7a7c268c85df47815a462ff2dd8ba44a381e1f6edab12b5a9" CCM encrypt and tag NIST VADT AES-256 #3 (P=24, N=13, A=2, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"df594db94ef8eca56a417afe946085eaed444c7cc648d07d58132e6cb5bc2bc3":"f4d7978fad36223623ccb5bb18a7373cba8a6e3b1c921259":"c1ad812bf2bbb2cdaee4636ee7":"c0c3":"bea778540a90033b2c0d087e3cc447711ea25f7eea96855506ec97f23bd6ea97834f92f7263c3195" CCM encrypt and tag NIST VADT AES-256 #4 (P=24, N=13, A=3, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d98193ab2a465e3fcd85651aaeca18b8e91489b73b7c7e93b518c4b5b81fc6ac":"edba7d6312144e90ec9eaace7576045a46e553dcb8ee5a98":"2247dc7e2674e9e0a63fe70613":"4dc2f4":"44b9ea727c847336fd739ad11f4b906b292edb810462f06ef59626ad5cdac2e4d4cb07b538a1fd8f" CCM encrypt and tag NIST VADT AES-256 #5 (P=24, N=13, A=4, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"45c8afd7373cb0f6b092af3a633d9fd97c4ca378e19d75f9b74d089429726c29":"0b92adbb251dc29a67f0bb97f8e7160862b6c4e843d07fd9":"fdb1fa230ae0b172ff98fc7496":"270981af":"274e2faea3271ea6fa0494c1951f115b5491a893056c3ee4c76fc350e585277e373e9119bf9595cb" CCM encrypt and tag NIST VADT AES-256 #6 (P=24, N=13, A=5, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a2e6bf39efd1ceddc92b4333ed92d65efeea6c031ca345adb93a7770a8039bcd":"d822f84b023f12ea9e3ce16b904278e4aaab5e11c2c23f3f":"693cbb46bc8366086ec7cd7776":"3ba11282d6":"9f91fd2f6472e33b02b1eabb9d6655729d44c44dad6b3883fe0667bcc5806b225224b04ade8b21c1" CCM encrypt and tag NIST VADT AES-256 #7 (P=24, N=13, A=6, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5a850167a5bfdf56636ce9e56e2952855504e35cc4f5d24ee5e168853be82d8":"e758796d7db73bccb1697c42df691ac57974b40ca9186a43":"c45b165477e8bfa9ca3a1cd3ca":"4759557e9bab":"93ad58bd5f4f77ac4f92b0ae16c62489e4074c7f152e2ed8a88179e0d32f4928eff13b4ce2873338" CCM encrypt and tag NIST VADT AES-256 #8 (P=24, N=13, A=7, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8f93c3efe38e2af07e256961dd33028faa0716e5320a7ab319a10d2f4c5548":"bc9ca92a9c9919e39095d3e53fb148694620ae61227e0069":"6333bde218b784ccd8370492f7":"0b1fabdf2a4107":"45811b0c8f754bf03950e520cd4afc81c2e3eb8a11f4fd386d5a6e4b1fbee15d35939c721004502e" CCM encrypt and tag NIST VADT AES-256 #9 (P=24, N=13, A=8, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"548c2d1eb7d91e003633d4d9ff199e4a8447180edd89ac7867d25a1db288b5ce":"49fd5cbe4aff89dc3b8718f9ce545d612cbbebb289ecbf42":"23b205bd6ff8ed0bab0c98999c":"a6601111cd92c943":"3cfc6211e359ae322802fc9566f377b0dfe17d1dfe0878ebf2a9047e37cc0be1fab0006af8db8dc4" CCM encrypt and tag NIST VADT AES-256 #10 (P=24, N=13, A=9, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aab793e377a12484dbdd74c9b3a85c74c286e1cc498663fbd7c718b5633bb91a":"7c0889854658d3408c5d8043aad2f4ae4a89449a36f8a3b8":"10022cddb323e88b3c08f95a0f":"82b8c736037ce2f2e8":"1044250f58857c69f72b5d3454d43949e5c02b3822970b280de1a3f7fc5d06cc30f06075f5504ed7" CCM encrypt and tag NIST VADT AES-256 #11 (P=24, N=13, A=10, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"06ac39896073a44283611a66ccab067e2dd2faa8da82ff9a45bb29e54d2e6e77":"3216dce3b8b1ce0e79e40fffcac728ab191aaaf319d971d3":"6c7942c9819cf69b817bfcdb0a":"215e2a6c24325340fdec":"c5b3b50ed8a7b7b96b02ba9464b6a2ff80e90548605699a63d70e6dffb31a376a1eb7f94526dca48" CCM encrypt and tag NIST VADT AES-256 #12 (P=24, N=13, A=11, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50412c6444bcf9829506ab019e98234af1541061557412740bc120b456052763":"6cdbd63f6d591f59776f828533b28e2453a214d1d0dd8a39":"85684f94c3702c5d870310166d":"f706a3e09df95d3e21d2e0":"8c8b4ae854a5d5c265b25e3b54bded9444cc454b3e0e6a24d6c05eaf406a5ebd578e19edd5227380" CCM encrypt and tag NIST VADT AES-256 #13 (P=24, N=13, A=12, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a56588fe5e125237b6cdc30f940b8d88b2863ec501a0cb00b1abade1b5ce0ed":"c825952293e434ea866db558aaf486ef09a92bf366988f71":"d80210b9f9776ea36dc0e0a787":"e4296d1c8cf4ffc4b2635135":"b8b3b15fdf6a4a0b5abc313afc769e4e8413bd887552583ede3ed995d1b70561c8e28a7b1a7e3dc8" CCM encrypt and tag NIST VADT AES-256 #14 (P=24, N=13, A=13, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a4cc7e1c90f8684e6a5f95e6898ab4e3c194cb46e196d8228062b9f3fa744930":"10d4cff95ef490923c9e0906880729d4d05412e7675cce76":"cdc2712e51c7f333d6bad78eee":"569c56b27268d3db54e728aac0":"be3ce3e9dc72499839a98ae52abb17415e8547687e8a3c7b8aaaac20d4c9276f2851cbba2b04d185" CCM encrypt and tag NIST VADT AES-256 #15 (P=24, N=13, A=14, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"347e12eec56e95aafcc7d25bf10fc756b4e42bc2e43da7f97df24331f27f1f5c":"ca88dddfc876a12f45f19562bc9ca250f43267ab251a7f34":"b8d517b033754058128d13d11a":"511c6924fa96db716f6b053b7a48":"eeedcfa8f5b5b48c1d7e277526eecb7294213b9f5785167ae949b93003dfe63c95c1d49edfb4de3f" CCM encrypt and tag NIST VADT AES-256 #16 (P=24, N=13, A=15, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"520902aa27c16dee112812b2e685aa203aeb8b8633bd1bfc99728a482d96c1fe":"533fee7d2c7740db55770e48cb1b541d990ea3f8f08ed1a6":"ddf50502f414c1bf24888f1328":"22b4f8f1aac02a9b2ef785d0ff6f93":"fc867b319e0e4ab45ec518a1b5dcec4f29982173f3abfd4d8a8f8d14d2bdac84c3737cfbd75b7c0b" CCM encrypt and tag NIST VADT AES-256 #17 (P=24, N=13, A=16, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57da1c2704219ed59abfdf04743a9a93c87a63d471818de0f1564b2db6421562":"ddc3c1aa73fb6de92bb4db138e26f3c2e0543ab4f5924871":"4b60a47b7e90f622fa0bf803e1":"0ae8c012ff39753510df3ee80707e4e2":"daa8256d4753fdf9cfef876295badaba89b45cc497f54d220ec2c6fb687753bca4580adc6aa2f296" CCM encrypt and tag NIST VADT AES-256 #18 (P=24, N=13, A=17, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9267ebc99ccf648b146cba3c251187e24a9947d806ceb0ced6894211641a1e0d":"967daf12f16f166b7b5038f83a1cf0b980f5abf4c7746f2a":"9b7298950280e8762ecdc9bbe4":"5824689453bc406bf891b85e4576e38fe8":"7cfe2a7a54306eb8d8a63d3d1ae86794f9a2c22198b2cb4f10ca926f1a430c08c12e23db3d913e93" CCM encrypt and tag NIST VADT AES-256 #19 (P=24, N=13, A=18, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a855e1690ee638de01db43b37401dcd569c1ae03dc73dd0a917d0cadb5abc29":"33ae68ebb8010c6b3da6b9cb29fe9f8bd09b59ec39f4ce4b":"8f160a873a1166c8b32bccbba7":"72674aca7eba2fc0eeafbd143c2c4d8aa6c8":"b22afdf4f12c43ec23e01ac1215a3f5286059211207e957057e9a9203da74387a9468f8af5e27547" CCM encrypt and tag NIST VADT AES-256 #20 (P=24, N=13, A=19, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0ebdc6ddb4c502725dd6ee8da95d56a0d1044b4694d6ba8475a4434f23a8474f":"c7360282c85484a5a33ab1c68dd70873ab4e74ffd4a62cd5":"fb717a8c82114477253acc14f6":"41e9d65632f74f449a6842d5e6c4a86ef83791":"2e961b3a2fa1609a4e6fd04bff6ac5e306ae2638706f997b42be2e2ba05c54b619850db5c9d684fe" CCM encrypt and tag NIST VADT AES-256 #21 (P=24, N=13, A=20, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ff64bbec197a63315c2f328dcb4837d0cdc21a5d6f89ff1d97cb51195330cd8":"4a17522da707b4b2587a0ae367a2cd2831bb593a18ef442a":"a235f8ee3de9896b71910ac02c":"2b411bea57b51d10a4d2fb17ef0f204aa53cf112":"1bf122798bd8ee8e73391d589bd046a294d1615794e69cb9e6f3ba30143acbc3a1c1c6ec74333107" CCM encrypt and tag NIST VADT AES-256 #22 (P=24, N=13, A=21, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"24e9f08a9a007f9976919e10dc432002e2e078a339677f00105c72ed35633a3f":"d3416a81b4246eb0bf8119a72a886bbc0ac9449c69f71d2f":"15977424eeec0ec7f647e6c798":"2d838eb51a4bc69a001a18adf2084a680f02a3c5fc":"e001a8fae390dc5d672cdd18f86a1f728158ec83a002050def9af5679edbcbb7db20ab6af30698db" CCM encrypt and tag NIST VADT AES-256 #23 (P=24, N=13, A=22, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0ec1b22b8df05dc92135d2dfbefed8ea81458f5ea1b801e8a218faf6cbdf1a79":"2f59d94d4ab8eeb84c2a6fefb7fb0a3ac059c1e1a65ae34a":"97ebcb8575bb58260208d5c227":"a2f6337f86dd00d1a58448851e95d8c9bace4a5c8710":"7ca0b1dbe34b0391e524b868b0af08b3e096917664d6aa2cabc1f9d0132394149c9062b74b82f04b" CCM encrypt and tag NIST VADT AES-256 #24 (P=24, N=13, A=23, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0875020959ed969cfb38636d1d5aabce9658b00171a7614ea9e5395331c7659c":"065ef9eeafbe077c1c7049f43eb0d8999708e8609f214d5c":"451101250ec6f26652249d59dc":"7cc9c51b69f98a06391ab32742fb6365e15106c811fe8a":"990065322a438e136860f7b019807e9feff52a642bf3d44a9163fa7a867f04cab6f52dc250070f31" CCM encrypt and tag NIST VADT AES-256 #25 (P=24, N=13, A=24, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef4c1d2314e671f666cc6667660f1438a293208c7cc29b412d81277f0a635c91":"c99c3e79125b6fd95e737326a842424eb6c6ecea4c0475c4":"50b23b052922366c25dd40e348":"cd0522ebe1fed82465277d1c10ae9316a98b4469be63b180":"76df4be4ec8373864399acda11294b220b9f7c3a7d2b3660b25764e40ac6a171e7e6bab4fdee4288" CCM encrypt and tag NIST VADT AES-256 #26 (P=24, N=13, A=25, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8544808e8fbf8c3a5e1d4ca751d4b603af9fe119eabc6923205815e0e748b7e7":"617d54fc6a23601c79e3984f93bfc2d151fde420863206b3":"b44a58724596b4d8dea827c1a0":"f5b2c88f5232c37273b1e66aa31cfa7201e33c21d60054d025":"57b3414db48982c6567265e1e0173bf38fdfaffe4461fbebc1411af83237c0f9eb0bfe8ed914da66" CCM encrypt and tag NIST VADT AES-256 #27 (P=24, N=13, A=26, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e19eaddd9f1574447e7e6525f7fd67e3b42807e44fbb60e75d8c3e98abc18361":"b3b0de10b7c0996662f1b064e04e528b7d85ca1166985d33":"a8c459ce0223358826fb1ec0f0":"ef88f4393d6c1e7b7be55a12144209ee051bb779e440432721ef":"d63e6082c95c6c5ff2bc0771321a4f883ef61cff7b99e0ea8a20a1abe7c842ebc08c8c81a2743c81" CCM encrypt and tag NIST VADT AES-256 #28 (P=24, N=13, A=27, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9498f02e50487cfbda1ce6459e241233bd4c4cb10281dcb51915dbc7fb6545c0":"0d16cc69caa9f19b88b05e151b3d26accd018ca4a5786a80":"e3bd4bc3a60cddd26c20aa8636":"70cfcb828d483216b46c3cd22e2f9ee879e9e3059b566179b6e16c":"f1c4bedb8d6f91676881daa37656a7e6402f472735b04a0f1f8332f4236437737438e7aa1b5100c7" CCM encrypt and tag NIST VADT AES-256 #29 (P=24, N=13, A=28, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7d5bc4698c021e49a685cd71057e09821633957d1d59c3c30cbc3f2d1dbf8":"89198d3acc39b950f0d411119c478c60b2422ffe7e26e00b":"54c8ff5459702aac058bb3be04":"ecbd7091732e49c0f4bda2e63235ea43bbf8c8730f955f9c049dd1ec":"7717b8e4447afcea1eeebf3e39ffdab2f52828e7931ef27e475acd27900478f09fec1f479ab3a7c8" CCM encrypt and tag NIST VADT AES-256 #30 (P=24, N=13, A=29, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"948882c3667caa81c9b900996e3d591e6fcb3d08333eeb29911e9c6338710c17":"8b9130b0c3c15366831bbb19f377e3209a8dbf7619cd09bd":"43b0aca2f0a9030f90559fa6d3":"a516ca8405e5c8854e667921b5c5e1968bdd052915b55ac9984b7eefb3":"4646b2acdeb11174171da23999cd54e297daa32bbc13d30512e57c576b315f48c11877178389aaa0" CCM encrypt and tag NIST VADT AES-256 #31 (P=24, N=13, A=30, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3bf52cc5ee86b9a0190f390a5c0366a560b557000dbe5115fd9ee11630a62769":"094b538110495e938b08cf748a6bcf3e0c80ff9c66570237":"f9fbd02f28ecc929d369182752":"ebf0b3e3199a5c3773c761c725c7600add5f9d8321c9f8e5e5fd1c7a5d2f":"4d8b53016fc8bc9677184c0fa15bbd3d671b9366d82ecb67f8562eadcdcbcdbad1299bea1523f5d2" CCM encrypt and tag NIST VADT AES-256 #32 (P=24, N=13, A=31, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e45bb1730d0d539aab3805350ac986540de9f0f6c239ee70395c291397b70309":"bc8b3bc48c7a88c9fafde258b6ccaa9d4f0d018703d63871":"d5c7824af715bb7822b6b340fe":"860f4a09ad8b3d345c2aa18ffb803f0bc3b734a4d047a1437701a5e3d95288":"95f083ad6bbaee6ab540fe023858f8baf25e333fd3e89c00e678a392d228b210dc5c991905dacf3f" CCM encrypt and tag NIST VADT AES-256 #33 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e6e34070caf1b8820ed39edfa83459abe1c15a1827f1c39f7ac316c4c27910f":"771a7baa9cf83aa253349f6475d5e74dba4525307b022ba7":"c49ccef869bb86d21932cb443b":"d37e35d7cdccd9824a1ae4c787819735e4af798a3beb49d4705336d6496853ad":"eebac2475004970071dfa2cfb855c4e78b1add8dcbccfc0bd6b14027324b657a56263df148665393" CCM auth decrypt tag NIST DVPT AES-128 #1 (P=0, N=7, A=0, T=4) @@ -1171,259 +1171,259 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c390042ba8bb5f6798dab01c5afad7306":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"9d4b7f3b":"5a8aa485c316e9":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"80745de9":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"17223038fa99d53681ca1beabe78d1b4":"5a8aa485c316e9":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"d0e1eeef4d2a264536bb1c2c1bde7c35":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"fe69ed84":"5a8aa485c316e9403aff859fbb":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"db7ffc82":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"5a8aa485c316e9403aff859fbb":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"38757b3a61a4dc97ca3ab88bf1240695":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138cddc93a54":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" CCM auth decrypt tag NIST DVPT AES-192 #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"32b649ab56162e55d4148a1292d6a225a988eb1308298273b6889036":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8c5a5ebecf7ac8607fe412189e83d9d20":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" CCM auth decrypt tag NIST DVPT AES-192 #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6e699f15f14d34dcaf9ba8ed4b877c97d":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a34fad277":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" CCM auth decrypt tag NIST DVPT AES-192 #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5a35df775":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671ea7ade30a07d185692ab0ebdf4c78cf7a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" CCM auth decrypt tag NIST DVPT AES-192 #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312ef042c86363cc05afb98c66e16be8a445":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"1d089a5f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"2f46022a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5280a2137fee3deefcfe9b63a1199fb3":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"d40a7318c5f2d82f838c0beeefe0d598":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5e0eaebd":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"71b7fc33":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"d07ccf9fdc3d33aa94cda3d230da707c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"65fe32b649dc328c9f531584897e85b3":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"9f6ca4af9b159148c889a6584d1183ea26e2614874b0504575dea8d1":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" CCM auth decrypt tag NIST DVPT AES-192 #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1ebd7965825":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd14d1d980d6fe0fb44b421992662b97975":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" CCM auth decrypt tag NIST DVPT AES-192 #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa206603c51d36c826f01384100886198a7f6a3":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854cccc25e9fce":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" CCM auth decrypt tag NIST DVPT AES-192 #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae98ecedb3e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f3178464a6f7fa2b76744e8e8d95691cecb8":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" CCM auth decrypt tag NIST DVPT AES-192 #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c06bd6dc2e6bcc3436cffb969ae900388":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"469c90bb":"a544218dadd3c1":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"46a908ed":"d3d5424e20fbec":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8207eb14d33855a52acceed17dbcbf6e":"a544218dadd3c1":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"60f8e127cb4d30db6df0622158cd931d":"d3d5424e20fbec":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8a19a133":"a544218dadd3c10583db49cf39":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"2e317f1b":"3c0e2815d37d844f7ac240ba9d":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"97e1a8dd4259ccd2e431e057b0397fcf":"a544218dadd3c10583db49cf39":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"5a9596c511ea6a8671adefc4f2157d8b":"3c0e2815d37d844f7ac240ba9d":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b722aa8d59":"a544218dadd3c1":"":4:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98" CCM auth decrypt tag NIST DVPT AES-256 #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a20277d00a75":"bfcda8b5a2d0d2":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd374f3bb6db8377ebfc79674858c4f305":"a544218dadd3c1":"":16:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98" CCM auth decrypt tag NIST DVPT AES-256 #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"afa1fa8e8a70e26b02161150556d604101fdf423f332c3363275f2a4907d51b734fe7238cebbd48f":"bfcda8b5a2d0d2":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f4123d14fb3f":"a544218dadd3c10583db49cf39":"":4:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e" CCM auth decrypt tag NIST DVPT AES-256 #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d8d0c0099":"894dcaa61008eb8fb052c60d41":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c423a578d179902f912f9ea1afbce1120b3":"a544218dadd3c10583db49cf39":"":16:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e" CCM auth decrypt tag NIST DVPT AES-256 #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae769084607b83bd06e6442eac8dacf583cc":"894dcaa61008eb8fb052c60d41":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"92d00fbe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"9143e5c4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"93af11a08379eb37a16aa2837f09d69d":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"d19b0c14ec686a7961ca7c386d125a65":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"866d4227":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"94cb1127":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"867b0d87cf6e0f718200a97b4f6d5ad5":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"677a040d46ee3f2b7838273bdad14f16":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc56083ebc7720":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3" CCM auth decrypt tag NIST DVPT AES-256 #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81c44db2c9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce1ac68bd42f5ec7fa7e068cc0ecd79c2a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3" CCM auth decrypt tag NIST DVPT AES-256 #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"d543acda712b898cbb27b8f598b2e4438ce587a836e2785147c3338a2400809e739b63ba8227d2f9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69ef891339":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3" CCM auth decrypt tag NIST DVPT AES-256 #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f63d488623":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781367f30f2eaad8c063ca50795acd90203":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3" CCM auth decrypt tag NIST DVPT AES-256 #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc4b41096dfdbe9cc1ab610f8f3e038d16":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM-Camellia encrypt and tag RFC 5528 #1 @@ -1547,11 +1547,11 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" CCM decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" CCM* decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" CCM encrypt, skip update AES-128 (P=0, N=13, A=0, T=16) @@ -1579,11 +1579,11 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" CCM decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" CCM* decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" CCM encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) @@ -1755,7 +1755,7 @@ depends_on:MBEDTLS_AES_C mbedtls_ccm_unexpected_text:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* encrypt, no auth NIST VADT AES-256 #1 (P=24, N=13) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_star_no_tag:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"72a60f345a1978fb40f28a2fa4":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e" CCM* decrypt, no auth NIST DVPT AES-128 #15 (P=24, N=13) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 8c5e6abb5..5aaaaa2e4 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -32,25 +32,25 @@ static int check_multipart(mbedtls_ccm_context *ctx, /* Allocate a tight buffer for each update call. This way, if the function * tries to write beyond the advertised required buffer size, this will * count as an overflow for memory sanitizers and static checkers. */ - ASSERT_ALLOC(output, n1); + TEST_CALLOC(output, n1); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_ccm_update(ctx, input->x, n1, output, n1, &olen)); TEST_EQUAL(n1, olen); - ASSERT_COMPARE(output, olen, expected_output->x, n1); + TEST_MEMORY_COMPARE(output, olen, expected_output->x, n1); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, n2); + TEST_CALLOC(output, n2); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_ccm_update(ctx, input->x + n1, n2, output, n2, &olen)); TEST_EQUAL(n2, olen); - ASSERT_COMPARE(output, olen, expected_output->x + n1, n2); + TEST_MEMORY_COMPARE(output, olen, expected_output->x + n1, n2); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, tag->len); + TEST_CALLOC(output, tag->len); TEST_EQUAL(0, mbedtls_ccm_finish(ctx, output, tag->len)); - ASSERT_COMPARE(output, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, tag->len, tag->x, tag->len); mbedtls_free(output); output = NULL; @@ -107,7 +107,7 @@ void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) mbedtls_ccm_init(&ctx); - ASSERT_ALLOC_WEAK(add, add_len); + TEST_CALLOC_OR_SKIP(add, add_len); memset(key, 0, sizeof(key)); memset(msg, 0, sizeof(msg)); memset(iv, 0, sizeof(iv)); @@ -190,13 +190,13 @@ void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, const uint8_t *expected_tag = result->x + msg->len; /* Prepare input/output message buffer */ - ASSERT_ALLOC(io_msg_buf, msg->len); + TEST_CALLOC(io_msg_buf, msg->len); if (msg->len != 0) { memcpy(io_msg_buf, msg->x, msg->len); } /* Prepare tag buffer */ - ASSERT_ALLOC(tag_buf, expected_tag_len); + TEST_CALLOC(tag_buf, expected_tag_len); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); @@ -204,8 +204,8 @@ void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, TEST_EQUAL(mbedtls_ccm_encrypt_and_tag(&ctx, msg->len, iv->x, iv->len, add->x, add->len, io_msg_buf, io_msg_buf, tag_buf, expected_tag_len), 0); - ASSERT_COMPARE(io_msg_buf, msg->len, result->x, msg->len); - ASSERT_COMPARE(tag_buf, expected_tag_len, expected_tag, expected_tag_len); + TEST_MEMORY_COMPARE(io_msg_buf, msg->len, result->x, msg->len); + TEST_MEMORY_COMPARE(tag_buf, expected_tag_len, expected_tag, expected_tag_len); /* Prepare data_t structures for multipart testing */ const data_t encrypted_expected = { .x = result->x, @@ -246,10 +246,10 @@ void mbedtls_ccm_star_no_tag(int cipher_id, int mode, data_t *key, TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 0, msg->len, 0)); - ASSERT_ALLOC(output, msg->len); + TEST_CALLOC(output, msg->len); TEST_EQUAL(0, mbedtls_ccm_update(&ctx, msg->x, msg->len, output, msg->len, &olen)); TEST_EQUAL(result->len, olen); - ASSERT_COMPARE(output, olen, result->x, result->len); + TEST_MEMORY_COMPARE(output, olen, result->x, result->len); TEST_EQUAL(0, mbedtls_ccm_finish(&ctx, NULL, 0)); exit: @@ -272,7 +272,7 @@ void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, /* Prepare input/output message buffer */ uint8_t *io_msg_buf = NULL; - ASSERT_ALLOC(io_msg_buf, expected_msg_len); + TEST_CALLOC(io_msg_buf, expected_msg_len); if (expected_msg_len) { memcpy(io_msg_buf, msg->x, expected_msg_len); } @@ -285,7 +285,7 @@ void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, result); if (result == 0) { - ASSERT_COMPARE(io_msg_buf, expected_msg_len, expected_msg->x, expected_msg_len); + TEST_MEMORY_COMPARE(io_msg_buf, expected_msg_len, expected_msg->x, expected_msg_len); /* Prepare data_t structures for multipart testing */ const data_t encrypted = { .x = msg->x, @@ -344,16 +344,16 @@ void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, } /* Prepare input/output message buffer */ - ASSERT_ALLOC(io_msg_buf, msg->len); + TEST_CALLOC(io_msg_buf, msg->len); if (msg->len) { memcpy(io_msg_buf, msg->x, msg->len); } /* Prepare tag buffer */ if (expected_tag_len == 0) { - ASSERT_ALLOC(tag_buf, 16); + TEST_CALLOC(tag_buf, 16); } else { - ASSERT_ALLOC(tag_buf, expected_tag_len); + TEST_CALLOC(tag_buf, expected_tag_len); } /* Calculate iv */ @@ -372,8 +372,8 @@ void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, add->x, add->len, io_msg_buf, io_msg_buf, tag_buf, expected_tag_len), output_ret); - ASSERT_COMPARE(io_msg_buf, msg->len, expected_result->x, msg->len); - ASSERT_COMPARE(tag_buf, expected_tag_len, expected_tag, expected_tag_len); + TEST_MEMORY_COMPARE(io_msg_buf, msg->len, expected_result->x, msg->len); + TEST_MEMORY_COMPARE(tag_buf, expected_tag_len, expected_tag, expected_tag_len); if (output_ret == 0) { const data_t iv_data = { .x = iv, @@ -429,7 +429,7 @@ void mbedtls_ccm_star_auth_decrypt(int cipher_id, /* Prepare input/output message buffer */ uint8_t *io_msg_buf = NULL; - ASSERT_ALLOC(io_msg_buf, expected_msg_len); + TEST_CALLOC(io_msg_buf, expected_msg_len); if (expected_msg_len) { memcpy(io_msg_buf, msg->x, expected_msg_len); } @@ -450,7 +450,7 @@ void mbedtls_ccm_star_auth_decrypt(int cipher_id, add->x, add->len, io_msg_buf, io_msg_buf, expected_tag, expected_tag_len), output_ret); - ASSERT_COMPARE(io_msg_buf, expected_msg_len, expected_result->x, expected_msg_len); + TEST_MEMORY_COMPARE(io_msg_buf, expected_msg_len, expected_result->x, expected_msg_len); if (output_ret == 0) { const data_t iv_data = { .x = iv, @@ -500,17 +500,17 @@ void mbedtls_ccm_skip_ad(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 0, msg->len, tag->len)); - ASSERT_ALLOC(output, result->len); + TEST_CALLOC(output, result->len); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_ccm_update(&ctx, msg->x, msg->len, output, result->len, &olen)); TEST_EQUAL(result->len, olen); - ASSERT_COMPARE(output, olen, result->x, result->len); + TEST_MEMORY_COMPARE(output, olen, result->x, result->len); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, tag->len); + TEST_CALLOC(output, tag->len); TEST_EQUAL(0, mbedtls_ccm_finish(&ctx, output, tag->len)); - ASSERT_COMPARE(output, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, tag->len, tag->x, tag->len); mbedtls_free(output); output = NULL; @@ -536,9 +536,9 @@ void mbedtls_ccm_skip_update(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); - ASSERT_ALLOC(output, tag->len); + TEST_CALLOC(output, tag->len); TEST_EQUAL(0, mbedtls_ccm_finish(&ctx, output, tag->len)); - ASSERT_COMPARE(output, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, tag->len, tag->x, tag->len); mbedtls_free(output); output = NULL; @@ -607,7 +607,7 @@ void mbedtls_ccm_unexpected_text(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); - ASSERT_ALLOC(output, msg->len); + TEST_CALLOC(output, msg->len); olen = 0xdeadbeef; TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update(&ctx, msg->x, msg->len, output, msg->len, &olen)); @@ -633,7 +633,7 @@ void mbedtls_ccm_incomplete_ad(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len - 1)); - ASSERT_ALLOC(output, 16); + TEST_CALLOC(output, 16); TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish(&ctx, output, 16)); exit: @@ -713,7 +713,7 @@ void mbedtls_ccm_overflow_update(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); - ASSERT_ALLOC(output, msg->len); + TEST_CALLOC(output, msg->len); TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, \ mbedtls_ccm_update(&ctx, msg->x, msg->len, output, msg->len, &olen)); exit: @@ -740,13 +740,13 @@ void mbedtls_ccm_incomplete_update(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); - ASSERT_ALLOC(output, msg->len); + TEST_CALLOC(output, msg->len); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_ccm_update(&ctx, msg->x, msg->len - 1, output, msg->len, &olen)); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, 16); + TEST_CALLOC(output, 16); TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish(&ctx, output, 16)); exit: @@ -774,7 +774,7 @@ void mbedtls_ccm_full_update_and_overflow(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); - ASSERT_ALLOC(output, msg->len); + TEST_CALLOC(output, msg->len); // pass full text TEST_EQUAL(0, mbedtls_ccm_update(&ctx, msg->x, msg->len, output, msg->len, &olen)); // pass 1 extra byte @@ -809,7 +809,7 @@ void mbedtls_ccm_incomplete_update_overflow(int cipher_id, int mode, TEST_EQUAL(0, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); - ASSERT_ALLOC(output, msg->len + 1); + TEST_CALLOC(output, msg->len + 1); // pass incomplete text TEST_EQUAL(0, mbedtls_ccm_update(&ctx, msg->x, msg->len - 1, output, msg->len + 1, &olen)); // pass 2 extra bytes (1 missing byte from previous incomplete pass, and 1 unexpected byte) @@ -836,7 +836,7 @@ void mbedtls_ccm_instant_finish(int cipher_id, int mode, // They are not a part of this test TEST_EQUAL(0, mbedtls_ccm_set_lengths(&ctx, 16, 16, 16)); - ASSERT_ALLOC(output, 16); + TEST_CALLOC(output, 16); TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_finish(&ctx, output, 16)); exit: diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function index 1a7e6768e..d6b67e12f 100644 --- a/tests/suites/test_suite_chacha20.function +++ b/tests/suites/test_suite_chacha20.function @@ -29,8 +29,8 @@ void chacha20_crypt(data_t *key_str, TEST_ASSERT(mbedtls_chacha20_crypt(key_str->x, nonce_str->x, counter, src_str->len, src_str->x, output) == 0); - ASSERT_COMPARE(output, expected_output_str->len, - expected_output_str->x, expected_output_str->len); + TEST_MEMORY_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); /* * Test the streaming API @@ -44,8 +44,8 @@ void chacha20_crypt(data_t *key_str, memset(output, 0x00, sizeof(output)); TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len, src_str->x, output) == 0); - ASSERT_COMPARE(output, expected_output_str->len, - expected_output_str->x, expected_output_str->len); + TEST_MEMORY_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); /* * Test the streaming API again, piecewise @@ -60,8 +60,8 @@ void chacha20_crypt(data_t *key_str, TEST_ASSERT(mbedtls_chacha20_update(&ctx, src_str->len - 1, src_str->x + 1, output + 1) == 0); - ASSERT_COMPARE(output, expected_output_str->len, - expected_output_str->x, expected_output_str->len); + TEST_MEMORY_COMPARE(output, expected_output_str->len, + expected_output_str->x, expected_output_str->len); mbedtls_chacha20_free(&ctx); } diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index aabd8617d..92e9cdd7b 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -8,63 +8,63 @@ dec_empty_buf:MBEDTLS_CIPHER_AES_128_XTS:MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:0 AES-128 CBC - Encrypt and decrypt 0 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:0:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 1 byte with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:1:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 2 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:2:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 7 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:7:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 8 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:8:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:8:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 9 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:9:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 15 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:15:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 16 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:16:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:16:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 17 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:17:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 31 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:31:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 32 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:32:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:32:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 33 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:33:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 47 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:47:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 48 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:48:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 49 bytes with PKCS7 padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:49:MBEDTLS_PADDING_PKCS7 AES-128 CBC - Encrypt and decrypt 0 bytes with one and zeros padding depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS @@ -251,15 +251,15 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:0:MBEDTLS_PADDING_NONE AES-128 CBC - Encrypt and decrypt 16 bytes with no padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:16:MBEDTLS_PADDING_NONE AES-128 CBC - Encrypt and decrypt 32 bytes with no padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:32:MBEDTLS_PADDING_NONE AES-128 CBC - Encrypt and decrypt 48 bytes with no padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_AES_128_CBC:"AES-128-CBC":128:48:MBEDTLS_PADDING_NONE AES-128 CBC - Try encrypting 1 bytes with no padding @@ -583,211 +583,211 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_OFB:128:16:16:-1:16:16:16:16 AES-192 OFB - Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:0:-1 AES-192 OFB - Encrypt and decrypt 1 byte -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:1:-1 AES-192 OFB - Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:2:-1 AES-192 OFB - Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:7:-1 AES-192 OFB - Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:8:-1 AES-192 OFB - Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:9:-1 AES-192 OFB - Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:15:-1 AES-192 OFB - Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:16:-1 AES-192 OFB - Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:17:-1 AES-192 OFB - Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:31:-1 AES-192 OFB - Encrypt and decrypt 32 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:32:-1 AES-192 OFB - Encrypt and decrypt 33 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:33:-1 AES-192 OFB - Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:47:-1 AES-192 OFB - Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:48:-1 AES-192 OFB - Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_OFB:"AES-192-OFB":192:49:-1 AES-192 OFB - Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:0:0:-1:0:0:0:0 AES-192 OFB - Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:1:0:-1:1:0:1:0 AES-192 OFB - Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:0:1:-1:0:1:0:1 AES-192 OFB - Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:16:0:-1:16:0:16:0 AES-192 OFB - Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:0:16:-1:0:16:0:16 AES-192 OFB - Encrypt and decrypt 16 bytes in multiple parts 3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:1:15:-1:1:15:1:15 AES-192 OFB - Encrypt and decrypt 16 bytes in multiple parts 4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:15:1:-1:15:1:15:1 AES-192 OFB - Encrypt and decrypt 22 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:15:7:-1:15:7:15:7 AES-192 OFB - Encrypt and decrypt 22 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:16:6:-1:16:6:16:6 AES-192 OFB - Encrypt and decrypt 23 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:17:6:-1:17:6:17:6 AES-192 OFB - Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_OFB:192:16:16:-1:16:16:16:16 AES-256 OFB - Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:0:-1 AES-256 OFB - Encrypt and decrypt 1 byte -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:1:-1 AES-256 OFB - Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:2:-1 AES-256 OFB - Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:7:-1 AES-256 OFB - Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:8:-1 AES-256 OFB - Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:9:-1 AES-256 OFB - Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:15:-1 AES-256 OFB - Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:16:-1 AES-256 OFB - Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:17:-1 AES-256 OFB - Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:31:-1 AES-256 OFB - Encrypt and decrypt 32 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:32:-1 AES-256 OFB - Encrypt and decrypt 33 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:33:-1 AES-256 OFB - Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:47:-1 AES-256 OFB - Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:48:-1 AES-256 OFB - Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_OFB:"AES-256-OFB":256:49:-1 AES-256 OFB - Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:0:0:-1:0:0:0:0 AES-256 OFB - Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:1:0:-1:1:0:1:0 AES-256 OFB - Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:0:1:-1:0:1:0:1 AES-256 OFB - Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:16:0:-1:16:0:16:0 AES-256 OFB - Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:0:16:-1:0:16:0:16 AES-256 OFB - Encrypt and decrypt 16 bytes in multiple parts 3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:1:15:-1:1:15:1:15 AES-256 OFB - Encrypt and decrypt 16 bytes in multiple parts 4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:15:1:-1:15:1:15:1 AES-256 OFB - Encrypt and decrypt 22 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:15:7:-1:15:7:15:7 AES-256 OFB - Encrypt and decrypt 22 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:16:6:-1:16:6:16:6 AES-256 OFB - Encrypt and decrypt 23 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:17:6:-1:17:6:17:6 AES-256 OFB - Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_OFB:256:16:16:-1:16:16:16:16 AES-128 CCM*-NO-TAG - Encrypt and decrypt 0 bytes @@ -895,211 +895,211 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG:128:16:16:-1:16:16:16:16 AES-192-CCM*-NO-TAG - Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:0:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 1 byte -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:1:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:2:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:7:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:8:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:9:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:15:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:16:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:17:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:31:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 32 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:32:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 33 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:33:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:47:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:48:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:"AES-192-CCM*-NO-TAG":192:49:-1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:0:0:-1:0:0:0:0 AES-192-CCM*-NO-TAG - Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:1:0:-1:1:0:1:0 AES-192-CCM*-NO-TAG - Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:0:1:-1:0:1:0:1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:16:0:-1:16:0:16:0 AES-192-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:0:16:-1:0:16:0:16 AES-192-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:1:15:-1:1:15:1:15 AES-192-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:15:1:-1:15:1:15:1 AES-192-CCM*-NO-TAG - Encrypt and decrypt 22 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:15:7:-1:15:7:15:7 AES-192-CCM*-NO-TAG - Encrypt and decrypt 22 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:16:6:-1:16:6:16:6 AES-192-CCM*-NO-TAG - Encrypt and decrypt 23 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:17:6:-1:17:6:17:6 AES-192-CCM*-NO-TAG - Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:192:16:16:-1:16:16:16:16 AES-256-CCM*-NO-TAG - Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:0:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 1 byte -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:1:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:2:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:7:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:8:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:9:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:15:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:16:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:17:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:31:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 32 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:32:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 33 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:33:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:47:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:48:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:"AES-256-CCM*-NO-TAG":256:49:-1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:0:0:-1:0:0:0:0 AES-256-CCM*-NO-TAG - Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:1:0:-1:1:0:1:0 AES-256-CCM*-NO-TAG - Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:0:1:-1:0:1:0:1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:16:0:-1:16:0:16:0 AES-256-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:0:16:-1:0:16:0:16 AES-256-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:1:15:-1:1:15:1:15 AES-256-CCM*-NO-TAG - Encrypt and decrypt 16 bytes in multiple parts 4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:15:1:-1:15:1:15:1 AES-256-CCM*-NO-TAG - Encrypt and decrypt 22 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:15:7:-1:15:7:15:7 AES-256-CCM*-NO-TAG - Encrypt and decrypt 22 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:16:6:-1:16:6:16:6 AES-256-CCM*-NO-TAG - Encrypt and decrypt 23 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:17:6:-1:17:6:17:6 AES-256-CCM*-NO-TAG - Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:256:16:16:-1:16:16:16:16 AES-128 XTS - Encrypt and decrypt 16 bytes @@ -1135,35 +1135,35 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS enc_dec_buf:MBEDTLS_CIPHER_AES_128_XTS:"AES-128-XTS":256:49:-1 AES-256 XTS - Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:16:-1 AES-256 XTS - Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:17:-1 AES-256 XTS - Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:31:-1 AES-256 XTS - Encrypt and decrypt 32 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:32:-1 AES-256 XTS - Encrypt and decrypt 33 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:33:-1 AES-256 XTS - Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:47:-1 AES-256 XTS - Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:48:-1 AES-256 XTS - Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_XTS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_XTS:"AES-256-XTS":512:49:-1 AES-128 CTR - Encrypt and decrypt 0 bytes @@ -1271,216 +1271,216 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_128_CTR:128:16:16:-1:16:16:16:16 AES-192 CBC - Encrypt and decrypt 0 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:0:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:0:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 1 byte with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:1:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:1:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 2 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:2:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:2:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 7 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:7:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:7:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 8 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:8:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:8:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 9 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:9:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:9:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 15 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:15:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:15:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 16 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:16:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:16:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 17 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:17:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:17:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 31 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:31:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:31:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 32 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:32:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:32:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 33 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:33:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:33:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 47 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:47:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:47:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 48 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:48:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:48:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 49 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:49:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_192_CBC:"AES-192-CBC":192:49:MBEDTLS_PADDING_PKCS7 AES-192 CBC - Encrypt and decrypt 0 bytes in multiple parts with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:0:0:-1:0:0:0:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 AES-192 CBC - Encrypt and decrypt 1 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:1:0:-1:0:0:0:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 AES-192 CBC - Encrypt and decrypt 1 bytes in multiple parts with PKCS7 padding 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:0:1:-1:0:0:0:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 AES-192 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:16:0:-1:16:0:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:16:0:MBEDTLS_PADDING_PKCS7:16:0:0:16 AES-192 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:0:16:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-192 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:1:15:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-192 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:15:1:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:15:1:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-192 CBC - Encrypt and decrypt 22 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:15:7:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:15:7:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-192 CBC - Encrypt and decrypt 22 bytes in multiple parts with PKCS7 padding 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:16:6:-1:16:0:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:16:6:MBEDTLS_PADDING_PKCS7:16:0:0:16 AES-192 CBC - Encrypt and decrypt 23 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:17:6:-1:16:0:16:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 AES-192 CBC - Encrypt and decrypt 32 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:16:16:-1:16:16:0:32 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_CBC:192:16:16:MBEDTLS_PADDING_PKCS7:16:16:0:32 AES-256 CBC - Decrypt empty buffer -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH dec_empty_buf:MBEDTLS_CIPHER_AES_256_CBC:0:0 AES-256 CBC - Encrypt and decrypt 0 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:0:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:0:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 1 byte with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:1:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:1:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 2 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:2:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:2:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 7 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:7:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:7:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 8 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:8:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:8:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 9 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:9:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:9:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 15 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:15:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:15:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 16 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:16:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:MBEDTLS_CIPHER_PADDING_PKCS7 +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:16:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 17 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:17:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:17:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 31 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:31:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:31:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 32 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:32:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:32:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 33 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:33:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:33:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 47 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:47:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:47:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 48 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:48:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:48:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 49 bytes with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:49:-1 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf:MBEDTLS_CIPHER_AES_256_CBC:"AES-256-CBC":256:49:MBEDTLS_PADDING_PKCS7 AES-256 CBC - Encrypt and decrypt 0 bytes in multiple parts with PKCS7 padding -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:0:0:-1:0:0:0:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 AES-256 CBC - Encrypt and decrypt 1 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:1:0:-1:0:0:0:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 AES-256 CBC - Encrypt and decrypt 1 bytes in multiple parts with PKCS7 padding 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:0:1:-1:0:0:0:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 AES-256 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:16:0:-1:16:0:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:16:0:MBEDTLS_PADDING_PKCS7:16:0:0:16 AES-256 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:0:16:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-256 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:1:15:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-256 CBC - Encrypt and decrypt 16 bytes in multiple parts with PKCS7 padding 4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:15:1:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:15:1:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-256 CBC - Encrypt and decrypt 22 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:15:7:-1:0:16:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:15:7:MBEDTLS_PADDING_PKCS7:0:16:0:16 AES-256 CBC - Encrypt and decrypt 22 bytes in multiple parts with PKCS7 padding 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:16:6:-1:16:0:0:16 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:16:6:MBEDTLS_PADDING_PKCS7:16:0:0:16 AES-256 CBC - Encrypt and decrypt 23 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:17:6:-1:16:0:16:0 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 AES-256 CBC - Encrypt and decrypt 32 bytes in multiple parts with PKCS7 padding 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:16:16:-1:16:16:0:32 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_CBC:256:16:16:MBEDTLS_PADDING_PKCS7:16:16:0:32 AES Decrypt test vector #0 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 @@ -1491,11 +1491,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 decrypt_test_vec:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_PADDING_NONE:"ffffffffe00000000000000000000000":"00000000000000000000000000000000":"23f710842b9bb9c32f26648c786807ca":"00000000000000000000000000000000":"":"":0:0 AES Decrypt test vector #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_PADDING_NONE:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"707b1dbb0ffa40ef7d95def421233fae":"fffffffff80000000000000000000000":"":"":0:0 AES Decrypt test vector #3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_PADDING_NONE:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"49af6b372135acef10132e548f217b17":"ff000000000000000000000000000000":"":"":0:0 AES Decrypt test vector #4 @@ -1503,11 +1503,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CFB decrypt_test_vec:MBEDTLS_CIPHER_AES_128_CFB128:-1:"fffffffe000000000000000000000000":"00000000000000000000000000000000":"1114bc2028009b923f0b01915ce5e7c4":"00000000000000000000000000000000":"":"":0:0: AES Decrypt test vector #5 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_CFB128:-1:"ffffffffffffffffffffffffffffffffffffffffffe00000":"00000000000000000000000000000000":"60136703374f64e860b48ce31f930716":"00000000000000000000000000000000":"":"":0:0 AES Decrypt test vector #6 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_CFB128:-1:"ffffffffff800000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"be66cfea2fecd6bf0ec7b4352c99bcaa":"00000000000000000000000000000000":"":"":0:0 AES Decrypt test vector #7 @@ -1515,11 +1515,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB decrypt_test_vec:MBEDTLS_CIPHER_AES_128_OFB:-1:"2B7E151628AED2A6ABF7158809CF4F3C":"000102030405060708090A0B0C0D0E0F":"3B3FD92EB72DAD20333449F8E83CFB4A7789508d16918f03f53c52dac54ed8259740051e9c5fecf64344f7a82260edcc304c6528f659c77866a510d9c1d6ae5e":"6BC1BEE22E409F96E93D7E117393172AAE2D8A571E03AC9C9EB76FAC45AF8E5130C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710":"":"":0:0: AES Decrypt test vector #8 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_OFB:-1:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"000102030405060708090A0B0C0D0E0F":"CDC80D6FDDF18CAB34C25909C99A4174fcc28b8d4c63837c09e81700c11004018d9a9aeac0f6596f559c6d4daf59a5f26d9f200857ca6c3e9cac524bd9acc92a":"6BC1BEE22E409F96E93D7E117393172AAE2D8A571E03AC9C9EB76FAC45AF8E5130C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710":"":"":0:0: AES Decrypt test vector #9 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_OFB:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_OFB:-1:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"000102030405060708090A0B0C0D0E0F":"DC7E84BFDA79164B7ECD8486985D38604febdc6740d20b3ac88f6ad82a4fb08d71ab47a086e86eedf39d1c5bba97c4080126141d67f37be8538f5a8be740e484":"6BC1BEE22E409F96E93D7E117393172AAE2D8A571E03AC9C9EB76FAC45AF8E5130C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710":"":"":0:0: AES-128-ECB Encrypt NIST KAT #1 @@ -1639,195 +1639,195 @@ depends_on:MBEDTLS_AES_C test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0 AES-192-ECB Encrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0 AES-192-ECB Encrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffc0000000000":"15eec9ebf42b9ca76897d2cd6c5a12e2":0 AES-192-ECB Encrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffe0000000000":"db0d3a6fdcc13f915e2b302ceeb70fd8":0 AES-192-ECB Encrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0 AES-192-ECB Encrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"26aa49dcfe7629a8901a69a9914e6dfd":"d5e08bf9a182e857cf40b3a36ee248cc":0 AES-192-ECB Encrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"941a4773058224e1ef66d10e0a6ee782":"067cd9d3749207791841562507fa9626":0 AES-192-ECB Encrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0 AES-192-ECB Encrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"982215f4e173dfa0fcffe5d3da41c4812c7bcc8ed3540f93":"00000000000000000000000000000000":"d4f0aae13c8fe9339fbf9e69ed0ad74d":0 AES-192-ECB Encrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"98c6b8e01e379fbd14e61af6af891596583565f2a27d59e9":"00000000000000000000000000000000":"19c80ec4a6deb7e5ed1033dda933498f":0 AES-192-ECB Encrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0 AES-192-ECB Encrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffffc00000000000000000000":"00000000000000000000000000000000":"9d6bdc8f4ce5feb0f3bed2e4b9a9bb0b":0 AES-192-ECB Encrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46":0 AES-192-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff800000000000000":"1b9f5fbd5e8a4264c0a85b80409afa5e":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffc00000000000000":"30dab809f85a917fe924733f424ac589":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"b0ab0a6a818baef2d11fa33eac947284fb7d748cfb75e570":"d2eafd86f63b109b91f5dbb3a3fb7e13":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ee053aa011c8b428cdcc3636313c54d6a03cac01c71579d6":"9b9fdd1c5975655f539998b306a324af":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0 AES-192-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d":"9c2d8842e5f48f57648205d39a239af1":0 AES-192-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440":"bff52510095f518ecca60af4205444bb":0 AES-192-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0 AES-192-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"a6cae46fb6fadfe7a2c302a34242817b":"ffffffffffffffffffffe00000000000":0 AES-192-ECB Decrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"026a7024d6a902e0b3ffccbaa910cc3f":"fffffffffffffffffffff00000000000":0 AES-256-ECB Encrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0 AES-256-ECB Encrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"984ca75f4ee8d706f46c2d98c0bf4a45f5b00d791c2dfeb191b5ed8e420fd627":"00000000000000000000000000000000":"4307456a9e67813b452e15fa8fffe398":0 AES-256-ECB Encrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"b43d08a447ac8609baadae4ff12918b9f68fc1653f1269222f123981ded7a92f":"00000000000000000000000000000000":"4663446607354989477a5c6f0f007ef4":0 AES-256-ECB Encrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0 AES-256-ECB Encrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"623a52fcea5d443e48d9181ab32c7421":0 AES-256-ECB Encrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"38f2c7ae10612415d27ca190d27da8b4":0 AES-256-ECB Encrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0 AES-256-ECB Encrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffc0000000000000000000000000":"1f8eedea0f62a1406d58cfc3ecea72cf":0 AES-256-ECB Encrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffe0000000000000000000000000":"abf4154a3375a1d3e6b1d454438f95a6":0 AES-256-ECB Encrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0 AES-256-ECB Encrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffffc000000000000000000000000000":"00000000000000000000000000000000":"b4da5df4becb5462e03a0ed00d295629":0 AES-256-ECB Encrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b":0 AES-256-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff80000000000000000":"6168b00ba7859e0970ecfd757efecf7c":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffffc0000000000000000":"d1415447866230d28bb1ea18a4cdfd02":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"797f8b3d176dac5b7e34a2d539c4ef367a16f8635f6264737591c5c07bf57a3e":"a74289fe73a4c123ca189ea1e1b49ad5":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"6838d40caf927749c13f0329d331f448e202c73ef52c5f73a37ca635d4c47707":"b91d4ea4488644b56cf0812fa7fcf5fc":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0 AES-256-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"38f2c7ae10612415d27ca190d27da8b4":"8a560769d605868ad80d819bdba03771":0 AES-256-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"1bc704f1bce135ceb810341b216d7abe":"91fbef2d15a97816060bee1feaa49afe":0 AES-256-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"0a6bdc6d4c1e6280301fd8e97ddbe601":"c0000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0 AES-128-ECB crypt Encrypt NIST KAT #1 @@ -1855,67 +1855,67 @@ depends_on:MBEDTLS_AES_C test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Encrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0:0 AES-192-ECB crypt Encrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0:0 AES-192-ECB crypt Encrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0:0 AES-192-ECB crypt Encrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0 AES-192-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0 AES-192-ECB crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0 AES-256-ECB crypt Encrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0:0 AES-256-ECB crypt Encrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0:0 AES-256-ECB crypt Encrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0:0 AES-256-ECB crypt Encrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0 AES-256-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0 AES-256-ECB crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0 AES-128-CBC crypt Encrypt NIST KAT #1 @@ -1951,67 +1951,67 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:0 AES-192-CBC crypt Encrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:0 AES-192-CBC crypt Encrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:0 AES-192-CBC crypt Encrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:0 AES-192-CBC crypt Encrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:0 AES-192-CBC crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:0 AES-192-CBC crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:0 AES-192-CBC crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:0 AES-192-CBC crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0 AES-256-CBC crypt Encrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:0 AES-256-CBC crypt Encrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:0 AES-256-CBC crypt Encrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:0 AES-256-CBC crypt Encrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:0 AES-256-CBC crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0 AES-256-CBC crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:0 AES-256-CBC crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:0 AES-256-CBC crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:0 AES-128-CBC crypt Encrypt NIST KAT #1 PSA @@ -2047,67 +2047,67 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 AES-192-CBC crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1 AES-192-CBC crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1 AES-192-CBC crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1 AES-192-CBC crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 AES-192-CBC crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 AES-192-CBC crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 AES-192-CBC crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 AES-192-CBC crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 AES-256-CBC crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1 AES-256-CBC crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1 AES-256-CBC crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1 AES-256-CBC crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 AES-256-CBC crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 AES-256-CBC crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 AES-256-CBC crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 AES-256-CBC crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 AES-128-ECB crypt Encrypt NIST KAT #1 PSA @@ -2143,67 +2143,67 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 AES-192-ECB crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1 AES-192-ECB crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1 AES-192-ECB crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1 AES-192-ECB crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 AES-192-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 AES-256-ECB crypt Encrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1 AES-256-ECB crypt Encrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1 AES-256-ECB crypt Encrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1 AES-256-ECB crypt Encrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 AES-256-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 AES-128-CCM*-NO-TAG crypt Encrypt NIST VPT AES-128 #15 @@ -2215,19 +2215,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_ test_vec_crypt:MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0:0 AES-192-CCM*-NO-TAG crypt Encrypt NIST VTT AES-192 #1 -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:MBEDTLS_ENCRYPT:"11fd45743d946e6d37341fec49947e8c70482494a8f07fcc":"c6aeebcb146cfafaae66f78aab":"ee7e6075ba52846de5d6254959a18affc4faf59c8ef63489":"137d9da59baf5cbfd46620c5f298fc766de10ac68e774edf":0:0 AES-192-CCM*-NO-TAG crypt Decrypt NIST DVPT AES-192 #15 -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0:0 AES-256-CCM*-NO-TAG crypt Encrypt NIST VADT AES-256 #1 -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:MBEDTLS_ENCRYPT:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"72a60f345a1978fb40f28a2fa4":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e":0:0 AES-256-CCM*-NO-TAG crypt Decrypt NIST DVPT AES-256 #13 -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0:0 AES-128-CCM*-NO-TAG crypt Encrypt NIST VPT AES-128 #15 PSA @@ -2239,21 +2239,33 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0:1 AES-192-CCM*-NO-TAG crypt Encrypt NIST VTT AES-192 #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:MBEDTLS_ENCRYPT:"11fd45743d946e6d37341fec49947e8c70482494a8f07fcc":"c6aeebcb146cfafaae66f78aab":"ee7e6075ba52846de5d6254959a18affc4faf59c8ef63489":"137d9da59baf5cbfd46620c5f298fc766de10ac68e774edf":0:1 AES-192-CCM*-NO-TAG crypt Decrypt NIST DVPT AES-192 #15 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0:1 AES-256-CCM*-NO-TAG crypt Encrypt NIST VADT AES-256 #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:MBEDTLS_ENCRYPT:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"72a60f345a1978fb40f28a2fa4":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e":0:1 AES-256-CCM*-NO-TAG crypt Decrypt NIST DVPT AES-256 #13 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM_STAR_NO_TAG:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0:1 Cipher Corner Case behaviours depends_on:MBEDTLS_AES_C cipher_special_behaviours: + +Check set padding - 128 bit key +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_AES_128_CBC + +Check set padding - 192 bit key +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +check_set_padding:MBEDTLS_CIPHER_AES_192_CBC + +Check set padding - 256 bit key +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +check_set_padding:MBEDTLS_CIPHER_AES_256_CBC diff --git a/tests/suites/test_suite_cipher.aria.data b/tests/suites/test_suite_cipher.aria.data index 3f011e889..be1dfb24e 100644 --- a/tests/suites/test_suite_cipher.aria.data +++ b/tests/suites/test_suite_cipher.aria.data @@ -337,3 +337,15 @@ test_vec_crypt:MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG:MBEDTLS_ENCRYPT:"C0C1C2C3 ARIA-256-CCM*-NO-TAG crypt Decrypt depends_on:MBEDTLS_ARIA_C:MBEDTLS_CCM_C test_vec_crypt:MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"5fdd984a6aa77c1d9a204c08f28172c4b4528bee27c41f":0:0 + +Check set padding - 128 bit key +depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_ARIA_128_CBC + +Check set padding - 192 bit key +depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_ARIA_192_CBC + +Check set padding - 256 bit key +depends_on:MBEDTLS_ARIA_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_ARIA_256_CBC diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data index df4ebcc1b..18a09cadd 100644 --- a/tests/suites/test_suite_cipher.camellia.data +++ b/tests/suites/test_suite_cipher.camellia.data @@ -8,63 +8,63 @@ dec_empty_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:0:0 CAMELLIA Encrypt and decrypt 0 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 1 byte [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:1:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 2 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:2:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 7 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:7:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 8 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:8:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 9 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:9:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 15 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:15:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 16 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 17 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:17:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 31 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:31:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_PKCS7 -CAMELLIA Encrypt and decrypt 32 bytes [#2] +CAMELLIA Encrypt and decrypt 33 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:33:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 47 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:47:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 48 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 49 bytes [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:49:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 0 bytes with one and zeros padding depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS @@ -251,15 +251,15 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKC enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:0:MBEDTLS_PADDING_NONE CAMELLIA Encrypt and decrypt 16 bytes with no padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:16:MBEDTLS_PADDING_NONE CAMELLIA Encrypt and decrypt 32 bytes with no padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:32:MBEDTLS_PADDING_NONE CAMELLIA Encrypt and decrypt 48 bytes with no padding -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_128_CBC:"CAMELLIA-128-CBC":128:48:MBEDTLS_PADDING_NONE CAMELLIA Try encrypting 1 bytes with no padding @@ -308,47 +308,47 @@ enc_fail:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:1:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:1:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:0:-1:16:0:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:0:MBEDTLS_PADDING_PKCS7:16:0:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:16:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:1:15:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:15:1:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:15:1:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:15:7:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:15:7:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:6:-1:16:0:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:6:MBEDTLS_PADDING_PKCS7:16:0:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:17:6:-1:16:0:16:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:16:-1:16:16:0:32 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CBC:128:16:16:MBEDTLS_PADDING_PKCS7:16:16:0:32 CAMELLIA Encrypt and decrypt 0 bytes [#2] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CFB @@ -560,211 +560,211 @@ enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_128_CTR:128:16:16:-1:16:16:16:16 CAMELLIA Encrypt and decrypt 0 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:0:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 1 byte [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:1:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 2 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:2:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 7 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:7:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 8 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:8:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:8:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 9 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:9:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 15 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:15:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 16 bytes [#4] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:16:-1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:16:MBEDTLS_PADDING_NONE CAMELLIA Encrypt and decrypt 17 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:17:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 31 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:31:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 32 bytes [#7] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:32:-1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:32:MBEDTLS_PADDING_NONE -CAMELLIA Encrypt and decrypt 32 bytes [#8] +CAMELLIA Encrypt and decrypt 33 bytes [#8] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:33:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 47 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:47:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 48 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:48:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 49 bytes [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_192_CBC:"CAMELLIA-192-CBC":192:49:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:1:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:1:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:0:-1:16:0:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:0:MBEDTLS_PADDING_PKCS7:16:0:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:16:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:1:15:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:15:1:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:15:1:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#10] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:15:7:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:15:7:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#11] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:6:-1:16:0:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:6:MBEDTLS_PADDING_PKCS7:16:0:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#12] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:17:6:-1:16:0:16:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:16:-1:16:16:0:32 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_192_CBC:192:16:16:MBEDTLS_PADDING_PKCS7:16:16:0:32 CAMELLIA Encrypt and decrypt 0 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:0:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 1 byte [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:1:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 2 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:2:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 7 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:7:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 8 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:8:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:8:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 9 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:9:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 15 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:15:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 16 bytes [#5] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:16:-1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:16:MBEDTLS_PADDING_NONE CAMELLIA Encrypt and decrypt 17 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:17:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 31 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:31:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 32 bytes [#9] -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:32:-1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:32:MBEDTLS_PADDING_NONE -CAMELLIA Encrypt and decrypt 32 bytes [#10] +CAMELLIA Encrypt and decrypt 33 bytes [#10] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:33:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 47 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:47:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 48 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:48:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 49 bytes [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_CAMELLIA_256_CBC:"CAMELLIA-256-CBC":256:49:MBEDTLS_PADDING_PKCS7 CAMELLIA Encrypt and decrypt 0 bytes in multiple parts [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:1:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 1 bytes in multiple parts 2 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:1:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:0:-1:16:0:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:0:MBEDTLS_PADDING_PKCS7:16:0:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 2 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:16:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 3 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:1:15:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 16 bytes in multiple parts 4 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:15:1:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:15:1:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#13] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:15:7:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:15:7:MBEDTLS_PADDING_PKCS7:0:16:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#14] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:6:-1:16:0:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:6:MBEDTLS_PADDING_PKCS7:16:0:0:16 CAMELLIA Encrypt and decrypt 22 bytes in multiple parts 1 [#15] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:17:6:-1:16:0:16:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 CAMELLIA Encrypt and decrypt 32 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:16:-1:16:16:0:32 +enc_dec_buf_multipart:MBEDTLS_CIPHER_CAMELLIA_256_CBC:256:16:16:MBEDTLS_PADDING_PKCS7:16:16:0:32 CAMELLIA-128 CCM*-NO-TAG - Encrypt and decrypt 0 bytes depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C @@ -1101,3 +1101,15 @@ test_vec_crypt:MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG:MBEDTLS_ENCRYPT:"C0C1 CAMELLIA-256-CCM*-NO-TAG crypt Decrypt depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C test_vec_crypt:MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG:MBEDTLS_DECRYPT:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"933f749801d0e1262cd101831defd8366ab2a22e7c03cd":0:0 + +Check set padding - 128 bit key +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_CAMELLIA_128_CBC + +Check set padding - 192 bit key +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_CAMELLIA_192_CBC + +Check set padding - 256 bit key +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_CAMELLIA_256_CBC diff --git a/tests/suites/test_suite_cipher.ccm.data b/tests/suites/test_suite_cipher.ccm.data index 3ea44be8a..e813bdb27 100644 --- a/tests/suites/test_suite_cipher.ccm.data +++ b/tests/suites/test_suite_cipher.ccm.data @@ -127,259 +127,259 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":0 AES-192-CCM test vector NIST #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":0 AES-192-CCM test vector NIST #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":0 AES-192-CCM test vector NIST #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":0 AES-192-CCM test vector NIST #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":0 AES-192-CCM test vector NIST #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":0 AES-192-CCM test vector NIST #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":0 AES-192-CCM test vector NIST #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":0 AES-192-CCM test vector NIST #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":0 AES-192-CCM test vector NIST #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0 AES-192-CCM test vector NIST #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":0 AES-192-CCM test vector NIST #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0 AES-192-CCM test vector NIST #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":0 AES-192-CCM test vector NIST #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0 AES-192-CCM test vector NIST #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":0 AES-192-CCM test vector NIST #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0 AES-192-CCM test vector NIST #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":0 AES-192-CCM test vector NIST #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":0 AES-192-CCM test vector NIST #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":0 AES-192-CCM test vector NIST #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":0 AES-192-CCM test vector NIST #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":0 AES-192-CCM test vector NIST #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":0 AES-192-CCM test vector NIST #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":0 AES-192-CCM test vector NIST #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":0 AES-192-CCM test vector NIST #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":0 AES-192-CCM test vector NIST #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0 AES-192-CCM test vector NIST #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":0 AES-192-CCM test vector NIST #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0 AES-192-CCM test vector NIST #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":0 AES-192-CCM test vector NIST #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0 AES-192-CCM test vector NIST #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":0 AES-192-CCM test vector NIST #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0 AES-192-CCM test vector NIST #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":0 AES-256-CCM test vector NIST #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":0 AES-256-CCM test vector NIST #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":0 AES-256-CCM test vector NIST #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":0 AES-256-CCM test vector NIST #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":0 AES-256-CCM test vector NIST #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":0 AES-256-CCM test vector NIST #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":0 AES-256-CCM test vector NIST #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":0 AES-256-CCM test vector NIST #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":0 AES-256-CCM test vector NIST #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0 AES-256-CCM test vector NIST #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":0 AES-256-CCM test vector NIST #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0 AES-256-CCM test vector NIST #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":0 AES-256-CCM test vector NIST #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0 AES-256-CCM test vector NIST #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":0 AES-256-CCM test vector NIST #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0 AES-256-CCM test vector NIST #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":0 AES-256-CCM test vector NIST #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":0 AES-256-CCM test vector NIST #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":0 AES-256-CCM test vector NIST #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":0 AES-256-CCM test vector NIST #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":0 AES-256-CCM test vector NIST #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":0 AES-256-CCM test vector NIST #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":0 AES-256-CCM test vector NIST #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":0 AES-256-CCM test vector NIST #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":0 AES-256-CCM test vector NIST #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0 AES-256-CCM test vector NIST #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":0 AES-256-CCM test vector NIST #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0 AES-256-CCM test vector NIST #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":0 AES-256-CCM test vector NIST #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0 AES-256-CCM test vector NIST #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":0 AES-256-CCM test vector NIST #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0 AES-256-CCM test vector NIST #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":0 Camellia-CCM test vector RFC 5528 #1 @@ -607,257 +607,257 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":1 AES-192-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":1 AES-192-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":1 AES-192-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":1 AES-192-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":1 AES-192-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":1 AES-192-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":1 AES-192-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":1 AES-192-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":1 AES-192-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 AES-192-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":1 AES-192-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1 AES-192-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":1 AES-192-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 AES-192-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":1 AES-192-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1 AES-192-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":1 AES-192-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":1 AES-192-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":1 AES-192-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":1 AES-192-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":1 AES-192-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":1 AES-192-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":1 AES-192-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":1 AES-192-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":1 AES-192-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 AES-192-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":1 AES-192-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1 AES-192-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":1 AES-192-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 AES-192-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":1 AES-192-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1 AES-192-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":1 AES-256-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":1 AES-256-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":1 AES-256-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":1 AES-256-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":1 AES-256-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":1 AES-256-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":1 AES-256-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":1 AES-256-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":1 AES-256-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1 AES-256-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":1 AES-256-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1 AES-256-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":1 AES-256-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1 AES-256-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":1 AES-256-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1 AES-256-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":1 AES-256-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":1 AES-256-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":1 AES-256-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":1 AES-256-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":1 AES-256-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":1 AES-256-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":1 AES-256-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":1 AES-256-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":1 AES-256-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1 AES-256-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":1 AES-256-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1 AES-256-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":1 AES-256-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1 AES-256-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":1 AES-256-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1 AES-256-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":1 diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index 77f7515b9..066ea35a5 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -12,63 +12,63 @@ dec_empty_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:0:0 DES Encrypt and decrypt 0 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:0:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 1 byte depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:1:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 2 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:2:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 7 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:7:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 8 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:8:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 9 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:9:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 15 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:15:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 16 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:16:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 17 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:17:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 31 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:31:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 32 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:32:MBEDTLS_PADDING_PKCS7 -DES Encrypt and decrypt 32 bytes [#2] +DES Encrypt and decrypt 33 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:33:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 47 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:47:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 48 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:48:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 49 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_CBC:"DES-CBC":64:49:MBEDTLS_PADDING_PKCS7 DES Encrypt and decrypt 0 bytes with one and zeros padding depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS @@ -312,255 +312,267 @@ enc_fail:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_NONE:64:49:MBEDTLS_ERR_CIPHER_FU DES Encrypt and decrypt 0 bytes in multiple parts depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:0:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES Encrypt and decrypt 1 bytes in multiple parts 1 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:1:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES Encrypt and decrypt 1 bytes in multiple parts 2 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:0:1:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES Encrypt and decrypt 16 bytes in multiple parts 1 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:0:-1:16:0:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:0:MBEDTLS_PADDING_PKCS7:16:0:8:8 DES Encrypt and decrypt 16 bytes in multiple parts 2 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:0:16:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 DES Encrypt and decrypt 16 bytes in multiple parts 3 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:1:15:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 DES Encrypt and decrypt 16 bytes in multiple parts 4 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:15:1:-1:8:8:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:15:1:MBEDTLS_PADDING_PKCS7:8:8:8:8 DES Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:15:7:-1:8:8:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:15:7:MBEDTLS_PADDING_PKCS7:8:8:8:8 DES Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:6:-1:16:0:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:6:MBEDTLS_PADDING_PKCS7:16:0:8:8 DES Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:17:6:-1:16:0:16:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 DES Encrypt and decrypt 32 bytes in multiple parts 1 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:16:-1:16:16:8:24 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_CBC:64:16:16:MBEDTLS_PADDING_PKCS7:16:16:8:24 DES Encrypt and decrypt 0 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:0:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 1 byte [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:1:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 2 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:2:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 7 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:7:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 8 bytes [#1] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:8:-1 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:8:MBEDTLS_PADDING_NONE DES3 Encrypt and decrypt 9 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:9:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 15 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:15:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 16 bytes [#1] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:16:-1 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:16:MBEDTLS_PADDING_NONE DES3 Encrypt and decrypt 17 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:17:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 31 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:31:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 32 bytes [#1] -depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:32:-1 +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:32:MBEDTLS_PADDING_NONE -DES3 Encrypt and decrypt 32 bytes [#2] +DES3 Encrypt and decrypt 33 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:33:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 47 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:47:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 48 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:48:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 49 bytes [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE_CBC:"DES-EDE-CBC":128:49:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 0 bytes in multiple parts [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES3 Encrypt and decrypt 1 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:1:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES3 Encrypt and decrypt 1 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:1:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES3 Encrypt and decrypt 16 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:0:-1:16:0:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:0:MBEDTLS_PADDING_PKCS7:16:0:8:8 DES3 Encrypt and decrypt 16 bytes in multiple parts 2 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:16:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 DES3 Encrypt and decrypt 16 bytes in multiple parts 3 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:1:15:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 DES3 Encrypt and decrypt 16 bytes in multiple parts 4 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:15:1:-1:8:8:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:15:1:MBEDTLS_PADDING_PKCS7:8:8:8:8 DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:15:7:-1:8:8:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:15:7:MBEDTLS_PADDING_PKCS7:8:8:8:8 DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:6:-1:16:0:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:6:MBEDTLS_PADDING_PKCS7:16:0:8:8 DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#3] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:17:6:-1:16:0:16:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 DES3 Encrypt and decrypt 32 bytes in multiple parts 1 [#1] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:16:-1:16:16:8:24 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE_CBC:128:16:16:MBEDTLS_PADDING_PKCS7:16:16:8:24 DES3 Encrypt and decrypt 0 bytes depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:0:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:0:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 1 byte [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:1:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:1:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 2 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:2:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:2:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 7 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:7:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:7:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 8 bytes [#2] +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:8:MBEDTLS_PADDING_NONE + +DES3 Encrypt and decrypt 8 bytes (PKCS7 padding) [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:8:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:8:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 9 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:9:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:9:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 15 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:15:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:15:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 16 bytes [#2] +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:16:MBEDTLS_PADDING_NONE + +DES3 Encrypt and decrypt 16 bytes (PKCS7 padding) [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:16:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:16:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 17 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:17:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:17:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 31 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:31:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:31:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 32 bytes [#3] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:32:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:32:MBEDTLS_PADDING_PKCS7 -DES3 Encrypt and decrypt 32 bytes [#4] +DES3 Encrypt and decrypt 32 bytes (PKCS7 padding) [#3] +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:32:MBEDTLS_PADDING_NONE + +DES3 Encrypt and decrypt 33 bytes [#4] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:33:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:33:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 47 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:47:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:47:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 48 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:48:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:48:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 49 bytes [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:49:-1 +enc_dec_buf:MBEDTLS_CIPHER_DES_EDE3_CBC:"DES-EDE3-CBC":192:49:MBEDTLS_PADDING_PKCS7 DES3 Encrypt and decrypt 0 bytes in multiple parts [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES3 Encrypt and decrypt 1 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:1:0:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:1:0:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES3 Encrypt and decrypt 1 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:1:-1:0:0:0:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:1:MBEDTLS_PADDING_PKCS7:0:0:0:0 DES3 Encrypt and decrypt 16 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:0:-1:16:0:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:0:MBEDTLS_PADDING_PKCS7:16:0:8:8 DES3 Encrypt and decrypt 16 bytes in multiple parts 2 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:16:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:0:16:MBEDTLS_PADDING_PKCS7:0:16:0:16 DES3 Encrypt and decrypt 16 bytes in multiple parts 3 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:1:15:-1:0:16:0:16 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:1:15:MBEDTLS_PADDING_PKCS7:0:16:0:16 DES3 Encrypt and decrypt 16 bytes in multiple parts 4 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:15:1:-1:8:8:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:15:1:MBEDTLS_PADDING_PKCS7:8:8:8:8 DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#4] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:15:7:-1:8:8:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:15:7:MBEDTLS_PADDING_PKCS7:8:8:8:8 DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#5] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:6:-1:16:0:8:8 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:6:MBEDTLS_PADDING_PKCS7:16:0:8:8 DES3 Encrypt and decrypt 22 bytes in multiple parts 1 [#6] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:17:6:-1:16:0:16:0 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:17:6:MBEDTLS_PADDING_PKCS7:16:0:16:0 DES3 Encrypt and decrypt 32 bytes in multiple parts 1 [#2] depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:16:-1:16:16:8:24 +enc_dec_buf_multipart:MBEDTLS_CIPHER_DES_EDE3_CBC:192:16:16:MBEDTLS_PADDING_PKCS7:16:16:8:24 DES ECB Encrypt test vector (OpenSSL) #1 depends_on:MBEDTLS_DES_C @@ -601,3 +613,11 @@ test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_DECRYPT:"0000000000000000FFFFFFF DES3-EDE ECB Decrypt test vector (OpenSSL) #2 depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_DECRYPT:"FFFFFFFFFFFFFFFF3000000000000000":"199E9D6DF39AA816":"FFFFFFFFFFFFFFFF":0 + +Check set padding - DES +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_DES_EDE_CBC + +Check set padding - Triple DES +depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +check_set_padding:MBEDTLS_CIPHER_DES_EDE3_CBC diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index f8420458f..fdf22a92f 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -63,6 +63,9 @@ static int check_cipher_info(mbedtls_cipher_type_t type, key_bitlen == 192 || key_bitlen == 256); } + TEST_LE_U(key_bitlen, MBEDTLS_MAX_KEY_LENGTH * 8); + TEST_LE_U(block_size, MBEDTLS_MAX_BLOCK_LENGTH); + TEST_LE_U(iv_size, MBEDTLS_MAX_IV_LENGTH); if (strstr(info->name, "-ECB") != NULL) { TEST_ASSERT(iv_size == 0); @@ -583,21 +586,28 @@ void dec_empty_buf(int cipher, iv_len = 12; } - ASSERT_ALLOC(iv, iv_len); + TEST_CALLOC(iv, iv_len); memset(iv, 0, iv_len); - TEST_ASSERT(sizeof(key) * 8 >= cipher_info->key_bitlen); + TEST_ASSERT(sizeof(key) * 8 >= mbedtls_cipher_info_get_key_bitlen(cipher_info)); TEST_ASSERT(0 == mbedtls_cipher_setup(&ctx_dec, cipher_info)); TEST_ASSERT(0 == mbedtls_cipher_setkey(&ctx_dec, - key, cipher_info->key_bitlen, + key, mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_DECRYPT)); TEST_ASSERT(0 == mbedtls_cipher_set_iv(&ctx_dec, iv, iv_len)); TEST_ASSERT(0 == mbedtls_cipher_reset(&ctx_dec)); +#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) + if (ctx_dec.cipher_info->mode == MBEDTLS_MODE_CBC) { + TEST_ASSERT(0 == mbedtls_cipher_set_padding_mode(&ctx_dec, + MBEDTLS_PADDING_PKCS7)); + } +#endif + #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) int expected = (cipher_info->mode == MBEDTLS_MODE_GCM || cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305) ? @@ -905,7 +915,7 @@ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, * (we need the tag appended to the ciphertext) */ cipher_plus_tag_len = cipher->len + tag->len; - ASSERT_ALLOC(cipher_plus_tag, cipher_plus_tag_len); + TEST_CALLOC(cipher_plus_tag, cipher_plus_tag_len); memcpy(cipher_plus_tag, cipher->x, cipher->len); memcpy(cipher_plus_tag + cipher->len, tag->x, tag->len); @@ -923,7 +933,7 @@ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, * Try decrypting to a buffer that's 1B too small */ if (decrypt_buf_len != 0) { - ASSERT_ALLOC(decrypt_buf, decrypt_buf_len - 1); + TEST_CALLOC(decrypt_buf, decrypt_buf_len - 1); outlen = 0; ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len, @@ -938,7 +948,7 @@ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, /* * Authenticate and decrypt, and check result */ - ASSERT_ALLOC(decrypt_buf, decrypt_buf_len); + TEST_CALLOC(decrypt_buf, decrypt_buf_len); outlen = 0; ret = mbedtls_cipher_auth_decrypt_ext(&ctx, iv->x, iv->len, @@ -950,7 +960,7 @@ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, TEST_ASSERT(buffer_is_all_zero(decrypt_buf, decrypt_buf_len)); } else { TEST_ASSERT(ret == 0); - ASSERT_COMPARE(decrypt_buf, outlen, clear->x, clear->len); + TEST_MEMORY_COMPARE(decrypt_buf, outlen, clear->x, clear->len); } mbedtls_free(decrypt_buf); @@ -981,7 +991,7 @@ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, /* * Try encrypting with an output buffer that's 1B too small */ - ASSERT_ALLOC(encrypt_buf, encrypt_buf_len - 1); + TEST_CALLOC(encrypt_buf, encrypt_buf_len - 1); outlen = 0; ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len, @@ -995,7 +1005,7 @@ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, /* * Encrypt and check the result */ - ASSERT_ALLOC(encrypt_buf, encrypt_buf_len); + TEST_CALLOC(encrypt_buf, encrypt_buf_len); outlen = 0; ret = mbedtls_cipher_auth_encrypt_ext(&ctx, iv->x, iv->len, @@ -1195,3 +1205,46 @@ exit: mbedtls_cipher_free(&ctx_enc); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */ +void check_set_padding(int cipher_id) +{ + mbedtls_cipher_context_t ctx; + unsigned char *key = NULL; + unsigned char iv[16] = { 0 }; + unsigned char input[16] = { 0 }; + unsigned char output[32] = { 0 }; + size_t outlen = 0; + const mbedtls_cipher_info_t *cipher_info; + size_t keylen = 0; + + cipher_info = mbedtls_cipher_info_from_type(cipher_id); + + if (cipher_info->mode != MBEDTLS_MODE_CBC) { + TEST_FAIL("Cipher mode must be CBC"); + } + + keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info); + TEST_CALLOC(key, keylen/8); + memset(key, 0, keylen/8); + + mbedtls_cipher_init(&ctx); + + TEST_EQUAL(0, mbedtls_cipher_setup(&ctx, cipher_info)); + + TEST_EQUAL(0, mbedtls_cipher_setkey(&ctx, key, keylen, + MBEDTLS_ENCRYPT)); + + TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_cipher_crypt(&ctx, iv, sizeof(iv), input, + sizeof(input), output, &outlen)); + + TEST_EQUAL(0, mbedtls_cipher_set_padding_mode(&ctx, MBEDTLS_PADDING_NONE)); + TEST_EQUAL(0, mbedtls_cipher_crypt(&ctx, iv, sizeof(iv), input, + sizeof(input), output, &outlen)); + +exit: + mbedtls_cipher_free(&ctx); + mbedtls_free(key); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data index 7b6363550..880561e70 100644 --- a/tests/suites/test_suite_cipher.gcm.data +++ b/tests/suites/test_suite_cipher.gcm.data @@ -139,243 +139,243 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C decrypt_test_vec:MBEDTLS_CIPHER_AES_128_GCM:-1:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"266a895fc21da5176b44b446d7d1921d":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 192 GCM Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:0:-1 AES 192 GCM Encrypt and decrypt 1 byte -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:1:-1 AES 192 GCM Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:2:-1 AES 192 GCM Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:7:-1 AES 192 GCM Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:8:-1 AES 192 GCM Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:9:-1 AES 192 GCM Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:15:-1 AES 192 GCM Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:16:-1 AES 192 GCM Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:17:-1 AES 192 GCM Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:31:-1 AES 192 GCM Encrypt and decrypt 32 bytes [#1] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:32:-1 AES 192 GCM Encrypt and decrypt 32 bytes [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:33:-1 AES 192 GCM Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:47:-1 AES 192 GCM Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:48:-1 AES 192 GCM Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_192_GCM:"AES-192-GCM":192:49:-1 AES 192 GCM Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:0:0:-1:0:0:0:0 AES 192 GCM Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:1:0:-1:1:0:1:0 AES 192 GCM Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:0:1:-1:0:1:0:1 AES 192 GCM Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:16:0:-1:16:0:16:0 AES 192 GCM Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:0:16:-1:0:16:0:16 AES 192 GCM Encrypt and decrypt 22 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:16:6:-1:16:6:16:6 AES 192 GCM Encrypt and decrypt 22 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:0:22:-1:0:22:0:22 AES 192 GCM Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_192_GCM:192:16:16:-1:16:16:16:16 AES 192 GCM Decrypt test vector #1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_GCM:-1:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 192 GCM Decrypt test vector #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_GCM:-1:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"":"169e717e2bae42e3eb61d0a1a29b":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 192 GCM Decrypt test vector #3 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_GCM:-1:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"":"34b8e037084b3f2d":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 192 GCM Decrypt test vector #4 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_GCM:-1:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"":"":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"04b80f25ae9d07f5fd8220263ac3f2f7":0:0 AES 192 GCM Decrypt test vector #5 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_GCM:-1:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":"":"951c1c89b6d95661630d739dd9120a73":0:0 AES 192 GCM Decrypt test vector #6 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_192_GCM:-1:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"bb9ba3a9ac7d63e67bd78d71dc3133b3":0:0 AES 256 GCM Encrypt and decrypt 0 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:0:-1 AES 256 GCM Encrypt and decrypt 1 byte -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:1:-1 AES 256 GCM Encrypt and decrypt 2 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:2:-1 AES 256 GCM Encrypt and decrypt 7 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:7:-1 AES 256 GCM Encrypt and decrypt 8 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:8:-1 AES 256 GCM Encrypt and decrypt 9 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:9:-1 AES 256 GCM Encrypt and decrypt 15 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:15:-1 AES 256 GCM Encrypt and decrypt 16 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:16:-1 AES 256 GCM Encrypt and decrypt 17 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:17:-1 AES 256 GCM Encrypt and decrypt 31 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:31:-1 AES 256 GCM Encrypt and decrypt 32 bytes [#1] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:32:-1 AES 256 GCM Encrypt and decrypt 32 bytes [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:33:-1 AES 256 GCM Encrypt and decrypt 47 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:47:-1 AES 256 GCM Encrypt and decrypt 48 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:48:-1 AES 256 GCM Encrypt and decrypt 49 bytes -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf:MBEDTLS_CIPHER_AES_256_GCM:"AES-256-GCM":256:49:-1 AES 256 GCM Encrypt and decrypt 0 bytes in multiple parts -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:0:0:-1:0:0:0:0 AES 256 GCM Encrypt and decrypt 1 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:1:0:-1:1:0:1:0 AES 256 GCM Encrypt and decrypt 1 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:0:1:-1:0:1:0:1 AES 256 GCM Encrypt and decrypt 16 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:16:0:-1:16:0:16:0 AES 256 GCM Encrypt and decrypt 16 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:0:16:-1:0:16:0:16 AES 256 GCM Encrypt and decrypt 22 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:16:6:-1:16:6:16:6 AES 256 GCM Encrypt and decrypt 22 bytes in multiple parts 2 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:0:22:-1:0:22:0:22 AES 256 GCM Encrypt and decrypt 32 bytes in multiple parts 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enc_dec_buf_multipart:MBEDTLS_CIPHER_AES_256_GCM:256:16:16:-1:16:16:16:16 AES 128 GCM Decrypt test vector #0 -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 128 GCM Decrypt test vector #1 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"":"35214bbc510430e3":0:0 AES 128 GCM Decrypt test vector #2 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"":"":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"c595b9d99414891228c9fa5edb5fcce3":0:0 AES 128 GCM Decrypt test vector #3 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"":"":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"a8e29e08623a3efdbbe8b111de30a4":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 128 GCM Decrypt test vector #4 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":"":"6d9d3a5dbc8dce385f092fff14bfffda":0:0 AES 128 GCM Decrypt test vector #5 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"":"":"3a3a771dd5f31c977e154ef5c73a":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED AES 128 GCM Decrypt test vector #6 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"e49beb083a9b008ae97a17e3825692f0":0:0 AES 128 GCM Decrypt test vector #7 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH decrypt_test_vec:MBEDTLS_CIPHER_AES_256_GCM:-1:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"ffdf56e1c1a7252b88422787536484":0:0 CAMELLIA 128 GCM Encrypt and decrypt 0 bytes @@ -1387,1347 +1387,1347 @@ depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0 AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0 [#1] @@ -3403,1345 +3403,1345 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_W auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1 AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1 AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1 diff --git a/tests/suites/test_suite_cipher.nist_kw.data b/tests/suites/test_suite_cipher.nist_kw.data index 24204aa10..df52e06cc 100644 --- a/tests/suites/test_suite_cipher.nist_kw.data +++ b/tests/suites/test_suite_cipher.nist_kw.data @@ -11,23 +11,23 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"000102030405060708090A0B0C0D0E0F":"":"":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5":"":"":"00112233445566778899AABBCCDDEEFF":0 KW AES-192 wrap rfc 3394 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"000102030405060708090A0B0C0D0E0F1011121314151617":"":"":"96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D":"":"":"00112233445566778899AABBCCDDEEFF":0 KW AES-256 wrap rfc 3394 [#1] -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"":"":"A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1":"":"":"00112233445566778899AABBCCDDEEFF0001020304050607":0 KW AES-256 wrap rfc 3394 [#2] -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"":"":"64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7":"":"":"00112233445566778899AABBCCDDEEFF":0 KWP AES-192 RFC 5649 #1 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"":"":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a":"":"":"c37b7e6492584340bed12207808941155068f738":0 KWP AES-192 RFC 5649 #2 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"":"":"afbeb0f07dfbf5419200f2ccb50bb24f":"":"":"466f7250617369":0 KWP AES-128 1 byte input @@ -159,27 +159,27 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"67ae4270bcdd31e8326b7e7f94c80276":"":"":"96cec0e3272a21faa550a857957aa38ce3c1cf06f0dd9f5b5c5c422cef6c69a1":"":"":"57e748b62fbc37ba25e904ee973d01b136cf7c1d0c8c5c87":0 KW AES-192 wrap CAVS 17.4 COUNT 0 PLEN 16 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"a6a3f6d509811859238fc569b5664605f7a73c475a691a8f":"":"":"57d7a4b4e85ffdcb7788b9b666cb63303dd2c5d0f11b1bbb":"":"":"8484e414b091f8a9f72cfd13087ddec1":0 KW AES-192 wrap CAVS 17.4 COUNT 0 PLEN 32 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"3686e50dd602f84024570f545bbf618362bef80d45472436":"":"":"c7d5a1a5dfeb7327acbb94767d74cc2afc622ffd01f854d7d3e2b6f75ca7e8f441a0c0bad3d26ee2":"":"":"d780d69b45483b682d311ccaaadcfa3a1cecf1f05dbe2ebc71e6d3fa979f3de8":0 KW AES-192 wrap CAVS 17.4 COUNT 0 PLEN 24 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"0a833412e7aa1384ff26866dc9c551bf60413c17e847d317":"":"":"3a7efd629305bf1d61360ed6ff8ec7d059e8af3e5104c29729adb55d1bb94f7e":"":"":"f734760cc0fa3bbfb271277d4f29a48ddecda733d610fa42":0 KW AES-256 wrap CAVS 17.4 COUNT 0 PLEN 16 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"f59782f1dceb0544a8da06b34969b9212b55ce6dcbdd0975a33f4b3f88b538da":"":"":"2e63946ea3c090902fa1558375fdb2907742ac74e39403fc":"":"":"73d33060b5f9f2eb5785c0703ddfa704":0 KW AES-256 wrap CAVS 17.4 COUNT 0 PLEN 32 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"8b54e6bc3d20e823d96343dc776c0db10c51708ceecc9a38a14beb4ca5b8b221":"":"":"b13eeb7619fab818f1519266516ceb82abc0e699a7153cf26edcb8aeb879f4c011da906841fc5956":"":"":"d6192635c620dee3054e0963396b260af5c6f02695a5205f159541b4bc584bac":0 KW AES-256 wrap CAVS 17.4 COUNT 0 PLEN 24 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"112ad41b4856c7254a9848d30fdd78335b039a48a8962c4d1cb78eabd5dad788":"":"":"ba8a259a471b787dd5d540ec25d43d87200fdadc6d1f05d916584fa9f6cbf512":"":"":"1b20bf1990b065d798e1b32264ad50a8747492ba09a04dd1":0 KWP AES-128 wrap CAVS 17.4 COUNT 0 PLEN 1 @@ -199,35 +199,35 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"be96dc195ec034d616486ed70e97fe83":"":"":"974769b3a7b4d5d32985f87fddf9990631e5610fbfb278387b58b1f48e05c77d2fb7575c5169eb0e":"":"":"85b5437b6335ebba7635903a4493d12a77d9357a9e0dbc013456d85f1d3201":0 KWP AES-192 wrap CAVS 17.4 COUNT 0 PLEN 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"9ca11078baebc1597a68ce2fe3fc79a201626575252b8860":"":"":"866bc0ae30e290bb20a0dab31a6e7165":"":"":"76":0 KWP AES-192 wrap CAVS 17.4 COUNT 0 PLEN 8 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"c5029804d28341ca267c9e73afc5f963b14bb604708b43f2":"":"":"15b98046b2a3a49b9c0831c476fc34fb":"":"":"e6eb18a3e969ab5c":0 KWP AES-192 wrap CAVS 17.4 COUNT 0 PLEN 9 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"9464f1af6aabad076661328bcfd15777da16a288a2660009":"":"":"d9b257b400d808a0b0386af3be9154fc7f2fb2d7edc06201":"":"":"431527c3a644c106bb":0 KWP AES-192 wrap CAVS 17.4 COUNT 0 PLEN 31 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"a354ccd6dd97cf40bed840f8137e0cf2e91c00e592104765":"":"":"f018e7c8d6dcdbd20606502b2667439d9049a9a2d5c960af8e9251466d6ff8923fb82432b299f1a4":"":"":"22ccc034c5345550f5bc0114f2951f0fe439ec3ecd8ac1fea8889dd12bfb8e":0 KWP AES-256 wrap CAVS 17.4 COUNT 0 PLEN 1 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"95da2700ca6fd9a52554ee2a8df1386f5b94a1a60ed8a4aef60a8d61ab5f225a":"":"":"06ba7ae6f3248cfdcf267507fa001bc4":"":"":"d1":0 KWP AES-256 wrap CAVS 17.4 COUNT 0 PLEN 8 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"3517f0efa7f0c4d74f91af83ece5e7503bcc5ab82907a6e4b7ed34d87b69ab1d":"":"":"0b06a9b635d50cda9d4210cb3a71f990":"":"":"897e0456b289ad31":0 KWP AES-256 wrap CAVS 17.4 COUNT 0 PLEN 9 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"70da43aac823c6dd37d1109f5b18feb4503c973288989745e2cc1cc21d9570c6":"":"":"d67b5b2ad15c645450e23b5e7b6d682f8ae20e716d470db7":"":"":"edf17d966ed896aee3":0 KWP AES-256 wrap CAVS 17.4 COUNT 0 PLEN 31 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"e9bb7f44c7baafbf392ab912589a2f8db53268106eafb74689bb1833136e6113":"":"":"15b9f06fbc765e5e3d55d6b824616f21921d2a6918ee7bf1406b524274e170b4a78333ca5ee92af5":"":"":"ffe952604834bff899e63658f34246815c91597eb40a21729e0a8a959b61f2":0 KW AES-128 wrap CAVS 17.4 FAIL COUNT 1 CLEN 48 depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C @@ -242,27 +242,27 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KW:"266b009e911bb55f9aa0661539a6fdd5":"":"":"db9c94e7236ec56982d7ddeb9427c24580bc1fb96db98ab19340e03670045b7a":"":"FAIL":"":0 KW AES-192 wrap CAVS 17.4 FAIL COUNT 3 CLEN 48 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"9200a0f688d86c0b6bfd9abeff66341684a373fe3f9a3057":"":"":"5c685c8596e374710fe327bafc45cd09190215fdcc03d010":"":"FAIL":"":0 KW AES-192 wrap CAVS 17.4 FAIL COUNT 1 CLEN 80 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"95c9e644559919cace6f93f545dbfe48b130808ed66d0964":"":"":"7b8d1307e992221f6ffdcc7909d972d5f02e92187139cfd77f79345cb998bbdbabedb3ac00a6cdc4":"":"FAIL":"":0 KW AES-192 wrap CAVS 17.4 FAIL COUNT 2 CLEN 64 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KW:"e218e9643d5db01b412fcaefafe5eb237d03acfad0a3abaa":"":"":"5eee8fbf6a8ab6ba371f4581982ec61839bf28c0eb913d1f417a284dccd72580":"":"FAIL":"":0 KW AES-256 wrap CAVS 17.4 FAIL COUNT 4 CLEN 48 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"08c936b25b567a0aa679c29f201bf8b190327df0c2563e39cee061f149f4d91b":"":"":"e227eb8ae9d239ccd8928adec39c28810ca9b3dc1f366444":"":"FAIL":"":0 KW AES-256 wrap CAVS 17.4 FAIL COUNT 3 CLEN 80 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"605b22935f1eee56ba884bc7a869febc159ac306b66fb9767a7cc6ab7068dffa":"":"":"6607f5a64c8f9fd96dc6f9f735b06a193762cdbacfc367e410926c1bfe6dd715490adbad5b9697a6":"":"FAIL":"":0 KW AES-256 wrap CAVS 17.4 FAIL COUNT 3 CLEN 64 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KW:"81c93da5baa5157bf700fd38d7d67662670778b690cfbca9fe11e06268b35605":"":"":"875e1ca385586f83d1e23e44ca201006df04e1854e41b933fd607a7383ae1a39":"":"FAIL":"":0 KWP AES-128 wrap CAVS 17.4 FAIL COUNT 1 CLEN 32 @@ -270,9 +270,9 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C auth_crypt_tv:MBEDTLS_CIPHER_AES_128_KWP:"30be7ff51227f0eef786cb7be2482510":"":"":"7f61a0a8b2fe7803f2947d233ec3a255":"":"FAIL":"":0 KWP AES-192 wrap CAVS 17.4 FAIL COUNT 3 CLEN 32 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_192_KWP:"21fb6600c1d34a74adee67612672593a86cf235421735350":"":"":"56b45c49c3e379b18d9c38b6423db133":"":"FAIL":"":0 KWP AES-256 wrap CAVS 17.4 FAIL COUNT 4 CLEN 32 -depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C +depends_on:MBEDTLS_AES_C:MBEDTLS_NIST_KW_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH auth_crypt_tv:MBEDTLS_CIPHER_AES_256_KWP:"c32cb3e1e41a4b9f4de79989957866f5dd48dba38c22a6ebb80e14c84bdd9534":"":"":"c29b05c2619a58ecc1d239e7a34273cd":"":"FAIL":"":0 diff --git a/tests/suites/test_suite_cmac.data b/tests/suites/test_suite_cmac.data index 3ca5e542d..03c799f33 100644 --- a/tests/suites/test_suite_cmac.data +++ b/tests/suites/test_suite_cmac.data @@ -10,11 +10,11 @@ depends_on:MBEDTLS_AES_C mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:128:0 CMAC init #2 AES-192: OK -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_192_ECB:192:0 CMAC init #3 AES-256: OK -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_256_ECB:256:0 CMAC init #4 3DES: OK @@ -29,9 +29,29 @@ CMAC init #6 AES-0: bad key size depends_on:MBEDTLS_AES_C mbedtls_cmac_setkey:MBEDTLS_CIPHER_AES_128_ECB:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -CMAC init #7 Camellia: wrong cipher +CMAC init Camellia-128: wrong cipher depends_on:MBEDTLS_CAMELLIA_C -mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_192_ECB:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA +mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_128_ECB:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +CMAC init Camellia-192: wrong cipher +depends_on:MBEDTLS_CAMELLIA_C +mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_192_ECB:192:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +CMAC init Camellia-256: wrong cipher +depends_on:MBEDTLS_CAMELLIA_C +mbedtls_cmac_setkey:MBEDTLS_CIPHER_CAMELLIA_256_ECB:256:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +CMAC init #8 ARIA-128: wrong cipher +depends_on:MBEDTLS_ARIA_C +mbedtls_cmac_setkey:MBEDTLS_CIPHER_ARIA_128_ECB:128:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +CMAC init #8 ARIA-192: wrong cipher +depends_on:MBEDTLS_ARIA_C +mbedtls_cmac_setkey:MBEDTLS_CIPHER_ARIA_192_ECB:192:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA + +CMAC init #8 ARIA-256: wrong cipher +depends_on:MBEDTLS_ARIA_C +mbedtls_cmac_setkey:MBEDTLS_CIPHER_ARIA_256_ECB:256:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA CMAC Single Blocks #1 - Empty block, no updates depends_on:MBEDTLS_AES_C @@ -62,14 +82,14 @@ depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c" CMAC Multiple Operations, same key #1 - Empty, empty -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367" CMAC Multiple Operations, same key #2 - Empty, 64 byte block -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11" CMAC Multiple Operations, same key #3 - variable byte blocks -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11" diff --git a/tests/suites/test_suite_cmac.function b/tests/suites/test_suite_cmac.function index 9624e8fea..2d7bcd1ab 100644 --- a/tests/suites/test_suite_cmac.function +++ b/tests/suites/test_suite_cmac.function @@ -20,9 +20,9 @@ void mbedtls_cmac_null_args() { mbedtls_cipher_context_t ctx; const mbedtls_cipher_info_t *cipher_info; - unsigned char test_key[MBEDTLS_CIPHER_BLKSIZE_MAX]; - unsigned char test_data[MBEDTLS_CIPHER_BLKSIZE_MAX]; - unsigned char test_output[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char test_key[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; + unsigned char test_data[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; + unsigned char test_output[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; mbedtls_cipher_init(&ctx); @@ -111,6 +111,12 @@ void mbedtls_cmac_setkey(int cipher_type, int key_size, int result) TEST_ASSERT((cipher_info = mbedtls_cipher_info_from_type(cipher_type)) != NULL); +#if !defined(MBEDTLS_DEPRECATED_REMOVED) + TEST_LE_U(mbedtls_cipher_info_get_block_size(cipher_info), + MBEDTLS_CIPHER_BLKSIZE_MAX); +#endif /* MBEDTLS_DEPRECATED_REMOVED */ + TEST_LE_U(mbedtls_cipher_info_get_block_size(cipher_info), + MBEDTLS_CMAC_MAX_BLOCK_SIZE); memset(buf, 0x2A, sizeof(buf)); TEST_ASSERT((result == mbedtls_cipher_cmac(cipher_info, key, key_size, @@ -129,7 +135,7 @@ void mbedtls_cmac_multiple_blocks(int cipher_type, data_t *key, { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; - unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char output[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; /* Convert the test parameters to binary data */ @@ -208,7 +214,7 @@ void mbedtls_cmac_multiple_operations_same_key(int cipher_type, { const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_context_t ctx; - unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX]; + unsigned char output[MBEDTLS_CMAC_MAX_BLOCK_SIZE]; /* Convert the test parameters to binary data */ diff --git a/tests/suites/test_suite_common.data b/tests/suites/test_suite_common.data index 500852d54..bd2c413b3 100644 --- a/tests/suites/test_suite_common.data +++ b/tests/suites/test_suite_common.data @@ -18,3 +18,45 @@ mbedtls_xor:8 Block xor, length 16 mbedtls_xor:16 + +Block xor, length 64 +mbedtls_xor:64 + +Block xor, length 256 +mbedtls_xor:256 + +Block xor, length 257 +mbedtls_xor:257 + +Block xor, length 16+8 +mbedtls_xor:24 + +Block xor, length 16+8+4 +mbedtls_xor:28 + +Block xor, length 16+8+4+1 +mbedtls_xor:29 + +Block xor, length 16+8+1 +mbedtls_xor:25 + +Block xor, length 16+4 +mbedtls_xor:20 + +Block xor, length 16+4+1 +mbedtls_xor:21 + +Block xor, length 16+1 +mbedtls_xor:17 + +Block xor, length 8+4 +mbedtls_xor:12 + +Block xor, length 8+4+1 +mbedtls_xor:13 + +Block xor, length 8+1 +mbedtls_xor:9 + +Block xor, length 4+1 +mbedtls_xor:5 diff --git a/tests/suites/test_suite_common.function b/tests/suites/test_suite_common.function index dd0b2d540..5c5700c25 100644 --- a/tests/suites/test_suite_common.function +++ b/tests/suites/test_suite_common.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "../library/common.h" +#include "common.h" void fill_arrays(unsigned char *a, unsigned char *b, unsigned char *r1, unsigned char *r2, size_t n) { @@ -17,10 +17,10 @@ void mbedtls_xor(int len) { size_t n = (size_t) len; unsigned char *a = NULL, *b = NULL, *r1 = NULL, *r2 = NULL; - ASSERT_ALLOC(a, n + 1); - ASSERT_ALLOC(b, n + 1); - ASSERT_ALLOC(r1, n + 1); - ASSERT_ALLOC(r2, n + 1); + TEST_CALLOC(a, n + 1); + TEST_CALLOC(b, n + 1); + TEST_CALLOC(r1, n + 1); + TEST_CALLOC(r2, n + 1); /* Test non-overlapping */ fill_arrays(a, b, r1, r2, n); @@ -28,7 +28,7 @@ void mbedtls_xor(int len) r1[i] = a[i] ^ b[i]; } mbedtls_xor(r2, a, b, n); - ASSERT_COMPARE(r1, n, r2, n); + TEST_MEMORY_COMPARE(r1, n, r2, n); /* Test r == a */ fill_arrays(a, b, r1, r2, n); @@ -36,7 +36,7 @@ void mbedtls_xor(int len) r1[i] = r1[i] ^ b[i]; } mbedtls_xor(r2, r2, b, n); - ASSERT_COMPARE(r1, n, r2, n); + TEST_MEMORY_COMPARE(r1, n, r2, n); /* Test r == b */ fill_arrays(a, b, r1, r2, n); @@ -44,7 +44,7 @@ void mbedtls_xor(int len) r1[i] = a[i] ^ r1[i]; } mbedtls_xor(r2, a, r2, n); - ASSERT_COMPARE(r1, n, r2, n); + TEST_MEMORY_COMPARE(r1, n, r2, n); /* Test a == b */ fill_arrays(a, b, r1, r2, n); @@ -52,7 +52,7 @@ void mbedtls_xor(int len) r1[i] = a[i] ^ a[i]; } mbedtls_xor(r2, a, a, n); - ASSERT_COMPARE(r1, n, r2, n); + TEST_MEMORY_COMPARE(r1, n, r2, n); /* Test a == b == r */ fill_arrays(a, b, r1, r2, n); @@ -60,7 +60,7 @@ void mbedtls_xor(int len) r1[i] = r1[i] ^ r1[i]; } mbedtls_xor(r2, r2, r2, n); - ASSERT_COMPARE(r1, n, r2, n); + TEST_MEMORY_COMPARE(r1, n, r2, n); /* Test non-word-aligned buffers, for all combinations of alignedness */ for (int i = 0; i < 7; i++) { @@ -71,7 +71,7 @@ void mbedtls_xor(int len) r1[j + r_off] = a[j + a_off] ^ b[j + b_off]; } mbedtls_xor(r2 + r_off, a + a_off, b + b_off, n); - ASSERT_COMPARE(r1 + r_off, n, r2 + r_off, n); + TEST_MEMORY_COMPARE(r1 + r_off, n, r2 + r_off, n); } exit: mbedtls_free(a); diff --git a/tests/suites/test_suite_constant_time.data b/tests/suites/test_suite_constant_time.data index 4504aa4d6..111fef6c4 100644 --- a/tests/suites/test_suite_constant_time.data +++ b/tests/suites/test_suite_constant_time.data @@ -1,11 +1,866 @@ # these are the numbers we'd get with an empty plaintext and truncated HMAC Constant-flow memcpy from offset: small -ssl_cf_memcpy_offset:0:5:10 +mbedtls_ct_memcpy_offset:0:5:10 # we could get this with 255-bytes plaintext and untruncated SHA-256 Constant-flow memcpy from offset: medium -ssl_cf_memcpy_offset:0:255:32 +mbedtls_ct_memcpy_offset:0:255:32 # we could get this with 255-bytes plaintext and untruncated SHA-384 Constant-flow memcpy from offset: large -ssl_cf_memcpy_offset:100:339:48 +mbedtls_ct_memcpy_offset:100:339:48 + +mbedtls_ct_memcmp NULL +mbedtls_ct_memcmp_null + +mbedtls_ct_memcmp len 1 +mbedtls_ct_memcmp:-1:1:0 + +mbedtls_ct_memcmp len 3 +mbedtls_ct_memcmp:-1:3:0 + +mbedtls_ct_memcmp len 4 +mbedtls_ct_memcmp:-1:4:0 + +mbedtls_ct_memcmp len 5 +mbedtls_ct_memcmp:-1:5:0 + +mbedtls_ct_memcmp len 15 +mbedtls_ct_memcmp:-1:15:0 + +mbedtls_ct_memcmp len 16 +mbedtls_ct_memcmp:-1:16:0 + +mbedtls_ct_memcmp len 17 +mbedtls_ct_memcmp:-1:17:0 + +mbedtls_ct_memcmp len 1 different +mbedtls_ct_memcmp:0:1:0 + +mbedtls_ct_memcmp len 17 different +mbedtls_ct_memcmp:0:17:0 + +mbedtls_ct_memcmp len 17 different 1 +mbedtls_ct_memcmp:1:17:0 + +mbedtls_ct_memcmp len 17 different 4 +mbedtls_ct_memcmp:4:17:0 + +mbedtls_ct_memcmp len 17 different 10 +mbedtls_ct_memcmp:10:17:0 + +mbedtls_ct_memcmp len 17 different 16 +mbedtls_ct_memcmp:16:17:0 + +mbedtls_ct_memcmp len 1 offset 1 different +mbedtls_ct_memcmp:0:1:1 + +mbedtls_ct_memcmp len 17 offset 1 different +mbedtls_ct_memcmp:0:17:1 + +mbedtls_ct_memcmp len 17 offset 1 different 1 +mbedtls_ct_memcmp:1:17:1 + +mbedtls_ct_memcmp len 17 offset 1 different 5 +mbedtls_ct_memcmp:5:17:1 + +mbedtls_ct_memcmp len 1 offset 1 +mbedtls_ct_memcmp:-1:1:1 + +mbedtls_ct_memcmp len 1 offset 2 +mbedtls_ct_memcmp:-1:1:2 + +mbedtls_ct_memcmp len 1 offset 3 +mbedtls_ct_memcmp:-1:1:3 + +mbedtls_ct_memcmp len 5 offset 1 +mbedtls_ct_memcmp:-1:5:1 + +mbedtls_ct_memcmp len 5 offset 2 +mbedtls_ct_memcmp:-1:5:2 + +mbedtls_ct_memcmp len 5 offset 3 +mbedtls_ct_memcmp:-1:5:3 + +mbedtls_ct_memcmp len 17 offset 1 +mbedtls_ct_memcmp:-1:17:1 + +mbedtls_ct_memcmp len 17 offset 2 +mbedtls_ct_memcmp:-1:17:2 + +mbedtls_ct_memcmp len 17 offset 3 +mbedtls_ct_memcmp:-1:17:3 + +mbedtls_ct_memcmp_single_bit_diff +mbedtls_ct_memcmp_single_bit_diff: + +mbedtls_ct_memcpy_if len 1 offset 0 +mbedtls_ct_memcpy_if:1:1:0 + +mbedtls_ct_memcpy_if len 1 offset 1 +mbedtls_ct_memcpy_if:1:1:1 + +mbedtls_ct_memcpy_if len 4 offset 0 +mbedtls_ct_memcpy_if:1:1:0 + +mbedtls_ct_memcpy_if len 4 offset 1 +mbedtls_ct_memcpy_if:1:1:1 + +mbedtls_ct_memcpy_if len 4 offset 2 +mbedtls_ct_memcpy_if:1:1:2 + +mbedtls_ct_memcpy_if len 4 offset 3 +mbedtls_ct_memcpy_if:1:1:3 + +mbedtls_ct_memcpy_if len 15 offset 0 +mbedtls_ct_memcpy_if:1:15:0 + +mbedtls_ct_memcpy_if len 15 offset 1 +mbedtls_ct_memcpy_if:1:15:1 + +mbedtls_ct_memcpy_if len 16 offset 0 +mbedtls_ct_memcpy_if:1:16:0 + +mbedtls_ct_memcpy_if len 16 offset 1 +mbedtls_ct_memcpy_if:1:16:1 + +mbedtls_ct_memcpy_if len 17 offset 0 +mbedtls_ct_memcpy_if:1:17:0 + +mbedtls_ct_memcpy_if len 17 offset 1 +mbedtls_ct_memcpy_if:1:17:1 + +mbedtls_ct_memcpy_if len 0 not eq +mbedtls_ct_memcpy_if:0:17:0 + +mbedtls_ct_memcpy_if len 5 offset 1 not eq +mbedtls_ct_memcpy_if:0:5:1 + +mbedtls_ct_memcpy_if len 17 offset 3 not eq +mbedtls_ct_memcpy_if:0:17:3 + +mbedtls_ct_bool 0 +mbedtls_ct_bool:"0x0" + +mbedtls_ct_bool 1 +mbedtls_ct_bool:"0x1" + +mbedtls_ct_bool 4 +mbedtls_ct_bool:"0x4" + +mbedtls_ct_bool 0xfffffff +mbedtls_ct_bool:"0xfffffff" + +mbedtls_ct_bool 0x7fffffff +mbedtls_ct_bool:"0x7fffffff" + +mbedtls_ct_bool 0xfffffffe +mbedtls_ct_bool:"0xfffffffe" + +mbedtls_ct_bool 0xffffffff +mbedtls_ct_bool:"0xffffffff" + +mbedtls_ct_bool 0x0fffffffffffffff +mbedtls_ct_bool:"0x0fffffffffffffff" + +mbedtls_ct_bool 0x7fffffffffffffff +mbedtls_ct_bool:"0x7fffffffffffffff" + +mbedtls_ct_bool 0xffffffffffffffff +mbedtls_ct_bool:"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 0x0 0x0 +mbedtls_ct_bool_xxx:"0x0":"0x0" + +mbedtls_ct_bool_xxx 0x0 0x1 +mbedtls_ct_bool_xxx:"0x0":"0x1" + +mbedtls_ct_bool_xxx 0x0 0x7fffffff +mbedtls_ct_bool_xxx:"0x0":"0x7fffffff" + +mbedtls_ct_bool_xxx 0x0 0xffffffff +mbedtls_ct_bool_xxx:"0x0":"0xffffffff" + +mbedtls_ct_bool_xxx 0x0 0x7fffffffffffffff +mbedtls_ct_bool_xxx:"0x0":"0x7fffffffffffffff" + +mbedtls_ct_bool_xxx 0x0 0xffffffffffffffff +mbedtls_ct_bool_xxx:"0x0":"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 0x1 0x0 +mbedtls_ct_bool_xxx:"0x1":"0x0" + +mbedtls_ct_bool_xxx 0x1 0x1 +mbedtls_ct_bool_xxx:"0x1":"0x1" + +mbedtls_ct_bool_xxx 0x1 0x7fffffff +mbedtls_ct_bool_xxx:"0x1":"0x7fffffff" + +mbedtls_ct_bool_xxx 0x1 0xffffffff +mbedtls_ct_bool_xxx:"0x1":"0xffffffff" + +mbedtls_ct_bool_xxx 0x1 0x7fffffffffffffff +mbedtls_ct_bool_xxx:"0x1":"0x7fffffffffffffff" + +mbedtls_ct_bool_xxx 0x1 0xffffffffffffffff +mbedtls_ct_bool_xxx:"0x1":"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 0x7fffffff 0x0 +mbedtls_ct_bool_xxx:"0x7fffffff":"0x0" + +mbedtls_ct_bool_xxx 0x7fffffff 0x1 +mbedtls_ct_bool_xxx:"0x7fffffff":"0x1" + +mbedtls_ct_bool_xxx 0x7fffffff 0x7fffffff +mbedtls_ct_bool_xxx:"0x7fffffff":"0x7fffffff" + +mbedtls_ct_bool_xxx 0x7fffffff 0xffffffff +mbedtls_ct_bool_xxx:"0x7fffffff":"0xffffffff" + +mbedtls_ct_bool_xxx 0x7fffffff 0x7fffffffffffffff +mbedtls_ct_bool_xxx:"0x7fffffff":"0x7fffffffffffffff" + +mbedtls_ct_bool_xxx 0x7fffffff 0xffffffffffffffff +mbedtls_ct_bool_xxx:"0x7fffffff":"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 0xffffffff 0x0 +mbedtls_ct_bool_xxx:"0xffffffff":"0x0" + +mbedtls_ct_bool_xxx 0xffffffff 0x1 +mbedtls_ct_bool_xxx:"0xffffffff":"0x1" + +mbedtls_ct_bool_xxx 0xffffffff 0x7fffffff +mbedtls_ct_bool_xxx:"0xffffffff":"0x7fffffff" + +mbedtls_ct_bool_xxx 0xffffffff 0xffffffff +mbedtls_ct_bool_xxx:"0xffffffff":"0xffffffff" + +mbedtls_ct_bool_xxx 0xffffffff 0x7fffffffffffffff +mbedtls_ct_bool_xxx:"0xffffffff":"0x7fffffffffffffff" + +mbedtls_ct_bool_xxx 0xffffffff 0xffffffffffffffff +mbedtls_ct_bool_xxx:"0xffffffff":"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 0x7fffffffffffffff 0x0 +mbedtls_ct_bool_xxx:"0x7fffffffffffffff":"0x0" + +mbedtls_ct_bool_xxx 0x7fffffffffffffff 0x1 +mbedtls_ct_bool_xxx:"0x7fffffffffffffff":"0x1" + +mbedtls_ct_bool_xxx 0x7fffffffffffffff 0x7fffffff +mbedtls_ct_bool_xxx:"0x7fffffffffffffff":"0x7fffffff" + +mbedtls_ct_bool_xxx 0x7fffffffffffffff 0xffffffff +mbedtls_ct_bool_xxx:"0x7fffffffffffffff":"0xffffffff" + +mbedtls_ct_bool_xxx 0x7fffffffffffffff 0x7fffffffffffffff +mbedtls_ct_bool_xxx:"0x7fffffffffffffff":"0x7fffffffffffffff" + +mbedtls_ct_bool_xxx 0x7fffffffffffffff 0xffffffffffffffff +mbedtls_ct_bool_xxx:"0x7fffffffffffffff":"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 0xffffffffffffffff 0x0 +mbedtls_ct_bool_xxx:"0xffffffffffffffff":"0x0" + +mbedtls_ct_bool_xxx 0xffffffffffffffff 0x1 +mbedtls_ct_bool_xxx:"0xffffffffffffffff":"0x1" + +mbedtls_ct_bool_xxx 0xffffffffffffffff 0x7fffffff +mbedtls_ct_bool_xxx:"0xffffffffffffffff":"0x7fffffff" + +mbedtls_ct_bool_xxx 0xffffffffffffffff 0xffffffff +mbedtls_ct_bool_xxx:"0xffffffffffffffff":"0xffffffff" + +mbedtls_ct_bool_xxx 0xffffffffffffffff 0x7fffffffffffffff +mbedtls_ct_bool_xxx:"0xffffffffffffffff":"0x7fffffffffffffff" + +mbedtls_ct_bool_xxx 0xffffffffffffffff 0xffffffffffffffff +mbedtls_ct_bool_xxx:"0xffffffffffffffff":"0xffffffffffffffff" + +mbedtls_ct_bool_xxx 138 256 +mbedtls_ct_bool_xxx:"138":"256" + +mbedtls_ct_bool_xxx 256 138 +mbedtls_ct_bool_xxx:"256":"138" + +mbedtls_ct_bool_xxx 6 6 +mbedtls_ct_bool_xxx:"0x6":"0x6" + +mbedtls_ct_uchar_in_range_if 0 0 0 +mbedtls_ct_uchar_in_range_if:0:0:0 + +mbedtls_ct_uchar_in_range_if 0 0 100 +mbedtls_ct_uchar_in_range_if:0:0:100 + +mbedtls_ct_uchar_in_range_if 0 0 255 +mbedtls_ct_uchar_in_range_if:0:0:255 + +mbedtls_ct_uchar_in_range_if 0 65 0 +mbedtls_ct_uchar_in_range_if:0:65:0 + +mbedtls_ct_uchar_in_range_if 0 65 100 +mbedtls_ct_uchar_in_range_if:0:65:100 + +mbedtls_ct_uchar_in_range_if 0 65 255 +mbedtls_ct_uchar_in_range_if:0:65:255 + +mbedtls_ct_uchar_in_range_if 0 90 0 +mbedtls_ct_uchar_in_range_if:0:90:0 + +mbedtls_ct_uchar_in_range_if 0 90 100 +mbedtls_ct_uchar_in_range_if:0:90:100 + +mbedtls_ct_uchar_in_range_if 0 90 255 +mbedtls_ct_uchar_in_range_if:0:90:255 + +mbedtls_ct_uchar_in_range_if 0 255 0 +mbedtls_ct_uchar_in_range_if:0:255:0 + +mbedtls_ct_uchar_in_range_if 0 255 100 +mbedtls_ct_uchar_in_range_if:0:255:100 + +mbedtls_ct_uchar_in_range_if 0 255 255 +mbedtls_ct_uchar_in_range_if:0:255:255 + +mbedtls_ct_uchar_in_range_if 65 0 0 +mbedtls_ct_uchar_in_range_if:65:0:0 + +mbedtls_ct_uchar_in_range_if 65 0 100 +mbedtls_ct_uchar_in_range_if:65:0:100 + +mbedtls_ct_uchar_in_range_if 65 0 255 +mbedtls_ct_uchar_in_range_if:65:0:255 + +mbedtls_ct_uchar_in_range_if 65 65 0 +mbedtls_ct_uchar_in_range_if:65:65:0 + +mbedtls_ct_uchar_in_range_if 65 65 100 +mbedtls_ct_uchar_in_range_if:65:65:100 + +mbedtls_ct_uchar_in_range_if 65 65 255 +mbedtls_ct_uchar_in_range_if:65:65:255 + +mbedtls_ct_uchar_in_range_if 65 90 0 +mbedtls_ct_uchar_in_range_if:65:90:0 + +mbedtls_ct_uchar_in_range_if 65 90 100 +mbedtls_ct_uchar_in_range_if:65:90:100 + +mbedtls_ct_uchar_in_range_if 65 90 255 +mbedtls_ct_uchar_in_range_if:65:90:255 + +mbedtls_ct_uchar_in_range_if 65 255 0 +mbedtls_ct_uchar_in_range_if:65:255:0 + +mbedtls_ct_uchar_in_range_if 65 255 100 +mbedtls_ct_uchar_in_range_if:65:255:100 + +mbedtls_ct_uchar_in_range_if 65 255 255 +mbedtls_ct_uchar_in_range_if:65:255:255 + +mbedtls_ct_uchar_in_range_if 90 0 0 +mbedtls_ct_uchar_in_range_if:90:0:0 + +mbedtls_ct_uchar_in_range_if 90 0 100 +mbedtls_ct_uchar_in_range_if:90:0:100 + +mbedtls_ct_uchar_in_range_if 90 0 255 +mbedtls_ct_uchar_in_range_if:90:0:255 + +mbedtls_ct_uchar_in_range_if 90 65 0 +mbedtls_ct_uchar_in_range_if:90:65:0 + +mbedtls_ct_uchar_in_range_if 90 65 100 +mbedtls_ct_uchar_in_range_if:90:65:100 + +mbedtls_ct_uchar_in_range_if 90 65 255 +mbedtls_ct_uchar_in_range_if:90:65:255 + +mbedtls_ct_uchar_in_range_if 90 90 0 +mbedtls_ct_uchar_in_range_if:90:90:0 + +mbedtls_ct_uchar_in_range_if 90 90 100 +mbedtls_ct_uchar_in_range_if:90:90:100 + +mbedtls_ct_uchar_in_range_if 90 90 255 +mbedtls_ct_uchar_in_range_if:90:90:255 + +mbedtls_ct_uchar_in_range_if 90 255 0 +mbedtls_ct_uchar_in_range_if:90:255:0 + +mbedtls_ct_uchar_in_range_if 90 255 100 +mbedtls_ct_uchar_in_range_if:90:255:100 + +mbedtls_ct_uchar_in_range_if 90 255 255 +mbedtls_ct_uchar_in_range_if:90:255:255 + +mbedtls_ct_uchar_in_range_if 255 0 0 +mbedtls_ct_uchar_in_range_if:255:0:0 + +mbedtls_ct_uchar_in_range_if 255 0 100 +mbedtls_ct_uchar_in_range_if:255:0:100 + +mbedtls_ct_uchar_in_range_if 255 0 255 +mbedtls_ct_uchar_in_range_if:255:0:255 + +mbedtls_ct_uchar_in_range_if 255 65 0 +mbedtls_ct_uchar_in_range_if:255:65:0 + +mbedtls_ct_uchar_in_range_if 255 65 100 +mbedtls_ct_uchar_in_range_if:255:65:100 + +mbedtls_ct_uchar_in_range_if 255 65 255 +mbedtls_ct_uchar_in_range_if:255:65:255 + +mbedtls_ct_uchar_in_range_if 255 90 0 +mbedtls_ct_uchar_in_range_if:255:90:0 + +mbedtls_ct_uchar_in_range_if 255 90 100 +mbedtls_ct_uchar_in_range_if:255:90:100 + +mbedtls_ct_uchar_in_range_if 255 90 255 +mbedtls_ct_uchar_in_range_if:255:90:255 + +mbedtls_ct_uchar_in_range_if 255 255 0 +mbedtls_ct_uchar_in_range_if:255:255:0 + +mbedtls_ct_uchar_in_range_if 255 255 100 +mbedtls_ct_uchar_in_range_if:255:255:100 + +mbedtls_ct_uchar_in_range_if 255 255 255 +mbedtls_ct_uchar_in_range_if:255:255:255 + +mbedtls_ct_if 0x0 0x0 0x0 +mbedtls_ct_if:"0x0":"0x0":"0x0" + +mbedtls_ct_if 0x0 0x0 0x1 +mbedtls_ct_if:"0x0":"0x0":"0x1" + +mbedtls_ct_if 0x0 0x0 0x7fffffff +mbedtls_ct_if:"0x0":"0x0":"0x7fffffff" + +mbedtls_ct_if 0x0 0x0 0xffffffff +mbedtls_ct_if:"0x0":"0x0":"0xffffffff" + +mbedtls_ct_if 0x0 0x0 0x7fffffffffffffff +mbedtls_ct_if:"0x0":"0x0":"0x7fffffffffffffff" + +mbedtls_ct_if 0x0 0x0 0xffffffffffffffff +mbedtls_ct_if:"0x0":"0x0":"0xffffffffffffffff" + +mbedtls_ct_if 0x0 0x1 0x0 +mbedtls_ct_if:"0x0":"0x1":"0x0" + +mbedtls_ct_if 0x0 0x1 0x1 +mbedtls_ct_if:"0x0":"0x1":"0x1" + +mbedtls_ct_if 0x0 0x1 0x7fffffff +mbedtls_ct_if:"0x0":"0x1":"0x7fffffff" + +mbedtls_ct_if 0x0 0x1 0xffffffff +mbedtls_ct_if:"0x0":"0x1":"0xffffffff" + +mbedtls_ct_if 0x0 0x1 0x7fffffffffffffff +mbedtls_ct_if:"0x0":"0x1":"0x7fffffffffffffff" + +mbedtls_ct_if 0x0 0x1 0xffffffffffffffff +mbedtls_ct_if:"0x0":"0x1":"0xffffffffffffffff" + +mbedtls_ct_if 0x0 0x7fffffff 0x0 +mbedtls_ct_if:"0x0":"0x7fffffff":"0x0" + +mbedtls_ct_if 0x0 0x7fffffff 0x1 +mbedtls_ct_if:"0x0":"0x7fffffff":"0x1" + +mbedtls_ct_if 0x0 0x7fffffff 0x7fffffff +mbedtls_ct_if:"0x0":"0x7fffffff":"0x7fffffff" + +mbedtls_ct_if 0x0 0x7fffffff 0xffffffff +mbedtls_ct_if:"0x0":"0x7fffffff":"0xffffffff" + +mbedtls_ct_if 0x0 0x7fffffff 0x7fffffffffffffff +mbedtls_ct_if:"0x0":"0x7fffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0x0 0x7fffffff 0xffffffffffffffff +mbedtls_ct_if:"0x0":"0x7fffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0x0 0xffffffff 0x0 +mbedtls_ct_if:"0x0":"0xffffffff":"0x0" + +mbedtls_ct_if 0x0 0xffffffff 0x1 +mbedtls_ct_if:"0x0":"0xffffffff":"0x1" + +mbedtls_ct_if 0x0 0xffffffff 0x7fffffff +mbedtls_ct_if:"0x0":"0xffffffff":"0x7fffffff" + +mbedtls_ct_if 0x0 0xffffffff 0xffffffff +mbedtls_ct_if:"0x0":"0xffffffff":"0xffffffff" + +mbedtls_ct_if 0x0 0xffffffff 0x7fffffffffffffff +mbedtls_ct_if:"0x0":"0xffffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0x0 0xffffffff 0xffffffffffffffff +mbedtls_ct_if:"0x0":"0xffffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0x0 0x7fffffffffffffff 0x0 +mbedtls_ct_if:"0x0":"0x7fffffffffffffff":"0x0" + +mbedtls_ct_if 0x0 0x7fffffffffffffff 0x1 +mbedtls_ct_if:"0x0":"0x7fffffffffffffff":"0x1" + +mbedtls_ct_if 0x0 0x7fffffffffffffff 0x7fffffff +mbedtls_ct_if:"0x0":"0x7fffffffffffffff":"0x7fffffff" + +mbedtls_ct_if 0x0 0x7fffffffffffffff 0xffffffff +mbedtls_ct_if:"0x0":"0x7fffffffffffffff":"0xffffffff" + +mbedtls_ct_if 0x0 0x7fffffffffffffff 0x7fffffffffffffff +mbedtls_ct_if:"0x0":"0x7fffffffffffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0x0 0x7fffffffffffffff 0xffffffffffffffff +mbedtls_ct_if:"0x0":"0x7fffffffffffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0x0 0xffffffffffffffff 0x0 +mbedtls_ct_if:"0x0":"0xffffffffffffffff":"0x0" + +mbedtls_ct_if 0x0 0xffffffffffffffff 0x1 +mbedtls_ct_if:"0x0":"0xffffffffffffffff":"0x1" + +mbedtls_ct_if 0x0 0xffffffffffffffff 0x7fffffff +mbedtls_ct_if:"0x0":"0xffffffffffffffff":"0x7fffffff" + +mbedtls_ct_if 0x0 0xffffffffffffffff 0xffffffff +mbedtls_ct_if:"0x0":"0xffffffffffffffff":"0xffffffff" + +mbedtls_ct_if 0x0 0xffffffffffffffff 0x7fffffffffffffff +mbedtls_ct_if:"0x0":"0xffffffffffffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0x0 0xffffffffffffffff 0xffffffffffffffff +mbedtls_ct_if:"0x0":"0xffffffffffffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x0 0x0 +mbedtls_ct_if:"0xffffffffffffffff":"0x0":"0x0" + +mbedtls_ct_if 0xffffffffffffffff 0x0 0x1 +mbedtls_ct_if:"0xffffffffffffffff":"0x0":"0x1" + +mbedtls_ct_if 0xffffffffffffffff 0x0 0x7fffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x0":"0x7fffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x0 0xffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x0":"0xffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x0 0x7fffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x0":"0x7fffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x0 0xffffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x0":"0xffffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x1 0x0 +mbedtls_ct_if:"0xffffffffffffffff":"0x1":"0x0" + +mbedtls_ct_if 0xffffffffffffffff 0x1 0x1 +mbedtls_ct_if:"0xffffffffffffffff":"0x1":"0x1" + +mbedtls_ct_if 0xffffffffffffffff 0x1 0x7fffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x1":"0x7fffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x1 0xffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x1":"0xffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x1 0x7fffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x1":"0x7fffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x1 0xffffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x1":"0xffffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffff 0x0 +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffff":"0x0" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffff 0x1 +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffff":"0x1" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffff 0x7fffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffff":"0x7fffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffff 0xffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffff":"0xffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffff 0x7fffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffff 0xffffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffff 0x0 +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffff":"0x0" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffff 0x1 +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffff":"0x1" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffff 0x7fffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffff":"0x7fffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffff 0xffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffff":"0xffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffff 0x7fffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffff 0xffffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffffffffffff 0x0 +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffffffffffff":"0x0" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffffffffffff 0x1 +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffffffffffff":"0x1" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffffffffffff 0x7fffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffffffffffff":"0x7fffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffffffffffff 0xffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffffffffffff":"0xffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffffffffffff 0x7fffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffffffffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0x7fffffffffffffff 0xffffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0x7fffffffffffffff":"0xffffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0x0 +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0x0" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0x1 +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0x1" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0x7fffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0x7fffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0xffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0xffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0x7fffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0x7fffffffffffffff" + +mbedtls_ct_if 0xffffffffffffffff 0xffffffffffffffff 0xffffffffffffffff +mbedtls_ct_if:"0xffffffffffffffff":"0xffffffffffffffff":"0xffffffffffffffff" + +mbedtls_ct_error_if 0 0 0 +mbedtls_ct_error_if:0:0:0 + +mbedtls_ct_error_if 0 0 -1 +mbedtls_ct_error_if:0:0:-1 + +mbedtls_ct_error_if 0 0 -32766 +mbedtls_ct_error_if:0:0:-32766 + +mbedtls_ct_error_if 0 0 -32767 +mbedtls_ct_error_if:0:0:-32767 + +mbedtls_ct_error_if 0 -1 0 +mbedtls_ct_error_if:0:-1:0 + +mbedtls_ct_error_if 0 -1 -1 +mbedtls_ct_error_if:0:-1:-1 + +mbedtls_ct_error_if 0 -1 -32766 +mbedtls_ct_error_if:0:-1:-32766 + +mbedtls_ct_error_if 0 -1 -32767 +mbedtls_ct_error_if:0:-1:-32767 + +mbedtls_ct_error_if 0 -32766 0 +mbedtls_ct_error_if:0:-32766:0 + +mbedtls_ct_error_if 0 -32766 -1 +mbedtls_ct_error_if:0:-32766:-1 + +mbedtls_ct_error_if 0 -32766 -32766 +mbedtls_ct_error_if:0:-32766:-32766 + +mbedtls_ct_error_if 0 -32766 -32767 +mbedtls_ct_error_if:0:-32766:-32767 + +mbedtls_ct_error_if 0 -32767 0 +mbedtls_ct_error_if:0:-32767:0 + +mbedtls_ct_error_if 0 -32767 -1 +mbedtls_ct_error_if:0:-32767:-1 + +mbedtls_ct_error_if 0 -32767 -32766 +mbedtls_ct_error_if:0:-32767:-32766 + +mbedtls_ct_error_if 0 -32767 -32767 +mbedtls_ct_error_if:0:-32767:-32767 + +mbedtls_ct_error_if 1 0 0 +mbedtls_ct_error_if:1:0:0 + +mbedtls_ct_error_if 1 0 -1 +mbedtls_ct_error_if:1:0:-1 + +mbedtls_ct_error_if 1 0 -32766 +mbedtls_ct_error_if:1:0:-32766 + +mbedtls_ct_error_if 1 0 -32767 +mbedtls_ct_error_if:1:0:-32767 + +mbedtls_ct_error_if 1 -1 0 +mbedtls_ct_error_if:1:-1:0 + +mbedtls_ct_error_if 1 -1 -1 +mbedtls_ct_error_if:1:-1:-1 + +mbedtls_ct_error_if 1 -1 -32766 +mbedtls_ct_error_if:1:-1:-32766 + +mbedtls_ct_error_if 1 -1 -32767 +mbedtls_ct_error_if:1:-1:-32767 + +mbedtls_ct_error_if 1 -32766 0 +mbedtls_ct_error_if:1:-32766:0 + +mbedtls_ct_error_if 1 -32766 -1 +mbedtls_ct_error_if:1:-32766:-1 + +mbedtls_ct_error_if 1 -32766 -32766 +mbedtls_ct_error_if:1:-32766:-32766 + +mbedtls_ct_error_if 1 -32766 -32767 +mbedtls_ct_error_if:1:-32766:-32767 + +mbedtls_ct_error_if 1 -32767 0 +mbedtls_ct_error_if:1:-32767:0 + +mbedtls_ct_error_if 1 -32767 -1 +mbedtls_ct_error_if:1:-32767:-1 + +mbedtls_ct_error_if 1 -32767 -32766 +mbedtls_ct_error_if:1:-32767:-32766 + +mbedtls_ct_error_if 1 -32767 -32767 +mbedtls_ct_error_if:1:-32767:-32767 + +mbedtls_ct_zeroize_if 0x0 0 +mbedtls_ct_zeroize_if:"0x0":0 + +mbedtls_ct_zeroize_if 0x0 1 +mbedtls_ct_zeroize_if:"0x0":1 + +mbedtls_ct_zeroize_if 0x0 1024 +mbedtls_ct_zeroize_if:"0x0":1024 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 0 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":0 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 1 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":1 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 4 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":4 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 5 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":5 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 7 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":7 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 8 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":8 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 9 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":9 + +mbedtls_ct_zeroize_if 0xffffffffffffffff 1024 +mbedtls_ct_zeroize_if:"0xffffffffffffffff":1024 + +mbedtls_ct_memmove_left 0 0 +mbedtls_ct_memmove_left:0:0 + +mbedtls_ct_memmove_left 1 0 +mbedtls_ct_memmove_left:1:0 + +mbedtls_ct_memmove_left 1 1 +mbedtls_ct_memmove_left:1:1 + +mbedtls_ct_memmove_left 16 0 +mbedtls_ct_memmove_left:16:0 + +mbedtls_ct_memmove_left 16 1 +mbedtls_ct_memmove_left:16:1 + +mbedtls_ct_memmove_left 16 4 +mbedtls_ct_memmove_left:16:4 + +mbedtls_ct_memmove_left 16 15 +mbedtls_ct_memmove_left:16:15 + +mbedtls_ct_memmove_left 16 16 +mbedtls_ct_memmove_left:16:16 + +mbedtls_ct_memcmp_partial -1 0 0 0 +mbedtls_ct_memcmp_partial:-1:0:0:0 + +mbedtls_ct_memcmp_partial 0 1 0 0 +mbedtls_ct_memcmp_partial:0:1:0:0 + +mbedtls_ct_memcmp_partial 0 1 1 0 +mbedtls_ct_memcmp_partial:0:1:1:0 + +mbedtls_ct_memcmp_partial 0 1 0 1 +mbedtls_ct_memcmp_partial:0:1:0:1 + +mbedtls_ct_memcmp_partial -1 1 0 0 +mbedtls_ct_memcmp_partial:-1:1:0:0 + +mbedtls_ct_memcmp_partial 0 2 0 1 +mbedtls_ct_memcmp_partial:0:2:0:1 + +mbedtls_ct_memcmp_partial 0 2 1 0 +mbedtls_ct_memcmp_partial:0:2:1:0 + +mbedtls_ct_memcmp_partial 0 16 4 4 +mbedtls_ct_memcmp_partial:0:16:4:4 + +mbedtls_ct_memcmp_partial 2 16 4 4 +mbedtls_ct_memcmp_partial:2:16:4:4 + +mbedtls_ct_memcmp_partial 3 16 4 4 +mbedtls_ct_memcmp_partial:3:16:4:4 + +mbedtls_ct_memcmp_partial 4 16 4 4 +mbedtls_ct_memcmp_partial:4:16:4:4 + +mbedtls_ct_memcmp_partial 7 16 4 4 +mbedtls_ct_memcmp_partial:7:16:4:4 + +mbedtls_ct_memcmp_partial 11 16 4 4 +mbedtls_ct_memcmp_partial:11:16:4:4 + +mbedtls_ct_memcmp_partial 12 16 4 4 +mbedtls_ct_memcmp_partial:12:16:4:4 + +mbedtls_ct_memcmp_partial 15 16 4 4 +mbedtls_ct_memcmp_partial:15:16:4:4 + +mbedtls_ct_memcmp_partial 15 16 4 0 +mbedtls_ct_memcmp_partial:15:16:4:0 + +mbedtls_ct_memcmp_partial 15 16 0 4 +mbedtls_ct_memcmp_partial:15:16:0:4 + +mbedtls_ct_memcmp_partial 0 16 0 0 +mbedtls_ct_memcmp_partial:0:16:0:0 + +mbedtls_ct_memcmp_partial 15 16 0 0 +mbedtls_ct_memcmp_partial:15:16:0:0 + +mbedtls_ct_memcmp_partial -1 16 0 0 +mbedtls_ct_memcmp_partial:-1:16:0:0 + +mbedtls_ct_memcmp_partial -1 16 12 4 +mbedtls_ct_memcmp_partial:-1:16:12:4 + +mbedtls_ct_memcmp_partial -1 16 8 8 +mbedtls_ct_memcmp_partial:-1:16:8:8 diff --git a/tests/suites/test_suite_constant_time.function b/tests/suites/test_suite_constant_time.function index a40149ab4..31273652d 100644 --- a/tests/suites/test_suite_constant_time.function +++ b/tests/suites/test_suite_constant_time.function @@ -8,23 +8,471 @@ * under MSan or Valgrind will detect a non-constant-time implementation. */ +#include + +#include +#include +#include + +#include #include #include -#include #include /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ -void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len) +/* BEGIN_CASE */ +void mbedtls_ct_memcmp_null() +{ + uint32_t x = 0; + TEST_ASSERT(mbedtls_ct_memcmp(&x, NULL, 0) == 0); + TEST_ASSERT(mbedtls_ct_memcmp(NULL, &x, 0) == 0); + TEST_ASSERT(mbedtls_ct_memcmp(NULL, NULL, 0) == 0); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_bool(char *input) +{ + mbedtls_ct_uint_t v = (mbedtls_ct_uint_t) strtoull(input, NULL, 16); + TEST_ASSERT(errno == 0); + + mbedtls_ct_condition_t expected = (v != 0) ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_CF_SECRET(&v, sizeof(v)); + TEST_EQUAL(mbedtls_ct_bool(v), expected); + TEST_CF_PUBLIC(&v, sizeof(v)); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_bool_xxx(char *x_str, char *y_str) +{ + mbedtls_ct_uint_t x = strtoull(x_str, NULL, 0); + mbedtls_ct_uint_t y = strtoull(y_str, NULL, 0); + + mbedtls_ct_uint_t x1 = x; + mbedtls_ct_uint_t y1 = y; + + TEST_CF_SECRET(&x, sizeof(x)); + TEST_CF_SECRET(&y, sizeof(y)); + + mbedtls_ct_condition_t expected = x1 ? MBEDTLS_CT_FALSE : MBEDTLS_CT_TRUE; + TEST_EQUAL(mbedtls_ct_bool_not(mbedtls_ct_bool(x)), expected); + + expected = x1 != y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_uint_ne(x, y), expected); + + expected = x1 == y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_uint_eq(x, y), expected); + + expected = x1 > y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_uint_gt(x, y), expected); + + expected = x1 < y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_uint_lt(x, y), expected); + + expected = x1 >= y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_uint_ge(x, y), expected); + + expected = x1 <= y1 ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_uint_le(x, y), expected); + + expected = (!!x1) != (!!y1) ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_bool_ne(mbedtls_ct_bool(x), mbedtls_ct_bool(y)), expected); + + expected = (!!x1) && (!!y1) ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_bool_and(mbedtls_ct_bool(x), mbedtls_ct_bool(y)), expected); + + expected = (!!x1) || (!!y1) ? MBEDTLS_CT_TRUE : MBEDTLS_CT_FALSE; + TEST_EQUAL(mbedtls_ct_bool_or(mbedtls_ct_bool(x), mbedtls_ct_bool(y)), expected); + + TEST_CF_PUBLIC(&x, sizeof(x)); + TEST_CF_PUBLIC(&y, sizeof(y)); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_BASE64_C */ +void mbedtls_ct_uchar_in_range_if(int li, int hi, int ti) +{ + unsigned char l = li, h = hi, t = ti; + + for (unsigned x = 0; x <= 255; x++) { + unsigned char expected = (x >= l) && (x <= h) ? t : 0; + + TEST_CF_SECRET(&x, sizeof(x)); + TEST_CF_SECRET(&l, sizeof(l)); + TEST_CF_SECRET(&h, sizeof(h)); + TEST_CF_SECRET(&t, sizeof(t)); + + TEST_EQUAL(mbedtls_ct_uchar_in_range_if(l, h, (unsigned char) x, t), expected); + + TEST_CF_PUBLIC(&x, sizeof(x)); + TEST_CF_PUBLIC(&l, sizeof(l)); + TEST_CF_PUBLIC(&h, sizeof(h)); + TEST_CF_PUBLIC(&t, sizeof(t)); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_error_if(int cond, int t, int f) +{ + mbedtls_ct_condition_t c = mbedtls_ct_bool(cond); + + int expected = c ? t : f; + int expected0 = c ? t : 0; + + TEST_CF_SECRET(&c, sizeof(c)); + TEST_CF_SECRET(&t, sizeof(t)); + TEST_CF_SECRET(&f, sizeof(f)); + + TEST_EQUAL(mbedtls_ct_error_if(c, t, f), expected); + TEST_EQUAL(mbedtls_ct_error_if_else_0(c, t), expected0); + + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(&t, sizeof(t)); + TEST_CF_PUBLIC(&f, sizeof(f)); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_if(char *c_str, char *t_str, char *f_str) +{ + mbedtls_ct_condition_t c = mbedtls_ct_bool(strtoull(c_str, NULL, 16)); + mbedtls_ct_uint_t t = (mbedtls_ct_uint_t) strtoull(t_str, NULL, 16); + mbedtls_ct_uint_t f = (mbedtls_ct_uint_t) strtoull(f_str, NULL, 16); + + mbedtls_ct_uint_t expected = c ? t : f; + mbedtls_ct_uint_t expected0 = c ? t : 0; + + TEST_CF_SECRET(&c, sizeof(c)); + TEST_CF_SECRET(&t, sizeof(t)); + TEST_CF_SECRET(&f, sizeof(f)); + + TEST_EQUAL(mbedtls_ct_if(c, t, f), expected); + TEST_EQUAL(mbedtls_ct_size_if(c, t, f), (size_t) expected); + TEST_EQUAL(mbedtls_ct_uint_if(c, t, f), (unsigned) expected); + TEST_EQUAL(mbedtls_ct_bool_if(c, mbedtls_ct_bool(t), mbedtls_ct_bool(f)), + mbedtls_ct_bool(expected)); +#if defined(MBEDTLS_BIGNUM_C) + TEST_EQUAL(mbedtls_ct_mpi_uint_if(c, t, f), (mbedtls_mpi_uint) expected); +#endif + + TEST_EQUAL(mbedtls_ct_uint_if_else_0(c, t), (unsigned) expected0); + TEST_EQUAL(mbedtls_ct_size_if_else_0(c, (size_t) t), (size_t) expected0); + TEST_EQUAL(mbedtls_ct_bool_if_else_0(c, mbedtls_ct_bool(t)), mbedtls_ct_bool(expected0)); +#if defined(MBEDTLS_BIGNUM_C) + TEST_EQUAL(mbedtls_ct_mpi_uint_if_else_0(c, t), (mbedtls_mpi_uint) expected0); +#endif + + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(&t, sizeof(t)); + TEST_CF_PUBLIC(&f, sizeof(f)); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:!MBEDTLS_RSA_ALT */ +void mbedtls_ct_zeroize_if(char *c_str, int len) +{ + uint8_t *buf = NULL; + mbedtls_ct_condition_t c = mbedtls_ct_bool(strtoull(c_str, NULL, 16)); + + TEST_CALLOC(buf, len); + for (size_t i = 0; i < (size_t) len; i++) { + buf[i] = 1; + } + + TEST_CF_SECRET(&c, sizeof(c)); + TEST_CF_SECRET(buf, len); + mbedtls_ct_zeroize_if(c, buf, len); + TEST_CF_PUBLIC(&c, sizeof(c)); + TEST_CF_PUBLIC(buf, len); + + for (size_t i = 0; i < (size_t) len; i++) { + TEST_EQUAL(buf[i], c != 0 ? 0 : 1); + } +exit: + mbedtls_free(buf); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_memcmp_single_bit_diff() +{ + uint8_t *a = NULL, *b = NULL; + size_t size = 32; + TEST_CALLOC(a, size); + TEST_CALLOC(b, size); + + TEST_CF_SECRET(a, size); + TEST_CF_SECRET(b, size); + int result = mbedtls_ct_memcmp(a, b, size); + TEST_CF_PUBLIC(a, size); + TEST_CF_PUBLIC(b, size); + TEST_CF_PUBLIC(&result, sizeof(result)); + + TEST_EQUAL(result, 0); + + for (size_t offset = 0; offset < size; offset++) { + for (size_t bit_offset = 0; bit_offset < 8; bit_offset++) { + /* Set a single bit to be different at given offset, to test that we + detect single-bit differences */ + a[offset] = 1 << bit_offset; + + TEST_CF_SECRET(a, size); + TEST_CF_SECRET(b, size); + result = mbedtls_ct_memcmp(a, b, size); + TEST_CF_PUBLIC(a, size); + TEST_CF_PUBLIC(b, size); + TEST_CF_PUBLIC(&result, sizeof(result)); + + TEST_ASSERT(result != 0); + + a[offset] = 0; + } + } + + +exit: + mbedtls_free(a); + mbedtls_free(b); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_memcmp(int same, int size, int offset) +{ + uint8_t *a = NULL, *b = NULL; + TEST_CALLOC(a, size + offset); + TEST_CALLOC(b, size + offset); + + /* Construct data that matches, if same == -1, otherwise + * same gives the number of bytes (after the initial offset) + * that will match; after that it will differ. + */ + for (int i = 0; i < size + offset; i++) { + a[i] = i & 0xff; + if (same == -1 || (i - offset) < same) { + b[i] = a[i]; + } else { + b[i] = (i + 1) & 0xff; + } + } + + int reference = memcmp(a + offset, b + offset, size); + + TEST_CF_SECRET(a, size + offset); + TEST_CF_SECRET(b, size + offset); + + int actual = mbedtls_ct_memcmp(a + offset, b + offset, size); + + TEST_CF_PUBLIC(a, size + offset); + TEST_CF_PUBLIC(b, size + offset); + TEST_CF_PUBLIC(&actual, sizeof(actual)); + + if (same == -1 || same >= size) { + TEST_ASSERT(reference == 0); + TEST_ASSERT(actual == 0); + } else { + TEST_ASSERT(reference != 0); + TEST_ASSERT(actual != 0); + } +exit: + mbedtls_free(a); + mbedtls_free(b); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_NIST_KW_C */ + +/** + * Generate two arrays of the given size, and test mbedtls_ct_memcmp_partial + * over them. The arrays will be identical, except that one byte may be specified + * to be different. + * + * \p diff Index of byte that differs (if out of range, the arrays will match). + * \p size Size of arrays to compare + * \p skip_head Leading bytes to skip, as per mbedtls_ct_memcmp_partial + * \p skip_tail Trailing bytes to skip, as per mbedtls_ct_memcmp_partial + */ +void mbedtls_ct_memcmp_partial(int diff, int size, int skip_head, int skip_tail) +{ + uint8_t *a = NULL, *b = NULL; + + TEST_CALLOC_NONNULL(a, size); + TEST_CALLOC_NONNULL(b, size); + + TEST_ASSERT((skip_head + skip_tail) <= size); + + /* Construct data that matches, except for specified byte (if in range). */ + for (int i = 0; i < size; i++) { + a[i] = i & 0xff; + b[i] = a[i]; + if (i == diff) { + // modify the specified byte + b[i] ^= 1; + } + } + + int reference = memcmp(a + skip_head, b + skip_head, size - skip_head - skip_tail); + + TEST_CF_SECRET(a, size); + TEST_CF_SECRET(b, size); + + int actual = mbedtls_ct_memcmp_partial(a, b, size, skip_head, skip_tail); + + TEST_CF_PUBLIC(a, size); + TEST_CF_PUBLIC(b, size); + TEST_CF_PUBLIC(&actual, sizeof(actual)); + + TEST_EQUAL(!!reference, !!actual); +exit: + mbedtls_free(a); + mbedtls_free(b); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_memcpy_if(int eq, int size, int offset) +{ + uint8_t *src = NULL, *src2 = NULL, *result = NULL, *expected = NULL; + TEST_CALLOC(src, size + offset); + TEST_CALLOC(src2, size + offset); + TEST_CALLOC(result, size + offset); + TEST_CALLOC(expected, size + offset); + + /* Apply offset to result only */ + for (int i = 0; i < size + offset; i++) { + src[i] = 1; + result[i] = 0xff; + expected[i] = eq ? 1 : 0xff; + } + + int secret_eq = eq; + TEST_CF_SECRET(&secret_eq, sizeof(secret_eq)); + TEST_CF_SECRET(src, size + offset); + TEST_CF_SECRET(result, size + offset); + + mbedtls_ct_memcpy_if(mbedtls_ct_bool(secret_eq), result + offset, src, NULL, size); + + TEST_CF_PUBLIC(&secret_eq, sizeof(secret_eq)); + TEST_CF_PUBLIC(src, size + offset); + TEST_CF_PUBLIC(result, size + offset); + + TEST_MEMORY_COMPARE(expected, size, result + offset, size); + + + /* Apply offset to src only */ + for (int i = 0; i < size + offset; i++) { + src[i] = 1; + result[i] = 0xff; + expected[i] = eq ? 1 : 0xff; + } + + TEST_CF_SECRET(&secret_eq, sizeof(secret_eq)); + TEST_CF_SECRET(src, size + offset); + TEST_CF_SECRET(result, size + offset); + + mbedtls_ct_memcpy_if(mbedtls_ct_bool(secret_eq), result, src + offset, NULL, size); + + TEST_CF_PUBLIC(&secret_eq, sizeof(secret_eq)); + TEST_CF_PUBLIC(src, size + offset); + TEST_CF_PUBLIC(result, size + offset); + + TEST_MEMORY_COMPARE(expected, size, result, size); + + + /* Apply offset to src and src2 */ + for (int i = 0; i < size + offset; i++) { + src[i] = 1; + src2[i] = 2; + result[i] = 0xff; + expected[i] = eq ? 1 : 2; + } + + TEST_CF_SECRET(&secret_eq, sizeof(secret_eq)); + TEST_CF_SECRET(src, size + offset); + TEST_CF_SECRET(src2, size + offset); + TEST_CF_SECRET(result, size + offset); + + mbedtls_ct_memcpy_if(mbedtls_ct_bool(secret_eq), result, src + offset, src2 + offset, size); + + TEST_CF_PUBLIC(&secret_eq, sizeof(secret_eq)); + TEST_CF_PUBLIC(src, size + offset); + TEST_CF_SECRET(src2, size + offset); + TEST_CF_PUBLIC(result, size + offset); + + TEST_MEMORY_COMPARE(expected, size, result, size); + + + /* result == src == dest */ + for (int i = 0; i < size + offset; i++) { + src[i] = 2; + expected[i] = 2; + } + + TEST_CF_SECRET(&secret_eq, sizeof(secret_eq)); + TEST_CF_SECRET(src, size + offset); + TEST_CF_SECRET(result, size + offset); + + mbedtls_ct_memcpy_if(mbedtls_ct_bool(secret_eq), src + offset, src + offset, src + offset, + size); + + TEST_CF_PUBLIC(&secret_eq, sizeof(secret_eq)); + TEST_CF_PUBLIC(src, size + offset); + TEST_CF_PUBLIC(result, size + offset); + + TEST_MEMORY_COMPARE(expected, size, src + offset, size); +exit: + mbedtls_free(src); + mbedtls_free(src2); + mbedtls_free(result); + mbedtls_free(expected); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:!MBEDTLS_RSA_ALT */ +void mbedtls_ct_memmove_left(int len, int offset) +{ + size_t l = (size_t) len; + size_t o = (size_t) offset; + + uint8_t *buf = NULL, *buf_expected = NULL; + TEST_CALLOC(buf, l); + TEST_CALLOC(buf_expected, l); + + for (size_t i = 0; i < l; i++) { + buf[i] = (uint8_t) i; + buf_expected[i] = buf[i]; + } + + TEST_CF_SECRET(&o, sizeof(o)); + TEST_CF_SECRET(buf, l); + mbedtls_ct_memmove_left(buf, l, o); + TEST_CF_PUBLIC(&o, sizeof(o)); + TEST_CF_PUBLIC(buf, l); + + if (l > 0) { + memmove(buf_expected, buf_expected + o, l - o); + memset(buf_expected + (l - o), 0, o); + TEST_ASSERT(memcmp(buf, buf_expected, l) == 0); + } +exit: + mbedtls_free(buf); + mbedtls_free(buf_expected); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_ct_memcpy_offset(int offset_min, int offset_max, int len) { unsigned char *dst = NULL; unsigned char *src = NULL; size_t src_len = offset_max + len; size_t secret; - ASSERT_ALLOC(dst, len); - ASSERT_ALLOC(src, src_len); + TEST_CALLOC(dst, len); + TEST_CALLOC(src, src_len); /* Fill src in a way that we can detect if we copied the right bytes */ mbedtls_test_rnd_std_rand(NULL, src, src_len); @@ -33,12 +481,15 @@ void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len) mbedtls_test_set_step((int) secret); TEST_CF_SECRET(&secret, sizeof(secret)); + TEST_CF_SECRET(src, len); + TEST_CF_SECRET(dst, len); mbedtls_ct_memcpy_offset(dst, src, secret, offset_min, offset_max, len); TEST_CF_PUBLIC(&secret, sizeof(secret)); + TEST_CF_PUBLIC(src, len); TEST_CF_PUBLIC(dst, len); - ASSERT_COMPARE(dst, len, src + secret, len); + TEST_MEMORY_COMPARE(dst, len, src + secret, len); } exit: diff --git a/tests/suites/test_suite_constant_time_hmac.data b/tests/suites/test_suite_constant_time_hmac.data index abf90f0f6..6a118b8a6 100644 --- a/tests/suites/test_suite_constant_time_hmac.data +++ b/tests/suites/test_suite_constant_time_hmac.data @@ -1,15 +1,15 @@ Constant-flow HMAC: MD5 -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_MD5 ssl_cf_hmac:MBEDTLS_MD_MD5 Constant-flow HMAC: SHA1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 ssl_cf_hmac:MBEDTLS_MD_SHA1 Constant-flow HMAC: SHA256 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 ssl_cf_hmac:MBEDTLS_MD_SHA256 Constant-flow HMAC: SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 ssl_cf_hmac:MBEDTLS_MD_SHA384 diff --git a/tests/suites/test_suite_constant_time_hmac.function b/tests/suites/test_suite_constant_time_hmac.function index 8ba6ff477..435e4b9e0 100644 --- a/tests/suites/test_suite_constant_time_hmac.function +++ b/tests/suites/test_suite_constant_time_hmac.function @@ -1,15 +1,14 @@ /* BEGIN_HEADER */ #include -#include #include #include -#include +#include "md_psa.h" #include /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_MAC:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */ void ssl_cf_hmac(int hash) { /* @@ -29,7 +28,7 @@ void ssl_cf_hmac(int hash) size_t min_in_len, in_len, max_in_len, i; /* TLS additional data is 13 bytes (hence the "lucky 13" name) */ unsigned char add_data[13]; - unsigned char ref_out[MBEDTLS_HASH_MAX_SIZE]; + unsigned char ref_out[MBEDTLS_MD_MAX_SIZE]; unsigned char *data = NULL; unsigned char *out = NULL; unsigned char rec_num = 0; @@ -37,7 +36,7 @@ void ssl_cf_hmac(int hash) USE_PSA_INIT(); #if defined(MBEDTLS_USE_PSA_CRYPTO) - alg = PSA_ALG_HMAC(mbedtls_hash_info_psa_from_md(hash)); + alg = PSA_ALG_HMAC(mbedtls_md_psa_alg_from_type(hash)); out_len = PSA_HASH_LENGTH(alg); block_size = PSA_HASH_BLOCK_LENGTH(alg); @@ -59,7 +58,7 @@ void ssl_cf_hmac(int hash) #endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Use allocated out buffer to catch overwrites */ - ASSERT_ALLOC(out, out_len); + TEST_CALLOC(out, out_len); #if defined(MBEDTLS_USE_PSA_CRYPTO) /* Set up dummy key */ @@ -86,7 +85,7 @@ void ssl_cf_hmac(int hash) mbedtls_test_set_step(max_in_len * 10000); /* Use allocated in buffer to catch overreads */ - ASSERT_ALLOC(data, max_in_len); + TEST_CALLOC(data, max_in_len); min_in_len = max_in_len > 255 ? max_in_len - 255 : 0; for (in_len = min_in_len; in_len <= max_in_len; in_len++) { @@ -134,7 +133,7 @@ void ssl_cf_hmac(int hash) TEST_EQUAL(0, mbedtls_md_hmac_reset(&ref_ctx)); /* Compare */ - ASSERT_COMPARE(out, out_len, ref_out, out_len); + TEST_MEMORY_COMPARE(out, out_len, ref_out, out_len); #endif /* MBEDTLS_USE_PSA_CRYPTO */ } diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 09195f04b..a72d8afa0 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1,1025 +1,1025 @@ CTR_DRBG_withDF.pdf: AES-256, PR=no, perso=no, add=no -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"202122232425262728292a2b2c2d2e2f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f":"":"":"8da6cc59e703ced07d58d96e5b6d7836c32599735b734f88c1a73b53c7a6d82e" CTR_DRBG_withDF.pdf: AES-256, PR=no, perso=no, add=yes -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"202122232425262728292a2b2c2d2e2f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f":"a0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecf":"81daaf9800c34ff0a104e51d87e36f5b17eb14b9abc5064cadda976ec4f77d34" CTR_DRBG_withDF.pdf: AES-256, PR=no, perso=yes, add=no -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"202122232425262728292a2b2c2d2e2f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f":"":"":"bb2a0f5f0ca6d30634ba6068eb94aae8701437db7223a1b5afe8771547da3cee" CTR_DRBG_withDF.pdf: AES-256, PR=no, perso=yes, add=yes -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"202122232425262728292a2b2c2d2e2f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f":"a0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecf":"98a28e3b1ba363c9daf0f6887a1cf52b833d3354d77a7c10837dd63dd2e645f8" CTR_DRBG_withDF.pdf: AES-256, PR=yes, perso=no, add=no -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"202122232425262728292a2b2c2d2e2f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeef":"":"":"259dc78ccfaec4210c30af815e4f75a5662b7da4b41013bdc00302dfb6076492" CTR_DRBG_withDF.pdf: AES-256, PR=yes, perso=no, add=yes -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"202122232425262728292a2b2c2d2e2f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeef":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f":"a0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecf":"386debbbf091bbf0502957b0329938fb836b82e594a2f5fdd5eb28d4e35528f4" CTR_DRBG_withDF.pdf: AES-256, PR=yes, perso=yes, add=no -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"202122232425262728292a2b2c2d2e2f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeef":"":"":"601f95384f0d85946301d1eace8f645a825ce38f1e2565b0c0c439448e9ca8ac" CTR_DRBG_withDF.pdf: AES-256, PR=yes, perso=yes, add=yes -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"202122232425262728292a2b2c2d2e2f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeef":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f":"a0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecf":"738e99c95af59519aad37ff3d5180986adebab6e95836725097e50a8d1d0bd28" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"d254fcff021e69d229c9cfad85fa486c":"c18081a65d44021619b3f180b1c920026a546f0c7081498b6ea662526d51b1cb583bfad5375ffbc9ff46d219c7223e95459d82e1e7229f633169d26b57474fa337c9981c0bfb91314d55b9e91c5a5ee49392cfc52312d5562c4a6effdc10d068":"":"":"34011656b429008f3563ecb5f2590723" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #1 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"7be87545266dadd1d73546c0927afc8d":"a7f38c750bd6ff41c4e79f5b7dd3024d58ca3f1f4c096486c4a73c4f74a2410c4c9c5143eb8c09df842ba4427f385bbf65c350b0bf2c87242c7a23c8c2e0e419e44e500c250f6bc0dc25ec0ce929c4ad5ffb7a87950c618f8cee1af4831b4b8e":"":"":"d5b1da77f36ce58510b75dfde71dbd5d" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #2 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"3771416b162f4d9c5f48a05b7aa73938":"d20a0e5cdb714f01b48e00bae51909f345af05de13217e5d55fc6c2d705aea550420d9a458594d825b71e16b36130020cf5948fe813462061c1a222d1ff0e1e4b3d21ae8eee31d3260330d668d24ef3c8941b8720e8591b7deec4bd35a3a1f1a":"":"":"3cbd7d53ac1772c959311419adad836e" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #3 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"f2bad8f7dab3f5886faa1cf6e1f52c87":"4df54a483b4510ed76049faae14b962fbb16459d1f6b4f4dbeca85deded6018361223c893f9442719c51eb5695e1304a1c2be8c05d0846b6510a9525a28831a8efcbd82aa50540d7e7864e2b8a42d44380cdc6e02eebb48d0b5a840b7cdd6e04":"":"":"0062d822bc549bea292c37846340789b" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #4 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"1c5760aa0fd4ce308735b28682b67246":"89defd4445061c080e4762afac194b9f79c4bb1ed88c961af41d9d37bd388a1d45c82ca46f404348a2ae5e22ce00aa35ebc7c5051d8800890d44d25284489efcbd1f5e2b16e403f6921f71bbdfcf7b9aeddef65bc92fbd1cb9e4ea389aee5179":"":"":"3baf81155548afca67d57c503d00a5b4" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #5 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"b72b9451a5e866e226978623d36b3491":"2713d74affed98e3433559e17d240288bb1a1790904cd7754cad97007e205a157b8ddca704a3624413f2ec8361ccd85442fb0b7cc60a247f0fd102cef44677321514ea4186d0203ab7387925d0222800ce2078c4588bc50cdfccbc04fbecd593":"":"":"047a50890c282e26bfede4c0904f5369" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #6 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"91b955a3e7eccd7f07290cba4464baff":"b160465448894c7d5ee1963bb3e1a2f3f75fcd167ffa332c41c4c91c1830b7c07413bd580302958aa6fa81588ad2b3173698a4afafda468acb368dbbd524207196b9a3be37ac21ba7a072b4c8223492ee18b48551524d5c3449c5c8d3517212e":"":"":"af2c062fedb98ee599ae1f47fc202071" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #7 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"d08114670c4f6016a4cf9d2da3e3a674":"38dfbfb52c185acf74de00b5a50f0cd9688286747ab340cfe9ad30d38b390fd2443bfd7ea93941d8262ae0f66b0eab4ff64ba59a2ff940c3c26fda103e0d798dbcaa1318e842143975673af8408b5af48dfbaa56ca4f9ddc87100028b4a95549":"":"":"55030fef65c679ecaffb0dc070bfd4d2" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #8 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"e2af9abe8770e33798a5f05b22057d24":"88fb2a8020e604ea64a620f4704078857062cc97e24604c30de4c70cbf5e5bea0f0db79d16f4db636a2d6cd992c5890389a40cfe93967eac609e5b9f66788944285758547c7136ef2ee3b38724ed340d61763d0d5991ece4924bb72483b96945":"":"":"a44f0cfa383916811fffb2e0cfc9bfc3" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #9 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"ae30f1642753c5cb6e118d7ff5d59f1d":"340def3420b608420d81b4ea8252a3d86d3e1dd7597e6063ed923a73a7b8e981e6079f7f0c42deb9f4ef11d2f3581abadf44b06d882afdc47896777ce8dafd85ec040f7873d0e25c4be709c614a28b708e547266ac8f07f5fdb450d63bc0c999":"":"":"c7e7670145573581842bd1f3e0c6e90b" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #10 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"711ecfe467d6f83bcc82e566729669af":"21d6c822706d1af09e4d233c0ebac7f4ec60c7be2500dd41a85a19b2dc5c7da27f8a82164bd2a644218cb5ac283c547da1064784413eed5ecf32fadd00357abaae81225ac8d0391ead533362cff56798825445d639b0b45e0312aa7047c00b4d":"":"":"d3a0d2c457f5e9d1328a9e1d22b6eaf6" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #11 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"f9b22152bc0eff1ebf0bfafeea40aecf":"4ee32f0aeadb3936e17f1aa3b18c10f773def5f83500c2ba96f84408a2521c1258f6be9aa5cee528746629aa2b8118ac41dd98ef1b3de31d26b8c2ad3442081203f5ef21df409df3381fbf2e064fbaec64d731dc93b3218e34bb3b03bfd88373":"":"":"86009b14c4906a409abe6ca9b0718cbe" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #12 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"5174e76e904ff1471367ccace9c66ed9":"fa81535670275e8ab74121377cf88a4742dd0d7a99cf06eb9c2b4fe2b03423dbe441201144c22a9fc0ca49f5ef614987a2271cc1089d10ee01b25163c090a1f263797e4f130920cdc3b890a078e8abbb070ded2e8fd717f4389f06ff2c10d180":"":"":"18d6fcd35457d2678175df36df5e215d" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #13 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"73c372f60519e8eca371eaa13fb54f88":"930c290a797b85d58b52d0d92356436977b2f636f07d5a80c987fb7eea6b750cceb9eb87860547ab4029865a6810fc5c3663c4e369f290994461d2e9c7160a8b5985853bd9088b3e969f988fe6923b3994040eeee09ad353b969d58938237cfe":"":"":"f62c7cfbe74555744790bcc7930e03c3" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,0) #14 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"75ba8ddeef24f9f5b00b426a362c4f02":"7065d128ddb2fc6ea31f4110b6c0934ed112c51d74a4a0741a0843d8befac22902a01353322674c3d58935144a0f8f171a99dbeab71272ff7518c46cc7ebb573adbf95bff8ec68eeba5e8ec1221655aed8420086bda89c7de34f217dce73ccab":"":"":"700761857ea2763e8739b8f6f6481d1c" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"14051b57277bc3d3bbae51bdecfb9f5d":"82c80d922c47bbec0f664dd623e22a11a3b84d308351e45e30ee286e89547d22c43e17b3ca0fa08f77eef1001ba696932e9ee890e7aac4661c138e5b5ce36773d3120c35f8c94e0a78ffbf407a63ca435392e17c07461522fdc1f63f037aacff":"b70e7c1c4b8e0f1770e05b29a93f9d7a6540f23ab84136b05b161d85e5f19251":"5a737c128bd69f927f8f3ad68f93f6356d5f4ec0e36b6b50ced43dcd5c44dbc2":"a4e6c754194a09614994b36ecce33b55" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #1 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"4526b268128ea35f8558b4e1d08388f2":"952f3f179cbbda27ebd30f4fc31bf96baccb2adbaa9c090bc0f37044a44e85b3bc668cd3533faaf56b5da9242844d65733f7ac1f55c38b175749b88e18d19672b7bdab54e0ababdd4519fb07e0c25578f64ad40d0beb0a26275d5e2f4906aa70":"6b167c7cebea2e585ab974b60c4d305a113102ca8c3dc87651665728c4c675ad":"a038f1ca1f420eae449791f13be4901bfb91e41e052e02635b1f1817bd8969b1":"745ec376282e20fd1f9151f7040ed94a" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #2 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"c1aafa90f394e0ba9a528032dc6780d3":"75fd042bfd994de2c92e5aa505945ec93bd7cf366d86a356723fca3c9479ee17fb59c6ca8ba89784d43f06cdad113e5081e02427ee0714439d88dc1a6257fc91d99c1a15e92527847ab10883cc8f471cad8cf0882f5b6d33a846a00dee154012":"c704164ce80a400cb2f54d1b2d7efa20f32b699fa881bfc7b56cfd7c4bee1ea6":"f3baff4b6f42c8e75b70c2a72a027b14a99ae49a5a47c7af0f538843c94e1a69":"7af9113cd607cdb4c6534f401fe4e96c" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #3 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"e6e726b72e7b264a36ec0cd60d4578b5":"0c3c6dd706076d6484478347559b495d7ee898c39cde06027bc99f7bf69ce1140ca04602265e1308af6dd6446a1cf151749b22a99e8a05d30cc3ccd00e663bc1bc37e08ee62834fcc52a4bc8c1d6442544187484f81dc729417d5bedfcab5a54":"d84b978483c0bd8f8c231d92ea88ac21e6e667215804b15725a7ed32f7fc5dd7":"9a8971f6c559f7f197c73a94a92f957d1919ad305f4167c56fe729d50e5754a5":"e16ee5bceca30f1fbcadb5de2d7cfc42" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #4 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"0272d86db283244eb7ee0ed8c8054b89":"a08ce39f2f671e1f934821a8db9070f39a734a7a20e70307fccca17db15bb4e8a421600df11d1a6e7806a14826739322c8043649ea707180f1d00dea752c2c36398030519465864c4d38163f5b0dd5be07dbc0ae29693ad4a67ca69f28414634":"aa97055cf46ba26465dfb3ef1cf93191625c352768b2d8e34459499a27502e50":"dddd0007eb29fdf942220e920ca0637db4b91cbf898efd2696576ff6bfacb9d1":"9db0057e39ca6e0f16e79b4f8a0ed5c7" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #5 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"4ad8f72a0d0e28a758722b20e3017d7e":"89af36a1c53f730c1b818b26aa510627b17e6f9da51c8e53930de883b7cc7a3e8c3c463c910646ac3ff08f05bca8e340daf9a322d133ae453fdf7e6860a27ff4495c89875431ba9de3e4f3247cda8c62acc86f7066448f639d8ba8b5249337f8":"9d060b7ed63bdb59263c75ebe6a54bf3a4ac9c9926ca8fb49caa905a2651eead":"016099232dc44bb7cdb492f4955ab1aabc5dc0b5731447cea2eb1d92e41482d1":"4b658e95adae4bf0c418fded4431c27f" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #6 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"aa19b944c2e1b9d27933bc87322bdf14":"dc8c60dd42c85fed86cb32af035bbde5737526eb07991397c853256f2f0cb311bce70e1c5e32fc3510402d7d7e3de36fa5e584234daf391bc53cc651e001ab7fcf760679b3c82057f9d09bfdcab8e158d4daa63b20c0e1102f7a06bf5a2788dd":"6b98fec5f7de8098ff9df80f62473c73831edace832a767abf5965ea8bf789ba":"cc998bd5752f9c96ec35d9658cc8b3833dd6ab80c7accd6777c06c2cf7c01e59":"fc58833e0e27f7705e4937dd2aadb238" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #7 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"10c8c17a25041e2ef0d3cc80671e4cfe":"513fb96b6164ece801e52855aad28cb80131e7872d8432d27a974fb62d8d0100bb7ebcb8f5c066e230377a8847d6798c3d8090469b9719a80ac956ac33186b00eb8ca64c5530421f93932bc7c98ee92651e85dab562483bdb189676802726647":"240f36a0a598fe2116ffa682824f25acc35132f137f5221bc0ff05b501f5fd97":"22a5eb5aa00309a762ab60a8c2647eebe1083f8905104b5d375ed1661b4c8478":"145a16109ec39b0615a9916d07f0854e" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #8 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"cea0c3c12be683c0f27693650a6a3d7d":"df8bc70e45fe14abb02c1b9a9754c37497fc2f67709edd854196fc4d074b12797ce7cb292f14cb1d6904abf32bf229299db5ccf5a791a3b8cd3e40a64f38f6b57df759a863e09d7676d2f3ff2762cdab221151000dba32a67f38cab93d5b7a55":"bf2ac545d94e318066ff88f39791a8385e1a8539e99ac4fa5a6b97a4caead9d4":"846efef8672d256c63aa05a61de86a1bbc6950de8bfb9808d1c1066aef7f7d70":"8d8f0389d41adcac8ca7b61fc02409c3" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #9 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"1b782af2545352631983dc89945ffc37":"51930fb7095edef3fc20aca2a24127f03d3c4b983329e013ad8a35016f581dd7b2d11bafbf971c1fdefd95a0024195e6e90a60ec39b1a8dbe0cb0c3aabf9cf56b662efc722b2dffa6c3be651f199cbc3da2315b4d55aeafd1492283889e1c34f":"1b6295986f6fb55dc4c4c19a3dba41066fdc0297d50fb14e9501ba4378d662ed":"6e66ff63fc457014550b85210a18f00beab765f9e12aa16818f29d1449620d28":"78dfcb662736a831efaa592153a9aff9" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #10 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"6580f6df5c8de7c4a105c11ed44435c2":"d37403db6f84a7ba162e1cc351fe2e44d674ae8606280c9dac3e3975f30cbe1c9925e502a9804b91aada5cc97b259b90ccb5b8103394d9a28f0709fc9b5ffe9d73ad3672e02064ea68cebe3face5d823ee605c46c173db591135f564558dab4c":"97486a5e6ce6c6cf9d3f9a313d346cbc34b2bd54db80c5f8d74d6f6939f89519":"8377fcb52556f9974f1aa325d6e141d7b81355bd160abbc86e0007571b3c1904":"77031d3474303470dca9336b1692c504" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #11 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"f5303f148d6d6faca90aa88b07ab2ba9":"a0de51b8efa44b8245dba31d78f7840b2b7abced4e265b4cd9628eabc6ebbccb0f118dd8cc958b36dc959e22c4a03dafa212eeedec7d25ee6c5961187bee83b1ed3a75c7bdd9d0713b16cc67e68231f4cb274c8f3dfcc7e5d288c426a0d43b8f":"8d1fddc11dbad007e9b14679a5599e5e8a836197f14d010f3329d164c02d46d6":"9ceb6570568455d42a7397f8ca8b8af7a961a33a73770544cca563c04bc919ca":"9882f0bd1f6129a78b51d108e752b2d9" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #12 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"5a799c58985aa2898cc8fe8e5bc4a9f8":"dbdbef9d217e9051025c321b628c1cc823d508ffdd13fc4edbe8677658a57ef5b64395a6b7d62c0e93dc0956ee0217ec48ae054f1d4680023cc1b2af666efa9e1458cf6b0dae72eef2392e93687bd1fb5f366bb2cdd12937ad09724e39db4189":"8c179b35739e75719e74f7c3e038bc06eb3e212d6ade85275cfebf12b2dce2a2":"af617f2e228adde3edaf52a7e5979476dbb9cd2956a1737d93a16563bbbb4888":"49a04f3b4ef052747c7f4e77c91603e8" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #13 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"8f5b51983a8156a529f559ac3afebbf0":"bf22b182d39622e941017285adbdfe446c3d1a72601d0e5a15674f3b1b260170b1b2ab6b588a0267d86776a5d4ce80e132d7135a581af75ea6de65153680e28ce35ce78d0917b4932000d62260149e5a3ae72bc250548390b664f53c697dac45":"4cbb5b2d6e666d5dd3dd99b951ea435cae5a75d2e1eb41a48c775829b860e98b":"a4b4171c2592516404434932ad0a8ee67bd776a03479b507c406405b3d8962bc":"cab49631733f06e3fb3e0898e5ad22e7" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,0,256) #14 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"9f305a77cbaec1ab408cfc0eb89c6cbb":"1e50fada1e76a0d243e6f64c36a173ddc1f47a1dab834f5cd492568792958d5be22cce3110c8e8958b47f07b5c63f86b254942361d4d553e47d36103f47cd7f0bbee27d2e238b1d85671afe8284ee1fd2a431a5f69b2df73e95341c3a2e4fe4b":"c254f3b40e773eb09053b226820f68cafa3458ad403ad36f715245a854752a93":"699e177b7be3353c45ce7b7a0d573b00087d700a9f2c1cd2e370e05d4ddadc86":"bb6b02b25a496f29245315f58a16febc" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"e09f65dcffc0d3a4d84bacc41617a4e46ce5184eca011049ab657566f728e4aa28315ffac166ebe50e1269b01c95b3a2":"545a783ae97d827ed0b81d9752ad0f7e965f511b1f5dae0f872e9ec37cfe63af86c1d15e153887989b605773b16ad5505e65f617cfa8ef46547c4c3f9d0c4fd0b6e1cff5ca0f1929266fe43ba8f45ad664cfe5e90903a9cb722b42ae8989c148":"":"":"1e77d7cc18775fef9a3d3e00903da01b" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #1 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"056cd44c8847d89da05fbef95e9660d589046b0c02f9b42c17fd8b069f831c73cd896005ec080113589b6f07be6e42ea":"dde6c0850fe642602eb222ca7371213c598cef8c3e71e0593ea8edb54e1bed130b9b0aebe0893093b950c52f56eb9b338aa4bd01dae030515726ece1bf751660b4a3602da6400e4b94edebba646b5c3d4e64ceea1c4f14b7a19f0142783247df":"":"":"a790ab939e63555d02ea1e9696051725" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #2 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"73c72c7dfe138ef4b9817d41b9722b3940762b59bda26b3f6bb8b30583e01d088a29726b71d36ffeebdb387010cb1bb6":"6fe09520e26f5abece0fceadc54913c650a9f55725af45a9a5f373d09b9970b8706b9041d0189a204f6a4eb527dfa86584a3bee3265b809c3932ae5e7228194a3cf7592fc9301c833b45a53be32b9caec9f0f91ba86519f12b0b235f68419c1e":"":"":"798d997f46ff7cc4206994085340325e" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #3 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"cdba7c7033c34852b7bc1a6b33edab36f41d563bd0395d1001c02ffc0c42ec8595ed2b5ddabc923372e3b6bb457833fa":"532960c23c8c8b2146576dde52fadc985134914abf42ca1c5f47206937fda41289ae5d9f935dc4ce45f77cad230a4f345599e3bae4071188324483a0b93593c96d8b6ac6c0d8b52f8795c44171f0d8cd0b1e85dc75ce8abe65d5f25460166ba0":"":"":"9d48160aca60f1a82baaa8a7d804a3d8" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #4 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"02cef01aca992f60aa12db4b2c441689e4972a6f9deaf3663082afed642c1502b67b42d490af1c52c7e6eaf459882eca":"9216c9a833f81953792260a688eb7c3dfc85565ae6a6033203741a763db056247808e0ecd5ba1fc4549c3a757eba535adc786e810ddaae9a2714d31f5154f2c3ee81108669f1239f4f4efd6e18aabfa2d88f0ac25f4740108f6cfebffeb2d857":"":"":"d6378bcf43be1ad42da83780c1dab314" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #5 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"d7d80084e9d1fbb9315c3bce1510dbf22cf11fa54177d913a3b04b64cb30957395bd6f3d7e3d866d1be41b29db9ed81d":"80d4741e4e646748bb65e1289f1f9b3c21bffec4d0a666b301f199d76b4a83464583057079b069946b03d6ac81ebf9e6fa8d4081120f18bf58286a0c4de7576f36f3c7c353126f481a065ac28bdf28e13cd0c1e7911db6343c47d613f1750dc6":"":"":"9165a92ed92248b2d237d9f46d39bde8" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #6 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"df5a68d3bede467fd69716f5f8fbac297594b8573921afb864ba76aaa6dd89e83b89e359a5a0dd1aac9b4acb9573d218":"52df6336f93781115c2a77bd8f99cb717871fe14707947a21f6093dd9205bc378acf61329f8831369b4b1af0a9edfb25d74f5863f26859ad9c920767b113c47ed2690053bf9a2f7c7a67a8d680e08865720b9e9f7b6ae697e3c93e66f24b6ddc":"":"":"c542cf248a163bbceee7b9f1453bd90b" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #7 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"2945527372ff71edfa5776f55f7e4a247544aa6de974e81b2eba5552843ab6dfa248695f4f3225a43d4bf3672c3a6b2e":"aa560af2132cbd0624a69c7a7e733cd59a4f2d4e61d2b830087bd88f30fa792c7e4d3168fa86a10f7619d5b9dcf4f7bb08b350ba6a6bfc0fdfb7ee7aca07260c9a11abe49963c36efaefa94d2978ed09472bf93cc873d0f24c000762bb1402cd":"":"":"33af0134eeca279dce5e69c2cda3f3f4" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #8 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"b30cb767125674f6099a5cf7cb2e4f5b6c1cd1e32ffc1e393b1c5698b52b37f971f12521a7c1ffaaf3233d5391bc4c86":"2d42b00248d95d9378a2aece40d636bc1ab22edaaa64daa34335195a9efa4c1b58f13ac184ca2be52e15c3a977abde2aa505243fc106c4ea6f0671fe0f209b106ea8965645af73d8ebb8a80251db2967149c701cfe1d157cc189b03bf1bff1ac":"":"":"1e10eff9ceebc7e5f66e5213cb07fca4" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #9 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"c962a2da4524f08adcdd5ceddc04e669ad6154aee06164645e80c832506b98f9919451c7ec1d3a6a9704f83def8f6e2d":"a1ff68a85e437475b1b518821dbaac1730071a4ddd3255361778194fb0cfe3293e38df81527d8b8da15d03acb26467b6b53d7952441b79f95b633f4a979d998fd0417b9193023288b657d30c0cb2dada264addf9d13f1f8ed10b74e2dd2b56b3":"":"":"58990069b72b7557c234d5caf4334853" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #10 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"a3cc1fe561d03a055e8eedaa0e713be490c4bd4c6839a5b98c2ac0139bf215bdc46783d2a3e6b9d15d9b7a8bfe15104b":"207267911c12125cb3012230e4fafd257777ccbfb91653f77e4c1287574f9b79d81af7fb304790349dd457983cc99b48d5f4677ccd979fcc6e545cbf5b5c8b98102c9a89ae354349dbdee31a362d47c7cdae128034c0f4c3e71e298fe1af33c6":"":"":"ffd1d259acd79111a6fb508181272831" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #11 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"ecf186071b81e0ed384d4ebfb5bf261b4054e2e6072b51d21dfb6817adc51ff1c8956ff3612767538cdc8d73fade78b3":"3b9aec9f8bf8495004c5e4e731e5c347988e787caf003f001e68584e3510a6abdedffa15895702c2d57c304300f4f0af80a89bcc36b3cea2f08a0740236b80cfd2ea6e5cfe4144bc4ae09270fb6bc58c313dbaaedc16d643fc0565171f963222":"":"":"a2d917f5ec39a090b55d51713006e49d" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #12 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"3fcedba86089709aa638d00713150df781d4a93e85f155338e90ff537bcbf017f37a2d62259f5d8cc40ddfb041592539":"6b1e9d45c2ec598de7527b6414a339f26192fc4e3f5eff4b3a3e2a80ee0f2e9743031804d1be12b3c7ff6fbc222db1d97226890addeef0e1579a860e2279292c2f769416b7068f582f6ffc192ae4c4f1eeb41d5f77f0a612b059c47aef8e3d8e":"":"":"aa414799c51957de97c0070fb00eb919" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #13 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"f4c45fb8f58b7ebf73a0cd81c6a26686977558d4b8bf1cedfc6bd3754de6aaed5008fd72208437c54d8feb9a16ce3224":"6d170cf472ea07da6146a7087ed15d3f5b6ad72b8c99e46bae3b89e49a6e63467199ee16096516c2362dbd181bf5343a29fd0932d72eeb019fc3bfea3a3b01ffc2b985e341cfb6479d9dc71e2197b5cffc402587182e5fe93b5a8cf75eac2e42":"":"":"f557f627688fe63c119cf0f25274aa74" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,0) #14 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"7120742a7807b66c5a9b50995d5494a5b9451bb795393c0d8a30ae665879269408f8297d49ab87410a7f16a65a54b1cb":"c08a6f9797ea668cd14ba6338cb5d23c0921e637e66a96259f78e33e45aafd035edb44394cb459453b9b48beac1e32d3b6f281473cda42fb6fd6c6b9858e7a4143d81bfc2faf4ef4b632c473be50a87b982815be589a91ca750dc875a0808b89":"":"":"521973eac38e81de4e41ccc35db6193d" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"add2bbbab76589c3216c55332b36ffa46ecae72072d3845a32d34b2472c4632b9d12240c23268e8316370bd1064f686d":"6168fc1af0b5956b85099b743f1378493b85ec93133ba94f96ab2ce4c88fdd6a0b23afdff162d7d34397f87704a84220bdf60fc1172f9f54bb561786680ebaa9bf6c592a0d440fae9a5e0373d8a6e1cf25613824869e53e8a4df56f406079c0f":"7e084abbe3217cc923d2f8b07398ba847423ab068ae222d37bce9bd24a76b8de":"946bc99fab8dc5ec71881d008c8968e4c8077736176d7978c7064e99042829c3":"224ab4b8b6ee7db19ec9f9a0d9e29700" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #1 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"8964ebde61f0c4e23f8e91244ae9682ed0b17e424edd4c025b461a2d209a538583f29465df3f89cf04f703b771ff5c90":"4db8e8a27fe7a0378e37d4cc01b6a465d34be91f48c52fdc1023ef2ea1241082f522805bc8777fda6c10e3d441b58f648edcd7d4df3df8c8a398d7b005c4fd6f41c9b033bd38fc5f577069251529b58273f6a9175feb3978798fdeb78a043232":"5eb3fb44784f181852d80fcf7c2e3b8414ae797f7b9b013b59cf86b9d3a19006":"3eec358f7f9e789e4ad5a78dd73987addbf3ae5b06d826cec2d54425289dc9af":"9a66c015d2550e3f78c44b901075fabb" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #2 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"98784aa794df5400890e6803f06d886aeb0833b1fea28a5f7952397aa21092ceafdb9194079f3609bc68233147c778e7":"7338521e8e127e70da259b37f5f5cdf83079bdb4024234b8ceecfba8d8c3f1c8510ff91f3bd08f2c54f11b534048a320a15ba0fccec8da34d4ef7f49ade4847814c859831907992d0adab27046324d4d9a853eb986b8de25b34ea74eb3d11048":"b14c5314aac11cb43f45730e474b84fbf5d1480d94d0699b80e3570f6636aa72":"d6208912348236feee1d258092283dd9db75899769dd109cc2f0f26d88dcc6bf":"5ec75fdd1ed3a742328e11344784b681" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #3 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"fe9b7df306c4ccd02afd6142c6650418325617945147de436a55e78aa45866116d6678e013a0e2c5a13e0d01fbd84039":"c4da56f4239fde0bc49b1d852cb36c80205f9e99e5995a80be04bbbba15f25b8d054c397a34cff1326a71f0acc4f7942795cabc3fa46339dc54b4bf7f11c095af8503004d97c485acec8815d1404674592c896ecfabefcbf222f4fe5a3ced0af":"086d09a6ee20c69bf5c054ebc6250f06097c8da1a932fb3d4b1fb5f40af6268a":"44e64b14c49ebb75c536329bb41ab198848849ca121c960db99f7b26330b1f6d":"7aa3a7e159d194399fc8ef9eb531a704" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #4 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"c0d47ee2328185df2c299d270e11fee26df753a5b4f899fdc0dff79eb50748232f9f79cf3f5e9bd4a26a48e743843b02":"a6b5dd5f1bad95331caae5852be50a26267af655c98feb8b66c45a8ae2ddfca270ab0d8023e43e6e22a7b5904d63482f045e85556b9c105cde0f3eb7b1fff1026086c80b195196803b5f664362b659578894d6551fb7c4566eec02202fdc298f":"3b575d028046e7f6005dfcdfcdcf03ff77a9cacd2516bcdff7f3601a9a951317":"f13b58daed46f5bf3c62b518ab5c508dd2bc3e33d132939049421ff29c31c4f0":"8469dfa89453d1481abedd6cc62e4e44" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #5 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"a0db812a939fbf3942b00be018cff4578b9fb62629c766a50f3518fe634100b1cbc4244ae843fe32125c53b653705457":"7e3dca20a7a977b6616a684e309015cf6a37edd0d85819fe91d074c915b0c9540a8aa486f58685b064851d6164150b1c1b0e2e545c6358d28b2f5263b2fd12c503d271ab6de76d4fa4c604cae469335840328008d8ce5545586b9ea6b21da4f9":"554b297bc32866a52884fabfc6d837690de30467b8f9158b258869e6f4ed0831":"4f688cba5908e0699b33b508847f7dac32f233e6f02cf093efdacae74259f3b6":"9696dd6ed5875cdef4a918a6686455a8" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #6 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"ff6cd20443a32c9e938f2a617bbb969ba54040b12723b0d452a669b584ba16ffaacbe38af62b5a62e0c67d165d022344":"efcf7536f32932526fe82b3a2333508404727878723fc09cbd902581d82463cf6acf1ddf4217ea6404469193e8db0e7e8c864ae655b49c6a095f80f1ab16985453f0fb729c119d8a3b820034626a93b1f70eb99b6cd8c990dda34a1c6a4b6eea":"8d412208091b987ee0781ff679c50dbab9ef389156f570f27aaf3e699bdade48":"501381ce5e7718c92ee73e9c247965dd5f0bbde013c4b5e625e9af8907e40566":"4f323934adb8a2096f17d5c4d7444078" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #7 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"bd14779153ed9696d3e5143c50b2050b6acd3ea2f8b670ef0e5f4bedf01705727bf9e64ae859214abe6ef497163f0236":"bfb0931b05a3fe232614e1b1c3060b3b07fb75d23ac10190a47a7245a6ecad5f3834e6727b75acc37e9d512d01a4a9cef6cb17eb97e4d1d7c1df572296972f0437a89c19894f721cbe085cf3b89767291a82b999bf3925357d860f181a3681ce":"0b5dc1cdfc40cfdc225798da773411dc9a8779316ceb18d1e8f13809466c6366":"843eb7297570e536b5760c3158adb27c0c426c77d798c08314f53b59aa72d08b":"1e703f3122455a40536c39f9ea3ceaa6" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #8 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"64b155fd4b8634663a7e8a602e2b9fe2477be74692643ccfd0b316a025ea6f1fc0dfd0833248cb011082be36cba3c5d1":"a5b15cb1e039d7bbe2db80a32d4f402c7d3c59a45b05255401d1122770dbdb9894841964d5cadc9ae9af007d63e870d0510078885ca402bd222f16d2d27892e23292b65cf370b15d5e5a739ddd13e3e27f7c2e2b945f8e21897c3bbf05d8b043":"aea2fe995be77dfdca6ebaa1c05ba4c84d0e6b9a87905c398a3dfe08aeb26d38":"f4e9e7eb0eea4e2d419de6ad2909d36ec06c79097884bf98981e86dedae366ba":"4a28955dc97936b1c0aed0751a1afed5" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #9 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"e6c08e8b8d8e418477087911610096f7e0422083a376a77198e9c60fb2dc8c14aff33d7835878b65322f1561738b1ebb":"d4e0347c2158b882eb1e165f7f2aa1324d6606fe259ca730b2a3367435cb93b89108e49bd97355215063f63e78e8926b264c8a97571fd4d55882364915b7bd544254c25c2b67cdd979737c7811bcdeef5b052d8fe05a89b3291ef669d5579a61":"6607541177bc0c5f278c11cb2dcb187fc9f2c9a9e8eefa657ba92dee12d84b07":"7a439c8593b927867cfa853949e592baea0eeb394b0e2fe9ab0876243b7e11e2":"420888122f2e0334757c4af87bbc28a4" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #10 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"4413ff775c9b7d9a3003e0b727e34554e0f615471d52aeb4a059777b372d60332a1a4bcaf906e598581bc5a369b2c933":"a21cf567362fed0edddfd0b1c2d85ff6d2db5484fca8bf90a82da2ab76efcac9286e417628496f37effda150ef4912125aac68aac72e6f900a70192d4ef0b4cc4e9419c93ffb245965ae30c5f8abe20f732d76080bde5a1c6b3f075eb35622d1":"b924d145fc3ecd76f000f12638ef0a49a5d4cf887aa93fc9e5c536febc454f2d":"73dbb40b257e6598744f9107c8e7ff51a080407fc9e80d39d9a4db94f167c116":"84457ea753771ad7c97ce9c03ab08f43" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #11 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"5e409d56afb6940f9ffa45e0f92ef4972acedd3557b8e0f5418e302f2720ae5289294176045ad3096ea68db634cf5597":"c5a63c886af7ed7496473a6ae2f27f056c7e61c9aca8c5d095af11b2efe1a6b43344f92b37c7b6977ddbef1273e9511d9305fcbe7f32bc6a62f28d34841350362d2717dd00467224a35985b9fecc2739acd198743849dbfa97f458e2e7d6b1dc":"7fda133a23e929b17548a05013ff9c7085c5af9c979057b8f961ba7514509ff3":"bd061292b6bc3d3e71ed01af091f0169f70f23862efccd9e76345ff607dff3ec":"75b35dab3ad5e35c10ee39529a7f840f" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #12 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"ed2a52169791d7c7d332cf258ea4847c359335f9a6839ee767a8f76800ba28e94858cc9b7f526e62a93603fa2b1caa6b":"0a6155ff422ff6ae9814f81bf353bd3454d0c9892f9f3d730dcd8c87626f813cbe1dff1922fe73e4a319be53f4ec05e965c27f239b1e51869069a7e7cdd916fc1fd6f640bfe4b761a8040f8db37fb5ee7508e7d226c7695fb2a8bd791fe49ef2":"14073a1b4f07f3b594fa43d0c8781b8089dd2d9b8ad266e0321aaa6b71a0d058":"4247fc6886e8657b84369cf14469b42aa371d57d27093ee724f87bf20fa9e4e6":"f2aea2bc23e7c70f4ee2f7b60c59d24d" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #13 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"f0d3a46501da7ab23d8688725f53f4289ce3bfa627646fe301533ec585f866caafb8131e95460566270f68cd25e1f153":"223d49f99a56cfcf2eb8cca39a8a82ee306c6272d521257f3d7d2a87699111e442fc55a399994d57373141f2207d43a8bbc1e086d67343b7dc2a891853c860fe43fb6be32cf035aca582bf5590cb5001b09b4976ea617fa7bd56da81fdef2df9":"7d12673cad5ad5003400fb94547e2b987e934acf6b930c0e7aec72634bfb8388":"e8583b9983b3ac589a6bb7a8405edfc05d7aa5874a8643f9ac30a3d8945a9f96":"ce72c0ea0e76be6bc82331c9bddd7ffb" CTR_DRBG NIST Validation (AES-256 use df,True,256,128,256,256) #14 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"1e4644df1d01f9a0f31d1d0c67bc9fb9a1ee2223fbfb25520d3881cde2b183b73fe1a8cc5f17796cf22aaaed57607420":"cdac62b5e4ccee8609b1f4b7a8733e69068c71219b6292ecb318b9d3479516807af280cfa20e455d5e96eb6794a3b963957f3c099fd1e1199706d36a06011836af890f3b7b15cda6346a06fdd0f194de40bfbec12b021b02eeabaa34d35b30a3":"8169251ea55cce534c6efd0e8a2956d32ed73be71d12477cea8e0f1ab8251b50":"865d14cb37dd160a3f02f56ac32738f9e350da9e789a1f280ee7b7961ec918a7":"ff11ba8349daa9b9c87cf6ab4c2adfd7" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1b54b8ff0642bff521f15c1c0b665f3f":"5a194d5e2b31581454def675fb7958fec7db873e5689fc9d03217c68d8033820f9e65e04d856f3a9c44a4cbdc1d00846f5983d771c1b137e4e0f9d8ef409f92e":"":"":"":"a054303d8a7ea9889d903e077c6f218f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"90bc3b555b9d6b6aeb1774a583f98cad":"93b7055d7888ae234bfb431e379069d00ae810fbd48f2e06c204beae3b0bfaf091d1d0e853525ead0e7f79abb0f0bf68064576339c3585cfd6d9b55d4f39278d":"":"":"":"aaf27fc2bf64b0320dd3564bb9b03377" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"4a2a7dcbde58b8b3c3f4697beb67bba2":"58364ceefad37581c518b7d42ac4f9aae22befd84cbc986c08d1fb20d3bd2400a899bafd470278fad8f0a50f8490af29f938471b4075654fda577dad20fa01ca":"":"":"":"20c5117a8aca72ee5ab91468daf44f29" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"911faab1347ae2b3093a607c8bc77bfe":"2f044b8651e1c9d99317084cc6c4fa1f502dd62466a57d4b88bc0d703cabc562708201ac19cdb5cf918fae29c009fb1a2cf42fd714cc9a53ca5acb715482456a":"":"":"":"aae0c0ac97f53d222b83578a2b3dd05d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"f959f1bc100ae30088017fae51289d8e":"77d0f0efbc7ca794a51dff96e85b8e7dfd4875fbfb6e5593ae17908bfbddc313e051cb7d659c838180d834fdd987ae3c7f605aaa1b3a936575384b002a35dd98":"":"":"":"5d80bc3fffa42b89ccb390e8447e33e5" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"45a8bb33062783eede09b05a35bd44dd":"6bb14dc34f669759f8fa5453c4899eb5ac4e33a69e35e89b19a46dbd0888429d1367f7f3191e911b3b355b6e3b2426e242ef4140ddcc9676371101209662f253":"":"":"":"0dfa9955a13a9c57a3546a04108b8e9e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0ada129f9948073d628c11274cec3f69":"b3d01bcb1ec747fdb7feb5a7de92807afa4338aba1c81ce1eb50955e125af46b19aed891366ec0f70b079037a5aeb33f07f4c894fdcda3ff41e2867ace1aa05c":"":"":"":"f34710c9ebf9d5aaa5f797fd85a1c413" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"052a5ad4cd38de90e5d3c2fc430fa51e":"98482e58e44b8e4a6b09fa02c05fcc491da03a479a7fad13a83b6080d30b3b255e01a43568a9d6dd5cecf99b0ce9fd594d69eff8fa88159b2da24c33ba81a14d":"":"":"":"3f55144eec263aed50f9c9a641538e55" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"004cd2f28f083d1cee68975d5cbbbe4f":"6238d448015e86aa16af62cdc287f1c17b78a79809fa00b8c655e06715cd2b935bf4df966e3ec1f14b28cc1d080f882a7215e258430c91a4a0a2aa98d7cd8053":"":"":"":"b137119dbbd9d752a8dfceec05b884b6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"f985b3ea2d8b15db26a71895a2ff57cd":"50d3c4ecb1d6e95aebb87e9e8a5c869c11fb945dfad2e45ee90fb61931fcedd47d6005aa5df24bb9efc11bbb96bb21065d44e2532a1e17493f974a4bf8f8b580":"":"":"":"eb419628fbc441ae6a03e26aeecb34a6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"100f196991b6e96f8b96a3456f6e2baf":"d27cbeac39a6c899938197f0e61dc90be3a3a20fa5c5e1f7a76adde00598e59555c1e9fd102d4b52e1ae9fb004be8944bad85c58e341d1bee014057da98eb3bc":"":"":"":"e3e09d0ed827e4f24a20553fd1087c9d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"88f55d9ba8fef7828483298321133fec":"16f9f5354d624c5ab1f82c750e05f51f2a2eeca7e5b774fd96148ddba3b38d34ba7f1472567c52087252480d305ad1c69e4aac8472a154ae03511d0e8aac905a":"":"":"":"07cd821012ef03f16d8510c23b86baf3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"126479abd70b25acd891e1c4c92044f9":"70afbc83bf9ff09535d6f0ddc51278ad7909f11e6f198b59132c9e269deb41ba901c62346283e293b8714fd3241ae870f974ff33c35f9aff05144be039d24e50":"":"":"":"0f90df350741d88552a5b03b6488e9fb" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a45f2fca553089fe04e7832059dc7976":"5e5a9e1e3cb80738c238464ede1b6b6a321261a3b006a98a79265ad1f635573bba48dccf17b12f6868478252f556b77c3ec57a3bf6bb6599429453db2d050352":"":"":"":"6eb85ae2406c43814b687f74f4e942bc" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"52dbb43241002415966eaec2615aba27":"31cfe60e5ed12ff37d7f2270963def598726320c02b910b5c6c795e2209b4b4a95866c64cb097af1d6404d1e6182edf9600e1855345375b201801d6f4c4e4b32":"":"":"":"2a270f5ef815665ddd07527c48719ab1" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"176200bb44808b5400b24e1b5f56cf73":"f84d395b1734eac4600dbc36f6b1e1599bc7f2608dc8ecb3a55369d7b1b122a09f5ac9c16d9a2be37d2ff70a9bba732fc3785b23ff4ade3c8404da3f09f95a8f":"aef28c9169e9af74c73432d4aa6f5dff9ea4a53433de2ecb9bf380a8868c86e1":"0626ae19763c5313b627a8d65cf1cfba46dfd6773242738b9b81fde8d566ade1":"63c160ed6a6c1fffd0586f52fa488a9055533930b36d4fa5ea3467cda9ffe198":"e8f91633725d786081625fb99336a993" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"19c3d16197ac93bf58c4110c9e864804":"50755cc0178c68ae70befd7744f6f1e3f6a59b3bbe484a744436079c7fae8d83c4965516fb952c63e1d0561d92cccc56037465815c9e549c9adce4a064877128":"5cb82d2c297404f3db1909480c597dd081d94ca282ba9370786a50f3cbab6a9b":"96d130faf1a971920c2bf57bcd6c02d5a4af7d3c840706081e4a50e55f38bf96":"1b0d04f179690a30d501e8f6f82201dbab6d972ece2a0edfb5ca66a8c9bcf47d":"4628b26492e5cb3b21956d4160f0b911" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"4b1edd0f53bf4e012def80efd740140b":"e50c31ebbb735c4a53fc0535647ae1fff7a5ac4fa4068ba90f1fa03ca4ddedecd5b1898d5e38185054b0de7e348034b57067a82a478b0057e0c46de4a7280cd9":"e7154ec1f7ac369d0bd41238f603b5315314d1dc82f71191de9e74364226eb09":"9444238bd27c45128a25d55e0734d3adafecccb2c24abdaa50ac2ca479c3830b":"ab2488c8b7e819d8ce5ec1ffb77efc770453970d6b852b496426d5db05c03947":"a488a87c04eb1c7586b8141ed45e7761" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1f89c914649ae8a234c0e9230f3460f9":"5e029c173dc28ab19851a8db008efbcf862f4187fca84e4e6f5ba686e3005dba5b95c5a0bcf78fb35ada347af58ec0aca09ed4799cd8a734739f3c425273e441":"b51f5fd5888552af0e9b667c2750c79106ce37c00c850afbe3776746d8c3bce1":"9b132a2cbffb8407aa06954ae6ebee265f986666757b5453601207e0cbb4871b":"f1c435e2ebf083a222218ee4602263872a2d3e097b536a8cc32a5a2220b8065f":"a065cc203881254ca81bd9595515e705" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0ef2be2d00a16051404fc2a0faa74fdc":"b66c882ae02c5215ed3bcd9e9a40934b09bf48a15fe7558c9d9ceb0ebec63625ea18f7c3ab341d9f7edd8e1d8816edecb34dbd71ae02771327b5ebc74613dadd":"1ebe9893957a5c4a707793906d31bb201e88d88a22abd6baa6461fc61def7ffb":"f81e26744834413cb95af8d438d0050c7c968f929a33e35ee5c6715a0a520950":"687a848b2b6c715a0e613b3f3bb16cf2f056543eb9dd6b8aee8de8aa6fd8a1e6":"a6c4a7e99d08cc847ac0b8c8bcf22ec0" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"eb2439d156c4f51fb1943c26f27de8af":"ad153fd266d9f73b21f4e5e88d3d13ba8325abdec427d5d8f671cfccdbd3510e9774d59a14d9b5472b217b7bcf355436a51965d2dff7c4ac586ab812f20d326e":"e24bd6b69a40fa0a02cefbbaa282f8f63a80e154be338d1b913418d4ff7a810d":"fd40baf11d7cdd77641a2b46916cb0c12980e02612ef59fb6fe7dabbbe7a85c0":"a40019e3b85d7d5775e793dd4c09b2bdc8253694b1dcb73e63a18b066a7f7d0c":"7cd8d2710147a0b7f053bb271edf07b5" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b23796d88ee5ae75ff2ba4fbbd5e2de8":"b249d2d9b269b58c5355710aaae98be12d8fb2e79046b4e6deeec28adad7e789999847e20de11f7c3277216374f117e3e006bdf99bb8631aa4c4c542cd482840":"79f0214b6b0c5ffb21b1d521498b71d22c67be4607c16300ab8dde3b52498097":"582be1e080264b3e68ec184347a5b6db1e8be1811578206e14ad84029fe39f71":"f5e9c3356810793f461f889d8c5003b1c0b20a284cb348301ce7b2dd7a1c7dd7":"1aa8cf54994be6b329e9eb897007abf0" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"081db0b1620a56afd87c2fd2bebb1db3":"3f1e90d88870a0bd03364036b655495e3e7d51bf67fb64ba0cbf003430af5585f5936b84ab3b8a55c02b8b6c54bea09cf2d77691858c5818991383add5f0c644":"5b98bc83ae8bed5c49cb71689dc39fee38d5d08bdfa2a01cee9d61e9f3d1e115":"aad3e58fdd98aa60fc2cae0df3fc734fff01a07f29f69c5ffeb96d299200d0d8":"bad9039ebb7c3a44061353542a2b1c1a89b3e9b493e9f59e438bfc80de3d1836":"8d01e3dc48b28f016fc34655c54be81f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a8427443d9c34abcdcca061a2bbcff52":"b0e9b2192adc8912653d90a634d5d40c53ca4383290a8764bdf92667f859d833c3e72ad0ff41e07fe257b1ead11649be655c58a5df233114e7eda2558b7214d7":"c6cad9fb17ada437d195d1f8b6a7fa463e20050e94024170d2ffc34b80a50108":"be461a9c1a72ebaf28ee732219e3ca54cbee36921daaa946917a7c63279a6b0e":"b6d110d6b746d7ccf7a48a4337ba341d52508d0336d017ae20377977163c1a20":"16ccd63dbf7b24b6b427126b863f7c86" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"86bd02976e6c50656372b8c212cf0a7a":"89900b0febf6b4e19ab8fc5babb4122a8aad86d658d0c2f98988c99fbd8530ff4ad365bd5fddaa15f96537bd72deb5384405b610e6ebae83e848307051fd6c82":"41bf3794ee54647a48a2588fdfdea686f1af6792e957d42f181f2631b207ac0c":"c4478afbea4eecb225448f069b02a74c2a222698c68e37eb144aff9e457f9610":"41a99e0d3f5b767f9bedcb2f878a5d99d42856bed29042d568b04e347624bf7f":"863337529aac9ab1e9f7f8187ea7aa7d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e809ef8d4c3d82575833d51ac69481b2":"3e831b7715ce202c95ec85337e2c0061d972169955bd96fbe1f758508c0336b3226260ea5e66f943b538eb115ffe4d5e534cbe58262a610528641629bc12fc75":"4d40c6a961168445c1691fea02ebd693cb4b3f74b03d45a350c65f0aaccb118b":"b07dc50e6ca7544ed6fdebd8f00ed5fa9b1f2213b477de8568eb92dddaabfe3f":"cbac982aa9f1830d0dc7373d9907670f561642adb1888f66b4150d3487bf0b8d":"2814be767d79778ebb82a096976f30db" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ad71caa50420d213b25f5558e0dc1170":"6a3fd23e7dc934e6de6eb4cc846c0dc3cf35ea4be3f561c34666aed1bbd6331004afba5a5b83fff1e7b8a957fbee7cd9f8142326c796ca129ec9fbacf295b882":"3042dd041b89aaa61f185fdda706c77667515c037f2a88c6d47f23ddadc828ae":"9b1e3f72aaab66b202f17c5cc075cfba7242817b2b38c19fe8924ca325b826ea":"8660b503329aaea56acdb73ca83763299bac0f30264702cb9d52cbaf3d71d69d":"c204a3174784d82b664e9a1c0a13ffa6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"5fd6606b08e7e625af788814bef7f263":"baf8750e07194fc7172c736e0fdea0a632810d45602dff17ce37adf106d652f87e31b6bd24d21481c86444d8109586118672a6f93731b7438a3f0f39648b83a3":"3c37193d40e79ce8d569d8aa7ef80aabaa294f1b6d5a8341805f5ac67a6abf42":"c7033b3b68be178d120379e7366980d076c73280e629dd6e82f5af1af258931b":"452218a426a58463940785a67cb34799a1787f39d376c9e56e4a3f2215785dad":"561e16a8b297e458c4ec39ba43f0b67e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"08def734914ecf74b9eccb5dfaa045b8":"6697f889fcf6dae16881dc1e540e5c07f9461d409acee31842b04f93c00efbba670dfbf6040c1c2e29ad89064eae283fd6d431832f356e492bc5b2049f229892":"a6ac87af21efd3508990aac51d36243d46237b3755a0e68680adb59e19e8ae23":"0052152872b21615775431eb51889a264fed6ca44fa0436b72a419b91f92604c":"ebadf71565d9a8cc2621403c36e6411e7bed67193a843b90ccf2f7aa9f229ca2":"c83fa5df210b63f4bf4a0aca63650aab" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"6437862e93060def199029ff2182f1e5":"719d1afcb6dc8ca26cba6a7c10f59cf82345b2a0c631a7879812d6f2d2663b49f9e92daecb81ff7c0790205d66694526477d6de54a269f542cb5e77fe4bc8db3":"5c961db0ac2ea8caf62c9acc44465dcfb4d721fcb2cd3e1c76cdcb61bfaa7e75":"24eabd392d37493e306705d0b287be11a4d72dd4b9577ac4098ef0dae69b0000":"9e4f05c1b85613e97958bc3863e521331b2bd78fdf2585f84607bf2238e82415":"21aaae76dc97c9bf7cf858054839653e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"cd7a1981c1b7079c1c38f5aeee86db22207cb9faed8c576b1724ca7817aa6abfb26c42a019eb4c2f4064f0587ea2b952":"7f88c3805ae0857c5cbb085a5d6259d26fb3a88dfe7084172ec959066f26296a800953ce19a24785b6acef451c4ce4c2dfb565cbe057f21b054a28633afbdd97":"":"":"":"76c1cdb0b95af271b52ac3b0c9289146" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0ccdac2fd65a86bf8f8e9ddcabffb9d29a935139f627c165a815b23137eeee94cbb21be86ac5117379177d37728db6fd":"6f61703f92d3192cd982b2e52a8683e0d62918d51b12e084deae06c4a8e08ecfb3d2d30a980a70b083710bc45d9d407966b52829cf3813cc970b859aa4c871fe":"":"":"":"e6c73e159d73c2ba8950cd77acb39c10" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"fbbcc4abfd671296de3e0dcf409a139e35deae126c1941bf1afcc8d3da3a2d65f54a6d317bb6d683a3a77f6266b007ff":"c662ed723e7041877542fdcf629533d4a74393eb4dae4f3ec06d2d1c0d37ed7f519609a8485cb8deb578ae4cbb45c98ef7f2f2e677363e89fb3744286db6bfc1":"":"":"":"9d934d34417c6d0858f4a3faacbe759e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1b824790b6b22b246bcc1bcfbbb61a76045476672f917b72e79cca358e650eb29ed49fb0a5739e097f5f5336d46fc619":"c57a5686486ebacc2422236b19110c754795a869a8157901cf71303de1adc6af16a952190a395d6c20e155e690f41922f6f721dc8e93da81afb844f68714cba7":"":"":"":"13e7bf23d88f3bb5a5106a8227c8c456" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2ea7861e374232cb8ceecbbd9a18fc1f63c31f833fe394f1e19c8ef61092a56f28342fa5b591f7b951583d50c12ef081":"6a0873634094be7028b885c345cd5016295eec5e524f069de6510ae8ac843dba2cc05c10baa8aad75eac8e8d1a8570f4d2a3cf718914a199deb3edf8c993a822":"":"":"":"c008f46a242ae0babad17268c9e0839a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"39caa986b82b5303d98e07b211ddc5ce89a67506095cad1aeed63b8bfe0d9c3d3c906f0c05cfb6b26bab4af7d03c9e1a":"f2059f7fb797e8e22de14dac783c56942a33d092c1ab68a762528ae8d74b7ad0690694ede462edbd6527550677b6d080d80cdabe51c963d5d6830a4ae04c993f":"":"":"":"202d3b2870be8f29b518f2e3e52f1564" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a4e25102c1b04bafd66bfe1ce4a4b340797f776f54a2b3afe351eede44e75c28e3525155f837e7974269d398048c83c3":"0a03b7d026fab3773e9724dacb436197954b770eca3060535f2f8152aa136942915304dede1de0f5e89bd91d8e92531b5e39373013628fea4ee7622b9255d179":"":"":"":"be21cab637218ddffa3510c86271db7f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"6de33a116425ebfe01f0a0124ad3fad382ca28473f5fc53885639788f9b1a470ab523b649bad87e76dee768f6abacb55":"d88312da6acbe792d087012c0bf3c83f363fa6b7a9dd45c3501009fb47b4cfcfeb7b31386155fe3b967f46e2898a00ecf51ec38b6e420852bef0a16081d778cc":"":"":"":"2c285bfd758f0156e782bb4467f6832c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b8ab42fd3f6306426602cae0c48eb02ffa7053940389900c17846e1d9726251762095383f2ec3406b3381d94a6d53dd8":"6a7873ccb7afb140e923acbec8256fa78232f40c0c8ba3dcbcf7074d26d6d18a7e78fffda328f097706b6d358048ee6a4728c92a6f62b3f2730a753b7bf5ec1f":"":"":"":"13504a2b09474f90d2e9ef40d1f2d0d5" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"042b524444b9903c1ecb80af21eef0e884115561a15a1ab2f9f3a322edcbf14174f54d315196a632940c2c6f56612c09":"31ba5f801aeaac790f2480fbd2373a76ba1685ebebc5ae7cd4844733ec3cfb112634b3899104dcc16050e1206f8b3fb787d43d54de2c804fd3d8eb98e512bb00":"":"":"":"0a0484c14e7868178e68d6d5c5f57c5c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"632758f92efaca39615862177c267906ab0424230d481ee0a5aa1a5f66697d3918d4aab3f310b72a7f2d71c0a96b9247":"46dc837620872a5ffa642399213b4eebfb28ca069c5eaaf2a636f5bd647de365c11402b10ecd7780c56d464f56b653e17af8550b90a54adb38173a0b2f9e2ea7":"":"":"":"90432ce3f7b580961abecde259aa5af6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"7b389118af3d0f8336b41cf58c2d810f0e5f9940703fd56a46c10a315fb09aafd7670c9e96ffa61e0cb750cb2aa6a7fe":"76e92e9f00fc7d0c525c48739a8b3601c51f8f5996117a7e07497afee36829636e714dbcb84c8f8d57e0850a361a5bdfc21084a1c30fb7797ce6280e057309b7":"":"":"":"7243964051082c0617e200fcbbe7ff45" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e50d38434e9dfe3601e7ea1765d9fe777d467d9918974b5599ec19f42d7054b70ff6db63a3403d2fd09333eda17a5e76":"c9aa4739011c60f8e99db0580b3cad4269874d1dda1c81ffa872f01669e8f75215aaad1ccc301c12f90cd240bf99ad42bb06965afb0aa2bd3fcb681c710aa375":"":"":"":"28499495c94c6ceec1bd494e364ad97c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"3253cb074d610db602b0a0d2836df1f20c3ee162d80b90b31660bb86ef3f0789fa857af4f45a5897bdd73c2295f879b6":"b06960a92d32a9e9658d9800de87a3800f3595e173fdc46bef22966264953672e2d7c638cc7b1cada747026726baf6cea4c64ba956be8bb1d1801158bee5e5d4":"":"":"":"b6608d6e5fcb4591a718f9149b79f8f1" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"83e4733566f90c8d69e6bcbe9fb52521ff3e26f806d9b7b86e9344cca0305dbf106de855240f1d35492cc6d651b8b6ae":"0e0105b12af35ac87cb23cf9ca8fb6a44307c3dcdc5bc890eb5253f4034c1533392a1760c98ba30d7751af93dd865d4bd66fbbeb215d7ff239b700527247775d":"":"":"":"68d64d1522c09a859b9b85b528d0d912" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a94da55afdc50ce51c9a3b8a4c4484408b52a24a93c34ea71e1ca705eb829ba65de4d4e07fa3d86b37845ff1c7d5f6d2":"a53e371017439193591e475087aaddd5c1c386cdca0ddb68e002d80fdc401a47dd40e5987b2716731568d276bf0c6715757903d3dede914642ddd467c879c81e":"20f422edf85ca16a01cfbe5f8d6c947fae12a857db2aa9bfc7b36581808d0d46":"7fd81fbd2ab51c115d834e99f65ca54020ed388ed59ee07593fe125e5d73fb75":"cd2cff14693e4c9efdfe260de986004930bab1c65057772a62392c3b74ebc90d":"4f78beb94d978ce9d097feadfafd355e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e8649d4f86b3de85fe39ff04d7afe6e4dd00770931330b27e975a7b1e7b5206ee2f247d50401a372c3a27197fec5da46":"78d7d65c457218a63e2eb1eba287f121c5466728ac4f963aeaabf593b9d72b6376daea6436e55415ad097dee10c40a1ff61fca1c30b8ab51ed11ff090d19ef9a":"cc57adc98b2540664403ad6fd50c9042f0bf0e0b54ed33584ee189e072d0fb8f":"ab2f99e2d983aa8dd05336a090584f4f84d485a4763e00ced42ddda72483cd84":"0ecd7680e2e9f0250a43e28f2f8936d7ef16f45d79c0fa3f69e4fafce4aeb362":"08e38625611bb0fb844f43439550bd7a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"6c79e1556889b3c074fc083a120d73784b888c5acb877899f17ce52e424b84178d144441aa9f328c730a951b02b048df":"c78ff6b9fc91cbce246c9fcc2366d5f7dd6d99fb1325d8997f36819232d5fcd12ccafdcbefd01409d90acd0e0ffb7427c820b2d729fe7e845e6a6168fc1af0b5":"60cba10826de22c5e85d06357de63d6b2ff0719694dafca6ab33283f3a4aacdd":"8943c22fb68b30811790a99b9cbb056e1a2c329185a199c76ba5aeceb2fcd769":"70671a50e8387bf232989d904c19215c7535ad2d0c5dec30a744c8d2706be6ec":"f6b94b671cae8dfa8387719bfd75ee84" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"f5ab77b2a8e370548b88febfd79772144cd5fc8d78062582addd4ff1e5c10094b390e66b3c4efb087510de1b9d25703f":"21a21c9314b37d4ade4a50a5d85995e0be07e358ed9bca19daa867a8d47847105dca7a424f32f715adb8fea5d3a41cfe388872a42ab18aa5cbcd7bde4adc3f8b":"023d582569a7ff1405e44cf09ceebb9d3254eef72286e4b87e6577a8ab091a06":"39597519872d49fbd186704241ba1dc10b1f84f9296fb61d597dbd655a18f997":"3091c9fe96109b41da63aa5fa00d716b5fa20e96d4f3e0f9c97666a706fa56f1":"1fb57058b3ba8751df5a99f018798983" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"f0b79e292d0e393e78b6d6117e06d2e725823fe35bde1146502967a78d99d6bca564f0e2f324272f968be5baab4aeb29":"192054dddac02157a35eb7f75ae8ebdb43d6b969e33942fb16ff06cd6d8a602506c41e4e743b8230e8239b71b31b2d5e3614e3a65d79e91d5b9fc9d2a66f8553":"b12241e90d80f129004287c5b9911a70f7159794e6f9c1023b3b68da9237e8b7":"59e9c3c0f90e91f22c35a3be0c65f16157c569c7e3c78a545d9840f648c60069":"089a59af69f47ddb4191bd27720bb4c29216f738c48c0e14d2b8afd68de63c17":"15287156e544617529e7eede4aa9c70e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e3f33843aecb35d01001ff92ab9a0f1a5431ba9de3e4f3247cda8c62acc86f7066448f639d8ba8b5249337f8c353bbbd":"ef081af1f62400a3d193969d689a40234998afb646d99a7c4b9cbbf47e650cda93a90e754a16fffa25fc2a2edab09720b4520c47309ec4f6d9f76f0162af6cae":"e7cc55b72862544a8661b5034e15587b1e5a45eb5dc744f5fa1db9b267f1c3ff":"882d30c888eb8e344b1d17057074606fe232ceb42eb71055264ede7bb638f2a2":"9ce65e95c1e735fe950e52c324e7551403d0ef70ad865bd31fef1e22b129fdd6":"205e3a53367c4a5183be74bb875fa717" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"f30a18d597d8591a22dee908de95c5af74884b025f39b4f6707d28447d9d0a3114a57bc2d9eed8e621ec75e8ce389a16":"fae3d554d12a14e29de1b622922f27559559ca1518c9f800375a37a212e8b9a653cc3700223e9404d5bf781d15fccf638050a1394592caba001cfc65d61ef90b":"54240edd89016ed27e3bb3977a206836f5ef1fba0f000af95337d79caca9cf71":"250611e51852d933ff1a177b509c05e3228cb9f46dfb7b26848a68aad2ce4779":"f8b602d89fa1a0bfb31d0bd49246b458200a1adb28b64a68f7c197f335d69706":"7b63bfb325bafe7d9ef342cd14ea40a4" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"c8dbc3d39beb612811c52e2b46ef76d2b7bd5d3a90ceddf9fb864fe6f44e36687d88158d61014e192f9a3cd474338e13":"8e60115b4af9c8e5606223792539e9ba87e9ef46cd16fcc09046db1ef8d3c036241cae5d61141711818e9e861dbd833632069ebf5af1bd6d4e513f059ab1efd3":"9b56eba0838457f736fc5efa2cfbe698908340f07d4680e279d21dd530fdc8c8":"62c47ece469a7a409e4b2b76d1c793aaf11654e177cc8bf63faff3e6c5a5395c":"4251597013d0c949c53bbd945477b78aa91baa95f1ff757c3a039ccc4e1f4789":"af2f37160940f0cc27d144a043ddf79b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a37f9ed6c4e8f74ff16046b0678ef7bd24fcdca247b771ea1ce1fd48e3f5d2067e38aaf64ec59f1f49d96fa85e60ef03":"95da91f4185b254322ef0fc852473a9b9e4c274b242ded8a4eae6f1e2badde0664cf57f2128aa3dc83e436f7e80928a01d93bf25011eedf0190d0bf3619cd555":"b4a22f5598f79d34f0b9600763c081b0200ba489da7028ad0283828545c6d594":"fa3edc0962b20a9d9e1d0afcad907c8097c21d7a65c0e47c63d65cea94bf43bd":"49ba791a227e9e391e04225ad67f43f64754daac0b0bb4c6db77320943231ec3":"32f313ded225289793c14a71d1d32c9f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"87f85b9c19eba1d953b6613cf555c21bc74428d9a8fee15e6cd717e240506f3e80860423973a66c61820d4ce1c6bb77d":"f22dd3517350176e35e1b7ecc8c00bea4747f0ac17bda1b1ddf8cdf7be53ff8c326268366e89cf3b023a9646177a0dcca902f0c98bf3840c9cbdf5c0494bee3c":"611caa00f93d4456fd2abb90de4dbcd934afbf1a56c2c4633b704c998f649960":"cba68367dc2fc92250e23e2b1a547fb3231b2beaab5e5a2ee39c5c74c9bab5f5":"f4895c9653b44a96152b893b7c94db80057fb67824d61c5c4186b9d8f16d3d98":"a05de6531a1aa1b2ba3faea8ad6ac209" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"9670deb707caabc888a3b0df7270942934732e02be728a4bedb5fc9ca4d675b2f3b47c7132c364ce6292cef7c19b60c7":"bba34e6f4ee27e5d4e885e59f8bbb0dc7353a8912e66637d7515a66e5398d9a8cbd328fed32f71bdd34c73cdf97e0d211be6dabfb0144e1011fd136cf01ea4e4":"9f55da36babd6ea42082f5f5d4330f023440bb864f8ad5498a29cf89757eaeab":"8013a309058c91c80f4d966f98bce1d4291003ad547e915777a3fce8ae2eaf77":"c83106272d44e832e94c7096c9c11f6342e12ec06d5db336424af73d12451406":"bc8d4d00609662c1163dca930901821d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"6d984c8ab923a7e118447fd53ad287b8f01d1e6112cff12bfb338ecd3ed16bafdd634677c600bdd68f852a946f45c3d9":"ed0e524ed2990ef348dbb15b3f964b12ad3109978d6952ae193b21e94510a47406926620798e71a0ffcbdd2e54ec45509d784a8bfc9d59cb733f9f11fc474b5e":"0a3a32260d04dd7a82fb0873ecae7db5e5a4b6a51b09f4bf8a989e1afacbda3b":"3cbcabb83aab5a3e54836bbf12d3a7862a18e2dffeeb8bdd5770936d61fd839a":"f63b30a3efc0273eba03bf3cf90b1e4ac20b00e53a317dbf77b0fe70960e7c60":"ab9af144e8fad6a978a636ad84e0469e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2c59520d6f8ce946dcc5222f4fc80ba83f38df9dce2861412eebb1614245331626e7fb93eedbad33a12e94c276deff0a":"2882d4a30b22659b87ad2d71db1d7cf093ffca80079a4ef21660de9223940969afec70b0384a54b1de9bcca6b43fb182e58d8dfcad82b0df99a8929201476ae9":"d3c17a2d9c5da051b2d1825120814eaee07dfca65ab4df01195c8b1fcea0ed41":"dcc39555b87f31973ae085f83eaf497441d22ab6d87b69e47296b0ab51733687":"9a8a1b4ccf8230e3d3a1be79e60ae06c393fe6b1ca245281825317468ca114c7":"fba523a09c587ecad4e7e7fd81e5ca39" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1c1207f50b645aaed5c16fe36f6aae83af4924e6b98a7e2a2533a584c1bac123f8b6f0e05109e0132950ae97b389001a":"8ae9a5903da32a38b7c6fed92dd0c6a035ca5104a3528d71a3eacc2f1681379724991a0053e8dac65e35f3deee0435e99f86364577c8ebdba321872973dc9790":"568bfee681d7f9be23a175a3cbf441b513829a9cbdf0706c145fdcd7803ce099":"e32cb5fec72c068894aaeabfc1b8d5e0de0b5acdf287a82e130a46e846770dc2":"d4418c333687a1c15cac7d4021f7d8823a114bb98f92c8a6dccc59ff8ad51c1f":"194e3018377cef71610794006b95def5" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 [#1] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"28254014c5d6ebf9bd9e5f3946fc98e55fe351deee8fc70333e4f20f1f7719a522b3ea9a4424afe68208d1cc6c128c47":"98a0db985544c33990aee0f69655dba7198e6720ce56ff9d4662e26f0c6b4ee7ab599932c05295f6c5a4011085c5b2c861a5a8ae4f572ce614ff2dafc0fddb34":"64215cbe384f1f4cf548078ffd51f91eee9a8bae5aacdd19ca16bcaaf354f8ad":"2e21df638dabe24aebf62d97e25f701f781d12d0064f2f5a4a44d320c90b7260":"7f936274f74a466cbf69dbfe46db79f3c349377df683cb461f2da3b842ad438e":"25c469cc8407b82f42e34f11db3d8462" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e26c8a13dae5c2da81023f27ab10b878":"fea104f90c5881df7ad1c863307bad22c98770ecd0d717513a2807682582e3e18e81d7935c8a7bacddd5176e7ca4911b9f8f5b1d9c349152fa215393eb006384":"":"":"":"fd87337c305a0a8ef8eef797601732c2" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"8d7dda20a9807804bfc37bd7472d3b0c":"1d723cbc2ff2c115160e7240340adbf31c717696d0fdfecf3ec21150fca00cde477d37e2abbe32f399a505b74d82e502fbff94cecac87e87127d1397d3d76532":"":"":"":"7221761b913b1f50125abca6c3b2f229" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"c02e3b6fd4fea7ec517a232f48aaa8cb":"0820fc21cecba6b2fe053a269a34e6a7637dedaf55ef46d266f672ca7cfd9cc21cd807e2b7f6a1c640b4f059952ae6da7282c5c32959fed39f734a5e88a408d2":"":"":"":"667d4dbefe938d6a662440a17965a334" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"9aee0326f9b16f88a4114e8d49b8e282":"ef0aae3f9c425253205215e5bf0ad70f141ad8cc72a332247cfe989601ca4fc52ba48b82db4d00fe1f279979b5aed1ae2ec2b02d2c921ee2d9cb89e3a900b97d":"":"":"":"651ad783fe3def80a8456552e405b98d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1e7a4961d1cd2fd30f571b92a763c2c5":"a9262ed5b54880cc8ecd4119cce9afe3de8875d403f7ca6b8ed8c88559470b29e644fddd83e127c5f938bc8a425db169c33c5c2d0b0c5133c8f87bbc0b0a7d79":"":"":"":"1124c509ca52693977cf461b0f0a0da9" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ae0b0d2e84f48c632f031356cdea60ac":"554cf6fad1c376ad6148cd40b53105c16e2f5dd5fa564865b26faa8c318150bfb2294e711735df5eb86ff4b4e778531793bad42403d93a80d05c5421229a53da":"":"":"":"1212e5d3070b1cdf52c0217866481c58" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"16b8c7495d43cd2ff5f65ad2ab48ecef":"7cffe2bef0d42374f7263a386b67fba991e59cefd73590cbcde3a4dc635a5a328f1a8e5edd3ada75854f251ee9f2de6cd247f64c6ca4f6c983805aa0fe9d3106":"":"":"":"d3869a9c5004b8a6ae8d8f0f461b602b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a2d5eff6f73f98e5b04c01967dffa69b":"59759bb91b3c4feb18c0f086269ec52e097b67698f4dfe91ebe8bef851caa35cadb3fd22d1309f13510e1252856c71394a8e210fdbf3c7aae7998865f98e8744":"":"":"":"a1f99bd9522342e963af2ec8eed25c08" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ea1f47fe5e281136706419ea9b652967":"0ec7c617f85bec74044111020c977be32ab8050b326ebc03715bbbffa5a34622f2264d4b5141b7883281c21ea91981155a64fb7b902e674e9a41a8a86c32052b":"":"":"":"daf75b8288fc66802b23af5fd04a9434" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"6f072c681a82c00dcd0d9dd5b7ffa2af":"cd7ce90f0141e80f6bd6ff3d981d8a0a877d0ddae7c98f9091763b5946fc38b64c1ef698485007d53251ad278daf5d4ae94a725d617fc9a45a919a9e785a9849":"":"":"":"39c0144f28c5a490eff6221b62384602" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"9d730655366e2aa89ee09332bd0a5053":"854766e842eb165a31551f96008354bca1628a9520d29c3cc4f6a41068bf76d8054b75b7d69f5865266c310b5e9f0290af37c5d94535cb5dc9c854ea1cb36eb7":"":"":"":"baa2a3ed6fdc049d0f158693db8c70ef" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"3363881611bfd5d16814360e83d8544f":"6abfab14cbf222d553d0e930a38941f6f271b48943ea6f69e796e30135bc9eb30204b77ab416ac066da0a649c8558e5a0eac62f54f2f6e66c207cab461c71510":"":"":"":"5be410ce54288e881acd3e566964df78" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"14e589065423528ff84a1f89507ab519":"0d2e446cad387a962ff2217c7cf4826dcabb997ab7f74f64aa18fbcb69151993f263925ae71f9dfdff122bb61802480f2803930efce01a3f37c97101893c140f":"":"":"":"fc2d3df6c9aae68fb01d8382fcd82104" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"974c5ae90347d839475f0f994f2bf01d":"aa04d9fc56349fdd31d868e9efc2938f9104c0291e55ac0aa0c24ec4609731b8e0ac04b42180bde1af6ad1b26faff8a6de60a8a4a828cd6f8758c54b6037a0ee":"":"":"":"3caec482015003643d5a319a2af48fb4" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b3a110587a16c1eafe51128a66816ecf":"203bba645fb5ccee3383cf402e04c713b7a6b6cca8b154e827520daac4ea3a0247bbdc3b2cd853e170587d22c70fb96c320ea71cb80c04826316c7317c797b8a":"":"":"":"9af4f67a30a4346e0cfcf51c45fd2589" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"55546068cd524c51496c5fc9622b64c6":"951e712d057028158831ca8c74d4ae303c6e4641c344a1c80292260bdd9d8e2f5b97606370e95903e3124659de3e3f6e021cd9ccc86aa4a619c0e94b2a9aa3cc":"2d6de8661c7a30a0ca6a20c13c4c04421ba200fbef4f6eb499c17aee1561faf1":"41797b2eeaccb8a002538d3480cb0b76060ee5ba9d7e4a2bb2b201154f61c975":"b744980bb0377e176b07f48e7994fffd7b0d8a539e1f02a5535d2f4051f054f3":"65b9f7382ed578af03efa2008dbdd56f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a0c92565640a3315cac8da6d0458fb07":"6e9b31755c1f45df7d685f86044ab3bc25433a3ff08ab5de7154e06b0867f4e3531ed2e2a15ab63c611fc2894240fdac1d3292d1b36da87caa2080d1c41bcf24":"c6c74690bdee26288d2f87a06435d664431206b23b24f426e847fb892d40d5d5":"4e7dc1adbc8bc16ba7b584c18a0d7e4383c470bff2f320af54ad5ade5f43265b":"c6fb8ee194a339726f5051b91925c6a214079a661ec78358e98fc4f41e8c4724":"c3f849ee7d87291301e11b467fa2162f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"63e143bd6a87065a00eea930593f9b29":"62c2c790cb56518ed2d8d65952bbd4ab85a56463495c940b94f403a93338bdc96129feea9335b1a3e0ada7cf4c207f4732013bc6a52db41407bf5d6fe9183b3c":"7b4e9ff0c8f8c90f8b324c7189226d3adccd79df2d0c22b52fb31dbb5dfefba6":"49e1aecf2b96a366325dc1892c016a5535dd2480360a382e9cc78bf75b2bba37":"f4ce1d27e759f3ba4a56aaab713642b4c56810c9995fbfc04ce285429f95a8f4":"513111abaae3069e599b56f7e5fb91d1" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"98dc16e95f97b5b9d8287875774d9d19":"2fab4a629e4b21f27488a0c9ed36fc8e75bee0c386346c6ec59a6f045975e29818440a6638eb3b9e952e19df82d6dc7b8b9c18530aef763d0709b3b55433ddc6":"2e9d2f52a55df05fb8b9549947f8690c9ce410268d1d3aa7d69e63cbb28e4eb8":"57ecdad71d709dcdb1eba6cf36e0ecf04aaccd7527ca44c6f96768968027274f":"7b2da3d1ae252a71bccbb318e0eec95493a236f0dec97f2600de9f0743030529":"841882e4d9346bea32b1216eebc06aac" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"5dbac5c313527d4d0e5ca9b6f5596ed7":"c00b28c78da4f9ce159741437fe7f90e4e23ecd01cd292f197202decbbc823d9ce46b8191c11e8f8d007d38e2ecd93b8bd9bbad5812aaf547ddf4c7a6738b777":"460c54f4c3fe49d9b25b069ff6664517ed3b234890175a59cde5c3bc230c0a9e":"bf5187f1f55ae6711c2bc1884324490bf2d29d29e95cad7a1c295045eed5a310":"28fd8277dcb807741d4d5cb255a8d9a32ef56a880ccf2b3dcca54645bd6f1013":"b488f5c13bb017b0d9de2092d577c76e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"254d5f5044415c694a89249b0b6e1a2c":"4c1cc9ebe7a03cde31860637d8222faeefa9cbf789fab62e99a98d83084fef29eafcf7177d62d55435a1acb77e7a61ad86c47d1950b8683e167fe3ece3f8c9e8":"71af584657160f0f0b81740ef93017a37c174bee5a02c8967f087fdbfd33bfde":"96e8522f6ed8e8a9772ffb19e9416a1c6293ad6d1ecd317972e2f6258d7d68dd":"3aaa5e4d6af79055742150e630c5e3a46288e216d6607793c021d6705349f96a":"66629af4a0e90550b9bd3811243d6b86" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b46fceed0fcc29665815cc9459971913":"ff62d52aed55d8e966044f7f7c5013b4915197c73668e01b4487c3243bbf5f9248a4fdd6ef0f63b87fc8d1c5d514ff243319b2fbdfa474d5f83b935399655e15":"994d6b5393fbf0351f0bcfb48e1e763b377b732c73bf8e28dec720a2cadcb8a5":"118bb8c7a43b9c30afaf9ce4db3e6a60a3f9d01c30b9ab3572662955808b41e4":"bb47e443090afc32ee34873bd106bf867650adf5b5d90a2e7d0e58ed0ae83e8a":"1865fee6024db510690725f16b938487" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e1a5dd32fc7cefb281d5d6ce3200f4ca":"bf1ba4166007b53fcaee41f9c54771c8a0b309a52ea7894a005783c1e3e43e2eb9871d7909a1c3567953aabdf75e38c8f5578c51a692d883755102a0c82c7c12":"32e9922bd780303828091a140274d04f879cd821f352bd18bcaa49ffef840010":"01830ddd2f0e323c90830beddedf1480e6c23b0d99c2201871f18cc308ab3139":"f36d792dbde7609b8bf4724d7d71362840b309c5f2961e2537c8b5979a569ae8":"7080e8379a43c2e28e07d0c7ed9705a8" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"d1b7be857a422b425ae62c61e90a192a":"6ac34c4ce22b644632283ab13e294df2093e939d32411340b046c26fcc449d0fd6d14132c7205df303dbb663190e6e86ad12e14e145b6603308241f38d94eb5d":"aacfe8553d5ffef6abc3fd8f94d796cae2079ff04f7ab1b41982003f02427c7a":"01d2d1bc29d6a6b52bb29bd6652be772096ca23c838c40730d5b4a4f8f735daa":"27af728ee07d3f5902f4e56453b6a9feb308ef14795eb5630b2651debdd36d5b":"b03fbcd03fa1cc69db0a4e3492a52bad" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a2c49aa6f3f92e36266bf267af5877ed":"5684c3eb99314127078484959314d52b3bc50cb3615c0eef6b48850d98aee04c528b0693be13ed1bb4040e8e96cb13c316143f0815cd68d1bb7931a3d9b88a3d":"566522085426b76bdef152adefd73ef0f76eee4614bc5a4391629ec49e0acffb":"30ef9585148dd2270c41540a4235328de8952f28cf5472df463e88e837419e99":"adc46e0afcf69302f62c84c5c4bfcbb7132f8db118d1a84dc2b910753fe86a2d":"4edc4383977ee91aaa2f5b9ac4257570" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"43852c53041a3a4f710435dbd3e4382b":"ab7bca5595084bccdba80ade7ac3df2a0ce198fa49d29414c0249ec3d1c50d271ca74ba5c3521576a89a1964e6deded2d5ba7ff28a364a8f9235981bec1bedfa":"c5612a9540b64fc134074cb36f4c9ea62fff993938709b5d354a917e5265adee":"eee2258aba665aa6d3f5b8c2207f135276f597adb2a0fbfb16a20460e8cc3c68":"a6d6d126bed13dbcf2b327aa884b7260a9c388cb03751dbe9feb28a3fe351d62":"e04c3de51a1ffe8cda89e881c396584b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"52628551ce90c338ed94b655d4f05811":"b3a4a3c4d3d53ffa41b85ce3b8f292b1cc8e5af7488286d4c581005f8c02c5545c09bb08d8470b8cffdf62731b1d4b75c036af7dc4f2f1fc7e9a496f3d235f2d":"f5f9d5b51075b12aa300afdc7b8ea3944fc8cf4d1e95625cc4e42fdfdcbeb169":"60bccbc7345f23733fe8f8eb9760975057238705d9cee33b3269f9bfedd72202":"c0fa3afd6e9decfbffa7ea6678d2481c5f55ec0a35172ff93214b997400e97c3":"5a113906e1ef76b7b75fefbf20d78ef8" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0e4873c4cbcde280abc6711a66dbb81a":"1ab7c7d8fe8f505e1dd7ddb8e7cda962572f7004b2a14c7a7c5bcf24bd16616e2c42c50ae5db9981ccd7d0c79062ac572d3893486bd0ae1f99cbc1d28a9e4c1e":"e4b89e28663e853f8b380c8a4491b54121fe6927340a74342362c37d8d615b66":"619775878879eff9ee2189790ff6f187baed4ed1b156029b80e7a070a1072a09":"ba3d673e5e41bd1abbc7191cc4b9a945201b8fef0016e4774047ee2abf499e74":"4758fd021c34a5cf6bea760ad09438a0" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0684e8ef93c3363ba535c4e573af1c24":"748a5f5fde271c563a8f8d15520d6818f7ed0efb9b434adf2ff9471b391dd225b37868179ffa9a6e58df3b1b765b8945685a2f966d29648dd86a42078339650b":"e90c82153d2280f1ddb55bd65e7752bf6717fbe08c49414f6c129bf608578db7":"c17e97c93cfabe0b925ca5d22615a06430a201b7595ad0d9967cc89a4777947d":"3d554c430c8928dcdb1f6d5e5a4306b309856a9b78c5f431c55d7ebd519443bb":"d3da71af70e196483c951d95eb3f0135" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"89b885ddb12abc4f7422334f27c00439":"e2366eec626bfd9cb932bcaa0569de6a7a37cf1dfde1f25d00d1a0c89fe25fea592cbd2af7c8202521fa48e15f7cc7e97e431b222b516a3ad2bb7b55b7fcf7f4":"c77ee92bd17939efe9bee48af66589aee1d9fe4cd6c8ae26b74b3799e35342a6":"23e80d36ca72ecc38551e7e0a4f9502bed0e160f382d802f48fb2714ec6e3315":"6b83f7458dc813ce0b963b231c424e8bced599d002c0ef91a9c20dcc3f172ea5":"81d13a6b79f05137e233e3c3a1091360" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ff568be02a46343113f06949a16cc7d9da315aef82f5681f0459650e5e180e65d1d77b00e5ce3e3f9eb6c18efff4db36":"77de4e5db3b308c38c814228583dfd1eb415771f4ae30f9cc2d35b48075286a4e8c2c6f441d1aac496d0d4be395d078519e31cb77d06d6f7fd4c033bc40fd659":"":"":"":"448ac707ba934c909335425de62944d6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"6f092b85eb9f96427642f69467911172cba6df86e0db08d04e824cde6fb91d9b9af2cea53f42d53c45ee3e69a2327172":"667d3ed9f41a154ea33b55182b8bee4d7d46eff8e890c7036cf7c2665d44c28f9e3a8cff166dabfaf262933d337e729e0b6a60a51d00ba18f877bdc9d0cc659e":"":"":"":"16a200f683ab862947e061cddaac5597" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"26e635a6a2b6402b968c1eea13c6a980a0ee9b8497abc14fccdc5bf8439008861f74de2c200505185bf5907d3adc9de2":"80e56f9893beb9f22b2b03caa8f1861d5b31b37f636f2ccbc7e4040ad3073aa20f2f3c6bfefc041df8e57e7100794c42732b6d4b63d8bb51329ca99671d53c7c":"":"":"":"807586c977febcf2ad28fcd45e1a1deb" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b239c485d319ce964d69bd3dbc5b7ab9cc72ac9134a25e641bcd3c8b6f89e7e08ef2d0a45cf67667a4e2e634b32d73ff":"c963e17ef46b7b2c68756019704ec7435ec093c423600b3f2f99dd8989f8539a11b1b0598e93e84d50b65e816e794421ab546b202e4b224a8494538dda85da82":"":"":"":"2a3218b4d59f99bd3825631a6eefb09c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0239545a23735b803ae7cb7766194917d6cce164f7ec4f65c6ccd5ec1db5297722d4b7466589da4d39f4585856bc1d7e":"71a440b70a2b5ce41b85de27d987fa2a0628d7990dd7cd1460fddc5410ce6e9bb0ae4f90231f45bc71188fd94e4170389a8bbe4a7e781c95c9a97ad78ba7d07b":"":"":"":"9dafaa8b727c4829dda10a831e67419d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"237e8916eadd65e3422fe59ab257b7e6957fe24f760b499fbd052241879e8294b01d2169ec2b98f52660d9f5170dee22":"d8908cfc1ea8518c1442e46731f30fdad85399894db262b8f4fdc0dbcbf11b60b60b25d3108f4b169fcbef621a14c635525fa3af8ccef6b91f808479509967f4":"":"":"":"593c39c56bb9e476550299ee8d85d2fc" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"28b6639b415c79012c749dc2a0d18433ec36eda55815f0841241453fa11b9d572b7c29208e01dbb0be91e1075f305d7f":"6767c3eb6ba1b19412c32bfe44e4d0317beba10f3abea328cda7b7c14109b72046c8691c1c7b28487037d381f77a3bbc8464a51b87de68bdc50ec9c658f915ab":"":"":"":"e390806219fa727e74a90011b4835ed6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ce735a8549fc3f9dfc7b96bf0d48936a711439ac7271d715a278718aca9e2fe3c801030bc74b048ac1e40852345e87cc":"510b0dc06e84ceb901c7195c2f00ad7a04bdd75e0ab52b3d2cd47ddfcd89248dd58e3f1aa8c1ffe306f493905f65369eaed2a5b337dff8ac81c4c1e8903a6ad5":"":"":"":"ba871ba5843083b553a57cf8defa39d7" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"841ea92fa42c06769c5c52fe152d07837b8ff0048392caa5dd045054353d363b25439eb5885e96771dded4005f2baf42":"97511ae52590a0b64b75c37e10b89671880d2d6e8f90780ac27263dbc0e32d0824be5e80a88cf8fc3d4c607eb873c0322d09b9ca3498c4015c53ca6fee890093":"":"":"":"a8fb31362bd997adf4d9116e23dbaf10" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"55cd76fa5f004b97bb8e14170f79f52715d18c60f142b06d16e8e06c274798190a79c8b325163989d86323c03dbe0d68":"bafc0ba64669c9a36514bde6169034101f29e2a0a4b9a55c0aae7dff0c5aca2371b523e26dc44bf75493bdaa023d1555294178288b70f1ae72150d9f7265b4e6":"":"":"":"fa16dbdaf01b3c202426adabf61fa64a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ff3f3098fa3d2b23b38ed982e7afb61d46b4848c878b9280f8e5ed6bd81176e76f0a2a85071a411829cf84421c22f23e":"92194e2c700fa724489683d0b6ddcf72c89b9c3f3ff584e802ae426be4908b1ade093bcf9baf7738b988dc0fde1739498a97c9610da853a7c83981c6a7b68096":"":"":"":"f85490426dc243ba09f9719bff73545a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"7242c1020a63770cccf6f8100970990232a9d11d61c9b0d38fe5e7a568a86252a66481212e5d53c868561298dd5bdeec":"7c3806a32ccf3252ac27a92a07209cd7000b160faa70b9024420b903587d1d77f002d3abe28b563d32ccc502b88f83bc5996f3dbbf0f57835839eadd94563b9d":"":"":"":"2232181f08c1569efaad1a82bcb5f3ba" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a2e445290fed8187df6d2a57e68385bb62d700cb8f140410766b53e69e6a0f2939bbfa7ce091525c9051f064e383a2e1":"fdae5f1ea253108fcb255d215a3ce1dc1d101acf89de4423b75a74619e95f3feaa35b5e0bec430b0ad9567df818989c36c77742129af335c90ceb6dd79c7d2c4":"":"":"":"3841e2d795b17cb9a2081d6016a1a71d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"bc885454e385d911336dda9b7a609a6a7079a4a5a860fcd704161c34658bd98685bb03418b7f24f2ed9475eb8ceb232e":"77bef884a91126564b3214029ac6842d86e4c1fa283e33d6828d428377416f66947e39a4a6708e10bfdae8337a6f302420a6649fc109d0f094c18c1e9361375a":"":"":"":"ea20780ed280d8109f811a6a398c3e76" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"c1825cf00cdc2da93adb3e7a33c1f3a76c49166887883744ea2683ddca23f31900f25c434364c992a6d913f753a9c42a":"56940a6fc4823c9e42e8ffed63fc3cf46d0a2b305c236a511b0b5ec7005ecd8989bf2006ebe52ed55845f7cc25d3d0086cece95f0bff6fa7e17ddf474704abfe":"":"":"":"b037c7f0f85f4d7eaeeb17f4c8643a74" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"19b83c0deea6463a3912d21ffc8d8041a5b30640352abc9652770cfca99dc53c9c09942ddd67b91f4da50a8615462ce4":"5d85c56d0d20ee39958a90f301d2f8bb136fa34d09b41a0c9375114a0df9c1dcdb2a62c4be398d9eaf2440949b806f0e5a977da608eeb652a41711d1e9b72655":"9c1db928b95c84cb674060a6d2f6b7a6a5d43e9ee967e9f821bf309ca5f8821f":"a3111cb57365c617df0b0bb3a1aada49ca789bc75903eeb21e42a7d3d0dd0825":"ce7f557c70676987d13aca60bc4585147efeed97be139871a1b29caa1e180af9":"4a49430277d64446e2fa75763eb79ec6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"239f21be6cda23e8660c8a5e04c79f6dad6f363ac6dcffd9228699ae43fbce5ac3c51645500cb3eae68f0b604dc4472c":"2975a099f7e6530e5576534c25171f39131d6bffb99259f7f2bbf7d77de9fb1e829052b54a9631a733113021692eba1097438347c6de82307a0c2bb308edf065":"d451a54584e6d1d634217379e7e60e67303e19dd4ba63b097899c7349a5a7433":"a33dc24c6a656eb26275415581d568b7c2424a9c5fb9e2944ca35ecbf641f713":"8dfccc62379af46844df136122b72a878d9d61b40ccaa029b09e6b9f0b4d0192":"005e91760d89ecb64b5fc3b0e222fca3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e326abbe1db3ead3738d2ca4d9f1d62080cd23ff3396f43a0af992bed2420cec6661dfaac83c3c4d83347ac840f7dc14":"37c94d11ed0e93b8199d43d6eb242165dddd12fe39c0bea4cdef6bcfeb5d17bb866f080a9daef128f685fb3bc59c945927fb0aa3e17068515c3c92fbdf04a228":"1ff41405dbb3b12b8ddc973069edc2d2801af0e0dc9bde2cdd35c5b2d4091509":"138b6d2eabef4b32174afb0156ad1df570cf6e5f6ebde5d19cc30daffd9ca4f2":"f27cf7422808c54c58fcdde1cece92f5342c7a10ac43ab3b2e53362b2272e3ad":"506d6fae6fff9f222e65ac86df61a832" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"cb0229d2bb72d910b0169e8f93318905aef8dd93ed91a2f8388545db32db3f2489e7988b50de64c49a9f7feb5abe8630":"514ec8c02439290853434e75e3d0bd159eacd5ac13b8f202cfd5c36cdc0fe99b53a1b7a1619e94eb661ac825a48ea5ef8bb9120dd6efc351e39eb7cc5223f637":"a6ed69c9216c551793107f1bdaa04944f6d76fe4474f64bb08b0ebc10a18f337":"e0bc1cc56fdfeef686e0c7ec359e2e8bd48d76c8643c40d12325328170bbf702":"87c5b23aa3c100ff9e368fc47534ff8fa2f9e2bfd3599519ee6f60164485cf6d":"bd419968f636e374268ccdd62403f79c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"bdd156ef3c4e09b77fe8781c446eac55b562e4ee1b7d15515a966882d4c7fadb0fc7b37554ba03908838db40499ded5b":"9facd9f4587819acb358e4936d9f44b67ddf82616e79a44ffd6a2510f652f6b9cebc1424b5c642362b19f63c615f49686df66a8f80ddffb56ce0c0d8540150fb":"35ea316fe302786f626e3831530622b62eb33a3608d4af3384ecfcbd198f3f05":"8d4fae22290b6ef8618ded1c3412e85fab7b8d17fb9cbd09dbc87f97279cc72d":"2f54928372e4ce447201427a3ae05769ae1c54b2e83bdc86d380a90b07f2890c":"8045e8da88b1bc126785c8a771db5354" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"154876298a1b63334624b367da984eb31d7260abe79ced41de35ba68a716233a5df0937b90f89dde7fd55a9693c9031f":"36895f574e9e9d08e6c885d305eb4764c1e5689d1f99c2462b3ebdf659e8ce43818dfc886ec797843bfee361b554cd5f969b0c7b0381b53f4afc1bcadbf7eb1c":"c3a46105c50a167a5b0391053f3814a06c90cea2c1fa9329d97fdbc62887ff6d":"54c7d66c65dbddb4665981bff0f503de37d724362aeb67abce6a870fd6a7398a":"58204ca953cbd46dd6c8870b358cba77c436870db49bcd3e2f92697bb580b460":"cd903c0f11ea701214f91715cfec11a3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"94e273fde1e699f84aeef343eb0277c50d169bb5496575301021a2be50df6a555d1422ea88e0e4d905158e93fd8d0089":"1cd97b6e6e7f19401e409aea7b3ec33a8faefd71402b8f34a73c1cb1af215e0e87debe68bce590d41c1f90c6ad9db3d30b3901862e076d765ffdf58776e5fb7e":"6ee75e9f9aee6ac93e20f742f20427e5eb9b4ad2ed06fbba8c7b7870a96941ac":"0ba60399893ede284372bc4e0a37702a23b16aa8e5fe70ea95429af87ff291aa":"94bd2b51c32d29cd14e2123221e45ec0cf1f38766fb6bb0716856d0138f6fa39":"831793686abd406f7b385cd59e497b18" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"5a699113ebf98bff9cb780ce29747a61ba2d7581a5716065d018c89348d7c2ed3f5bba32442cd192c1e37b77b98f5791":"de6d2a3b6ad9af07058d3b1d1976cf61d49566b965eb4e9b74a4cad8e286e7a40b254b860e2e209a8cb4cff3a8e615b84f5ae7505957a758e266a4c3e915d251":"ed18c16a61ba5ecc0755f94c286390a6d46e6e26439dadd36c83ebdee42b4b4c":"7c4550d058b85580be2053fd9d933c87041c5c3f62a5b6b303259dafc90d9041":"ebebfcb9b4b3595e516939ca0688422bbdfc4b9f67b0d6619757cb315b7d7908":"1a5a496aa2268483444b3740c9cc4104" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"42450f2689b87a3dd940f3b9e3b32d4654c725a24ddd2c22f006694321dacf1980b50f7ac0401626453ec836039bfdc9":"4765399ccbbf3d33433bb992ee29e4381f28d800b05431f1c5b3e949c5db72c582bfe8ba08db1575b866816cabbe5e1d31d8a870ceed49fb75676c97020d1f22":"6ee5a7613c25ecec263a2fd2288948b2df9a05d50040c4031b0653878fdb067f":"68a1038481be7412d6a7c8474d4b2a2535c9b55ea301ee800d5a846127d345cb":"7a1915cf78e6da2dc7840cba40390d668d07571608b77857d2224c4531c17bb8":"80a6c622e64495f9a391f5a8a9c76818" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"873869e194201b822b140bdd7797dd1ed408f2190b759c068b7019e6707f60751e101d3465c4ec57dbf9d1ea7597fa44":"d2f92706ca3fb9ced8183c74704440d7eedee1542c2e812f65afc83f4b62dadf1c51fa68f8d5f457a893211c8afc82c93e6a1e15822eff0d4ada6efd25d271a0":"8d0393d2a1ae8930ea88773adfa47b49060f0bf2d3def2acc57786bfbd1e2d6f":"5bcf5ff4fbd9eaabf8bf82ec7c59b043fd64b0025ad1ab2b384e399b9e13147a":"6e2d05e286c90502a3abf2ee72ab7ffb520ce5facfb27e095787a09a412abec3":"e1ceda71b8feb4b0d14d35bbb57a79a2" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1fecb5fe87c2a208b4f193e9c3ff810954c554150d544baea1685fb4774320315d5cb651be493ef120ef6966e3e7518c":"34bc292809674352ffb60786dca59ec799188aa401b366a48cdeddf37c12ee4c666f8fb3a0d53df4cd7191166d50ff01d992f94cd92da7a385ffe5795b197ced":"38249fed34a907768eac49267c2c613a65154eec5b73b541d7d7b314b5080061":"115be9cb914b50480fffe078d8170870b56129a0a74271dee063f8b2049e1be3":"69fa6faf7223f5bb1b55f35a544f78181579b1745990053357916fe507e51db6":"60cc92d3ba3ff0715f5627182334ed1b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"4d283eb5ecd85a1613c975e24832770643613c9a5aee0d8649bc0d68c89cf1ea6ec3a1a22eefd9e212d602c338d64c6e":"4aa6917a5c9f370590d70536fdd89c916fec5e5bcbade8c6a6cfcf5b232c98a6b3e6b79a2dfb0778fbc3f1da7b06044d7b0fa2c04ffc3b71324aca1ee19f936b":"05a7092a684ba7a7fbd33533f9be58a4140a3855d4c5f44a31d665a0720c1739":"557ef1bedc890d1543de6cfeb25642782683d77a46bc8aa0836b07157599c7c3":"e87e45073ff8e36c38b128cd2275a160e431787b5e81f6c2fd7a37909eb72ea5":"31ecfb1bcf3253ba5f71b185a66c7cff" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a6f488104a6c03e354d5d1805c62dcd3016322d218747fa83f9199e20f6ab1cfbc2b889536bda1187f59b7294d557ff2":"22f8ad57a2dfa8010e2865ad6263823652917b84dfea61f639efdb0fdbb35c6341ca7721095d69686212dffe78410c0d0db94f04756d52e7d76165d5a1d516d9":"fb9951d563f7aa88db545874b1a3049c5f79774d486e7a28aed1ed75f59224a5":"b1ea7c6b53e79e4e947e63086dee32dcc17bc4f27fba6142f8215ec081cdd5c9":"0d12cc0a39bfbf87194e4070f6b54caaabbe48fa192b96cfed2a794d95fa299d":"62a1c5678e6e8fc738d375e2ca48751f" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"9d67e017e0abdd7c079bc0354f33dab696ad64146802f06d6cefd9cdefbf55b197f5899e5efaa269cc0432c87648ce18":"d8be0ec1119ff959c32c9cf29914e3f7bf2b01bdbf806c2d9ba119ae2a2cfb565871762b02ee7bf68f1d280532fd7ae7368517f6f751739b228d23df2f207f35":"74a5e24477e8759bedfbaa196f398777108392efb8c64c65c0c9ecd6cd3b5f04":"70cbc6cfe1d6ab4bc30d66fa162d5d4b3029e4b1b9d759f3eae17fb508e91a46":"d3c538e042f0eb796b4af9b4e65cd850425c72e2c896fcea741c17172faf27d9":"559a5e04b75cec250aac2433176a725e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 [#2] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"10914608a6d373a26c53ab83014283b678d73dfea65b4a3540af17f2fafa3b3cf698925b423edb9f946b906f43110795":"9ded87d289412dfda8935e5b08ec66b68abd1bae1fc5363e4341f58db954f1f9bc4b681c0d930ba080f85f8fd04c173cb2b77723ce67692efa7ade48b82b6926":"225159b4c679094f277516b2335b1e8b7d0a7ea33fd56822906d481fe412586d":"4967cd401cd466aba0be5f55615ca0d9fb8adbde5cb4e6ae3a0159fcd6c36bf0":"fec14f325b8b458ddf3e7f2e10938f4c2d04c8d9885bb5b9277bdc229c70b354":"1cd5c0bdeb87c79235bead416c565d32" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #0 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b023f6a6f73d4749b36eb54867994432":"2462ad760ddbca4e013688bf61381f190c7b2de57cbeeec81d6ab7b6f067b75adc3545887f8d2aa5d9b9dfcbfa425d610faa9c247eb5d71145f302918e908ae5":"":"":"":"c0620c68515a4618e572db6e4c14473d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #1 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"7e0fcd953c1c8bb8d03d7a0e918fb59d":"56b2e11d5c2d87d2c9c90c285e0041beb4594a6efdd577580095612e50cf47c0b76208337e1e18453082d725629667d86226ab22944bbfb40c38b7986e489adb":"":"":"":"7194eee0d333fa5282dc44db964ecf5b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #2 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0130217d4a3945402ed99d7b8504fe4b":"28e592fd9db72b40ae4888078aedde260f6de4f0472a7601258e694d7bb6af6810ff4eabdffb332932765fa1d66650fb78cc2be484c0ba803eb9a2502020e865":"":"":"":"4652f0545385fdbe02d05aec21668608" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #3 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"07854447e33521d2d997d90c0887f42d":"c561ab6acfbfb98879982ac7add92b80471e0154b77ccc9fd98e7c2013c411e8075948e97ab4db7505797a99d456e54e6585042efeff7e3970e399ea0d27537c":"":"":"":"1a14a810c11b4f0af23c6467c47bbde0" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #4 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"68a8ec01581d6066391f3e5977465026":"747c7e9aace6d4f840c7b5261e0af796c516477421d52850a7072a0ab2c768fcc80c9ba8d18b228e77a7f6131c788a76515fe31aef4ed67376568231a4700fac":"":"":"":"a5723c43743442fae3637bb553891aeb" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #5 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1459038c60b70bae7af0da6cfab707a2":"9f7d839310846bd452827a185539c0eb0f106acc7bc4de80d3521a970b23483d57826b1484d329a2d1c2ecfeaf8eeffbaa6e1a305e3f1e47b96ad48a711ad1aa":"":"":"":"5fcd6bf108fe68b85f61f85c0556f5c0" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #6 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a3357db173df98da4dd02ee24ce5c303":"f1ce08587ac0338b4d0b8e075b42b6501e77758b30087de028a8622fb7abd7f65e3b4f802d1a472dedb9c1a6dc9263c65918d8b7fafd0ae7e9c39e2e8684af3f":"":"":"":"8a5fa11d8e78fbf1ca4e4ca3e1ae82b8" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #7 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"212f4c80c7e9287c8d25e3b965f91a3c":"bf1d715b3f56c433827c9cb429bee5ca61c80a8d9b2fd4498e1c86ce703637f8f7f34056ab0039e0baa63320df0ec61de60354f2ece06356d9be3c6d1cdcc4cf":"":"":"":"04ac2f969e828f375b03ee16317e8572" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #8 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"46e85752e0af82fc63932950120e4b5d":"ae4316424fa765179404188eb8839ce84ad8db92cb12f39089a93a2dbdc371e2fdbef1ad080eb354eecdda3a10ea66ef647aa095afa1786c01bd1c9f70d8da4f":"":"":"":"de576284d8ad36b31bd4f8f3da633e36" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #9 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ec2459b1dd7f50df63e14e40aa4a4e66":"b964a24bf98264327c0b9e2e1c99ed1b35f534be801c996f318bc2074ed2500ba8488c4feb442b507c3220523c0041c9543133379365e65e092850a5e3f96cc9":"":"":"":"4d466e2f388aae40d1b31ce1f8ddc5e8" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #10 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"acf480d54f4c66d611519b72f2c0dca6":"d5b3277cf8badf6be86af27dd36f23ffc580847c5fcb56c4d8a42339336f185c38ffb86f4d8aa7646c1aaed6c2b0c7ae7e4d435f481d62bb01e632f6bbb2abf9":"":"":"":"746aaa5423ef77ea6b1eda47410262dd" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #11 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"edb80fddc595b234e3c5c03b2be3d721":"94aad8c772201435543efd9013c9f5f022038db6864e9ed4141ea75beb236844da6e6a17109262bc80f528427b37d9da6df03c7dd25be233774384a7f53197ea":"":"":"":"511927f10f800445b705ea3cfe6ec823" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #12 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"c7790c9888b0e731ca6ccd60c32bb98a":"967050c11050a6d99a5da428d1f0fc8068b29ba4c66965addbfd31b745cb07d2439d268ab32a5fa2b1934bf277ff586506a941768468905ed980537d8baa1d07":"":"":"":"978493f0cece6f94d21863a519e06dbe" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #13 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"58c75625771df61c48a82590eeed3378":"be3120e8515a98701b4b2fb0667de2bad3f32bcbf10fb9b820956f9aa7ffa1bbbafb70002a9c7fdd1cf7e76a735261798dc60a1163919d58e39ef0c38b54b27b":"":"":"":"90f5c486e7efe932258610e744506487" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,0) #14 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"d3f64c11aa21bb2d12278847547fb11b":"855c0e3a7567730b11e197c136e5c22b1dc7271d4dbe04bcdfd2fc0ef806b3c05b4264ee6c60d526506622ebf6130738dba4bf35c13ce33db19487312ee691fe":"":"":"":"33ed7089ebae738c6a7e6e2390d573e4" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #0 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"132ad1c40afb066620f004f08409c59e":"2e5beadd89b663b3903d3a63c3ab5605bfb1a0045a42430e0220243c51a69f7ff7678c2f8edb7bb4a29b646f3edfaca2463f9defd342da87d22b1b8fdb012fd5":"150deb841d1a4d90e66e85b036d9f5a7efca726b907ae3e8f05e1d1338cdfd32":"fb199beeeaf3939be2a5f9e6ba22f97cdd2c7576e81eccc686facbdf8bb4f2aa":"4293341721f57e4548ce8c003531d38622446c8825904e1b868dcddc626c5164":"66d8f3bfb78186b57136ec2c1602e1ef" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #1 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"1c1502ca97c109399a72a77c8d6cc22b":"1d33b1b257a3ae1210fa2099307916a73dd92270769697ea2d7901f56865e3cae1be94b5024d0da3880bce06f0b31231c5a889f8ba3d92a20844b61009db672d":"23eede46eff4a04b08dcc2133e4537b332351f8469630f11b0c8853fb762a4bc":"6fd9f9da108e68aea9d1cecd81c49bcd0e7bedb348890f2248cb31c4277369f7":"76bcc11bd952123f78dd2ba60dd932d49203e418bb832d60b45c083e1e129834":"a1eee46001616f2bf87729895da0d0d1" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #2 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"c79c0a1db75e83af258cdf9ead81264d":"5e8cc0fdadc170ed0f5e12f79a6b9e585f9d7c2926c163686a6a724495d88fabcec940d752545cae63f1792dcb966a7325f61997ba8883559ad6f6f8fc09898a":"a2cf6c1c9e4489f504e17f385f08aa82775aa2b0a84abd0b7ee3c6b393d7fd50":"c7529b874e07d4b876196786d510cc038c9e1ab93c461df2474eba484ae6876f":"63c6e7f3548529386c9f47c5aece52ce8454da5db9a807a1b960f7730a61582b":"43b7931e0b3b3769ef8972d0026896a3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #3 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"b44d1dd914e88840bc65a94ee199b3ac":"c3dae1863d323cc78f43ccb3f632fde29130e6b23b843ff5a8d79fddc3c1f92b55cd3dcaf7848d40d189c0de7790bebb889e01be05980dcdf30d2b3333426c50":"41e2fce9b48642a1b9bd1695314adcdd38e1a8afe4891e633c5088c6753438a2":"1eb3f8bbacb0c6b901718bfd7eba29f6f87e1fe056ad442d6d38c1351a684e1f":"85570db773f3f5202967376f91a0a9c09c89cd4eddd58cdc6210335fd5e7acef":"bd53036538d9ed904a49966b5428a2a8" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #4 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"5ef97f7af7df5cc6fa94f8428ec7be5c":"be67434ac4d77f0f50ec5bacc8112d1480bd9f20d6b4ea768d9b51bb69c1dffcd8c30e4412127644aaa6fc453e59fb633f6a5a8c2f69e40d1863e35d4d4c0227":"a64195b1e56cf97fd81e99fa1833d191faf62f534c874def4b8bed0ae7195ac7":"353cd3a8d9cd92bce82cd8d1cc198baa9276db478b0cfe50249e30c3042ee9db":"393ab4726f088fdfeb4df752e1b2aec678e41fa60781bc5e914296227d6b3dfc":"24bdc2cad5dccd2309425f11a24c8c39" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #5 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"567130da4e7ecc4db0f035d7ecb11878":"cc070df6aa3623f74afd85b59d1bef2b1fcd9c8093362512ff109ebfe992ed75bd58b5ae1561d702b69065eb3cc0bd328ab698d4c6ca274e96d673309b5df5df":"42033054cefa1f20b3443f8ab7d9635ae8f047b833c8529245ba8b4aa07edba3":"72972fb947bff60df291888ddbfd91e698e0c1c26a346b95fc7c5dac596d0073":"af29b6a13602ba9c6b11f8dbdeb6cb52e211f9cd2fc96e63b61e3c1ec631d2ea":"b0849f8317e043271a3fc5f2eaaaaba2" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #6 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2c20ae36f1e74542ed8b0a177b8050aa":"c4bf7a39caf26dc3f61311f54ab3095493c626a988f5abee2826c67a4f4b4d6a02329c99a6bcb5e387fa160741c871acc2929c1cc07f2f0a7ce1619eb7da1ec4":"97c148dd10c3dd72b1eaaafbe37a9310ed15b23872e9f2b62d1feb91ea81ffe3":"23df0c30c68bf2eeb55d273a596f1f54ed916271595b906e4f7793b7a52f2573":"22f120fa09215105116919aaf8eebcb69eccd5da42feb737018a05268bf08e46":"b7c73b9ceea2e6ca0be6a3773cdd6886" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #7 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2076f9e116a2648e1e664b815b1b3674":"979b5aeafe555aeba152ed66e32e30e110df20ee1f227932a72acfb8218aec767941efaefa091c0128dad9b93b06b28fc76e01f275e8ce1c02f0eb567c914f89":"d12fb10b9fa6d2fd0f39cf76294cd44dcbfa80dca7c2f8537c75453d985ef551":"4228a99faf35547a58c1a4d842301dca374f1f13c6fd067b7c1b815863b73158":"a3a7d5f1e2dcf95a90715ec5fd32e7f88c38b0a452b6ccd1f107458db4f74fd6":"8a63a5002a3636b241f0bec14fd9c2ac" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #8 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a71015cf06ddd0a6cd72fa014cf0aee6":"c810cb9db0f169dbc30fda85ccb6d4c40db68d429eeb3653070db7641fbbaba60ef0ff970eaf40887b7e154e2ecd5331de7004689ec604e69927da630a8dd7a7":"5f99f45d8770041703e5a14521c501904fd05ff3340835ac0c41b86442e4939c":"eb7efa6e46ab926ea04c87eb9ce454f5b10717bd9d85305f27d71bea1bc991b3":"cbc80c6171d098fc81023486d327efe2415a0f32e5fa6f6793ce1d0e98783258":"a353f6b350404f3f7b4fb724f84a948a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #9 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"395931837614c322d8488ec6a2c4c919":"831fc8d63592b6ce358c08aeac39d67c3e48b4c2617735b6fe5e9fa44d7aee9d60f2fcf549db239d5bed9c608c94e8f8c23b32901442ac53442127377bdcf205":"eb261c737c0a17c8cb1ae055c143f701b74c96c852e4a76ca3ea045e7efdf5ee":"153276007b3843a897efbf022bd1bcabcf655c7eb8acef9baac710b339ecfd99":"a8a5cb17a2945e5b41ff370cc88ac498389b89b6cd82bb3bbde81c212f7c17d4":"537fc2b73183d2c0c106886937a6609c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #10 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"9a1983859dd6c4cb602970d705952b2b":"68c5cf31f7959ffaa83af9dd55a75ec001befbf835e42a789ac42d39d96128eb6d9b3f07ced15e57e39760390c065fb4425c19ef7184635c18e5ed28256937e1":"e06497a181a5362980579c91d263f630ad4794519a64261ede8b36cf0ac5e713":"714e4fc52aea763e23a1f5b18949ab8fd949f1768560559bccb49d78d51dfab5":"6b6b7f65fd472ad428df2bbb86b85067d0a6f89d9233eea92f5189a9163d0419":"e32af8a81c59dc44540ed8845b447fdb" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #11 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"230576e9518fb9a6a8391a84919b0d97":"6193f0e7b33ce19fde922aec9c93f1271ebcdd296d9c8c77029b59afa2064e3159088e07e91c14a4a3dc23b6005dd8ef1425d7d2ae8282a5b30b7498b6754234":"ffaca30a256d18836a0d49bbaad599a28fc7821d71aa91b97158a492d84a6280":"a3da13852d0717afed7c58c52530d2ae047b645a5e7aa8cfabc11478444151ac":"e15fdaeea31c95555fc509d2a266abf78d86ca11aa2f87ce1041142eb9f82bae":"7906f8da1e140345c191dbc2de5ead1b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #12 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e08a3a33adb4399a9be72fead224155f":"cfbe8b1464b00bb9e0d18b04d2040ed9bd822741188812b98a440fbc66ff018ddf6c0ea20c62d01b8237bc7c3da9e3f9fb874fca79a360b4f0f967d8d02083ba":"56f975849197e2eae5a2e6fb445a93c1fadf57280ac27e27c7cbea2cb00c10cc":"0a6d9e2d6e181addab0ea1ee89c65ce557e10fb8e8d43a24cdd27033d3fff507":"823e9400a9f563cc1fa5daf10f4ff1ab8affa18d8371f9cd0e067fcddce8caed":"5ded298f98cffb2e7f5ea97bd50c7e3e" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #13 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"11c13b917d9f94fd7a008566d8598e89":"f53343a5a455132df3d1b03db39e44d933855b375d7422ad0d07dfdfb352af28946eb29980793456ec8634bf113e75783246bbd05aa8a7cb5886d372fa012f58":"ff1d8d33083023ffbe28f153bddfa9d9f3c221da16f8f20967d2508fa7752b55":"66a98c7d778d798617e1d31d4bdfabf8d381d38b82125838ddf43fb7f5b27dc6":"407c72d7c890c00b249be00a53ae722e5d8033c84b1e1a6a69d4b278ba5db9eb":"67ab88156f20d03b3a1bc363daefc0c6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,0,256) #14 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"7b95343a4ac0f8c8b2645c33757a3146":"3d7e2987860cbcba14a12594e1a394ee754c9a7a65cecc990bc79b5e86e672e12f8c144d843e1abca46b4759a11b3d29f4e219077a8696efadee618f254cb80a":"16297534a79c4ae7493178226b29e42a6f1e0066aeaee8b5af65bcefa2ee3ebb":"b429ee986f16fb35fe2c47c03c0918870b4560f4ec4678f9df471cbd7ca6a887":"2b14d612eb00c7fba0d8e23bf91df91daef6f8e279e0050d5497ddf0f3466c76":"8f72c17405163090fe0bd795b65811c6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #0 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"327290da2e9a19c840de8d33e425efaa5aa7a7afa4e5a812065965478d640f78520cf3c670b098943fec1914d4c8c411":"80bdf18288cb8adb6e3dacb09c553af2e7317c194d37f433eec27e324a0bad752899bda91fd41e5a08acdfd76007aecabc19c95a8bcede310f7320ce97aaad0e":"":"":"":"c26222662ed3a649a1745dee5df4eef0" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #1 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"be14f473472db07a43b7f9a517735d7f7ede2aa70dbdb729bc4f578a0dce9d7fe9fd97939cd1ef731262417b5213bd7f":"ac71ff53140c1383eb379e5311e37637af933db494e5e689d065661e9095b8302e4174c392f324fac43695d9381e3cf4626a5347938ed9e21502cbd789cca363":"":"":"":"4bab95f9f05fc36a337b6f2582c2ce98" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #2 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"88c31e24f4f859b668946ce73f8600621a70731440762b3c267ceab52a9d77a23d6f70ddba0e46a786697a906ccb18a3":"bf9bf25a949d447274a8c72f1ae51399521f8aca39b1b37bb7b4d5cf3c67d55ef8dbacfb71aa9c5949416e2868b968883e517215bc20292894f8406ab39c1ea1":"":"":"":"841aaa0b171d1526ef365b9201adbff3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #3 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"8545a0de5ea028c8e5976d5b58fa50079b20ba716f0856cc1af7b98537c895f0266b956542d2b8ca661aef5da1f7f8c5":"686f4f9ee74c3402845fbad9353d7dfeff727584d892eb64bd84b764110cbe4ac8581e7e23acb95caf12979983e8947c570264aec292f1c7b756f7184007dcba":"":"":"":"f6d6ae6449b2984df8bcb69584fb16f3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #4 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"d6cd4b4fb9105374605deac7bb49ad792eb225daa560f2a86f66269bf9afc2ea01b6ee6f0eb4926d2f09329df6e90d79":"5d1b8fa0ca2ee127d1bd41423c17b9a8c736715cc2906818e9216dfd81b7637b66c89b772b55ae707c6effa2d9ce7425df26f966646ab613d5599143cf51e5e8":"":"":"":"c36ab451116d733eb4377de3511db5ce" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #5 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"e73ebae0d0834fdff1829ac3d9722fe9f1bc65b5f652fae5f7615af116440e3d5709b5cddd6065d568c246820de46b09":"2026cf7c1b1fe9645ab8759958ac04fb1d8938b9913c3b7f22da81e398b2c00b1921e1d4edb5d21c4531515cb0f9644fe8068685b9fca813176e6780796e8ded":"":"":"":"98d1dce30593de8a8d5b4d956f6c684b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #6 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a53c1813c06b609eff9ddc77204b085ca985f22170b8ecfcbbf45ea11c45c24fcf25bc33150f9f97ce48244d5beb685c":"1d0dd1a87d59c69f28e118e1083d65f1ee0df31f6308a92dcc47503ec4d20a018d9821c6a7d64385724f0e941231426e028efe6d75e53ff8edf095ef1baf2656":"":"":"":"035cec3a24ba7c44e5c19436c2689a75" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #7 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"16d5b8290693a5c40c5a526dd6d653ac54cabb5608d77bb2cb7d6270b96c2fe2de076716ae8cf0a5c781edbde861dc70":"aa82a5ea33439d0c16a1cc13cbae53b169f4d369bcbdae81a9a38129c65ae0ea4f720576c012f8d7eb1c0202003c39d28453a22e502b4949cf5ba23a727721bf":"":"":"":"de4ed9d163d11e9b52470d078df4c869" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #8 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"68bfabdbb821cb978527ff18ce37c96c79ad751756551f36b6991981285a68854ec7f72f548c3395ad3ee40410064d4b":"3da9e9518eb1f1b6268e4597f158844ff672ddb414f7ec23fa66d6c86b90a732a7b3016a3387ec3dbed34eb479413d017932ebf9f2a2fea0b35d2bf4e06718f9":"":"":"":"ec4e3e2b6b8763deb17b8611d1fe7953" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #9 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"171a74ab694a7d7c2baa3ccf103ad94f11094e07a955ae9ac3bad370f1448753e99b63cc23d1878ab66f94136ec2ecac":"72ebeda7342770d03bc0e531754f946ca5cca684c41f9d089fe9147fad93b6154919c5cb2e6d162fbfde7b9ff0aa590a17993ca6c80bd59eee4134fc2ce944d8":"":"":"":"582ab4f105c3e1fed9593f58fc335fc3" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #10 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"caed30015b34064762591eba9a59f440566a6621832f650572362229e8a38cd0f5d6d322afd8444132056690d6fa5540":"8e27f0dbeae4613bcf0011105f824ed2ecb150a83a0994f8f6607833755216e016fb175e51d42370afe27b11c18477886b530c95bc31bd1c0f8fe00f61fc15a0":"":"":"":"d42787e97147d457f1590c742443ad92" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #11 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"c58d62f8145622cd86cfbda66bc26d2ce4c5610cd9cd1c326b99b60355a6fe751783c07f2cc21ba68f1f20ca70f0ad31":"38a8b685e6bbab67824f4cc72995043ea2854f067f2afaec762c9e78ff9d585a25bc63c8d0d075d06d43f3f694733982d26cbe0648b2d0cf8053918b912c303a":"":"":"":"84001709f15a2fd167c161b5d376d86d" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #12 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"dc9719050d5257152d8a7d60d3ef1fc5b8cb1700bafc7de863c019f244779c464b6214f21a2f6d0aa3ca282007615ce5":"f188a1ba21b1791ebf8a08d8ba555e49423d9178a561bcc1672539c3a7ba1d856eae9922c4d96c181ed045d6f1d15e855690cdae451edac60f1ca2021f1fec57":"":"":"":"7540fed313c96261cac255bf83b5ae99" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #13 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ff057781af4a4a1eefeb26ab38f82a2efb6f065de290ebf225bd693dfb1f97455b49143bdb430324c9d945c48824f6cc":"0ddd0f4a43a7b54d9abb0928a2242c378db7a95a0b206baa642afe5cd55108f412f1d727fd591bca2c76355aa62aa8638cfa1916739bc66e02b9459ccd0881ba":"":"":"":"8b6e74a94fcac0d2f212d3594213fbb6" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,0) #14 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"ef027327e47fc5875c01cb17d798fdc2b27a5c78000727842f8a516f4e8dd34afc167ae145b1e763bebdca51e2f461a7":"128566fe6c5b5595742190519445c25db85ee0ce29371f4cab213400d479d2bfe27655155be0fa237173abb214f0226a2f1770802dd69485adb25e6d837485e1":"":"":"":"76cd1553b2b73d4ef6043a09fb90d679" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #0 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"8e1a59210f876d017109cb90c7d5dd669b375d971266b7320ba8db9bd79b373bcc895974460e08eadd07a00ce7bdade9":"23677c04a2d6ab446b7b3c582a8071654d27859441b10799f08b788378b926ca4306e7cb5c0f9f104c607fbf0c379be49426e53bf5637225b551f0cc694d6593":"19e914ffbc6d872be010d66b17874010ec8b036a3d60d7f7dda5accc6962a542":"bd7a0c09e780e0ad783fd708355b8df77b4454c3d606fb8de053bffa5ecf9021":"d284dc2caf6d214f8909efc9a75297bccfc04353c2788a96f8b752749c7fec0c":"129d256e7db6269e5a0a160d2278f305" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #1 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"00674e633670c9971be7af789d37d5a4ef567b3ca4766722cd8f67e09d21cbbfa08d43ea1aa259999c6a307ae6347d62":"ec47b029643f85ea19388b6e9de6ab22705b060ae10cee71262027d0bdff5efd7393af619bc6658612fabc78439a0bd5a01255563a96013fa130dd06fd0f5442":"5b92bce3f87645126daa4704fd7df98b880aa07743a57399b985ad1a00b1f2fc":"8199de1338c688234c77262ef35423f4695b277726c76d8b5f426399c14d83b5":"eb95f5a4d8400cec2d4e0f548b6e92636b5e284fb6b61766a1f35bb9cdc5df0a":"9fbe95817578eb272aa9da2f509c2a06" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #2 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2553423c3cb0fae8ca54af56f496e9935d5af4738898f77f789a9bee867dfbc6010c4e5bc68da2b922cdd84eea68e1da":"a9bebd13711c0c22c94b3252654854515a9dc015fe69e688fbac9676b3d77ab67e19b020cd2427ac789ca17f656e499be3ba3ab2075ff95247c6355157eebc79":"e74e45fa28697a06dab08545fde0cc26e7eca31c40aa68ee41c4de402fdcc961":"5aa8abf7062079929d6a131cd3844a5fb6514c07061e25cad67677d867297685":"84819109b2e09b46ba3f5464c34b28ce25a186f0e0fd83fe5fa0ab026c01292a":"3846f3406e49040c48b5cfc9cbc75d1a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #3 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"856f1371454bb9aa06be897dcda9b295817c6eeb865a9acb3a89d145bfe29ce5e1b3b12b714571afdfaca7951cd47e33":"a691b8bf6a407c93a36d18aeced4c75f76d8397d4ecbcd4e8f820cb393186897f05c1ef668b027fc78ba6da9bd554cc31a467d47b5e534b5340c7799383ec05c":"2c81d1e94b33164a177d0183d182fe7d23ef4f88444246464e58bdd0de38d82c":"1b5dae81c96771bea091521c0973c5af76a03e3624160e2511e57ff43a1d32a9":"bf5878e2bd139f8f058f3d834acd771514da6d4c5b9ef84466e5a4e0e4b2eaaf":"6a5ea73aad476ce201e173d4d5a7ffcc" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #4 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"0436075cf8cf62ce623c2301ebd45203c98282611cfa5a12dd7c04525ffa7eb343a607af2f57feb7ce3af97e0abc2285":"1ab9ada5eeebc3fc8e53f358b643476fcfd4dd9f092f21d2bc1c4bb1ffd01a0c5b207aaa09ff76a9cab0aa6ce62b6a65b2650ab448b8bb2e8696a7aa4b6f4e8d":"62f07d1f49e40f7f472985947ac4d8ef2d58216d918f7942b9c70f43daff8972":"37ae758141fbc890ee7e1d0854426b2984fb1c094677e6a61546e9315bab0898":"353d1dd0c8d8656bc418a6a3ace138ecd62819d4e21b8bd87694ea683ec0cc37":"bfee6bb4afc228da981bfe7f0d17578b" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #5 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"d004a0893bf326d50ee52e04cb3e64409f204f4e9af780d5dd092d04162d088385b1f243000914c62cba3dadf9827c81":"c36004075f5fd078137ea08de6cb15f71aeb9eca21c891cfdf7a8c0d21790c94ffa93be5fa06beb5e82d9fbf173ef9b29c18511fee2455dbbe61d6b01baf024a":"7d313ada131650c7a506d2c194444ed202d568544caa75bbc60e57a0b74c9a10":"791d60238677ff53150cf7074061eac68335c0a7cec7de43ea63a5df0f312cd8":"6754366be264deb9e94f39e92ac2894bd93c1d7e1198d39e6eddccb0ea486f4d":"1c29795f03e3c771603293473e347ab4" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #6 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"9a8c79b48ada409183f7260aa1415c9ee4e0b662e0fb81b5c56f85d76ed75efac5751dd4de7e7f8b53a36ee0dce2bc9e":"c4d68b76dc0e785823be2da9d339dc900132f12721e8a63ebe92e36d740c5a5e5564c367bff4a52bc70b1c60c86f0bcb7c1d99c414956a259963207184f01246":"04c7060f36569a5d9578c718627fc2695e8d783c0c8aefca2744da6664e67c8c":"1d4b7d587421dea4f7f3e77fcf997607ecfeb6e665a9a184138eb5736b16f516":"8cb8daf9cda230d8d39b829b968aaa5f5d3e3106d8b693227ab1b6201b78a7b8":"faa146098526546927a43fa4a5073e46" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #7 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"a0736a5a8b0a394625d8985b05e3a9f277c7ba03b253c0e783359a8c4c086121cb46ea469c7756d5f099f5ee8ed16243":"ea7a046fa1760866bcb37fecf9ade7bcea4444662ea782d6f2820b22a96bab97b4c5adcb0a50ced885121b6b85a5074444b1555d9655f4f6ded31fe15281b30e":"47f3655dd05c42454fad68e330aabca49f27c76ba05ef07b6d77fba41153c0ab":"a5d07da3e399cc51d136096599fcbd9779e839b1fd86f21d7d1e23acd91f9fa7":"150b028b64a988fc1ffdfc9e66b4c8dfe4fcd8538ee976c89923638ebad33802":"6ffdc685169b174ad0dd84cdeed050a7" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #8 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"d445a3d9332c8577715c1e93f119521bd31a464db08cdbd73d50080d62d5a48fba4cef2dd097ec749973037e33e8d6fa":"da5f9b2db13d0555846c00da96115036bb75ace66d56fc582d6cd0171e3e23335c5c2b8691e58af8899ed0204316479f849ca6f47309cae571ccb42d3d35c166":"79346394f795f05c5a5199423649b8b5345355ef11eb4239db1c767c68afa70a":"c22810de9987b228c19680eb044da22a08032148a6015f358849d6d608a214b9":"7747d68ca8bcb43931f1edce4f8c9727dd56c1d1d2600ad1fb767eb4fbc7b2d6":"f5c40babbec97cb60ba65200e82d7a68" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #9 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2728be06796e2a77c60a401752cd36e4a051724aa3276a146b4b351017eee79c8257398c612fc1129c0e74ecef455cd3":"d663d2cfcddf40ff61377c3811266d927a5dfc7b73cf549e673e5a15f4056ad1f9733c8ed875ff77928284dc1cdb33accc47971d3626615a45b9a16d9baf426e":"62349efbac4a4747d0e92727c67a6bc7f8404cf746002e7d3eeffb9a9be0bbdc":"381c0cffbdfa61a6af3f11ccd0e543208b584c3f520130e33617564ec7a48cf7":"6974043362f834fd793de07ceebd051599163d50489441005afc9db09a9ab44f":"df7894746c599e02d985b195ca3b4863" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #10 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"2b65b56de410ee82e55bd2bf80e6cee356a37c3a3aa7042df45fa750a74e097b071fc18d6eed96523dd4fbb677b8c729":"bf03a6b3e8e23ff53369b971217dc3d3f4c1211329c94847347b3aa77dc7a3e0670381573527844a1ade786f18631944558defffb9a00900ca55f97ec726126b":"59255e5cd2221316c945bd614471df76d5b2f394b8829de82e5c30bc178565e2":"5739bc14f0f2ef9d3393928aee67b0908adaf587650928916d8ae78b0077a3b3":"6b236cf0ee0dba0c92b26c60235d3868715a80c0efbc0c898b6f0b1ace8146e9":"8374b571d7f2d94ce2bdadeb9d815397" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #11 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"8756ee2c5e381c7c1dc530748b76a6274ef6583090e555d85210e2356feb2974a8f15119a04e9b481cd3bc557a197b8e":"19705743eaaaa0e8890a0faa2e0df37c820d556c7a45f04d76276f9f9ce2e7c133258ae6d1ba9cdf7745d01745763d18dcd1af2c9e9b0bed2806e60f0f9b636c":"2b4a92b682e9a557466af97b735e2ffdbac3bfc31fd5be2cd212cfbd4b8d690a":"e86504f10317bbeab346f3b9e4b310cbe9fbd81a42054f358eacd08cccab6eff":"19ffad856a6675268cc464ca6fdb8afd0912143e552668528d1484c9a54592cf":"f347fd58aff2999530e258be77591701" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #12 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"f58be57e5035d5c455b17a41ccf7542ffd77f5c009e0a737118ed6c4188f78fcbdbe946bf82e1fa50fd81691de82dcf3":"f9939592ab2b31d92ac72673da013a588ea17bbf02cfd6e79d79f8296601633d04ceb005110f266e6100040ef33194858def8b535314c73caa0e48fc4d2f6e2d":"bb1cb21a316d4b88093cbfc7917d614dca97090cdc8bb340d864547cb3e1fef6":"7e42d5439d81680c8edf5c571d548699730cfada33b650a4d510172a42b298bb":"e9e3cf180f72ba2c1a45d0a94b822943612143e0b642398796b0428ae1af6cf5":"d0c83a4bf3517648b441d411ddcb808c" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #13 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"898064243e44ff67151736ce8bb6f1c759cab4aaca9b87543a1ac984ef955cd5db76c1aa56aff83f1f6799f18fe531cc":"b8d6be3036eeb5657fb10766354d4be897bd27973b3530270ccc02a08169a2e437b30a3635eb6ccb310f319257f58d8aa030c8aab616418e0914a46131306a0c":"37572428df5826e6ae5ce95db4ef63f41e908f685204a7b64edb9f473c41e45c":"28beda0e0e346b447d32208c6b4c42dcd567acfe1e483fb4a95ea82cb8ce55a5":"7a0fffa541d723e16340eeb960b1b9c9aae912477e0ebfac03f8f1a3a8bdc531":"611c9f6fc5193dbe3db96cbcd276168a" CTR_DRBG NIST Validation (AES-256 use df,False,256,128,256,256) #14 [#3] -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_between:"50de72903b9d99764123ffaa0c721e14ad1ab5c46a34c040f25324ba1d937b8ef10467161fcf2978c2a680ac5570c6d2":"5c9954fd0143e62c3bf2d5734052e3c9370f7b9d75c70f58fe33b12e3997ee2c8db84f8467affd7cfd9a9e7ec60da6f31bf9bf32aedf644e4934bd1fc916bc8d":"d5dc4c9fc7171fcbfdaead558a565ffd55d245a58b22ad1666ee05131e33f49e":"ea3114e92e6a19f53b207a0a54cd363a6d053fed0a827f92556f0a8580f7a342":"53686f069b455af4692888d11fac15cf7b4bd38e198de4e62b7098f875198a75":"9fb0df053e0345e5640aa97fedef50a6" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,0) block 1 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"496f25b0f1301b4f501be30380a137eb":"36401940fa8b1fba91a1661f211d78a0b9389a74e5bccfece8d766af1a6d3b14":"":"":"5862eb38bd558dd978a696e6df164782ddd887e7e9a6c9f3f1fbafb78941b535a64912dfd224c6dc7454e5250b3d97165e16260c2faf1cc7735cb75fb4f07e1d" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,256) block 1 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"41c71a24d17d974190982bb7515ce7f5":"8148d65d86513ce7d38923ec2f26b9e7c677dcc8997e325b7372619e753ed944":"55b446046c2d14bdd0cdba4b71873fd4762650695a11507949462da8d964ab6a":"91468f1a097d99ee339462ca916cb4a10f63d53850a4f17f598eac490299b02e":"54603d1a506132bbfa05b153a04f22a1d516cc46323cef15111af221f030f38d6841d4670518b4914a4631af682e7421dffaac986a38e94d92bfa758e2eb101f" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,0) block 2 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"bac0fdc0c417aa269bbdea77e928f9f8":"8b0bcb3f932170416739ea42e7dcdc6fa960645bc018820134f714b3c6912b56":"":"":"d9c4fd81f6621a8cf06d612e9a84b80fa13d098dceaf2c083dc81cd80caedd105c7f2789963a167d72f76e81178001fd93de4623c260fe9eebced89f7b4b047a" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,256) block 2 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"69ff3310141dbf3ece409ade58745113":"d67439abf1e162e5b25941605a8aeba7d686dec133257f6c220e1c595e954a07":"03e795be8379c481cb32534011ca6bf524dc754978ee5ebee475129ad39eca98":"5685c7330f33004515f8c0ab27f2a1cbe0c8a4a6806d6c8486e0217b43e859f2":"a6d22a4370251c51978fedc7e7753c78179ed1943d2ff1b5a374860106041a304b124d47cfa304c909f7d417843846d52dcc7ebcf5c93afef885c893b40c81ed" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,0) block 3 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"aaa46610681167ff8d4d2c51e77911d4":"58a5f79da44b9f23a98a39352972ad16031fe13637bd18d6cb6c9f5269d8e240":"":"":"c1714f89459ce746b151509e5066d4811a06ad06c1e9b13b50c0fc7cdd77ceedc233908ebe1ea8140ec2dc262a43201be667008e081e5476b19b27214111d325" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,256) block 3 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"6ca848651d420fb02f9b66f06b377e59":"001ec3b192ddc765553e15742dffeb21cc7d97a4bcf866e3664d8a5ecb4c2463":"99f139ab5ee4f7eed6148e82d79ad5f2b9fa638d574e5db79b650c0e682ca466":"6e7bf0ae28a797ccbb47101f26bfe5a0b1e450c57aedf731272411fa7b6c4ed4":"865b6dd4363c5940d6228cc90ba8f1a21efbaa99b0c7b37361f7fed7e969a97b68d550dd6ad4bbfaf6626779bfb43c66845c2923df9f55307c8bc9f0a3872fa7" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,0) block 4 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"1c6a80d82012c39c9f14a808643f08e7":"4ee68b3352b874e1cc29375028851dee9d5dfd88a40664c79e2b724fb11b2808":"":"":"7c58d2a5522a88341fb55facefdb6e24840cae283948d53148a384e13b5407d7712c33434bd3d19448b43270c54860bf3495579057c70bff3084dddff08a091d" CTR_DRBG CAVS 14.3 (AES-256 no df,no reseed,256,128,0,256) block 4 #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_no_reseed:"70bdedbc6825c4fe0a9f7e45290ddd51":"481e505bf7a36f9d96690d49154d98d6a247c14a703dbfed7cf1b7a71bee737f":"5b07610c2c946eda2975a26ddadf7d73e3d287e923d9b1a2d2070776a446d8e6":"2792a988ebb2e768eee0d5c263bcd76a675d6f339e5f1ab2ca595e6b3b4d024a":"303448a355fc0a69a130b6ab194997b220970bf680914913da904e92109dee3d9f23871130c407045cf463ce783a5dfafd603a8384790573af385d479acd7206" CTR_DRBG CAVS 14.3 (AES-128 use df,no reseed,128,64,0,0) block 1 #0 @@ -1055,7 +1055,7 @@ depends_on:MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_no_reseed:"7ee2614ead3c128e":"8b80936e69c67edb771c28f9b9452124":"fc35cba97a1e211bc420e8af53f8e13c":"fba438aaa75a3cd4cd0cce399bfec74a":"6721cc1ada5ebc1713f74c759000765652eeb5f3f9c24fb9341b36a369cec1d27ea80d6b73b56047af07138c5a43c99a87753115c471b8587ea65fa2065e3ce0" CTR_DRBG CAVS 14.3 (AES-256 use df,False,256,128,0,0) #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_reseed_first:"0bf814b411f65ec4866be1abb59d3c32":"2d4c9f46b981c6a0b2b5d8c69391e569ff13851437ebc0fc00d616340252fed593500fae4fa32b86033b7a7bac9d37e710dcc67ca266bc8607d665937766d207":"":"":"":"322dd28670e75c0ea638f3cb68d6a9d6e50ddfd052b772a7b1d78263a7b8978b6740c2b65a9550c3a76325866fa97e16d74006bc96f26249b9f0a90d076f08e5" CTR_DRBG CAVS 14.3 (AES-128 use df,False,128,64,0,0) #0 @@ -1063,7 +1063,7 @@ depends_on:MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ctr_drbg_validate_reseed_first:"5209e5b4ed82a234":"0f65da13dca407999d4773c2b4a11d851dea0a12c52bf64339dd291c80d8ca89":"":"":"":"2859cc468a76b08661ffd23b28547ffd0997ad526a0f51261b99ed3a37bd407bf418dbe6c6c3e26ed0ddefcb7474d899bd99f3655427519fc5b4057bcaf306d4" CTR_DRBG CAVS 14.3 (AES-256 use df,True,256,128,0,0) #0 -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_validate_pr:"a2d015f22d854e29de278d910c573de5":"16a1f035388cd8d956026e3b0117cb524dd3eb563f9a7720bb7dcb0fc6fbe743cf140bcd4d7130e7e3ea14046c56442b57c43b34ad219553e7105c18f6e561afe27c9f0be60d82d6cc474efb7fc737b16a6895d9a3a45b971d19b743c1a4ac8f":"":"":"b4e8395bcb7503410a94633f70e9904a5b30e62c35bc6dd2a03496c4a49932e184fbffdbcf1de1c72c50d36dc2ae8f04f40f96aae159c3fb816ca16df99b6c3e" CTR_DRBG CAVS 14.3 (AES-128 use df,True,128,64,0,0) #0 diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 85c00ebae..7d816080a 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -284,7 +284,7 @@ void ctr_drbg_entropy_usage(int entropy_nonce_len) } TEST_EQUAL(test_offset_idx, expected_idx); - /* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT). + /* Call update with too much data (sizeof(entropy) > MAX(_SEED)_INPUT). * Make sure it's detected as an error and doesn't cause memory * corruption. */ TEST_ASSERT(mbedtls_ctr_drbg_update( diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data index 47612d6e2..512a04aca 100644 --- a/tests/suites/test_suite_debug.data +++ b/tests/suites/test_suite_debug.data @@ -59,9 +59,9 @@ Debug print mbedtls_mpi: 764 bits #2 mbedtls_debug_print_mpi:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n" Debug print certificate #1 (RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n" Debug print certificate #2 (EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:!MBEDTLS_X509_REMOVE_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n" diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index 6a3ca331a..b9610406b 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -1,7 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/debug.h" #include "string.h" -#include "mbedtls/legacy_or_psa.h" +#include "mbedtls/pk.h" struct buffer_data { char buf[2000]; @@ -58,6 +58,8 @@ void debug_print_msg_threshold(int threshold, int level, char *file, mbedtls_ssl_config conf; struct buffer_data buffer; + MD_PSA_INIT(); + mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); memset(buffer.buf, 0, 2000); @@ -82,6 +84,7 @@ void debug_print_msg_threshold(int threshold, int level, char *file, exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_PSA_DONE(); } /* END_CASE */ @@ -93,6 +96,8 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value, mbedtls_ssl_config conf; struct buffer_data buffer; + MD_PSA_INIT(); + mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); memset(buffer.buf, 0, 2000); @@ -114,6 +119,7 @@ void mbedtls_debug_print_ret(char *file, int line, char *text, int value, exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_PSA_DONE(); } /* END_CASE */ @@ -125,6 +131,8 @@ void mbedtls_debug_print_buf(char *file, int line, char *text, mbedtls_ssl_config conf; struct buffer_data buffer; + MD_PSA_INIT(); + mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); memset(buffer.buf, 0, 2000); @@ -146,6 +154,7 @@ void mbedtls_debug_print_buf(char *file, int line, char *text, exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_PSA_DONE(); } /* END_CASE */ @@ -161,6 +170,8 @@ void mbedtls_debug_print_crt(char *crt_file, char *file, int line, mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); mbedtls_x509_crt_init(&crt); + MD_OR_USE_PSA_INIT(); + memset(buffer.buf, 0, 2000); buffer.ptr = buffer.buf; @@ -182,6 +193,7 @@ exit: mbedtls_x509_crt_free(&crt); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -194,6 +206,8 @@ void mbedtls_debug_print_mpi(char *value, char *file, int line, struct buffer_data buffer; mbedtls_mpi val; + MD_PSA_INIT(); + mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); mbedtls_mpi_init(&val); @@ -219,5 +233,6 @@ exit: mbedtls_mpi_free(&val); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index 50411e9b1..c852c665e 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -91,203 +91,203 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED ecdsa_write_read_random:MBEDTLS_ECP_DP_SECP521R1 ECDSA deterministic test vector rfc 6979 p192 sha1 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64" ECDSA deterministic test vector rfc 6979 p192 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A" ECDSA deterministic test vector rfc 6979 p192 sha256 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85" ECDSA deterministic test vector rfc 6979 p192 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E" ECDSA deterministic test vector rfc 6979 p192 sha512 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8":"3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67" ECDSA deterministic test vector rfc 6979 p192 sha1 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7" ECDSA deterministic test vector rfc 6979 p192 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293" ECDSA deterministic test vector rfc 6979 p192 sha256 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F" ECDSA deterministic test vector rfc 6979 p192 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A" ECDSA deterministic test vector rfc 6979 p192 sha512 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739":"74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290" ECDSA deterministic test vector rfc 6979 p224 sha1 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69" ECDSA deterministic test vector rfc 6979 p224 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC" ECDSA deterministic test vector rfc 6979 p224 sha256 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101" ECDSA deterministic test vector rfc 6979 p224 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D" ECDSA deterministic test vector rfc 6979 p224 sha512 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397":"A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084" ECDSA deterministic test vector rfc 6979 p224 sha1 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2" ECDSA deterministic test vector rfc 6979 p224 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4" ECDSA deterministic test vector rfc 6979 p224 sha256 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD" ECDSA deterministic test vector rfc 6979 p224 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB" ECDSA deterministic test vector rfc 6979 p224 sha512 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C":"077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF" ECDSA deterministic test vector rfc 6979 p256 sha1 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB" ECDSA deterministic test vector rfc 6979 p256 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C" ECDSA deterministic test vector rfc 6979 p256 sha256 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8" ECDSA deterministic test vector rfc 6979 p256 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954" ECDSA deterministic test vector rfc 6979 p256 sha512 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00":"2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE" ECDSA deterministic test vector rfc 6979 p256 sha1 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1" ECDSA deterministic test vector rfc 6979 p256 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D" ECDSA deterministic test vector rfc 6979 p256 sha256 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083" ECDSA deterministic test vector rfc 6979 p256 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C" ECDSA deterministic test vector rfc 6979 p256 sha512 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04":"39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55" ECDSA deterministic test vector rfc 6979 p384 sha1 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443" ECDSA deterministic test vector rfc 6979 p384 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D" ECDSA deterministic test vector rfc 6979 p384 sha256 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0" ECDSA deterministic test vector rfc 6979 p384 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8" ECDSA deterministic test vector rfc 6979 p384 sha512 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799CFE30F35CC900056D7C99CD7882433709":"512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112DC7CC3EF3446DEFCEB01A45C2667FDD5" ECDSA deterministic test vector rfc 6979 p384 sha1 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282" ECDSA deterministic test vector rfc 6979 p384 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66" ECDSA deterministic test vector rfc 6979 p384 sha256 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265" ECDSA deterministic test vector rfc 6979 p384 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5" ECDSA deterministic test vector rfc 6979 p384 sha512 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D06FB6495CD21B4B6E340FC236584FB277":"976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B224634A2092CD3792E0159AD9CEE37659C736" ECDSA deterministic test vector rfc 6979 p521 sha1 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"8151325DCDBAE9E0FF95F9F9658432DBEDFDB209":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16" ECDSA deterministic test vector rfc 6979 p521 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"9003E374BC726550C2C289447FD0533160F875709386DFA377BFD41C":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F" ECDSA deterministic test vector rfc 6979 p521 sha256 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"AF2BDBE1AA9B6EC1E2ADE1D694F41FC71A831D0268E9891562113D8A62ADD1BF":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC" ECDSA deterministic test vector rfc 6979 p521 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"9A9083505BC92276AEC4BE312696EF7BF3BF603F4BBD381196A029F340585312313BCA4A9B5B890EFEE42C77B1EE25FE":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61" ECDSA deterministic test vector rfc 6979 p521 sha512 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"39A5E04AAFF7455D9850C605364F514C11324CE64016960D23D5DC57D3FFD8F49A739468AB8049BF18EEF820CDB1AD6C9015F838556BC7FAD4138B23FDF986C7":"0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F174E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E377FA":"0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF282623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A67A" ECDSA deterministic test vector rfc 6979 p521 sha1 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA1 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"A94A8FE5CCB19BA61C4C0873D391E987982FBBD3":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF" ECDSA deterministic test vector rfc 6979 p521 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA224 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"90A3ED9E32B2AAF4C61C410EB925426119E1A9DC53D4286ADE99A809":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4" ECDSA deterministic test vector rfc 6979 p521 sha256 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86" ECDSA deterministic test vector rfc 6979 p521 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA384 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"768412320F7B0AA5812FCE428DC4706B3CAE50E02A64CAA16A782249BFE8EFC4B7EF1CCB126255D196047DFEDF17A0A9":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979" ECDSA deterministic test vector rfc 6979 p521 sha512 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_MD_CAN_SHA512 ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"EE26B0DD4AF7E749AA1A8EE3C10AE9923F618980772E473F8819A5D4940E0DB27AC185F8A0E1D5F84F88BC887FD67B143732C304CC5FA9AD8E6F57F50028A8FF":"13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D":"1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3" ECDSA restartable read-verify: max_ops=0 (disabled) @@ -307,19 +307,19 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":250:4:64 ECDSA restartable sign-write: secp256r1 max_ops=0 (disabled) -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0 ECDSA restartable sign-write: secp256r1 restart max_ops=1 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000 ECDSA restartable sign-write: secp256r1 restart max_ops=10000 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0 ECDSA restartable sign-write: secp256r1 restart max_ops=250 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 ecdsa_write_restart:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"9F86D081884C7D659A2FEAA0C55AD015A3BF4F1B2B0B822CD15D6C15B0F00A08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:32 ECDSA zero private parameter p192 diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index 539c39d43..f16a6d413 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -1,11 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/ecdsa.h" -#include "hash_info.h" -#include "mbedtls/legacy_or_psa.h" -#if (defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_SHA256_C)) || \ - (!defined(MBEDTLS_ECDSA_DETERMINISTIC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA)) -#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC -#endif /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -20,7 +14,7 @@ void ecdsa_prim_zero(int id) mbedtls_ecp_point Q; mbedtls_mpi d, r, s; mbedtls_test_rnd_pseudo_info rnd_info; - unsigned char buf[MBEDTLS_HASH_MAX_SIZE]; + unsigned char buf[MBEDTLS_MD_MAX_SIZE]; mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&Q); @@ -52,7 +46,7 @@ void ecdsa_prim_random(int id) mbedtls_ecp_point Q; mbedtls_mpi d, r, s; mbedtls_test_rnd_pseudo_info rnd_info; - unsigned char buf[MBEDTLS_HASH_MAX_SIZE]; + unsigned char buf[MBEDTLS_MD_MAX_SIZE]; mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&Q); @@ -203,6 +197,8 @@ void ecdsa_det_test_vectors(int id, char *d_str, int md_alg, data_t *hash, mbedtls_ecp_group grp; mbedtls_mpi d, r, s, r_check, s_check; + MD_PSA_INIT(); + mbedtls_ecp_group_init(&grp); mbedtls_mpi_init(&d); mbedtls_mpi_init(&r); mbedtls_mpi_init(&s); mbedtls_mpi_init(&r_check); mbedtls_mpi_init(&s_check); @@ -226,10 +222,11 @@ exit: mbedtls_ecp_group_free(&grp); mbedtls_mpi_free(&d); mbedtls_mpi_free(&r); mbedtls_mpi_free(&s); mbedtls_mpi_free(&r_check); mbedtls_mpi_free(&s_check); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC */ +/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */ void ecdsa_write_read_zero(int id) { mbedtls_ecdsa_context ctx; @@ -238,6 +235,8 @@ void ecdsa_write_read_zero(int id) unsigned char sig[200]; size_t sig_len, i; + MD_PSA_INIT(); + mbedtls_ecdsa_init(&ctx); memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); memset(hash, 0, sizeof(hash)); @@ -288,10 +287,11 @@ void ecdsa_write_read_zero(int id) exit: mbedtls_ecdsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_IF_DETERMINISTIC */ +/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */ void ecdsa_write_read_random(int id) { mbedtls_ecdsa_context ctx; @@ -300,6 +300,8 @@ void ecdsa_write_read_random(int id) unsigned char sig[200]; size_t sig_len, i; + MD_PSA_INIT(); + mbedtls_ecdsa_init(&ctx); memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); memset(hash, 0, sizeof(hash)); @@ -354,6 +356,7 @@ void ecdsa_write_read_random(int id) exit: mbedtls_ecdsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -433,6 +436,8 @@ void ecdsa_write_restart(int id, char *d_str, int md_alg, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; size_t slen; + MD_PSA_INIT(); + mbedtls_ecdsa_restart_init(&rs_ctx); mbedtls_ecdsa_init(&ctx); memset(sig, 0, sizeof(sig)); @@ -483,6 +488,7 @@ void ecdsa_write_restart(int id, char *d_str, int md_alg, exit: mbedtls_ecdsa_restart_free(&rs_ctx); mbedtls_ecdsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecjpake.function b/tests/suites/test_suite_ecjpake.function index d5c0f07d4..177e09a9a 100644 --- a/tests/suites/test_suite_ecjpake.function +++ b/tests/suites/test_suite_ecjpake.function @@ -1,8 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/ecjpake.h" -#include "mbedtls/legacy_or_psa.h" -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA) +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_MD_CAN_SHA256) static const unsigned char ecjpake_test_x1[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, @@ -91,7 +90,7 @@ cleanup: } #define ADD_SIZE(x) x, sizeof(x) -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */ +#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_MD_CAN_SHA256 */ /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -109,6 +108,8 @@ void ecjpake_invalid_param() mbedtls_md_type_t valid_md = MBEDTLS_MD_SHA256; mbedtls_ecp_group_id valid_group = MBEDTLS_ECP_DP_SECP256R1; + MD_PSA_INIT(); + mbedtls_ecjpake_init(&ctx); TEST_EQUAL(MBEDTLS_ERR_ECP_BAD_INPUT_DATA, @@ -118,18 +119,23 @@ void ecjpake_invalid_param() valid_group, buf, len)); exit: - return; + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void ecjpake_selftest() { + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_ecjpake_self_test(1) == 0); + +exit: + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */ void read_bad_md(data_t *msg) { mbedtls_ecjpake_context corrupt_ctx; @@ -137,6 +143,8 @@ void read_bad_md(data_t *msg) const size_t pw_len = 0; int any_role = MBEDTLS_ECJPAKE_CLIENT; + MD_PSA_INIT(); + mbedtls_ecjpake_init(&corrupt_ctx); TEST_ASSERT(mbedtls_ecjpake_setup(&corrupt_ctx, any_role, MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1, pw, @@ -148,16 +156,19 @@ void read_bad_md(data_t *msg) exit: mbedtls_ecjpake_free(&corrupt_ctx); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */ void read_round_one(int role, data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; const unsigned char *pw = NULL; const size_t pw_len = 0; + MD_PSA_INIT(); + mbedtls_ecjpake_init(&ctx); TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, role, @@ -168,16 +179,19 @@ void read_round_one(int role, data_t *msg, int ref_ret) exit: mbedtls_ecjpake_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */ void read_round_two_cli(data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; const unsigned char *pw = NULL; const size_t pw_len = 0; + MD_PSA_INIT(); + mbedtls_ecjpake_init(&ctx); TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_CLIENT, @@ -194,16 +208,19 @@ void read_round_two_cli(data_t *msg, int ref_ret) exit: mbedtls_ecjpake_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256 */ void read_round_two_srv(data_t *msg, int ref_ret) { mbedtls_ecjpake_context ctx; const unsigned char *pw = NULL; const size_t pw_len = 0; + MD_PSA_INIT(); + mbedtls_ecjpake_init(&ctx); TEST_ASSERT(mbedtls_ecjpake_setup(&ctx, MBEDTLS_ECJPAKE_SERVER, @@ -220,5 +237,6 @@ void read_round_two_srv(data_t *msg, int ref_ret) exit: mbedtls_ecjpake_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 93112002e..100299195 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -677,55 +677,55 @@ depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":0:1 ECP mod p192 small (more than 192 bits, less limbs than 2 * 192 bits) -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"0100000000000103010000000000010201000000000001010100000000000100" ECP mod p192 readable -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"010000000000010501000000000001040100000000000103010000000000010201000000000001010100000000000100" ECP mod p192 readable with carry -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"FF00000000010500FF00000000010400FF00000000010300FF00000000010200FF00000000010100FF00000000010000" ECP mod p192 random -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"36CF96B45D706A0954D89E52CE5F38517A2270E0175849B6F3740151D238CCABEF921437E475881D83BB69E4AA258EBD" ECP mod p192 (from a past failure case) -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"1AC2D6F96A2A425E9DD1776DD8368D4BBC86BF4964E79FEA713583BF948BBEFF0939F96FB19EC48C585BDA6A2D35C750" ECP mod p224 readable without carry -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000B0000000A0000000900000008000000070000FF060000FF050000FF040000FF03000FF0020000FF010000FF00" ECP mod p224 readable with negative carry -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000" ECP mod p224 readable with positive carry -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"0000000D0000000C0000000BFFFFFF0AFFFFFF09FFFFFF08FFFFFF070000FF060000FF050000FF040000FF03000FF0020000FF010000FF00" ECP mod p224 readable with final negative carry -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP224R1:"FF00000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000" ECP mod p521 very small -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"01" ECP mod p521 small (522 bits) -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" ECP mod p521 readable -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" ECP mod p521 readable with carry -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECP_NIST_OPTIM ecp_fast_mod:MBEDTLS_ECP_DP_SECP521R1:"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001" ECP test vectors secp192r1 rfc 5114 @@ -855,130 +855,6 @@ ECP restartable muladd secp256r1 max_ops=250 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64 -ECP fix_negative: 0, -1, 224 -fix_negative:"00":-1:224 - -ECP fix_negative: 1, -1, 224 -fix_negative:"01":-1:224 - -ECP fix_negative: 2^32-1, -1, 224 -fix_negative:"ffffffff":-1:224 - -ECP fix_negative: 2^32, -1, 224 -fix_negative:"0100000000":-1:224 - -ECP fix_negative: 2^64-1, -1, 224 -fix_negative:"ffffffffffffffff":-1:224 - -ECP fix_negative: 2^64, -1, 224 -fix_negative:"010000000000000000":-1:224 - -ECP fix_negative: 2^128-1, -1, 224 -fix_negative:"ffffffffffffffffffffffffffffffff":-1:224 - -ECP fix_negative: 2^128, -1, 224 -fix_negative:"0100000000000000000000000000000000":-1:224 - -ECP fix_negative: 2^128+1, -1, 224 -fix_negative:"0100000000000000000000000000000001":-1:224 - -ECP fix_negative: 2^224-1, -1, 224 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224 - -ECP fix_negative: 0, -2, 224 -fix_negative:"00":-2:224 - -ECP fix_negative: 1, -2, 224 -fix_negative:"01":-2:224 - -ECP fix_negative: 2^32-1, -2, 224 -fix_negative:"ffffffff":-2:224 - -ECP fix_negative: 2^32, -2, 224 -fix_negative:"0100000000":-2:224 - -ECP fix_negative: 2^64-1, -2, 224 -fix_negative:"ffffffffffffffff":-2:224 - -ECP fix_negative: 2^64, -2, 224 -fix_negative:"010000000000000000":-2:224 - -ECP fix_negative: 2^128-1, -2, 224 -fix_negative:"ffffffffffffffffffffffffffffffff":-2:224 - -ECP fix_negative: 2^128, -2, 224 -fix_negative:"0100000000000000000000000000000000":-2:224 - -ECP fix_negative: 2^128+1, -2, 224 -fix_negative:"0100000000000000000000000000000001":-2:224 - -ECP fix_negative: 2^224-1, -2, 224 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224 - -ECP fix_negative: 0, -1, 256 -fix_negative:"00":-1:256 - -ECP fix_negative: 1, -1, 256 -fix_negative:"01":-1:256 - -ECP fix_negative: 2^32-1, -1, 256 -fix_negative:"ffffffff":-1:256 - -ECP fix_negative: 2^32, -1, 256 -fix_negative:"0100000000":-1:256 - -ECP fix_negative: 2^64-1, -1, 256 -fix_negative:"ffffffffffffffff":-1:256 - -ECP fix_negative: 2^64, -1, 256 -fix_negative:"010000000000000000":-1:256 - -ECP fix_negative: 2^128-1, -1, 256 -fix_negative:"ffffffffffffffffffffffffffffffff":-1:256 - -ECP fix_negative: 2^128, -1, 256 -fix_negative:"0100000000000000000000000000000000":-1:256 - -ECP fix_negative: 2^128+1, -1, 256 -fix_negative:"0100000000000000000000000000000001":-1:256 - -ECP fix_negative: 2^256-1, -1, 256 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256 - -ECP fix_negative: 0, -2, 256 -fix_negative:"00":-2:256 - -ECP fix_negative: 1, -2, 256 -fix_negative:"01":-2:256 - -ECP fix_negative: 2^32-1, -2, 256 -fix_negative:"ffffffff":-2:256 - -ECP fix_negative: 2^32, -2, 256 -fix_negative:"0100000000":-2:256 - -ECP fix_negative: 2^64-1, -2, 256 -fix_negative:"ffffffffffffffff":-2:256 - -ECP fix_negative: 2^64, -2, 256 -fix_negative:"010000000000000000":-2:256 - -ECP fix_negative: 2^128-1, -2, 256 -fix_negative:"ffffffffffffffffffffffffffffffff":-2:256 - -ECP fix_negative: 2^128, -2, 256 -fix_negative:"0100000000000000000000000000000000":-2:256 - -ECP fix_negative: 2^128+1, -2, 256 -fix_negative:"0100000000000000000000000000000001":-2:256 - -ECP fix_negative: 2^256-1, -2, 256 -fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256 - -# The first call to fix_negative in the test case of issue #4296. -ECP fix_negative: #4296.1 -fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256 - ECP export key parameters #1 (OK) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0 @@ -1039,3 +915,1044 @@ ECP check order for CURVE448 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED ecp_check_order:MBEDTLS_ECP_DP_CURVE448:"3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3" +ecp_setup #1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffffffffffeffffffffffffffff":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #2 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_setup:"00000000ffffffffffffffffffffffffffffffff000000000000000000000001":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #3 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_setup:"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #4 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #5 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_setup:"1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #6 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_setup:"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #7 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_setup:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #8 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_setup:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #9 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_setup:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #10 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffeffffee37":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #11 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56d":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #12 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #13 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_setup:"000000000000000fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffff":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #14 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_setup:"ffffffffffffffffffffffff99def836146bc9b1b4d22831":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #15 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_setup:"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #16 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_setup:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #17 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_setup:"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #18 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_setup:"1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #19 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_setup:"a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #20 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_setup:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE:0 + +ecp_setup #21 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_setup:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #22 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_setup:"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #23 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffe26f2fc170f69466a74defd8d":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #24 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_setup:"000000010000000000000000000000000001dce8d2ec6184caf0a971769fb1f7":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #25 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup #26 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_setup:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR:0 + +ecp_setup_negative_test #27 Invalid Moduli Type +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffe26f2fc17f69466a74defd8d":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_NONE:MBEDTLS_ERR_ECP_BAD_INPUT_DATA + +ecp_setup_negative_test #28 Invalid Curve Type +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_setup:"fffffffffffffffffffffffe26f2fc17f69466a74defd8d":MBEDTLS_ECP_DP_NONE:MBEDTLS_ECP_MOD_SCALAR:MBEDTLS_ERR_ECP_BAD_INPUT_DATA + +# The following data be generated by random.getrandbits() in python must less than the named curves' modulus. +# mbedtls_mpi_mod_residue_setup() can be used to check whether it satisfy the requirements. +ecp_mul_inv #1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"0000000000000000000000000000152d02c7e14af67fe0bf":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #2 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"4acca2d7100bad687080217babfb490d23dd6460a0007f24":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #3 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"c4fd9a06df9b4efa94531578af8b5886ec0ada82884199f7":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #4 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"f9c4728bef9fba3e7d856a8e2ff62f20c2a57bf64f6d707f0829a8ff":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #5 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"cee8071ade3e016fd47627782f6543814dd6ab7e6f432679ddacf9ed":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #6 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"326258467dcbf4d1ab1665a4c5036cb35f4c9231199b58166b3966c6":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #7 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"c36eadeab80f149cd51a1ed6311270ae2e4acc6734e787135f499c3a97f1edc3":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #8 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"e384042f3130be8a796b221724cf1127a44290804cfbeb7fb6f57142a2a5cddd":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #9 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"f1d356376f03b5dbf0fd08bde5c4293115f7c7911f7a3ec3f90557602eb20147":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #10 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"a3137cd9b0c9e75a871f92e3ab6b284069ee06cd9c0afb2368fd8d381afcfecc553cb6b3f29216038d268a8d8fcd00f7":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #11 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"a340ca2e1f39f89261f20a23881cde271e36b32add90cbc1801d2375d6db664df297df2364aaafbb9ba3d4672e4fd022":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #12 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"491b1d169c9262fd737847c13bb7370d91825fe985cfa000d4b9bd3c22e7b63016122c53156fae4757943a819a1ced6d":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #13 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"1477156c589f498b61beb35f57662410d8821f3a1ee4a5968a8009618dbe4afda408809822eb0e994fbf9da1659c1ea21b151db97cd1f1567fa4b9327967e0aa591":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #14 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"158dd0fdd801513590d221009f2b6c212f2b30214cc3b1f80aaf9142dc9f328c8e2b0af83e1acdb102d85f287d77188c2b8e7911cf9452f5014966f28da330e1fa6":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #15 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"1e53d580521a1cff4cd72576c13fecb2cbcf39453f2b437f0c8dc78d7982a37749f099942ce693751ec43407c3acf46315132ea2a9ae5fa9253408da2375d2b58fc":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #16 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"96e729c5c64b7f54375c2779f034acc1f32c26358a621ab421b9c4d4c11ddb28":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #17 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"7491ad896c2a0ec65950db5c91e9b573a77839fd576481da85f5a77c7ceccce0":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #18 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"8d9454c7494b6e08d068391c811cb23cbe9318246a6c021b0018745eb6918751":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #18.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5376":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #19 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"3aff86b1ee706d38e4995b76f6433d9173c5d3ec19b43ff0a3d53ac20965c911":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #20 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"8bcf768f2f7d6d22133de97f5e463337ff030e662d6f6724d5bad27e27be5dc0":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #21 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_mul_inv:"435ed5da780b83a0130fc8f03e8e224d5bb4ae2eeeba214b8156544c4ae85944":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #22 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"4003a648cfeda3a738a3e05933c6ce5098ab6dc943821cfc485f8991caaba99979ced9bb237c6b24997db8359a4a659f":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #23 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"62b4355dc4cc6d76fc1633c46222c6ad5efaf6de931f0d25217d3dcebfd443fec31eeba68688717275a039863d03a48b":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #24 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"80acca473c3fcee61d13a0a766ed0dcd5f50277f576ff6f3461664d436e2054ad7ecc8b7c0a9424fbda1d431c540c05a":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #24.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec52":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #25 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"371851bd69a5a1734b195c6ad6b041f51d94718cb437ab4a0a14ee5fa5fccd29328f3e77bfa2e4c58195ccb55cdc6a4":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #26 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"82b18c3794463edeb80760098f7d392569dde6ed5ec21753b66e4e9b79e2f3e89bfc9fea1a2ffda2c285a0cc4afeab0":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #27 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_mul_inv:"7c17dc9df00c870a701c07186bd74b752abb6a9e17ee1c6342403e75d6fa7431b32e2495eb3f5e67c6519b43c6f69e28":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #28 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"27e445caeb0d6752bd051f36a6d21ccdf67ba9b8238f2552aba237c3c72f3d384e7df2a25f95b779c7f38a4123741e2c691c4d5b87b231e4a98ecb9166a73674":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #29 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"7b1dc9c166abbcd7a1a6b1ec375a3125aa3257d1d40e781f1ac9023dba4248415aa0eaea6fa8ce460f85fdae3f62fbb4bdcb953328f5d5664b71f70f681c0f4e":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #30 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"8be202ecb80ae3f6fe07a17b03c14997668b37d029d38943245c8a6cd1cbce3d57cfc673886a22db7ab8686570881a5dc1d9855aa6618c52df55a04510e00bba":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #30.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f2":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #31 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"572a5522bc45566df4c7575b91fdbc74975fd59380339b5aa23cbce2204744793ca3255705f5d9ba48335f36baf462010680f1e35cca26468d7d8f4223988189":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #32 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"99c2751d157489ab961a7bf1be12c8575cc56c99c6db8e2273450f6332ecdd3cd9b33763acd0509d8b98250462319bfd7cfbfc87c99ce31c15cefab651bc088c":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #33 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_mul_inv:"3169122b79ab7add228eed5b4de336dcb5daae8136b5cb184c08752d727c954840f8e2ad6860245128f6931a4598578679a65aa6e4b138a349586c57d03d2216":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #34 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"1000000000000000000000000000000014def9dea2079cd65812631a5cf5d3ed":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #35 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"1000000000000000000000000000000010caf49570936f75d70f03efac6c1c19":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #36 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"468de1bfdbb20b67371bc5ad0f2bc3e70705b6d85c14ad75daafdbd1502cfd1":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #37 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"2228b202d612f2e66d8ca00b7e1c19a737ee7db2708d91cd":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #38 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"40c0451d06b0d622c65b8336c4c9abe8828f6fd5d5c1abde":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #39 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"d2a10413f48d7bcc18a9b7c53c7914c5302c9c9e48b2eb62":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +# Public values of secp224K1 have 225 bits, if we randomly generate only 224 bits, we should add the leading '0' +# to make the limbs match with each other and make the function mbedtls_mpi_mod_residue_setup() happy. +ecp_mul_inv #40 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"0cc154fe846d6b9f51d6166a8d1bb969ff634ab9af95cc89d01669c86":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #40.1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"1000000000000000000000000000075ea446a83291f5136799781cfbd":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #41 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"0614cf6b720cc9dcc6d3bb36bb46cf285e23a083b067be8c93b51cbb4":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #41.1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"1000000000000000000000000000059232050dc913da533ec71073ce3":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #42 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"071b3a40f3e2b8984e8cc238b7725870da10cb2de37f430da2da68645":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #42.1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"10000000000000000000000000000aca628de662cdbd5cb4dc69efbb8":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #43 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"9fd95fed98cc1c2ef91b5dc02fa84f63597e15a3326c07f2918afb3ffd093343":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #44 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"5ddbd441c7037e11caaa9878216c5cfeae67864260429eab4529b56c2661f3de":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #45 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"f8d3f3c02fd712f711d8e30d0d4c142eb106e5f75c25f55b3f983bc5c83c568a":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #46 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff11ca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #47 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff0169d3f35081924aeaf1beac2f2720557c9bdf6b42cdceb54c6160ba":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #48 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff01243a939d867d7e0a75a8568d4d66de88f3ecc1ad37f91a8f9d7d70":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_mul_inv #49 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"0000000000000000000000000000152d02c7e14af67fe0bf":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #50 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"4acca2d7100bad687080217babfb490d23dd6460a0007f24":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #51 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"c4fd9a06df9b4efa94531578af8b5886ec0ada82884199f7":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #51.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_mul_inv:"fffffffffffffffffffffffffffffffefffffffffffffffe":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #52 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"0f9c4728bef9fba3e7d856a8e2ff62f20c2a57bf64f6d707f0829a8ff":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #53 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"0cee8071ade3e016fd47627782f6543814dd6ab7e6f432679ddacf9ed":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #54 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"00326258467dcbf4d1ab1665a4c5036cb35f4c9231199b58166b3966c6":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #54.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_mul_inv:"00ffffffffffffffffffffffffffffffff000000000000000000000000":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #55 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"c36eadeab80f149cd51a1ed6311270ae2e4acc6734e787135f499c3a97f1edc3":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #56 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"e384042f3130be8a796b221724cf1127a44290804cfbeb7fb6f57142a2a5cddd":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #57 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"f1d356376f03b5dbf0fd08bde5c4293115f7c7911f7a3ec3f90557602eb20147":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #57.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_mul_inv:"ffffffff00000001000000000000000000000000fffffffffffffffffffffffe":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #58 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"a3137cd9b0c9e75a871f92e3ab6b284069ee06cd9c0afb2368fd8d381afcfecc553cb6b3f29216038d268a8d8fcd00f7":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #59 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"a340ca2e1f39f89261f20a23881cde271e36b32add90cbc1801d2375d6db664df297df2364aaafbb9ba3d4672e4fd022":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #60 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"491b1d169c9262fd737847c13bb7370d91825fe985cfa000d4b9bd3c22e7b63016122c53156fae4757943a819a1ced6d":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #60.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_mul_inv:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffe":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #61 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"1477156c589f498b61beb35f57662410d8821f3a1ee4a5968a8009618dbe4afda408809822eb0e994fbf9da1659c1ea21b151db97cd1f1567fa4b9327967e0aa591":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #62 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"158dd0fdd801513590d221009f2b6c212f2b30214cc3b1f80aaf9142dc9f328c8e2b0af83e1acdb102d85f287d77188c2b8e7911cf9452f5014966f28da330e1fa6":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #63 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"1e53d580521a1cff4cd72576c13fecb2cbcf39453f2b437f0c8dc78d7982a37749f099942ce693751ec43407c3acf46315132ea2a9ae5fa9253408da2375d2b58fc":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #63.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_mul_inv:"1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #64 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"1000000000000000000000000000000014def9dea2079cd65812631a5cf5d3ed":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #65 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"1000000000000000000000000000000010caf49570936f75d70f03efac6c1c19":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #66 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"468de1bfdbb20b67371bc5ad0f2bc3e70705b6d85c14ad75daafdbd1502cfd1":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #66.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_mul_inv:"7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffec":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #67 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"2228b202d612f2e66d8ca00b7e1c19a737ee7db2708d91cd":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #68 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"40c0451d06b0d622c65b8336c4c9abe8828f6fd5d5c1abde":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #69 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"d2a10413f48d7bcc18a9b7c53c7914c5302c9c9e48b2eb62":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #69.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_mul_inv:"fffffffffffffffffffffffffffffffffffffffeffffee36":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE + +# For coordinate moduli of secp224K1 the values are selected as one for +# modulus - 1, and four random values, generated with +# random.getrandbits(224) % modulus with a seed(2, 2). +ecp_mul_inv #70 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"fffffffffffffffffffffffffffffffffffffffffffffffeffffe56c":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #71 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"15ba2bdd177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #72 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"da94e3e8ab73738fcf1822ffbc6887782b491044d5e341245c6e4337":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #73 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"94c9c9500925e4749b575bd13653f8dd9b1f282e4067c3584ee207f8":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #74 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"cdbd47d364be8049a372db8f6e405d93ffed9235288bc781ae662675":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #75 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_mul_inv:"8b4f2fc15f3f57ebf30b94fa82523e86feac7eb7dc38f519b91751da":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #76 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"9fd95fed98cc1c2ef91b5dc02fa84f63597e15a3326c07f2918afb3ffd093343":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #77 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"5ddbd441c7037e11caaa9878216c5cfeae67864260429eab4529b56c2661f3de":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #78 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"f8d3f3c02fd712f711d8e30d0d4c142eb106e5f75c25f55b3f983bc5c83c568a":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #78.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_mul_inv:"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #79 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff11ca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #80 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff0169d3f35081924aeaf1beac2f2720557c9bdf6b42cdceb54c6160ba":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #81 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"0000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff01243a939d867d7e0a75a8568d4d66de88f3ecc1ad37f91a8f9d7d70":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE + +ecp_mul_inv #81.1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_mul_inv:"000000000000000fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffe":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE + +# The following data was generated using python's standard random library, +# initialised with seed(2,2) and random.getrandbits(curve bits). Curve bits are 192,256,384,520. +# They must be less than the named curves' modulus. mbedtls_mpi_mod_residue_setup() +# can be used to check whether they satisfy the requirements. + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #1.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_add_sub:"ffffffffffffffffffffffff99def836146bc9b1b4d22830":"ffffffffffffffffffffffff99def836146bc9b1b4d2282f":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_add_sub:"177219d30e7a269fd95bafc8f2a4d27bdcf4bb99f4bea973":"cf1822ffbc6887782b491044d5e341245c6e433715ba2bdd":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #2 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_add_sub:"3653f8dd9b1f282e4067c3584ee207f8da94e3e8ab73738f":"ffed9235288bc781ae66267594c9c9500925e4749b575bd1":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #3 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_add_sub:"dc38f519b91751dacdbd47d364be8049a372db8f6e405d93":"ef8acd128b4f2fc15f3f57ebf30b94fa82523e86feac7eb7":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #4.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_add_sub:"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3c":"ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3b":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #4 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_add_sub:"706a045defc044a09325626e6b58de744ab6cce80877b6f71e1f6d2":"6c71c4a66148a86fe8624fab5186ee32ee8d7ee9770348a05d300cb9":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #5 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_add_sub:"3c7295782d6c797f8f7d9b782a1be9cd8697bbd0e2520e33e44c5055":"829a48d422fe99a22c70501e533c91352d3d854e061b90303b08c6e3":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #6 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_add_sub:"2e8d4b8a8f54f8ceacaab39e83844b40ffa9b9f15c14bc4a829e07b0":"867e5e15bc01bfce6a27e0dfcbf8754472154e76e4c11ab2fec3f6b3":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #7.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_add_sub:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #7 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_add_sub:"5ca495fa5a91c89b97eeab64ca2ce6bc5d3fd983c34c769fe89204e2e8168561":"665d7435c1066932f4767f26294365b2721dea3bf63f23d0dbe53fcafb2147df":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #8 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_add_sub:"47733e847d718d733ff98ff387c56473a7a83ee0761ebfd2bd143fa9b714210c":"a9643a295a9ac6decbd4d3e2d4dec9ef83f0be4e80371eb97f81375eecc1cb63":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #9 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_add_sub:"b9d39cca91551e8259cc60b17604e4b4e73695c3e652c71a74667bffe202849d":"f0caeef038c89b38a8acb5137c9260dc74e088a9b9492f258ebdbfe3eb9ac688":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #10.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_add_sub:"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52972":"ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52971":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #10 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_add_sub:"7ad1f45ae9500ec9c5e2486c44a4a8f69dc8db48e86ec9c6e06f291b2a838af8d5c44a4eb3172062d08f1bb2531d6460":"9da59b74a6c3181c81e220df848b1df78feb994a81167346d4c0dca8b4c9e755cc9c3adcf515a8234da4daeb4f3f8777":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #11 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_add_sub:"e1cf4f589f8e4ce0af29d115ef24bd625dd961e6830b54fa7d28f93435339774bb1e386c4fd5079e681b8f5896838b76":"1b2d19a2beaa14a7ff3fe32a30ffc4eed0a7bd04e85bfcdd0227eeb7b9d7d01f5769da05d205bbfcc8c69069134bccd3":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #12 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_add_sub:"c11e60de1b343f52ea748db9e020307aaeb6db2c3a038a709779ac1f45e9dd320c855fdfa7251af0930cdbd30f0ad2a8":"e5e138e26c4454b90f756132e16dce72f18e859835e1f291d322a7353ead4efe440e2b4fda9c025a22f1a83185b98f5f":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #13.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_add_sub:"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386408":"01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386407":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #13 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_add_sub:"1ba0a76c196067cfdcb11457d9cf45e2fa01d7f4275153924800600571fac3a5b263fdf57cd2c0064975c3747465cc36c270e8a35b10828d569c268a20eb78ac332":"1cb0b0c995e96e6bc4d62b47204007ee4fab105d83e85e951862f0981aebc1b00d92838e766ef9b6bf2d037fe2e20b6a8464174e75a5f834da70569c018eb2b5693":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #14 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_add_sub:"177d1f71575653a45c49390aa51cf5192bbf67da14be11d56ba0b4a2969d8055a9f03f2d71581d8e830112ff0f0948eccaf8877acf26c377c13f719726fd70bdda":"1f5790813e32748dd1db4917fc09f20dbb0dcc93f0e66dfe717c17313394391b6e2e6eacb0f0bb7be72bd6d25009aeb7fa0c4169b148d2f527e72daf0a54ef25c07":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #15 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_add_sub:"164c7f3860895bfa81384ae65e920a63ac1f2b64df6dff07870c9d531ae72a47403063238da1a1fe3f9d6a179fa50f96cd4aff9261aa92c0e6f17ec940639bc2ccd":"1f58ed5d1b7b310b730049dd332a73fa0b26b75196cf87eb8a09b27ec714307c68c425424a1574f1eedf5b0f16cdfdb839424d201e653f53d6883ca1c107ca6e706":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #16.0 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5376":"a9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5375":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +# The following data was generated using python's standard random library, +# initialised with seed(3,2) and random.getrandbits(curve bits). Curve bits are 256,384,512. +ecp_add_sub #16 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"795b929e9a9a80fdea7b5bf55eb561a4216363698b529b4a97b750923ceb3ffd":"781f9c58d6645fa9e8a8529f035efa259b08923d10c67fd994b2b8fda02f34a6":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #17 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"8a7d43b578633074b7970386fee29476311624273bfd1d338d0038ec42650644":"3b5f3d86268ecc45dc6bf1e1a399f82a65aa9c8279f248b08cb4a0d7d6225675":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #18 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"3e0a813bdc2ae9963d2e49085ef3430ed038db4de38378426d0b944a2863a7f":"af438d297524d6af51e8722c21b609228ce6f2410645d51c6f8da3eabe19f58":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #19.0 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a6":"a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a5":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #19 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"984181177906159644f9794cdd933160d2d5844307f062cec7b317d94d1fe09f":"6d4b9adbebcd1f5ec9c18070b6d13089633a50eee0f9e038eb8f624fb804d820":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #20 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"2257989fef829c88f6ced90a71d2af7293b05a04cd085b71ba6676b3651c5253":"420b0ebe378c74dc7eb0adf422cedafb092fdddf18f2c41c5d92b243e0fd67dd":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #21 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_add_sub:"6bd0638b4d100d8fdaf0105ba06c05a1c76abf436fa84dcaac0ae4e2f729b4c8":"6856e45b95c76ab488bafad959d5450592f3277b62c82185d55ec1a581daad10":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #22.0 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec52":"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec51":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #22 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"4a5792b26aba54efa25994fc58aaac8176f7f138456bb11bd997c6f7cb3a88f684b5b4de4abcc4e46bd881fd21334eb0":"454608a5737b6ed79182c3c8e288b16437d02410a675a109bdf84ab55632a44614777e962b56363cf5efd434db045aae":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #23 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"439e7fa9987aa6bdd805f5d25e80dfffc2134f15500b2f292f6c48f65d2c29382d6b76db51ed2f1599f8eee797b9580f":"21a4cadebc344f4baf091db491bae46af8abffd606e44edfd0247e4cc5b3b5d31ad8df8e608d9499c98c9e514ce74654":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #24 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"7d500f7cbcefd0a747679714b4fab1019bde81635a427c37ead6b3cbade562bc5a58b185775c303c551b7f9da0996d52":"4c736db374d0df35a0c2995f40498cb35e819615f69b31ce0570ceeead0faadaf47076520f81f60c96e1689405adc011":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #25.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046564":"8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046563":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #25 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"1aa4b64091b1078e926baeafe79a27e68ab12c32f6f22f41538e504edc52bdcab2d87d5e29c0e596b2109307abd8952c":"846008638daf051b79e4444ed6897d8fc5ab8f2f33dc30a8f1233c76f31b6928298956cfca65f8e9f66ad57e1464134":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #26 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"7b6471e2103ef3c21fdaf62548f2f8ed445fad2a92d3043afcf249f3d4e441c3a20ab57c360c4979a7cf94d7b6bcb64f":"897897da86640cb0051490eaa9b38f203d3221cc4cc576f280d0dfba2bfc7ffd1eeda989becbde017b25f34a035d7017":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #27 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_add_sub:"526ef7026988f4fe5a8181b691406be110d7c25ccf3d0b35815a3d516a91f397bc73a83fd63ed5ba385ac4bda9bf98c":"8a7db67fdc960f12f8d45cb940a230e6201a95cc5762e3571d140ed89cb6c63de9bfec51f06516210da1920569eb8cb4":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #28.0 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f2":"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f1":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #28 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"46150f34caab02c83d4d071b2bda77121e84949cd11a8404e33c37f188ddf9181f49e090328475a738868e9b5a124b1d0fb5d240c846756acfc1d5507a299d74":"4ca44e40943e5a2248d4a701f3d13a7bb243f13dd61005357b5f2ea9ac6cc64e1d76f9d1d80caa4d068508d51f0c6f07da305f2cd76ee016576b7da1060344bf":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #29 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"3f8de0e1457a46a7c1a9425a0cc8557466789723dcd06050922631c6a0ec66f37ccce34401ebd454ebb679b4d2d0d09720e469aace595c72e3bf018debf8e3d9":"a2fd39d9615906a78a943011c859e78da6782c0b9abc3e5b75f828935f8eec2c0aff87582db5db0591157d5f1474683acb984da361574803b9191d5cb74e9504":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_add_sub #30 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"125fdb0f50884d442833e1d550de93987d7015fc808aefcf83f18d61160c7c39b674c4f4dabd2a4c08736a21f985732a7b99a1261183c1860cc1e0331fe78154":"6b153e7ab1b20f01f34624556ba6cc6d50a078d8b3effcadc29237ff7f03ca9ea0a0304d5f56ed310d95a7016e7ceb10e2f416a79f781c980b1ed724cd18e1a9":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #31.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90068":"aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90067":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #31 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"8da65a44ef3f7a401993edb1bfbc2a588df13f021b538e133d019261b7149706876cfe7c82e63e71904a896fc4758a8dff09f0150948f14b16baa014cc7ab32f":"731323ee13201b6215fa8a36d04d65c3974f6606cc57efacd9a68b4125321dc9703d20db1f69af34524ab0a892ca38f37f961cd3ebdc77a0496be3975f99ac4":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #32 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"3c3a447d80144a61601545c415508f3cf76060ee6b104fc58e7fdffb59ac3e68f052e38f658a2d349975c9765e129a3740bdcb7464cb7c6cf14fc8f2c0e836c4":"2331df8142351e6ec69ae2d6308b24cbe3e255b43df9ba79411171b4da97fa8037a5ae35f56e539311bb4e07ace3ca83c6ff46a4b7ba6c95a5f3b3fa3c1a7547":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #33 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_add_sub:"71bf2f08e9f7f9da70376bad2555e5ee6d966bcd5a91d4c949cc37677d2519b34ac7eb999581b2eb394c3b17ac666bfb292c157fdc0754a6b1d5f0224c3a235":"174907806c5d14842eea9771503c14af0b869300dd771fce2b72143f41483337ef0bfa78e656abc109691290dbcceb43acd62c6ab46977d09f355e742feb67af":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #34.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_add_sub:"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ec":"1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3eb":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated using python's standard random library, +# initialised with seed(4,2) and random.getrandbits(curve bits). Curve bits are 128,254,192,256,448. +ecp_add_sub #34 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_add_sub:"01710cf527ac435a7a97c643656412a9b8a1abcd1a6916c74da4f9fc3c6da5d7":"0fd72445ccea71ff4a14876aeaff1a098ca5996666ceab360512bd1311072231":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #35 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_add_sub:"10000000000000000000000000000000110a8010ce80c4b0a4042bb3d4341aad":"1000000000000000000000000000000010a8c61e3184ff27459142deccea2645":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #36 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_add_sub:"0c79d67946d4ac7a5c3902b38963dc6e8534f45738d048ec0f1099c6c3e1b258":"0690526ed6f0b09f165c8ce36e2f24b43000de01b2ed40ed3addccb2c33be0a":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #37.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_add_sub:"fffffffffffffffffffffffe26f2fc170f69466a74defd8c":"fffffffffffffffffffffffe26f2fc170f69466a74defd8b":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #37 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_add_sub:"f5ff0c03bb5d7385de08caa1a08179104a25e4664f5253a0":"f1cfd99216df648647adec26793d0e453f5082492d83a823":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #38 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_add_sub:"d8441b5616332aca5f552773e14b0190d93936e1daca3c06":"d7288ff68c320f89f1347e0cdd905ecfd160c5d0ef412ed6":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #39 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_add_sub:"3fb62d2c81862fc9634f806fabf4a07c566002249b191bf4":"b474c7e89286a1754abcb06ae8abb93f01d89a024cdce7a6":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #40.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_add_sub:"10000000000000000000000000001dce8d2ec6184caf0a971769fb1f6":"10000000000000000000000000001dce8d2ec6184caf0a971769fb1f5":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #40 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_add_sub:"069f85e3131f3b9238224b122c3e4a892d9196ada4fcfa583e1df8af9":"0a5e333cb88dcf94384d4cd1f47ca7883ff5a52f1a05885ac7671863c":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #41 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_add_sub:"03bb4a570294c4ea3738d243a6e58d5ca49c7b59b995253fd6c79a3de":"032111ac1ac7cc4a4ff4dab102522d53857c49391b36cc9aa78a330a1":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #42 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_add_sub:"00bdbc23a14c15c910b11ad28cc21ce88d0060cc54278c2614e1bcb38":"070ef55b1a1f65507a2909cb633e238b4e9dd38b869ace91311021c9e":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #42.1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_add_sub:"100000000000000000000000000006f985b17b9662f0733c846bbe9e8":"10000000000000000000000000000a26a52175b7a96b98b5fbf37a2be":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #43.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_add_sub:"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364140":"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd036413f":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #43 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_add_sub:"5b69dc230af5ac870692b534758240df4a7a03052d733dcdef40af2e54c0ce68":"acdac615bc20f6264922b9ccf469aef8f6e7d078e55b85dd1525f363b281b888":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #44 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_add_sub:"b54a23020fc5b043d6e4a51519d9c9cc52d32377e78131c132decd6b8efbc170":"272515cdf74c381652595daf49fbac3652a3b18104a7f00753be4721f5b9e1f5":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #45 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_add_sub:"1f44ebd13cc75f3edcb285f89d8cf4d4950b16ffc3e1ac3b4708d9893a973000":"ae17584a9ed9c621de97faf0f17ca82cdc82f2526911c9dda6e46653c676176a":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +# Use the test data "modulus - 1" and "modulus - 2" to ensure the sum overflow case be tested. +ecp_add_sub #46.0 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_add_sub:"00000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f2":"00000000000000003fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f1":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #46 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_add_sub:"0000000000000003f28adf9f6396ae3994b971761b2ceba40031ad622ed93874ac034cf71b34e47e4e2aafd310096249e2387a54b1cef3913e7d611d163b764":"0000000000000003f924aec4a53583bff4788955cdb7f4ccde9d231c8a38e7b5d7d255f2b68beef746ccfcd0b77d43a5d02db430267ce8c92b607d554d08ce6":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #47 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_add_sub:"0000000000000003f9874f82b2df98dbcb3fd500e2637300fecf10e0f30e0051d1615ad353a09cfeaa1b2956c8826ec350d775dfb53e13d7077b81d18dbb0c1":"0000000000000003fd5b8c21f4d4cc5091b5ffbff651b9052496e1e3fc24ec0952989c17d9c649a8bd5bb710a77ec0c9b44baf5264ed787f87a7976ad448abd":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_add_sub #48 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_add_sub:"0000000000000003f7defb1691e8e3b705620733deaaddd33a760e17a4e9ba333445533fcd71d42a6d00e3468c946b0ff353728c6173d944afbfae4877c606f":"0000000000000003f96c1d081a3cfe300dc4c27fa2ebbc37396957d4bf81156d86b88de3a9312ca5be57d93fa3549b71895aa36bd5231f38146a2f0970425b":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated using python's standard random library, +# initialised with seed(6,2) and random.getrandbits(curve bits). Curve bits are 192,224,256,384,520. +# They must be less than the named curves' modulus. mbedtls_mpi_mod_residue_setup() +# can be used to check whether they satisfy the requirements. +ecp_read_write #1 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_read_write:"c320a4737c2b3abe14a03569d26b949692e5dfe8cb1855fe":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #2 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_read_write:"9623d7cfa9ae7a34254499c7001d9a88096d373742f9a039":MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #3 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_read_write:"df5ca32ebad5ccc232b7228fcd4a55577d24b39645cf8aa4059a91e1":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #4 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_read_write:"c527e27951c342505f877031bc1e3ac1c27db4ecf72c2c2678629522":MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #7 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_read_write:"903c2ac9316774fe181e290aae9af1698a0c510089ce5ef7e91b4ad169fc5360":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #8 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_read_write:"9c2c0ac2cda95957a9b3d1a243f9300cba98666ace1c9c17b313fc7e8db9b92c":MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #10 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_read_write:"401fe4fcce06294d68f22599ccdf540b5cb53ec017d7ab26fd80206055e8b3eb6cb9185ed822e2f9168e5087af895f5b":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #11 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_read_write:"bb1e330f38d2e6418f918e24a8b0188cbe19514a28a0aaab3642b1932793637c16cf5c51801fd9ab31a5bf371f970cf":MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #13 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_read_write:"1477156c589f498b61beb35f57662410d8821f3a1ee4a5968a8009618dbe4afda408809822eb0e994fbf9da1659c1ea21b151db97cd1f1567fa4b9327967e0aa591":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #14 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_read_write:"158dd0fdd801513590d221009f2b6c212f2b30214cc3b1f80aaf9142dc9f328c8e2b0af83e1acdb102d85f287d77188c2b8e7911cf9452f5014966f28da330e1fa6":MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated using python's standard random library, +# initialised with seed(7,2) and random.getrandbits(curve bits). Curve bits are 256,384,512. +ecp_read_write #15 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_read_write:"6b4cb2424a23d5962217beaddbc496cb8e81973e0becd7b03898d190f9ebdacc":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_read_write #16 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_read_write:"36f675cc81e74ef5e8e25d940ed904759531985d5d9dc9f81818e811892f902b":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_read_write #17 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_read_write:"8d116ece1738f7d93d9c172411e20b8f6b0d549b6f03675a1600a35a099950d8":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #18 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_read_write:"a170b33839263059f28c105d1fb17c2390c192cfd3ac94af0f21ddb66cad4a26":MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #19 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_read_write:"7f15052434b9b5df9e7769b10f4205b4907a70c31012f037b64ce4228c38fb2918f135d25f557203301850c5a38fd547":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_read_write #20 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_read_write:"3f98e2774cbd87ad5c90a9587403e430ec66a78795e761d17731af10506bf2efc6f877186d76b07e881ed162ae2eb154":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_read_write #21 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_read_write:"57ee05cde00902c77ebff206867347214cdd2055930d6eaf14f4733f3e7d1bfbc7a2ea20b2f14c942e05319acb5c7427":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #22 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_read_write:"5790f82ec1d3fcff2a3af4d46b0a18e8830e07bc1e398f1012bd4acefaecbd389be4bcfc49b64a0872e6cc3ababced20":MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #23 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_read_write:"57ee05cde00902c77ebff206867347214cdd2055930d6eaf14f4733f3e7d1bfbc7a2ea20b2f14c942e05319acb5c74273f98e2774cbd87ad5c90a9587403e430":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_read_write #24 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_read_write:"6bf46c697d2caf82eeeacbe226e875555790f82ec1d3fcff2a3af4d46b0a18e8830e07bc1e398f1012bd4acefaecbd389be4bcfc49b64a0872e6cc3ababced20":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_read_write #25 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_read_write:"7f26144b98289fcd59a54a7bb1fee08f571242425051c1ccd17f9acae01f5057ca02135e92b1d3f28ede0d7ac3baea9e13deef86ab1031d0f646e1f40a097c97":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #26 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_read_write:"4f426dcbb394fb36bb2d420f0f88080b10a3d6b2aa05e11ab2715945795e8229451abd81f1d69ed617f5e837d70820fe119a72d174c9df6acc011cdd9474031b":MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated using python's standard random library, +# initialised with seed(8,2) and random.getrandbits(252). +ecp_read_write #27 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_read_write:"00b3510bb46ee1da317017a6205738d16018366cf658f7a75ed34fe53a096533":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated using python's standard random library random.getrandbits(252). +ecp_read_write #28 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_read_write:"06694f22359b154881a0d5b3ffc6e35ccfaf00103f584ad4230824d215ceb3a1":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +# The least 122 bits were generated by random.getrandbits(122) +ecp_read_write #29 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_read_write:"1000000000000000000000000000000011f319877589ca4a07c15471a4517d6c":MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated by random.getrandbits(192). +ecp_read_write #30 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_read_write:"e5b8063831360a4092b850ad7eb72f8263f65da874007cb4":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #31 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_read_write:"c24f6aa83bf36a147c2f7ad016edc5d467164890d49d0ac1":MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated by random.getrandbits(224). +ecp_read_write #32 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_read_write:"0e6edaf80796d3bc4685ca8af852a5fba444adf42b37f5722051e2670":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #33 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_read_write:"018dff3934223aa56a9b7e3ea1d1d784fb9db434b610b1631e941aa79":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +# The least 112 bits were generated by random.getrandbits(112) +ecp_read_write #34 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_read_write:"1000000000000000000000000000162e910269470d0718c1afdd9a78d":MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +# The following data was generated by random.getrandbits(256). +ecp_read_write #35 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_read_write:"3c02e56756a3e9570edca4eca92d04a31b941f4360908405d45c39a39ec353c1":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #36 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_read_write:"353a0106e6c08269844dbc0ca65423a9e744b24e7f61701e1607b1c4b0f91306":MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +# The least 440 bits were generated by random.getrandbits(440) +ecp_read_write #37 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_read_write:"000000000000003fdc3d71f22ff5fd25f0f21231a06a7cb3aa75ab7d1944ff09974b85f2306d4a8a2ad16e107ac8069b51c6322463278ecef2d30194df943c":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_read_write #38 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_read_write:"000000000000003f9fbd8780ed55037ea03260d7ef27bba4d70dfcf3332eb05b6659eab3bfcd5d50545214b0afb81e8824918818fd64f799ef936ac3a8db56":MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #1 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #2 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192R1) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #3 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #4 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224R1) +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP224R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #5 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #6 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256R1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #7 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #8 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP384R1) +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #9 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #10 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP521R1) +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #11 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #12 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP256R1) +depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_BP256R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #13 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #14 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP384R1) +depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_BP384R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #15 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #16 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_BP512R1) +depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_BP512R1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #17 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #18 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_CURVE25519) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_CURVE25519:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #19 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #20 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP192K1) +depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP192K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #21 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #22 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP224K1) +depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP224K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #23 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_COORDINATE + +ecp_random #24 MBEDTLS_ECP_MOD_SCALAR(MBEDTLS_ECP_DP_SECP256K1) +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_SECP256K1:MBEDTLS_ECP_MOD_SCALAR + +ecp_random #25 MBEDTLS_ECP_MOD_COORDINATE(MBEDTLS_ECP_DP_CURVE448) +depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED +ecp_mod_random:MBEDTLS_ECP_DP_CURVE448:MBEDTLS_ECP_MOD_COORDINATE + +ecp variant check +check_variant: diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 394253de5..575162480 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1,16 +1,13 @@ /* BEGIN_HEADER */ #include "mbedtls/ecp.h" +#include "ecp_invasive.h" #include "mbedtls/ecdsa.h" #include "mbedtls/ecdh.h" +#include "bignum_core.h" #include "ecp_invasive.h" - -#if defined(MBEDTLS_TEST_HOOKS) && \ - (defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)) -#define HAVE_FIX_NEGATIVE -#endif +#include "bignum_mod_raw_invasive.h" +#include "constant_time_internal.h" #define ECP_PF_UNKNOWN -1 @@ -74,7 +71,7 @@ inline static int mbedtls_ecp_group_cmp(mbedtls_ecp_group *grp1, /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ECP_C + * depends_on:MBEDTLS_ECP_LIGHT * END_DEPENDENCIES */ @@ -169,7 +166,7 @@ void ecp_test_vect_restart(int id, * MBEDTLS_ECP_WINDOW_SIZE, as well as implementation details that may * change in the future. A factor 2 is a minimum safety margin. * - * For reference, with mbed TLS 2.4 and default settings, for P-256: + * For reference, with Mbed TLS 2.4 and default settings, for P-256: * - Random point mult: ~3250M * - Cold base point mult: ~3300M * - Hot base point mult: ~1100M @@ -322,7 +319,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void ecp_test_vect(int id, char *dA_str, char *xA_str, char *yA_str, char *dB_str, char *xB_str, char *yB_str, char *xZ_str, char *yZ_str) @@ -379,7 +376,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void ecp_test_vec_x(int id, char *dA_hex, char *xA_hex, char *dB_hex, char *xB_hex, char *xS_hex) { @@ -432,7 +429,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void ecp_test_mul(int id, data_t *n_hex, data_t *Px_hex, data_t *Py_hex, data_t *Pz_hex, data_t *nPx_hex, data_t *nPy_hex, data_t *nPz_hex, @@ -481,7 +478,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void ecp_test_mul_rng(int id, data_t *d_hex) { mbedtls_ecp_group grp; @@ -507,7 +504,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED:MBEDTLS_ECP_C */ void ecp_muladd(int id, data_t *u1_bin, data_t *P1_bin, data_t *u2_bin, data_t *P2_bin, @@ -541,8 +538,8 @@ void ecp_muladd(int id, &len, actual_result, sizeof(actual_result))); TEST_ASSERT(len <= MBEDTLS_ECP_MAX_PT_LEN); - ASSERT_COMPARE(expected_result->x, expected_result->len, - actual_result, len); + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + actual_result, len); exit: mbedtls_ecp_group_free(&grp); @@ -811,7 +808,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDH_C:MBEDTLS_ECDSA_C */ +/* BEGIN_CASE */ void mbedtls_ecp_group_metadata(int id, int bit_size, int crv_type, char *P, char *A, char *B, char *G_x, char *G_y, char *N, @@ -903,9 +900,13 @@ void mbedtls_ecp_group_metadata(int id, int bit_size, int crv_type, // Check curve type, and if it can be used for ECDH/ECDSA TEST_EQUAL(mbedtls_ecp_get_type(&grp), crv_type); +#if defined(MBEDTLS_ECDH_C) TEST_EQUAL(mbedtls_ecdh_can_do(id), 1); +#endif +#if defined(MBEDTLS_ECDSA_C) TEST_EQUAL(mbedtls_ecdsa_can_do(id), crv_type == MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS); +#endif // Copy group and compare with original TEST_EQUAL(mbedtls_ecp_group_copy(&grp_cpy, &grp), 0); @@ -955,7 +956,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void mbedtls_ecp_check_pub_priv(int id_pub, char *Qx_pub, char *Qy_pub, int id, char *d, char *Qx, char *Qy, int ret) @@ -987,7 +988,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void mbedtls_ecp_gen_keypair(int id) { mbedtls_ecp_group grp; @@ -1016,7 +1017,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void mbedtls_ecp_gen_key(int id) { mbedtls_ecp_keypair key; @@ -1060,8 +1061,8 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica ret = mbedtls_ecp_write_key(&key, buf, in_key->len); TEST_ASSERT(ret == 0); - ASSERT_COMPARE(in_key->x, in_key->len, - buf, in_key->len); + TEST_MEMORY_COMPARE(in_key->x, in_key->len, + buf, in_key->len); } else { unsigned char export1[MBEDTLS_ECP_MAX_BYTES]; unsigned char export2[MBEDTLS_ECP_MAX_BYTES]; @@ -1075,8 +1076,8 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica ret = mbedtls_ecp_write_key(&key2, export2, in_key->len); TEST_ASSERT(ret == 0); - ASSERT_COMPARE(export1, in_key->len, - export2, in_key->len); + TEST_MEMORY_COMPARE(export1, in_key->len, + export2, in_key->len); } } @@ -1086,37 +1087,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */ -void fix_negative(data_t *N_bin, int c, int bits) -{ - mbedtls_mpi C, M, N; - - mbedtls_mpi_init(&C); - mbedtls_mpi_init(&M); - mbedtls_mpi_init(&N); - - /* C = - c * 2^bits (positive since c is negative) */ - TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c)); - TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits)); - - TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len)); - TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n)); - - /* M = N - C = - ( C - N ) (expected result of fix_negative) */ - TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C)); - - mbedtls_ecp_fix_negative(&N, c, bits); - - TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M)); - -exit: - mbedtls_mpi_free(&C); - mbedtls_mpi_free(&M); - mbedtls_mpi_free(&N); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */ +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED:MBEDTLS_ECP_LIGHT */ void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected) { mbedtls_test_rnd_buf_info rnd_info; @@ -1130,7 +1101,7 @@ void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected) rnd_info.fallback_f_rng = NULL; rnd_info.fallback_p_rng = NULL; - ASSERT_ALLOC(actual, expected->len); + TEST_CALLOC(actual, expected->len); ret = mbedtls_ecp_gen_privkey_mx(bits, &d, mbedtls_test_rnd_buffer_rand, &rnd_info); @@ -1152,8 +1123,8 @@ void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected) * (can be enforced by checking these bits). * - Other bits must be random (by testing with different RNG outputs, * we validate that those bits are indeed influenced by the RNG). */ - ASSERT_COMPARE(expected->x, expected->len, - actual, expected->len); + TEST_MEMORY_COMPARE(expected->x, expected->len, + actual, expected->len); } exit: @@ -1295,3 +1266,380 @@ exit: mbedtls_mpi_free(&expected_n); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_WITH_MPI_UINT */ +void ecp_mod_p_generic_raw(int curve_id, + char *input_N, + char *input_X, + char *result) +{ + mbedtls_mpi_uint *X = NULL; + mbedtls_mpi_uint *N = NULL; + mbedtls_mpi_uint *res = NULL; + size_t limbs_X; + size_t limbs_N; + size_t limbs_res; + + size_t bytes; + size_t limbs; + size_t curve_bits; + int (*curve_func)(mbedtls_mpi_uint *X, size_t X_limbs); + + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_modulus_init(&m); + + TEST_EQUAL(mbedtls_test_read_mpi_core(&X, &limbs_X, input_X), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&N, &limbs_N, input_N), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&res, &limbs_res, result), 0); + bytes = limbs_N * sizeof(mbedtls_mpi_uint); + + switch (curve_id) { +#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM) + case MBEDTLS_ECP_DP_SECP192R1: + limbs = BITS_TO_LIMBS(192) * 2; + curve_bits = 192; + curve_func = &mbedtls_ecp_mod_p192_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM) + case MBEDTLS_ECP_DP_SECP224R1: + limbs = BITS_TO_LIMBS(224) * 2; + curve_bits = 224; + curve_func = &mbedtls_ecp_mod_p224_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM) + case MBEDTLS_ECP_DP_SECP256R1: + limbs = BITS_TO_LIMBS(256) * 2; + curve_bits = 256; + curve_func = &mbedtls_ecp_mod_p256_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM) + case MBEDTLS_ECP_DP_SECP384R1: + limbs = BITS_TO_LIMBS(384) * 2; + curve_bits = 384; + curve_func = &mbedtls_ecp_mod_p384_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && defined(MBEDTLS_ECP_NIST_OPTIM) + case MBEDTLS_ECP_DP_SECP521R1: + limbs = BITS_TO_LIMBS(521) * 2; + curve_bits = 521; + curve_func = &mbedtls_ecp_mod_p521_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) + case MBEDTLS_ECP_DP_SECP192K1: + limbs = BITS_TO_LIMBS(192) * 2; + curve_bits = 192; + curve_func = &mbedtls_ecp_mod_p192k1_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) + case MBEDTLS_ECP_DP_SECP224K1: + limbs = BITS_TO_LIMBS(224) * 2; + curve_bits = 224; + curve_func = &mbedtls_ecp_mod_p224k1_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) + case MBEDTLS_ECP_DP_SECP256K1: + limbs = BITS_TO_LIMBS(256) * 2; + curve_bits = 256; + curve_func = &mbedtls_ecp_mod_p256k1_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) + case MBEDTLS_ECP_DP_CURVE25519: + limbs = BITS_TO_LIMBS(255) * 2; + curve_bits = 255; + curve_func = &mbedtls_ecp_mod_p255_raw; + break; +#endif +#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) + case MBEDTLS_ECP_DP_CURVE448: + limbs = BITS_TO_LIMBS(448) * 2; + curve_bits = 448; + curve_func = &mbedtls_ecp_mod_p448_raw; + break; +#endif + default: + mbedtls_test_fail("Unsupported curve_id", __LINE__, __FILE__); + goto exit; + } + + TEST_EQUAL(limbs_X, limbs); + TEST_EQUAL(limbs_res, limbs_N); + + TEST_EQUAL(mbedtls_mpi_mod_modulus_setup( + &m, N, limbs_N), 0); + + TEST_EQUAL((*curve_func)(X, limbs_X), 0); + + mbedtls_mpi_mod_raw_fix_quasi_reduction(X, &m); + TEST_LE_U(mbedtls_mpi_core_bitlen(X, limbs_X), curve_bits); + TEST_MEMORY_COMPARE(X, bytes, res, bytes); + +exit: + mbedtls_free(X); + mbedtls_free(res); + + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_free(N); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_WITH_MPI_UINT */ +void ecp_mod_setup(char *input_A, int id, int ctype, int iret) +{ + int ret; + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_modulus_init(&m); + mbedtls_mpi_uint *p = NULL; + size_t p_limbs; + size_t bytes; + + TEST_EQUAL(mbedtls_test_read_mpi_core(&p, &p_limbs, input_A), 0); + + ret = mbedtls_ecp_modulus_setup(&m, id, ctype); + TEST_EQUAL(ret, iret); + + if (ret == 0) { + TEST_ASSERT(m.int_rep != MBEDTLS_MPI_MOD_REP_INVALID); + /* Test for limb sizes */ + TEST_EQUAL(m.limbs, p_limbs); + bytes = p_limbs * sizeof(mbedtls_mpi_uint); + + if (m.int_rep == MBEDTLS_MPI_MOD_REP_MONTGOMERY) { + /* Test for validity of moduli by the presence of Montgomery consts */ + TEST_ASSERT(m.rep.mont.mm != 0); + TEST_ASSERT(m.rep.mont.rr != NULL); + } else { + TEST_ASSERT(m.rep.ored.modp != NULL); + } + + /* Compare output byte-by-byte */ + TEST_MEMORY_COMPARE(p, bytes, m.p, bytes); + + /* Test for user free-ing allocated memory */ + mbedtls_mpi_mod_modulus_free(&m); + } + +exit: + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_free(p); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_WITH_MPI_UINT */ +void ecp_mod_mul_inv(char *input_A, int id, int ctype) +{ + size_t limbs; + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_residue rA; // For input + mbedtls_mpi_mod_residue rA_inverse; // For inverse input + mbedtls_mpi_mod_residue rX; // For result + mbedtls_mpi_uint *rX_raw = NULL; + mbedtls_mpi_uint *A_inverse = NULL; + mbedtls_mpi_uint *A = NULL; + mbedtls_mpi_uint *bufx = NULL; + const mbedtls_mpi_uint one[1] = { 1 }; + + mbedtls_mpi_mod_modulus_init(&m); + + TEST_ASSERT(mbedtls_ecp_modulus_setup(&m, id, ctype) == 0); + + TEST_EQUAL(mbedtls_test_read_mpi_core(&A, &limbs, input_A), 0); + TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&rA, &m, A, limbs)); + + /* Test for limb sizes */ + TEST_EQUAL(m.limbs, limbs); + + TEST_CALLOC(A_inverse, limbs); + TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&rA_inverse, &m, A_inverse, limbs)); + + TEST_CALLOC(rX_raw, limbs); + TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&rX, &m, rX_raw, limbs)); + + /* Get inverse of A mode m, and multiply it with itself, + * to see whether the result equal to '1' */ + TEST_EQUAL(0, mbedtls_mpi_mod_inv(&rA_inverse, &rA, &m)); + TEST_EQUAL(mbedtls_mpi_mod_mul(&rX, &rA, &rA_inverse, &m), 0); + + TEST_CALLOC(bufx, limbs); + TEST_EQUAL(mbedtls_mpi_mod_write(&rX, &m, (unsigned char *) bufx, + limbs * ciL, + MBEDTLS_MPI_MOD_EXT_REP_LE), 0); + + TEST_MEMORY_COMPARE(bufx, ciL, one, ciL); + /*Borrow the buffer of A to compare the left lims with 0 */ + memset(A, 0, limbs * ciL); + TEST_MEMORY_COMPARE(&bufx[1], (limbs - 1) * ciL, A, (limbs - 1) * ciL); + +exit: + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_mpi_mod_residue_release(&rA); + mbedtls_mpi_mod_residue_release(&rA_inverse); + mbedtls_mpi_mod_residue_release(&rX); + mbedtls_free(A); + mbedtls_free(A_inverse); + mbedtls_free(rX_raw); + mbedtls_free(bufx); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_WITH_MPI_UINT */ +void ecp_mod_add_sub(char *input_A, char *input_B, int id, int ctype) +{ + size_t p_A_limbs; + size_t p_B_limbs; + size_t bytes; + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_residue rA; + mbedtls_mpi_mod_residue rB; + mbedtls_mpi_mod_residue rS; + mbedtls_mpi_uint *p_A = NULL; + mbedtls_mpi_uint *p_B = NULL; + mbedtls_mpi_uint *p_S = NULL; + + mbedtls_mpi_mod_modulus_init(&m); + + TEST_EQUAL(mbedtls_test_read_mpi_core(&p_A, &p_A_limbs, input_A), 0); + TEST_EQUAL(mbedtls_test_read_mpi_core(&p_B, &p_B_limbs, input_B), 0); + + TEST_EQUAL(0, mbedtls_ecp_modulus_setup(&m, id, ctype)); + + /* Test for limb sizes for two input value and modulus */ + TEST_EQUAL(p_A_limbs, p_B_limbs); + TEST_EQUAL(m.limbs, p_A_limbs); + bytes = p_A_limbs * ciL; + + TEST_CALLOC(p_S, p_A_limbs); + + TEST_EQUAL(mbedtls_mpi_mod_residue_setup(&rA, &m, p_A, p_A_limbs), 0); + TEST_EQUAL(mbedtls_mpi_mod_residue_setup(&rB, &m, p_B, p_B_limbs), 0); + TEST_EQUAL(mbedtls_mpi_mod_residue_setup(&rS, &m, p_S, p_A_limbs), 0); + + /* Firstly add A and B to get the sum S, then subtract B, + * the difference should be equal to A*/ + TEST_EQUAL(0, mbedtls_mpi_mod_add(&rS, &rA, &rB, &m)); + TEST_EQUAL(0, mbedtls_mpi_mod_sub(&rS, &rS, &rB, &m)); + + /* Compare difference with rA byte-by-byte */ + TEST_MEMORY_COMPARE(rA.p, bytes, rS.p, bytes); + +exit: + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_mpi_mod_residue_release(&rA); + mbedtls_mpi_mod_residue_release(&rB); + mbedtls_mpi_mod_residue_release(&rS); + mbedtls_free(p_A); + mbedtls_free(p_B); + mbedtls_free(p_S); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_WITH_MPI_UINT */ +void ecp_mod_read_write(char *input_A, int id, int ctype) +{ + size_t limbs; + size_t bytes; + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_residue rA; // For input + mbedtls_mpi_mod_residue rX; // For read back + mbedtls_mpi_uint *rX_raw = NULL; + mbedtls_mpi_uint *A = NULL; + mbedtls_mpi_uint *bufx = NULL; + + mbedtls_mpi_mod_modulus_init(&m); + + TEST_EQUAL(0, mbedtls_ecp_modulus_setup(&m, id, ctype)); + + TEST_EQUAL(0, mbedtls_test_read_mpi_core(&A, &limbs, input_A)); + TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&rA, &m, A, limbs)); + + /* Test for limb sizes */ + TEST_EQUAL(m.limbs, limbs); + + TEST_CALLOC(rX_raw, limbs); + TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&rX, &m, rX_raw, limbs)); + + bytes = limbs * ciL; + TEST_CALLOC(bufx, limbs); + /* Write source mod residue to a buffer, then read it back to + * the destination mod residue, compare the two mod residues. + * Firstly test little endian write and read */ + TEST_EQUAL(0, mbedtls_mpi_mod_write(&rA, &m, (unsigned char *) bufx, + bytes, MBEDTLS_MPI_MOD_EXT_REP_LE)); + + TEST_EQUAL(0, mbedtls_mpi_mod_read(&rX, &m, (unsigned char *) bufx, + bytes, MBEDTLS_MPI_MOD_EXT_REP_LE)); + + TEST_EQUAL(limbs, rX.limbs); + TEST_MEMORY_COMPARE(rA.p, bytes, rX.p, bytes); + + memset(bufx, 0x00, bytes); + memset(rX_raw, 0x00, bytes); + /* Then test big endian write and read */ + TEST_EQUAL(0, mbedtls_mpi_mod_write(&rA, &m, (unsigned char *) bufx, + bytes, + MBEDTLS_MPI_MOD_EXT_REP_BE)); + + TEST_EQUAL(0, mbedtls_mpi_mod_read(&rX, &m, (unsigned char *) bufx, + bytes, + MBEDTLS_MPI_MOD_EXT_REP_BE)); + + TEST_EQUAL(limbs, rX.limbs); + TEST_MEMORY_COMPARE(rA.p, bytes, rX.p, bytes); + +exit: + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_mpi_mod_residue_release(&rA); + mbedtls_mpi_mod_residue_release(&rX); + mbedtls_free(A); + mbedtls_free(rX_raw); + mbedtls_free(bufx); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_WITH_MPI_UINT */ +void ecp_mod_random(int id, int ctype) +{ + size_t limbs; + mbedtls_mpi_mod_modulus m; + mbedtls_mpi_mod_residue rX; // For random data + mbedtls_mpi_uint *rX_raw = NULL; + + mbedtls_mpi_mod_modulus_init(&m); + TEST_EQUAL(0, mbedtls_ecp_modulus_setup(&m, id, ctype)); + + limbs = m.limbs; + + TEST_CALLOC(rX_raw, limbs); + TEST_EQUAL(0, mbedtls_mpi_mod_residue_setup(&rX, &m, rX_raw, limbs)); + + TEST_EQUAL(0, mbedtls_mpi_mod_random(&rX, 1, &m, + mbedtls_test_rnd_std_rand, NULL)); + + TEST_ASSERT(mbedtls_mpi_core_lt_ct(rX.p, m.p, limbs) == MBEDTLS_CT_TRUE); + +exit: + mbedtls_mpi_mod_modulus_free(&m); + mbedtls_mpi_mod_residue_release(&rX); + mbedtls_free(rX_raw); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_LIGHT */ +void check_variant() +{ + mbedtls_ecp_variant variant = mbedtls_ecp_get_variant(); + +#if defined(MBEDTLS_ECP_WITH_MPI_UINT) + TEST_EQUAL(variant, MBEDTLS_ECP_VARIANT_WITH_MPI_UINT); +#else + TEST_EQUAL(variant, MBEDTLS_ECP_VARIANT_WITH_MPI_STRUCT); +#endif +} +/* END_CASE */ diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index c36d2c83e..0e013b740 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -135,7 +135,7 @@ int read_nv_seed(unsigned char *buf, size_t buf_len) /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_ENTROPY_C + * depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY * END_DEPENDENCIES */ @@ -166,14 +166,16 @@ void entropy_init_free(int reinit) void entropy_seed_file(char *path, int ret) { mbedtls_entropy_context ctx; - mbedtls_entropy_init(&ctx); + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, path) == ret); TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, path) == ret); exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -181,14 +183,16 @@ exit: void entropy_write_base_seed_file(int ret) { mbedtls_entropy_context ctx; - mbedtls_entropy_init(&ctx); + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_write_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); TEST_ASSERT(mbedtls_entropy_update_seed_file(&ctx, MBEDTLS_PLATFORM_STD_NV_SEED_FILE) == ret); exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -245,6 +249,8 @@ void entropy_func_len(int len, int ret) mbedtls_entropy_init(&ctx); + MD_PSA_INIT(); + /* * See comments in mbedtls_entropy_self_test() */ @@ -267,6 +273,7 @@ void entropy_func_len(int len, int ret) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -279,6 +286,8 @@ void entropy_source_fail(char *path) mbedtls_entropy_init(&ctx); + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy, 16, MBEDTLS_ENTROPY_SOURCE_WEAK) @@ -299,6 +308,7 @@ void entropy_source_fail(char *path) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -315,6 +325,8 @@ void entropy_threshold(int threshold, int chunk_size, int result) mbedtls_entropy_init(&ctx); entropy_clear_sources(&ctx); + MD_PSA_INIT(); + /* Set strong source that reaches its threshold immediately and * a weak source whose threshold is a test parameter. */ TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, @@ -340,6 +352,7 @@ void entropy_threshold(int threshold, int chunk_size, int result) exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -362,6 +375,8 @@ void entropy_calls(int strength1, int strength2, mbedtls_entropy_init(&ctx); entropy_clear_sources(&ctx); + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, entropy_dummy_source, &dummy1, threshold, strength1) == 0); @@ -385,6 +400,7 @@ void entropy_calls(int strength1, int strength2, exit: mbedtls_entropy_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -468,6 +484,8 @@ void entropy_nv_seed(data_t *read_seed) mbedtls_entropy_init(&ctx); entropy_clear_sources(&ctx); + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_add_source(&ctx, mbedtls_nv_seed_poll, NULL, MBEDTLS_ENTROPY_BLOCK_SIZE, MBEDTLS_ENTROPY_SOURCE_STRONG) == 0); @@ -523,12 +541,18 @@ exit: mbedtls_entropy_free(&ctx); mbedtls_nv_seed_read = original_mbedtls_nv_seed_read; mbedtls_nv_seed_write = original_mbedtls_nv_seed_write; + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:ENTROPY_HAVE_STRONG:MBEDTLS_SELF_TEST */ void entropy_selftest(int result) { + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_entropy_self_test(1) == result); + +exit: + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_gcm.aes192_de.data b/tests/suites/test_suite_gcm.aes192_de.data index 96d8059ee..5cf4e3b9d 100644 --- a/tests/suites/test_suite_gcm.aes192_de.data +++ b/tests/suites/test_suite_gcm.aes192_de.data @@ -1,677 +1,677 @@ AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"":"4f801c772395c4519ec830980c8ca5a4":"":128:"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"":"335ca01a07081fea4e605eb5f23a778e":"":128:"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"":"d9172c3344d37ff93d2dcb2170ea5d01":"":128:"017fef05260a496654896d4703db3888":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"":"f47e915163fa3df7f6c15b9d69f53907":"":120:"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"":"a35b397b34a14a8e24d05a37be4d1822":"":120:"e045ecba220d22c80826b77a21b013":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"":"169a449ccb3eb29805b15304d603b132":"":120:"3a807251f3d6242849a69972b14f6d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"":"538641f7d1cc5c68715971cee607da73":"":112:"07d68fffe417adc3397706d73b95":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"":"0d8eb78032d83c676820b2ef5ccc2cc8":"":112:"7da181563b26c7aefeb29e71cc69":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"":"646a91d83ae72b9b9e9fce64135cbf73":"":112:"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"":"55e10d5e9b438b02505d30f211b16fea":"":104:"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"":"e25ef162a4295d7d24de75a673172346":"":104:"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"":"08ea464baac54469b0498419d83820e6":"":104:"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"":"766996fb67ace9e6a22d7f802455d4ef":"":96:"9a641be173dc3557ea015372":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"":"75cdb8b83017f3dc5ac8733016ab47c7":"":96:"81e3a5580234d8e0b2204bc3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"":"cfbefe265583ab3a2285e8080141ba48":"":96:"355a43bcebbe7f72b6cd27ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":64:"34b8e037084b3f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"":"118d0283294d4084127cce4b0cd5b5fa":"":64:"507a361d8ac59882":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"":"b78d518b6c41a9e031a00b10fb178327":"":64:"f401d546c8b739ff":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"":"14eb280288740d464e3b8f296c642daa":"":32:"39e64d7a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"":"f54bf4aac8fb631c8b6ff5e96465fae6":"":32:"1ec1c1a1":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"":"75532d15e582e6c477b411e727d4171e":"":32:"76a0e017":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":128:"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":128:"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":128:"d22407fd3ae1921d1b380461d2e60210":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":120:"fcbb932ddb0128df78a71971c52838":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":120:"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":120:"fd78b9956e4e4522605db410f97e84":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":112:"b11f5c0e8cb6fea1a170c9342437":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":112:"6cdf60e62c91a6a944fa80da1854":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc9922299b47725952f06272168b728218d2443028d81597":"":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":112:"dd515e5a8b41ecc441443a749b31":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":104:"f33e8f42b58f45a0456f83a13e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":104:"380128ad7f35be87a17c9590fa":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":104:"e9e5beea7d39c9250347a2a33d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":96:"24483a57c20826a709b7d10a":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":96:"23012503febbf26dc2d872dc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":96:"e8e80bf6e5c4a55e7964f455":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":64:"74264163131d16ac":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":64:"8f4877806daff10e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":64:"4eff7227b42f9a7d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":32:"ff355f10":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":32:"cb4d8c1d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":32:"4a28ec97":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"eb16ed8de81efde2915a901f557fba95":"":128:"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":128:"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"70835abab9f945c84ef4e97cdcf2a694":"":128:"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"7f770140df5b8678bc9c4b962b8c9034":"":120:"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"151fd3ba32f5bde72adce6291bcf63ea":"":120:"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"743699d3759781e82a3d21c7cd7991c8":"":120:"1da347f9b6341049e63140395ad445":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"85b241d516b94759c9ef975f557bccea":"":112:"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"9769f71c76b5b6c60462a845d2c123ad":"":112:"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"4b12c6701534098e23e1b4659f684d6f":"":112:"729b31c65d8699c93d741caac8e3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":104:"fe1e427bcb15ce026413a0da87":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"927ce8a596ed28c85d9cb8e688a829e6":"":104:"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"508c55f1726896f5b9f0a7024fe2fad0":"":104:"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"b2a7c0d52fc60bacc3d1a94f33087095":"":96:"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"1bd17f04d1dc2e447b41665952ad9031":"":96:"01b0a815dc6da3e32851e1fb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"5ea9198b860679759357befdbb106b62":"":96:"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7474d9b07739001b25baf6867254994e06e54c578508232f":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"3ade6c92fe2dc575c136e3fbbba5c484":"":64:"67c25240b8e39b63":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"41b37c04ab8a80f5a8d9d82a3a444772":"":64:"4ee54d280829e6ef":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"9af53cf6891a749ab286f5c34238088a":"":64:"6f6f344dd43b0d20":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"623df5a0922d1e8c883debb2e0e5e0b1":"":32:"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"9265abe966cb83838d7fd9302938f49d":"":32:"6f6c38bc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"9b3781165e7ff113ecd1d83d1df2366d":"":32:"62f32d4e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":128:"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":128:"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":128:"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":120:"0943abb85adee47741540900cc833f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":120:"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":120:"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":112:"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":112:"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":112:"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":104:"8781b045a509c4239b9f44624e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":104:"2ad4520ddc3b907414d934cc1d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4382507dddccf1385fc831da8924147563416d0656e168ec":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":104:"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":96:"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":96:"b124eea927e2a62a875494a1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":96:"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":64:"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":64:"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":64:"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":32:"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":32:"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":32:"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"":"f1a23ce6e2bc9088a62c887abecd30ae":"":128:"d4d5c22f993c8c610145fcbe4e021687":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"":"ef221a1c66fda17906190b7c99ab60b8":"":128:"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"":"7c29b3196d44df78fa514a1967fcd3a6":"":128:"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"":"783f9a3c36b6d0c9fd57c15105316535":"":120:"23e21a803cac5237777014686564f2":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"":"2acc2073089a34d4651eee39a262e8ae":"":120:"7ac742c859a02a543b50464c66dcf5":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"":"c937615675738f4b3227c799833d1e61":"":120:"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"":"1f939226feab012dabfc2193637d15b1":"":112:"eed5fcb7607c038b354746d91c5b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"":"e2076e1050070d468659885ea77e88d0":"":112:"b4586bdbd4b6b899648f2333eee0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"":"2d07bb8616fc0bbb71755a1bd256e7fb":"":112:"6b60d645220cfde42d88296ac193":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"":"6c31194df99d08881fa5b1dd33b45a92":"":104:"69431593c376c9f8052bf10747":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"":"73599275f8237f14c4a52b283c07275d":"":104:"6f7249d25c9f273434c4720275":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"":"d0871bfc3693245be478e6a257c79efb":"":104:"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"":"c72bb300b624c27cded863eba56e7587":"":96:"ea2528e7439be2ed0a0d6b2a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"":"28899601fa95f532b030f11bbeb87011":"":96:"35625638589bb7f6ccdb0222":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"":"375d4134e8649367f4db9bdb07aa8594":"":96:"70610bf329683e15ecf8c79f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"":"9f502fb5ac90ff5f5616dd1fa837387d":"":64:"a4b5138122e1209d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"":"2ee96384dd29f8a4c4a6102549a026ab":"":64:"3b33a10189338c3b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"":"8d97f354564d8185b57f7727626850a0":"":64:"813d2f98a760130c":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"":"daf13501a47ee73c0197d8b774eec399":"":32:"a6d108c0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":32:"a47cdadd":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"":"817199254a912880405c9729d75ed391":"":32:"d81d9b41":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":128:"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":128:"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":128:"2c84bf7a8947ab93b10ae408243b4993":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":120:"e8aac14b53cdbc2028d330fc8d92a7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":120:"dc034564d4be7de243ff059b5f9160":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":120:"942b52277e9dc0a30d737d00f5e597":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":112:"87737873b82586bb29b406946cae":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":112:"06f95ca69c222a8985887925b15e":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":112:"c68842cafc50070799f7c8acd62a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":104:"ec9a79a88a164e1a6253d8312e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":104:"9779b7c3ece6c23d5813e243ec":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":104:"ca82448429106009094c21d70b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":96:"9d1603799e2485a03e7b05a0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":96:"05ee6ce13711535864674a5b":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":96:"0c9c17388d0610f99d0a093f":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":64:"1c3bd1e0d4918e36":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":64:"dab612351f75e2cb":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":64:"f1d743b7e1b73af5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":32:"4dc74971":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":32:"fb845ab7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":32:"c840d994":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"cff291d2364fc06a3a89e867b0e67e56":"":128:"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"1c8f41424acaf009996ceaa815b24ad4":"":128:"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"a950ab0dd84115e3829ab0ad3bbb1193":"":128:"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"3a2acf69bba19f5d1d1947af2cfda781":"":120:"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"3cd95429c6de1d327b9eb3c45424a87c":"":120:"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"bd505fcba464e6e2c58fdf29f5695fb9":"":120:"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"776248381941e16908f52d19207881f5":"":112:"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"603977845d82faccb401817ecce6e2fe":"":112:"c955a3bc316841be07e406d289c8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"4cd56de54e5140a587be7dfd02d3a39e":"":112:"1a29527a41330259f918d99d7509":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"afe986ead799727063958e2ce13ca846f76c51605439f839":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"f85a95ed10b69623162ab68d1098de94":"":104:"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"537a4ee307af3072e745570aaaadce34":"":104:"df01cffbd3978850e07328e6b8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"5124b410c43d875eca6ce298c45994a7":"":104:"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"ff10234524433b871202c2cca6acb194":"":96:"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"49da91e926091a448d57d521cc90f3c0":"":96:"99198f55f9fa763651bba58e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"b5efb9feae3de41b5ce9aa75583b8d21":"":96:"9604d031fa43dcd0853e641c":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"aef257dd44d14d0bc75f9311ef24e85a":"":64:"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c15c9c0b0b70c7321df044bfde2b15fb":"":64:"c5c9851a6bf686d0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"0bd64d222532dae8ab63dc299355bf2a":"":64:"3477cad1fd4098b2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"37e3a300542d9caf3975c6429cb8a2e8":"":32:"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"6cba4efc8d4840aa044a92d03d6b4d69":"":32:"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"4f4636d1b283bfa72c82809eb4f12519":"":32:"16c80a62":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87b5372571fb244648053c99405999130f87a7c178052297":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":128:"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":128:"010195091d4e1684029e58439039d91e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":128:"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":120:"28a43253d8b37795433140641e9ffd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":120:"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":120:"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":112:"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":112:"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":112:"3269922affb9d767f5abe041cc8e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":104:"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":104:"673afea592b2ce16bd058469f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":104:"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":96:"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":96:"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":96:"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":64:"84f1efd34ff84e83":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":64:"15d456da7645abf2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":64:"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":32:"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":32:"613ba486":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":32:"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0 AES-GCM Bad IV (AES-192,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest diff --git a/tests/suites/test_suite_gcm.aes192_en.data b/tests/suites/test_suite_gcm.aes192_en.data index 9cc267ec9..a3ebd1fd8 100644 --- a/tests/suites/test_suite_gcm.aes192_en.data +++ b/tests/suites/test_suite_gcm.aes192_en.data @@ -1,677 +1,677 @@ AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f8022b8988383d5cfd7d9e0e208146e7868d3d714fe85744":"":"5fccd8cb551cfc9c20998da4cb981d49":"":"":128:"1b5c6c9a28f5edfa4cf99176b0f14077":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7d4456b8e16b82283b677bd8c4b1f56dc7f153b5cfa746f":"":"081de4a3f71f5d6fdf7801ff6c667f7d":"":"":128:"90c2729c5ba04f8f5c73726c910640aa":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5779b60b536b096c9348cd8dafb3451280791e319b7198c2":"":"62f8e195bc79957ca8ce99a88ded1a02":"":"":128:"699d71bb63c668b533c357662f861513":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"966cfb078f695c8ad84ede2fb96fb89488fa271dd3b50346":"":"4a7b709d45745d94c5433b01fc9d57fb":"":"":120:"4a9bd213420629a5f6e471650060e0":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc69ed684af2c2bd2b3e2d2f9faf98acf8071a686c31e8e3":"":"0bd4197e5ab294ab7ab1e6ec75db2ac0":"":"":120:"6632b618b4cab963dd671fd53d2075":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"99deafc5ec6155043b53a86d466c2b652d59b7274bb844ef":"":"09d18e85e5ed38f51e04a724faf33a0e":"":"":120:"90bfade2f07f38b2192e24689b61cb":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c0c706a1fd48005e0fd0ed91b4d9f0028c500dccb28ca73":"":"595716e15498454577d3581e94f5c77e":"":"":112:"8b10eacb1f127f4c58cbb8c3516c":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8e125507ea16d5282fe8bac42d3cb4908b717f345e6a38":"":"0a7f64edb8cd8052fcd5b92e20c0bc2d":"":"":112:"467a2c0ba1d24c414f758200b8a4":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02176a5a5d8cb8f5ccee3f66a22181765ce730751c135198":"":"c19ed1f52f5ebbcf89ab1907b9ebc7f7":"":"":112:"6525beb5856d6f29105777e31457":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4434d6bce3a33551733d7afe8cd477a79be8eeac19bc0a05":"":"b0eafdf326886eaacb750dcf2c104abe":"":"":104:"ab9f7923a3b9228cb9ecd7f907":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39994c2520a6196cc3f3e8c6e4833286ce37399e0379563b":"":"dbf9c40266d95191d70739e932cd8572":"":"":104:"b29acaf5addd6b379315535375":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1f27d054114a264b37ee1821a077773750cc79d28594f506":"":"6739d43092620f44b57e65035ce14565":"":"":104:"25e0434a3660704eee4bb82962":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0e97d15f4992a6354e43944fd346da65ac1f0f1229189442":"":"32a64e826b500d7e85f4c42a784f7c19":"":"":96:"da8f3e0a6f156ec260aa34fd":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"27504fc47a9e9a85eaded3782cb5b088359ea1c0abbf2730":"":"c55c8dc3d6d2970c81659f2f87bf849d":"":"":96:"113e637538de291e2463abcf":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5fc67f73de736768e5c64c37459c5eec3d27f7e337c346c":"":"2691432d3935d4ea8cb8f7c17bef3558":"":"":96:"c0af76d6f62430106ca54928":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f28292ee2c54119511a67db0d2317433abaeccabfdd5d1f1":"":"cf9331a1bb3851b2fc3aeed2d1a33eb8":"":"":64:"8e14b869a95eb12e":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2042f9244079736291ba7fe1f030cba99672a97ce361dc14":"":"aadfa619bafb21b5c738b65d632bb8b2":"":"":64:"ad6f52f25aea1c55":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d9b4eb00ac03fabb5304ac38414f7782cb0186436a4b9036":"":"809939260117b759d8dac1a69c27c12a":"":"":64:"1f7d0b3104aae50b":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5128f4cf91d53b3a50e9b76b0b27da33cbd4b9349d89413":"":"644909f5fbcd61d850e43fbef1fb454f":"":"":32:"2ddbf709":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7ab2ade7a8e397d66be6dc7671f19cd39ad65490f1712":"":"d152359d765f41dd9cabf5c8f37cfd8a":"":"":32:"a6e4e30d":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9c2de7e3c74b7e318413a32892d4fd070de9882158bbc82":"":"63410c83fa363a63fa78303b9994b6c6":"":"":32:"49c514ac":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66ebdc2332276784a69b6bb137161210bac9f1d6a36d6a4c":"":"647f41b60c6a579086ba8854d043495c":"da26eebd04c27bbe7fa7b54b87d3b7227f056dd9c085fabfcb59ec665a257c6de68fd2c1c51aad5e6188e02a56f70aac49ba489802247ca327de57ea3cfa87e72cae7dd82b50341a2133b03cd0027216fcd94cf43ec8a48e1c04145b597924b37f7977db3ff23b8edc913357037d0fe02afe2bba6b91e27554edbfb77f51cc41":"":128:"420b320c2d616a0b11a7605a84f88e26":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26b04d8427582b04318fefebac2a2298ec3ce61146f39a35":"":"99f3449c8538414e7ab595b92a7e6e10":"edfc2aa8ed91cfc0e117fc9e2d1bfe843c7cf365a2b6cabd4259686cd7aede9c7453623967a30ffbd52b30fc205208bb346ffc70584478f5f39a79d4971ed71cc3dd0200a89aef6aecda0a1f3a4bf2929b7b9e141be0ddd3671f727e5e793ef085f52ecb77a266b9a02a2c700b63d8c43da0b569510285e98b530abcdbf7739d":"":128:"091cfc38b248460eafb181ab58634a39":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82c8197e6641d0832639e2b1d7691fbac79618b2f5db45bf":"":"69e1a3e5eed54bedc941646e3ad25a6c":"d0fcb4f4d764efc0fb52c8108e61b67a1386f1a13c1761941cc9a28c6ad15e78474cd2a65ae9475d70d9c845f14bf4d2bd2bc46c29e507a347391829e0f24495b026f681c387b3e6aec8acfa5ecaf4c3cfe796c22469478ee6744cf04a22e6aec82489f53109551f58cc6602933d1780b8b45b933f76a94ef652a8ce8bac2cc6":"":128:"8e74343ae8cf1cdda4969c1a94aab5cc":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a349ba960b2c8f49b7e5314911ba8de358f2e74ceddf126":"":"f5998a62ec507c5fe5b280f9c57ac626":"78445eceecf2e6d2ecf2589fd24e854bed3aecc63aef934aec9aea93dca95d58629002a4ba91e9bf6d12e13f0a844977b3c2700645281db5de381adbccd34a84346a99f34889bd46c75b1956e21aa9f87684af55d7fd0de6da07e856d9b791c0a45e9e37881092f6040a9ae9d87757142d3c9c7fc6f25db0e5b5d377865ec4da":"":120:"4d7eab0a3719fa53e552b9e5a85bdd":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"019af03d23342f7916e329b6843161e566aa859402cb07ff":"":"c5fd96765fcf6d51e23ac6d206744af0":"f9808af3403051a52b6652df03b6b37d90a471bc242c436cab6ba699139eaad16847665093798731b9969709287199233c5e77351c5e42b15453b4171237a6d16aee63773c8c0d736b3a8bf38ccf922e561c456682fbc2c7161da3b89526d9de222351bbd04ecd4e8680f26d70fe57d577ea287b199be1bbb8b76328ddee3d33":"":120:"fd36fafe4f5571fafb6ece59b77381":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab39ad2946b2a343d76b1ccc1939cce7ae3cd7b6ea187bc":"":"247bc71446489dd3495c4dee8a071c76":"cb2c06fa5aa54ad079741afc56dbed79061a02045b6c099d0ae2d7883b78c5fe09636cc8a5dbba0c0c76ebfdb81217526afbbe04fa4b2b78f3357025930b0f9488369bf3aa088a2107bfb6c4ba714f1c26d0380d647ada5852d2c539300a4779295412b202c3cb977a7b94c24c4dd2a891a2035f388257b84e5b31bdc895f062":"":120:"65e1aad214f49881a067d8b372ab6d":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57b52697f72ae2df6354410a69dc3c5f28b31e6617bd78c1":"":"0d96720526491d196eca66457e3c9e71":"cbdfdb3cc73aed4297ff9aba76dd8ca4d8efe11b0f521fd7170f07461c7885252874b2ff8fd05a3943ecdc824ffcef0396980ebbddc0a53c6c99086c14fc806d90d35347d45e556e9a55ecc3a9fd74c8e5dbd19ed8b452eaeb673818ddc0695f56ddf3b139a3df378fcfe5b6ccfa358f5a5bcd1550f1d9d5f325f15f9dcd007f":"":112:"f0c49960e60fb63edbb50bfebd98":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7bf69ed06271107e11fdf016edc4aafb0e2d2ac05bdbc46f":"":"50e65aa338cfe856c80cbe1331b46abd":"a7cab4e1e56f4b9fccca08d3791560e4b6c7ceb40a10adec0536861c5c46fc3fd06c0a8eb32c9f18c40463b0f06cd0053e615dfd7caeb2b353b08ad6da1f8a23ebddf16524d2eaed70d4d7e565412dcc9598df7e107beb464b103cd8de9301cafe8b0420f0c156025d72b73d6e015ed2312535d35899aed73aa54374674d7f02":"":112:"d7fb9d78fede77981948eb013ea1":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"caa781bbed41d7a1c56d47673f74d4310a3bf8b1275031d6":"":"7795dc04261d9433367f51c3b87bf18d":"f44d77bd541e02a737c693ff3ea0adc091fff1966a593524e68954a2d7d66a48199366a5a600331cf392965b5ebedbf949203975fa9db53b72586615975e8a7b84e0633c6cf69caf482dd72b26b0a5687ec71667e7f6e5abea89c3d69d2dc42a242ef959e4039ba5b2d22a3e48424a431a77e816604769d13b7f892e2b33fcd2":"":112:"386930ced9a46097c0d1f6e65c62":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1b268de4ff644cfa4361f8014656d5d4decbcf9cede8605c":"":"4009bb00afad026cbad117c6047f4ed8":"140c5a93293598fab85b3948b53e0ba15438a0b948e91041a13104f0ad263c8a10613e20e87ef261999a54d469ba6f1abe56ec3979623df8520a0476801987c15410ec24f5a9be72acfca71e8c5904e2ea5f8b22b8cf404b9fd533aa37e33b3d4cf91599cbb3b85ecda4aebaa27ac0365df8312c399ba1767c47fe0923f2c53e":"":104:"af36bcee7561cd7d0861085d55":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c2843bd689ccbba60ce961b7dd50619a59234dad97567e39":"":"55a68cbaa5755d8c67bf26f03c5863c6":"d7980ab86ceb9b66ab265b68e078deddf7ba084b8967c3227839e8f31cdcfbbffa004953f3582ea9274dcf46e3ad7e7744a576dec37e0cb36fced2b2c2fcf4328f506302f5741e696ce25c49492e33c6a0c8aed5af03cdc1a266352623c6a52a555ce906f684bfd597b5e37f60b5175a981088b9d8b8b5493e4fc1bfeca64f95":"":104:"66cccb7d28d3fa70bce2900a84":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f451c5edf9849a390486dfecad437cb809c33d31f6898ba0":"":"9e2dd52c04651ceea88caf4adfb2e8ee":"87b804d4a81dc203d67a92b4fdeab959c2056dcedb28d29f216f9172817bcfb3d2256bc1c8aac23feb22b71f1fd02ea28cdf91785931750ba4865d672345b5001b1aade4f6acc7edb03758d2540e6472aff50ab3ea61a0b9ff37ff7a87b91013b14867c3e43cb097a923e6d8ddb1f52e4bd940b60d500a4e35bfa91935065f26":"":104:"e192a49f5f2b22fa39dcfa54c8":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd02ff8cb540ba572af3431597bdf3f23e61665f96a19b4f":"":"7198af3f594a4f0597f45fb592edef50":"ef06de48bd34f362fdb425c6e35e37d0dfa1ea874df7d201b6a1c25b736c96e3cc8ed0915807fb7ed759482ca701d28c08cbf955be244bf887df37394d1ca4d2e7eace0dc61c807b714f3161f9d7f554c9f87ad674849c136108cfd8f777997656489d3e993aad4a51b68616083876832b3085a5f8f154b83ea44702c70f2980":"":96:"43298281cd27a36e5cbac4b9":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ecab4a4a9dda43477c993d6388387443c66ac253071c504":"":"9523b2722b927dc3afcc5f7dab2bf033":"fb84e38a84225c8ebb307df88325d020a5853bb05ac7a75ee38552c40c302d263181081b05918775cf9cd6905b9982b2ae9ef7993f28fd8714e878c9a4a8101c08e9f13581dcf4f16dabfcb9d3c471c0056805f51e67e9b75572639c3d6ce62d2f8abd64e1e66ffb292360c20155e4d528374a5a22d845340d6f1ac68d33040e":"":96:"696bb674e43cdc7d69346555":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"733df8c42cc2e70ac195615d4911ffbecbe2712230c5c292":"":"f76135eab5d42e82aedff3090a1ba606":"0c8aea747cacf2f0fdfaf368cf32b12dc49f5da9a29bee380d2d64035b73efb56fef13aa20c0b612d9615cefb94f26978fa0b371a47dd20051a1605b9f5e133b52dc514577c53319c9e2bd4ac7cdf37d56a9e715e27860a09d86cc21d0b9f0f302f6acf06f2ff00cc6c878dacb8bde51082f701314de7efd36a246f80f8a8fb6":"":96:"82e6d0c076c7d8ac0839fe18":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ba33c24c41bf9836607b6dd05e66a3d16298c897dd1d70ae":"":"4b30423df6de76dd684274afbea089d8":"71f5f6ee7bbd774fa691a3d7e0f694a6c8dfe8aaf9cd720e163ef6d5cd949c798f9e9c993adb6d64e7220aa0f17331bfa9a43b659be101726a80e5529e827c3e4b05cfb4d78db9952e58eebe64dfbc0d1baf20e7e48902215277a49ee953108526a70ee150eda85e6a0e49955f8c6323766ae10e13ecfdbe4815f4bb4ba43786":"":64:"73e80018235ded70":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1711553980e3fc5c14c98611ddbdf426463f82c66df83a70":"":"3396bd96b83ba611ed22e12e8a5ec911":"9506f34c90611acd6ecea385a782a5739f88b4fd13b77570c4d7e0617283e7b21568e32c42ada1cf6aca1a2e2ba184d4101306ff21c9d03e0ffda4854773c26a88a5173d52960286c18753df17361bb7046d2884ee600f58775304f49cf4e782ac70cb00b3d9c345cfcb38e3880743034640bbcae83112543cd1622ebaedb221":"":64:"5d51a0868a2161a5":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d69dbec7ebe80f2b5b8f61fdff1f4413f5f6624010fb795":"":"a2eb3ba50dd93fa375cf682db7b2bc7b":"a0f9c0de86b54d3c176ece3305463237e1f70be3c52e2ab1c773a9d27d6fc5dadf61ce7a3d10dba8730d12c306fca8952403983bf242fc1b6efaaa153ca446a07d16a70af4cb1aa4d4c0c93d646dc3a5630f5a610aa9e6eeb873f9a06d3234642bc86b03c596235ec03019e762458abe17d37409a18ca5b7e0e0088391dd3acb":"":64:"1a827855ee98d679":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7aa732879f290aa442217212156920c69457b8ec41eab153":"":"cb593221c59846dc82fc0d0cd04af3f0":"15d7ebf94985c34b72b6675d7346f0b05bdb8fd3a278555939d2999028e4179e69352d398a5dd0e5b370bdd9cbd24d576b89709c98b6142f71f5b1ba224222afb67599fc58fe043d1a91d7ea95b56dbd086db8e3a061b1bfc6e82dc9ac728174fd3669d65db62a06380a5f72c3d091b7a1b6998041d5501e9fba8bf91a7d278c":"":32:"55b86d22":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"961a3e78f6a75944455f9d9d0345e08f4669972f3d5c202c":"":"ce43a19ac648e62ddc49d243fb34e29f":"393736558133078a0367b8248bc18c8352f92a9212e90318a5b63ad3c422ccda7c181c565629acf4fc73b2de85bc9cf38310fe703a877b3e7d3b2d416aeb962f1027077232cfa39c5e5284a1b323264175546ddfb250ce693e2dc78a0479bd89a7ab44b63e504866d2ec6b5153cfd51f29a91cd4fa2b8e09878747ae53981875":"":32:"ac701373":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4d492904becde4e46c2557ac833265c715bb57f18cd040d":"":"df41b22b92d43a96a7504514b92e644f":"c4dd46ce3e486d89903482de247c1e7df05809a247302db3ca8457b93d6886c0a3d1be40a90f6502ec58d0ddd715896cee37322d48ec3f0c3ad716f1bb679afdcc0e4c79e5e2e346702d349ec7b391ef7eafde618bbadce5d14d22123de611c065780a4d05e928e87d12b749888d6004224c3e457aca0190bf1a7fba2453680b":"":32:"7a259bda":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"316660f013ced78a16701b35479ffb1f7c8c4e964c1b52b8":"d262c15d08aea46f614c7f8f6a54631289e54ca97d698777388e137f431bb783601e7999e7af98775d7b87ce061d9ba56570ed8c58b6bbac5f12f751fc376ab0f14b36b40b2b5533727be3bbc9a51183405d5fd0121201ff592817d06613b504a3440b0e1a57e9ed1771766a9a5b789054f7032d20b23c5c37d77f293c677fd8":"919ceb172d2cb460bdb3b3e58debe889":"":"5f5128f7f948f0cc9fb248a24b07c54247e40080a992acddb2615d90ef9328a17bd5e9a698b00103855738aea55c4944cde4a9148bfa8db12233231861c455e52c9889119ca402eabc8f41b27000156dd29b901024336cb2b7088eb5fd534ba58f23caf140a8b2549486074e4edbfc262ed9c7c7ccaae24be8de873ad43cd13e":128:"ae22ec4c19e7616a5b877f168febd202":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1bdb707c328304809bf0608874c9db373df3c7104a5a7049":"ca243caa145124997f5e2e6bb25d021a38d58d0ab1bbf06d086c2416c08e3512aa887cc215fdb34d0f2d78f6a45885767f15fc00b68a4df1130587de777efb9cfd59cafa077477e97edabf2bf04c9a6ce029c230385ca5f9928bca7fe5503b18774849199d2a39a378a2d3144aef4416c1718319ff1bed8021dd77a07f61eaa6":"b7e7fc0d5adaed1632c5f7d1f56458f1":"":"91c7954bdd6a49360fdce11c1bc710512bf5a57bcef241fb63e5ceabcdc9699d0c0ddb025c75195ec25e631507f13e18799e6be9798e5639ad8401f6244c5b0ace3905ae0de08e2d0fcd19d193de83943fe449af4b503a454c248e677d2f51100fd9b8b7e5388d5091089369a7c2ff38bd353e9757ef873a87f15f30232bafb4":128:"72337bdb2bfdd1f1ebe0dba6f9b7b649":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6dd0d7e9d6ad1ad7c7394d53e9e081c436d34c8158bbc95":"2d95d64ed3be857a5c79c7af20aee00f142557e10d780383fef2d45f16c7e2823ffee495b220c87971610e5650f7c3e8d296b3f03fc883c00351df48d97717427101aa0c08a23c408b24511621b640c210b316cf17e3dfd714f0c9aa9ddd974692d1c2ae27b9bb0fbb428e7a9da3b3cf9bd869e730ccaa3aa4bd08f01f84039a":"60b4b9c77d01232c5d3d4af81becb0dc":"":"4494460ee73d3513814e1f779bfe3a229b49348d7641e9ed4dd959b582960097ef08b91292bb9db87b4e728d01b92683f4cdc81151a69bed2096bf6fb2e45d0148404420ea16b631b421e6f4c6665fe33c2d11e7b22b6aa82b610b83214ae4d17e681972e3a1f77306d3c54d96c47d8be1fb2c8cae8300ac9db99013f25a65a1":128:"d40a246c18518ea9f8d733b42181123c":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e9ed78cb5c10df05ad00c6f1fb35b4d28e6ddfcc16456807":"e465e57cbac0dcd1e8ccda22042abecd9d89c4ac91b0e82a41fd51107a792099e63f7cf23a889d8c04edae2c2b3a9e51dbee6c3b71ace3de08ab354a295888bb99ae0fe428dd69bc013d49a70511ef60524282347787a542fe9501b6452b5faad2f129a9795c2c4cc0881ec4af8f0e0d2d4a7a628cb051055fe831b51e250608":"3a8ad989c621ae1e82b8d255a3c95028":"":"6855e4702f1ea593bfe30ee65b3fab832778d6b11a0ad902dd37361b8d85ab76d1f2ccf7927d695eb3129286c26737b9573e26bf64b31de26f97525f84345f73bda2888a1f53c9b405ad627bbe5dea123c9fb0a4b7f193cd8fbc8fa4a5e5f64e9c083f5c048d61fd1d347b49afdc69e0ca6a82e3b064c49d5bffa2800b5cfcdf":120:"9661f5c3b0d99d4f762bdcabd48df2":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76a5bc9a8d7c6e2822456156cea7d493702d61e7d504e3c3":"0a7fbca875fd620c3d8de788e5c27534160f68d60d70fa4167adf0c18ea25fa1f2cc551fdf447aa16678d3f82193cf421a6fa953532a3765bcb54183bf0e96527ae5e695ed3bba5d9911f36c1aa73132cd43b2698996eb43ff84420e315a06d7db02aee815461892c7ab9026953c4bc25f47153d5cb7b966b71b24dad69fa565":"09b681de6683751300c2ada84a214d02":"":"dd66e08fc500426feb497c39c5853b26376272dfabb82ab5978167faa91adb025a6ca0e8fe3d04a0d97062eee8ca6530c3788bebe4436ecdd3d9eab96d38a0cf9b8cc6a584a0facaea33ec2f4a6e61f780c3dad524df902f421e3204cec7c9a4bb3f0860e017eddeb939cdfbe6f924e1eebfbbf8ec63c55b62137d9f8845f38f":120:"4acc40a4882d7733d8f526365f2560":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f5cb564cdd6974219e87f93a030fdcad35313d4adf9d7a97":"210a799d480b4933e16fcbed632579beb6b00aec74c205dbaf64e2cb152c12f9b6969122f296efcfe328f54202446514066594848f42a3031425020b56d065d6eaf2caf507d5f51df493c11514400b889f33d0b996e721eb613569396df0528aa14eaed117dbb7c01d9c3ac39507e42a158413dab80aa687772475105eabcbbf":"90f91da5239640a70eec60d849d9ae70":"":"69a3dcf5b94a507a53fa5e62cfca269453623ccd3a537d971130a21bee884cf271b9833dec19862ab0dfe7052e7dc07b20f34aac42bc39bf1d495360c1d701ea53a9bba64b02962b4ef64fb1c90a1a2f3a6f81a6ba781d5f28b786efc365ec6a35c826544aab94b53b96613fddb65660dd336acc34a217960f6c22b9fe60dde1":120:"b67495a863fffcc773021dc7865304":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc2c5a020d3ea731362c29d559cb14aa4f8e3f6a554a5fee":"8cf098cb6ad79e0f0eb4ca888da004dfe6431b5982bf1490c5f2d1486c288b5d50ea0a5a63cf9d097a71348632391b4bf962bf464419c2c971e76c03eedd09d069a070c86837e16a2c39a2cb8de3e2d3f274e03998a874fa98de0933b0856e076e7f575f351d7ecd024753781f51ef600405b304e37f326846b84692448d3f2f":"bd4d45d970085e0b2bfc9477f5cd0244":"":"d44a4fd303e657670632da8dddb6a117f3e35d8afce245e7e6576711c663f36806b813ba6421ef9788681d9717a36d3eff4ae1789c242f686d8cf4ae81165191220e338bf204744c9fc70560683ec07c212846d257d924d5fc43a3d4297ac54428a32c8bb9d5137e0f4aaa42df8dec37793f3965ca658f22c866e259c80bcc59":112:"9c1d6c70e1457a8d67f81cb3dc8e":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"167cb184ab6ad15be36536f505ea5447fd996b1d9a092ef3":"0b6ec08685b5a9d32346a5fa25d208136433204f3b86182bd1d9578f0634dcbb5b59937fb87df0679334d7f41eb8bec60ae1b87994ed2cfddcb56e95a6fb4e3ab7845b0294e4afa5ad46eb5a431cbd7ad0eb0473c42c06f3f62de03d10ddda449d41137c8010af5c7c0eac7a5fde5a39b5437a2382639fe3388ce029a7d4465c":"b5cc89a1c10329bb417e6b519091cee4":"":"7ebe4a9547fb115b39b09880d6f36f8cd402bb798c6d9db036b1ebd8b87a8e9d56fc23b7ae4e8cac3500bf2f73952c37a068f1e472369b62319a8b1bc085a51fbe47e1c321dd1ba2a40692ecd68762a63467d5ecad66a3d720a8a81e02dac0ebe8df867e2f7afa367aa2688ca73565e55cf2b0072fa3681750d61e8e60275aad":112:"30454dae78f14b9616b57fdc81ba":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9bc7aad4f4bd73acf756311ff1b72b41631344b9b57cf447":"7cdf07e17f667227edc986827d55bb803c6e51f93e72d98a1cbd161b58155a1c14ca54d52254e5f88f2a08614df68cc37f6e9fac88895b53090f69544b18aee4cc03763d35e7dd94ed82d1435316e7e02367b1c43506b3ccd31e248dce81fe62fdaea3a0bfba03477d5c151b0f76f09799048d8b23699d000a9da11281efffc1":"ffa8e719f29139d12f741f0228e11dfe":"":"6ab304cb9d1ed675383ff95f7f61ffc2aa73ab1b9a691bb84777b14c7014e986ffb91da6847d3abc0349a7aa09ed1d86f2dabc09e0e25a05800bd5d616c1a665bdb119ef71bae065ed019aed20ad3b13262a902f24ccb4819dc71419994a8b4774a3b9f4f672d31aaec997cfe340d2abdc3958c41373d0315076d22189eb5065":112:"260cce7d5ed6a8666c9feaad7058":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bd47bea08eab8694defc2b66e60da1be40fc1e398224f9b":"083ad3fe9273b8063e144a03f88fb179b18327aba37259d7f8532303306ac9d18cfcb746cab3f9385b5bb685fbc4a252dda268044642f5dbe33ea6e1634445311e440c5507fa6beaed343c83aeb0ffc4f1cba21b39f0ff6edfff961aed3ae1796f8bfeebcd3392d92e26dd26a19a7b7c2e5910f22557fad600f8cca8aba988d4":"e45a52c5e5ecc87b4320864b38683777":"":"8fa3cd91fb93a346e1f9595088c5503a840c7d7c33aa1be147e484e2aef2a8bda77275348ca59810abef6e179888f6781862990ba8e6d96af70febd2f671a3a8d6dce9be46c1cc6dbfaae35c35a7073205411cc8ab4ddd266b31b64edab4ffea076b29803149850cca41c857b05c10148182f8e7252e67069e7517da5fc08ee1":104:"9fa3372199a2484f82c330093f":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"850a811ca18044dee4487729e619cca71f05a5b164dd1250":"6ee76712d0b1fc00e43c2312743a881ed95a0b06276c5a4d93e3d56732af6b12c7c0d1aa6ffaec562229b6443e576caecffeadd9a65b91efa1bfe48ab1ecc63c381d00fe8dc7f11365f2b28945e844e7c6ca60972f733a96f29cc12e259c7cf29e2c7bbf8f572e158782a46093c5754656d0f2e1e1ea2a0b315b5fa02dadf408":"6f79e0f62236790c89156c14bd9540a9":"":"eb1ebd78d7ac88e6f927e09fecf7feb1aa64d7435aae76cc917edd9e0624a96e945df67648c187e397954da7b0888005f7a0d05d09de424c1a0648b56707b90da4021d5a36175500337e7341d1a474fbaa94e56d7ea52155829eb6bb9d95457c138875f0738034924d59681e7c2dfffb7dc0959697468ea2b65a884c897208ab":104:"91c74a30e5bff5b2585ac7699e":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91469828dafd30de415067236d5f49ea14e813637f1ee0c3":"e3aac00bd05ce3c9b87720db82104364c8ef6ef25d6f3c8bcf5f73f1a26f8619e831bf7bb28c4dcbac7013dc6282d07cc225bd969c582a26accd7cfffe878a3159a5ad3cb6c8b89131aada61e2960cc5431f4ef94394634e4c8b2938409bcd2e7668986c7c5cd2ed5f2c525fa0212996960ab842a43869ed430d3291799a2a1e":"cb5409aad9d227a3cf0e2c5f1031873e":"":"4aa82b1c81a911cbe84231ce7afb95188f2177b539fb77de68f3d4801a2bd09f5ee2f7e59b5d9e79be5f7a23f0612ae39d59259dabc8b1bf7dbd4adc0db520bf7e71b988fa96d6b4dfc76afdc22ea31f64c64388dd93b27518b3263b0a19007405fc08645350a69e863a97dd952c8d886b5e0f444a6e77a9ef7c7de54f405a04":104:"2a6b14c78bcb6e2718d8a28e42":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b6907853b7d4c4a19468111d96c5de048200b5441b9411d":"3622ba252c067ce7d6cae1d1f5068e457a0cf93be01fdce6dc8652a53135d5ed445388679e3f388ee6a81220b19356b275878fbcc2a6751bee7e2a50adb7c430e4c8cae03e88465f97bcaeb151d4f0007bee6bb9864b33020717adc42d6f8a283a20f6b62ec79fb8060e3e5ecc1e91a2eaef57e9dabd3b3634236f12d4bff475":"a66ee64c15094be079084c89cb1739c1":"":"2b8c1490e13881ab3bac875cbdb86baabe7fa30445bcb39315d057171e80d02aa8471355e80ba891b26d80b375508ba2756162cc688578be313a50096d7cd6253a8094970898fb99cd2967e78a57d12b8b3e3c10502634bead5bfe2c9dad332fcbda0c1bca16fd5cac78ebcbc7f15aad8b28abf3ed74a245a8e7a85cfaa712ab":96:"e52af33988855d1a31158c78":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe63e247e8de838a197a9e937e34c0f5a0b282533d445015":"17c5d748b8596901e97df660ca94fc970f7ebb769aff88f60acc425f50ebfb6744c6d8778c226c5d63653d9388d3fa0d4d630f94d668f3478c89e2708501edb12307a9b2189576cbc79388d291354cb9a5d1eace4ca1d9f734fc78e55ecbf86338a31ebe583cace752e8bafd0a820384136963eb2d2f4eea7b2f69597737a1ca":"8e018305675c287f802f28fe56ae5c4b":"":"c3d34e2cf1c3ad629490d70a0fec1a63c88d025ffed46ff8f5d8c0879c166ad716b702682cd0a437bdaa03a9b2e69a32fb7259b0fa930ca7a344aea37886cc9850e44de0aa049b8bc300caee82e26b2a1e5ab45c4c7cc6a15f5f595199999a0cacaa59da1b2be2a204fe13005b92ce722a000228545ae8a61b2c667a386f431b":96:"d7a6a917a286d8edf1289183":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c739dae83a5e64bd98ffaf68b5bcbcd0155d8109e9ff2518":"56dafc06b354e84ce3ce31b7f88193124ca7e7049272beb93fbedcb3ede8e017bdb9ee5d314ec5168443fe01258d9abc4c4c27580f6299b20082b4ca87eb2589bedc459f132dfaefafffdd13f82e153a2165dcab9a9b6c10f1d0d13b127312a6f5f3d65a73b8fd057f1d88038c5137254111f7aedf21af07a35e34cf4d2166d9":"d80ac4dacb0f1441839e2068013dde3f":"":"9ae5107f4394c9050f8ca8ae6d1eb66099ccd0166f38e45c1cbc17b30e218fcf6015ac92dd7ab48bbb095a0523904c72710a86e50518d6aade269c82bc5ecdfa729802441e09aeb939abb43f5960542ad87961e2141f967d12f7190b07de99811b264dc62cb8f067872f84d21b661558ceeae4922900ffd76084e450650de79b":96:"6a180ed4f3a9d5739e559d00":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c23ed64375d42c3a402fdadd143336d2f6babf4d4ebc176":"5541a219108ce3ce593cca8c6aa6504c84983a98851bf8610d71f79a38bdc21d5219266ad56e10ccba4898ea969815ed0d6df75312d657631e1e22e46f727a499696399a0955d94942a641383cadebc5328da2ac75bf0db709000ba3277581e1318cb5825ba112df3ea9c453ad04d03eb29d1715412cc03dbce6c8e380b36167":"daa6f68b3ce298310bcc2a7e0b2f9fec":"":"2a4e04101d4c822eba024dcea27d67eca7ba7f0ea6d5290ced9376049ae085ccae3ecb624c03eb5b2808982c88f0a5c4363a7271610b674317bbdf1538776f1fa2454c249a1b0d6c3e64bd4a356ac2aa2fd601a83d4fa76291f3ef1a9bfc858cc0aea10cff34ab9eb55411efec2a82a90af3fc80f3d8e2b56181630230890acc":64:"d408209fabf82a35":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"695dfde34f0af192faa50244ab95a6059e2e637e237eb60d":"33ca2c61a04467ad2bbd2ba8144573f0c2504a4e9945fbae250385406ed1757adb70534bd6ed854f227d93eee57c73a314f5955208e1ba5af8cc1e8b5bb07cb63030e3ae5f0ad287536f49b576418bb1d2dec40562f6bdda59c373d6668aaa9b791285716325fccbda2180e33955c8be19d05e389820ed69258c9b93e3c82e96":"a6a57792b5a738286fb575b84eea2aaa":"":"b2ce449fc806dfb93cd7c97c018c2ba7d702216ae29a530a8f22d07279c7570c6288fc01fa9915b42a6be7a7d9569f71b8fc2411dd9747b5c9c7b5c0a592bcd7e8f4530ebaee37e9c7d48d7a56be7e2df1d91cecfd11bec09bbca7ce7106942989594e791e00e23557c843acf5164f3863d90f606ad8328696f4ca51fd29346c":64:"050bd720de1b1350":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a89a516204837bc780ad9b26717e51ccf42591bf58c75c1":"c72a1b8707522442b992cb21a7526dfd341e27a11e761f594abbfacc2ac26ea48523d0113e38adbfc06d4af8809cb606454467fd253ca442241e8921b906d6c007dd09e139e568194666d5da0b33c7ca67876856cf504e8dfab4a5b0a77cfb1883d532ef7c70b35b0838882f144991c25a2331863eaaaa2059401f61378750e5":"a9b1ef7744075cd6cc024f8c7b3b0b6e":"":"0ec50150590bb419df0d6c410edfc2f8805a602ff247e3b50881ad3efb598ed053d8dd1deff86460db0081c0eb3effe9ea94564f74000166f08db24da6cfcba91a9ee1e98b8671db99edbe8fde11d0e898bb130e1b27358fc42be03fb3348af7de9376af495c0ec71aed56d680632195539b2d1d5bf804328d0928a44c9731ce":64:"6c9f55e67533828c":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4107d51f7d6e24aa605959d5d46b4c7e1743b7d5e3ae07b6":"e5074ffbaf5e771e12f9e7cc8e7701b970aa7897928681383ea0f91bce8200ec6782dc9618e065e142c4ef2f7019791e74edfe2040b08bdf328d7d9658e7473beab65359d35ed168a2bb39f3c3f59890353405a82f48e16d388eb8f2145ed9bff016e725791cabca913813e7485f387223711c1ad098ffa0f72f74a048ec17ea":"94a88f6872995b26da39efb5e3f93334":"":"bf32a717c945e1e2fe91fd38f3c7084210a7966cb83235d28f701ebcae6b2042226e932e4601eb3ed4728ca32bf7065fcdc98017dabcac23f0f80c65e92518db6c78bf4cd91f817b69f3c3a8891786d433f6c3c1a025c1d37bd1c587ba6004085571245591d615906f5c18994f09a03f3eef180d7af34f00ecfe153d5ab73933":32:"8d43426d":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0fa6270a44c8d14937cc3ff4cc2d2c997254a42ca8a09eaf":"2252d1c4706cc46ad3e4f8c49a92cdc7d1af24deaf7b08ab7304ef804cfe261acc3a202bec0d8df42cc36a5a3ace9ed7a9465cdec3513d31de9ae7821f9444226439c8f98a9a7d99b36b91b1b00eac71080d7eb550209af5fb7b3f28d09f5060070da73a40456d60c0470773af95d16c0b33d0b5327d44188619b950590ea862":"b5f3fde841156bc408ec3de9ef3438fc":"":"4fcfc56fa722af32e804dee0f4b67f5fea542b381bc47c41451844c82e5427f6cd90c37e088dbaff722d8700a11d5dfb4282e565f32e055324e5069931c86b62feb2cdf82ca1f62aee02a70e4e274b2b957650a5cc772be86c1b1cfc41b01d20d9be8b05b9e3ff65413520789ca0f198fe00d83483a1d85aeb13094c9a827e7d":32:"1ae8f9c3":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"104c18bd2a0641fd46c2d7590d60d6d8eea74a2758ed0f4d":"4434cf5d12d07614227cfc12716a8adfc651ffe5c6476cf4489afaa698d9d19947016bdbcb5b625773252745dfeaf9b10021a5b38f742ea8a0fc5f926c80cef6568ab8639cddcf8fee9678d45ad4937d6e6b054b65512f929e897ed5f965cd14cad939732c53a847bb2758d818d5d131977649db5b59a0c5ebac37db961f9d69":"2902faec60f754f0fbb1981aeba277ff":"":"1789524845a1e36322c44dd1e938ee5d0fe6df244b751f3023d5d64d40a72598d352d9d2faba68be4e035c258b68782273925a94527fcdb977a41c1e0a96f53119b5909b23b0327c820e8f6da049a5d144a98019c4953aafd481190117573869109c265012a42f76bb4c3353f6613ccbc40a4af2f9e148bf0a0324bb43337fb7":32:"d36d2d06":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"263451f187b6dcab9d8dc4364217a483dd80c1d75f24fcea":"5e236c282eb4646fbd16a95eff2b27873f625a7e919237d75989a8a112ea80ce8db0b4aeaf5da59c3b22649dabb584284ab9673ba7edef59043eb8e99763643941a4788e7cf11bad63e13c9ef08644044b76beef68928dac22975481da4afc723b3ab3b498189542cbdffbc3f467d190cd02e9b36b6981122aa80cfa3aa3561f":"6c4552b3a03152aa464e88fd5b14356d":"435453a304fcd3c4bd6ab90d6ed8c54e6d21f75b9e56c9d48030499b04f6754cff628c4c9216f7d8a0abed5b8b7ca128c099a7deab74ecfe2c4a494b30d74833f837d254aa00d75aa963ce9c041f1916eb63d673a4af3f88817c65d4c86f5a3c28a67de2aaf75f08d1b628af333e518a7e99d980571db608407d3f447563f2df":"12dea5ea9b54957c689c7c9c6a711e2880645109a4057fafe3b32727a60ee1e24f8450310d6b8402c26b307bb0bf3cb7c6407270d95590efb938e6d77359666b11a7a3833a7122697e959645d8e9d835e0bd39bdc30397115b4c348ea825c850c1e54a60a2522a6321e4b99fa2ad9215205628c595b07c6ffed939c779d23ab2":128:"585677e0f37ae13d886c38202c3860b7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbcf735d7c8701f537090d3dcf914c741ed783c24bd8265b":"18eb70dff73341298ce33ff4049fa631f2c72c158fcdea55d1231c46c95ba4013012b713bc95ba25a2114d0380c297acd05c323696db466874083e18bf544dabffbc70be4649cfe7e8bf449aeb9789d6fa412a1adf57ce732702ab962561f9e1fa850733c97b8a4158786e8ccf32af0fc2b04907124e731ffaf3fa7eacaa64b2":"09ecced8460af635e46bc82450352be5":"cc5b8f82fce3797009fbd38dfad7055a5e2ac241363f6773191d0e534e2b4592a6805c191daad377245c414df8edc4d3d9ecd191a50cf9747dde65187484802e15797d7c7e1db49ea4e423e94d9ad3b99aea6bf2928ce6addfc00848550b4d2e466e85a282cc022c7c4469d2cb16151e81bf63df378e0c676036197d9470f42a":"8298f796428faffa6085e458f149675d6c6e2cdfbc7994ee6f19af40fe8926c28904fd5ac0b9bdbd2de3f1614500a3eab1f980f82ac23cae80f3e6ba71539d1723e9f3412df345536f7517d847aae79a83ee9ad5fe38d60c6618d870cb1f203a3e1847d14d8de5295209c0e05aa196fec0eab8389e4eb66bdf3dd49d0800ffad":128:"e53ca266dd93def5bee5daf70c953dd2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f8d84908a8b7f5e118482bb867102a244bcbf48b7229115":"9cd2a4e2acbeea6a73b5bffc1191d8045f63f3a14aa762eb776f35518f72bde4f9c8decd61a9319e3dfca82e682910a43de2719451e1a32839b29b27c3eb1c8f6118512d6a19cf189e2d04cf4e22459397936d60f7551244387294a7994320546f070e54f166cd7c243d13f3017b786f7df6a7fa4ece05a2fe49fc39e2225b92":"5ba986f5115d40c2cfe404007a1e2403":"06f98d4807efecfc863309f3bc64b0f04e4c16c32675ff97a3295d5657d4443f6c8b0a394d3f942705bdc19c22b8ff58e9b7c209b528b745fa0424d5898ef0e42e0909aa5ad0b01f8549e3674102ddaf4784f0ff8908cf9f9a25e7e4dd9af4da7bd13ae0cd87b6aaa6b132dc518f4a95af403e612edce63e1424dacf8e349372":"2f168fd1c819b159739a7cc783ecdb0ef9639b7965918e343e2a55f196daf584f7f14bb6e42d37b504bfc2cc08c218c5b841b2d2abce05bbf15315f471e56f04f7d54d6f1dc7b7a68b8bc7026a1441105015bcee2c39d83be35d25f0d514bd1ffe75411b32867ebf2d532a766f9bfce9e55ea3e0240d2a3713ddc2ba790bad21":128:"7f121ea36b36449e1db85e8a91ab16f3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c3037a59e98a9a81094d65ca52752ad92f93bcfa671821":"26647f8f4092f80fc19f81f029c354c582b582516e8e27e97d50866e8ff755f50a8ae6422f4e996f0cf50826a68c007a5b16fd59002d368ed3285bbd04f8f9a5a524243cb8d5b3ffa184ba7384771bfc508f2e93abd2a1e7170d694d35cc0ff7f247e84ca8889efc820c3f6d9cd40afd56c5799972d7556c91cde50ac808652c":"43b4f15bbe525913a31a9adf23d1971e":"60826c97f0a99b88e7aeab774a3f2278f9d35b6c1a5fce49d9389a421543c99f68797224535dca4d7040313340da73982220040a063b045843a14f5d38763f95bdd26ef818f6e5171c8d5b47f183589afd6acd36e59b9946c1edf038ae285f500171e9850603cda36043c29860e75bfe03c21e0ef11a9aecc5d5c51bb2201d29":"e58df99cce5b2548cf39684df6a26b8f9b7969168ff21c410bc40b763842ab3b30cbb3c82e0b420c8100da61c9037a9f112db9563a3d069cdf2997e7f4dbb0b5d79b56f0e985cd8cb70355366f7afd211bd9909c48b142c6556326062d27f7f82d76b83c433f00f1716ebc95038cb57c550b5810b77788c8bf1e686a8a14b610":120:"ba6aa6d68a560642c266bf4469eaac":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8fd9b08232a1d3fbe319d0897c74098f75b3e801d10e183a":"a677a13ae26b7a05cecfd153aaaea02ccb50db601221a3df545164bb5fe638f6ed276d4bd172b9e740a82a690aec4f18f4f3a0afb80c9a32188958e1cb3651064f55ca1211647903f63013e46b46c7f4f95589012eb4ccd2451d8e8dacc3cd066281f1f0c71f69f1c49f3f94136a522fff0d02427e4bccab056e615ff6fde1d6":"304c759800b8e275dfcfd3e5e3c61a7e":"5d2dffb00a25788548ff1b2c94745e5bfcc05eeb11e63501007335d4bd06bfb3223d4682e7e83eca0e163d1a8f2a76096ab2839ad14b45eb59ea9b29feb76f40b0d8dac55247c65e5dbe6bb2d5155ddcf2b2f924c48e1c16c990b69ac48ef2350873c1ed524ce1b8ef6c92a11c8e461303f7c32b5d65b57154197e45f1c6b792":"0779e5050dd17837d40fe3427322e717f074312f160c1951e5560797c13e4fbe47f320dc8053a39d2def4d3cc20e215978647d917ddf93fdf9eee5e54a974060dbac2a478afe5f5acbf65af4dccbd3942d130dddfd90cfc969da0c7f4b4050e34ce2e049c3bb004782abf4744c9a3ca2713ebfc5dfa16d011bc0b33d0368c108":120:"54c8a1dddfaa1cafbcc1883587b4cd":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19d38467c1024611433a0b2780980538d88f3e8907a86e42":"2623cd0eb46a7366877149ce0204d7dc08a5e64a1adb3b6759178c4eab26ca1806fc25fc0fc99dfc77d1811e61ac1e04ee82eb69ef7527962df1707734e4aca970b8a499eb70c2b0386942906945abcd9234b92e7bec33009e70786c39bd241da3905d961473e50367cb7726df8da2662fb32101d13b75032838f01ad7946670":"8d56a9e4bed67a7eb0f7b8c5e6bbf04e":"1c7d2744a56f5185b9cdf14eb9776ffd315214540daffc69c217dd64c7d0fb4a9f7b1ccc4c1e325fc046eec4feb8df35d32f492a28d35858ad1e9bfaf95211f111473c2ff799a124b308fba996b08f185103607605922bad319c6b7fd211f97c861565bea34948bfd751e4ce2591ae777ab1df8dc9e820cdad13066ed74303c6":"edfdfa35b41c5642e5b4dd1769b635811a48ecf21915cbef3c9e2f8230953f2ed4fda8903ec7634f10d55aa58c975a6c6133a173c2aeb83d6d7fc6534ea1781dfc62408e7a17d255a983bd1c33d2f423c364893db8128a599cd037b2db318f86f1fbd895a64a9fb209490b7e9a30db8cdf42e348cfcfa7984e15c17db810ec19":120:"17dff78f61d21de4c0744e57174f70":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d69bdc9d35589e33ea9c2b956780cd9618e0df79d1083e69":"d8a75de22fd3e2d50127c6fdeabc09fab1178875998319e1ea83c9745a1d5833c6ba9df08177c349dfa412e13e1927bbd4cdfb54a21c86c149be1feb4d9de99ffd590850875a3d9c8d9306971a9802ad4ca48f73d0517322525ac8463e3d59ae9895c9b363b6f0728d7585de78cbb49757bd1919ba2f2d6ba042d0781e7a79d7":"abd4b94362501b8f307fca076fccc60d":"1ad9aa99a4c8158ec08d21ebfb62604a043fc0c248fe08daa15a89f4a7855916af8aeb681ac6600c0268ade231f918fe508f48c9cfa998effc350fa117e2772f04839f8fa1a53bca00693ecd28db27c6507750404bd89af07451d66fb7dfa47065e9d3fe24a910eb27911591e4f4e4746b35359afada4356676b3c7331c610ab":"52e88b54b410dbfb4d88092df52688ba9502b906752b4802aca5428437d795de0d3539945bebdf2bab070df4a7e630469b92fe2dde0998d44094cae7f21f84ea7806637fa5c73b138e87d04005ef1206ddf30a21f46c0aa718665e809ffc0b42b5250143604b20225ec460defaf554a8bfb5f69ef4244e02e9563c374a44f0a9":112:"1024f8e9997f5fa4684930d17431":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6960be8fe82061e9cd783cd1c03f63a00d60ce9fc47ea496":"e0f574ddbb04831b5a86f40182f5f10d8667fe13c7065b471df157f67230c41b8c069c0218ceab93d63964be8ee853c567add2c3eab1670b03a51f9175e8e763be778ec43833cd716e1c8fe5cfb1d663149b21e06df772a3973fe1297d65188201cdb0c3533f5e9d40bb0664a97db60fc99d7e48eedebf264024006ca36361ac":"672f4378862c82738055273c72555b39":"e3a4dbce87edac519ce86349eed2dba0d371cef0d8f20b4dda3e1cd9f5799c9fd0b7494daec5bc995a6936c501212eb957ccc9ddd4c9b8a205cac122ba87b5c5a0eeba6b2af2cbc2326d953d61d089b6334ce03257203072f8e06b8c6f37692748a13e681082900fd32f0df6a3072f3a8b9bbeb3ea558e97a43d6656093d7c75":"2a3c4b79bbcfa4af04baa8413f6f1d18c9c579060ecd0cc359fcdcfc0566697ff834f7dffec84b2292e8583ecb59c9e5e5d87913a6ccaacebf371f1fff67f0be749d4ea5f5c6f4c959e9d932414a54a8e25bf2f485ecce9e70990bbc4e621ce2c8fcc3caa66b0730c6639de1bfa0124afe351912279bc3ca363f4e6013496cf1":112:"dbdd6af194f2578a0d0832d0cba1":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b7d0115612c56a1f28c6b3cb3d51c2b4bbd4cd36ccf3dda":"3a88efa524a90b31873cba177a7e6e050dc59f42c934923db1e75fec924908370ad0c9c3b0b3c05adf12c6ef2627d8d16f832071c055aef5f581a39a8e7d9bed2629e26d5e3ecaed24048d744fba08d8d12132def62059f1a549044c1db121f47f10b3dc4a02849150aef53bd259d6814162761cbc9e1a8731d82101696e32d4":"317a60c3c29440b8ba04daf980994c46":"80d816bf4008ae51b9dd9a25c30cd7482f2289f5616c41d99881aa8f78b5efff84efe307a822174f3a5c08b381bc99b169b92057627f21dddc367723eaca2545ce3a4fba2b4633fd99459fb03e85d6d11ed041b63185f3b94f6004bdce556e2a0aaf811faf0153b3974d0bae3eabadccfc95474c940ecad5b4d5ea88f88b8c4a":"f193303bb781164e42b3d4d25569a446c86646bc0fbc93059603c0b46ec737ddfcd55df8c90e6d806bd9fef90f2b122a1758bef5c75fcdff95ce44217d9b6b0e75e77656cc7f8a8cc47729c74faf43cbf08202e9ad16c7ef8c832ce5f97f51153e178ccc3c168928f3c328cd5b4c341bb0482f6a292cfa2fa85e03d95bcd4cb1":112:"42308ffc76cb6ab3c770e06f78ba":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75737e01a95c2ad9c860e72a57da646e01c2286a14dfec75":"fa749799afcf2242a6000c4fe1e0628db53933dde99d672e3c7b24b0cd6533b8002bb7aa8633322f4ee2e343db3a0067ad44edaa398cd90ebdb50c732e8bf95aceb4aaa4dfd1eaca617c30c30c1a18761a6d24c2de0790f54f73e0802eb82ffc0124517ddafe8336f4ec6197219346deef4ce930e8ae20117e6ebe49a2582346":"1060d78543be384e7a9dc32a06bcd524":"528a6c34c3cb3aba402b856dd7c9677d0d88821686edd86287e7484b72248f949bbdfb640df27e3d1d6b6dc1293ea6c84be72c85e5ff497f5da74d796a21f2513385a177f29f2154b2362d5ac83c3897f368d06513333f2995b701fb3e5aabac559f6018fffd02cd6b65eba9cdc629067f15d1ae431d6a22811508cd913009f8":"7e8774cb73468ad9647f6946aea30e9468fac3850b5ff173c7b346891ecda32a78b58df8d835328615f36a12c18370f3abcf021ed723830b08627767272f769a2105e4786451db0512027ce0e3f770fbb0ee0e1850a5fc479df4ad5ceff4fa3b2b9124c330c2e79d770e6f5e89acdc8d0ca9c758980dfefaaac41aaf6d472f8a":104:"6bc6632bb5b3296ede9e1c5fcd":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a326226b24222b3389d793b61b723e9ac7059495a1b597f5":"1cc26e453a54c94c1cf902fe12307cce2fba4d5f0fc3bb63cdbac0dd0b5ba31d08dae2b4f054c86f3a3ee920d8b9f7ad8ae8b4eca090c8783cf35db5de3b95889a84f09ff3f70263c61681f00a454b0813813f0fe3ec38a6d30cc3c6a93c91a422743e7a72340cb012718b8a4a3b66a75f13e0165aa51ee4b00046cba12e966d":"327972d0c2ebc20ed5bdedc8a3a7aee5":"2edb1455bf4573a54ab921d31b7fc9e534bce0870eb6e973afccc3b1f93dd2c1a476dd88e705919caeb5d4f4a8516a718cff8858eb443ca7785579036cc7273570e7bf2489ce71a52ad623bf7223ce31232d8c9b18e52a2dd4519bb08d87301f3ae69dcc36c6dcb3b03d8fc39b6621f6b4471092e941ef090c9821a05df8575a":"5a219a0d997e879ffeb548d43de8e4f32a9ad196dc425c83f766134735ad2c9ff5d9665bd54ac3efdc50bb4a7a04ba59825f31a0f3e530aef45bba00cd6479efaa19c85edb4734f91fdad6686e50f9cc531fcabce9e8397381b4d691da4a27b7c487e93de3e3a9e769e831c69b07697e4bab470ebff628e710efa17e4c184e0f":104:"2b9ac273c059865fab46f05ae3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf5f2d843042ab94fc4519d57d9229ea7e8172acf515fab7":"0e20f5a2afffa4a5f9219320716c8a26e35a19c525dddd528e5f5f06f0da082f43272361f07cfdf57423f67ad3cfdda9cf1747c602a93747cc571adfabcc9d1ec1a8128908df45fe0ede0e14ff40169dd1ecbff7f4062ee7be0a1afb370c9d5103132c1fbee9262309cb05ea150fa862d6303af71677d2de9cafdb4ecdab8d5b":"95b06c3ce1a3de73cf51e781b941097a":"765c3fae74b6fa4b6ed4ca7ab9b829d76a7759c50874a38d2ecfddaca2365f7a143c9584e255608be829950393e5f94131caf4caa04aeeeb9d595e39ef3f9830246d6066995b2d40438f7eb0944bd452ab493b422e93a3e0dc3c0fc2a4b83711ac6693f07f035fd9d031242b6ea45beb259dc0203f497a77106392e4da93c285":"f43628a227dc852e0ad931e23548fedfd57020a26638ceb95dc5601827a0691c44209d14113da56e6a1e44c72845e42ebbc7ffbbc1cf18c1d33ca459bf94b1393a4725682f911f933e3fb21f2f8cd1ac48bc5afb6cb853a09e109dadcb740a98e5e7ec875cea90be16bcdfec5f7de176eeeb07a3768b84b091c661f65e2b905e":104:"77964b5ce53209ee5307065d49":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11cf18bbbc1d8778faf40391c30ca417739ff8e2a521926c":"a2e11ac093ab648118759183cd52ca7d5728ca87fe2f31eca28cfb13325e3e6e95974456857866dda78359023e2c998d2c93c6dfe8f72c6d4ac39ca0585a53fc074bf1124c3ada92e78462a445da23e650bf52e26b782ff50312ee2beb7410e93c8435f7b88dfb0ed63d9a3823992d796bf3ab147c33593c5e6193ef32f7a620":"bdd9a2b70e4ee0cc501feca2a5209c3b":"051c68fe0cd81b52fede137d0105e69c74771b770ea9b573ad92ecae86f420953f459755597f68c29f6fca39a27239faa940ce6c949ccd44c9f12a0160cf74a575753310f52ec5c5bb9c4474b85266494e63b6810ddf7a6abd1cf8244cebbf69d3198c4a09e8dccbc9429f81791f5c02628e9477b988e2bd10f9bd5d6731ad01":"ca899a00654730d68219ca2ed9b23058a5f40150c237143b24245de1e440329e513690f00c0c52bbd0de8074fe5d7a50fe420470249227f967340efeeb64c424881c7f3a20c405d58ea81f2309c7f74ae572b30313e2d4b419fbf5f2cf90c6706a1ae1a800a883e8b00fbbc9dc28bf5aa4a329246bbe94df5c2d4524f57370d9":96:"dd45503cc20493ec61f54f01":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"812481f8982b42b2fb86297c4b7c739652908dc498171c69":"32b27127582ceac21f968f5418e24ec8b84617f4daab0eb007f02d45812e81d486dc50909d79221c438def535b8a55946f50297963139a6b21e139e810d19bc1566b374d080a387a646bb582dc738c44156eb6c8dad613586662418edcbb18fe688d271108318de71734cb571d442e4d9537b0fcb2f5c763b3fbcac010f5c4e1":"0dad658c73c9c88dd927a502d7b14e8b":"af44f747d77a83ef0944f3bac8e835d752bb55772a7fbd3c6af27ca0eaadd122c9af1e2a9f37c2ba42779ed8cde2199125378fc88c7d6d58edc01c65491c5efc6bee58e7e8bf72f1a69d3dba47b38a50077130cbd71accd3dd4f193a53c6f2d1df694476767f79f8b71fd42745ee5bd41e90a7dd50a1597445251b32de303169":"003ae4798f6a0b97990d41373623e528618f9299cebdb0d23e3799f62bb063e5530eef7fc40c06af16965ff6895f675ffb81c004d826cbd36b5eec9bd3d90d785af03b64d12d311b6f90bcd75a40497d0fad5e54f829a097b25f7a9604f6fad475c9239a0f8d5589b8a76c6f7bc852a3b820734b426f59ee845ec3f09dd7d3d1":96:"b80bbc002cbebfb4ec5d48c0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6657a7a9ddc6b4595df94d7c6bee9d13ad231cdc46ae5b4":"36857eccb5b3c220265a40980e8949135e840ef270602940d3394f3f679aed55217c1de175f6b48a16f7b394ad7d288bc425762f971b752d1372b369fb1c3a64970c8d18ad6de2e1a9a561a749e3cf9a8524e239f3121e8643bebee471e55fb5d54a3453c51b1747defac98ead8b25854ed1cae7ac44fd28cf4b1ed8988875c1":"68621ea7c6aaf1e86a3b841df9c43aa8":"bc25c38d3a200fc17f620444e404f3b3999f51ed5b860c04186750f55cc53c6423c44d0eee02a83af27d16b9652a7cb3d34a5cb19694e5399a272dacd56c4b17872fd23fdca129a4299b9c87baf209dd1cd1f355088e3f938e6d5053a847b5913f0b9135d6f290e365508bed73c61160a11a2c23aaed7551b32882c79a807230":"de8bb8e69f9ff1322f0a6c30cba5a6fccd7d17a2173a86cff5478ac8ea4ad6f4e99ddd4149e6a9b24865cc8fd6394066e24a556f3f6d48c599592c56f06a946c6b3414e2fb47e14d1f128ef26b385912367f35082099c1f3d4ea86687f19f059c56dac21923e9a151567299416eb311f5bbf9a28968b080b0b200044668f0919":96:"065f6c2b86891c719ea76984":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20cf8c2c47cd583286157b45b575d4d69c793b4250274fe4":"a64c2131c94fa827c3a510b23b20fb6d04579bc292d2ec33efc9eb31459115da143f73fba9bd8b03b67e591497d108f900a7279542b480bd3a13ea588a29efe66688b52c3fd58598c66d8595888e87b27734e6c5b2796cc60ab2aa3dd06a29c577de5bdbf0b6c69c7034f0181050f286b9300d214f549165a0b5b56ba8e40641":"ab58d2e18eb83c20df94cd6b569c65fe":"93ff6057eaaa9559d87e3276d4d900888cb1f56434ce2677ee1486a0aa8f4e8d02c47d06e6841f3fbe5bd72dd37fa9d81bbef807dca6961910844eb9611419936310d717e1843e7b278f48ae44a57c1f227a75fa8cbc7fd57c8cc3b101e036c8ef3043642c81f381561b61da7c9d79b6da9ec46f7cf093c29c1930b27c14f991":"a3f621261af17ec4756245414280017fd36133f2f9ff89eb8979d4417b8f93892bbf7b08bab785341bf0c7b5e3643f0e33f036633e5ebeae7a750ffdfcfbab690291731e92238ba6b45859b309629224fa7efc72298d3cf1ae3b6a9e94797552afc4e3a46205f9bab7eb64e4a41aee0e45289704a97221b7118d209e0b267a68":64:"ae53564271d5de5d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a311bf356cb1d1f58eab411b45b8d78b88052f3c8ab821d":"3e915e92f186fde05ad55a2597ceab81495abbaa0be107dbf6a375525d1157a322b1f65460dce0c3aa2bc08fa89f777dac4d2fc3e5f7f20a0d5e33373c7f1c3551369737124c702928726bd9db96a33bacb56f1d645fa02ca1d88629c547c0eaf9585ee23b530ea971bf439c67e3b752af882668ebe0c739b26c837887b9d2be":"0569d05f3825d16aaa89e86812f80628":"28494a12026eb89b46b6139573dcda0836a617e00e25e2daa92f9372d86c3c162cfec34d634ea48294c784825615f41e06e555cf916983931e3d6a7ccbb4448670139616e3bbf7109387a852703b0b9d12c1fbd966f72bf49a7e1461ca714872ccdc59dc775c24a85e9864461123710fd8dcc26815894ee8cf2ca48a4ec73b3b":"9ba776653e8d9d240d9c1ec355027a18731c500928925e7c50ef83c6f36957073a8386ecbfaf430634cd557b1da1bf122f37456fea3e9b58a6e99413d9d16a2f1b40dff843fe16a2fa0219ad5dd8ae4611de53d7aabbef7a87ce402e62276addc7f44e09ae9e62c5cce4ddce5695db987084385ae9a98884ec97e67b549ad440":64:"c669ca821b6ef584":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82fc47638cfb361ecf7924c03925d6006cb99459ef5691e8":"d14a550d419b8e03762429a7abda3b17ad7a1305e5fc639e71538285cd70d78fa30e0c048e2c32d2a7fd7f82c874d63ae922db5a77111b46caefbfe4feef4df19786e5fec6a4df84f76df412b1f06bea149f1996b41b117d00d422bba5566d3af5289ca9377f325ca1e72f7d6a32df6607bde194cf4ac52c28e8aa1e8f1c9a67":"2a8e1cadd2f264f2ad7be9e7bdfa24a2":"8088358d7c3ca8951d7e8cd6cae15844edabccc8d0fcf8f169a48cf434d4814f1d7d9ae410e5581d414f952f52b852eb10fcf0f2a67bea826ea2e28331f0597152e624e148462d5952f10fa363666d57ebfe036695e1e68f79161b991e20c8ae6095232e63fde073c79603135849c62f8d98a1d80608fc081171114db41883f6":"e54cc95e845f4d1b28885e9b90d1d9d3cc51fd9d8fec9bce57de8781a28b4e5b7ab446074e84471d7a9a23748b689c354e402be77f9890a9c52a2eb9022a6a415e01285db1c6eb66d5e15f4216a4f3f45782677b6ccbf20ac7b35bd153f52a599712d09712ef1454ccf72ee48cca967f4917f1aeaeaa6eaaf8493ec7ff2dc1d4":64:"093343e49b70c938":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3180703e1ec93b20d1ac4d64e85d5461d75f783bcd2f4fa":"b7b350db6fc0796e9fd0cb239f561bf7e27b2aa26b8e3e76d8b737caa1c1c5ad624a32f5709e4b751f8c21172d4d0f4ba38ca4d1d0e2570c084cabdd0e8880b35140c84f775c3c301a9b260825e1fd75f9835777d6c0e23d359af1a5f7caef934b91bee521531582b639be2cca87c2991f5525f4a2f64c30a1453013d73c16cf":"916d72d515d3247ba48828d4113bda3b":"1002513035cb1d7e8b2710ff8c93cec55e2e2c2b56000d4c1182b5286736acd2d6f2fc9b82f71156dba6f77463805627e4bc38c96e091ecd945df7e996e7fc3bbfdae3d85ef1337fbce960fd1d60d06962a1669e9e8d20be151f6323cb38ef68ab5e838f02a0f379567f518f15d81b192cb25a42356807c1b9c02bef8309ff44":"d590f2afcd64c574ece12c675f509efdffc01e1404cbafbc923c4b44390eff66dd839e6d800df67bc06f49f76911df3cec36a3a1521762d6d4a8ee602ebefde0178863443f918668fcde8a531f3b5ee0e4c379ecf3e75e7c59f753e41f4e39811bd3e7dd3d6bbaa1e81fdbf8bd976384a6c4505f7e4270321c7329bba7f15506":32:"22e50ed0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02bc0a8ab5468123009b2c69aaffd0a20a1fb082b55a7ecb":"8bf32af1632a7903f00e801ee6e5c690147c021be6886cf2462b2172786ab296e0feb96648e4a602ae6dc45e2aa60e6610356cde26b1dde3aa114c5449216a467fcde18332a6d482d24a1ee952379340d036a48b63efa092db4c30a95f402d57b9c837183e900b47805f170cfe9e69baea2b939799e983f7470bb1297f937bbf":"bcfc15308e891f32506a50c4ed41bff6":"01bff5e606a536e951213b23672db9074fa8bbf947e815d32cbfe30adc1e736517f86139840a4aa0a671b4e9bbd6a59d292db34cc87742c0dfd2d658ef157734c5fdebb3e5772d4990ad1b2675c23ddf1472e892dafe7bf140d614c50cf937923491662299ab957606f4ca5eed2facdc5c657784bac871fab04d6cd3ccb18332":"b8dff03141832970c925e7ff0038394a0df7f35add3046cc56f73e3eff59e18932aac697456107b6da7da3249049c3be5c098dd730cd4bf68cdf798c3a932b2c51f18d29e4386cbf1b7998a81b603372337784307b0beb59235eba4d3e4810899f6d71a994ba9742aea1875878ccef1bf674ee655a0720bd37e44b33cafe5742":32:"bd0be868":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c07d5ccaadb9e3ba5b5ddf380a7a2a175522b98e31e1d34":"04d3e6bcd5ebf696fe84a702ffd5f76dcbe9679c909b36d41ce6362f229304aeb19896c6376cb3c25081f709af57d36f39f421ecdb70bed9f829558bec6e78823275fc11f9a2d5f773d27136d903ff08e5926338dfdcbc182825794e5f739efc1f0ecda8e53751edbe0d08963471fb5099f2ff31f76b479677bd6d186a409525":"e4db5c6403a03daa703516763052bce0":"b747d97f263d0ff6119df1b5332640d2e4568813adc12ed76175fdfffafd087456748abb267195688d2db41caef301117979dfd2db9714b352398594005bebb449ea20415fcfb2671253f69bf6467ce7f5bce350a834c4586eb03e766c1930e7e6ccf01283ea31b8c73d7967cde0f2a53cc46b1b50c48649044d6f753f1d54b5":"f5faf7bdd99c62ec87f93da2ca3ce31e694df0a0fd04d61914f9a7a4235de20e0a406e297ba1099fff8c14e8fd37a9d6cbe2c5c572c988cb1ff87ffe7825e1947ea3da73b8b3633721fb4e08deb3f8fcae2407d73bd4c07f32b4f9ad0b1364003b11f84037a28239e96c3996874ba8e4ec7270bf0441d648f52f3730d30e3536":32:"e0820c4d":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd01d48789ef7f07f80a7385e4d1b1734903bc6ec768c9f2":"":"944ed7743be9ce370cba7b7c9b7dece2":"":"":128:"dfa0ab389c3a780f598af80200c84da8":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0383849ed0db3e52743aa82fe8cd9173b457755be8bbd46c":"":"c6b8518346ec52c001697b7bd38dc795":"":"":128:"48a1992549b627c8621e8fbaadacb16c":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"936388053ee0116b3f783ae34f000d5fe2c5d712842d46f9":"":"c5426b20c014e472c7b85be2ed0f64c8":"":"":128:"4cf0f6a45f3544e3d391375c8fe176b1":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40dfcb3151a8dab1cb79a6a1e6a24fb55024d0e256bd4b07":"":"b8495cc54653e7ad74206153ea64c3cb":"":"":120:"1d3786412e0ceb383de3898ef2cffe":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83ca41d8b33c6134a14d8b30b0c36d5b799574dd925f3b8b":"":"fb9aca5b4932035c65b571d170fdf524":"":"":120:"9787f7d68d2648963cb49fd7459121":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886e646688d573c2dcc8ca229a11b394b3400408dd801503":"":"c0744685722cb87717c76fd09a721dac":"":"":120:"794fe4df0084c21ffeaf959e5b0382":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0b845dc2c4e9e5a94bd3e8969300b16b45d3ad5eadb2e80a":"":"0900b3fa3cc9833d702655d285f904ed":"":"":112:"dc670518e150d326921bd5f43e80":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac9fac2e32ab44a0774949d53a62c1cda04b132a3b07a211":"":"8cf6a81bfa21633ad95ffc690c737511":"":"":112:"4cd7a6e4f3ec3d41d086e6abf14c":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f9721ef784980d03140490f760313cc8a56424affb01672":"":"c104bd8482e3fe7359c85e0e94fd4070":"":"":112:"3f682fc71989804ba74bdad04a97":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7c935f56970678ab89f6d97315a33efae76148263e95f1e":"":"1a91965c5458f4a1fde309cd42a3f277":"":"":104:"ce266c6f0447623a3ef1f6f57c":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30ecea6cac70a9de4f4f7f441d6b9b5608cca39d07c0ded5":"":"361e5cd21c670de39b5f0b2b89437f99":"":"":104:"48a9621522a98bc6c0acf03429":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb80c4fd026c3f68ab8fcb8e28e144fdb3ba00d70295ebf":"":"ee552fb94a527d18d285d6c195ca7b2f":"":"":104:"5ec97630ce593e9d560136774c":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c0261023ee9f682789ce9ae970fb7601f07551259ef91945":"":"bffe4af76db75bc4a3d42b57c73c51b6":"":"":96:"bf827b4526da77ab2e21908c":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb4ab2071bff4ec239ac05c04800806df2c256a4845b13a":"":"3ee0e2e72eea437e46a873bd659b1c4a":"":"":96:"572d3ec2650ad57eec84fe00":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"193d5ebeb466d3fe68754bba413c65112ae29c5ca5e450c4":"":"04e9d31b3b1205cae37c435d5a5579df":"":"":96:"71004356f266688374437aef":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a455ea1d9a78425a41d43e293e88de40dd6ad9ab2a63ef0":"":"c108c56a1b3261042adc89046ad1ecf8":"":"":64:"213d77ed0534cc20":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6fff8797db2f1884b7d71e3ef3e5983234a837dbd0c2cd6":"":"6be4417d7c00fe9c731e0932a7037a71":"":"":64:"68b6c28786a017e7":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86e6c451ea0ecaec9e365bc4831e7a6c092b65ee9bcf1b86":"":"6258168da407ce43cc18d6931497c1f3":"":"":64:"cbf20172e75a6316":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9295cc6458d907da5e7c356a7de51eb8e8d3031f72a05fb7":"":"c7eaad3389fc24a4ef96a711ffbfff9e":"":"":32:"12508e37":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"308b6ee958f81a7fbf3bc386e167459206df9c1cb999d904":"":"2c61b991ce478d9aac818d7aa75ada36":"":"":32:"32ead170":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"873d033773218387690c2871448578d8440ef36553583928":"":"02072ec745c856c6e86873a0523d603a":"":"":32:"e6a5726b":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cfd9c1375dfd19e64b5e4b75022fabaa049627d5238cba3a":"":"0a745c6910b23c78b1b44c02f1ce11b2":"0cc6724b9f3675619fbc70117bfcfb5871e903b0f01382e404793c1dfaff5a5b4131a7fc3041014941dc2c53871bee3ff18c08e9abbb13a8ea220cb89cf65bea1581eb8ac43d148203532dad8854616210ed7f1f9467e6b22071ccc8bb7e3bd89a0ed02a7058401aa4f2b5d0ce050092b650591282e66ee789bbf032dc105503":"":128:"8ec41e9c76e96c031c18621b00c33a13":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6c9f16c5dff4bd8d1855995dcad1c4253759b6e2a833995b":"":"3f25e3210d6d9caa8725eb55c6813cef":"7c6a66d930c95ce1028310cfa3670b77ffeb5e9b627a667859665c1dee8e69930c287fb1f1a3706ed1a0d35eb6d1becb236352a226a5b686bc27e1e1dce4ac6d5974d88b9812b39ba289b2490821319b5fd677da23fab3adbae4fb3630e2571ac887ed951a49051b0cc551e7ebe924c0cbb1c516f71db60e24773430dc34f47b":"":128:"5e000478b55ecb080c1b685f24f255a9":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a8e393e00714cd94de0347351b924ebd555003f3a297493f":"":"9c7eaf730fa8074acd372fdc53b726c0":"ce4cb46e67d85c5e68afe61ddecb1a36da4de42774d45250d0d52b328834385ce1ceba96f703daab81d7a981cd80c469855e14d834df41e4c0c98873f3dbb777fc0562f284c466b701a530f27fc4e6838cecbd162db34b8e8a23131d60d1f9dac6c14d32a2141173f59f057f38af51a89a9c783afd3410de3f2bbd07b90a4eb2":"":128:"66bb46adf7b981f7c7e39cfffc53390f":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd356a8acd12b06de9f63825e93664cab1beae7f4112cc70":"":"72eaf459b8af0f787e91d117931e3cdd":"9295b227be3e1faf4e969be6c7f20d507431cf5da9e2a577c9b31538058472683bd52f0ad3f2fa9f68159c1df88e7dde40d6612f8abb0f11a0078419b34b558d9144ea6596a09e5d5548b275620e5a3096dceb2768d2f77a0b79e0b963387d3016ecc2f155d9182e3209d97c76329b830bb62df195cb2be11223565f496e751a":"":120:"2ff4aecc90e2de9a7d3d15eb314cc8":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80ecc9587bc2cec1ba87ab431c7ed03926169c01eba19729":"":"5a65f279f453572e169db33807d9b52d":"29520d9020efa1ecf514e39a286f398c7225b945608d4b57ec873ae8bfbdd40e4cbd75b9b535c9f171cd7913ed4b21e09d6bb030eaa27ca58b08131817113c852b6cbdf550d94dddfde8595e689470cf92f9c20960b936ac0692171158e54041155482f29e4acae41565d87f5641d1aac96b8cb763b7f1267ccdbce234d067d4":"":120:"83dec0fb36463b86270656681455a0":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94345293fb7733fea9c8b94be2f4fc26f8c3655f583e2b0e":"":"8bad4f3f289b9f4063ba39622ba2b7ee":"7e2b6520d7a554e612d01f462606c0e6d0181bafece1daf54f4316d707483a5dcd4275a08caecc1c20f3e32872fe3e57fa62d598949f5e49ef0efd53e918617e0a140338c007025493f2e0f8dbe5fca4a57d1db6333551bbca79243a73ae8a68dafb3089998359159df916ee6ba4f928a6a173390f15f2ee6045d578dd757bb1":"":120:"da305181a12517420c6f0d71fd3ee1":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a3915523031c3caa58ce02c2b1e6ee2eb42cdaf31332432c":"":"d5416986beb3131afd6b7967836d243b":"ba4e883147c8f07afc08735e6e439798bec60e00ed3f5982f66d6b82a9af7580934112a9858f83abbd71193190298f0683453d3f8388c475fbbc8f9b6a3d2c77046b73986a54cc4559c57cbb86330267e04bcf5fd583c6d2968a7971da64c99d98623676154b0ee413ba531ebf12fce5e06b4ee0617e43bdaeb408b54d1b4445":"":112:"f273fe664e5190a506da28ea8307":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"799d3ff266644128f330ceb8c028297991b2a5593e4afa3b":"":"9d27061dd9d50817b3086f453f1f401a":"d3b5c420ac597daaac7503cd17f580e94ad779fae0d4199ada2c7da7c4a611228752375647a03241f29f810d3a6a74a140ef9651e4a6099259f7d41ec4e51a02917e8cc35edf7f60ffc473805f56f0ad51fcc767670157c050c3214d36f831a54bfeb7ab2039cb10f7919b89b0f623a572aaed313983b105fdff495d979b8a84":"":112:"e690c9afdecea2494b6cf5a576bd":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7480905cee8be7f42b9490936041a19b060331712882da55":"":"27500a09506e0133c88f65e77721b547":"52832d4118fddf182b21513db25d54a19220335f8676ea35c0941d2a38a3aa536b8c9cbf093de83c6b24da3372baba2826289bb3cac415795b9bd3ea62bb9b48450978e79b936cd70cd551e580a6de3418a2be0f4c1f062954aed6adc94d805e59ff703d239fc2318b80cee45c57f916977b319a9ce884d7e02726fdb71c3287":"":112:"52a5721e98ba1a553d8e550f137c":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"042db3f8af95ad68966bce9ca0297ed41b608683a37457f5":"":"32d3e97edd3f393da5abc3827cae1e67":"4d7c2ee6e024e95a6e684ded9898f5c7fae7da8658bdb40560dac6495e46a691e97c047e66046b55e8cf9b02d31d3caeebe3a9f8aeed756d6b0da1ac5d4ba2c5e7b54add22f681ab1d5a2ac1463e8447e08592e0c2f32605bd02f2f03c925a2159e5bdd880323f4ce18a826a00962ce418dbbd5c276e3ff30f1cbaa4795d1ce5":"":104:"e2afbb95a4944353ed21851f10":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f5ea90f99fc76594f0f06448321bd4bb5e494a5e351e41b":"":"002a5da3c543ca56dd7e5b013b094f70":"b8150b50e36de85158a96d2096678f31f179c8765ae6ba5723ca655e890528eae96d438f9d9365575dadea3cebb4d7df3a9d5323f93696c40781a6661dd4849531e672f5cee7cdfc529416c9c3faa889d0f66ee4049c949c3c8459680f490bbb0a25e50af54de57d9e3241e0dff72604af55827b9c4d61b7d1a89f551cea2956":"":104:"db9fd90a0be35a29f805989410":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da287d34379d56f542edb02ea673bac097150f87648a57b9":"":"6696034b1b362927b89ae1b7ab5297d7":"45818b7b69b05a121fe5c573c9903cb11477873b24a544ba919baec78d1565f4ad0766da58bfabfaa17ac3c628238a4d38b5c0b14b52e397bcac991408dd7b322ff614bd697ce2b5b94ca155a4442ddd9e502c4a5f81210c32dff33481f4211897db38f619b308f3708d554bdb6c7b8a4d2a80ccdfd5f70501c83502a312ca8a":"":104:"8e65d86edc071446454a1bef34":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1782ac334cbffc92769a170c3cd43915f735b4423ebb4dc3":"":"736f2f24cd04e26d38e69c55b38cca7a":"5827d391efec2f8f102e5f053ac496e2910248a0eb72e8a0b3bf377c6349df02ab0410a3d28bc27abc7cbe582a03000db57843565e4fb06c4078de75c3f1a21130d55befb7ecb919ad789a4de2816c3a42d4e9b32e38d980c06045987d03739cbe7710d839c42f04f5088072c1a1044c3b89809b780e74e54ec135fbe4129ee0":"":96:"c6dc3c4ae52f3948503d84a4":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20529c374f21c97b0a8f96f7bd5bdeb3fcd2b12db30b3ee4":"":"e6e45b7c28f7fbcae658acb533614e48":"b41290031906709ec8048f450a940eff0422a6ebc7b44666c05f17aec9debc1bfecce62d896d5df4618517fb57ce7b04ef1579ebb2636da0eead063bc74ec184b0a69ca3eba675fc7107bb52a49f93783608677565205ada7bf5a731441e44cede781120a026cc93cfe06a06fb3104a521c6987f1070823e5a880cbb3a8ecc88":"":96:"e9ec5ad57892ce18babfde73":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5634789b29e373760ecb9952f4b94ca76f40dda57ba363dd":"":"7cd1d2d6beef44a6d6155181dfca3dc6":"0130a67935e2df082a95d0bc6dab17093fb08746a809cc82da7893c97c5efc0065388bb85c9c2986a481cc4bbdeb6e0f62d6cd22b7785a1662c70ca92a796341e90a538fe6e072976d41f2f59787d5a23c24d95a4ca73ce92a1048f0b1c79e454fb446d16587737f7cc335124b0a8fb32205e66b93bc135ad310b35eea0f670e":"":96:"4006685e2d317a1c74ef5024":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0072110572321ad9804efb5bcbc2ae7b271b1cbb0f4897b":"":"604ed8056666b17fd27b111afd419375":"97f68c00513b2247bc88a331a3ffa1208038736d6761b3b080884a8dd46e0596f2c00c1a93bceeeee814210e57d7f1cbdb4e0c2ea6a0834baf716945af9aa98e2826ae0eb5717b241ede2b9e873f94c1db9eb5e1b25f75827c25849a2c7b92098b54845ed81f52871a2b0d12d317846cec34defaaafc3bd3cc53a6ab812bd250":"":64:"64881eaf78aeaa7d":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e91e8c2d6928bbaf870e141ee34d3a56d00dacc8c7e50514":"":"6f3d661a3e321844d1fc12d5ec2becf6":"fc8e5b45ad1647f9dbdbb6b437abecf0a8ac66065d0e250aa2ae75525455ee13adce8c59d643b96de9002d780db64f1eb9d823c6b9a4238171db26bf5d05153d1e3c839b93495084363b845fed75671ace0c009800454596674217b19832751252f051f3995776a89209c1636b4f4b28a364bccdedb78ad36876745c1a438406":"":64:"1f4f495adfed6c1e":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"138ff9c8c556ffe7637f7602cae428d7e20dff882d44ddc3":"":"38d7005fadee55b5a0434d924d971491":"3facceb047e486998c945839ee5eddd67054bbb28308365b2909dabaed29fd5b7b34644043fa443165e07b20214710cd652fecd816d9273c700d6828d216db8f3ceaa9eed0e251585f4ee5ba4beb3c0582b8128a3ecc01f4b29cab099ba2a8931e56120802fdf6004a6c02e6dd00257a83adc95b3acb270e8000fd2126b8eb83":"":64:"fa8aed1987868388":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1187a34ccb75fc06dafeca0235186c64ba929adac6cf6e49":"":"9dd515d3481f21efbe43198f623b34f7":"8a1b00ea5d1f4e451cea71b3d2fc9bb03b9790a8ae8ae262b3e97ebf34911f9d865c8810b9fe779fff701c72f3639654e60898d1f57eb93381749f0e2cecb4ee342f5f34473215d5c46818338ff688637217fdfa8b7ee552db01973fdb6084c3c20b530863eeb1ce798046890994f5625df2a56042d62742097cc10d512a543a":"":32:"83f45529":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c1052610d05fb77543b6b517eb64b487ed902f9969a420f":"":"90f4c93301371158271a8f46df1c86c9":"83d009a1238f8aa40e36cbddf08a5f3d96403a03f7d079359cd6d3d0c719bf79c908654882919dbc6c27db34007b6732cb344a0f4babd26b1209ce6b134a8d2318f9a38af034b265562097b63794d7efee306e97c6ac0a991b3764ecd936c87000fa58e6689e302f12c2851b1ffc950dad7a553c8c67e01a2270e1e5e9caf30a":"":32:"30b3fd85":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3dc62e54957bdd1968be71b7d205fedaa291349d69f2854f":"":"b8bce0f9263688ca41c4cefb26e79453":"22b6d92d8908bbdbcd0ff35299eddaf0cfb039befa2d2d83c896f373b92091d145f1771c58d60f94d3548d0cbbeabeb796d7632b5da3c66ef75cb41a35e7d1b032ccfbddbb9423e0ee054bd56b6288bdf1b616492c85393e4134ff9c066b23f3f626eac63a5fe191ce61810379c698de62922d3bdbe30697a3e3e78190756c3d":"":32:"67887aeb":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f170a6a761090355592968d67fb3514b8bfdb41cbf121341":"a050f858c87d56dfcba3ac1ccf5ba60628b3ab1b89845682a95b7f291c80f6eb1cbced4fa21e3584e21528746231e7311ec319a0fcecc329e1a7aaed0a8548e613e51db78c86c8d0cefa15e30b745b952809f87d8a4a7bbefc76a8eb824827d4334201bda7743dc497ef5fffa2812e67f2a04e5c10bf464179c6178db932ecd3":"e02ef73aee414041b137dd3cae8f2765":"":"c08c9bccf298c8a352cd72e9174f57dc9bf64d65191a9e97b43ce70afacfe76feb5b2695d72ea4635fa94144de02a54333a77c7d4adcde17c166b303f1d664e6edb081a85433a7496f91ce640f113935cdd4e7ad14c95247506ddc6620913b5c67422f599ca00b95d62a9371e44c5af5295bf96743d0f1228c96e95af3b4d366":128:"d64d9ac91548dc1bad618509633e0c25":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce5a40618b8bb2d9fc1d87a3333a9cd4945cfa838c8e0c6":"4ad4d103da3fb2ef8adcd1e0e823f4a857f1d6fa6273bb66574033c18ba2f760951ee0fdbe06c5cd3a0a30bd11142450f2d7e71af2fa7b9556b663fc30766508aa24e1fb2219f30ec23a6cd48b58944541d1f3e3fbf596e2ef263bddf789e7a666a68638081f0ec1a6cb3cb7feb0fddbe323b307675324ebceb25cba6d9002d4":"0c4b6c940d091efee98bf27fad79b04e":"":"ad611dd6ebaeb5a634d4bfba9f965948ea79d16294b976b7c8bb57240c5d13e10a9fe7a5b5d39143000b4f24fc331cc4988685c8d6401593a420c12e6cbd7cded06504d6a1034f70153f7b5019084a66ce818761841cab52d5bcb2a579a4acd9df50caf582bc6da2b94d4b3b78922850993ccec560795417016e55cfab651473":128:"317596eefdc011081f1dda6dae748a53":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f71d789a63213bbe17aa14f2956e9da2496a1efd1a63f6a5":"f5bf20dc6a11ce5142ff34d6c4771dbee4e74790c4ccd3cb5af408a5c7bd706bac550d7ed56805f550efc7648ab501fbbc63a1070402626c5788f076ae40e6bef2b9aab9a4bd8550fe38f7cdb0fcca2657ca26f1f729074326f45ae932182905d849b1534d3effe20dbfc3fc26dc6453d6544d481e58891405dbf876d0f254e8":"17327996f18c7096fc5b8e375ed86f47":"":"fed961a497502b2e49043ff29b9426a1e864a7fe0a88281a1572fbe62203f071710ea1d77873906369b195919a7bd5b44cbabab6eee23c3692cb8b9e4db7ee595b8d4b063d209b11d64150c45545b7eda984144e1d336a3bd3f187834bbc6950b3e7cd84895a3a5e27f8394a9aa9b657fba77181c9040b741c12fc40e849ba4b":128:"9dba8faf9d12905970ba0e29bc7e9dc4":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83182ba753ac16554e873281599113b7620bdb042704bce8":"6915d46189fcb0f9ab9b838da2124ce06398d638fec9c1c53f07a43fa0ea09feb2bf868fd1dd521f301f9f38e2e76716038f34cc0d18ab9bf27ac282dc349002427ca774e211027baacb9f6bfad6fd7885a665e508f654bb018f0323215153cd3a5b3e7b83482c08cf07ee5ef91d64a671b3ef22801ff21cfae95d6843ccdc16":"805c6b736d62f69a4c2cd4aa3745a615":"":"76dcefca6305ded697be4488513cc3fd3d9f08f06a7c1a9133b9b3fb0f44badf5c7544881b5babcb873cab912cc8a00337fc36100e6a5ad998eac5d8568795b41166377c5114757044b9b73206d19fc34b6378a06d55b5d5e9498c7693e818dd962af9b9da2345f4ebf152f33fe85f3398a65ad7dec823a1b1155c38cf67df84":120:"746c9972aa8481253d0d54db77398a":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b176e7a68da4c74aeb91760448c0257b1e17101299e1405c":"691c436811f82e747468571f80fa8502ef5f25936fca58a8fb6b619a7a95f4938da558a3b26a2f09c8fc1f5bd347c7724d9fa377d0a52094bfaac88f3fa9b3dacc2f56d880e825809533da5980a63e01d6199fbea07f3d070e29c5d50e1013224f0ea86e7c008e3a2e63df394ef6ad93ea97d73fd4429feee495b144ef3a0d6c":"42e2e70b0096ebd489bfcf4d6ac0f2a4":"":"81f9c34c5b0668fd58ec8822c6ba75bd7eb0d1741260fad6ad5e637903aa29d5f5facaccb4b885f62e10b7371f9b6b43e3aeb69bc5093bcccd49f3ee744e49f87cd2a2c36c808c47e4687194cbfd4faec4da66b99e3d4ced9cb8ac6ffb94d7fef3ae2b92b9f613f2bda3ca6c8efa9c6df8bec998e455f6eb48519e8f8ce4e526":120:"26d0921dbb7987ef4eb428c04a583d":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8bab5bf1cd8f259129ce358cc56ace2bbbbaefa79727f66e":"57385955b9909a0856bf54ad25d00779cd7d3dea78e1ae8965c4b7a568934d15ba1a7b2ab899f69fb1b864bd4d529319b51bf85a9b63de9cd51997ee4b2f015307cc42be9257e1b0a84e1c9e55a370476bff0a5325b21850f5b686a3bd4f1599f36d0772c406047b8ef29245c42ade862cb9d25b1e108db4f33a42dccf45c985":"ca5beea7dac2d9d24d548463977d5956":"":"67deff1accc4f279ec2eb4c2a515c17886371bc4847bdaff4aa70e170775b64855a6fb0d347baf39bb53d7239b7a63ce451effc69e8d8c3e544b77c75170a68cbc45dc96ad238aabeb5ebec159f38089b08dfbbe94e1d3934a95bd70f0b799fd84a8f563d629a5bfbb4eb3d4886b04e7dba5137d9255268dac36cbb5b5c8d35a":120:"f212eaad0e2616a02c1ec475c039e0":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd0e0d0c7907bdb4b4e60510f73d8ab2a30700349206ce22":"e6835a650047033a4940f72029857fae6fff2773f2aa0e4f7cb0a4abe86b6e8cb0c3e468637057f7eb20d1d30723e3c3107d0f579e31a4c3e6fa8133e1b1b51fd21a8aa80ec657c4f674c032bc4a2d3e1389cb877883317c4451ab90692337bd8aa6e9312388a0acddb508fa477cc30eb33a886e8fbced97492c9d3733cf3fc2":"1f183eea676c7ed2ead9a31928f4df5c":"":"9f1a3017d16024dbfea4ba9df5154a6a2c794f00da070043c17f0204f06f637c8fffc760424187dce4fef044faccadefa1b1bd818522915e389d307caa481af0f1f767c38216fa048f621d46880afca5c8fc582853dec95d19d19cc943e9a1861597c99041c59e8bf8e7245f9e30b1f6607843a978d0ae7a4e0f716dabc9d9f6":112:"4ceea20bf9616eb73cac15fe7e2f":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d59c476dcef60a45be253d5cfbb24742de9e3879bdfe6949":"144696d85126c682f8446fcc2724fabe4b8840d46f3de6ae2ceacb2f06a1a80fed430e3a0242f4f7c308611c802c8b8e9c992b78a5cf401fe7a4671bf081f97520919f02b66e8bffd4fe3f4a69cf3d16667e7724890cc4b66c6ae487d2d987bfacec424fdc9865af4474b04cce03fffc828b2df66d99087e63f35eca52abe864":"9bca808f02295477f2aa7f6ac1a7bfe5":"":"9d23989edd8dd9911a3f5a80de051ec7812c6ce018e683751380ff990a079f3502ec0fabfcdacf6c1fb2503094124c39ec531b5d29ee8e4e46c324fc10dbe0f31e9aa56522bcc7085ccf768425227cbab6db4127671a4cab7bc65dc1d3d9d81469493329e29a9a1cb7e5e088e84eb243493cdf1a49b16fc8d4ea2f142aa9ad23":112:"d8b20d72d95a44dfb899bc6aea25":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f1594e840375405a682dbc1836344be8c6b3f3199ee7fd6":"9bc6b715c65347a383f77000b3efb33b16019d01605159e09c116ded52d20721bcdde3796b6f4dc33cb29ce1c48438e95d4db6102465440cecaa50ca33ebce470d8986663652e069079f9d92ff167b3f7ae568218fc62ff5a7be50b3b987dab4fc7979e5967bb0574de4bc51e774ba05f9780a49ac7b3ea46fdf35804e740812":"7f1f4a80210bcc243877fccd3e7cd42e":"":"773d6901ea64d6840ded9a05a7351c0c74737ad27e7c3dbd38dedcdede94722ae67e88851ee471aefc1f80b29a7312fa2a6f178ef2c9dde729717977e85783e2e49a1fa2e847d830fac181e95fe30077b338b9ac5d2cfa22ff9348a0771054322bc717343b9a686dafda02d6354cf9b53c932da1712b9bb352b2380de3208530":112:"fc3e0ca7de8fb79eb6851b7bca16":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"88a6d441c1b7472aecf92c294f56f3c1da1702d174eff431":"eecc12fbd00c636a7ff897c244593239d2dbca9d1f370660c9bf9759cc41dc6e95075516f8d7fc06fa91ff68701777725171c2dc0767a1953fac13008d77065cce8ee329283d3f64adb8a298aa100c42e75d62e47fbf5134a21b826fcc89ebb18707c0f4d54f6e93220484706a23a737341c601b56f6a28cc8659da56b6b51b1":"058a37eaee052daf7d1cd0e618f69a6c":"":"0f5e889deff370810ed2911f349481dfb34e8a9623abd657a9a2dc14df43dc8917451ddeee5f967af832296b148d6a5d267be4443e54cef2e21c06da74f9a614cf29ead3ca4f267068716a9fd208aefa6a9f4a8a40deee8c9fa7da76a70fcb4e6db8abc566ccdf97688aaad1a889ac505792b5ede95c57422dfec785c5e471b0":104:"5fa75148886e255a4833850d7f":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abb4c4f8d3c44f07d5a57acba6ccf7852030daa84d09e13a":"24d82903e5074beb9a769f24a99b18c7b53c160a3c3ae4065335bec1c4170aa4c656bd7c87a8a13c0ffc6653c045445bf8a135d25a13b2d44a32c219adc6ea2695fb9e8c65f3c454dc0e2772f4a4ce51ff62ad34064b31b0f664f635de0c46530c966b54e8a081042309afb8cf1f337625fa27c0cc9e628c4ae402cbf57b813a":"c9489a51152eec2f8f1699f733dc98f5":"":"3e5528ab16aed5be8d016fe07f2ff7ac4d393439c4fe0d55437a68967d685815e359fdb8f77d68241940ce7b1947c5a98f515216254ac29977cc2a591fc8e580241442d08facbdbee9a9ff7cfbde7004346772b4607dafb91c8f66f712abee557d3da675bb3130e978a1e692fa75236676b9205341ead5277cc306f05e4eaea0":104:"fecca951ba45f5a7829be8421e":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cbce5e6d0fdcd3ab08ccd86115149b5569584dfadf40256d":"3974339a1b90b19fd3857d812a0e59dcf43f9b0f360839940b99834ddedead79785396ab8fd0fc0e523c06f0555371fd5bc857a95c3ead26536e6deb1faabdc776ac7cfec4b60d9c24b0856ecf381efd98f941d5b2a38108922d9cf1113d1e484354b55f9c0f09d95a77fd30ec9cc04d19199931e187c56fd231f96fce5e1eb4":"ae3a25be73876b6e9dc88573d617653a":"":"4f57be0de00ca2c7c52c54b931c235fecb4ee1e5a30e29bf68f57248bafad87e484cc68465d9f64bbf502cefd2c84e5596c3c8e58a9fb51a8c8b132579a94bc32e92f7c7247dc5f69fda98727c423de5430f01b37d77e3ae6bcd06eaf5625e5c7c9c228b9dca5aad8f571369fe0964731bf1f143f2f709c7ed51641ecfc88ebc":104:"33375e21fd8df9f0196198b4b1":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96779eaa8699469e2a3bfae8a03fd4bff7abc62d427ff985":"a343fd32fc513e0e9772acbf99feafe9de4b54e404807999b02e921e0914b2d64d0d402ef06f31e1db852899fb6db231ad4465af015b0c16407fa3666ef5c2a6d52d5b4f60b0f7fbcb13574b2aa5183393f3a91b455a85b3ed99d619bc9c5c2dbcc4f0a61a7b03e5ab98a99cee086be408ce394203f02d6d23a1e75df44a4a20":"cd7dca2969872581d51b24af40f22c6f":"":"74422abbde6e4ab674025735874d95d9fe3015620a8f748dbed63ef0e2271063b6c0d65e00d41bcf4ea86ac8b922b4d475f904c0724f0adebc2eef4a3abd0f9efd75408cc054cbd400436e0545e09e6b0bc83a9c7d1c1717589d180c7b1d4fe4ca18bde4d9b6bc98481b7971c7eb81c391ac4dd79cdefeabb5bbc210d914d30c":96:"b0e425435fd2c8a911808ba5":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39bfb4cf533d71c02932e1cd7b800dca9ce9bca843886962":"de76f63ecf9c8d4643599f4dc3f9ed837924915ce4216759013cdb46daa0a508e06bcdb77437b0a58c40a0bd30a05ca41433218c6869f1ecd26318aff27999a2ebbb651de8e03061b8ffe3e14060720eb35a8e4dfd8c870aa4562291e3758cc1ea6c4b0fafcf210e10b31f8521bb0f6b29e8450b0cd6f8c8196ca2f7acb807a3":"d2b937bb5d2ea7d54d2b96826433f297":"":"0b0b4c92f06b17103ed581fb32d46e874fea2a2171d32aac331daa4d6c863f844fbbad72e455cd5a3ef941d8cf667fed5855da6df0ccd0c61d99b2e40a0d697368138be510a2bf2e08a7648850d2410e4a179a6d0193e49a135524092ab1f842ed4057611daaeb93e7aa46e5618b354a1091a9e77fb92a8c3c0e8e017f72deb3":96:"a188107e506c91484e632229":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"41b7d80ae487ac35aa498e5939a0f27baeedf48a494c8e91":"c26d4b918a0c967141fb5712a28698d16640d200b2934187b81ec58486b706ea1caaeb654e5fbbc0d078215aceed7d66939e0fb54d6131d8948cf58ec9571646ca75a051c2b5c98fe16f7733d42e5897b0263272015042f3134143ea3b08bc65292d8d31f30f2ed9830ccbfca2d33d290c28f4dad07c7137a4ca05f432a457c2":"626e1d936b38cf9c4c3a44ee669936ed":"":"8998e799985890d0f7e8b0fc12a8a9c63171e456ef5cb211f836a2dc7c9e3f4d1cd6280f9b0c469b703c55876b57cd1d8cef70dc745e3af8438d878cb2fe9fb1c5b2d9a2d90edf3bc5702ef3630d316574c07b5629f0db1510460af8e537dcf28d9c5b5cec6996eaa3dcde3354e39f60d5d896d8bb92718a758adb5cb9cc17d5":96:"69901cbafe637de5963e7331":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ecce8fb50a28a085af744b44bc0ea59d6bc2c8ff1f2ff8e":"54300bfd55b227b4758cf64d8a3f56cb49b436adb4b927afa8c4b70d2584a6cba425af4fbc3840dd6f2e313f793cbc7aca8219f171c809cf1eb9b4ae8a9d0cf1a7aa203d38d67cf7719ce2248d751e8605548118e5bb9ce364349944a2205e1b77137270b83555d5d804edba2f74400f26d2d0d28eb29d7beb91e80ad66b60be":"b7e43d859697efe6681e8d0c66096d50":"":"45dac078c05e6a2c480543d406c23f3dda63f2b616007d08fbfb075a90eefab8dfbc26d334266f5d72fbc52800cf457f2bbc8062a895f75e86df7b8d87112386c9bad85573431ccfcef6a5e96d717fc37b08673bf4a5eecedf1a8215a8538e1ddb11d31a24cb1497c7b5ba380576acb9d641d71412a675f29d7abd750d84dfd1":64:"2dfe162c577dc410":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6773e627f6c49a1687a3a75d2ee6754ebfc2628bdfceba28":"eb0a64ad510968c68a816550d9fe2eccab3bd8409ab5a685a8638f81b4b50a9a96318bff4e86f7f6e9076960be8eef60e72cee4ea81f3ba269d8ab4c9581a54638421520a6411a83e9dc83b6981a9dcdd9e4a367d57f156d131cf385c01a736b327218e6b6468d317ff78a01f1588c359a3a9b188bbe5d3ffad6b57483a976d0":"ad85becb03a05caa4533b88940ca141a":"":"959658fdff5fd802fca5c5a79d59536ba8ef1359ac7bfff81264c7827bd31b8f02ecb54f309b442a54a5a57c588ace4b49463f030b325880e7e334b43ab6a2fce469907055e548caffa2fe4679edbe291377c16c7096a48aef5659ad37702aed774188cb4426c3b727878755d683ed8c163a98a05f069a0a3c22085600759170":64:"4c0f4621b04b5667":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c086f7404c14160f33d6efde231eda610f92fa55ac147b4":"fc8e5cd81755e489de7e3ddd2b587149ee013bffa2ce198c514641b0e1659261edd60bdbfd873e30e399869748bfe56ba543ceb9bf5fd0e7ba2b4dc175c52f28a8a02b4816f2056648e90faf654368c64f54fd50b41ea7ca199d766728980e2ebd11246c28cfc9a0a1e11cf0df7765819af23c70f920c3efb5e2663949aaa301":"71f154f1dc19bae34b58f3d160bb432a":"":"6d60da2fd060d2aec35faf989d8df33f2413ba14842b0406e38a6a847e191eac9f4570cea647c3988faaa5505ea20f99132df2a8799cf0543e204962da1fd4f60523d7149e0dee77c16590d7e114ac5d8f88fa371dcdd254eccaa8316ee922ba23a0a07b289739413ddffc2c709c391afee9289252ddf3ddb62a4532a5515e35":64:"f47bae6488f038fe":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae1b3eef91ba79032117c60fb847d46f18175565d0ed10c":"9b71eeccdc91cb5f7a567a9189774f4c30d96477b88ac553df66b78a56e5c9e0986a17d80c811116d31985acfbf9d7a9bed291aa2fb6329457a836b3f8f11c16416f0a3b86dd9c717c8a050c6ceb5c27d8e2ee0dbe63f3e1e4f0aff4809e1f6f6ed64d31d494b7399cfa0dd9446321bd4256a49d0793a10a670e3f086408428e":"cec8b66a657e4bdf693f48ac52e60770":"":"015a318acb6198189ce908ab1af28578a37a48beeed772c6ed4dceb0a3bcb092df85f653234c56a25c075c8e028d4a8d90d974fb0477834ae2de8d5df53d0d03a979450b6e7a66fdc9b11f879ea9072699837f2de7192156f8e5d9411fd83d97d31fe63ece4e4326ff50a24fc75004a5ba2bd4845b29e0794696943dff1e5d6e":32:"9cf6f90a":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c1582240ad301f831902c66334546dd681c12308add0870":"d4b716b49858a23aad478581cbb6dfd015ae550d76497229b5b1776e83f2ded8542675c63ca6a007a204b497ed2ef71ca125d91f386be9b4213cd352a797a5d78a1373f00916bb993de14e1a0af67524acfcc9fd71daa32e5def9a3f2dab5b3bba4d2f9f2cfc5f52768b41157fe79d95229d0611944e8308ec76425a966b21ec":"b6f4f3959914df413b849d559dd43055":"":"79964f8775c78009bca1b218c03056b659e5382e25e43759c8adfa78aec48d70b32ffd56b230fc1ce8c21636a80a8c150e5dbb2bd3f51607d97ed097617963dc6e7653126fe40cb36a7f71051d77e4f3b768a85ee707c45d33cc67473f94c31da3e8b4c21859002331b5f7350e3e8f9806209255ceac7089176e9d6b70abd484":32:"79e5a00b":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fd55a356943824d20630b1539627ad1a9dcd8ee2cb4dbf49":"b8d8d6dd0631f9183ca858033a31dd583d3ee3b9510fcc69d8cd412016bf854b9edcf65c2831e63d72f4cb61a99f6f4e6dab0c2ce9c5a8cdbc179ae93aaca2c8a5b848a15309be9b34e5226aa9a5908f543fdda983fec02e4073edcc3985da5222b53f8c84b9c54c78dd8b2712b59209463595c7552e28f2a45f51cb882c0354":"aa89a122c68e997d0326984fa5bef805":"":"107a9ed561e6c45c375d31dea321c7b4a4b7641024d2c9eef6a103a750ba15e1acacbcae121510b4f56f19d29e6fb3e6fc06950b1daa521528f42284130a40e5a6c1b58b3b28003673511abcf59a4b9df1548a00f769d8681978b632f75e5da2cf21b499a24fbdd4f7efe053d4a1b20b240856d3ae27948e35098aa617def5bd":32:"7f9c886a":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4cddc8f525640fc0a0875c65b788ea75c673f84f4aacaed4":"55e3ccb855c1fd6d33e28d308485fd85abbd8ade1299936996851d44dde063ddc37962f9f67e95df02eaf3d877516240771c469be2abf2ef6c8dcbb79eb1976f825b109f752079957a7c981faa2fcea599cc52e262b84f4c2031821619f0be6fa3c38d660e9eb3e0d5de2da6b83de9866eb3efbc6a2dff27e52587c6f79e1c26":"1b883a89413f62dd6d507cd70c048855":"eeaf21bc317660b0e2afb9cd5bd450ff0bfa6cfa7e49edad600f71b971347e93b9712a6e895540c665a1d8338f61b51da9e0a4a9122409824287ba4bc06bdbba10290a40b31b5eae9dfeb6471f4a0a0c15c52a2c677c4d472630d4078ecf36dc6008faa0235a688ebbe2662e46a49b1dd58cbee82f285f3cdebda1dc54673195":"18d11513661296035f6f42d264e0b4cc7ec47f43b758c6dac95e5e3b3834362eb64447d923e107a60cd66ac359cf3a203f9070eab9fe61ae64a86606c9b50a97a19e12f731de28719fe178c9713edbb4525b221f656a340c867405c41bed3bbcb9c6da5cc6a4d37acd7a55f251a50fa15ea8f9b8955606eaa645c759ef2481e8":128:"dec3edc19fd39f29e67c9e78211c71ce":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b8c31830b1139a60425f6a34387f5ca2be6f5a5074adf13":"95f4ea90729de0f0b890fdf697948053f656bddf57e3d461e7ee1770161904bb2cbc8c2f801481bb54145af760e91c8b30cb22faa87efcc6f01e3f798af0bd460475754726514d53f419af2f2c373c76f05bf57d3fc1b763f72ba0fd2682d9d1d76f6ce8d55b56fc7ba883fad94f59d502244804bb87bd06f1217a4a6c5055b5":"ab5bf317ad1d6bec9cac8bc520a37b1d":"5a47d7474be6c48fa4bdbb090f4b6da494f153a4c9c8561cae4fe883000b81769b46cd65f4ce34abc3e5c6880a21d12c186974b0c933a16ba33d511e79b5f994c38e383b93eea1259d38f9fb955480792206461dd29d6d3b8ff239ea6788c8e09c15be99f094d2d5980c6c1a8efe0f97f58f7725a972111daeb87d862a90a7d0":"1d0211d7d7bc891e4fba1ba7d47ac5a4f3b7ba49df69fcfde64bf8689b0eab379d2f5567fcff691836601b96c0a3b0ec14c03bc00e9682ef0043071507988cf1453603d2aa3dc9fa490cdb0dd263b12733adb4d68a098e1ccd27c92fe1bb82fa4a94f8a1cc045a975ac368e3224ba8f57800455cc4047901bba6bf67d6e41f94":128:"23681228c722295c480397fc04c848a1":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c2386b948f59ce651888451021772287f14a92d807d88a8":"44f00c8a7c84e8207ec15a7be0b79c88fa347e2c3d5e8d07234536d86513bc39bebfff02efb9ff27280eb37f7e8a60a426538bc1e3830bca0e76faa33b30719fab51578d15df77893bce8740f50c491b8b9f1739a695c78406b5ee4d56f80d8d564b586b0f22ffa86eca46a9d8134a9507c5b9ad82757ec51b18741abc61f23b":"7a1f7d0be4c7f8869432cb8b13527670":"f76ea9d6e976616689709700a9638204e616f4c1c3a54a27fb0dc852990d81dfd6787aa5a83b9be5087d3f7dfcd522044911fa4186511de1957b80338025c6c4aa72058aa3160047cf42166aa0089e2ec1ac8ea6d9f5f2c057f9f838a72319dbd7bb4948da3bc87fc2036a0e7b5e8cee7f045463152ff80a1711ef1096e75463":"666c4d6d3f1bec49ba936eea90d864e8ecbe0ccc7b23872a4ad7596afaec628a8165a70397289a10c67d62942e1c158f1489a9de44443ac4181e74ebf2562995c9182b57bc960f4b5d3e33fb7cf7a0c32a59c716de23639de9bc430712524d74a087647e27ff1af87a2aa0cf0b58978ad8ed616b566225d3aef2ef460be7393d":128:"53d926af7bbf7fba9798f895d182b09e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5852b4bbfa623e5e2f83b888f5eb6cbe06b57299e29a518c":"8cc85e520b45a85c69cd80072642ef1500b1e0a409c435d685544a6b96d3224cc40e5fe8a21c4959b2891d4a53bbff03db9939c655e6e92222c6b44c95204827bd800c74666db64907894bc4e3043fab318aa55a011ab9397592ced73f07a06282c22d9a57dd7a37eadb02f59b879b030d0a5005226c461281ce3061bf26de56":"b96f4bda25857c28fdfa42bfe598f11a":"0bfdc1b16eeae85d550a97a20211216a66b496c8c19030a263f896958e4d1decc310b955523e314647edcbe3f69970cda8e07f8b81f9074434fd86b8ec5b3fa8b155377ad28050b50523d3d185e5869bc9651d97c56ec6b8047c20d671f6dc657f4cdf73fd7d3caf4b872f3fb6376eda11b80d99cf0e85c4957607a767642da6":"b148312074ecfc8f118e3800dbd17226d55fc2c91bcbceeae2a7ca3b376f6d568dd7fcb5c0d09ce424868f1544097a0f966d354455e129096ec803a9435bbbf8f16432d30991384b88d14bcad1191b82273157d646f7a98507dc0c95c33d22e0b721c046f1c13545f4ed2df631fd2b8fc4940e10e3e66c0a4af089941a8ad94a":120:"e3f548e24a189dbbfd6ae6b9ee44c2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2bd897e969ccee405ba9becf24787a1e1be17a571442c6da":"50b8ade5e6547c350c3f43a35a3cb641459c5ef902afc706ce2fb980b275fda62e8974d1577ef65ce9fd854d88caa10295d1045ed7563e9391d60700b5d2a4a7ba5f3de7a7d1541780b95a08eb3f0996d96aac7ee838b67ee869447617684c08566647a4991e31829907ebe4b32cfa46c0433a64f864b8b9316cb0ec2578ccee":"fef6a08d92b5b9bdae4c368fcd0cf9e8":"fb3144ec6d93704d625aa9e95be96351c6e25bccf1eaaaf9a1d405e679efe0f2da07510ab07533295a52cdc1f5a15ef5bec9e72b199625730e1baf5c1482f362f485d74233fbf764d0b6363075cebd676920a0b315d680e899733d6da05d78765db159c4f942a31d115d53f1d89cd948bc99c03adad1eee8adcef7543f9dea39":"e65ed5b6d0f51f8876f483f3d8ab8fed78ab6c2e1cf50693c8511e1cc9823e1030740ac33f05a5aa0d88205bb3071a087655f28eee7d0a07945d25e3dc00221a1dade4170cab9084c47b82376d5d439bed99150811843b176543f7944b1dd9684fa9a52117c2335dda750d9de0d9b3ef718123b6534cb012080f6ef8eda8d4d6":120:"468546d4199b9d923a607a78fa4b40":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12141d5834b8ca48b57e0892b6027c997669dac12fe60411":"cf475b50672fd8cc4ba84d17ab1b733fee2073a584d5427155f144ddd945d4901d5a9d76e3d6ae55ab3f9514861c83bca7d53868f35bdc8606a167ac83591be30ddb954ee173ee172e8d7742a71c0fee04ccd16fb5d54a45820640405209e20f8494f08d791a2a15f5cb848df689296a04e4b01e2c19bd8d9ca8b4525853549a":"b6dcb39939a31df176dcec87eb8db90f":"daf4e0cd0b29343defb65562594b2b6fd3f005e6255500330f77a0550c1cfbade5f5973e836ce7046bc2b2ab8bb7983830ce6ce148d0998116183d1aed320d28adef9ffab48e0f6d6451c98eb83fafc75fb054991d123965dbddcf74a2c01c746bbbc8276b77f6732cf364d8a4a5dbf5aedbbe16793e8c406ba609c90f0e7669":"4c2d979b9c2dc9cbbd6d4ed04094285a44df92e7ebcdee7feccf04c66c45137a7df12110b8af805f5cae9b4a225c3f8dcfd8f401e05c6ce937cbfc5620acdf3a4917c5b857bff76f3d728cf6a82a5b356fb95d144125d53e568b313cef11c11585d310ca0f7f1234090b1b62536885e9e39b969060ad3893e476e88941fe2cdd":120:"99cec94a68d3e2d21e30cb25d03cd2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14b9197b7980d95b71ce1a1de6577ce769d6af4cb45f7c8f":"03b37942f12435f1c19dbcff496738207dc92edf1ab6935b564e693da1865da67fb51e8a838559ae1640da441f22ee79787f1e909cf3c32187b41a48fbc595df1c097fb37881b329fd7b30dd1e05d6052fe81edf2e10786acc8aeeb4fac636aac9432c3be3dafb55c76ec85cc13881735609773350b95eedbdb695b2de071a03":"cad0cfa7924e1e5cff90d749cfadf9f8":"283c8a38c7fc9dce071d4ff9ed79002a6862f9718678b435534e43657a94178353b9ec7e5bb877db5e4f62a2ca6bd557562989363c6fdedbd7f0f3eeec5445c41a2a8bc98117a1443ad4d5dd63a07806622cca8ea6f9f6019bd511634db28651b916e2399bbd84b03f8ec696ed5846f30320adef22ae6d164aed09edcfa25027":"83940097301e9867623c107d4447b250bf6db7d06f9e07b8d8bc6b72b079b725ea1f4b5f79bb80c518bc69a2bd73cf3aa7b88162773ac5b27a2dcccecce66e158ec0875937910e0b6f396cc7d7cac5d53b0fddf3cd70b570a647245a5264927be1b2d9c46fbc6a630b21fead46c4f35af1d163268e49a16083590893e6df4671":112:"3e3f677e68208208e5315b681b73":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80e2eaa70362203b7561b135db581cf32e9cd816464f0b2e":"62cc2db32584a8d90f348be32224bfdcefd1fd25c5cb05c7e74becb4b40ea09d6495f73adc1fd23d148c11849bd825efdf15e144587f785770d2aef2788b748c338373a0ea43882141bc9f7c693a291c512cdcdea6d5defb2efa2324736df7fc4b434d7f4d423fb1b8853ec3fdf2c1c2881610a8d81da5de5e761f814ed38e35":"3d7e99ddea0baa45e2f9f2289d2182a3":"71663fab717ec4d9da34d4851437f4504dbd71b65b0d04eccc513282c351925c23892958b4c9dc023c5a34944ef507e0b40857d8b508ab7104d13c2fbfce2d086d466291aaa449ad36977837216a496ff375959afe4dd50dc2620a062c926b939ffdb144a656bc04bcca8d1d4fa0a9cb0a5d713721accef2d2c9688a77bb42bc":"1c56b492f50fc362c5bf70622f817e1814ae0b69db7e3055fc9e690d2adb940f9a78cfd7e08044671913baec663d9f9af6dede42fe16d200e8421d22066009535704b05b3775ac41359d7c2697e2f4bec40df69b242392eb30e2d8a664d84cf95ec21797f1ccddb72926cfdff22848d14e373f5e6c3dd349196464c98dc38365":112:"e0c1b140cd7bc4ded916aab8780e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b7aa649cb1488a658b4387451bf59852e845ec7d2273c69":"245251595d10d719d8d00610d391735fad377b60d7430c7db488488c1ec25c12ee0dee3aac3d7dc19aa602924a1f27a2cfa8f6354315db93b5e4d2b6e8402c4254921e683ca681dfb3c7f433a97f119e01f2acb20988dced8494e086395351f2af356b11832472cbcb109c13ff92f10a4c8fe69bd264c8933cded19a980bdbd2":"07b50b1aacdadeb03e7488458db03aaf":"2a7970ee97d612b63d2a0c29e5045ddfc6621c237bc270b3147fc0191de199b6923947e3bd3750de5155e1df29caf96ac702f948c38619e218138945595156cc5f1dcfde0d1d6a5aec48ff37c9ff2b2209a904c59593779820ea68ad95898c7ca0d0d81583c44feb0fec30665cc56620a8c9408e4275e60f5284ed7c0e58285d":"6bd53e4415765f387239c6664f837371b39f6d7ff22453211e91de5dd14272784fffb4f6b2c0bb8c6b7d1cafc55133aa0d54d410ae383008fdd87645655062322fbaa06df0a2d7ccf4cc170d1f98ec6a7ad524a3e5b07761f8ae53c9c8297faa5b5621c3854643e0085410daf5bf6c7e1f92bbbfc3691eeff1c5241d2307bbc2":112:"78d37215234f9a32571d0d8b1e51":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"512bbb490d062fe5ecc8e5ad95920a9e9b78bec6a7694dc2":"862f2724ad82a53e0574c0a2a0515bd86c5ed0b5ae92278a78ea1a90c03059d08a91d1a46678aef862b56d0320e970b7f941b784841b4d8a38d056f2bd352d48c0028086a36426bbc1436da9e021dcac705b6e03649b426cebd7a235f6d060ab6302d777fc9316db4a85e8c1387648a8f5ce2398a247413cb9374124449e498d":"2d14fb3e058f97b7c9e9edd1d97cac7e":"290078e63c81abfe99010b8344ff1a03dac095e2473d7a31888102e838768892e8216439dc3355aedd073892f4449d9d4d3ea6c25a9152c329d24cc73eaa0004832691740e60f17581201c8f7f4023d8e55faa3942ad725d21dade4c03c790b5370d4cad3923527c20ca925a2ce534a652ed7e032cb1c7906aebbdc24e6b39a4":"44e78cf3a2ce4a5e498315cb8d5e841f926408921f3665d533caebe0a7fa6c164b3d2c0b21ff3a608a7194e3194fda165ada8d5fc2e924316aa4ce201531b857877c5519f875eb49e5908d8d81b69472d03d08c785ee374c5fe91b16aee173761af7ff244571fd40aadabb360f38d301463e9da8cf8dc44d20848688ab3be47b":104:"6037cb18f8478630bc9d8090e2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3964ee03ec5e500f2f8c05313b78615420183fe2950be32":"b9424e4a79a08a7937da1da15061c1eb9a873748691ec9c1fc76aaa164bd34873d07437d203c92c0e89c0c5befedfbb17f721f576473253617547206fb2b340945536cd7a049864d099419cf3f7a9154c0ac8d676b0e9ec02947caa4057560af347ddb46002703f3531f27b2197790ba135e3d3c0709c86f4781890deb50f3ba":"d3d4e5fdf6e36ac75b4d51c47ce5b8f9":"6146a97a2a1c709458bef5049088fdf339e4fe29cbdf519c93d525b71c9fb501c4b58bef49d43cc7699b18fc89cee1a4a45834f517214a77fb3b91d741977308e1585c474245802118d0e2c7003057c4a19752a143195ec2a57102cb2a127d2dbefe1168492e072e74c5f6ee102a0c371b1fe2ddfd8ecbc04c6f42befecd7d46":"a2ae334bac969072e754c0e37765ca6253744941a35587bb4feda54233a7a59f037e971d254c67948b16e4c35f306c0984f00465399405ce701ba554419a736cdff5a1b4ae5ab05e625c91651f74aa64c96ab628243d31021ad56f535eae33a885b45730268f900b6df0aff18a433e2823ddb0628a7026b86b3835160e5121b0":104:"817be7dcf7adef064161b6c42d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a8049f521fe9a00f7bf566369e540a48ab59d83305e2829":"67243a336a10b82a0a8638b35dc147c14ac63b20977922a13de459ae2cfbdb262a79004c3a656dfbc073ec8878595e24998dc44b9435439af117c9635c479676f6edb8f522cf01571be5aa5b5bc7d1cc3264436566f8d3c684973d1e88d46282b53836a1ab5a698560e5bf7629ec12cb141867f684b369546a1d8bf48315b6c7":"e4d81f71e1de8cf4689bfe66a4647f15":"4cf6733482c218af832e99970d0717ac942ebace0fed4ce4dfa1f710b9e131a21cc03dd3ced25b78bccd1991a30bb53b463c1440b6543b19af91e31c18866c2acebb78c2a340b930518e61a63ff8d6a6e8e7960523de40a178614dad4ce5ab253e1090a097f8ec00dfeecb46aa0e8f772f01c4e706de7e824386a13944600542":"cfa8ba247ada9e6b3e5ab7dd0a7108574cc811c2986cad951168559ff697b77684880ec266f0b7d87a2ff559e368a85846becee312bb2991692d928a7c191cfdb7f1468f8b84be4bb592ea640743443bd4941a8b856c57be21eb22fcb3f6c0a80728ddc9dc5fab1c77dfceb91699009054c5a4eb0714a10b74cf0e09fa630299":104:"1dcee251cda10b2ea8f2bfe6a0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"657567a56e585c84e4033268f08f712aa280015b77cd657f":"96d889651c4f3f5120bee233f6395fa0bbba1f6548b109be568ff96f11d24e34d67beb6c20268feba89240674b0b4552d0a6455d43e8edf943da3d8d785a5221df8ddb3a98d2fc611ac7362aef71f8f004eb455a16d1dcac488ee83d4f11c4a00c29d9990c5a2a97b897d67e51faa40999b1e510ac62fa4859123cdb37d202ae":"94dc757b6bdbfe925b762923cd0a08ed":"a2c54e8da7dca49c73550bd1f5e68449295f062d5dfe5aa4201bdf353a2a1ac9c3c61f2b5482184cef481fa378a1ea990ce203c2c7d76993c62b415ece06b9b7caacec0c4147c0cbf292e528d97c1a176fcb1ca6147cfa4bcce92cbdfe617738a92273282c7a65fcb997bceb867ce01ec74541582d3961dddf3a2af21cad3ce6":"55a5d07a77fc37090c4206f19483aa3cc03815194ded71c2b2806ad9563edfebfcf962806ba829373947e3e93f4f39794514ad7b6dbc626e29fbc35f90f573da33ab6afb5c94383fd0fdd1ee074d650d192f6d08fbd1e24a6966a81a2ffd83fab644ee914952de77e9427262314ac47c11a44bf7d2890f9b9980499bb6a1f692":96:"41c72043f6116ee6f7c11986":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61159242d48c2ca0c30377ec2ad701135adb62d113c9f9ba":"8ae40603f6cdae4b63ac7b18b4bcbb83c65867c2ae270102efb6f00aa8af5d0400dc95085910a50a16cbcf71f06c3f3eab71345d59c6054aaac02971111c7146add8c072158e0b374d481bb540036a136ccb91523f96f24ea237940ab011ad38f2a3095c0785df91604be1fe7734cc4119b27aa784875d0a251c678900334a0b":"4fda7236bd6ebe0b316feeea31cb5ebc":"ed28e9954634ec2c9e2df493062abf3ea3e199299053a15ce8d6fe051d1076287e4e7c0b2bab0a599b763a29d0aab680626f280c4f5ad94b7792d9af532681f6e4eb2672781f2342304daff902d03b396853eaf585af4d3bf5078d064e9eea6e94e667722f15c004f4cf52253a5c65b75319b07ba539558d8a2b552390a21577":"dba251e35422f60f902f594bb58dce37131e8ae06b5f40ad23c4a70a5e25fe24c76982c9bc11a7f4e3cc62d8c1326170432633eba1634972a9bcd093b08e1c63ece07c4be79cadc888b0408e40c09636e1cf1e5e9a6f2ea44eea5409a2ffe9c3ac9a18ad7aa9041f08eb109c01ed90732a8afe0694319ef98a0269685b4d16b1":96:"b0feebfc8324fd1e9e40f7f0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5b4c37150f8bf0e14e0bfd37ac14e606dd273577007f24b4":"48c6486b2691b86f5f107e8fe0122a821248206d2dd3ce898a2bb3772202ffe97292852bc61513529ad95faf6383b5f6c5a7c16c4cbe33cb02e5e50f32db95ee2962aae1c9c0f5470b3baa216cc19be5ab86b53316beef14397effb8afba5b5159074e26bf5dd3b700f4ea5abd43e93ca18494e1779b8c48fcd51f46664dd262":"664f553a14dcd4dcba42f06e10b186aa":"4386e28ebd16d8276c6e84e1d7a3d9f1283e12cb177478ab46acb256b71df5a2da868134ed72ef43f73e8226df1f34e350b7f936bd43caff84a317b1e5b2e9a2b92ccab1e3e817f93222dd1e2cf870d45a8458e57948a649360c6e2439bbcc682383b50bcd3d8b000592c3ca599e598a03b9953af485f1ecc22501dcacb7110e":"05fdbb5ad403d64011e15d27cd6f5a2247e018e479e58ad3fee1e0e8ddd9e114c0e82f2c947ff9af525ce752f4aea959463899542b85c9b413d065ea175103c3b3c35f56eea52af2c54ec08a1d5b7cd5ee4f59de8be86512b770e42ab176b6b70ccbcd264d6d5cfdd2e52e618dc24251ac339ea38cdc446c778d2db3c7c3e93d":96:"77f32401db21adb775e7f1d0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"531a380b109098eafd997bd25bfde4868d2a1ca781795e9a":"466237db78d4c770a658b9693420a2e087c978fcc434c9ac82f3e2447b2fa08be32d2ce6da25846555ffe5764234b07b35dd1d1bcb710e8a49f918f2c873681f32765b092a836e9418faba61dc59a254c923159be16f585e526616fedd3acfe2748ce19ee03868ea9836bee2c6acb1b821e231eb2d30d300387c93390d51e3a5":"ad079d0b958f09732aaa2158f6215573":"09e002c2c48beaf1122411e8624522a9e90cc3f2a040c52ffcb91136519277c39fd6a79292b8835e0fbcaef2279218106aaf75036590f8a46f6b6912053a3b391849f7e204f096288d6141d5f80c7f91dd2f2b6ebc1ced6af8216e0a594814b56bd592df800299b29e26ed7461ba3f6f3cf151b9c10ad634a01d9c5e578aa372":"d1f49f94e6fbef7e21abad23e16c06fcdfa75a8c342be67baea8e0e57dbcd2971276e993faa124ac81e6be18f68af303518efd926513cee9dbcc5ef6cf5e9c068a1210e53fdd56776148d51597e359dbaa0570b4fe15476ccc9aa79f7c765755b6f694af4269b9e18fc62a0d47708bca67dcf080e200718c22bac256f641e7a2":64:"01ec395c99a17db6":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbd7a92120ff973ec69b6a8189c6ea827ca20743a8781518":"1583c1578a8c8d272a970f05d875f199e497c55f03f10f7bc934fee21c30379dad3c580b3f99304a5747b61fd43428506439ede2c57f5229e13da9cb7cd6174cccbb397e98fb90455ccf3ea3b1304f432a070a2eb5205ed863326b3b86d4eb7f54ee2ffcd50ed6ef01b3ee216c53f4f2659a88fb6343396b2ded0b389c6266c5":"57658c71b2c45f6ae2d1b6775a9731cf":"45ca8a168ecca7a42847b779ef152766b902192db621d2770b56c7d592207afaf52d19a6059feb76e96b90628995bd6517af3f114e97af8d602a493b77405e93095fee6761877dc292fab696a4303102dece60951cca20cacb171abdcfd0ef6da6c90b44edba63b9b6087d876b3fff24dea909899ebd0d0371c424f51a9a84b8":"58a290cf0e774293d1b55f5ef8a305f68605c0c81668b8a1ba95fceeaa65229404e18fa54dd811a6af085c98b8854d0f956adc2aaad742cafa9ed53d7cb445451ee7a4dc1e8399ec7e5b4d004ecd22496565bf444b2e3d82ddf6a6d5e6256c5095a699d7ff3f8cf2addec73e21013ee6f3dfc0a3abf316ea5ee1d6943bc394e1":64:"af737ec3512da2b4":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54bfc8379e0a8180b931c5188c95ab3ed3461d6e9004d182":"93327664eb576bbb64e4ff061874346b4e80a779cdeb1fbe630bf5e4307d4f2c5d5ecc94aa8bdea755c1af165fc8925bfcdf128c1ee6571e9f8344b22dfc90ed893316031661a9438b305396f3a80452c9b11924163b7fc4422b00dc58ee0e674710239975a2cf3253bf2601cd155e09547a5f3be1adda84a4b29631a8e13161":"9d15df8de4150f44d342f2031de3611c":"63331936d2972abd44c1c9f62e42bfa932dff8cc75d9f555f5a7847d08558e76f5393e08909760edbef8d2922a7ca8e1c0c505ca627c02af73253791bb35ff080b4db7dddf4c8b304999ff645227cd79f13ac87f9c963b93a79a0e946e5781cdbf1b4b1967a75314f19c7219e3b69dc2c24ba09fbbdf7184278f82818bdd0958":"18ff87dccbc24c396190c7b37c4a77f86e609db7fb2b326802714d0f196b00b84af887f1b3bd30ee0b0b192d0801ac4e59ac40e5c652b3da32aa024da3acf648da0253674c391d260c0674853c7821861059772c9a7f2775a7ef77d1d31a6ec1c51c5f3089bb516f8cf52d5a15724281086abd92a74d255b7cc84b5051be4e5b":64:"bf0f7f8084e79da5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21b775ef8c40a5387d6c8eda4e90d0a00c795681a2887dfc":"6346f84301d6d83e1c5bad44fa7e0821f35723713ee8d4a9e2bf15abf953425b09bd77b2360f4e62e82bf9e14e2b56be51d032aa8a96e894f19f3e84630f9eae831b329f7638b09de7210cd29778059ef1d0bc039c1e10405f3ae5e4ca33216adcfc21869d9f825344d62b50bab03f7aa7b92fdb94951a68acd01f1dee75e428":"9763e6187d4b96b1801d1f6efe7e80a5":"3bd523c16a0022b780ae8318a28f001502120bb26e2f65f4fe94019686f9d1df330e70cef1b2ba4b6ce1f7ef37750f47e602843cbc5f13ff2ceadc5091eb3601604b70bd4acad3d61950b9dd2cbfd83a391223c8e09fddd4020c0f8a8a7057139fd92f3bbe034f03cc48afdde064c8b13ea942ec0d621db959ec9d5fa95afe45":"f25408848bc27ab087b3ea053762837a534c3702dd8be01d79f075f61d76ac1d6557d392e1fab475cc7d13a5f6be6f0718bad71c3c85b5996bd3c0159e264930988e3ed506bcc94fabecfb58caaf56e2e4315bb50817cba765636d1faa91147b3880815eeb90d0934180e49132833abfa6279247d9dd4048dff851e9a551ee1c":32:"d1fb9aed":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a7d8197d9ceebd8e3f6b3bfb74877ccf649ac91d7057af5":"37b01df357561f5aa43b5b4b0081148213f7b74babc80f4b3c6dd78ad17687f11443cd4a57f8d7a74ca3080e2a229f78d8e6db276c1142d5f4ee764eaf09cfd70c596d7a2cad5360c2de20d5e17ec6e06a9b049bb10f8742a30a94270cc6d7709b2f09f3cb8347e41117b7ddb99e4a939f3094c016330a8f170ccccb9d3651fb":"db5144951a9f1721397b7321713a723e":"ad72fa5a05adc40fb38245da019cbf50958ccfe26abf67dfdd49f4c4af6bda8bfc99d557913b2634c5c65d33ca909360adf598b703db1dbcc29481b17ca42fce3315ea1454693b5843e751fafd78158fc040c1cbe607063ba9c0ac02ae4b88989e3cc63adda8427032c70560349e1a8ec847906a9a7b0422a694a1f9eb2b3b72":"6985ec525cfe869e1709751eb6f1ff0aabcb39ae3aa708adc452ce1a8cad8ab4f1739f660b2841566f1f5c9e15e846de7f86ca1dc085188fcaa4a3f839ab2a5f0cfd36e36965ae519fe14f98899ccb07a3ca15ec705e3160df6dbc37ab89c882012eefe51e4da8d6d6b84b3144ca87a90864ff5390abfb92992e44c46807b3c8":32:"c51604f5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"713358e746dd84ab27b8adb3b17ea59cd75fa6cb0c13d1a8":"35b8b655efdf2d09f5ed0233c9eeb0b6f85e513834848cd594dba3c6e64f78e7af4a7a6d53bba7b43764334d6373360ae3b73b1e765978dffa7dbd805fda7825b8e317e8d3f1314aa97f877be815439c5da845028d1686283735aefac79cdb9e02ec3590091cb507089b9174cd9a6111f446feead91f19b80fd222fc6299fd1c":"26ed909f5851961dd57fa950b437e17c":"c9469ad408764cb7d417f800d3d84f03080cee9bbd53f652763accde5fba13a53a12d990094d587345da2cdc99357b9afd63945ca07b760a2c2d4948dbadb1312670ccde87655a6a68edb5982d2fcf733bb4101d38cdb1a4942a5d410f4c45f5ddf00889bc1fe5ec69b40ae8aaee60ee97bea096eeef0ea71736efdb0d8a5ec9":"cc3f9983e1d673ec2c86ae4c1e1b04e30f9f395f67c36838e15ce825b05d37e9cd40041470224da345aa2da5dfb3e0c561dd05ba7984a1332541d58e8f9160e7e8457e717bab203de3161a72b7aedfa53616b16ca77fd28d566fbf7431be559caa1a129b2f29b9c5bbf3eaba594d6650c62907eb28e176f27c3be7a3aa24cef6":32:"5be7611b":0 AES-GCM Bad IV (AES-192,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest diff --git a/tests/suites/test_suite_gcm.aes256_de.data b/tests/suites/test_suite_gcm.aes256_de.data index 95209f03e..2777a2708 100644 --- a/tests/suites/test_suite_gcm.aes256_de.data +++ b/tests/suites/test_suite_gcm.aes256_de.data @@ -1,677 +1,677 @@ AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"":"3a0324d63a70400490c92e7604a3ba97":"":128:"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"":"7156358b203a44ef173706fdc81900f8":"":128:"9687fb231c4742a74d6bf78c62b8ac53":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"":"4fe6ace582c4e26ce71ee7f756fb7a88":"":128:"d5bdf8ec2896acafb7022708d74646c7":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"":"404efd26b665c97ea75437892cf676b6":"":120:"e491075851eec28c723159cc1b2c76":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"":"4037eadb11249884b6b38b5525ba2df4":"":120:"360c6ef41cbd9cd4a4e649712d2930":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"":"cebbce06a88852d3bb2978dbe2b5995a":"":120:"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"":"008d040fbd7342464209f330cf56722c":"":112:"c87107585751e666bedae2b1b7e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"":"947c5f0432723f2d7b560eca90842df1":"":112:"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"":"51f639467083377795111d44f7d16592":"":112:"02d31f29e15f60ae3bee1ad7ea65":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"":"aea6f8690f865bca9f77a5ff843d2365":"":104:"7f2280776d6cd6802b3c85083c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":104:"ea01723a22838ed65ceb80b1cf":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"":"ae07f8c7ac82c4f4c086e04a20db12bc":"":104:"1132e4fff06db51ff135ed9ced":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"":"929b006eb30d69b49a7f52392d7d3f11":"":96:"33940d330f7c019a57b74f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"":"e34b19381f05693f7606ce043626664d":"":96:"2adc2c45947bfa7faa5c464a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"":"a56f27709e670b85e5917d5c1d5b0cc2":"":96:"177b9a5e6d9731419dd33c5c":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":64:"fe82300adffd8c17":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"":"1bd9ea6186450f9cd253ccfed2812b1c":"":64:"35214bbc510430e3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"":"728cb9608b67a489a382aa677b1f4f5b":"":64:"e2ef5d9cc5791c01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":32:"0fe57572":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"":"7b722fdd43cff20832812f9baf2d6791":"":32:"72dea6cc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"":"729baa4c0ef75ed8aae746376b39fe3c":"":32:"2a0d607c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":128:"c595b9d99414891228c9fa5edb5fcce3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":128:"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":128:"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":120:"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":120:"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":120:"e3645db0c600dba52044efcecfc331":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":112:"c25fc157c3f2474885e2eea48aea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":112:"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":112:"3bcb5c2a4261d75bfa106fb25ee1":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":104:"0e463806ff34e206f703dd96b3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":104:"3f0ccc134091e0c0425887b1b9":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":104:"888b836c9111073924a9b43069":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":96:"b6044c4d7f59491f68b2c61e":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":96:"5c5683e587baf2bd32de3df5":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":96:"52e10495105799ead991547b":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":64:"6ff8fd87e5a31eb6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":64:"49aaa806cb2eeadd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":64:"a5b71ecf845b25d0":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":32:"e9cdbc52":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":32:"e35dbac8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":32:"e7a37f15":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"2fc1afc1395d8409919248709f468496":"":128:"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"c571ce0e911de5d883dc4a0787483235":"":128:"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"275393276745bc43bae4af1e5d43a31e":"":128:"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"47f5264f7a5b65b671892a05fa556f63":"":120:"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":120:"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"4e022d8d86efbd347e8cbab7e979771f":"":120:"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"7c0f49fb54f5e68c84e81add009284e6":"":112:"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"5cea906737518c2cb901016e30206276":"":112:"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"387ee8c1e7f047e94d06d0322eec02fc":"":112:"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"d2b277f78e98f1fa16f977ce72ee22a7":"":104:"4c81c044101f458fdfac9ca3b9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"94886a1845aebba5ed6b86f580be47f9":"":104:"4be34ff42085ef4443c8b6042d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"e5ca84b907ac761a5e68a9080da0a88a":"":104:"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"fa549b33b5a43d85f012929a4816297a":"":96:"afa61e843cee615c97de42a7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"2f8512bb7e214db774a217a4615139e1":"":96:"f1da1cebe00d80eb4e025feb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"3da9af3567d70553ca3a9636f0b26470":"":96:"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"b957f05921d21f2192f587768dc12b4f":"":64:"322374fbb192abbc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"31bd7c971a6d330b566567ab19590545":"":64:"efc5a1acf433aaa3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"2f9c0647a4af7f61ced45f28d45c43f1":"":64:"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"69d81c73008a6827a692fa636fbab8bb":"":32:"be2dda5c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"e119e166471ecf44bc3a070639619931":"":32:"b2f54b3a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"cf296aa43cb7b328e09c8975e067404e":"":32:"56015c1e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":128:"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":128:"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":128:"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":120:"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":120:"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":120:"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":112:"993fc8e7176557ee9eb8dd944691":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":112:"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":112:"92282b022e393924ab9c65b258c2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":104:"6154c6799ad7cdc2d89801943a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":104:"1d6cd4ab3914e109f22668867f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":104:"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":96:"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":96:"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":96:"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":64:"d8bd7d8773893519":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":64:"74110471ccd75912":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":64:"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":32:"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":32:"30298885":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":32:"1997daa9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"":"7f8368254955e1b6d55b5c64458f3e66":"":128:"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"":"274367f31ec16601fe87a8e35b7a22dd":"":128:"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"":"796efaff4f172bef78453d36a237cd36":"":128:"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"":"45e6b23f8b3feefd4b0ea06880b2c324":"":120:"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"":"548c9c8fcc16416a9d2b35c29f0dacb3":"":120:"3aa21f221266e7773eeba4440d1d01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"":"a5129e2530f47bcad42fc5774ee09fe7":"":120:"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":112:"55952a01eee29d8a1734bbdf3f8f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"":"6404b111c6289eefa0d88ed6117bb730":"":112:"637f82e592831531a8e877adfc2c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"":"3b87b08337a82272b192bd067e3245ec":"":112:"1f2dda372f20ffddd9dd4810e05f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"":"58e70095c6f3a0cda2cdc7775e2f383d":"":104:"1763573f7dab8b46bc177e6147":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"":"d565c9cdfb5d0a25c4083b51729626bd":"":104:"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":104:"ea7b52490943380ccc902ca5ae":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"":"c993c1802df0f075ce92963eb9bff9bd":"":96:"edfab013213591beb53e6419":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"":"8f7e1621c2227839da4ea60548290ffa":"":96:"f9da62f59c080160ec30b43d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"":"05d363b2452beff4b47afb052ac3c973":"":96:"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"":"774f4e70a7577b5101c0c3d019655d3e":"":64:"98ff89a8e28c03fd":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"":"99f25cebd6cfa7f41390b42df6a65f48":"":64:"8e14a0a4853a156a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"":"c1beff1ff6cdd62339aa21149c4da1e6":"":64:"f998d7c08d609b3a":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"":"88126c350dfc079c569210ee44a0e31a":"":32:"f2ebe5e4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"":"af29fdb96f726c76f76c473c873b9e08":"":32:"13fd6dfd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"":"1552604763453b48a57cea1aed8113f4":"":32:"660c5175":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":128:"6b4b1a84f49befe3897d59ce85598a9f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":128:"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":128:"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":120:"2e080ba16011e22a779da1922345c2":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":120:"83de3f521fcfdaff902386f359e683":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":120:"cd4542b26094a1c8e058648874f06f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":112:"96ca402b16b0f2cd0cdff77935d3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":112:"8233588fca3ad1698d07b25fa3c4":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":112:"477b0a884d788d1905646bd66084":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":104:"0cb67cec1820339fa0552702dd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":104:"08d7cc52d1637db2a43c399310":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":104:"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":96:"99230019630647aedebbb24b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":96:"9553b583d4f9a1a8946fe053":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":96:"44b95a37fab232c2efb11231":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":64:"072d4118e70cd5ab":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":64:"1bcea0ac2c1a0c73":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":64:"faa5c13d899f17ea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":32:"a3958500":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":32:"50fd1798":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":32:"07764143":"":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"5714732145470da1c42452e10cd274b5":"":128:"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"a714e51e43aecfe2fda8f824ea1dc4b7":"":128:"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"91d55cfdcdcd7d735d48100ff82227c3":"":128:"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"19788b2e0bd757947596676436e22df1":"":120:"f26a20bea561004267a0bfbf01674e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"c6b26117d9dbd80c1c242ad41abe2acc":"":120:"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"0db3ade15cb0dea98a47d1377e034d63":"":120:"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"83f98eec51ee4cae4cb7fe28b64d1355":"":112:"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"2bc0847d46f3d1064bbf8fe8567f54a2":"":112:"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"b9194a4d42b139f04c29178467955f1d":"":112:"05949d591793ca52e679bfdf64f3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"6a5335901284dd3b64dc4a7f810bab96":"":104:"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"fcb962c39e4850efc8ffd43d9cd960a6":"":104:"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"b4d9248bb500e40de99ca2a13e743f1c":"":104:"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"160c50c0621c03fd1572df6ba49f0d1e":"":96:"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"04885a5846f5f75a760193de7f07853c":"":96:"0c13506ed9f082dd08434342":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"0a93b883cbd42998ae2e39aab342cb28":"":96:"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"e20957a49a27e247d00379850f934d6c":"":64:"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"d533c2170c5dc203512c81c34eff4077":"":64:"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"2e2b31214d61276a54daf2ccb98baa36":"":64:"5266e9c67c252164":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"a8339ba505a14786ad05edfe8cebb8d0":"":32:"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"4f23f04904de76d6decd4bd380ff56b1":"":32:"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"531248afdaaf1b86cf34d2394900afd9":"":32:"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":128:"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":128:"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":128:"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":120:"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":120:"7b334d7af54b916821f6136e977a1f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":120:"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":112:"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":112:"e3ede170386e76321a575c095966":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":112:"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":104:"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":104:"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":104:"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":96:"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":96:"bea660e963b08fc657741bc8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":96:"7859f047f32b51833333accf":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":64:"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":64:"2111d55d96a4d84d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":64:"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":32:"b1ece9fb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":32:"cb3f5338":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":32:"3105dddb":"FAIL":"":0 AES-GCM Bad IV (AES-256,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest diff --git a/tests/suites/test_suite_gcm.aes256_en.data b/tests/suites/test_suite_gcm.aes256_en.data index 761a914b8..e2d34ab64 100644 --- a/tests/suites/test_suite_gcm.aes256_en.data +++ b/tests/suites/test_suite_gcm.aes256_en.data @@ -1,677 +1,677 @@ AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fb8094dd2eddb3d8004bb79134023ca2be4de9b668a9e4608abdf2130e8becb8":"":"491a14e13b591cf2f39da96b6882b5e5":"":"":128:"80883f2c925434a5edfcefd5b123d520":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"725313f4cb3f6a0d29cefc174b7e4f43cef11b761ef75e1995cb64c1306795f1":"":"27d1ed08aba23d79fc49ad8d92a2a0ea":"":"":128:"d5d6637ba35ef2ad88e9725f938d3d2d":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4e766584ce0e885e1bba1327e5335796de0831a40f74a5cec178081dd15bfd10":"":"cece0dea024ff47851af0500d146cbfe":"":"":128:"1abe16eeab56bd0fb1ab909b8d528771":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce7f2207f83a952451e714ba3807ddb3ed67c2739a628980411aa68366b1f2f5":"":"652fd951ace288db397020687135a5d1":"":"":120:"985227b14de16722987a3d34976442":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"855f8fa4ec6a1206173509d504d0b29dfbfbfa9aa528254b189cd72e6ebc1c1f":"":"1ad1507e6463e4e2e1a63155ac0e638f":"":"":120:"693146a8b833f324c1d4cbeeb8c146":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef8dd1294a85dd39e366f65e1076d53e046188c06c96b2c9e84ebc81f5c9f550":"":"9698a07447552d1a4ecd2b4c47858f06":"":"":120:"b00590cac6e398eeb3dcb98abe1912":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25896e587570ff1823639e1e51e9c89192d551b573dd747e7c0c1c10916ece4c":"":"f0516457c09c372c358064eb6b470146":"":"":112:"5a7cadec600a180e696d946425b0":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02fc9cfffbe72e7954182993088e09d24ea8cad91a8ca9a336d9f1fe4156486d":"":"0e189e162e097eb2060b30c46d9afa70":"":"":112:"7d3d5cc55e6182ec5413ef622d4f":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f24e3d631d8961d3d4b9912d4fa7a317db837a7b81cd52f90c703a4835c632e2":"":"510740bfa2562ce99ca3839229145a46":"":"":112:"1402ddc1854e5adb33664be85ad1":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"720ab5aceb80ff1f864379add9b0d63607227f7c3f58425dd6ec3d4cea3fe2ea":"":"58f2317afb64d894243c192ef5191300":"":"":104:"e8e772402cc6bfd96a140b24c1":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f57dd16fa92a8f8c09d8f13cb5b6633a43b8762e90c670232f55949cdfdf700c":"":"3b7c14ee357b3c6b0dc09e3209ab69f2":"":"":104:"43e609664e48ad1f5478087f24":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"87c17ab919a4bc0d50343c0bb282a969283c2ada25f9a96d2858c7f89bc5139a":"":"02813d3faf30d3e186d119e89fe36574":"":"":104:"d1a1f82a8462c783b15c92b57e":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd8d5b6c5c938c905c17eab9f5ab7cd68d27f3f09d75177119010d070b91e646":"":"1df1c3ad363c973bffe29975574ffdf6":"":"":96:"749ac7ffda825fc973475b83":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d60a14cb789099c77b8991e7b0b40f787d3458f448501e8108e4d76110f94ef":"":"ca6b3485eb5dcd9dbfa7cffcdb22daa5":"":"":96:"3f868b6510d64098adc1d640":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"405b690717de993ad945d80159c2800848060de0b7d2b277efd0350a99ba609a":"":"63730acb957869f0c091f22d964cc6a3":"":"":96:"739688362337d61dab2591f0":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab5563a387e72d7d10468c99df590e1de25ec10363aa90d1448a9ffcd1de6867":"":"c511406701bad20a2fa29b1e76924d2f":"":"":64:"390291ed142ba760":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abef7c24daaa21f308a5af03df936ba3f70aa525190af0d959d6e50d836f4624":"":"e9f15950130b9524e2b09f77be39109a":"":"":64:"db2fb2b004bc8dc4":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca630b0b6779a8de7a19e5279eac94bf29f76f8b0cf8ecf8f11c4f8eb04aa0d":"":"7373befc2c8007f42eef47be1086842f":"":"":64:"e2b8620bcc7472a8":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"acea7818a71df2c9840aef1c10ecbe2bac7e92216388416a2f36119a0745d883":"":"6d46aa39fb5a6117e9adf7ee72bc50ff":"":"":32:"fd5ff17b":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b301036d4b2b28b8a4502925986861eba2b67c24cb0c79c63fd62195d9b67506":"":"bb6f398e5aed51590e3df02f5419e44d":"":"":32:"47f3a906":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"89576d2aac554c8982c7df0053be9ab19f4bd80ba9f3dd433c1c054d68e68795":"":"aedbd482a401a7c12d4755077c8dd26e":"":"":32:"506fa18d":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c9e209da3c1971d986a45b92f2fa0d2d155183730d21d71ed8e2284ec308e3":"":"78bef655dfd8990b04d2a25678d7086d":"9d8c6734546797c581b9b1d0d4f05b27fe0539bd01655d2d1a8a1489cdf804228753d77272bf6ded19d47a6abd6281ea9591d4bcc1be222305fdf689c5faa4c11331cffbf42215469b81f61b40415d81cc37161e5c0258a67642b9b8ac627d6e39f43e485e1ff522ac742a07defa3569aeb59990cb44c4f3d952f8119ff1111d":"":128:"f15ddf938bbf52c2977adabaf4120de8":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbe2d52b7f50bf23a16ff8cd864215034fdfbf4d1506ca3c1ffb015653efe33a":"":"b155f8ab1a8c0327789cfb8310051f19":"ed8d14adf1c362bbaf0d569c8083278e8225f883d75d237a4abcd775a49780603e50c00a1b5b5946c085e57a749b4946f6aca96eda04ac9944a7d3d47adc88326ed30a34d879dd02fb88182f9e2deefaeee1c306b897539fa9075bda03ba07b4ffff71ce732ef3c4befac0f18c85a0652d34524ccb1a4747ab8f72ed1c24d8fc":"":128:"c5fe27ca90e5c8b321cc391ee7f1f796":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e888721514fd01fb67513cb56bfd29af67a9ce525e3e697af47450f02053161":"":"9f6bd4a93e4f3f2f5f4a7c2c5b4790bf":"867d50923967535ce6f00395930083523c22f373cfb6c8817764f5623cd60b555572404e54f2fe7083ef32b9a4593a1f70a736d6e8fe61b77def51f3b1d8f679d3a8d50d0aad49e51ec1eb4d4a25f13d14f3e5253555c73eac759e484c6131cc868b46c18b26acd040c3e1cb27afecba7b7fc3f5ff4883f4eafc26c7f3084751":"":128:"ea269094330b6926627889fcdb06aab4":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8f82b07e7319ca607c9aa0352070ca883dd7b32af370a774f63b0270f44835a":"":"e89e4484497cb728f86585d8918b7fae":"42340d96e1852de3ed5e30eb4a05e1fb222480b450e2bf4e2cf0fb2a525eb6602ef43a896adc5c52ea5381c642b2175691c014e7a6dae91fa6ff5b95c18a2dd2e8838d3abd46ace0b305f3f22d30a0bd82a81bbf6753362b54b0624c76c0d753e30eb636365f0df7e1bf8bf130cf36062ec23f58a3f7ed0ae7bfbbd68460cd76":"":120:"b234b28917372374e7f304f1462b49":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b49b04a54a08d28b077ea54c18bfa53e916723e91453b47f88e399046b9b4dcc":"":"6276c577c530f91b434ce5719e1c59de":"6b73f996c49e368fc4d21816153aefb081509f9dc0916dbe4fdf77f39867a2bd617b8a75f39f515b1bc1454009d5247efcd90ba0d4a6743c6f12a929b666584f3b55254c32e2bab2321f94fa843dc5124c341dd509788a158191ee141eb0bc4e1b96f6987bafe664a0f9ac6d85c59cee9564a27bcc37dffae80c57fbf7e748ce":"":120:"69dd5bdeb15fdbc3a70c44b150f70e":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"398bb37bb991898c7dad7bf5930dbad20d121f68d5ec6c56ffe66f23c0c37f8e":"":"0c3bd55b54c1221b0cf25d88ea4dfe24":"4c48b929f31180e697ea6199cd96c47cecc95c9ed4c442d6a23ca3a23d4b4833601ac4bbcdbc333cd1b3a0cd90338e1c88ef8561fed7ad0f4f54120b76281958995c95e4c9daabff75d71e2d5770420211c341c6b062b6c8b31b8fe8990588fbad1e651a49b0badd9a8d8042206337a1f2aa980b3ba3b5ee8e3396a2b9150a34":"":120:"8528950bd5371681a78176ae1ea5dc":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e8f7c317b22dea8eabe7eaa87413a98ff56570720985b6743a5f9af56387cca":"":"3a9a5a839045723afdfb2d5df968bfcb":"a87d95f8f47e45a1c7c5c58d16055b52b3256c52713fd092bcd6cbc44e2c84669f23ca2a19e34163ee297f592f6054dbc88863a896c2217e93a660d55a6cd9588a7275d05649940d96815c7ddfa5fc4394c75349f05f1bcaff804095783726c0eceb79833a48cefd346b223f4e5401789684e5caeda187a323962a1f32f63f02":"":112:"faad6a9731430e148ace27214e68":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"67c95e57197f0e0bbaaa866d337fcc37f3a10dc55a059f5ea498de204d2fff61":"":"5f171d203c653a316cac43df99f4033a":"84f281b388ca18bc97323657a723a56260731234720b02b6dde00ea134bd84a1893bec38af80214c4da01b93958ab00f3b648c975371e565d5b6bf2a8f63c0f3cfcd557c9f63574390b6ae533085aca51fa9d46cd2478b7648b6dcbbac7e61197a425778debe351ac2110ba510a17e2c351ba75d5a755ef547cf9acc54650222":"":112:"9ea9c716e06a274d15a3595a0c41":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9143f00e31c72bd9fced31585d047f67f1004e6244c3d9c10c8ae005feeabc84":"":"e49cd6af9a2f0da2a7198317da92ab2f":"ab9193a155140d265aabfe2dd5efca7d3fa6129498532bccd77f09fa1a480702620b3ab53df91b01262122f1a6fc387b5fc55dadfcdb99ada83d4a5b0666c8526de309f41eb54d69b52595c43550a6bf7b4b8f0e0c48311b521762eaa567744c4c4704dd977f84068b59db98a67e33cc65302ba59360d600a22138c5ad3317f3":"":112:"8293e361fe0308a067f89aea393f":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0ba180075c373116bb037907b512add00ba9a4693a8ecc14ca0d79adada90e3":"":"5c1501b19cce5404dccc9217ac8253b7":"3a161605ec0055c479dd48cdaeed5981b8b60fb7b7781cc4e580218c7014c3060a9f706e6e16cf4021e4d38deb512534b484ff23b701975bdf901146ccaece9c3ffbbeeb172cfb64a915ae0dbe7a082b9077776a387b58559a881b9b79b90aa28ad1ac0f2bece314169a2f79ea4c08389f7f7dd10ee2d9a844fee79e7bf38bcf":"":104:"0541262fddfd5d01ff0f3c2fb4":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c975c7e59133c231d1b84c696761c413ba20aff7fb7d854c6947e65db3cc57b4":"":"d8fedda4cccaf6b0818edcfa7b1f03fa":"cb4cc9171367d6422abfaf2b4452da267eb9ccf1c4c97d21a0a125de486997832d16c7e412cb109eb9ac90c81dfe1a1dd9f79af7a14e91669b47f94e07d4e9bd645d9daa703b493179ca05ddd45433def98cf499ff11849cc88b58befbdd388728632469d8b28df4451fc671f4a3d69526a80c2e53e4fdee6300d27d97baf5f4":"":104:"77ac205d959ec10ae8cee13eed":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a86ec688222c50c07274ed2d2c8ae6f883e25f8f95d404a7538fd83224199327":"":"99c73fdb8f97f225f7a17cf79c011112":"cf5f707de0357262c0997fa3ebfe6e07192df8db5f029e418989e85e6b71e186b00c612ecedbfe3c847e58081847f39697337ae7c815d2cd0263986d06bf3a5d2db4e986dbe69071fd4b80a580f5a2cf734fc56c6d70202ea3494f67539797252d87cd7646296932959c99797a0446532f264d3089dd5f4bcceaaa7289a54380":"":104:"c2093ad4705e613b09eee74057":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3981f0aa1ed8cb369d9b0d7b0e529ec6089ff2d226c542885b1bff55276e891":"":"7331f91bd1a67c21c9dd336a2a922839":"406d9cf45fc8618d564154241dc9c006ecdcd847406e5a6e7127ac96e7bb93f4c339ff612c514b6f66df95a0845035d7535212a2aaeeb0ee512d1f4375c9a527e4e499389c2d7f7f7439c913ea91580e7303767b989c4d619df7888baf789efd489b08eda223f27da5e177cd704c638f5fc8bf1fecfcd1cab4f4adfbc9d1d8ba":"":96:"dbb7ec852c692c9a0e1a5acd":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8436967f97c59ca73b760b73c6e088d1da4e76b712188ab4781d8d849505ae47":"":"9401dd0998914645668d06d518bfe7d7":"a5f40906177417097c19a0a21dbb457a694e173141837f695b09c8eb58ac2ce28aace4e59275b6266da9369a9905b389e968aefc64d78c7e1d2f034ef413d3458edcb955f5cd7971c28cd67dc9901ef3a2abc6121704bb5ecd87a6568d0506abbc87a2f10205dc8eb0cd1b5109158d0e743c2c3a342d60b8d55bbcb8d8507ed1":"":96:"dd6d988d352decc4e70375d8":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce6b846bcedc6ae747e66e72cd9f7664e6cad9627ba5f1f1923f3d3a6ed590d1":"":"ac865ff8a6255e501b347a6650510d05":"1658b9f8469af1dfa60458cf8107db1edd1e4bba70a0bd23e13e1bba0d397abf51af8348f983fcdfcc8315ef1ffc9a26371377c62ddba08363bd2bf0ff7d0c3b603fad10be24ecee97b36d2255a8b2efc63f037123cef4bb4fe384aa0c58548b2f317c36ef3ef204b24769de6ba3e9d89e159e2bf1f9d79aeb3eb80c42eb255e":"":96:"7ee87acd138c558455fff063":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0038ecf1407bbf0d73afa5e010769b71e8649c4249345dcf923ef9da0254c6af":"":"74c6b98fc6ced3a59bd9c42d31d71095":"467f483c71c3404fe7f09d6f6b6b64c3b7613a0dd32470cf24bc590d3994a48f3e8cd5dc19ea8ca7d5366ad7c5ad31cc9612dafedaea109dde2aedfe5fc2a0db2c903dd1dc1a13949720a10babf37fba5a0ed7cb5f3dc9eb5a4d8331f218e98763e7794b3e63705d414ef332160b0b1799f1ff5cbe129a75e5c4e0a4ed35e382":"":64:"62fe088d9129450b":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19fc4c22151ee8515036c38bc5926c0e0bbd93db5d0fc522b2a6bf6298fed391":"":"9547f056c6fb9ef72b908f527cb500c1":"511b15c25b2a324159e71c3b8e47f52d3e71e5bc35e774c39067250f4494c9c4eb184ecbe8638de9418672d9ae2c6a0e7f54c017879ffb2a371de1639693d654a43cb86e94a7350508490191790d1265b99e7b3253838b302aae33590949a8761a3bb2aeb1ba798cddeb00a53daad05a33389d4a19269d65116a84f12dba5830":"":64:"04623912bb70810e":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b5d3b1920b5a105b148153ae1f1027c6d48bc99640ea853f5955fed4eb3d625":"":"9a4091c2eb7e88759bd9169fee303485":"aa680d07143ba49a9099d555105fc3cfcb898cec11ade96776dc9778cc50fe972e1e83c52c837b71e27f81d1577f9bd09afe2260dfd9a5d9dfbd3b8b09a346a2ab48647f5dd2ff43700aecce7fa6f4aeea6ea01b2463c4e82ec116e4d92b309c5879fb4e2ca820d0183a2057ae4ad96f38a7d50643a835511aedd0442b290be3":"":64:"033bfee6b228d59b":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c4ad8e27764157789252f4bc4a04145cb9721955330a2f6a2a3b65cacf22bc":"":"3de136cbd75061c888226efab136849d":"0f6951c127d6bc8970e2ad2799e26c7fb9ca31d223155f88374984b5660626c83276ffa6c160f75e0e1bcfa96616188f3945b15fc1b82a4e0ee44000a684b3c3840465aebe051208379ef3afe9f569ee94973d15f0a40c6f564fa4ba11d6e33cf8ae17854a9e12360a2b8495e2cceec463f5e3705c74069ba37ba6d725f458c0":"":32:"f658c689":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30cd99fed9706c409e366d47fefc191f79bcc47a28be78f9890fd90d4864eb85":"":"8c7ce34691503bf14c776f8809f24e61":"4b6b10c2e2905ab356769b6453dd160a08e8623b0878fcc1c1d64822f0aea1f4f5b4698ded5d23ebafa11bc1e4ce9e5cd7d7c7b13de02d11a945ba8361b102ba49cdcfd6a416e3db774cd7bda024fccd1ad3087560dc15bbfe9b1a5c6c71fae17a329f104f6c2cba7eb6a7459535ca328146d0ccc0a9bd28a3d1c961947a3876":"":32:"7777c224":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9472f2452933dcfac4bb22831ce83c6a1ddf25ef8d2d3ba59d72b0d173a986e8":"":"18fb2c34b0955d712960009617d300ef":"d283dd75cd4689c266c8e0b4b6586278aa2583c7c41bf12bd1cfdef21d349acbbabc0a2204dc4130f922949206c4fbdce3786ab8614e32908838a13b6990453abf14b84f5812e6093644accdd35f7ad611ea15aefae28b3cf1fc5da410bcea4f0a50d377fdcceffe488805bc5a71fab019b12fa8725d6e7c91e6faf12fbaf493":"":32:"c53b16a1":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e06d5319210f4107ea7267fa2e8183fcbf74fd3b0579b856577177d9cb307d42":"2b9179d21cb884581b0e4f462455167f1f7899717245d4aed3d8db5983daccccebfc2130a20c284563bea5997cc0438c83d8fa7bb9e3588efed285a0fcc31456dc9a3122b97bb22f7edc36973475925828c323565e417ec95190db63b21881016b5332f2e400bb4724c86a8ee0247149370ee5412f743dc6bf7ca5bcc31afa0f":"f2b0564705430bc672964b049115e122":"":"3fa342a76cb5d501e6a6fade14aab54a76620e4ea2287147d4ca2b9d62d2a643591e5df570ef474ee88ad22401c1059e3130a904e9bf359c4a6151ff2f3e4f78ef27a67d527da8e448b0ef5cdcfec85f3525e35f8d024540387e4cdcb1018c281a1af7d4a3688a0fec4d9f473c816f7d4c4c369f70d7dfe8f1b7fa4f581098a1":128:"18f186ed1ee1f4f8b29db495587d0ab0":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0dfa834e98b6c51ee925dd9edc9be72c209ddcd9099ded57b533f2236895a229":"7f4e4f11091bf51976c0fc71ecbcd0985cdad2135549c818c09567801d8a9a42c719aab7dc2cb58a10b5067d14c52cabe6bb9b939e7b9cd395eaf10ba6a53fd2e6446e1e501440134e04e662ef7ebb1c9c78bbd3fd7cb9de8b985418be1b43ebb5d7902ccb4c299c325c8a7cc1de9174f544bc60828c1eebad49287caa4108a0":"a101b13b238cfac6964fd6a43daea5a7":"":"bc60d2047fd8712144e95cb8de1ffd9f13de7fda995f845b1a4246a4403f61ca896bd635a1570d2eb5b8740d365225c3310bf8cea3f5597826c65876b0cbcfa0e2181575be8e4dd222d236d8a8064a10a56262056906c1ac3c4e7100a92f3f00dab5a9ba139c72519b136d387da71fefe2564d9f1aa85b206a205267b4cfa538":128:"c4cc1dbd1b7ff2e36f9f9f64e2385b9e":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce59144b114ac5587a7a8079dc0e26f1b203338bb3e4b1d1d987bddc24150a82":"bc7aa1b735a5f465cffeccd8dd4b0a33a571e9f006dc63b2a6f4df272a673bb2cc00e603248ab6be5627eebc10934fe4d1dc5cd120a475936eefa2c7bddea9f36c6c794d2c6bd2594094e56cac12d8f03e38f222a7ee4fc6c2adffe71c9c13003e301c31ff3a0405dde89bb213044d41782c4bb4eb3c262595d1c0e00522047c":"fdc5a40677110737febae4465b1a76cc":"":"084c31c8aef8c089867f6e0ce6e0aadafa3016c33c00ca520f28d45aac8f4d02a519b8ebafd13b9606ab9db4f2572f396091bc5a1d9910119ca662d476c2d875a4ab62d31ff5f875678f25a4775fa7fc85b1a3d442fb2c5047a3d349d56d85f85f172965e6477439045849a0b58014d9d442e2cae74709ed8594f0ec119d1d39":128:"4c39e0d17030a5f06ecd5f4c26e79b31":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e7a6b459a5370ceec4d429bba9472a49db07697dc66dbc2f294d3e62ffc8aac1":"cb959e5611a636317feb5265d33b315c2f5af64159029f0032e338babbdb0a525ba6b92cb3be7db9f0077561e6cffe1247bad32dea8918f562dc3cd83225cdbcaed652b87c62fea8eff153638a3a14ef9f9a88bcc8c9a6b65fa9dcc53f63d1b14fb9bb0baf17e7bfb95690c25cca2c3097497e41f7e2299a8518d5d1c5f6264e":"92468d42ad377affa7e808d95d8c673a":"":"599dbc47e2f2e3b06b641c510b238417b01869f0e7d08619752f6d9f4b08585731deaeb439ff26e02d7e51b45ca5e3d4a779fe4cfc9572d1d6407f98de69a8fca60bf01d1a769130bb38a67933a2be3aa3ea1470d8f32a34dc863dc800feb7ef71588edd9489bd59a23685ff5358f9b562fc0bbad9e11db7a6fedbd79225539d":120:"e853262ed43e4d40fea6f3835d4381":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9818904a99e3d80c95dc71a16483ade1b9b8e7df638ce6a4c1d709a24416cbe9":"2c073cdc11a8d58fb55e1dadbbc0372dde86c387fa99c9249bd04cb2f2d239de01bec8c8771a9fb33664ee06ea81c37a824525664054173b63a2894d8d7ffc60b9e93052802478a189be5835d979a28ce7025b219add0622f97c9bcf3ecf629b56408ed002a141061320400409345e94a7a7e3906611305f96f2abc9d62cc435":"96a301ab6bc0309be9735bd21cc9e10d":"":"4876e449b0cac09a37bb7e4b8da238f4c699af9714ec4fcf21a07c5aee8783311a13149d837a949c594a472dda01e8b6c064755b6328e3ef8d6063f8d8f19cfda3147b563b0f5fb8556ace49cb0f872822a63b06f261b6970f7c18be19372a852beadf02288c0b4079587c0f8eab1858eeec11c6ba8d64448282068fddd8a63d":120:"e1e8b62ce427e5192348b1f09183c9":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b34f137e3f37addad8a6573b8b6dac9a29e97db53c0a7610f37c72a0efaebfa":"c1e09c432c68a2c119aeb3b19c21180e3c8e428e12033f416a92862036f5e8a39a8893b10fe5476e388d079143ee0b79b183a3400db779cfbf1467d69887306b124a8578c173cd5308d4448eefcf1d57f117eb12bc28bd1d0ff5c3702139655197d7305bda70181c85376e1a90fb2c5b036d9ea5d318d3219132ea6c5edf7b7d":"50dddb2ebe4f8763509a63d07322277e":"":"793e1b06e1593b8c0ba13a38ff23afaa6007482262bc2d0de9fb910f349eff88d3dd05d56eb9a089eed801eae851676b7a401991b72bf45ac005c89e906a37ed7231df4aeeeb1fcf206ca1311117e7e7348faf1d58acc69c5702f802287083d3ed9e16cf87adcdfa1bb0c21c40c2102fd0def91985f92285e6ea1cdd550e7f50":120:"b3c6ae17274faaca657dcb172dc1fb":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66b40e2e671bdf244b45644d1a5adc63011b32156ba9f5e03dffacc1a9165061":"985546ee12ba89d95988ad8a4153c4f9d3c91c0e3633a95b4f9b588bba0032006c93210514357c91d574b436da13dc9f68194a981e7b65eb79e56be9cf1dabfdf531407727c034a3c7743bb22aa02b26f159c2eff3c7ed52027de2e8b8b2fefb72c04fbf20a1ffe10d6dda790a9812cdbe9f2ed6706d7a2639e851a42870efb8":"4e090871e889b4be36db5e1df1ea283d":"":"f93eebffeddfd16b4618b893d57b459b704b894b38a5eaf6cce54026c80090be8328e12261e1b10e81c73ac8261c2982bb25603c12f5ffff5c70b2199515c17200db2d950a3f2064d7b362607adbf3686f27420ec15e18467e86faa1efa946a73c8888b8fdc825742b8fbec6e48cdabbb45f3cd2b6b6e536b6fbf3429aebe934":112:"ed88c856c41cac49f4767909ac79":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"18c5105a9651144ce965b4270398b982120b885850114571ef8e2cbc5d2f5e04":"00c5ea3d91248bfe30c5a6d26dbdf0609f977afcfa842b603c1061b2a473c9a79b421b2509550309e4be9c5015c51c6def9ee68c242f6e206b3027ce8e58b7ab96aaa50ced1d78c2dfcbc2589575bec2ce3b6a5066276fe7dca4f1118808d1e5cac062667053c15350289da03cd073377c2d66c01e3098ed01b75788c7e1f9e7":"a3a5f82748acc887e33328fd7f4ce1fd":"":"d91ed6886a269dc1eb0745dc4b97fc54cbea5e6857d10a303a3caf828b4e0e20bb742bca17021b7852d09a6d7d3a56ad82298c15a2082fed0e0e326bb16dd677ee262ead93a24147de3c07eb8a95b108abf17357155f1de79171689407b6545c9fdf8ab4486576490430c0e043e21e7c40ce88e752cb006cb3c59479a7e56cf7":112:"add4e086d612a119c6aae46ba9e5":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4667cabeb3a644e371cbbe9195413daab025cc6efc12298bfaea0dd9bc028f9f":"9772ec47f3cd26f091bf117e085f2394db258c2c460dc3b1402edcb60a8f70517f82aa669607b78c2ad79c662c3b376cee1b9f34c4ec5d15319c33de78a440e7f2a4108c3c9da51604adde2025ff1dc336c49279c13a7153931df675df0e78f17a4d72973311af74fe755c85c7869baf3896bb738925942dc67f1b6e690c9d48":"7e8927c69951d901494539ab95ac5906":"":"5d62fa69cfbfdec30193408dad15cf983ad707ee921068b817676eca9f70f9ca4623a8c113df5fba86131415f4ec546c7f1a94ff9d02cb8ddcf421c7cc85ed87ce712fcd8d5f45460749ced0d900fe0368c59b1c082bd5811c1a648a51768d5e4bfbc23cada3791f289d8b61fd494398be1ad9ee9ff471abb547000ac2c1a5d1":112:"0ae6bd5e8c25d1585e4d4c266048":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3d58cd514de36ca7848aad1bf4d314b3b3415cae1ce9a169021ae84a67d4ab69":"e1c2e79e3f64c5c64f853ac9ba1a853fbf1bfd3001d48f7e73e0e97aa1b8ed1f1a7066178e75df688c5edb1c42e270ea38ab0e246c6a47fde4c3141436fe4b34beb9033ba7eebfc53cf1f6c8ae1794e9bb536152d196e1b96803316a05f1dcb9016c8b35bf4da06cd18da6243acc3a3dc641d3a1332b1915932ca89937cb0327":"4a1c2e7a3f9788c3c2fdd0dcc0cfe84b":"":"50d63c660a2b4f8e87276c5f58556cdf15d0fbb2c8ea5e3266d28c515643109aa7fc950d6d48f504dad52457e16576b581d37574574cd8b7ac12b7d59b819992c941a27e23ef9f257ed0c4ea4eda6c1f3b28b44decb63a92fae84c3556dcb9d6458e729dad6a7db9f7411690fce971b3b240f8f9979ed992f87d76e227fd7384":104:"ac842579bdd1ac77c84dffac2d":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7e4cd80f03a7ed092c776b243dfad7776d9caf3e679939038e33ac94d8931de":"102e2d2c0d01dbc69733d2451d1ac1817d60418685d4ae8aa44e1ede1c1e08d2f71f0aef41a72bd9f052ea4a9a057330c95d964f8c3679b80fc9c0952b46f38e2ef055cb33703d686757400210fa5a39bc7e3bb9b8b9cc20c95d5607e2f10bb5501507680ef3aaad96553333b1d27bf2f7ac102c983eede2262a5c6237c1d754":"af160a983d674b7d19294f89c3c9307d":"":"6bdfae299d796ef36850327b091ba7bb02e29b643ca4c8bc199eb91ecbaf88426412cfd5570e0042cab735cc46ec648b0877955b3f9a5707d56c478aa77ae5510749beb1e44dbbb37791f18477123436a985e5e9f79fda0a057504847e4ecae841f24e1b53076d3efc6bdea2ebb336ee0e4b5e6ea973e3e50a27b5c2e6fee3e2":104:"fdf21e2ac356e507745a07fc96":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3a0c46eacfe85cbc0c5f527b87cd075bdeb386d0ca6de816a87cfddcb8a87ae8":"6d1203dc8395e35a35e234203625ea9d37d1c009db2ac8b1d5b29021997b5421f1d172f4c9a7eb7dbb67f0002720fc412f5b1550c739a2d7ba4387a1f978bd548fe6169d9473893782b10fab99198cb8b4553dfe27583c017136fd8c95070d8d7f9a602d15248d38d728157a0b26404e662f9a5554d3e1582bc0e12f0054792f":"b1cde63ad2ad4b8a7bfb36ab78385c3d":"":"9de3a45c976d32ed2af5074ef13b1f86f35b1689b1c698b2e427d5dd62556eb14439f77cd8fcbe686a9a08a922e3f54a78e86fd284de493a740586360b63da09bc1d001777582969c679db54a0ddb8d7dfdb46750edc882804a1c00e417912b72b4cad54dffa1897eba6188b3e61ebf0c3dfab292c2686dcb9db3012e0788c7f":104:"641896daab917ea3c82524c194":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d540e0ba27103667eb4511ce9d243592bccb8515ab59896c9922cb5f1b47a02":"d79f9b1c74e3141f188704c8d5bdaaf6083642be50d00f20c97b56646863895250d131e00db0ecf4f035d42f08cfe20f401c2d3062a38daa0b9e7c19fa7c5d344680aff48d506daa181451f6b34ed9099b9a5b39c0166e93ac4463c9ad51f48e3063b1c16793615336f55d516d079f6c510c2891b97aaa95e5f621e3b5202620":"a2ed37daa797522a39b01dd206d06514":"":"6a891bd289ec05990424a2775287f4725aecefe1ab21fa0ca643f37829cae9fcbbf805b883f807102ff12f1a85964df818057daedd41c7349ef32b24642186c45d2858c3260d5b90594969e26b691963ac7fbd2eb4eef466ae690ca274d9194dfc4df1c3baec02abc38fbfc0e2c7c4fcafed227d4f6607329f57ee439435c714":96:"9074ecf66bbd582318495158":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"151d7e4db9e21c87bef65c2ac6aab5b6b045b7dadaf6424644a91e04ba810585":"0984c5d3f68beba1db4e6ade429cb8954cccaba9fcf4d852897ef69f8483428932c8f18a891f54b68f7d49a03c57f7144d802eb996d233cec930d5eb19f43d0faf9c94a2d7aaca40c8066a2882481f521bb5f6ba15b213810da373817eab3d52b5dd143a1521239482fbf4a07fe68c3d35c90c6ce27b55e40abcf432a261dc58":"49e0e0d089e3574fa5a33c963b403ccd":"":"6938d8a7625d1291f249ef1e086bb030ccdc844a9271fee16db60e7acfe4aedd720de76345109d5e6849fd1576c0fe0c34e73dca4011f8565cffccef427198c927f19f63b821f43844d008ceee0566f0d8062d7860e92ebdf21dcde80039a04504cd8ee94874b2eeb038962a74ac9902d9d7ce09afdac7aa706bf3892de19531":96:"48d3a8116213f92bfbe86bfe":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e9615515ca45109316cc02bbf3a23406eeeab2092dc6614db76e4e047a3b023":"46c4c6bad0f21172094ae07a47fd76477b69ca75cc08970e8dbf7b8644d4bcdce96f9d15dd3fba5fba3f851af145652ad004ee525d180d2f3e03bc0ec1c0e8ffebc1474c342732b7247f657ba87ffcef9333857123f29c4976b048c89c24107529dc5dd69004fd176eb0ca6ddae1df7be7d28b3b9da976413588f20c1fff488a":"c1facf73da64e16e4acee3fdc3cc6b10":"":"4415dc96d3daf703d392ba1318254143a58870e691570ca6b1be6074dd9c1feae12c72f9314fc3d19b6affb59b642ade6c4e64b7c99f850bff781de193cc0a321a29356addcb0918a282e53801541b5b01383fa7624c36d1f67423f02d2b54f58deca582b7031d192a4d32bc154ae1149cb3c5b48538c803a8d01fa7cfc1683f":96:"322d8d1b475a7fd3d0c45609":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"52c1a14b4ed57cbfa317fe0db87528f4c5551deb9ffc88932589e3255b1d3477":"eb9081e19b63c94b5f3a696c5fc2c0b7f434e1574394d0b41dd67dfac28a73d4ba26c86b3728b2802fb9d0930c89586b09602900d33eddc5a00a4e98881b5acd5597aae9b80b1569ede74042948f2cd66c3eeae227ae10241df001c85dfe8a5fda0aa21142ecade76290dfdd4a27b6ff3a932dacc0b5f461501239ae8d6d5f41":"36d02604b5b24f49b08bb01053a23425":"":"12fbea9e2830ba28551b681c3c0b04ac242dbbde318f79e1cb52dba6bdde58f28f75f2fb378b89f53cef2534a72870a1f526b41619c4b9f811333e8ee639be1250a5c7e47ecbee215b6927ecffaf7d714327b2c4e8b362b1a4f018ff96f67557ca25799adfac04dd980e8e33f993051f975f14e05be8b7342578d0c9d45b237a":64:"01e6af272386cf1a":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d08a07b3e94025523a4a6415029c8f9e11fbbfd72564964c53b8f56f865af0d":"4ac7c27b07a4aebe5caf1de0538d13a56e8c11bc73713bf78c7abbad3b9f6d690e00487267da108e2f2ae67c24b4657e77bb83e2d5e4b244cf34e924cf7bdb443f87ac8cdb374147449f8d06eb517a25dc86f03a389f34190aed5a7faace03ebf646fec2b173b2c15fd5cbe7c5affb6c3ee6d1cace8b00dd8f668a2336da5bfc":"98b745c7f231ba3515eddf68f7dc80f4":"":"337693c5c746d8fcdf7cd44d8f76a4db899402b891176e85b4c549c366ad709322874e986d6b939a350d2a0e3b77924d6d15454d882d1d3c94469d749a20d8f0116504cb31888a1e81d3abf25dbb7a7f9e7def26b9151ee649c059da1955f1716423c734dcd26a548844abb6b64c44383ec698e59361b6582c6883b77c338342":64:"7a9266c4e5ae48f1":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9d9fc42b58deafe9bc9734f4129dcad34a2e55ee5ad8abcc3f7bc42dd2c0e05":"11dbcd6cd53d2af766a1b6e4af2bc8bac2811ef818da2d1f81c140ab6e0298e958fef033736bc6e0dccd660b9a3e4222bdf3f89a95b206785d22852201e6dd00b44232ef3c03393893813dccf1960410b50cf50602ead8bd246fad88e66c88b50821578004779b6c45c13d8211df1cfc0fb2d7a342f58e4f2f3623fd31b12c30":"67931493096f4550633c322622bc1376":"":"66ab6e7a547705d8ae8ac3cb9bc5fbbc18cd220f89aec7dfbf4f72e7bc59b483c50c9471523c3772efc5deee3a9c34c96b098842cc42f9b7d7c0d2530f45900eeb9502e4dd15363b0543c91765121fd82fcc9db88fe6a531b718c1fe94b96a27856d07707fced3021cca9cf4740833d47091797cc87f57f5388b48e2296ff352":64:"0de60d4126733404":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97e736a63870546ec9c2325a8e367c8ea17a7ffa71f6cadd6909a5bb9eb12814":"608280a9dcbd6dd66100a9fdd00e6dac2183e32c945b2b4d255c048243bfea15aad1a10ff3eec0ba79c531239b489a5dc155dc2775519f8d3d2ed82fa7ac653fb7c77e0dfad1c175b6c69963f5c12ff9840f18e0202502e9d1e3b170965cd86ae411af20e6d69a608c99ca8dae3cb3bcce666841132a99429bcde490d9f0b6b5":"d35192b4d233507b70c6d32f8e224577":"":"568a0d584fc66c876b7beb9ef8709954a2c426fb8c1936b9024181ca2cd3a7684c412715c11eab80a181be0238e32a2b689e9db36a2ac87db651058080531e7b1110938dcb09615e385d7b224b11222469145f6fb5f4c0e87b08bb3006bc5b6d2ce0a15be7fc29b27c10c645afd9d8253c094fc0f775086bdf2adac265b474d7":32:"af18c065":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d05193cc0885f7b74057ead3a0738b74eb3118b1a7e74c5c941ce0011197122":"c58f51bad815a43a5705c311de4a846ea2a70cbdd2c30d709a2ae0ddf82b7c889dc599fb6e0328fad21555a99530be6deeeb5b1beb333322c2b747288e52fad008513f8040a4735cab3c8cf32c4e18bd57339c85cf5dd71e382067bee7e9ccaf68e767d77fb005a3b73a51acf942fc3b2c5c9eec6189d01a26c6ffb070165874":"5160b65bf7a2ccf77fa2e3e0b3866f26":"":"64dc5834a63be414c3714f1b34feddbacd568c6466cbd06f665aa269187a160db79306a53b629fedc1247bd892998fe3208b3105f6273676bbdbff6e254de332d02bc8842ef98d6b79994792eeb5be3a807452b14ae5b5027db81421cc22936ccaa7ae1b77a145462634e424ccf2dfaf001ed4477b804e204120a1416b449b8c":32:"364ef0b5":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e8006983712ddfedfebf95e6cc3b0aadc23077055e500ae49fae7705787f2e3":"e3ba14c4e39ebad925997649872b8331f1700c8f98f80e58d92c85a84f2a427094d9d771b276a0d35b17c0c030734399070a57345d4dcf082b96c7eb580618f7af8bdf036296e20379e74e29f905b52a0c46fe7d46201a075e7de7e1a523a0492c1f228102fdb89f019bcd4571e041c5d37159dc487ec139fa37d33142fc8082":"e36e39d787394f1401fc4b173e247db0":"":"4d5db4b65a1ca31f3d980cc30037b5d79d28280a31cc5d0274be77dad70dcd37f652f2ca999c9aecf08fd2a02d382457a277002a1a286ab66f9e437adee00c3bab04f831dd52147005a989606171b6017d28970c8986899fb58900e23d1bc6a9ac0bd4d8b5d6e3fcaebc9903923e68adae7d61cf929388e0e357c7223523d1ff":32:"d21637c0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cd8ec237009eab590dbd9b31e76513dfa3501701b1a706982944441d996e1839":"9eef7c9a0fa3e9a7fcc4b2f9d210a97d6653ded7913f2fb2de825a0dfd78ae1cca68c040f2328009fffe62937d630ee9d6e0e67bc12c38c0b3d035697d4c2311371aacf41cce0d523016ee436a47d93af0df77011131856d072c718c310f0995b71530d70a3da881481f46f21dda62e3e4c898bb9f819b22f816b7c4e2fb6729":"a3cae7aa59edb5f91ee21231002db8e2":"45fa52a0e8321d82caea95bd9506f7331923e2aa95e9238908f3ff30e17a96389dfea75e225e34e1605354eaaf999a950f469c6e2e8722da5ad9daded6722baca00e5d1b8e63266ad1b42cae161b9c089f4ffdfbbaa2f1fb0245d1a4c306d46e215e8c6c6ae37652a8f6016f92adb7695d40bde8c202ab9c2d70a96220b4b01b":"833d58f0bbd735c6164ecaa295e95ad1143c564d24817d5f6dded5d2d9b2bed2dc05da4a8a16e20fdf90f839370832f9ddc94e4e564db3ae647068537669b168cc418ea7d0e55b2bb8fd861f9f893a3fdba6aace498bc6afe400fea6b2a8c58924c71ce5db98cfce835161a5cf6187870aa32f522d406c52f91c30543ea6aa16":128:"c1df4ee60b10f79173032e9baaf04d3f":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f0b24f054f7455f5821fdc6e9ca728d680e8004fe59b131bb9c7cddb0effa51":"d406138587fbcb498e8ec37f0f3d7f6b2faa02e6880424e74cdba67ae3468b6823d37fd917a7fede6b34a2f0fc47c520e4088766ba82a989f0d8051a3a80cc8b1e3e1e2b1c6620b90e99b27e65951aeb3936263fc2f76c1c8effa742f53987f8a38c731a411fa53b9f6c81340e0d7ce395c4190b364d9188dc5923f3126546c3":"f52f7a2051047f45ec6183b7c66e8b98":"756cf485b6a8e672d90d930a653c69fdbf260d3ea18cd3d0c02175d3966a88b70ab8235d998b745a0eb6a5c92899f41e8c0b7aa4ec132c8cbb1bac97a45766a03923c9b93c2a055abd0127a83f81e6df603a375ca8cc1a2ee0a8b7fd226226b0b19bd2e81f73c34dfafa4fcea08dd93dd4ab7e4b437408af91bff566068a5f34":"e58a03f664003d0ef5bdb28931afd16e7747cff62dcc85bf4eed6e573ea973cf615e4ebee40f35d44e18e391b391e98dca5669a5b0abbfa67834836b122d1909b53acd50e053d5ca836894414bb865b1fb811d8af68b88b4a302fdedf27fdd27456e9aaf34a8d53c9c8587e75843e09776392dbb0501ef41359c01e8980e5221":128:"258492b9f549d1b90555eafbe5292806":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6f50efb3946f6a6dfe63f12780f764bb6ebcf2127d3804610e11f0bd9b68ce0f":"bfc89d5049a5b4015c9eb64fdaf9fe9f4be7229e67c713a7b368f0550b3a5e12ba3a4399c64f60b7157e1b289b154a494deadecff0d0686ab44fae2a34ae4cb120a7f00268ab551f41c16a05f8999157be1103464127a8a9bccf736c32db045124178c90472e664d8e67a2ade0efe9a3b048c453d2fb5292dd8d29e62d52c5b5":"63c1192ab7fc75c17e7812fd960f296e":"335cc5c8fb5920b09e0263133eb481fd97f8d9f29db8689fb63034bc40959a176ccdca6725e1f94f822e4d871138fc39776fbe062f07bf80e5c8891c2e1007efeb77c158ced8d6c002b04442ed35c40a2187a59c02339c05762942208e3be964736a431017f472dfd5fdaf8fb8c645cdb684f9632057b9eb755253b4b75e3688":"ca974942ae0f4955ca0736218e4e356145c1ef42135b1142b55ccb3fc5caeec630eb50e69b5a6f97c11d4b604189b27496623bb0365ae69f4150e201e72bad8e7b883185588d0a31c44273bae87194b1610114a83ec47ba68a02e29891de43204977fcd0d551778335fc77fcfdf3fd63e9e5e0c02930a0321ffb093c521cd0ed":128:"2f11a01cb0ef8dcefad9233bec44d6f0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ec566324ad9d4cd015821e2cd4ed4d3d507bdb3c65bd50acc85f690ef06740fa":"348d35768d7192415cbb92c5625f10edd79f24c56d4b821aaf80d7dc83e901ede6be94d1efe11a3acd16ac00aea8d0d4875c47522332fed11cdf0816b26978de431c89d2fe6d122b2d4980f1d53a97edc15e490a44e73cba9394ca4bbb871675c729c39de80d6678c71b1bd220e4647bfd20a7ddbefe2b7eec7276b87c92ba77":"95c8a544c4b94e9fbfd76e66f40bb975":"fa6f38f8e562a54bb2281dc9a7cbe0b981292fb00dc0053185550a300661852179d0f2beb4e7759b81316fbfead5c858e6fce73f3cd2c2462925dbb199a4e6c121d051b1b5ebf60e16d1e30f6973b19cf31830da30588fdfff6115a4a1f6d977a72583379a56055724581be5232b0d1b0ae88bab5d4a031b058bc8d03078dcd5":"8b4da79f3ae1ea35a80af2f52fc640055e6a3b92617ddfa79fe5d8a49f28ddf36a82a17ca0b3cdf1726700f7ffc09ae5b412d064fd52a90a76bacc74a0b89e38dc474e880a2b768ffa91fef34c47759a7b8fd7faa32a4fcb258349495e4438c7b2055a8f462729fa4e7223aa9b47087695e3aabf43afb32e272d536b257b748a":120:"b1faec277697add8f756391dd9c7f4":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd6aa4ff63efad53772e07e0fa7d6eda5e73be167620fd7c9f3997cf46cd25a9":"592b3a6f09841483770b767bed73498c286896d2ad3d8bd91f83f92f489b1e83b0456a54e067a79e1bf59eefc1d3bd35cecfba940811d06a06e9b8f774bfeff557bd7e3f0864cb6bd3f867efbe3f040d2384ae8e1a0e20ed38caa668159d3e33c4669478d00963a1152305aa2037a5e06cac52d84021234a7f5d46ab060bd03a":"6386e03bcb6ac98140ee0706b54c8492":"0ccdaa4f54cfea1026a4d26338b1e6d50a70b00c46147fe906c95f0a2fb5d92456ca3aa28a257c079eceb852b819e46646997df87b873bc567f69a2fae471df03b0e5b94511189eaeedd238a991b326963c46d53080f420ec9fd1a74145a0b155cbcc0b5e47fa69450c7eb447080e34868d640f923923b91a9e13a05c73550ca":"c1be540448f1e3f432a10b3cc1a913cc4046595f5a57bf57c9d856cdf381832e914088d3388199018ff26327e3001678ab363da9457ba2084f5aa81320f1a0343491e0b44424018765861c5db917ce14e91a77f7e805d7a97a17a288ee66567c5c01ee61dc46a9aa8b281438ed377b792e9539e311676f81c567339cf92b8e1e":120:"ce7e361713630ecaff81866c20fce6":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ad3990cd57ce4e95342cdca4f07d7e35d575eb19f224a7c821b1f5a8c54d4bc3":"732809c29b5eeda974039b122b875aec2823e082ef637294658cc54f9bca88eb7eea87a366234f89919975d0e7dd2f8ea83198d5a6e349149a016a4b177ba43df2f3ca28e27b8566591d225ac25dfd9ea431cf1fb3ea530d65dac93aad47764a6aef8ec6903b6d145ea9a2663034d2a320690b92afd8032084b754be97604382":"fd4ed75d861da2cc14fd1054976c8566":"ab44689839fdf47e887b70fc1b0422dbbe5c1b50f4e704f9a435967ba8b70cf1e144a025d37292f628f9f7dd9d05557b65340090503201e8cf2cea2d6a73ea4850bd0931b90fd4a4306ba84b8aec99fed47ca1b16daee6c95c97e4ba0dd1fb130cd13f5ef77c5af96f61fa05305a3aca3775e927f72f08fc34bc994e69abaad8":"f48721b08101b35cde1c4ce08a8ba0049185b9dd48b66ab9971fd67dee24f89b456e9ca19ac8a9b5b3b088cbd53898a8c2ac1129752fb7fc55a0c3e2e7266ff40f7a9d63ebc4ab65f47422fc17cbe07fcfda582fd1b8f50e840ae89837e84add8be17d4cac3d2be26bef4aa8438daec9d2b139e442f99c32f2789378c8029ad9":120:"da6da2af0fc14b591a86359b552e20":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30823396ac90db573b6587676564d09fa680906bd6eaa6b8597e2e7549c9d848":"c55be5a0b8559e02de4667ba5656f7e46f5627af13fd34d327f6fbfc4f3a9273036fce2fb21232f8e2ed115b39b0ecb9a119c8fc17070bbe4e34d3544d7117ffda5e1ef05e063b5a8fceb23158d7824d6a1eb4d90a1d0360c6bd78fb24fdd4cfa35924beb4e090891d06f53fc52cdcaa6b8bba6772d549eb95b64ebf3756ae45":"496ac734afadcd54f1a4372ceb5645fc":"2d582131f7071e80cde1b11106b7d79bb208743de759d40b897efdab018f4eff1f91d2fe67e27af25a13f201bbe4446f20ac6b942ff7b32cf10ad1cea36945b67ac08b114fc616175a87437ee05f3a8b6566e9edfbc1beec0ed8696b5d5c41a25ac43bf3ce2920dd262233ab3405d46f523894dcbfb6c90b6e911ceb93bb7fa6":"c9da3df66111dcbabf731c6891eb698ac3283780f526e81383e201244efe4eca7a1c84a3bfa9ba5616afb15c1f1af0f3af2e071df6c1d34a343c3e3440f1a3e1b6620243d9e7d9a4dbda5981c3e876fd07f392d44bf3e0a4edbd884462ec2f71d36bde4a1b5792629da09a1fb01bfdbd532fbac71887a05a7077fc119a4638d4":112:"cec973a27c42e31b779a6a91aa34":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"815f2b2f0b1621aa198eef2761380f10ac9872a5adbdf6286bdf3386e56aae4e":"d16930c570414bb620e0eaa2e9b5d96e4424127e16461aaa5885c616a02ae974fb2890e73bade9ffa5066eb88a46ac7fcf258d55733d315951b1b71c5e3c13d78d60344ce921966297a0f6361cfeab03b346a7fa4f83a7a0eaf37576fa33a496102446f9f31b06ed91b51672c879cb18d4e38fa86e156d5b1dbff27925922470":"0843984bbaa565ca24f148e57a7d9c57":"1514b99c0ad3493c36fe1216d1a887a69ea0340101aebb03f60d7ed26893119e81e8b8c3f0bb4af5e10a3bf4edcf257473be9dcebb44a9d912f04d97a556ecf020c0bed7ccef2bfd5580f1fc74b706fea45f8c63d8de6f8deccc47a02dc86d3f0624e52f6f1dcd09de8000f2d98a4cc0896da6a564b92263673adf390ed909fa":"7506175acd64224b39f890e498ee5013bb46fc571dc2b125ed5891b8ce8bcf42342f015fd2df5f4b9cc220aab52386bf2247d4163951e86467633f96c28bdda166d778855a7f60465dd2983232c9e53d5f89432407807b0402a10f155f80055c339451a106ac54438ae4a945e60d5320eab0adad9a1e66d59b9d3cc53887811d":112:"28d9d780052b36dbe80a25d41d5b":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d1325ecedb8fc0fe449de558fbc11ddebef660e47aabb84edfe69837a6a9066c":"f9a4f7029feae5cf5bdb8385d6ad7d7da6a243c5026818e5a794c6cffb8dad3227964501c5a049b5a94a7ea2e24434e086800094118444c5a971bbe575324fb6b51c5939f81e78bb11d85d324742b462ce8d13584b3882617d0c94776f328a554f9d532b6515ade9fbbd2de1c12ab53671b7f7edaa7e20223f4c371c1f229568":"8aff702c40a8c974cf24bf3c645169a5":"9ec2e851dee3834d4843aafa740f3aac4cfb1e4d3a7e3e77349113f5200768c3e9dc37481d6292ebeebd2372db02ef8ac7180830c7187995c815d1d1520c3e2f8cf2a94993b18c828b53485073c8a845066772615b26d7a3d7d3e7d81ad1725797153f7ba5e313bdec582c5482adf76b31c871cd42a313018f40d7e23f1a7f33":"3a93663aab93c6cd236cba4db2c03942d9ebc669633936370c2834357e76f6555c34d40dfaab1e78a105da9092acdba8be89e2dbf72e89518d55e09eb2fa1ea7da505484ad4531dba3eb853d1ae1a477355ea9448067b0adbc782d64ec342c7cb781d9dd8dc2b14dc1c9ab5542b679782b8bb9b45ff6a4e36c513df169c8eddc":112:"7e682b0ddbe6c55091838616c352":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b92242268e598ddcf3a5a0de26d74356693c4dbca354e44be401f3d6804ea1e":"72dc75bc4c8f5bbbd9c639fbdb34afbb84706404c9e67eaee1959aa4b51eac0db4f975cb3ed8d8ca27f72f61c8562ec953a7b8745826121a7016e60e877dcdb046f236af3826c1ddf5b929c5bd9a92b0d5c23cf8983bf2459ced6595882b3dd0cd25da7eba981bba122623dae22dbdce05cf4e5d82d2cc54eb4f68e9e8eff02b":"3c292bbcc16c94b0a263f4d22f328915":"167dfab08aac8350574693b31210138f6b99cfb61ba7ade2e2abffe2255837a913c9afe332e8fc4b2463310df46492e7d982dcb70fdda2a8b03911e6be9a5c5621d0ae8ecd1cb390910b6702aad33394c25d1160b86687e25bb6cdc4811e3158bb85ba75548329dacc19287d9c004a0473029b77ca290fc47c1f96d9583bcd67":"c2dd42ab9bf3fda78032f73cbf7d28dd8e32c582a3b7ee79795551f133234d62ea6571a466b8e1af0b3d354b71a6582c9c8013d5f8a2c34eb3e848360adac1d5005cede58eae7784f32a31c40eec5a3f03cc1e7263d8515b36225b3515ebcf8dca2a77172c797d347ed3921ca0bc73e8ae56347134a6a2a06ae084f1ebb7b0fe":104:"02fb002d8e4a1d11bb0f0b64d7":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5c50059a61692a8f1ffae1c616158c67d276dcd4a029ce197ed48567e5ff889":"ab7e13923e66d0f600accd2462af74192c3de6c718a27052ef7c1302239c7fb2413df7c662657ca18228575ed138bc54f31663df548618e98d64402feab529d5bf6a678431c714df1fe24ea80017f455a8312bb5b710df8dd3571970404a806ec493dcb1f3f1ac980663f0b9c9823e0d0304ed90689f70d4a24da7d8504c5b0b":"920d82c6b97a7bea121f64f83b75dc65":"a9bd57db2bbe83177287e5f614dab977071abfe0b538067f7d0c5acd59bfba95dfb725b8e1af4573ff10ce135148a3bab044552348378d5ff0c4f8be1aef7ed60bb9a374a6c7b8097d7c1804fdf078f212e63e9f11d7404ad0d1a9cb28d5ba199aec3a6c41b9e523b541ad38cea763159836ede6371357ab1aeaedaaf4481c29":"8f7e87e3ff4f7ccd1cedc1df125199cfb588339119a5ea5f9bdb918f89ca35f9dc16c6465fb25ea250eaaa8e7f00aca2199f92a2c244642bd15cbc9b62caa58115ef01d0b4a9e02527e035744b20892f79b07aa47b6c6db1332f82434764c43124b27148f2f611766781df8e4cc0b5ba99b858c13c233646dcb2b8749a194f08":104:"65da88676d2ab3f9c6d590eb80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c7cc3588436ad9e877de72578d30026d32746817ca7a8fb7df9870650aa48d8":"00c2845fc495b89f870bce714f8604a7e7a96ede92c4b9bdcf044c9a176f66a28761089c083d5e2d613c746711238477c0efdf475e18af99e88cf76d04d4e40495ea16c462801443cd7f69c5d36ac9f337e828c308f1d1938b1fac732274459827cf9806c1661a247167948a93eb6e998a4cea76bb825baa27e4180e52633bb3":"5e82285a3b332c693e427f9410564489":"9971b8e234fc3e1e9644545e383eb065e1866e2faa6513278d3972add5ec0e71b1558329fe1ee038a27919e43bfdac8cf08141ab540528f74f9d5bc8c400bb6ee7867e4dbc2aa081d9126ac374dc62b10004d0e233dc93376b93c0da415e7d3e09851f2084a99feeb25939e21893056870cefe7cdfaf49f728a91ea0eef605af":"ab7bac4ddede796576e1fc265c3c598055827be74dc7ed8ef172d00a648da56727767d68fcbe6c44e7272dc8cb15f03a26dc439178849b0e9ad6c7410dd4cca3f9ef40ec7c280042bbc199155c7341e88d35e5e8d0b42856e618c6c30e43d49506ccc3518585c951a3898409315e8b3b4d0adccdb561ddcf1b9d3b2cf3de9750":104:"2474c830c6ebe9c6dcb393a32d":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9d73aec506e022c0692892f6dbc3b4d41e86b97fb377c1956ee27b9c9ab3b32a":"f02bf60f10ed876a803a96e75f3fe17b4e355246135a0cd5497baad2a40a523c27e27bf848f0cb5d0c6428d08bec9590b17fca5e697990d2a6f7d21080ab614f378a07461e7a6207229e0a087e285841ef2f119cac7d8a2d3abbb1e7272a0d7dd493c8c4f797e160c36e086227ceae4923658365b2d3a3fbea11aa2fab3499cb":"bbacc081a6107364dcdac83abceddbfb":"77e1da090e4d3a892baf1afbc12a56201a4362d8f09cda5e9bdb23411e6908915301d66403acb3524898c1c51d6970a71878accd0048cb6cfbd4bf941c174ee05eca2c4a29f1c24e936d3a63cb6cfa710617af1bbb41d755b2f79e135db914a7dd00c590cf741078eb72c3ab559787213202dcc0a4734bdd612b917e372f0e61":"d78fa4024b8d073899ac09b8151c29b10a37793b76f04921bdc7dd3d2ef530a831e53cf6a7ddeec0e033ceeabb525bf5ef57bf9b3661ffb57d3bd4024252fa11dd569102c787c2d8489a1ad1290dca2e8edf82fbe6b5f83bcc0e888045b895e20c8556ee80430cc8640fc070491d2bb81a1209428938cd8e7a27e0e858029421":96:"2235d00a47d57cfbd383b69d":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73198dfd92d26283637e451af6e26ff56e3b7d355ed7ab8b2059c1022e0ea904":"2471b3c4cc1d6884d333d1c998c7c441808ca884cb88173a225569e1689ef39e266e9ad381926adeafc2daccbdd3c9457ea1bdc3bb05168ef1eead1504d1d44dde34f96e1a7f2a5d3fb33cf5292d52fa9412800419570db0eb24fb74d55de202f5df74073c5a2eb9eb726393996eaeb32072bebb00593de41b97ecbab2554186":"e36403ce1acc63bf50b47387250ef533":"cad023cfb73d08e5b082c3061f3a6502a1c1d53038cfb19074d0ec26c9b272db93094147ef0ab2bdce440a2b3233bb0429add47601f011df679698264c0f81444aba14576a1a565e5c169f967c7571bfb32a2a4d7fcae897863d78964c5b1a040cc845494c0ad8ff4353317b28ca3798e6252d5015b58e99354ce6dfbe8b7a95":"32afd6d6fdab2019ce40771b5298aaadf753d1c4cb221f01e4dfc8b1968f898188fa4d448d8364510a7e68c7393168efb4b4ead1db1c254c5cea568a84a997a76dbc925a6c19a9092002629f1d9c52737005232e5c7620b95ed64741598a65a9ec95f2c97b6b78bd85380811c11386074b1e1e63b9a7e99d1cb2807bfaa17f0e":96:"e22deb1276a73e05feb1c6a0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dcbd278480434135fb838ffcdc8e7716e95ea99a1cc36d544096dff9e9aeba0":"da3b8c9e4aa8443535b321c3e9bde3c6742cd9f228c971257430b27293ebeb635917d6cba976c81934c3077902911169e8c6197b2d56a046b7ff03b482c38172accac98aacc90076370df28bc8a2044c393c7541b7b69b0fb852746dcf3140ace4e76861975814d2b5966f7714fb6cfe3e4299d79182fc63a345067a0aa54d8b":"b737bcdee4ef83aa83f124cf7208a671":"49a544aae76b04e62211428a2cc3719e4451f3dbf9a23b6ac824fc472e95e38386d267415c1472a8b0707b0573b9eb2a39a5d5a13464947cc3a7a7dd3b7196f11e87ab5233944f7cea3f4d62b088febf8b82a44d4ca6148be1ba24905432b7ac2bb4ebaf22d3bce97ac2bd34158b6011fbac77ee1fa96ca0c9c9e0207044fbbd":"061b491b73f9250798a0fb1fdcd72a70eddc9cb48c1f10119387d45c50d5fbb8b85592a7977487e45342fddeb8d481eef3b99463972f66acb38fe04953c223c5f3e02611c8f33cb9ad7466860895fae585d40bc78ec14d1cf17b4c5b75e4d8c6341f1eaf80da4a78aaaa30d3bc8bff15f234aacbee4067a947e42275b12e0bdb":96:"b897da3061c77aab5eb54622":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e00467f18536ea6b4d582b2480ebee883e4f56bd91af3ad7a47ceea3ece9acc":"d5334398318ade59e6bda5cfce8e11b25c9ccefa2f651eb16f66c03d84dcc900dc7c85e6d2b778b155ae4591af0698df7f3b8b9f64d4442ecc82035f7d8e71a5f61c515a963f2fba077f3cb8276e91b31b3f8aa193988a16a86ccaec4a688ad68b5146925ec21d55ded407709d34d140f37e1f87d955619453c3704e83918088":"aa6716e6b7107876a3321d807a810e11":"5606a0b77cc9020955c7efda33b7080e9c0e9fd374c4201b4324b3e6523b0407171141e8246d01292a34dc69331f7177d6b7238e16e0303e85741f9cea5698e42fc79217d9e141474068d6c192713c04b1ba3573e93480f69e4cbf72090d46d62d5b52e4a7613af8fcf0010d0024ea11c19cb04571c6d7045a1157cf81df18d1":"249119ace4e292ffdfebb433d5b57fa1518af3389eb832146c3adc2dc62fcc9121d7f6461a53ee107ce7edf362b365d8bc18e50cf9c328cb7c7aa7b4e8bfa07c34dc81c38fe0982bbc3b543485ea4b0ce5a76c988cdfcd241911cd66f5a5f9e0c97332bb0f3926117c0437470717c63957aeba1c55d96b1ff0f4d6045f908cd4":64:"70e986fced03ae67":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a18240f6135e7b6eac071546ee58bb52394bc34ad4e91ee678b72e4514fddcf7":"02f288eea5588e7a011f4d91eca232af70f60ae3d9302cae5a8a58798c1b4e973e3b1d07695934ae871201682554ef6a5b94976c6a1aa73d354f1d65e3f025bb2a3f1e93009e822a87590dbfd1965904223049c5ac0da8596955199ff767b92df10d1f9c05c40bd8204846c719c5594000cabd87342f0447e4e466c3788723f8":"149da8186ca73941582532ede16edf3d":"4d46e1e87322ca84d5bb92d58670f644083db06bdffd99fab0055a62b64a30b5a5673a108f0b9f114d379d3fe63a1f63407881c5b5cb03142109c158af42a00eb24d3b1873edd2284a94a06b79d672bc8f13358f324af2622e9aa0da2b11e33567927e81aea24f3605168e602b532fa2cf9bde5f8cc0b51329e0930cf22e3752":"36cddac99e2673588ba783d3c085b9935626687a2dbac9ad10deb4867c577d6f80453266b2400afd773e4edeb743c32562e85f7f8f43dfd87b10a2dd79eddf6e580aeb4cea92ac21cf49ca97398cc23c02b0ca59257643fb2bc6462b9cf04658352d53c2ee50d87cc5ca2ecb722d950f0daecfa0b7c33aaa2c91dd8b093916cb":64:"73cbe40df3927e80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b64bded6c658090a85b5d889679c6a00579498aa82be1e3a628a1cd001e52a6":"182cd59dc1934199d2d2a2712157438c347e286f66b5a2b8b5149aa41ff7ba82adc3751be379741124dfcf05c531416a64f25f0d28abb6f7bf98c80762f0fa363da679437621dcf61bce43ef4d63178779d1a3ebffb82044d427ef522cbd2643cf1f5617a0f23103cd2a164a59f182b151f47b303c4eb7387ee5cb97cabdf985":"99aa6f359534da409a18540d82fb3026":"f55fd6255d8a188ce9a4a2727699ce16c8bc5c6adba88d94106038b74deb79c9d43bfaa47375148d843a5ce248d70193c8017196941b2d9e2dfd4375a3390c19d2f833b0b265dab30f26adee07ab0aeeb930dc3a9fbcf719a707fac724deb28dee2a6788b17fa3505290c2797c6dbf930b41eca1f6d54d75b820e62ec7023e93":"5a1211218174e60690334856483a3066e2e8d996fe8ab86d0f8fef09aba9ef0acff9d3e1e5cc27efb5464bc23bea9c778fc74206ae3a16e5fdbf99694ab7096f23c4b395d7a7b8d6675e56b5505ff62f52bf183bcc4433298296e41662d6519d9c1f0a5fb3140376c8890547eae72afe75c338ba97fad9f0184dd311bbdaf3cc":64:"8dbdc0746074b486":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cadef353122cec1fdbc236c0ab195fc4d732655cef444c00b6cba5c61e01c614":"a3d5e55fa3110a268cf1414a483adab6d58ec8762a6e6be81269c0369e8840333503bc3688c7be001cdb84d163fa1dfb05f3b01ffff31151f1af780c796822e3d564f785964a546bcc2a320d81a2bc61058652a8594ae9b9b0917400e08d4a99fa161376ac53cba54c92889fd3497e233aff4e12cd85d57375c7c89e92cdf5f5":"d765b5954e5b486885dc78ce6801516e":"ba0405745971eaec5d337fd22e0ad287551e7084f1c9c38231d675719e3980356e183a99a3c760ecf7a8ede5e0dac8d2bc13e135570ff6e91a854ea3b457263b0e77896fdf7bdf0b53c8276cfd1ea3e8e22450ff2665eacd24e5fb2be89373349fc9e2967763d43cbd7adc9a376b1b4ab956ddf8b1a56d9385fb7e861bc34df7":"9b99f984ae26f9cad5b3c8058757a0a5caef0fb86b8ecef0c1bca6b99bc72b0d5345a00ae75e37d4e651008bb733105d2172edaaf5bda4ad950a49de55a514e882a470dca7c7bbfddde40d38fef4e1f3864fd7e212bbc0383d0bc29ab2303c8935d49c35d7d73df2fba0daeb5f37f9ab0d541766da71b33da1018a3f287ba312":32:"c374cd77":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cfc42773fe2d16a59da52234af5015271332344448c214a2b4a0bb53b07a0a0":"dfbf9eaa46c368b28ef50227db97f29b5d9ed599760bb83f5d52f92ef5522815d6952ebb0d9b4efe8844216d37510746caf8c775d2c862bad8d67effe109a0cbcdd14ba8e31fa420a475e55ac6b02908346ad1b064d5b6b869503e08d057ae65e9dc2a2a26345917b18d1b715a2372e8e114a071eced0c29cc9966d7205ae010":"45afb3ba2db9287f06cf48405764a955":"16d3ad553cc0fde3f32112bdb478450c65c854927b198914649a2820a9e3d01131b693765d40bd2bb74a50eb4cd7bc8dd8dbac9c6a61acaf5e4cf81570814b30a6a11877a8f9c5df342f70008cbf0576bd27a50bfaf6e22a40bd77435da16b666a06d172aa981bdcae0d25b8ab002c6c1994a356d3c3b7e4dd7b99892b0784f6":"e29db2c4bccef2dda828ce652791d424a86cd5790e6ece67bc029ba9520bd8f35a214a73d8b86564df0eccdb60eafee4170da2694eb563e5a854b25d7ba0a4c53465fdc15c6e267be2e54263f97aa3edbe2358f3d9b8d28997388a57aa427a239a74534393593196253de1c2946b7a437a00480ecb2eb08dbe55ca2b3641c36f":32:"39e01fa0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2a840df4be22c70786c873058d2a6e16dd9895cbfb55b9c9e98f958cfe62e65d":"313eddc53f3986927a261f498283b6dc4a39d26f98c7428127237d79a11c5e626e2e9cdb68f72aa3168ab23dfa2f5e03bc65a68d781f23fb9e295909cd9f0f3e5648cf82f3f6b3b509b0a333cb7d9f2b6e444c351a318f8f200a921ccb409def21b87bc55ec211a76a518350e6ee21d7379edd004b3bfd1ce9086b9c66d80ec1":"ebf155f7cf55e6aabdc1171c95c45293":"8abb8843de1766cfb8d6474496acda2f7a14e78a5e4c787ac89e6bc06cfd42173c35b3a75ddff644f4a58aa7502fedada38a7156457365b4c3c07bc12a8f9061331139b9a2b8d840829b876beb84f27d5a64093c270fe6c310ca3afe987bbc5ec4dc06358d5bf77c7b4e4fe4078c6d3ec28e9a281318da88949c478094c0065b":"769869a55754eb5d6d42e22a2b5271b38533fc0c79642e250347d34566eeca732e0565f80672054bd10cbd3067730dbc567039c730d8bc32a2bdaad09885651533a4f03174d4e6510547c1e1dd51be6070ab0ca0cceeaccf64a46d0ef87c0311bd09973f3b588a4dfb39c85086ea5d67dc531c287b83c161dcb25e07b671343f":32:"c364c089":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"461566cac74f9220df97c1ab2f8bb74189a634bc752f7f04526923d30506949c":"":"546d821e437371061cf3207f3d866c15":"":"":128:"44193072791c435d6e8ea7756a0bd7bf":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7736dbb38f1fe351a7fa101d91da62124c22ac02ee06b9413f56691067572f73":"":"5f01779e5e4471cd95a591f08445eb5b":"":"":128:"1a1f08c8f40b93e7b5a63008dff54777":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eedcae924105c86190032650e2d66cf6927dd314de96a339db48e2081d19ad4a":"":"a39d400ee763a22d2a97c1983a8a06a6":"":"":128:"3b4294d34352743c4b48c40794047bea":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"714df4b69dc00067c4ab550f37ff72358b0a905dea2c01f00be28cec130313c2":"":"c46d63d6fead2cee03bd033fbc2e6478":"":"":120:"2a0271b0666889d2d0b34e82bf17d8":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"454021ece9a87a9543a1626820d39edd1eff3dca38a287d8fb68bd315a7a2677":"":"51de54b633a7c9f3b7b2c1e4b47d26a4":"":"":120:"114708102a434e3a30088b5944c272":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d7e90b539c99e8c2187ed72823258c1149890a69a9c0081ff8c66e1cdea9f2f6":"":"6dba3273560f30f118a2e0251f7b7d76":"":"":120:"5f45e00181cd2d7feb4723e0cdca24":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2948233eec9bf8adf7250b20d62df9219d30e314c5932383203805ff9f3dc5cf":"":"d6b8e723272e26922b78756d66e03432":"":"":112:"14c9a9a217a33d4c0b8e627641fe":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c73fb5e732ebc1dc7c91ac25de0d01d427de12baf05ff251c04d3290d77c34d1":"":"c31220835b11d61920ae2c91e335907e":"":"":112:"9eb18097d3e6b6b7d5e161ae4e96":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a46aff2121825814c603b258f71d47bd9c9d3db4c6fe0f900e0e99d36c8f8d66":"":"7cb5550a20d958490739be8a5c72440f":"":"":112:"8c76eebda0f1fd57f05a62c5f93d":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61a612c76de551f794a146962d913f60fbd4431365b711217aaa4beaa115f726":"":"2d25462c90ad9a21073729e5efc99957":"":"":104:"e4d3b277dc9a107c0392ca1e5b":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b233480239fabd2035a7c9207a8e1ab2da45a90a472b30848fe4b4757c628db":"":"50d45096afd0571e171e1ab1ffb3720f":"":"":104:"5393bc06b8c5ecef1264fd6084":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc051ac63e6b051594158399291ed101a3efbb1701b98819c4835a4863734371":"":"1f304d4d7f84ab560366215649b0a064":"":"":104:"1081dda9e0a793916dc82f7848":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75f76df772af8e3019a4c1588a7d59925f80ce0d5647030f29548374e7bcc9e8":"":"d407264e09fbc853b131c8a9f808f1de":"":"":96:"d515522db52bb872a4d3f9d1":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"608d7592c094322b31d4583a430986bdf6aa639cc4b4a0b3903e588b45c38d38":"":"6a631952e4990ae6bdd51052eb407168":"":"":96:"eb8851cfdd4fc841173c4985":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86a90631e5341e67dfa55e68b07522507b437fbab7f3e2e26cfc6e89ef9d2410":"":"67763ee1890e4bb430ac3c0dbc2af997":"":"":96:"c6d11901b53cf6b13ac03cc5":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b8d12783ba2548b499ea56e77491d2794057e05fd7af7da597241d91d832b33a":"":"0365436099fe57b4c027c7e58182e0b9":"":"":64:"41fc42d8c9999d8c":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eb17c1bbcd356070ca58fc3899bb3751eea5b9f3663c8e51d32c1fc3060b7ac2":"":"aca76b23575d4ec1a52a3d7214a4da2f":"":"":64:"fbcfd13a2126b2af":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"916aea7c3283aadb60908ec747bcf82364c1827ec29bedcbadacbb9b935221c1":"":"e4aefe6f81872729ff5a3acf164922aa":"":"":64:"2035a7ce818b1eb4":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47b4b7feb91582a2f6121d12fd465967352e58d9f3d1bf27478da39514510055":"":"137bc31639a8a5d6b3c410151078c662":"":"":32:"822955ba":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8955cddce65978bd64ef5228308317a1ba6a9fbb5a80cf5905f3aed03058b797":"":"1370e72b56d97b9b9531ec02e2a5a937":"":"":32:"b2f779e8":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7795d631f7e988bf53020d2b4607c04d1fab338a58b09484fe6659c500fd846b":"":"f3f5cc7c1ec0b7b113442269e478ed81":"":"":32:"e4e6dfcc":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9aab5d2ea01b9dc35c728ae24e07c54e6d1452e49d9644776f65878199bc5e4":"":"96ec2252e51ebfb731b680729be73297":"983a102a67359f4eecac465b0d65908a487c98c593be89494a39b721728edc991726e1fba49607eed1f8ba75ae9ab82a1a95b65ebdf48d7ee3c4a2b56832f21a483d48c8400dea71537f4c459d1cfcf9d2cc97b32eb7c5146cbf44d7e5ac779e9be0ae758eafff2138d4c5370b8cb62d70ebb713dfd2fd7772fa250590609844":"":128:"766b6dcf491a5836ef90f47ac6ab91ec":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d713b33af57762f933d6abfecbac7fb0dc1e545dd7c01638b0e1510af719769a":"":"5da52833b6fc73c0e4b1403e1c3c10a2":"374dd4ebdfe74450abe26d9e53556092abe36f47bbb574e8184b4e0f64d16d99eaf0666fa3d9b0723c868cf6f77e641c47ac60f0ee13dd0c1046ef202e652b652f4b5de611989223b0acf1ead9b3537bba17ccf865a4a0fda1a20b00e3c828b9726bbd0b0e92fa8ed970eed50c885e6d69604278375af7b9ae47fbce4fed7d03":"":128:"6151956162348eb397e2b1077b61ee25":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a1e4ddfbe77a0ca3513fc654e7c41609cb974a306234add2fc77770a4a9e16":"":"30d6ec88433a6bdd7786dc4d3693bde8":"69beef4dbdcdf4e8eeb9bf8ae6caff8433949afc2ffef777e2b71a99fde974797dfed2254b959430ecc48db72cee16c7ef41fa4165ce4a0636ad4e40875d193a3c6c56a6bca5a55bce3a057a2d3ac223eba76e30e7415f00e6a7643fda9a1bf4d4b96ce597ffe30c3f780dd767cb5681bb7a3fd11668380e272bdd70e66f18b6":"":128:"d4a3c91e02a94fd183cb0c9de241c7d1":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"303930b8ba50f65a50c33eccd879990d5d87b569e46f1a59db54371fcbda7fd6":"":"2b2b28d8a5c94b6f7ee50e130268a078":"c2ff20441d96bae4d2d760dcbae636ca7e01d263c28db5faed201bdb39bcacc82ebdc943968aa0accd920d258709c270df65d46d3f09910d2ea701c018ec9a68af7fb3d76a9b360de266b2ac05e95c538417fec59cec1f07d47c03511751978baebd2e0e4f7483f7351b5e61c2a60138c97b751f6a8c8323970f6be05357aeb2":"":120:"b597491dfe599eaa414b71c54063ed":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e3b94f5883239c45ed4df6930c453c9ffd70b1c6cee845bbcfe6f29a762713b":"":"61155f27c629dcb6cf49b192b0b505d6":"5b7482e9b638cb23dba327cc08309bdb40d38100a407c36091457971bad3ab263efa8f36d8d04fdc4dea38369efe7ae5e8b9c190dad2688bda857e48dfd400748a359cfe1b2a3f3d5be7ae0f64a3f44738a7c7cf840a2e6b90ec43f8c9322c60dd91e4f27fa12197fab7ed092990879e964ce014f6be2a1ef70bfefe880a75d5":"":120:"7003f04d6b6d9dc794be27b9c5d5e5":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9080effb27994ef831689da10600e7a219db93d690647457702c217b08057eb3":"":"f45514696ff5ee1e6e5797f7bcff05c0":"5251f800f7c7106c008c0122971f0070d6325b7343a82fc35f3853d25c878215e7a929bf63cc8996f0ffb817174a351b71d691f23021f58777f962fd1d45ff849e4612e3304ae3303ace7b8ca1a43f54e662071c183a1695873f5567397587283433d1e76cec1103ee76f8e0472814424b8981caea1f624131fb7353afcd2cd2":"":120:"cfb6d9bccf0378fabae08fd230edc1":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8c291f0ad78908377039f59591d0e305bdc915a3e5bfb0b4364e1af9946339c0":"":"a9830d5663418add5f3c0b1140967b06":"e43c04e1f7304c1d83235120e24429af8dc29dc94399474d06047fd09d61ddc682684776c81ef08d97f06db6e4cfb02daea728ec6ac637e1ecfdb5d48f0440d8d8ffee43146f58a396e5151701b0d61d5f713b2816d3f56d6ee19f038ccc36493d9ad1809a49aa5798e181679d82cba22b0b4e064f56af5ec05c012b132bda87":"":112:"275480889efe55c4b9a08cef720b":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96c77c11a3336a41b61ffdc1724a80735bbe91dd4c741fdbcc36e21c53335852":"":"655502d70119326405d8cc0a2c7a572c":"c01034fc6b7708128fbf4d6ffa4b4b280a1493b9e1dd07079f509479b365f55ae9290689f1c4bdfa439344e3abb17f3fd3d5e2f8b317517747714a82f0a9ace04938591d3ade6d6095491a440322d347e8634008cc4fd8add7c1c4764afdb2b098b3f5604e449e8049a46b6192647d19cf88fa5ed1abab7f313b4285560cba44":"":112:"b4d581464c4bb23433699c418ddc":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a3957393669278f052ff2df4e658e17f2fe32811e32b3f62a31a3938930764":"":"a6f5a1f1f1ac77a1cb010d2dd4325cbe":"ce9c268429ca9c35c958ca3e81935ec60166aea0be15975baf69103251efafd54cbcc0bed76a8b44a5b947199cd3c2dee6878dd14a5a491a4a3d45788405d0129354e59c047b5367f1158bcf4e066a276951d2586bafc3c11f8a982ca7c3ba4677a938498bd51171552ea032fe1bd85cfeaeb87e87168f7a28e979b08358f841":"":112:"cd5986df8e9761d52cb578e96b1b":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b17652f7f04073afe9d9eb8b2615c7550968b9776b139fcc4f9b0300912cbdb":"":"9a8ac23ea74b292b7386138666a0fb60":"2732107241e6136f1dd28d233373079d75d6ac13828ae7afc751b6f9c57e77268c52ae91f4ab3016af2764597994573cd6b41f72e21b60ffbb3aafc9487ac19d0ffe8db2ae2c7505ae5963b032d1ee1bffb4c5bd88bb0c9a350ba26ee3eb8dc0a157955333e4f28c5ec7349c39229dff9f440da72909f2870aea873a76545ee8":"":104:"f7b94229439088142619a1a6bc":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16fe502e20d6473ed9a27569b63a768ecd428738904cf0b337df510775804619":"":"431a8d78b91414737e7c6188328a6d37":"934bcacbac10ea4ff6ee94b17bd7379b88489fbf123bf496c78c9b6b02ee97dd62eedd05b8f44f4912764920129e711701628991a0009ebc7017a1a19b177ec9bc3b0f280eeefadfa310708dfe214428a184147b4523e66f2d62630d4a12fd3e366d27c3b7d1566553c9b434ed193db083160da1f241de190bcbd36f435e30f4":"":104:"1dd3e6d610f359cc4e98d36244":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccc545fd330cf17e27d75582db28807ec972b897f812d6ed4726d2a18daac76a":"":"caf2f56584a59c42a51fdbfe4ad78f3c":"e85ae6b27778893f36f130694af0b40f62a05aa386b30fc415e292761cab36fdc39bf5687a513e25ed149414f059e706d8a719b7165044fcbd48c773eae546380b8e667b56824e23685173ad9015a9449bc1cd0b767981efe09da43a07bf1aeee08ba05d387b8a00199e18c874fb3a91f77ba448c3bff971593f94747fce9cbd":"":104:"5cf5c7ca6fbfee63854f3bcd15":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8340d604770c778ee83d0fdd5703b1fb304c3bffeb6f4c65e2dd0e12c19bddcc":"":"c0a580465b1b2e8344f795a6578a5151":"799f228962ef87865dfcfa0addde7366de2e4aa78029dbc8d57d7e50fa7c74343458df3465103556a3bfc5ce217fbbb5b2835c9f76b70240b40fd605bcfa6b790d5985a8ba54354e0625263c628e8746c451504fc58a179f90f77f2b293d8dbf5582b031082025c806e60143da9ebb6133ac8367376d0572b32569ee799540ae":"":96:"318f56bd0f3832d043ef700a":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74de45262fe09e12c9ee7100030352112a6532d1874cc6792b4da6950677eb2a":"":"9f7fc7367f9afdb67fd1afffac058e2a":"289ac6f5beecbbcbde5cb3b0fdf4a27ba237fca33719f774ed33a5fd35d7e49f76d3e88c53fd35561655c35469f3eefb5b2f776ff2799aab346522d3f003154e53f4ef075f016aaa500c76870e6659a5f9af197c9a8f5b9e0416ed894e868463cc4386a7442bb0c089a9ab84981313c01fec4fc0ba35829b3cf49c6447f56a4b":"":96:"bc1b8b94ff478d9e197551cd":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"441ec8afce630805d0ce98b200e59f5656a5ce19e5ef58241e6ef16cac7646b9":"":"a1cbeffaf55708c375dcfeb496b21f4e":"5a6ba5d3f5a7a4b317c6c716564c648f0e6bc6b0f9a4c27affca6d5af04b7b13d989b7a2cb42ce8eedd710be70c04c0e40977ca1c2f536aa70677038e737064fb0e23d3dd48bc00ebdd7f988f57141e164e3c18db81e9565a62e28c73770666ff3bfd725eebd98946fed02f31d500b0b7ab4dafeb14e8cc85731a87f50d95fae":"":96:"aa4bb3d555dabaaeb4d81fcd":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d643111c973ffb7f56bfbf394eedac54be2c556963b181cf661ba144f7893a62":"":"4575b00b9af2195a0cc75855d396e4e8":"b2c53efe59c84c651979bcc1bc76b0bbf5e52b5c3115849abdbc469a063e2b1699bd292e5fcb3476e849c9edbe6ea14c2ab948ed7d21a21f69406621d3d412b043eaf813be722d92739a33a361ed8081c0eb00400c3c7d4e329f5ba4f7b75d534500f42f178048cf2e95b768ffed79c350f2ff72cb355abdb30af0a1363c0b4a":"":64:"9d1d182630d7aeee":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91301ee0ca694ae6971ee705f53c7ec467f4c88257d6466f6f8159a8970384b9":"":"345fb57e88124a414828730a85f57871":"c13623824a204385f352388098f5e2db23426f00a73c60c1bf1047ce2c7cdf7f7cc8475781fe7075d1226ad18871e12f0156f35e6ce7032efe3bade1c807f9eedc720fff7a27a2f4690f904be9c99b54a65509eab60e97c4283596eeefa2b2517e95de7620382e3f780efa1dbf5d3908373adfe784a4faf298681e171bade4b3":"":64:"325d08c5b96068c1":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6ba5c11daed7f868da9bfd7754d555a147a1ffd98c940c1cd5d136680e05c10":"":"b0c92b79d78547496d770678e1ce1552":"5b1ac8ff687f6fd2429dc90a8913f5826d143a16a372cca787845cea86d9b4778708bc0aa538f98e1031850f7c1d97fb64fe29adce6e1d51ca7f5203fc0358fe0bc54347e777dddfe04e3d7a66a1d1e2bdb8b8929e2100daf073845db5dc0b243819754c4c08f4fc3631d1cbd79ac7604746d677ff035930fcd6bd652e7864db":"":64:"b1819b6f2d788616":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5fcae1759209e784dae5a8278b267c414a03ce7c803df1db7815b2910d10ce19":"":"24c5c349b3effebfd076c88a591b8301":"ca2778e39fffce7fbe8f912e69d55931848dd5ab0d1bd32e7b94af453251a47f5408ebacd7b50ddd1103fab1c72acc0a02f404c5661d8450746d781e2c0861b6974ade9ee2515da88b470f16d5f06007f35ce97cfc17fd015e438af39ca6127db240babe9c42ed5717715f14e72f0ef6ff4ce512de95a179e60d6393e73f216a":"":32:"8e59f30b":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d71a70fd58125b0da8dddf8d23ddbe0bc44743753bdf259448d58aae54775a6":"":"d15b02572dec98398ba9e68e1a463738":"81313be1eda9f27e01b30877ca90e825f55ef60b15548c45c786c44b024e7198f333be7ddd2c3f593a9b77b68e6a7ac4cfc015aeec66f4823d9be7152f02a533f375554309a4db0fea8e76255144458e488fd19106d9a9614e828ae306fe82af89e7981369b2259c49bae77f8ec2b1f169ef0449ad083d11907234b72ed2e464":"":32:"99df1b8d":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b52398c7c75e1b146cc9998eb203159925cf6fc0b1c993ba46528e2f8e8087f0":"":"afc9a60ab8448b77fb05e8410d0a26e8":"770b3782f0e3a19d7d6bb98fa3eb0b916928a2970701c0f4a372a0ecd63499444ae02fd269ddb7d92e11a9e11d0e0b8bc60096a4be79a1e063174b710c5d739d8d05ab5c8ba119ff40843cf8c5dc4e1bd6fcad8389de3b606284c902422108d85eb3589524776641b175946c9ade1465e0d1064c5ae073be90e3261878a9af98":"":32:"32d6b756":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6793869513ac886ed66e5897bcfa263877d8465fc762b1ed929ba3d08615fdd5":"cda45e29f487f21b820e1af2c8e6d34a8bdf3f72d564a4625a6e06f9bae1c2eac3bbd5c5958fd75cf389a1a31391211745029dcd4cb2575f40ab04710a909b88c2d430cdee279f54cf7c0ff6638d1e0e631f526ee198cfd6e5cdf73d1a11b69de01d640f385fd829616cd2c0e78f09b5f64012e42dee9eb0245b72aba1404e0c":"a43de15dae25c606da1e7a4152f0df71":"":"385834c853772af70675b6be2d5087df84f88b6a303ea594a170e6dd0398ae270fcec61661ca373f4653d8dcc9e71767568c0fb03023b163bdc9ae8a08ea858cbb03b8182b4674147cb35ffda14a2f50ed9eb48d5351f00eb2fa433fdfed6f94833bcf656a7e350eb978a0aaf7a91674145f28f64693197a116b21328e273dca":128:"159ffdb05615941e11f0db46ac8f23de":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f77c141b234907b38fb45f1b3602f3c29de1ed839bb7ba51f6192aa8baaa287":"96dcb74a78e99676a71673e3c9f94c34b34dad2748a6e42cc70ea50e41ef8b86b5992295d2cbc8d621fefce09e8948de7e696b9788377d598796afd002a82b628d9890db78359e1edc075cbc0d3f11d544bfdf5c8a838390cb856735942dff260189c00accfabf720e5fef1d9b7131a6b2b769f67374602d1a7ed9b899b2c398":"1b49005788148665cef20d8dcde41889":"":"b4ca59caaa94749317789b92257f2ef1dd3d9b1f4ee9540927a6ae7bf5bb0b348fcf25ba8ddda79a89d3174ac1713421291910c8926cfbb4ec1e59be7dd50e816ff586f165c605371ee6077ba4ac0ce10499f9a2a44866ce6319fce22652226164cc0a813c3147c4461dd0410e3701d4647d5a003090082e367cb9249cf1be47":128:"8048ae0c35a656fcaa2f4c1b6be250e2":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2419fd9dbe58655122ac1022956a023446b7f4756163769fc1b99eaf8fba1474":"93bc33dc647c7321152b12303f38937bd191ab3ce3b3a43a29f6853b33e415667d97192fcab2d1baa017042b301d03bae2f657505cc58e3aa4bd849d1ce85ede0e192a373a3894c41c54edbae29a209e16c87c81445d43968595297b50b55659f8b92d7282a2b3ca85e4b5d4ac4ff5062635103f2c7806fcc7378d5c2013be72":"94ef13dbfe9f362da35209f6d62b38a4":"":"3db23c161cf352ba267dab6a55f611eb5fff78a75288779a167cd0e4db6e75d21f11f4ff2928abcb1b46d82c2a0b1f647c60da61f9a72565f629b06a7b3fe96e4141a6886436859f610724bbe43fb99fac9b78b1e0138e2d57ce5fcfac1599bdba5701cb424535fad9ac482ab381eadca074e7376101b4b436f9c43ed760a0a6":128:"ecd4a7370096dc781c3eb3f7e5985ef1":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"08e11a8b4b24e63060c5002713725bb5b4a412f1d76eac13989738ce94e19642":"d5598f4e37274f3b617aa4f9cf6b8547b4eb1e0eac79f6eedd6cd5364f8891f66b8d0cb09f54777d461bbf92d6fd74b3fac412b77f2c48e1024cf09b83c1e71bb86f0a20f82d296883ffee62a4a192b184bc6d7ba0448c1519310c83b18c00e71153137afad14f096b43d454f205ba6b6c2ec162aa992cebf50735dd9bb37c7c":"c6f1e6a39cabda1089048b536e39cf67":"":"1fdaf0156456b6b2a68d66091bf2260792748acf3e7bbb7906af8e0df3b569a7c03ee3a48bdfdff7ccd52433d0bbe8c5fe30d93633bb9d591dfad7d81bf8efd4d4a3c5c0bf2ac9832f0a8687f16be640fcf9b19169c251f46b97167d95115acdee3d4443df416275f5597a52c17a4b8c4b723d4b35a7fd0b380fdebd44df8bd5":120:"cb9f4d4610c67acfe612af5508bb8c":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da2dae0107c284ec2aaf6e7306959df1e92d3932b88954f119ab677c6b9dcdb5":"277675044caf1713109d4d3abf50c6fb67dc67f7fa584fb1a41c833feead03177cf4b42edac139807ede16eb1d9bed27db741f9542d437781405608de18418c9f7269ab3fd88f6a922a31eab5a3b8b2aa75ee4315fcea80c4954ea6613b1360b1c7c6b6da815e3f6e50f72b7e69c3b6cb3d154855e3f83cbd1947eb54018155a":"2005f79d55b12e6dfbab7fedecc50e2d":"":"c2aaab524d1738b5244af642bbd16b32ba954e69ae51acc804a6b0f89f6cb77ba2db2b0e109cda6036786f9cec5587b01e306ee8b3d588748c61ad7fce1266165729d0153ee189746b107ce15ced667279a484294725e120dc1803d2c751784436ab8ff1d5a537628ee35742d1917dc51f8cb46c2d6b983bdec502e99b85e5b5":120:"52b4d7f2cc44f0725ee903551f681d":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"637807b3e472e2287b09d5a3ee62f791a416419ba35e11c49b24dbadc209f0ba":"e91a0a7320329dabb0d0fd7f099a4d313724aeeebcffe6fcea5b00af27d258cf9774845d29aaf5dad634c6f087c3311b1c92775fda8df8820c91186da30dc79747be6ec6230f2c261063143f4fc89d94c7efc145e68bfdbd58fb14e856578ed57ee5b3cba2cc67dd6497f05d1570efa496b46f5bcbf82ff9c6a414f76fcf3f5c":"46909d8dba6c82b86c7a2aca3c9e71e0":"":"13b4ad9c51063a7f697f3fc68030144aee0aeef0b5a52c9d4920a7185b0452159cf13e64ca216ff16637d0946a75fb5da283fcd263dd7ef2c8f14cf75537742d1f0e48846fcdbf03bc343203f7c31cf61b36374033462a7b813f4dbe9386e57874591fde606fbc150d4916c339f1950b09b1911b1b9119c3ff4053e05910ffb2":120:"6a5c83f807401d1a9a3a2688289f61":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"33613dc6e029df0f3ab9ca66fa96cdeaa84c1261dd586723b1ce873545565f7a":"775862b39c2a509afd3470a56891fbb79bdb7dacfdb9ac72ba4730cb936d364e1aed3c92c01a018cfcd7953f751003934c15bdfdf2826e9947ea8e521f55fd2a04c75156e4910f38932c9732eb3e60423e849d34c55e3fd00b48d83028e3b4f35686016126ff16c942ec859d3c3aa2ee6d322a92dc9fa9b0247423416f5a4b47":"59484fbc27cdbd917bb55f815f9faab6":"":"069f80826dbee03e6a3437e7c6d16eb6022bd14827b8e45bd440d9b1a8ddae09999388ba0b1be0a6bafdb96f26dad523a3592fa610d5091f68380f4c1c3fa9ef7a0796ab183e8a82c2bf1f76300f98ce983eab7a93ddb18f1c10534fdb61ace83cae37e225930ab870a46285e733788e907255ca391945d409d2e53dd8a28390":112:"9f31f8f8459eb03dc3654caba5c2":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75d8132f70ef3f2d8946d296c83014683eb2a4a58b555c0f48e4bfa5774d6672":"a5be88fd43dc761838f3a9c7d62923c38414fa61b3678313cbc8fa9c2e5effb6cad7d5be5f39a71a28ff327b68a69f7e6a6bcb90eccacaf3a8659aeb905dd3e38efe57f2bd0d19daacae238baa01a7051084da6598fc5a3783a18decefc8efc8d46c7b1887f87d6d70c909df49340bcc680832faac3dd23cab5bcd80553dd485":"5ff41f3e75c25cedda1b08a41b89c4b4":"":"959396b86913337f2b1fb19767b787c18f00661c5d601bc65e884e15ac8043081459e889453e906ee267cb5d04fbaf250144a56c820eca34469967c73daf50796184ecf74f3c054bfa63bdd0c32425a8e10546ac342bb8e38a186e42a403cb80110aefd5f2d0bcdd353daa4430b8e7ec2134925c454745e2f708cd0b90d9d672":112:"ca0889a0eb12995079cf9ba77019":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d44344d2ff9a02b1c75785bc84f16e4d23614bf43b2b9a87798b418e905c532":"e5689cef9f8258a748a615070fcbf40ed0b24c077e2f9a362cb536737ffbc5383bcafed278d4c5e0f3c83fdd5cde79483c2c178f6fef05ab50f2b8db680027a175bc6d702d249efcd6cbc425b736f1905307c9303a4bd8aca620b57e3bb4b68f2a515259b06cf5365b675edff3457e2e915d7da1e0802f7300b3d56c4644f4ad":"256a983cd6d6eb4e80b5c1d1cd2a9f21":"":"13eeadbecc4c9991e2aa0b1ca819572ef28517528320db970739a16994f82cd8b5bb53d889f298f65c63dcc07089dbf7e9d00612d2cc8220b5630ca0262a698836d906256896eea446f6de4506e558b4f20950528c8c397b6b5b04890204b77a163e46c80c96b3e268fd2754e0380e7330782d606c771d6085b34200a80335f0":112:"b33ab1e4029998e2566583dd550d":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3999a6a394943be3d6e5732af5faf26caf483a3fd42c13b7f4f02132e93a990d":"8907e8832553264d7e92afa1595842ac661ddfec3f4294567faa0af61b3d0fdf76a922a2f3affb36b3b3b97f18d5172aec0b8f6f01239bb750c0fdd5da1e1244473cdfade83797037ca46d83123e6105c5c54071971f190da0c59821b0bf87242502bd19d19c7f463145bab0e687a18ffb2216c4a2ad2caf9488801c33c78c03":"76e2a5141d094b3a77765ba328f33576":"":"995189a396486b451db0167cf6990557287074def46eef872e6cfe1a297e256bdff2b71668ff0184eedf00ff1a3ec91358874718f0af88acf2bdb191e97332dc544d940412363840d4c03c7b2231852393c62d625093011ef314e4f755b1d0ee37690b4dfb55194a1465714cc3cbcdf93af39e666be0407508b8764f7ee95d3c":104:"87c8f61f459fd4a09d9ee8b331":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4359a62d54c43770c3a0d51da25cc32fd985d9b41c282887299d2e348aa25a36":"f020c9cafba399009bd920c3ffc165d4db47a9ee15ca8c1f51c65e306ccccd3f1d694071a3c765b5255eba6ef6a280f6095f8c195ebdfbee6968b57366e62e16d05b1768825ab7fe66300941270aa121b4fc02ab970ca6e32170cdbccb46fc548620fa1777049343b1600bfb1bdecec6682f0aa7244a0852adbc7aacedfba446":"5fefa85c958417b6bc8a61b5496fea93":"":"3b8f829aa1cc1532a434bfbbd25f42480311657215946b9216846704fd5da5e886ca9d130df466c3b58f5259102ea6b9ad756e9f484a38dd0ed289fea083ab99fefbc2747100071744f10e362351d4ffac6c7c1f5a49ef3c78e2dc667f6b3bfd0fec454c4e3139443da71e514540d7a228db193a4c35d639ec13c1198ee7f81e":104:"591db861b9060869edb228a324":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d798a357de5a686d06c329e451d7384bfbd462063fb8ea7d77a13dfa1f2aac2":"d920785bd7d7b1a2c9c20139380a6ac5f27a11b614ae110da14203146c2615d81e97649e95edb0eda71a0fa1589244ed42fd9449962a92942e38001ac64b212c7e06c113129712a01556577ae02325a26eb92581c0a690a894225e83ff1e36776f22b600508d6d96a0d1c55316b518df8d09769df5e8340cbeabaa0bf7752870":"50a003c0cb50ae8a3183cd640ea4c6f6":"":"9af6a5341cde4b7e1b88346ec481024b40ad95a51533cdd8e09e4809a20684f18eaf243e1df56f02ace9667264cc1c6af6b0914f154b332234f6468cc471ecb2078a9f81c17f4ade83d326b670795458d110e4c4b4cd7fe7f9f5f4d4fb23a038969e4ff4f74839b1edc270fc81fcdc8a0b15b9c2f0561567c471b783b4322ebf":104:"6c2f01264f9dbf29962122daff":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29b01b6d15f6e68fc2e7079429dde5363888a6410191d603941bed272daef7ed":"123b6da306978f745d1dd86d7df32d9421523a7f329dd29ad98d2c309145844010295ef443a18d37ffe093080682fb96ba9c2c92105d35d77897b589e2abc7269aba8752c2a48c843bebad2c0fa281015ba85f5f709f6aee9b1d49236d5695f7f7d01554b193c89adcd1a91749138952cb3f0ec8b5f046328b3113aaa0715ef4":"cb4ac8373bcbf1b14cf2a6a6a16a422a":"":"caf71e09395d596d5a7b091c9e87ba6d522e974451e41f33f3e7ded554f24daa9da719e87793424eca9a3eb3972983354041091ba4b16c5c8c14913e1f6cbda09779188e9b5512917a0adf4b4344f119736ba6328897726a317989cddc66f16bab64707564bb0064fe6ab7b2b5cce143e94d4b6d739f58c47b6d4850697f8101":96:"f635ff3d8bfbfb49694e05ec":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f96d8cdcc21884e050f762c049930d78360b56cef5b99ae232c9a8c6e8fa89f7":"9cf05e5065531d2539d92ae76a43da1fa3614ffa4b1c73ddc2358f8d71345c01260060239edf629efc3650e0d13174af4294b6da0f39cc7fbecfa324afff89dd7d203416bd144c5e03df60a287fd4a8d54ef9b4b44b3d6de1d9de07418b8a34ec5c28cec3c5b2fb861583178a68ea0af89f2dfbfbd86f7cf1e572e1c8d4b0675":"5a7eb964b6bc9e75450b721b4d1f8f92":"":"566abaa23b8d464d6f107699453740e9e189254145c5132fe46989a6654de297398913daacb4083b29f7b31832079616e9a43c9c2878df1df451e49f1e629c8b9de2fb0e4ae9df48e3e8880f3f1ff5ace8842d2695e702dd1b7bfa7c25b0539b8c80d31ac91856796beced082c213e8be56efd646dae932f5bf503af46f491d8":96:"c049cce29c401d3d198773b6":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"253234c3dc9cb3d50a80598c5cde0e37b6b13bf834f3595a9458dee698a6d19b":"686ad2740bdad507ebe97aa5bdbef25b8b030c4cdcaccb0d3b675ca91279db3ea75aa222c0ae98f86c24b10038cbb4fe9f897e1145b2f58cd3e9120f9a5620f38aa1e1f63906f557ff4a4c3223f5bb13dca34f8a1c6419e24ea57d114c62fec6fb9eee58a16b9e6a6bd930aa6fedcfc591311250e7167d43cca5916d5beead27":"9d156414acb63d11cb34870b937c837d":"":"96abd56d2f8aefe6c687f035df46c3f952a9933b8a51698e47d973b7d47c65ca3ba2474cb419c84a4c3cefb49e78cee1443a8fbbdaaecf73e9059ef34ac5a0df3fc152ecde2286da8840ad4617fd6ebc1e126314204bdc0a17b958430eb9f727498ff1db17aabbdaf43acca0945342d2ba9346da5373b2372b3081605e895c99":96:"3d998e5be9df433da001a686":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1054d48d52693d2797c80d3f10509d1c808f36a4d65e8fd968e5d56239f856bc":"a708e9d2d27ed4228e5b23d358561a77d684d855db9827be2bc102f2278f1961d3f056fb76f76204b2c96b916eb5e407f98e58edfed06de2388521832d97211d851d3e29658df738e3a15593b9db016d9e46fe9df98ce972d59f7058d484886ffaec7b9fd973c55644831241c1ce85bb478e83ccefd26b9718bfe910ac311ecc":"87611b936873b63abeaea990d6637a22":"":"94473e84659bc18eddcebe3112f55426f48ca4d670291fdedd42cc15a7415aa6795fb75b39434884eb266677e1fa7f530c6f3aaa733c0d9c06291bd7dff4c4e5857b2ee9e9f1f61a85571ad32dc9a3259017abe9eb5111e56df2913535669f3b2d722bd35fcdbd6541918885d9677cccaa902b9d3599cd4f0df1f35f4d11b8cf":64:"9bd7cfe1023448ac":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a95dc5127b9cb1c82d558d5b24ae049e24447fd676a49350089951afe01dc797":"45f81fa4780a256c40a0efec9547310406904d8991bcf964aa35ec9af457e2a642c1343827839f1f4b42f2b226da351731f416a4b4151f07927c278b371404f027bb2058e1765b367f5433a43fa4153883351041db3f066ef284a3eabd584d1d0b1d594b4ce7b5bca1708fbc661d95a9ac0d77dc29547f022eedc582fc7158c3":"0b177d01993ec726fff082ec88c64a31":"":"16c77b7f541d2dc4e8d31da23e04f18f4254aa283e8cee5b776f3d9a27584f459d0747955efff8945f807209ddaa6421846647d4198534b244498fe13a9073d372171d1b2fc38af66204f3de04000c093ebe659173b8d78dcfb8ca9003d2cd44ed168e6aaf55a06f29e83ceb32b98bafb59f109599f88b5c0f0557bd2b28f03f":64:"19eb5f808d65989d":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"53d6393dd7ecc40f2d52460ecdb0607133ad843ef53f380cd3a2755bfa567abe":"72199c54dd5efb28c104e3b7210855506f6577d15c4eccdaa6a621a572e15f5845d648cf71b9fafef3411f6c1a664c7974fe71126a5cbab907e2caa342d8d7a05bc68a72c824896ec40e520e90b704dea441d22c5918f98803a88293384f64f92f11650c2cf4d3b062d30e14d149160742f59a473faf8fe00f4bdab9128c3281":"db7e93da21f0c9840c54c56e9c6ceba3":"":"5e83f559fa54926b731334f815783914530bbcc472d4bbd5e65908fb1c421442cb4c57329f2e4ba3d146a6499f34d8f1ec6d43e0cf98bdba923f404b914700edb235b08b0330097ea4162fd0baa1b7177ef0b29d5a6689bc56b8f975d6b6067ade4b8baf1d47a2eeb5b2ed28ebeded381d55d280cb2fb65ce4d82b69cce0594d":64:"4e65dde857a0f5c7":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa4a53c7764a254b06e1d8003810300b70f5729306effba9fb6210f97648a499":"19f3a8c298478d6868bf3b31785eb62e844c37200672e6ef1ecc05c616d981e02c333dbc3f86dbb7ab9ba40e9e57e133e6d1d595fcc6d8e9886a84517212669d5d7ce0f1383cb58681b92dc180c06caa1a7ac1ec974dcd7f2bca7ad2ab2789c9a3a487d64c484319bffa56d854a6d40c62b02d0c7898f641f106ff50d22a12e7":"c32288f97af9b6e31aa7e40d9ef8d016":"":"1fa6aec7a28767c8961363dc4264e6ab97014264f6fe1dda7e9db8646ce9a5463f69e91aad2fce696f9b641d75635bfb0f97ed2d7beaca944cf8bd9dbfffe77b5ae9fd032575e5333c7ce27538c609922843de87b960ebca7c2a2ef9702dd0c32f787b4d7df248fdf526d594a90bad0d6a8dffe212246c36db71e2d348326624":32:"1699444e":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f420b6ef96d9bfe46dcf18246ee230790a6fc854e730f1dd2d1ffd0e8b5c4776":"658a954d6c61d0d6f0e81a3c1cc65684483fdc95f280b6d4c964358596c25ca41c389932d74a1a3a17d041e89b7110ea315fadb3128c2c469c350bf9b4723aa9c8abd9065ebbd12c317bfb7090f09633f8c1184f0c4fbe10f5486dbfb847536c886f7d144ed07272a7e62fb523a04111e5ea9e1ab415fd17e72143006db14e9e":"4982f502a37eea8bcf316ced466c9fb1":"":"8630aa78aabe35d9360a44bb2094209b6f70d46d71e3949803cf54e33dafd54c6e49eda9e26dc5c0c1e34908f5281c8cb2a1aeee81186cf45d3eb22f486320c7ee0fb7bf3c211b232a8426e7e82f3e05881bf7d9454cddec7f28e5358cd0e9ea2e9cff938be044c1b21911d50b2ae23ab1aef377511ea657adcb560c34209f8b":32:"3aa91b73":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50f3b822dfc70382d8695811e6b0a2896ea2bcd4d5268778cd484053c8a19288":"15bfb3a562ced63c92561a78374af40c88a08ce02392419e03d7543365c5b6525951ef2dec5927474a0ef85f519e5ef795881db3eafa765ec38e6be7b565a878c13d90c02889dc50cbe87081d9225a515504c7be15bf97f5d72a4d81f218a148a46fbd42983ab002fce0a54719bfe301bb761753cb330dc25be517b87d0428d9":"980810c11abd3aff43408ec9a69abcb3":"":"12632296f27eb2439009f6032a3f648370303dcebaac311b684de2496f399b271347b19e045c1060802f3f742b6c780d20b9d589cc082d7d0d580dfb7231171cfb612227fcdee7feae4f8defd34c89fb0d68570e782192a7bdd9a5464f35dc6a4282cf9cc3fdfac988d129eddf8e0795ccc24a113f872ada88834c974df8bc69":32:"32c1c4c5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29072ab5bad2c1425ca8dd0ae56f27e93f8d26b320b08f77b8bd3fa9d03edc6c":"3c7afc5cfc5a1e141587e93fef8427d4f21d892b983b7c9b6e9de3ee168837a1533847c8a2e2ab0706ac1474e9aa54ab57e7860bca9ebb83bd6d3ae26ca5387abdb9a60c4a9928484742a91294b13ab8f51eb4f599a30e9cb1894aca32a62a4c2793ee6793df473f43234c9eafb44d585a7d92a50aebef80c73c86ef67f5b5a4":"0201edf80475d2f969a90848f639528c":"4c8ff3edeaa68e47bbc8724b37822216d42e2669ca127da14b7b488fde31a49c7d357fb9aecc1991b3c6f63a4ce43959a22de70545e6aee8674d812ecaaef93ad03b5d4c99bdef6d52f21fc7fdbeb1c5629a76df59620aaefda81a8e73cebe4c646beffd7f4a98a5283cc7bc5e78b2a70f43e0cab0b7772e03a5f048ec75081a":"f3755aae6813e4e4b84a089ca1496564676655ba3c94e59c5f682adbbfed21e76aed0db78390258cf5fbf15f06c6b6468414cb6493c8b9b953b4954ecaf07ecaf8586ae001710d4069da6d21810bcdcbb831f7041cdbb984b7c55878598a6658883178dcc0fa03394519b8b9c3bed0e5c073429f5dd071a9184b015cbbbc62e1":128:"0549dd9f2a123bd6d58e5cd16c0624a1":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa9999af53720d0c1288fd3fe307a471160635287eebf41dd77c82d1f9cc9d61":"6ce6f2dc202750219e15a24e1ff0678ffdde55b27cdcab6da188bd5235a3bdc677f72f106579d02c2970d4542e4e2372886e1a6d74c596ce735f51f2ee6aff4d62bd24112ec7cd1adc7c660561f163170cdf047c241c53b8a5b2e03fde48c249a319bb90c2693c468c9dd136e94e05f067cd1d68244ce50be318ae0464b79acd":"6299d651a032bdf3a7e6b25ace660e30":"afab0a3d1960ac973ee2f4461dacd10d189412b37e572cad7888bb4d2453f1eefbd6725aadd5f982393dfa59c3cf1ee342dd91e1fbfab10a802e3a0eda226fde2686e7db1015405a3d33c921e5aa857bfda53ca3aed3ff0e18c289406740a7c5d9f86ce43db40c9032e98ab126c7c0364e2efc008312b7641d36503d183fa5a5":"a8059fe6ff711616afb591b5e5de497b3b7813f9de658c7b47cc3e7b07d0805c1ba05856d98341869b8394f3b5df2876ae19837edb3931eebeb0f26eb6c4a2ea78003d82a98111305208ccaceaf77e5d71996cca4f9a5eb712dd916b71455f741ec2dde51f56828667b7a2da015e1886fba71e496a542d94a38efbcb5353fb89":128:"2ff4d8d00400ad63a6ae7842eefb16eb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"31721e5e3a748a7f7369f3dffc1cbb570ceac868ef9d1f29b944b7e86a26d273":"6afc1d22233a60c3e6851447de89152a0dbadcd87e35fc947ca4bc886f1f87549ea106b097e2655136833d06dfb879a85732298860c149c5e5ff03bb2a95d9cd3deeb8ffdf951ea5f97e32c1ed75271d2ea58d158ae6d568bf197d69130977e330ebfef33f222bfd5b56bc6b0382dc99c4f0e42b0aa7a117b43f96d43f6e02dd":"523247d56cc67c752b20eab7a28f85fe":"11eb41aeae3611f0de77bfa1221ef5b7d254faf893dbdaead926a61605f8a86f20f1fb84e0c5acd195143bc5a4f297bf729129f898a2013175b3db7004115a6120134d8e354afe36699a6c6618d739c805b5b91739df67de7667729f1d6eae1a0609897999d474be4d8b826df901c6f39d522570d38d2d1aa828382932a177b1":"39e7f32bb3e8436d97a1d86a22750768001fe3a805516d3f800352323afd221991105d12da69ce7430402fa7923958ad5ed85506b968c4dd89516d6e3d02e722db3954ce098ec3299ef4f2ed4a89f383408dceca9dabc6f8eefe5a1f80093961c29a94b222d1a04d2c1e453d2e02977f3dd77a4659e2bde2fdbba8e2829db4f1":128:"506883db674fa0417e0832efc040227c":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"100bd2bf9c8b24cc2e8d57697cd131c846b55ad6ff0b214c0de14104b465b58b":"81c3370da989f774c1962f60c57299747481bea0e6b91df846e6ef93cada977bc742ee33ce085ae33eb9f7393a0943b647205a7e1ffb2a6a803a1ce7a88902456d66612362962b97c7152b57f1d54de94a39f07c1a8098da4ea5e498d426b7036c642fbeebefda50b8c421a7a33b1a8499dc35011d80a51d34285824d6f01722":"363e8af6f38307ec126e466e7056cc45":"471f7e9a0b505b12996747ec9e32731f11911ee95d70795bbd1bba34cf782d4100ce30a85b23f9f817f30e8f314e1a23e101201c920ce12ce732cc3fe01c74a9ee8d3e1599aa22f2398c3265d4dbda626a8ff4262889009e087fbef6babe33d7300e5cfc4c0056f3562a913d2594fee8e44959cf728599a9d3e7ee4a9ecd6694":"9494d01966ac887b8295bde61f0e7d006ea7b5c984a29cf5d849194f35d7b0f6ddb3bbd9646d7b9b961c515179901d2b04cb7cf7b6c8736d1d472ae8bb9a6dc9194b03b3f5373551a5ae0c0f023967669c873f0acfb02c0ae3a384e70f7a7ca05861f257f36a2ad5fbb591473dfc3ae1264dca0e889e0ddbf93dadf75db2059b":120:"5c78d914cac78c514e275a244d0ea4":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"614dd1762deb5c726eadf0e6587f9f38fa63d16bca1926955404f1b9f83e241a":"1ae828a1693d3c24651ab8ba59fb1185d08e6cc4a964f30dac59cd81ff4bdfce8023ab1b6dffb594a4250d25f611763efb4152cd35b937ca11373d237f1f8b3c0e21b942beb1f4ffe5014198c9ff59896ddfbb55e69963e3ef6b03d3fa134977870cd6f3ac10bbf59bdcc9f103cc2d58f294ef5f007a9f903c7bada08cb454e6":"10d079a86894b0c17bfcc8ffc4ecf7bc":"c4035f80b6d2ea288afd4ddaec1eb232b78be5a86583fa85f791d546102c97ace9716c2702483d762c8e4eda12f3dd10a9a49a2d72cd4694fa794477b54b4367be6b548675aee4c351e3f66c7e113aecfbcc57b8bbab4a039f28488237c75313e62612847b915ef9b582e146b2bfabbfce576a984f5ce4be0e6bff5480584fc3":"bf5fb0445aab46aba504801d5356455f28c98f300670a731bdd0c901a1d5564aa31f5d467e5f80dadbfeca61d2bf72b570f3935ba04c45a2ff7994bac6cabf84db2a42cd5db2a4f160c97c76817cc5cb62d4006d895fcdb218c1464b5caaadbd1f61779938e9a84440615eae050cd6f1713cfbd695d78818b2af78157339e9d9":120:"6d815ee12813875ce74e3aed3c7b73":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12e97fafff7d397ea34efc0a8528afcd51c1b2ccda680ae9049edc8359b78ec0":"9fbf0141cd50bd1b3ccaf137b808b698570642ab20c32120901622b34173d7ad119abca3c61bbf1e6dd5cb182a079f3e01b0e5263d984c6186f01792125dd6c47c30033008ca2e0377f990285094f652c55a348242dfaa59f76989fcf86033c8d9c0b2a526bf46cca207e055e1dbc7cf3d0b7a840c8fb5f85784c9e4563f71de":"8eb11abfe350c0d5a6b02477b44867e9":"0a830029d450e20aaef484d4abee9dadeabbd6feaf800b3a693b4746db059efb7d110405b45e45a9e5acf90957c154674dfb2c1cd787af371e01bafc4e8475d0268b969d25756a1121a519afa61f3d6ecded4e0640f0ddd471f5b8e82029fd2887df4e65af9580390b6924022e39acfede7530e5f0e54f0285ba565ff49af542":"067cd6ff8461ac80217ef70a91dcf6edb2fbdd31856815cf356fffa63ba3f5cb293d7f1ed32ae40248693617f27839a34e871fdde635c04d1e66743f730a06e2be25cafe1d67d804879fe38e009268ec50a0294da445c795742ff1e924170e4c2e0e9ef3bdc26c251f5537218d295d93d57baccc4dee6185c235d7ec5c9926a6":120:"931f44f10993c836e534a59c1aeb98":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c732da000262de558bd3ea65e66e20e11605170c90b67708bda43f40abed74fe":"7d6c981c30ef87a46f53aecb4c97124fb94b45057635d5bf1d4f3a3bdb534e9ab62b4a425de9dc52537575ed9ff406cfbf75403d3d9cdbd9fcd520d62065f81483427fa27964642cc1a07822da0f6234a689eb30e8425d7709abfd18666c76c963eecef20503ee77c96802c120abea1428cc64a08fc20860527854fecc571a6c":"523dd34ea263c31c2215053986626d02":"f170556ac5d38f0661bae33e0826356c8488218903eba1bfa49b16882537ef78283fd9351f37f44a7687049a608c3ddcc82817d4ba96a40d05807a38ee3f2d5cb8b1121db61318fe22bfd3afb319e84c4e2f94570a92433db29bd2193485449c719a2c6030696f53ac729df90678eb018783b25740d806d1ef6980e10d396595":"3470d4544f7bfa3ac0627a56e66c56fa062188440834b9238bd20e89dfc701fe6cfe0bf4ea2387014bd83c63ab7c912e1c0dce7c2d92eaea155f886b574bc94a8f4f275dffe2d84173a05b99d8029c36dd3c35c12709d33f55c3bcd96e9a815f77a4fe8e50639d8f195a526486f1209d7bf7e86ac3dfc4a1d2cbddb6d330e5db":112:"5924f3ceff0207fc8ba8179a9925":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2684bccf2b845314a0c4b8b5a780f91aa7ed1177539122dc8717c14bb50e2dff":"1a4174d4e18ae0b6434f35dcd9c86cf158c42ce00ceb12f4356ec118d659820518c326a1b2ab92279d949f74c45219c660cb84fb6b10b14d56a501173fd3b129ac89db0de22874d92bec724e94751f91a817a42a28e8e15672172c0b0db4ead46b14d4bc21ad8f5ba1f9e7e0fcc867700681349b8102a208d76ae4ef7df5b56e":"8433b59b41fe0cdc5b30e4e87c5028ec":"280026eeebf05e26e84955e4a36352d4f97f3193dce0795d526d05645bf5d2eec4b92ee8dce54d78fd3fc3e36bc79d5bf9ee3b2699310a75dbc5007bdacb4dc88d06515995f8f5b1aa90cb8fc036b763a5e819db70c091802fb7f24b9c2a68ff194032fffc4ef798936aabccbb43f22a2bbd7e1ab9d0434d443dac4929b84193":"cc155e04472c0872d5ccf8910d34496f380954da7653a1e1d3c460fbbc791c9b82e35176e938b7e21eb4690ed9fca74ba45a03dac4abc4f625ffdfad02e1acccf18b5a1878f911fb6f6e09ce0d4c6a0bb87226e914879a1b3085c30e8328aa6e0d1c49c21b760b82e469981b40ea102f3998c81dd9799f484ab89b19396ab7e1":112:"5a80008e6da40c71b316b84ae284":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"484a33ba0b97c2887a86a1476f274e236eb37a72e05f9e74348248877ea99e98":"4d81cec14b398257a31ad1e3581c00d05e12b37b71260bdd95bc0b6981b614598ffbbb3ec4bb7deb5673a1020139877122f88504c9c53265706fe76623a9b488a3dfdd4cbc1b7b46c7fce9d7378e164964c0a377337a5c172e5e4de6206375164cd7beb0305d7a90f5c73e12f445326e1bc9ac5acd1bd4bcbe4662524891a2e9":"c3a5cc19aef6d64b656d66fad697b829":"30f276f96a50e17b452dcb5e1b4ab666dc7c4c72d0d9ab2abaf77eae2e3bab7dbe5ac005d7eac5480e1bae13646b59155528abdc148b3b71f06d017c4b12d64aa3990cc96941eaac14b60eb347e0be873de2b6fe2b86e2c2fc063b29511b70144ecd315b9491001b122701b9c8cc1d85427b6c60663ccd9d1fa84e1c2f609f36":"579fd8fb50d795b5b208c2d5b0a8b1804f754a30a1003025301655aebcda2d2ff30d29a16d0fb17a28401127750fc87c9e3aa08540817228b049c387253ea2359035b8063ab4bf54504ca5ad93b54b8ac5bd0c1ef3c6769fb1ed239bb76f3e0bc51d356aa91b494d22749c8e4cdb1629e93f7c6e46ff9145916c1275669ae5ba":112:"1c39aac1d5ffe7916a08ab2ce279":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a5f5321b515cfcde493148ee4c44c693b1979b3a3ba522a2a80e5d27c93fd1b":"962b8504feb57ae73e93c2e8962c9562f409c908e51f9904df1623eaa0c6b998db6ee8919d805b6ffcc37da51300c1ae16bca21f8f6f63af989a813ae8fe28c3fb012f003dab7e71b08d757799208806062d62b4ac937712409f9fafff3e3579a4d92d4437a6f0b263e1da7e4651e0a521be5f6f49ff5a0778f07bd5d3dac696":"c2cb0166046bad0cf0a107af83921d7a":"e48abfb657ab33f58eeda8c58a20e7e299bc3e7481f704c326529408580f9a5130cf6f7368502d20b03ba6c3b8f6f28c076a3ef7b8e987750dc972be953e712483e6f328da57e4b5c501fa7c720593eb89ff9644fbdc45478f80ee89f096694dcb44a9b3a6aca0904d4aa4e475b4b24771df9fd6ef9557f4f5c842ac241b212f":"11bd55d969603ff3d46355cb19c69557b99825a4c23eeafc8eed8422dab537c0fa9753191c49a6fd9e0d6760ed816a49e7f5704b5936a498544e2bbba7875c513c031f11527ca1b9b579960be6964fba9119dcece8205c174be07ebffada83375678de76fc012b0ee179787b4aa9fb6e2b459575260eb01f23786dc24d1d45ef":104:"36853a029b5163ca76c72d4fec":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c8f7b7e6295fc8e33740bf2807caeaf4b90817cc3ef3d9f38f704d9f6164e41d":"4c26e489069b487ce9dc0e295d5e89760401185374041b0efca5bbf758e7d010ccbfe5999e2a817776aa8f49c1e5d43bcdade2989fe5be635dab54cb0e390a21b832b30f688857b9e09c346bcc5397e51cf71acbe1bfcaa1ecd7e87fe5dfde180d951922e60dd8203ff210c995eb54bb981f7e931f0b1f52dce0cf1b2eba503f":"903b2eeb9d0b3794acb7439d341cfe0d":"83e99497bfbe9393b065b0b18c13f99b67f1fdd724fd5d70cdccd2b8dd658499cb9f57e1a1fe39634ab0869182de085722a79eaabf057aac7b3f3230f51a2f9b48b49d592f02246dacbe915ff9d9a53f7e5332f7a9d89649050b075c07e5e74f281ca1a0dbe632c0aecf3b1911cd6ec4f8facc2777d0d14784bf5951a1c62c33":"63e2941bf4a13374627be66bdd4e57119149f81f4c1a8a321d27a4a79e7d61e2dcec9d7b13fcccf12f5b059cc209f8414ae81966462a266e92b4b3c25198ee240e0bc6f6197df1e24e8d4379fcae89e6240a7f9c7bab886e79990b846e98e4bacb8b3b17422249943e9973de42da5e38e4eb52830b1facce766b3389a5312476":104:"6e31c5db3146ae45ef5d50485e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dec062efc1bd2556b87a81143d025abbaa532c586d5ebb065859a2071f8f07e4":"02191bcb060e61827dbddac6c2961dbab8812cdc2ac77bf0275628e8e36bae18ad4deb77b2682ade0aef76afd4592173ba29dae4d0735963c803856eaa6f60a6c21785358e87f3c4a91e321c59e04c150297de873679194ba5ca857f7d91ffc358e73810d555ebd4dbd1fe4fbc4ffa4ff38e4b41db9af0a84fe9828708631469":"19abd0361443c3ac2a46f2606eeb1a69":"c3785e7c0095726fd1f3ca842057b0ea2baf9c3fe1119c2147609158a2039f26cedf8a44e046955ba7e7cad9f48cb49274fc53b109d7897e080af252e7dc64807c276bcf668d2cd505c9ce8e584609d293ebd2a4515bfbaf78c413d6e29dc90974db38b564ffe9a40d3955dba9f19b6f39bf942669cf80e4676d6c10df566ca1":"91a16c7fe029e3fddacf0809dde7d041c438977b89192e6fed7605d0133f3d9e810355d186432f6529bd2c4cb9dadb4fedf5128cb45e25a3a46bf74ed93f31349f64a69dbe86592d76e437947f1c1d7270d1cffe80afe10ae8523541961eacee1838c168a2ab76703ea4674a68a96b8a298a672ffc140e98e452d501fd57f000":104:"5b4071a4be0543aaa59b56de35":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b7b700d978e33ae9311b206347f488e2832fad5ce7e6026ad5e24fb47104fcb":"37aef6e4200c6abc3d161daaf9dd6ede002ce8c63d9ed54e8ac56bdc8d36906bea663d2857d8d543166ba150827735ec78e37f92e682275e268d377b1880970df232162e55c9311882f889e7d183e5cf4972691c85f81c47e1224b9c97ee3963d75c6a032270ad6d713c999913f0b58a2d4f42b85a3b0b40541a31398cdfb4b0":"d0bbc284af767af9a31b863d66cb6138":"dfb87a65ab2d99d7d753042aa47448ad830e546d298d6ad52b85207bbb0cbe8cf3cdb12b3544f1fc228fdae04a241abf9e71de8ae14f2de2c261469c383c682e13582e07cddb1ed9bff1fd2aa0be7978096a914676dfbe7bec6edd927362f656ce1de86229bc511cfec4cda77a1e761e7ab8664e4df08cb820ebdb604c2cdbb0":"dcd5575d94fffc647d4c081e3ce03928651419a32ada2af02de2f58d68fa98eb1fd5ef671875719a9c65b9ecc69513408a79a0a5d57cabd04f8e651f5b8fc1ff42ce58d8a212ac2bcb83c5c53c542c282553a62b4e3d7d4f049ab13172739a0f46e0a2fd9aec54eb0c84141c6b341783754372df69d39e48cc24eb3d9ddb21a9":96:"4a7ac79db94b27469b92343a":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce15e61edd9320ceacbf3984d87c707159caa738e7e76285be00b5a95954b523":"8af4a7d92441ce931815fa4e24d69f66256fec7e62f79a029b684b5db304a46b2a3d3a7ee8d6b7ae38caa7de526d5c0f28dc65a0913a383b7ee1640cbe24997ba95b9b12fa1e9ce9f9100d883c16b6286dce17e381af15113f56197c97fe6b45be00a3df05045f476829d7b303211ac97cf989a18c16e27fbf23570d9d18f04b":"b1269c8495ea1469ff41d8154ae6765e":"0ad26a08a5cc2ec825347d7ffd5aac795eb68aa7e22970d991c863fa6d1fa720137aa5cde4e382625a0038e6ed72da3b5003c1b2a953c2b2138e0cf870cca4afb595c0451aa793fb0a2bc43834a0aca1e760590cca765ad672ead975993f82ae6765c5afbddc6062d7c4babebf650ab097db1a1d9a2a99e8fd2e0eb8a7b916f6":"ad0ab4e77257866e4a57cf44fa4049428e56a6e8b8fd47b4cd00bfce84fa8f5a43f1df2061b0a37311b4a1436bad0d61d52ced5e262ed41a7eb125d61cec2e3fbaa95e533b43f318048096ebc8466f0cd609bb5e7c3fc6e5701aace546618a170f88c0b7ed76b63759ca4e4b931a86ac379dd12ad2cba7d47a19a3ae7c242fb0":96:"fb1e988f9c97358a17e35e6f":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aef24b8205d4085d978505f04724293c2819ef9f3f03a6c758078690fc4bf7c8":"db26453170db2f984312e0cf961d1a7df1154f0525c31f166be5c9f516736501f9f2dd8096a69b6441888ce27aaceacb0b365a38e4e01e2e34027c023206e814f22d46fd2fa69f87509ddced4b8852a76b2532b92f069b8c922ac13b2b7f19cb7c524657a4ee6e989cf2598bef674aa31576776853fb7f9a2704d6b3ee7fbcbb":"81456baa337c3dfd162d9c5f72a2e216":"484a5f4772643cf74ccdced0e5d80862f9300f26ae3139968649d3d7bb761b313f2ba63798b2040d397c3d1569285fee8498fd9254851c15b98af5bd351fa72e7d574c62ede0d728e1279e8b4e4784fd63ea7851e99d1d2356bcbf868528f8d0a90fc3b884ece631648d916ec97abadca1b0dd7670e6ad42245021570582ec7c":"da95c61cd2bb88fea78c059c254d2b949d4fc291c73ac178ace44c1e6a339f64931c857d3a7cb276a04993620adb6918dfd3f9083edad384a8e6c1d4799d526a1c969d8deb0e2667d6d06f559baf914b49fc463244528aa6522d19699065438d939521d7d7bb149835298f2054bcaae6d786f6dde133b640697a3d37c697579a":96:"bc1c1cbcad2e1a66ace079a2":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9685aea9aaebbd691e679779034729306d5887bee4c1f90f6ee3a397a0ff3ece":"ae3b2fa1e209f72c167eb16bc15b7669b87d4ab516e428157810b87a83e90d56e267bd4996522b5b22c2a349d3765ca27ea27057dd71f7c18ddd053033bd780b6cb689f48c383e9c717b9b265cb9e32c70c4a7d8fb933e986d996b5ad914cd645b74c47ac3a0de952ee3fc73ada83d896da7ca0b2a0b10e4f701fa13cba9ec50":"b1bc140531ae8c69e2ffc784e0988038":"294ff858fa6efc82ca3be4d05332bbb951a71a7ddfa4b78472e1582b445312eec11793d8d6e1e858d9cb078b5fc9083ac8a3e3bd82964cb07c08450567922299f68fd47663c7a77c29f2b5347f229301433d5a75263158a0d80095859e7e45476b99b23412046bfbe4eafff9f7820ba49919d2c987cf00c286c784e7669d8fe8":"6575128b576e68f7b3709e325b3d616783b42ff7f7631eb62b90cb0c8a86bd324756f43af53c33cbdaf9cf64ea94cf1b7fab5003f00c1d07f3fc8eb1931d759f9c43477ba22311a111488092c42b7786facf42b861a824cd1bcdc603a77d11253f15206a929a3e16e8737d080b8e5f0da8896226989a9964d72e491187250472":64:"f78c4dd37c06b197":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3adf0da24394a98c7beae01d28f261a9cbd887aeeecc0c29e84540264d5a6bad":"8cf023d717b0f82f2b81750b53fb665c1c90f4740af4a3534b36b847df33ba5eec19eb24ead70a4b613a82572878216181d59b0c4c4df99be08d021cf182724d8ff5ec4e85884d0f69c16238fbbdbc5529ffcc4e418405e4e95139f79d3115a1ac56820cd39fc413ab72f7d447f947cb0541fc2be261f1246c0a786199013b22":"ad41288817577316df2d881ac93fcdef":"ad33ce922372fbe3531c0dece69f85f18eb1bbfb09a178403832308de0e54b1010db2636c4b7d9caa478138f61db5149c9fd7f3b45b7a1876729fe67622a37f0b322ef9cf6043b301a5d4c81e6f347d22bd3e40722059d3be945845c6b0629fbcfcaf885c7f393aa81f242c48c61a439574761ef6b671972cac664403250750e":"9d465e9c4228323946b1261892243d8455edb9eb8633d026d4033fa3965d20730979ba6952c0f6f2c5768f03c19256b64bc759d2e7b92424bbc668308504ba34384c2bb37baaf91a3a4f0952a050a3d69853141b49e86eda3bf0c4db4ebcd1c41e7f13eca20bf574a47ec45b8c98def17c0741805bf8f37923ba2b5221428578":64:"507618cec6d03964":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ef64b4132db54668568e2ae66ab61f62a820c7002a67a7e42006280a373feba":"4b96dce753273188c4cca3386a7415d5d9263757376e1f32797df47992e92e1bc0ab0833363b3acffde22602d4e47307bc8f252944414a15e1398693fd3b8bf4d8101cdcf70ce2c9de8cb7f5bb17cd83f09b1bc78ba07c34b9214e250c5940e9794199cb392309027d5ab4f32b51c533db6732024bd412f2cb0c5178d5296aa5":"07a86dbe2cce040eccdad79b3d211ecc":"af7a75748ee293015b600ca82ccc7718f4ecc20c3a2357ee02fb726330a0d79ca8bb97979bc0c89f4c60d7154f8bd29ba6ec5f2f4be286ea8a258cf6bd39b4f42d6db8e70c99ec3af26bb4d8003dc6fd0fdfbbc620d511d4d5f09ddf975a1663ac2979ae0978b0bc1e7bfcd660ae4ac7f1a8f6d8ee35752ed59a604f07dfda53":"e3e862146b6fb48b01ababc462dd560298eea7bfe5f3248e28a908d1de08c7e91fcf63922c394e7a51b64f4382225093e78598c050e588ff4ad38f3e83dc07b77ce569c6ab8f8a9cb0056b3155aa1503cebeb64c86d6d9cdbb178ea9a01a8ba33a1c48beb92ee4cf60e7dedf986019e19089cd186c98c229b0ff42c9e1aca571":64:"8614c216055c0660":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f14ac79f35bc5a685433eea5bb7fd69fc959aabda24cbd8b7795fb2e41f90ab0":"8a20da14819079960b77ed5e548d0aa0bdcffb752817c1abe4195e612cfbb58c8e5a8af69f75bad10ee8afdf0b0d5c46c4dc11c32bff16d5e7e82e77fd80e475c6a5a0be36718af232697ab22314306b8ee32484b3461da657710c06170e80a6a8844f898c2be29366c8430f2392d100ffd419603cbce406dc7315577e6e9ee2":"353e1d08edce44c966430513cb7a0383":"cb1dde4ff5a6867038c170192fc2d292f5bb349d5b9a903cf3d88c09ce78fb1f4a776ff7588a25abb5e5f6a44791d7296afef3f32ed31db1def37dd25be0570a204955121f9c65b79a3ea88fc452dbcb82719243c11bc27e3408adf802b6e8b4e701ee4e9dfd140cb3277bf605bd5fb757d2325f7805fc6f0d1ea5a6207fac5f":"49b5e4ea0421034c074cde67dd39a0310c3f31e8138672ba2ecc0777be542f1c6529836d5206b79dac83d96aab56787a35c584b31228f007f11630328c3f40a57be37487689ee5babb576e7d14ff0f1f1ba6e4be11637352a4336327681058b99df2e44f9772de4e0e456d2e34dec5eeb335b238e862841d166e0612cc0f18f3":32:"88aed643":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b55ac909e73989e310ae37d13c54bbd5a126f419a3b01a2ad8961d89bd247f81":"8a663e8b21a027c4a9545d145d42d9c67b4fcd5d0e39aa68822aedbd609e2c681f60e6315035321de739858b2b082bc05551fe9b8456c2e89c6151282c6068b915eae5762e4d6d765d667de58a315e061b3d60035ada50f59258eb6e2a1cd6b52eea7eb9d404fd96e71f19feff65b74a4b4f07061adf7c1b0e54e2ece7a2cd49":"9328abab0d3f63c75ddafd8559d96b4f":"cbae20aa1996abb62471aac91cd78080953fbe3b165d4c9435832ef1106e7e3424db8850f44a431c289ab4f2bbbea9e5c0c7aaf2e8de69c0ced176283662cadd280d8fda0c859551f0f90893ca57695c95803a1546826922ac78703d7ccae285b7ccd4bbab551756cccc6869dcf34b6af8d8b80c25c6fb1d2caa7f28161fb854":"457e13ff4eeaaae75d14bbf1bff91706c3168b9b146aed29dbe31b12ad90c1c158833be95701229ac6e4a13997e0a2d961d4a0021c4d8920ec54a9a935e5ea73b17e8fa60559df76bd07d966dfa7d86d1a77a313228b2ae7f66b5b696726c02af2c808bf75e0b9591a220e762f57c680ca68f20b2b5413b07731bbd49de039bf":32:"5de0434a":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1477e189fb3546efac5cc144f25e132ffd0081be76e912e25cbce7ad63f1c2c4":"7bd3ea956f4b938ebe83ef9a75ddbda16717e924dd4e45202560bf5f0cffbffcdd23be3ae08ff30503d698ed08568ff6b3f6b9fdc9ea79c8e53a838cc8566a8b52ce7c21b2b067e778925a066c970a6c37b8a6cfc53145f24bf698c352078a7f0409b53196e00c619237454c190b970842bb6629c0def7f166d19565127cbce0":"c109f35893aff139db8ed51c85fee237":"8f7f9f71a4b2bb0aaf55fced4eb43c57415526162070919b5f8c08904942181820d5847dfd54d9ba707c5e893a888d5a38d0130f7f52c1f638b0119cf7bc5f2b68f51ff5168802e561dff2cf9c5310011c809eba002b2fa348718e8a5cb732056273cc7d01cce5f5837ab0b09b6c4c5321a7f30a3a3cd21f29da79fce3f3728b":"7841e3d78746f07e5614233df7175931e3c257e09ebd7b78545fae484d835ffe3db3825d3aa1e5cc1541fe6cac90769dc5aaeded0c148b5b4f397990eb34b39ee7881804e5a66ccc8d4afe907948780c4e646cc26479e1da874394cb3537a8f303e0aa13bd3cc36f6cc40438bcd41ef8b6a1cdee425175dcd17ee62611d09b02":32:"cb13ce59":0 AES-GCM Bad IV (AES-256,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index fd68abf4f..747914f6b 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -33,26 +33,26 @@ static int check_multipart(mbedtls_gcm_context *ctx, /* Allocate a tight buffer for each update call. This way, if the function * tries to write beyond the advertised required buffer size, this will * count as an overflow for memory sanitizers and static checkers. */ - ASSERT_ALLOC(output, n1); + TEST_CALLOC(output, n1); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_gcm_update(ctx, input->x, n1, output, n1, &olen)); TEST_EQUAL(n1, olen); - ASSERT_COMPARE(output, olen, expected_output->x, n1); + TEST_MEMORY_COMPARE(output, olen, expected_output->x, n1); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, n2); + TEST_CALLOC(output, n2); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_gcm_update(ctx, input->x + n1, n2, output, n2, &olen)); TEST_EQUAL(n2, olen); - ASSERT_COMPARE(output, olen, expected_output->x + n1, n2); + TEST_MEMORY_COMPARE(output, olen, expected_output->x + n1, n2); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, tag->len); + TEST_CALLOC(output, tag->len); TEST_EQUAL(0, mbedtls_gcm_finish(ctx, NULL, 0, &olen, output, tag->len)); TEST_EQUAL(0, olen); - ASSERT_COMPARE(output, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, tag->len, tag->x, tag->len); mbedtls_free(output); output = NULL; @@ -87,18 +87,18 @@ static void check_cipher_with_empty_ad(mbedtls_gcm_context *ctx, /* Allocate a tight buffer for each update call. This way, if the function * tries to write beyond the advertised required buffer size, this will * count as an overflow for memory sanitizers and static checkers. */ - ASSERT_ALLOC(output, input->len); + TEST_CALLOC(output, input->len); olen = 0xdeadbeef; TEST_EQUAL(0, mbedtls_gcm_update(ctx, input->x, input->len, output, input->len, &olen)); TEST_EQUAL(input->len, olen); - ASSERT_COMPARE(output, olen, expected_output->x, input->len); + TEST_MEMORY_COMPARE(output, olen, expected_output->x, input->len); mbedtls_free(output); output = NULL; - ASSERT_ALLOC(output, tag->len); + TEST_CALLOC(output, tag->len); TEST_EQUAL(0, mbedtls_gcm_finish(ctx, NULL, 0, &olen, output, tag->len)); TEST_EQUAL(0, olen); - ASSERT_COMPARE(output, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, tag->len, tag->x, tag->len); exit: mbedtls_free(output); @@ -124,11 +124,11 @@ static void check_empty_cipher_with_ad(mbedtls_gcm_context *ctx, TEST_EQUAL(0, olen); } - ASSERT_ALLOC(output_tag, tag->len); + TEST_CALLOC(output_tag, tag->len); TEST_EQUAL(0, mbedtls_gcm_finish(ctx, NULL, 0, &olen, output_tag, tag->len)); TEST_EQUAL(0, olen); - ASSERT_COMPARE(output_tag, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output_tag, tag->len, tag->x, tag->len); exit: mbedtls_free(output_tag); @@ -144,10 +144,10 @@ static void check_no_cipher_no_ad(mbedtls_gcm_context *ctx, TEST_EQUAL(0, mbedtls_gcm_starts(ctx, mode, iv->x, iv->len)); - ASSERT_ALLOC(output, tag->len); + TEST_CALLOC(output, tag->len); TEST_EQUAL(0, mbedtls_gcm_finish(ctx, NULL, 0, &olen, output, tag->len)); TEST_EQUAL(0, olen); - ASSERT_COMPARE(output, tag->len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, tag->len, tag->x, tag->len); exit: mbedtls_free(output); @@ -212,8 +212,8 @@ void gcm_encrypt_and_tag(int cipher_id, data_t *key_str, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output) == 0); - ASSERT_COMPARE(output, src_str->len, dst->x, dst->len); - ASSERT_COMPARE(tag_output, tag_len, tag->x, tag->len); + TEST_MEMORY_COMPARE(output, src_str->len, dst->x, dst->len); + TEST_MEMORY_COMPARE(tag_output, tag_len, tag->x, tag->len); for (n1 = 0; n1 <= src_str->len; n1 += 1) { for (n1_add = 0; n1_add <= add_str->len; n1_add += 1) { @@ -269,7 +269,7 @@ void gcm_decrypt_and_verify(int cipher_id, data_t *key_str, TEST_ASSERT(ret == MBEDTLS_ERR_GCM_AUTH_FAILED); } else { TEST_ASSERT(ret == 0); - ASSERT_COMPARE(output, src_str->len, pt_result->x, pt_result->len); + TEST_MEMORY_COMPARE(output, src_str->len, pt_result->x, pt_result->len); for (n1 = 0; n1 <= src_str->len; n1 += 1) { for (n1_add = 0; n1_add <= add_str->len; n1_add += 1) { @@ -448,7 +448,7 @@ void gcm_update_output_buffer_too_small(int cipher_id, int mode, TEST_EQUAL(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8), 0); TEST_EQUAL(0, mbedtls_gcm_starts(&ctx, mode, iv->x, iv->len)); - ASSERT_ALLOC(output, output_len); + TEST_CALLOC(output, output_len); TEST_EQUAL(MBEDTLS_ERR_GCM_BUFFER_TOO_SMALL, mbedtls_gcm_update(&ctx, input->x, input->len, output, output_len, &olen)); diff --git a/tests/suites/test_suite_hkdf.data b/tests/suites/test_suite_hkdf.data index d2f7ab328..c3bb4db9d 100644 --- a/tests/suites/test_suite_hkdf.data +++ b/tests/suites/test_suite_hkdf.data @@ -14,85 +14,85 @@ HKDF expand fails with okm_len / hash_len > 255 test_hkdf_expand_ret:32:32:8192:MBEDTLS_ERR_HKDF_BAD_INPUT_DATA HKDF RFC5869 Test Vector #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" HKDF RFC5869 Test Vector #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" HKDF RFC5869 Test Vector #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" HKDF RFC5869 Test Vector #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" HKDF RFC5869 Test Vector #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" HKDF RFC5869 Test Vector #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" HKDF RFC5869 Test Vector #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" HKDF RFC5869 Test Vector #1 Extract -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5" HKDF RFC5869 Test Vector #2 Extract -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf_extract:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244" HKDF RFC5869 Test Vector #3 Extract -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04" HKDF RFC5869 Test Vector #4 Extract -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243" HKDF RFC5869 Test Vector #5 Extract -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_extract:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6" HKDF RFC5869 Test Vector #6 Extract -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01" HKDF RFC5869 Test Vector #7 Extract -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_extract:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd" HKDF RFC5869 Test Vector #1 Expand -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf_expand:MBEDTLS_MD_SHA256:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865" HKDF RFC5869 Test Vector #2 Expand -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf_expand:MBEDTLS_MD_SHA256:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87" HKDF RFC5869 Test Vector #3 Expand -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 test_hkdf_expand:MBEDTLS_MD_SHA256:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8" HKDF RFC5869 Test Vector #4 Expand -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_expand:MBEDTLS_MD_SHA1:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896" HKDF RFC5869 Test Vector #5 Expand -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_expand:MBEDTLS_MD_SHA1:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4" HKDF RFC5869 Test Vector #6 Expand -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_expand:MBEDTLS_MD_SHA1:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918" HKDF RFC5869 Test Vector #7 Expand -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 test_hkdf_expand:MBEDTLS_MD_SHA1:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48" diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function index 21e4439d9..becf67277 100644 --- a/tests/suites/test_suite_hkdf.function +++ b/tests/suites/test_suite_hkdf.function @@ -15,6 +15,8 @@ void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info, int ret; unsigned char okm[128] = { '\0' }; + MD_PSA_INIT(); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); TEST_ASSERT(md != NULL); @@ -24,8 +26,11 @@ void test_hkdf(int md_alg, data_t *ikm, data_t *salt, data_t *info, info->x, info->len, okm, expected_okm->len); TEST_ASSERT(ret == 0); - ASSERT_COMPARE(okm, expected_okm->len, - expected_okm->x, expected_okm->len); + TEST_MEMORY_COMPARE(okm, expected_okm->len, + expected_okm->x, expected_okm->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -39,20 +44,23 @@ void test_hkdf_extract(int md_alg, unsigned char *output_prk = NULL; size_t output_prk_len; + MD_PSA_INIT(); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); TEST_ASSERT(md != NULL); output_prk_len = mbedtls_md_get_size(md); - ASSERT_ALLOC(output_prk, output_prk_len); + TEST_CALLOC(output_prk, output_prk_len); ret = mbedtls_hkdf_extract(md, salt->x, salt->len, ikm->x, ikm->len, output_prk); TEST_ASSERT(ret == 0); - ASSERT_COMPARE(output_prk, output_prk_len, prk->x, prk->len); + TEST_MEMORY_COMPARE(output_prk, output_prk_len, prk->x, prk->len); exit: mbedtls_free(output_prk); + MD_PSA_DONE(); } /* END_CASE */ @@ -66,10 +74,12 @@ void test_hkdf_expand(int md_alg, int ret; unsigned char *output_okm = NULL; + MD_PSA_INIT(); + const mbedtls_md_info_t *md = mbedtls_md_info_from_type(md_alg); TEST_ASSERT(md != NULL); - ASSERT_ALLOC(output_okm, OKM_LEN); + TEST_CALLOC(output_okm, OKM_LEN); TEST_ASSERT(prk->len == mbedtls_md_get_size(md)); TEST_ASSERT(okm->len < OKM_LEN); @@ -78,10 +88,11 @@ void test_hkdf_expand(int md_alg, info->x, info->len, output_okm, OKM_LEN); TEST_ASSERT(ret == 0); - ASSERT_COMPARE(output_okm, okm->len, okm->x, okm->len); + TEST_MEMORY_COMPARE(output_okm, okm->len, okm->x, okm->len); exit: mbedtls_free(output_okm); + MD_PSA_DONE(); } /* END_CASE */ @@ -99,7 +110,7 @@ void test_hkdf_extract_ret(int hash_len, int ret) fake_md_info.type = MBEDTLS_MD_NONE; fake_md_info.size = hash_len; - ASSERT_ALLOC(prk, MBEDTLS_MD_MAX_SIZE); + TEST_CALLOC(prk, MBEDTLS_MD_MAX_SIZE); salt_len = 0; ikm_len = 0; @@ -129,11 +140,11 @@ void test_hkdf_expand_ret(int hash_len, int prk_len, int okm_len, int ret) info_len = 0; if (prk_len > 0) { - ASSERT_ALLOC(prk, prk_len); + TEST_CALLOC(prk, prk_len); } if (okm_len > 0) { - ASSERT_ALLOC(okm, okm_len); + TEST_CALLOC(okm, okm_len); } output_ret = mbedtls_hkdf_expand(&fake_md_info, prk, prk_len, diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function index 830155a32..0a50c6c53 100644 --- a/tests/suites/test_suite_hmac_drbg.function +++ b/tests/suites/test_suite_hmac_drbg.function @@ -41,6 +41,8 @@ void hmac_drbg_entropy_usage(int md_alg) size_t default_entropy_len; size_t expected_consumed_entropy = 0; + MD_PSA_INIT(); + mbedtls_hmac_drbg_init(&ctx); memset(buf, 0, sizeof(buf)); memset(out, 0, sizeof(out)); @@ -118,6 +120,7 @@ void hmac_drbg_entropy_usage(int md_alg) exit: mbedtls_hmac_drbg_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -127,6 +130,8 @@ void hmac_drbg_seed_file(int md_alg, char *path, int ret) const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; + MD_PSA_INIT(); + mbedtls_hmac_drbg_init(&ctx); md_info = mbedtls_md_info_from_type(md_alg); @@ -141,6 +146,7 @@ void hmac_drbg_seed_file(int md_alg, char *path, int ret) exit: mbedtls_hmac_drbg_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -153,6 +159,8 @@ void hmac_drbg_buf(int md_alg) mbedtls_hmac_drbg_context ctx; size_t i; + MD_PSA_INIT(); + mbedtls_hmac_drbg_init(&ctx); memset(buf, 0, sizeof(buf)); memset(out, 0, sizeof(out)); @@ -171,6 +179,7 @@ void hmac_drbg_buf(int md_alg) exit: mbedtls_hmac_drbg_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -185,6 +194,8 @@ void hmac_drbg_no_reseed(int md_alg, data_t *entropy, const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; + MD_PSA_INIT(); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; @@ -219,6 +230,7 @@ void hmac_drbg_no_reseed(int md_alg, data_t *entropy, exit: mbedtls_hmac_drbg_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -232,6 +244,8 @@ void hmac_drbg_nopr(int md_alg, data_t *entropy, data_t *custom, const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; + MD_PSA_INIT(); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; @@ -252,6 +266,7 @@ void hmac_drbg_nopr(int md_alg, data_t *entropy, data_t *custom, exit: mbedtls_hmac_drbg_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -264,6 +279,8 @@ void hmac_drbg_pr(int md_alg, data_t *entropy, data_t *custom, const mbedtls_md_info_t *md_info; mbedtls_hmac_drbg_context ctx; + MD_PSA_INIT(); + mbedtls_hmac_drbg_init(&ctx); p_entropy.p = entropy->x; @@ -284,12 +301,18 @@ void hmac_drbg_pr(int md_alg, data_t *entropy, data_t *custom, exit: mbedtls_hmac_drbg_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void hmac_drbg_selftest() { + MD_PSA_INIT(); + TEST_ASSERT(mbedtls_hmac_drbg_self_test(1) == 0); + +exit: + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data index c513f3dbf..68866d7aa 100644 --- a/tests/suites/test_suite_hmac_drbg.misc.data +++ b/tests/suites/test_suite_hmac_drbg.misc.data @@ -1,82 +1,146 @@ HMAC_DRBG entropy usage SHA-1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA1 HMAC_DRBG entropy usage SHA-224 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA224 HMAC_DRBG entropy usage SHA-256 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA256 HMAC_DRBG entropy usage SHA-384 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA384 HMAC_DRBG entropy usage SHA-512 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA512 +HMAC_DRBG entropy usage SHA3-224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_224 + +HMAC_DRBG entropy usage SHA3-256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_256 + +HMAC_DRBG entropy usage SHA3-384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_384 + +HMAC_DRBG entropy usage SHA3-512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +hmac_drbg_entropy_usage:MBEDTLS_MD_SHA3_512 + HMAC_DRBG write/update seed file SHA-1 [#1] -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_seed_file:MBEDTLS_MD_SHA1:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-1 [#2] -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_seed_file:MBEDTLS_MD_SHA1:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-224 [#1] -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-224 [#2] -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-256 [#1] -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-256 [#2] -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-384 [#1] -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-384 [#2] -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-512 [#1] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_seed_file:MBEDTLS_MD_SHA512:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-512 [#2] -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_seed_file:MBEDTLS_MD_SHA512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR +HMAC_DRBG write/update seed file SHA3-224 [#1] +depends_on:MBEDTLS_MD_CAN_SHA3_224 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_224:"data_files/hmac_drbg_seed":0 + +HMAC_DRBG write/update seed file SHA3-224 [#2] +depends_on:MBEDTLS_MD_CAN_SHA3_224 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR + +HMAC_DRBG write/update seed file SHA3-256 [#1] +depends_on:MBEDTLS_MD_CAN_SHA3_256 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_256:"data_files/hmac_drbg_seed":0 + +HMAC_DRBG write/update seed file SHA3-256 [#2] +depends_on:MBEDTLS_MD_CAN_SHA3_256 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR + +HMAC_DRBG write/update seed file SHA3-384 [#1] +depends_on:MBEDTLS_MD_CAN_SHA3_384 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_384:"data_files/hmac_drbg_seed":0 + +HMAC_DRBG write/update seed file SHA3-384 [#2] +depends_on:MBEDTLS_MD_CAN_SHA3_384 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR + +HMAC_DRBG write/update seed file SHA3-512 [#1] +depends_on:MBEDTLS_MD_CAN_SHA3_512 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_512:"data_files/hmac_drbg_seed":0 + +HMAC_DRBG write/update seed file SHA3-512 [#2] +depends_on:MBEDTLS_MD_CAN_SHA3_512 +hmac_drbg_seed_file:MBEDTLS_MD_SHA3_512:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR + HMAC_DRBG from buffer SHA-1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_buf:MBEDTLS_MD_SHA1 HMAC_DRBG from buffer SHA-224 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_buf:MBEDTLS_MD_SHA224 HMAC_DRBG from buffer SHA-256 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_buf:MBEDTLS_MD_SHA256 HMAC_DRBG from buffer SHA-384 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_buf:MBEDTLS_MD_SHA384 HMAC_DRBG from buffer SHA-512 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_buf:MBEDTLS_MD_SHA512 +HMAC_DRBG from buffer SHA3-224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +hmac_drbg_buf:MBEDTLS_MD_SHA3_224 + +HMAC_DRBG from buffer SHA3-256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +hmac_drbg_buf:MBEDTLS_MD_SHA3_256 + +HMAC_DRBG from buffer SHA3-384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +hmac_drbg_buf:MBEDTLS_MD_SHA3_384 + +HMAC_DRBG from buffer SHA3-512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +hmac_drbg_buf:MBEDTLS_MD_SHA3_512 + HMAC_DRBG self test hmac_drbg_selftest: diff --git a/tests/suites/test_suite_hmac_drbg.no_reseed.data b/tests/suites/test_suite_hmac_drbg.no_reseed.data index eb49ee3e4..a6f50ad47 100644 --- a/tests/suites/test_suite_hmac_drbg.no_reseed.data +++ b/tests/suites/test_suite_hmac_drbg.no_reseed.data @@ -1,1200 +1,1200 @@ HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"e91b63309e93d1d08e30e8d556906875f59747c468b0d0da":"":"":"":"b7928f9503a417110788f9d0c2585f8aee6fb73b220a626b3ab9825b7a9facc79723d7e1ba9255e40e65c249b6082a7bc5e3f129d3d8f69b04ed1183419d6c4f2a13b304d2c5743f41c8b0ee73225347" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"d0c57f7dc0308115b1ea30e2ea2f770289cebdda617d132c":"":"":"":"b797615a78d1afe74ebedb9d8948d82cf2bb586ed80146b96d41a709f689178b772dd342d29af5449694bf8eaf33a664a24c0ad29a12529eeaba478a799917ab4666de1b6eb2c7332017d67eea6fabd8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"286e9d9e39e4024dea0c885fd6f7f107586b6a1a8ac3ac0e":"":"":"":"ca25aa9ef286a3cd52d101db01cdf0ce14c7add124f1b6a9a8b3a48c74989baf01f6ff704da7c5d5785b6e9c21914892102313e7a15cb2f9977a513ada0d3f242819aef2c1699b72cbd358c59435101f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"6b20dda65a96f564fc0253d38dbc290b813e538d040d8dd9":"":"":"":"66b6ef57a3282838dea05d122ccdfa842dda19333ded2015d381394da38c8309a6e9703ec065335b116efb97daaac9c53ceb7a218ed0db61c3ba969dc629b95f5418eadfa43c58714fb02176bc0b17ec" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"32339fc82b655051042e3038e3161c4fb252e495ff396be2":"":"":"":"e95e4551a37e338faae4419e3a70e4c1e3d516be7e554cabb00007c591ba7cb6c3247889a9b08e46c6619f166d996e4e34bbf6cd8a354de9964de906041f73f2ade2eb82c6e82627d3257738c2821fcb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"deaa9d0c2ca7a05cba12eeb7db24277e1605e1d030d76ddc":"":"":"":"bab5be6001da5951c1e7873f4e2be318e879370eae8a51ed8424ed6f12b2d294b45d006b1c2cd8c1ce047fd16f2fbbc09954a8b464cc986f23e86e1d9398d20780190aa5be0505cdfc826c7a01dcab99" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"589766be3c03b0a351a81b1203f944e2928e95f8a3bc7452":"":"":"":"5bee2482667220462ac6d3c234f7333703c5abced2ff2ad91d52193e86a61cfa43be0b4f7e831e1e563e260178f23976b2f3e132356ab54567b37580bf9d751223fad7793f0ac11fc450817536116b1f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"07cc4d22b010335045cca142d91494bf4d5e842af4155d17":"":"":"":"8e13a574d17dc8b44382d3b263e857f50816755917603a07ca4987fd40340042a1e6a82a227647130304d73d8704fd9ad4db3ae42daaa55b1f93948e70c451a12724fed870e02a1a8ec4eeab716c6854" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"6425624a98ab3018eb4ef827f5a4fbbac1022d70155ef375":"":"":"":"16fd6abb10dba1659ed56d4296b65fe3f2449996bdb8eee5c94b249f04808cdd9563569a4152bd99a32592d35d6a4cc806c228284487fc1e088b178d4c8ecb6b0e3cfaacd7d39d754d8bd4e6662f44a4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"01d11d2b631be240de2f41d10bdce47c89fa32427410cc61":"":"":"":"4640a063e65ef0c0de97f98a39297219e2a1eceed7e6426199719911edbb3d06fbde6fbab83878e9ba9fa8e1d044f7a40f3627d7cfc49d17f101ee64f6b8c6e6154a01b4d39fb9ba6b33ca2c27f9fd52" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"5e0a89b3aba1cf5ed94756083726de8db5d79162f73a5031":"":"":"":"cae7b2c25dce1c12e2c4f61b3e53155b9177e92bfb8faefc425d1cbb507713921378ed880986709bfbd7cda66d18dbe0732137a86d47b7e8223e345af0cd9a0219ba290040bc6ff44c1de5b16f32b933" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"3b76d32d5982daf6e2164340941a1707441bbb99a2668ba4":"":"":"":"63640e406e16b3b82723a6cb3830657b756fe61cf2ada96f667e0f2df0c9d33c6f164ee78d4976281a84d3024ff67074acecd65391a84aafaec9d6b088bc33616543b61a4c603e5a21bd39e2a72401c8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"45fcafba2278bf8e6d437396f60f0e84654de44e0bd6cb8a":"":"":"":"7e2325cb2ced372b640c2496a3970cb7771fd494e40ae17239bfffd9ea2ab0ee74c2d3c369328a3b465e67bcbea86f50a32f9ff820505df5adbc032d3adb83581443877f85c60b3b701f59b1fc38c063" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"4201db977ef90d08f017c8e38204c2995bbb47efe9fa4cad":"":"":"":"101c7318e26693bc11d64b780e9b32d4d958c7475ab99fdd6fe86554dcef54ccdc2ca9f4ec355eb25d7b3f570ff95ec7abc2e9e2fb879bb045debf6c8a98ff46668c0de21bd8d4d18fb9e11550878e32" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,0) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"5d80883ce24feb3911fdeb8e730f95886a63c01478ecd62b":"":"":"":"9e351b853091add2047e9ea2da07d41fa4ace03db3d4a43217e802352f1c97382ed7afee5cb2cf5848a93ce0a25a28cdc8e96ccdf14875cb9f845790800d542bac81d0be53376385baa5e7cbe2c3b469" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"32c1ca125223de8de569697f92a37c6772d4cc4f0544d409":"":"9e98cc8e0f8eb84d1911c1775a5703bb":"593aa3a300e5c907a011dd5a3dcd77e2":"942909a9d380aa5d4e3af69093a8fa513ee545b9bf9e1b81c5f30966db3e5cb52f8b1b6fe440d592e5fe4a972c36aa498035e2442f82910c5cd095c7f4b4c7e7555c4669cca481cdfbfda167b5d6f8d5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"172a2d24ef128dadc93e0b74f277e7c3692f86e6ca5e1117":"":"93b4a1fdbf9dd30996298804dd86c0f7":"69d792dc9b6fe1601f31a68e4d007187":"13f30b4698d6e973556c3f92dff6241bbfbde300ed58d07fd5f64efdcd0c1b62ca3de6358d505dcf972fdce20f7b891c4cab493721d80cb108fcee915835b02dea33041b38e28252c30a71fad85878e6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"4a17b8069ae3a74d77c9c94514ba90cd2abfac0002d2c5da":"":"cc39d1a2a425f00e220d721fbfd5b6e5":"1ccee25f5868e863a05b72d744e64aeb":"d787b355629779ff2916397d6094f44dec06337571ccb0abf5a17b6cfabe00557894e9ddab8caafef467faa4514582b5073e7d1d9fdd6fa34c565d1aca23742ed4e87133253a9664ec085bc6c76965f4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"d60c4860d9ba3ebb64e2095231e07792ba6b5e9e22e14043":"":"776273bb22f5e62a793692127bcbd785":"8795e45f82160cb1096a509fd3572f92":"3122c1d3a6de8b25fd180b159731f975f78601360155e43f694b289822a25948d2c20a673f181be06b59c566960339f25015d2acbf5c7d3f68a2bade779e00faa24623c1313da888dc8cee901fa05573" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"494983c04581b811e0b2b846c54bd31824bd70fd182558f1":"":"935200a7edf1e2903581fedb7c04533d":"49c0133cca2457fa7cbbd4c68cc5e78f":"0fd2ec47fa2e31326ee9b894fdd6224818190168640d91a2a0c247b1e27ccfa343e9370d182d95b2b5bd74b4b09c44d04094364a6fd02ba70ee2c55e04d65ad9c6da65b9c0742f9fb5ca95daafa48df1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"77ea86ce59f2466e55ce2057e7855035c09295c02f1c51cb":"":"f36d65f22b5afd3f51e13ea38dcff555":"6b613b56e470b5c2c30c30aab9a772e1":"41cd8ef82609012d33b4e5b51a39ec17eda4317962627796f7845045920becd7caef56d4a2c3a8e849e299babe92367ef34a8910bebd498248ccc2b3f5f63920b31cfe856973e15e48b060871a9cf9a7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"2dffb03703023f65b757b7ee87899a14a9c8ce788fb2bddc":"":"da42b213071252adb755a6cb24094c17":"c83fc2beb60a7ee9b374f3fb7bfc8900":"8f54271e3578e60e8989e49f5b426e1a0296afbfcc7da0ffbdd5dea71ec6b339b6d866bd3756ba745e42c8cddf997cac5fed72b33ac81e5f4d6f2d15f030a41c684552fc94d48c0d97323ef7eb656857" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"890e7323502313bc7d617805360d5968b6c68c0280cef5ed":"":"257f1f60cf2d36924c3e7b6e4cc35135":"89235cc472c6e2e1e92c70324459a9d3":"55283453e82662c8d92f54cb4a5d784e83b1b3527bc5e71a53f04508172eb5156ba2a9ba92116cdaceed17118c7637af4b574d364187a52cf0c20d768da518021c3d95cb5ce6bc108b1bef19bad66677" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"167ce6bad165eb640eebfece7ca6690ec5c6b5f8c7fa9304":"":"c0e7ef13138ec4a7d52baf8592484ca0":"472a47e3fc098c7cb92fb953a26e25c6":"e2aa2650c84be79ec410ff9bac93e5caff8a46a8c39495856ff64c8c5399e81654ba90c8a8b26cdca2810ce68e4ab646e50a1f6fa7a829cfd72c9a61e1a0b415c031067dcd417baac9553cf7d84a7742" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"6b8aeaf70460e83a124899d705dc0900acd811698669fcee":"":"94a53808df5ebaa7693934d7fda92b95":"4d4e7d88f44fe556c5ccdc56f8b2f098":"165aae6bcdd799fe325ddafce3b645900eabc87552c0bb47ee2eb6ad51462a8a4f4498c4bd24fcfc46de5d12351143d5a838060f617258c218035a4f29fb34a54673205b2e1b362991693d7b99972954" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"00f30f92bd44a9b2b04a6cae67533ed85b4ae1335b98109a":"":"77ec4274fe5f8f22dbb4a1ed6050811e":"ef041b6516825d51bf76d2f651a55576":"8c664357b01425668ea5daf07a2b5b8c50dbbd71d9f48c50f275a02b6cfc4717eb7db286fa49f17d05d44230f7d82c251a6f0fe0a2add5d2cc9a92a527f63a9bd3c8ec93e9a404e0829629c5eeb997b0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"2eafeebb58a2fb54474280112c5668d61be2aa4df98598af":"":"389a36ecd687080a5d2cace8a326f03a":"495965bdbbb1bb01ba61191e9dd4b038":"f17db045b0af4913d79f99e018c1f726f4fe02f08477cccc0d6a068a808bfc6ccb797e6022dc3b99ea18086a56428884110c49128a51e10c15f6ecbfe0a5a1e97e72a578fefea6c66c436c91a2b6395b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"b6497197b783d1f493a6430748b45932895ea2a9d8204f5d":"":"ac26665e796d1b00951c725da88d992f":"5f08c7951106dfec5096d90097449cc2":"170b58ac3342a968c96aa29f1ce820debe7934d9db46216c03ae3afd304188cd38b6208e1cad5fce5c26179a30a8771015a99d2902d51899ab0c42e0b400d18f1e89411248db96f9d62b466f828de150" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"4ffafd1f20dd38699bfca029c0558483fbeed3cb29aa0eb8":"":"96abfcee883d8dcad967c071c12dde19":"9fd7cc292cd55d8364862f5fd675c08b":"5e8612c6ce8f5b6838a1e4fb9e14370fb2d66bc885f6fe8a3ff232f16340c2af58eb2734494e0ce920f36046b7a807f4b55caf3a45bdcaefa4bb23f352601c0769749f0257428918b931606c7b395135" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,0,128) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"89a6f070afad5ccf4d117c4e44baa2c7b28941fa7e828c04":"":"7206a271499fb2ef9087fb8843b1ed64":"f14b17febd813294b3c4b22b7bae71b0":"49c35814f44b54bf13f0db52bd8a7651d060ddae0b6dde8edbeb003dbc30a7ffea1ea5b08ebe1d50b52410b972bec51fd174190671eecae201568b73deb0454194ef5c7b57b13320a0ac4dd60c04ae3b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"49058e6773ed2b7ab309c0949fdf9c9ea457cb8ec0e7fd01":"dc477641d89c7fc4a30f1430197dd159":"":"":"4e891f4e281100453b70788929ec743a3c5edd9b81dc798bc93771368c39b612037b6f42f60c5d8924b646848151b0c295be491d4a28d1927deed523fd04d3d2dda95ed42166312e5c3392d22893b0dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"4ccc7d83009a28db14e839176774d45d9345358f336a1622":"e6db32976d9262b1d3dc487f22e1f5b3":"":"":"5a171e9f0065ece37ba53df81ac3d88054d53d0cb695a901e1a1ca91352420b508c461ac91095ccea81621b800ddcff905020f96dad2a50377d3945047420c3b902e8e361f4525c1d4bfa8af164925d2" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"fc7d0c3ef1c404ada968dae35581b6cd31e0a46c39ce49dc":"14158a65fc9b3bc1ac04c7854493852d":"":"":"918494f47dadda22667dc1d066f44f3ccbb61d3f84b2eeab7d26f4e999aab94e79d282287ab76d4e3eeeef2ef79c2ad571382abdea55d5d8642f604f8f27f3f73a5bc1413dc87bfdf91da1c6045ec223" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"1f0df7933dc99eaf7b284b02ee773ec46461fd762c595408":"abd1d8af4ae46d7e5f1f4e0b71b54edc":"":"":"f1eba7596c6c20118f86017ff86514d745ce7ea02c49719094e5c2a96d3dfa1dd5079b8eff8078ba9793900dba145a260e672837422c351c3f231c201dfaa21e48d3f7ee28bcd08dac680e80bf87ec20" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"09988a36abad74c3cf377db9c9200baf6c27be4e21932166":"17b7a40f4c37894bc948456e37ad482a":"":"":"091e5fb9c6c218f2460c514fa215061460ca90cfb35c1a9f5ea125fc49aa0b2beb42dcb0fed865f8510c3141cd51d1b33216e2e72cebcabd3e1bc0eab201d8e72a0d1de1c2b7915a0cf242708092f211" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"ce1934b6561ebaaa851accf8ceae5b0dc587922ff68836aa":"602e9086f44d03ce61039c2e81fed620":"":"":"441da7552b2d45533fc924ea985fd4b0b95942fc7997a37128d3e96d4c2792b241dbe921d61f3898852d4f93740cc3649cb5279a7f0f09be3990e9ee599fb0717c308e7a939a441b5c3ba0cb8aa19647" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"58f1a9eb935fd08a4c3c894a06ad00ca0576589700a4d50c":"b14f2a74cbe3881069f30507919c6870":"":"":"ae9c6b40d951aab9c2d9cb920a05f3e154898c83e392dfbd7ffcbe2283eb2b75842fa5e7bd9626ad12e814874f1966fea1eb817793d2eb0a9cb9270cc9aa4267118fba0c7b6fcf487a97ebcbadc67496" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"0abf2f845295bb1dd283daa24e75fa08c9e9202793c479b3":"f8742f44932bae2d65a032ada2b76382":"":"":"8847696e8edd2c7b751b780a6fc69d8434a3144593936943217465362b3c3f7b25b75149f7c69d10ecd169f00ed98b53e0e498af6d9f600441ee2c01a9e74ed845d24cdab4543dff7d1f7800a278671d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"0f9bc6935e7baf17d560931ec3e75d9fda7b19214e0ffb9c":"c13bb26e9349a56866f821c10a2ae28c":"":"":"12a849651f310fbae04c4da4680a21a50a9889806194be470b8b111a32ea741794cbe725d98ae9d40c0d60c04c8b7b32917f9dc18c27dfb8c64579a176a2c4b23cc32e5237fa5f904ab1249aafa7cd88" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"79d96ff5ec92af9fee0af7effdc15ce56b9cbdfbbbe5b49a":"23d1288ae41e65e56e7b783f85ae8b47":"":"":"206c2564950995ac6ca6d2ad51e9cacd7540f254a335d6d7eed7ef17956949cb5d7d3f4e197e82aa4442d08d1d0f933e641f703be1be4a9ca5747e524687a7a034761493dcf2e1101789f135de5d3f49" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"94e852ffbff4f20078181221b5fbb8048f3e95de313a52c1":"1841dcabae24c156a17a1d0eda6f8bb2":"":"":"15319b06c05d47deeaeab540e649cc6e2989843de07dcaa966d799a36902f72943585e2773912040185ac1efa060c6edecef800e3116c66ccfeeec9fe7ee70f3dae2ac1c0210310ea164f4c4402d2f77" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"473c743205bb375fad15f537dfeb402d879754b2b4987cbd":"4f88f4db50a6806d6899f71981beec49":"":"":"46b0694bc8afc6d86dcb8b80cf8815104007ebedb06050ae625b890060c4dad3d9e2661042d26a3cfded0383829ddcf616ec84d3f32d307480caf0f87ba9b00e88812f5cb2a4e94e354092d0c50b9bc7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"20208c9ac4830512786fce7ebde344a82cee0d7d7a5607d6":"2602c5f52c7ee2620486ce56366cc8eb":"":"":"b0bd2c0739ed1608848dd0e9c1db9f547c64268754af09716da40b2682fbc45f56de954cbce0d8a3f53eb2c3afac9e3afeab4038fe042c897786fd3da70f2d6b62b12981630bf30d76dd879e2926ab40" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"3011c31a44ccfd1260ae9e431da41e883b1a6ac9060f2fa4":"6b36a1fcb2a2173fc7e0c120c2627a6f":"":"":"a781d9970c7272e98d941438d311cf7e80d2d56b29eb0b4b1c76d00908401ec5b4bb1c5f159dbf42ab30100933b1628faa92d2e25bd37ead4c3354c823013cd9e331bdf5e2c5c7d11d5bd9f50fd110fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,0) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"ee6d57635e5ab4b3d73a2652c1443b32296bfe331b6578e6":"4fccbf2d3c73a8e1e92273a33e648eaa":"":"":"90dc6e1532022a9fe2161604fc79536b4afd9af06ab8adbb77f7490b355d0db3368d102d723a0d0f70d10475f9e99771fb774f7ad0ba7b5fe22a50bfda89e0215a014dc1f1605939590aa783360eb52e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"c27f80b1d085dd15cb163f0336d077457ecb3f32a90242f7":"4deb622a31b4c530348b5f08008fb7ee":"5a84f94804e2d04ead773d2a324b34d6":"226d9f4d720f580c2be44d4eaf2ec8db":"6db76a0a003a64dec6801dd3271fae8a43aa8ce2e0d205e3830e267072abe28d2a6f707494d15638559fa4282843760daa90eec5d2865ea11e836e60345160d5112445ab1754b578b55471a1d9caf275" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"517dadbd6e20fd83aeaced197732b1d5ce221a60f8210685":"bd9911bc192da45c00c47d5ee079473d":"33254154ffeb4983d27ac08980ec4943":"349db52f09422883536d11ac4aaaf7ba":"dd7be811d3a9fdd194e8f8f18b35e1d9f1788844c371d811cb898ebc561d000cc285afc8f486dabe37d6c85e614d3d196c544ca560ac6e0337b0700e1ded8fb28903e66329afdd589308d56c50d73803" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"c763149ba95e7d054da52e4d3d06287253bc2f43ae7c9da0":"305d6aa3c6148a0eb2e91b9385de5903":"a36918edaf5add6f0f81d3f991ee30a1":"5c65b09e744317db86d78aaefa66af44":"5560d27fc55b885a29a449a1f8835966549c4956ebb0393ba9fe748e74a5a303f1478bb3e507a9daa1159dd8dd6d171bff2e3830581d7f6fdbccd91a8748d20c1d981cf909c31db6eedf5587722ac257" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"b479a14d125fe4601053989439f85200e198df756aff7543":"8f590670f88d8c2c713d63643f93ba55":"cda7c7ee77e667b96ef0ba330c9ca6ac":"a60fd147f6cdfb408d160e388c20d8d8":"5f088bcebd816551c4b22c3024aeab2f75c906dc8fd0ab0c80055e0445c1dc151a06df81bd39b8535261a7a5dcedc7f9b17c062ee6f120f2099f2ab5aa93f27a08d7b5cf1027e26adf54a520916c2cb4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"bd46fc253e9334d4aa8bdff5e21c12e261515159b01a4516":"1735486e5ea8be74fa158b2fea8e5cad":"c3517d58cdbd0262655174cc1d1eb324":"404f7b8eb461d077368e2ff06ddb4189":"7f1cf172b67ec7c566c9e24c071b79b5a4a135a369ded5e78b8cd2467749e30c401bf176d88cc0e05a587bb2b8ed09206bb314df59009e88a01ef007e61eba2e40093aa003dada48314869c0f3b99d50" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"600a31b8f55c85ce27ece4705e6fe8cd17a01e7827ec2383":"6deef06a079ad2062e77dba21fef6441":"ca5512ab329ee941b22f327fe0dad499":"c1ffc97289d8d363729daa1628a2c735":"a81cf5563940ffbbee9dbdcaf7db1e7e53b427fd3a0e795c35a1b8eb6f6316e43b804690a44897e0f42fbdfa8c9f1777024d2a530eda994ed038de60b90602545cef99b69f371f79619babda9360c665" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"f38b0cd16e9434da916b63e8b7ce1a91883ec208c3baf76d":"534799e3fe51bc370af6568072e2e579":"9520ad24a61d29716342d2b7bd35dd45":"c4e92d6da37a9f6236a396f352c53c86":"5dc0b3bebde5bac6d4d24ec08f1510dc88e1e06c97c3031dc9519f3392e83a09e1a7db99b2148d992a928bb5c1f68265086f7a84e697a7a0aeda4b41590606ed139063def46fa2a625657b17f18845cb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"06a5e76d0ee90ed0206a07a914dc20796a8a2fb2c0ebbf14":"2a49312af91926a37b5f7c009e8047ef":"0cda72090ebb007ab27156957e64e7bf":"24695b221f42a5be6d4399c6444c4aa3":"2b0aeca45ed44ca34a2fc741c5e4e2091e115a4148e71bd8fa90588e32253ffcf360df213b48a19f6f45186b67dcef6327729ac8f3c08d658de89e71539783fb66ae834455407e7827114317299835bb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"6c12df5d2ba1f6a6e1e733baae42daafeb47cc188d1b0be0":"f510139561b292a7a1a0292b7de4b162":"f57a0c1dc69eae7473394ad1b950dc61":"9dded4779fab0c8843fa693146837689":"2be15d2ea87099a8c0430ba8e9451208a898379da075169568196f656eadbab59637c1f949b4506a851ae0394e135542137bd0daf1c188decfce92f6ef2396aa5bb125cf3187230ac81c3864632d9234" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"0e6a7843e29e5f16d2bbb4021d6389ae692298b9f62ad22d":"f0434f112699d116cfa7eddad486c544":"146eb042377cdf6a0831558ac17ad971":"b29c26d483fde8489263accafc10d698":"ecf0812aebee7a452339071d9906709fe00fccbb0d94cc101b507646f554ebf3602459a4f20b82325b0e083ca189f59d68c5753dbe942643f07c7afcde99f9d0cc2883923cb80456fcedc535bfa7d647" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"b6bc57d663b671868265fdb756e142fe6da9c07dd0821c6e":"f43c5223bfe726a3164afdcabe931eb7":"ddf419d8e074a4ff2daf06a1adad4bed":"e0862e71c4ac52194cd320d196e446a2":"4f9b9e9aab493571160c732881dc358f73a08450a152124775e559889a9298d034ce1882dd2116f4863f1524393e1a3f1aceadcd9c4163dab7c543cd375c3f4b61ed72475d1812017ac83bf22846d14c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"f5649fc184f33c63cf8484011fa27578c1651fcd1a0780c6":"153f7b2c9bc9494a20ed0bf16b97ffdc":"6106fd4fe0e1d894837ba8624cebbe2f":"fdc2988e6b358929645d27594fa98df8":"49130a750b4758e7e8dec8d82bf66ae771d51181c33cbba9d84093ee4f83f6e3aadd3f40fbcc441fcf90ed83b83c9d9671b9092907a36231ec3e2c56775c5699fce16abad104b291dd13f67ad4e1ff4d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"fc3dfb2f29b649391437aff6920760671e470ebf09e8fd68":"4e7d48fe49ecefebed749979b965d8f6":"ae7405de4957947dc09fb1be2227c763":"3fa22158d9bb1948c64102f3ac00bfed":"ffb49be8c714b502595da9248248fb009eace24ff77d298dfe8b05efe6441352213bd236bdf4b3de34fee35b051747f4e549f69bbad8c729f3b5cf2db29a0ab6aeb590857e0f48babff3a9ea3e4079b6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"32018afb07a6141e9a6badda9b647f650090ba3475d0149b":"fa92f66bb7a06a1652d4084c15d2f778":"13c32c456c799cf0808e00c6de7efce0":"693728213798dde84176dabfb50434d5":"12c9d6683e6ebb5136253db60b39b3203f52607e44d13ae80709cdf2fa61ff5befb0838f544e39e135830b573ac5a31b7535c0a2502370400906658e6b1e9a0f5755f360d9bff68fa55ad628b49a8937" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-1,128+64,128,128) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"3e325daab3301856044f416f250b6161e447e63d85ca084f":"a9d2a53dbd7ef4b9150dd0ed4d002e56":"4de6c923346d7adc16bbe89b9a184a79":"9e9e3412635aec6fcfb9d00da0c49fb3":"48ac8646b334e7434e5f73d60a8f6741e472baabe525257b78151c20872f331c169abe25faf800991f3d0a45c65e71261be0c8e14a1a8a6df9c6a80834a4f2237e23abd750f845ccbb4a46250ab1bb63" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"a76e77a969ab92645181f0157802523746c34bf321867641051ed6ba39368033adc93d4e":"":"":"":"8925987db5566e60520f09bdddab488292bed92cd385e5b6fc223e1919640b4e34e34575033e56c0a8f608be21d3d221c67d39abec98d81312f3a2653d55ffbf44c337c82bed314c211be23ec394399ba351c4687dce649e7c2a1ba7b0b5dab125671b1bcf9008da65cad612d95ddc92" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"65cdaa5ab147d0c79fdd02b24fc94d0e427f59ef9a31f447458c6befe0c2cde5a58c6b7d":"":"":"":"0d164682b5bb552a53a2a942373639d98576450ca632faebc15060691a4219467c5aa106034cd19a214a0a4f31d402e68c4c565f49b33b680d522ef25f541e8202be779730376fdcf5b7b58fd6ac959204a88f91008651d2c02ada82505f914d4d9b9aea7967784e5320e185e1248270" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"650996f1477112af7604386be5ace78232904315d99d87d72a06709d331a6f930b447cf5":"":"":"":"d3341d7767cfd95640a107b3abaed7b4e1855b348e3ae5bcc53a0b0d49d4b4976837ec8f376f38327135578eca7ee583215bd5c79ebf499816f79afcc402ff1e9ffc4ad0f896761c9cff75050bf84baa194c355763b16b5d2648d480a2b48f22662685de39c7cee90aa0b6edf8062e42" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"898640ce467201a53e7731bdfb572977f7eb3e49050bc1e367ca74bf0a27376d339d09f4":"":"":"":"4f5eea927023b4abab5d4d9944e84ca001ee081cbc21d4080e1534ee6d1d8a6f60361029ffa983bcc79b5d65d4aaaaaf98983de13ddde39a739f9d95878fb31f57f96184e5f2f3adf654a468c616237fcbc6b2c194e247178cb90294f631c449a01f1fe09c02587c460305be9fc71b5a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fe405dd73956bf6ec875515eebd8c5ecd60553643da750914c83dfc93611d57390af7324":"":"":"":"d8ae0eb81913a190c439f8ffa56c06155a73f84b20608b2b2e9eab3061202cebad18ab8b3eba81672152c1c02ef573cd6e8623c392facb6a857425c6795cd7999c1e7f56f3fa9accca018076e0bfc106d075df98f5fb66f28933215e9276777dfc479e71a8d506a66197918d9b0f7a8f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"b06892f6f455afddc8eb60aae35b35a64f63b2aa85a2dae4ef489266f7bc354f72d68b71":"":"":"":"fc10c03fc37d3bd5fba6591a97f6354a9ed8ba2b6806744432851f43a3ce6418e39ccb417b8539e349acea588e2abe5da06147c9825c6e50a31f8589a57ca3bfb10f0da9c8e89fe2e372b5af1cf96e0fbeec5d99228770c41a76e587da7d8764d5f235f5d1d6188d84ae61c52c2164fb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9174e174e9e031f62b2e19ae5c0bef22eed7d5598e6e73504759a2c15b05c2473a721d26":"":"":"":"1962f2d473b31a2576dbd78022f4eeb974641fa2e9cb582f03ab741929f51f0f4663129e68ddc242e1c2ceafacec3dccb97e09527aff46b948f0abcea1451699dc3ae4d3fb5e04c84337e17b504af2fb5f1aa6ec0033ddf138a188ee162c497526563a67da8015275d89f0e1e902b2ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"eb1d45ba0d8951b7b1d7ce922b7d1f6e94da8b821940126c9da5b0b4382425930743a051":"":"":"":"306b1f733e6f69b6f26b7baa5441af4967a5cad8faad18029440aa989aef6024dbf3ba02dfc2c694dad6496ff760d72ae6914a4dcd5e3a443f4bcb14bf2b64986f35c32449f15e3084d46fadfa2ae213da6b26f787cef89b6a23084a929608a9f6acd8315808c29f8ae435a40202a012" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"78cdc1567caf2ff529ef8e3475c0fbb09a48b687a544f7399f503948621f29686fb15216":"":"":"":"2367067d8ec189b0819eda34602768a0698b4b545c7d5214fad58c9787b89809b97f3af5f9349907d2954f8c0dccbdbe63cc019bde3a6fae10497ae57f33e91ed55b6fc4a83fe8a2463552796d5120da8066f7285a8388958817b1218e006d7fc617f453ad0f9217966a0731ba99f093" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"25f9ee24ee25ad3d29a974f8f552b178cb292b847a6be80694213a6c0b33e25e29fd3ecc":"":"":"":"32fe251a619d164c217365b12a313a942b6a9c3df007751a5fa9f356412d1142c785c292e3dc9d0b1d77e080892e5d39b91c58fd142458c71182061920a0721db453a32fe7ffc8b2c20bf11894fa37d8f0e9463edd43a97f65362295119be03d5e06f617fdff6accaab8c4da72ac8f81" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"0b644221788c266aae00a3b63a87f32ca96a6c32b116cd37caa4f75ff5d7e56be3b4e20f":"":"":"":"dc9245da77502cadd1a8ac4d1cf6a199c8e529deda10c87ab6c69ceea6fdef36d45f4d036021b93fe5b342c52fe1e71d81e617bebc58804af3109bab93dbb2e5c546e108bd0891710128b5e8e4a4f01df2003d038fec8cef426fad7f72dd5e091b4850e9bf4932d60deacb6e9ea3c5e6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"a6677badff70966a3cd2febaad7de7aa5849ba763789b20d0a39b6c569261b826cdb15e8":"":"":"":"e04838c970f5d7208a2a7310da893d65391666a5dc62d9ede71fc30816cfc3e8064ac59cc9aaf30283356078c812676ca20beb044a6d78db6c5ef9718a88559607f225002452c01459944433013cfffea84d6fe404fbbbc2d66bb50a2fa01d8a5d6e4ea9b402dc5256752461bf6fcb7f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2301d8c053312db04882f4284cf8b47966c1c9b8c49de847d0c11f14c5f70ce19346562b":"":"":"":"b46246526b28f3ad7f6d8732ca3bfc40f005d97a519640a4ce728486d8bf830d661be5a97b11113e89096d9bf15cbef73ec28ac13e3fbeadc9bca500918bbe92ea23e131cc622dbffe2272db16ec5d4ca30e9bd986d1709ae22d10180514bcd11bd6218ea1fbaba101444945a17a4c4b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"78644ea1b0c4c55c4addeb476fc34471ea2c4393697aa4f170726010c443b8e1c4a6b3ea":"":"":"":"ef1b41bd03ee8460d55759db65a4c97758f48e3a09127be04c7ed08bbee5fa5cf119929df42c187e2a347a8df99c502b693a7ae41946f4918d84686880ae29d6d8fbbc4fccc9e295876a249cfa59effd331994e84717b4c76637df36beb960761880daab3d43376341439af2ce8e33cc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"71acb71235e88e3aa6d8bbf27ccef8ef28043ebe8663f7bcf49cb642b3d915cf03b90e65":"":"":"":"144aeb56a11cb648b5ec7d40c2816e368426690db55b559f5633f856b79efe5f784944144756825b8fd7bf98beb758efe2ac1f650d54fc436a4bcd7dfaf3a66c192a7629eea8a357eef24b117a6e7d578797980eaefcf9a961452c4c1315119ca960ad08764fe76e2462ae1a191baeca" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c5c89c26ac4ca8b1106ba90a8ef4d6d687dfd88743caa5fbafa4745d9c1f8371120b10c8":"":"d3483ae5f9ed97efd3f852e4a6f20f25c947a03f39a4b75c":"2cd523c5958cdf403caa61abe5c4739cdb9d40152f0e769a":"1fef4e6abc2778d1c3e3ce00fdb5eae1ebebdd5cff0a7087644c8565d1e8b876b2c05264ca81498468851fc7b9e5a2163a06f377d2ed754c095adc59dc015a77edd69e4eecbe48d9dc127eedfff5cc73ae38127ae3a518fe7fa5abd1a9c53eeaf144420873341e2efa3d81493c69b04e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"6860e44bf582db9818ffbe4c699d4218965c29f463d7a02fe1f36c8442b0a5d103def7a2":"":"e9f598357109e2a532dc980388b8a5991256166d67c3bc01":"58ebbf7402be041724701e5c0132abe604c11a62a9de1d2f":"52fad34b27113c146595a6740f505bc2d3edf6618975cb9c4a5155788eaf08b96d232610d9b4ee06264fd92f319df5a52b8f9e31b016a6c21d27d31d9d42bbb7588a7142f26ece3ddf211c8cf4530947adee302aa71c0d7fe9060c1b25f1c1f2e053598a7fb72c4db55fb1b02352d60a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"27b9f78ae07821f2b5625c8fc3a03ceec4fc8062be860c2db20403dd88a8751dcad56158":"":"1b6c848fce706abd73612dd3fd421c1c7ce9f4c2d0ecc670":"14a43645c1b6ae394f795af6ca2e9084e7e707f3f2cedd7a":"33c592017af545b3a9cf3419ce1c604e9c7c687ebf6418fbef47ec96e61f1951068eec9b60005d24574313f04ffc16c30872ec83e41e248e3d5c6951930d6a88b8931d5502d1142ce50676b3adf48453d1a008189658db8511d19a06ac97b4d5cfac19b54e8e6b899d501715f401ef85" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8d7cf5c2e360ef755c1e9f5b7a44a1e29f09cee7ca44e15925ffe9a47b2d55fd7750b356":"":"0e691c9a435939c615f0686eae88e090ba5c4b3f5e6e00c0":"1e3a452295617e5a9e6f78256d2781feeb3812753b4aad9a":"a307569d8adf3f7e6ee4567a5b2bd338badb9234e7b27c92429ffa75e4c56c0529fdc6c15df5d47c46e3d2eeadcf1b9e93a5dd6cde99a82f04b0d97f7a3bfd05c0e1d8370987222310ab18c980ce48b2679361c3d9011dd355a9b06337c054ee37913d5f4dd30d1fc942cd733a0fa5f8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1a0d2c734918c539c1b306a464eb6b54f92e958e8636032aec23ba8ae817bec48384461f":"":"b8ad9e613a891fd0db89571fddda77827382e406cd3cdf7e":"1e172a708aa4ffa3618ff0d7b1f9ba341f4811507851dfb4":"674df1f3095d6c87bc54dd9b2aaa2c786bd50e4ddc02493745d820dad8552131fb3e389e99b0709478b65d4268f2a3b468a8447dc572a6ee024be6be9be9d428c12cc92894d15dd1c959d6222dc9ec30478c7a0b57f5bd8bd53868b98d7674738b54cf74100ae215693babb6db3b3890" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"95a30a0ca779a4038ea920cccfa4cdd814ca17d560d53a75cf170f4712994f9bcb2efb74":"":"1da6c8726bbfa3c8bee6dcff6f76f2d55d60527c4f0db26b":"595ebd903a596a1f12175080185bd94c2336eb8dd29a387d":"317c19cf4a45b8cf3f645da084ada54d1b1f81379152424fddad22a6dc9bd22841e0c4c5a36bfb7879eafbd1a939121905a938ae034c7fc01afb56607e35f895f46f13e91ce4e8e75b6a87a1e5544e18eb194fd6754b06885ac05e332a05ed436e889965e405e0f2069b04b40ea0f635" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8af8930562510231a592a72587fa6ad7c234e133046965907642fbc785c0b86cba844f0f":"":"9ee7b221064966582dc836437b82386f5204a302a4179079":"473d917f5b66f0f6e3fb4670ba08c2cbd2ea765b46b10838":"5c2fc9cc7148dbe40a692b3636778eb80188949d198bba3e8355386b78b54bfb963f5f2d9202988da20ccbf336a7c737a66c90149b9e8e306477151c4d912f7c61e872de0d0e47701cbe765864de536d599946b8bd65e4d89d4e61deb53de9974fbbe634501800feea100fea573e2e50" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2b9554ecf94c7d647a4e117f43326cab54466eba56a09a52741b2445057c491935c067d2":"":"0144be6978dba85aa645d793c1881dc2deb1bd210811ec9e":"1cd265f3812568274b643954c70923a76dfcc9f123360111":"f7459b0c23966dc1a53e0c6406c9e78ebe728e3484224cd88b6b2ea554522e75eb4a1c8a3fdc66561426464f50b8d0ff95b266677d91776b344a820eb4fd7d554678300558011a7cd85d22e92dc8ec2c2fa15c6330ba157c3e71728304447c1ad4d64f3da4fbf26d92e1e7c58a1b289c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"335ede8603fcde78ea9869da2dbcab4a6e72f1b53439f3085d06b856e627411a9ce1c297":"":"ededc73fe268935c10832c463549f8204a29cf0fe00a4d87":"ef1b8a80dd49d2c263999ddc0d5a1d9205c1b1c66239fd80":"05bfe97c398b1e33ee1c547c0edb5b654b7060b76604195440d06dd2f614a398c6c43f1803893c4c8888bedecdf998367cf992301a25f24c263f5d36bbfc6fe8b839cad293b3617c1d2c60a814bda0359e3f717fa80fc7324af8827d438c88642754b39b10d18cf5bf42f11177a0bc6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9b0275d861117553ecd3c4d7cfe762f88df22c4c4190dac8e0be5872818e2dd765261d58":"":"cfc0b07082d514425b17ce3cb334ec62bc1b3be0be58ca4b":"d3c70ab5ff7a364a9e6dc75132ac67e0d373fa2df301afb5":"09fb41bcceb016e754795e1cce582f0cae91d7bb50245975eb75274819e1e4dcdfbc5e2f13fd26b9a9f9e945cd807ffec4e275681ea7bd33eae13efd8a01edbe02562e77b44b6312f416c3dd0be64f2bae0ba4b9bb36fc3a44841d21d8b3571c0ef644d88cf3cc3c851b256a15f4d716" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1981c3f9ca58fd10e8377a8d0eb3cf02102aab6f7a033af3135533d9fd850e29ecb8dc9b":"":"f9978ba41df22894ad5f3849c1bdf21f7bbc0128c782e79b":"b4d57de5e18d393273ee9f3ef9736599c6d639f437239219":"fee23db2fcc71624fb39f573e33a1490efc7230c27e9278188251634f9c045bcb26e79ece6a173491475ae44a957c4269570f5469234ca8b6873cc973c8d97178c58cec658a352bad0d4c6001cae5664258db59ad76eb6304d166267eafb46f4dd536a914fa6d1ac58317e7c557d4653" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c10d4e521350f7cd1853576d03c4bece3e58c8c740859e4e16979499ec1365fc073736a3":"":"78b245520153baacc66846e7a83a2a925f892d4c2ee63c0f":"c8ca7a33de5991d44d7ef7da2d3368cc2cdb93895c394d41":"f92c15f5833800b28dba2d134d4dcfc41abf72f5a700469551e8ccb83bdb0772d14d6b26ba6978169e3ddbe5f214d57930dfcad719bf10d306749246d2624bedd4a18d327b8ae6bee67cf0bfb5f649824bbd0440f042146b95a83e5845ced69a55ba055d5dfc7183c3bb28d61312d274" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"7608b5617785995a1f7144ee5229e4f9c138e418bcc3b5e061a422e8cf875f58650e996d":"":"961c2d33039e60a2871e1f5b82097f6b1cb03836dba5f440":"b18cb52d3858ac5bf59f216a28c0ad49f3dc88c67b5870e0":"4b0313ae873ce5ebf08aec160416492e4c4c797a5017061ea42aefa0685ab19b74a7af11f019b9fb63072b797f7ea3354efd32c4abd1e866405a319ed2fa13fc81019d61326e70e503141b9c77b4879a45e9f36f101dbfff4359147282ef814888fee81640def25f551cee41d12609aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fef7a43fea2ff1a0f624086985e535778d7a73dbc47bc23e9da92edd5d2f273cdbbc0251":"":"836731a57497a69e31f8db4f729774ad65f31d968dbc55a8":"bcca96d808ba98bb50e90afe58fc88e95dc14c3e90c56004":"4f2c64ecd146689064fbf4fcffce2a2ab3910e72ec4faec277f7b9e9ed510381312b01f21650e175ebe9c45c11e977276f13be015243a0cd16a191abbac6462ba96e4e4a1120b28083da933419e8c8f03099906eb1ee012ae291104c6530f51b5e32e6631cab8ef5aad68c0045255ba9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"00197c70b2f0d3e98e4b387ec42a65c4106a1689ab5de61101ee76f4b5e530e7efeaf964":"":"03015311cddd0961ec7a74cb84d835c058a69b964f18a1c1":"5e0d99e0e7c57769a43ea771c467fb5e2df6d06dae035fd6":"72e8ca7666e440ac6a84ab6f7be7e00a536d77315b119b49e5544bf3ead564bd06740f09f6e20564542e0d597ac15a43b5fb5a0239a3362bc3a9efe1ce358ddd9d4f30b72e12ed9d78340c66b194beb4b12e973213931b9cfd0ccbdf540d2c36ce074e2beac7a4ddac59e06e4c7178d3" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c5c89c26ac4ca8b1106ba90a8ef4d6d687dfd88743caa5fbafa4745d9c1f8371120b10c8":"":"d3483ae5f9ed97efd3f852e4a6f20f25c947a03f39a4b75c":"2cd523c5958cdf403caa61abe5c4739cdb9d40152f0e769a":"1fef4e6abc2778d1c3e3ce00fdb5eae1ebebdd5cff0a7087644c8565d1e8b876b2c05264ca81498468851fc7b9e5a2163a06f377d2ed754c095adc59dc015a77edd69e4eecbe48d9dc127eedfff5cc73ae38127ae3a518fe7fa5abd1a9c53eeaf144420873341e2efa3d81493c69b04e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"6860e44bf582db9818ffbe4c699d4218965c29f463d7a02fe1f36c8442b0a5d103def7a2":"":"e9f598357109e2a532dc980388b8a5991256166d67c3bc01":"58ebbf7402be041724701e5c0132abe604c11a62a9de1d2f":"52fad34b27113c146595a6740f505bc2d3edf6618975cb9c4a5155788eaf08b96d232610d9b4ee06264fd92f319df5a52b8f9e31b016a6c21d27d31d9d42bbb7588a7142f26ece3ddf211c8cf4530947adee302aa71c0d7fe9060c1b25f1c1f2e053598a7fb72c4db55fb1b02352d60a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"27b9f78ae07821f2b5625c8fc3a03ceec4fc8062be860c2db20403dd88a8751dcad56158":"":"1b6c848fce706abd73612dd3fd421c1c7ce9f4c2d0ecc670":"14a43645c1b6ae394f795af6ca2e9084e7e707f3f2cedd7a":"33c592017af545b3a9cf3419ce1c604e9c7c687ebf6418fbef47ec96e61f1951068eec9b60005d24574313f04ffc16c30872ec83e41e248e3d5c6951930d6a88b8931d5502d1142ce50676b3adf48453d1a008189658db8511d19a06ac97b4d5cfac19b54e8e6b899d501715f401ef85" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8d7cf5c2e360ef755c1e9f5b7a44a1e29f09cee7ca44e15925ffe9a47b2d55fd7750b356":"":"0e691c9a435939c615f0686eae88e090ba5c4b3f5e6e00c0":"1e3a452295617e5a9e6f78256d2781feeb3812753b4aad9a":"a307569d8adf3f7e6ee4567a5b2bd338badb9234e7b27c92429ffa75e4c56c0529fdc6c15df5d47c46e3d2eeadcf1b9e93a5dd6cde99a82f04b0d97f7a3bfd05c0e1d8370987222310ab18c980ce48b2679361c3d9011dd355a9b06337c054ee37913d5f4dd30d1fc942cd733a0fa5f8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1a0d2c734918c539c1b306a464eb6b54f92e958e8636032aec23ba8ae817bec48384461f":"":"b8ad9e613a891fd0db89571fddda77827382e406cd3cdf7e":"1e172a708aa4ffa3618ff0d7b1f9ba341f4811507851dfb4":"674df1f3095d6c87bc54dd9b2aaa2c786bd50e4ddc02493745d820dad8552131fb3e389e99b0709478b65d4268f2a3b468a8447dc572a6ee024be6be9be9d428c12cc92894d15dd1c959d6222dc9ec30478c7a0b57f5bd8bd53868b98d7674738b54cf74100ae215693babb6db3b3890" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"95a30a0ca779a4038ea920cccfa4cdd814ca17d560d53a75cf170f4712994f9bcb2efb74":"":"1da6c8726bbfa3c8bee6dcff6f76f2d55d60527c4f0db26b":"595ebd903a596a1f12175080185bd94c2336eb8dd29a387d":"317c19cf4a45b8cf3f645da084ada54d1b1f81379152424fddad22a6dc9bd22841e0c4c5a36bfb7879eafbd1a939121905a938ae034c7fc01afb56607e35f895f46f13e91ce4e8e75b6a87a1e5544e18eb194fd6754b06885ac05e332a05ed436e889965e405e0f2069b04b40ea0f635" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8af8930562510231a592a72587fa6ad7c234e133046965907642fbc785c0b86cba844f0f":"":"9ee7b221064966582dc836437b82386f5204a302a4179079":"473d917f5b66f0f6e3fb4670ba08c2cbd2ea765b46b10838":"5c2fc9cc7148dbe40a692b3636778eb80188949d198bba3e8355386b78b54bfb963f5f2d9202988da20ccbf336a7c737a66c90149b9e8e306477151c4d912f7c61e872de0d0e47701cbe765864de536d599946b8bd65e4d89d4e61deb53de9974fbbe634501800feea100fea573e2e50" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2b9554ecf94c7d647a4e117f43326cab54466eba56a09a52741b2445057c491935c067d2":"":"0144be6978dba85aa645d793c1881dc2deb1bd210811ec9e":"1cd265f3812568274b643954c70923a76dfcc9f123360111":"f7459b0c23966dc1a53e0c6406c9e78ebe728e3484224cd88b6b2ea554522e75eb4a1c8a3fdc66561426464f50b8d0ff95b266677d91776b344a820eb4fd7d554678300558011a7cd85d22e92dc8ec2c2fa15c6330ba157c3e71728304447c1ad4d64f3da4fbf26d92e1e7c58a1b289c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"335ede8603fcde78ea9869da2dbcab4a6e72f1b53439f3085d06b856e627411a9ce1c297":"":"ededc73fe268935c10832c463549f8204a29cf0fe00a4d87":"ef1b8a80dd49d2c263999ddc0d5a1d9205c1b1c66239fd80":"05bfe97c398b1e33ee1c547c0edb5b654b7060b76604195440d06dd2f614a398c6c43f1803893c4c8888bedecdf998367cf992301a25f24c263f5d36bbfc6fe8b839cad293b3617c1d2c60a814bda0359e3f717fa80fc7324af8827d438c88642754b39b10d18cf5bf42f11177a0bc6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9b0275d861117553ecd3c4d7cfe762f88df22c4c4190dac8e0be5872818e2dd765261d58":"":"cfc0b07082d514425b17ce3cb334ec62bc1b3be0be58ca4b":"d3c70ab5ff7a364a9e6dc75132ac67e0d373fa2df301afb5":"09fb41bcceb016e754795e1cce582f0cae91d7bb50245975eb75274819e1e4dcdfbc5e2f13fd26b9a9f9e945cd807ffec4e275681ea7bd33eae13efd8a01edbe02562e77b44b6312f416c3dd0be64f2bae0ba4b9bb36fc3a44841d21d8b3571c0ef644d88cf3cc3c851b256a15f4d716" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1981c3f9ca58fd10e8377a8d0eb3cf02102aab6f7a033af3135533d9fd850e29ecb8dc9b":"":"f9978ba41df22894ad5f3849c1bdf21f7bbc0128c782e79b":"b4d57de5e18d393273ee9f3ef9736599c6d639f437239219":"fee23db2fcc71624fb39f573e33a1490efc7230c27e9278188251634f9c045bcb26e79ece6a173491475ae44a957c4269570f5469234ca8b6873cc973c8d97178c58cec658a352bad0d4c6001cae5664258db59ad76eb6304d166267eafb46f4dd536a914fa6d1ac58317e7c557d4653" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c10d4e521350f7cd1853576d03c4bece3e58c8c740859e4e16979499ec1365fc073736a3":"":"78b245520153baacc66846e7a83a2a925f892d4c2ee63c0f":"c8ca7a33de5991d44d7ef7da2d3368cc2cdb93895c394d41":"f92c15f5833800b28dba2d134d4dcfc41abf72f5a700469551e8ccb83bdb0772d14d6b26ba6978169e3ddbe5f214d57930dfcad719bf10d306749246d2624bedd4a18d327b8ae6bee67cf0bfb5f649824bbd0440f042146b95a83e5845ced69a55ba055d5dfc7183c3bb28d61312d274" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"7608b5617785995a1f7144ee5229e4f9c138e418bcc3b5e061a422e8cf875f58650e996d":"":"961c2d33039e60a2871e1f5b82097f6b1cb03836dba5f440":"b18cb52d3858ac5bf59f216a28c0ad49f3dc88c67b5870e0":"4b0313ae873ce5ebf08aec160416492e4c4c797a5017061ea42aefa0685ab19b74a7af11f019b9fb63072b797f7ea3354efd32c4abd1e866405a319ed2fa13fc81019d61326e70e503141b9c77b4879a45e9f36f101dbfff4359147282ef814888fee81640def25f551cee41d12609aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fef7a43fea2ff1a0f624086985e535778d7a73dbc47bc23e9da92edd5d2f273cdbbc0251":"":"836731a57497a69e31f8db4f729774ad65f31d968dbc55a8":"bcca96d808ba98bb50e90afe58fc88e95dc14c3e90c56004":"4f2c64ecd146689064fbf4fcffce2a2ab3910e72ec4faec277f7b9e9ed510381312b01f21650e175ebe9c45c11e977276f13be015243a0cd16a191abbac6462ba96e4e4a1120b28083da933419e8c8f03099906eb1ee012ae291104c6530f51b5e32e6631cab8ef5aad68c0045255ba9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"00197c70b2f0d3e98e4b387ec42a65c4106a1689ab5de61101ee76f4b5e530e7efeaf964":"":"03015311cddd0961ec7a74cb84d835c058a69b964f18a1c1":"5e0d99e0e7c57769a43ea771c467fb5e2df6d06dae035fd6":"72e8ca7666e440ac6a84ab6f7be7e00a536d77315b119b49e5544bf3ead564bd06740f09f6e20564542e0d597ac15a43b5fb5a0239a3362bc3a9efe1ce358ddd9d4f30b72e12ed9d78340c66b194beb4b12e973213931b9cfd0ccbdf540d2c36ce074e2beac7a4ddac59e06e4c7178d3" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"e4547261c9dda6bafe9fddf435a80ebc96354c7c2c8847c5d26c6e73a967bfc4ebaf8613":"42849dc8eec611eaa49252067fa60d7d7267d711dc35b576":"815f50fc233f157f96ad0627c355bce407b269dca91af661":"775a1c9da6f58d4eb95b27935ecc01dde31ff17ce2e4e65d":"25adb777523a80a6dbb6ac1fd08e02bfc4b4686cec5efe3ae9aa2d4469eae8c9c3693fdc8e0fc107720b7789ef7331e23fe3799412ec86857ffbba515a5af4d91013b2f17669421c822005b4747942790a11a24c4974f27d54de69727b0ed507b6a48a9d6c53f93e2f3d33df73dd643f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"06d677001d9b3c97fda4d09778aee3de131b4123696b109f81bb6b0d7fbcab3c5842bb83":"f99638d2d4365b662cd83ab4e6a7bbb624e6c72b7b38e81b":"20b7d56f6222bafeeeee59dbca1933d8086218891f3a9bfe":"9de4f2847fe239cb1a3df4b8ff64c25d7b0870f3c9ebe3a3":"e18ff19837ce21e68944659321311b8584dd515ed8a6a1f2b0ac06e69009c3d0cf0489af876201efad962cfd1ba54f540b94131d788d3fea797c4bc079593bc7932baa70abb145a355741a98c584f0fa3298b8310b01e1a6debf5359d7d02b1a6c663100acb56975450bec20e91b736b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"abd38c0465cdfe018f36ffbb7a0ee51d67675ab4f0f1d1e93418bb4cdf6499a371af4d3a":"9a07d5571d841e3c1a9eb3fb48cde3b3e080e1c2e0db6a6d":"a392f79022aebbec0c82b981293627d139dfb5232eb490b4":"f5ce1f6b1e6715c49bea42ff439fdecd9b3b7f2e578133cc":"885c54ad25992fc38260498d6f4d8c73d6159af5f7efef06174da03afcd8384cb28690fd9ded1d26e2dff74aee4dd0c47a0d99c6fc1ec8d8faccbdcf6fdb12a528564ad0d8131bcf5222d7e6c69c52da1acba01b721c98ac5a33725111f12f6d8100009d7cc9efb7ad8d7d95ea4e620d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"b52620e58e0b52b8eed0d6a6c5f4ff6c1483c61fc41dacf72bf475b37d068d061d1edcea":"ef0d233de00d24622b7d4ff4215aa720787fe80aaeb65d7a":"81b735acd3dcb13e65231c2d980fb40ca850370581f230d2":"b2302d024d92cdaed4b12f79b0aeb20c98b2321710fefab2":"ae94204670196baf740768f97b3a095134b384afea667fd90a77a16c8ae390a732ff49a3073a27db0f7a2c8ad5d7cb527d334a37abf0472f292a20f2a28e667d7c9e9f7b8fbdd177f36bf92d66223aee3f712b6c9b064e07ab96f6a77613ea55008fb4f8fbcb2f1ccbb0da75316c1faa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2592a5ed86ff64b9b4c1fbb81222d1bfbc53f3a639571ecc356084058b8855237da15c50":"a626c51ec99e72431485d2ba027ed9cabcae7b86116abe4f":"c430876552d28776570923c6b74e42c3210f01104006bf11":"fe2ebc239690a4eb18a0b5e75d08831cc2eb07c982c63973":"005045ade7cc15467b5ea784649d9804540a842ffba4db8d44df4f44c69480bd4fe965b645aed09d62190daeb2693a2192aec3d71453a8218e4700201ab922ac35d241d95150b47cc7a051897be4d958f2da5c2ebbfceb1c550cb67b32ff83ce4fd845fd826a0d2469b506f5158765fa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"376785f5ff8a82ceb0aaeb010533cc1089059ec583c302b14bc47e2cb8c2711839ce7f68":"6d345e248339e893f75696c039ac47e5678696fd489a393c":"b0f3fa1131c3fdd5c7fd2de93931e45a66fa030422ac65db":"c66341e3f9fb82e3ba85f229fcb7d34457e4a6ba8396b548":"b92d17e1be94b0385a8cc3e16189811fef7b284a1b0b6b2520fde79af7826c745e746486a70cd8dd9930b163da75f7eea7c216e758d9ed6c745dcd7bde19bb9382c1f7c37cd15b703b884d7d452c255b25048a836844c5ff28aaacf733a52c28904b36e1b51729d7aed81d601c0872dd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2cc2557582c5a90cd2ad0c4a5578eb0bbc9bde41b126e46d8e9c3563341ba238414eb628":"9d2fbb9153e3ffefae0770c79de10db069a5ff9f50e31787":"2e54e32539e27ef76ac1eeae2e30c2385647652e20903b39":"1f4e01255908c3c8049521f8972c01ede7dc76c425c59640":"7d6ccdfab33f322898c470be02d8257e0e952dd10f407b3a8eaeeba47c541d968d79eca29e15541c1505fe4f19a41797c9ca2280c06261fe9d0c58bab65d16f5794b57566b8795c38c7b43d4761c8fd107beb95147a0fe61ae8dc31e25eb2957e44c0463ca7c1b589ea587f0cae1428c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"e670f896326b76034e43cd85f6f6f11fe6582d3471a8eb88d37a2302de010aac0e556860":"5e218091abee1960ef81f4d5a80415e388bd0cc79bed70cf":"7cf84b9ff30dbd0f608fb21646d7c5b542fba50adb38d5df":"c1c4aabe7616a4c97a4dbdadb08a9b63c6e10cef8d463fd8":"d8fbd557fccf31829b5ee11b05d0353e725bff15fdaac94d21ce95d40eff55edd852b264b515ec6384e2d28d014e47a2df0d4f56a4ec79309b06affc62915e231d62d02bfc60220c72b7ca7ba5671f882839b791ef534e707a04e5274c1011f7941fe1075a5d06a47af9fb2f65c1f211" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"0576bb2d4c663b781193509251e2f76b0a8bb792e79449600c2c154feb70cf33ca942508":"ad15e4fce9f4dea43c12ff9f9d50c963b335a01332541154":"3c8a4d6ab96cebf9d02b5663dcb0e0db23699623455cd4b5":"43d2d3a8d023fa1785ce4781a15eb20ad787685a47da08f0":"a68e648cb07da2eb795a8c898c8631e565f33c2fe9c35e686d6f85fef145446cb79bb6d17bdc8224bfe437468a9630ed03c517caf1226c278ae510c869d67d50b6bf1cb378a34035041f290d8dbc123650ab4fbe5cf6074ed0ba90e45d9a8ae08566ea3d3a00ee3741c8ec8f56dcc78c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"f597ce05b9a5b1cf3847bbd4171e5085384cc256f77ac61573b435726cbd538b93de9f55":"573cf859f8fea05f16c6d03cb4e524b91e917f39eeeb1d68":"2a842454870c3f7936f8036b453d219557ca341f261d2519":"7afd8cc269899acd88f5c55af29fb0c4ce678a0d8ebf924f":"8162c16c1ce3d5c6b7c96f0281f4220569a882277935752b86e7d3f54646b276cb77ed96da73799911fca3d19d34c1f0b21068a472afcb77410412eff2abd03c753a009ce02b0e995477546366020294eff0ef0da66f31a413313e2774ca04f09a4d5076e0e85ca97d5bb6faac4c0c27" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"d5b5374fe143035c4fea41667bc8bc7d46000998cc82ab32a0040c705e01f9b354e8f16e":"ed8bb219e67515874c5b9e3f6ae6e4dfa9c42d1e69204e8b":"70f03fe6e78cc34ec1678b2708fcd8ae3300183ea15ccfc7":"9c641d7e73d1a2b819e113747d74a979b74c444ed36b7391":"d50df8e3e17c0f5e19673ba2097d1d0c4cf7a9def7465a5b91ac8d49ae1b6a821fe9efde841ec9064555c0e2d6cdfa41f1089f22a5c27090c5a136660d1af586a1e131a853f19bc3c8f4c79aa09e39c2f22b4456c667ec907e2a4124218665e7cce50399ae1e19ba9c2399f470444839" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"74d7c8c9b170e59e4f128c8df1955838df5c8071a5e85439d71e785c68b37e10efb39c9a":"be3d54203a1078d051519137774d5d851e81be026155eb78":"23f7b6758d79de580ed3eb995fc173da74939837aa8d9eb4":"6f0d5a333ddea0d38362df0dc3ebaa2be2fe5825ddb0ce84":"4462fc32110b25b3797c5cafaad830e8a4346d9270fed98b30f1345a7a8dde19bf5365d6f3788e7f715feb2762af263839c8c8188908c61120743d977d71c51f6324d887bbda380fc07eff09a31c2332e7b1aa1692c59c3379db95fc21cf711c004c4d385fe14f48f2f2a31bcce6aaec" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"eaf27c3f69279fd523c0c3a1da5fc4f01ed64c27ffcfe3c1c596482f5baae1434e8c687c":"b038829fc95dcba8645ce40a306491c893f48139ae30a071":"fbbf7abb8cc2612eeea6d9463efd55c47245e01713332bd6":"ccd7e81f529de1ff4e65fc63d34c262ffde7ee49e6707197":"96dfb7445057633b2f0deb69135d10d0a2dc53faa9cded55ddfb8edc63f5424f8fec7627597a30328177dde7963f76f9e5412b5b440256c6a3f0c7c7fa02ca49e19ea176abac013696e9d529f65e51d4a7348e42dd254bbf19d9632d6c875b8ecd7a4139f1bf020a159d2a30af8d645f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"319cbf2b11b37c831c654b6cec2570dc6d7abeeab185272a518eaef30faa5acf5c8b254d":"9effa141f7466b659eaa50c32c8e683c2640f54027ab6aa5":"63b3acc237588cdf41c0d4bef16c4890cf3d458fcf1de8ea":"573d6a7960aeccc3280a8aee4d72e587e9d196b7b270e329":"8a568086fdd9f01206a5aaee34d253bbc9339112d3170699b9a1392e97062d5d0f16240114dc1789269217c5b4b2974895b20903890f7dacfef46fa4a4d02891c70425ab3b42f53d72f852faf3713ac7b8207dc453279f4df345091b8bfeb54983095c2d190358293ba507bdfdc39b24" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"56f3f5b08da10ead0c986dd2ae5553e4b2eeeb47ad5d22197b12b89b4a871c51c0d85554":"96c8630a1f4187fb0794601cf51e7e333e71756a0421ff43":"875e5bc9548917a82b6dc95200d92bf4218dba7ab316a5fe":"4d3f5678b00d47bb9d0936486de60407eaf1282fda99f595":"90969961ef9283b9e600aead7985455e692db817165189665f498f219b1e5f277e586b237851305d5205548b565faeb02bb7b5f477c80ba94b0563e24d9309d2957a675848140f5601f698459db5899b20dda68f000ccb18dcd39dfae49955b8478fd50bb59d772045beb338622efa5a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"ca851911349384bffe89de1cbdc46e6831e44d34a4fb935ee285dd14b71a7488659ba96c601dc69fc902940805ec0ca8":"":"":"":"e528e9abf2dece54d47c7e75e5fe302149f817ea9fb4bee6f4199697d04d5b89d54fbb978a15b5c443c9ec21036d2460b6f73ebad0dc2aba6e624abf07745bc107694bb7547bb0995f70de25d6b29e2d3011bb19d27676c07162c8b5ccde0668961df86803482cb37ed6d5c0bb8d50cf1f50d476aa0458bdaba806f48be9dcb8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"79737479ba4e7642a221fcfd1b820b134e9e3540a35bb48ffae29c20f5418ea33593259c092bef4129bc2c6c9e19f343":"":"":"":"cf5ad5984f9e43917aa9087380dac46e410ddc8a7731859c84e9d0f31bd43655b924159413e2293b17610f211e09f770f172b8fb693a35b85d3b9e5e63b1dc252ac0e115002e9bedfb4b5b6fd43f33b8e0eafb2d072e1a6fee1f159df9b51e6c8da737e60d5032dd30544ec51558c6f080bdbdab1de8a939e961e06b5f1aca37" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b340907445b97a8b589264de4a17c0bea11bb53ad72f9f33297f05d2879d898d65cb27735d83c0708f72684ea58f7ee5":"":"":"":"75183aaaf3574bc68003352ad655d0e9ce9dd17552723b47fab0e84ef903694a32987eeddbdc48efd24195dbdac8a46ba2d972f5808f23a869e71343140361f58b243e62722088fe10a98e43372d252b144e00c89c215a76a121734bdc485486f65c0b16b8963524a3a70e6f38f169c12f6cbdd169dd48fe4421a235847a23ff" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8e159f60060a7d6a7e6fe7c9f769c30b98acb1240b25e7ee33f1da834c0858e7c39d35052201bdcce4e127a04f04d644":"":"":"":"62910a77213967ea93d6457e255af51fc79d49629af2fccd81840cdfbb4910991f50a477cbd29edd8a47c4fec9d141f50dfde7c4d8fcab473eff3cc2ee9e7cc90871f180777a97841597b0dd7e779eff9784b9cc33689fd7d48c0dcd341515ac8fecf5c55a6327aea8d58f97220b7462373e84e3b7417a57e80ce946d6120db5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"74755f196305f7fb6689b2fe6835dc1d81484fc481a6b8087f649a1952f4df6ac36387a544a5f2b78007651a7b74b749":"":"":"":"b2896f3af4375dab67e8062d82c1a005ef4ed119d13a9f18371b1b873774418684805fd659bfd69964f83a5cfe08667ddad672cafd16befffa9faed49865214f703951b443e6dca22edb636f3308380144b9333de4bcb0735710e4d9266786342fc53babe7bdbe3c01a3addb7f23c63ce2834729fabbd419b47beceb4a460236" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"4b222718f56a3260b3c2625a4cf80950b7d6c1250f170bd5c28b118abdf23b2f7aed52d0016fcaef0b6492bc40bbe0e9":"":"":"":"a6da029b3665cd39fd50a54c553f99fed3626f4902ffe322dc51f0670dfe8742ed48415cf04bbad5ed3b23b18b7892d170a7dcf3ef8052d5717cb0c1a8b3010d9a9ea5de70ae5356249c0e098946030c46d9d3d209864539444374d8fbcae068e1d6548fa59e6562e6b2d1acbda8da0318c23752ebc9be0c1c1c5b3cf66dd967" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b512633f27fb182a076917e39888ba3ff35d23c3742eb8f3c635a044163768e0e2c39b84629a3de5c301db5643af1c21":"":"":"":"fb931d0d0194a97b48d5d4c231fdad5c61aedf1c3a55ac24983ecbf38487b1c93396c6b86ff3920cfa8c77e0146de835ea5809676e702dee6a78100da9aa43d8ec0bf5720befa71f82193205ac2ea403e8d7e0e6270b366dc4200be26afd9f63b7e79286a35c688c57cbff55ac747d4c28bb80a2b2097b3b62ea439950d75dff" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"aae3ffc8605a975befefcea0a7a286642bc3b95fb37bd0eb0585a4cabf8b3d1e9504c3c0c4310c1c0746a036c91d9034":"":"":"":"2819bd3b0d216dad59ddd6c354c4518153a2b04374b07c49e64a8e4d055575dfbc9a8fcde68bd257ff1ba5c6000564b46d6dd7ecd9c5d684fd757df62d85211575d3562d7814008ab5c8bc00e7b5a649eae2318665b55d762de36eba00c2906c0e0ec8706edb493e51ca5eb4b9f015dc932f262f52a86b11c41e9a6d5b3bd431" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b9475210b79b87180e746df704b3cbc7bf8424750e416a7fbb5ce3ef25a82cc624baf03599c10df6ef44065d715a93f7":"":"":"":"ae12d784f796183c50db5a1a283aa35ed9a2b685dacea97c596ff8c294906d1b1305ba1f80254eb062b874a8dfffa3378c809ab2869aa51a4e6a489692284a25038908a347342175c38401193b8afc498077e10522bec5c70882b7f760ea5946870bd9fc72961eedbe8bff4fd58c7cc1589bb4f369ed0d3bf26c5bbc62e0b2b2" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"27838eb44ceccb4e36210703ebf38f659bc39dd3277cd76b7a9bcd6bc964b62839cfe0210db2e7b0eb52a387476e7ea1":"":"":"":"e5e72a53605d2aaa67832f97536445ab774dd9bff7f13a0d11fd27bf6593bfb52309f2d4f09d147192199ea584503181de87002f4ee085c7dc18bf32ce5315647a3708e6f404d6588c92b2dda599c131aa350d18c747b33dc8eda15cf40e95263d1231e1b4b68f8d829f86054d49cfdb1b8d96ab0465110569c8583a424a099a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d7129e4f47008ad60c9b5d081ff4ca8eb821a6e4deb91608bf4e2647835373a5a72882773f78c2fc4878295840a53012":"":"":"":"0cbf48585c5de9183b7ff76557f8fc9ebcfdfde07e588a8641156f61b7952725bbee954f87e9b937513b16bba0f2e523d095114658e00f0f3772175acfcb3240a01de631c19c5a834c94cc58d04a6837f0d2782fa53d2f9f65178ee9c837222494c799e64c60406069bd319549b889fa00a0032dd7ba5b1cc9edbf58de82bfcd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"67fe5e300c513371976c80de4b20d4473889c9f1214bce718bc32d1da3ab7532e256d88497738a33923aa003a8d7845c":"":"":"":"b44660d64ef7bcebc7a1ab71f8407a02285c7592d755ae6766059e894f694373ed9c776c0cfc8594413eefb400ed427e158d687e28da3ecc205e0f7370fb089676bbb0fa591ec8d916c3d5f18a3eb4a417120705f3e2198154cd60648dbfcfc901242e15711cacd501b2c2826abe870ba32da785ed6f1fdc68f203d1ab43a64f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"de8142541255c46d66efc6173b0fe3ffaf5936c897a3ce2e9d5835616aafa2cbd01f9002c407127bc3297a561d89b81d":"":"":"":"64d1020929d74716446d8a4e17205d0756b5264867811aa24d0d0da8644db25d5cde474143c57d12482f6bf0f31d10af9d1da4eb6d701bdd605a8db74fb4e77f79aaa9e450afda50b18d19fae68f03db1d7b5f1738d2fdce9ad3ee9461b58ee242daf7a1d72c45c9213eca34e14810a9fca5208d5c56d8066bab1586f1513de7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"4a8e0bd90bdb12f7748ad5f147b115d7385bb1b06aee7d8b76136a25d779bcb77f3cce4af8c8ce3c45bdf23c6b181a00":"":"":"":"320c7ca4bbeb7af977bc054f604b5086a3f237aa5501658112f3e7a33d2231f5536d2c85c1dad9d9b0bf7f619c81be4854661626839c8c10ae7fdc0c0b571be34b58d66da553676167b00e7d8e49f416aacb2926c6eb2c66ec98bffae20864cf92496db15e3b09e530b7b9648be8d3916b3c20a3a779bec7d66da63396849aaf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"451ed024bc4b95f1025b14ec3616f5e42e80824541dc795a2f07500f92adc6652f28e6ee8de5879db1eccd58c994e5f0":"":"":"":"3fb637085ab75f4e95655faae95885166a5fbb423bb03dbf0543be063bcd48799c4f05d4e522634d9275fe02e1edd920e26d9accd43709cb0d8f6e50aa54a5f3bdd618be23cf73ef736ed0ef7524b0d14d5bef8c8aec1cf1ed3e1c38a808b35e61a44078127c7cb3a8fd7addfa50fcf3ff3bc6d6bc355d5436fe9b71eb44f7fd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d3cc4d1acf3dde0c4bd2290d262337042dc632948223d3a2eaab87da44295fbd0109b0e729f457328aa18569a9224921":"":"3c311848183c9a212a26f27f8c6647e40375e466a0857cc39c4e47575d53f1f6":"fcb9abd19ccfbccef88c9c39bfb3dd7b1c12266c9808992e305bc3cff566e4e4":"9c7b758b212cd0fcecd5daa489821712e3cdea4467b560ef5ddc24ab47749a1f1ffdbbb118f4e62fcfca3371b8fbfc5b0646b83e06bfbbab5fac30ea09ea2bc76f1ea568c9be0444b2cc90517b20ca825f2d0eccd88e7175538b85d90ab390183ca6395535d34473af6b5a5b88f5a59ee7561573337ea819da0dcc3573a22974" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"f97a3cfd91faa046b9e61b9493d436c4931f604b22f1081521b3419151e8ff0611f3a7d43595357d58120bd1e2dd8aed":"":"517289afe444a0fe5ed1a41dbbb5eb17150079bdd31e29cf2ff30034d8268e3b":"88028d29ef80b4e6f0fe12f91d7449fe75062682e89c571440c0c9b52c42a6e0":"c6871cff0824fe55ea7689a52229886730450e5d362da5bf590dcf9acd67fed4cb32107df5d03969a66b1f6494fdf5d63d5b4d0d34ea7399a07d0116126d0d518c7c55ba46e12f62efc8fe28a51c9d428e6d371d7397ab319fc73ded4722e5b4f30004032a6128df5e7497ecf82ca7b0a50e867ef6728a4f509a8c859087039c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"0f2f23d64f481cabec7abb01db3aabf125c3173a044b9bf26844300b69dcac8b9a5ae13232b43aa19cfe8d7958b4b590":"":"ec4c7a62acab73385f567da10e892ff395a0929f959231a5628188ce0c26e818":"6b97b8c6b6bb8935e676c410c17caa8042aa3145f856d0a32b641e4ae5298648":"7480a361058bd9afa3db82c9d7586e42269102013f6ec5c269b6d05f17987847748684766b44918fd4b65e1648622fc0e0954178b0279dfc9fa99b66c6f53e51c4860131e9e0644287a4afe4ca8e480417e070db68008a97c3397e4b320b5d1a1d7e1d18a95cfedd7d1e74997052bf649d132deb9ec53aae7dafdab55e6dae93" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"53c56660c78481be9c63284e005fcc14fbc7fb27732c9bf1366d01a426765a31dc7a14d0eb5b0b3534e717a0b3c64614":"":"3aa848706ecb877f5bedf4ffc332d57c22e08747a47e75cff6f0fd1316861c95":"9a401afa739b8f752fddacd291e0b854f5eff4a55b515e20cb319852189d3722":"5c0eb420e0bf41ce9323e815310e4e8303cd677a8a8b023f31f0d79f0ca15aeb636099a369fd074d69889865eac1b72ab3cbfebdb8cf460b00072802e2ec648b1349a5303be4ccaadd729f1a9ea17482fd026aaeb93f1602bc1404b9853adde40d6c34b844cf148bc088941ecfc1642c8c0b9778e45f3b07e06e21ee2c9e0300" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"f63c804404902db334c54bb298fc271a21d7acd9f770278e089775710bf4fdd73e45009ea9cb2a36ba1aa4bf39178200":"":"d165a13dc8cc43f3f0952c3f5d3de4136954d983683d4a3e6d2dc4c89bf23423":"75106bc86d0336df85097f6af8e80e2da59046a03fa65b06706b8bbc7ffc6785":"6363139bba32c22a0f5cd23ca6d437b5669b7d432f786b8af445471bee0b2d24c9d5f2f93717cbe00d1f010cc3b9c515fc9f7336d53d4d26ba5c0d76a90186663c8582eb739c7b6578a3328bf68dc2cec2cd89b3a90201f6993adcc854df0f5c6974d0f5570765a15fe03dbce28942dd2fd16ba2027e68abac83926969349af8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"2aaca9147da66c176615726b69e3e851cc3537f5f279fe7344233d8e44cfc99d4e171f080af9a6081bee9f183ac9e340":"":"d75a2a6eb66c3833e50f5ec3d2e434cf791448d618026d0c360806d120ded669":"b643b74c15b37612e6577ed7ca2a4c67a78d560af9eb50a4108fca742e87b8d6":"501dcdc977f4ba856f24eaa4968b374bebb3166b280334cb510232c31ebffde10fa47b7840ef3fe3b77725c2272d3a1d4219baf23e0290c622271edcced58838cf428f0517425d2e19e0d8c89377eecfc378245f283236fafa466c914b99672ceafab369e8889a0c866d8bd639db9fb797254262c6fd44cfa9045ad6340a60ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a2e4cd48a5cf918d6f55942d95fcb4e8465cdc4f77b7c52b6fae5b16a25ca306bef036716440db6e6d333d9d760b7ca8":"":"bfa591c7287f3f931168f95e38869441d1f9a11035ad8ea625bb61b9ea17591c":"c00c735463bca215adc372cb892b05e939bf669583341c06d4e31d0e5b363a37":"e7d136af69926a5421d4266ee0420fd729f2a4f7c295d3c966bdfa05268180b508b8a2852d1b3a06fd2ab3e13c54005123ef319f42d0c6d3a575e6e7e1496cb28aacadbcf83740fba8f35fcee04bb2ed8a51db3d3362b01094a62fb57e33c99a432f29fce6676cffbbcc05107e794e75e44a02d5e6d9d748c5fbff00a0178d65" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"95a67771cba69011a79776e713145d309edae56fad5fd6d41d83eaff89df6e5ebe5b5164e31ecc51ba6f7c3c5199eb33":"":"065f693b229a7c4fd373cd15b3807552dd9bf98c5485cef361949d4e7d774b53":"9afb62406f0e812c4f156d58b19a656c904813c1b4a45a0029ae7f50731f8014":"f61b61a6e79a41183e8ed6647899d2dc85cdaf5c3abf5c7f3bf37685946dc28f4923dc842f2d4326bd6ce0d50a84cb3ba869d72a36e246910eba6512ba36cd7ed3a5437c9245b00a344308c792b668b458d3c3e16dee2fbec41867da31084d46d8ec168de2148ef64fc5b72069abf5a6ada1ead2b7146bb793ff1c9c3690fa56" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a459e1815cbca4514ec8094d5ab2414a557ba6fe10e613c345338d0521e4bf9062221392e2552e76cd0d36df6e6068eb":"":"0a3642b02b23b3ef62c701a63401124022f5b896de86dab6e6c7451497aa1dcc":"c80514865901371c45ba92d9f95d50bb7c9dd1768cb3dfbc45b968da94965c6e":"464e6977b8adaef307c9623e41c357013249c9ffd77f405f3925cebb69f151ce8fbb6a277164002aee7858fc224f6499042aa1e6322deee9a5d133c31d640e12a7487c731ba03ad866a24675badb1d79220c40be689f79c2a0be93cb4dada3e0eac4ab140cb91998b6f11953e68f2319b050c40f71c34de9905ae41b2de1c2f6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"252c2cad613e002478162861880979ee4e323025eebb6fb2e0aa9f200e28e0a1d001bc9a8f2c8c242e4369df0c191989":"":"9bcfc61cb2bc000034bb3db980eb47c76fb5ecdd40553eff113368d639b947fd":"8b0565c767c2610ee0014582e9fbecb96e173005b60e9581503a6dca5637a26e":"e96c15fe8a60692b0a7d67171e0195ff6e1c87aab844221e71700d1bbee75feea695f6a740c9760bbe0e812ecf4061d8f0955bc0195e18c4fd1516ebca50ba6a6db86881737dbab8321707675479b87611db6af2c97ea361a5484555ead454defb1a64335de964fc803d40f3a6f057893d2afc25725754f4f00abc51920743dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8be0ca6adc8b3870c9d69d6021bc1f1d8eb9e649073d35ee6c5aa0b7e56ad8a59d1265f7d51fdb65377f1e6edd6ae0e4":"":"da86167ac997c406bb7979f423986a84ec6614d6caa7afc10aff0699a9b2cf7f":"e4baa3c555950b53e2bfdba480cb4c94b59381bac1e33947e0c22e838a9534cf":"64384ecc4ea6b458efc227ca697eac5510092265520c0a0d8a0ccf9ed3ca9d58074671188c6a7ad16d0b050cdc072c125d7298d3a31d9f044a9ee40da0089a84fea28cc7f05f1716db952fad29a0e779635cb7a912a959be67be2f0a4170aace2981802e2ff6467e5b46f0ffbff3b42ba5935fd553c82482ac266acf1cd247d7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d43a75b6adf26d60322284cb12ac38327792442aa8f040f60a2f331b33ac4a8f0682f8b091f811afacaacaec9b04d279":"":"7fd3b8f512940da7de5d80199d9a7b42670c04a945775a3dba869546cbb9bc65":"2575db20bc7aafc2a90a5dabab760db851d754777bc9f05616af1858b24ff3da":"0da7a8dc73c163014bf0841913d3067806456bbca6d5de92b85534c6545467313648d71ef17c923d090dc92cff8d4d1a9a2bb63e001dc2e8ab1a597999be3d6cf70ff63fee9985801395fbd4f4990430c4259fcae4fa1fcd73dc3187ccc102d04af7c07532885e5a226fc42809c48f22eecf4f6ab996ae4fcb144786957d9f41" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"64352f236af5d32067a529a8fd05ba00a338c9de306371a0b00c36e610a48d18df99ed2c7608c870624b962a5dc68acd":"":"da416335e7aaf60cf3d06fb438735ce796aad09034f8969c8f8c3f81e32fef24":"a28c07c21a2297311adf172c19e83ca0a87731bdffb80548978d2d1cd82cf8a3":"132b9f25868729e3853d3c51f99a3b5fae6d4204bea70890daf62e042b776a526c8fb831b80a6d5d3f153237df1fd39b6fd9137963f5516d9cdd4e3f9195c46e9972c15d3edc6606e3368bde1594977fb88d0ca6e6f5f3d057ccadc7d7dab77dfc42658a1e972aa446b20d418286386a52dfc1c714d2ac548713268b0b709729" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"282f4d2e05a2cd30e9087f5633089389449f04bac11df718c90bb351cd3653a590a7daf3c0de9ea286081efc4a684dfb":"":"2630b4ccc7271cc379cb580b0aaede3d3aa8c1c7ba002cf791f0752c3d739007":"c31d69de499f1017be44e3d4fa77ecebc6a9b9934749fcf136f267b29115d2cc":"c899094520e0197c37b91dd50778e20a5b950decfb308d39f1db709447ae48f6101d9abe63a783fbb830eec1d359a5f61a2013728966d349213ee96382614aa4135058a967627183810c6622a2158cababe3b8ab99169c89e362108bf5955b4ffc47440f87e4bad0d36bc738e737e072e64d8842e7619f1be0af1141f05afe2d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"13c752b9e745ce77bbc7c0dbda982313d3fe66f903e83ebd8dbe4ff0c11380e9f1a533095d6174164bd7c82532464ae7":"":"4f53db89b9ba7fc00767bc751fb8f3c103fe0f76acd6d5c7891ab15b2b7cf67c":"582c2a7d34679088cca6bd28723c99aac07db46c332dc0153d1673256903b446":"6311f4c0c4cd1f86bd48349abb9eb930d4f63df5e5f7217d1d1b91a71d8a6938b0ad2b3e897bd7e3d8703db125fab30e03464fad41e5ddf5bf9aeeb5161b244468cfb26a9d956931a5412c97d64188b0da1bd907819c686f39af82e91cfeef0cbffb5d1e229e383bed26d06412988640706815a6e820796876f416653e464961" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5cacc68165a2e2ee20812f35ec73a79dbf30fd475476ac0c44fc6174cdac2b556f885496c1e63af620becd9e71ecb824":"e72dd8590d4ed5295515c35ed6199e9d211b8f069b3058caa6670b96ef1208d0":"":"":"f1012cf543f94533df27fedfbf58e5b79a3dc517a9c402bdbfc9a0c0f721f9d53faf4aafdc4b8f7a1b580fcaa52338d4bd95f58966a243cdcd3f446ed4bc546d9f607b190dd69954450d16cd0e2d6437067d8b44d19a6af7a7cfa8794e5fbd728e8fb2f2e8db5dd4ff1aa275f35886098e80ff844886060da8b1e7137846b23b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8df013b4d103523073917ddf6a869793059e9943fc8654549e7ab22f7c29f122da2625af2ddd4abcce3cf4fa4659d84e":"b571e66d7c338bc07b76ad3757bb2f9452bf7e07437ae8581ce7bc7c3ac651a9":"":"":"b91cba4cc84fa25df8610b81b641402768a2097234932e37d590b1154cbd23f97452e310e291c45146147f0da2d81761fe90fba64f94419c0f662b28c1ed94da487bb7e73eec798fbcf981b791d1be4f177a8907aa3c401643a5b62b87b89d66b3a60e40d4a8e4e9d82af6d2700e6f535cdb51f75c321729103741030ccc3a56" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"565b2b77937ba46536b0f693b3d5e4a8a24563f9ef1f676e8b5b2ef17823832f4ef3064ec29f5b7f9686d75a23d170e3":"3b722433226c9dba745087270ab3af2c909425ba6d39f5ce46f07256068319d9":"":"":"d144ee7f8363d128872f82c15663fe658413cd42651098e0a7c51a970de75287ec943f9061e902280a5a9e183a7817a44222d198fbfab184881431b4adf35d3d1019da5a90b3696b2349c8fba15a56d0f9d010a88e3f9eeedb67a69bcaa71281b41afa11af576b765e66858f0eb2e4ec4081609ec81da81df0a0eb06787340ea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"fc3832a91b1dcdcaa944f2d93cbceb85c267c491b7b59d017cde4add79a836b6d5e76ce9eabafed06e33a913e395c5e0":"ffc5f6eefd51da64a0f67b5f0cf60d7ab43fc7836bca650022a0cee57a43c148":"":"":"0e713c6cc9a4dbd4249201d12b7bf5c69c3e18eb504bf3252db2f43675e17d99b6a908400cea304011c2e54166dae1f20260008efe4e06a87e0ce525ca482bca223a902a14adcf2374a739a5dfeaf14cadd72efa4d55d15154c974d9521535bcb70658c5b6c944020afb04a87b223b4b8e5d89821704a9985bb010405ba8f3d4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8009eb2cb49fdf16403bcdfd4a9f952191062acb9cc111eca019f957fb9f4451355598866952394b1eddd85d59f81c9d":"09ff1d4b97d83b223d002e05f754be480d13ba968e5aac306d71cc9fc49cc2dd":"":"":"9550903c2f02cf77c8f9c9a37041d0040ee1e3ef65ba1a1fbbcf44fb7a2172bd6b3aaabe850281c3a1778277bacd09614dfefececac64338ae24a1bf150cbf9d9541173a82ecba08aa19b75abb779eb10efa4257d5252e8afcac414bc3bb5d3006b6f36fb9daea4c8c359ef6cdbeff27c1068571dd3c89dc87eda9190086888d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a6e4c9a8bd6da23b9c2b10a7748fd08c4f782fadbac7ea501c17efdc6f6087bdacdc47edf1d3b21d0aec7631abb6d7d5":"c16ee0908a5886dccf332fbc61de9ec7b7972d2c4c83c477409ce8a15c623294":"":"":"a52f93ccb363e2bdf0903622c3caedb7cffd04b726052b8d455744c71b76dee1b71db9880dc3c21850489cb29e412d7d80849cfa9151a151dcbf32a32b4a54cac01d3200200ed66a3a5e5c131a49655ffbf1a8824ff7f265690dffb4054df46a707b9213924c631c5bce379944c856c4f7846e281ac89c64fad3a49909dfb92b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"59d6307460a9bdd392dfc0904973991d585696010a71e52d590a5039b4849fa434a0aafb95917cbf8c38fc5548373c05":"0407b7c57bc11361747c3d67526c36e228028a5d0b145d66ab9a2fe4b07507a0":"":"":"299aba0661315211b09d2861855d0b4b125ab24649461341af6abd903ed6f025223b3299f2126fcad44c675166d800619cf49540946b12138989417904324b0ddad121327211a297f11259c9c34ce4c70c322a653675f78d385e4e2443f8058d141195e17e0bd1b9d44bf3e48c376e6eb44ef020b11cf03eb141c46ecb43cf3d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"9ae3506aadbc8358696ba1ba17e876e1157b7048235921503d36d9211b4303429abf7d66afee5d2b811cba358bbc527d":"0d645f6238e9ceb038e4af9772426ca110c5be052f8673b8b5a65c4e53d2f519":"":"":"5f032c7fec6320fe423b6f38085cbad59d826085afe915247b3d546c4c6b174554dd4877c0d671de9554b505393a44e71f209b70f991ac8aa6e08f983fff2a4c817b0cd26c12b2c929378506489a75b2025b358cb5d0400821e7e252ac6376cd94a40c911a7ed8b6087e3de5fa39fa6b314c3ba1c593b864ce4ff281a97c325b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"96ae3b8775b36da2a29b889ad878941f43c7d51295d47440cd0e3c49991931091fe022a6fc0237b055d4d6a7036b18d5":"1e40e97362d0a823d3964c26b81ab53825c56446c5261689011886f19b08e5c2":"":"":"e707cd14b06ce1e6dbcceaedbf08d88891b03f44ad6a797bd12fdeb557d0151df9346a028dec004844ca46adec3051dafb345895fa9f4604d8a13c8ff66ae093fa63c4d9c0816d55a0066d31e8404c841e87b6b2c7b5ae9d7afb6840c2f7b441bf2d3d8bd3f40349c1c014347c1979213c76103e0bece26ad7720601eff42275" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"33f5120396336e51ee3b0b619b5f873db05ca57cda86aeae2964f51480d149926f1f6e9807ba5393edcf3cb4e4bb6113":"3709605af44d90196867c927512aa8ba31837063337b4879408d91a05c8efa9f":"":"":"8b8291126ded9acef12516025c99ccce225d844308b584b872c903c7bc6467599a1cead003dc4c70f6d519f5b51ce0da57f53da90dbe8f666a1a1dde297727fee2d44cebd1301fc1ca75956a3fcae0d374e0df6009b668fd21638d2b733e6902d22d5bfb4af1b455975e08eef0ebe4dc87705801e7776583c8de11672729f723" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"ad300b799005f290fee7f930eebce158b98fb6cb449987fe433f955456b3530006aa2514e4bd114edf7ac105cfef2772":"87ada711465e4169da2a74c931afb9b5a5b190d07b7af342aa99570401c3ee8a":"":"":"80d7c606ff49415a3a92ba1f2943235c01339c8f9cd0b0511fbfdf3ef23c42ffff008524193faaa4b7f2f2eb0cfa221d9df89bd373fe4e158ec06fad3ecf1eb48b8239b0bb826ee69d773883a3e8edac66254610ff70b6609836860e39ea1f3bfa04596fee1f2baca6cebb244774c6c3eb4af1f02899eba8f4188f91776de16f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"130b044e2c15ab89375e54b72e7baae6d4cad734b013a090f4df057e634f6ff065fd6ac602cd44107d705dbc066e52b6":"f374aba16f34d54aae5e494505b67d3818ef1c08ea24967a76876d4361379aec":"":"":"5d179534fb0dba3526993ed8e27ec9f915183d967336bb24352c67f4ab5d7935d3168e57008da851515efbaecb69904b6d899d3bfa6e9805659aef2942c4903875b8fcbc0d1d24d1c075f0ff667c1fc240d8b410dff582fa71fa30878955ce2ed786ef32ef852706e62439b69921f26e84e0f54f62b938f04905f05fcd7c2204" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"716430e999964b35459c17921fe5f60e09bd9ab234cb8f4ba4932bec4a60a1d59533b711e061b07d505da707cafbca03":"372ae616d1a1fc45c5aecad0939c49b9e01c93bfb40c835eebd837af747f079d":"":"":"a80d6a1b2d0ce01fe0d26e70fb73da20d45841cf01bfbd50b90d2751a46114c0e758cb787d281a0a9cf62f5c8ce2ee7ca74fefff330efe74926acca6d6f0646e4e3c1a1e52fce1d57b88beda4a5815896f25f38a652cc240deb582921c8b1d03a1da966dd04c2e7eee274df2cd1837096b9f7a0d89a82434076bc30173229a60" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"7679f154296e6d580854826539003a82d1c54e2e062c619d00da6c6ac820789b55d12941b0896462e7d888e5322a99a3":"ba4d1ed696f58ef64596c76cee87cc1ca83069a79e7982b9a06f9d62f4209faf":"":"":"10dc7cd2bb68c2c28f76d1b04ae2aa287071e04c3b688e1986b05cc1209f691daa55868ebb05b633c75a40a32b49663185fe5bb8f906008347ef51590530948b87613920014802e5864e0758f012e1eae31f0c4c031ef823aecfb2f8a73aaa946fc507037f9050b277bdeaa023123f9d22da1606e82cb7e56de34bf009eccb46" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8ca4a964e1ff68753db86753d09222e09b888b500be46f2a3830afa9172a1d6da59394e0af764e2f21cf751f623ffa6c":"eb8164b3bf6c1750a8de8528af16cffdf400856d82260acd5958894a98afeed5":"":"":"fc5701b508f0264f4fdb88414768e1afb0a5b445400dcfdeddd0eba67b4fea8c056d79a69fd050759fb3d626b29adb8438326fd583f1ba0475ce7707bd294ab01743d077605866425b1cbd0f6c7bba972b30fbe9fce0a719b044fcc1394354895a9f8304a2b5101909808ddfdf66df6237142b6566588e4e1e8949b90c27fc1f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5d3286bc53a258a53ba781e2c4dcd79a790e43bbe0e89fb3eed39086be34174bc5422294b7318952ace7055ab7570abf":"2dba094d008e150d51c4135bb2f03dcde9cbf3468a12908a1b025c120c985b9d":"793a7ef8f6f0482beac542bb785c10f8b7b406a4de92667ab168ecc2cf7573c6":"2238cdb4e23d629fe0c2a83dd8d5144ce1a6229ef41dabe2a99ff722e510b530":"d04678198ae7e1aeb435b45291458ffde0891560748b43330eaf866b5a6385e74c6fa5a5a44bdb284d436e98d244018d6acedcdfa2e9f499d8089e4db86ae89a6ab2d19cb705e2f048f97fb597f04106a1fa6a1416ad3d859118e079a0c319eb95686f4cbcce3b5101c7a0b010ef029c4ef6d06cdfac97efb9773891688c37cf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"c2a566a9a1817b15c5c3b778177ac87c24e797be0a845f11c2fe399dd37732f2cb1894eb2b97b3c56e628329516f86ec":"13ce4d8dd2db9796f94156c8e8f0769b0aa1c82c1323b61536603bca37c9ee29":"413dd83fe56835abd478cb9693d67635901c40239a266462d3133b83e49c820b":"d5c4a71f9d6d95a1bedf0bd2247c277d1f84a4e57a4a8825b82a2d097de63ef1":"b3a3698d777699a0dd9fa3f0a9fa57832d3cefac5df24437c6d73a0fe41040f1729038aef1e926352ea59de120bfb7b073183a34106efed6278ff8ad844ba0448115dfddf3319a82de6bb11d80bd871a9acd35c73645e1270fb9fe4fa88ec0e465409ea0cba809fe2f45e04943a2e396bbb7dd2f4e0795303524cc9cc5ea54a1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a33288a96f41dd54b945e060c8bd0c094f1e28267cc1dcbba52063c1a9d54c4d36918c977e1a7276a2bb475591c367b7":"6aa528c940962638dc2201738850fd1fe6f5d0eb9f687ff1af39d9c7b36830d9":"37ee633a635e43af59abdb1762c7ea45bfe060ec1d9077ecd2a43a658673f3c7":"2eb96f2e28fa9f674bb03ade703b8f791ee5356e2ee85c7ed5bda96325256c61":"db2f91932767eb846961ce5321c7003431870508e8c6f8d432ca1f9cee5cdc1aed6e0f133d317eb6990c4b3b0a360cdfb5b43a6e712bd46bca04c414868fab22c6a49c4b89c812697c3a7fbfc8ddf10c8aa5ebf13a09fd114eb2a02a07f69786f3ce7fd30231f22779bc8db103b13fa546dbc45a89a86275281172761683d384" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5f37b6e47e1776e735adc03d4b999879477ff4a206231924033d94c0114f911b7d12d62c79c9f6234ae0314156947459":"92d4d9fab5f8bf5119f2663a9df7334f50dcde74fb9d7732f7eba56501e60d54":"c9aef0d7a9ba7345d08b6d5b5ce5645c7495b8685e6b93846ffcf470f5abd40d":"50d9d1f5074f7d9f1a24a9c63aa47b94da5ba78db1b0f18e4d4fe45c6875813c":"20d942bbd7d98700faa37e94d53bf74f2d6bd1d8c95c0b88d842c4857797d59e7c8788aeeac29740122f208f703bf35dc32b0035db0648384feb6aa17a3274bc09b2d2b746c5a06fd82f4469fb86131a49482cb7be7d9b4b95042394cfb18b13f333ec0fe5c227bf1d8f33ecb2e42e358b6c3e034cb585331bd1d27f638029b9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"2311c5afd64c584484b2729e84db80c0b4063fe9ca7edc83350488d7e67264a06a6dfd975a0dc7b72df1f107c4b3b3a6":"2abd870ec5fe26ed14dfa57a3309f920131b70580c3639af2645cd1af93db1b1":"c6e532a3b25653b6002aed5269cc2118749306e736bde039d4d569d4f967773f":"5e7d26c4da769c373092b2b4f72b109fe34bdb7d169ea38f78ebae5df4a15759":"cacaeb1b4ac2305d8714eb50cbe1c67c5a2c0bbc7938fdfdcafef7c85fc40becbf777a4cfb6f14c6eee320943a493d2b0a744a6eb3c256ee9a3763037437df9adce3e2260f0c35e958af0edb5a81debd8bdaf2b8bb2b98b9186e5a222a21609ff58df4cbe1d4898d10d6e7c46f31f5cb1041bfd83a5fb27d5c56c961e91403fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"362ece9d330e1172a8f9e50258476d0c79c3ee50346524ba12d970ee3a6ef8c5cf11bcb4d9d51311ceacfca8705e833f":"abb5a8edde02e526449284ecc31bc713383df3ed085f752e3b6a32f305861eed":"746302ab1f4a86b17546bea762e929360f2e95c7788a63545a264ef997c8c65e":"b907c5b2a8833a48e56e819228ce9a050b41b3309f5ca37bed720311d92b33af":"73c7131a558350590053580873ef956ff952f2aa6ff1bea452e013d1bc2afddea2311756dbe756e63ba6258480c48f3f6c1319b5f572f67ca530af09e39413d1d432bea8f89206619618cb0e7c88e9f2033639d0eb0efc20616b64f940da99b88231984c3fb23f19e890576f555fde394dbd4351f17a7ffd5c369379001bda03" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"cf614bc29946bc0095f415e8bdeda10aab05392f9cc9187a86ea6ec95ee422e177fb5ec22dc0432cc13f4693e2e3bd9a":"e4ce77914ffbc5fddf1fb51edfafdc196109139b84c741354135ec8d314c7c43":"e1e83ee1205acaf6164dc287aec08e5b32789e5be818078db39e53cad589db51":"4e20c0226d5e1e7e805679f03f72452b5bea2d0ba41e0c12329bf60eb3016dd1":"838fdf1418a746aa52ae4005d90c3fd301f648c5770ffef2a9f3912e37a93850cc4b8bfcce910aead0cb75958823b1a62e283901c5e4a3980e4ea36257458e2e4953555819b8852a26489b1d74821f80c9908469b43f124ff7ea62497c36159a47353098a1b9ec32e54800d6704371cc37f357ad74aacc203e9b6db97f94d0c4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a8da1d3e233f393fd44d204c200202f7d01896e72c5ac652940cfd15b5d4b0bd0a112b4cb0890af0a495e0f49fcf6874":"d2e32799bc822b8d033299bdf63dc35774f7649e935d25be5b10512c430d1bda":"920a82d76fcd2cd106ada64bba232b7b2344f3afe6b1d1d20ee8795144571009":"eeaac5878275372025f8231febed64db6a11273c3c00d625fc80a95f18ad7d3f":"5f6dae489b53d89027b2cc333c700f090152d77b3eaf01d47f56ce6eca9893ef877b4cb560fab0fbdb34e3d1c6cd8480b33c053d2661a10aa531df4961b97d659c7492584236582b3fe701055efa59c328194cd1e07fcffd910d9ee01b7b9e8c8fda7f7ac01a8e203b8b26eb8078a9b9a5021562c44af24089e3ef84c1d5a6bd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a77b1ed4ecaa650374e1052c405f1d88881c25c87d13dbe1334d8c1a847fa76b05c143e2f145db216fe7be9ed23635d0":"b5c750968ff09ed251d4a1c05342ac843db5246b19045728a634fa4f6e752e54":"ff5937bcd01a363696bf8e40adc8e4ab3e56dbf7e7d09451c99e538785fe6697":"4acb34eea8266badcf8f6557a0eecf3eb4d7a295c876d6175598cb66a388efb8":"ec13eadfcc84e77d2a2efa1a2cd8b1355587cb27feb3d19d75b37f0446333ddb8236e751c63b7a6e595ec24a25051a696dbe8c062dd8896d1446db228a2f10e8094ee07e7ee648ed6bebb2f5ec5aae24c9c640665c28355cc11c116795ecc070790f7fdfc4398900311b6695d5da0175091ed1828d2731085bfb4a20bd86cce0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"491686c781e83eb4e21d9989e8d718100b0d21a2c56295888baef1a65f219651499085296d21065feabf3106101c8d6f":"d208a72f9ae34f0817669fb04f49239dd31700f3dc9a93db8d75fb79f9b686c1":"9ffc61893a293a864008fdd56d3292600d9e2ec8a1ea8f34ac5931e968905a23":"4ff3a397dfdae0912032a302a5e7a07dceca8d9013a21545689319b7c024cd07":"3c258ebf2203fca3b322ad1b016e21c7f5c148425f81e4fb0a0e462dce9dfa569c37a006527768297a5b68461b08912642a341b88c85597e30e7561206886098c4e2d861f11513f0ffdbbc78d3a2dd60c105abbb33c5e05ae27081b690fb8b3610917aa9bf1a4ad74481b5ff8334f14e5ad6a6a1eb2259476078076fb7e3a992" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"36a5267eeeb5a1a7d46de0f8f9281f73cd9611f01198fdaa78c5315205e5a177b66b5337970df36219321badacc624eb":"c2a7b164949da102bece44a423197682ff97627d1fe9654266b8527f64e5b386":"a977e2d8637b019c74063d163bb25387dc56f4eb40e502cefc5ae6ad26a6abdc":"c5c9819557b1e7d8a86fa8c60be42993edc3ef539c13d9a51fb64b0de06e145e":"b471711a4fc7ab7247e65d2c2fe49a50169187187b7978cd2fdb0f8318be3ec55fc68ed4577ad9b42cbb57100b5d35ac86c244c4c93a5b28c1a11c2dfe905d608ec7804dec5bb15cf8d79695534d5e13a6a7e18a887ec9cf184da0cbbc6267f3a952a769403bafcdbb559401be0d8b3300ea7258b4026fc892175efd55ba1a67" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a76b0366df89e4073a6b6b9c04da1d6817ce26f1c4825cad4097bdf4d7b9445e773d3cc3290176773847869be528d1a4":"1bfd3bcfb9287a5ad055d1b2b8615fa81c94ac24bc1c219a0f8de58789e0404a":"edd879fa56f21d93029da875b683ce50f6fdc4c0da41da051d000eed2afefefa":"f528ffd29160039260133ed9654589ce60e39e7f667c34f82cda65ddcf5fff14":"39d1ff8848e74dd2cdc6b818ad69823878062116fdf1679942f892c7e191be1c4b6ea268ecdff001b22af0d510f30c2c25b90fc34927f46e3f45d36b0e1848b3a5d54c36c7c65ee7287d325dfbb51b56a438feb6650ce13df88bf06b87ac4a35d2a199ea888629fb0d83f82f0ea160dc79ed220d8ef195b9e80c542f60c2d320" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"46571e1df43e5e141235e2a9ec85bb0faf1dc0566031e14d41a2fbd0315653ecb60ef6a3347967519aabeaf748e4e991":"759fd8593e3688b23c4a003b655311770d670789878570eb3b155a8e6c2d8c45":"033128460b449e1accb0e9c54508759ddc2538bc64b51e6277553f0c60a02723":"a5e4a717240bdeac18a0c0e231a11dc04a47d7550f342fa9a7a5ff334eb9327d":"9d222df1d530ea7f8f2297a0c79d637da570b48042ecddded75956bba0f0e70b271ffa3c9a53bada6ee1b8a4203c22bfde82a5e2eb1b150f54c6483458569422c1a34a8997d42cc09750167a78bf52a0bd158397af9f83caabe689185c099bf0a9a4853dd3cf8b8e89efebb6a27dba873e65e9927741b22968f2875789b44e01" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d63980e63bbe4ac08d2ac5646bf085b82c75995e3fdfc23bb9cc734cd85ca7d2d33ed1dcae13fb634ba08272d6697590":"acd0da070072a5340c4f5f4395568e1a36374e074196ae87f3692ee40487e1df":"f567677b5e12e26f3544be3da9314c88fc475bf84804a89a51f12b191392c02b":"c01cc7873e93c86e2bfb8fc984cfc2eab5cc58eeef018fedb5cba5aedd386156":"b133446f633bcb40724bbf9fa187c39a44b9c094a0a0d40e98977e5466dc2c9adf62a5f4551eeb6406a14658de8a0ed7487c3bf6277e811101284a941745ce16176acc875f1435e14161772fa84609e8123c53dd03cbb868030835c0d11d8d6aa04a1b6f908248b028997737f54735ec4ed7a81fc868199ffb61a779d9340334" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"3d99f9b7ac3a2fbe9cf15d960bf41f5588fc4db1e0d2a5c9c0fe9059f03593fb411f504bb63a9b3afa7ffa1357bb48be":"0bb5ebd55981a25ba69164da49fa92f2871fd3fc65eb30d0f0d0b8d798a4f8f2":"288e948a551284eb3cb23e26299955c2fb8f063c132a92683c1615ecaed80f30":"d975b22f79e34acf5db25a2a167ef60a10682dd9964e15533d75f7fa9efc5dcb":"ee8d707eea9bc7080d58768c8c64a991606bb808600cafab834db8bc884f866941b4a7eb8d0334d876c0f1151bccc7ce8970593dad0c1809075ce6dbca54c4d4667227331eeac97f83ccb76901762f153c5e8562a8ccf12c8a1f2f480ec6f1975ac097a49770219107d4edea54fb5ee23a8403874929d073d7ef0526a647011a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"a1dc2dfeda4f3a1124e0e75ebfbe5f98cac11018221dda3fdcf8f9125d68447abae5ea27166540515268a493a96b5187":"":"":"":"228293e59b1e4545a4ff9f232616fc5108a1128debd0f7c20ace837ca105cbf24c0dac1f9847dafd0d0500721ffad3c684a992d110a549a264d14a8911c50be8cd6a7e8fac783ad95b24f64fd8cc4c8b649eac2b15b363e30df79541a6b8a1caac238949b46643694c85e1d5fcbcd9aaae6260acee660b8a79bea48e079ceb6a5eaf4993a82c3f1b758d7c53e3094eeac63dc255be6dcdcc2b51e5ca45d2b20684a5a8fa5806b96f8461ebf51bc515a7dd8c5475c0e70f2fd0faf7869a99ab6c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"067fa0e25d71ea392671c24f38ef782ab3587a7b3c77ea756f7bd496b445b7a3ce6acc722768ca0e03784b2217bc60e4":"":"":"":"16eaa49510ffad8cc21ec32858640a0d6f34cb03e8649022aa5c3f566b44e8ace7c3b056cf2a44b242de09ae21dba4275418933611875841b4f0944a8272848c5dc1aad685935e12511d5ee27e9162d4bb968afab53c4b338269c1c77da9d78617911ed4390cb20e88bf30b74fda66fe05df5537a759061d3ffd9231d811e8b34213f22ab0b0ddafff7749a40243a901c310776e09d2e529806d4d6f0655178953c16707519c3c19b9aaa0d09fb676a9d23525c8bc388053bfccfbc368e3eb04" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"9f76503e84727297bc7056c7af917a1c98baa725295457db4fcf54ed09af7f15f39c46142b85a67b4b323594b7e97bde":"":"":"":"7d6a8bc5a7f057ceed6109bfac2486f80f81373b6b31d062aa1fad6d9eda5874867b9ef007ba5a92ba8f3fca624bfd9f7ee5770bbeb0391394fef783c16a7f003c06e5469bab03445bb28a2111def415d162e40472d3e5ae628c5c63170bb19f741c79a5331c883c12bca429f518bf71b14683a071b6c6e1e55d8c7a0f3942bc12a103556c49ca173e498b3b4a15027145cdaeb195bc8a7e1aa82ebdf6ecd516481a4d21f400d0d71b5894545888fee8beed80d3251647947f5abc4735b47fd0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"e242e5b3b49d87289fe02840dc742a2a6cd9490fe2cce581833dddb1edc0d103f987f5de5c68cd345c81b032ea55f36d":"":"":"":"3a858345dfaf00defdf6c83114b760ef53b131fbf14bcc4052cd948820eee78a11cbbd8f4baa308e1d187fced74cbf019c1080d9efffd93fda07df051433876d9900c1f9ad36ea1cb04989bb0c55fd6d01e46923f3bc8887ac00ebd4710212114165355361e240b04232df55a81add3fb363f0d4c9c5e3d313bc7caac7d49dca8517cedacf571fde9686ae93d901fb9b17097a638bb9899cfab0ebc9d1f8a43c2eed7c9f326a711d0f5b9cfc5166c9b561824cbd7775ec601ca712b3ddaaa05b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"42cc17365f5ea5fd22bdc4ade715e293064d6794d82bed5b77c4c107a73de1f76d759e4b191ba01e0ed5dea788ab018d":"":"":"":"de06dee8c8fe453aa03ac2546c39f5cda12412864d52ed5cbd0d4905dd226746d50d1af9fd3e1d90de0f16295cb7f6f4d3271ef00564709df4b05eb9f8adc0f8e8522b05b9f32c37d8526813898b9f71db57fc8328e3b79144482e8aa55c83934d6e097e43ec6d0bc32edaf8c0e6ca449b2e8388b32b286e2d4f85266b0605fb99d1a647565c95ff7857bcab73662b7218719189d792514edca2b1d0cdcd9b6347e132ef4c323da24ad5afd5ed6f96d27b0f879288e962fa0baca3d5b72b5c70" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d57024a230b825b241c206f7b55e2114461ecc9b75353f12ac1d9ad7e7871481fe401c320f74afdb07f566ea500b0628":"":"":"":"e8930bd55a0a5a6d83a9b3b2cde7085c2ae467ea4a2e65ca303697d492ca878bcb801769eb1b7ec564586ec8b36d350e192c4fbf03a98be0ddecf56d465914ba353ed7734d19a680fc4593d9234c4ac8c23b7dfa1e26b013f590cca43b9fef126121b4842496b11dea3ef5e981cb357341f03f92a546a62609236ded6f7d814456acc0596d555cbdc02cbd47dae2caa1897831ea464225922c6600a8bb92e711653067f83b21e1df054309858948c11a1399736fc8391c5b0fc35629abfa5650" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"059ded79125b2d56d9d52bcc950bf608d1a2373515dafcc81efb6588005a5722d8f5f4181f9f2a316c93fdfbadf50e75":"":"":"":"db65d2000632c3d7009c227e99c210e5897f4d7edae608a242b5a4f17708613f8c19a4dd65d6bc3ca57737c9bfdcca068288eea49440af768d1fc977c32b065bb71aa3d8c4d77c9e8e8a6166f332a247978a6c41ed253a1b68ad934a3416b40344a681de28638f00b0a0ffb75514c3f62253372f809906043de35e4805b8e962e5eb957f04212835f802b2c0b3e76c7cf239c89adf31909cd6224d542d929f9b20a10ab99a7c631e4e6188fe2ba8f552c9c88fdadb528679fe950431641b8f37" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"4630406b475b1263b6078e93e5d4282205958d94eb97d1e66b429fb69ec9fccd0dd9982c338df935e929c42fab66adaf":"":"":"":"5d80ec072f550981bcaac6787c0488cc470406249ec80f4bf11050630227f8b5ac6b3b369db237d7c24a0980dffe8d3abd9b64fd4efa492349bd4eb6902edb94553546110227d7de5a864ddae8b9fed8de9f0df9c596e39de903fda323ee6f788831452eb9e49c5eef3e058b5bf84f61f735a93e042bb9e458df6b25f42a6eb8fb03d437cfab757fab4990c721a757eaa5e9048208abbcce6e52f177b20dcf52f1fa551a92b68bcdb01680855b8f79131266378cd1f0c2a4141c9675f01d1e48" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"6ea9c6f784f12a9707ceac8a7162ee5381dc893ee139f8f4b4d93db266829db4ae92bc52ff860d8ecdc9fc16bd070130":"":"":"":"234366f1591cfe244956f9496cdf446e0d390ba64beaa066945b1b4c5337dded2619dd2bd0133a5d612bab7c251ab79e3951cb134894c422553fc8cc7b3ccb29c20adbf52dda35af779142d7efc735342db2ee067649fda25f3e8a74f8e4f6620cf5a17cb943602609cafb85bdf482873efa4c74928cc0d69444b72aa6bc72694a3a21c6a721aa4e0fccab0a98aef375a37a3e8a15dccad13b6d70b3483581004642d879804aa00cba207b51affca43490bb98f67953265574366ec3829e67aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5c13056be92a7f71236fcfef460298acc8595dd474310727f5ccb9a7acb2254ac7226f86349e20e2aca737068ab0f2ce":"":"":"":"16d415eddefa4dc295a64adcbbcb8c6fe8c8f123c6b09dc08a56d723cff5978cc120fd0a68a2f4c202c220db372d3128ef52385d5786c12dfc6e60ecfc3461a09fa80453e2b1b6365eaeb4df602d192aacb25ab6b4a59689d4bf8d1c4c42a32779f62b06baca6461f154cf40901f5787c1aa2bf67cbfe7546ef5b2bdff20790d8c72d077d48c59c92d1af90a90ccfcdf643dd9d6cee0b1faf5f2f35cfd01d2077ced5e2d013ec1e09336dfab9d9e51ba9a3a2837306213bca2d79abf8dc3282c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"38f08a099fc2d405c32d1e0f867e5450d5ee0d53783c31de9ddeae46d962999da01f13a43320c715612cedb920cf12eb":"":"":"":"079ce7a5b540cae96c2883e95acde3039048a6c45a2d259cc648639e7205392d91fa3ee080e615f1e0741a0e536c9e05844651b93461bfc547fb452fec61f853e1bd6e08eabd0cf1c5f84f85eca9d42b53d1e5bae51be5fd35189e4f1c02b843c6361fccf4ca6648bf30a23ccb8ebc16fcf158746eb39cd96f19d46707c001e11c4e0e8ccbc89fec66c69fc92843b6bb2ee1cc7595b65ba89ccaccd6130a8417faf705e8e203e90ee64ae970c409389b5cd0ca80a4e40b642689741691b20621" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"0863c868c32442a1a64095a71ab6ae2f9e61c119b58dfa4f34efd26593bbbf68bc407904c43300452dd4e61df47fa98f":"":"":"":"585334828cf531828fc7127fee0c926f85b8e71e8522ea921296dc62b83a09a00397cd45e0664d0f26fa24edd3e3d8ecef8fdd77ab22431d4066f0efaf3882c97f179a7060efe9e8cba5d8145bebd502c0e09ee791231d539983c08860d7783edb58440d193ed82bc77c27723381a0da45bb1fc2a609f8b73b90446e39869a5af5038aff603b44db9771113927a5297fdc3450eaa228e313afe43c31b0a95b476c5ca312b4f589f809749481722cea9990c02b647976aa6c6f02ce1e5e6ea6df" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"a41ad223e41e2bb9c131ec945ca310600ab00c51f6e4fcddd803bd9ab9be8af5483373838894d32745a81ba9d6967751":"":"":"":"95ca31a7eeebdd2348cf1d43411d2c35faffdbcaed4052d50cf92f0e9d2e757686b72d631a56ca98b68215e7014cfed943abc1e13441c1d660f13adf2188d0975154e1b42a592a62a43b57f82cc21a428873a92fda83abe420efb5233140e4d6c7852cf81e85961fa5c606c5f33e06077f414b0f814cbbe50cc606bffbd474364e608825fdaaf5e74d862795539be8697e2ce05d71446881e3f65bb54ed95e941586988f6e0c34e1beef426696e9dbd9a214013d826a8c99a2a686d8402c583f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"62a26c1327c0ebf8b40691fb4c8f812e81f5474b0c7db70aa9424110fee3a05e41c0cf2e87210e34d0c6bffc269bf2ba":"":"":"":"6e20a00df1af37e6cc55e580ba21335111eb375395343618df7d630b9dc234496e3964cd45c5de34bda46a28964f6148704c30925feeaecae0574038434cd33c1dd943207a8dbdcd72dc9ecb76a25728b3c2a8ac13c1de3a126d7d43a46e12e0d0ca8991469e582b78ef6aa691b5a0e3e85cba7d7aea3c1e8e031674e85f5af36546eb2a0a28d4ffbaa316a9a6c944fce291cc0c235e8499882eb62b22b548ae07cf9430329e009f4443cb94f7a14e8661166b0d681dcec867205abed48145e9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"fd54cf77ed35022a3fd0dec88e58a207c8c069250066481388f12841d38ad98591f9c02a1d205cdbcdf4d93054fde5f5":"":"":"":"f6d5bf594f44a1c7c9954ae498fe993f67f4e67ef4e349509719b7fd597311f2c123889203d90f147a242cfa863c691dc74cfe7027de25860c67d8ecd06bcd22dfec34f6b6c838e5aab34d89624378fb5598b9f30add2e10bdc439dcb1535878cec90a7cf7251675ccfb9ee37932b1a07cd9b523c07eff45a5e14d888be830c5ab06dcd5032278bf9627ff20dbec322e84038bac3b46229425e954283c4e061383ffe9b0558c59b1ece2a167a4ee27dd59afeeb16b38fbdb3c415f34b1c83a75" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5e919d353357671566d2c6ab6e1acd46f47d0c878fe36114d7fea9fecb88a3a27efca9e3d1e1b09d7f16832f3af75141":"":"442f17cb3cb1482a19729bfd58f46f6ef16285554892c01b0718968d6e011082":"f9557c93eb841bfd7b5d4b71da928efcbe3f55e1870493ef90d16eb238380d65":"36902134f1989cfe7eb518a56c06aada98997d9bacd04aee21f879a57b515ca3b5e0c2d5fed05ca1a8b054e8c46b389d9d9186feb0abe8e2e60b3a267281cc5b4b7341116ced35a0e07bc2b0330bbfd8b07f07248fa6d8fc5c9df13445324162bdfa22a91ba71453ab123c92f91c70b8bd540b3b180b11ab45ae2c59e57c7c43dab7576594959a96eb502d182267c86576b1846ccee1a694cabdfb42e0c8214192efb502926fa3c27eed020b7cc8866a5af9d838a57e78bf7acd230e1f4d8361" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"7a5d1efc9b7043060cabd67de7fe22740bcd6a8ceb355d69f118829a2b3c92006a5633e613f8769c1114b1822ffb5408":"":"f2ad962d992434468681c644587639901ff74e2bbdd8761961ec34edc4a0c36d":"75aae0d1bca9484c89fc4de3d1b34275ef0656775f3f8c96f2bbc50401aaa718":"5ca21af4b399db38f8b74a406aace69f994691f2765bb9c47b240000152739e059b163cd007de5f28bba17e485fcf9ff6f41f76e93998510e302282cbdbde09fe8b1a96187e57c9a3df94e2e748f20026476ca682dfa890b478f7a21f4927f74f99aedd9ae782ba10fcda1dc34c31b4f784722e01cc4679737276f56df23c5bd8c6985797b83c0ccde2b4c7a65c652745de7fc8a235ad7ed0f456f1e7568b2dad475f0bc46f02a7f35c05cfef9d0e2c773ff895e291a2cfc2424b106096d8864" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"611586ee40cb3ca4a9238ce112a237449bba5422ac9b18ea53480875334d8fa026da9d96c4e87f94b2f9a7c261be3edb":"":"2f835c336a3aa0019b0bf940c24643bc8fca58c9cfa6509aa9241de9e0e1a046":"1911a59c5f2568860ae71e803688889dc44d14ffb0d93e324c39f32d95c1c3ea":"27bf42f50476d8a2cc23f455e9ef477cb8e9c90f2e97c8a483093ebf55b2aee02e0356cff919e2ec9811b42c73498a6c2b96aa5b761ef7e715cbf66ad2e3ff8a6c92419dbf2e653ce70a87b51e26d9f607eb25b45b91f947d0026a38977143c8bbd94076e663b9cee35505b48e453e7cca83e540975ae8a53f26390aa63aaf1e2669410cc83427eea09428776a2d520eebd170602c52dd491c98042018a0372a0b39cb565cbe5e474f927f91515a6a7444fdbe1d89d8ae2c2482a0deb8ff236d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"85b1e5da599efd4a20ffcefd4737fa3ea1d2b14be33861c2a4ac3ac2a49d3947b14cf18f4ff426cb6345f1a7653e9630":"":"cf5bbf98d8577077b0b84475dee0f0e9aa95eedd1d916507b5233b688bcc856c":"b333ec111e1e7d78c9ac916e420704832539d2db46aca3bdc4732e8ce72b5e80":"4773d32a9fba37acc6900f3ac70f6978ff1e40039d6e3286c264fb7fc59f1bfe0188c7979380c8922bdd0e363c8e09a49faef59ea85a9f0e400b94c74a8a50687e4e51e25266eabb86276f22628d0d2e19c5696cd221a9b80f94045d001ca4c20dc916ca0ff22c93a41fc822912dd7e247927fd45982e94d3d1fde77cbe78beecba830b753079326ae33274f13fb7cd875e85fb5e9e703e61cbd41bc4ad47d7b4d14afc873a39dd810ad8eed95adff8dce3adb7659b7c1d4e3f62403767940b4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"50f986f6efb413fba3e8e0beb84d4948c2db0661ab8e064d9fee8b3c2f0a910fc35d37512f88bdfcfde797a21a006e01":"":"37c7b08222ba63f2136bb28f5ec09b9a899b56371615be41bef49a0b640590e4":"4a1e34a5d60ca08e3e6c0f1b86547ba2d12fa293275e7d75f83a0b846daa48df":"e27738c6fae66125fcaf4e725a0881d5a450fb5b02a55057d6cb7babd91d502c4f4a8431a83352f47ea8e5fd7e815f5080d144318a1dcbc755e0b935785cd5397955da22e3ff633b34a64ac72b2e6b7c51e78ff553731e6e8da911d147a6e05b36b74898cac6d3171bc8650e445ffd19ede2aa8218be17671321c186465d852dd80d73290546b88ef7a978b41c4c549e9c7fc6ef86e47084778fb5aed5d41e794ee0e700b77c0314a307b10df69daba605f3fdbe2dec708ba0b20d6b650befbd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"641dbcbf99b61437c2bf65a13dc3e0324eb940335da123870d9429636dfc82979d0cc913c73e8a6321fc3eb9e973c0aa":"":"72580c11a87ce6b4207908aaf5bcaaa1bd217fce3e8bc0726568c64639b70767":"cf9f4527e074b72be735558dcaa1fc82f26ae286bf944b49649f769bf6faf49f":"345395723d048c2270c0eac990498689bcb862a4996e82995b4e7169e671eb03bb2242c4669c874c1aeaffec58aa653c7d7431abd1650f0cbce8cf5db8316693f3ed501fd9b48c1a44b34f7878aa386d65afc31f94f908a322b03d06c2a1074a03bd2b579cafb0f7cee6d6934588ae1ce9e4ed37b03737c553ca19af4b46b5e43767cee2e459ab91407df6cfd13a6f186abdb148b85a5f49bf92ac6674fb055c7fe123e9355a0d33de281c03a56f91891dd496dabfd6eaa6fff6c9cfb4e67c44" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"b9c305ada943a64a2b00494e869f9a640173eb1c2518dd9be93abc3c93c7e6b5bd0627a199d15f77b188824df00d5997":"":"ffc6760f9af02d35666275c074eda03f53dbcb5690580bb25768a6566b328dfb":"f26f436a820ef71597b75134b8d9dca6e9a6afd9b429222a4c9c878f3b92716e":"e5413a234859511cd837312bb31aac4d31962c5f7f27aec47417f367ca99b8400a4287e60412fc356cb40d96ddf5cb801285ebca42b2f6fe4a711451c1574174c58dccb2cd3342b7092a196ac7d2881a08e7f5de939ccc8f4eedc8f867c81aa88655d96ae50f618279d5009ba2ac4b1df4e63030cc0ec3541b6a94bd9a2ae5d1fcf4d847114a783c997a7c6b9d549010bf7b649abef692cdea3aa8ada14574e0f78b7fcbe17b587ac14980e40264d6de030e429586593d5ce3ae571f95454dcf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"9875dbf59b760eab9998bf3341847910526d10071dc179f96081dd793a6001936881e7f39075cd382293a1aaa8c845d2":"":"1196583a99afe1d377b344585c8252a0690704b8f7a2b7582387ec91a60fd7e4":"20147a88e0f9f1e8caa8cb14488c9b5c38e5520a36ae913b4703d15af27218dd":"c808f6f296683d26208359a766fe61bc70ee8b6ed9ffb94ce269578fb5568fe2358d603638324b63b29bb36ae71a542e38ee69a2b93ad7e4a887a27a2852cdcd541a5fa6d0c8b087aa1185bd5788256e7d95c2aa2d5c11407b7bf762f416b01d8e747c45298f875200a2e67679d6d5ff7a7c0e50a010690b1920df1baf0afcfaee7ab0862004e23b5aa1ff47b8273d503bd74a54e7b39ac7e6d6fb0a594d30531cab8a67b22783470a65f24faba1c231b3ba45efae9f0be04e2338529cfec008" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ac92a6c791aba0406d6ea8255c3c0901eb711a424501c2c2c847076d78bdcfc3266b7c3bc578c7501daac6dda8366d4f":"":"13379a77d84a0c4cec95e62ac4c8a98ceede0d89b8bd317352a95300963415ed":"04d47ec89a3e1b7f22580167331225a00ff258da72446241a6c09c517ee4d48c":"c2e6528584c6dbec436ffec4075fd3aebe953fdc0b46b4b225a3c2886e60d21879e6ccce3746d881f6d80e33876afad439ab9f68fcc458492de12811fbd57ac49d868754da19279b4c0a38979201a588884def5677392dec97cafc94bccf8914d9f78575711bb6f2adf4116db91c8b54e36e9ac2f5e01caebd300acd7bd45eada69d20f1b4139013a8a614069315a1c99137a6f23e38f91c210e0c156c6fb498056e823dc41a05348ab43c2f6f4ce188d4e05a13d38f8025731ac1670949a040" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"63954ac7a0f989a458d2b4a6b7013dd66683624584b545060bd03a57b92822ef422764bbbc35fa5d40d34145afe44bec":"":"7b25d875dfb03333cc27b9d4286d00a85ea5921f4b8a4717b957349eb3509053":"8b70d28c5c80086c0cbbd01337ad45297af271d4bafc764b0fc5705700cd419d":"297752e61c4ebc4e1c68391335e2cdb49b0f19dafe359e451f8158fb7958d32a98455a852002d8f05169f438816ae6fccba1eae4d1fdd7a1176b04831d7ce892f711ec825062ea1c6b12144bbd3a0aca7f92520ebb87ac6045d2ac3a4a74fa559926f0daceb59d44fdb39f5fc3b877f34241531e863c153286f3f1b2ba2db4e2c8e2344be40c2a7a8cd01daf168696ce19f83ddb64d50e2313e78c5dfcf077f25e5b4d6f687279119ce856d4131a63ad133cedd020881939bf70f82eabfe46db" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d0944e0a3f3604a588271c8eb65913ad9b07ee2b29620f8106ca70ec10aeb896bc9b2b519c77fec5fc419e953ceb0be5":"":"d58593f2488f0a292ab552dac006c94b20ff500dd57af32be808921a5ee251c1":"ea9e579c9dca67f07ffd67d2483ec1fac3d2ec22fefff73c7ac9f125888d7a4b":"ae736da6632a7d8bdcc9e279cb7d3f9101a8f7dddeff253277d1d99b45c76a1a5c193334e912c3dfdff1bc389b209c3b29359a4ca53765a1e40cb900c6055d8a285cf63ebec79b46019efe95d5199f215f11961f3319d225bf3d60734fbfbf3593ab105cec2a17e308af469b3220ef7f055675396d289e6f4f8009881c8a2b4e9de88d53ad13e8bed8b38be6d8988f615b4590fde3d91caf50a86eac3fbf29924743145803978d261132b5975a9f108499250314e098e57c56e2f9327307cff8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"1ef53464bc7a441227a27ea7b5c558dbb3f509aaf880213cdef7e8f6a1d287c173cd5b3148d46c48c83c5cad3ccc1f50":"":"b052a66992fd8a8cb02c593edfe4766fcbcd3505af29d698e1f4db398acf717d":"37333448311c2c6edee19aadb8f1036cb60cff2a945c1a0ea087713bff31e915":"4ea7054659cae1cc178ef431aebb64c2c8dda3a965ea940a84c00d9790e2e3a33521395cc4d49038994aa4c7dcaf0b52b44375d93b625ac2281991a85a5acebf3de552355e17b3528faf39d392fed981400f28540f5ca64a4d2eeb952c88856c8f7388a49611810941b46b1000ee4a8aaaadcd39944c4abca9110fd6580093f9303f86a6e129d56b5aeff5422c2261af33523cc6a174e0782e13a026c003c17430b8371bbfc3d51c3e06fbdc30769a278b109238bbe383cd5523053fe589b72e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"14148d69d583d4c1758c307e0eb0b762511165823fc54096f9da5513e87df53b96a7be8d31b8a38f24a82d846b0e13ef":"":"e05f81f6402c52dff5c221a2f191155bb56abe160ce7dc8a6bedfa029195a612":"214777e3faee7d953b5c796675e106d50cdc12836b3114d14447ae91cea3c1db":"eb0497b32af8a91ed3959c31b079b8cc5c39db3100913332fffbb6b1d5ebbcdc97d6e67c934f3336197c9b730d80995a7d7445e36cf3047cab22895f244cac803eabd001eb1ff5d5645a803c41ea6dde6c972b47de0372ce901667d03e2e02aa0a5aea809e0bdc7430440365908418ce6066c24191ace05d6a797ef9b94409989cacbb9d9ec31f3cf0112b72e1420b47e0c184a8aacc214d55a0d5e0869d09303e4014de0430c07380006ea75984e6c32b06067d7d7b931e2b74666b4b569f71" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"27d47020acc3a80a55149fa0ef43f684843ba89fda4bff1c29d20baa2b21956780569b7fa0c4078d9ff71a3790f1be3f":"":"c03ea0b88e2f9b53f902b22746bf4dde09439c190a7a638e3cb990d86739dbed":"3ef05e71487cdbc209b5ab6e808e55f0a93bcc02df766b01c1c1ae5875b1023e":"3ee49e2a58d800d922cfb66284da84bbb5944c85f194d95f1156b673392132a430e47ae74f1ed7c1d0e632d8cb604c88777437d8f37e7d0428b834555a96800540bf5bce6f430328fd328baf4b22b7f8e663c1d8583bc0119248588840510e11203cf47dfc4f6cdf8344170a341fbb7d93999ba86be3fb94d9c03922fd3d75e3fd5b42365aa62606e352676b2a0c51fb030d8d5605e8ac6bac2b4f8417d8e060148e3d4ba67b31e5e704d866bc87741ba877d12b10e8a9b37f3feca908fe1fc4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"88b6550d49182ca7321d8015f780121223a93343dabaf21978ee2818e7bce6591d32b48eb4642069adcaa5986224e6d3":"":"809639f48ebf6756a530e1b6aad2036082b07b13ed3c13e80dc2b6ea56e70a04":"3395902e0004e584123bb6926f89954a5d03cc13c3c3e3b70fd0cbe975c339a7":"4a5a29bf725c8240ae6558641a6b8f2e584db031ef158124c4d1041fe56988fdaee91ca13925fee6d5e5748b26cc0275d45ef35abb56ad12e65aa6fe1d28a198f5aa7938fca4794c1a35f9a60a37c7360baf860efd20398c72a36b3c4805c67a185e2f099f034b80d04008c54d6a6e7ec727b1cace12e0119c171a02515ab18ea3d0a3463622dd88027b40567be96e5c301469b47d83f5a2056d1dc9341e0de101d6d5f1b78c61cc4a6bfd6f9184ebde7a97ccf53d393f26fd2afcae5ebedb7e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"2cd968bacda2bc314d2fb41fe43354fb761134eb19eec60431e2f36755b85126e3dedf2af9382a1e652143e952212d39":"59fa8235108821accbd3c14eaf76856d6a07f43383db4cc6038040b18810d53c":"":"":"06051ce6b2f1c34378e08caf8fe836201ff7ec2db8fc5a2519add2524d90470194b247af3a34a673298e57070b256f59fd098632768e2d55137d6c17b1a53fe45d6ed0e31d49e64820db145014e2f038b69b7220e042a8efc98985706ab9635451230a128aee801d4e3718ff59511c3f3ff1b20f109774a8ddc1fadf41afcc13d40096d997948857a894d0ef8b3235c3213ba85c50c2f3d61b0d104eccfcf36c35fe5e49e7602cb1533de12f0bec613a0ed9633821957e5b7cb32f60b7c02fa4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"023f5673dac29f62245510d0a866629c43c64bf35a0bad30f1270050876cfb1ce80b615a5a47ecb51217a46079e11fd3":"a6f797b155d6da01f5d155cb7291442e1b82d4190e93e279fe5b4aaa7d04ecc0":"":"":"507b824443af5db28f746229e03ab00c73cc3ee4956aa14b33eda00dd2b9b645c132dab7dcdbc659c8ba0e1a3575fe7dbc7cf9691f9b714acb1b33bef96943003c992f661e04fe9e8b9f648f4af9a58a45b08b8fa7fa3704e6bdc289abbe14a8c7e1747a52ac916c31ed079de0b900672e658a201279824d0d75ae35dbdd43aeab915653765d83e46f347fcb4fe3321fc28abd2d0d26a662661582ce21b6dc4ea6d1b236e9692a83c8ba0fb299157b80623ad4f448d25d57f537b10e5e30f80b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"96b5bc16ce0d101b90d54da6c4b3d85a70ee19d54cf4cde3d048afb5f758a6b52ea2c10c16feb71cedfab9bfa9e462f8":"2ff415e2432d2e6c4279910a5e56c0f5354a5af0099132d891943b4a8901ca6c":"":"":"ecebe717afe6dc08dbff3ed626bb06de0f9784283b70e378dec19d4fbb50e61b7be48ceb69851b2bb94641aec5027d53d314a96500a9bbb38a87c9aa42ebeb96a23cf29a0fbd5e48b399daa1b24dbdc85223f24b7d77332bb1a137ec709d27c008c709696cbe44bb2fc19fb10a2fad4ffd8a9d89492a939f2268d1557f44b6a64e2a57887830fd8bca1b6306aaedbd7f3f476b827995a1ed121388497edc7e639c87d092f6591a45b5647c6c091c15ed39f594b7fc4ae92331f96dd8e17be970" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"364a833a283a3e0b8a5b681daa50df96d806d4b54828f2b016de5d88597e6287d98cba8fda464d21aa1cfb7b26b9b226":"35b0e7534014dc2d7eb0f20ff78a69d5548d0a64122d4936a6ed177fb3ec66a6":"":"":"df4c799cae37173a81c545d019ffa336ef2c039a5865af425e5b60bc3d7202f4bc1aac5a84022bf4088061abd5c39d0fb047ba80163eb5dc8b9dd515948f16915832c6f76b45acc25b9c01e7f70955c0eb51bf50f00b24bb8e7ff53bd7c051b53d8b1a837a17a00355d7eb21e43b2b5b249dadced37d06e7047c2fd12012705a59d051afd26245ce3a59acb4b996b718c7dc1ae964bf12b1db02fd6c06ac2fec6ee5deb02c2c830110e9bbbd3c778a136b646ce2a0738563555a89409c56b81e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"bb4d38c775acdeed663256abb747ec25182bc16efd0de02cb4b05e4ad4749c92be6f1e856e423a8f3bfb0c0f27ad8210":"21591e796b7e68e7913fefbef4872af9c062f21c8023c0dbf47e040c3aed3733":"":"":"12575776e1b9f54b0fbc39e85a77b6912160bace4f1e9f049e3a1c5bcb452cf9be42ea10c028c3cc249401ac236dd3baa53ff327735435f4869d3289bc9465ccf15f826e4e4fff099986bdde0d09bd12e3caddcf452eed6ca1206ae4561b84770a9cc6e962567304ef79d8d3608529a3b5e4067fa83c8c35a06f1855da5f5ea7eb106e4c60181d12ba00cfbf7eac60bda00571d95c45c9d75c43b42e27a238aa5e0f02bbd96cde59a2e572934a99d05c399ffdf15c65f173748734c51999a29e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"f9d041d24158f480600c3747cbfd868c3f7e9ac7f74b3760eae5320839e4f5130f8477d88b1d914c0d8b375d089a4c83":"b148049f4093f0032c7f105dae219aa9e3f70487ce3a6b6ecd99429f66be5406":"":"":"84c58bf473061da92fa8d56aab3a75598428f18dca504191a51746eb5fcad8f784eafac5ea81d636d579e330baf7db95c8d706432e9f585e84da090c0eb40dcd819bf10e0d5b8600150d186f732af50b431c596c920eca742e6555129fdf5df96b44005083d7a33087b150d63529bee4b6e1ed4189ae2d93cee8dc671d47c0e74ba04218dfe273484a4bb59a57743ea56843d516ff2c72ef9841996d31b0d6c5beef367a6b44cc84cf4d403a06b40406e4c9f47da401e3cf31412694e6164dcb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c18f511ffc3479a59357c17c2fb3d1e0e6f0edda4c8b567f2413323c2037f2fd140fb0cf33eb59526d8c0dbd216939b5":"7387aa3b0b3d92afb29761d3d5ea16e32a68297b9ea6751e1d54c8612f6351c1":"":"":"949bf03868563c7d1498c69c327686682656374b2efdef6342e69a388229c580ca2217a9332d3ae77c2d1223f5dedf4b34ec50b79d5baa7283168ed7cbe71c6c3c9193bbe01b76e011c39d2d462017c2c74b7e698fa2140e16886a9ec0fc6c36decbae37537638ccf17777f1cfa49d2c2c7ba3aadd0a1565d61942de94aa6fa16ecafc2dafabc9082f23e75a0e2f8f79d1c0a15ce57fef7655f1a4fc6fc4d4a694bf6ca9e333959f35ad354524f614905c6a52ef8f524cdf01c5fadadf207772" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"6b09295110384eb56726f61474bdc532fdace31ceadb5fc23d587356cfac74338ab6f9d89394b907edb646650865a3fc":"7cafcb4db31ab411c396015b8bbbc990607e08bd1cef3337dfa0e295ae024f9e":"":"":"e51bc5b3a6bb2a2667f5d62c2ff9902dd07b566870b4c14242627da7581449ec985739cdc2bb5ef036033fa798112ce20df06d46d61aad7121b8282fe7556bdd363cdabbf47184e55edd85ee0b7b0be17b9a7f822f4d8906465b525c16385d0899b6c27728ff2a600870aef65f58f9d3777e8987d86e59fdb69cd232e7289fc75cf2174304137f988a17b60c57af84cd8e556aaad458f511fc0b3009516435c0c60098f35fb6a4a90d90bc6071d38000703ef57cbc19d6b78a0f797f3ba044c9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ec6d0f68240f5c47e822d9088364c6cd03ca53808162b4f06f5956da65290946f4d26653d079e50604f836c1d798243d":"b40b5737cc76c5f6d1df0f13bfbac7e26f92aa933125705b6197d9bedb11f2e1":"":"":"207833cf65599e1406ddaf3452f060c872099cbf7483f1f7f14033490f7258ca5fd7f5339f914498b6e61fa426cb872c880a9fda9b8ba590cd8006b990af7ad412f60c8b2ad969c2f9cb0e9d005943d4dd2dd7af9699046ce89d6405597716d43b9ad54641c2278b04b2bcc5b8ecbcd5e2044e4e6ec5a628605fcbd67249e813bb769d7df01b60404d030e69e9672b4fdeddf82a22042b83ca036578b69f9a0ad9702bcf95fe846705b49b0a0795dfbc4f671e0158ded6242bd8f8fbc2410c46" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"df59ac224e4ba1b6dff348f17bcf9c5a94a3235a54f2799a6cae29d8654b79d18b09b444a28a7d537e1a2bc89e95abd8":"14a0a91e0cfd63ef5fcbe2e8c7a44bcf5769c9f95b6c50bbe9d3b48b82a09053":"":"":"656438e7738d441b9ac116361e9f26adc0e303da7889cf559841b3e44127318edd356051bd0b3ecea78feb2b928227921a0c183c9f56bfd11ef31b28da6c78f3891d8ae1804bc158fa56e8b7a1a46be4954de493ef65a7f9beb46949a323a04e944034db30b19cebd8b70bfc155882ddfaca1bd5acb981c2c1b3e0862c6234d13093ddbcdff15129d586fc24ea2fd20946fe45b467bbbc77a6b6973eb6ea02994607c657eec29e4c4b3915cb730db056babf1779127047b401e25f97f606063b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"8da1ad6810c1d6b7ead210e48f51c370d4520547a330a4d591e61a9847aa043463f69d1b237999fda9b5697f1e7aaa07":"291c536dac72409e31e71cafb1b5f55c14421b2c7a44d792cfdc663dc8f62692":"":"":"c2bff571554c26bbd4442fbb3b0f8eb4db09840337658a7425613e0fd4f96e60da39b250c3a77379a53325a56ec02248c4d67fb9154e3b0eb8972a3109aed531eccc027705b267d2b9c037da79860d76e5e980b5b30b7ea588fa221d24d973f6d4c625de65123e91613a1528cdee59993aa827f319a759412f20aad6c50fa79a3debeb346ad92809470daf228cf344e09f03c839a28d580a2b3d7050685ef51e95649aba7228a2f0c82a2dfd89cae6ce549e8b27fd46f02feb473645765018ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5e8d6571f514519de6c4c0a7cc5b85df616735b8dd09c3bed2377499aaabb296a9b2c94642da10e8fa737cdfb3129334":"6ae29c71b76fc48f14a3d731a0f6f276f73e7672eff631dbb1d22b06463bb236":"":"":"5cadc1264314fb4bc7ed7fa74bfa16aefa624bf2fd60c992d0cba10429c56e0028ebb430b1a1c6662a9b3c7f6de244ca000ae63db9570f1aa3e7ffb1e97a9d848021d8e632fedc037712a29abec4063b9d57c60738f0af0b1aab3844b03f7aacc65d38bec91a11b7c3bf8d970f01e00fed9dbbe9e2e499a21c72a7c5a22864125133ecb073a4c9f6d9fd46024f5c1ee7fa447209afa6ccef1f97ae77ca67fca5959dde209d2597f87af6e154408579cec42c69fa9b7cc075ee3e37ee3d91ad9f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5c9481b2642855fac8931eccd1bd6c5a05b560a55f96d37e865f057a95812d81fe65c84c96a990eb7a302b58de723cb4":"b6a61b9a31207363d62c0b88f1632290f4f18feb41a6dedb85b7450ff9157016":"":"":"9cc77b68e1ac23fdd2e2a6ff697053f816bb48b39b1162f7aa3fdd2dd1867f68b13980c9e5989d4631b7983248501731326bd7bf6e967b3dee7d2d5625d3cc2e198623af9f77f86103491ebb4aefda5c333b51557b8f643e6d6c593fd7e27e4bccca13140f6129cbd024de076e4688567fd7e41dc7b2bd0bd9b3e966d5d3c461502221b52b001a4d2102894da04172efb900171a0eabab1fd134217580cfc33a0a94edc0bc132af91d048c6f5ea4e34ebc9686a99f81d19118ba4da63ae3df7a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c43f883d0adc2b56984d4a497a8ad76813a01df5a0ba22b53144763b65c7bf3f6f722e4ceac59966a6e44ed898e6109b":"769bace2c263edb87101743673724ef67a935e1ae9cace87202b6015d20fd9ca":"":"":"ce61480953190453247d091838dd80117f7f85a7e9a1237c92edf10cfa26b423735788b1e89f33625480d9faae57112ee62c8e4840475a6a738018ad3fd4a77efdd8f15ffb621c429419b6adb20431fd35f9d62fb33d500b87beac4856aa4971eb89710576b609ecfe758f3682dd316e7ee9d6560b444c2446656c8941dca7d6eaa70fdf8a70f18386ee5d4c86738bc261c0e8e5f509dabffd0425a86858ea3c71de5be98570dabd80a37b4f7f954002727c0b712e58693603c23130a45e98df" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d083f7f8c65374627ddb51582b3a39e2bf074508d5f28ecce25787f386058de8afafaf2ad7e6449308e176be01edbc59":"ddb4ced192f52bdfa17aa82391f57142ac50e77f428fa191e298c23899611aad":"":"":"b978826b890ce8a264bf1ad1c486aaf5a80aa407428c0201dd047fa1b26e9ea9ff25a9149215b04c2f32b65e007e0059a8efe11481926925061c748678835c0066f596352123f0b883e0c6ab027da2486244da5e6033953af9e41eec02f15bebdb4e1215d964905e67c9e3945ec8177b8c4869efc70a165719b8e1f153c41744d44d3c56a15822d522e69bd277c0c0435fa93e5e1bc49bc9d02aee058a01a04580a6cad821e9f85cf764fc70dfae494cbfa924eab0eff7842e3541bc29156f6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c2feb900032f2cca98d3f60536f563d8ac9af5fb2e90dba36c371c0a1c58cf5e4a60f2be0fa13b8266b715be8aad128c":"8e6f9be0c692648072d19c750804b10e2ec313c8013abd363de7a467787859f2":"72f54ba3f8e71ad69a040bb8493283acfc8815f17dbcea220ecd68372a2dffae":"adce8157ef60482841dd2ac5ac512bf7649120c1dba81ea75f2a70b7512bb6f3":"e76e4326ac69ddbc6b2408c529b05a96425c65cc65671601191238e9434d2a0147f3a25ce9b6818774f5263c92459bca421d2b492f9a9c2971359baaa1426d6e2c36d8924f39d02ee2fb5502c4e0b206dbe9aeeacd508abe6c055d547b5f9f35de4fdc9c05a2c63ad699a3a7e265598b8f40a8a295d7376b88c49af9edc790b8a5ee221e19877616678e2a5135d7b3756109200439d9ec8bfe0cc5f3c334ca9c022ab9192d5d554dc7ae76af1dc06d814427f46a7cfa2dcc62f4777d07ebde7d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ad500edbe28b9a4338b55451b81c652797eb48fba753c186ce0aa9ad02a84ea2c995b7ade6de0fb4ec97bcbd61b711d5":"5770c41832a4cdc4039a8c332a4b45e7a7b2dabb678ccd2e56452aabeab14925":"d8d5516d158b41cb9d66566b88064900af78183f765f2f72a19548fb797377b2":"60a3a01a72e6b3f33a0c236db08237e7d656bdf4bab1db57ae23b7305569dea5":"c5ac3df66bc664e8bf84c758c7926992f0e8a03cd3f3f5fb8277c85b4da526601e8131f9d205f35594e101a86fb83ccf4c1e98c8e609062256701ff2132e337cb7287f0ee2e8fe3ef11ae703d7efe52e63cf89119ced05950c55aae6c822b6b0a8e1b91b537e5bb2de165a4b5b43a1c41fbfd65fff9bc5329d303caca84f5d1fc6acacee622623ed5dde36aeda0816749557c924d6ed26cd80e456fd0ae2146477ccb63a203fe16ac1d0eb2d12b6a2cabb21d412422e95f2df8ccdc23b4ef0dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"51a29bac53961792077e88ed3603d33bd1f51b3fdb2b5cd1ea131c6f643af65de81eb2e260396d2a69b4184c4eb98a15":"72e5285b92c4ea4458e8a2159687cd46e7df9c1f4513d8b72cc88be41c2e1522":"16a69f7aee34c567595f3d362ccbdbb7b9e9372c4b1729fbb80d9a089eee31a4":"825197262a43f6523182f0a91005d70b17d81c2bb692edfd02ab988130c7d5b9":"f63f531c242a295d7796c3b4844fc74821af5a53e0e7ae822cd8a7f9de91e6164164f3448fd7d18feafb97c9500e0625d501dcb3927e6fb39ef65dd9586d157076436452bd3066cb30d1f47dc0a3ffa5f2e9ab4e183018b40a82b39b0d170aa21b05600eefea906838b95456e04cf046808030a56951d2502c5eb6271228905ed08549bb171d6c0408d88250785f42e349ce1d9e74a6cd0360a008ec804e7ecdcb4d1fe24aa5a18cbb65f4de1619a29c6062b409a386ea6f43e60adb9ea3dd28" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"b30ff9c6e5b6bd258f1cea0fd5ef9adb81fbec233ff2fab01e79b7422878b2e950604e10ab80ddceb9d2b968d0d37ba9":"e8acd4b380aace0b27572057eaa947e10e6b49516140139c74a1d4f472221dac":"1d2ded0003521e2ba6a4a3e732e0949c1d858fdf0925fedd9cfd7f603e0e692a":"688ac5e7b4400d962c106fd2ce712a1cda6a0b8ac5196ad727f9b882329a3d5a":"c5208fec1d67517311a42bec07782ceb247e9c818e4f5f3bd160c9e53d462b61884feb278cdc8f64e22f59d27dfa98d3a90da8c7c5ba28ca40bd0d18934595a376553d1a8a19de07a83e2e9db42748c982cbcbf4a975c20084ea9cc6c6a41b571faf66b364e4b7e4d32efc80c30b219da1c02a1ea02f6922adbc31a057f999605a2d827f10907835c2bdde4157d7bf2906a0ad27bb72f113c6ec4f23631a2b8517bbce91b560d90d73fbf0699bab21da23e27cfec513bb5e375f50108197d664" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"56715dcbaa4f5bdbd157bdd950d1c1b46c1f4f8d7818ab321d72c0ff3c0a928064b0439f7bf021dcdc7febf2126e5432":"cd5547991b525f7795e075a59af1701375175bd760db99d316b91463f87f7f3c":"b2e4f02f1c14866f538eddab402356ff3b405abbb9154e88b98483a83be70f7c":"b8db321ab30285eee7f9e377ad62def6caada447d00a4ec882081daafe2ec009":"7ed8c2be58e3553eb65508377d63d7f24518d1a7235dd4c740bd987dd8bc1c1e3ca97a69a37dc9a270ad88989e4868e6cf8e4cf01703c0b1eb6aed8c3f8af431d819e68b6947ae134d360d87e33668cdef0e45e11f5cd79329ff95ed00e4a6952750f1574f489394b5fde3c6f07311a1e5d9c4e070a0943ef9d4a130a9e4b0a80c256e96ca5042961766874898ea0f772b78d1a33e866351a4eb425b822b5ad596cf249bce8ccd6dafb334b71a503fce2c8fa3fbac9943910ce5ff02ebbedde8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"1c60a31760019e6a571e2987e57e19adbc1accf3edd44e501061cbec331b197eb68d0fa8fa5e3071d6f8b7c9c0a3c35d":"d4d84dc7311096791dd9c9d7f2cd291071f877afd86b9644427482d09ac9df64":"6473f4430398d7e5a2d218bd05e6aedac1e317269df3e4705d56c22d6e7abb0f":"379649b56a46399b9ab5f3880e1a73993a58cf52821d3cac87890aa0e6322a94":"d34152fa12fa341d0326a525aa838558630013857747f02634d24e9deec2da12f52fb405e7f1b973dc2d982d26eb2ddb4b49c35a9308b06809171dc990a4248e6da0c329a259f495247b9fa8c73af06604db7b629168e34081696a043977dd29a3c0362d5895f9aac24bcba58dd74078ef6f8d33eac864f2e6cdc479da3d224bad8099d011e914b6ccc3631a7369586e18c71a4087de0d47a7c29a09c12438c7de2d4b47768f47685b742c25b860e716c31e2afe4ce6d92bc2fb9f34400602f9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"eeccce7f7edc52f0e2559250be36526cd1839151a77c59d527f66fa24ea4d86b3fb298c8d72b6a0a8e191b60259d1fc1":"26d35895723ba3d431991a0e6fb2154ae5bff7e58609c926ee3269afc5cd631f":"227b9a71a6c17ecbf627161fc627f8f6f1a28ce39772b7a3d36064e2cc6dc4d5":"eb59f780c5a955e1355dfe15cc4a4e90a6ec75584e63bd0de734399f47b95070":"78ac77657dc56b23e617a9b38168da945c1cf52b6062c2b10f1d7a3814d9b9efa5545da050b0db5a65a2d2d2e02fa12e97eb970fa8e83c524bc809d675e0db35c9762323f327f1edb9b534ce16d02519750b41ebe51f747e9da43fd1afc60e46c7aba72e15cc7a22fad19ed55189f287a14737483eb6b32d966c3e3969d8198f01f2ed841f20d7d2e156d6285a29e07f6d7fff42bd575806c4092522b03e0d1b8df0cc88f5b82d24a7fd0feff6ada03a60ef2541a4ab041a49aa973c7163bf94" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"86f8104a081c9565dea5652f20145a068dadff125debf818262d8931cec6ba937fd5b51affcebee952fb67f29f197267":"c7ba5ff828855e6e78fa1732d63aac1f49701ff7ac1f3506e97941f998b4e9d2":"6917bca15db53a5359e5c4d30ab4d37fc6a1bc660faaf2e74864cb4aa52e0e02":"eea8db0cfc04f8de14d6053442b5b4f8733f822df4be5966a0de8b0f7d2036f6":"562b8b2fa3bb15cfc3f7e57f309e31b13c790c928ad6b32a005f5431c28576c5706c4ac0dc2c7a4435bebfa06571278f485932bd94382efcf727b300b230da9b9e9f377d2659ac75dd8247351d5ed8185effa0f255a2a2136e63717e0265d561a34c75ecee1c774c25e33fd938696825686acf9a419c1da3fa1ce8f695e231087aa0927dde6ab487dc61291ad4700c5c608fab1a418f6b30ff97b8b8f01ef8164287849a77b21be5d11d82d0c19056e07d59a30f6c576705c6cedcb9f22d3a8f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"0db6f73ab6d31ddf8f78d76961310d68f081c9e6d5985e1883978c2dec48d9f58875ab658b3a8b795bf464af9470a90c":"d886936ad36549a10b5dc5d6e21203abd75ad63f826794b4adaad45a70424c5f":"76993d3bcc32546430efa30e3b30acc34c7672b6e18c7e2e9a1f1cc26f7f7a22":"54c72cf3457e6f5f6b35dc14167fee9383c44c867f233ec9d81f187bce438c0f":"c3523894d273c85d605d39f5b89e3388afad8c20787897b903d8db7e3de7590340174be3abd7598daba7806ab934e0feca02bbe66282d469ec01476bad5ccba59fc14cd9549bf4af49641f4326b1052b179c89194d21bec0501c97ef2c24aaf045fd348b765910fe92c0039612e37baad2445b57d9db6c1e550adf6688a79b117f6b7a37e0209d89f194a1bfe1ff2e3b28f0454b383af8872f32322bd5313a3c9ca48d33eab7c3807bb98f8f402c43b99b2176f0b33be08c7e84c86b26e971ab" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"3b1ffbfae6ec54a175a80a33c8768fb60f2af9ee2b8620c4e800a17fb9241ae47f77da414f67b5d7b24dd100355d2afb":"0d50cf61e2020a909ba6e36ba4d0a394579d3e4377cd4bf0068967e8d0fe7a78":"5d4efb3f6e6503c5d85a1c43398d0441ce8aefafaabe2f6d86988a24e033f502":"cfb6156a1b139abf21c73001240997ee1a8cad91a4bd777c0372c1e8fcfd3fac":"d3ef776c8d77fcc5e947bf53e0be11777e69c7dce138f24c1a3212d1b6b932580371479b7619fc82f029d92969628f810b54a8fdab8eba799e750945f3545f6a96226bc760ad736101516efff5d8581f5864b38c29885d39843a4adca17046e1e388c890542988797b576da64804eb4101638328d3f8bfa398ffaf83cb7290a2cfd39ead13290ae773a8958b33914ca02c8ff6a069aa25ac8b36f6f0f1dcd8f1c5fc838083a64ae7ae11b85be3a9fa80ed83949b622002e91776273fa32d6cfd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"19767ce1f18aea366539642fad400a03a675b2f3c0b1cfd49925e535b2c2779043c5a1c57ef550acae733729516aa62e":"6bfa882c1e895eeffbb85578182653c022a4703091529780c075cd482809b990":"11236df1dca3de6e3e3a57d2741d1b77f15f45b05beb47cc500100b31188a42d":"98708a88fafae56c4f6fa780c6c0e33ca8f2592983b5ae607146cd6e92204416":"b6514a3779dcef2c9ea0ed7ddfa808d045c5907314c358302ca32b2055987a38ef601637cdcf77b1b8f7eac479f8f18972013c2e1a6dfe612e8a586dc529ece486505534c0ff3dc0b2049a0e46d7ac504a1fdfaa9b08d9fa017c5803415fa391ba7eeb576fd6ddba4404feb46e7cde56e090dd280be5edba7d6df9c5ba7d3454bcbd4d443b08fb51a117c1d5916f225dcd6c1c3fe2b2880f4d42962befe3ab76bdc086e29381dd985206e3e00ce722c9c040af5ff4cd4a8183b446d91b310845" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"f63292bab50668eb14b83975422a0c853fe55714a9edf9d8a817ba0b2f26ec40063a86ee3c79c694273342a02f68ecd0":"3c525956838e26b77b8cfc37f024ec398ed825076dbb749cf49a7d868c201e6d":"d9a41b47c3bf8743099dc8fd228f77dff01ae304761eaf57d751e11cf094bef1":"b790c37dbda20fbeafe9d1339a1151144253bdfbffe17ba87240eae49c606bf3":"3586b63315020b3ba1121314a0fa6c66d57de0ec44abeef7b7325e960832b7944cb0a81a747ee5c5d3163001536d3e5ad2ec869b0e5ceb14aee2e6915073619528c1421b59b80254dfc3cab0584898b0bca72c76ae25f52b7405b9dad38cb2b841e1d6a34fc5b277129db49928b2f6c0dd22900ee786ec128164ed12eb324b502499f1c5c89be2101901476b39c56034cc293e320e63a3e019186d4eaf9a098136e8c0ce7f6326f84ec95992dde2585ad3945a9534aa2954b8c15a48e3324d76" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"3df74683f298ba48648714e384989145c1b84246736dc275636809d64c75ff603056e703c435eacf21c0bb152d9fc2a0":"371217ca2337db03c4d06714624fa11f90d5dc575bdbe12a457c610be066dc2b":"f26b9cac8df57a33e4b5868c36f2b9322994a98269dcbd7956b93d147dd0aa27":"0a6db86c3abdc39878045b8fc2d5f0f77a8e298efdacb4cb9f74762fc23b96fc":"ff5252b7a39460a73094b9d668b53d1932243caa885c0ecd850612fdbe7e46cb275d079bb75a6b050191282ccb11ef255d52cb763618c4b624560d79bb9a5bc99319783de43c152e7aa7c4cd879a75869285320a9b749c897bf07220cc1bef1edc494bffa6ab93dcf839dc15f6f2e508b9e216e2a1786b75abfb01bb7bdeda722b47af895f551670f9562d9f9b78e98ee7ea5c5ca4f836af5bf153925b2aec055eee8164edf3f7b72e24b1203cfae1834705f74cac8c6043a3c2abf6bdf28fc9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"53d70692f0f4dbda23d78660f0f08c7e70ca94441f1440348f76108874d13ea14652725abd1a94d315364416c90e662a":"6deee916ad660811cf05b5652f32df4e97f544ebb57762617359159cc9a425c2":"acda427eea1c8c6791be6e4d2b60be30302abc84d5c5a13be7d510004b8710c9":"d27d7f598a14205c45788665cd062135b6b65547d3188959e38ab675401d2b62":"f77f9de60e95da3f1d0d67b5dde29b31df59ce980ebdbad7b5e0a0051fee39e1d6fc4311f21efa016039bb05f3b009b223be6f2c007b468388a8a19bb468c7b82cc93dab3e160b2b72fda1240fcceea01c2638e9c8bd2d1ed9ff9b55bf69fba4b6ae8e694c150896ac6233b75567993f9a9adf25ca0f0835b9991ff4b8d3f4f1a3e4c5f9866d98b7a75196804f996492a61dbab5bf72f87658e2300a1b0777ef7f43ffe8962f6b6708d2d91dcdf6b430cfaacb3289f74cb0f67370bcc9af249c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"85186650694f742c3f5f228f943788f05602d4827518908fd09a1fb445d8333db2d65f376d48c66eb9e0498999e1ff49":"499928c41841324749143be9cc769899c38d6f6e6933e56898896fabcd802931":"9574ca51f21865c2fb0efc75cc9d90ec5e9c43104979cd64d00ea5544ea01c96":"c0df840a18d7584b62c70b2f057bf824168edb673cb517cd9dac89a0fc80c9b4":"b31e50202f883a8563cf129a0d5f8a33abad79d8ec8a97167ed7fca778e5892480617cdf50b5e51547f7ec1bede35020a311572c61e33e9c82968e8f69586daea3dc19063bea56503f8ca482918d229949acd6f1c52cccdc5f7f4cd43602a72a5375f3aabfd2834ee0494823beada2daeccbed8d46984d1756fe2207ca92186b506115f6de7d840c0b3b658e4d422dbf07210f620c71545f74cdf39ff82de2b0b6b53fbfa0cf58014038184d34fc9617b71ccd22031b27a8fc5c7b338eeaf0fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"35049f389a33c0ecb1293238fd951f8ffd517dfde06041d32945b3e26914ba15f7328760be6168e6aa9fb54784989a11":"":"":"":"e76491b0260aacfded01ad39fbf1a66a88284caa5123368a2ad9330ee48335e3c9c9ba90e6cbc9429962d60c1a6661edcfaa31d972b8264b9d4562cf18494128a092c17a8da6f3113e8a7edfcd4427082bd390675e9662408144971717303d8dc352c9e8b95e7f35fa2ac9f549b292bc7c4bc7f01ee0a577859ef6e82d79ef23892d167c140d22aac32b64ccdfeee2730528a38763b24227f91ac3ffe47fb11538e435307e77481802b0f613f370ffb0dbeab774fe1efbb1a80d01154a9459e73ad361108bbc86b0914f095136cbe634555ce0bb263618dc5c367291ce0825518987154fe9ecb052b3f0a256fcc30cc14572531c9628973639beda456f2bddf6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4cc8214cd7e85a76bfa735bbbfce926c0323fc348de6c05ed1800c2c8f58c6b1001eb1f6b29b35242a3f8fa2e90003f4":"":"":"":"1efa15d644e1bdf34eade3ff2f5e9ca45203ccaa1e534ac9b4287a846b71292b03102286d99f2be64b898fe909238f540ebc25f49522f60ef723a4c428ead530a97c62405cd5d9ecc54ac5baa47ac4f6195d637833f462d21a659b4903d9cfa6c9fd4512445f9abb5782899a6bb64592f3c2b3c745b18645301fdb09a6a331e9fb6d9654fc79c14ed83ac1684c755b9cb209885f86ff290a71f08a848b960152f05b1aa8566bd382ddd45521062831d7a0fb3a8bd8e112a91b5960690cd8585c1aa104514e3b9cbf52f6384e84c27bda2802fe9fb952cbf2bd607f869d0aeaa6b136c6a5f6e9b0522b6019b7ba6af6cff99fda612e024867decd8c0c6fde2034" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"d046270e6b7997cd5f4e9ed1193e55382191f78547a660854cf60bb03d039a3950cd147a3445f6d32d14cbfb9da0c327":"":"":"":"cdfa9441aa5eb11fe3ba50528ed731c9ff9e70b78da075d00c52d0e281e3a868f66a53a2a6a272d7e0b1a32b6339f8afd108bb9e66b04c3d6bc069b7e01b69844322df7deac66e605a9e2f43665b7932c67c418a77a4c9a302782d0e735795755613a1c5e90089f759d780fb3a984dee4e06ba3dc5a8c652549587d975e586a98ac6aba6563e2767f1a379261b9dd37992ea9681881ea7933b5c64093234c849142ced85bbe5956f527d46ef091e4d18df2a6102621a91bca51bf7aa4b242414dc16e74ae59dfe560c19dbe315e7f98b11086bc26e336dcefcb91c4828682da90d3921336a45fcd36ea4d1213a13213a132bf20aa1a3991b60b65de7ab9cc656" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"8c7c80b169160c78104c205e4492a9477e6f7ba1c3bb4daa86d222deb6241bfd2d2dcd5c40b46fa553ca6a2f6be96991":"":"":"":"1658a7552e4cc98c228072801f9ba230123e7f1f7dca7ba839f440e5f7570fd29c38b86a2aaca04cc87a56205b41d19e38998b47d0ffbfbd9bb56a6eb31bbfdce8d01e8991b82315c39f60c222298160e8d9f14b1a6038d8eaf15eb7310b180a8e2e8d05ef028782b55d4782d4774160a39896d1a896823f8b92a99abb546ef02cf189200a1a7a2fbb7019e4d8a935224c20d11a18e0d8890549666f6599c261532b036051cf7a65dd33bc0aeab8fa2ac9ed520f6dd893b9dc3cd3b87d02a0543eca0bb52c58b7ac4ab3f00171e21dfd3363229ed362f960d8a5fd06af5caa86018f9dce81ade6234a6992bfb9e2660d08a103dadd7d9ade4c45d691aa3799c1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"cd394508d86c384c0c998b58cf7017b7124269428e4cf39519b5815cc2d88734fd2cbc87c79063db588d90b9cb1569f3":"":"":"":"7c4de5fa97362e63e52e790fb66d4b067e8cc1742975ba6f9186295832d31c4e0c97b7dffa262b93b109621044a4bc89c9fc82211f5cb763974eb3a816fa7d7853577bee1c36c2c36aabe28559d5bd85691c3e3bd610e61e4c3b76e167526d1331459d8bf09ceb403062cc97e1229eb3a70af6049d291aadb002786e7d21b81c87fa68a51a1b9a89394788bab70783a88c883ca17eceaba455f357c611fb279e38f67e3c27c5ade5f95721fa79fc2da1bd44ca7f304161359da4e45d7b847672bc185ba502123a802535dbd167b2c93bf901626e23fcaba03c4f89625a930caaaa30400645680e5931e094aac6f6467b90b13c2be9c98744f89d113151cd2ffb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"a14be417001030f6a9c543f829715b075d0efd8fa35acc7eed02a1401c6f59dfc87b8b9255e62fcda6a35e52fa4a6f9d":"":"":"":"ed29a49be56e081f5b6abcd2ca1a16dc096071989de72a39b8bd544d2a2a2db5c886c0c29ce454cf60addb56cb4f28f959ccb7163280ef81e48dd2a02024c34a120301d359f03844d1af01f485afbe7c9b17288cf345172290fdc44e124670c5ca9e8590df6f9f63d60849c62d3921003532dbe3e3e6bdd75d28211365f6c489598a99e605ca671ff91552b5916ea9e12259723c0e1a633be34932d0c816c30b519c79656a70368b28fadaf5eb32eb6e47e00b04f152ace2eafc9a3ebd3b1b3795ad85e0897e46ab57c361fef2908041d365f73180b505ae2426603decd0b7dd33e2f7ac885aced4194999602d4d62a984233d0696fff86f7fa7a6cf993fb7e5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"b8ceee088f3b13dbd1e7cf230449f246a456f504d63fd4288838a50ab76576a3f400502913cf57cb2341c5e6a63fe9fa":"":"":"":"b4fe3f6caedf4ac7b93fb1c2f316bafa58487f28a37b8400fd1f32c963b04cb3c7eb601d0dd8a7e4538b14030fb0e97794c617366ca827e3afdb0f714983a6a72b261db8bf98d5fc48fb55158661f987d08e952913212717cf204a3e8cf1177f63e2a46d920ffcec4b580a1361253a689bf765200f4e90dc6b34a56e10cfdbf932fbc3b75da1d55cba0c5287f552d883763b83acdfc7fc9d762f79774701f7ace701f0b26c67217e022bf6b6e0602e0d68cb1377b5ebccb9a8e41188dd1dea662663e8aa093787d6490a4e887a34a27309c64c40e4ab2f0acfec4a1b8d419d99fb578aaa82da9166a7d7873e27226db20d313e868bcfa4fe3854d6fb34def7d6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"3c1e8a0199786fc268ee0ca0c0446d7363bd781069cf3a3faef2592cba06ce1e70c7c691af73d6d59addbd6e3f646d64":"":"":"":"06f44bebc2c1736b5cee283e530bb877b28651d70983c272a10efa80e3794ee428644048d67245dd3ca8b769b6bb192c9468a9fcf2b71c417283713d39e800225ba659c3273022f5177fd7867173f457f3bb66ff2c2e7bb2574dfee54438e35c98506c178d35259b04e7c541016f5c2d980074b4ea865203ae2e8935d745a02ab5cce04d233cbc18719b1900f2e7e98229b851d19fac02fa6e5ac1bc973b20a17509739bd989d4ef5a66fd9e19e3ceef2415b498843e93631b2b168167bdbb8db313eef4c9668d5001cb34767ee41db872163987c3bdc144637b52dcb767ffc19bf44fbad487b1eeae7957b497fd59a95f0988315eba73ab7206542f31c49267" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"e8a0925bfce66dee7e6a54fe0311d259bd7f7a22b8576d64840cc51c731212cb1763365deab3ab82de9996e5c8570eb9":"":"":"":"63ddfd70508cfa247408ec231d56df7905f65b62e5e5a8309fff5239620faa0f055d7b8fdbc648ded78fd567c3141e1723d197296c92d43fdc18af0c4a54fcd52613286c78ba7bdfd0fcacc7b11b374739088323ba95f30872d77b6aad21228253133d76d29d0d742ba349956fe71e8bbf3fc7186a3f85f144a9040ceb0529a713583c1fcdee756d0130b38df0964bfc3b669fabb6ec6874d17d9ecda9fa567890e42540185eeb3497ba8db80b803f63803442aec14735e9eda177484ad61bf0c76c2862b7691b4cc74efbe35203f8cf4f24aaaa1d831030f28eef8b49e85b249e6fe835964d53aa74de6a31424ec3c833f4b8b39559934bf5f23d4b1d450bc3" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"c493ad96bb20b2480bd3122b4b1ea51379f5fa2bfd8bc0fed4080995b162c609b6d6197f432c8597163feb9c5439525d":"":"":"":"764d3e4459504b490eb1db7b5ab8e6413601e449750534f4c4f70025026f87217010eb14705eae6e513796c7f20ecace32a063238824b3fd6956810066930bf425a1c585221c8f61ac64aeccfe8a3e33d164d02d5434e9e594b7ff451601874d268a2fd8de9922c36e67d8146fe553889a15f624d499a22f5109896758f30bb98f70eac11da1ad48e99bb4422acc5b97295094324eecf530525c1ba150886d053c84004c265693a4419602e5e59bf120de6ff054d0c7c96bc14e9b5fe1290c08ebebcda21744c04a2e78964cb2b52f8e6a70930fd1ded1f0edbda4deff91a3310019e967df3fdbfa228bec9897412a748201649328b7d784851fcb5ac1251f8b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"1e868c5fe4b59e6d4249854226bf1120a74386ea590e9c35c58d7ccdfad56d71dbf557da684289e96cbdd66cbd9cb879":"":"":"":"2032963be29c0d24c2631b1cd895124b9801a4d5c14c28fb34cbfb1c2467134f499153e2a3ec817cc4b2e4e06068ae78f5696dcee99334b0b51e9f29e56a3d3fd5c65c4cc70e10f9e0cea2572c28ec4afe0896d7689322d3afd931ff836be485f78aa179100d43d910564dd1adfedcd32e3e7e53b06c0a46a90b1173e4a5152cd8aa38f2a7e329d01c0b81e62be6c9fc8d1ff3db08f8c31c1e77c5d7fae619555c0e02c658486e35f27a7d58ce63b9b152b9ff528ab6a6cd9b59240f5a7b6b52dc3f6e47f9daa2cb8cb525d6760cf409ebe2c7641c3c32e330545bcd73da9eda20b7590d84831d4bec807a56994259bcd2fe28105f2d7fcdb3eec523fdef7044" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"55bc1c7358dc334b26412ab472dcf4210740cfa0ea688812d8b1a7fb257b979edbab14240cf59fcc8a7007553ac480eb":"":"":"":"6a9d30d4ca97dbfc2d2852bef044bbfb95ac253b27e588c67fe179f6adb81147cc1cb6eba6a2c4afd6f8b3f1c8d45b51af1435ebf1ba8596830314353c9b4d8aff9620dba0099fe0a1ea417b97fa4c28491fe6d2a619172127f18155840f90456bfbf1e7ff587fbe566d6b8eadd6ce594bfcbabedda37858a7610c8230f594861984dbf1e3ddc9eccc8b9d2ec3cba1306d178f7677ed399b10b995b3ea55586519e5730e52ee8880ef0e63c476f2a80d77c6ba802c47e9174297b27520fb027d134e17cfa6f99d59cc5f53737cdc2e663e1ac59bf74a87ab1064e9acd4811c0406ec5a29a081bd0efd1e557d6b6c9c7fe6131c5c00fae82339a1fb90d3be2b6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"d894820d9cb243859447cd3a3f6cdd125a9c4faece6ad756d288a15c5d24c39d776c5ea9838c4c34f39f12c1a9df6700":"":"":"":"ba23f7aa0b7f6a93bc0df32e68e78786fffb5acd7fbc2864468568753e3ddf31fc2187b20c229d0d0b261510f6442816d2226024b57306b474079c92c66a00be482fc104cdbccef0450b3f2ce94f6bb6a5125e0774a28a2a083f802d3c45e9d4253295f80ca4bc439f539a7f82eec6fd450bd196ab468ec6902752dced44ab557fcd3f6a72c47c0f18cec6545ac669cf432e2db308d70a7394ec772a34f14f26d7bf7d0bd7e4437248618efa2c08adc7de9231ddcc976ef8bcbd11be54dd17ca9fa515fee6827bf5efb602fe8f1cf5d67078b17601803c5be05c24edccad2837d0be191f918d6dc62742241728a8690db5836c2045ec9f8bfa87b768f4febf2f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"17facdf2fca2e1134674ea8e8daa609b4477f415c6a13a5c157f3fb7727dda6d3c1dd89ad63e781588e4b3f8cb1f2f6e":"":"":"":"f472b4c20bf07c170b3c8eb682469e88680d1fa5561d72b864c5c438c95c4c8a3e61f89fc30d5fb4e843e5ed1230778b48c467fa46ebfb7b56220a610483827f3f7f8ac307f8aa57a68922a06c8fa5de732a0d05835cd48690a2b3f734e4b7e74799ad774579a9eb296112f3e2bb68551af0e9e0e5e0bbb219ccb6c78459dc68a3663987156a50e72aebb219a1e43b5603dbd8055bf1e76a4468caee86489ac9a1a9a66ee7b193484ff3bea84341b62dab124a43e38945cfc99f2c4c15590fe180bb3e6eac544483aef710278213a83da85a38b6d140f33654c9d4f6b8ab3eacef1c57fd2237dbe8adf23b3aef6ab30327ca119b9e1e95ecd068aafae0d07a08" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"2c13e44674e89aa105fc11b05e8526769a53ab0b4688f3d0d9cf23af4c8469bb700ac6a616c1d1bb7bd8ff7e96a4d250":"":"":"":"f778161306fc5f1d9e649b2a26983f31266a84bc79dd1b0016c8de53706f9812c4cebdbde78a3592bc7752303154acd7f4d27c2d5751fc7b1fee62677a71fc90e259dfb4b6a9c372515fac6efe01958d199888c360504ffa4c7cf4517918c430f5640fedc738e0cc1fcec33945a34a62ca61a71a9067298d34ac4a93751ddcd9a0f142748a1f0a81a948c6c6a16179e70b6f13633fd03b838da20f81450b4fdc1752e98e71296f1941ca58e71b73ea93e99a98f58d0892fa16de6a16c602036ac857dd75f9ac2c9185932103db5430e80cde9131e814a0bf3f3e7a2200a7152424472fd27f791a854f29aecc448f8d3fca3f93290266df3193d9e13e08907ab2" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"a3da06bc88e2f2ea5181292c194a10b3db38a11d02ac2f9c65951d0c71f63e36c74e5e3d7ba0193bcd6839e9ae93d70d":"":"dbb7270760d8d262557807ce746ff314fd06598143611ab69bfc7e10ca5784b3":"8cdea882f894e5fdc5f0a0b16b7d9ac8cde35ed17bcaf2665564d4ee74059e29":"cb706b90e88380e5c1864458454027821b571dfeba0da83f712efb107b8752099514ef87b4488fbfa3508a00954bb03090766d2bbd399e71c86c7967a4e8ded57095a29d4cfa01f8d28c97e81a4cd4fc5be7fb32a0d6c230cb8760e656b74fa7e18e2063ebee5787958b272fc5de93f0d6837e55f0c360dc593c88fff30a428cae37ded52f825646e04133a19790c304e4b1f040e10439c5edf454e6f71b23eeb43cdbe7b0634b8e283a97806073f7f28a43de2d0d969b3eda380c185b785b9101dc905025c9cdb499e594de0f0d3eb41922c20994fe2c403dd5bf01e4b2c3ee6654d6ab9cca7d4d5ae59525a796119547eae6a3cbf8ad0e9b1de3c4d5a804e4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"462cb274b7def1ac0f9db135c8fa2e48599cfe2badf2ae9f6d06886b25dfb0cc250461f0dadd9e23cc6c08ddf4ae12b9":"":"b087ff5e230284aef4c90b5f9c48fec91b486f3d936d422475a2b12ff47a05b0":"150a4ca383c3863d9ae3212de9ab9da7442fcd5367af157714d74c149f69eb9d":"12d4740dd0c5356fa76cc441f9088e361d3e636dc7b1ee27a26e28218eff470e28f51b76540939d624cacf2e3facf0967e7396a42017f68789e53f4b1d216fbae675801b8869b06d173d42126bf88fbbfef60aea6c4ba15538b2d64f8f22f389ee35e01e4ea88fd7c9e4d10c145a5f6e4dd33a55f2cafbd5f56856ea945b3b596b4900cf78936732bda49a52bc5a648c6561f48b820699533d48ff04eccd81aaa5bd25fa277ef314026effe2e65a9c38d45832cbb89579535782bf6299327339591a3e66d82aef6fcfa0a21b6b50a398b737a83a6a9b34dd46f3d15162dfa488fcadd18dd06f856f6d6c4cac2677eca641bd4e044ef4cddf6c95f1725fd8c606" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"727337765db704e7b9d23dd139e63b5ac97adea990b7d04881b6b2de045c974a0265210aa4e336ac32f4b0a428ff272a":"":"48b452cbaeb990b6ca4ba64ae8f2a91d792ab83ad499093d9c4566ed8c7cee9b":"e7e32096873180e03c9f7bb33c5af4edc3fb9a36113275839302d40f0890dbad":"21c7d4c258778dce67f1a134670b8595dbbb0e036ae78484d7953f280f1faa5fb3bd213a54132a089a9d6f1376ca8b7064402409187acbd5de7e4d7146c1f02f73087a6c62ca6a7e736900a9e4464af0351bcb71b2e1f1cc07440cd74f50a61757f0b3bbb91fde9c898e62a9cec3dcaca0c94d5d0a8edac0f82b3c99b65d736884ffdd23fff1d9d6e8199254e784514fe3c34db51a86eeb06ef7dffcfba9f195c52cc4b2db53e0a6b1bdbed68d85822c6c03571482fdb6535eee1b6e26ce7d33433d3a1271c5b93ce9a31c9d7c805e3635e79682fa5f8e7894d8d16ead32e3fe8c625174a12a7b8623c0000a75c506cd367bdbc4e3da3b462938875050ff2271" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"8ce3f77c4ba4f40d4eb3e80d03f9b138bea725d44f7a47f4a1f7ee3afb45c2a0e8fa75683ba03964a8e3312ccc6e1b66":"":"83260430843b586cfa50ab51120ea5675d63402074d45b0bf80dfbbec74fdc63":"0640b6427bdd6ead525962b228392b3c28abe131719feb0c0f738288ee87acbb":"d0a402dac648f7a53b5ffbebb1f5e6a12998c999809007f357dc568d7c653bd3b4da793d6d7ef802338eb36c7e4745655001f700c4ca68cda07d726dd088ed9948b2d49d8b50a72530dc9daa3387cd69ce32ca49dfa6cfca98f8a8b641c929f84c5f4045579dbfd3fdcd997068bb0f905f9a4a00accf06a483282e2eb99b94d78be46e07dc87903208bac0fa75323920997d9c4f9c0fa4cca5e6b1d69fdbfae8dbb52d659028387472c1a54283d074954094ae11bd3aa97360073ee033d7008e63b89e0efa4788eefa96ab726af4c2422b7472fa1efb7d95bec93fccb7351768625de30d9f5377610026b6f7f9568a9659644c7e68483672ca9ac8d0994efd68" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"96b0d3b13a65ae1010bf40e6e2dc6e6585db8fdb8fbd2b272611e51c62e1111ae93babde207a42980c9ac9018ab01153":"":"b67c2ecbc4d4c46c3573883b61311a2655cdff0e01a12a20ea0cfa4e91034c2b":"9ca69103d5af577da056d4d5e95f53be87aae4689918bdf0d011789f2ccba9b5":"63f05a9815c2671298e9caa06b0746767fdcc00884eb1b30e53b16593508bb75dcaff9932230913f9b62cd0361af168993ce7b6b967114e2612c8f9c376104633ad4eae2e968e455b96d1d5ed6928eee9acb21bb8fdee7bf525f143dcc624a66ad42f1bdbafc19b165284f2c771edc57dc9092ffae6ef8acb9f8fdba496607c54b07f3ff4d1721f45db43f8ed5c695716b405b57034cf4f87ab487a01057ed449bd918093c532fe85015f0c5856cbd7a440c33c7968dd25330f78b66248873959967e307f9c9697803e8b0939fae51870ec533ef7d17e227dcb68ccf270299e65ed8483b9077831e010e9dda3a50ef7b008a0762c8ac5ef42b7e2ecba450d7d6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"49913e04b653d82abc54cbddcdf898c409819dbdda4af93bc97b434dd1e319706504b1c76f34ca6d9dfb181c7057ed8c":"":"68b8f6f749ad588ff2c7477fd7c55be648134d57be6846674f2659d75785c39f":"cd7b2d7b24070e501843f0caa20666fbf963760893f4e277d944991ec965fbe3":"67ba01fe694d8f9621d47be0dd9119b8654d028e4c095347629afd02e96fbe6e4535d1666ee0331a6da79e703571ea0983a0d02051bd95dd130c7733012424b79a0bdfbcf72c9cb0c6d6ee408e2f0de45cb084d8182d1b8b4d389b78d0e3fbb7f3c8891ef522f077851b2463bdf1399d178dae3299a43b00f48cd1068e17f42615bd506878eef5fcd5951c24641b58f7a563240abbab5779db1e44bc2c66dd48ea7e746660042bf92b727d622bafebc05de309c24824ddd1d9ae86034a8694ae5962f61ab6e76b435c9dc8b370d708adc4d6fbbfc44644da3f4d4f24d3c95d958de143531c84b188445b6840775726c87b1b058dd8c14e4648973d5a91a152ba" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4687135763568418f6f30af400d37d794f712b10a42087fd832d840b9e8b1f818dadd1aba09e78a1925ecd9ee0d106f2":"":"ac00dc729c5526698fb80f685ffe93e9c25bf93b22424c15c20043e1fcafbc7d":"948555d8a6e0473a769b7019e6909a8565e386a624a47a1f9c96ff5e6609a894":"4f09384ba8a34f819a0d4473c3387f74299753fd16e386be51a5ee70d1b164be6fa53a3face06379da2d961bfd6ba21eb437bc77b527960352790bbc978217549006e7409b86ee97d6a042957d27a02fa5f04de94791bcd7d02cc6798bc66d3b6cd887f2a984224b3c279382558ff64459703d93b40fcdbaa7abe1bcdf0b95f4c6ec6583a86a41f837c6cbdefee3de4767e330cb2f4a0d8915f192f02c1ebfc78345f80d5e0f21185c647376d588991486ca9a8fe5c68d0b71a5f81b08bb112c56f69c89412f0282eb1bed0d05c959608d1eb6b1eb4a76a76ae927cfd8d651a651fe83668f24bc0d19e5de86813b16bfe8c771dc9f16a7d6d0441b3278de136c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4ccc3c6cd73101efb7833ce1195b28b3aa3e5628db02be166f2a7f6bf7e8efdad5ff3f1c375ef981336af28252756647":"":"8396edacbe629826be44543bece17ede600f7f877d1138af5e83c3ec44b8b0de":"98545ad6268e604fedeacaa10b727ced0b0e284a00c29081a41c0d2e3675bacf":"c37ef92675ad963cf41ee5c14d882698082e8dda5a0ce9d50b8409c9f0d30d3294c7c625ef29c33f395de140405a6f9cd9d737a29d892b67e90427af24e200bc9cc7b5d920aa8a93d8ddd0b6f69cc98e303ca3a512b3d883ec542403d58bab1b4232c31696e72a764f2dc7b278bba02efdbd5413a08563833ef7a283aa6e5ab221d1ce5c7dd14363ecbeee879d157b6aefc8bfd2acc004d19eda7cb4b382e54bb725705b3f52ca5be08df445d8f6eb46353ef26217bd3c1b508f049e810fabacc0a75d717b2bea9f63cd8d2fdffc27322eafc98e7de18a911ff44cd0e5864e0897f0550e3c48674d11dbecc9d6d4c42f7592fba440608ad479ed296a6ea6b1b0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"85ef33038e0bee3e40ce8eefd3648e89c521ad537b0c8003617824b08a154b75c89f036845a6f24fb9a15513ed28eda2":"":"2c675110a2bbcee5c6096cfd8f363441e3473664cf09577a95996928519a9292":"f1db097abed76cdbb1fe6aaba94bb51c2af8f43c5cdd2eafdf6b40a234d3897d":"beda7162fb3e07d96a5796f091388995894f69a59f06a0c7c8eb704b5dfcb82f7171d34628b116e1ceb0b180e6052d01fcb13510edd4050e15d6a8bb27a5bbac46d8847972f2638967d53d5b7752452bbf0bebb953a4e40212ab587b8e74a9599021c93071ac55a08feab70ee040c3cf32246857167f13473d20a38c8d6d364da4d1f043e24a65b2dc58ae2a56215a34081fe91bd554edf86a7d582b227316662dac6a71693806545760060fc1a204df40f1b5df92c7b0561507ecd95609fa5317bc43b1e9a40880a230fb4deb79cf4a7a2b97beeb9cd4c8c841d4ef2668d870eaa11f2fbfa0fb899a424f1600bd46778136dedd147f124dde4d64693233462b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"77a48fcd8cbea1be145a65c9e20cbc4e660dd439c7ec7e2dabc6f0430c5ba716182f05e834e84e89565714fe8ccf0de6":"":"1b838d460961b8f1623667fb316772cf50aa462ceeb58c36e2a6482ce7aa9f9f":"ccd4048bae7f8166c35e932cf3a09feb2f97dbb31af61a3fe5e4edb881ba6930":"af5afbb8d60d77c36c20a8f4c20b68ccd7fddb703d1ae83b5981605c4483e4f092329bd75aaeeb6fb4e6552540bd772edba5e5a96dd227acef73241257fe8774f757c673dc3370423de5a85b9118b5aa98682db6a89f520174a25e8e4b71f83ef432a91ddd8f69c1431c40d282d7e789427f18d9c5673131d5d3797d1335ffda64319d642f5ea5c1641092893a4008f076b649170916a03e06f0854848607c6c44a9f27bd3b17b293a914a86139e9a1b11c8652eae3757162f9f7161a2ee6f412a40002781e8fc8b80242331528225e70b9b23c6b2c970db12eab61bc290fec9b4c6c13d6454d7336f439d9b4b1df59248ab84e3a79d7f37df07e88c20f9ed92" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"71cea1ba7a7dc792ca33288ccfb67570d9b1eab34e35296209db20c6676f174df4e062d1f660522881aeb11a651581f3":"":"c9667d28614fa05f112ec31487cdb3d925f2cb312202f7d85695a8f7336573b9":"6363dc485ddb9bdd61db33fb1beae9bfe2d0e7788a86b50774f8658bac094214":"e62486e1dc854f90b803635c1718f075cecf7fd44d1d304d0127979b83bee5e4abdae9076fc5ef89f6435e4b72cee056372c603f16beed39a2adf6ddc2577b32b29396db81e9ce57fb67c2525c2a59dea259ace4a7b6560ee20ca8e3f476786c34466ff5f6b45ccc916477f6fe96e7e4be23867a9ff9fa07609d9d8a5db7f5e1a068ba9b9c82bf72e76d17f73518affd5c58368232bcafe65096962c561617f489c8d978cb28676d8932a3c3489eb0f2f48a193826ee785dc850e41b0ced359ecd2636d96e83fdf8996617e6a39e141c124ad1e2e5fdad27144e60b56ed70d91543f3046acc831a6d56926ab1635de7e04a149958c9365a53c144903d7ea392c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"3a23653a34334db7d3abbf747d9d47d6b18589ab3516b0600bc93517d206a1a9c74a51766beec0563db655273d5dbcf9":"":"89922f45e6637e7fcae0a98d7ccdcf36650bbf7fe3253b7716014047a0983e98":"5d7519b3f442e1246185e1e7a56fd37473f18824f3c9d21656f54f1fa8d2947f":"fa40b69397e13d5f1ceaf294fb1d3a15db8b345286e5359bbffe5cd743ebab412845a9f5e4ed8481cea178d7b647019a7729c264220991c3ae276f82d6c33402f061aabd2e28cfed64565cc2d7f1774e26281d0808b2857d1c144d5aa36944a38358181b28b9110470601204076c02ed44ef411cd6a75fecf55225eeb3ef4f1717d3f5cdaec83f5defe835d2a236eb1a8f00167a727329163eed34b3b34bade7896e2d0de1db1b15c7c2b173ee8d4f0bf77f8e8a973be61e107daf240b9b7edbc599469b5f40e98c0d2d40b048ce4462cdead7e8f85d175a1f39f8bac61ec00f4cb4c8081201ca6319984264adca745b1d0feb471b5d8fa35bded03357fcd7e0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"24cd11e75f2b0ab60c5b7a35020d716cea2e4f5b7748327c0cf355b11805189334889dc3198f13c36cf7beb42b2a1a6f":"":"cf9571fecac5d79d65617a885815703de3459cf739db097f8ff2ee557d0b0745":"2282cbdba64ac2a4053c070efd1dd0638fc31dff97dfa15f76bc077bf173a821":"1b0466ae577c0b9e943616437c24b9d32ceeaec15bc83841843585c6255534a4a71ac96698f628d907255894f6199f6d7bf405afb0e46359ae0dec788ca52111950f8adf88d324f5b9a76d79e67c3581b0cf0318901332883794398e6aea0f7da1f55f30ca34b11127e885e86d787f8f8b3a1342d71f3738c8445707e0dea687baf759b261eceb4d661ec9bb006e9f08aeb1cc0357cd8df526943d71a6d73c9ae80ca69fcc3004b91dfdb2b6b8d0424c1cad81677d510ac7a51c1ce6f02b9ab41466e37ae0c2adfc63b31fc2e4693e467d3384fe359e9f0fd0f4d08f4a9037f3fd5495d895b6ed4121cca037c6aa87a5ccc5b856ee6151a900459ff0ea77550e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4931d76a7ceb2238c1f0ed76be24d2fe1a925d1084a392fc8c43d93535da0e9351e52abb58a9bc34c46f254b8313d387":"":"92a8eb05034555680bc937d0d958e820b09785009e5e05739f29d9af17a63976":"d37465a30f837fe05f04f6b7ad4bb1c83bbae83f9c78f027b4831f5e2ad2dd78":"a61894d3c30081c7836dee8506cb97bf7bb4e56a8a94c72d9c8b6900b69ea68b30c41ad33dd21554361c171cb959c555bb668436293e3f1c103bb72509e43f2baa19742ed8c2d3eb9d0790c845097a7f0b2715b3d127a7f043c4b265b4d6fb4b9af9edd12427e1b5c8b680a135a315761aa4a9ed598a7620f335fd595c40c933696cf95b7eca55e8520e9154f69e3446ea4fc3b69f36fa1ae7eb456b350c93a1ebde342bd4578142d8338268af1c240c94457888d045d73196347318f89e281865b826837ca79da5a6dbc81569c42da475d97ab5501a1b13e99058c40840958331bb73c78e5ec90aa0464b9f603f11bc4baddc28b71c42282176654458d2fcaf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"ffa596ed725daea92273519c279d0a26be7f77cee1fc4fca44dc99b97ad8125a3172e5a36ebc671df1fcaaa54bd7218a":"":"6cfccdd8253cc5b284701ef8d16f8888f79100373a7df50f43a122591bbddafc":"5795ae5be47a7f793423820352505e3890bac3805c102020e48226deab70140a":"4a398c114f2e0ac330893d103b585cadcf9cd3b2ac7e46cde15b2f32cc4b9a7c7172b1a73f86d6d12d02973e561fa7f615e30195f7715022df75157f41dc7f9a50029350e308e3345c9ab2029bdc0f1b72c195db098c26c1ab1864224504c72f48a64d722e41b00707c7f2f6cdfe8634d06abe838c85b419c02bf419b88cde35324b1bfdaddff8b7e95f6af0e55b5ff3f5475feb354f2a7a490597b36080322265b213541682572616f3d3276c713a978259d607c6d69eec26d524ba38163a329103e39e3b0a8ec989eca74f287d6d39c7ceda4df8558faeb9d25149963430f33b108dc136a4f9bfa416b3ceaa6632cd5505fe14fb0d78cf15f2acfa03b9c307" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"e97a4631d0a08d549cde8af9a1aae058e3e9585575a726c76a27bc62bed18a4b227221d5fe5a5db9810f9afe56a3ee78":"94084b11d55e0f9c2ef577741753af66ad7a25b28524b50ea970105c3545e97d":"24c81d4773938371b906cf4801957ac22f87432b9c8a84bc5ac04ad5b1cc3f57":"c8c878451e2b76577c36393ca253888c1038885bbfdacd8539615a611e2ac00b":"761422dea283262998c0ffffefc77de2d395c818b9cf1ac2bcd1153235e0d8b63199c51e195135a75f1f87b454484ecc560c532c7ba5923c9490a423c177453459d81efc38ce2939226043cb733062eae303a009b48ee0cf3c7e40abe2b57a70a6062c669a9fbff20b4c94b4ecbc5f744a80d7be8134359581d441da921737b1329470b214f3e679fb7ad48baf046bac59a36b5770806cdef28cc4a8fd0e049b924c3c9216e00ba63c2ff771d66b7520dd33a85382a84b622717e594e447c919926a5b2e94d490ee626da9df587fed674067917963fd51d383e55730c17a124555e2e46e1395c9920d07dae4d67ffee5c759b6a326eec6d7b3ba6dee012e4807" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"5c96609e9de807efed31d3c2d63e284be5c44c1b5ab84672664de8d8d8e2f8181b95a5290fdafeb05dc902a9a7bd639b":"135aafb3bbc89ef1e00a2a35ef32f122b7511cc55d86e7822a34859b630b4d29":"115774904a953af07936e3efdcf6054b4c534dc8654f563bb10610444d30625f":"4705ec7525e63919f7483fe76cdf7397b19f22d2a9d54b6cf0ff9abcf0a7c46d":"ae2cfbb29fde23e8c22d77d7a50ba66798da93be4e49ef78b38c9be2411e2d8a9954eb29fbad0a967c51b26d8d746801539aceb32e2459d07baa994869d3b6db2c88fb9d7250fac00de8f79990d501ad985590031f7c45a00cd9b6d1b5531b238f3a31d33237c40a3da31356171cafd52cbb7929e32b38fe523d8212de801f554348a3cc468daca70e05affc9af97f172aba00b2acc50d7dcb5f0ecbce741c71a65c657e9d0f250c44f73865962b1a0d19738e9ffe9f17c3e03363bedf5312c444375529fa8df9dd72b7c09f20c2ef37abb93e6fa57cadbcd7b23036bb9924fcfb9bf83b09ea360fd3988639151b1ab22939e9ea1cdc413f7a2cf04cf2778345" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4cbbd0538535994cf00354ff8609ddfd04e80dc4174b9542cdab52385dd968ddbef8157a6e3f26f040229a450f8e564f":"ed81729d1aef522f7bf9c127207d8a680ce4432964ed4025b5bbb12964374f3e":"1259073b57358935b7149fa4349793c5ff28d3ce98b483ec48986aa285451abc":"b350a4e931bb5db50a866aa3c01ead7d48d5859bb97b675e77ebb844ac832eb9":"215cca589f737df48d60360c4806ed548d44938c2bf5b1707310df987edda51e5092a7d9ca4955303ac59bfa980ba6e1819ed1141978c3d7df1125f5c4abec5b15bb8f5fd0edb1f26bcebea5aa7c8d5d32e8a5b608f609d9dfd765074b23cc524596a91226b726d899e42bdee0321eeb2dbaf63d33cced6890c19b466636df05072f007ae60a2364dde7f82315e3e30e63258b8abd12f18b6ab3d384cc9349e56dff00c3f53a86a301aa7205394199d32382096f6cd9db9646a92e73c3fd1e53c28a91683031c1ac72bb85af50be669d0e1d7b05a3bf1fc9720025c1e39e1f09d18d2e9247f726ac691a1c2321a667e6bacd7d77a57ce46397db1a91e7908ad5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"9b2bb0f34e6f0a31eff00e6604e6ca77643f69895877f77197a06e2b42bf047b3c1ee55a2a28fb3579324a54458310b2":"895e7060956784e5ea113ca785214bcf608e2a53c175e6edf5b78f1ad90e67c6":"c0b1980d57fb797c4907aad1fb5662bcc8d6ee30f6bed951e77c11d1893346e9":"af3357fd21fc04d1d1bd162b94bf129c45d41fee90366a180d98d41325336b5c":"50941cc105c694dd26d5bc73c08399168a270428ef594a6968fde834e889cfbbf0a80d7dad65d2fca21ba8019f1011313fe86983a555fb3ccb643bb771724e04114f3266d72c2e1a75363aebda9871c3bafcee3f389ff4c6f1f1bb5e6da5389e04f2822da800cb058da9cd698c65d54b16e7562c83506b632e4b5c7a78d6e36ec307e48cfec4fbc3ca3dd67ca95f9bd7f1d609e0a6d8b5bd3feef00e0c4165e77da84f989210c78daf633aef657855fca26b832994000f980c21d355db10f71f9cbb8079c48aeb673c5ba097a325d9a89e05bbf960fed4f8eb097cf37f61900db8171685107d53f85bbd8c1a4a1c7045c8b6e3a8a2c4114542292555585a090d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"9c8306c6941098408c56518a44d3075c22e02f19a6041d2e9c4e296fda435db917c99d538ab65f6f1bfab0d479a1833a":"3a80e9f5b71b242ae07ce7b617057dabae189c5468da2cf049b5b529abc877d5":"3c151e92dd3121a8d2d11604632df00cf90706d3e843737445de0f2fde1ea924":"f53cb5fe673201f5eaf4115382d48ba45be405b37a31a56e41d1d76202038b06":"9bf31156e54d7142490e620afec2217931fb2389215a3609b384b0551bb3c9d90c3b3053054046a324db9b34633e41b66114bfa7ee86bbd22d08d53e349a4dc875265b32151d3e475df348a22d5226478184f372b0ba3be92ec1b284fc66dfa3609463214b6b468b29478acb0c55e1d4674882cb75e3eaa3a66ea0f4d7b1a571206a761d636bd3519afb6f05a0f1b6bb38c00bd68530a6c9b445b6b4a9c7457a055627b606f4508ed676fb5ba0d27589b7f464271c3e561215905c50ec48f5ddd1b8549e8d163453083db96c7ec8eeedaf6804369e76760b08abcca937c497900be385db8804b443e8a1489b8f3e3e4cf367dac3e15cb8e95cdabad04f08856c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"87a8fce521df0a2e26f1b1f9c7ec9e98968474915a085a95cbdca7d8c669e08a69b8c3c3df07f9ada368be448938bf92":"b1bfaead04743bdcfdb193d32260918ff803abbcc0d5ddc50439bd01f6e42a3c":"12a07384e9c74fb3f33df1a089dddb7d416151a0270d0c0216e085f1ec4c249b":"9b42567093112cb5889703b77b4b372276b5bbccadf86eeb9ef6d3cd395b2acd":"5ba662260aa0f743a33a9b552ce41d93335a855a55df11b870efacb7f75e39c978e730acce3664c814ac10fa10989fb00a39b584bb14cad2c02c309703c8ea8768d479d9b4e17402ee38cb82c5f4d80125f3e674ac1adb919cc8a988f79f531b08253fbad0a1b27fb1997a4e2c7bd5ff3abf66281e8b60987587327a9101b76cd13771e23ee2f02dc339589b9aac4f5af740afdaf494021c3504fdda8f93f77cdd8262df7d4c48f85b6eb03a7e5279db4d18f645a63eb6f53f9fb123c53a78686f0113a209b6eeef3b10cd4489875a07af863c467f25b69cd13b8e72847465fba025e25fe7bcb41745369f255df0eeffc3e5f066815ef7715680b104e20a7e9e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"69d667bde79e41cb78742426ca5ebd48086cf1ded5cad7293fcf910e5ab23cc8cad75bd989c3ffd05817d1aaa5493c05":"5f72346eb50ea82cb111d5b3c91dc9b7c61c92fa1a062177d513fb616b1226d5":"0465b8aa89d9cbbe8e1cfa2e64e64b8d1f5dbec7f710a6d37fce898e3f81e57b":"173135f31c2320cccf513e88a21f2d207e00cbe4330d2f550e0be77405eef47a":"34a08d7a564515a918bce93cae084f27a558f6f214c4bc9169dbf507c3f11d02ec97bdfd777960f6b4c4543c1e14456d0079215320ab607e04b7519090ebaf3a5fbb0d7a3fda1af6cd8c5d785524bdba75abbe50e3d58e5f05f8f6b2c2570f1178acd2f4c11a7b1b8b4ebe4ddb71a85bf19bb2fb25241374530cbc6c0605066e1129a2d398356cf2ec2f7a286c5b869c702aced63f4e12f39b7ce250547a922872c36268a3a4649f6641987bb7c6baf1a3e82cdf04d11160ba11c5a002cfbcf4a8698286ff318ec01fc2c5f6664e50561991a533ad183a21e7b97e0052b0350d213738b0c6e5421a524845a861f539930540cc40c6ed78c46be9c122e7974d35" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"f1f6e5a55fb2180de436d48115aa1aa38a6242eeb0959de3690f259c1d8395a5862d1ac4843404d25215c83bca90f44e":"f467ef083c745a1bfc9be44f1d468b2518e3ff1c0cee6819fdde354d4071b17e":"fdda9f0888c4439cded15a768300d163c1e326ee5571c22ab95ab3e44b1676d2":"6b8d60c565604c8fa8d7adaf0b07ed268a491fb79794d2770356e191daa1cb50":"55d0788614b770f4b8c3d3ac0bbf628f294ba2fd16612b65d0f469ded665e3c8b82c95db80cc6b410b5a6e624151fc50bf02f279ffabc19dd094cffb17ba44b11209b923df326db14eee35a8bf1eca3807afae918206e844e517eb32c207342008a0da742e734433867fd86fd89d27ec6e51a9db3ad1adea645fdc57179c4b71de8b455ae00efc09328a0bffd8c61e3880c007915997daeed4adba61b44040f6f9b6c6427e1c23357c8f7e18b5c974b3c34a2fd5cb5e70f48df2d10c1deabd987f8390bb33858d9a5133a7bd798b1c7741729b8562fecb3d4831e9ce101de192d64bb5d757cbb21090d669afc5566c1d6e25586678b5f2fc7d6c6113ac4eb54f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"0db9d437153149e101d5818b263b975735994dfc33d8b3f158a05760867757ab438a5024e1d43006226018c378af55d3":"275bdc5fc78b0d8afb5c8aa5f7854c319a81bb8cc9300210a9990fb7933a352e":"809da54d1830545672f180fa3e0441a0d3fe472e7cd7a6d707fee5af7e9b21c2":"ebe66cee6efbf583c881a25e346ca7d99741dacfce0d8785c659e92774e26ff2":"878a3d109d814ff4a4935689ca96b3d444bfcee9edfcd9031255ad2538871027273bad5225864e84f3c2afaa22a40e7f6793abbc49c8b0ddc7b30d9dc7b408888e6b98f4bc79e08775b599661ea4b50669132c21272f8d17fec9d1e5310335b0e6480d7075c830a44ea528900f99de61191b5a006ca4340356dbf20c62e8ffd0577d623146b12937e84a6e17c0ae08efd339c9aa979c7e21e9c56e019f7e4f375bb601b1a83c21f27a554ec05191794befe514dfbff5a3c9a0a9c80bfe9b6adc7deffd31c70ba13fcf170abd6bf3d384381e0a31fa9c81b1bd207ea2e0b4153b6a1252a9f73f19f6f099fda0f87baba99b9711a00b5f50ad88d3bc1c4e806467" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4106f6ba6a291fa54e4ecfd9fa61b961554e4e8e03e19d9bfd82bd35c3471e8bc5bdcd2f810079c1bbfe906929e88d27":"5a7e61b86ca70939e64af613a667695c7c915e667c79998e76e55eb33fef6d86":"86c7d5883aee568aa74d25782019fbd6f5acf4196752ff3d1dd96ec1e7436424":"3a5d80e739f5a30e6bb507d82b60ff987d5bd9cbbff4b47daff278a3252db3ef":"fb146146f828e880c6ec7ab5a65fc8ec4e4d7d975c6d7c0a9bc7ce041f49799b11e235d7ac5a4ec4eea721c3323448e686ae96579233ad698a9d6fe3f5b37d87ccfce640192dcdb51c7bf35404c90b705bd97482d95d1c3e3a40152c86ab923588842ab02f4d922318a7fb84453b072c749a7f54e8ad005c29c48af6f01ecdd8fac13295e42b2077c70c7bf54e214317f98003e4cde07755e95c91f1953b29b3eecd49dc753e74aaf2b1c83feae87428be6a5aaa3261f0f65491e04c1fcdfd5481eadab68f057df3c83694c7451fded86a18470b06f1779c38efcac54b576e99eced3b5581eb5c9f7b3340ad5667d1f0d3fead8b9484a032d5f74d900fd64d10" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"5d1fcdabb70dad1428c8be291720c92b8565f331ee3438d79bcddc968efedcdb9319f5ee91124b93b965d504211fef04":"6c8c8a066c6208dbc18a40a30b9f689048877e038bf76d65acbdde7ae4c566f8":"bfa2e9ebe0d70d3b62cdbd78c775a62e0e22fa75f168123a336b66b9a2b68c06":"e48b5245ea241baeb7f665a9daaad662d7b2422c3e3711cfbed81d73691864ee":"1586e0761c4a39013dcb552a0e363e709f4303c0e575653c9b240be7449ea26e4bb1dc93f06ec958b6c06217757fc550b356c135063c00fce9d856aec0edd20735b46b7c9a8e7df780db3072fc2b314fa5cda653ba3690132f10d30ee94c8458846be75659ef3868086bcf54ff55a8db1ea65c3e747a8ddab3f2304738e0c75adfc10c23ba651ccf0de64a39cab3beef667f466391a61a87a981afe883f09c4edbd3eae98d51cd3e7b31ee179f8a4e10feac96ea210a4b8415c9f2cfeb2bc8bf51f13801dc542ba1badda1c30141d72abb1bbb35c9bb481d91db5691c44bf3526a02d0bf776304a951858aa2fcf3f45bc656abcaeea94cbdc851a914b4b3a3ea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"9fc58d0785adbf033ce6642dcc9a861df44a35e89d06b346b165074a048b500994b4c0b3e27306b8c805c97b0ea14bb5":"e02f7a856266195fb5f4810232cd5c71a4465e1d95625c01e8e7eb69c63f6796":"7cd18b8d035b57bd01464280abe891b7faf55f9ed9910d9a148b030340c67cdb":"918c4d43fecf993227f7c120d239a30d3c315602800d6d58b9e9e0715964cfa3":"b8a3581eb4a208d1ab8f0e84e9ff3d2e0ba57703a7b5be2e4f3a3ede2e2519f5e6068c28c41171446cfbc40b48a97bc7a9a1e4d3b02f48fbf55b1d63da7cbc5b7a95f354afda273dbf5bf099961db4a4c5f296286dc0a51091a522398973d5527b2e55e0523c21fffdd0dd38527bc45959d5a711d541634e3139577312d678421eb37553c127beec64422316e48542a906cd7efe0d96eae3c4f2db7666083d9365a76cee4a207d712ddb04bf775be29ed9f030eade4537961737e3939a19e0769a3a8b96d055120c49925fe1ebc4a2ad54468421dd5465e8761b3e2e384373a971e408dd3a54907538a7d887986677eb192761959a4293523f81647a657aaeea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"d43927d1e633fc3433536cd03617a97a3a10a7ecad3f0c781602829f8ec7feb2dd5922f2a2dee51db93bcf35100a8364":"3335a02aba1ea28d2e56973e21109e0adfb5068613c447e625fd83a8d0e34494":"bfde33c52407d3137123812c4818ca1e4b61878b8f9dbaec47935e3948a88d0d":"42597cf03bbee0e003d8677159918f5318402f7329f08e1d93c850e2a2a2f1bb":"e53c7d0b376a94809f472961acff314079014958935cd67acc476abdd919a43cd3f7d1462d0d6e628ef5d0c8e04a6d243838c61ea36b015e84d7ad59e49b45c9b04f6ec78687ba47156e429b2fb6dc2c0da4f5677d1f689cd28612cfa6d95628c26b5b3e01186153a1c25c02f5ce5fc287623358687d2034347b2433ffc1445a2d93cb0103ccdaf0c585f7f4e7d41aef310be127208b3da90523aceac5fa13ffe77eaa4d1fd058957c8dd2f355cae7f9e3d8f29ec7099599ba6c755689d53d6ccd84e33407a066506d97decd7e306d22ca6e0faa7b94f91f4eb004422ddf9dd6b1f49b6400ea55d40e25c67103ab50bcc92d100e89ba569b6d51aacddf02daf1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"0bd69ce9a0a66dffefba83ae563e8df0fc6c7d7bdf491bf52cbf3f3777025cdf92b32217f550a1fe735b8519b44b040d":"820da3187bc879cd1f40476fd9677f3b67e02b35b6632ab68891e25f10555b69":"903b882de013695b4683316ffbd7c7809288d54c72e369f70cf172bff85e5629":"cfb5f494e76486ceef12dfe1bafd6ccf9b0754d8d2306fb0c41c0f4e921317ef":"ebad5e5a358ceab806ae5590d80bc0ba5d4061f49f4cb79a8a9da4fd1e8cb8f41cd8edc657c5180d18e62da2b53a50085b7e18b957eaf4edc975ca9d43e380434f51542dcfa947c322c708f3d3593c520717230df17f9341f02a5596b2058a27ba23f72a862b391be884570b22e20c80dd20d0a935f068465d554c8291fcd88eff608e92200f90cccdc82cb5697f0406654d9582e8db54225aaa28697bf2c4f47eba086a575298b991098c212c9e8d95bfa48f7e500c7223d9cbffd1df6f725909ab6e9aa837ff9e69158af434d18e5a7f99d1aaf10931f380d88344ad841064130cae50edf8687615743735f80457a228475bab7559015c4f45f91bdfa31d87" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"45784684d6004731689e33e45b344d7b68dc4fa841133cb2dd65c4b326dffa901109dfac2e48bf17f2fea33b412dc653":"7c6f4675f7a0b8c424d5be9e809efa305493874d9a950cb343afdfb64e77ecb5":"2b2dbe3834d8be93f1396b19be83bd96823dd82740da71c5eeb7b21865021884":"49c322fc1bec86d3e20628d9bdc1644e6f5e0237c7c694746bfee32a00145696":"9110cec7d07e6e32724bf043e73021b3ca0e4516b619d036ac9a00914e12f01ece71989f55c1caccd542c60a9cccffb91e203fd39dca2d92c8eb03ee7ee88abf21dc6891de326c3190f25ee9ab44ca72d178db0f846969465b25a07dcc83777e6b63a7f9f1a8246dd31ce50cd9eb70e6e383c9ad4dae19f7cec8bfe079b36d309c28b10161c28b8d66c357c7ee01f07403a596366725fd5bd3a5de3cb40dcf60aac10635615b866ae633fbdb7ece41695d533757d9d16c6d44fd170fae77c15b7426ed6ec8c9d6e9245cd5e19e8dc3c8c7e671007ce8454413bd07407e8a2248bee95a7669db6ee47377b4490a6251abb60cd4e2e404ab88aa4948e71ecec50c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"e97a4631d0a08d549cde8af9a1aae058e3e9585575a726c76a27bc62bed18a4b227221d5fe5a5db9810f9afe56a3ee78":"94084b11d55e0f9c2ef577741753af66ad7a25b28524b50ea970105c3545e97d":"24c81d4773938371b906cf4801957ac22f87432b9c8a84bc5ac04ad5b1cc3f57":"c8c878451e2b76577c36393ca253888c1038885bbfdacd8539615a611e2ac00b":"761422dea283262998c0ffffefc77de2d395c818b9cf1ac2bcd1153235e0d8b63199c51e195135a75f1f87b454484ecc560c532c7ba5923c9490a423c177453459d81efc38ce2939226043cb733062eae303a009b48ee0cf3c7e40abe2b57a70a6062c669a9fbff20b4c94b4ecbc5f744a80d7be8134359581d441da921737b1329470b214f3e679fb7ad48baf046bac59a36b5770806cdef28cc4a8fd0e049b924c3c9216e00ba63c2ff771d66b7520dd33a85382a84b622717e594e447c919926a5b2e94d490ee626da9df587fed674067917963fd51d383e55730c17a124555e2e46e1395c9920d07dae4d67ffee5c759b6a326eec6d7b3ba6dee012e4807" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"5c96609e9de807efed31d3c2d63e284be5c44c1b5ab84672664de8d8d8e2f8181b95a5290fdafeb05dc902a9a7bd639b":"135aafb3bbc89ef1e00a2a35ef32f122b7511cc55d86e7822a34859b630b4d29":"115774904a953af07936e3efdcf6054b4c534dc8654f563bb10610444d30625f":"4705ec7525e63919f7483fe76cdf7397b19f22d2a9d54b6cf0ff9abcf0a7c46d":"ae2cfbb29fde23e8c22d77d7a50ba66798da93be4e49ef78b38c9be2411e2d8a9954eb29fbad0a967c51b26d8d746801539aceb32e2459d07baa994869d3b6db2c88fb9d7250fac00de8f79990d501ad985590031f7c45a00cd9b6d1b5531b238f3a31d33237c40a3da31356171cafd52cbb7929e32b38fe523d8212de801f554348a3cc468daca70e05affc9af97f172aba00b2acc50d7dcb5f0ecbce741c71a65c657e9d0f250c44f73865962b1a0d19738e9ffe9f17c3e03363bedf5312c444375529fa8df9dd72b7c09f20c2ef37abb93e6fa57cadbcd7b23036bb9924fcfb9bf83b09ea360fd3988639151b1ab22939e9ea1cdc413f7a2cf04cf2778345" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4cbbd0538535994cf00354ff8609ddfd04e80dc4174b9542cdab52385dd968ddbef8157a6e3f26f040229a450f8e564f":"ed81729d1aef522f7bf9c127207d8a680ce4432964ed4025b5bbb12964374f3e":"1259073b57358935b7149fa4349793c5ff28d3ce98b483ec48986aa285451abc":"b350a4e931bb5db50a866aa3c01ead7d48d5859bb97b675e77ebb844ac832eb9":"215cca589f737df48d60360c4806ed548d44938c2bf5b1707310df987edda51e5092a7d9ca4955303ac59bfa980ba6e1819ed1141978c3d7df1125f5c4abec5b15bb8f5fd0edb1f26bcebea5aa7c8d5d32e8a5b608f609d9dfd765074b23cc524596a91226b726d899e42bdee0321eeb2dbaf63d33cced6890c19b466636df05072f007ae60a2364dde7f82315e3e30e63258b8abd12f18b6ab3d384cc9349e56dff00c3f53a86a301aa7205394199d32382096f6cd9db9646a92e73c3fd1e53c28a91683031c1ac72bb85af50be669d0e1d7b05a3bf1fc9720025c1e39e1f09d18d2e9247f726ac691a1c2321a667e6bacd7d77a57ce46397db1a91e7908ad5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"9b2bb0f34e6f0a31eff00e6604e6ca77643f69895877f77197a06e2b42bf047b3c1ee55a2a28fb3579324a54458310b2":"895e7060956784e5ea113ca785214bcf608e2a53c175e6edf5b78f1ad90e67c6":"c0b1980d57fb797c4907aad1fb5662bcc8d6ee30f6bed951e77c11d1893346e9":"af3357fd21fc04d1d1bd162b94bf129c45d41fee90366a180d98d41325336b5c":"50941cc105c694dd26d5bc73c08399168a270428ef594a6968fde834e889cfbbf0a80d7dad65d2fca21ba8019f1011313fe86983a555fb3ccb643bb771724e04114f3266d72c2e1a75363aebda9871c3bafcee3f389ff4c6f1f1bb5e6da5389e04f2822da800cb058da9cd698c65d54b16e7562c83506b632e4b5c7a78d6e36ec307e48cfec4fbc3ca3dd67ca95f9bd7f1d609e0a6d8b5bd3feef00e0c4165e77da84f989210c78daf633aef657855fca26b832994000f980c21d355db10f71f9cbb8079c48aeb673c5ba097a325d9a89e05bbf960fed4f8eb097cf37f61900db8171685107d53f85bbd8c1a4a1c7045c8b6e3a8a2c4114542292555585a090d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"9c8306c6941098408c56518a44d3075c22e02f19a6041d2e9c4e296fda435db917c99d538ab65f6f1bfab0d479a1833a":"3a80e9f5b71b242ae07ce7b617057dabae189c5468da2cf049b5b529abc877d5":"3c151e92dd3121a8d2d11604632df00cf90706d3e843737445de0f2fde1ea924":"f53cb5fe673201f5eaf4115382d48ba45be405b37a31a56e41d1d76202038b06":"9bf31156e54d7142490e620afec2217931fb2389215a3609b384b0551bb3c9d90c3b3053054046a324db9b34633e41b66114bfa7ee86bbd22d08d53e349a4dc875265b32151d3e475df348a22d5226478184f372b0ba3be92ec1b284fc66dfa3609463214b6b468b29478acb0c55e1d4674882cb75e3eaa3a66ea0f4d7b1a571206a761d636bd3519afb6f05a0f1b6bb38c00bd68530a6c9b445b6b4a9c7457a055627b606f4508ed676fb5ba0d27589b7f464271c3e561215905c50ec48f5ddd1b8549e8d163453083db96c7ec8eeedaf6804369e76760b08abcca937c497900be385db8804b443e8a1489b8f3e3e4cf367dac3e15cb8e95cdabad04f08856c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"87a8fce521df0a2e26f1b1f9c7ec9e98968474915a085a95cbdca7d8c669e08a69b8c3c3df07f9ada368be448938bf92":"b1bfaead04743bdcfdb193d32260918ff803abbcc0d5ddc50439bd01f6e42a3c":"12a07384e9c74fb3f33df1a089dddb7d416151a0270d0c0216e085f1ec4c249b":"9b42567093112cb5889703b77b4b372276b5bbccadf86eeb9ef6d3cd395b2acd":"5ba662260aa0f743a33a9b552ce41d93335a855a55df11b870efacb7f75e39c978e730acce3664c814ac10fa10989fb00a39b584bb14cad2c02c309703c8ea8768d479d9b4e17402ee38cb82c5f4d80125f3e674ac1adb919cc8a988f79f531b08253fbad0a1b27fb1997a4e2c7bd5ff3abf66281e8b60987587327a9101b76cd13771e23ee2f02dc339589b9aac4f5af740afdaf494021c3504fdda8f93f77cdd8262df7d4c48f85b6eb03a7e5279db4d18f645a63eb6f53f9fb123c53a78686f0113a209b6eeef3b10cd4489875a07af863c467f25b69cd13b8e72847465fba025e25fe7bcb41745369f255df0eeffc3e5f066815ef7715680b104e20a7e9e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"69d667bde79e41cb78742426ca5ebd48086cf1ded5cad7293fcf910e5ab23cc8cad75bd989c3ffd05817d1aaa5493c05":"5f72346eb50ea82cb111d5b3c91dc9b7c61c92fa1a062177d513fb616b1226d5":"0465b8aa89d9cbbe8e1cfa2e64e64b8d1f5dbec7f710a6d37fce898e3f81e57b":"173135f31c2320cccf513e88a21f2d207e00cbe4330d2f550e0be77405eef47a":"34a08d7a564515a918bce93cae084f27a558f6f214c4bc9169dbf507c3f11d02ec97bdfd777960f6b4c4543c1e14456d0079215320ab607e04b7519090ebaf3a5fbb0d7a3fda1af6cd8c5d785524bdba75abbe50e3d58e5f05f8f6b2c2570f1178acd2f4c11a7b1b8b4ebe4ddb71a85bf19bb2fb25241374530cbc6c0605066e1129a2d398356cf2ec2f7a286c5b869c702aced63f4e12f39b7ce250547a922872c36268a3a4649f6641987bb7c6baf1a3e82cdf04d11160ba11c5a002cfbcf4a8698286ff318ec01fc2c5f6664e50561991a533ad183a21e7b97e0052b0350d213738b0c6e5421a524845a861f539930540cc40c6ed78c46be9c122e7974d35" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"f1f6e5a55fb2180de436d48115aa1aa38a6242eeb0959de3690f259c1d8395a5862d1ac4843404d25215c83bca90f44e":"f467ef083c745a1bfc9be44f1d468b2518e3ff1c0cee6819fdde354d4071b17e":"fdda9f0888c4439cded15a768300d163c1e326ee5571c22ab95ab3e44b1676d2":"6b8d60c565604c8fa8d7adaf0b07ed268a491fb79794d2770356e191daa1cb50":"55d0788614b770f4b8c3d3ac0bbf628f294ba2fd16612b65d0f469ded665e3c8b82c95db80cc6b410b5a6e624151fc50bf02f279ffabc19dd094cffb17ba44b11209b923df326db14eee35a8bf1eca3807afae918206e844e517eb32c207342008a0da742e734433867fd86fd89d27ec6e51a9db3ad1adea645fdc57179c4b71de8b455ae00efc09328a0bffd8c61e3880c007915997daeed4adba61b44040f6f9b6c6427e1c23357c8f7e18b5c974b3c34a2fd5cb5e70f48df2d10c1deabd987f8390bb33858d9a5133a7bd798b1c7741729b8562fecb3d4831e9ce101de192d64bb5d757cbb21090d669afc5566c1d6e25586678b5f2fc7d6c6113ac4eb54f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"0db9d437153149e101d5818b263b975735994dfc33d8b3f158a05760867757ab438a5024e1d43006226018c378af55d3":"275bdc5fc78b0d8afb5c8aa5f7854c319a81bb8cc9300210a9990fb7933a352e":"809da54d1830545672f180fa3e0441a0d3fe472e7cd7a6d707fee5af7e9b21c2":"ebe66cee6efbf583c881a25e346ca7d99741dacfce0d8785c659e92774e26ff2":"878a3d109d814ff4a4935689ca96b3d444bfcee9edfcd9031255ad2538871027273bad5225864e84f3c2afaa22a40e7f6793abbc49c8b0ddc7b30d9dc7b408888e6b98f4bc79e08775b599661ea4b50669132c21272f8d17fec9d1e5310335b0e6480d7075c830a44ea528900f99de61191b5a006ca4340356dbf20c62e8ffd0577d623146b12937e84a6e17c0ae08efd339c9aa979c7e21e9c56e019f7e4f375bb601b1a83c21f27a554ec05191794befe514dfbff5a3c9a0a9c80bfe9b6adc7deffd31c70ba13fcf170abd6bf3d384381e0a31fa9c81b1bd207ea2e0b4153b6a1252a9f73f19f6f099fda0f87baba99b9711a00b5f50ad88d3bc1c4e806467" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"4106f6ba6a291fa54e4ecfd9fa61b961554e4e8e03e19d9bfd82bd35c3471e8bc5bdcd2f810079c1bbfe906929e88d27":"5a7e61b86ca70939e64af613a667695c7c915e667c79998e76e55eb33fef6d86":"86c7d5883aee568aa74d25782019fbd6f5acf4196752ff3d1dd96ec1e7436424":"3a5d80e739f5a30e6bb507d82b60ff987d5bd9cbbff4b47daff278a3252db3ef":"fb146146f828e880c6ec7ab5a65fc8ec4e4d7d975c6d7c0a9bc7ce041f49799b11e235d7ac5a4ec4eea721c3323448e686ae96579233ad698a9d6fe3f5b37d87ccfce640192dcdb51c7bf35404c90b705bd97482d95d1c3e3a40152c86ab923588842ab02f4d922318a7fb84453b072c749a7f54e8ad005c29c48af6f01ecdd8fac13295e42b2077c70c7bf54e214317f98003e4cde07755e95c91f1953b29b3eecd49dc753e74aaf2b1c83feae87428be6a5aaa3261f0f65491e04c1fcdfd5481eadab68f057df3c83694c7451fded86a18470b06f1779c38efcac54b576e99eced3b5581eb5c9f7b3340ad5667d1f0d3fead8b9484a032d5f74d900fd64d10" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"5d1fcdabb70dad1428c8be291720c92b8565f331ee3438d79bcddc968efedcdb9319f5ee91124b93b965d504211fef04":"6c8c8a066c6208dbc18a40a30b9f689048877e038bf76d65acbdde7ae4c566f8":"bfa2e9ebe0d70d3b62cdbd78c775a62e0e22fa75f168123a336b66b9a2b68c06":"e48b5245ea241baeb7f665a9daaad662d7b2422c3e3711cfbed81d73691864ee":"1586e0761c4a39013dcb552a0e363e709f4303c0e575653c9b240be7449ea26e4bb1dc93f06ec958b6c06217757fc550b356c135063c00fce9d856aec0edd20735b46b7c9a8e7df780db3072fc2b314fa5cda653ba3690132f10d30ee94c8458846be75659ef3868086bcf54ff55a8db1ea65c3e747a8ddab3f2304738e0c75adfc10c23ba651ccf0de64a39cab3beef667f466391a61a87a981afe883f09c4edbd3eae98d51cd3e7b31ee179f8a4e10feac96ea210a4b8415c9f2cfeb2bc8bf51f13801dc542ba1badda1c30141d72abb1bbb35c9bb481d91db5691c44bf3526a02d0bf776304a951858aa2fcf3f45bc656abcaeea94cbdc851a914b4b3a3ea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"9fc58d0785adbf033ce6642dcc9a861df44a35e89d06b346b165074a048b500994b4c0b3e27306b8c805c97b0ea14bb5":"e02f7a856266195fb5f4810232cd5c71a4465e1d95625c01e8e7eb69c63f6796":"7cd18b8d035b57bd01464280abe891b7faf55f9ed9910d9a148b030340c67cdb":"918c4d43fecf993227f7c120d239a30d3c315602800d6d58b9e9e0715964cfa3":"b8a3581eb4a208d1ab8f0e84e9ff3d2e0ba57703a7b5be2e4f3a3ede2e2519f5e6068c28c41171446cfbc40b48a97bc7a9a1e4d3b02f48fbf55b1d63da7cbc5b7a95f354afda273dbf5bf099961db4a4c5f296286dc0a51091a522398973d5527b2e55e0523c21fffdd0dd38527bc45959d5a711d541634e3139577312d678421eb37553c127beec64422316e48542a906cd7efe0d96eae3c4f2db7666083d9365a76cee4a207d712ddb04bf775be29ed9f030eade4537961737e3939a19e0769a3a8b96d055120c49925fe1ebc4a2ad54468421dd5465e8761b3e2e384373a971e408dd3a54907538a7d887986677eb192761959a4293523f81647a657aaeea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"d43927d1e633fc3433536cd03617a97a3a10a7ecad3f0c781602829f8ec7feb2dd5922f2a2dee51db93bcf35100a8364":"3335a02aba1ea28d2e56973e21109e0adfb5068613c447e625fd83a8d0e34494":"bfde33c52407d3137123812c4818ca1e4b61878b8f9dbaec47935e3948a88d0d":"42597cf03bbee0e003d8677159918f5318402f7329f08e1d93c850e2a2a2f1bb":"e53c7d0b376a94809f472961acff314079014958935cd67acc476abdd919a43cd3f7d1462d0d6e628ef5d0c8e04a6d243838c61ea36b015e84d7ad59e49b45c9b04f6ec78687ba47156e429b2fb6dc2c0da4f5677d1f689cd28612cfa6d95628c26b5b3e01186153a1c25c02f5ce5fc287623358687d2034347b2433ffc1445a2d93cb0103ccdaf0c585f7f4e7d41aef310be127208b3da90523aceac5fa13ffe77eaa4d1fd058957c8dd2f355cae7f9e3d8f29ec7099599ba6c755689d53d6ccd84e33407a066506d97decd7e306d22ca6e0faa7b94f91f4eb004422ddf9dd6b1f49b6400ea55d40e25c67103ab50bcc92d100e89ba569b6d51aacddf02daf1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"0bd69ce9a0a66dffefba83ae563e8df0fc6c7d7bdf491bf52cbf3f3777025cdf92b32217f550a1fe735b8519b44b040d":"820da3187bc879cd1f40476fd9677f3b67e02b35b6632ab68891e25f10555b69":"903b882de013695b4683316ffbd7c7809288d54c72e369f70cf172bff85e5629":"cfb5f494e76486ceef12dfe1bafd6ccf9b0754d8d2306fb0c41c0f4e921317ef":"ebad5e5a358ceab806ae5590d80bc0ba5d4061f49f4cb79a8a9da4fd1e8cb8f41cd8edc657c5180d18e62da2b53a50085b7e18b957eaf4edc975ca9d43e380434f51542dcfa947c322c708f3d3593c520717230df17f9341f02a5596b2058a27ba23f72a862b391be884570b22e20c80dd20d0a935f068465d554c8291fcd88eff608e92200f90cccdc82cb5697f0406654d9582e8db54225aaa28697bf2c4f47eba086a575298b991098c212c9e8d95bfa48f7e500c7223d9cbffd1df6f725909ab6e9aa837ff9e69158af434d18e5a7f99d1aaf10931f380d88344ad841064130cae50edf8687615743735f80457a228475bab7559015c4f45f91bdfa31d87" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,256,256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_no_reseed:MBEDTLS_MD_SHA512:"45784684d6004731689e33e45b344d7b68dc4fa841133cb2dd65c4b326dffa901109dfac2e48bf17f2fea33b412dc653":"7c6f4675f7a0b8c424d5be9e809efa305493874d9a950cb343afdfb64e77ecb5":"2b2dbe3834d8be93f1396b19be83bd96823dd82740da71c5eeb7b21865021884":"49c322fc1bec86d3e20628d9bdc1644e6f5e0237c7c694746bfee32a00145696":"9110cec7d07e6e32724bf043e73021b3ca0e4516b619d036ac9a00914e12f01ece71989f55c1caccd542c60a9cccffb91e203fd39dca2d92c8eb03ee7ee88abf21dc6891de326c3190f25ee9ab44ca72d178db0f846969465b25a07dcc83777e6b63a7f9f1a8246dd31ce50cd9eb70e6e383c9ad4dae19f7cec8bfe079b36d309c28b10161c28b8d66c357c7ee01f07403a596366725fd5bd3a5de3cb40dcf60aac10635615b866ae633fbdb7ece41695d533757d9d16c6d44fd170fae77c15b7426ed6ec8c9d6e9245cd5e19e8dc3c8c7e671007ce8454413bd07407e8a2248bee95a7669db6ee47377b4490a6251abb60cd4e2e404ab88aa4948e71ecec50c" diff --git a/tests/suites/test_suite_hmac_drbg.nopr.data b/tests/suites/test_suite_hmac_drbg.nopr.data index 3f5f3453d..07fb24b71 100644 --- a/tests/suites/test_suite_hmac_drbg.nopr.data +++ b/tests/suites/test_suite_hmac_drbg.nopr.data @@ -1,1200 +1,1200 @@ HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"79349bbf7cdda5799557866621c913831146733abf8c35c8c7215b5b96c48e9b338c74e3e99dfedf":"":"":"":"":"c6a16ab8d420706f0f34ab7fec5adca9d8ca3a133e159ca6ac43c6f8a2be22834a4c0a0affb10d7194f1c1a5cf7322ec1ae0964ed4bf122746e087fdb5b3e91b3493d5bb98faed49e85f130fc8a459b7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"ee57fc23600fb9029a9ec6c82e7b51e43e9721e4393ef9ad841d276ca9519061d92d7ddfa6628ca3":"":"":"":"":"ee26a5c8ef08a1ca8f14154d67c88f5e7ed8219d931b9842ac0039f2145539f2142b44117a998c22f590f6c9b38b465b783ecff13a7750201f7ecf1b8ab393604c73b2389336609af3440cde43298b84" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"ebfdad13c8f941d279dbb4de8d7706ddfdaa279f5e4428d6f785c5b2f833b69b09b71a57cf5701d4":"":"":"":"":"66e35f9b8e05a861a0b3d01c66c416d5e8b77d4d21328c625cff9163ffc92e753015aa9d7f36ae3a961681d39f271d0b627787868cec3dedc520ecb303f96a43cec67369117af268a19f5284880cb3be" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"4fc0ec777ec5a5f3b9ea06831a36acbb9e9add057dbb73a83367ba7c163f7b99a56ab64274ee64cd":"":"":"":"":"7910a801b68a20570ab0e593bd565021c8a543ba3942bd726021a7198f1d84c8806a6f9cc12d196e1cbfebf325d0e1971746921b4d55483fc366d2ca837c4fc9751fadea7b04c0a47d1e37649f7beb6b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"85a41bafaa923240dcf613a53e28d8535474e05fb59ba1eaccb5e28b1f2493675cc4f63475a69b0d":"":"":"":"":"2735fb69bfcac5b2f7f64e747c27d9957fc6a3cd0b3eee984641b2677655606e6b0ad6c875c7bf1333ab1f9b15ab1d522968059f78eaa05a70437c6974ec8e29c8ca5a0eae5464b32e9474e4fa5d4236" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"b64416ea406772f955fbd7da30c67f6a42e0b9a889d55454e03a88205eaafdd584dd54a40ea5c7df":"":"":"":"":"44bc26482a49da5249e8785a4e44d91ccdc6103fd666b480350ea3a09d8a8cf9e30c103f53559cbf55e13078b7c6949e4e90e1ef79ddd234166981f715b8649834c27b17bdf0f0689ed18eb850b43e85" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"b3d4041201f4345e0a818de136c6aa7e6b0612e1ac6b3f2f26f6ec328ac7f8966dca90e162c297ef":"":"":"":"":"d9245a4a0ab0ca97e747c0d29098979e8248e53f0ec6b91678972f3b5691e7995ad2eb99640d3e9a8364891d0ff179732d633f762d6592a4d49c4e667c699b2678929c81d9bdfc74d6575f5b727f4d65" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"06dbf57699df40ff67287ec11573b75b47e40e643c47f4db89bb41a3cb66446449b503b38a1e21fe":"":"":"":"":"0d06c663f9105198a34229b0e3fcffd0de9a445f4fc5d5bb58b55e43cacaf0c27c07e5a9c3734e8a8e0885dd78cd1bde0777e3330d2fb3b04203f6c2749a45cb96bafba3bf9d1875dcbc46b6af558228" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"cc1ca95eadbd1bdb2459f44c6653c441f225685240438aff26a3447e8f504be4c42beeeffd884455":"":"":"":"":"e8f3cbe8e1f8738b4fef6ae67662524c99cefdf7b416eafc15750054ffd7c288af1c13ee9a61d19f7163aa21f92207b66348228b56d64438ad7eec55670860fda3da9bb0773f5647c2bd03378d795c71" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"e68bbe5c6bb3a37207e6742ddb79c0b1640fcd3512909acd16aea846c8db1d76ede51d5562f20639":"":"":"":"":"5cfad20546a1cc19922f0be7b7d04ba7d8335684354541b1ec8ce0adf3607446c8742d7737a566c92fcf3b2fde205197e9aa95c739d677631e28403eafed1cf45f22fe29d3979126eaaa46a4040a4c55" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"ac79be87bfbab344797fa6da775516be0923da6ca517407e790d1e3cb052983146f9a757fa910ce7":"":"":"":"":"5b4444cb58df47502374fd6bda064cf1d70d253b994f1a6e5d4e62741846472d9f1cf14a2468aafd4ca7875b31987b8ba0de9144648a82602c19e293f2668c9519be3eb8a12f15543395348aa51697b2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"cddc43355e651255dedf171c9aa1334452e3e830cc4c21605e927085657e7422b68bffab74d8f78e":"":"":"":"":"e57f32e6a8a847f033802a92e6282c967eb18f3c9837b8bbe5f5e8d9d6fbc4d571412b873944d20bb8a354f787c3004d0b5dd5a92bdbab600f55d1ccc52275715df239a1e2a79040862680f34f5cd4f1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"eb1a31c96683124985c9b412d16dd899d5da8c43273b3173417ca1a9392265b273221bbe87831466":"":"":"":"":"59e4d915349514f4aace3d9eebfd30b58e8246c7dce23bd4c4e47bb9ac8c2696441d5b5bb2fbb2a1b585373ec5ee55071f2ea868b2df342b5f2df48cd026ddac9114f9142db999fbcde7a0c23403fb37" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"6a086e671327087dde91396dd73d5400d59a4fc5b26c0558b7d5321e4f22584409b7e6e014e7d062":"":"":"":"":"70e17ca71ad75e40ed31629cae3fa9c23374f78e020c56e551907f2252706bd4cd4c47d099dbc072429ae53e34ed208fdae5e6ec13e5cd9b435c1b25dcbd099132570491e7c3544cf8ff2fba553c197d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 0) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"8b7086efac1e3c3c87c3798471d4afd028b8bab0217d403fb61206715d219a93505b62cd619be51b":"":"":"":"":"0dcd502c6e884a366b50f208a1b8c59ffb85dbcd72a6e2d75aea94c9692a55a45fa7c2900a277dcd38b79cf463ac8961fe54df47bcfe5a60555ee4ea2be76faefedae3ce65db4b3f04301cf5c43ada43" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"7d7052a776fd2fb3d7191f733304ee8bbe4a0ceedca8020749047e879d610955eed916e4060e00c9":"":"fd8bb33aab2f6cdfbc541811861d518d":"99afe347540461ddf6abeb491e0715b4":"02f773482dd7ae66f76e381598a64ef0":"a736343844fc92511391db0addd9064dbee24c8976aa259a9e3b6368aa6de4c9bf3a0effcda9cb0e9dc33652ab58ecb7650ed80467f76a849fb1cfc1ed0a09f7155086064db324b1e124f3fc9e614fcb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"29c62afa3c52208a3fdecb43fa613f156c9eb59ac3c2d48bbd87be99d184165412314140d4027141":"":"433ddaf259d14bcf897630ccaa27338c":"141146d404f284c2d02b6a10156e3382":"edc343dbffe71ab4114ac3639d445b65":"8c730f0526694d5a9a45dbab057a1975357d65afd3eff303320bd14061f9ad38759102b6c60116f6db7a6e8e7ab94c05500b4d1e357df8e957ac8937b05fb3d080a0f90674d44de1bd6f94d295c4519d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"0c0d1c0328a384e697678ac87303dd62c8780b4ac33f18674ea4dce5b190d4e381eb7a5b5e12b4f1":"":"0557bc052aa8eabab0baa42ca38fbbe9":"985865c180e0bfb7cdbed11b58b5e509":"f40452f8c5b8f4cbc1675f70bb803740":"4a1f442eae6c861b622014b079dfd47543176b82bc60826cfa02d3923ef0563f8deba8362c8d1950a70e80d67189fb4d904b855ed0ac39942aa8673e0951b4876354b849a6c1c51d0c35a3f4ed4e2f22" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"7cad65e5cc2888ae4e960f5d143c1425fc0785db471cc55e66451d29cf65d899a281905ff9b29e87":"":"800d583b2560d2a2300132ee2d13f19f":"42eae705c2225d212fa0554ac6ac564b":"72081e7e70200f1982c3ad9cb1d3ddbe":"953e92258be7ff61b97077252ab9835231e366dfa5b635fb889c337562a2641d3aa9e46feeb2a4ea03cb73f1f801594c3cc71d2945c11a52bb0e93419df5d0854ad5f2e36d223c119e145cad507495a7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"3084c8811564168bf7834d9a6c9d0ad0821b13a0b66dddc5ec2c90278236c08b6f657611a16636d7":"":"9a7665b3883bed37a48b07f98efa4b8b":"28bfe9605ba856073ee69145ccdda4e0":"c26d7c962574aa587b3eb7a8c29b2e08":"36908adee4c1e7ea4e2f266b65aa7d7b5113e4b4377adadf4406bc573e04374a7e8b9b9b36eb0384e9336a9e7b4f308b463bd7aa9476154ab13181da5c2da9675a376b9c82ace5391e378fdd0cd4ef28" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"a0410a32703720abf2e28e252b5b9176cb96935082bc9ef4ca7bcab78fce7da97b0158379041bd6c":"":"b70982af7b5e337cfe989703bffc09e9":"8df8b08f648518f7526c24bb95df1e44":"6775865f451ee055ed2242076debe237":"548f66f0acd9ed887ceb7f95d1c9a0c29e2f6007b92c581e615139256bea63d0fcd7a9b950e3e89419d2142c5d8f5bbcc2ba5b0dd67689b7ade01d984e303a529165dbdd140edd69c3ec6a4ddd63e091" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"c2e9a6e2e29f47dee0e808660c446a4faff465073a97862c2ab6787095e944c5276d29bbbbd7a777":"":"358ffeab6a24f932abd4c9577f84cb13":"37578c2d9b68d43d6c83164a4c43ce37":"02a7c9575d9527a33df9fb566373db3a":"fcd318c83563f72e5a21d4a93a84254e0c3bb6d3ded55c3d5939dbd5d1525062fd587a422012437aeb88589e669e5a5d57f7ebb16e30590f6debd0eced84f8e57d47a3d123a52361145a8fab258ed19b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"c93859e7fed1163b070bbefcf5ffb0a66a6f5b986116adbd959d37ea3b79a197449169bb01e0143d":"":"c62840816ae06eb725be9dd3e2954cd5":"5dc60578a6a309fae33ebf162c22fab4":"00d0fac12a9b66b7ea936411f1645d4b":"ca2eb212b29d5a38cf72409cd8cb4bc401eacbc6e59c84551cdfa12c1c8fb39c29c9d49905b25953f727ac24453ccf1c6f20a4c3fa7c33b052e4e82c7fcbab70ade865d249b6a27e0b5eddccf0567d6d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"237a566e4a46994fb13af5b2d4321a03fdf5cc54f461daf30949f86b7b223fc341ddbe525c533339":"":"bc252901f8f5c9357722a424b0af1bb1":"6020d93df16b10c31d8802f6bb9ddfac":"f9104117190d905a30c65c0a76148c7a":"70e0611f1cf70ba93e3cc53da83fc3d6064b293e90c117ec12cc79c5e4edf845b6a5e2c4ce75ffce5d18a75e24bf51300bae6443f04a71047a8f522edb370689ef1b2cc13769865b69dc232963d90419" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"80c2b6fbd576cd57c38d1d1197b9e7ad43216111a1ec8b5f31dfc1a4e05c15ed96288386d0768951":"":"1af215d9b991e4f7ddc2a89fe23388a1":"d889e43410eeb2a83cb6982f38077756":"c77e7bb93115c10a56db1245e610e8b6":"af9f8c34654f44f42914070dcf1e971884902b428c7332913ddf2e342e776e01dc2fc73cd803b3a492edb15e7cc755babc23d8a5007bb0bebd7f02bd168d055948e6a5b66a3016951697617eaad371a8" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"d8041e31215f7c843effaec3ab722e1d271753acf2ec9ace8b5730e21c0c30f9daa98580695c4572":"":"347fc86229e2e6f6af2ead186248c2f9":"a09c1b813fd11102df392d116f127de1":"0ab6c5c7f689bda8a3a7f406bf6df33d":"e09414c8f5ff2d8d6b6523729556dc1b4bba6e4cfc7a929e4561cfd32e5484918c7f21e0b533c3e3827bb8e115cc6a2aa5def3d946001564eda8cb36fa5aa771651e4837ae60beba32e01f5d59c0be0c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"b0f69a20531c5b186bf8c16b25fa1de8d6817ba362a9a00ea3aa59b018b7ce8648b7f84ab925050f":"":"2905e4b0803d221ccfba43bb4f1e3338":"0460c4ba1738dd7c662e0f4337a454c5":"b5a7870dc99f5c2ead93dae773ab55c6":"a542a3ba51f4024d3876a32fd6fdaa136c024ff36b9662ed82cf580bb1d33b531b124c0e28fd0b8ec06e50dcc11132062a55bdb961a908688ddccda12be8f1242f8a5ada53939e32d8c0381250134686" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"188ae42fbe0f4e9e17c7b0432712aaefb1667157132f8d6240fd9d19ba9f5f56f58bd08e9842e2a1":"":"88560712277f73d457f62b3769189381":"892957bfbacc684af6d31c8befca8e4d":"a9e8986ff89479fa506780b07b09c2c9":"e77187930ac661bd1a422e29cae4c67370d9e8ab0e44ea9dd86b11b2a1c5271162513587ed02df4c91b0e04158406763e72a443a196b6a2e22af72ef2732e3916cabf518fa58ab89fea5528153818a6c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"ad490819bbb9e937e0d0a749eb83465470fe146ad9f3ae0b104810bbb28773e538b466319bef5d6a":"":"e01882c8b9bc52d584274912d93367e8":"20a03700499444028da4c8fc5ba42d8f":"6574be269d5ccb5d10ad5fd6add77e2d":"5662845711b5a6c04715dcb3293f091709d87703f1a449858f074858958260ccd833d9699fcd0bcba7956f9036808984828a3a9db2041556c77b1644a7566bd8892ed53e418cb74bca1a8d65f545c3e1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 0, 128) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"aa4ea001160441917ac60f6231468f7da993e136dcce82083cc6c81b69e67ead392721ea79b63e97":"":"50f89606e793786a14ed11b3026313ce":"2445d7b670fd77bb62e0c1db75671863":"32b79488b44093ee7fdb4441bc302b70":"1b803314c8ed124bf6550bc63babf09f189e59df3d8d4103567c442b6783c32b236a107d4accd7ab3e465d29f6216349baa298ebeafd3c5cc198f0880868b8c9b67d94fd53626651200f5dfc939d4128" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"11c0a7e1472cec70fa8c1ca15759ac5bb1c73c22db39cd7bc6ab59ff708a5c1f598e75df060e1981":"b24e392cb1f3c18af2cb50feac733e32":"":"":"":"070e603cd48d56430a5ab461a751ec2a4a6aa6fb6ee52efe9a41e4611eafdfc957184b47bbb017e484ac34c7de56cd7813feb301b5befce573ad0a254e6cfe35b77c30be6b7cb5e7efa72813c7546ba5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"e05141adb678c297eebd8136885b67345b9c0c54a0ff74d826e26c9323a3da3af6e5a5a1f351cb54":"4814ea71a8e11845716b22085cc65f2b":"":"":"":"5ef29a2e7e821d529d1928e6bab16fb80d6491a98dd53695473dadead4e5142c146f1e29b101c6b1a57d8315ce34db17040c02572c6455d902303dcfcb2ad3052166de790ce0c94af78a51864efd4b12" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"9747f5a2a27c65b0bd9202f0743afbfd247b3b05fce7d31cd3e34742cffe1c6d55f8f98dfc57953c":"c3fc8430972dfa880e2bfa66862bffde":"":"":"":"92137ebf7518354bd65d87235a81c79e13cb53e46b47fa091cfe342f0253e5ee4634e8fe5fcb967bfcdbdfaa60614bf96826875608c0f1b55967619db6df24efedc86498cad733e29ee9d9e3d6277273" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"a9a8a0a7b8a58c239e083fa1cd2a8c968cfc5f074bbc31473cb71f26b82cdae4223fa32702f57ee3":"3fb4c2f37714039a1a2e6c68e4818eee":"":"":"":"1b5986ccdbac7da7fe7e792ddd445ca894b6ec08424a17fed5385ff8bd03ba782b42bc5a9676acd5be8061d535930a487902923148710ff17908fcb03db7ddc0e4b10be16c0a0365db387529a2398552" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"99d1822bc16f2e7bbeb6556c5215489ea6039f54a175ae86aaf4cef7d80ffedc37e3c68c7de03ddd":"e80fa03bd7c8f5acdda5754ef00cdb5c":"":"":"":"2236568252a384a7e75cefba04a94381941035b28de764d5b2518a98ba4e8f1d50e8230953df40db602b8959ee8f1b8831b29516f937aaf561679bac0ffb11207030ef33b26da28af93ba552c08bff97" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"305a4478bb85b0cdcb99618d8753494beee617d70aec26501eef2f751cad0b1cde509806d4064422":"c3fa490a01511e8410577021a307c31b":"":"":"":"f23ceadb881b945029b78366a173c20af93e43fd8c3be0588f811af31a7ddd653610cdfc3cd875a0f114fc1b887e4fe5042eb0dc0c36746961b1b7126950aff4c01245c215156715c7efd14c76539a0d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"15c178375c839866ab31b38b900ba889325baf19b84c8fadf2f78da359af10da64c42130f79f3054":"a4d50496711dcabde8e0ff21d3da7535":"":"":"":"3f38257370353677dee9127862305158b1c5b607741d62906cebf8babee4fc6cf1dee3f821d1d750c69f3ff5683d266df0a669d291f6816d86cd222b56a351c240afbb443e886ca194994b4deddc54bb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"7efb63ed1e07cf853fce80468049dd5ed5e55a8b58bbdd32341f137867c451d8d4e327733de89c94":"d89028d21cee2b223d634a9927ec036b":"":"":"":"477a1612c19b1c2fee232385ccdb5b2f32c845c07fa216ee410cca20245239d3220ac48770017c4d52f99a267d53e0acdf69e8f4bd1d76d463e9bdddc16bef7faf9d9baa9b9de3d397d740d685c158a0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"c7209755b92bff93a059db79883b2866b51bae337aeec9e58c87e68de33545fa20870e5e70a190f6":"34aee961eccf0b92b833f2448720bdc9":"":"":"":"285692468053547638e65dfb7c8b69aac43e16be5a4ce9898ae0d0c8f567dc27945ef6e21f36d456ca248577829b90f96a887f96e9c2a6ff2616e21c7ec93093d68f60d2cb99f2c7632f856e33ea8ff4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"1ceecebbc42f9ea1faf7494076f7937ba827b4666d0433ecc028ee75d4f55de2b223e92625e399ad":"b431a36c996ccdb5e936da7ebd216c20":"":"":"":"64d4bacdf185dd8f6eba35dc8f79fa2cab155113e020d1f12b32bbc4bfb9c85881692a5d8933a40d9fe8f6629f74bba8a99e8db0228a13c8d7776459f73dba8e59e9820ae72f8c425ac3044079c1ebfc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"d5b264cec1c7acd78b902dc14a457d30b79acd3e06a12f57cf0c3e1b8fb1befb5abb9af1f58cc9ee":"12e4101d6d4505cd43710b05d52a9194":"":"":"":"b53d3bbf4a9561904ad9e100b2601db2660f415fc5caebbb1a628b7095e6de4a3895ac5da6f2c1e1c6655d76fa5b8f75f52de41564d79b09c9d2c76c1c486f462a7164ecd76f0dfa7b5f53c0c25b7730" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"f440671bcbbb1bdafb22c06482ff670374cdbd69535d07980f43cfaf10aad2453d884ce5852dbb32":"8a69144ebeca59c330c9a4e0e644a7ab":"":"":"":"a5b42447f4d02504536df9e0ca8d98642a21b64a6b84bde4b2bc186c28b0f740ebdf2d60c664d4d89a867207bb8d4c62f1745cb3c971b4b2622423a4291e1cc97fce7128e3ecb3ec13ce08987f59b77c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"bef3995f0d2b1051554cf7b3235809fcd2989cafbad081630c538a7ba0695ffd95f3abeabf2a867d":"e807cfc52494119188f86bfea878f2cd":"":"":"":"527bca6b945db8f2cda7f795763eb5767cfa1a4195a9d9ae70dd8129158138e687a056b64f00d29e11c37a9740d19fbd16429ce4dae79029018b984a22c1a2b2b988558b133651234b35f21ff42edcb2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"5fc1cea988adf1f7c090b14370ce169300a008a687475c464eab4611cbf3ea5583a967ef0c0ee2e7":"7fed039d998bbfa3ad62aab86c176d6a":"":"":"":"f096f7f631882f5e5a6e708d71534c19eea20a57fc210155d49fe9b872b18cc04a73cb652a03ecfa0c6dfbc174811efd0897f4bd92c916a5c835bdfb5e126048f7c17daf00a845ff024641499047097d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 0) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"9c88099af48f9053abec455b7bbb015364fd593a0f40175d9d7b6301d86b259606fbca7de73ce63a":"79e501b77f967a676fe398eb7c81cdde":"":"":"":"e8d53bd119d23cc57245a8b9b2d111811dc661555e389180e367e41f8c815ab4e7aaf5a238479117402ba17ea41c1104f475e11bb97cdc414409ac516b3b28b62f284c7d4093975279d3c31320c61061" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"03e7b41c95818eb0b667bfa8a175a82466a1e417a9b6b92fd17e98c2e50ee0db00d25c3364451e95":"126dded5eb0bc81be37c10bcd9d5f793":"dc596d188e2343802240bc7f5cc60516":"14c8ec10f5bdde6b9e75898d7f9f03d0":"31aa842afcc1daa94098241a87d6ddfc":"4739b1bcf87404a2290829bd7a61f0b391a794c71c055c7cc513b28dcb5fdc88645bc9cb490f41fab134c6b33ce9336571762754343961de671b02a47960b4b4e23c5bfb87dcc19b260b3bcb921ae325" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"5810043ca63ef5e573e118abd09d5e9caa873d3a2a2a1c7eb574167bab56e4d1ab5c1725421be3aa":"0ef00fe3e9126bc53dd61b8d2cb9a2a4":"4e19f01001d1f550ce0dd0bd4cd3e216":"684183426fb6d102f8e2ce55c599b740":"1a80710e25c78cafb81cc119adb0a2f9":"eb4c7059612d0ab63c0f28ceb7b8f89760c3d2b508f98441412bbe0ac133cafa7e2981ac2750272ebe503622b477c67e86930c9198fe21f7288394b2e11a5302e3db03b59780c49907ef720199ea1362" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"c27d1abc5afd30a3025d42bf9efeb8a6f2608470db9a90f8ec4ad2a126b799402ec8a1f210d708d1":"804004607012ed7b40ff0ad8f5ca085c":"eb2393df0be0ff471d354343c43bf2ea":"92618320cace6c075dcd69a634e76666":"da54736df5d2e0daef664e905864cc1b":"eeff317050aa3bda57bdfef2d46408b3fb2e64d34d4696254c9d8a09fa1b325bb3e3a973efe7918eb03489865f5e13e9a28a0bbb43822b9ca3b209ccaa1cd5bfa5139fe59e16248e1f468f944a0228cd" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"3f34680939ba128c07c5dc5aa161a8703a45440ca68c8d5c2b706e7af101ae4a669b46dfa262ada2":"e423dd11cf92c537509499eb891ef5f3":"cd32c88c56858cc5f6d39199abaf4543":"2b24bc6db1ece7a32cfe57df3f6ff74c":"3c6dc6fb353ce7e131f8d09635465d2b":"9dce0b5b3c8201c98f54501afce1595eaaa6e3e6b89abb6f6112b5bd5d1fcf549bd13e51fee87f0aab345571cfe7d7b61069660bd8cb8ea33406b6026ba28d02457e2bd3ecbe836829a4d91481fc0f75" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"94b31b718bc40b28cc5a67ea5e891c14e1683d0e243c4868db7a613beadf1433550003dcedbd227c":"5dd27ab3ea94ac5c04f4f8c13c767354":"fe1fbaabe7a2bdf4ffdcfac0e7e214e4":"d71d9f2a6887681bef91f5c1aaca50b8":"06cfc99087437ab7754c5d626ba07083":"4186f2a9518371d123473a4c96d23a44c89af9bafe17eb2ea702902b5a955a42b05188b8daf7ec7baee352b365f46a3b880810af5c9678df5503b5e2cf9d02897be81e409145c0cdbfb83949ef327f4f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"6b90e0e1496de9735239ab6ec28766669c65e1a4bc0f5c04e446388a90d86a1f060ad436666204fa":"99455a5df2b13410dcb912f37c266093":"a47f245fa6f0d928c17ed8956d1535a6":"a88cdbf82362f1a2ea78ef5bbcbec7f2":"eb8da8a49c4917d71df7facd8e9399c4":"99b09a0bf4d00539f7c1f3c28b60cd86b47a33961da7a649e810a97c1388bbd712c6eb0f7df4b68cccc01b25defbec42b67f4a341c0460e7b20ab67abb34cc2a3ce5b5d7d06a186f48d95a7607ba0510" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"05474cf1bfa15e12bbea7cfa9852d152ea29f8442291c64a8c9dda22ca653f755d5a5f128972d4a5":"70d00e37a88b30c450580eaed5d4d60b":"651f8ad6d3ed2bf04262dc79ecf164a3":"3e693ddf993d63cd4c9d464f2c84c8a1":"53db0c0c12363bab7b1ed57d420998ac":"590e747956e6d01eadd1c9b7b1387bfb5c20693dac84f70e2c2931459b3ca9534325d84eeef1b245d17b8cd059e05a3bf998ffb517feba0b047553633dad642e8cce5c4b7110bf57aa6416edd204f780" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"7e9a4732f5841617395ee04ade213b80785d2e4fef267d51fe13973b675bfac30716d753cf2f6232":"0e725f5e2e3f5b9cb5ec36c4a4f99e0a":"02592ab8e4e2096733e6b300eac278ca":"2f3f8e2504bfe008aa1fee1150b47f05":"2491177e84e06c3c6b48235b29c316c4":"ca50da0839de54bd9fec1a4b1d6edba1e68b47970adc36fbf88e7757af6962d9b8ead266f8aad696f920a1bfc702d8ca43c4504cfa42d7a603a55fa524c62fe49e698f21eda7025c9b840ec1b9795066" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"fc16d69df6254a9b7743ca43a64e9d1f5986d771b6cb069a65484fb4311a80479a4d00a42ce16cd6":"82fdba5fb4c04bd550eb5a8e2e4b0a31":"998b27a8e314b99b4ca06593bf9d4a17":"b97706d6068cbf8df35b28a2bcba3b55":"c24e22cf478a61f1adf5beece947e16a":"29573d54e80e43625024d149e6ea55cce5728bb456e86b75175d38ad95aeb4ae5c47270ae774374ca44e2230c5d1861ff954f9fd432a5e8367abe49a88ed8eda504b991747ea9c4cf448ba504cb7de14" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"e917537e534f9433e40f8271a799f859524ce9bb84a53caaf9eea9984d8ebff701eb7c5f627074bf":"682088f3ce89ee635f5c8ec25ea8c8c8":"085a9d20a2d017c4d3e57d20cba52714":"b07122c8eeb299295858a2fd1d3b6098":"1637261b4b3e7761b5923048a46d1eb0":"be40786139aa3966fcb85198d861f5239cbf8886ae8e814571217dd4454c8646c4c8428558ee3d80c5297add64d6d1a991c4fdcd72cf42f82d73a89b8bd2364cd119821b1bf54f69acd01a7586c53925" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"85ed8611ac58af2d6b878ebca74256d3f2f20a7a4f174822de6ea8d0cd0bdf18d395785f0797d371":"f2612085c5d8338c9b77b9b1eb8092af":"f414629fe7ae0a21b211e09fb66512b9":"b943191d1882a390032339bdefd19351":"4adac9816998cb105d1c4f7cd3d53764":"dd79426f61e81d86561a98853b7e187eff7db3e8958944cc10a74e7b12db3b08bb4436bf64694c5b8bf1857e791ae7194554aef6b48d2b33ad6854bd2e9771bbea3e08c2c083a82cb07d7242ce22db2d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"6652b1c0403ef16416db88e49456119115d3901cd7dce343c718324222094c25d85c33857daf5b28":"a580613da8ff7b06580db9a42bc0cdbb":"923014039cd117f924900cd330607d0d":"8b42f93d2ccdfea272f7a03bf37b831d":"28ce97668d6cc92da8ee25077cb25de9":"d31dd59237b3c8b2885838840261727ac116bae673b554fe9c8b0c64b1573a25bc4a14c1942d80563fb4165c57e1aef5c94c1f6b1f88ec6bb2bbc10ccd8149d175e4965d07341aba06a9426df0d0fee3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"f297186aab4f63f6fb85c4f29d659d6e48fab200424d67dd52fcacfe725ad65c0a47de25690c0ac5":"9414f702fd050f7edb9a648cd833f8c9":"91d5eb7962ec1051004041f5d23ffc34":"94afc7023650c2edcd8c957e320b04f0":"b6b79df82780297261e00ef05389b693":"ebbdde904350c6d803fe258a3aa7a63622f2e9540f03b1cf687e20ef35fc5ba6b616254710cd4515eaf69abfba0ba778b87e4ce1f9f1fef34402c6e8d23efbdeb7da53a3db733e69527d36f24000251c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"90899d2da97759cc609f956f5f391a0edbb422f45afa0c7274a2ef5da636fec70c6d926b2670b88d":"23261c0e7226d749a0d7d0166e92dae9":"8ea2e411827c5d8b54b24da8ab41a841":"b9ee1c9923240523e7e4745ef93581bb":"bb0f785972cf68222a5eff4c7dd3e28e":"2af35b1fba0c62aae991c12d50c86ce2cc633224b158b157459c41a5444072e918b4c777bfc84f8000aa238a46c5d5258057866f2484971d2708c33497191a2686f8ee9e3657616e00dfca61e0ffb8ff" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-1, 128, 128) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_nopr:MBEDTLS_MD_SHA1:"4e8227e8422d674cdb79e52cc30b7b84f81cc05b03339704dba3e731fc81949e679a4257c5fd68a7":"2d6e4af02acaf230bf746157ec624ba7":"deebb368a79c1788528b589056b1194b":"1dbbc7a131e98344fd748edc6fec11a0":"0266e8a066dcabaf6991c7a91e1c6e56":"e51fc833a60b099e56996a66820368f5332822c8f9dffe8459c80d2512d451e1669ecf6e562a1c295fa6981fa651fdd3d8d936c18f88d5844393a2a371aaac8f485cfe92926f1a54980500edc43a0a6c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"09effa3906a5e93d05530edc71e62b39c5e4da020537176c23823da52dbdbae8307656cdaf8f861471dba14533c880505874098917e338f20ef8d8a1":"":"":"":"":"d5de8a3388b11e45085f6d9a009462947631c4e74523080ccd03a0196aa56b63a93a2939f490e9456e9fce3e9000e58190991b9aed6d145ac18f65cf2b1c17eb021acc5256eb6a7e9023f62aed87d15ea4e4b328f265cc34adbc062d54524365cc9c5073a8371f35dc2f459e1d027515" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"29a7071e686936e60c392061f71b68500dd6f11c563732fca9dec3b2f859e06a857fd94e3ca1817872d94c2b7c2f283a0d2d12a6443e95f7e700a910":"":"":"":"":"72c0f3cb7792bfebbc1ee6f65d40d118a6a1c4e04e589c8f70273b4c7b718c9df383658572b894838a311fc0aa2aa6258758b33783e192b0c3c1d322809375dc925a05605fed8c7e8fb878fb63c84ce639fd277d9955f91602a9f4777b7c3b15404c4e761ec8d466674e32136c7b8bdb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"abd3dafc85b23025792bcdaf9f410829d3201c1e8ca450e217e13ec2e3b744e8c54107174a6e69ad05f643ee5cec49cd47ea88c80b96a0944154b458":"":"":"":"":"152333e16b04283dfb8c43dbb3be43b5db2ec49a399facb65cebdf7ca3ed267792ba308cdb0649b0c19cb1126b144d5766b5afeca98036a1f85cd2cfe3b8071011b69b2aec382f8562d9dd4331a554f3a3ee632cff308488b30a7416be8bbdee7e250cd12f371d069a097e9eac43031a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"caa286c160d22af10922ee6088c269d0c963034e5fd2a85d2fc171d0c4ba0833b630a64ab09965f132a744656631bf2dd27430c7c2d1e59cdcf43a97":"":"":"":"":"4d6132b9ce70470dd36f551584ada639e74b85fb9bd3c3e350011d99f2dc0371f874e6b9d92eba3fceafe34e574c1441d0d476c475b704755a28733e31637962cae67e849bed18d77501383cdbc27ab6f60d5d8d26634ef39e2c60fcbb04a9bdda8bcfb9b2d3aeec12a21279ed553343" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f79156a2321ba930e15109501ead80a3b26c1747b7a9aeb922d1a9d474df64a1fc3483f10e88a7fcdde91dc06940c58bf4d747b5a9cd8cad2c2e9870":"":"":"":"":"1b3aeaff973b2e20cee947ff283277991842a22f45cce9d22c1705daa51a56ab43aaae1b51bad7a7363edc7b548a0cec6b376b925a6e35bc7dc3b4a33a7f3b57d66b1b35256908bd2d8f0495caf2539ba4475d766c21c2c2e4acff87fefb07c662eb344d9c99ed407165f8a09a22816a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2dfeb70fc433426e23378d048b836f899cbff52d4a92c6d7d218e3aa54c06793339a752f86f03b7fcf89bef725339f16ab1cd28ec85c20594bbdf3be":"":"":"":"":"d403dd8a6f3a914933253db9cd043421e54243a34043f5ee11a3b6a627e25d944434eac22a00172caa607ebf7de55b4c4305c2b93428d5fb4cf0a649451ec7fc5da65c4894cf4d2f3d52e90993544237e5c58745441c9cb2e047513ff81d9cf980d8b12769c21cc8c06f6d583b8be3dd" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2c6ba987bb61c4131138bb8acd877763c2c7e1f86289a81b6b54d1d8b399b5a5ac7171c0c9c0b5943bd7f54bf72b20307834e971bb637b351a756823":"":"":"":"":"7ff01def84626825fc22a62cfe28f5f95403bb2618eff22529b6531aaf1032100944d5f9703496d165c5756c0aac55b1812a72940aa5317fb6a2944d124e7f65766f231b6bda06100c5ad0d1b37c488e0e9f11a6d8f7e4cf7337e04d094ea9de2db1bbecf40e0cc8d1fc1cf5a01cd081" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ba08acc3a00b9b40d2bad8cca4909d3bbec5471f78d0bf89a805d839b8b29fb753c9e5d3674365a7055a187a238ea1cd04f482d24d856b67eb54d71a":"":"":"":"":"9ec6ad840270051313c5825295a6f7527a8b1b9b3e7c867e5642a984b11911be60614e5737d3a0d109eea4223f0d2ee63cb19be702291a771b2e2c277f2d4559176fc5adccea52492e3d3ba7d17bad5b5f487d783639467997d7668ce2173ef777f9e31dbecb6ee716b5cedc8bc5098a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"95413345228eadb85b67674b9981af34bd6a4ae04866229921be928c06e6a6a6fde8d31a6a88f24d6a1114ccbe08ded9d7c50c3360bcb8908a615381":"":"":"":"":"d4dc08e36f94e88f8bfb1919c13186139591edc681affb61c421d32dfda69e507d59495bcadd39b73c4036ef440dc598e339473caba60e0770ac4729264b1dbfdaf32ca6d136ef6810a6660fa5cbac91940a28053c0fa405c7b6ca5e3f147b5e0096f36b67da9fce64247cfdaad70fc0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"9b6bb9589f41e8ed6969dbf1a3b3d242dd5e133711f72549334c74190e4efb1d0452016ed4fffca9561aaf219e6793bfb6fd3dd9500bd61e6a62db66":"":"":"":"":"cee02e4fe0980afe6ccbb1b0d80041ba9841461397494f0fae5188228fbe9822e3ffc5397b7caa29950d95536e7000e1249e5bb93a593e659a49689add16d2f5e02ff251c76716dc426010c2961a176bd63c29397f6e36cd4de2f2b11e1260b9f9a00bd49b4b6617fb056b82c92c471d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f276ba0da08274a082f3b8ad989a713908873b742f96bbbf8c81b4e1a7e4857bc99aeceabe534c45105306b14860883cd56f2438a7812b43f0d911f7":"":"":"":"":"24dd3eea9a8e1f9929ebbbc2a68379caec77fb42531a97f7f3a75d16ad053799ffc25cace4f4553c271ae360eca1f5131ef87bf0390b26785880db0d92bb351e6e22409d600f6dab5cbb2278b8784e67a40be4d8ea6d994115c67b7224d721d1b3c7fc5b24e15f97eb3bbe33798d1bb8" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"fa5ed9189f21d7e94764bddeff23050112868cfe35220b863e8112f691c57e6d6c4a91c752c5f0b37b97d5f3e383480054877f319a568b064e6562a4":"":"":"":"":"55eb5ef1248b5a34c741f2076ea5d568da630ce4720b7e2c86a9dd535b48faece2229866a36024fd4114249be4730e554b772d557ce3f8b9d4d86d91202582213a676a076b87f941351c7606a452816db5d0f8194825d402d2fe7ebb2815532091b3830a9616918bb0e3298faf037bf6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"d0c5003a6168163f707b25191b51211dc1ae361df1e069d0f284f66967aca4199809dc89368164213ae17285674e5574851582372fcae8cd2733bf4a":"":"":"":"":"24910e1a9304471d053af458bc3fdef527e8796e33133f5af005106b203e8fdefb274f1c0e8ff44e92c63bef3082c6e5607a7981a6076f1a1d15368f4330c7012509d5f61b4349224a87960bce9873725145f187aa931394c449f502d12b60655a0ab2a221134a51786c3683f9ffa2b2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"bf5b5d1c891f7a6f2dd3f4d486d693fbf67f49584b7f053aa96ddacd9fc0cdea0fab8209d8f4335820ce68bfa04899b63cda15242e9cd3f7acb1f103":"":"":"":"":"710c8b33ab034b50a29de657b93f3c71df4727a5219a474350c88b4e3974ffd0d3452e8c4d26f579e348f39cfe0d20045a70a866c5e16a0c22aa0d69b739f74cbe8b046bc14cf82b86498460bfb26af0771371c2750f7c59320c6f6fe1d04cfb40c048686b6c1b69dc641b8957c2c341" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"525615164dce0dac5397b357546aad049dbe5982da2c215a233557553460f8505a3e7c8224af561190099ee21a06d62f9f00e282b32b486e8d0e338f":"":"":"":"":"3fe96c9b10c4c8e43cf3cd76ced4ad85ae576f32ea6671ef284f7c97491b72152a18a1060145e4f5e7c0c373c396cb4c8c0b6d625c1f0d2ae95b0691cb1c80a3dd5eaa21632a82aaa28e09a2bbdeff7fd8812fae46deae14bbb16da24d06878fc417b3554fb47b0ef9fe18d1b9d4f4ca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ca81953d50430bfb09537a318a1a7b90a9200077abb721e55d9ac28946fbf75d9cebc81f11cf6d4db712a3b91d479e00ba30d736a763cbfe40b91448":"":"e50aa8bec96339cf2608bb82cf038d5fd6bf93e65271cb72":"5c5eed0d98c7fc7eb30acddfee002d5b99c965949d4e2095":"a1a7cbc79bfaf4571cd8020da094118d241b3f018ec823ba":"c8b7d9c15624ae018a8612edf6444354c45c6a788272281c16526c689a3dac36679e44d89c4acd7eb58ff40a577c3d1a9f4d0175feef9ac5674c115d5e4cd17f2369e0135e33b018bdc99e4099713ace986a145ef55e868f74846feb3592d44ca3ebba6044a928e9284b5ea75063ae81" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b96ca1202fa959ef55a683a9021068e14c75376e15d1f0394b1c091a8b6dd6b98b6f63747dae58c29186179b4155b868f5a81ca206a5086a5759b025":"":"a35096086c1fdeb1fb60dd84fa730eccedd53e5b127eecf9":"a3269fa749e55850d4aa9e466bced0beab2edf86b926c2ae":"29f6799f7c78fdfa2d0dbdde8381aec5af249556903f6313":"c63ea73e1ddc9d55bd64a63cf73f730136ab4f6d688a9cd56b945f9875ef4ff48cdbdd8b78b898486a685d8af8cccbc2a834a9804e566ee7138c7dbf488d263fbd387041f835ea46ad27cbd66721428ed5795f6ed044cdb17c8e7e3ecbf61dd68239e8fd644ae85776050afbaa06caf7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"59af1213cfcaeea29e31400ab6b30f108d4a9a77d3b370972d29032cdc612b7c360c41f16b0c9d794219300fe0551e0e66d634a4eec396c50ec9604c":"":"66ed9352bed73224d35508754aab68fcea10aac06d60e888":"198a3526a67a0ce31ad0348bbdfecede4f82d4203d1d5ca1":"03faa2f4c34577cd8b2ed53e10c68c83c1ebc8d877379178":"5e24f1a9083f13274ed1020ab6935222cca644d0920839c2b142e2780983204453d2e6c58518cb351188bc3e5e3b64015882130d745511f004cfb6b64831139e01ae5bba64b74f1a1ede7e220a6d29b1067d7c68ba3543f4dda2fc97a3dd23590c2c18b85662618462ba2c05231534b6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e6cc94c72f37999f28b5fe350bff622b433ae19111786c747d954adaecba47abacfea8cdf5eab05e2f750c0a679cfb9c2c2c071461178a054af40967":"":"3032528703dd66e42c7b6b5881483eca41e9eea503852eda":"ce8c03b0a05982ceadb516b1fe513da2403a9e6dcd7a39f0":"3f7ccb55376f23dfac1dc13be617894931f9c13d15fd3dcb":"558656cad7da2ad87a7a29ec5e612addcca96d72ac7b224cde80ce386c6efda12113fe9aa8e511714a42edab53ea0289c75d34b42f2313ac366f51f5dd3f6968bbd4c09ebf840dfd03852dedc1e3b6209d932889cb04062c644482106cf8b7a237d2937840f0c4d752d52725b5590d15" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"cd4dcc8fb50672611f19e0cc8adcf9285f9d76e7e28bcac34e931163f8057b9f86424e5d514a13c0a25bbb49ee485501ec5e21061e006ad1569d2610":"":"24480094a44067b86ef47db38ec3e62914351196358bd9d7":"c6ac3b879adb6c150a8ee44428c333574ed9b0d6806848d8":"92bdc1514d87daaa321655d56c6302878c2bde37700163e8":"21c51a1568aafb56af1fd424f6fa146113d14d6d63e1a24e3168130ebc10dd84925bc4077c41897aa8b3c73aeb5bcf392d496dedcb6487379bfb3e12bc07fcf5c196d59fcc1fa730e55c00edaa2bca7b1e32a40ba06500ed3dd7fcab361995319979a0fa9cdc406a4d20650814e8bfac" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"fdca0039e8485a06e6a9afbde5b07a1bbe49e13659a2164034289639d23dcf3f9874b8fb1a1af8495b6b2129b88475cc529c96271bc1bbb5c7c2ea03":"":"841f765ed5f00be838a270730ce5926659cd7cd9d5b93ca5":"825fa13ed554973768aab55917cc880183c3ebb33a532305":"736e9de931198dd1c5f18a7da3887f685fbfa22b1d6ab638":"dd8596a62847a77da81818dbbeaf0393bd5e135069ba169f8987f01dc756689342cba61d87a79d4bce2311790069d10709c3a53df974c7d6793ae1298253f13ecdbb5680928579b73d73afdcd24a703dc9b391f303d8835ba1129c3d46237ede5e44732a74f8f23b60a3a45ce42f042a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e246e3f95d89c166768aac69fc95fb49eec49aa633adb938ce1705b68987aeb0fae7f57b7e99e4f3e3e1b1db2d1fedf443bd2618e95193cefd905e1d":"":"130701f88cc1e7545980e6c6f6cc76b0336f089bb66cc347":"95533f4cc247c887d6a7cc0ca753009bf034ba95b7b1d3b2":"464fd16f011eb2986d9982879d79349a3ce4f5905bbfe832":"0d4e6b03af7a648337abec2efa585908af40e88d1f104b3e8c352aa29ac79fe8e448f36b0dfd701a1fc0f1d86dcab7e8a8ecada6ba218d9aaea1c40aa442ca51f3116ced3c9b8ba7546688ed4f3a1378f76b8a29ec763784fc82906dc0f688c5e60d59e6d5284fcd96f361bc5b285465" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"cb0405e58270cecb34a9951adeb694c5513c499cf310f6a99985d4fb3973463e907705740e01aed4ca221d4b03ef30e69fd8dbfb4ea919a913800a1a":"":"0b57e688472e9a05baa3920417a2e8f9a9c12555fd0abc00":"cac05f79d9837c97bb39f751792624983c397fd288dd1d95":"344d2aa2b3bad1485429b66606bf215acb0a65bf2a318f6d":"b2a13d75ad389514149763199d711092a9b0e4f1e50809355cfefc1884a94f4d4a50ac5c5da0b4e9bd7537e413bb451fdd2fa77f1f894444cb5c81e4c43978ebfd96900a2c8986c885d0faf89a2ad5c6ef922dfba1b5219b0f3c4ac2095340c3b8bf0db037171b6545741c76217b2aa5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e38ea7584fea31e48ab085c44f46b4cf68ff24b4a6b0b25867463e4a46ddc9a4de23f7272af1e9c4e0391aa9491ce7cdb5f96292e0d65cb9a9a4a3cc":"":"afe267e1491de3934054b8419b88b16731217eb4ee74c854":"bd0f3c43229a0ffc9e143e16738111e16d6a06ebf3eaa5b0":"23bd14ef8cf797cff7ff787df8ed8b87684fe7a9a33bf695":"c27a6ee5bab8f8e93783840e72894f3b024c7d3206a4a1869ce6fa8b5674bcbd24d4aab30f9866d797d850423c57684b7697913b9ef7bc0be933d0e21535bd50fea0feeb293985261fb9d4eb1ef97ab5ec6b691a08db4c8171e63745d14fb4c3a03c41f906daaa2877b7622b254f0449" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"71dc625242dcb94e6ba2bd013beb2112cfca576774e102830503b7aeda24c2c9d862f5212975ccc019ad2ea0442595f74d1d37dbcba0719d8ea32ba1":"":"0fef9f0934bb4485bfab2431f8811d963ec7fa7953ffc213":"a6a7501c4a5a93c396ef8cc969ebd93cac1c30b4783a0617":"c58ea233f35a22fd9b01592c6026aa17922070b3604c7118":"a1452d85799b54370cff65fd6dd74b575199606cc8fa64880b26972c913c372010b4c3f4ce9b7b565a8f5305072404c7b9d70f7aef6e2709c1694eefae66ffa80f16eb4b91f8041f4487427e69daa437e183e83d3b9718ba6a23fb90365884899e0d2f0bef56b27249f65e1c00c5411a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"36c1e048d16f9d6035c6b62515afb929633f356fed6a654282663e2284fd4132116d21eef66d29629bc712965d960f18cf3f7dcbf8a3ccd61b5b5fb5":"":"93bb372b7ae1035de6f13b2a36c3ae5682b9a3ea8f444383":"9715b72e4755993762e11a93857f1d50a051e70d094339a5":"2f1e73945863b237f49d6d20d0999a0203f295b9a046dca2":"ca135891b47f27c26ac891df49c80d085f90c13d236a60f1372eefd81eafc5819f4ae5aee5b32d46681be01629b078ae965f67b81a5268ef0b303d09e048f4449f5aaa11af51f80151b4697b13700930167cdcb3b6e8260eeb8bec7f6a67a2050a6ea569c825d61d4858a1cd15f70fb3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"582425e13356e7a840cae9fa435b220af6a96fb53ac91e7ee22023cf6a0eef3923907883ae540be816e0631c894520b86e8c6adb8152e55cb6aed5ad":"":"227762e137f9eec6d2b3c63476b404dc5b0c68613a93034a":"fba72c01a9e51c93ac00c1232c717d32fd4d4c791556e716":"f5258bf318457769a93ef5b3ba95fa2753ad1c5c1b81a785":"c753a84ba7f41af2ab757ac1e4c9c450d2112767ff55a9af8f58edc05c2adcaef7b5bf696e5c64f71d5685593f254a87625065ee0df51ab4f7bba38faf5799c567d783fa047957f3f965571a7b4cb477566d1c434d6b2e22ae16fdf473a6c03057d934a7e25f0ea3537be97238d74bc4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"836f5d7521f26d884dc34af2ca56ab4a752ea18b909085a87cb6d07dba32b654390a25b68ea7ba8fb790271c712f387145052ca46cb40534355c1666":"":"99d9aec334666d7c399e453455ef6ae884c2173e12e31cf2":"d74d20dc22c55c35f0b66a464dfbe8f349616916fc726298":"407b0951404079fb3b54559c0286143d9cb18957bed7fb1d":"809f372d1af60ff972049193fe9f173684a2fc9828b60b32164c1b6738e1ba6aa12cf739287a74c6ad528a3ec00095b590b44705b4975236a0b7ea02c1213f0e830f275f53bb79efd98679c4766cad27738e6fb777e98cdd606b971fa60745289d5ef72a99e1919686a53a241fe36cf0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e555ed6c7ab344fea68d73c6432e4e6da2e67d8b33ab79e5719a2def258a852d17d93212840583fe23900949c301a29fc92095f4716018144e64583b":"":"5262cccd138256fa8424801435d118f39b9aa1db4d11ca9f":"9b55d76b743bd7fc5700fde8ffca956c0ed6091df1a22aed":"f8c99af8029110c41a6a01fd2d3d12b7103aa39cbeea90c8":"d1ec06e38af7c6e0a70b73ac62bc3556183f99a47bfea0f0c4a59e7ba4b0718df5438e369ba14be84db40d5ffe8a1a5952edfb83f61ee4d984e3d2fa67f557aacc58291cc688fa29be530e66c228e68607e25c013473b4ffbcfeda721ee35f5dfc8809528eaddad8969ce719a411216f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"12f2cabd3b6f640daaf27ed6cf6bd7d06e2ac372733c6971739e36afe2ba1ebf4e7e5e9f5591480e3fae752fa59bb99a1949bdeccf0c100f6afe886d":"":"7766c36e6583cc8e3c26a8058fa0923bfeb3ee22033f46c0":"63e60d1bba9aa29adc3f3b8a5db53f3b703c7ae69bcbc2f7":"f416f36717ba5f0a78125ca52ccd004b2f4f2dcdd401f595":"6196b2b4adff14a26d64f440b6c160210266d7f5b77d5e292e94b8c67bd9cc774274741e7c0c9a7ab21c31f1194ef4218ddcbbe94059042d22ef44ecfecef214a73db64505d46d5493d7475d0684fc0e431c5265c12b35310d4404b3c4db6029facbaec88b0c0ae9799e5af0aa49e842" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2c50da90a1f7987d5216950ea22689584b237647d96c1239f9251942f4d13d16f418b0cf7265b91c4ad97a7acbbda065a48bc1bc5c7a9ee1523c50e3":"a74c108fe870b91a2defa971fa1efcb7a209f293d29bb5ea":"":"":"":"8853eb47c4ada94a3d58a1b517784bccc8f831d02dd5239c740fd7caa3869c5ff7bbf522a78be2d510c49c496a6657a09f0ede00daee9fd77061b0f04e7342518dc6ec1f4a7ff99dd7c783882b58f5e8bc467516c6b85985fab65c6761d4fe756ffc27fd62cfb92778391a258d3b0b0e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4606e3e19a8a53e8aba05d9d1fda1ddf15e7709aa2bae8b54efc4a14e734b45a5cbbad00a749d2bde540258de74ff8fe886d05570300af2086d0b9a2":"23ef5fbde4b270c084a745e0e299a5eba228a37074fd4f07":"":"":"":"8caf86df25de5cbc3749fee4b64fe041cf4ef2859e20704bb01abe126a90ead8cffc427c2f98aac400aab97184846125a2a66888dea9c8aa108e96e03b05bbd30e566fb90c661dc1990ebfe75f73f5b0de7be419c225bfcba3713805455dffbe5d6fcc98141743b59c2cbd70e78f5977" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"08e2e2175fb34e4111179fc2580c05afa16d224440cc7eff24082beb16133a992fc4f4e2762634fbf68177dc3f11c4d057b71661ade56e7768ab9e6b":"0a4af33e2501ba409b132459ba97603888e727aca0a0cee0":"":"":"":"39c60b6d9f85cb69b2128bde86aca2b055e21ffd7716d789f834ecacc69a043893b09459991793571d3d8070f03382a11bd1c1bf38e86fae13a932c6dc82c540fab8c8eff478e598d3295663ab75ee8a56376c0d607fe43b74ac39479b8f694a3a13826b1b96344ec67b9eb0a5858eec" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b436ebeda1119de3fb2b2e532f7ebf59fac632a4d784d904f844bb73f2cade5a88d4790c8c1d5973fc73f6b7f929303b62d30b6818a25ddf705bdb9e":"07de5589726c49dc5a764de9b41bce74675e4ca3c71769a6":"":"":"":"2099fc754ecd19a19de8afd21d2ae2ce456c32d6ce7772a98e37ed47f54001f44fad8e9b591a70d3bb28f19bca22940321ba17c33193613b7b5be1ec54efa470b70cbd6be2931193c35cc73d80c139bb4e670e1a2cb74d3bedd3610e9d0f9d154372a70b608fef824c346fb16241b301" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4d3e993c296c66983b9c751d2c0aa2d519f801a764ac9f1fd8d86b57eb226bdd9f69efd9ad29bf16af483e7dc170f8af65c16426c2ab7c0fa9df0175":"52ae4cfe985348408d3678d60259a78369aac02953911e74":"":"":"":"bead2cfc29315133e6f5ba2e85bd7778dcf9908081032ee634f90b0124ed9371c9009419b9e2a409fe4abd6295cad57cddcb6042986cc98f2fafdff99f7cc1185f3ba0d5f1e5f5452ee5f9df03c0e8a4f8426ca246afafe81079c2f0d165b87056e7c8528e8cccac5f49d0bb5ccfbefc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"c7c4e18c56e9191ba43c967cebe48e55bf9aff4d6449c3e6a1f9846bfd7f92d535bb7386c0155cdc5aa2beec888de0d432f695ec79b1c78841ad941e":"c36a381b1b36e6ab00ea80557b5e7451ec9771101dc22580":"":"":"":"da74b23d309fc7cf7670d7feb6cb6ff4da1b763ae2e8616edeec12c71511f5a24b9c466532283f4151a902ffa5ae211d7c1efa84477b93fc393ac95522f3673f97aa9e379e48d198d5929684875150633fcf8a0918d2050551d8daa91887f3d2685737b6456d0c61c0a117413f193346" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"78426f865483ffbcc6330db2ccd65bf8f247706cedf68d4cbcc289bacb1ef32e5caf05f28a21146a9b18e77b3a7ed0d24a0803c9af7264fe4e23d692":"e5026090f9806ff6f158c4a834588f6a39e9b4a44ef2dfa6":"":"":"":"111cd64a9950cc6f20a1b38811fce4a08929ca2654bed66c0cdebab0b81552826c06ef12ce463fc9c91c81a35d2ca0553905922b9a4975fa8fee2c7f9ffa9f2ed8cb2609f4b7d32a44927c7b5baa8f43dda137aba9b49a2b0394f7f67d37b7f71a5e4f4c151db6b96e8e4dd9cd0bd84d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"43ca11d53ad0198e4db5e136de8136bc461851a30ce59521f931ad0596d13365bd8297a68dd42b7dab7f40808b3ce6c12f14d4de741ce451b6637a10":"532b05891fe406ce72421013aceb434581be8a3a13549dfa":"":"":"":"4c42f791dc8322d779f9a1ed9a28b0cf352601a4ef6d74e4e822ee5d9eef06e700314acb7a47dcbb62805babdcfdd236e3022374defd44bbf747764f72fbfccae10893b54b29966aba448435987c22ace4c931d01dc945091860cae7744365bd9b619059b8b646b229878966049cf83f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ddcb3024b681e30e16e05026d8e23977497fd0b2c0ac24017de2744edcb097d3a104d4e3c6b8adcb554746f9a43671f0692c01a8f89fa98ec3a54ac7":"bd9e41974f6627ac5bbb21ec690eece459e1dcedefb327f9":"":"":"":"741b2a8e82aa3ca9f3a609d05a6e2d570be463ef957f235344cdf9e0f89b3610951aa1ef0b9406785b75e59c2de8349d435e4db82fc2a4a8b94e366f4eb13c432fcf8fac08f0c7fdbe67a44e81706b53b460f78befb8cb6dd2a0ffd13c87df84f8a5197ed47158cee171e5323593df4e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f81c4ba8605dc14072e2bda2d2ef64e71ad856061056b8d8374fff5a6fd9a54a814fd725bda8944037197492c52c62b97ea02df33325b35b91726839":"217137084f4519d046ec896144cf2c301baf911e1440852e":"":"":"":"14efd71fa13dfbd498bbe13ffa24e646d04ee0ef32c99c11004c3e9d8f748ac2f956f9899a72c8d97ae988d06275855f77a92bc30f1b957dbcfc93fffec3852715c239c5313e765affbed257d302b6d1b74977b8012522b69902adb86efc1ad768d99d657a5375dff720b4cad886877a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"8181fd2cc5f7ae2d4ed2c96b9511aeeef33e50ecf164afc4eddebaf76a96d97bfb40377959e1edc44d24df041749ec6239ff226e40d5a5feccdbeda6":"7d6ca5ab652a37cd79367d84299f1ff2c5a3c2331c77b98e":"":"":"":"5a2cac8110a24e1d8c5f8bff3e82857ec8cfcd469c316fa18b0f65a0d30866e49fed2a228121f50901dbbba561732c4fe82a98f341bbc0a397fd257a5f8a4a9122c991648b1a6507c82f866d26f9b22e0ee7c9a51c4d8e5104f0b4570043c9257bb9dd6f3730f1daf94f80baf8907acb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"a0ad012a978bed2268d05086b823f5d0dc9bb98ee03980d755bce968f9ac81db886a2a05b59df40d8346334a0276b73f528db03a118545acb7f2d70e":"1a8aca3c118f2bc0c2196df81ef22c267d20ed7c607cdae0":"":"":"":"b9dc0eb1e4aeb482dea1b4a5e6f6ef9636366face696811db2d912e9430b303f23ac95d65682694ef9513ac5b3e56a053b2e1a2ffbcb901c375cd122cab47d31fca5a0606daf8cc2e5e6e99b90fc8ab4fa67794caad91985cc92b2187dd2965be0980240d9be2fb1c4bf06e60f58f547" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f28b143468ab87794230cef4361d047236444180d0cfda58cbb9494cd1ad21be96297ff799011042013789a928f18831ffb0169126dd046c774a4fce":"ea7fc50e1eea3d84bffcbf83b240e921348b532e7b33f094":"":"":"":"5c22e92f25acaf98f55ff06e1bd80d382da754d1d33cffb6fca933583ba758200357551640c439770f77f843e9ce1e9a054f69588d76acb9cb92b7a2fa2903bc51391bd7001ccc1da67a4cce9e5dd08c2d489295c36de2c148ce27311d0789310de1cab2641e92f859b036383a8058a4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b628cb448e477cb439a2de687861a992e738db6b2b25cc6c27aadfc3a0a640b3411de49c920407303e80abd7a1d4f45c4749980fe1550bff69518210":"d5f4f8266da9b7f17ac97734201544104a5c0acb53c6bf22":"":"":"":"34a834dbb7da0b6a2e2353bd9795bef369cdde4d172b3feae7b1d9fdfb0446454cfb1adeff423d0a143c33c0e0d8e7905bd1720889e8b1121f1ef82cf15443c2f9c8999c5573e7df60b52ef395ca1d1b60e7eb721c012c344d06b336d519fa2b7b6dfbed8383456504bd0b4893bf2ba2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"5c7c9690a1926a4580c691c2e5327e736d5c3aec0ce8f5d32d4946bc4b607f712a8759428b010ba1b268b0de64fc5eb32d3f7fa9b8d4f20fab45c72d":"0310b2d8b5655cbb0fc2041ad15a248a7b1f2ac78845e29b":"":"":"":"6f8b6df55d9d8acf87dc2af20b7f4512f9425987495f512975de8059135e7ebb8698cb0301a8816e7299e76053cb66051c8b35bd2b00b4695cff4847f168d2d60697495cd9007ab7dd74ee7f61ee90b7827543f624b7c1412bba3d6df1242e6ffd90534ed393341429fc00bd97d9bcb7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"96ae702af50c50c7c38818a5133938bd7ce51197fc78e21815b6c5a7ff9c0395d764159f707d5813e5bf47c1b8232b44a007bf7decfef499d758ed53":"e96554644097e9932585b7f4bb14d101f24c8b0376f38c05":"3f698a5f6f4fe67ef2ddf23bd5a67c1a2df4f3b19425fb85":"fe1f6a90fc0ed396bca21c0d40a1bb583eb63df78c98adac":"5942b56148f27dd5388f00caa47ffd4925e854237fe14454":"150b9260ce9aa419fe1860332ae7c9f42d9ada1649679b53f46bc9d20de3431186a54afb5df7b6269cdc05540a93fdd50a2cd3a862372d862841768df02846b057993dd6aa32f874b7220a5a1fd9cb573d720a54af5715cedfc16f0d9a467735e253b2b1a6e97421fcee1f2d670dec1a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4834717f669d9b599f0ee526129057b5a7c5680724ae0459ceb0e0d4eda21e5fe92e63fd23f08f8a0b094a85f3f377fdf1018ada0c461b5a05c334e8":"870b7857dae97cd361a005c3005013e4dd55ca76e46b62bd":"522534ba1a09cf9abf29bde66ce1dacd0e273e8954eccafb":"45f54169665f59d92211f266892009958ee515f14d09581a":"4633819c2ae83c71059ec8ae41ed2c68cadf9b2085a5b8bb":"7afd6cfafd9a7bad155b59a8bb2094f76b915b93764e92858821d5c32ff4a29493788d3dc1627ffe7980950394349eba88b9c2f6869ac5086296366b6f4ee37e8529d291c9d962e30662423faf375b7820e0b650db03e3c99791d8042da790cce1a1997ea21441dba4b936bd8b393300" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f5d1d27eb344b63e907d82a2e57494b25dabcae440ac88738512d9602ac8bca243018f2495599e618dde0261e43ea38d45e7c09ccdc4bf3dd8e5c100":"12ff844e5c5bb3fd871feb37ab796002846ffaca5a741c54":"f642c19602754584afa3083f567d80fdcd1e5c29202ac3ad":"cb6dbad8ce1a5677b4825cca934336b936ccf841ff98d894":"c11fcc157c643a943e54274f1d942d998fd1ea0333e21588":"6f25ae8bf8c26d5f0b9d2a81acaf221790a09241b6e83c9e527c7784881d1f7398c2d7771174f92aab45134b4633ad96430df30b130ae34af52de90b425405959ba24a41685a04d2411e2f0e8564bf5bf3280cb6d75d0b910d06c73a625cd56646eebff14fcff81411c055921cdfb4c0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"49a10569d87a790d34bcc3c8fd77d075a1cef9eff337e8929b51bdb8d6c5df3ad31045684fd1dabb1fe6f052fc9886384fe43c0a7abc7adca043d35e":"34d6ad434a436a690e7644f0dc2207131148192ceb2e91b6":"8707328fc5a1721e4d72b23c2b8ca3c30ddd95664ac478aa":"82c8d83a9f5d5639a6a1ce26d244bd30dceb1cc978627e19":"2a53b0b80b29c7d071983b65ba835e4eda66bcfe7b3d90b5":"08e24ccaae3b44b7248b2d735af985dcadb84f74d202bca726de1cd663bb5ea1bb67c669126ac97218a9ca45491df90beb387615474249bba1afd4534be7a74c61fef308f13661ddfcce40f24b410cffb1cc3cbba2c6d20a5e4c4814d44bef07bb697cfcf1e9932e43349376dc04865d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"9a4232a59cc579867f8330c288a9218251030c00ebe50c9cd97d6cff6e49ad079df509644ec2ebe3ad4e515654af383da265d7b348dd4b89ddd49cbd":"b4498a32f664d4b489c2b47e67845d2d2bed5096e88f86de":"b8471ee87531817d81ee32578d27fa3a190df33561da7a2d":"2e74194aa62ef911599b37a51fa742817e3a4e6c254ec179":"afc7f13ae55e738cceb976ebdd01698de4d103db797f799b":"340c28cb7cf4c3e143dac3e133de864b1f458c76e3d47f3cbb6845f940be174b8819fc539f42005f4485fddc657f064c34873094e25a9bf7ec341a98cb97014a1d694b1694170ca5a8976e86f6e4e41232f526ec8536facd02394f492fbcc7c298ef0eddb3c5a148399ded7677366cf3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b89744009793d2c118365b1d2f343d6b6c59374b41dbd805e793f27882467c5342015cf968b080a88a15fd6a7be3757b05313528525ab1e2cbd08ffd":"f3c02be0a880e194013c21b09b6703a61a7ccf7a73e8a541":"bca27f10060bb8d16d499b3f6ca05ed8462b51b0b43a1fd7":"eb6fcf75884be9112219d359013f45fcb1959ea971bd0bc8":"50a03bc3652f50cb9ed1167ea70ec1e74f896f81a8090216":"d2a529722365e7ff3e660964eeb27040a0e92a4d19bbe94592cfebad71047414676ca6ca72234f5127f313cb7f5be613b44d989fe141c9a0ec1f0b4d83c36e744cfb1c72c32a02b68c21d28832da008c57664046255ef18488ed750ec5e73b18eead939f932d2809f12939670c3c1033" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"6d2918c15be7871cad99dc9e06f73253ef905d9705c4e4ec38664043b04f9a150fe5953bfa7aebd926be162b7edd72fdc14ff97e67dae6257ad654f4":"489243eaac215f76a573b92f0709d116bd3c817eb95c2c39":"0a84cad7a1cd21a5afe6557d7d2875d9c62183cbbf49a123":"0c14578ac9504902cb9aa654086246d113039f926a87b325":"1aaab1e3a29e144cec825d29c3f42dc945cf2772ed30cb5b":"33438ba4edd0c38db99f2b6a50b35dd89aecb3491990ec4e60460bb32eb0186ff9fdc973b1b0df23ae65da31b8af5a37a69f81ab3e577a4c2c31e51cfcc4e844b044fb597e937524f59a0019ad5120c460329c982fc93e8e7a4b4e1de5619103b23a7a579633fc925d147d8fb856a277" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"1330c4aef54ff84387e0372f7c8d273cecf0af2ceb32ef6edb6a4f1ace802f3b95fa69cf578e2cda1d6060ec2554eb3152507387f325d8e26009bd80":"89d7bf8f5754cedc2e1a249f693e29276170f62c29c5edae":"a6b58f33d57570f4df05bbfb792a00087d331e17417e09ef":"f57fc701e4f8f5cc2181b5357824f932f6e07679ec0d3cc7":"586c4e8c5769156cbb54c025fb01aad0b61aa6238c231656":"0bcb6ad4f2acefb549c46271d5a4ed41d7decc095137e2044b60273388c6c6d79cb89016abcad1d6a138621720b71fc11ef82fae04026e08926e94042694a0c008f99281e03da580fbb6543aca2b4596d39699b97f1fe65ec60a70b88770eb825b716a10ce41383f31db596079a9d54e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"3f0564b9ceee32c8944c8f2bc4b4d2179b38acc880bdb91eed466b881e2cc21df77bc3901ab5ce5ecf029a066784503f80d1857979b09c4563944433":"5d54fc715556c20f5b2d01d6b0992f1c596e5ad77f81da75":"35cb6d07862fbab4f50038097cb463aadf14e519c8834651":"abb21e501e85ad1edc66108e3b88380fddf810b10b883317":"3c690cdd997dfa9c5677bee976fa93cac21f5bbf382f7f53":"bae872c9d221b1531f85c15f466b7a3af3fa9c9c6b72bb8f5dad77f3d12df52d10347ba5d6504cd0a285c3be578bb67f0a9f0137463dc01cdcb847e7853c5db4cbb6a115ebff7b80db0406baccb0e3e68a4a4a95364c2da29466e160fece7b8ddb65dfab000c66cc8109380a601d5ed9" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"115c973d6df41ead464e22572dbe0761dcdb9aad930b2e55a5558075fb7c51c94efc5f8fe5dfe24d30175a89f1bbcf146037a07b324f572d0d4c27e4":"d3079ee3a3c9b2d69ee0fd316a6448bc7d8e3b730948c46d":"2348ee87bd5a3bb45d51a7b6a109043a9b6ee3db011dda28":"937fe1a7a790754bff99ad51782e8ef5b4928d0057b0c380":"3e89899f4aad241a9189ffa127c87c15b5e3bcfd80bc316d":"0ffc883aa19b3cbdeb39039fd3760160a93cd663b8b358e9fbb6300df164689303ee5f2489ab4ab2d522f6a33c93350eab553a2499b15f8ca198303ff45e946a06d8a40959f33a759c5381b3a59da22e68032abf3da3da6aadb410cb41f54b3146ce57f9bb5d28bc823e3e03c0294794" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"c28541425a7cf33e29adaa91f326f216de89976031977f104f44fcbcdcf4579337434613801fe4661642392db29f15f0924566e72b596b23ff7b18d5":"44650a29972aa8521d6fb9dffeb15c00903a283f20ea9914":"43cf4de0276483be1382f3cecc6a803551a40602584cd84b":"03eaa10612895db8f66d50a2210d73d1f563c3ca929d9f54":"8d2b20abc4e8890c772bcaa05cb7b3eb5025ac4cacb5f7ce":"aed27ff8eb54a7d2787e73ed2a51877c1250c0d4eaf10aaddb30409624289a9b7742cdebba54218c7c448b57f209182e214014cd180916a8c125ad438af2e5f5ca5b00f9cf063f0c307560ed4378382b4572b97088f8d24e0bdf0fc3489f64074f1155fbb1163b54c93098b841257c30" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"dfa52082afb4dd137cb5209f6771f04eda25794280983ba1d8cd2f3d7f9dee556ac26d8a5a368d29096ed643089b65e9ab17b5f58ec816570499fbff":"16ccfd20408082829aaf8a818885164581c9a1bd09e9fc12":"abe13d12a9f0133bdebe14785dfef5f08a133a6cb5c26a92":"485dad7804de594356cf3c571d5f22263c0b7cbd4dca1f1b":"5961f8177b6015ae0119d22e0a45a4aa1bcdc580f7e7f975":"ee48e57f1b5bd72c99c911d3353952c2c143689c3cd9b474a46e4ada83811efc67f2557d323723526809825aa338a80e833c95297d6b16490db633ac1f1648071c3ad4cdcea056c41b4eb157ffc83c3454b0cf001f1e01c31e48a61587381e293e6cff97270c1f157b069df3e591c2f9" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"95f3a1aeacd07218a2ccee44c807f790e568e0032a42fdc7c8dc9a71f76bd725aa909ddbdf5457f1dc4e69746426a9c56fbec603867633ee36a7fe62":"658b7326cf6adbf7208d37cd69547805bc3f58fdd874e143":"d44350c7a668e64873ff97c31d79cb23b0f1620aed7c9d23":"dfefff80f10c3143b82de3392c395ab94ac8a2f4c0a30048":"a6d21a762aaaddcdbae9b9ecefbcb3149d514c94fe83eb21":"4f5e544491b72b84a0d0532d7f9ce01ec2de6a05ab5056fc75d8f73bbcac5ffc38e20745d0e8aa1eacdefea6dcbb92475b5cf9ce0a617e5603b7b9fe34f4f4cb04ade2db35cce1fd315140e3e4ab8472216c7cfdaf004181351f210b397c3147dcd279f6fc2ebd96050e996f77ad6ba1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"29a1897d6ea5de66e551f8c106f601e421ddd940812530df00f634682f249aebdaf86938c895c11f9fcb0bd1fcdb183b4f8cf86b3429a5372caafe1d":"d655a179edaf4b8381a9f6a332ed5b754dbf34f650d19867":"31c87be686b6f90f3d1b0ea90c541e16f3430292a5c4755f":"ed49403700cebec30d1057503be7baacbeb45bcdfd9a43a2":"952763380af3243c6c327f23cb74f8368919e0b6b9c25934":"fb29067bdb23c0f0153932523edf32d0e3c18e46616e07f39a4b78091eca90349f636ffcf26b68a4cd0902431f2ada91bcc86dc223db4aa7a42e7cb57a852095704a27f9f07962880a50d2ce16c125be1e8d4f54a0cc5eaf63150c32408db6f39b22fc93b853caaba9e49581f13a8815" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_nopr:MBEDTLS_MD_SHA224:"387e31bcfffa51323a92d90713b438a1f4ded69707be3aa517e1e72d448abbdf0a17989b3de7c43c621e904f52db52ad823daabff9c10b3fca93acfa":"e08fff320a493d70ea4cc85a4cc604664a0deec8f6c7666d":"969cafc33e99964833c4d0f88f906f5429b5daa552f53bf0":"8d6e6f05301ef5cefba752f3d0ef58a25775d6b69f6c15a4":"72292aaa69fbef6f010fa4d5bb63d6d7a595395d79a8c110":"77ead908484044482da529f9a6f4ca6e6d8d49954d2e2d5c7dc455e03bebf484021673727bbc40adc8812600201b8c2de8e658191422b80d23502329c84c0ca061b212952fdb2ecf3106dd20e6455f1f231e1dad1cfbf2fa019dfe9c162a670ae20b252ae2e5a4ca0eaae1c679a7fd3b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"06032cd5eed33f39265f49ecb142c511da9aff2af71203bffaf34a9ca5bd9c0d0e66f71edc43e42a45ad3c6fc6cdc4df01920a4e669ed3a85ae8a33b35a74ad7fb2a6bb4cf395ce00334a9c9a5a5d552":"":"":"":"":"76fc79fe9b50beccc991a11b5635783a83536add03c157fb30645e611c2898bb2b1bc215000209208cd506cb28da2a51bdb03826aaf2bd2335d576d519160842e7158ad0949d1a9ec3e66ea1b1a064b005de914eac2e9d4f2d72a8616a80225422918250ff66a41bd2f864a6a38cc5b6499dc43f7f2bd09e1e0f8f5885935124" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"aadcf337788bb8ac01976640726bc51635d417777fe6939eded9ccc8a378c76a9ccc9d80c89ac55a8cfe0f99942f5a4d03a57792547e0c98ea1776e4ba80c007346296a56a270a35fd9ea2845c7e81e2":"":"":"":"":"17d09f40a43771f4a2f0db327df637dea972bfff30c98ebc8842dc7a9e3d681c61902f71bffaf5093607fbfba9674a70d048e562ee88f027f630a78522ec6f706bb44ae130e05c8d7eac668bf6980d99b4c0242946452399cb032cc6f9fd96284709bd2fa565b9eb9f2004be6c9ea9ff9128c3f93b60dc30c5fc8587a10de68c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"62cda441dd802c7652c00b99cac3652a64fc75388dc9adcf763530ac31df92145fdc897a0c1c482204ef07e0805c014bbd9bbf717467bf4b5db2aa344dd0d90997c8201b2265f4451270128f5ac05a1a":"":"":"":"":"7e41f9647a5e6750eb8acf13a02f23f3be77611e51992cedb6602c314531aff2a6e4c557da0777d4e85faefcb143f1a92e0dbac8de8b885ced62a124f0b10620f1409ae87e228994b830eca638ccdceedd3fcd07d024b646704f44d5d9c4c3a7b705f37104b45b9cfc2d933ae43c12f53e3e6f798c51be5f640115d45cf919a4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"6bdc6ca8eef0e3533abd02580ebbc8a92f382c5b1c8e3eaa12566ecfb90389a38f8481cc7735827477e0e4acb7f4a0fa72eca6f1560720e6bd1ff0152c12eeff1f959462fd62c72b7dde96abcb7f79fb":"":"":"":"":"d5a2e2f254b5ae65590d4fd1ff5c758e425be4bacdeede7989669f0a22d34274fdfc2bf87135e30abdae2691629c2f6f425bd4e119904d4785ecd9328f15259563e5a71f915ec0c02b66655471067b01016fdf934a47b017e07c21332641400bbe5719050dba22c020b9b2d2cdb933dbc70f76fec4b1d83980fd1a13c4565836" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"096ef37294d369face1add3eb8b425895e921626495705c5a03ee566b34158ec6e2e0825534d2989715cc85956e0148d1b4f7125f472c253837fa787d5acf0382a3b89c3f41c211d263052402dcc62c5":"":"":"":"":"4541f24f759b5f2ac2b57b51125077cc740b3859a719a9bab1196e6c0ca2bd057af9d3892386a1813fc8875d8d364f15e7fd69d1cc6659470415278164df656295ba9cfcee79f6cbe26ee136e6b45ec224ad379c6079b10a2e0cb5f7f785ef0ab7a7c3fcd9cb6506054d20e2f3ec610cbba9b045a248af56e4f6d3f0c8d96a23" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"a7dccdd431ae5726b83585b54eae4108f7b7a25c70187c0acbb94c96cc277aa894c8f4b8e195a47356a89a50d1389ab551733eee2e922f4055e53939e222e71fae730eb037443db2c7679708abb86a65":"":"":"":"":"99ba2691a622afecc9472418e6a8f9f1cdc1e3583c3bc7a2a650a1ab79dcbccbd656636c573179276e782569420c97438c06be898867f628b1c01eb570263d2c0f09c7aab536f6fba7df6aad19e05c236b645674667c03d1b6a04d7fc11177fe78933b309679f5bf26a4632b9a13e314c4bf4532428d3d95c689002b6dc1fbb1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"c286425ecf543a49bcc9196b0db1a80bc54e4948adba6f41712a350a02891fa6957a659a4ec2e0b7ad185483c220fd6108c2129813eea0776fba72788fdf2718759cc3c4207fa20a5fe23ac6e32cc28e":"":"":"":"":"8e1020a4fd84c99e0fc7e3f7ce48de5ed9ec9a5c2ccd624dbe6f30e2f688a31dc55957630357a5d48ca2a456241a28bfb16d8bb000877697a7ce24d9ad4d22b0c15117996f1f270b94f46d7a9bdfa7608fa1dd849177a9b8049e51b6b7a2742623854a1fddb5efc447eed1ea1aed6f02b4b2754ecf71ea0509da2e54f524a7e7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"02818bd7c1ec456ace55beeba99f646a6d3aa0ea78356ea726b763ff0dd2d656c482687d508c9b5c2a75f7ce390014e8cf319bfa63980e3cb997fd28771bb5614e3acb1149ba45c133ffbbab17433193":"":"":"":"":"19a231ff26c1865ce75d7a7185c30dd0b333126433d0c8cbf1be0d2b384d4eb3a8aff03540fbfa5f5496521a4e4a64071b44c78bd0b7e68fac9e5695c5c13fd3b9dbe7f7739781a4c8f0b980f1b17d99bce17ceb52b56866ae02456ffef83399c8cf7826f3c45c8a19315890919d20f40fc4e18d07e9c8ccd16c3327b5988f71" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"77a5c86d99be7bc2502870f4025f9f7563e9174ec67c5f481f21fcf2b41cae4bed044ad72ee822506a6d0b1211502967778100749f01a4d35c3b4a958aafe296877e0acafd089f50bc7797a42a33ab71":"":"":"":"":"831a4da566f46289904893ef1cc1cd4ad19ee48f3857e2b69e936d10afbdc29822e85d02663d346ef3e09a848b1d9cc04f4c4c6e3b3b0e56a034e2334d34ca08f8097be307ba41d020bc94f8c1937fe85644eeb5592c2b5a2138f7ded9a5b44b200c8b5beb27597c790f94d660eb61e8248391edc3ae2d77656cbe8354275b13" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"0ea458cff8bfd1dd8b1addcba9c01317d53039e533104e32f96e7d342e6c7b9b935a4b66fc74c2a48757a99c399e64e36c5f3708e7b714c4ed139b4fa9e8c763af01773484005109a85e33653bb0ce98":"":"":"":"":"373a37af84fddec13645a9768d6a785ae5a2589d64cd9b37980dde2541499210c4f408335de1d585349064f3f53a2b4c5ec6dc2a09591f99ad9fad528ac83474164b45497bf167f81e66fa08463ffea917f6891e48f149fafc20622bb1172f34886feb45c26fd446a4a4e2891b4bc594186896141aaaeeb301b49e7c1a26fec7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"bfb68be4ce1756d25bdfad5e0c2f8bec29360901cc4da51d423d1591cc57e1ba98afe4bd194c143e099680c504cceaabb97caf210e82498c3408790d41c320dd4a72007778389b44b7bc3c1c4b8c53f8":"":"":"":"":"409e0aa949fb3b38231bf8732e7959e943a338ea399026b744df15cbfeff8d71b3da023dcce059a88cf0d4b7475f628e4764c8bef13c70cfbbbb6da2a18aabcad919db09d04fc59765edb165147c88dd473a0f3c5ee19237ca955697e001ba654c5ee0bd26761b49333154426bc63286298a8be634fe0d72cfdeef0f3fc48eca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"4f6880a64610004463031d67d7924fa446c39138d4d41007e8df3d65691a93676b33b2c13600f4b1df6ca3d1960e8dd457b87b8c8f48312b5333d43b367730c0a5ad4725a16778fcb53fe136d136cbfd":"":"":"":"":"73d0f324ed186e2ad06bd1800e262bdbda79ba54e626761bd60f74f43e3bb62958ec1e2f1d940af163e1cadc124e7ebaba2f72e67efd746c7f6d0cad53ef03d859d93cff778a32ee5be172fe7fdbdc232ded360d704a6fa0f70bebe942e56478345492f49dc5c6fc346b88a58947ad250e688e8c626fe1efe7624620e571976e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"aae352e111843219cae8f70e7b8f6eb9bb53d246cbec1e4f07d42757143295b4b84485dccd1bf93210e322eafcbebcd9f9237f00d744d8fbff21b9d0043c258e8731817e6a5fb7b4bf5011680e5bc642":"":"":"":"":"cfb28b93522c7d61d8d3ce3f080e435e4c83c7e13a9dab788db8fef0407267a14fbc9324e090e24df5491fedfa81116869983938d4d4d7324a310c3af33a6f7938f602c5e4e63f1771cdaabdab0782b5affb54eb53047c109a9606739dd0065bd21eca33132986554878354f5f9f852e674dd690163b0ff74c7a25e6bae8ce39" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"589e79e339b7d2a1b879f0b0e1a7d1ad2474eaa8025b070f1ffa877b7124d4ff0961ed64dbd62065d96e75de6d2ff9d6e928388d3af48c2968527a4d2f9c2626fbc3f3f5a5d84e0583ab6f78e7f8b081":"":"":"":"":"fce6ced1ecf474d181ab331f79c3d2cc8a768ec2818de5b3fc7cf418322716d6a6853733561a497c0c25cb288d2c9fcfbca891bafd5a834c85f3603f402acf1a7b1ea92db847ed5c252a862ad4ab5e259715f1fc81da67f5230bf8be50ee8069758095f7d0e559e03f2c6072290e61794458437609e473eb66580cddaad19b71" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"714277d408ad87fde317f0a94732fce62f1352bdc90936673b4f1daa0925aa26d16582a99f23010b4248b88d86485419bd9fc7cb2fd5063b2c3c0c4f346ad2e3879371a9c805e59b9f2cd2cc2a40894f":"":"":"":"":"62ef7a431288252e0d736c1d4e36cc9ac37107dcd0d0e971a22444a4adae73a41eff0b11c8625e118dbc9226142fd0a6aa10ac9b190919bda44e7248d6c88874612abd77fb3716ea515a2d563237c446e2a282e7c3b0a3aef27d3427cc7d0a7d38714659c3401dbc91d3595159318ebca01ae7d7fd1c89f6ad6b604173b0c744" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"05ac9fc4c62a02e3f90840da5616218c6de5743d66b8e0fbf833759c5928b53d2b89a17904922ed8f017a630448485452791126b8b52ee1fd9392a0a13e0083bed4186dc649b739607ac70ec8dcecf9b":"":"43bac13bae715092cf7eb280a2e10a962faf7233c41412f69bc74a35a584e54c":"3f2fed4b68d506ecefa21f3f5bb907beb0f17dbc30f6ffbba5e5861408c53a1e":"529030df50f410985fde068df82b935ec23d839cb4b269414c0ede6cffea5b68":"02ddff5173da2fcffa10215b030d660d61179e61ecc22609b1151a75f1cbcbb4363c3a89299b4b63aca5e581e73c860491010aa35de3337cc6c09ebec8c91a6287586f3a74d9694b462d2720ea2e11bbd02af33adefb4a16e6b370fa0effd57d607547bdcfbb7831f54de7073ad2a7da987a0016a82fa958779a168674b56524" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"1bea3296f24e9242b96ed00648ac6255007c91f7c1a5088b2482c28c834942bf71073136a5cc1eb5b5fa09e1790a0bedd714329f3fbea1df9d0b0b0d88dfe3774beb63d011935923d048e521b710dc6f":"":"4ef872fd211a426ea1085ab39eb220cc698fdfeabe49b8835d620ab7885de7a4":"d74d1669e89875852d9ccbf11c20fe3c13a621ebcb3f7edeea39a2b3379fdcf5":"0c8aa67ca310bd8e58c16aba35880f747266dbf624e88ec8f9ee9be5d08fdeb1":"ce95b98f13adcdf7a32aa34709d6e02f658ae498d2ab01ce920f69e7e42c4be1d005acf0ca6b17891dfafc620dd4cd3894f8492a5c846089b9b452483eb0b91f3649ec0b6f98d1aaabc2e42cd39c2b25081b85ab50cb723007a0fd83550f32c210b7c4150b5a6bb3b0c9e3c971a09d43acb48e410a77f824b957092aa8ef98bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"a7ea449b49db48601fc3a3d5d77081fab092b8d420ed1b266f704f94352dd726d11a159b60af8d20a0e37d27e6c74aa350916ab47e8cb5dc843f9fba80639103711f86be8e3aa94f8a64a3fe0e6e5b35":"":"e2bb6768120555e7b9e0d573537a82f8f32f54560e1050b6abb1588fb3441e66":"a50cec9d1ecddb2c163d24019e81c31a2b350ccd3ad8181fd31bb8d1f64fa50e":"591dbbd48b51abced67f9c6269cf0133cd3dcbb5cfafcb6ef758569c555a5773":"0a464abcc8685158372d544635b953fcb1d3821c30aaa93982f9b788935f00f88115aad61d5cee003b3d1cb50f3e961a501e2dd0fc7e1724778b184a4bdf9f64e110dda7446e5544a30bd49a400ea1a5411800e1edfeea349323618afc5dc5782dc4b71d2da4d6a4785f8dd346feb9c8740ffd26bf644e3e4323ff24c30b9f10" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"14683ec508a29d7812e0f04a3e9d87897000dc07b4fbcfda58eb7cdabc492e58b2243e744eb980b3ece25ce76383fd4618590e0ef4ee2bdae462f76d9324b3002559f74c370cfccf96a571d6955703a7":"":"9ea3ccca1e8d791d22fcda621fc4d51b882df32d94ea8f20ee449313e6909b78":"16366a578b5ea4d0cb547790ef5b4fd45d7cd845bc8a7c45e99419c8737debb4":"a68caa29a53f1ba857e484d095805dc319fe6963e4c4daaf355f722eba746b92":"c4e7532ee816789c2d3da9ff9f4b37139a8515dbf8f9e1d0bf00c12addd79ebbd76236f75f2aa705a09f7955038ebff0d566911c5ea13214e2c2eeb46d23ad86a33b60f7b9448d63eec3e1d59f48b39552857447dc5d7944667a230e3dbfa30ca322f6eacaf7536a286706a627c5083c32de0658b9073857c30fb1d86eb8ad1b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"fa261fb230e2822458532ca2d5c39758750e6819a6fcebef10579ba995096959564e1c9fbcb12878df2bd49202cbf821bf7de29e99e7f0e1b9f96f3b1902fb4049c8c6234d20de8316ebe66d97725457":"":"8b7326621f6afbd44a726de48d03bcc5331f7306026c229ea9523497fbeaa88d":"33b00b31623d6160c4c6740363a96481be14b19bc47be95641227284c366922a":"2d812c8203575790ad6b6f2ed91a49d57460de779a3e881bef3be12e8766dc91":"5574e0b4efc17e8ce136e592beabfe32551072bddd740929e698467b40b3991f028a22c760f7034853cc53007e3793e3c4a600d9e9d94528f8dc09aeba86146cdde2b7f71255ae0efc529b49be2205979dba6525bfe155e8819e8e2aeeaa285704242da90b4c4535101cc47d94b0e388a1b2e63ad0cbe158b9e1bbae9cc0007c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"61f1471ced56aa04c57e1b512307d4cb92497d9592d7e9e35356e99d585cab1b84714e960c403a4fac06b2828cc564d97bf97db3c102edc81596d4757045fe6bdc008f35792fc6290b77d889c09c33a8":"":"5b8bdc41f76d98cfa71ed976ea3994706375c8841adb8b6b3b6418e3132e8832":"94c8a8fdf38a6ccb8571c89420d899adab169214bb0dfcd43a04622e289935b2":"8a4b46e0a7a55907365f82d4ab9376509bd44728cab8cbafb0da901012ad8dcd":"933eb159a6af7455b60e40586c064f05f1970f564281b1ebc4662701ac1f299e4eb908c4afcb2e065191281ab576f684aefedd6904bad04d96bd93c0516c62a496c3073a0cda0676a11cc08866b0cc74f62cb9d3db48673b2c3fbeada69f922b4b795ccba22df12ef7125909381f7d681f6b9caba02fb913c5437b98c040c576" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"a1d5bb7d70621dee6b668b28c56d5610c2f8ced30284cc3e0e48de331af0506288a49e3e54c5ea54c98b95de81bcc807b4e2426e98f6eed97a6cdf690a89ee109e84c3dca16c883c26fa4ac671638d8d":"":"5bd1e086ed228cfd8b55c1731fea40c3a63d022599ca2da4bb23118f4821ba62":"b754b53ac226e8ebe47a3d31496ec822de06fca2e7ef5bf1dec6c83d05368ec3":"fa7e76b2805d90b3d89fff545010d84f67aa3a2c9eb2ba232e75f4d53267dac3":"df6b2460688fa537df3ddfe5575fca5eb8abad56cbc4e5a618a2b4a7daf6e215c3a497974c502f9d0ec35de3fc2ea5d4f10de9b2aee66dcc7e7ae6357983095959b817f0383e3030771bd2ed97406acf78a1a4a5f30fa0992289c9202e69e3eb1eabe227c11409ff430f6dfca1a923a8b17bc4b87e908007f5e9759c41482b01" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"68f21d14525d56233c7e263482d344c388a840103a77fb20ac60ce463cabdc7959fa80ae570f3e0c60ac7e2578cec3cb7584b4166530442f06e241dd904f562167e2fdae3247ab853a4a9d4884a5fa46":"":"f6a5482f139045c5389c9246d772c782c4ebf79c3a84b5cf779f458a69a52914":"9d37b1ce99f8079993ddf0bd54bab218016685b22655a678ce4300105f3a45b7":"4c97c67026ff43c2ee730e7b2ce8cce4794fd0588deb16185fa6792ddd0d46de":"e5f8874be0a8345aabf2f829a7c06bb40e60869508c2bdef071d73692c0265f6a5bf9ca6cf47d75cbd9df88b9cb236cdfce37d2fd4913f177dbd41887dae116edfbdad4fd6e4c1a51aad9f9d6afe7fcafced45a4913d742a7ec00fd6170d63a68f986d8c2357765e4d38835d3fea301afab43a50bd9edd2dec6a979732b25292" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"7988146cbf9598d74cf88dc314af6b25c3f7de96ae9892fb0756318cea01987e280bc1ae9bfdf8a73c2df07b82a32c9c2bbc607085232e5e12ccf7c0c19a5dc80e45eb4b3d4a147fe941fa6c13333474":"":"f3f5c1bb5da59252861753c4980c23f72be1732f899fdea7183b5c024c858a12":"44d0cfc4f56ab38fa465a659151b3461b65b2462d1ad6b3463b5cf96ad9dc577":"34fb9a3cdacc834ff6241474c4f6e73ed6f5d9ea0337ab2b7468f01ad8a26e93":"4caec9e760c4d468e47613fe50de4a366ae20ba76793744a4e14433ea4de79dc188601eb86c803b094641ab2337b99d459d37decc7d27473057be45ba848868ee0fb5f1cf303d2fcd0b3e0c36f65a65f81b3fee8778a1f22302e25dfe34e6d587fa8864e621121880f7cd55f350531c4ce0530099eec2d0059706dcd657708d9" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"1c974c953fa2a057c9fc9409a6843f6f839aa544bca4fa11e48afd77931d4656ed7c08285464af7a5dbdc10b944a127078146ad135acb836360d36afc50653dcc36c21662da2a6f6ae05222e75f34000":"":"263c4984c238ded333c86472866353817379502157172cfa51371d82b1efd7b5":"79b591529f9a26a0d7c8f8fd64e354b0c134ef1f757e43f9463b3dbb7a3da1ab":"7d8f7204b0b5401ddce9e88dcf5facb9a44660a9f5f1c862748e7269c29f7964":"72e2ca257b9edaf59b50e05a144f56fb517832fb9ad3489b1e664e3d5412cbf6b2883e891703b2e73aff9ab56da1009fcdef010ab4cdab996795c8f7c47fb1192bb160353997ad39d7d5fd0e2efc9103a7c3f158246afd53fe53ca6782f809698ef5f1f0d85536780a3fd6a8bafa475891c09213088bd1a3dc169257c34a517a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"56216d71984a77154569122c777ce57e1d101a6025b28163a25971d39c1c5d0f5cd148ba7e54f4975ac8e3e0f9b5d06a3580f8ca974626c77259c6e37383cb8150b4d0ab0b30e377bed0dc9d1ff1a1bf":"":"15633e3a62b21594d49d3d26c4c3509f96011d4dbb9d48bbbea1b61c453f6abe":"6068eaca85c14165b101bb3e8c387c41d3f298918c7f3da2a28786ab0738a6fc":"e34f92d2b6aeeeea4ff49bfe7e4b1f462eabb853f0e86fbae0e8b3d51409ce49":"587fdb856abc19ede9078797ecb44099e07aadcd83acdcb2b090601d653f4a14c68ab2ebdda63578c5633a825bae4c0c818f89aac58d30fd7b0b5d459a0f3d86fcad78f4bb14dfff08ad81e4ea9f487cb426e91d6e80dfed436ba38fce8d6f21ca2151c92dd5c323b077d6139c66395558f0537026c4a028affa271ef4e7ea23" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"83eb48bedc1e9294866ab8e5322ef83f6f271f8188e8fdabe5817788bd31570dd6ed90bc692237f132441ede857a6629a4e5e127f992bd5ca79ee56bb8a9bccf74c21814bfaf97ffd052211e802e12e4":"":"84136e403d9ed7f4515c188213abcfaca35715fa55de6d734aec63c4606a68f1":"fe9d8ef26e2d2e94b99943148392b2b33a581b4b97a8d7a0ecd41660a61dd10b":"594dad642183ce2cdc9494d6bcb358e0e7b767c5a0fa33e456971b8754a9abd5":"86715d43ba95fbbca9b7193ea977a820f4b61ba1b7e3b8d161b6c51b09dfd5040d94c04338b14d97ed25af577186b36ae7251a486c8a2d24a35e84a95c89d669d49e307b4a368b72164135ac54d020a970a180dfbed135d2c86f01270846d5301bd73db2c431a8aa10a0a3d03d146e5fafb9a2aa0b4efc80edab06ff3b532236" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"ba2c94203dab2e6499d8c50dca7b5c34a6b4764834f9816631aa21b9f9c3736167db133bdefb25e395085bceee5a0afcfa8984d16d35302cda35a3a355ab9242ec96fec0652d39282d4a0abf0a80df87":"":"b6fed10255a3fea6772ae1ae6d9f6cbb9bfaa34804e58a5b786f9bc60b348ccd":"445e072244edc716d3528f0e0a20ff0cd8f819c0d031736c8da122748f24d6c6":"1f856e403c4fa035bac9aa81a20e347c7d8b213aab699d69d9d6186a06ac45c1":"79f33fc36b3b47d9ac805bdbbe699909a8d0beb689a8b2723c291bd5bf7f3ce61343d4722a14e4add36312dbb0594910c8828aff1abc159915d498106f9ffb31147478d8c9ef75d1536ba5036506b313f6e85033f8f6fea2a4de817c867a59378c53c70a2f108275daedd415c05b61c4fd5d48c54be9adb9dea6c40a2ec99ee0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"0db4c51492db4fe973b4bb1c52a1e873b58fc6bb37a3a4bfc252b03b994495d1a2a3900f169bba3f78a42526c700de6229d5aab356876447e3a20d81c7e3fc6975e2b984180a91493044442999e1ca3a":"":"40b34183b4e72cdff5952b317b3d45943d0fdcfa0527f3563055f7c73ae8f892":"dc94220c99ffb595c7c4d6de8de5a6bb4b38847169e24a557ef6d879ad84149d":"b2376626fd2f5218b3ed4a5609b43aa24d371cd2176ea017c2b99cf868060021":"f0bd6bc4c506d9427a09352d9c1970b146360732841a6323f4cb602c87dedfb5ff7e6964b9144933af3c5c83017ccd6a94bdca467a504564aaa7b452591a16ff6a1e7e94ddc98f9a58016cdcb8caaed6c80671ba48cc81a832d341093dda1d4e5001ec6bf66348b21e3692a13df92538ad572bb2023822072fc95f9590293ffc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"593845f0adfeffa7c169f8a610147ae8a08c0072fc0c14c3977d3de0d00b55af9e0eb2507342ee01c02beadee7d077bdaefe591697eab678c52e20013aa424b95cfd217b259757fbe17335563f5b5706":"":"cbb5be0ef9bf0555ee58955c4d971fb9baa6d6070c3f7244a4eb88b48f0793bf":"6dd878394abdc0402146ba07005327c55f4d821bfebca08d04e66824e3760ab4":"ba86a691d6cbf452b1e2fd1dfb5d31ef9ea5b8be92c4988dc5f560733b371f69":"00735cbfafac5df82e5cb28fc619b01e2ba9571dc0023d26f09c37fb37d0e809066165a97e532bf86fa7d148078e865fe1a09e27a6889be1533b459cd9cd229494b5cf4d2abf28c38180278d47281f13820276ec85effb8d45284eb9eef5d179ab4880023ab2bd08ee3f766f990286bf32430c042f5521bbfd0c7ee09e2254d7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"fa0ee1fe39c7c390aa94159d0de97564342b591777f3e5f6a4ba2aea342ec840dd0820655cb2ffdb0da9e9310a67c9e5e0629b6d7975ddfa96a399648740e60f1f9557dc58b3d7415f9ba9d4dbb501f6":"f2e58fe60a3afc59dad37595415ffd318ccf69d67780f6fa0797dc9aa43e144c":"":"":"":"f92d4cf99a535b20222a52a68db04c5af6f5ffc7b66a473a37a256bd8d298f9b4aa4af7e8d181e02367903f93bdb744c6c2f3f3472626b40ce9bd6a70e7b8f93992a16a76fab6b5f162568e08ee6c3e804aefd952ddd3acb791c50f2ad69e9a04028a06a9c01d3a62aca2aaf6efe69ed97a016213a2dd642b4886764072d9cbe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"cff72f345115376a57f4db8a5c9f64053e7379171a5a1e81e82aad3448d17d44d1e971ec795d098b3dae14ffcbeecfd945ec80f0c00cad0ff0b7616d2a930af3f5cf23cd61be7fbf7c65be0031e93e38":"6ec0c798c240f22740cad7e27b41f5e42dccaf66def3b7f341c4d827294f83c9":"":"":"":"17a7901e2550de088f472518d377cc4cc6979f4a64f4975c74344215e4807a1234eefef99f64cb8abc3fb86209f6fc7ddd03e94f83746c5abe5360cdde4f2525ccf7167e6f0befae05b38fd6089a2ab83719874ce8f670480d5f3ed9bf40538a15aaad112db1618a58b10687b68875f00f139a72bdf043f736e4a320c06efd2c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"b7099b06fc7a8a74c58219729db6b0f780d7b4fa307bc3d3f9f22bfb763596a3b8772059a135a6b61da72f375411de269aec4f56ec5e96fbd96048b9a63ac8d047aedbbeea7712e241133b1a357ecfc4":"2ac1bfb24e0b8c6ac2803e89261822b7f72a0320df2b199171b79bcbdb40b719":"":"":"":"0e1f2bfef778f5e5be671ecb4971624ec784ed2732abc4fbb98a8b482fb68737df91fd15acfad2951403ac77c5ca3edffc1e03398ae6cf6ac24a91678db5c7290abc3fa001aa02d50399326f85d2b8942199a1575f6746364740a5910552c639804d7530c0d41339345a58ff0080eccf1711895192a3817a8dc3f00f28cc10cc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"7ba02a734c8744b15ef8b4074fe639b32e4431762ab5b7cd4d5df675ea90672b8a424f32108607c8f1f45d97f500ee12d8f02b59b6a3dd276bc69cba68efcf11ab83ead1397afd9841786bd1bb5da97a":"3ad627433f465187c48141e30c2678106091e7a680229a534b851b8d46feb957":"":"":"":"1fb91186ba4b4459d994b4b9f4ca252c7be6294d6cdb5fe56f8ff784d4b190a1c6456e0a41223bbbdf83ed8e7cfbfa765d9d8bc7ea5f4d79ea7eccb4928081a21de4cca36620d6267f55d9a352b76fc0a57375884112c31f65ff28e76d315698c29e6c4c05cb58b0a07ae66143b4abc78b9d25c78b4121e1e45bef1a6c1793e2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"9a8865dfe053ae77cb6a9365b88f34eec17ea5cbfb0b1f04d1459e7fa9c4f3cb180c0a74da3ec464df11fac172d1c63275b95108eff1fabe83613e1c4de575e72a5cdc4bb9311dd006f971a052386692":"336372ec82d0d68befad83691966ef6ffc65105388eb2d6eed826c2285037c77":"":"":"":"3c683f6d4f8f5a4018d01633dfee74266aaa68ed6fc649e81b64dfdf5f75e75d5c058d66cf5fd01a4f143a6ff695517a4a43bd3adfd1fb2c28ba9a41063140bedbffdb4d21b1ace1550d59209ec61f1e2dbacb2a9116a79cb1410bf2deca5218080aacd9c68e1d6557721a8913e23f617e30f2e594f61267d5ed81464ee730b2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"22c1af2f2a4c885f06988567da9fc90f34f80f6dd5101c281beef497a6a1b2f83fafdecf79a4174801f133131629037bf95a0e4bd24f0e2e9e444f511b7632868ead0d5bb3846771264e03f8ab8ed074":"80327dac486111b8a8b2c8e8381fb2d713a67695c2e660b2b0d4af696cc3e1de":"":"":"":"77a7fea2f35a188f6d1bfdd49b569d8c45e2dd431d35a18c6f432c724f1e33ae92cb89a9cf91519e50705a53199f5b572dc85c1aef8f28fb52dc7986228f66954d54eda84a86962cf25cf765bd9949876349291b1aae5f88fcf4b376912d205add4f53b2770c657946c0d824281f441509153f48356d9d43f8a927e0693db8fc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"d0840e3a8d629d5b883d33e053a341b21c674e67e1999f068c497ecfaabfd6f6071de7244ecb2fdf7ab27f2d84aa7b7a1dd1a8b59856c49a388f594c5f42cc2e4a56b3ccb8a65e7066e44c12f4344d50":"90d609527fad96ffe64ab153860346f3d237c8940555ae17b47842d82d3b0943":"":"":"":"7ab28a9b2d3ae999195553e6550cced4c2daccbe7ec9dcbb0d467fabba185b727fbfd9830242cd098f4db3cf4a85e8bf8e8d5974b62b28550922b32ed5bfc1a522b6605cf93bf8d90bdec1c5b9e59c6fc37a817d437068a87254be1f7c4618ada46fbc3a2efb02e44524e21d91be7534cf05fbfd858304b706d6a91ea1cc6ad5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"2e2dd56869104492767a59778652831919e1c8b970f84e824ae4116597a0ab7f01c42a7e983641de46c82fd09b4f2f767306507cd3ca7eec667e640d270cfbb033063d97520b6b7e38ff3cea0e79d12b":"bcd9e1508fcc22820a8be07180fea5045367333b569e111b011cd57dc1858765":"":"":"":"b915726c7b8c5dc3975f1a334684b973abf6a9495d930088cf5d071548e4fd29a67b55cc561ed6949ad28150a9fb4307c1fa5f783a7ea872e8d7c7e67ff0c2906081ee915737d813c25be5c30b952a36f393e6baa56ab01adc2b4776ad7b5d036a53659877c7a4e5220a897d6c0799af37beeed91173fbe9c613c3b6b9bb28e5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"d1aab0f16bd47a5ccd67c22e094daa3735eae21aa57f0bcd9e053d9d0d545cb8199310dfe1b01265b8c0d2b46d6c7c9ff50cabae4e060f3971096b78e550cda2837a26a693d905db2d992d589b268f44":"625b4b8f4de72ea9cb6f70556322dc2a19d6b2b32de623f557e419a084ba60fd":"":"":"":"987e1fdfe004c619cf1e9034576707eccd849400e19c87a1fef5b0179ec51c42a2f8c45d7942d0023a023c89f188b2634362703985695369863322f58619c50a7385a2dc91fc78f94b59f0131dc2b56a0d7c699d427285da1c104b0ad1739da10d8071c23993787045dc21f0070e1e9aa1658fc8e3add73dac7262e80e0aa2ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"449480eaa100aff6f48dc6286a5a81b9728b084864f78a9da98f606a00a6a41fe53c6c5ac3da9f4726389a03f97bb64073a6d64e1966ae324388dc12c14544e9dc5ae4fcb331e99d350c456ff16f9aa0":"6b8fedc084d8e28d333aef6db3702b6351f0d24e30908cccb63794282655886b":"":"":"":"a06912d362da7eb25598857f6d65344c3e23ec3deb80c6e43158845b95eaeca241c0bbbd67ac385e24693444455cc1c2c08c1134d956b8bc93b28be9c2d3322b3e09252979dfb8d39d04c94f81bebda5c73110605a237b561216bda9ee9bdee1cc0c7728bcc8304682334ca944e467a27a85313fa5395a9c790e35defd2edb12" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"9a6174166e97aa4981ddf580bc01c96754b9f0ba042750aabfda1cffe56e8581d7512ff6b7db7ce141b2bb01dcd0425e6888b9277e57dc57663d402eba8d03cf56a070dc868e6a128b18040002baf690":"ed75288f23275f9422444da5d3b53ccb3c4ac8acfb659a1e9b7655c2db52f879":"":"":"":"03519dfb2ff88cc2b53eecc48ae2a18ddcf91a5d69d5aefcdda8444e6df790a5240e67b2a4de75b4bb8a31f0f8aeb5e785ffb7a1341bb52fe00a05ee66fa2d44ea9956e055f9ffa6647c3bfe851ab364ade71a0d356de710ddafb7622b1da1bc53fd4d3210407289c68d8aeb346bf15806dbe787e781b94f63da3e1f61b5ac60" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"9c6ae1002ee1b0add0be563ce50f899da936e13efa620d08c2688c192514763afde7db5160c73044be73e9d4c1b22d86bcc28fd58e397f53f494ad8132df82c5d8c4c22ea0b7139bd81eeba65667bb69":"8fdaaeffd64e53f7b4374d902d441209964e12b65d29afec258e65db6de167ca":"":"":"":"021d938c9b4db780c7d8134aeff1053e5b8843370b8ae9a6749fca7199d809810f1bc8dfa49426470c30c3616f903e35fbacb23420a32f1bee567cc32300f704246ddc0217f236ef52c3ec9e2433ca66f05c25721f7661c43f22c1a125ed5db531bd0836eb435c27eefc7424ce9d845e1d4cc4c503097b4ffca788e674a5cb53" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"fe96a85b69d46b540918927bb609dc57642eeaefd46bb5da2163a0bc60294b5822195a410d24db45589448dfe979d3fd09cb870879d3f734214f6a4bd2e08c62a2a954bebe559416d8c3551aafe71d6a":"20f698833a4472fd7b78fb9b0c4eb68604f166a2694c4af48dac2b2376790e1e":"":"":"":"d3e96dbe29e1fcb8ed83b19dbfb240e6f41679fbe83853aa71446617e63e5af78cf98b331d15bccb8c673c4e5d5dcec467a1fe26a6cd1696d0c9bc49f78139d051287df7f3ae0dbb4bbf581cb8211931063c3f4612ced53f59d1b4ebb875729139f5d2a7d60642e8f2835eed888b7e3e49c0dffd012cd746abfa3e1c5c2308c6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"a4fd693ff0a8af24bcec352d3196549fd0da5ee5d99ca58416ca03ce4c50f38e8cd67f2bf71d4366ce61396642531ff583d2be9a0d74e6a42159ae630acebf4e15271ef7f14f3de14752be0e0e822b11":"368969c15a4849d7593be8b162113b9298a535c148ff668a9e8b147fb3af4eba":"":"":"":"e9188fc0eaec74b2608e21e3a40be94aaf4ae08eb684de8f8bba2d5fd3b073aa5531c938c0fc628da65725c54b5c68bb91d7d326565e96685e0a4e7b220c50e0caf1628edba5bd755b31894f8cb90afa76e88c5eb9e61b4932444c1397dee3e32241a3fb70a3929e49f6da02eea54812abb3d6b5cee18f03af1e0b4958430ab3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"254ff5687a6dad3f1d237dc762f58d24ef2e2c084d0a48d26a3dc81e5490cda3f2ec392acca491e03ce47b95963a49fcb8494b1c1f1752fb6f80d732a89b08115857f7cc96e7dff05ebb822706889917":"f806b9b4a56682c61b55cb6a334caf87ffe135adfea6d0c3fc22b39898fbd078":"":"":"":"0e527e00494d55564f9d9b28e7110f9a61ce36c883b5be2dcb055444164cdddd1a9f2731716f22d6ff476ce413c77abfc0e946871d5481345c2e97b4bfdd12ac03df606fc56bdb99ac7b71a69b5b9160373bbec3e9dde477180af454e7acc6bc58dc0afb4281c0de4354c1bf599054e3800c6d60d892858865b5361f50bfca9b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"cdb0d9117cc6dbc9ef9dcb06a97579841d72dc18b2d46a1cb61e314012bdf416d0c0d01d156016d0eb6b7e9c7c3c8da88ec6f7d5a8e2e88f43986f70b86e050d07c84b931bcf18e601c5a3eee3064c82":"6f0fb9eab3f9ea7ab0a719bfa879bf0aaed683307fda0c6d73ce018b6e34faaa":"1ab4ca9014fa98a55938316de8ba5a68c629b0741bdd058c4d70c91cda5099b3":"16e2d0721b58d839a122852abd3bf2c942a31c84d82fca74211871880d7162ff":"53686f042a7b087d5d2eca0d2a96de131f275ed7151189f7ca52deaa78b79fb2":"dda04a2ca7b8147af1548f5d086591ca4fd951a345ce52b3cd49d47e84aa31a183e31fbc42a1ff1d95afec7143c8008c97bc2a9c091df0a763848391f68cb4a366ad89857ac725a53b303ddea767be8dc5f605b1b95f6d24c9f06be65a973a089320b3cc42569dcfd4b92b62a993785b0301b3fc452445656fce22664827b88f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"3e42348bf76c0559cce9a44704308c85d9c205b676af0ac6ba377a5da12d32449af783973c632a490f03dbb4b4852b1e45718ac567fd2660b91c8f5f1f8f186c58c6284b6968eadc9810b7beeca148a1":"2e51c7a8ac70adc37fc7e40d59a8e5bf8dfd8f7b027c77e6ec648bd0c41a78de":"63a107246a2070739aa4bed6746439d8c2ce678a54fc887c5aba29c502da7ba9":"e4576291b1cde51c5044fdc5375624cebf63333c58c7457ca7490da037a9556e":"b5a3fbd57784b15fd875e0b0c5e59ec5f089829fac51620aa998fff003534d6f":"c624d26087ffb8f39836c067ba37217f1977c47172d5dcb7d40193a1cfe20158b774558cbee8eb6f9c62d629e1bcf70a1439e46c5709ba4c94a006ba94994796e10660d6cb1e150a243f7ba5d35c8572fd96f43c08490131797e86d3ed8467b692f92f668631b1d32862c3dc43bfba686fe72fdd947db2792463e920522eb4bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"b63fdd83c674699ba473faab9c358434771c5fa0348ca0faf7ebd7cf5891826b5fd204e2598d9626edab4158a8cfd95fadea5ba92f8010bb1a6a4b6fae2caa0b384165adf721253afd635d6021f764af":"2a5dfad8494306d9d4648a805c4602216a746ae3493492693a50a86d1ba05c64":"07c69d8d2b8aa1454c5c48083dd41477fda6bfcf0385638379933a60ed2e0a77":"a14e902247a3d6493d3fbc8519518b71a660e5502cf7ecfc796cfaa5b4ee4baa":"60e690e4a1eba14aec5187112a383e9991347fab7bac7cb2a40a52579a0d2718":"792b47b6ed221623bb187d63e3f039c6983d94efd5771dc9b4c40bee65924513485a6332baeda6a96f9bb431f592d73462b61d9d914a72b56fa9d87597426fb246424ebcd7abd51b2eefec8f5b839c0b3c34015342ace296b5f2218fa194b50aea1c89663460292c92c45f112ddbf6b9406f6e7ccee9c47ed2d90a27be5dd73e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"dab85f98eaf0cfba013b97de4d9c264ca6fe120366cb83e8b3113c68b34e39d5d05108e1028ae67b4ea63bdc6d75eb881794885a64470744198b7d0bc24472ffe8daf3c7eb219df6ddf180e484fe0aa5":"09fed3822f6f5e5b9e575d31dc215de1607b0dfc927412618c2d8f79166dbaba":"8d74d01b582f70b92f53b43468084e1586d9b36465d333d5faaf6911e62fe40e":"ef7f6b6eb479ab05b3f9ab6dd72eac8b1e86d887f1bcae363cae386d0275a06f":"7442b2a792a6a29559bb8a515d56916ee18200580aa02e1237dd358619382d8f":"49d2cbfa0897b7d961c293c1e572fb26f28e7b956e746f6eda90454c1370a29e25303ceadc7837514dc638553b487ef9487c977c10625409178ad6506d103c487a66655d08659d92a4d5994d1c8ddb28fe60f2e49577d6e80cae1478068c98268f45e6293c9326c7f726ec89601351c0a26fd3a6549f8a41c6f58692c86594c0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"0f0aa84ef12e10ae2b279e799c683441862457b9bc25581c2cd3d5b58a5b3246f74f4230c2427a52f01f39e825d250ac5222b26e79f7c3b7066d581185b1a1f6376796f3d67f59d025dd2a7b1886d258":"d02b2f53da48b923c2921e0f75bd7e6139d7030aead5aeebe46c20b9ca47a38a":"d11512457bf3b92d1b1c0923989911f58f74e136b1436f00bad440dd1d6f1209":"54d9ea7d40b7255ef3d0ab16ea9fdf29b9a281920962b5c72d97b0e371b9d816":"601cef261da8864f1e30196c827143e4c363d3fa865b808e9450b13e251d47fa":"e9847cefea3b88062ea63f92dc9e96767ce9202a6e049c98dc1dcbc6d707687bd0e98ed2cc215780c454936292e44a7c6856d664581220b8c8ca1d413a2b81120380bfd0da5ff2bf737b602727709523745c2ced8daef6f47d1e93ef9bc141a135674cba23045e1f99aa78f8cead12eeffff20de2008878b1f806a2652db565a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"6a868ce39a3adcd189bd704348ba732936628f083de8208640dbd42731447d4eefdde4e22b376e5e7385e790243506990174f7f456ac06c1d789facc071701f8b60e9accebced73a634a6ad0e1a697d4":"f7285cd5647ff0e2c71a9b54b57f04392641a4bde4a4024fa11c859fecaad713":"5463bb2241d10c970b68c3abc356c0fe5ef87439fc6457c5ee94be0a3fb89834":"3ab62cdbc638c1b2b50533d28f31b1758c3b8435fe24bb6d4740005a73e54ce6":"2dbf4c9123e97177969139f5d06466c272f60d067fefadf326ccc47971115469":"8afce49dccc4ff64c65a83d8c0638bd8e3b7c13c52c3c59d110a8198753e96da512c7e03aeed30918706f3ad3b819e6571cfa87369c179fb9c9bbc88110baa490032a9d41f9931434e80c40ae0051400b7498810d769fb42dddbc7aa19bdf79603172efe9c0f5d1a65372b463a31178cbae581fa287f39c4fbf8434051b7419f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"bb6b339eae26072487084ec9e4b53f2f1d4267d205042e74c77fb9ca0591ba50c0e7bf6eb07feccbc494af4098e59d30f47fc60afbeb807236f7974d837335bc0b22288ef09ddfcb684e16b4c36a050b":"34aeec7ed0cae83701b6477709c8654a1114212401dc91cbe7de39d71f0c06e1":"e8071ccd84ac4527e5c6e85b0709ed867776f25ae0e04180dcb7105ecd3e3490":"fbac45b5952200ad7c4232500f2417a1c14723bdd1cc078821bc2fe138b86597":"c4292d7dbef3ba7c18bf46bcf26776add22ab8ee206d6c722665dec6576b1bc0":"228aa2a314fcbfe63089ce953ac457093deaa39dd9ce2a4ece56a6028a476a98129be516d6979eff5587c032cdf4739d7ac712970f600fa781a8e542e399661183e34e4b90c59ec5dc5cad86f91083529d41c77b8f36c5a8e28ba1a548223a02eaed8426f6fe9f349ebec11bc743e767482e3472ec2799c1f530ebdc6c03bc4b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"be658e56f80436039e2a9c0a62952dd7d70842244b5ab10f3b8a87d36104e62933c9627455dfde91865aee93e5071147bef24dc9a5aa23003d3825f9b2b00e7dab571ea6ad86415dbd30c0bbdce7b972":"d3a6eb29b180b791984deb056d72c0608a2c9044237aecf100ccb03700064c5e":"047c29e4d1584fa70cb66e2aa148a2aa29837c5eee64dcac60fdba356cdf90bb":"41c4792161b1b00d410cb79cd56bd311a714fb78dc3471c25bdd7479f2e9a952":"cd4936d7bc3ea0e7201bcbefbc908215a97680ca6ce8672360aea600b6564308":"2c25557f6db07db057f56ad5b6dc0427d1a0e825c48c19a526f9a65087c6d1ead7c78363a61616c84f1022653af65173a3f9ec3275f2b0a0d0bc750194673c0eaa6c623cd88abb0c8979baee4cd85bfce2e4a20bfebf2c3be61676563767dfe229e0b7be67ad6fcd116dd0b460708b1b0e5c3d60f3dd8138030404d197375d75" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"ae537f31a28ca14500e759716bc207983bfeab60b25079fa30b77b8d41244cb9fca9e27d8ab84cf9b9ce491ec5d8cb671eb52777be480f05115ae6370f30159a94d50ffcc64454678ab1d1ac6f166fa7":"8c9cb2b19aa3abe83c8fe7da96e9c11648252653a29dcd5bf0ac334ac587f032":"9cdf6f1a2bc07acd4b0f43b5f2b892a1153e2669f237d257923636094fb40b54":"692d512722de6ba720fd23c8994ac63179b5f7e611addf9cfacd60e06e144a6a":"bbeea7b2bea821f339f494947c0b4bae8056119db69a3cbef21914953729cdef":"c0c4fb7080c0fbe425c1b756fb3a090cb0d08c7027d1bb82ed3b07613e2a757f83a78d42f9d8653954b489f800a5e058ebc4f5a1747526541d8448cb72e2232db20569dc96342c36672c4be625b363b4587f44557e58cedb4597cb57d006fda27e027818ae89e15b4c6382b9e7a4453290ea43163b4f9cae38b1023de6a47f7b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"2f8994c949e08862db0204008f55d3561f3e0362df13b9d9a70fda39938f2d331bf3e94ea858160b832fe85d301256f55ecdb1e8fe12260b9bfe12d6e6f161474fa2311e12e39b0beb0fcd92a6737b73":"b46671cf7fa142e7012ed261e1fe86714711c246c7d1c0330fa692141e86d5d1":"3ce9a29f0207d079e6dc81fb830356e555f96a23ea71424972ea9308965786d3":"db950000c0776cc0e049929ce021020adc42d29cd9b5d8f7117fbe6bde3e594f":"fc18ee6dd3dac2306774f0ac36cd789e33462d72a8c75df9057123db33e5f7bc":"8546362cc8af9b78dd6e8eb2c37db96e70708852bfd9380abedc7f324575a167bea18f632f3e19d099cfbf310773f9719eec036d2e09f393a023add8ebdc4fb87af43b2fe6c7eaa4d39f8022ce247aa45fdc84d1b92cacce6eae8252a03ec2ec5330c01f56d113fd2ec3d0240af0afcf13ddde205bb5e7c2d912dcb4aee5dcf3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"0c85e31487de1d7ba4a7b998ac56dc42c6dc0eae7bf5c8aaf1e4e78875f5fb47de878f728f73f83dc2a2f550b96c8b972d5ca8af1a70cfdccd015ee3bf0665dd1941fc6a7317b9d0d06658f5744cfbd9":"9aac37bce1a6a81dc7934e23747991e3cf48c55ffe5a57781c41768a35220a01":"db881e6d0dc3b62793d7da5fe5a18e33be9b93f4a63a00a878dfbecf0d383bd2":"f743ce1b72f3de4c901369eed581c626ed3081ca707e6634fdaff46721ce0878":"cd52da3ec8a839c537dacdea8506a3eeee879de388ff5e513322d6d1bb3ff694":"a5bdd57cb8fde6298e7c5e563afcca60dd472eca484bd8c3cc17f3307be09b601744dd3ab9e8a44107c5868824575f850c0f399b280cf198006f83ede8c0b537e9be227fa140b65995ad9dfa1f2303d560c3b7f59bedd93c1282ea263924469411c2653f87fd814c74cb91c148430481d64bad0fec3cbb3dd1f39aa55c36f81b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"93161b2dc08cb0fd50171141c865a841ca935cfdd2b5907d6ff8ab0348c4ceb05cb9f6e5912b90c3349a50ab881b35a1d8e9be44b5f293482548d4787762ebfb03c73c40e45385e8b98907cd66f493dd":"0dceb4a36326c4df1685df43fddeecb5d0c76f00eb44826694f27e610290f6e1":"105a8f85d6959f3e043ef508cfea21d52123f03b7aea8034c4eec761eaba1fee":"bf781f7e489d9b4b5aa5ee6d1796468af672a8d25f311edf3c4b4dbf433d703f":"c81d6bcf1e5bf37e39dda1735c6f193df115b1a854a12e7cafe060afe4589335":"4306628124d0100fade7eaaf5edf227d50771f9e5f2e1e983800eef9a39fde0b0c280e63c8728d836b5b93ea794a32c1c04cfc54bd5300e3febb5fe2e1023eded8d7cd180279a598f76823e8d5a7dffcc93a09deec5d1f80838e938fba4de9f47e94b99382ae55f116df9c3b3ddf7e50516e203645852a415796f03a86418107" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"1ae12a5e4e9a4a5bfa79da30a9e6c62ffc639572ef1254194d129a16eb53c7165399b3481fdf24d373222267790a0fec681554ff702658122e91ba017450cfdfc8e3f4911153f7bcc428403e9c7b9d68":"8280cfdcd7a575816e0199e115da0ea77cae9d30b49c891a6c225e9037ba67e2":"226732b7a457cf0ac0ef09fd4f81296573b49a68de5e7ac3070e148c95e8e323":"45942b5e9a1a128e85e12c34596374ddc85fd7502e5633c7390fc6e6f1e5ef56":"6fc59929b41e77072886aff45f737b449b105ed7eacbd74c7cbfedf533dbeaa1":"b7547332e1509663fcfea2128f7f3a3df484cd8df034b00199157d35d61e35f1a9d481c7d2e81305616d70fc371ee459b0b2267d627e928590edcac3231898b24ef378aa9c3d381619f665379be76c7c1bd535505c563db3725f034786e35bdd90429305fd71d7bf680e8cdd6d4c348d97078f5cf5e89dee2dc410fad4f2a30f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"29e20d724dfa459960df21c6ec76b1e6cabd23a9e9456d6c591d7e4529da0ef895df1f837eba47a1687aa5c4ddcf8aaf2a2a312626ca3e20034fc4f28033c7d573f66ef61ab2ea0c7bf0411a9d247264":"3713b601e164b1a51dda1ca9242ff477514648e90d311a06e10ce5aa15da5d7f":"ec68be33ac8ff3dd127e051604898c0f9a501271859376653a0516336180993d":"9935499661d699a00c622a875441b4df5204958fe95892c8ce67f7dfb2be3e4a":"256a4ba9e8f439d5487fa5eb45efcf1bc1120491724db3abe328d951f2739fc9":"73114cb3624d687d4cd49a6e769dfc7a3f8901dc41f6ad1df4ce480536fa82e52ae958d0528640d92b8bb981b755058e32c4733682e5c4c0df41f3505a1643a0dd49cfdeaf7a18adffca88256c6d2cceb838af6c92a64bc21cb7a760a0391291bfe3575e014fc156323f8eb5e86518c669dad8d29ad5fd4ef6e296f4a0764c26" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 256, 256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_nopr:MBEDTLS_MD_SHA256:"1353f3543eb1134980e061fc4382394975dbc74f1f1ea5ecc02780a813ac5ee6cf584db2447afbe2c8fa0c15575ee391ba60219332a67b95d90ec9de6b8453d4c8af991ae9277461ff3af1b92fc985d3":"345b0cc016f2765a8c33fc24f1dcfa182cbe29d7eacbcdc9bcda988521458fc2":"6964b9b9842aec9c7ec2aad926d701f30eec76fe699265ae2a7765d716958069":"6a03c28a9365c558c33d3fdc7e5ebf0b4d32caac70df71403fd70ced09757528":"a58546c72a0b4d47c9bd6c19e7cf4ab73b2d7ba36c6c6dc08606f608795ebd29":"5b029ef68b6799868b04dc28dbea26bc2fa9fcc8c2b2795aafeed0127b7297fa19a4ef2ba60c42ff8259d5a759f92bd90fdfb27145e82d798bb3ab7fd60bfaefb7aefb116ca2a4fa8b01d96a03c47c8d987fdd33c460e560b138891278313bb619d0c3c6f9d7c5a37e88fce83e94943705c6ff68e00484e74ad4097b0c9e5f10" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"096349506f3a7653d54db7ec1d09e93413edd175b6ddbeb00e56752a520ac8fffc7983b918acadaa71a67e1624f1b5024260a0495fdaba58aae41df82505012d480c8e4f751fd7ebc39f9becd694b2a3":"":"":"":"":"f4c7bec0c26cf3892d214549ac6f3d82f34c6966d4295099ee56166e879a70ecae130251facda351e903d877b6c5eab5153ce87ba6c7cf8bcc61cbd14cfbe34cf1ed43678aee69cd87b60e6bcb6ff48ebd44ce9e31982d8fe20aec34fa51d625f845f61056575969bf785c2ffab4dcc754f13de63423e94bad8d5e166d96a62a602d3ee4045df162028b89cac45e6207d9097f2b3ac0ab17729251985f276f1287f5c56cc9ba1a79fbdbb291f3a945fbfdbd63cf13b82ec91f7b1085b33279e3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"aece2087b713992ff49d3bf404dcda18403e015632ac03735fed29102cfea6ec1b574952687c9bad0e9aedcfc1da568be632162a83c802ab94f32bbd87f6cf4af1f2703f4a02af7d60e22383a770b9ac":"":"":"":"":"c0344807d5e3ea29fef73afb2b83dfe0aae186047fab6b603d8608df49476be18bf1f0f4707198fefa18804404887ea3c598d887e938440e1fbb8ed0a1a330cff84d952cc6405b12e7bf51b0c67d5e4896006dedb44637e393a97925890fd5176252f69d43920043844a91d0840844d89b8715052cec31e257c121d3fc0ee807b84afabee59624a00703f464b0079f12884a6e888ae4959c5423604f8ae2e6b57f4428e10b680cb74cf20417380dd5378449a24ef95d9438b0fee386badee962" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c39e77d579755aacd454ab7ca6528596c397f28bcd5467cc7e0fb47f398e875da83892a840381c1bc03b7a223e92904a714dff45759124fa33464a97d7f0d7fd2d1c6c21663d31fe80abdad59458c228":"":"":"":"":"10f8ec63a550c31ecdaf2fb1b373f71f18d146ea033dd65cec2ec0b73b55bb6f3fbb7136dd045e09c4073247f093493cf26b6683bc9ebc98025f75fa405fb8deecbffeb0236a33f0ed6c7600d992ce5a268c86085adadf68047178ed89d93d739351f892723d8d6e4f428946e4e6dad1d640a9c11de23ce9b793324e31dfacfd367d86855a28cc544f88b8a91506753fa061cefcb9d77bccc15a23a84dba644089ee03db8374fee91dc23af6672159b0d2db219ffd07390b69879910b5c336a5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"d2e8a25249ac850fd3b01f62cd1eae3dd94d38e724f8e2644b7bb510c37f203890242b11be773beb202e9ee93899b60a00ebf08db1648c8750b14d7b784cdf0a6d4e7cdc816469cbdc3a08d6d32503b7":"":"":"":"":"019f74eeef674ef100ba4a1835bddeb925fe6fffa97113dc00d7d8c0ed486a73e831561ae44c5bd90e189fbe2bb1bfb84f3e82ec8809699ee8c2fad80b464b6b344999c364868300c1edb065ae86109dc29516f2bdfe2a046ebc8725044c382d93990f1cba185f61f71fd22fbd076d727de32a6c1d2f430bed491c9d09eb6ee669a1dc4f8048c7be199c7cbb5aa4f14d1423c8a54763869f5dee947f776ef2543ebb88d3004739089efd86b7b22327ae952747068b35d4b3d86cac1debce3e41" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"cffc6c44279e641856c39f14ed35440ea2f149c77459106f960caf910af21c109067c0f9445320adfc0aaf0c86120a38584747b4049588e5d93569fcecd358c51507bed59f96145bb8db6bfb4ade3a2e":"":"":"":"":"928d6d9f9128b0af64028d5d2e94414af9f8dddd353e4155f42a5d08f3e530930e01ec0dddf25d65de7f49de702791372c71fcaf5f20bdb24eb999752bfdfca28525b16308d46cefb0bc3b260490115778161db2faebbd687b940ba098e3d5be640565b81ed9d434b6861fbb4cf034ba77380562119aa3164dc53653d4e82ec84cf351c35b1b668343faf17f172eb4c0cc3999d7d24aaba58dedf11225336b5bd747825d2ae9100cf6da3276f26cec198e52edf9194162483aa4a45fa348d0cb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"3a1f0474c279548c086de9e12ed754c49a0322e6631f7f441c8024fea654bb6ce245c357b13ae94064d1b41c23e5e0496199e8ac9d535f8d95fcf85fdbd31eb33c20793f35075c412ba7213194a873fb":"":"":"":"":"954b58042d028abd00f7ce3d39fdb61e0cff6c40391ef8629e87101915771b8d0c7e24292751aab1219645743c6f54306866775e28b54818c759a6bf807c4982eddd4be5e22fe35a303cd503d122cc3fc5cffe50b03117457e2efc1fd91a9768964552116811b0e65856e8f8256681c722ea2652deaa2498025e84262a3fdd78bd33bc36c057e198327a33232ecd36501a0acf997d0149b4a833153b710b90c8722b232a574d22e7026a89a4d9cc3506cc9942705a162b34db9f49301a087dfe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e5f4fa500982bdf8b023788f9a5532482b29b12e8ae776111adaa617a958ce8977873caee6e82c5098ae77287bde1d8295b8aa125923dd7f8e05df78adc29898836be76df7c5aafba6493b211cbf8b94":"":"":"":"":"5b3fc1a7ea418debe79994bc0a8c86f487ed2f320c34293db950a1a026c239b8da6226d1dea509a0fe76f5a811c9391a622343324c293a0090587c10193a2961e358d1e71c269827e0d44e93d87984f47acf5b4751c8c066156da1c44662af4826cdfb5f7cf98b1f0200d3a0d7b99fea7f1b17dee7acfa5baee8f95ae4e0bc050bee2eeea7c09baa729e6e02ed19476ba3f8f5a8c1660de0353df8723efcd98f5fcaa56f6eda77f2d15c76d26989aa998c4afdc53ffcde47dafba8fe5818e8ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b9444339a8738df6cfe95b6dc28980d02799b2ec5c8dba9ca98fa8075621a04172b0c9e414ea33c8bc4b3beeb536161cdb9a2a516f3e87bcc9f92ebbf4ac1a900559756903b72c4c1b5f9082d8b341f5":"":"":"":"":"09465004f009ed378f440c10fb122a265f464d373e7f1a1719c713f6bf38d28fb5447c269c127a0c10081533a847c0e19f4b640be0b1edf84d95025d56679e5880922f29c942e7284296a9309b4fab1b5bd9957d470db28d3d36a3585fd37573e8e3355d03690241d6f7211d8c6b054a813ba25f9cda76202d3270bf12f66d2e5ba5a946c7d28dd22d55d34a30a040aa9782d1e494603143d436cbb0212fa0df6d1bbf4f19818b99a68d9cb062aaee8fa05636fc60a072ec6e5ef24566c6b96a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2aa822efa22d4cd65359107c46309033984b8e9c3ecb1b77078a09ad9ec746ef4f64b287bcc3064867b678f81ab209db3ee132a11f8c9246ce0a3d6deb3345f9b15e4cd048289991c64a21afc46ac98e":"":"":"":"":"7b79baf0126782bebf1794fb48633dc69ba88d63504d27a206d974854d446737da4ca1fc5bbc54368966b583dc441b105bb30b3be19f2778ed31564acf333b7c4cb1727480aa985afd80396866e10f6da31287cce07358d6308e56e3bbce8613bbf472aeaecb27e66305e34af593c8631508cf7d2c512df7c9b3ab04a4ede436b9d2e6919c03a525dceba10afbf6e8a641591d09e8a90543f1905b08537b8868337c774c20ed47df32d115a7f3306d808bb82d06bcbdc81042d0a16a3fc8d0b6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"a32ac0aaaee05d57cb3a626fd26854ef08a3ad42a3c688ec6a9f9b67bbff02f86df150db0de2e3612cf106d9f158fb570901e1efb12252666e7a680513cf22bc0172c4f8c0d8b2eecfa1d471c10c9ef8":"":"":"":"":"8271bd7aaa795b58d8f741bc207332335a68feb66ac9c3bfd5dac72f20807029f555c3bcac629d228c3a77d596d99c5d545a8dcdd0a2fb2a5eed5c3492618dab4f763ecd7c6580817c6a7acca42d81831bfc13f38ed56ed42055877c7f31dfad35a73eb2052f6f9183dfc89b5926680dc2aa85995d42a0c073c881f1ed332794a784553493bfd842225030e0056d76e52810236b17f6f067d1272372395ffe9c2df3145cc65ed2c6f2f121dfc6c1eb8fa6132b44ee0373c7c027af80383d4a7f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c586e0f5999f107281dd5c7ca1ff88d4617b4fd1bb61313895dd4bede875c27b5b0e6c5ba15e8725eba8fa009406aa3d8b8b66f13e07c8918c0f3f55262debfbedfc641329e1fcd6442c245626cfd206":"":"":"":"":"9d4f4f688406d8e57d96369553ee39267a9df9020d7fa78b39e1f246675b70a8080cac5aa6967e78c55071241e20a9446a82507a215a6c5faa3a2ea3c05c12905558d98a8eef90c8abffe6cf8b874c5ef057e365fdf179438de6a78b4dcc075b41aace875a5dd35a44f2d2b17d6ef6aa91f79354931c4d487142f7ac2120fd78caa6c7ff5298729de16c0e8285d73a3c6a95ada99f329dc9aa0924b0059a6585853296789b7e1129432baef4bbd2240a8ef7b19046fba104a85d43aee0ebf021" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"bcac6c2160455e7db38a9c94ebd329c1ac043b6ff607a9c76a86156974d30251b4f4b14e6cf01d407cb426ad61608d1599a6b7ba9402756bea2709cf3b162cbf040d0f5f38fc4584cb9cf4e6a7bb3984":"":"":"":"":"37d76ebbab0d4c8354086a5c5edd5aa6314a4770749d468b9e5d3454f2dbc9b25432f2d5d9f4b88bea7f9835edb22f8a7b09bd604703870abee1160369d0575bdd3847ee5fa93a9fe9aaaac0d436022f94d1b96655ab00feba1f40202425e51b084e372249fbc37f49410fc9d4d16173a9bc29181b62e342a8835f818d2647c45b6ce6c5b6f29add13d57e80513f767339575671bccdccdc9d093dbd72c91ba07d81c58ab5256b6744a94f0e75482e3848de891dabf384322d1419814cfe1590" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4b667d35a481779ad919956ca06e07366a974738c09a5685fa23b3fcc1a54260cd39d725a7f2661ea86a2d57cfcd2a91e08419476bdc5534df58c6c3b077d3acd27ace0472f91854c164de7f76a9b1ac":"":"":"":"":"c82e5e2fb08171c233670e9e5403b07c600be4e91ff5b57ae284c4d733139b56ece720e82d3f9ac185e37d0f44d5281224cb5f9d230dbdfcaf1756389fe752575a2764f6ae775d0a82f2eb1d901ab04b59b54b5fadb2acc9b9af3e829ef19571dc416752b1bb0935ea2f3ad69dc452285c2f08412b11794134ba3bda0a10425576e88ea7b069b74b436aca93fe9dd1dafc78da1227b13d70157f60c9bee644451f8765e4c8badddad6c779d6b42d4e8b5ba65269186b04c38db348ab5f7a4146" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c0db9453f84c2aa74bf93ef21b9e7802bb8995f6fa5e634cd4064ca2a0075319a969bad1345bb5432df63412807a646d2008394d83989cb4a506990f59f8da80e6b3a1df3fb8d726639d59cbaed1562f":"":"":"":"":"120bc268ca0d3f55d5aff5b360ca4d29a4b8ec5cb624f9674ef0a67b90bb70c238b94b2bf804fe74ca18f8364ff8b1e50b2315f8aa0c3fea663e93c80544284136de1d162e9078e9a074a50b493bcc7e0c83a0047199164a2d32133db57abb05b751a357abd3ad5298773be21c534f98645e94f0935afa53729462acbe55993b7d801bd6b0cbc8eeb5a1c5f0c0d690702f8de0a1a78dcca8862538201fafbefee55cd5be62afa8e5111c89f1f68d0f1760cecc86bf6675cb09b20e097bace037" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"31836d292cb46aad594171e76237a3422844f62fb14d0cdf63ba587e73501051c7cbb280d4b46412e10927c9523bed1beeb5163737db7f910e444e5d5221c5469655fda4ab7218e63e1451f461b4fc70":"":"":"":"":"1cf3b49f28b791e7c81706fb1a870f1af134a0fb0d2aacfcd6e446caf0a91c04dc160f080ebd5503fb7c16ad9229bf0a7bffcaad07329d5bde4576870758a4bffebb6b5c309114688db8e59a55413b4b37689df38d72bc5358291bbcc0b05af487a33934ce626efde918d0ed5f2deb75a17bd8912a31dccd783354477fa850520c3b97b56c6d2b9e4a05d49bc36e6683271f2322c9a546fca88c502187a5f4a2035bf5c527aa312f16c357c37162d722510b52ff8357490a096692572cfd8b0f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"a0c341ddf73d9404177a5fde32cbe21319c318f35cc9afca9ad41a3b06e13491e843cc6afdf2bcd00ce77ff06ce3d8a54772c46baf142e569ecd9131d6185af3575bb62a41cb646bdcae8a7a9fe60cc5":"":"b83491ec1bd89f3fc84acf1aad6fbeb8ef6ab949f41adc6d0dedc53722c171fe":"b76cec3d6300ecc4a02e810296c7e70bd9b4e7121fc5e971cbb94337980fddbd":"2a25cb0ecf913749ad46b585c76097739a14ca7b59f1f3ce4f79bc8a4afd1378":"98c01d4527fd131cc327e9632104d9eee10407cd73ab607228d37b9b72ca2c987aa794804d505d072561ccd5016bd4189ac9e3db9187822877dd533347b5d2071818bb7683312e1e8806e9b73b021777f7f878bb7d304ec58ce92e5e36d3d05a7383dc77f3fe6eb84b615f3f290bf8a43c34ef5478a30a6ad616157c9d7dd046aa66b522bcef61c9d19382c32425d38ed3fc049e73035af1e8b97388de22c4dcba0bdc09fd36ab7eb3f67659cbd92b8d7f6d74b56fc8daf17068c65fb016e29f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7817fe880c0a4224eaed0da5f3962727e4b3be567021d37d3b6d4cd779274378f1cdab91c4e7c1433dcdcd0afbe4b43c32a2b5ffc520ac3721bfd5352fed023d04439c176288521319b5e315b6e5e85a":"":"c7708c25003e6587fc8c8116c500d37299f5d5ffcad3405349351d4fed623874":"45f88f2df43c4b9c3d829b7cfe61904ddf658c16043271f01c5f06ad3ec7bc32":"883cfd717ad8466035e6d3f3c04813e21657ad62eeaca449785aeb0836ac94f8":"6e0633c532099ebf0b10d4ad35d78a48b82fbce37913e655484ae40e29772a25630a7ab37f1d0ecdce27773a2ce88521b171432c07c02269df1822d2b6cde0d9f768375d9c60e688f497fb7ae262cdd5f7e8b84b84411d619c36529b41576ac456a240ed94d750fa722db874098ef7200c74c3234a3e5f21fcbc2cb5d50c4297d1e70901b8936964ccd242098002f4c8ed7dbf49de8c2a924c737f248d46ac1469f676377ca52cba12f28d9b534504d6e8423b5404b7e14de954b4225bb53551" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f2bb6edec000982bfdb301d1d88a23ce840e496a4f595a662e4127571264f1d7e9e283c567f11e7e266459fa781c6fd95339015836ebd69aa42857010f44e8a72b81f501c96931fb491dc1192f6f6a27":"":"ecd5ea33146cb74a707eedb8df881eddb1797cbb7b16c16f8d741d23795774fc":"d410d6e2e848f2241ee45c9870064ac0217d97f59a8e80f6b5107ff0e4240bd0":"8a8c58fde3b8c9711757cb17e46587d0c5187f758d64478e9968604af0367136":"990b1f68152b3607f3011f8d04ea33a3e8fc479c8a6eaeb589133569048fe1284ab44d51bdcf4f0cd4c8d64f4c6337cdbe5f4f497ea90ee4204845bebca2ffde7831cf49892829322644c4e20a45a9885ff619bdf5e79ee53c26f47072e20a46d2b108d180d6ba5859a696f472bfaa80b2fcc7eda374a3f91ac0b06c9f13afac1af244a389cab4489d0ee04a0598f9c5168f39b40e7127dad9f20d69ede6cae7683b25ded1cf9d903541fb4b0a804d7c163ab068d22949f28a8f4e853e691e51" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"6968f5b87019b4cdafcc9f3a89321f25ef5d8d70fd0781c9e3bb01b3ada18c8b61d9142b639aa75f5f9d798ca538475d09b121048e8a0cc4b2286efa12fa8b4b959938261a1ec8e607526b7a27931191":"":"fbe6b8af6685422eeeafc32327a99104b45ca5602513aed0a5c6235328e8a7a5":"04f137391e27caffecd4413c775117feda27cad839aa900ff2af47c700034b08":"f185925cc180e556a0703a5956ab6d846121f9d9cff97f65bbed3bc44904cb5f":"c8bbe16192bda74ef89d9859b248ac658896bd40b5491c90e923cab6815ec3d2126c62410370f5f44e01fbf1d1653064aed835604d5fd0633c8b71cdde6c831cd91d69e420db83e6d5d82c26c47a11f2ede616a2885a884835cf2142a6ae4cabe989700125df12902374bcce04f3fd78f034e50398d9bcf463dde6796627820c75a7efee82fe4e16375af57ad3154973042e0a92110ef745f468377f6cbec5fa1a1470eac80408f8e96d37248b100ef8476c2a85cccdfca5696ffefeeecda9e0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e8e99ffcf08aad8e50386f5d079d79d3db783a74165c6126b42b3140f744a7c723541930c8c772adb62981dbef8d054ecdcf1c30228904bd7ba31798bfbbd64757aa251ac9a1ae8c20a050670feac59b":"":"546e04247d6cb5212a57b62f99e1cca767a5768cf79296f45f0db24732ba6368":"fd45f66c8dede41387373c38674605f3e075c9b7cfc66123a5478b8f8e3ab276":"39911a79c6edbbc805a50d2aa018742094177a8e216d647c64428c00169ab2d6":"871577ddf34b29e5caf132aa82e1d2f1586b76e39aab62acd02f6d4440908a772ac5f6fd48c5f55f1ebe0e76221ac46b834a8a4f5dd9958721ee053ba3aef1574ebd980a5da6a94693662717ee548af0f921421d1afb814e4d1799d351889d2a1bdd57570a913e428e6613b16e158c1cfed038f6578920d60db73dc10a40da9bc363a0206b4e7e49670eccea866efd9a05bc237042cf052f2a4140f9377e3c6792b88ea06323fcebb99c643fc1c3653758d6866cdb148837fb0fdf77de1564cf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c7774e199b5a8c0b306ca236163249044ec2153dc89bd1c1459cfd40cc6069fd1921837aaa80f4dff34a97b4dd7e94c0143efa24f34924fa52abb4275a63cae7048a7fbb8b76300fa8d109f9561f1699":"":"1f437f758512071bd23d091c2b1ad8d51b99acc663e1d037fc5421092cbb1a45":"c622ac1071b50e4f899e4760cfed476adc013b6ff95c9b7be671f79cd2487ba5":"f973f45f75fb0d68e0bc5a723a72e722e6c8f3fea08d785141c78786da5101c6":"9475c697af430e94ed396c707bb7d5ee5bff18405131a0e898ed38065abc28ebdc1dc33d767c4dab69c846e3350bb414ef2d43798710958a6ff3e6b55de93c2ac31793a1dd4b07379e364ce72553323b9bcaa8839cbbbd347b4a82010b78967219b84c6fe9f9285ff741a0036aba6bfa7dd0d5a4ffc1936341b0e2a31082123b6d2af6740cb3ff43bb4a87ee74ef7eb06030745453d2ec225c8f31d214f1dead0f29af01ebfe90d2f8a8bf5e031242ebfcbd136b3e3db1f63a46f69a26d6159f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"898963d0237c58e4b7b6e894ab271555407d3ae8c1c4599f5f5490ad5701984a6e5ddd58d311b547f6fd2d4d67addb4ca6b86839b83978baef72b8cfbdd0cf180518af0e32e52ad4a73db460af05e187":"":"cbe5f14445cd310aecc97113232a0121ed2082f2c4152b4be68448f36c91b1f4":"efe0ef028e4179ae10b378bcda3d96056ff21d94404bfe022b563cb6690ad563":"98cf6a771c05f904b53ff9b12709d20bc3f1821385cf27ace7a4a584e73866c2":"5682b6bd667b45dcf16527a817852b52a7f5d0fa8c962f3dd3af63e7e71990da92b75e9fcf5de59b1565f525a734e978ba74dd80fe89a2e527960ce4207b9ca514d933676ad93e6dff5d57314a45889637a623eb7832854c3897faa511ed6dd246d2b8280e7d0524647d4bf7715b5546e0a9a1dec246b1680adea2eecdc354fb3122654102cd0bf94ac9333caef3fdc369e7649653352739783d048e08e8d231b332fa1558745e2ce89dd76d1dc442a71dc3d5eb7d3481558941e261f989b097" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"426bfdd4ead656611ce49bfd9f213843c194bb6863534ebc258415148f457e6e685fcf539922aade348a2af678038610af676246632dd70920d661518d4dc5221381b2fbf1c2f3bfed01cbb930398095":"":"971785b18e244d03e25b9a80c2c2204f5bab6dcbcaec986342450eb9b376bb5e":"5de582cba43a610866578604c9f2a542831f41c277d50b324f4edf1e2e5d498b":"46e4c325d2c45e00a3c17ab35115b5370abbae61337eb2da4e6aa91f951f55e9":"f2e8be2e994b74a4945fedabb167778523865ed27826f9c26ca2b49bf32af1626ae62bfeaab13e9bc52a081f365062a5cdbed0872f6479cfec5a5e79171d97ea898e8d10ed71203882d1d7b7d28c5d59b8872985abc628e73622f616c4c0904ecb1e4518be8b4398662dff8806c3f43750cc9be95aaac2a4730f40323d63af157d13555d043c4d0d7cb53f202df282fdfc5544a234f71121e893814f4bfa926351c5e9427e90f1117a3bce7a16f0e08cd06c3d7c458f9d07ca3269e015733aa1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"ddfb3d1d93e977aecd08efbd71dd48168e67658d93596b742670ed7c8804bd3e730d34a80ca1fb4ad2471ee22461bbda670337d675a17721ac63c3793153830a26b1871b316a3e10e49c555f44719577":"":"390c53a5ec1db52996eb042f9a76e45f0bca76ef6ea31b4642f00658342e601d":"b5436e880c15f03c3bb846d90f3ee5fc5bf5393865a112a4317d724738f5dd25":"d193f932af858698ab086bda36d04dfdbfaf487fae4298b38fef97bccdf63f38":"bdf9e1ba1fbafdb8f4628098aefae4810ee7fd565d0d285ddc3840f8e24a9985c2de57edf5a511079ba6c952c95c626e296fd62f3579ad03db536238fe69158317c9c26d373816343505c60a48e07a00edff8fbfef0ce69ed176e5484d056af02a270bb6fce7bae0b223bfd98ad359d53b159f3295be3fd630a568d2363121c7021ec23b14693be48f5b55e06be3d729c2a80948194b1266da96317bc592362809409a7666d5c168125b99de26da741f17ca52d63685ee8d8260d45764fc78ea" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"457e49a71da81a2a08bb19b97ba8e62ae4b5ad4ae64daf758a83a75506f9251149b2bd7180f69b9217346f8165b7cd8f100e0b1066e2877f5e5da21b037c2bbf178611dae627d9beaee64a9d0186462a":"":"c3181f694695c21405588f600ac33871b519e2b8e3b876424b32753da483d6ec":"68e717410f99ae13712175e402b51058b7625b7da27224414b472f9622d163d5":"f2cf13d05e853a13ed47c5d0eeb9c0416688050342f0d345ac1bb21d5ae675fe":"fc23aad02870885394ca831b72201d76cf736f08f6132b12178e8e3b016fef8d3bbb849e5d935ab732054ca701154e7d3e87d1b51b7392ccfaa19c4ad28638c67bd149ff67a93c09ee1fa5c2ef7bf9d40844baae79169e52e9990c93f099e036b63b000fb8ea67a13167b045c8f9163045beabe0575fef00b89fd90390b0124961698f4ad8884a1e1faf576de7a179c03221402279b31c93136b9436f9a07b5a67b1c199e7c6cbd0b5f53ee5bd0ef845243077c6eda0e021ac9219f6db5ad503" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"79e96cc8e77d8fe72cd6c66becb52753cea28bf71680fa541f345b83be79973db4081201bf23c94d1828e9ca1e825ac18aedc5ceb87a4c1b0c333c88d97e0f12d61b338e5ace5e15f71283d31a1ea90f":"":"4304ccb2666b227c92e2b00659ce0b34dbb53451591e32914a60d6e6cbbbfdd6":"d6e74777c02252b0613357b9a582f4d8cd7e436daf1674a663561b62d8ee7143":"0de123897d5f090b52db88e4c0f9fe736ccf27c134b0f5eac61b200d15e07986":"55a369d136e2d903c179472eebfc45ae236994669c46cd318401bc662f38a1f714f78ac9f15c819d2bd876a7af51e6caecff3c650a3e661e5d137a354cb16aed5b1554545bde08c10baaa5bce22284083b43a6dd9941a37f1a18929ced61181c137e9e38c79d107465a5a12f2a2f37788c8e398ac48b2be944d6dd3562c05922c25569c26a1203fdd244920e6c268028dbcf6807c05bbf1559969981467a479d7117a91f210118c1159749a1dbce4d8a0d5f2f8232c5152cbaa6441865ac3a88" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b37180874dd4a7e08b1256966ed5845001b0773b5136956dca7194cd12a9d9e1f1dd35534f579307de11c1e64875e9377081de3095d83ced0ea3df2ee8d5be4daee545b431dc908bc10efc04db16ab4e":"":"d3c8aa88cc8d5b59af3685177cf3826cd675854deddcb9b501c40c4288cd9cdf":"6783f5bd86fe178e6a4d303342374ed32853925f143a5ad083c04a9c298feb99":"4774e5d062eda04b680d717f652d87bf5cf635f597287b76fc35e2d5ce593d08":"e478d45fd3eb6f4c398a0ec84f93ea6861f00666753c143506c5e417100077e2c4c9ece450d98c9372d68aeffe9e57ef9176d4084f9c6d02479b516942dd4792a90ffe1e4e49a8156bdd872f1f05facc06e71e581f919cd94fb97208515ba284fcd255ea6f1d1ebb7d351e1ceea1cdee631072d3fc3f4ef9d5fc57a9ca98c88b81003d858cb5be0a3520c34e52d3beeadf91388ec9a495b1fc7ff7a6799ab0af211abf52c15467274c04bd104df14033df000d8624acd253a6c954c0d89b7238" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2779f20c02d086d30d53dbd6e7396a35e677214650e39f2ae83077fad70c068005faef347e7f73efb53a92f0629e012c7e1246d07b4e1bea7008dd8ecc7546e3f0a6e0e950e083373fde3fd994e114a4":"":"55edb840b85b391d4f1940be52a3e3824119349c780811c570d2c88dbefcea16":"e83ef56f09f82af4dd91a0b887d3f182dccd973435b74b7b3c432b39a61fe720":"eb9f30f2886d0486c5240f43104e426b36aae0006c4b9c64dab1bb713bcef7e3":"68c3feda06172a191184e0bb77a8f3c9096048bf71ed95b20cba1b1726660900d7d9f97b7ac648c76b50b921c28eee3d401ba81c8a46fabf82301fda8ffe9d76bd93cb275638f7c2088cfde88620661eb844cf953cc141b31e946338a0203c8ae67c2af1330a53251818aebef893010f16a519fcf22060a9aa9c597f3409465cf3c9ccf753db8c0bd3b465b028adfc447e37b5129c17ae9e8bd01f762662c466491fe57384825c163ab8a26d67efdda01b053c19d3bc6545c3661f2ad1df1e33" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"71c9fb2eb8cca98860f955a8bb3669c70b6f5374256da23fcbc4ffc2e90bc0a043b8ecbf1cb0c7b65a2cb7a47211541f2675512138964d0db8074727158bfb4f0d3c093f1e2c2bf697a48c2ebd27153b":"":"13b1d552e2c8c84f66961ac8c919166a248bc62fb896cff0b8b001cd7e147bd7":"27d626121ef579d9969809762c77068e4573af44b6e947a2892337a11404c133":"456ea206c38662750af39aed5fe0a39760f4dac85b83d7ccbc335f53a160a0c9":"464aee8af42ae68ee776780113805cade246b83a698c34bf4c92e5d81f28829ecdb808884bc7d784397f2b2f8c76a2e3517b53bcdc7257f44ec9357d014af4e8ddb44df98da72775567356f363fb85885f8f22505e5b5a80c824b4a0bc48029e3419d3d2f161b1469cead730cb123ca8387a2c8276635a91d0dcb2220797ae2702468587ac3a70b927625f3a6e2980d6fae6fddf4b380ca0d91eb4aee37b98644bdeac345f49523a241ca392972da02d70364f9401c21fcf39eeaf414a09fdfe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c9e54bcebbbdf44051e80b91cd10c87dc24267923350b6770406551a5069ea2255201f3f15bc3a2e4caaf0b45510f19db299a41db8d56ce993ade44323c455fb1a3f504124c35a9e907d9765e810c939":"":"2819b3ee279d57145ea1020ebc77c46031d69524a843158192e081f2ac91512b":"269ac853ccd332fef61330af7e80a33791ec44b6cbb83006e5ca0670597b35b1":"fdf031b1e0a8016bdf6a6ebb533dddaae1a3a5b14b9cf52a1a8028cc720b10c4":"a1c4c1d6e72dae5e4714bddf4a1cb8d01cff8a3973b12022011270c0de7ceb85ffb6a6aedfa54d0521ff33d748fdef8f29c52c7c414e692a30dfd0013776b58f58421605369c83d4d891a19c782a2d036f9638aba9e24b0eacdee87d4a8011699b638c287f0a12f11ede86a946be9c00d21a31584a2a0da536dcbf86e2df63be9a7b771999c9c7a6b748de713b7da757de2d731a8d980b75136b0fdc75ca7aef47cd36bb9370c5ca0ef81b9a04fdc78698720f68e5d54e1a777e557a1dfb4c22" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4d95f31b9606a5f6d04dff1d89b50becfd0882e6cf51c1c5d24ad843bc12d977eba4582c39d793a63eadb63f292568c7fc4270e6c9aec83186a20819a7d35e7f1155ea108794302d593c53ce9d25422b":"43bf6f32b3b5f580b54179e4102d063536e7c47681d6de3cfe88fd8ec66e4873":"":"":"":"e991d000b24ebdf838ba11f9849591b0029feff33604bc4d71acd94301f8d045eeb1f81f3a101a297403a35859113c099939638680d481c86067f54762892f82146f61cce7bc2c85d395348f3ea2aba6bb3e59dbcf8e41a81918b6cab304d44ea1e32573cd6936f38cdc11d3c2f96290cc27b0dfa3bbbafa9394acdf2f4435170b428563427c4b02ed25924226edf8d5a5eca4eec4aecf98ef2e6f75caa70bdd84877df2e637b7fad621c6170ca5bd86e21d0bb01cc90fe2e76353a9d5687bea" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"1378443dfec3c03d36b16bacc480edfcb1a4a509c17cf4b35787dae3bc91ade6c113a1e0df927a4449ff9e2f4f1cd9a27b07f57ccd6777f6d6bbfc9655f0676d7b4f91712efd43315be7c7f30e51da89":"f67cd35afbc96756499c68a5ea19991cd1ad4880fdc13afaa817608a141e9646":"":"":"":"b32d9838b3f45e3c4b3ede1181bf0aadab96d22790d8536f5913fe95c3ec0179dd1c7ae69430bc8c68f4f30105199b785a11adf7abec007d18abcee2e65df5a211adfda35fed8b9389a61d2fad33fe020119e72c782a316f17f8a588239567315bda461f5f4518a1aece4d0ae028c153d67a8d4ce620e571faa0403c56bcaa864822e4d8ae6d14feafefccbe879ce4baeca70d436218e0eb3a62bf15c018fd4cf66a50e3d9d7cc9e4744e29e9c945eabf03a6a2c4ca57e582b60914417da57f6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"69e9396c58ed867eb52fcd046504922e2e9a9b059234cdd3f0a09eee9fdfd45dedf5d3860b25115f8a3d0e2f3f543890a23a5aa278f836577956944a098d18f05900d1b076d30ea745be745b9efc0dcc":"1b6e1bb613d199a5e6f1b5c2ed041cf6f6633e2ef4d50ecad89b28102bf70554":"":"":"":"ee09f7b24cdc6b51a8212ca00613633c1a5f044fa921bec31baf679f5ba66bfd723721a03e0f260a44ad5cc4c580080667a781427a34c3d2fdfaceb4b040ee675491c4dd0c0d13abbe81336384806e37f2729e7fd080fd57011b54b664d58534c831c90d182d4d955676938d484087b0086d2bf2737a912afb66101575ca2bc5acf845f4970bb1ce4441eb667d5096319d6282714a8a9708ef9964cadf596ac3e7b1ba18fdec7e2e22f5e6352e825e965a494cb880aae78477aa3bcba9428107" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"d2f390fde0b50ea4afe6baf29a75e698fb0275c04c481df03910d238f4e72c6f63a6231df89123c2dbecfe0cb0313db34288f4143694ce2df2484d20884dbca097e35c3fd8ddee5273b53c1149bf5070":"2bc38d852d1ddee2e89b7174032d96c0b97f955e16bc61716c5c64248eb6232f":"":"":"":"e62346c72ef393a2904e982158992df4ccab03142c41d8d29c1454794926c48570eef34bd021d44cc9106401e9cbce6ddbb6c92257e89a787499d7f7a2dd527833307e02f44645ddbcb1303f1da95382c89805c76a2f12eb13d2b0205b7ec0ef21f596c98af608a2f2a2c5e3534e01a23ba25bd5fcba0481482e1ec8138fb1c86840060919d7620cb7b879d1096f64aecae1ea085a793a9f4dd665449ce73cb3036dd5f2a49138ce88c461a0a9e2f0c1fb8338f5eea53ab0a0ca8a8df9c315c4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"0cf86ffa1456c453b53305353ce43ad3ba44ebf4c6943cde8613cdc417ee9f6e759c0bf4676f1ebd05c519eb84dfcd3e379ce61016e48cccde24753878f7d8fd5da72518253b2f836f32e5b594d54ad6":"088c917f84679641f491aaf105eea0f02d0a8ae0b7add69645d1ef304c74b417":"":"":"":"79e71d9a974cb88d9022d35997032bb5fbf8f0daff411467217837a836aa44c493f868a333d1ebf66689895b53c9e01d58019dd1da2354fb966c88d2d6adbe66ac0b8901595a24dddba609478ec36e497f6fb6b4bcaa88b1e9a9c87088f66611446e8c2873e89ee1006b6d92d2eac54714fc6481e7782b38ed4b18d5f9714ae6a544110cb6063c8a9964c52a7026f52af448783c3427092e0339efd7d1a8522848a2faa8aa19c21363a537766c05505cb979269c73ee90679feaef8df13b6506" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7179c434bffa377d9b6821da9571667c8b962196f7d8aad062e75b6091a34a454e8f4d14a60fb5253ae373cf50edca93b8d2eb2075076ec8c7a42b7adbe7723a6ba8b51a55fadb16fc3a6fe9da020482":"bc1c39e646afc1bb62685b746007148494209a419b733e938c1a5d02e2350860":"":"":"":"3093a2e1f502d44d8be4f35b386774162f0e10870f9cd34e3b9d4e77c7ec7cd10cdfa0bf8228be96cb5741f069440a6b6f9ec155d88ba66b7fa84959c53d3574bf1cf9f1561006c776223b881dd396e9e9830af2c1b5f7457fc45e823b411c5c2ba3b11219aefe5508f75cbdb5e40edf6b1f61453541ac98dad9ed502bf1a8afa79604261c7a89e78cf2941d520e0c10bed18820da6c23a5ed1c0dffbb04cdcc9c3284d400644e9365c995d8c99eebf444f2cb051bb62f231301d31ea815c338" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b063333128a6ab4f433f151ae8aec4283ab6d1cbf4a69447850fa1a25930ec0f4204da52752a9bdc788c5cee6d8b92e1b8530dbe0c81b1d34037ee53f20758d5750d9863ed60c762ae2a8b4c973acc22":"067708b24df7a34811993d5c65d5348eea73e6c6680293afab5804b4328e7a96":"":"":"":"5f74a1d199f30fa22f2020baf036fc61b1cc2acaa80b48ddff1cf85fe5dd200a9afbd8bc51dd1829636fa335660f36d5d2a516e4c38e8ef0c3cad979e79e7e226b820634ef1d76ae81bc3e3807913eb0731b2e959c43afa83feb1d8da31dcdcb3dc3a4cf8f454c4ec41bbc822e58023f0d797c844bd8f20034b31d99579bff142cf53d2651d7a31b212d2b9d5705b048860d6c4e3f45ef1bf2d5e46433fec593b9f68be8b1e928ea04ddc4ce2fcecb737bb8f9d054c2ba5060fae5e5fc21a650" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e23fa0c86c8a7b99ba0d3ec3ca47349a57798c07587b666cc4ae1c9eff83b8cbffb49d1910bf05db3c7d0db7e27285ae9f6b4411d84364b27a66398f5b0a897ee2085526d3ac4f65e70800067d57a51e":"7ffdef21683a75484f6ac304801c213dc8cb7e3cf0f94c358a2e1ccc9969e834":"":"":"":"f952956cb8c528efe2c831c67b69e8aa7e79c013161497b9c55415fd40c7fae778a6fa82109a40dd72fb2f4d92e1cbc47f52d055485c99d893fbea1cf28dab35be1f162494cb79ea45c44a63a1685217cd3733dcfa88bb6de65c68f2390e479c0fcc6b398dc5498ac93002e7e7f360535d082c8e46386611075665060845c4f8bdee38c23d2f90d2b1d78217e865ecfb6df02498db837fe581c43382cd1d3a508b6dc052ef7c4d20349679db8d8bf8dedd763da8e5df775d133970be062a9ced" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4889013333cd1e2b3b8c4365bde690b66e06bcccbea25f04132a0962f13a7d458e823f5ec0ea091a07065593ca44fe49611602d165a35aacb352206844acdf41dc2c88b63b36912ae81875bfd3e098e3":"b4761d82a93e17d8a0a461ec8205932edf218157459a25a7f26ceddb59992192":"":"":"":"72aa3601986e6c970b8c2253118b8381264577e391e48bddff0cceeb5101975391a2c731f5611316b255c2a6c0554ed6cbf8acbbcd8609e3f99c3cec38aa060eedb863563442b7beb78f35221736c608a933aeb0d4a7cc050fbcca351cf780d42c5380284a6163520a80896ee7f71d2961d7629d673791f8fac10bd01d32d95e8efbd65381424c378bbf54b532a70c285d98bdbb559c9f37d6eae889b82d5006fba2892ae16acab103aff1b247711ef92dbc6e516c92e388fda4243808f95170" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"cc32ef3ea3b0db89c69312cad56b1ddea73ba4c302b85ff3c6605d1899a96f49909c6a54d98baf096ea5bd46abc2535309676d9d6bb9917271bf8c86c8852e29bf3ff5b2fe56ac094fa35dcc51547f62":"cb80942bfbcd8f112ed601cb12a5ca52cc0f280522db11da92ac6c76be3932fd":"":"":"":"2c972cfe1537bae42ecc46b1b41a691350f6e63c202245347e91602b93a4cbd5c8829e5a4f63f7ee0e29adb69386e8b659dca2e6000aa03beab132db6dada8dc35ab68433671cf621fe4593018b1eafd3a2191507fe015e2a5694fdfe2c3182fada71d18c5fdeed065089862249c5508f055ebeceb9fcfe5d16e4479dc17e2b59b5a0aa31cf21fc6b5925569b0ca63d1a5cd268a4d409f1039d902556236fb06e61c1c054ed3798cbe4d8c2a7b2d18206212591174cec9da519fb876c583a20f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"142bff9332c48103221359040cda6632baa92cfbd1ae7f8b3d0e33d6a8193939d9d20d17fdf6edd1b3ca9ff600fe965746b0ba1b61e9aa5141edb77ade0f191b87f0b33c0f3620801a755dca02698883":"8dbbcf0c190783122aa6da6e05ec9d82ee29f8e74e59f8fe6eb9492fe410df6a":"":"":"":"2537a8638d5759201cbc225e844208c1d08443b055fafe23329aed5eb2d814703b0fdbd0a89c2d62f8f4ea7746905b9bd90706b734060c96e4e406675576bae84317bf36d8523babab72236b71fc6087dfcfcbe765de13cd1ed316f495e3bd08d780cd6a58849c929ef24b41e9561868158046ffe8d2a89d169ba31331611f0872c6d075b9938e5170a3b8612f9ecff4743c0db5ae365fdc2678ec262eed3b7c337e65dd1ff24a867574ee460bec7c374fc6b3fe9b0eb7bd9f5507ec5988d313" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"821ed44bd793a4af223aebf52413ba5e0e231b2029b3d71475ac028d8c10f86d2382eb9c62bab540be847e22344704d339b798248d0bf2990c0621316e3c98ec07f05bba8887783adaebe8fcecc48fed":"8d2c8cdb2ddd6934271941f071ea47dfab869a5671dff9d424b916c1ccabb02d":"":"":"":"a5fcf13e4a6b9829ac30171920478a7878aeda658803f2e314f9ef8cf42c9c1933cbd8dfe5053abd30df644ca062070662f4b7e7851d28ff801cc4b878523b4610891abb29c095a70665de1199182fa193439665cb19cbdb00aaf3fd0fefaa2278194e79ebf652713a28c36f2cdb83f96c8eb1e85c9969381b52bc3444e8ad5d82c94964544b3e6649ae3f532d25a2e370e9fc8c77753239f130091c43720ffcd2bbcdb70a75223cfd9346091e8c056227f66648941552efaa5a0a369291e9ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"977bad4c5d1d16a2439863af8bb6fdbc206ad0bf20c4036c044645962c36e2e853f0d702a54b70421a509c25de124f27e330eba581fc82efca522e43956187c9ee4f58f971e4b91ed51cc8aeea26fdc3":"51cb91cb7ff1b39e18aacc0baad20443522bf869f26d9d7182005b5cb1d018de":"":"":"":"df4acafbe4f28ee47acc5134ef665a50deb68de9b3c7e075b26d5731049f13ffd00cda05f612f20fd901ff127277f269c069607442ed9f7b41892711a72b83ac592048bfb28ab2c64c6b9f5eb4427450f4475b1c04dd4665998b638d06fe8f463e2f07ff46073003132b66a5d4d19a65bd08230d1db0234fbd09a98864f8ca824e7a0ca9f1d1662027a60c7e95382122674d88224fb192cfc129952ed6515912aded9c72a49a39a00f9f9a16abbd361b20a12b5f3c4de54012aeb1b42f6fa3bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"3116ef07685eafff1c77f185fa840bb5627fb9a5d79f72f8007cdcdfbfefc56bb1769991d78e9e48fca4c97b01d720d1d3ea6fa6ffbe2569da94b6bb36cd34d72c37d0218b3d02c391e0653e286b24b8":"f138ca3ec867cb7ed7d5fdb0868d7470de5f802fdb941dc400ad524d9032e23a":"":"":"":"59f01ec06c97a49cc5de469cc2b39c28db7612029e0e24e3c2b24f92c0af2383bfb9a0dccbeefdaec4bbd2607dc582ee7eaae6a4ffab251404e3c59c95e5460ccc8d8dea4db73e924ccd7528708e1b6a9d62d485c93764686f93df6fb8a9ae86bbda1e038697b5485e27e0bac9a18126bff1e7b104401306cc424e783f55ebe9940176d7123ef58c9460e5fb8311f745fdccd39ce552547adccdcd853bfba87aeb87dfe8ae72080fb7b3e5c4718e743c9f576d7752e3db1fdb29f160bde115f3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f5ba27c487a40dfe342fe18e7f9c72bebc1ea229c7634cce87defd7aa11448e3f584d1769f3e76a017430e6e9bae6bb6c79170925e1156275311d86d4a03cfe3dfbf85f80bbd70ea98af76220833a0be":"34fd124aad5a10b852b2fe8481cd0ec46dc2d02ed9583f6e282a4c908e319024":"":"":"":"977fa5b70f4ca3c04b6f495de3bfdb4b8aef93bd14c82653e30a00a4678c602aa889766ab7caa434d9c15bd68bd14e66cdc609289a691dbcb391611be66c2056f8e675de5db9b2e2f15e5a330d00a8886eb8b8eed4076306d443ca292d783fb056186aa86e1dc9f18a113e015e535dffea954319cd26e5572f4173766207ed7d9b8b2c42a741340c1850a07139c0b358cab942bec51b159e50f5aa9d8fbe7ca9d1d2127a98fbf0f8c3094bea4e3039f7f7ab083fc9d050e29e7d4cc2d3d44caf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c4868db5c46fde0a10008838b5be62c349209fded42fab461b01e11723c8242a618faba54acba1e0afd4b27cbd731ed9d30016b5827dc2bfe4034c6654d69775fe98432b19e3da373213d939d391f54a":"135132cf2b8a57554bdc13c68e90dc434353e4f65a4d5ca07c3e0a13c62e7265":"a0bbd02f6aa71a06d1642ca2cc7cdc5e8857e431b176bcf1ecd20f041467bd2d":"93ee30a9e7a0e244aa91da62f2215c7233bdfc415740d2770780cbbad61b9ba2":"36d922cacca00ae89db8f0c1cae5a47d2de8e61ae09357ca431c28a07907fce1":"2aac4cebed080c68ef0dcff348506eca568180f7370c020deda1a4c9050ce94d4db90fd827165846d6dd6cb2031eec1634b0e7f3e0e89504e34d248e23a8fb31cd32ff39a486946b2940f54c968f96cfc508cd871c84e68458ca7dccabc6dcfb1e9fbef9a47caae14c5239c28686e0fc0942b0c847c9d8d987970c1c5f5f06eaa8385575dacb1e925c0ed85e13edbb9922083f9bbbb79405411ff5dfe70615685df1f1e49867d0b6ed69afe8ac5e76ffab6ff3d71b4dae998faf8c7d5bc6ae4d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"46c82cb81de474ae02cccfac1555d06e5dc44b6ef526e0e28356ffc8bc6c0fd0628d4d942834b94fc977609c8ec0a6392c0693130c6215d55e37da43d67def719051e99871db68128e245217d2aa3230":"5de51e3f49951bab36460724a63f046e75f6f610be7405f55016c93a59f1890a":"5dbb13f5b4eb275cb757513e6b8af6fefd7c9c9e0f5304fdd9b4c0968458f22b":"3ebceff3232e75c6beb79d97c78e93244a257f0772f82e234518c50e322630eb":"dc64e5a1fc7b32f0294db138dc131946e5602266f4cdf00037ffe513a44ff83c":"e3480544036a3684a88e23ff41a4bbd810f827021ca45e800aaaa36ed0b9bffcbbcc99a1ef1f1528b4bfe39514c7a390ba132d1681138c4b1b9f1a0fa1758837dde35d0f6c38683ba47a904937dc5ee3d3b75f909e5fb6311c6cda5e1121edc774e66092aa1dbde83e4680ff95c0bbc2946aa4d46770f247caa7b71bdefac9641ee99700fbd1e560f9f7fbd462ede64e009ced90c44c6ff03b890e16c79c7b8c959a27defa6f062168891977c637ec22ecfe20601d499443f1fb0ecc7d9505b7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"df8053def0260ae71f67e197ae8b547a228e9b67ba7909fc1cb3adca51058b15f6d5951f0b60c972d139b75dc44a3680127a84799fd7672e429f20876c175d135e5f894edc7a4da334eb8b73a334be61":"26890036a9b17d8e805c38568630e1c196091faad546ba8eb976f3aa031a8905":"40ea6bebb0cb94b7e527787e17ef9f7d3efb889fc1e47e49893ac5c4bba988c2":"090271c307b43b951c20ad3f081d2838df0936a4bbdc5eb6f2e16b1db482b1ac":"c203cc1a3af668e45653bab6b1aa39ba0669491a06d00cd39c97b777a8bfd4d7":"0d68d903c85c0172419dc9f782c5d67a0b3367d13cb2f734fed95c7fc082291edbf4fa83354c6588227e40bbff082be2dd276c264823a8f31ba18b00955d7a1fd612a2f37d824bc82cdec972d3f8384dfc78b51dca61e815766c877ef3d2113704c805a250aee7b55b849af048feb3536fe73ec4f0bee97006881d5eed8ea38ba1b8d16a3bcd91fda749b77d688997bff09f104a2d8cd8e133ea4aa764b237787358dadae1c25092cfe09f79efeb8eb6e20c39cafdceed90e602f221fe6b1d69" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b1a1b468e1d59716a23fb028e295588f17be6a79e589027237681fe9ce354860b1cc33918a64c8be171e595ee6a3b1ef46c2ef21df2815528482ab4c7a32449b97ac75a51dfa1c7e67a763f17e97bcd6":"77e5a3eb6ab38419f84b57997627c6bea79703c95bc1cd24ea73eba2edbed540":"52aa0be951816d21a2ede89f53913f6d5d70cc580a1cda8a49f8e49a6befa909":"5bd8e4ac61bdfe752b5a66cf2e048e812a8aeae8e20c3c8c43f31180e4b18303":"af5eab21e4dd9443b1b16f40413faebdb0e086991dd3c53c8a51bc434348311b":"d477404bcaf0ed53788354705f0fa9f46c4e2bef2cd94932b614b3c34e0b0c7c28d7483075c9745bfbd4e31e587fb1db77d557fcdfd3fea47da3f01e42635ed3fd87cf6c98a2f20aa833a1bb74a15b158e47841cebe53e4d5d8c85cae78ade156e025a7737aa9197b122e73a29ce0a881c7adc8ec228f4c14e56c722acb0165b1595f010266151801812c031efcee4a7739876777816af8baf4d29496912a012f1f33c07107b2db5ebd681722dfd76f3a58e9d7426e7fa75e326eaa416c5d820" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"098b8c107fbf943bcdd2199dfd15f130a20d518e95dc81988748e1f0ecc5c45f74622ca2940807df86fb05f0aab4727525f19d1d3bda1f70825f3e1fcb18d29e8e410616c105fda9324f4617af39f021":"220bbf23394c3cef156f683d05739b76f37538a0d360600bd52f0076425b5f5f":"af88f076ab39db1dd0e7002bae187965cd144382a3d1ca7b1ecd65d346f7c090":"bab9d09dce5073d11fcdf9539501dc998b6fffa8a0716edcf583a7d7385ff41c":"caf8d4e10513e5ceacad6f9f145a6f79e5c245aed4965ae85e2e7c5914f97510":"f556494b3849d78b06ae75571f0b9c8c108885fcb041dbd7892bf639d8ff6c82e19e8ce2d5aeb58e8b964ce4f75976a0a9c7f3ec8373b83150b88d6c58ff9b810124d4ac62d955aa64d194afef2f77de6994642ec86cee40aa7a5591e99a63edbd8bbdb22fc3c2506beee6d507fe34fdb4d4f525dcbe30b5747ff920a13f9e230899ffffbc5615e994ee96a1bfd8890cf607379be1a39d173662d0967c9dfea33b14d78cc8818c2a1956197f85e92bc11133ac4f7657f2db20eceecae8ca636a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f54e9df92752d30eec01c3756d569bdb39abcdedab80b0aacac76ab406723f480bb359a5fc6c7aeebb6719ab44114a75afd340af202be3ca30e4de794b826237105202dcff5d1291cdaf266673275825":"b69f77d5a08850a13f8e6d06847c4bec181ac0f6b720be3c06c0b67d44843c6e":"40f14c3340e7092b898758ea3c36750943acac7fbb6a83f0df3392f7936749cb":"5bcfb0786c447675032d2a32b304f25737de59cd07c84d3875c45475b15797d4":"656ab204e2c1834f346d89c37a30164db414827d83ca732c71ec71efa8182c28":"6eb8f276a8ff516f789d94d997f33c2e40b227776fae0681c83fde659462b72d37cd48c95899530ca072bf2470986ef29dfb193be7ee9ab3f8cde2317c9bf02a5f901ccb62bb665bc3a109eab7e3910888a522c765eb49b11d1ad0fbcc45abe3841e9bb4fc0e73188497cffba54f3ff82260767d0f70ea1668f45192e6719102e75aa5cc43084c50bdbd1ba491bb61ee9e5175092c1f50d56bfb68977a567e41c1e05d2d1523c198ded737079131fb12dcf847219d71fbedb5659411d7aff2bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2cc330b34c976c859936c21e2ad88bb60ff153e41131567f58ad34bff5c9cb418939fed56356af7fe215986a5d0ed8e9a078dcb1d3fcee6b99714eea3bfcefb37a344a69d414965539ddce9df239be2f":"bf531083f35066ebfaeabd67b82d392ef6b121e7d9603a5407c5bc74cd596023":"51f223dc461ac2df1c4877f65ca876d635d50939fa9dd586c176d8ab73c6d605":"ff9d6807d71ded1305d9e2cdc811dac2d73746b001b53ec8a5509c4ce0a07efa":"f5222c8966659974dd8a7244d2cee588b6c9a2700f338683fff9ccc45b6d3807":"981abda0e405c976435ec7f938570d911e5bbb32add52a8b94e528486e9dafae139eb15cc2b56fedfb9e4b2d10dbcaa5e6ab985be16c62b9b75a037684986843a7a0e3baabc34859253df2a053dcb0352a0554fd2d4530de0251b1b852d1d3b6e08548e215902ec8dc46ee89f3fc262c7a35aef8216b3def65bd56f0482a18a329f96863afd951307740fd8653d333f932940e2a87523afbc162c5c1d2bbe16f33a4b0ee0ec75bcfa6aee6d8348265938738be638f78506ab731d3e9ab345551" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b4e5aad9bf4fb03ded64e4bf40ecc6fe2214049bd5889a5aeea0bf47be8670d329e6ed04538dd6d207767c367406d482ba7ad29231fd944f00b8d9b762935b93819ec62e0ccfd48f619ac40c9c208304":"67826d2bf9651404d5df4db84ea64dcab10697ecb90c68041f421452109af3c3":"67d6983465facf33369eebe0be12dc65fe736969e8f41478e44ec25d461e4435":"65f97c99140c8c9ba2ce37710b06f822cc0eaa03589157a3b575bc9c423afc3f":"19c37886d613d24b0592ea0b3a465ec8f8a9229abde3fb5e0122032e1ac8dfc5":"05777487bc152260a852e1b31a091f8e929ed22d8a652a77e4391abce7efcf0570df3d466d56dc51ef14bbc55309c6831655ba97c6050e563083fd1f2fe65b43d0cf8762ef6598d967b473b68c4143287f70d096a6ea120e3c07f2a95b80b393ffeafac2d0309d349bff017a49b9ea547a5776b5c38b9e981ed0a4825853cafcdf0f17269b9df6189fabc30388a383e3c28949625ef3d59a2c371ef416ace8658adc0e0b0104f1acd4b349b91b660d64412168d3c9e29680a5e324e4d0ab9258" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"27ae2120824f3d416bbea1f987440c507a4f01fed08a1be27e6ec16390c92c4f8dab04203543caa3981373fb991d855340c29baf439f23bfb599a5eeb95ec2059af24dd86c0825957ea8392ce3d980f1":"cd646b0d1971f249f4c4d1eaa17e60c311d813057e0b71819a503aa41e5c6b21":"90ee2d0bf06cb94190e6505a75d12dd77c266497dc99c5f89bde60be6789099e":"7d82b50cdfaab9b5d23fb6618b59dd28cf1a83c77ff2993d9f1edb87ed7bc388":"f7f728d8ef6af8c5e77cef1e837030a6aa5c12bc81423b0ecb07a2db95a32a28":"4b25aaf436eb600a103d3fae8e301d2755132b3de3c8b4c442129a88ebb3ab20c4d3a54078ecc4197994ff04bf0e460919978d47e45c7d10d76a1e63ae34624e2f64125ae1bef304efb1af688f20d8e212f6df4e11243a49177e4b6456010d784d0e4a94e75371a75c4050b27e48359549f8268dd2a2290ebde22282d96b2f38e3f06103dafae5f54f0019bfb013df39a76482ec7f878d26ef0e34c9c21e67fbcc3412aa0739e875da0e9ea1340592144eb232385fc7e605ecd10fee45524718" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"dbd5f508e8226acb957bbc4914ab13810b9b5b2b51a1b55cd4ac60f6b6d4c370963448fd323968c27d97e005b1a079c9e3ba151887006c56593eca7809b23cb768f5b3701b456bdc85fb5672a81db2d9":"0cda5d501072cf482d3c56c49a3c929b423f6e15a3e835888b3a9873647ffddc":"d3f38ca5c0bbcef46976c6a5965a8493f714aa2c8a2c817576cbc0bd6652beb0":"20014421f9af259892f017dd5392cc973f103d4736f3866e66329e5e7704e0f8":"686aba6c9c6c221b2b4a7de766963e4d9880676e7e6ac8e644dd273fcee519bc":"b720c7c56e10c9e436036fa8e1f1d1c0c0b7246c28bd36e5f3e88f988684b95a01127bc64cbcf12b9689f718baa52042b0837fea791391ee2ae42e54acc571239e5b654486a025ac25f46f10280ecdc65ed098e65e07dc3870b17af8bfd58edba026dc12b4ff04830ef132d07dcd7c62f67172caf2620a204869a81e39809db7befa25c5ed8a74b6d306c21cfd3778180d444bd99314a430ff4ef6b7061832df9b82603d6a0f646b398e7dcd8bb33a7926bdfa085a450d3de68c1e8cb2ee4524" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7093224d6bcf0915eb75360ab4bb789c15834a371baa24deeceb33f86e8bfb46f4e34325ddcbee671f9e45f7887c1481238993ec4a309e10d3f8e3952c840d564644062534f985a6b4e38688d2c800a3":"e7cf1f32ba369cf5545ee672cd6746ea9a336de7039ecbb25419259eabdfa44c":"bb186a460387baae27c11aa8c65d6ee003577eac47b259254a933f82ac683250":"d823535ed974b7ff9f19dc38b9494aa99f88143e3383b5a183ec00c925bdfedf":"56548af797f4a07ec42273f895822d877a311bf1f8dd5c96fd8449732a13a921":"159c6923fb71f9670db4eef12dadd143ee701bec9b0f76b56e9b1b8c473eecc3e38cf06c8f3b0c3d49580e49caeac0fd48da5f53d0d3e9c829c253fac4e4f09730177a63e0e759f043169e91459c9cf959d2230c7b94be168cf4fa02588d78aefbc855d55e444d671a69d274c66ad1851c56c0d880416bcbad08523cefa2fb384dd0f9f188e8a601ce0a92d42faaed0a299d6a9c86958854712427b35e73a0817193b50f3557e66d64ad80fa9ff87427b7de5b7e6312d1d9988ba77be90d4cca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"ea96f8787458e505f5858e31bb85b6e335206f6d6d04bd9d333029193bd2a04e5f85ad152675ecc090119aff7720739bdbe34551ebbef10e822cd29e9ade1488c21fd9e798369d585d6f58168d509d94":"ba45df1a14e23361201a467d2cfb7a3dce3128069a8a59a9a388b8e31c48efb4":"d551272e5a60aa1232fcb4765e853de2ccec08941acc75188eca37120fa49aac":"c1b34347691ae9f1bf6be396e8b49aaedb38307526627399fc10c48748c3a7bc":"722c0efa445262f5800abf75e43d9daa44e3dcee7a7528f7313ee52fca9f1803":"e2f873758c4e71704d8545dd1eab51206ac11dfdb00dfd1ec9e53bdc7f6b57f5209727049d4d781059b0bc4b6091c9bdee947127b8c8f03f1ee5f3665720a4f6c6777682ef1937719052254aeb97e3a17b6b552bcbc9154551a7ed41d837a27b6c37b426508409b75236cc156dad89d896f25c54467fd45f9698a11c7ce01bfb1fe171e4d33faf73a30c8992c51a838e9c0537354371bf79146a79a6d42d4e987b9773377fbf384979690b2c04c332f22567fb0921c3e33088d3b011921fca6a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"92ac19b133398b7d8ddfba3c6046421b3618923241097b8f68b6c7430b6d232ae9ad8f864f358afa7cac72bbc4fd90f16ebc9c15913c11094bf7aaa510e6241face016a99ca08de6525a570bd1741dc7":"0517ea7410bde64edcc70df48f3c87f578b38b8c7087def16031e52760037df0":"439c97f62d6b7aadac64057c0003a41a44ee549f60afa92797ee7c9aebfc8164":"669d42f9901e029bce7584bbd22a13a74e6f6ba50441a2633773bf5ac745122a":"8bf3c1a08b2d8459df96d6abfa90725f1a735809da78bf99f7fded0230771804":"3b832a7f1df591bba571bf7662914b0e5a3b34d38228e377e4e7dcb4b9cb396ac268d71fbfd2e1a5cff4429feba36f55c7e45cdac49a5fc8a787292011c61f4f102bb9a5d9c8fe1cf047956f21c74987d80968d2e4cfa29bd92a35cb96dd372d9baaed8d31ba3462b42084dc1841a4042311abfe4b3358f56c9e0c69e233638d3be56d0d269cf110d5200759eceb63fdf3b0ad25937857d129b68f038fc73a842046cc7c45292d6ec3766aafbc22f1491774624751f2c50fee830e24a34a27b5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7a346bd6d853803d07844ca348f3c4837fce3e3a727f712223da248cd82db6ed4a9710cd8b9f2e7b593cca42da7b1a1285a78d0c764b24c3e4b21d25919c5400b4adaf0684c787326c19010728bc6f94":"3e8de39ab206ed166b203c97103059e6a9317d47f7a76bf4511829cc2e27a4cc":"327976aef239b20833d36b7f352e8e6570f8f325b568975a661b54b8ada49128":"9419cdf1c59abc03013d7d443c734aff57a6d97c870a03762c50b459d38f5e09":"f2c9c49c76bd683d42dd9de9d45a97b78710f39f2ee482e877e3b0844647f9e1":"24a83991f9455a0410213cc138696cf4eece7b2caca0a627c6ce023b7f912c115768ab8aad0fb10e35591d370e0372fe020823365b5bbe713417bc2f050cbf86fd626caf91323271eeebd5f2aae36fd0aced63779565604ef2653a0770fe4e42649eceb6089bb7662ca3d744fe178f5ac5bc20ce7a90325497f55ffd9b25c59a6b82f07553c080f0c45fed23ce47d972605a2f603b72d09d608548a04031dd2bbae9ff898201e4460479548d70b176e917ff3e3683e49f3330cfa77a25cc48fe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2d8fb8796d8a1764f8c824c55b880c53d2205559afbdf1cecda3dc2d05bf001e6252076dac013c7094ae72ca80cafce2cab30a160ce49dbd646710bc429c163231d73fe0e121f8cef8c02f70598fa853":"feea8ae0b299d5f79315383d938bcf9b536d11e036b28056bcbbc7fcede21cfc":"1a0fc47fa95cdafd2036eb5314e0f56266e58abb0f03b5e679638945b1fbcd58":"30707f376333df203eafba7fc52b40d8f1d97521a71d579c8b8457ac1328cacc":"f179c19e45c4a4f3cad8b545d116ca29e45f322580b7fc9715313be53f047658":"eaf7523b910b653a305f9122363d96e17fd22ccb9b6158cc42aceea40c34eac73e496827dd5fe4312f102ba6aa7aee934d1f41609bf3e14c29aa3aca210e3cabe70744a09f4c180f3d1ddf8be0b530403c5238761226f2c2c7ae29b24439afd65d6d5a0aa8daa11abce36df02ce61d352ab08965122e16708731d72a9fb5de071c20c6cb039273498ff1588c901d997151edbbd41870031ee337b38233edfd78aab389fae2bd280e4bc85d1bd6655269c3359753b17fdac502c3a2e871149fbf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"48c121b18733af15c27e1dd9ba66a9a81a5579cdba0f5b657ec53c2b9e90bbf6bbb7c777428068fad9970891f879b1afe0ffefdadb9ccf990504d568bdb4d862cbe17ccce6e22dfcab8b4804fd21421a":"":"":"":"":"05da6aac7d980da038f65f392841476d37fe70fbd3e369d1f80196e66e54b8fadb1d60e1a0f3d4dc173769d75fc3410549d7a843270a54a068b4fe767d7d9a59604510a875ad1e9731c8afd0fd50b825e2c50d062576175106a9981be37e02ec7c5cd0a69aa0ca65bddaee1b0de532e10cfa1f5bf6a026e47379736a099d6750ab121dbe3622b841baf8bdcbe875c85ba4b586b8b5b57b0fecbec08c12ff2a9453c47c6e32a52103d972c62ab9affb8e728a31fcefbbccc556c0f0a35f4b10ace2d96b906e36cbb72233201e536d3e13b045187b417d2449cad1edd192e061f12d22147b0a176ea8d9c4c35404395b6502ef333a813b6586037479e0fa3c6a23" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"8802d43f70294f532d2af0be0852b7a9ef6584e8b1631845306b583ab059111c0a88cc670b8a827e5057b902563840b6ba6f6919295f2206bc8738eee2b4e7b4d3d492b945150c76edf466cdfede4868":"":"":"":"":"caa3a5f9822f497fc3335c3a4262294846cd4a6842cdb290a011a94b6c3c27a83622dfc7e5c9954e91feae5ca8034083e2fcb493e210e5caf31ceb63a7f3d59dcfc3a859dac5c250981f7b663e4ef7222eded353c7f42923c6c6db006e927b4b5f44b73e986ddc4176ac03a5ec619b3ebc923d4a6d9430e5b9adf75a5298e76a110d0a2a4e2f7841f900c4067cf7ee68c356c4f5d13be8885801d1e578ca4d2cc32d48b5e6303a0bc417afac033758f3e812693c49128e0db1bc9ea2fa2f2c45cb35792123af63f42dda3abc7cf8bf5dac17987178cc0a64b0fde5c9ff2012bcf57e93103f08db1e3a9f727e1cf753ea44d62ead2aa5410b9e37812c43d60eb1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"a53adcd8c8ea16ba80a57d9a55955197ce0d957bc92d8a0b548bedca149d78ffa9dddb64710d5dee89f1edd37d8b55dc2f50bd67e4a6ad0f3a01947e3673b10688178710ba2e7bb5f3dbd826c792c9d8":"":"":"":"":"7f89db3d0d6cf7c5557b4599d7f4c8b5235c00c9cc393f734ad7ba98cb8e767ceaa529892dc30d2885f161f47b9c81dc2811baf12f120bb9458096c183ae35e198e1a50fb91f863c5d82b27ed10864dd6fd601f4a1fcb07bc839bda185a9b18ce45d800049bd2f41fd909a12eb2fe8ab3e1d2f0f1187109d61e2af6df0c5cb9fb801ceb319d0aa9fea918ae9991720e4d9d79ced8285774382a4d89001fcfb899a7c3fb864f1ad2debf5f5c39ab04496ffe383e9efda0eaba48325514b09a253640f386fe12fd1b25da3b2373ee14ee9f2ff06fe063f771624f538c0e5620029b9490f33e5e4ff1a9bcaba76005c829e0117d345b73f986d7c8276cb54fd87e4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"edcddc13604e036f16687e36bb576cecd71b20dc78f070033d8b6f1f8125ba2d2d3efdd9f01a93910ec29fc4718420a21385f8798218e1aebb810379a0871b534e067b04d6ec9d523f7cdc8d45bed4d2":"":"":"":"":"df02ec9bccc25feb7aa4787f5f63a92ec05b2cc13fb92c20924aba9e1723436469c87673b8987ef19be99ebafde91d293ca6ec7c1fa4cc8902a57417338538fbf897772cb96085768e893c5a09327354006074992cd6a517d6c57c7af5495a3d645798eb1962c0b56ff0c8c98e18c0963e5a581230909981b301797d779703f31b264f90d6483eabd8a41fec8ea69a57befe1f53d470fc82bc35029a4d089eec7ca3986485a51ad1e56cdf2dea5fc3d39aa997a53a9924777eb6f3bf1056a578fd32aca125a74c8d24acb7b99c37f34081850712edf1b6851f0a5e640ae7193d3f49f3654aad3cd106e41e78f1e93a8a2d01acde0e6ceb3f19e0ab49f4bcbe40" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"7ee0378eb594bd2ef129f35c9c1d87727c71ae472363a596467a2d71871863d8476b636e2ffdc0db70be5f7792ae8a8cd40d3f03347700d3ca515880cfd7962f8ce1dcdfc5ff134daf552f8c2a911758":"":"":"":"":"cc14c0e72f186392e461f65a0c0711e32e4b33a407953215941fc5d06279d08770b3d165d568b2fddb94299de2e7a6df0820a64e8779893390ac173801ef85170a52b9c0334b4fde55fe08e90b79cff1366bc43c0fa8f5f8206cc468987a38123bbe0d27e7ea2d21e6a1f02619b8c270a5e416ed50ff7e42d9faa2f8d383eda55899d85302590622ada9ccf5d144313e5df95688fd1a9c48ddcaf7af03068e11729aadd626761f3be1cd36188c89d08e3d8a090e7ecd7394077bbbd2c7e1766662ec882901941e09be9943a72a34817141611ef84c0f1848efdbcf245215f290427a6247174cf3a08e4110d3eea05bb85484f75e156e2fe5ea0c6723d3f8f047" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"fb35f3ad6b7618735ddd273d95b442a362b6822502a217e893be3e36fd7be4553cfde0edf5d9b5f15be9288ff78fd0c09ebac49e71484169170f343f4b21e244d1391f963112dc061075d9b7d26cd171":"":"":"":"":"6f6814f55c7e226adb7687d73eb4e9b909d47f4b57693ce2c543436318faea92371e951d5d338c06bd95f0e7debd915e2179beeca9878faf3dbeafeabe3c9bc8d6445f863649c66e9c3609b8a3d54080b68ce145b2fd4ecb3c93801c307c554513a210e49dee13828b20dff092de2f312fd60b2aa0af4ed7e564f06adea6b3dfa74636e7ad16deb19e95df71d2860aeee7532aa9ff2a08c768f1086abefb60d860657c8bd7972ec7be3740293b6471cc55262cc120f97c0c08de78b705068dcbb2d0c656ccb8e2c6e3fed199efc888492ec641d4a54152366dee96008a80794cb3b4f5a36a34d832446d03991e4374315c67c336aad317920b99f9c35a493582" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"a8db61234723da2f0883224563a1bc04c7b4d040a7de3b659dea0086bab7f454c73d1f918ff29e2f98cee562e05f5ad6f2781f5786228cf0cbb50d2c8d94a1307383d41229a90c0dcf142b94b704c56a":"":"":"":"":"0fa5fc008c56ca47024692ff55f500e312423818d1eeb77b1a3442058718885479b405767b879943e73fb16956ee2293b23dcb93cfda420a4f37ca5eba1aafcb8700cf6f38f2acac88698f1c0abea975270dd4436292c8ca60576690dfd9137080db2b3a42107ecea5a631ac413384a9329d60a358d2c58647eedcac164df50820e879374bc2e08d971bf5dc65afa33ecd472e5fe9677635a79ad58b489933fe9c1f992429e5d16dc954d2de059b70b8f170decd1f22c36b034e5f175138846901f6fd7fcea1491846984ced8b595c411a9f6d21f3f15fa5a073efb5f829f3b34d601aa91ed8cc433458692f44ec1930f3ac5781ea001a3b79df7c3e82ae5365" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"95d7851bcd43fc71cd9656737a0b05b5f83e55451c4672061230b9b34bff71c025bd51ccc3f4c2a14407d5d569d250b840e24828c319c1b7fe093e5551f8acd20167b2839c8d5ce9710532d69812b8a6":"":"":"":"":"358b36b4b7f119fafcbfdd619adbf9593048ed7364377752def3419b85eabd444e87d1e952c45f7c9bea3d29f845f297dbb48c2336cf44216fdd2e5c164c81ac688feebcf460910ecb8b8f6c3b0150195b2c7f1fb9988eb60c0564f0e089e4c269cd19414f6718120ad3742f96730233dadd3fb7d9e898ce38b5b8244b0af62ddb1e2689e9aaf27017ea28699d08b933f9219676a98f817421c363a526798833f9e763dd19341f56599cb594f274051151b87bf219d4b87b72eee5bf4bc78053a59aa5040ad334e08283e060b7b528a9089f24b287334070853c180021b50595e0fbbde18422127b0ef7efe92b98788d6e85683d97b679861154863fb0d4f9a1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"ee7a62efc8403a0f988711436efacc44b5098f9a3526dac49ad9343c80c98eec51f064968eb37d1a8bc8604e3324e5a64a99315401a2df8d8935e94fea3fc5990107bae19af886415edd6eccc95ee942":"":"":"":"":"7e3a0a32d6954bad579d54f136594add6cd30628bdd53dcb09baa98884547bcf3c8e84e4c01b0660d62dd8b44ae6ce830447c5480f30942e742bde5009fa769ea8662a8bd26135bb45e5a380439d5b1b0114969f42bafe4d1d7b7c9a7b765573538a7f5917af85bfa1fc57710e10eb4a00062c176b93f4b02255606a110840bfbb9131aa290635fac52b260190e9172cfef947f152113ff3cb3de73e22eedfc44f143b9c23c1670a057cdedaec28b145ac2e699f366d5d695d1cbd258b59d4c88bd8d1062ea578c758d5823c43a85b5fe1aaa8f3e4b68092d4107d6b11eeb613ed058747259ff0eb685bdd42b9dee54c1be9b613a4ef672c4d31ff84a73f553b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"bf02755e4c3db98cd26c0abededb5ce360495c1a2ecf194e922d87decef4173584a3788dad5b308c50e7c0a0a10c7a42f3c7b2a52df2230cb8dc7bd71c35d448fc5b1eb4f903ec6342cde118ac284c2f":"":"":"":"":"ce2806594da7a6f27385593b14669b5c63b6a5b0240d150abf0ea4daf32574604fcdf10c4965a9220c285885ae2d2cc1de8a86796357741645964f102e65150d1106cb5b8c5bebf5fdcd5e64dced9e489c188b619c2ecf96e7f96861dadcf0e7381b4d628165da0ec5b7c90d369afb705c39986e4884adbe05fb7b74a9ba3b354e858697a1db531ae32ae8184658688012aaeaa4f69b85b802f5adae64f049857d1314c7532bd40043e61af47cdc7ec8e85fe61827de39c2f1825fb0253ee73ca2423544bb64f8d2afe84db5cc8ad7694e177468dcb29092b4c85d069ad7b1c41e139642076b8075ab0228f542fcd2a7a6340917f82b7e356e5652eca24b3031" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"a188065c9ee936384c5572b0910360ecd984cd0ea926c86b269f38f1040d41679bf9a91bd4e986f500036cfafc583edfff1170cea9f22a3140e7f4d198630fa353626518062340fd2f5b0f6b4fe7e217":"":"":"":"":"ea19cc91d80d37b8f16388fa62fe8e1f114f32f2a6108140b60c1994432b18445cdc131b21c884c74d155aea2aa7f62c7ffdf128886cdeebb395e5b8819dddc8c7834475d19162cd6a9c037995e3f9381cd582eada424ea6b67ad734c216f8380bfc8f5dc0e7a1d93c406870bd64a190a670a8ca94dfc0c02b61365a1d908a6b980627af6bce02a42dd9dee90dba722cf6bd7ab86cc4200af93ed226cdae14f28e242c6f96db866631b258be010d47c2eb95f01fcba4fd71646e6db54947a0d4dff86a107e226b1e4343d8a1d233369f8b560f78c865426d341f5f0713748b3ac4031d3d84bb057cded60b11de44cb221869e42bb054127388740e52535a11ac" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"58ebcec4539f4af1b32a854181dd0f512b8c704fa47537096a769eff28c59165a18226cfc779efc9550f7be02006d83c230cd6e6909e301d1e99ecd1fff2b2cd00a56c7a684c8907bbb13ce3e9a0cbce":"":"":"":"":"6f4e86f309f69144603961c5366e4f9b16d10c10593ea689a8e7435a327d2524f4468813ea7f3248d8d4bbe17b175cfc40617149983928b267dc0c4db46d2c17fe8bc0764386758af1a824e12eb897feafc1c7ef66f80ffcd993aa016e139991cde8435ee6bb0de45a7fb61eb1a6beb76e012b848ea003f687537e4bd00ced37efdda66333b53a8dd5220c281fbf68bfd9e72285e78197881efc540da4c1ba80a226013a2d7098d34af4112e7b8c865af15409f6901b952fee4a474e4027051e1dce879ddf5e84f3947dc9b94119d67e6b48ed6fd6b1f813c13d3ff30e121efce7918533925f50c8e381e87ea685f993619bacc9efc0aebc884b450646eeaa5e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"acad606154f6ae06738d67f517cef4c8dd8dbb2ea333bac9e69bc0a4cb98877bfca3d906739d442608bfe66ca48c3d7d01f7d410f46764bf2ba4268713ba76bf7026203e35313ee75add608509de867c":"":"":"":"":"f6621bb82d8830707fdcc6f58a7cecc7501a56f44c6ba783f6f8187b21f5f3eafd1f38ae780584ba4aca59466f6f5fdee1e82b28b5f8db4c4dcaa28f030437de407b5fac632c96e43a12d13b54901fb7c112daee2699d8256c6ee26d60bb267dfda2c6d6b61c9c67cd5a5b055a283fa02d06cbb8b9b1c3131d7decce4db61243738af4f6652bf2be23d4b49a1a7bfc711092cdf655527ee785a85e90b58fe478a462b65fd9868f821ffba56080064d74724d8c2f98cebd9eb8fc5bf13399b04cf1586334913e8e9232e13ba10f9f2c365e50154ee91a00d981d4fd7a4d49c3a2cc0988d4d712074918f11c378c40e762b610c9f4df3ef58d728a23dff3e035dd" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"d2715947b420ca136a4cd5c921b8fae20900679d87ffde5bdadc7b0fb532f35e100d8d0b59810bf3222b07fac3a3c334e4ffd96983e51ad04c2c5bb7fea15e8a03e36b92f487b314a191b5ae4862cfe9":"":"":"":"":"75751dd3463cc20d3f27e3ec085ab6fcc37285030fabb2a6e43c0d438c7d213346d218d34e3fdbabb3411be233707257290599bbc69512ad971cec2431518f38022816b9f794e2328b39a8cf6afeafc4d1f408f6e05863b654369dac0867feee0c17034d6d07ef22dd217f5ad0f1ef25ac82fce018573d0a2b0d5a924aebc5fd9c3eb9cbe38ae3d60e0e92ff800c9b108fbd85b2cde1b651e080e6625ecaeec9be684f1f7d98caeec9aa5e1445e5c3de6afb590fb3be3058b403df6c556963e98cdb30460a3c688485bfae28703b38a5c42454d91935fc7519e1e3b311ba117b1bcfd480c015cf8e535af66521cb35833621bf1026139164052aff6aa4e51fdc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"e1d2d72e7907e7214cb266f1ef641395e54b39e8365304661b0bee371f3246528417ffd58420e48ec063de5df4462e39e6cae1b5f3a3a12faaaf39b98ee592c8d4f56b9d4534add5104b357d788c23ab":"":"":"":"":"626a0863321ac75e0b6240ea6a619458634a978245c1533819c97114e63914009c9cab732f1310f60f64f033b00729424228671f33425099820ab108412d460f32c0015b73987e937b9bbdd29e5bfb8dbb6c95d2b69fccbc26b060cf0a5dc0992fb0e76b38bcd64fd7a726714e8c8542d44b2f9c5d2f2f8cb370b95e086b07e88f492f51fe6c288d78b76d0c3a6146c9dfce53e76cdbbd158d2944dd10197247004954d92f6b1df4badeb4bb1c98d7d3da2054e3300f6d8dda8863422e6a042c2d84b2bbed6be88f0704763410771b3786d2f6d968b6c224e0cf535e8d02c178b2e0b90e8a7fca0c431b7f3cf41b0a7c17778fe8c2eeb442c910ba88c7c364cd" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"4686a959e17dfb96c294b09c0f7a60efb386416cfb4c8972bcc55e44a151607a5226543b4c89321bbfb0f11f18ee34625ef50daaf29929047870235c17762f5df5d9ab1af656e0e215fcc6fd9fc0d85d":"":"d2383c3e528492269e6c3b3aaa2b54fbf48731f5aa52150ce7fc644679a5e7c6":"c841e7a2d9d13bdb8644cd7f5d91d241a369e12dc6c9c2be50d1ed29484bff98":"9054cf9216af66a788d3bf6757b8987e42d4e49b325e728dc645d5e107048245":"b60d8803531b2b8583d17bdf3ac7c01f3c65cf9b069862b2d39b9024b34c172b712db0704acb078a1ab1aec0390dbaee2dec9be7b234e63da481fd469a92c77bc7bb2cfca586855520e0f9e9d47dcb9bdf2a2fdfa9f2b4342ef0ea582616b55477717cfd516d46d6383257743656f7cf8b38402ba795a8c9d35a4aa88bec623313dad6ead689d152b54074f183b2fee556f554db343626cea853718f18d386bc8bebb0c07b3c5e96ceb391ffceece88864dbd3be83a613562c5c417a24807d5f9332974f045e79a9ade36994af6cf9bbeeb71d0025fcb4ad50f121cbc2df7cd12ff5a50cddfd9a4bbc6d942d743c8b8fbebe00eeccea3d14e07ff8454fa715da" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"0bfd73a55c96ecbb6104fc1f91d8601e7b57cdf85d6e6b5360920b4e7d1cd02629bb1c55e637fae1608f389d179f4fd2650251a37ad27c2b5264b1605ed5a51df949086c10ece31255701733ee1c8539":"":"15b3816392285fc665572c48a168068a10994cbe4ceaa1955f07075039c73b4a":"374241cf3073e2f82956c76897944ae9c43907fd6781202b10e953c3aab1cfb1":"4d434031e2a2b1e1ac5ec98081be46d05de1b4d25e3b4dbc8f040b627f8a6f7f":"f4283abc7c0f40478bbf0234e2f7656b7c6d1d356c12a3e1f76666baa19e8a05fc1537bdd2fe855adbec4ed4d287fbf571615f415867a2e188ab60b3390053b27bd8bf4745887c93e68d0dfd01608d6b306af273b66db6400daeae962882c4c6a19b363f24d4bd543a8bcc7935f078602cee1cf3c7b30343ae2ae0d5ab111764d719205fc30325b2f938b4ec4d0f1fee2f431e70cb1aa1e7d826d54b7b4fc50560453349d2c52f09d6f5eaac72b5b9ca9b00142d45abc550eff26f1dfb8229bfd1eb21e4567145d7ca47c84001abd7f5f5e7101b9941302929a37f2150620b899907f7216f3e2bb1fd028b196031692bdbc0d2769c448b024880a131ed98612f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"da5589e7fee0a023e01a50aa54987c5b6d70503b78403762cdb53c9ae7ec65f853df14cd7e30ba0eb703b912387469bf7f000e5dd78dd80722e194a4616aa373be2e093d23f2a4e7224b841ef550772d":"":"4c74a4655dcbebd1331b86bc224be30e6c3386ba844716d1a6938447ca7a317d":"6397e8fe13b3ebb08c0b7ce460b5a149b23433e110b881a9c095cf24d236cee9":"6aba359faab473d0d51f21bbe7b2ffef3a03b64364777a48f80698643d9b2504":"49c7ea8e2740fedafd8d31571a240f175ab5eb83b2104f738f3bdce41c160c19edf7b2e2c0603d9e7f4f26f132f6b8bd8c61fb0eb391a5b4b6d23e3db20584e08be87648984d0b9f3b05c763665b110d58fba8d3b7c635a78ed8f56ce05414b8bf4e0985e1ff0b4f55eda8cd516836099ded2b6092c9a1d532bba363e0811cf507a22189cd3d20ac6e66380fc8dde32dca54ec76130cbdc0aa70b5bf3b582ce1405c69dc0e26f65d91644c557d1b55ef9cd893355e7836efcf53dac2d468c4909e1538ec1555c94c04b62448092f44e81be7c0984bec13a53a953efdc16d3497b1ef5fca39231feff486c84fa7756419bc909c8782559951d971157441047b80" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"8a36af663dfcbbece9653be51c8dedd7ceb125d59dbd143ab4c37f21d8cca464920dd161245835ed81ff1ef1d09e367ed43118910c2b62d4bb980d0e4305b07e8b321c5a04b46d4a7dd4611aa328543b":"":"59c96d6ec4e49b8185f275057047153ef626456085dd77a01cb89cda060bcf3a":"1492daff48d8c7c9e9e8f38130b8ab2de6e02c6cdccc25fbcd92d8aff1fdc66b":"d2f40e7dbdface320825d0b766d0317f47c74fb55a5a325d66a5834db70d5eca":"435ed803caf3e5c94bcf6ab61969bcc4e83f1cf7e73e481494d494faa9e33cdd890f112c89bd235d6d1dacbbcb73fb1c9a54a4b282032cc01787bfa9bf855edd91180432c27d98a2f7983933140f63688ca595e7a9fbe38d12280023d383891f0fb8ba3fb07d835a0d48f3f90860040718d341fe5dcc101b51243081563589b00a3e7c2095118c13b8784b387c1d63767c3c655025021b0eaac886d21eb5faae0e35fd073cfef4354c7b7e4ea1386d855e71bce01b30151629a7009b851fbc404731841bd24fac155a912d7b7f7a601bf6559e438367fdd898379b2864c548bc8e2c088348624e33c82990c74f994056d22add18e611665f1b45913a62f90845" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"dda69dd5af052570a7cbc2fd378eeae936cd301b197d23dcf21ce06161f411320566cf1f231111c1ef883a88f356d94f2ba7e42d84574f39ba1946450fe7394e5f3b9a21005d797dd03f27e0477ba74a":"":"0cc796ceee78dfd667c309499dc4ca1003b2d923026c65826f280946e9f3f1f0":"2483640ad6b242e5c6576df18db137a3cf0e4a3eb44bfdeadb9bb650ec816200":"ed978c3f50c3ebbf4b70a75771a940f03eaf7c468e9c4e9af5f8bf9f947a9352":"9bf785c4a1006da21f66ae308e6f23de2d1b01521c40404da9b605e1ff1577ca1d1300f0e47e922d02331c79b7c0b1e060926564979e0ebf77ee3e1f54907770baa80ea8dedb7aed1948df550b6ee95f2f71a28ec2eb5baa76eeaf0062e757500ec255369a9db75c242924d64a391af1536c3a9a6951aa991f02b7415a2ca77582e8d25bbdd023e4d0a0537c0074f5abe3ad34d24f5b98aac29a62c1c2648eb124af18c619dcda701e7a277ff1e00a8a267392419dfc1fdde4ee865c9f3744d92fb86b8aaa872b0142762bfcb7f9a45dcdf5bee93bd631b73e3acf9edfde744e7492b77fe38adbe631e7ffb2d1708f213136483ce6845398409b8550e7467b6c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"346e27bad2b0c0029148c5db5419a124583d2021fb74677b37b13e8643ee7aa9e9bc52f5c2689ae2bacdb7c8c8d22f5a4bbd2f0ad3479decf2dfe2e9312dbd682d96e199e07f5fd4d22deedd83c77673":"":"65262e1bda7014866794713ce6bc1ae4f0dce523c82ce43e6e0cf9a64983964f":"c68c54bf2cad027cda08a3380f3bd525e354c4288a7beda1a7ed8d62931aac8a":"cbd0049d6546baf0a8df2de5f15b29b77ad07f59b4dfe6a872f0bc1cad71771c":"b8c344a8004072f76582e494f70ad0f7d21fdd13cccc387622ef04ca03a0a14faddbcecf8869e0f23b6f13fe58d9d769f3ac96ab9b9967150fb81cb5d773ca44960e9267e858ec9df23228fe2dc239caaff0f948d189248f5c075c3250270af7031dc0aebb327b004d84d0de699f5b02da1af448df0d13ae19f77586db22ede3f6d3d032d10ef2d7e2efdde2ce66a8bdc07126cd49241faff097d1467d862efc2a2e198e74b2e3293d4a99bac75e328a1dea3477f3f4c95edacdee48b14d26b054b5a268e242a2908449135825faa7b4fc0c9c877ffe7bb90faa7c3f136b2b4c78fad9f44c829bbf7eb8f747d501e150bedcdf4cdd6fcc86fc409a21e6e90e86" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"09587ae0ccf5c580b44e390e68e6a0a6daf45e7162ea0418135828599918ecef9abdecba73d8c6d56bdfe005485be3b1ff284a85b127b00185f2f935356c3f87d076599f6b0fb7f93abf45f0d0bffb3f":"":"4e703f5f59cecd926fc0d94100d1c54fc8b19d165bfef16437d7be92802b38d5":"59ccdafc72e5727e303d2284b80e9224c95ce5ed0edcd816c18a55aef681b203":"36d72751e4d6a7c6cb2ead12eef191254df53622f6c0fd1f33187f09e87880e9":"c1fa1565591a1225e0a61e1caf0fb6e4c17740c1b1088f47b90d91a0f99978068c162f14cf82a1ca936ec3312ecdec2f4b7944129722657ae20055a0c293bb678771b457940df23fedaa69eb1c1d487af7c7790b4359bfc84fc83e9f64b81b78b5617d8074d8c7fbb443d3bc671f8d2bb600c3fff2231e0d363b41f3f558ecec02b0f1d59a63b39f5b82b59bf88a0fc9a838a802875e7bbc06ecd0029bd62796e2047df49139bd5c34ef67dc930b1811428c4b547a6f67404012a5b97f93b2895dc2c2389070220a078d2fcd8244a241caaa98a9c0c7aef60fc856c61a3b8aab46ffd3f0cfd768d6b41e9714969587cf363b3ebd60c8c331435e9cd79430767f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"1ad037daea8ae2b9131f4490ccb453b670596978e097c7b2342c5ad8bda53de10f696e07bf91bb091c21898a1f728bf5873089840b5f022441b355f8e5cee75917400c5ca597d6fdb8f52874cba1ffae":"":"27b4177957fbb40bccb4832fd95be75ed8df2307be3cdd692e8878bad14ca8cb":"c7dd83bc2e99c2428bb243c35e2544b10857620fcdf8964b65b62c58b5069a16":"ba57de1455a25c66dfed3f8d2e3e198fc6ebfd7927f590c702d3a5ae81e80ac9":"76957b10f67a690c33d9a5652514eff7b3b5ddd35acf424d0706725d331411f6cabcc35817e3dd1b51053de30ccb0210bf428caf0fd6e9e798870e2cac024643f5e15f6c5591e921e7531e60c402bec732e79f55f354eeb5ced5fb74513ac8a48cd6dd92a8f72ce26d87de25ffefd511974d629d17048f10a6315d1e06103f58f8d3a04391239d8b1e58cbac3eb7d8ee4fe9daa194cddfaf891a209f7e3f703a4c18fe4734d532d9b648d55d92d6ccf7b1cd5daad9ee400a52bc464ec300e4dcaeeed6ed9d741be4c548e45a6b9c7f73fe4b394ff285b629fcaf031a9ab3593d5358428db60850de0a2fdbc51d5c63f956d6b6625207e2a0e401891a92ef953a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"fd2d1b1f4150cbbf6ee3d8667e7f508b341b3c251c8b0abf3178d2fa5a80ed170a15bf55a6570f979080ead216effa5802b2e7404ad93c5cc41e17eb78168859388738fa935d1cd6b06422867a30b552":"":"8937c389fc1b905660861a4062c4e6542cc2c587284a279cbc86c432edf541f9":"c1f79f883f51e1de95afdea8392e121a9591674063411ba79b098e0869dbce33":"0ef847924d2fffbbdea4f12acd441e52ad39ff291e80c7a24802c4f03f09c8e9":"26a17b546d2dc3b1528efb53b0b0f87e917116f03658ff6e6fc165fb891f483af8ede7fef8ae44ab9ad07961b4a22f50fbdf1714720704de4d80edd1b1fbab4443e961a441ce4e7959bae558e333263f79daff8d8f9e3ab0d73eda9f4d3e31d535c67edba3d788ea7250584694628eeb55df97b01f5c70b051356b5d089b0a368d98bbac36c690e188e58eefc9b5e2b59fdcad05b71bc111b786512d13fc0ad4b9f799287f03198a53b8be4a2183e7096a0b9fde728dc409414753077e436fe1af94a93241021de8778d65a4708102a49875416170b30a6fea290d6882c41ed8c838388cbb7fe881a4775cb323de353032c6e29aa057bf81619e1670823a0ae4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"d4f64d9c63708f9294fe1b1de82e160274dc7ea857f8ab6f4ed629cc5c4fed94bd2ca16570134810e71a3a7a38fdee4e4aaf3aa82871142efe6b7d7a4888b4f0c745bdf649f6c84fe5a6519ace6336c3":"":"a8acefe33c7d7933ca6fc3c8495bb315bd4edd94668084de3a4f742ac5ca1fa1":"095006f15ac6f8f649ab217dfadd426a60ddab70c114cf7d52f5e6762a47e679":"9f095084b18d6eec18bb6ba7ff6a876344f0d6d7916c10bd510e2e0d546c4a3e":"3d3e2d085a23f3b08c0cf1e49252858855f28afdbfad3a58983b1d815b2643a968de890af8f3d804969d716dbaaf206985d413e2534ec6f2c9e144be0cf097590e3de9d63d5c530669d1b287f99d769e7fb6e2c71973c1ea02caf49d3e400bd31d578313d5c73bb52535a86b28f4252c8f6bbc9770554e294d0181904881d5224cd30bb95d85a952913f63e2bcb2c9e24e9a999a6c7431c5e6e2d76e4ea64480819ef95f40b72dba0f841cffc67bde3c9732aac9bc4dfde6e9789487ab9e2fa87103155411eab4c2e9b640c5ff417307467ab7d9b6036c8e81a51670525f1ca234fa4ec23abe6dddeac0c029a4b58d2fc8c24c3f57e2c2081137c92fdc373d23" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"f30723bc93a3fac546286c2ec8faf54498eea6f8d723c32c7b648265dc75d8dc14634281f7a7d1870208bac4896e22fc72bec353ce3bbe4fe2672c0b9f6266408008d0d1fff6c9c797e93ccdbc72dd95":"":"ebc2b572f365a726531b3ddf7344590cc5f779771134ef7bd7aec4af95bfb532":"0941303cfaba20f7c7c4ee745ec65be3c4f6d217f8e6c9a1f5e6db94949645a5":"6039cc999268f1fdd5ee2979e76b584b85069f144507723e2a47e3af1d8c2355":"eb7797a46743e552e682c0c7ff02e1a06d5aaccbd1a54075cb1a9332e76570d6aa5dd7423dab5f12b1bbfcba8b6396f2bbc5a1bc4c7f1fc306b32037b503a1a26b509e7c736b035108f90e4b3ae880bcb1eada72644119f9ae9a73eada21f9de1d2b1356a90f83c6ff97978bdce08aa6412535b401dda98c4ce72534f6ed75383d51922e0a4763c5903baaf75e5baaa355b3448e101ca3229f5eecd346f450c2f2b11503bbf23bf5d8f79392cf1425ae1cbcdd5bce53ca7ee0b59647a0a4b8cbabde28a7368fd46965ec0f55c8cff034ab3b733d19ceedf2b8f38e541da2bbb51e04cc5506d1ef8ab0ec3b43c34dca722e830d745ce631652976dd6fd9a6aadb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"070a6da7f4f59da9ecbba2daf690ee9ad0c9cad330600b7ce7b95d5c1336c96b47bcbbf8eb4d8918cebe861e959d68d7e5fa7ce34adaa38de3e36f425832e6bb0a23fe21d10c78800506d9054766ce52":"":"3b4d05963c2fb8315371c2f35f375b6e39ffec667303cd96642fdf6ff5f99102":"4189cc93c021bc2f958daa737a17f78c03ca09a1a4a73faa8a74f3f109bf2800":"5da2d3a69f10cf9a2f5276d3d54bbba4ec02826f6ee0440608ff4fd6b1ec962c":"f8d6d5d7aee571a9d75923c6a2ed73f3e77901cb025d3e609c7cbf83b6478899b410756f66546bbf38ac3309f02fc870e056772e56abe76a99a147d12f1fc60ef50cf87baad21f5ccdb43ba43ef0ed777be5de30ca312f814ff05ebb93bd523716b8f8ad0411aa732d2116040d46cffd9bc2e463664433ef1f7fc56105b393915106d8ae860aeaafa934975d446ef95d697e1761017bf102e9e175c7d6d3a3aee0ce877f1ce7709d08c2c84a34d85d17f77e06a5f72269c9f18f94a9d9e635ba1a1b62ca5499e717423ae4bab477eba48143028ea7818d64563bdea3fde587daefd59fe7059f4f6db16a61837876946eebcd846fb5acf07507c38410e2ac3f22" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"09b75284b738d600dcd3322b91d380db45d3efdf2dc8e9fec64cf07d7a606531ab41f05d85e3eed5f62d55c5132c75f151437d4f93dcb41145b2f95125d1daa7dd1f75dad6dc32e9e42a21dfaf35726b":"":"7ebffa04f7f0c939e1bfb4c8686ebe4ffd7a1ec3fb4aa114946a6650f2b449ea":"8d9ccf3526b655cb923ae3e1416e84af5e458a2ae4bd55aa98e900353f8bce65":"d78edf2f7211f49b70db778b0fb0eaa217860f9197ad1242cda264c3ffa3e2db":"1f802d0a9526017a56c43ebeb782c19143571f979b141b644612f0364cb5531f8fcd527578cef89263c6fc5ab26baf136418fe203dfe3113124363c768812d3e60a66b14fe13c43891e0756fdab6f8dd2a28cf9a6341b7b39d996353cf435726b2a02560e0b5f8035c2a50b10de41ffe389f0b0e478d783fe8da8d729f1a7b41e09d3e3cc5f93ce24ad76b5650ae61701035d2abfc05bded61afb36dfd910be47c8788af1f74cd101746207722ee2761e54742d8f21884794fa9b0712645fdd962ca5cf2d3070f4a2c1db6f4c1aadbcd415486735ea1bf6894146e09c6cbdab36d282e20ce0e840871a0b435c3e800bad673754cae50ab4e7855e268d9bccbca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"773a12318265c2de4d6a80ce936d4c8a13d81b646fb197d7ade8d8dca38988e6bf4fe25d32c137ff50f5e20e987ca8c5c7ca4c2bfc9f68c1a79e8a0f9bf2a1dce0c09dee4134b39f1e51f0bc10359fca":"":"4d995d9addb816122b70226a068c457ed4635e7ac9ce41f1594ff84160c1c06d":"f068497d26966dfdd57d5a8ea1a05c1db2ac2d72248dd59d17bca9c6fff28817":"641d5482fad78093210f7e542f45a8d17fdc856be5860c45465b0775bc45ed7a":"4d47fa06ae54f60102bd242309d5366a953e72a2622d025f9babf6f6343429e4158691bbe3629e701f07a48ed239e734a78a400463139cbfeb45d6515bb690f1211ee03e908cc446abcfed29b955b92e7f9c3aae149195e174d34f10e30333fce99cf362c5a42a79ec907d90fb5806c1d09c9690d4aef060f0fd1b0b1877ccfc377dd675778adae40e87588e5080d3cf3eb1f710f019611267b2249007a01b3e6999a3bab294766c933b09537e99ef7251c588728ee1bf8c64ffc64de6a70a521eb745b4ca6307bd24ce5661def1d7374afb1c44a964f14edeb1fe457465c0b45d62a33c5c5bd1628d528b20154d73a946c44363aaaf20dd41244fbc81dd0475" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"eadb3322979308075d4bafb69cafc6dff5d55b97c4a73dd9943a0a9e4ac01b78ced5ab91508b9718f6de9da47fd7bd54797cd5a5f6365c28b1a56cd5d74721afc4424a7ca53ed8e97a2c15a727a682e6":"":"8ced860d74040dceedc0fd0f3bd36ecaf36f91e4c56372ed1a54d25d65180d42":"a19980a1c86e9ee4db41f6467144b0dff4c0692141916d46bdb7c2ab79992116":"1cdee366e7c3e7e853caabc4320ca2b63616ae86343fc5ec2a21b6c24c04ec39":"84432c3f00ad23bf1ba4b464ceeed8da0760319141c214d6c31344fead11011ca1b10f19de5a3514c8df0b69fb85e8706db272d0e1e6bfd512cadcb4df7fe745aaaaa8fdd6e194c38b063c030de3da53ae6596834b99a46ad205690511e3aa69cf5bfd9ed78d6d33e357524dcc94278b127e89e189e52db00b426499a388241e9455deefddbcd3974236c67c6207a6f9c4c5d1403c02c828488e705fa4f85fa2771a1f3df7b2d5d4b1bd25788b8e29c679044e557ae4cc5dfa86559b6ec3b5a314d4de8affd2d576c3cb260413403e3ea439ed4df3501acb85dba98306cd7055027c7bc339878998e23f70680a855479060186335217dbcb229cfc54b66130c3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"97aef935ea33717e8e8644bb8c4789f375c48a945ded08771149e828a22dc86682580f51070ba1e991d9803f51fd9a6f63cd91c1ebb2caa15f2837df8f35cbb6fe96df2674a136990a5976cbbab63bc1":"212300f93899ff7cb144f20426028b976380a348253bcc3ff42b528cd1972549":"":"":"":"0e8533f64b60c23a2655827037db218c2fe9ce430fa4ed6ed9be349c4bdc6f40018b42f486fa04288b3b0c62a12812e76e08c76062a510cc60841f165869efaceef90805bdde2fd66c36c38a2ac9c3cb86bfd30406569e0afd245102f2ea2d49e4ee5f69187227a3f0edfbc1259cb6564a2d4e829b3fc3b6996e37546f1d8a16fcd8201d1ad28661bbb0012daad55d5403e833d8a0068d216c879bcebc054df0c9cba14dad4863ee1f75b78bc488662cb0c91ca4fdfce7df5916b4e62580902c601be706dcc7903858e6b9920735bdaa635add5c06080d82265345b49037a32fcf0a7c9ea6069e3369f9b4aa45493efd7318da2ae9b4fc300498248afaad8d49" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"549ada8de63982fcbec1d27162a51764dbd770f1da46d87759b2ced52d0ab2e8d1e8b2883fdeb221380e17ea387b3a065cd6dbb671f1caeb7b5a4bab5b901088f081afcdde5ecea10acd810735b95532":"0e7f0664ee95e3de9ef4f9d8faada0851bd1de3a3a767f85a74ba26f7fe8201d":"":"":"":"c876001855484b73dc46babd570013993413215f6617ce71be7c77a418494f77adc56f5c26b393de340a514b40bf9a0a9e2629b768ed329ca083dd4af5ecd6f45f878a55d5b02fb9bf3fe043ee9e7058acb83d3aaf39ead7e11d82725bdff8272d7a22cdd6efcfbdd60458235e523ba0ec1b490994fc394123fdf65d72ada39215ea6c7f8bd6c8aa4ce947988442c66cf53f196db401e275098d9260e2162f5726f0c73b201b61fe9f7b586057780a87861d31ca5b21ba62eeca6f5387c5f42147d55a61e1c7d39398a82ebbcbf4f153962f6a6bb5461d58476b4811051ccabb00cd9a78debed345c7e854fa064f990a6d0dc827c39c38237bdc5e9b1b44b6a3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"d3f2af83ed1071e6895b1d57d0969ec7fba3d6316df5031e452c26daababdabb58107846a2a6921ce3502614ae6cc94b9d246a8ceeece6a9cead94cd297838ca96b74a88dcbe24000f8eb719f939a3bc":"0d4223285e53c9e7d743dfafd08fa75c81582d0c507c38cdaa6fa1b398e342e8":"":"":"":"9b83018fb5a4b2d2b76cf5e8258e7d3f6943a494a9cf7dfe16f9c51beb6d9b849cddabfd597fba42d6fca4096e458c8c0e353da4fd6af9297583e97a910bcbf1258a83da465d34ad13eeacc0e57f145a8cbe09ad9129302e64a4d6cc9166e3576d256b7b3c64540100ea4b0c6f7f92ff13af732f6fce6516f2ffeccaaa0af906d4efb8b7625cc91c5358e5fd292de159dbac1cc9f0afba62ba7d5733491538d14467f9f242fa66e79b444f38ca9a6e7472e41cbe8a63967b2e9ad0d8fab4dc173a3bb45e3654ad49d8d8d5345146b33fc55c52e201fd404f7ba64c331d92c3109dd8fdb70116d0e84304772217ad8fe65bb0215eca5c842cb10d591c9b887f0f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"43de428b90ddf2dda3280fc3628c289ea7e623b63a0ad5f568c459eb7d62f739c106327c0f3a8f59e5bed661224e433594f78b3604b10fa048e04181eed885db9665c4eb92d0cb82969a1e5dbdf11fbf":"e9cf65c1c1d8d1fb07a0a66821b810fe8893339949b50909fb9b72883a530ffd":"":"":"":"2698a29124c6ac40f2416778a54ea080014a3258211d2136cc82e83e199243e7b6483f363ffb637e3a498ecda6926e91cfc19e61f66f33d3c830f2ce9a9379f3ab5eab90001a06b7713a5ab5c5ed461d1c99824e1a506482fc04b6ff0129847fe84b0e36ec7284dc028f2ae326f39e7b2b17b6cbc21a29f1f0c8ea069be5a2defa5794880fb37ed129849cb4e7bc998a80e6bdbf6ee7d7bd78edd6a7ad415e571da42481f00a857c57308cb7e24efaf3993587d3991ae41aba97439f5e0feb5250013d84619fada910ecbc186e976026b1451b602d20e60679e78c8940b3c8946454cb0409a83c2aa7e2d1f92f548fca8d089e15c47a2c803e7e1e78429fd01d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"af0abf3d221f4af4a4571eae06287c994beeffcd8f5df5da72eab03cf108d67f71b91ff2d70698a8578d058c181bfe715d244f5321660dcec025897d9e9b037bdb406bd97fa9c3ce5e6d01d0840cfbfd":"7ee295c84488c3f5d3b2798777f92afcfcfac175a937cb50444831ca60a58650":"":"":"":"e570a328f4aa705f4060f9a6ff38e16007e59533e1d94d039c274d105d7bc8c2ff77920748579de5c33c1465d4441332ba51d30bd8eefa90ae8a421ca662551957e1875d6515adba50a0d297640248e0a83c032b515520220ed880701650c97727d6b5e5f9980f0eafa4d709bcbca76d31c291750f52b75a165023ae40ddf4ad66f395d4cfb1f5a5873743031d2ea2a093b2da4ea175bae45cdabe00687524a3814f153c514e1c3d50abaa96159516bde73878a021b2e9b889c130cb3d016560aa9ac1ef2e4fedb67abbd2edcab3d2d74de3f8e9fb1120473687902fabb46eb183d74f22e5b3bfcb9dc1d1edd95360ebc1310651efbacd0e603b37845f2a9068" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"54c0128113a4f3e76311736c83581e6c3fa45659c20bc622132ce4f9dcc348e76575da4b0142beddbdcf51904d1febb248a116378bc69acf6d1b4b25d94e9d76145fea73f8bee448964486c39e88034c":"b147253bc1d28e988f99a53a73f5b86868b43c6ca73ec7d559f40f572f2bb74e":"":"":"":"2963b2932e86680bf0eb6907777e88f6cb51c38b36794a0254e984431ec1295aaa26f91d5bbd3874c7733466e04fa4180fdb922b10604280a1e34ba50b4f5867a9fd069028303364566ffa6f7410ae2194ee51bc951b19d7be1cce358e002a4b94085ca34f845bc7598ed5036c23a1a1097809c7421fe0b6bd10e90d1f8ffd1cdcfaf3755bdfdde695b032173861ff3baef7a194b5e46c3b0a3888f4e4696ee5dd2414a10c16eb372f67a7538782d61be0f7574646c7c05f6f3d81eae13b2f5327b8ab94d2c2172ea168a0f2c6b79494b497da375606c7d04bc2d8d41618d925140b835b90ee224ffce041697af669b0a944d342524fb133e193a54f4b528fbb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"20f4687b717a31f5e818c872952385cd9ac2137abd2e49b9849f01cc2551dcd7f53dddb2449c1a9e793fb8a0447b303dd6da6110768f5d32766e3e3f171305fc68c4948dc6762d3c4d27c66fdf962cef":"0516d63709deee72cc6751191ea05d6aae7ef016dee1ad62159af167a785b353":"":"":"":"82ef3110200f4f322764f91fe5b119492b8627ece211e79e2ed69044e612f60553e5e50abdb1a1144e4a7afe05276c80b7d1e3992b609c4966f61beb02ff8ec889ff94889b69e4e6544be9ec760b260ede7e4b5e96b333fc460392efb1833a6467b175aa7d6602abe175ba16d94151fefa0fd1396960aa8c72a6b778f3f0674c86cbedff250b5a609d30e0b40ebeab2a524ceee7aa861b274bc55541dcbce77361acb8dd39fdfcaa02820950932245bd37986d5c1407098e13b5793666d079969b054589e70712d50be04bba484cb651c07971be722e13b82600358dec86c7f04c0c4e256ba12542f80ae7de745f50bfb07aa28e3857bcb1f371f01d93b12a2a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"ef41067a7ca9b6946155247ce8dbb619795f028d678ccf8f5f5b40e33e8cd15634db8c9141bc2cb0590a545ccd02cef6e1e96fea14fb8a55411d9ebf03633dae0ad449a2121d1c78fbc0e9cd8a78a34b":"7b90a2baa4c139e29c48db6c5b51ccf088fda54e4187611dab44409ce1c36f4b":"":"":"":"2a13126e8947278cfce11cb02ec31acccee5319d478a4937e8fb5e6483f5874fb20a17e9d4599d256b4d87318fff393f999e7f3d8612fc1b6063175a5d070805d53f7506632f03d37aa43b4e77e323ac0d5c241d9581d7e110fad21dec83d1dc9d119d1a0686636acd0846f58b42bc12a4e7e9d5ddbdc051515e8636fd3470a3b4c2efaf9774d78f3d32991f9ca50585f939d21a15c5cae6defb1702f9b606ebfd7308e55e6690310e35dadc48f9aa873f142397f36de90fcfc1dd0b8747496548b4688899df4d9d13857274741290a39c86d5b92d375b79efceb7f6cf2ac0c8c41e6d3c05f7e980628f330b5aad1328fb4b0621278b190758fafc93da359a3b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"4d1a72a7a7efab609c6ea16e4a1150a8c1f8bcf19ec3225ad2eb10c761268d6d2c9b09f982710768aaff9d5e3337b028596f31842fd23e75a668063bdb03cf1d7e1ff419252d44335712f16720aff52b":"e5c9712ec583b2dbbfe76d5eea90b9e3b6815c2e38782192983c6a02efd91afa":"":"":"":"f4d994662acb2644e389b41c71122053b2a9bc68303f4c77870e426ac38c1b20d12cbd8adaffb611e3a3365defad82cc8c2a27d40f57e8035e16476442ce4c4beee9d8212d230f796fd92b02d7975790120bbf7a6af8115c06457d767c5543a6c1742ff745999f8e815f5caefc92b9540a6fd19ae973c52b321e7d4d7d9b6ab4900d13b7f633a7b8f1abe3e1a0540b5803b89d71b3c4d3a5dc7c4c0751e088f27b748440df9df14fe25096fdcafa1c3e16d49235defba82ed6ddd1fc8a5fe9f5d360bd72e0d19b21cbece29737037832b9ef18b96580ba50c344695d93d07b105f39c17cd91ebc291618c8862cd47459946f735fa7fc778b4489b574d6e77ee0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"5c9f5de1e3bbb5193bbdabc6211e797dd89eac092995a5539ede5ee3f769c4c3e221e65efd6daebaf2b68e4353c23d08bbfe26b69abd8dbda8e41f4f9057ad7148541cca28ab0c3ea512aadcc65eef28":"17f703c54499fe53e688c6d48b4a0604ed9f6c71b1cb4fb9cde37eb8fd2a2ee0":"":"":"":"11c40f20930a9ae087d5ae4cd93c6d8defc073888f4f8e153b163e7ded25a3313a55b341d40315d78527ae87c932c9071ad6416823d266fe23000e1e33463d2f67c73c6883aa301e5f12820640ffb50b680c3aded1f6b93d21c3c1a9ea01ecc9642f1e653551d6e8fa8af6a8ef626def69c65571f4a26a7d8b7bad126d945961797c8147c3ecad4637f915f8a3a73b3ff235aa3c71273f0cc0e023fa26b8a567db56a456d58536807817d5f9b04fbbb99dca16164652526b4e84781f08f1501364a1e3b709894f010693523facd0ec9c61c41ad9847a9ae47f3b5ee57cdd63aa179caf1cc4957b59461aff01f08180a53334ed436697688c55608a12fddf7239" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"c5de35ca4848615697693d839616a4272900db5c894bb13fa3a43afb9e2a714c47a61871bed42c6c2a9d190b946f7201b671991c43e5da4325666b140bf96f0548a7220edf2dbd9bf0bde719061c11e6":"0678789f954ea314dabfce48d090bf93acaa2f89f7e1a92e6ee0f7afb19788fd":"":"":"":"7d4f29fe94ba8748d534f3fbfdd6dd8ca00f362eed4a84b2ea4c0ea83267246343271bc9d48d6e5c0265da7c11ea0a40ba8cef9ea76c649426d9089f0fd81b69a328ec511cf96e7ca79e7cf51b9fce4a62a8fdc568a4ff19604541ba2ea428eb28ae49645dc0451708fd53ee7e6e6cb8ef7607777f959a1efdc172c10e290f2f7f3b2cee2ce5e9a83c3928c55cee180bfa18359dfd9cfad1377cc0fed321ec9d13e4babc23e4efc89754648e9c6ebe7d7f69acda85a56501b8aa8887f9b809b29c7d3b02a8afc8c1ea9bdf26179b4547b480100c9e6f7d05edd620599d3ba85c96549a20dec8084dae4c98dca554a2cff094afed966a1b3109dbbd8ac5c52304" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"cf72dc871545003348cb2e458c6f4fd6df5220ce389a792f854498cabff1b5c88e3732f6aa95eaca2b318a4d29d2d33f3a289ceb1bd858e3c86c7404825c0c0a812064a05325e09d34553a691a601866":"d8df317e505af016e86297f02fba94059b4cd31529d8c1ee1b33107df753d89d":"":"":"":"181851eb38a67d9552c87902d25c67afd377aee587da12386a46148c4cab44ed5b61777c2247d0d39e0991fa6462475da9763d30f1adc9a1d2f90ee3733cf335648706bc7ba06c862ec9969a0ae38b7b1e14817e0d1dd06bba77a7371f60e0867fd7744b0b4b7e36cc1e280236fcb5193c73a2d00cd0c256b44eb6497ecd69d1669ad3eec8a4e4c8b730d85e12d1d9c40070e645020d7ae2360cd0d39d559713b4f010a318dfa91e44549fd85e5ae87bff1547305be5b788b5750ebaf11a60b0ce6d26dd69d219aef1a9a038ddaee0e8135a4428062837af5e0aa1be821af0246c6076ba9ada4e0aa7f74202e10802879142cd109cd27a292d04e6c53e33db0d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"c89dc15467ae09d5c514a0941f3945b1f4a1670a4df9910d14c68aa6d3c36e8f5bae0abaefd8fe5300b56a7bc38083b55602025c221e1f0d1671f2ae92bb0c86fde571ccfe8b8b5be8a94f3f1d027ee2":"8109ddb29d8395e938aa210852da6bf1f1a3d00be9df74b372e081d538983174":"":"":"":"e1c5d2b4ef29b2bfa498541be087f21075b0b7449ac7fd234d8e6af45680920bbe1dae35850cf27469209162d4175ec42c3d5cd6b7965f95948d9c49eea2db9dca83d1bd8bb49093ea0af12497bddd8cada20bdc94a453792800cc66d01cdf5e0afdfbdef3cead291e5b88b116fb47b82b4b18d6fb363d733718496ea20ca2614caed61d823ca9923fcd2f570a9c03827187b0cfed19bcd2c2e87f58508da8e1096eb9eb4c2ba223cded5064a6a9b5eed8cef6fabe3aaacb88b58fab570a56e80cade1be8c82f3b6918a7e574c91dc4fddac497f1cf26a801d6cf24ce49ed5e8bafbee09eceb39e1f81821ef5477fa0394992c848fd2cedd8f86c4c4a396eb3e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"1a100ec0da9544326286b38705523ac970b896ef6e6306b2124e283a8851e46d3a4b2bc6a8152ec9b0f88d0e2bd1528b13ea307a3384c10d1fead60b90bf25c305a91558c1537e2a7ac74a85240208f4":"005612d87b6df0204c3d879b5ca30bfc49df4e189285307e2926b367ebac30ff":"":"":"":"01f56c3a325a39a2bc85e6e077b7a2864921a4b223c7fe998ae255d724a759a66971084047b44fc1b8ad013e976ab8b255930337eda87612364d605f241095200f8a8513a612bd847aea116b73078349b7cf60cd2588a8f7431671c3b3c6ab2e4dba9796b1ddeb2e1edd4cb3c4dd67cf722679cf64c5b20c64e28be1ac87f8cd9f17b59ed696f61a4a472fdf37aa90a2f16edd3d54c5abe7dcb0e964bbfbc113e66b1887e0daa2151635b803c0340ba55e3e5817cde2662ad45133c277502400b78272786c7aa40c54219a06b5a32e088baf0613fc535dbef66241befa09722f3730bc85c0434c733ab17dcc7c473d8b9f31651921407d85369b6f6fb609d53f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"47c42df62b4dd570efd3c2722ad39a2df5f969a13f645fd27b5290877ba70916c591934d4f66000ebf8c508fafc44f75d16a2c72c63580b9bcf156862214533a47b1686c871a0165604fdd00a412a484":"94822903cb5c2003c31c6d072ab0dda435add0de7d8f9d5f08b5cba410d888fd":"":"":"":"f78e61b443b5a97b7e493a8ce35a43545290dd33d15ba4bf0ff78f34a25c46c4ff4cd485964cc96e90fe847d9fc9e42d96e4f5aaccf976a84e3e12100c28b0f7addb1c76f89663e11890f09e4beefe928a1e0b304f1d9dd0414cd115a01b641fd69c7071f2ca7c7f2e53560f4e91010ba11948195bc5deb556686feb0bb92fe61b3171e639ef47418f02be37796efdb6920952f3a8c766b52fccfa757e923e38028a84f9be1b802c1fbbbb4aef825f4c5e4fc1bf6e96f33ab90ea486710718c9e4f3247b2a55ccef5a5d342cac757f0b9f90bcdcc8c2ec3a43149bbd3924c85f0b5b7ae42151f4ded826ee6d47849ef4e8af64adf6863982503c23c4a0514ce0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"da740cbc36057a8e282ae717fe7dfbb245e9e5d49908a0119c5dbcf0a1f2d5ab46561ff612217ba3ff91baa06d4b54401d61d4d8a41c3254b92104fd555adae0569d1835bb52657ec7fbba0fe03579c5":"fc227293523ecb5b1e28c87863626627d958acc558a672b148ce19e2abd2dde4":"b9ed8e35ad018a375b61189c8d365b00507cb1b4510d21cac212356b5bbaa8b2":"b7998998eaf9e5d34e64ff7f03de765b31f407899d20535573e670c1b402c26a":"2089d49d63e0c4df58879d0cb1ba998e5b3d1a7786b785e7cf13ca5ea5e33cfd":"5b70f3e4da95264233efbab155b828d4e231b67cc92757feca407cc9615a660871cb07ad1a2e9a99412feda8ee34dc9c57fa08d3f8225b30d29887d20907d12330fffd14d1697ba0756d37491b0a8814106e46c8677d49d9157109c402ad0c247a2f50cd5d99e538c850b906937a05dbb8888d984bc77f6ca00b0e3bc97b16d6d25814a54aa12143afddd8b2263690565d545f4137e593bb3ca88a37b0aadf79726b95c61906257e6dc47acd5b6b7e4b534243b13c16ad5a0a1163c0099fce43f428cd27c3e6463cf5e9a9621f4b3d0b3d4654316f4707675df39278d5783823049477dcce8c57fdbd576711c91301e9bd6bb0d3e72dc46d480ed8f61fd63811" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"c2ff911b4c93846d07e0d00eeead3423845c7215c8b5fe315aa638745e63ca26f1062321318087bf045903cd4f5cc9e61a318c2861c6a93948d779ab45f14d451bcef2d43a5ac752995bc0b365bc3fbc":"b62f8ed28a72c28d80b41e016f559bbda0a2a447f8e146eb93a509b302e03c42":"77aa1ff77bf037ae26e60d412f3341715afcc1fcd3bf971a481a15d45c794331":"55ca83dff075f4de57588dcec9bcf0fd1fa267bc280d3c48f1f1f749e1997cc2":"e42e4aeca6716181c71ebd462082309868f6faafb5d9c82357c785283f6d5285":"384383c41b4df205d19fe68e563dbfcd2f6edbd176574248f3d1ee44143b70aa5dea695b87bb6c82378953a714084ebb5619aca7d63e0dfbffc253a336edf80acbd584cd3f916d6126968d564c1dabf7b3479a62e7dfce560b80a5104389bcd771e20138dad4c59f290a4525b00f6798fb2a3c8f44605a247653d24c772d207f0ccdc19a07037429c7e79771c6a6b4ca219a1f8ed9bbad9c4cb27415d18b7278552e50ec6e25617cefa7324ad786aaeca811c3aaa35ae00d2f2152fb6d98dca82ebe579bedbb50a40e62af9e229dbf9b9b2bc6532b5d78e6333cfeb1ad01e192491193c9459b78d4e9c6e8efe69cf0c702298e325f129027145af92170b843a5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"e1a333ffe4bce7b9f6bbc8dad8787a82ad66ca9b25a64f04b166face945c249b5f45cdd318c0588c7cbcd14846523943a59119683628020e901a0a7fefc21625864ecb1d76ec119a10821b49a3431348":"ce1466063de221c4fa1cc308442db476acfd8ff34b2a0dbbbe0eceeaff210293":"d481e022a80f3e60687bf153524a33bd6fe42c54c39a377a9fc27e047df53f14":"26a88acf67d5ed00184baad664c6b2d4a91d437a121c3cad9eabf3d7e676b0d0":"524e4896a22bedc62820c500ed7da2bbbb4c1ef9f07b5f374d0fb4ae9bbe50e1":"3c3cfdebca060f534a952e4933c2c00f9ee0fcb825a58abb6aebc952e160668f711068881ba8a6817500bba1c28867cf21a12a50e46792abeb9f41bc02322bce1e77d236b7a45a7807fe22b8ea9e2859d2b0164783d364f6ad84f4b9341c576cd6ab2ab249246bd76910e0abf115e4c59e37074de5f4defd03fa61ce1733e33c98849ec28ca61b845035218afa7ee2867b32ba1efc50907d76ccca5a7ba69e9700875b200cec5d1fadaac77a0960c4eb899c06134cd9cb663c62b69446a460bc9e3df7eaf2a34df00fcd838e882f5af1aa701d35dacec0cafbe74cf6dde7893b880071d3f1c9e53b205bdfde9807999e73468264d6172c952a7f5f88a836b1c3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"73cc8caea7f1f2129bd035b77bba2309ca3bec73e9f993fbcce7e3f148670bca656e3f17e5a8ce9bfe3665f4b6ca8ac8111fe051ee0e760b295b73470da27081ff17bfcd6ff9085c5e064ab844927f84":"eef338ebdf4d9399441655090136becbcaf277e5ac73426f79552b3f27819ab6":"2114d320b65a5906d04c5166ee82e727cc53f0ba33ed54a3229ad9592995695d":"e3fce46cd5c90936f20252e0065dee1940c7902198ae105017a8f50d143a50f6":"7ad27ea94de6ec7ad7cc1895381c735f007f6087d688a070b4cdfaecdd2a3345":"858108fe1adf90fb3238363ce3532362675a462563e5c12df97d054267df0b205ed3960d86893c93d2b1997d95abd9179512289297b00cacd1a51202923c4224561e9986d0242f50ea4667fd6402e29d18c184028cc6c85836b1455e2d2e9b389e0d65bcd2c78d5e42ad9e47707c9dd4617e6ef2d64590d0e0be5e4465eb611d91b1a45bca1af04632fc8dd045a5f5ba3ec1fc09e3aaa1d03719181e11c80dcd1c4d1aac3ca69d89b9d2c6ff7575d78843fc4695c1954fc663732418bddba4b20439da03d0428fa047f99a378447f9e563fe405fd8f9c32d580aa6dc1560b9df1530fcc7b337072cb60007b4e2762dc61a08e6511e7c93b91303aa3d46c14483" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"5eedd039764e7af96c3ef7d9e094e861dc0839c2a2642c4082afd09f2761c392a4eb8fb607ca7c5d7d4eb8e871aa995037a297af07ba36a59572e3975138fcfea667e06d9a4bfd2e9c570e61fbc09006":"92a258c0ca5a9c030dd469ca5d8883ae5f3fdaf7d8e0fb23867d150f3d24a0a9":"954a9431a4f9b34f6c28fc41be05fefa3449c8ce0265a19b8a422935690b50c7":"1765c701b279cde38b469bf0948f500b5afea8f7eaac3f100ae5f0b147005ea2":"1f6d382b8a8967efb9feffb8557f1cf40f4f65b5fa7d9846cab0601f5150430b":"bba8f496d47ec97d90533650275243fe76844b606d714c8bdf37db1e3f8045de44482d65a99b6d60ee4aecdaf0d262d96c058dbd704ee96e4ae52bd3ea56e9062b93e2b044124b7e9304dfa237e623d7e7bcedf59bfffee1c581c7e41a401832443ae80c6f4b7643591bd78254996235d011233b18d993b950ccf09bf29b2ae10b85e4cc4feba5503f8e81b0d0e7b50e7eb1a358726369e4af07ef64aa83813e61350068026161a3ccba808a99d11e7de5afdd91137fec9b77de8b59ded6286e590ffab21fde191362af132bac1e8170f36f95d53593e73d1775609a0ef04d9a75a4bab26f97d253b8e00ca430841cb5bba4439124abd37fb43f3510bd5690bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"95e33e3e1e5d24dcfbc5a534ad0e6ab6ab15dd6b094b7642e2187aba9a303137b5b7dc3d70253c3a8b446b591fab6950c4f6a33de5257fdc474a46ebbd367465127e6a9eaa97e17851f9a4d55fe4e954":"7080c7d4ddd8e32fda42ea23adddf7a4d3893be2cb87d6c7293bff521c252189":"611ec30b87ddd1096396d539ec973dcb7c408a62e6c37bfbe563dbb60d9f4932":"8a4a0f9eee67c54e3dfd846ea92981cd769a8c7ff4f2646c85e80a03fc556bc3":"05dc36b5d354f4c3b950053f925616c27e2317f886d2af09ec1eb7ac5397977a":"90fe978fec5cb14ad180e1ca8d3e266658efd9b0fc95353d4edd06c4682572a46e918d1bf4269d38f5b005691f4b5a8ded08983d307a0d7de64e681a302ea6d0ff8ddb87bcb5ab0871779b10744d8188f7bf2d6498a4ee998da93d1a2fdf3d3da635c52cc26977b25dfe17a5f5dcc80fd72d066db7cdbeda557ba52554e1ef5a075d7a40ceca83cd83477d99591228f4ae33163d73045d35bdf892cd21083b8d70a3297212edeea57ebfb66baf7af38833e72113001c2489ea4beae57995169a1354131a7f607a1551643d27f56ce8e96143a78b2a19f9fd72cae9054533fdf16825d852c990dbcf347d32529952445cacc55c79a79c55ebdda76f226bab80d6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"b43301c1af024ba6cd7eadf985cb1c6c303479ec3ab47797392d4220788f4daec2b1f5ac6138bcb83e938be66b3232f7f022f4e548b93e7a8aa4d853fc1b4c42ed9b182ae582f6876beb268ba23c4105":"ad7fcba1f90b243689b85a4ea1dc150bbeca4093dd8b9a0a491a678011ad807d":"0410527589e72024491d4b5328b5659a330d9b167a1a27251363e262f393eb57":"5de8fac62063a676904aa9628046fe71f080ce285ef964acdcd11260734f2d90":"2f14a327bdbb9be4d9a813dd73445c8a8c911a874daf08a551e867f54983de2f":"41d553adcd069c7d2b265798f8891329b1dbcabe2e7c03502542b322d13ea71cd8272eeec65d31520782351a33915deccfb8e10cb64d5f9cd88eb30608f7b136486b5972a68b981e0b9b7298bb670ace568b98c88d35b4a40c25bedec94eff992c0083e539adccc37ca5a4093ac96aa13c83a59c080bbe02e37a81303500224daa4f380d2b88cb84ebaac342bfe5789658585d2892cef2bc9ab6f1ad51fb292e531bc33186e39b93fb67d4ac633a2f4f8c681c7f82a81a47b74905613bf10ebd3c57fd6c8624bc7e55b38e2ad063aea90faa038d671f86c6b17d4341032e11e13c526c4818dfc42cda496ecc060d9a1ac45ae0e72a6e05bc3a8aa851af5214b3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"837e9048e5564df02e25f7b7585ac5600ce4cd6a6de8311c6b3c6084356ad0f9fcddad47e7bb6ad7ac9f33145de135605866611c2b083fd1f9e5cea98f2725cdcfb0d2ff6f0adb74d6fb61f8a6ca02b0":"1d194d69897c5a7e8c36cc4cd97784312c9b6599274e3b20d022b1349ac45c58":"b6a8880d415cc4b2aadaad6d7d2dc73484b70909345bd209520c05fe7f5cdc80":"31bd3fc264c252bd3f8102529763d5ad3e45a4e068677423e698160db284bf11":"0b845cf842d1ccc15c2fa7224ad121b9b5f8acd1e07b16c143c931da56620906":"7a6dab28ae7231e2dbbd826c4eedd8ce062df31fffbb0c0ec045b0cd0a4e3457ff978bf39425e48cbea4884fc59e95665068361a8ee9175a48ef094806fc146ccfc3c403a770abd0c6bc8439bf68a89f13b0725a79dbaf976dba95725a4399c58d15c4758a515346cd0d6208fb0bccc06568642eb3e0c3a9a1df9567eeaa86924157ccfe5b2f8e8ec946871dad33f40f65847088c9e500faf8e25439be8a1e77df12a2b21b9f73244b82176e4bea4ed33d2671eacfa5c4b591cd0bd93dab7dc62f7231840909ca319278185f873d00820fbc239c3092d1dc1a3cd9c692ed6d37192bc587f8b3ee21c14fb20c520fa7899bcd2a1a53288a42cf70c6fefe7ef7b9" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"f840c75ce0cdb200a3bd980d6cedf1c7321e5f303cd0446c7afd2d2d66657447b215333b15d55326bc9bebae6ae36efea3a337c6fbeb6a979a4783f2b7f0f0dd6d3a9d3747de639a9047248a04a19f5b":"6d5ca4b1edf6c0afbdce02ecb30923b2f4f2b33121e21b2ffee964cc7de1abe8":"f56d2b1584ba2f129c77b29590c4e1dfdab5527b1791e3e445750ca6d4ae3542":"05bd799249411b37b80590d49f3348631b06a2408a61635c70687003a8485302":"12d26ac3b87924cda5d78a3e3c0bd81280e340723643ed1b2ebf2dfd52f5dc43":"b48c13af7a9b6fa6385a7ee5d2ab97dcebf71a715dc465f413cb0962292df84c9c83c4093309f749359b0a0ddcc13162cb4ab8ff7b3a6336351ed79ebf47730f97accb6a960a9c5c25e0920a06cccc3b3f62b616c15ca18d7e0b5c2e7d8ad2518d1ef0bef515af866893e9378b56deec32825fe0a2c5a9729f658915b99ab22a03b7187e83d2d0f41b9467c8326f7bc87189dd8ade18b3a7edf0c0ea462dc22109ec91294cf8ce69c8cd0c129b423edadda8fbd25f4983a70d75001576a26405188bb0284975203694c318f3aa7fe47ec041bc4c11c9bceb1b131f74adcd72fc4d2813564de6d4711017800377be9e4c579e88464d67ea6e457a30f8f652375a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"c91db86e3984dbaa25ae5d851ef341eb647bd1df0517e171fb86069cf6183c19a386746ccd0a7e81f3557038711db7259926089317ab7142d6ab6050b1f7dfc21080910d43a702cce93cb1d3b155d22e":"a4585c13c83f962df72b58230ea123846df652b2810766bb671f675b96125a4d":"fb31319b4e622dedaa88b64aed93bb108362234c3d3ecefc78f796aeadd9c8e8":"877bafbab3bf9c20b1a85a5f4b3dd11a5c486042b807c39d59fde1eaed89cced":"89a5af332718418758129b8212643750542bf957bf35c64d6b0a276238c808f3":"931e43b1607f43260ca4fec3205bafd90ccf9916d721d9edc384250f9346525c7656cc7b5aed8acf92b8d843108855ac13f4f0903e51aa4ab7846a839ce70b7de88e0d52590ede14437b5493b6c2d9458d221b771107ec166f66ed993739604c487fb4ce94bd795e9cff60b4f8365c758c27fd767135b90b3372570a8e0e3b3a23da37e69382afbb76168ace3ca78852bf99a0d3a7e2bf192d8d929dff5b07730e00a8c5fa5ae243c89e71fd52907eec0b4c49fb86b81394e38a6b0523a89c0fc866c2c3cf76f336e9438d4f773cd5ceea4dd47b3716a9986153f718177d2c8ebcfcb90b986330f817334d29aeb9c93e9da5db30b483f8f434f2807bddec6851" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"3e4c40b9b33063edbfd21bc4e34c5bc1f454d7ed176e4f6edc3ab056a3b0d1a79170479fd91d6e30caf99166842e0175b2941a7186d8c3f54e6f5f9884e47dd22a161a3fc5e00c1c9ca5a744c6a7f7b2":"7a3d7511b93842159162176b7016106e61573aa42c57aca7bbfc97b3388c28b3":"d88781b3afe2e1500b6881aa9cc23dd150054da57be0ca127e101a9fbc4decce":"6231b0f5cf182c6f108491c5b7ebed9b2a015e9698e860623e9a12e691a38899":"bda666c5ac006d6efc2aa0da52e74eded88955f8f064bfaa52d9f2524a195f59":"2d7d62310bfc4a3347122e23655a10dfc54fac51349f0c8d586aad39236a20368f4d96623e58987f7c1184148d586022a4b96976f72636eb1aa92ad221c5866b6c6803cbf6c982e1de12bc89618aeb3f844b2a518a578714e2380075acb828685a57683179753fd1ebd2d8aa1672940446756829d6ac1cafbb21858465789adc024b8fa544bea09cd4f1f3ed35f298d4619a5f92a6e4f712a0032307ed781166d7a6af2a352694be7fd3bc8a151ea848f8b14da8150eb22e264d76e655fdb3638bf250546eb29ff27850d2b5697932c6a876743561e0894a01ce8435cef74800f11e4bf44fa5149a6fa4f4ca43267a47d3841722ae7efd09676f341a54ff1bc7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"fe4f5247dc405c12133e9cf7fe00483649d0e7b70fdb1b39f8e8ed0a4789a0c9ab78417816b54d47cf98c0aa4246ab0d68028d1e7441ab77c5eaaf9aba0f2ac6e1be2af480026d44d5eec0e46fdd31b1":"5c5a5e517b3acb6d6d75742bc293e4d091d7b0bf37559f75df98d6306bcc2d22":"5f56dc4800297a3fa8e2b38483c29505485628866ff175b19d4abaf4526bad92":"d9bc081026ea5e35a52b9d1868688e03aed785af201e355cf51e6e8cec917c34":"bcec655ee8c482e725c5b915b4085a9d678ea26b71c1ce0a85f741f9fb3c3607":"411edcadb791507f40bfd00f3c764a2c758729f3bea116ba0c820efe09ed379095f7877cdd6c694c436572f4dd1b905301ed6e5fa1360ac8112860307958c7b64372eae8f4122d84ff2d4b690419e3043b8a6183afde8f084fa110c38403adbc878b9b139f6df5cf47adbec2d1f03cbcfeccc412942346fc42f0af77d52cf9127dfb02beae47375aac101baac38d0b47d8f04f83a7eff482ead93723827530869390630379767df1f40b73932789583da327e2f363ba421a253d35d205b00945d9f5521580350f631cb24c7bcdf7cdda7cf28baf625fd9d61134ec7a6d1cf4c80d05441722d081d4aea1074712f37884fe15ddb3cebdadb20e71cf3ab41676fe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"9d129142ba466c27f348d5949fafb79675e334fc3a1948e5d008ee265076467bfa435596b661c527a82e5a064fd56cb6f17f549c77a0a6a998712ef0e1f41ba4eeb354f77565f7a7627eaeab83ea48fe":"ac23c42315f2bbe54eba535a7299113cfc88216727ede9f154d7bddd88041259":"7f029d2430d49de4909a758a2bda4f219d37eff01c96de7ca2a4071d128a1c9d":"4b6a443312f10348f6aba088d1f81206c696508a75836e98951604e93fa6db51":"bc128051ddc96eef9fbc3a23ff458240d11a229d1a75888d622ceb7519e1db6a":"03bbf9e2c0c1abc1ad71506fe91d483481fc583a73ed2eb4c8834a87118088b20474b78e06366b2f32a5f50e6425be841e1885a72aa106d5a001e3909b1ac2a29940ded83f0724514800aa0dbbb18da6d573aa97c7de470e115e9332179cf8b321fdc83265b4d58ed39c28d09783590704ab9adf007ee44d4d74af437851734d470085d45252588d75448abc608be03630152582e0344e1a7522a87c3daebeefbc79497757835f079dd99260ed7d7e3e00bdf046f4dab3ca84b203f8c93cde99755c2f5b16c00d00f370715f188e80f3f353f2d218350fe1a9f68673ea8e9301333fe5ca7c703d21aa2d0df020db28d8340b5e2c07ce5bfbcde7194399b6f752" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"2fba8ed5b2be9af95fb02183ca8ae0dcca90b209be73511a5dab31ec81e939117e529fca4f95a483bd307838ef0d779dbbfe77df481d807b309da929f319b39287d3ae0994f77ff616f0a763f35d44a3":"2de698d32010618c25ed86cccad2ea4d9fb9adf7b3dc400a2b1b4c975651d103":"f9ffcfd5bc9a08f6f9059f4bb7f49e093f404aa7fe736bbf4018734071c26334":"a309fb1f43a520a22946a6418500929e19d2b3316fb1a8c1aa5d047ddfdb8d49":"c1dbfdb9bdd4a3321074b57e11e5ec6dfc374248a918242fb3e22cc6612b3239":"3eee1bdb63433c55971297e15ac1691cbdfed576b1d2ada27cab33e660a3c8575fe989ef73e13058c9a3777c35bff1dab25e1991b78cc446738ccce723eb02136fcb24a0dd2597c3fd0a75774c4a21409689e9309e962be1e8b096c2dde59ad9dc6750051058ff6a18d57a19ec2775882ea0af65b172ed718678d841fb51437aa3133b2b328df0f4ac916a01d88c740981bf71c4664789ca4e9d3f7fdbe7379231b64683fc891c5222f8b396a446f3b50dde823f95177b7284663402fe5452fe7bdee304abe34d71172170ff3a911782b72b2556f2337d1d23d9d632bf6831d3c173fea3ca8eb5d7993a58a4b9f8f64d5c89319acbc847576b383fae0178a097" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 256, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_nopr:MBEDTLS_MD_SHA512:"a9fd18764900768b7909db87dd4c7b87baa2cae6b0f62a8c2ee3e4c550041ca7435c7b35ecc6ef373dde3d989420b92c2bb32f9fc8c766ab840f5d0c73558dcac87e2102c28193e7ffd3381bc30e1d31":"8bfc5a65fa21396081d92c3d7206f92637389c60cd7a14f11811c91535c0083e":"404236bfe24b471ac7df938be6a96b8ebf8bc758787714d226ce727e9d2b4bd6":"8151ae3237ca06ca5b0373039681a9d3cf799e98c3fa2efb576822f1fe0aaa06":"11f0f8a2c16b1bc15fc93ff4793894f22d7494d11c94dde5ead2f0fb09bae6cb":"9c636c3228432fb70d521eaed3ba8e436507e29163de0f5b7e0aa9a5177aa1a3930b95f72fb0561353db7213cde9ebdbd9485a5df93ff416966e09c1e61d8f805e6a082d6372d58301660a9a0181e2ef906a5a8a999c88002eb4b4132b34efd21618871ce28be5e66a65a1782de11e8e11c57a2debc85b0068ab553400b26a0a0f948ccb4e8bbc1173dcdab388c20ef6e2c9ac796d8816572ebc134396d38d71ba8e986eeb063a7baf5ccdcf583a723ba56bec38d4cd3e7bea563b4132f19b730189f559300091e9171a61469460ca82d39b5148e4d288037f6926e96f384eaaa0efdacf2ad93f0da4fdca0bc5ec0f0d7c0e8dadffae4e46ae96a6511735a80e" diff --git a/tests/suites/test_suite_hmac_drbg.pr.data b/tests/suites/test_suite_hmac_drbg.pr.data index 9dbb005b8..72bddfb99 100644 --- a/tests/suites/test_suite_hmac_drbg.pr.data +++ b/tests/suites/test_suite_hmac_drbg.pr.data @@ -1,1200 +1,1200 @@ HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"a0c9ab58f1e2e5a4de3ebd4ff73e9c5b64efd8ca028cf81148a584fe69ab5aee42aa4d42176099d45e1397dc404d86a37bf55954756951e4":"":"":"":"9a00a2d00ed59bfe31ecb1399b608148d1969d250d3c1e94101098129325cab8fccc2d54731970c0107aa4892519955e4bc6001d7f4e6a2bf8a301ab46055c09a67188f1a740eef3e15c029b44af0344" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"07bddab06cf3d7f094cc2302abd700a9d67421aeb711f4bbe66f59e28a46794213bf3d0c3a2cbbb09205b90e0ef212c7679b37526a806789":"":"":"":"f76fd2a49d9574c3f90864f35f32253b83098ee04a4c8dba464a8035f665ca165c8a038be5e1b100d56752adcf59bea167e15b1d01c419948d2d0a85be66d19bb40e5e0a66cfd76ba7547eba6276ea49" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"6d283e7705a2aa4b1abfc1ff8559c9e7962df9229000b8e432ac40bad34797345f1ed6d7a0fdea8ec01e7a20dc436aa1d62153813d59d44a":"":"":"":"60ddce57be4563b87bb59e848496f42fcef9ed79799040e0eee68fd89b330109cd3b3f761348fc7036c0cf5d69aefecf91e89a7ae0429590569a88922aeff249ea783f00f795aadca729f96996eef76d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"108a1fa539fc471e0a26a8d39633c88d1e84c26a62894e7dec15fcbeda9dcd1e40619dc03c7d3dd2db39bc8f4964949b1737b9cd69a8ff97":"":"":"":"b0fbe3f6b6667b88e2a48f3679f21ad83f28107675d43d2a5186dd6a0256afc6acaf995b3f07691325543b37ddd5bfb4934f46ff9783597b69c727c9cae1c6b83601a39227c53c99181ec18d5be60d5b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"1db6fe209a51124f9eba3ae7a5690a31c9383b0d62abe0237fa6ce2b34b320b68d24927d9245a10f7216ded701c39f4d10dd6eb4ae912b78":"":"":"":"10e9661bbe14a0c768f09840979233865296fa801ee8ba97106043c067d3b01a5d3a866eb9b21f730c3ec1f11f022820a2a2db4cd07061acb85b0987e33892064b56626c962d1febe1eb97af6b99ac22" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"dac7cb5d659646246a2c3cd6cbb8b7bb9ede30c88355725c16576ca7567f52b51ea3f7e5d456b0e8b7a33faf21150e5b39999ee53fd05b2f":"":"":"":"7117fe0c0a9afa75c078b1641ba637ed2a4501e70bf38465914ea185da5a62048910040e70f279ca9f2fd5e478ffd76484f52afa62a29ca9d649f252f27a8eeca1ec95d7898f705421c92b60493e5c77" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"a422e11d41ed91e458b1dff7844e7a06eb807b042fec7c42da9a7d64aea6ec843cbb5dacf8517c3f7214d02d432fc64766f6bd40f54290c5":"":"":"":"e6e1b59d47aa47ebd862fa2336d50a920f77aff6d42942a293947c24b044756c9777231aa0ce8a67d2916136cf4477dde78b6fa789b4a570460538a3da199c2c64155692bc1aef3fa94ce8ba4a43bcaf" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"8020ccd23e6733f7638a6d68b4954b701dd2e3b33176d5d1a14b6cd8aead4e152e0726dd16b4d76dd9cae60e69023d0fd82b0b69b7cbaf75":"":"":"":"c2b22410ddba0466b6635ab98f7690572d7159d66b4f037fa75869276950ea4ab4a92e3011d7c3d50f921a3988906486590706c8e0eeeb487ac85ca924d8b3a4445e2af49365c10c6e99eb17d93286c3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"d66ef5d12c778d8b78134704e345b08c6839471eb903bd0480169d4069d73a669a17dff2e1d6fc23f0688fdf7867f72a024ae445969458fb":"":"":"":"91ef2bacbffacbedc11da58d275448692ae26bb9920c0b14d86a42a65a9a79422ed77c3a8f941b428552caf6d15e057c2dd8b5cdee670ee151f674b4a82ff9754cb067c1a1a27302bef2d395379d6009" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"cb4ca0d6e07b341ea0d105e5128bcd6b6fc317bec49394a83c485ce4f8205361374484ac0173ef3f08fd65d0a11af2b3f90ee8bd3fcdc08b":"":"":"":"1727a7f580a267492646fc2c18e3539a131b52fa3d82ac8cb36227ebb94a396b139c0a709301b4f00b49ec63d7f48125e469443b57b16bdab66bdaf0684da425e63a596182de4674416ade17f0cef49d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"7cec0120261bbeddd34eb776464c9b80667da732cc82c365a492b4def218ba2cad59f7b4bc1afaef00861c9b62b581444f79b8977e9fbf8f":"":"":"":"3ad128a75af8144cdf5cace68166dabca9db5d5cac6eeaa0c3d608d99d5da4a2ca90fc080d832e5f97060ab2247dc5dc20bc10be47e6ab03efeb662fc9d52c89d8db340cc4903be59dfd086f6d018468" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"29dc07553bb77cad6f321bcdd5c5c758b6a77588ee43d0afb15c0d981e368cb2482663aea93ded95d82a1a2a22cdbdf8de93695862cd9429":"":"":"":"5e1d53d8db89511fa996ccf513baacee2612da201c21d51e2927dcb99caf3132f6d2ccc3376dbf95520018515b0784e98b4226671cb3f1c7915757d2e59f1c4e843ea9c98004108118b4eb53bef2baaf" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"748777316160fc175eafff578481402ccd5a38508e4ac0603f86281576c970d3316ee58a36f809a8df9ef241861c04093a284d116384d204":"":"":"":"05f179c71691c0c2c64eda58b63a27772210f0c2c6973708a5f84e6b49f547169a839f2e97ce18ac94696337a9d1c1d450bf27b7fdaf1761ee8da9b55d59031a8516eeaebb1bd48a1e3bd070c5fb4eda" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"11e2e3934d23239aa6bf1abb07aadaf8df05892d126cd4be13f2965bdcfcc8396dcb16d8742eed1b276b562702915fbb59c01cafb7044022":"":"":"":"6ec1caa762b5b87ce92ef7d254536f94d41ed5a98696da5c14fa2d29aa95182927b3e2a5ee9e2012c911ecc5e244af1a8200de37cbff2b26d0c2271659bce074d5b3c06743f08d6495286068a1e5435e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 0) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"ec11e1929e7430b914b385285801e27df4aa6783fa1e3405ae706e740dda50209b20acf90dfa8cecb4d4b4bc7cba4daa285ff88ce9e8d451":"":"":"":"74acba48f0216087f18042ff14101707c27d281e5ddbc19c722bec3f77bf17ca31239382f4fc1d4dd0f44c296bc2f10f74864951f7da19a23e3e598ac43fb8bbdd1fca8047b98689ef1c05bc81102bb5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"d92b39ff610db66427613c111c002b75329734372847a88f53c1d289b30d3584d34efb884ce6d1d7174a3c20508ca0171ed9610622d454fd":"":"9980d97c65cc8b3c61b390e48abc6523":"76213356e359e94984cfa7db15220518":"e0b298f7cd1112527a506201e38f7e60d762f591603db72aca3a2cd1b9d115c3ddbc7dcb7643f2f40f53e96e6ca1590ca27abb77a6234754ff1edef86f75fd5f298872ad1544fb88a62936e238f22aef" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"3c56bd6733e9cf9d765f3d5906c60807bd1c9c11f4a1293bb4abaefe6a65c978d9c75a704239e500319d9b4b8f9f121caef7fe3c49f9ab37":"":"365f1612ecb78ad7b1140dc66082ab30":"0e5d2013782191581e4a76e0a2b5bec4":"0e509b7b436d085c1080c3d9e6ee3cc563944bba0fad352d13182c87c8c3a0f0ba71e86676729da0d2f4acc2b57e430b8791c4f30d232a0fe48bf91d5824242fb8e36333837173d702e6738291b57efd" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"91a44f3e412d031bd47ec8907e32f0434a20d784db3f6ffd78b013ca0b00553698a113d75d8ebbe856554c71aa4b0d48af74bbebc97afab4":"":"9f4b3b3f1e2d849753d2cedc8d8c5d17":"64a1f4d2b10cf97a268cae7034ca4d8c":"232ade326de23ec970f66e6a540f306d962769d1b24b0675109ca7514dbc52003d154687f525f4a2220501d6dc92551df9111c8dd398356c560ce44f1959301dedbb197c0161fcad0299a9eef3e799e2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"fbaa5e65ce5580d774739340e025eac46550b5d3865829eaef9b59ea37d094692b9fd15ca25468fcf7e38f7dcecd5fd85c686057e1ab9bab":"":"f0e722190994c66f64ff725e8a9b3be0":"548ed3bbccc8f9f79c70b2e85ee0e626":"2c07d2994fbf0bbefbbaf60e0dbc712f12f8ddc3aa6d94ea9e9d3083209ec35c4cf3e62bceb9ab042e60050520e0469961dbdaee0787fda6f1c49755855752753b1e87031a6821c04cda887cdedecc55" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"13747421a19855709f3c468a5b1f77c19eb589a0b18c06da3aae0078b85ee10c79d1925f5ab2045eac1f2ffdd850e7602cda7debeb042bea":"":"3c95ff221ccf82f4041fcf4e8a56de29":"3471a7ab4234fc6e8678d3613ee10835":"c346efd443cec6f21eca26eb5289e0bec5eb3f7c3785842e7690d5d35eddc87d79041aa0a9d5e4ee9ec69a4b67b26ccb70eecb59df582316b8f1b945a25c64b861a6decb59adc1447cea219947f6aa72" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"4f72d884628c90261fdfa9b87bdbbce93daaf175d0290ae7f725e8a9f9b8c98807b57a591d4e8b2a5b692a6e310c4851bc4a6d986eba9cef":"":"8b3a7401800ee1bf5fdc76243b313244":"cc199f4f43036b0af63fe3f8ef4ab3d2":"6950a89759b52b6c8416600f9e0d56d19fab12b423d746af9d00a6657f3b8f3a3681c0910343569544b8b537294aa610e89b977c4db21a324317587be8b9232b38d354eb3e4032cacd561dfe42e72d23" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"59c23b4073e7c9d2871d5d882953a33b17eb2a8b0b9b068870c070deb9f1324b8fc29fdb612c52dd300889913ab120536cf9a389485859bb":"":"a6483a9e5113a45a84f6630869291461":"b93bbb79da7750f44e4561081ac4f29e":"6a298856c9b25b20de0159890135beddc415802307b87507d62b2ad32b1883e4ba036308a6669a06246d4afc43a29e183ca141f156f7b1975095bf14cceaf71cd2831fac8870d90fe0e1067434783a5e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"a4b620abe19aff576cddb8f6d1e83b59c26d4ba79fb8346974ca841db33e280d59e28e110cfeafc4f033c6a45f443f528a326ed4c2de5cd9":"":"be26760cfc23c0cad1ad0978c3ec8f09":"e767cc6694242b003d6d3795415389b8":"89d79211db69679c2269dfb2e599740ff646eb9ebd5f28a68b76665e6087d15fb888bbf899e3d16d711c3db63e3dbf9cd9bcaad6984be04afe5b41c2270431948ddf4486272f136f1c5bdf37cd2a70e8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"994e455c4815ffd4a9ee168d1fccd3b661da827c4e81b102db0b28977c81bc4dd58d06819e2939883983f9ebf1356b0d01e6dc02735596ca":"":"029caa66544f6ae8f6cc5bd3791f86f0":"7f14c05c5d88acafab220aa467e3e3ca":"fde93e19f71fa97fc368f5f4454df8a39b3fce42bd4a801726b296838c3dcc6678bb387687e2c943edab86902e377a619950d36fe78cd7ba3c67aaecafdd9f7faa2076d71fa79646933387bd6bee147a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"2713eb063d3876dd6c3a5903a1ef5774a180c4123eeeea8a4aa472cf07c278ac367a9a490c7ddef058d6bf34ec9db314abb119a1a017a17e":"":"4452362eed6b9c30a01f784a9a06dc5d":"e59780f291461d2665924f3af8bcb6e0":"743f529bee048d0be6f10da0101c63c746fbeed37c6cd0c0ae97854893a00c82b65acc9e6e6ec04357e5e4b3159a4ef3e5e57a38da2e00f0eb3c1538a26ee1a518f71169d59b0d9e8a021f3d623b8fc5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"ff2cb4930d26b0ee75bd9edfb77e09f50c80049f75ba95a5137ea862d086d6523bdfde203bb8c2a9bb588ef2428a173453136bdedec37eb3":"":"a52775c066b6e9f7508b30ca22944296":"5e4ad554e65a49685e8527f923cbc0cc":"4e9134db809bd07a46f40bc1a1f6d830808121eed25d17d7ce3eb81bb88ec660b7dd945ebe9fef8bdccda92139f4770ab8a467e0118f24680c6f6e5b9ad6ee94a086118b6cf69aceb8cd809d91429aa6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"72971d13d6356e68fa61d94ae1d76a91b69d8b39499393fe9eb2889d14d91a7488207bd8ee536d481b37237b0995a218fb56dd1740335992":"":"0e59b74d4ac5ab8bb51c7f4b99ff859e":"232dec60628a43216b75839ac820fe4d":"1f1adb85b8d7d1e022d5a6594ce074242683993ee4d3c5166a2aaf40c239830587b1112af2a4313e363ea4a980b06f20c5ee3207de026aaea9197c95d0e771f4f16a2cab41c0684c15e6462cb7a5a71a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"975c10933f7351262a4296aa6175471fa34e7c9b3437b5c7013e22d2a9002e9e42d27202e0518b53da23016d1f5b7b63c46c1391886934d5":"":"b7063d6ba3740d5c258303d5393f8f3b":"9161780ba6bef05da7290a77416767ba":"b68b4ebb6856af7337745e0a50caa1d34abe27594d56d846794c15bc03973d67d548bbd2680dc749c5171372e27af16900d6bf729a84e6d7626563ef0b4c90c275d9112567b8ca6e0093b34a0966f27d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"e1dfa7999006aee12a2349ae1d580f5ca2a437dc0bc294f449f2670afc55e8fa8152c787a014880f670c585cfca574ea2d13f28e6a0ea677":"":"d77a830f650a3331a72f0a4b1471dab6":"37aef81e729ed0b91bf054ce98df4a76":"c009a692d7e566b58cc54a45f7d6987a48d96c3664f6034ae3ac0dae9ed5c220c46ef0c638c75353ac790124d88ca54fe43797f1a70422604507a2ab458fed576ccf6d25cf521da8d0c3b7bfa16ee6f6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 0, 128) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"310d8d08687545e48493db179e6e92a176cba53ff17cd783ba5d38da5f2e51468b0a9489c88b8db0be4a2c87c875be0e1be01aadf2efeef6":"":"a1824b07e0d2ada0fadec29beb53a9f7":"ccdb3f7d7f6a4d169f5f2e24ec481fcb":"bfcc8f2ece23d22545ec2176aabd083855923ca9a673b54b66a3e2562212aad3cc74c4c8976de259cc95a2f09a85b7acd1f18c343eff0368a80e73a547efdcd954816b38df1c19556d714897e317d69f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"db8128c27eaf3a39d5019785aa35b20c3977437fd75e8032ed340ddbe1b29eb9bedb3048a3fdd06aa957c5cff00eb87549c307400d4059d0":"4f8060506daf40819c7c58630151edc7":"":"":"4ac933b7de803c266461493a19dbb00e9db25ee768165781fc9a70c67c4e8a92db36471e3cb1714fbb65e17d74770061b0abae52be34a604d87e56a4ae1e90c6533cc764aa7419b5439e3efa193934bb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"87c80a5e334e02a36f59324befb4fae19e5b73aef691d45e8973f58a487b457d73c4312ff890b053472d95de538f1512f6432233b7d9c058":"6cc5553434148499d65f8e4ab7334938":"":"":"5ccdcb3d022eb4d72c211594c916dd2d883d2ecc190f6e78ed76f438562059e6f8800ce6d11b3b8603243f4a56f38d41672935ace8d6fab825cb6978a2d0827aa65c70523c48f7b9a8f6fe43cc2ba927" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"83c113dabd43229d4a7333147c7d84f48fc29ea3d813c0f1d45c5184906a02ea4c6f11b149db7f98812904be3ee96de25ac9a78ccdfddeb3":"77dc45d37d6d401e45c982f2c4960fd6":"":"":"e4f08087eaae11fca94bd7df816980e6608e208032f944f1efc50ac8d47834b9f10c00958837633e61f3ed2351c6885446b72d2634bf6b69f9d7b7a36f3fb8e98294f1e9d92a4a725462e60325dc41ca" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"aec809c1b7eef916569cca247cd9e7b072df669458c8af4d29fecba0c46130ba920fc8bf7d29cfaeda476607f3325566ef52fb69a3defc54":"824b11ac7e13f654ff4238e0f28a2f60":"":"":"514f1adaeb99dd2833f714a53804aca43a99fce45caf5db166b15acb0460f5e7e23c696fdaa8ecd138a937367483dc7bb7a6af51a611aa7b0671559aed14109133738e06bf2190bb85abef3a674e488a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"b2f5cacdf871e742c262c7671b59a74c6a41242b2225f252cba7db3bf77d6619af46532eb9c01b72cde2978ec39e4fe5247ac5f0fea559d8":"2cbfb9bc6c318219df86e08ab11419e2":"":"":"67d393c84d05983f5acfb8883ed44e24406f216efa3d6650807fabd3028fb1f762d6c67ffb0aabe8143fd3ddfda8ca2c7ef13546dcffc4dcf95b610a28f7cc2a25ac4e7ec0944d655c56c110fa931ff7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"54ef54d0425f8cebd127fed0f395884613dc19463664d19d02af6baf06de126b55fbb3d7f114728bb4650839f1335f8c2c3be18ea3beea75":"f0cef260a2f74a425d062bb25c68c539":"":"":"dd8b96a5f3fbd0f5f69477c5b7e71099b2113888fcfa6acce713a13f040b0b5fd55100a3d0d3a344706a31e796d6999f63cc6357f5ba386f38d46bca9c42a25c4a39afdc7db8d843a032ef35bf4b15ef" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"4a1781c483eae07e0a9ddd91b908fb00a21a4f5e1c6e9da58f380f407dbcc982cd0761e5f0fd6d339a646bdc6132addb7ac0cdefb1b91f7d":"c4b7084d73d399c128e0a119217c793f":"":"":"e465cbc1502709493de1d3347a07f855b2dd6435a4ebaaf00e7756c1439219546e5fc67093f0eac1055d221fde51297cdc9ff41121d582514c75e9906870f99d58806f1873f0183277510cf1f067a840" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"36974a7c276e18ed2704eedef6b627f8e57e755d554b80efd0f065c236f78964cfd3b661405b98640631fda19fefa8b5b003e8b752ef060b":"626a8bc0d1fab08c8c6afcdc3dc6ac33":"":"":"6b9ae340e5e75e1dcf6f181589a1fdba3951417c30467be4b41e9ff4ce03073ef1ba0a19d160abc8e5e23ed433bcc421ff1f428780454defb66511fc94794f3ec1c48c014d783bb173db102275b64b1f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"05f934d668e9630a131ac51e2560e45a78ceb8ef6fad7190045cd995039bfb3db624f4687302445fad08829815e7407fc962afe2779589f5":"8536223ee0184eb43e84a07cf71d445d":"":"":"97142414252556f5d5efafd39852d7a84e70316a0aff7985ed6761798eec57621271977bb950187a290dd4dd514b7a801c98103d4fd4012afdfe0f264bfe3f6e584768503831ea0211fe0415a0f59324" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"e2ee5b3970ac4cb83061e5692b349df8643b6100aac55ab296fcaf7a2ef7e3a1aa54c3fb1963dfd93781ca34a95d6fc3250762bd1d31b0b4":"71a4316ea88341dcf3c9280a5cb54b7f":"":"":"bf767ed7e5f11abf1a6aa5c453fa124401297e32f23270c8d78423a98f5e6783f3e8e835aa734b36c2f11be30acf0b598c7a23ac40ce894689a24fd8de3e0812e9a5cc1791091c981bfa9ec2168daf90" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"32bd60df5e2b435c922a9e434f5f99be9c5437ff159c7e5e67b81b82f7b5ecdf6e60ec4789820d37a1071d7b91cf1e3d14f10ef7f34922cd":"c759e4ab6c8fe8a11a1f8472b06eee0f":"":"":"329cc81105343bd74f24c0a59b972892e789ea20e46ead1a74e7af036a836d46c70461c52df5038282e53e2db44143590d6015809db56754b778a2a7278d5050eeec9332fd732c9c714a676563c8c3ef" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"ac524ec09761670b96563803218a7d3589bd8e682b2a5cef64d96b968ec98839a97a4704a7a5b2b859f3ed6c370031f1027def8fa0672a26":"1531a17d3d89c1d0775f3a630ba730b8":"":"":"47e3bfaa2cbe4b085603991aa739363a639b064dd9120e0149cb5ba2ba0539c4147897a34d98538935fe25ab36cf50f6a1c3aa2892e2c06591e4c2bccfa990f6317732d5581944c8d2ef96d0329ac574" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"2c9a43ef1496352ea62ced1c345de4090a9cea6898b8a53abb2f01a435ec6d2050a692b44fa152bfc42ce4ea30ef761297c1ef132839d411":"00bfb2ff2600fe1dc6a2d85642e9eced":"":"":"193d08bfb22121deb22e8079895703e2a518b79bfc3104038c2a220f6babeb8f28f5652d5d1b3a8b468d8a4ed0cb32c69c5519ded85ddc0fea62d77ec5158b6a55caec3bbdf1f6b93e449d6f15cce26a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"0f15ec0c8d3c184d9b2a47bf9ffa20982685161bec91fad2c55808ccafd46ecd18081738cf835e1347e7df7e3f879f3fbb759c2051e34217":"eaef27215467d7878106ba9dae990bef":"":"":"bcf79ad50201f3498cf18288dc30c32dfbf2739490c74862d5e9c66b16195590075cfe094956e2bcba2009b64a5f8b62d144158180835a7f51b706a12884e309ab4ec198f5bd07efffd591d5cc8569e1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 0) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"56a0b6194153e0d2737f49f4e5cb77ba4d8fbf9914405833f324c09f96434ceea7e756fc2f55a0b3f043b6e11fc2f671ec00f4d478b791c6":"81a85cb2b6afa99a1f609f83c3b15105":"":"":"40e87b822b1000441884a38b8776baa69fbea99962571e8a20d8af012d50c8c211860ad579869ec880320ea8057d5cb0de9496ec57d8b594ca8be5b94219eaa800af7205f8a83b66c87e0fee9aa9732f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #0 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"680face90d7bca21d4a0edb7799ee5d8b7be9eeddd0e3b4b7cafe231630aa95a742c4e5f5f22c6a41c0d7792898827948a589f822d1af7a6":"f58c40ae70f7a55648a931a0a9313dd7":"dc3663f062789cd15cbb20c3c18cd9d7":"fe85b0ab14c696e69c24e7b5a137120c":"68004b3a28f7f01cf9e9b5712079ef80871b08b9a91bcd2b9f094da48480b34cafd5596b0c0a48e148dabc6f77b8ffaf187028e104137a4feb1c72b0c44fe8b1afaba5bcfd8667f2f55b4606632e3cbc" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"b481041a75b03cdaa07784e372b376897fa9e792e1fa5e078d4c7234fb9dc3f9804b4e48a32a5db74990333c4951d02823765f90a0aa8850":"f8f0f1ed3f0bda164e596ebe123b7f75":"3120e329f1d55a8c07e7472ac77e1720":"2b9ff310e63c67b5e0aeb47ff7a102fa":"7d6b3ab84bb6c014dd44eb1266fb3954f1e8ff6c48a4d91514f685f0642497cb1936a0afc40c8ddd1545204e128fd06d4d18bba05d1294e64d57a0593b803a311b37cc2d631487ab03a00fe288e5e745" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #2 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"aef9d310cfced29873b7e2b7be37572b76ed84b043364cca611917f9b12053f919cdf60ac9c0b364909f096204f21b58b0bbdcf38a3be7e9":"67e5aa83fa572ca27acfcd27d4f5e49b":"7ae90f7dc220bf5b387ed44c2425af29":"9d750dc13c19acf3cdba10155d3ca5a7":"892776bfb009fe0b1793c0ebb2ba549cbcc4a29d0374070683990c3f2c622ee08977fe9361c59838f068f6758d7f3f76c383d9f59ded8501f25eff9be4a1e2de3ee484a2e8069c51e886a75a229ae15f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #3 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"b68686b8cf817da9c93cfcd7aae410c02d3a8eaff57c6ecf990f20f70c587166292b5f56cef1ccc5018c38a602f811c7cdc16ed59faaf405":"03cd598585a3a80f9a81e2780c699269":"dc761246e0a74339adb76c729ec1414b":"b2936022922202757eae4e5d59eb29e3":"6e9735b82a9da2074f93b54580aeb76bc75265e525f1b50a8ee0d6851317beb64f477f3b3457ca9c120cd8eab6d37400ae62332bc91cab803b0c44e070666f9389a9d0fbe8baab9cc5c0cd54a397c8e1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #4 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"cb68eb95bb00beb896048d5d323d737942b1a4795806fc6bbcf67d195862172f49bb319e609965feda2937165b8dffa6560e1fd434a5ea0f":"700dc7725321a0a21a70ff6aebe30d82":"d57c3dfbcb18e280cef81c7118a520f2":"6e569776b8a26d8e7d3c87f99f932aac":"b017eb98c5d782469658d47569453b8322a8db7a2abe75b4e68637a395f7c67bee75a42b39def3aacb0b1a03677a0bb4d31257964f467b7b3962d912daf6d8441e5952aaa427c246a1f1a623a8498a53" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #5 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"81e7eccf46acd145d435b80f2a6e72eb1b236d02f12554270c26e8ba13e9306856d6219ad04a8f1be3fa436bf280f579c22b64c91ac700b2":"33a186afbc44f3adec590d7e36bd9905":"bcfd99d6931ea9df679d196d8412c9ad":"6dd61af0f5077df531c151f2dbe2bad2":"41e6ced34a97afee72166239455d82fe020f5464ccbc8e875e06a05875ca844d8b7fa3ec360d31ae57f53245e7c4bed501ebb6f9b4af350ff9cd86a571360804d3a34b9dc11eb4be6427f521bd14f893" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #6 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"1b76bb8a0dc7067afa193bf5dae1cd7c03dcc37b5788d22fe0f4adda99dc6d776fa545aabfb767255001063ddd99c7ef656a16e7604c5102":"b06bb683dc5018f0678c14b97547944e":"87ea4f713562b129079b49956eb88abb":"5650ef281323b6acec34c51795c67160":"afeae028a358702743b14dd64414d3350eb1de78702677e30f7ff9e71d6f9b368c53e79b0a353a43ec06e9020c7234232a07d504c163d7a8a63496bdaf670efcf2597b66bd0dea2b827e0a4ce513425e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #7 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"117ad3f68248555a2b9941cf0a56726ca162bf9b531f26e3416be004bcc6fc35be8362c6dbd9771d42bd6e187868d598f6e2647b536c9728":"16168c2a54d8dd7150cd7f122482a723":"4e4cb0001c5288c1538dccb80be01e41":"8177c1d4def6bde093f27a9894d345ee":"1e407dd8c1dd1436064f2015eab9c5fb9b88b6dd017e1196ce70fd9ec878a8cb02e2d221f4096e7998dbffbf0b392e7f4d97e0d1cdf81755507c04b5a6254086b40d153b10faf0011980bc0911275145" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #8 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"54bada0b89d9f5bbea78aa8c409dccd039acfd7b1645a0ef193b60cac97196e4cf9795fede9d898d082a9731a8ce2168a10420c5d6bd9a0c":"1c8feb149d98faf15b73622167064088":"a71ee8a522d67194bd1756c2e2898115":"669ef07679f336f529058672f861b0f3":"d72d43ff8704248a0d59a111b64128fa6bff265c52bdae38507ce5f302158be902d8380fe247abc0275dbbb502867f7ad1cddde0e404fd9d64ec494daac5d088401b4da696f47a31b4435abbea71c387" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #9 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"8cd407fc7a36315f1cfef1489a2ecdec433b2cbc1fda4ae1d967e192ea8942aecaa169deca4c268246edb421a0092a12091497a5fa159327":"114a4f3446eb3c98aa9c182d329b2856":"f29994a39804004e7ac50642f99c403b":"40782cf3d002aa603026e26d3bbc6dd1":"cf381392567f9e0d1f55c642bc64075699254df6b4b375fff8f869f7a10188046276dcf41076c55990b6b997db182fcc88cbacc4782347b9f4ce39351b77e378931d5cd026d997ab104b8b7787b2f92b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #10 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"dc8d705180e22f8be91aa4bd57a02caa30fe8340a53c64ad2d460e409c3a2db9fdfde9034a4c8f306195fa6653dc29d84d26af5118fb60af":"4b51ded198d1b16f80ba9e536a2a046d":"ceacb5b37ca76de240a9f4dea89a0389":"73c614b8e273ea9203683d1b0cb2d7a6":"6a136d4218255c70913b73af480af86cd8ccb6f319937e075365ef014187c312f9069f1fd05c6e0c44a1b7ba9dd25e948ac155461e425d864cc83b63bd84289b768058f7647a8921e23bfa7c73b4476a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #11 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"1796646b48a2b982fcf7a4f49fee7e3d6be673106a4a29371eb8d3598888d53f59572c63c0e4bb183b17e0f67d81a11cc878ef600d1bb810":"5297aedbca866d1754c4b6af443ab24c":"771688574b52154837bdff6ddcf24d52":"f6c627bc84b2c01a9c055d4632ec955c":"9d1c796a2343ee855859e04ed702fa233da2f73ac9ad632fd17c8c5afe15c5600c6ab2495018f808b1cebc54b14ae2b1f929347be4aed9836e0b45dd2352b23cb28d753045f1ae6aff7598a9a1c350a7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #12 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"c5aa3b0e9d8f916f18e73daa0cb88a447f7510af40f9dd540f8ae4d62be2c5754f6eb10410c121388233201ff9c8121a36ae77e042a98211":"06c35c446e28f21fb1cdf2d40af53dc6":"41015c3ef3adb96edbfaea6eb8e0dea6":"e6b60016bb99415640506851c0fe3fb7":"027ff1ab4c406c048da6a8c24f04d12a5a35a5191b62b496459b750b10066cfbac502b1ac612b58527744f6ac5005d22d3f86c1adeb1c1bf1a26902474d08bf886ed5bb26e6d1b529df0143128b397f4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #13 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"57c7e29e0305e6a803a568f47acaed60d13e192c1e16bd9bc50ef5ebb52c5493bcc4d7a0e5be64d064b735deabbf67e94395544497e4816c":"89199bb960ac741082c5fe5ea34ea2f3":"53b5b2783d8191ad4eae3ed87bc059ed":"fce4d7f5f0cb2115d4c4be2294deca56":"b98839a962db8de7a17d35c35bda06c4139db3933c4ee60bf1779b16d804d7c600a62f9c57cef93a79ff281989d90481db863d23cd24c4b566d74e1de6596b7cceefcef1f161e5a51d115128e0b23c5b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-1, 128, 128) #14 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 hmac_drbg_pr:MBEDTLS_MD_SHA1:"567d3f4c0de396ed67569c070d87f2b535ec874e881418983ec42ceb295b7d312e715e46b96f9da5998f9cde45b1dc22db6d2d7bfd4f3930":"43c16ab49ca5174f907d7899ebd242e9":"6c0b479d9e847dfbeae230bd4601d0db":"0d5a2183c9f9ca6941f6a617892f5e47":"934fe82b0951b97dafc5ba16e87b0459691156b42ff2dbbbd8f6ed9b04be952af267c6a17fbfc86de91f9f07eed482a5362b176216a8963af485503ba93b2e82c03a3ee6225077d90cd961e24f6026f6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"f3a709bb47a36838cb998fb6986ff074c57932a669670570ff6cd1b202ee1da014a011f43fc02c51ffcb4048cc060763f2c58de2edd494275da14118c9cb7fd50475c66cc7e792406213a7d00cf7623d931a5947":"":"":"":"bbe3daefa61fe302bdaa6d4d379680acfd0d456b5d35f137c145b72626f2fcf39fdf7f3708d9e88c1710408a3d7ece3b0261ff538846fd5452149960215c0c22beafe6cd24a7c392d5845774b87528912c322119a2adf4d35a0ba61dd36ffc8a7e7475afec58ad4a8cf343afb677f087" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"0f508c6330b9673e94861ae2057e200ae8f2b330b74634d79fe8a4c698211080db07e58b762a2387379f0c0e2d01b2ca40ef82fec35eb81a5493ccef709dbaa0b0e4494e460530062c8db7446bc6af2d852fd875":"":"":"":"583367bde003eb2061cdb6f51db9c6827cbcefbff0497ba823e112edbf7f2066fcffa3e92d1e8c531007783554e6aa8a633bc925690ca6d579fbedbf9cc4d6cb08133d0cf8d4c25fcd3b6fed95f00b1bb17477cf67b97a557e7da933bdc121481755f628fdf0f0b1189a097c7147169e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"9082871e73b098bbc58f324f12f6a83c321360c9f5b400d00a9bb865ef5265083d9309657c40ac94b579995902df0e2084eb4a6410cac605e482ea4abe5c8eb73bc63f68baaeaa56d47f7d74974d940555fd3861":"":"":"":"67c2fd4397af79297782af9baad2a26b993efa48c689a74531417ae102d4ea1d6a82cb0321aee3dc2572ad27299e81a7a77f1cf837119e746988f2ec60bb01eb2ac3d110a948c1c33e86833757e2670cc3947658f3b2d32ac59242f152e889d03d03056f0a265ee759d3a4488b55c63a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"4701f34326930cf93deaeb3a9c196e307a890c8ccf44a55f84593b3388a196238fdd97d201998ec734821998e7d6bef7b31fa2a81343918056c01d65f519c8576e4120a3d6b9ce28ccf57eeabd012d2c14e47045":"":"":"":"b499b86b0a25a0fc84a9a1b902972e2bb5aaf9b84f13804d6180491285b9316218cde0e73eacf722b5c664f4e618625ed35c5facbfca153cc184309754ecaad9c3678ce51ade96dfe3290e125d661e2afbdadfa73240c24939bc31d171712c7c987bfb434f1db6ed44b321bcd237f149" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"a912b6755cd2d677d63268a5203739b0785d7d956738a596e269128a583921aacbba1adb7c6d1714c164143c8f44e76711965514651680235068476ab137d5962e5e5872f3b899d0e9ca5ae8fe71bdcfaef1d241":"":"":"":"0f410304b6d88e52c8d6039ca674a06c49a5fa1094cf341c4034e39990236d9e5bb8ebb6e59849e7df82e2d02981d8df21e4ba3381e606b99c16de62860a470109c0123c69ebaf970603f451f9e6acf83e1c5951c3cb87170ef319d9a791110aea0c0dae5623c287d4c454ec93227654" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"54fb376707de02a1c385a3da78523485111a0a099066206f210ad848f29d3c270d2fd2f668cdd3a57cabed71f9d784c209259d1e4a3eee2046846a55a46965e495eb29725a86bd630dc43cd60ddb4fc93c59980d":"":"":"":"a2e3ab5390b5b79786ec7b434de48e45f590b85513106008479d8a3b7b236c884b0f871d8dee539c712509bd70de351f3881cd87c9cf77c1a9d8879986ff0f6678549c5c6acd15aeb6bbe653a9bc76829df2f194c5f6e8c7dd3058971ce15273a2d559c1ac60a0014e5e32352d6be2a1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"3a0c24b5a6106d28c02957538e76e96b3ececfa80ba4c7d01fe642a88fc822884cc36ac2703e8952ee635948715f78c542e6e3270f2757f1652474df4706490b18e649ffd95dc518a8b4259da193600af5d5bde1":"":"":"":"55dc24206aa59d34ea990ac6b31250f15ac056c8ecd52e159f3464c38e1f28840eec4c6423b0fd9971d11c5ab99225eda5d173c08f9439bb56eb1cc487fdaea934fa816f9c9e0d628f111cbe60a647e03892084f80775248d41cb587617671d99b508644476b66c1c96979e5061e025a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"ae7ff70bb69c964f05c99c0e7868210d567bcb5eb02db7708de162e6bbfd91fa17f30656420dad1ca69d356cbab80456cef922a9206f07d32c3f198c1a68e673c5583674bb1df1f2a69c554fdd3411c81a90c83f":"":"":"":"f1f3f79b1d7f988d4caf7308416f3d02371cc029a28eb4f0247c8625c4680a2dcbe9f3d56d92de6ee4d4031a254bda8a657bc147fb90c2f7783a8e3749b60633e5a921d015b846b3cb38830bc7554308af08ee8219e5acd1b699f1ac538930d257da4ef567ca570a7951bfb236d4d36b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"86704ad0286f88dbc60baebc2ed0571de7b5ab64bc8554ba8645557fa10159ec03cc9f6f299c1c3011c73b2563e571fc24f5b5b50b4bee514d7c808873ca804b147201ba7ed43430d89b066c04b00b0a17694523":"":"":"":"6b1a26d7d21308d217bc8988067ef3e21f5bc10d34e89937f2a89f8da256acef50b6ea7d9ea877bc1d15002b1766e9bc7fea3d681b147e42359ce29d6d4f8c73e7c29b9ec14277fce2f6a0c518d24aeada44990f7f92b0d1184ff96b20c76d506f6f9d963391abec5bc247a2ac6b24c7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"d0b30341b4fd48281f76a83d7de5769d05d5cb9e565b213c8e2bc8d4adcbae90107fc12fc1ed2a19f20beb563de8f05bc5c437637148154a12b1606bff071dbb366458b74a07a1c14114fab487772d436d4ce159":"":"":"":"fe2a7ced1965f013d475724eaa7d31b62740be411d899afa79f9fa6e73f18ebe0907f2f21388b6498cd365798f27f882a2c5c2744a9b25e8d351e77b9fa4471ceb1dd6c72fdef75977e4e4a246e24f56a615189e1b2a8d6782e8c5062b744a65ebe1f7c5fbcab333fdc155bfee300503" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"4a1a697e41537f28b381e05f11ebc905bd66c2c1d905d8c0b78c10c26cdf547a1b6f85ff58f48298a11bba41e3ec015d41a24d9e335e6e13b06b84b9f56b3e803bac569dae2d74c444bb58b3a6344bfbb9eee765":"":"":"":"15060b2bc827dbeefa2170ade633b0f0075a4b9b03fc24f73522174be4e4b08b93b421fa98c7c5a445c3aafed47a2eeeed63f19ef4f67e7726d8ff84bd94daa3338e397d52abea4c7d1191e30f3e8a11864f10ff56b2dbefd860655d34cf63ea22bbb54dfd0c5f64284c303a2ba2f49e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"e80b8c8896557d596e192c3226347c336dae455b50bf32a78c61b9a98c949096be51538e293d338a464eae0eb18f1ab21f9903d07a8b98ea2ad7f41fe7ffdc4b4bd0fd06138a84dc5217cc8fe39b92f9558aa619":"":"":"":"55574491d07db3aff94dcb71f519cffe2f96ef57219262860c3c03f9a5b8a1eb88869e69587f8bc0693c9919bb277dc84fa55187c0dbb20101f0c4e301dcd2fe21664e5a2f0dda3eb4f11df3878c5becddbfc3ca032a17f740d424b99be0a9bedfd99907229ecccbf459f5495533560e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"5c25f02bef1f1319cb6868d836c9cbc182fd8d86ecd87bc5cba41c163710074e80d1a30ddfd0f5d88c6682292cd50c68966d15e6ff95e117d342d974ff074ee872719d15745da624f8503a6141b0ac4b887ead5f":"":"":"":"9c5204d5471c25203f1d9786d38f71081a872f1c56604dc7570caa5439f17cddb7feff01cadaac8e0f35e7a5433cbbcd2dd4f11cc7dd14f6af629fd72a3145db6924d2bdefc262662367b7258cff36172263460f4dd52dd08faed3460bbffe18eb10ff5b3c6a97faddf65b3e21ecc98c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"68b4e1ddfd16a1c1ecb0f4221306e77ad02b07993457eace086f66566afc5f12489633c605d11d53916eee96ed778d6d6518c5681f0fa9b0160da1c71740a94ab33310bc20a18710015af25d3d667c40dc619f34":"":"":"":"5c4c9b3276d546d3b6277a3a2089d4969146d833e0ace3e1ddbd9f79fa2158531f8bb26a28b08dc64bb1e610f13eb14c9fb23559dc2f38326e145ab509b9f69259a0d1a32f471d5abf154a2585288063845f99306f9bb875ccb0d32e9d49b42900257ebaa532e8ec223aea60abc9714d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"d5ee5e2e629ea17487e593914012575daa8baf2d0e9671e1b8aad16524dbdf7d04c11130cdc10e50c630ccb235579a72b6eb4502fe146aabdab62a085c820ea46bb9091054d75a892a83c3850da0a31c15e0d021":"":"":"":"e32c0798b2040620fbc5d2a44ec7fa8038444c1910fd4a24312c8c8eadb57a78606449cf05ac51a3bc4d58ce78742c1be3a0fab6e3f5ebc92b82b5d5d64ce29e8c2787ace0f4e718a7f6cb669a0a43ba1aee0d9aef55cb7c6f5dff57c8acfe883ffd8a496d44afe06803e4c9ff62df04" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"6e531842b9b7fe2c0ee66899a1255135f784a2d5259c93ab3d63a5cb708e2e6cba955897d9b66c7fab274aa388a5db69713c86faa4a19709e9aab04638c670ffaa83806abf79a43e613e62cccafc637e1a1c0c14":"":"e628db057250fbc6fc5aba01b6c8b47062ec5632a8566730":"bd12e61e3d5218efb0c103dc49402800cfb863ec8925e76a":"037650ddf66ed42ea38cf44aaa94884effc5f831c593fb35886b5d601a58f74f868d89f2dba450b9c160e28f69fd24e30fb7a44189810e29afd0d11762d3ef07b4527f4134d6c53bdc9b024cebb6b40fbacd68b6acd4bb4d011d6705ce22f90d910ac4017d2426db7a48db3242161aa8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"3fadabd2d8879bd2298f53c54b573db2584655e08a83289cb58a4ff5170fdc30d71bb24efbb5a50def315dc69146111462e204289a64ce72767499f299c74c934f0007ddb34bf5183bc1e5afd8c15eebdebba882":"":"742f7022892c2123e62379e9367787302fd18dc3835de0bd":"b60325136fde7c858054983a977262b6390a48419725febe":"3bfa419f9bad259b871703681284c5396fa94a323d646ddbf5339398c4d8314a999c230894ac60bf231762acada672f58154a86f80a8c4e3bbc67132e22ef50c0377193cb0d13c7e2c97cb24ce5bb69c73be2e5cd3a07ca2b000b2d7eea940053156bf55d846181e3748a91c342e191f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"0784a499424dd1c2c13f765e9ed88d752fefa83cec61154f82b3fd645f642ff103db9c8d1c10b5979c56a22d58324669d4ace3994927222fa87fd049558a48adcbd6ad5a2380d2d927be57fffaae037bf8a34384":"":"9f853db57c3da0421914d2f71f9317817580c1de4ca43d50":"27071ad475b8541c1a80234bb2d110637fcf4b4e20e06a7a":"2c879a03bd719595211b526101fe85702161711c67a81184cc42c1f9da5761e853ff4b8d19deb95a2f3323d1cd58a2e066c66e7a30059732eba43a4bf3b22fffa5bea5161fd775160dc53d7cbb4c892bc122e4e0139f8f550219cf6fbccf55d16d8a4d8d7776aa143c00d9e7bd1c847a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"addb36bc9ad134c7b8fa54881db1b18e040de4f253be28efbd36b12bfcf4721b08c5833eb0a97c668c7adbc7f04a9e0299549126172e25b9e624282c8e63eccf358c0ef1a71f8fd0a8fc49451db7757eae344e48":"":"e32540418ef68c3dcca1e7a0546e5dc7d4c5e92019b8cb0f":"327e31a0619305c93e9b5eef87102d447d21e21e2d8c1cc2":"178bee4059af0282854c833e11e7bba923a1e2f1126fe8cd7e1694602c180802d67b845a88ff786147f22a74e6ffb0f8b86d352cec2714ff8f308b1f9705603faf5b04bea3c75c87c91d5e6cf7583b5c45eb5f5a74d2bac490c8415d2fe07726bc334c88e3fb7284058b006f82e89ae7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"412431badcf06f87551ec63c3860baf4b59667cb4753363d0f82fe7c968ea6f8bc5d015418adeae206005725dd9693af6f7060a2d5ba53f66dd49dc148de581737b67acd4bb70ff2f4cf20abc001ae1eb50cb75f":"":"d67f94a953e7e4e4bc0cbd517f963e599d68851cc333644a":"385281961ecf2d8175c0a718347d2132f059964c55f39f57":"357876e78a69cd4bc4e06b2c52ad28434520d54a4a310ee0eb026b87993514ba1442e25eb1ae22a3ce98529625d8db9b0e5b680d7e027523b0ba0184d3f2e4b9cdee027960ac1612295bcdbf570912ed05108541b97e3bb30ae0a122d74cb536e5db34b7d5ee5a042897d5d29fa3c126" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"ae914c3d74acb6e2d9b8487927db7992b838ede73dc918b60bcc94f0f456f454a6d100c90e119342154bc3ddb059f48db3a8d7b7288eb42d0ceb07532a2a357d20506ead28d9bd4a127d437a657a61f5d30b04cf":"":"2afb537c13fee9c4103cc6abb11225046d94df2e9838f73f":"6a9f670cb49cd9ad98a17cc19d00d4766344108f0c86804b":"2ed0c4140420c6e3798a13f917cd998b2ce6f98bac27f0fdb09e2538f573caff16904edb371f98f50964b7de552e997007fcd267b36abed12cd95d9a08852a4ca862872edd32c707e7a60e11fe0a7db4c0d34f4c70ff16e5c75e6f5d7ffaec3be383b8790ef0ff3a0d9f79850c9749c0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"38a93c3ede148c91eb7f0cd327cbe8b27ff0e569bc5262aaf30b86d31be35f83b4ff50b84b5dfd649908d0c55cd5be7ad36d4f5f7f22cce066d3b589adef804bfaf52253a0e4c6bb03e000d649541e523ae52f1d":"":"e12c05f2bf463d24da9abe89301d2acefb7957dc1bab9ef8":"d70065fa713e2d691bf554a00d063222755e7204a3e53968":"3e5ad7e96c8cee899889640d8268cbea296aee96fca7bb60308bcdc08eed36bdc8a5b3126ed8be900577e60ec0f8b3d3014deec41ac650480e08dd3a425843b37fa5d1d621b5053ba4b2fc1804d407849a84e9eb5bfcf94f27c2a535e2756b8202ede1f18e81f65e3f7f51a064b401a4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"384d6f43e7d77a381bc6bfbfbfe1a17aa35525bef01be8aaf6c488c46517d9b94380c73d3fb45a4f1b4d70375021c7df78eadb61df5d9efc6e08fe2d81ffa65df33667c23e3cc5c89893988f04be1d3634ced443":"":"a0271fd2552e037568cc857a60a550db050680fc03904fce":"ec095cc9e3bc301071a901d0289b54aefc796bffad6fda8e":"aca2571a9cf6bcd10429e146e6e94d1ae43a00db28bee2b60eb6a1bc1cde3d452dd6e04617aae7a3f813feaddc0f8fd25890004607f45ec995df970e1a3abb17b416bdbf62b6ba5625a80cb100e2b87260a73ffe15d9e6f24abfe9e6f9ba66bdfbfe71380d832418e2a4b460dd7415f4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"98c8df867d234553e504fcdf807fb8bba51d23ac65dd8b160943bd45181764cf6df0049cad23e6aca490db57d12dc6c631604c943f153927d6d04af042e1da1b225eb8bdf4ee99dd405e3586acf8e44bb0184d68":"":"3338baea79c06f0d48ec2d47004e61c1c1e5056bf8bbecd3":"79007bfce109a682b746df074e87c845eebd665532867fa2":"ba7040193e38c4495971827fb1ddb747ea80cd0bb1fd6aaabf85ec1959c29eba8f818ef55aadadc8c34b6a7c00f210a899092b9704f2e03abf3e5e8fe6d127cac0436441d0a6f1b02a00e5fe948539c66a8c78e70f35cfeb600e1cc68c06553f47ca053b64a0534a028a73d0890034fe" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"6150b7280b3105b86b66c2a39a1f0461cfbce17e746791afb241b298741454e174650ab1e7f08500bd7eb096e40d8114e5a60668636b6ff66d2622154b7d239eaefc9ab2aa3351eda2af4fe51de36e22e70235fb":"":"6ece8aa447d2cf51d8497e303c1a202e39e06bd723c847b7":"21d890666d2c8ce4440bb453f4284c3928650f8cf38576d7":"7554b8cc8e79330ae55575f9157cd10d8eeb58af30eeebe9daa021f4b55ce365fbdf3629be7547a89c78bb9df79d35179e5d2924aa032e60d5a00281f19ee2255c17a69345ed86bf36ecfd694be0405c8b6c077b43a8c8bbea603ddc632a1aea6771a6bc117dbdc365e2714bdaa8b377" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"cb25eef7230ac2da249fe30ea94d3a3332147022bb2207aab4a50822b1564c24a047ebb46d57f45f6680f909629b43129876c75381e3b7c6d06887f68083fc423f06ecba159a90edd394cc0ca9473e9cd0f23c89":"":"2f30b005ea5d5965439bf15220b1c010e6c79306e700e6fe":"9937bf3edb3603cbbe190f3616b021fad652011854e6f6d0":"040a30b82981f71e4607c20c1f2d6e6854824c90b127517f65b6c7da99fd33dee32dc52bd0dbe902509c50492a88e5963b2b6e27d046334b356e5909f85763af2de70e93a89d6a00e2ef81ddd74f4a33d3f8406d05b383fda569a5a574fb5e3c0c86a5096e94174b79b2a4eadebccc2c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"1d7dbe4e83913bad3fa918262ab0f45cdb9e4e61667694f361ddecace06bf352b18dfab4c32bff9a013d3b92a2da8ed698168155ddc492f8ad5d65cda8eed212793cd9aec8acde7e00f952bb5d00c53c5c181e89":"":"f9c51ff8f264cae722734502f6799e4fc5bee773d31e3e31":"6a171a0a8801017a1d924f80fc5d9d6592b8b28a342f30de":"425024bd1d1a66d4527a3e8a8307b3206923bc1d693f5b7f9017f0d5527cd6591016758794ac89e2f682cb2d66f8d28f9a2f5ae2974a75f4d0de17dcd02e93bf29c69175fceba262378bafbe3eb7e3dabe974889306d0a2ebd0ad9d934c37b1ad89ac1fc28493e6b1f6f24620e40eaf7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"a6887fe41ed5a615eb030b31b86315d32d13dd5ad506566ea23ea3b162b8dd621129736c8dde31708a7fa4a4c606dc212b3440617111e94a5c6722c3a729d84d2e5858c23ba8bb249456a11d63dba9d4260a7213":"":"a52036daa8172111e89c8991ca818bdd711095a1602f2f15":"cba427a2b7bb64002e1da3159d643e002516bed279e0d442":"cf0f5881032606c21a8ea20adba6a72e176e968f10b08ab6d08f997b24fc2a24f2c5d44d1b99deb7db4f388dc8ac268f966a34c857cc5f43efc601674bc548ffeaee1c13415df6d0240835832cb75840b60711cb636f509dd9b87b698615959688e9afeffa50671ada05faa564c87ad5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"a563459889ca29b711086adfbf18f284fdd18601ff69916af1ce47510d33f205d4dcd0080f9dfedb2bc1e2e60fa0b9cae094102bc7a705cc223279e0fc3b0020b4facafc2b31b9bca92382f3810d5a4e3ef626a9":"":"5fc83f1f6dc0ad454bbacf2df366c803cc1d2fd46bf78d32":"1a9654667cfd6ad0aad9383be04ec1480a494262b3fee823":"cb45ce96a973728bdade51f91004ac09e155173769063b3fb4712493d8877f088127a3492588e99fef648a101cf1c238fdefd798dd4928b5bb3a851eed693f37d67360a28a2b27c4406e9ddefdffba662529b91a980bbe4eb381cf9734b336e2b64e7482e0328c2e2bf81e39edc30d97" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"886d098731abf3140d512e0d348a384d25372667fe7e4f0ce713b1d2eca7b2ad939b25af03f78edad75bf0ab95b4110710d0e12e714e03f7df35db59fc4ef2906cf36c6c8897b802200a83e60d16f7fb064abd2a":"":"a4f42d83a492db3fc053d1275c6f264706fa932955c3da62":"4505c0664e59bb4388020470838bb098c4ae1338c268adf2":"4f9c3c60ee32042735cc539b9a23d04c2bc6bcd68db04a58240305f165bccebbb98e0f4796b283a0d78bdaccfcc8daf19f21a72945be07996bbb0b606643c7753f76ee6371292d3e681468b714e16bc32db14ad6d777677137ebd3731186ea72b840b8c4ae79ecb2c61352ea056d2d6a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"a26af93571ba84b58e14e921a6bada73083ec17f21580a152703e1741392fc9ce6046f77d6eda5000f3225ef28425e30cec138a16b0ebd885fef074c6da2a7b126fcd1f056e3a5fd5627368c63681cc10fbf750b":"0627d10b1e5b4f0fff96d0c7e684deb9fb6a4e48959dbc29":"":"":"98d6bc7ec7cd72da4c750d9173518a9a17120fe9af10cd1a7d872fac505d9276c551b821a868cb8b4d8b10eb3b05845827717d2975814b5080a2f4aa50c5b112bd01b8652f2d1b56a88c6c891db5f3f40d1d1f0648d84e6ce2138c2c879884eb4847856198579eac759a065a5d384c46" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"5fd08930ba404d13a7275227660869e7eff10e103548e6ea15f0816ea93b649f6aba408ac710c49eaddea0b4d1e219577e6f6ba4f193386228f6fdf9cdcc50d5bdcf6d1f249e9cae0a097bb341e2ba3581a3f2ca":"7a463958302109d5fb9fef1a232b5aea13ba58a60b70911c":"":"":"a1a5c9d90f9340c807efa2068c6a0b872a4ad51a7cf90e14b4797dd894361712fc9507bd61d8ba984ecf1345fa3cbcf3031e2bc4302354cdf3f615c3a1bf43f60a464698e250726c37a7a9a23e1ff7e8d96df03957e3a0b5e6c4c4fdbdcff487e467b12dbc21e07eb8a7c4cd7f779912" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"625d6a509ec43c55bbec45b4244fa0bce24c74cc270851f2d32e4bb4f1961476af40088b5ea81f7a86efba78abdfb50be09e1a68851899e0e9acd95f77f16e8b0aea5a9bf29bc1a18d32158cf69c794f3f47fe61":"bcfa259c919f6e56c77914a272959cda6d2cafeaff87d91b":"":"":"b5bc1f03099547ce1a359bede1f9f3b76b38e8b9cc781fb3909899144f4d0a4ba93272552bfb0ddcda51165d0ca3eae47d10961a62692bd9edf2a9339c8ad14469f1834eee3c3fc1074cb1493054f84273e4adc73e5eec6cba284c5b7fd8005f10cb67b0fe16ae0b4ff30d50ca245c5d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"bc0c83de31217ff6b22c719de8c6653fcbd8aff7925f04624c76f586ed3bab324b64fa8a1ec14efa8d8d0b41eb6735d517f6c647ef8bedf3036a6ca90fa1d2c528722de33f76f7375711b6b4127b86fe096e72cd":"d7ef6b5dd09c08437313871078ac730c2f85a5abae6d6e24":"":"":"6d415afc0151c3cb426eb3b90c209feb726c01e28785678bb0b8d9143d4b7f31ae07e384816072e2df31350b133a8f4e3ee18f04b154d194513d9b072a695e52bf03eeb4c9a1df85dd6ef98d2453dc39390bc3a17f3ce499d9b182c89d0591dc3dbdb7aecb626b07f0ad2737bf8200b2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"caca2b8631502fbd8bec33e89066e77b97a57b09d21a92dcc7b65897e50d7a312f287932c529f6a6fd8be6fad5c467f6c15f9bc0f39653a6e4963c0d4c4baa9d6ad39f4ad2a1d6587377ec3898e63e02cc0c454f":"33691da7461d3355659c4ca927b4d3e3bbfd8e775b535538":"":"":"89abe8e656667299705c4c8b208f0fc400897397d15aa3574cf86c0a6415dd30ac5d7d8bc629d8ba52e6e5af63818475874266e98a43ab5d3085d2856950e8d487ea22e01f9ab7fe1862be1fdb9a97cc24eb9ad05beebb202716607e8b164cf63cacb92504e80e68e641af71ad6ee47d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"5d97de97d6f81a858ad6ae0262e58169b27c25adfc2bff506854e6bfd37f3a4d8c4b46cd78d0a76b0dc67e0d3f90fb04c2131bc31239defc8eabe9be0fc589a554a4b77fa79c64c03bbf87a32031530d99bbe397":"a0d8be30a0972002f21ce2d7cf3c8e84907c638e0093354d":"":"":"67536d7352a49a1a49110a1dc1b77dd1924be34123e027aea0ba6064ae0aa051d4470ccbf923e0c96c86f2d440f17f45b67c4c7785a6f5006bf0cadc13269540b2c59bb75f642e9668feb601fc60c18b94d65ebea0dfe5fb284e003a58837f9e9e120481ec2ba972c755c6a9134af683" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"9ca7149b0c5ccb7a0f7ec5399c644dba98c418373460c59978d91db57ff714897ee71caf459c1dc164655140810992fa6cbbb708ba2e61053d5866ba6a1bbdbc639fd21be4383beb4a4d370e86d0e9739ef849ae":"2ade2ffc19de7fc94767193223aa1fb3461cb29d970c8f05":"":"":"b39d6db529fbb3c6a90d6b7057759c26a9fa26024d2b65e3bf459881ff0f88a5b93b87e0779635022cea81db313329b61613742cc82b52fff1a2e6e24ae0eebc0917d5e4573466e4aee3f0ee0053445566eaa080c3e701bc35d40ce5105b4b6572baa7b4c84a16e4aab501e6ef670164" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"cc751171d828dba023f430b3f5a7134f733f4cc1ec76495e98a6dc2a627d97924716d7e6b043cf15c62ce8da1dda2a930c88d6d4d12ca992a501f773dff5d38e42f150f1c55ee358aba1e73cbebf465baf9fd0a6":"4ba50a75424970526022c7351831c58ee75f1e3aa0c47749":"":"":"8b387e55b9c10d0cc336f5445755c0b6dbe971bf69a04682b21c9303a66e093b7dccf33fc685765c6d2bcfa3020892ed09ce6ea3e3355b3bc16741f34d40b5c96bb085c1574801d14b4f71c97cf64e75dcc330fafa1d1e626822609a9af62c894dbdd56307ccf1ebbb7ec09d500096aa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"1f2ccd29bc38e8364a4beb0e89984b88d61dcd31d48e310ae691c0e146f495b9d8cf443ed12f3ad2da7c59c2a2f6b8df4e0202414791e106c1f879879b7a46ac207f45b5fed69c38309adf15dfd0dd75742c0df0":"e0c49aee71c4c060aac1bab1f438f9e2b0c96d710ebfef77":"":"":"593677f65ca4339c0dd8b1ae9278cc49adaef1cf889760b4631a379d82bc25123dfd2e1436d0b6b890d4155e3236fc1e2cef67d8bc0454099051e220d6925b37c47408fdacdfd54cab7be70f8b3b3dfc5a86f181dd559ff7182f225f7de87dd8bd69143be270ce76d2562c6e01ba4c4e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"f1bee9caecfd0397a6cd76f356ecacf1053981c64d315db4a51a244fe3b22ef997392f65dc13cf30f5b8f5edb7f8f55863a30156722536d02440e5f06e503795d2401775a560685f2ad3c98aaaa22726cd6ec45a":"9d42670ea4113ae02302cdcc660b497f3ffb19b9aca8babf":"":"":"78f31a24cda43acfbc4db7f17c57805a4b53353d668596247358b47e8f8deeaca312a7f9ce78832bc1da2d6b3727fcb847ca4feb1695a2edfd2ab24c486da125be1c1af4f78b749afdb57f97b4a8b892fd87228f116ba10fa739059581256de4fb865d1115c58284cb9850a24e5b7615" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"17b3146ea3ac1afdca446275f3b7539a517766b90e2da2c4c85db4802943efcd8009a9ffdd054440da16edb641a050fce3f3cab3d5f03d550111daeaa8841a9c814def76eec9c4e910788c710562428a39cd0987":"f3831c1bc859fad452a76ce513575a23e8b790c90de4575c":"":"":"c6c85936cd52b5271a6e70410e0b9d960d76f3236b548cfd4fea26504ca8a78e58ee914c6cf248f30d7ee3547eedd3a4d9869b15e326c911aaecb7f0c221f8eb9208a9b355e4b1cc7926380d25bb776f3e89904943b3fdf306012fc95d06b3b7c44ef55c9eee675150b332e2181f2a32" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"fabe526177dcd476be9950233ec56f9122a9b083e589c9264add302d4768c06020cf53e7708bc728582360cbf06a18de38e3da2642dd6751aa686dbf11734bd75a422571c9f2420915d7d79d9efea870e72d262d":"ba5858340e6a82b2ecfe1190215bd8da995ee8ef572eed8b":"":"":"10260dfc2f2322f530192e96a2396694dead62f9b206137108666cd199939184503da75598f54a89dff885a9856140b56687347c2c066a1593bfe02b8bd2cd93e939c424b33683a13678ba5f34df3f2f5f50b2a708d1d5a04683db00a607e2f80e5feb20086e3d64294e9732b0776c51" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"b7c9a1d221fe10552bb0b799e18d12cffd1f76d6a1e6dc79a36584ac7e13c355b9323d0ef2f97fc2d8a26e6c37209a485963788aeab084e923a3794c63713c2ee288ba3a99f2d407adfc1b87ba64fcc5a7f98e4e":"e563f8c8318862c7117af8946823e8570ebc64b3de1b293e":"":"":"100c460c12e5ab12a72bd4351f7b608f5578060b262f21d735fe79d13c942035a76f001adfd39fe93caa22b6274bec282e640469d3f454d108991a1b73d8acb3d392732fc24cafb15fbe248441462bb2c1278883610ba28486ef82ec2ff3d20eb9601866c7dc4eaf44cdd73e5b5ac14f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"78e5d4818964d748282fa8dd386ea9c920c4fc5ddb9d2204a3f6285082b8065dd3944ce193722e973f8300783e37991e6c4a6286a1a0fe3703dd78ae951c88a0ce47b1a23d91e0926358221713670a78732d5470":"fa058586d35f0d74d2c473e005e7f8ddc33a1f6d5bc79d75":"":"":"6b603b098ca74b7fcf3c8f9b42dde5b3b51e84cab4f67f4d87bc6575ad4fa3f1e0ee27085f88e2a5ecf4f57f9ba92638e52941535806d2cd1b5aeb5b7c81b3d44d41cf5b8073b646a9cc1b0a9f7e183b082e9f2270acd928623e8a46b46257e1b827e8b88b55c88a3a3a067cfcb9b2b0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"50241739e3f08c910baea7f9ba481511b6ee5d69bb1a2dd34f3987a231cc25f39a1a966390e391a33dc21281372589e2a667cdbbe4267710d5244fd342c959b7272b39e5cdf67701d47665b61782541e94aa224f":"6a7d2f2dcfcae8a284802c97d77917e87c6cf8417c2b16bd":"":"":"4402afee12048c1c6a44624d2df026798930ec732884899ffd20d17f1c8d7c221cf5edac8679a21ee11b177ecfd61927d4ccbb175ee6b49cc6f371450904c2666aaf2e6cb36cd55cae3af772beb80955cf67b4e8be1fce11250a39693ecb7f8ac05aa23b949ac74bc9a67060cd60cc77" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"c3005cdc5c5b7b25ed78c9684f3faf6278f9a9c5a9fb202014a29882e50b21e56ec8b7947fe871daec2626f32372123f44a8721ff4339e0a20f978ea27609eb495c2342e9ba719bbd2b44ff503db2322ada1c982":"c4506109937e0f9352fc881b0396b0a103626a15addfe525":"6ee49c76d138eaa3fc10cf411e0b8ad5488d77f74faacf13":"8825122b506dd6f3a58811fe6c9a7e9271a6e68dcdd590e2":"e818887ca1c84717e277baf00913d65ed58a8f90b8728080a03043bb2ab53f55fa605ba0cfab29b4cb694f6aae6594dedcbe6f74e1f7573c2944f3703b89a52789b0170077ea8e66d8299ba5cc139943ab96254065a27abca2098a85162fb01d294d8671b00206b7f784319384e01b3d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"9bf2ab19aa7e9ffc3461522f3cf85b3292b54bd3e1099a42dd6f5349d169d59a152b2dce675874b665fcff802260ea84b358f6fcf8011b511834e8447a73c1f675b7598d836dc9fbf40f1dd0f481f47f95f3ef4d":"38d7a2109c6fad9205abc22b9ff705b7f671c4bde5b662d4":"b46e928cb59eac0cbed65645767e96fd824fa95cb96a1cd7":"532c8d3748205cfaa826fba7f240e9926cd3811da8fd1a5a":"bc367839d1510316ac3ba17fb7bf633a6eb4b61dc0b03cf1cca564db8248ced0b47ccb36e730c0237b0812af30361b5dce662636b23f87d6ace82cd3e34d45a1133b35ff9b8bde8fb29fe82298820c0c87f0e30887ddb15c9644bfb12578f0878a710771ad22fe16935c66681378f5f8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"a3bfbed559c396b807ffa80409fc4e2c23ba952f64a41c07d3af5e5b78d8ef88171bd5022d3e02efefa644f4fddbe207e59397605a0408b0201f6a882def64d973c0714555d2c7e0a6fddf49558fd1328074ca79":"4c63bef79f71fa82168928619cd09b003aeb2ba2b04150d2":"c85bb368a82d57c70cd5ad6327187c8550f7c10380b2f030":"5d467e9c06ee058ca066dadd6f6ec6b0da59ecbaa4ddd12e":"1ce311c919c67e151b51ce3060384ca95c071a295f01e54349abaa2da8ef497ea1364454133d20f57da28985bfc6d1d2f58f84d144c85dbe3c9fd5e8958ce06f2f5ad5af7e16bf90ddb4a1e2947f78008467fcc38b5a082eb1612d68e36e3c0abfbfb3a321eef3754ac16c41f96bd635" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"1b2c2419e85386716135b3c142d749f1f5bc23edbf8c0a1c53b72f474484c545761b21aeff05cdd35621d104ee393e791737c48c5a6e6b25b58c5c5be28ecf17c410c9c9c3c3aa2b6385f66759f31b61f9fe0286":"b69011f446e50880a15bb0dd00229f765bf77b2a40040109":"67eb63a168aad8712a0e7e0f162af7ac7893e902f1aa72cd":"23bb752e6232144630e3d3a6daaa1e58a5ca315f21fe1d8b":"cd8e6c6b8a1f7f98f5d796023fdd4f1da2d72eedb96a8e85cac661da24dd0a7810fa04be0491c69db7617712582b43ec4bf112d9e2932288f25b64fb7a2a09ac8747b8f71ce75e3c80b854336a0457b8013ec6dc1268b4c7e8f7d3422a4a5d432f8d9705d6a273a09b9f9273f4928c4f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"62d059e3ecb695167e93b3cfd77f96e681985ab5d68f15473a89f9cbc4012e1c090a5a9e65f738be938f44fd6cb157fd9b737d9389e4e56b6903d4d015f9d80d96336730fdf57787296d447ea91de7e686c7a81e":"d8f121b2bbdb8530c6315c63e0a52e383c163c033d3b0854":"830e2cab11331b761aed55db61681fffad3a61a1a06adfec":"c7783d7357ff30e88cfdbc90569daf03d3fec8caf89619ff":"e44c9b35d3b847a928748094ba6754d1c5de3cbe3d90d4e2bd0c0f19dc5aed7228c541044b2b14d7e67dcc148ab04abff7c22a8f1fdbec4d68ad24a7c4b0f0e507bd7f2b4845593363da484b481906fb7207844597238b9d40c14237004e275572aac6a6d84d151fa58abc0987e54e18" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"fcf3887b4505f7a1273ad5b32e064ff51682bca23ed974ca981871a5b7f63e5ceee58131f9a01fa7c37ab14150c9323a03f694e463496c4159eb8e5d3ebc62f41264beb93098a42a3dd406b983e1fb040d108f93":"9b3e97eed077155cf181829233868d27eb773c398575dfb2":"75a75a15c622e69eba698a064b0b41c8bc80ef803df0f29e":"7b6a20a222a81dfa6fd164def816c2b6708bd4c761b2bb8f":"0b3d501f728d2f1d8b0d7dffda0160157b30d0d97932315f77022d1a6fb30d9a0ee4383f2f63377ac6e57b16b0c7480a6f5dd12ed3ec0bc6f104a26c86592daa3f68a499570703306e2c2448e784b67cd6efdb4ae64a2e8ffa5929e74c95b663c9b7fe891633f07d7b50f5f16e9fe567" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"7a6a0774f2cb5ddce6b5242782fd3d7b5c7c7e31cb5fe95367c06f29a5488fa37feb34d689c646cdb162e258ad636a030ff74f6a7ff876417fb08f5c5decdcc98692538bebf9958c627ad8287633f98c587cdaec":"fb16aea72967c43b8803bcdd3e794911f6d53f2cb7946cee":"67d89947396322ca243e2c591a3adc8fd9f1ef448414fca8":"a0d568f4fce862e5e1b22acca29e60d7bc6cdcf6cc277794":"758b4685b0db1093eebde07ba11085a9dcab64c8d5adacda070fd2b292bec49240f25e158fc96cb1d0ecc9ebcccc360b981d140e3cdba54fc697313014450a9af29d9d55dcbc5bb9a38e4f10c6a3e41874d5c6688f22d0c5714301083cbbd0014880af0f7d088dabeb4e84a64f26d2b9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"19bbbbfcb755cd9dc000abfc03343ef64193141c3d3f43120f55674616e3d96b6086adf47c906981923c98ef7dd0fbb2f7af0ecbbd2de848f2b25cba8651b7e3aeaa0c59b605e6d4710a01406565ea30d0c4f68d":"e77cce9d26d283bb5d6e8300ad0f69df723324d23928c6f7":"0586c76051462d0483071213804385d01a07bcb27db05e06":"1c9363d0b3e9f42b6c722b8d62f9c633066587577fe766e3":"6d458079264d5f3940d098aae092690b7d04cd46d6d5dde753063b7194118ab67d3848459156b8f0216d85b5c583a1bfc000e68111be459743175fd114253cc24db72ecc978ff8620301ecbf18f42fc4697d91150649a8254a9850d5c28f9c4e187e409e496e2a659b2e79c06074c5c9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"c2b577bfd802b8f599ca14bdd5fe5003ee28ae69ca5c246df4f62d9e21a7793281c48f73ffea15f3c3d444ba48367fde04cdf6d62498b8afb24966a8662461015135cb55034a63571a032d3cd2c1e6cf4a6855ef":"f0de29d4530b4af75b8defe9b3b24dcb7ce0add4aed6f72d":"90ac05703a8e0c6057dd2d8b1a6f16f0059e7c70679919df":"16935f700de9fe529a2bbe811dccad430e27dbc60549c3e5":"56988f9328a91314e4b3ae027bc6f43a01fe471615f3a319afd9bb63f55b13e681ac0ae830d4d3057882fe247ca4decbb26af811282f59ee89ea38642e4ffad9bdfae44bcdbc3a289bf431e0bfc68148c12ced1853e698e74f74e24aa434937390fd41cb4e78f823a262900f2f44c1fa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"b5c4acc63ae5c68ca404bded2d36a391e8b2e9ef3b32eb598aa94fd6b5ede6c3d9c33ec77a195abb6f8cbcafb6c492a1d78f04439bdc442168d1eccc783d53a92e16b90ccbdb0284b383cb96af04e81728d1cda0":"b3e6df5e9ae10c63da4269de170550b92dde7c6e33af228e":"c9787b641b5c881dae53a69e2b3514ce2ea81e5879765bd1":"e4abedcfc4cc69da45467bf2bfb03d823abc19a746e3c582":"e14f46dcab0ba39965f170f01a07308090b051127685ada6601112aa236093f7a760530f856617d9e027c8279ef33d9fbc4b624ae26a277b9e6077ac71e2d2f101b84ebed007ddeddb4286aa4729cb3b28798387b757d8e99a7b6d2631601fe7ab4caad7983dede59b94f4c920ef1b29" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"7302ea40e214308136b8427e601ad61132d195f870f2a861c7b8ce1f686bf325a155d0aae1211401bb844893dba2909060c76cf9cda757d9e2cb24f5602fedf6a7412f49497c82866a8c9b56e2bbaf912f760255":"58efaa77c9bf446ce8d3f3ce73b7d1f014bdeffea2a2fdde":"68f9eab1893186d7e5cf3a8c37bf1c229344abdceecd9de5":"a0d3bf1de632fb19ca5326d936f79aafe59a0e809b13f10c":"f2c6a717ab10a9cc89f6d3a07bf6077fa33c2e5d67475ebcdd1b895fd0067941ed3fd8f251352403c2680df2319a882f39a91f8ccb7df2c06a13037f057962e23b8ea0654ef9bfc19b6ec982e539ea6afcd1145cee582d27b708691354b4c397a51d004c61687c1c9c948576009002ee" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"48ce334fcdeae603c54fc228461e7173681a8e8387e0c048c2acfdd6a78c955deb7dc25bea4e9924c4a2ae22d9fb6b227452addd0b6eda7769f9ceaaf2ca34568b3c198ebdcf5f6ed11f863097bd56f42d648862":"6bf4c173d264dce03e475fb3bde9fca2474877627bfb0c5d":"2a728f461ce1067dd38896002724b4967c1a9cfececd3437":"2b862cd7a94c1776b26022c27c0e4f2d199ccb782caae6dd":"07f80326ea781bd95efe729867d6c39465213bb698b5e486e6c5f27d3fac4fda3cfb7c831fe6291062d4db2aff59781efb4f4cf428236aad6a55111b969885a6b851d5462278d0863909a07796e5e0e8448fc0d674a4408cd9e91e98e3adcec2064ad37dcc566faa80149519f5ea261c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"b23c748a9c9d206ed4ce6b8bacb6f7e17cacf5649ea8d1e1144a96e977a4cb22c0f37139c3eedbcc8b9024c6f21412f1600fcde1488f95744446df7b6e21a858224b9294a75829a014697cc4b363c3ad0e152ca6":"325bdbd8c14b766d4a7ff0e14128585b21af76de7ca30ff1":"2e002a406bb8090eae6c950944a4d6768c89d43cc0d8bd17":"4828622ff56d0867bbad03bac51b8c939a5dfa33a362b129":"58cebdf4676a21ded5eba4dd19452f5dec909c589751879ea4249a4c9fef834d85dcfc95ada82f7fba1476451774036246d7a496d4d427f37647ebc10fc2e1125b0b71da1fa5f1479c5681e9d7acc9b88b527390734d943bff6a76c4b22bb4f6ac331f7710b95f6806fa35a29a2fa35f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"606f388e8ae35faf979434656144370991e89b7457ca5b55d5bf2b48fe8cb64f549f48a812edbbb4cff895efb21c90eb26c1db239ed72da43504a1e09c56fe144f2d09242f2670dbe2561456d938352125b19131":"5e039f38d6f9a9c4ecc67158f40d3c8de61808fd7476fbf7":"21c7d976da71bcde51a3b4bc1b9a79cc6c4ca51ec992e479":"bac1c5904816c3040eb532622f127ac3e28cd78ba68404a9":"5f951dd774bc1a0818b249ffc51348bf1f36aa4b9d6a3348d36df84b5d3e824adcdf8b87ffecfec13fe36ca354625ae8db8a69722254c3f6e7027b866c529f9bed25360e0cee7ce41f996d50d224a08e965e0e5dd67a77142e2a3de0d559b9dae8919ad0387ba5fdef699e42016d7291" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 hmac_drbg_pr:MBEDTLS_MD_SHA224:"be16ca52551a6a0656c40539e3155eebbc416cbfe212101f8edc2f7118472907ae9b2b9574abe81257533115472610ab401d1ce1f8998884af43fa5776a59ae38c88631a066fa85d24dfc9b2547caae598cd0fa7":"ed000ad2e479513861014e8ff45a481a494af312d2dd5563":"feb295c74975f1e1c738988fc70b9d2603c7da93832154a1":"764705681b7781573af811fa7751dbc27d667af7a1e59dce":"ba4a0583d8d6c5b4216a0875cfad594485858dc7f9ef265d4ed0c0f0fbfcaaf5ae318df2d7fc530301813d9f49826030625f7ea02d0630b3573c486b1fa0ef4269cbfb6fb86675c11fb7c0570cf7ff4fc7affdb00625ac453c23c229a4ea5f540c66f031ab3462f7d12659eec990501f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"9969e54b4703ff31785b879a7e5c0eae0d3e309559e9fe96b0676d49d591ea4d07d20d46d064757d3023cac2376127abc60f2999100f738c10f74792676a3fc4a262d13721798046e29a295181569f54c11d4524c9071bd3096015fcf7bc24a607f22fa065c937658a2a77a8699089f4":"":"":"":"abc015856094803a938dffd20da94843870ef935b82cfec17706b8f551b8385044235dd44b599f94b39be78dd476e0cf11309c995a7334e0a78b37bc9586235086fa3b637ba91cf8fb65efa22a589c137531aa7b2d4e2607aac27292b01c698e6e01ae679eb87c01a89c7422d4372d6d754ababb4bf896fcb1cd09d692d0283f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"371d2d3a50d8fef465b02d57f0f102e820c624b0e11703bb81badf8b0ca1841594b0bd16c1fc0e5e1235dfd414081164c54ffd056c9cdf688284f615cfb4814cf28ac6dac05756e07e6bc9f56033666ae35819ae359d53aad14adc9199ea154e45ee2b064955a8f334b9f62cea23d0b0":"":"":"":"b474ddc66e4cac2fdba195cb9c5ee521f4a3ebc24e3722df281774b7c9acfa87bd5b85c1e4e559e2859f2382ecc3a820d76cacdf10ad559691b7059b4e7f3d9a4453ffa241627a3a258b3439ab7f592e95751c826b6f89c92d1f85fc855d231045c405941b9a8b5101f76e6afed9c2032712eb5c60c16a7ecfc26ba0d47adf04" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"60e5cc3b260a0fdb9e994bb7c7b7fc32ef0117813a33b4f6af13ed81a61edc3c7209beb9336855fe207fcfb77356894b4fba0b7c3a93cf6cdfdafdb4b56cf0938f2cc18ed54a02a3551247ee10e606b0aaa8d30cbe0bdd3781a1b238e19cbd86a2dbdcaa9f94c3d39f9deb8c4a6801e7":"":"":"":"628ad20bad88e5b0ee30107640248a81f7c1ef77f757a40e53927d3b10adc5b734d379d71a28b3fbc0787d6054cfa926a5a74b464b818f8d185430773e7ab055f9647eec01a71dcf680abf7589329e1248ad9df205d10ceccd1bdfe4c9b3f6d7b804c5114c1406db83c921c828df36f5755e989520274669f7f06f5550c97d4f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"5b9320748b1c4c44624b26504e9e9765a136f965c5a8d787585391782c7432e33e5d97a4c05394d570402b908f54b80cafe9be7eba6c4c4424ff53adca50b522a0ec1b51efea35bf474fc6a0d6aa67d44582c01f287f8a8a9caeb571e26f86100990e5633139b56f4c733cd5ad08c4df":"":"":"":"70883300ef578f796d8f85a30cd8b9e4e2c29f84b7b127836450571408c92b5a1b5bb040f83bced508f26d7066ee0b6e6364eeb1c639a5292050f755fc78e828c08054b14e3a9993c2685791e2eb1dbf258cb762ecde1aa2ed41fc004ac989e0fc26e245ec87a96004c5b28c45d8d9e0829bdb696137f9c944f538c28be34b05" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"35a17d1251628f82da8b4b35b979783f50e76b2cd77e03ab2f64d29d26b22d82a7b89cc8ba85c70e10d42adc80da014a11cbac5342d46634dcbb33baea277a67afec23b3f50875e4b965b3565de66e36025e0db252b1b31e45683a9676b55f462abbf6887fcd770599b123f109e5c9fd":"":"":"":"86e2bb0f5ddd938978692ef93d19d34865a04484cf82aaacf4546378e2198a2d8050ddf53ab618fb98f9bc59a614e3d60be06a54eccc7e3e54bce7afaf979a6ff4d7fa19a9d7669656fa21fbefa9a70b134c01844c0b85a86b9f98a14255158ae8f5822ee506f88e81f09760810b19f4129d6b47a10d8837d633671558ec3771" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"3d6c40cceeaca0633c2dc71b7135be9d64d07aa80e6f3a86f43775855f14d3a4f5b702ec622e0c84eb3fd4662ae150ec364d343fd8068b87a8b29e9da7f181b91aa002639980da5489720068816df144ce1c01ea38915b6207374cae626f7199a42d47c9232094d16a04c368f0c11d30":"":"":"":"75eb7a740b6284358f1b2f7c8c1875c027eeb05e0350179f7bfdba23dc823285cbc33cfa6ca22c8e70bba00e903d3f71ca66a1d7081f742574613c2e8854a0d0e59cbac17356b1abb65b533bf563d8169700e196d7d1e25be8e4ed4502298b21dba8ef822c565443c46a8ec08bf3cbe11ac51eb765e53d2b035a8afa29ed1147" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"6174ea125101e34850e11dcbb0e48dfed7834efd45dc9d196a42e9bbebc9f00853467570badf39ac3366084682491479ec5e80af6d5e73e0cea43d1ce15c277ccf5bee254c2d4e57623a17653d48bd82d801b0cab2df27f804e23e4dc1dae0b7eb6160264c8ca4712d775970a8756a0e":"":"":"":"a9d269c3771e1fd3cf2a5f4470c7e6560c4db008cce0f4c0d1ed939157567cbfcc2353c19e5c1b535c02d5601b45ea2a1d8045b42df6508b7389fdf350c107dae05da4e6e1c078a26aec3d0ee5225a680c15c563e3727d352bc257d3a4defda48e6dfdd5c7001439cc587ff033c5afd3b1fb7c618b2113736a362058adf12968" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"6a7df1ea8b6d92fb4f1b66b6014c97466a9b9edfc68de647a8a4c36dcb0f4d776bb353bbd5c18ddc5aa274ff29abecc946eeae7eb7e931673c1ba88ec99d3105059dd1f9a7ba8145e0bc86459e525028dce62564a7bbb5479320d75cafe40b4c7a0daaa2bed5a48a0eaeaaa8d6c76d1b":"":"":"":"32e66872ffbc6d93da7f923f82574e3273c81a289257246d3e69b94365115e2b91ddcb077034914f0bf3b5871b62ab773decd00121c87439ad5318adeac31ac024b46e7b49cee5fe0f1dae93a4b93d4245c016ae6a7ba7e9e9857a38b4c220c3a30903eabaa3210d93a08f703626ead078d59b28a42d76081e9b67d7ab68b366" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"0a9056319735191d4eab3b70f533e59b0a5a70aeeb5c00cdeaa5dd26ba7af09f2e259bd4e04cc9f5ba8b5c8dedf7b155a1ad8112d6b1daead36cdd337266fab65c85824f878219e611d48c4f73ac7c0b96e40762c87d1a78e63e3b266f5fd7b9ce86252b9bf46b0855238602c098204e":"":"":"":"0ea1662f0b95b6c1cbeb82f7b7523eba3f569544b0841f78b1c05809fdffb776eaa6d1c77a8b60ddc680c18eaf9096013d2f4bbd41617e3c482d29aca8d84822c07b55825e46a26abe7c39fe17d2228e399cb88e36e435438ca919b37a0f868fb5243afdc2cccea3b06fd313aba67dc688203878d2be0f4f8864d831622b6f4d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"9ee3fca776f4e7336f5336e426d8208848c854c7b0b271d6ec84dd3e86a86fab42c0825cf2be769f7e31924b34a3a760c94d0db714b2a09ccbe26b2acc8071f083332c3ef50802b2aee1eef195b74e9eba52fa49901d67585a766a9465d3db843d3f0a4a3a9d535dd976dd98aedd9df8":"":"":"":"1c1151e976bdb947bdf7bed108c742428aab2e6f5ac7cbcca6fcf2459d2410bf6ad89636b02337a453a21bf1aa72f393deadc925f9a4dc7ff978ba837c58ea30267cfe61dbca4a366b9ab9904ca6223f76d2d33d8d3deb959c6c57baba368e9e67f2d9d4d3758d072df868d2aebebedfca3bfcc018cdb19ba37b593a0ae80c6e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"1006e3b161fdd1f30442346fc91b3371a29531bc9964f84d3fefd0ea3a340efc06096974bbd600cb644db66b738ffcec05696a981e50c7f6864a8279e83985ddd42a9c74affdfdc8452ac25575def3af3250da95f0182331dcc7d2d50ff71dcde00f92b6874ee902e613779de0789dde":"":"":"":"3bee9fe6d08899fc7eb6e1f0978c68f5dc9dcc76fbfaea7a652d0ad22632396d6e065fef14aafac7d3afb066ea743f0cfba804cc9686405ac966ba7a291f5dbd54dde5d6a330383b2355319e3ef4056b856386cf8378a5e11d9d36b0207e2cd414f9ade2af057c53c8c31e72fe765f0582da5a685eb42a0fd969dbde2642c4f5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"83d0546d20fe18184c5ee79bea6f5818881d158dcc7780c0350baad7662d3b0578bfe5590b9923c3500ccf96a797d9fb246f31e6b2454c6a443233ce0264fcc0ffd41f0a3bdccdd9417d1614aee596880571ea5f2e62fd6c6e555613024262a26a169f17380a19f2e5020ad3359e4842":"":"":"":"0e453a3e0a4d58f418018f09c1b7ee5e3df81d309e54b77567b180437c258b870069c0257bb8db332e9d790ed325633260967e898e7933d38832fe7a677c9484992918421c75d7072b9c04162b202872200e28db3c03d157c8adb077c4c8a661c534ff5c1bdcce80ef047eb197b0bf3939daa8be31d6156e9d573cca4b11008d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"fb09b02011b54f9fa2a30783141a520e11fe3e2dd55b25799c19be9fa7bf3c20e8fbb8fe9e43014516d25c6930865c2727827cc01406aaa1827bf2d9272ebe18a44ca74d63b3b78fd67e61d5d96db509a77c857ae04e06bdcebb7aa491d1b9a99a0ecb8c7dc3d7bc69775721b75289aa":"":"":"":"ef8783f00156c497796d787c018c9c01cfef9357cff2ba8f047109a0d17f719ac46952a7147e7fe8d60fdebe2c744e50522e09aa0d18de258459840ae320d48cb71ba11432169ddcdd15ce081f3ee9719cae4ba601bda1cbbaf9ebe82559b69107111c96e468d23e0268e53c9430cebe7cb02b547d6913b76e4c1643b2a2045a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"07de9e5e57368e7833177066c804575d984bbf9ca4bf03ea3118dce063027b2a1da1e930b356722ea0c0f02e09db6e92f407fd606fbddbcb3e574f0ef548c12b97460e2079a004c1b5f4612ced9f5034d8ed92d5e98eb176db2eba898915f31af7cd0763e7da1e64ba132a08deb82864":"":"":"":"e780aa6744f592da3fef690e78fe8c4fd40c364cf5f1a8be34f23f7324ab387b09aa3b5c126bbb5fb25fdd26d4e536f2eaca8f0ea8c93ac863c1c5d80314480fd9e2382ee1d9b17828b7f3716ee669b9f369655091f0ee23163996c7c815c3f5e705c9e48c25fec05a485eb39f3814065283dd1d0c37cdb7713acf24e3484afa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"5957069eb143c1526826c15358e0e949096108fc6e09537cf3d6426e155b4178bff8a8b7c57c3cbf8f9c78b52d76509c1ec089e083b29c0adbd7d703b3e0beeb2118a052548fb1e30455b080c111cbda6b4930e8fb7daf431060778445bad7d9c3f78dbf811e6c9c58493844d90e73c7":"":"":"":"2f5b7e172c5e291f68d9f59f0d14ec516e7e80c2eee36d1aa0734e3f819a976c74a565ad03334fbf1c60dacb1a6d150ce1316b5c256ca85c80fcee6ce0c7004a0a0ca8be5dce19a3b68f92f3f6b7f8e9c4a3177b93529b32b78a2d0ca18b27fe80b42546d1211587acee2bd5a63f3ae66b5e5d66a52154b52bea2b71cb05b9ec" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"2cad88b2b6a06e703de46185ccb2ddcf5e0ee030995ebdf95cc4fbc38441f17f32310770e04172c0cf91f6590cce44a4448bfbc5ce9e3b9da3e9642daecd994dfe373e75253e8eb585141224eca7ad7bafb57f69799c0b892b3015990e133698d543aa87829ace868e4a5e9525d62357":"":"ef6da5e6530e0d621749ab192e06327e995c3ac0c3963ab8c8cd2df2839ab5df":"44278b31ed853f0a510bd14650ac4b4971d8b426799a43511d016be68dedbb8d":"4c7dfbe509dc5a3ac26998723c6a44cad20b197fc86117c778d1568ab828923862885e97198f77a1cb45113f5d78726a0f120aec94afc45f57c8dcc1cb092b343480012858ef5bc559f57023442209326ec4a54d91ca3a77dfdf9e75f117cef50e6fd2dc9af6ddce8e6515b4a97357a97b6cd274f68a042fa41bbd7b7261b034" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"b91fe9efdd9b7d20b6ece02fdb7624ce41c83a4a127f3e2fae0599eab506710d0c4cb40526c6bdf57f2a3df2b5497bdaef67509ca77ddfb72d8101a462816a695bb33745a7348e2646d926a219d4944397755353bab4a6b291607179d16b4a249a3466cc33ab0798517872b279fd2cff":"":"17c156cbcc50d6037d4576a37576c14a661b2edfb02e7d566d993bc658da03f6":"7c7b4a4b325e6f6734f5214cf996f9bf1c8c81d39b606a44c603a2fb132019b7":"9cdc638a192322660cc5b9d7fb2ab031e38a36a85aa814da1ea9ccfeb82644839ff6ffaac898b830353b3d36d249d440620a65107655efc0959ca7da3fcfb77bc6e12852fc0ce2370d83a7514b31473ce13cae7001c8a3d3c2ac779cd168779b58273ba50fc27a8b046562d5e8d6fe2aafd3d3febd18fbcdcd66b5016966a03c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"a46367f0ca034a86604003faed2ba524b6c0bba8418fb158ba13a8f730d91ec49b3a7e35c619f0e1abda6d140b08af85e3cfe402b62a2e893fe0244e88b9a489a1035d287947139af7873e5f7d0485e87238bb11d4f631090c34365222eb95baf7b865be5f6410ea0aa0484e3de55483":"":"aa020a1aa92f8a426c5d0d44191c6b46f68c1abbd5dcbcff0df2c8e024a3288c":"38965ad5f163f663b3d90d4f5b67ed2f4db22c90e5878bddcd4f230dc77f4b0a":"6c7edf375281b751383211a3e09e46c61a9c425fe326041063f0f03e1cfc01e8a830f9c4bf77377c4a9946c61a8b7cc664b22973c556437c9f5557b1a1222c45789eb700e1184d5d6e52f597ba5b1deae3dd3cb2d8325ed5b3929946e3fcf9e4f199115eafba9abc87558fcecc63723cd8cdc8dfba48a3c64e8a70995b0c7ece" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"08b9db82f179055872383f58203aab4b9b701c6d7a1cd428bc1860cc70e4111dd5cff962725b20d8121fb4f484a846c8fcae938683cc1602b692ad88b2edb5ec1c8dd408f4c10ee77a460bbc40c8e365d5b0bab8b6c8fb3d6ae8f65dc91750600592d1f0f9ff661d39436329263b9213":"":"88ebaa296598dd71d22ad5cdbd16603e1982d3b00391e0e83862d765148173da":"4fe9752a5a88ec1eba5e7d85b193910f1717d166ed16e12676cf9dd417d96f2b":"b4b02be55fad8dae22716f95038cce34f654c3dceac59a39ee85c55c6a10864e19dfa5710231138efdfcfa73652e99fa3febde8b06ad06af23ded42d78bd7e05ffed6b403df2320de419a08065dd254e5c676c16aec3b82774f014811cb6f32f96bb240bca91fb9f05b57c776d4474d309cb08a730c269627b63858821657e8b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"76b0ba5992daab1aa40ebe377ca2e0f6407eb1729961151d216a9989b49733c2f7892eeee64338d8ff151db27b20e66684015bb1b433a01fd7570e2434bf39d924d19096199e367dcda87af7ac8b9f2a064e8a7bc291a904fc5a40cffb306020d718de11d3cdc5442724f4538d835f76":"":"f8b63da99a35cd63334c7f0f101a80b101990f7646d31eb58bd4cac251f434c2":"46a417f4938d88406d3ac65dffffff7e3c410b0999e9c6dc7787ac46a0b1be77":"d557b0064c6d8feadb23f9752cdaf5e443a295ba97e5fe3db8bdc3a502b12394951e69497638a758e7315323c4d9443ec8f144f9dff421b0feab8d541fdc3b5993dae6db4a732d573d27f4383f825783b8d0b93951719b95ddef703f36c1d95034b4c0b12615aed9314067c35a55a091fdbc3a459a22a75b6d1616e79d551b2a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"e82960489c01468263e8fe59ac341af1cedc5595ef1677c00190f87f10679295b0d64271e860e5e1bc2b7c24c2127c9457ab6db2495d422d24f3560a909513626cc0e0e8d74171ca51d3d1d31777fcd1b771f5b186516d45a270a7c5c96f098c5051cd79ffb04c7981cda36a68eef347":"":"9d544530ee12e9cb06172d79ae291932e17b240f9cd92698b6a2ec061fc132cf":"dd1ad16a1f9decc0cb875ce35c7ad1a3105818679a12b22149b5a7dd0a1b7d87":"9a08d941e9a1bfd9c3e059dd06caf008c636ca08bb2e136d0bdf162c433218045224bfd8d75b8241025f93c4a8203c6ea1fce63c37bb20444c5d4a68b13ee663b262c685630d2a6c40ec224027d75bfd3dc73e1d538400789f2221ffe0ff1bff8f514c0229e684422d77b2b0298c0ba8a2ab02610e880232bf516f8ab507c461" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"a1982c8ea6aa75e5c0486bb26ab8c9dcf3d13034372207bcf103adca982bd902b1388afd3745a00be19abbdeb12225db35ab41471d93c02aaa2414354626246b3ea3d932dd522e5ff0fa81c9bb7bb1f372d851b57043789abc1837d33d52779b638aa2bd1693caa52ec7b0824adb8470":"":"2d0113c4f225e47b5910cbda7d27d98fe2bcc23d7bc293da1028e20848804353":"f6d92fe0603e2548fc13a560f4b1009a2cf63ff91c74b17cb4f256611173ef17":"d26b469920ec26d6891d5243d3c131f129832695a130386511f02a66e92d538bd165d9bcb70ba5e8df479576b4342a27f3ce113584e0262f8eec814f0c97d48988c39ba548e4da78601103abf9c6a47ff3705fcfb7d1a150535d4af2fa219509e94bd8e74f3a90fd0ffa63159b4b62eb533193f9df3c86864f9b5f05249175a1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"feecfb3ecb1b1322b34d90f25fffa2ff0c2af010a942a0467c04e9338832c3c0e5c5876ddf0e3dbdc2d63416fd77daf6170d67fd6b7ff621b1e844914711817ece93e5edf428a6e6325193d42bd676598ef4672cf1e4de4b54df68d0fa8d268868813162fa712d294491d338b65f27f8":"":"d1e3da59674d0ce33cc3e6e56292ef47fc1b3f495871f5a74a8c3f61edeb593e":"74d491697d72689a19c58982621e68a336ba9f7143c199dacc3f37508ef5f3a7":"78de8963019611fde15ee0c8c7b8a35c16a5ea1e86fdb435c422184cf0f7bbce3d6dd7aae11b6397ca213c0aca63188d3982c2451401845d02fa0822ad2f9190022f6c099d137c5a44d9d74a77c75bba2350f1269b6bf90507736d8576b53dfa14ccf7c685ea0acc8484d6a5d310b15bf3941666178414aae3d76d6d5f4aea9a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"1d6bdef15811731f6e30d66c79104224c5ed9d455bf9fa2d3442e8d61395d53ca6e3d5b3862fd0d0b2ecf3577e2ddd124f7e33bf11a7ecebcd2b26a117c3805bc93b98ee0e70b8ed51b929cf76f2fa72b433757da47b1ec92c11fd91921b171ff51a41a996866e8c287ea130f06cd95f":"":"f25347f88fb41d65602b99a370be7c8ce1dd6a29a0a7401b4a3279b3e563cf4b":"4e5c80bd7ffc931fb57632935faff2f28c4f75336fd28f14f7fc27a12c7cb41b":"54a280962af1a839b470b42456a4381eb8cc26f16303bb97b6f709f91a914ed72a8b85d16ad4d26a900c8fec4148cc42f9416dd19f31fd1afd527f5fb266b6aff100f890b57c8a3f9228462d4dd92dbd5af2f9daf05e5ee2843e56f0e180eba8a2cabab36f739a7fd3c04228ec007ef43ebbc25841b7373f2c06fdfbc66f8322" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"294c6459958425d309d4df6617410f34e96efbc1e609178f4105071171d271cbb698b79c7f83851ab0a4e29a756b058584cd5d446a25f77749e4154628c3d6963c369585a7768baeca0fe21cc40b00a87144cbdaeba812bb1dd8a18e4d7e50e810885ac520e44c398d1b3c41fcaf6c36":"":"0e433b8a3920ebe0053e388d0f2588123c6ce644280dba77632bea8de1b6fd9d":"411a39921ad892db7d38f51c51148296cbf510a59fcf4fd2785c2acf310fae6f":"04c64a3c4ef8cd3aa322596cfe08e34b435bb55943c6ba7abf72b549d4a057e3bfeb53fa4e2adbee63c88684bbd5b84c4c1358c9c0ff0ffeb1c8fc972c4e79641c9a4ea0901d9c85fb9ac5eeb5d5dbdd324649c0db542e0946d96cec8a990147be80f46685cf8278b8cf89c9255baa566740c4fd12e6bc163be6e52ab7799c2a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"1940c31637da2a1a4a3ad66826e074a0d5ce69dde50b75a55b5e09daf23c097bb31a4e9d363f3c716cd9e899cd98bbdaf67e6f909077c7051b067d9f2a6ecace36e5053b2e6329ffd364e589403a0be1af2b27d258c90e1cb2d8261bcc7bd5f910f15851a87442cafe87aa42031befd5":"":"0e21b2eae0d946c1da14153d9a3945894f43ae5331ab95a07a727b05bffe9f35":"69646ac749185da00638654c813d45e0dcc842202845cbb0a8158b2609733146":"f5dc9a88bcb19f74101fb46304bfd66fe0e245357b656e751a9ed535bed3a5b47f4f84c01068763a3fead22c29d7def5d18e32453f806424177082d1d65dbe3ee5d9765fd5364a1cf55dc64ee9f3f313697c2625327373298807a60bb4536c3040e76c9995cfc6eef225a122c98849980d40ea0f86a122756d4390096b4d8fac" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"83a44c38f699a883a91ecbbd9db952a62b65cbf75e72a1a2497810a73ea743c4d15ffcba06cd7a3338b3294afb50462b1eb4df21dbe7107a8b4c6a41b41977f38c33b1ada829517d0902a3bc0836bf899c257234f7f63219acdcdcdfa510d284e7380348296eaab4074ccfa9037e6b68":"":"3f6f8f77f3051c945afad9969af764fcf4ba5b567c0a096bec36f712f0405539":"210ab7859b1354f53e143e8b06afe84b12fc1b16aa4e3e818dc56292656eb3f3":"adc004394a5bf98be1ac40123ab1e430bf93046df87d20b04c235d16543c9a2b80f99f841a946e91a4c6f10149f7a703967de651e3af208d600ebc2c6e2c1fbc895760de537a4da2870e128fb10d8fa1f06870d758b9804c49c2ab81f90118042f78a89809b92c2abce87b230587739acbffd082aaba422c88e7ce199691dd87" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"7a45d07a2bec078c06031b79e94ba6b34ea1522504f62df3c7543d6a902a352faea5251586a8bdc562aebfd9f7175a025406525dab022350d8452cf3e187e30cb54320fe9f13a351e003727278fdd12c2ac1bf56556317ad5bffb3c2f89069c7c742be442f64972304a3a97ad40481cb":"":"16384f8c9eb749fb49fed4a667339f2284634a5f791369739d0401a84d435373":"1b81f0d21a3da462ec2f81d0bfda1fc0143673b80bc7ecdbe524ceba9ae96ddf":"a34623e01a14b87c400f681a6fb4ae66b97afbfe040758b99dc807fbac73d22a5cadad262f23ea5d27f726993c8220921125cc78d17a990145bf6845c7719bcbdd195348c40da96fcd60a54cee25af89c3b1312d88635223ea8c27564e918289fd0120b437c42d99a35f198de3e9c092c493a971c8ace8c48ab625a5a92d6fd0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"646d1c1e7c363c4cbae7e6a4f606c95812a7e0f2fb86e33f178f5b502c6457d3b57644b3bc1ab6ceb09589870c7d54ca19fe763b481308a64667913cfe25103fe738fc0a800920f0afec70ef86cb8a0ea2d9dfd3895cbf921c87e64905f81ef61dc231b6cd7a0135003726451cab95f2":"":"78566b2ffd3252772e3bba71f3445497a2150afd48bc130251baeb4332da8a27":"888b33c6abdcd475586e00eef185a69726eb9b024be447e9298b953fd8021906":"e659d60d17da14043cb919709bbb5b3cc5a203517353c8badc0634ef2f2ea2dab6fb2b327e296ed6341dc4bf431c0c14ec041de50395d25a4a4cd64a6420153a50af886f48a2973523a4ec5baff43526556959a37f3b2452d5753f4d2a3c050b2e8f9f6ac2577959f346ab37404d029ca51a789a5521ee660845f913d2452033" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"bde2de2b8d3c4b5c4af2998d70da9a21340b98c7630d687d685a71eafccec446e0194d245d2811a54ef522dcfd96abca2ecea6d7892dddaa4dcacf7e5ef3fb345c33b23a3de687ab578aac8e6757547a1b3c127a633e58903e8367a805840020d2ce3f6f0372991d7c7f234c3b31118b":"":"d903a2271f1ce24f20222120f8fee3b8709ce4fc7ba85b77d6ff049e81d7a37f":"03bffe38ef883397cfe53edf6c79e68493b7a637d1ceeed9d569ac6195b8e4db":"cc317f81c3a6cab42933d1733cfc4504dc0b232dc00502d29b8e6fe78ae11d1d1ae4a1c5c6a7f99543a844ec5413b6dc3c22e3bf0cbf12e7b57a48018c75f6ab25fe78b786d2d035de7adaa3a3b7cf1ca564f342fff4f9e6b3c9d2af384cb70f5abcd28c99a5d10f176dd2f702575bfb81a984db2507434b4a3c8c286e3dfc68" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"f7b90c797a4a376cdd9f5c435f5985e77f36ec1df1145a12072cbb2a0da378fcd95202986d45896e9f4a65f2f353fa35130ab64f41a5d49d6a241e0260b4bb8a46a16c6ac9e234c84b5b26cdb518d459f7670e817ac061ac60439be60982492000dc5da8bc6636bdac8b1cab03198dfd":"61535c5c045e784267fd0d85f2861778fa53c8e8586af67cf5c9f21a28ebb656":"":"":"8df4e349f9ea43cc509ecb2b1124358cda2de1f5cc9315edca63610a413478d68b8bb49c2814c82ce571f6e0a6780fa21c4b570610ee0c04d3edb92124f580f962d741330200c19885ca716502223247b728d66fbbeb7c6cc25cfe9866b1450b346227c7663074c8b15d189f1c6edba172a53c733d67c1c69bd7aca7e62013cd" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"135496fc1b7d28f318c9a789b6b3c872ac00d459362505afa5db96cb3c584687a5aabf203bfe230ed1c7410f3fc9b367e2bdb7480806f3e1933cac79a72b11dae32ee191a50219572028adf260d7cd458bd469fcff599595c651de71685ffcf94aabec5acbbed3661ffa74d3aca67460":"64b6fc60bc6176236d3f4a0fe1b4d5209e70dd03536dbfcecd5680bcb815c8aa":"":"":"1f9eafe4d246b747414c659901e93bbb830c0ab0c13ae2b3314eeb9373ee0b26c263a5754599d45c9fa1d445876b206140ea78a532df9e6617afb1889e2e23ddc1da139788a5b65e90144eef13ab5cd92c979e7cd7f8ceea81f5cd71154944ce83b605fb7d30b5572c314ffcfe80b6c0130c5b9b2e8f3dfcc2a30c111b805ff3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"d78eab5329fe38a26ce2e54efcf8f0c15cd7462a5878537a1e3615d098b186974f48003172c7204fe6dd77c89fa92fbad4e81412c8d167bde3857b9e045bcb5c666d64aa990a7d92e46ca533b93de544238b79b6a9551ea7dc52bfa1557fd973bf6e594ad4bc0e63b651d5955da37f6a":"e934bec18cf8e9b9293029d9ed60ecde1d46621439c322203f7c22c6b2d77544":"":"":"285df697361c284753c94865081c3c25ffcbc77709fc51f37a09624bba67149156a087efa92ae709eff1bd50bed464f4f31c4b66c1cdb71a506779b50645c165a099718d599fc9a166f345abaf8b0b2f9e700c253a454cea49262a334d79a01c208caad5073644b257b2b1577dd973862c6fc7fcc3320e24e1e31063fe6e94ba" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"fad6a0fcddeefb263c27432ecc6470e44f26aeff2840e8db682ca14ab45c31cc89402a698ffd36ca8ffce986568f728afc08bc0077c95ce4cf08bccf50cdafc19004abc3c5ced1cc3e7ce2cfc938c1600a93fd50fef1245e7b9cae2834e7104335f8aeac080d4a4fd3e0c0ef0d67b690":"352270c867c34b3fb297cb2e5d3a807b087c720026576aa44fad577ec82015a9":"":"":"3622977f8aa0a0ca5f8e1235d03b76f92b2f26eb172b88323558e8f3c756c539ce1061de127247ca7553402c3d5c9439b4c9afbb4c419867baee06eafd856af9847a69247ddf6640a09a360c93577bfc353cdec7312e549bc7873f77796e062ad058ec7f3e52dd1ddafb4bb1186b05b5360200e6ea784be27b8f205de80ba145" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"be90a07ae616574d36f8366d39d6bf1408626466d40982d97380e44331f9e1885a27cab08c6a8595894de22a909dc2479cf15973a0f0b71c0ba911951f9b444050825a976c391e621c58fd4b59a7a22a7dd66d8f59a60c0010fa8aaacce99bc2aa1f365653dc0cd57b489edc2349177b":"99b88ac1958d5d62aa39eca8b8f8e598a55c08b49e895737d74b8792ca343a36":"":"":"ee76c5a6b6b4eaf9ce8dc4ac0ee91cad143f0369a2bfdf40b70fcf14e3eb28855e3c59a01ddee684bf9ce4152be5c70d290b8b780784eadb44854b03cd0a32d0aa8b8f0db1bd47502d2aa61a54e3de7fd7bdb5c74c715ae2aadfe328b4d1128bb19ce7d8166c4c1719c98b6bfeb1ce313054d8f1b6a4c5af842cf3cbea17c710" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"31c7b8f0aafa70b4b670f056e24bf141f0bd6683453d17e9b09add3d231cee1cafe818dfd7d7343f8eb1b4100d80c4d9c8e7e4d5afcd3ab82964f121847d4466471df38b849c59630900171580948f53c41425045dc4db04935aa5264891af031b08cd48670b2b1720692cc6bed3e7b1":"769f2b3e30408856f46fc3a3fcfe05295d876415555906ecf853d59badd48eef":"":"":"9b3dc767e1bd9dd67003ec99c334b94dd97c48cccbdbfb2eed4dd5bde96b1e0ea4c24cb0edadcc5386f7bec54ac5ef149374f6225aa7e78466c34b1ea0b286499e4e2a294381e6e065abeab67553c4a2cd0fbda19c59415fee5cc1249692768aebc80ec35c8331f68f1b7245602b3ebff1eaca2fed5898213fbec09acdb60cd1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"3848bad2b0631411f9168bf818a2c3cac10b6d83a82d58011367688c8d30d3fa77fe460dd459c7da7d69a3ba5576b2bc8dc15a0de18f52f79b9120b03a5bd9bb4b45547b94b301cf3ce2442ae5083c5c08b455e06fc3f80be972e2868ea019376fdf04721478289440491744df5cc1f0":"e5a3ebc7d533c214f4cd66d37f1dd4ff718891daef55959915938a177dd97088":"":"":"959bf36092622923e96ef5c038ca318048f9447003626a9f5f0c5082f65daf5c5ebdc7328e090fd68ee5d3c161506b86590e2229a479de7bbc3920852647db2a35272c305e9a309c04da1b8e58ee185183681cca89f1b9534c0e15c188f69cbed87326a83caffcabb800e2672691b7642700659ebccff375f284eae1729edcc9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"dcd74d5dda3adffcbb54be0e7c48682174b1b460622b52ad4f32bdb2b164032bc32776da1ad3913626d9e61f5b9f9877c8bdbc62d984753560f2c292ec0ece8cf0e369b64e14ecb910997b7fd81a8eec62e9ef78b1d0de6642d8404cc4cb7bd544fc5a3b3588a16c4e342dc5003d6608":"e7aa07cf4a3f90167b486c1c4ffdd5ae45aa59200e4a94caded0b85aaae8fef2":"":"":"f931b0dae43703f7ec20bb6c5667191380e7e263efbf30bf4bd4cf6e3cd5976095eb48ddcfe9f72c299dc05ab2d8846e2259600fe3723744f4ee19c75835c07bfb207e70ceaafa355bb6c6b0a4236d0e0830759cc6673af2b4dee9a3efe496e7020556b4f8ed0c08cbd4cac61831bab2f5a81a8121b240a9c6d374172e5a87e1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"b72d5604401b15477b659a373caae53a8fe983e2199187546756e039e72efb7f2ad472ee90447f616b7ad5bb1dc692fd1b9e1000ee6c8ba65f39a837f27a4e5cde8cbdea58ecf1145d53c219369fa86402ac05e3fe3d52fd54343179f237ae2055277d76d9276bbf83f97901232ba6c4":"c9038b0d468153e8529089c3db418fbbe42afae5613a8eea7c8e3c2a307c4159":"":"":"9c2a9dc2504e2d943d85e1c068f7e578350dfed661cb5d82cd26ce22d083f6e158a39161f303370ee844b4f75723ffb45131223bee8efc32726bbdbb9ba2a0d8177e90e4e1c8f1d3a22e9a9eaef8b7ca4cbaf142aa1da1886d2ef9c1dc3692bb15784cfc906e12b484609403515550cc44e3b0edd42ae9c3f267ae9dd737ef28" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"c5f5e519283f7d3216f2ed7765ae2c0dd1e22596d7762c1f0707ac99ad3f6ba6b920e6d0ec15852186b77c3e9318904b252aa0e2dafc2901a5177449032a7727e523d33d6f4b5f350545e5bf21a2ab6cea23f43c73c2cc0982541c298e05e4b2dcc6fc5d1d507232d735b01ed2536317":"9835ac84c8f8cc00464ce75891074e20f050b162f73c9e91435aad5929b473c0":"":"":"85a747731638e09ec0254e7aa38e08439457e6504de94d00405d417326f3ad47f156b5e211204a83634369beffc128f3614e89e2e288d2de11f7b90bcc2b8d29f149e13a3cbc8d711d24765f480bd6596c8ef605cd72fa64ed8ab1f9a18b2d0b81c0de08a167d537b3d1c51c2a0c9ea9124c6e41613b383f13f1d20e1eaf2288" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"fb912fcad27bbb2538164f75a79a3d7651c42aba547dad64037b492a87e301809e154f0b8b099a2f584643e4e40ab34fa1466679fd0a8a1f82772ae0c8e9de2a461d820cf37b2e9bd77a609dc367b449ebaecfd0aff59cabaf224d5610069c888762f92a16553d82c917553a9e723177":"e3c8eab35fbf90cad2a69cc74a68ac0bd0fc51585231fb9c3eecb49a064043bc":"":"":"09b4a47519d4acfda506d64c0b5536fb9e72cb1b6b408da82b4b80ff794f45beb2070b05de67759b8317f40e798bf37d392cb59cbbfecc3056259c9426415df526bf3cb62f4636542689537629c0e91a9bec2a600ede3dcae82079ceaa3522524fc002e82c280724c4179e00dfdd374effa05a71fc856ceb21542be0bdb62bf7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"ead7fa32dafaec063474693e98230bfdd61ed5ee88c7a93718fdf17db771673f2c3d12d63a08b9acc2ef21531412dcdac37c5828d4ab26c1e365c043aad21c52ef9c144305e917dee8a15dd6cd751c2c45a2d6e146935458fd2ceba68b49b74bceca4329ac5d30c7a67f614d3b93a6fd":"fd3da5bb01ea75d7e32c023eec230f3bacbc163768c1c24216028e82660e1bf2":"":"":"8fc78a425f9e846ec2c757e98f0e1f67085bde0184f9ba9e8697811f6c50928de7ec9767a4fbec8bb099f534cabae4bcde69f2632fe4d1c582cb918e3370cabb2153a1d168fce23fafde95660e6987d2e8fcefbdfeb21398a5074ee76f7315cd7c517d3a4df8af26f1857b0d3e5704b7a3e5c15adc5f3c6745c063d45a2bf1ef" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"5d79c6ccee050b3c2ed52edcc16fc26ea7b6f3fd2b9199fd65c7dc2345d6566e9a0c6e01710e4c71b2820f7aa9203da23515eab85a5812c66756634804e3f5817d32f51dab3ae00443c694c59b72d526f840a166e566b7f633c7d246192ef82419e3cd733a02684d6a4ca091178ccc76":"ee4c3cfa5c79b1ff1dec4b9f9ff4ea45c916e46889130cffd7f137e6579af52d":"":"":"4f53f72462d7e9247e7ad113827d3ea741c35690fa0be027b86660e937c119e7237bbc674e826f42dd6dfa5f54d90542ed2bad21683af4b1f8741ecb75b464345111cc3d383c8b7d088718a353c2d4af93ff59057745a808203d08eba2452a1a9ade75cadd0f49fcd27ac3c024c04c0936c0237fc29dcd061b62fbb73adaa8ea" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"35f9c3b0e5947a74d90609e6ab660b4b46177a12886cc77a19aa9eaee86500a9eaec5de5672c5ee56771d778f5aa963713ffd39fae8e05ec90843505d5832ec8d999f271812d41db4f223a5d8467944f08083a81c29d9a559a960f8349fb0174a8dbcfa171be39a8c36bcb7743c5c5b9":"b4b5fafff369997074a82e064298859ad2775eb5c5979f81d2118da96e840930":"":"":"87afd3147e61c49d2029b88482eacdace56f27ccda2927799a7dd01ff63d6873804e7b5635645ff3f65b00e1bd65254933e7e57b56177db81548fbac37305d3dcb70a5f76a222999d6ba9c73670ae931b49ccc97b4f25203ee95cd68fa79e2824e2ead8bd4755a5bb4658e02788b9ced166ea9ec5373954ad8da88791e8f1047" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"cd08363e60e17bbc12d57954ef92ea38af1095ffec417a7f305b7c10d44f1e6500649786d5141793f7ee33a913b08f60457cdf6316357035abf57c2e2b19bae6973d01e9e93dac249198188be2f6849e5a9636d6b6bf7d1c01c16c03669ab7b5aea828017989c870cac6857bf327b748":"b5611807d3070200fc6257cc2b13a84f842ad45ce116fc91eda79ff14f3f25f3":"":"":"281e9ceb5a46578dfa2917d9883f1819bbbdc9901d44f3ab48ccfcb807eb596e20fc05060d6a77d92a6f630bd2a012b41232dce411ea046794ab0096b86491d3ca2a59d4405e2831b1f9f69e55542aec89417ee7ecd7a050eb28fd4d7d2739aef7aa6f30fa17c5b2bc1c69ebb10163426b8c6033ec7733cc9ffcae2f23986e63" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"4294671d493dc085b5184607d7de2ff2b6aceb734a1b026f6cfee7c5a90f03dad071544e599235d5eb38b64b551d2a6edb9b4790b62336fbb9a684b82947065393eeef8f57bd2477141ad17e776dac344a9abe80f6f522f29878bedf8245b27940a76471006fb4a4110beb4decb6c341":"63bc769ae1d95a98bde870e4db7776297041d37c8a5c688d4e024b78d83f4d78":"28848becd3f47696f124f4b14853a456156f69be583a7d4682cff8d44b39e1d3":"8bfce0b7132661c3cd78175d83926f643e36f7608eec2c5dac3ddcbacc8c2182":"e580dc969194b2b18a97478aef9d1a72390aff14562747bf080d741527a6655ce7fc135325b457483a9f9c70f91165a811cf4524b50d51199a0df3bd60d12abac27d0bf6618e6b114e05420352e23f3603dfe8a225dc19b3d1fff1dc245dc6b1df24c741744bec3f9437dbbf222df84881a457a589e7815ef132f686b760f012" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"c7ccbc677e21661e272b63dd3a78dcdf666d3f24aecf3701a90d898aa7dc8158aeb210157e18446d13eadf3785fe81fb7ba1915b3c04c41b1d192f1a1881603c6c6291b7e9f5cb96bb816accb5ae55b6992cc7787e3b8812efbed3d27d2aa586da8d58734a0ab22ebb4c7ee39ab681c1":"bc55ab3cf652b0113d7b90b824c9264e5a1e770d3d584adad181e9f8eb308f6f":"18e817ffef39c7415c730303f63de85fc8abe4ab0fade8d686885528c169dd76":"ac07fcbe870ed3ea1f7eb8e79dece8e7bcf3182577354aaa00992add0a005082":"956f95fc3bb7fe3ed04e1a146c347f7b1d0d635e489c69e64607d287f386523d98275ed754e775504ffb4dfdac2f4b77cf9e8ecc16a224cd53de3ec5555dd5263f89dfca8b4e1eb68878635ca263984e6f2559b15f2b23b04ba5185dc2157440594cb41ecf9a36fd43e203b8599130892ac85a43237c7372da3fad2bba006bd1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"20f69bc4a308d1fa40146bfb8a3171e81a66ebf4c83fd46b2c8a3b34df499a6c92f4bc9699bf6d19d5c3f45245bb0fb08310eb7a9ce51883b0c36271b5ff0a1c00219a04a6b571362c7a18cabc48f2fab0cdf3434c9f72cf5ef6a61feeedc94c72e28fb5a99345dbc7939a3b8e277c5e":"882bf0edbb66ebb288ce741997ffcd3380049f5007b30e740ece190a01612dea":"ca1da31810bfa6c02b5863f87d39668d796105430c445db157c41a0152a0d200":"c344b0bfe801da37e2320d36b9e6452235e6f6f4cf3190d414e859f4ee90e5de":"8ecac7a65cbfb7a849604505d403acaec41c6ffda3009f6080bda79e26d1de3bdfd88fc9bb9ca1dd1cd8d49e3d0cfb0f0a2e70ae1834e8f7d7f79382591e8bea0a0386ad40c98d097122dde0dc2f4fd3258d40dcdd804fdcb72d62ef9041518c34fd8a37684bcabe2f59594382767c2633bf255121ac735852fecf14440cb623" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"0a13da2edd9ed097631860dc29cb2d7eff3519910808e7eb0c6ff1485cdf758d9793ca69779117a63a47e386433f18b882ea8c8d3179dcc1b263fb263bdbf2ab818775a881964a5690a6e9af592db594a39a960e343bd4edb7747d75866e1ca7125797d2bf6a644aed6e3c8443f94274":"48445b1b6807b261d10569ab4b5d8ab5d97ebd3d9e8194088b10463abf11a2df":"6b742d07c45a031795a7771eace89fab782eff6a74555fc2eabba00d1d7b7c15":"cd0493aa84c941c1b7fce37d2e38c199fb8c86ea0c5b6a536118ae423ca7ab50":"fa005c9119a898f2fea35b805a2bd8be88c48cbdaa8582337f1f407ce3e49dee8011bb1e4ae33317ca6d5cb645687a62aed86d5803583a012d96b82e7bbfbebf59fdfc1db0a92586a843f6e57056f49726e89bf98b641ea60a3c91815edbaf415b2c4eb7bb8c56ca5d84a3587c64a945a6e3d625b6763084c2a0917de6bd6746" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"fffcaaa7ae7787e12e96521a3e29a7c40ae08a7cdea9974cfcb894352955e65a27c8b01490c9fa7593734ec27ae242a20d0371c3c664bdec7f368bf53a930cfb0933de5d50865cd757b63fa350341375f132dd2bf9bf8c6d9d2ca5354e284bbac677c269298e1a5bef536091081446bb":"5b1c1a19b28b09d08bf9cde87b4a6881d38a7961bd7ba6888de06d0c78fbef13":"5ebc76ae5779fe563362c6f99bba35b4b50eacaf7192c68b82a376fb7f2b61de":"95831949170105e9c022a7711803f9f7d617a8a137145b4c2f6ddda7ebcf3c5a":"633cb6696b97f2d4119fe242486e8affdf1b3e25a94e434592caf0270563b210df6a9f9405c2c33cbbb750c0218f718116b67232db874621832ba78b040523b2ebf715082fd23fe7e32599402af95156ebeda98eff2a8f2a4e295b9afb7fadce956cabfc1183f20e4e059d91604fa5d77065c4a006b3fb2c15750206ec936e97" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"ae8a6a25b266051cd41fd5ecc682b844aa3a09327216eb6ac63390250620113124145033b99896c21f8dcf60271ba681156406ff2691886972f53c2e4b449dc94fb09a2960a3423d2f4ac66f973b4a89f80c00af6fbe4b0bbd430b12a714d40e172e99f909916a27221020fc72259cb1":"0acbae3c085d2e5e760b0631c6ad97d935e96b0a90ed4a9867f626951596ded2":"2d74d07e82a033c0bf65643a6478856c92f33ee55a2682c17e7c42857e8e6fa7":"a1b397cd826af3fb1b949453e96878e59f0697352929b15cd678142453479e55":"c309567edb3d40fd8d828551117964e20041b031e8eb41a8c6e95e25e0f43372585854202c5d5796ca4fd38b7b789b44410ba3e3ab7016cb6793625be27c6c8d39499c402e4d52bf2c0bce21a5f4f16d80d5449d5222aea19b64de25f8f5eb81bea7c491a329ca079a99c9ea00cbf3354b5fef435e8d4cbcbfea7486d379a2a2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"e603b02ccd1b3e2cf27a2a5cbbb6e8fd205ed3531ab08ce912f915328ea1c73ba7a075a9dfd9805101ba2f0f6e42ebff7202687e99e1cc914036146e187c16b83999df442f0ff87b9d82fc7831714d820c247f1a2c3eca9d32ef0039c4a2ebb9962d844e0032a58c604d630f12884742":"27e863c2f9f91e9540f0201dba0fc63c3c623ac89d63368093dec2f17b6868bc":"93e967f73929f2be339448735c74b571a8b80c10bda2ea7fbea824b188a7db93":"1ff3a43966a8f64c42dee8889ce2626bb370afef4c0222b926abe1be719427fc":"7ca6867ef568c8c323d216db96b642576de1f5e82d08b84e6a2752000c5175cf49d6096dff7b714a45a72a69e467ee378f4eabb142eddca926a3d01120960cd7aaef1e377f447b0bcf8ee733d961d0c36be901c7f406a1dc81cb2ae2e9f6886f5ba1e481e7c1396d2c89aa456b2fb34f02a91d0eda8784c26ad5a6892ba5ffa3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"222dcb4b31c7bc37d8813be78d95e9d8c0f021363862c6bee5b01e6c9dbdba8c2ae81c52b90d4cfeb80697fcf05caa08bf81702a92a6bc90b531b363db5a5fe4f50412621ba390c1cd211a9683c47ec7ed6d15513bd49d10449f0c450183f5a7b16466a37df5fc79a4ddd3ec6bd0c56f":"bcc19eb476ac96567da10da8fb714c2f9fbdff28b7c74a5cbac80ca480e61de6":"46fe8bd4c4789c373707050d0e700e50d692ba10ff2fcba20045c9efff7373f5":"68c956a95f6a2c9cdd06e461805d5270b0df3c9fcdebbeffb30dad1a852fb35a":"8a54fa9818602032762a45c9f67f668860ed605e371a6382082509249330fc24d13c4acf27782a7d2be42721bbb9c80c6338acb57a715ed17c008928166f9a090331db4fe62a11ab47c966bc3c24a8be942e350a2dee7c7e9f620386d89a1e0bd5298d00f94f9a931e50834a2a85c0175308bc74a34ac37ab21305c511866263" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"787c1fe1498bacca291f020f80d6b556e4f0d4fa5adcf21531c447f28e14266e4f2e9de3e12557756348d8b0c73a1301f43ce41038cbb7dac60d8269495b62ca7452a9c4edcb54e7d477f0c6c6b7af61b3a3784c775a5884cc536f60132e66386dbb911577aef75fc0a68508432e255a":"91f18dd75859c2938edb0d81f9d6095a2bc7565b67403a8777cd059f2631c958":"92d2d8091cc4fe9f5cdf2ded2e358fa05a7d8e4525333b4c00697ab18dd1f995":"2263cbb6e29bb9bdbd803c7224aa039077ba43d1643d4754745f89d8bb6f888d":"620851d2a4c8b6558e18aa5e2d454cec83856d25e619e69928b578ea4d4e41c662a4cd0ae64ee756b184742154d9e7a6283d78bb8b6ce53e2fd2ce93cc12ad78749cab530a7f996c83117df6d217170927d75a0c983194816d2e21f92840791292710178b3f7d9fe1003041d2d9e7c59943b14409abd7956bd5c31190a54ba0b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"1537f9380d97e98f6e02f4b10182b835f224cca2278f37a8cb1411a1c6cb89eabcf37a8b159cdee3a55329b3816f8c656c7f63835f860b4a5e3c450a2afb5b892b4da708d39614921a82d36cf23518618c9bb0f5332492c1740fb385e969d77d5d7e0aa0a4066cb6bbba4e4c7fa8ae73":"6d89190aebd160b155d5dff8cc4393f095988a1551bb154fae621739a4378430":"04a511f1d8e1994879e2372163b5a45289966df680350bbaf9baea52333e652b":"dfd8c8e467628de6c121c403816a65bdca01dcedd05778b925283f92d3cb5251":"61edfb457546493a43fe1391b8f86da01c1242b3297f3c4ee02e04e37161725f4182b144609335f0183b477744ce3370ff64ae861c728e7526148eac3fb07403a27c3f82fba5ce505233a4e38b8d40c3f44cfe3cc65c6a89127f803b11a3f24397a20409b594e193e443190155da50ff1134c8b1adc5006c7ad201887e6c1ad3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"842daa3d64b3c25210cb0ecbb251333c2ee4e090a992138a5d6f9c455a8a5f0d28be9fb51ad223ed196d5c245eeea940f822952bbcf1e2ba7d3dbf526ae44ad7e60e9d99a833b3f372f77adc440850f3fdeecf48941dbcecf6f710d99ae54939f9bf35c3ef2b7b6136d7778b95846af5":"bb9376b79ce2cede150036c0626ddaf8bbd960ec04ade2694be6aea6ce8946e3":"41431b7537968a2ffedd6d7942ee21565f34a5155de6e096646fc7d41302ed96":"946b190e855aa2d4fa7544e9858ec70ca9ac19ad510bd7d625f14d16a80896bb":"b0d45631a104c246a1af31c8bcf7f7bea92cde3c259fc029072c51e662a33c040cfb1d262c705320b7020bd1365288c1ba9b3bde9d0a9df8b9e7275e8637ce9a1896877e34323abe8ca3dd0262d3d75ee3a5af505235e354aab491dcfce11287b7c73dfc4c97c47f0373cb93baaf3def2186a53095fe8b050c94b1cef109c07c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"aaba29c12aaa011619c07efca75a186714d97eac18d75fdc8b5b36a9ef247bef0f152b758cdbd69256bd8697fce53d2b59ae1210a350319834d6721e9da6b2cc1c0e559a26804d47953e0bd5df66ea2a0c449fc0a8dcc16b9b0a82f5e6f85a218cdddaef40c254c1030a9bfa33214ae8":"02470d6898bcd119cab49242c95fa97b56a495f6d1c5b26d1e877b70b954e3b3":"e4e4293148c31ca6bbd73706e2dd2f36a22d3af3f862ddae40ad35d51dd6781e":"34c6505eebf018676a039f201507fa38338594cd015fb4d962d1577befc63ec6":"e1556a8bca38d5c2087b5c61156ab91566a5da784647e220bf4ea0374e187d4a4bc373ec891472daa31aa0dccdb56a8b42fb2805e74251976ffe5e02b446af8ac6a9f0d6f36d857fe6d3772d9fae7ab08b360e8de2529dec80dd31a5a5468034aa53b10b6a73068fd9e046b70e2f03fded8bd85f7df4322d4fa5338c9cde0471" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"742fbf9f39f9d8c4279143f88a6d30307492681ccd58e8422277259a0bf87aca24c5d6dc4f650f39c3403fe1eac1ecb079e7b9f363eb44559177701f93da93aa30dc5f4b933209073c825ab2b39b52ec23caf049f760aa385f58983d9af300ec5f831f2449d2508bb5824abb622e00dd":"c2c42e63d43a765c2a49d2b35c8ba98a7a67765a0c453d2352d9f224aeb06176":"794083185e79cf918faa846bd12287e8ff1e620770e0e08b33e8e1da8d23cfda":"ed7b902eb55b7bdb2b8bf70711c1f7a4bc00c4dade92c9d2459db060551336af":"c83af90a8c7879e98b255e9c6b1852bd759ccf8f9c5be4ea5e9a356df4c43efca41303d5a322a7e42ed12b8b0b715e1d23257aaa366bb261e39f19834c38a7a883bf2f01c47a782edb7905cc61742b8166974f5990330a08168e25d4aab6740b96493ff87a424ac6ed447ad655afcfde1d2ec6ab2ba811351385ea0f8b66e318" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"1437958fbc93c701cdd09fe81a90af55f022195388264ef03758fc08bfd0dd80f63c7bc06945eedd58893df2b5f5f62b222ee423dbcc5491d1a57155891406c79e8ef51fe7575db8074c4e40f50024daf177548eb130a8c248c2b7df99b6626ee062cd5e82048019b32cd6c7319eecdd":"c443f891534c30d8d2b1e2072cb5b824e6d3ddfdd1e6c7757e54372d4420b5ed":"39f7abd306f127baaf8cb832b67c2564287efa433df8ecabc40b9744637e6bfa":"eda6950002c866c61d2e2dfcd9d69e8c5154b45f762efd688e26044adc3957c2":"8fb758b498feb1c0e961a8f86b821bddde387dac221a8191f71b6a64caa2bcc4a475460823996f8261b8e22125dfeac5c9dbda25525dab249cbe469c5e224478964793bf822446721bf5bc85e5da6ef34ddcb7c94f109193c475904099b06e2a7f53ba6dd94480dd5bc9fff90150286c4d3ccea975925cc8ed4ef9830389b9bc" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 256, 256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 hmac_drbg_pr:MBEDTLS_MD_SHA256:"ef9292f4a7a67ac4d4eba48936391bb45f8810c2ab02ba424cc8e4add53d1c514611e3233cd8cc8f6d69494dc336cbe1cbc67c17520af442933a235c6aa6b8f98128c66fcdd77843ae32e06b7a31689c9a6a3c540a19081bcbe850278d50adfac3638ec8cf85148a0547d28d0a7025db":"f4a8721a2a873f8fe94e4b3e137e866c79212f9c14f89be156c47a5fbb9aaecb":"b38a6628647a02c0de5b7acb939d0d1896c9c730106c8667d810bd4866ebaee4":"366370899b2a0d6f049e7d820061599a675cba5d3bc82ad747fa731bead8efb3":"1947d468ae4fa4da7f45cfaf32d62a4369796e532f1b03b1495587e6bb95d8330f5b7c962a9b0a2b715d9def79194741870e5c47d15a7308843e10616b891fc9e5cab7db901e0f1efbe1217dd627c71b54c98cec0fe1b25a84caa56f0bde247a9d9183587742a38825234b6b6cc808afde36ef5e17bcdb2c72c7645949289369" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"51ec4987ddacbcf6348e4a891fa571c6e3aec02879eb0181a121a4846344a687cdff9798761875320256e5a59bc94663faab8864cc0bb1e64343c0b978fcc0d6e84d0d17c1c1f4093fac3b4c01837c6b37d189d7608f0c335eb38fe1f43573e0c525093f60ef618bab297b8a4d9d8c16":"":"":"":"ade04730059471b1829bec8dfbb0ec708be7b4e77d688ce7cfba9ddde059a52f969407291440aa79492f827fe1a2f6568989fd36b4fd84e6699152536bff15388af319fb306f07de4309eb92ba3da5f7007948335993698d398bac42029912bec6ba39226c2bf238733b5081aa0a2ca392a719385184be619d9ca56771d8e3716a46cfb339f93ff48abe406ef788db2ada45ab5fcb7f689bd801a5ccad855b52cd4bf1d6e338f2c3eac94ce9fdd0dd06632d01ded3753e87957e8569a67eccad" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"f8dfa70524d46f3545db3c687fe85a8ea35e32eda470b4e14b8b12f4e9c6bbf6c08efa9ae1df90ae6f14b895c342ae07b5e8d563199a141c34e709c6e743260b573f88186f40f800c4c0ec9f9fbeba49f103bfa2d62d7ed8fc9ff88cb1ddc5d4ca4d074e0053c069393d70a5b3f1df3e":"":"":"":"05f4e609b085d28958f5702eb7b99f2e0c7a80f095907abd5b7329628aa6dce2e2f8bdb7a2992261ea414e6434dc98162d02c51936542218a31c6072ed55c9ed83c79698de7ffd3835d5e4d0f3a0c2a70bef2b6c602d1e0cc814c71b2fb1a001fb83a0e2befdec7e4749629693629ea2397b299cdf491415dda446817dd7d28da431f95162de83d917f9e9325774e2f7ef02fe8067cf4bac47e2f61ba235b532af3aa95a6517e9f1286e065ccf9b3eefa6cab4c940c83ee9a11da55ee21c8d06" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"7ab7da47ff7a95ebf2367de0a25c7885d80931447d2f5cc73ae7f66844910e481e05f53ca993b0266b7cde89960d681a3d3c568d9a6e35347cf52d2e0ff7ad1142983fd7d2c848674315ed3e009adb7154fde1f2d90019cac210dbfc06279d48fc7c2e900652b5cb638c1260acd896ea":"":"":"":"f00714df243103f54b4c0c516a7a631431dbefdecc30c09e8e834f09882100c1d0276273568cc6352c3028c156371389078236afe57d00edaa226262f1a7f6e0011ba48d4b8f089cd257b6b7cfe80ca2bbeee99635c277254546d4adbf046935791be21c48a7882ef6cb81f7bccdfcf9bc430d21cef1d788d4f4df6bd6ef5bcbf48e35f116d482d880f597bcbcfbbf68bc77f591bd7346d7a1085fbc1c2707c17bb288ce6bfb0a78a54731421762f18142975b8b3b79dec0d852dca80f1638b3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"40e83cb1fbbefb44426350916b0995fb6a1c5394f2fd625774459548cfab27f2f92e2e889d3deeb33dfd6c40f610b71b70387af8d70768c52b36bb2a59f3ad9a16be98c726c2d65af457b2f7d81c75fae82523c977cbdf6138b1cbe5a9b3ad402ba197a3009dba459d3f534ea143e5dc":"":"":"":"52cfd4a4741b6575578a1b7aab91a366341cfd483799ca08b851bb0dc2f2bf640e90c1406fd09fbf9166bd55d46aaaef38e0449b7187d019e68a3b98a7dd9cdac63ae9c966db4d901d37cc147835d017915902621216bc1835d70dc2101ae50e0541f796bd6bca2e53260ba3353e6aa4eee56f80aa329173e347d83d050ddeb465d8e1aa5450e6e7eb515a92fbcdfd8530f04fae3d1a41b13151a4827f0634d6e80424c1e934ce0e2077f5f31fd177e9a42acfcaa67d4043fd31a8ec72a39e6b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"39927d4fd0c3eba2044002e65b60d3994c3aad0c705bce2e9e41aca30a7c2f03e7b4968d8e729e868f5fd57b49a4b862b0bd169a4e2d77bd59745e778ca6fd762901ae3c0fcc48a0d6ee22bc8520ec450630055b3b66bdd2dde9f5215d241fa266d24342b50d42e2db5436a478c7ebaf":"":"":"":"96194dd1b6ac5efb3d4787bd1fb4c9cc32c29b67ee34369a7aad9a56f64f53526e9207c1d4c541c6e0df4960c54e10168284891841fe554adaa5012f325b3aea79fa4db8c36e67a0f914d9ab361d8ba0b3d6ca4904103f14a30a90dd6fd7c3f679c272dee7f01110f7229f4f5b6ed152a0149dc5a7185bf637d10899bca417cba8f919a2800d8a72d5575f0c174f98f77a1afad850334204e66156eff4572a6703aab50b850a8df498d1d96b1e2bc1ac34aa4399f3b13e97b4989539ca78e97a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"ad10dbbedf980a0c33576f7606e14785b2a903788b9b7cb4c29cf74a8bbec877999ca28c36c835b60680bab9005d8e4f341b97213fdb6a52e783d19850906cb643bcf48c291cd186ebcbf0a287e459d1795e29ffb0c7c84b0f6dfbe219b4f85d9fb893c0cf9134263a9e6a36c76d02a9":"":"":"":"5db269714c4ab774c2eb14eb95e9b60c6ccaa6e90f9f879e295cc007069dd231894cd8fe0c09bf748e26940160cd0cad75dd2e305ed1f2527ba857c42c3d0662d25cbbcfe342910498ced309cda1894a1186ab935fb614646d299ca56f86defdd0a0f52baee1b9b9be05df85a05c225475a7ce1cc58ebc488a4f57fd1f983881754dcfe3bd78cac529e9945c89383e331f0177e721644b3a8d82deef548d161e085cff59645a345cf7af3f3582bed5b81c7de7a6a216403bb88804f7d16ceec9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"e9506dd05bac4750f5d5b43e0663ecba6444455ab6f662802897a493ca11ff05f76045b621004f4a88fc6b1ba859ae795e4846f17c3b1c127a8ef16d32381e27eeca77ec062a8a8f811f5dd7f90737147f5fca2b7cc89009b0350292b88d1de5de94e1e82bd5f7bf2e06882a925977ce":"":"":"":"abc3d68bb9b0d29655ee2057a60e59fb84afbaf9c75ac5d146a9856384022e4873a6abb963d8795ded5ce33f8df9275f8ae4c3da0037973487348645415ed51458529bd7c4996128c943ddfa21484521fc645723802318ffd5191e957ec453a8e922d48b1e83681c1463a03c34175a5d610f8f3709b3044f45084f901704547e301f9807a7d92036e08a3eef791f67659816fcb28922b9b52e2a4a2e81cb848f9ae579cba346b0507e91f26b70d199acb6da5d3544b8caea762f6f30178636d8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"f1f00ebb7cb4bbb3b0a083a290d4d3cc4db53aa9eb3f2feb1d428cf6d8104bdc56b2a30e75782693d7565c5d1ad6edd6cc22967eeb5f159989c2ed7fdb62103c055456f5e1a3163bfa034c502ccbd9aa75385d4777d03a82606a890c89a207494d082becc22efad8fe69c367fa9e3350":"":"":"":"6b75aa14c129d011191b9016b089af15b806a494e8e763a7fe902479155704e1a92eab48ce29fd0f1e9d5a2014757c3cda6e021defdb91c796cbad709658edad6c8f7ab6aebe978d507459198e0719eec49b1926a7c4e33e34e8e366966e0e4e7f3ce0aed6e51d7804d803aab57257ff1250ae8b76bfc48a505d4600bccdd992d564b39c3519db0c7dd26f5dbabdf3c098735688aad1af8525e8a6a343835bed094708b78faa300c08600e638e6f24f4b2b78df0d747ffbb9521cc6786b9c89d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"1f3bade86f64dc0770dafd6a4900f61baf003c6dccec496856b7b08cb99db8f371f1c9606602ad397e0c757f56ec6176c04e832302fd6fbac3519af6d2cb9da5a85ee70efc19c7350145e904a7fa9d3199e1f6213999ee3bbdbcd1200b4dd4e7a8f112f3a37865e494bf8549349e9e78":"":"":"":"1a420c51052534d5d77347ed5751e44817824ed75467791c9717875dadcbceff2ffe024952958d4718b2b4028af83ecf363d57349a36476c0203fcdf4952794aa66b3692e7b0810ce060601817ad0794574b1ce12d6a7b6ec1d0b1e0acb2a6c453be81bf2d17e1fca7dc1c9ac5fe4a64069285a8cb9408051ba5ae4dc0c8897b4a216109b22ec56aace995a453f28dd7d2c38c7d44739b9f09ca0e52d62f204e7f4a09c3e231c8cdaf54f941e8d5565b25155be21cb316417a4c005f7e834d0e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"1b288c94a8aa7499850d7bf82177024f20e8ccd502b7b0f529c47185aad4eb82ca1efc0104f93cc35885e9894671b9d74fa8237f5d740fec09e90b88bc75124e564f1f198081d51c950dbef6a6ebb2b5e1aec008d8a5a4c692f6467c740f5026807bafc0710dc8e9197aee4372b429cf":"":"":"":"3daf72d94056e6c7138787004f40a4a0c81a244c8aa14c332675e977330b63315916d8fe6ba8f0aea5a22def342d4136d1d6c787b3a6c6c05a44ee1cf9b2d8911974974cbf7a14ed5b83fceb8dd8d3ed59194d3fb6cce579a97244091731a4c1ca1d6e4c9d2623a41de665ee3c8236e0da8710208cee948f248329781f40f6f4b4010508c219755b6df752b9523ed0c9644b17250bbc88b4338c688e97e952a924da894fc986f7e807fca4477be94dec993cd6910709d8032fd3a5b97612cd65" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"1e1837b46486b6e65713327240bfac6c618e817787c277b995c92dbe03b9b01de8e100b303ce5bf5048dccfce4d240878ffd5ddcb6754292291d1a79ee1e62b6da6b23d7a83d0fe9e84757dcfa51d05709d54142b42dc876506876b136b6df34b485c0c129581972bcbc674b893ad61b":"":"":"":"23c258b93d4e9943783e88b244a52cde6747d8d7ff28b77e2ddfaa2edcbb29eaf41dc75cdc2c5b581b3a59fe20e705223bdd90e786f6c6498330ec9bd7ca7303e53c0b21abef1497210f8222850ca7f01e0af4fefd36d82e711fb17f581b951e949876a5ef0a212fb73af4d32f6bf9fe8c9e60849fd2311f3b5cb8a4abe856b3dd629fbac41e6dfb502d1894088fc52832cefff807555457c03ba7b7daaf02830d9ff8c9e8ed09ddbb68d6530af0cc5ae9383acd34c89ec189f5a97abbf3ed5d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"67b2a6e09bf31ecee8fe9c719491baf3c6efc0e27519155f99c94667d727420265254ee6d34c6b9c03414452d68929812f1d23aca44adfaf6b02f519dfc3f034bc32c1b763a129a97c7258e5e77ba69d6eb459be2cc96fd6150b6040babcc406143bdc2c1862c7bf6607b4be95f3151f":"":"":"":"d0f71e56e975e443bd7364eaffa9dbfb60a82bd0ea6405de0b1301911449ae6ac0dc8792acd2b0ca3e68c2abb982362eb2a7a8f95d2960579f9932070c9cd7abd57a36759b2c6f12e20dbda8a16a17c29b70f5bb8db0efa9451d9a349b9917b7bc39af6c6be8217e0a6fb52e6a4c46dfe41e6a9cfba84335d0254cad07557fd7aa3fea185c8c88a921ea665e410067395791785ebdf1793038ceef6c590e64af00ac4ce69ac3d0b497feb93b4fee7d55cf0fa40dd49ea748b33f038b5097578c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"379d0a38c8897a6524d6a59df4f09ba975c146be7a398c3cbde8c222fcf998102e98223b81dfca7fb5bc92b164afbaf50f58b8df04889dbd69acd59f7d5ac08f81984910ee20a4d58c51512a3ed893d7b736da894a0b52f75c5208d14f858dfd42290f4181b7aa249097b93fb2bceab8":"":"":"":"166f643609dcb8951161ca15b3660759b69da616b45761b8cfec01a8a7f51a0bb1cf256c9fabe69b29552f8e861cbb3160b905d24845d368a17ebf911a839384c3b3aa6c8dedf1fde12384ec9535ab9d008728978ca58ad88780cdc3d272d1dcf2059b9bdc0d2311812fb1b559e31f8e5a89efcb2b33c705555ee0efb23d2c4d312fe02b998eb78af85e3839963afd98c1c644ed4493c3f1af0cb210e660748cadcfc9ef85fa3b5fafe345756ca34e7b7f88d3aff8783e92da00dbead5d51f89" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"96041c211e97d480d149e75c876886a78fee171e0f395a952a0e873af4dc22b46cdb68a60dd1d5753027e544643c5764cd65e202eb821804300ea618e8ff9785f3bf2fbf1b1048cd4450399e2f642af38bce41df8fde3208055e34d356b1aa1b0180673e8507af2035f75e9fe629f979":"":"":"":"51475ffba32991781b17e38ea58b08bde40f03b64824187b9506153f41c233f34dbdc52b63cfc71b120b4fe6c2866d11e9aaf44f82deddaf998caa56a4dd58a6ea2e8f5e3c4ec7fef73e5620cb6a77313a4bc0b135c57d18085010a4a026059c2abd4b6d2048393c5400341928f5ee6c5a063d679e185eb9be2834a1009d03d298b9abb09f993a8ede54bdc4d9a95c2af5552aed9fb02cf598a18b5cfe6c811d1ca4ed764d0756fdfcb5d03aac1ed80fc86595539c105da6b66a00a91caf44fd" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"423cf6fb44605cf03e3063bceb92c156e38c5badfaac35593139df46d325242c84908baef2f824bf3ea66e74bb4127a0c5650c33f68b5d33502b1f55e06fe2c1169fb34688a09291d1e12e5390a73da125be4cf15692e3e6ad0ab6ffb22cf3f77b00333517ecb2239c9b81e59a72d087":"":"":"":"41f335cf727ffec9ebfe7cb348d11cdb4e5e49a9a047d8342a6656e5d235219a5d80715166698cc1f16e34f743811b820e6ea55c2bdd0db1b97ea2269fbf60c739feed818282f447bfe2bd0b9a7c479144f0016703aff450abbd87a50e5e5af0d2d9469175542737bd116de2a73acbb74d9f0077a227704f271fe0696f071914dcb9c0f0191fee35eb66248eb17991b538649457d5d5f9d4bb9cd81c33a14d2becce003c143c9cfe39ccac51048ef169f6a22143eca721d04f6e147749a44a75" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0b2307c32f34d3f3c3d6887fb17ff68b01f158ef07438a41cde27d2d6725277f33f60888aa32b9b7406f78f47bd877a1795496f759d693f3f8bbd65cb5b2562c4a8d4a717b6bb8eeabc4d8f56118a97d3787d3065f1e20e6d71a1dee563fdb2d56561128fa83d8602fe0da3e89b019e1":"":"16815bf5482abc969179152f79aa34a04c28d483e6ac81aae14f7e0e051a5662":"938c363df2740ba9ccd39168f9bbcd7d421566955f141e13ed039c4d86195392":"959517e0b27d461d678ba2dd528bfb7e844f7bf14a15fb176efabb3a5200ff2b373c7c0683f095798951dc7ffd62b172ed814954c44087fc7a6695a5a275bc8aecd3a2ca8ed631a9ebf5e1d1c515542c67f31e16fd3ebc7e2333c7dffcf385f0d6ebe16b9ed42994be9f83d0cc1e2b3b5773cd2963639ac74ce64a311ac0726014bcd213818cecf5d562cd1c5e97be4028f64400cff31fcd587a004cf60f03c6f3222e4dabae5c4bdef8819670f77f9227eaf55eba5238f90c4bea4f03588b66" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"062f2aa7b48c983c1c6d00d06aa523a67d4e86e5bd266451bb286dcc5888f0f4940c3b022cc76d68e1706d62fea84d052a019b921335f69ed5dcd902632116759b68e09b531de276c9238faf3a9802806750454a5260bd808b796cb12116354b9a7ab9ce33f8dbd40ae7e74a07cfca02":"":"4a217bf136c3894ff7a3ca07eafafa286fafc8a827328b105b3a8aff28e49d14":"e433460e9414b21fc3d5e2705c08a21a36acde4458e24b78dcc51199b97c7a9a":"5c980247a1fa16ea086d54084281c5fd114777ed21478beee9edb175be7c4066b197065da5f4c15750783039eb4b5e2cd4ccdc2a45c49ce535f03a36657f218fc616b3e8ef0c84b78b0cd1c57477242bbddbbde098be573e20d6ddc76649d706e7f6c7ca3f44c845c2c9c9d316ac8b7389f7264c6f8cd6c56ca5503e5b37f52d19e8d47cc85a04a0196b9387433bca3c18dc30b47030fd297705101826840991eaf5b856a5ab75d2bbb70cb13e0dd1876802fc2bd776a518b9dcb9484c499644" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0fc79576bdba77a815108bc9cd2d168ee30f9ab76db70600ac95fc40c1f6b724068c12b99cb4928247e64b2ea8e75c728ccb3de18adfebe24ef99e14ad54bc1b3a486891b00b1c55172d16adb00ae58c9d8ae0fa9809245a56c9118048199767d35c026e6664773562af011c2ca7025d":"":"b0c200b6f8548643529fd414c693054d4fe04d8f76c3fb8ccc6992ffc25e6b19":"b91bf188cbaf4b01350d726585c6f3601a26b3654db2e2690a14f1989f83ad85":"7c64e503eea5b3df44dc0eb986188c312a0f5fe1f113239984608a69ccadce8a7c7f3136169e075b0c61812b1e74dfe6ab2e7d6f247f73859da5a1068c92ef8e6aedd94c3904b973ab887ca3c38de70b8b312e32a702710829ddf962f0e08779ed9770975536557e3f912ef0d5c4969202af50252117eca8182c30389c9b84fda95118f8c748f0b1752c1e58b8e0af530376aa34cd874cf49628bebbd7353ab4a5f64bbc8e3537762fd5556c680290b2c523153432a2e0df1658f2a5507a30a6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"ffde7e2726e89cce816ab3e22572fe31434f3181d0578d51161cc77305e2562b755008c7e4ccc8ec62806bdfbcd8508ae418fcb0b57a4d1007469ee3d959a07e949094b0a3e5af69aea3a90a222630978af9139027a656151225a2183b92e980fff9ba9876824bafcf18d63c916fe7ae":"":"bda1741b0b39d9248dd062870334e33cecde5c5f63a07a3030f98b021c6849fa":"1b5336fcbb0ed183e0f80cd31ede4f324997ffb842a83957f41d291612c55e8a":"61d542e4794e9bd4acefef4b325d954c8ec6a29138476ab1bb037507cf52c17edbd511579be5c232a67269ef42364cfb4e2aaefb31d9e8e260a04e51d95c2ed6c5e0f095efd92fbd36edcae4393659af6bb98b0b71b281e91e1df37c353987a6a9e259f2735fd16b8c1277df651b26ac3d9f292c9252be7fe09ab7851f515325a078cd69a7573a4810ab460c4c9e7604e54242ab956fe471e90f86613ece7372f1aa934a50dbd0457033843b887c279f14ad6b4960f401b7fb777253ca5e295f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"7946fe7ada4b545090d7647c99f71594fa094593115c23888146b27a7ccbfd77ce305c1ae4fddbb75a65dba4f0ea18897bb7e9aff3138ba030005a7d1c5802838ebb20848f8e81e7e8018cd0d0dd921243c094aa710f6b0b2ea004bd684799e3caed8c3c8944d5da995b88fa071d7526":"":"b29a506c7bc8b2282570223230664193216dd47f7d20ccdd35943a88c58c0503":"3a4c00cd2f278f0e82498d33fb6ae9e020f4d3793e832afc9864c0b7b6cda43c":"8c0667d913b13866c7eab98471109d966901fdc66fa4dff8996ce81ec5185ce374b118da34e07bd82833f20fa4e44ef159f9b0c47c046307a484b3f52822a596bcfb49b555ec8d481fb30e13dc9898f093d34cbb4d696d70161315c48def73bb1c8b4947c8ddab101d4918f5cc00b890b7450e4e10c17c46ea7f5e0a1df65a1fe74ad2577e592e7bddeadb246fa62cfa5bb8620220b18fff296a19a5a3ae6b833321ca779b7cb5b55658931610d8b7776087c41ee4d077400753681c7da5c5aa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"5459500d5a709b88bf067b4c390837eef5ae2e5f109c110a84cf32f561d26ddc567c5f4cf0f418cbc2a56d4325b2727f875cb1ceed3167136f0d93940417f616a3843b686ab4f5dd3d808801054c510fca5ea8fa0465f9d1afd8e0c68affa10f5af61e594e66b2bdb2372caa0712bff1":"":"eaec7b75ee03cdf0508c0ca171b005077954e2cec7230b0aedfe32a15cb1c855":"cdafe409b871625ab1b06a93c4d5a1f8196777370df18643f97050d7756adecd":"486aa4063b3840f0417034c65676d20da22c510d281bbf407855cb58a87ac9b33511d692315d88d27bd5d1ad5c35ec8b99018b5ca64897aff48544a5e578124ddc00f785deb60b0a60dc4873fa9a148da4dfa1557baa3aafa22680a40f650e4992d21e35fab3be5458dae13eb2caeddd8704d662b221bda01ac6329e2c451e865af9701a7ccb69c0ed0baeb226e6fbd2b871b99420949570bf5fc61c673aacb58feabdb304f870939d705426aae55cb3a2f3206c33abd453e077c4565c603a18" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"7e74b0a5413ee2ad8de814ea1f556ca5c54c6f11159f1fbc78faa86a74c4871a11658e917fed348e779aae510d383290bc6c4f13391709f8aa9bd79f38f310e2ffbe7fb1be3e6e3aac9d879f1e5fb3eb1fe81675cbdd098cd287f66fb9b28d50e12a64b9e08f28a40ed446fc3a12585c":"":"d152b0aa1946cf177aafc7d47322f8c756831550ec79adb40f34681fd6b3840f":"152229388caf5dc50454c2514d9ff1a4b70e3d1d9b8b29a228d59ce67e8bc586":"a1e2046729e849482bd693e21779e18370a542e2fc7baedbed054476f35447e069bfda33fa2723ad425717c027e8b30d57dd2fca8cf268849358354478cd8bb42e8f9a737c2e3d5490991e4902a52e86d1bafc1751f5908a36afca2b6b4663ccc9f1aa46e857e2ee61e4dc19d154029da48d59519dde64410b1d7daeb5b7b93213cba1bb059637023f928f16e5944e0ed2ca07be3674fed6e0da72313b3cb80b7a2d6533fc8785587366ca1b6769db803d6d840c5d1b6c4589272a3fe9371b0f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"70b5cab63391c5777e4e60516b7095dea3cf26d72b27c19f5a08de6634306d992de4c3f70bf2849a4c3dbeafb163f5d50dcbbcc8e6f4bd973636da95d71d39d6ffc9e67332088bf906921b9c48a7e3de158740a9c0f29a7b69d5545e390030965e305ac1653958360d01607bcbc39fb9":"":"ab042d23accf9a9473b43e82683e30f436fa492ba4a8911e4ed2622d481e0cd1":"b707e2d5a5020d37656009713bb100c55819a98e220fbdfd921c6c0724ba7238":"f3f82b7aa0639bcabecefc7b07b3eecc9962884250fad11b9351226f138e06e3e953e052792d0127618a28aaaa1bf5374a06393c18a326f8d3471010f9840dd16ec997f53fb981aa2b689bf1cdbf265b4ab698f9e8e9c054255147e04654b8fb1d0fd3a0b64d3880ee6e9fa87e0184f6ba307f4d3fea651556e0baeeb75f308fa32925f8c55ae0f355f8db8495ec6c46003763ad4ef36590ec40239b5e8530aadaac931feefc8e392c550ad4d89f5b314a53a0633c7a93bc05b588273e6d1d56" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"c17914dd6b73d65e5af112536f52b046d4963f9c9098c77d9dfe35ca7ee6366d4c0fed576ba4cd14caa3d0c406fffad2f0748362166975f5bcb9a395d568b8dbde3383c5654bd24f26890b21ee1f1cb10f3c93cf2df64cd764187c840590a54babc9c281de88ad1a1dbc2677fa8687f9":"":"4a61ee9349d53f8b3c1af36fe0a9303ef89705fd87e06e5f34b61e1350111279":"a9ad1cad4ca7a5af4bfb83680d4b914c23a6cd551e8b002c50f30be0d8693edf":"9ab30e3729dd8b2af987dcb793d7a3e1fc4ebcfe0a4ac976d91bd3897777effb210c8076e9fd135991e54abb4bb8c7b183a80ef37077692e519d38df4a04304fd83fe1d67d32147fe0a249a6c8bc603d99878039b873588c3781a193437f098094fd8c12945ef99036442c80cd1f544725040df980c548f0a675afaf62a1b7c225c9cdf0703e613c7a5d72c8b00d8ba199b8ecb48b6e0b0d103a3b0f57ff1a4b9189a20dedeac6eb26b1f66ea0c34ddded10af2b0133f4b5b95ac2239dd94919" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2aa5423270d0859a6e3aa3069a88f3ac4c30eda7f6e52aa891e4f995244a80d73d73f789561b00ceddf721ea59a7eda3157090ec192c578fc53d232c36453c5e8bc3c9c22f3aedb6a93f7aa63975d9bd3369cd518e570f6af0ab162e4c938d17dcd4f3ae46d7cd502ef73b2d40f50e2a":"":"32cae3ff757b79f2305a8b5f5fff5a77afb581faf5a3796c5ed7054d7c048017":"632eb6f1c827cf299f3403bf80af721fe5ff8245331f1ccfbb8f4e61ef5edadf":"1a85c36131a8c271d6c805233098bb29f9104e6254e0680c6e264a76f79ec17c7ac65c8a97610a0a7e5304b37d1ebdbe02cf9daa9e45b81d75d8c613afb974eb38dc49041eafa7462b4c272fdd3d7fd4b05b1e6142305ffd6fa634ddde90e273b51b02c0b68b823c77ddf3e93a2ab9436d0f4801f08a113eefeefefb9592683981423f83235f8e563ecdb4e44daa9afa5e1728204dde1bd254c7985e6d56897c570b0c6307fd49ae4dce18ea55eae846af2a5acaae17a71f8369b64f47b0e54d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"c69c61689d1f7763d43b22b6bc2262c377c62db60835114442fd5bd65c665705b5563b3b6e9e793d0f4128696eefc5ac603b3edb35b705ae39845cefdf8fde23f5479ae4f033442aa958e979c89bc41dde68d92f05b28c3644133d19788624bc970019a10f6b3c6c5b8dd22b0cee3e26":"":"15cd6984fab6ae7db72a4c099a064cdfbd141dce361fab0021872c91b1bb65ff":"86c295fcc7f9c2ec9fad377e0e4d0119334080f59fa68c21c19d7a1212dce03b":"97b971ec13db049ccd72bc597ebc2e33fe4da647d0f74855f242884d35dcf92d0349fdb3527c87c5431c10fa85569285096d3369bd1917c8c7c8650024acb88e5b17c42b50a75419e29757a9e1ae09053cf0b51dac437883cf3f5b1abb40a71f40d279bc9d596d0f59f4c70f81087b4446c402279f4486198ee3294d0a5f72eba7ba52cd552906371aeeedb47122bffb0d5ed27c3cbb86a6fc2d83ab4db7b6e1ee467dd1ec20dc15bcee168f2e200179714cfc04eac651a495a718e1ed985bfb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"4dcc7427dff46b7db7e2d3273e0605ce85c460cfd4269fce9ca3b10399b99e178b12f28786b9e3df457ac0015004844d6f6bef29ea562856ee82246d24982393f770d0b65d0ffc660d9d8359f10904fd8cbb76e648df60ec43237ff7dc46bc34920bba637a2c1643a53e8a88bb7bb97b":"":"4c0ab67b952186f2f85a0dbd4b2c1b0dd009dd794260ee7f321b2d2b3d994e09":"f5be66009b79f51f6aa0cd1a5a24a72c6a6c4263263cbcf80e8e0d514a2bbb1e":"211ca57a321cae2c6d1ad755ac924c92dd09bb1c6334ecc543ba78a18608479457bebda63f707fc28190b2d56e4cfd96d8c49fd146ace867236c57761ea28326e3d241d1dc35d7ca971df9d292f2563d33c5f32abe86367cf5f2f06628376752b353f72b501ffa94a50f146b8174cb7946ab8c8be382237334f37594418850a233c536d72763f10b06f728e3e60d3b4f0377d51b0de11d110a28b6fcb7c42b77e5f6b771c8e5d713a0f6c4d82ab2311cadf16b7cb441a417b2f595f32ea822ea" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"b72f34bf8209a28168ae7692e4c7d6f19feab9346971b85fb9f377f6e4a77dfb370a10addae744ac03f2f277c85423945f486830cd410f26e22c23a136d41800850113339242e1a0550bef81a239a289a8d020c14298854f0b17abb0bc461ed6d39ab2d9cfb03b835916c2a8e93710a0":"":"e919d983beae4b687bb393d90ad4104146e86564845800ecf82085d5b269f1dc":"abc8b519db05c1de8794248c5741627cc00ee35a972ecdec045a0cc557a2d967":"9777504473adadade14eefc0279f8347bb178a36dbb5fb028f0315b4309fad4ef554bf34b04146ba4bc260a89cf78195ad1c23c6e473a14385c66ba2a1c005cdfe336999245f00ffeaa41dfa3d9e68294e5d676f01f213c6d2d8a69b43e36f2a568999c0a8c07e96d7daf90f3e2e668eb9fc8e5c812a49a39507d193eb7c95b947aafe658a1065efe9370cf81014e4ffd54efffe5f863e6e4b7d875565617d8b72854ecf09263c55d1c3f1a4f4862214fafe7f03da5572095a7befcfd8e6ee63" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"35d5a6cae5aefdbc62f1efb638c15dda387a8f651810bf068a8d92601fd37e0efffd95196c09c668ddb05eef3de339222a0bd0d3b721a27e2f29be84a846c3964eb9a84cf69b214f612df3b414729df499da4d3ad8bf3613bdad3a70c73cae80556c16f8ab83adf0f2bc9391094bfd98":"":"cd603812a8444925993f2c1a0691bb4459faedd872f43852f9970675f579a1eb":"1441b6d4876b050fa4d969f1845d3f119cf5d8720c35da9c489000e6b7165db4":"259828d05b8e735fad69527cd2322f94e8e7ac2791607ccf2a74d070bf7d5574ffd8d6e447cb4e02bb15a87aa88d8f1667edc0905455b116ef7f08ce727d8f266965242e0042810f946e52acca6348d70e012d998322a18a2f3b4c4c6d6b66cfe65385312344e3eed14c6e7277eac9a4d09ddc5dcf8fcce6f79a23d34c80cb78aaaf1347ecce8c13efd450d59506513e62f527179b95b9b5d9df821c32538f8e1ccb17e911826e944ec44943ad8e726d54fa98ebc4d012d34a23771ba497ca2e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"66abf17d907a134232faaff93bfe361223b5b773980cc261fd19caaca022fd0a081c11efee01fb1f7abd0145b32a51b3237d6ace877ca6392bcae2fd2aa5b865aabfb1d1d1da33f42319a088c8dbed1124a71d39e627d5efaa1e8f3e5f70114bb03b71ce54e4f8d34e838106b2467cca":"":"1e51f2b67538f84440912c6fa20fbf009100fc3008b5b8e1308d95e7ca53b460":"301f91c659f73b618cb46a4343772f1eee9fb4949ec6328109823749bd8b0b11":"34c532082926e6d530b3a58282eb4666ac7374e8befaa4999dfc9f409e40ff966652295d2940db97061800583bc7d47b053553ad29c89ee61803c1089d30592270d2927031353592d4aa71f59a4bf3f2147cb406322367544c38fa5a3c8ccb534bd884355b06145db62161260162091c795874a2e99e01292a2e39e107738818a211750f858edbe0c2ea4734ad14f1c45bcc9f733f027616926558587f7332be55044dfd6fcdb628ff7d7d581820a217bc64aa092e450722686e0cb291eca45b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"37dc21c72dc7c82d5e13c51ecaf5a8ae06402500d92caf96c0555a95069f4f0144a961ead5d6d9bc317afc8206202bddd57fc02a2a500df1fb5c4d9d8837b52a5220fdf068fe2b8b4bcc63fbc9bfc94c8e21d987e8b6cb0f4cd37b144c668f18b7a36ed4e9758ee7b96029aa0ab2196a":"41e3b89347bd035bde510ab8ff83d5fdcc9d5f2de648bdb468a714f2c1083c52":"":"":"a929ee23c5832e5ab93ccaa40bf775593d7d04a1a8411dfa07b4c8a2da2dc91b1bcb9c27a0ba5a7152ce5ded5f76cf6b83c04c0f8a4f6b43383ae3e7d497280c0f944be91b0bca6a56df2d00641bfc1ec549b538898e559407b076164278c0eb7afb6d6f4495a50d4da178c04b259d21bb745692d3bd186edf5bb3da6f66b4418fc3d9b085b0a6c1a5e54696272c305c4b8887595b391dd6ed8da03dc9fdb2728d8c40a2defd8af05ef1c443a72323f2e0b0d268109fb7e7ee70192fa06bc6c2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0dcbeb660cff703e059913eebff4f639a24b611a078bae8f01320ea4af5e8e0ed93b8dc4e84d224036b5da645c147359c6123c54cc2367262a7594bc9a7dc69f76549ab803af66de8f253d338d48ab827b2b1918d636d6ec92bfd9123f1f5fb59b6c37eadca0ca7792e2b7932e1ddc33":"1debeed9ba5790437a6c56dd3c9e2f6df0912aa0ce2e57fa8eec9652e2eccfc1":"":"":"5bd815b3c3bb73a45dba72c68457ccc17212af905607d827e8b5ddbffa34a058ec360abbeb6c8ba16c770ae4826135ac7e4faf208da8b5fe3b26c16fa7c7ef4000c3dfe1b8b707dde64b415c671c4615d56e2648908e047ac978a389e346cebe9228daa7bcdf5e341f72c3c7ff74672edd60c7c6341726450ffbf9e3e7a16580e7e602f9ddd3f3556129052de05991907d81a87467ff5842c6e5dcff4543e24ee48149f16e9107a9aa40cbce367d4b76042d77ef1790b0a7701b2f04873d245f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"d9bd99128fe2771918afc6db6b2514eea0b617d9bd4599a238d9d99a7ce18995e8d85542f3f9dd89920b0f79b94d7f551fef4a330e9de24eb197bc75677bc13d8361104997af99ea2c6da03f4e71c89e03191bc5e320f057afee98e98facb99d15142c61ddd71666cdc38146fbc3ea4d":"eb701a9d119cc6dc0d735254067dfe161b1052ba3f93ab0d6bcc19cc0387027a":"":"":"67b86213a84778a9a38eb9913b9db8508b53ac0a81ff85dc78c966d638255f8f7c63ce06d4a66f5d9213ec2b32f7e63ce5dcf01b59d3b30433f0cf4c06c171d839953de913093ec845670b38ecacd81162dd73501b2e4c2d9dc69b97d49bd6d9f6250070ef6b360305fcc5ff392d1adad98d6bfda67d10b725c7cc8ef6b4fc206fde1871712b96dcbc2df4f08d79f1adf7fbb01bfd8f20e76956ed4b9dd1d7e5fb4f922ad2a529bd871490e741843d839e876c4b475e2fa140f28ac8d347a07b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0de3fed3b363d20ec5018d4aeafb25c8e0e6aa42ee8b56843043f8d9c40b9bdc8ed427d29c469d8976a5b785d050f3d2e5eb287a064c54311bab32dcd5f240682babef59c6ffa602669f3ce4590b054e2550444f249b56666b7b2fbec29b33d1b29ee653e388f9fb54b00635ff526dd9":"82b6a44b0f35f946fa0fd4628738e61a0bdd421a8de73f3d2efa25216c789080":"":"":"1f7b951d147ddbf21fef9d4849044c44b757309da8f0244f71e4d8301e1fd50c5e46407f5bcbed83eaefdf8983c330dd0a67568e866b20b48c2bc97dc63a7c0d3eb60f2488b1eefdfaa7b8dd43132511b4a2ca80bc9e82851584ec4ae463444aadd3c8e6db2d4469ad9750e18a31337613975b3fa0629b9a22bccb235d20157a4427acd619324e881e68f5615c65e59a566a73e4ce9d484fc5b0b29137c4f339be84781cad67d17de03099b1d03ac45106c1f2eb5b380ec84392b7ba5c91df4c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"abdc2ac24ba7d92ed9f518d9576510969f8d22074bed9b7639299d2137532c50faa49b5e843f417693a2eebd0ffd3f27c0ad2d8bbfdb912ed4d1ec85165d4ae577a92b1affab63070e25dca8bb1b035c8bbc5d3a07b4fe094690e4a45b99f9e5bb6b0bfe823f3c2a148732fd43db5e5d":"8c7b18ce389664fb72e777e70b533ced4c04b0c290fdd45b86b6b95708d74187":"":"":"c3d1420055f71a43264ab8da92829fa1b8937346375349d2e256705d933a21352ddb4eeceb36cdeab38cae58da81bcbe6deafeca5d7f018a0514bbc285f436b574ffac2547d26a3f9aef21b66c1e70b45d372e4dc2281182ae94667e442f39e1b9b2fc2aee06ab306095a904614613b513cf1af5a9df12b996cbe88cc3b25401790034ad0622df43af4cdbf9cb681538c79189a8260cf9c35378955f2ea859faa78773854883cd94bde4c0f50d4c998c278e47787e3f74f3dbb98f710366d315" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"d20353e175f4ebd0ef5fe77f7f6fbf5340ba07934828dd296c041a63de841002db0d21ecbfd5eda2bce80bed6f73c23d3f18900bcc02791ba9cae668fc33fc60ba84c6eb40afbbfff18be5c4960ce57ad67dfc8c1eabe61a299881c0f326f7093c1a232c80467772e707dbe75b5558d4":"f38f23461c471181a4179323aed247299df11ce145fbab9834b85b3cb42a10f5":"":"":"76a4994edba3d0d9ffee9ccb7e12a75e79c5ec1213f45ca4c50ad629ac533e5e6dbf58f8fac193755e74f9e7a75eedf89472e91d394e32eaed86efa4fb2f9e7fe4bec1d9c7a30fe9bd17c2cda73d136e752a9b818cee6f1262028031bc09cb81b89156138b571f03afa69dd388a807a8cbe9c4de66cad764114f9a4a6419ea70ccbbbff9dd774aea8a2d6b1d20d0a577c59953661f0a87b4d795c2626a025d733f43bb5cd1df37f5cf542c7c8b6bda061cf4693e0384060e63090415d7470cb0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"a58ca5154659ba58fc1b468c909c667e1b5087884c01ab15f86fb5a431e982c1c041be0aa014fb310019fff65f40ff13d4469b123223ae44f4f4ac0fb6877a7890f969d39047e39ab23882cd7838e16e64bc361fe18136471dea2e71a86ef2d9f8f7e1d24643d7df292409ff8cba0f13":"dc05980e40f07a02fdb150af580a7d195ba26f4fa72a1fe513ccc2cf6e4f699f":"":"":"6ad4543c218cb6aafe65e6a50c4f9ee9d5c7a3b9a0112bce262f49f5b0d20dab7225fd0acffa25165729d8fbba038eb65f7e72f136e5bb82e8d94698dd9b763c38f3041ccece3b04189aaabed79e4d4213e24218c5fccf5f9a0c3902875564431f4d670e6e60e1dbabcc4642c3ef895c115e28702927cb98d509f9341ac7ae2c6ef6c2dc4537e909c81a9804057b6e24fa63ec5edce835e624969a969e2c47c6dcb7e9bcb2bb8f344d2b9855a43e26c0606466887b28b67ffd7f99d374812d11" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"9d6e99a11d63cab5aabb1462abef66bef31a2886cd172651bbf30f65b16fb8f3b93b5042a908510d8518330538a06253959da557d2b390c6fe0b7ac6b18591e5791d275c7e3d558690719d5967d026a80604a389946e2a55486b5c49c2984990a2e14824aa2922e6a59892c5e6d969fb":"af631e7990394889b84d851920ce8877934e706b780908a07211d45b247584a6":"":"":"9f33ba9083c7f4088c9505622cd5b4937b7189b0cbcdcf352c54ef72057594b8568cd4b13a4bfeb61261d27f5febbf2cbbf902a8d55f6bdf669238ae84b8abc58826841f7f62a0c5bd9f74125cecbf8e3b4c1ec88663114e7c248c41cce92e73b05eb3f826100c1b2683cbba985d2ab694b5de1ed8624628917ec9bb97733f337298c0459f198c7a138f1670dfac0d58f287b8244f0605f97406ef528099aa2ef290db202baa7fb221a8523344ad836c9a2bb25e1ff3fb4dc20f69ebc9f0fdd9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"df7c57519ae3914c75174b3107b7ddab95df936c5cd7c296b1cb1ea06249915cda22bac19ccf2d522137989d5a42549809277ba155d04b3353520f4b5c2f18120bb4b8442130db58e9d46a1a41f5627c40a6b65a4f9075460b7053202a6e5b12b9e07ae6ee9b4945d4235d0b736e88f2":"10a198b05830cff2fb4f5b0317c258129396edb943769292753095b58bc8fece":"":"":"17b9fc6419c17534ee16aacf32550cbf58ea1f073b8e72fb9ae6e94094e797f216703da428394a1da8236f725b191cbec11531a1f87946c70fb1440a55be7d7d18c9b5085d626dd0cd9b3bd63a9014e5d14eef636beb694dfa7f781e83f3c1b4fe5519ab1a505d1be5b812514f3a39814601db104afe5726086f6bacb61c00ab8210239b2891938e97fc53de069f18a6469999727a904403bc53c6c73c7b3a5f9f37f380563f1281cdaa1b4bb4a636f849717c307848748172ae0191997abda8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2e403c307a03d766b61001842f85caf91a5eec97a49934547b2ce63411916495f3e102d333269e04381bbf140a28a2d61fa6a5f2286079619f4f4fafeb5c520c602d0ac3190fd500a3402e7c0647ac76c901e7c58e012cd6b9e83d2a969f0d0ae4e08ed5cb601fc72596a72b4854f246":"ff1d9eed8cf59f5708e41924cf13fd5d30ccb7dedce3062dfbb2c4bb4d36b65b":"":"":"e5e20f2cb063c1587583a381536aecbf0b0cb4400c99a74bbb6aa15f338b3e67187316865cf90e691d99466e34bd6612985575122c6c79848d4e2f26801d98e49c002f4063019394f4b3eee908f2d6b56749c260e56ece4e0431650a8bd9735879ee6c9bfaa5d44c07e7ff6978883c36597c31126386dafbbe035579819068bb060348629f74420bd411f2dc858d46dff0bb4f79946af96046da2c2cb32e0aaded4eb1ebc8748f277317f9ffb9aadac1bf5e6654ae7131d5ee0c765ff3d49d9e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"4b1240cedb84ee3f395317e177efcf03b0fb57be1e01e3c206170877a06ec2cc077e9751b4eec964a4422d010ef1487456fc16b3e6e7ccb8a06230144535274215f00afe175d394cb04518b630ba7255ada0c6676885801a8f503c55c38850de6f7904b40cf03fa195cd16ea2999347c":"9043ef3c775f32dce1902b9efdc481f61f29220eca53bb904155f2aacc3b3706":"":"":"4facd2fff1828b9f4a63f639503cf6533a4d242f316ef7168fba44b52b876056bb0fd040d5e331d2746169cdc88ccef74dcf6c642c1d1a0db4130f8be9ff88555de4c2a7a5824f005cccdfa6074df3385672eca57a45679d69dfec232cc8b1bca87f6f9c6cac2f630498d52449a5d1b328a6d2ac1a9054a0658be589bc277b7750ab5d647a73a15a059d72608f9d299d11f9fb417a37ddc1b52c8b8859c2949e5ebae650b9cf8b4fd771288e582dee38178b154e681eaf74d4d3f35daf00a309" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"c2027d8c084e2c6fc5d535726312bc6362372872cd37bf07cc1c3870f3b59a970c62b84a10d1498b2e02027d854fd84dd615e29e7c204579968569386b6f08393322c4fb36da4398ec4881ca9c17905b7b2fa28722c98d404e93fbaadb165411d41256a0dfc806a19df0f526571c80f0":"8c5c93583dbba016531aecc1da7b010b9559785b2e8cf660ce17022f8d86be78":"":"":"54074cf184040f57716e9eef80ed0e006cd029b99ca568fd7639c4c1b0f7431933516830f5f87b157fdbbb2af7ab57f6faa26323f096c8e86136e49d833665a6cb3a22f7d5d38290c2e9a23c62dea6c51b958460b263566c5c0e4be9adcb1c123b55879f405f11b3c34c24852d33c64d6563ee46cad14ce08d5919ddbffdfaad0bef8d8ed9974f1d95917e2b108d9519b13c4f6929429d2dc44ecace7799839ffcae035904b576e71e92b0a89f39e3b3444b75ee0705419c3b3533c793605eb6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"02ef640b9f087fa48457918d7bd6e910d7379bdd89e1549118ec67880dc3c4be3ad95397b8fc88bfced5aa76941716bf4c26696e9540d759c8c6b8603d5c40df267056c79bd8a3497b77052e498953493eb853b56c41f3286c09f1ec88637f95a1cb7e6e0efd3acb8a8fa4de63d10727":"38e664b930fb072112e6d47bfc5538b0d48672a12769f3eb860243bbc1c5db75":"":"":"c399e8c39ab174fa8cabb7e73845d8d434dcebc21062edc69d02928b0de4471517496365bbd59062a43408215f5b0f35971f4c48077623860206e0e6af8de751e6fe45eb6648a66e8ac5e603043c5365be3015af858fa2709c6c7b1cd22701dbbf4ef27fa45e6d7f9df4e8a558517a38e26bdd82960db9a92a0deee98657ab514913f134cb9362756a78ae4afed3a6c89e86341a8fb20b5cdfcd56933363f83e8c55c69adbf8e8d7199bc4f93b72ae1c4d0939b564d98e7f052c66e1e0988ca5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2f280ffe3306764839899faa89213139a40462039f4d9c55feaef6728c24cc636819357f6ea65badc8e493b99d5af1d995d14d81e39802711977d0a1c5783bfe3c290bc469bb9af520b0faa06f230fe6c4ba3804e39e3226f0731f09579e105d726b089d1c37c72e3faeb33768d3f20e":"e3d99860e8b1e9297c60b17904be8525be831d71dbd3f454f085d1758ebe7160":"":"":"45400ec700a4cf8309fbea94aa4fcbdd22c859e0f7defa746085a2f4ddb9db16efbb0c2fff798c99ff4e9e11986f4c330f3658e34a146f8d9071467228e3b0ea486cfbc81da3e739a301fe51b620d7d27fe9da0e4b875efe3c2bd0fde31f608015ad71cac9c95bce33e516c62fc45a9fc85a78c142416d7fbff3a83602dcce3add6301ca6b9be565e3cf06ad6f22855d57d9c184ed7214adc1bb014a1b6dafb86989283fa3a4be10c410442d761c98d2d3f94bb0d97ba1d5c8966eb47b0fe6ec" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"8f3ddc4230f8320bd18cf078c04c62e248fcc326980301174617a9e54351c667ba4c31a4c0e7dbd7336c27c0b8a034f6fd947b0a21e580e6c2dbfbd44d01f5fb4a51dcd2199df9f1803f24c5e774f048815302e016aad33254d308c5457f368965c15b6204e191c2a252e4fe88dfb978":"9bfe9bc055b3215560cd285553372c47cca422fca574c0d22d7ce5f2dd40b084":"":"":"34f550231d31c1b3a3db331d341ada3b987120d94e431831eea67e8d208f9cf1800549d445fc7befbdcc2488cc7f4340560d574fcd2396e9ecc9a232f1015cfb26db451623fe47ec8bacee1756573e74e519adc62b23ce86fc191ea5e13da9c7a14496426c6c53dfa7c7ccdb67d6164dbe88cbbe7f48d4971993003ab24f3eff18bd52c2661992e8f8da93bfdd28f01fc32edb439ad130352463084041e9871c431ba26c676ecd7812991833113cbbe687651e93aeb22a6a44cffc7a3fb214b2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #0 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"8b285ce6b4da70c83fd72aab1b4be62101bf9b29e168726ea2f670aab0deaefc5da3404c494c6019ea33679e37cec308dab13e0cb060f66c1c83fc6fba46477d1a3c802edd7594db0b297dedb9ccbc800c817f05658fb9b4c99938ae2140160c4a16d548634a353bc285cb38d0e93243":"723c0f287db4af285c195cebb1104a106f22e8b243fdcd0566228ab5f227a9e3":"881a1874c800db068b5913d195058d0726458de3782ff530af1a761f9628547f":"0c27cf271bd7931d187ec6f56038519674468fa2e7e6f994904c9f1afa346939":"51e042dd56a193908c9018c25f1c1a8b5e2734b055c3b7fde6a8ba9ec2b959349df29295abb0a24b4715f98d31de0a369e6262c2b2cd49c5462b7ae284e921f5ad2ec013edc1611343c228683f4170f34a75854b1b656d226e294172d488c10a415f09dee70984b9c49e8d36863192301d1762145e0d9e94e99bd30ce8490438ed050f418cf4ba0b07fe90a82d1ccf38578d99edf0518c4a758a199db4d3533c4dbc55b1da19840b8f365a574aa01647819032dc0ad641388c2093ebd4ab5d99" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #1 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"5b5c670d3e0e97a21cfd5bc3d038f0c3d2578cf3147f5545e5118a04c4eac727b50734939e2fd0aba704932ccaac42af316525e3fc5f1dd224131d65f8d44ff8420891c0af7c78f9cf766097fbf0f8bfdd131db1801275c28081e6063c0c4d6242f96e40fc513608289f378bc4f18518":"4cb0e590a1d575b6a2df9cb0243895263c894a990b6798424bea9ef199761d08":"feabcecf0648665b08a7c690add6ff75744de3916d5573145c35517808605beb":"fe81cf8978798311ee6d1c5d6145b3832d9ad1a1266fdac0f4fa230c631e9ba0":"62aa5e9b8a07bed2a5d3eef0c73bbc841bb8cbf544d32a2889806ba501c6768aca98c19b83fd4fb2cabf120c05716b9eac9b77d561ffdd69682308f80fcf1c78409f3b21749bf71abdb209660716a39c2562e8ae1b3478828bf35ec9d3f9712d95f49a36b9eaddaf1b249f023c36d09ff1b6f3df6d10e4e336763edef9501827d5171c507eec405bae52d56fd62f90f5c58a2f1a7310530df15ca6b7841a2871a37cae583e6b388978c118b9600840f5540af529bce0a24da8f906f601fc270f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #2 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"64cf47e52f758df802c2b37a4841c73a3228738d14b439a7d02b13fa3024715c744721e49f25a0e73e821f69786fe2d91ec1cce1d1cbf2dcbe5bdd2371c0a5df050841b6f07b1a2c0d064bc5e06ecf2ff9904928febe0bfaf3626df5bfb79fee1474cc8dfc3ae268570df2811bc3ba3b":"c3f0b0471d5273f40e74ccd71712071fa411b72b0f5a98c9eea9a5f7f176967e":"4df90039bbb54d8753b19ccb6250ffceb7279c05f6d69b5c47801c6fdeb1ddf8":"181d12bb126ea840bbf9e6ff5e68f8ef53f69071d223bff593a63e4e0c65ee1b":"8cec490ebe0b4837f040663de29e2c6dc801d7953cb2416d245ef66173e5d7baafbb77fd2c5ce69b4b8995bfe51f5f33cfffd9e9b1284fb8657bb7a3c26f5aac500cc7d3737fc81418c94d3db1a63f4922ca49803c04fdbc9488e21d9c4bc381c48bd9f7e5cd1ed6c6fa9e889e463dfc3a313812245a66be220266707a5358e25807ccb11f24780e5ef82c84a8803f72dbd21f55d96362d7cd8abbfd9d21f4e3dfac33326a4e538476508afd87e030d92328a91c91ffb16b054740dc3d0a2130" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #3 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"690a8be904c75e41342c8e2548abde2e465612a632710179ccb9c1dab76c4615bdaeda1587772638a61747738b96cfc94879325d2cf1cc0269d877eab8aa233ba8d7f1ff44e9118a128bcd8cc687eef58940343d27ba1d800aed9e2e911a8c83b8460f9d72c7b92852cc178d3d0baf6a":"5dd031fb2df56c510b3cc3c02fdcf6cf3ffa4a881e7475a8631073b3ed5e3c62":"a0a861238b2b9ea03582eb4703bc33921b5376c27004710d416ff921d6e6fc60":"3cef66f75aa682ad5430bdf0f01dd1f2c3492fcacc6f80ab351cfacc1c6b6ce0":"92b337a3364059acfcaef789ac1ae09c9ed05fdf69f5d5da7a1c9b6962d3a3c71a4041dc234f7be58fdbb728f8f5fb10404558f21d9b4c818fcadf5d6bac8bcb044e5b2fbd26ee08398dc8904c271e8d3d184bbf61f77c62fd3c8f1cc1ee2f8c4620c513f3abf5e312b431e8608b29cdf528d892ff03bc0a9cbd202b9da1d052ae2bc2dd8723198a1b3017ade2803c3dc8733ac33ddbdcef7a9948d64f72da0716b32dc6eea224bd49a7349a1c32e8e325ac11e5fad8353cf85d9eb4b72b1954" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #4 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"0eba7b06309f0dc4e2bfabea57e1d01a5a3e711398320925647008abf19cae194efbff93968c0a7d1c7623ee1e3987cd95c3dbd1b2ba94d0b2d416fe2f2f6faeab46646a378e931bb5daac049333129ce7e20e53117a0f68baf4c86a3ee5e787b02b53b1e0140430e77ca86f242d7f90":"69adc69e03cd113c34ae6b89c7c2fcfbe987e426da865f7c8e052da4bade343a":"729489cc7ba4f3f96f77ff365fd5380cd83cc7b17b150d327c5b7632f1cb0460":"59892fcf99ce719819774539ed4f10edb7cd35cd66969137a88ebe6336da90f9":"565e3e392a9f364df0b575d9444aac262f58ce12312d5ac9832ae6351b6aae0398e0bedd3074f57bd4e9f0e89a50d627ecfe11fe9aea09fce563eb34efd27610a3255f81f953bb3f222b15c019b9d812150f7a1f19126994c505d9ce5c948882a1f6c5cdbc7050461ccdbbb7aae597dab53a12ea6bfaa4d4710188d690fb0a0a34df7fb6bba949fd6a8565fded8e4832ff7f6b08a653a72b8b88782b8d77c1f217e8487163fdbddcc88a83d8bdad479ca75fdbcaf02250db39528456942119f1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #5 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"9dea5f271193aef61bd72c76a581d65eadc8002b258a4d548c7ad1cb587a5f681e9709eab5e146833b01a79a34c352aa642a7a376595347c0203a8a0456af4e9859aea62c887166b3483e0c7acdd5b99a1b1a466dc0709cc6ba133abe29ecf3f3150d664d04baef8854fd86a5d8cab19":"895e5039eeb3ea1d197614a683c84d7780ac8724192bd6c35fe81137bc23e4bd":"9e8669a67bf80c695889a7e875a9ad1954b91e4bddd0848313b4efb4b00b14fc":"2e93a8b96ae1966e2a052db0d5c2d5b76cd7cd23494bb1170a33a9ddf39b21ce":"71a0ea8b9884e979f4ed546cee3688ebc399b41be38578f15b99d9621de0da3e671182f6da612334edb8d3a6d5e34c2872e277942854350526c3e000834bbe18cd5f2f336bcfabb42c4aaeb19b8cefa3f7066a89593960fabba244812d15c5fa7a7281067c789745127ee2b63b14237136c54864bf86ab7c377414a7933b829fc3052e8c26c698459a83b1990c093305372aa608c967bfda719e98c4c177764b72d184586f7b63a8e75f78c9e5e1dc045c3eb5b30c7147c69100c2cf910d4f3a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #6 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"2b4c85aac528f5cf44e9018795a1e8f810220ce318aa174bed9db372602c00f68ac33625739f299241d1a8381372537bac392411a1d6849aa6610a177743afdf45cc524838fadf1b5feaaa9983ca79a4508b5e4a275514ef4c04c233c3dbbca32a00d0a1628323b91dacbe499c1ba928":"799a4b3c9f62c2f6aa9e91604e742dd06ff9f77b15d3799684e1dfcf029d807b":"1d15f59cb3e102d5ff47ad4c0aae13631ec4d300de4247137aec5b43e5aa4f79":"f43801851946f97208909f1ad0f79d6577eeda70067886b270f55d626d966fbe":"f05e50192528ba1185cb964324141c1d195f6e26c42164052a7b7244797c3084d48bc5e6e1a27e64562cf2fa36b4de30132a082de2f927059731d084e2042eb7720932ae8e1741f05f4c75079586924cc43a6cf3f5525e037b089674121c2741f836372f219a33bfcd910884abb166eeeed1840672663e0455b18bc7c9fcf20967b25dd77eb37e00d8fc40b0788c08280b0bd8878c504d982db4d3d2476f5fe6785b1959d1bfa2762c00efe436cd217b6d01adbf7da08d23254f1be1991d200a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #7 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"a716af9e058eedbe937ef79ee21cbaf4ac1ed0e2f4863eef4ca1e3e972f33326eb6ecfa7bc9bacd3d90215a3db843b24343edf7ada9e440a206df7f38f8cbd1d38159b8511f2a93d1f0b5ace8a89c0d823fe001656c3dde659874df88dd60056ced293cc49d64a71ee6b23199c9b20e6":"648aa30cb2687d857d309f702f6dae1f30edc824493d6e83a9e26d94f28948a2":"39c5a6514f3d399ac41b2640fd619312332fe053abf1b2a19472a58c28345347":"c912a1bb84f7aeeef79d73347097e09f6b8fb7ec593176cebbbb56af866bc309":"5387674cec52da2a9743b2556fa9874c0866e579079954cb357f17fc069c2e345c1ca80081040d620fba150c22eb1b8b2c7df082f637855c396ad6417fd383f8e93b7bd91693408e951b7572269c0ae65be8bcc9844f9fd8401e68f6fafdce195162154b34fdd5db8559dc11cfd3cbd3d391a45065761372f60c5182fe4cc162304061f86e666326c3332010fd388626cfa9ce1252982cae7b6eb1b8208c79b7b689aae9084fd180d00962fa4eea79f612ab7ec5fb51394f6f498528ad5860e7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #8 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"af405b42f8a67c349bc10d4d0b97f56cce433e1d34cebcc75c2850010d20cf74f61b23e1d2f964ad6c9a8d65c9f87749da279902d5c30fb67207d72be55451337f34aaa8e598b9ef55fd36224ebee4b5524a93f1513fc21fa984f0a76c2bcc98ddf39823d0a87d501b3515e3ee9fd4d6":"1cbd963d49b2553a9711687bc50743d820588049cf097c100739f857b3928fc0":"e0d336ea552a6dbc132f194ac9ab80a34a54f4d331a55a070dde6601d6d9084e":"91e882daaa304874fb0c063718984ac53e1f0716ca8c9210bdcdddc142c84082":"0acb19f2a65bf0e1d9f9561d8731fe0f0c178443f00faf427973ad45f2df4f4d21a4fdecdf96c34be28e389d8caed96b515ecb215ca915b38c715015e1b07949263fb65517ea4bcae361d76c418cd2c58d29010ea79b9420d1cedf937d3aaae7e29c2170ba88c8328664d884ace90e88c66200033d19ffd52f668b00b0df088b7942377c1aec37b3c304521c394ec749efbb252669e0c0415b8b04b995fc224903b0843fbaf0be1ce804c9f14a5e97afa70d0fca9cb708ad20388730aa9de020" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #9 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"e9ecd00efafeba4fa9cbab22b1b5288c98a36ff1d6856592a288325968c31d7d88fd2be5c82d79413b33c1dbe972859822ca2c8a92e7812479c14fa292a627a8909c3a953a2758d42f22a18682ffa219aa9908e06f521be8fb59ad58e5651aa9d6b95983e23e54cd57dfc82b2077bf96":"adf1f50a295d88f68e8c07a180897d8e7b49f7cc6cb78a3b25ee10b0583a0f0b":"82de6a73568ade5e5b0d8ae37c40ff25e858a7055346020c5e47feddfef75680":"cd0e15d764d2355ac9f1cbd5ea519ed1756a3bfaa55e3783b738c03bdb42e371":"1e592e5003fc0f3f81a7aef2272527980cc5a9ac7286a621513b9c7ce2ea94fbfa255ef2654d673bb8cd13f3a033a7701304acbbe8d19b82a61d2e77e7251f98b0e28e1a694f9cba2c86c7c8cb20d9c2986e52052f701596e3c837af95b166cd227f2fc00edd3ea62b57f60262712b2f71479569c119cbce9d771f8a2cfdf832aa8d70e0a912978fb2bb33b27a185fb3a4caa3a18913aeab095ac088d14381802117af0cc1d97c06fe9730bebbff0adf2ffac5995d299e4defb0722bd93f0799" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #10 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"898a6c47a5cff500ea0f5b18b5f0b4bcf7e75d6d7c92025f9920c666dbc1c5ffc48972e1d519428f8d61dfb5e300b48f2660ff53e1ffaa3950cffc50e17a874182236fbb555d35ced33302ef87b84c0ad31e87441ae365350452a39470567bc009871a3c9785bda4569af33d03d46f08":"9e16568a225b80e9011571f3b55102cf6362e26b8a60fd33680d4e6625738e5f":"b1c65d6e51ba043f63b4251ed58e9a8eebfc289f6285705f8ef44c202c9b4a22":"245ee741a2041eda22ce7053f8576c0a43eae868fd95ad7d58bb921c155b1b53":"b076210688b06ab6b57edf68126dcdfce82b6f9285ddec102ed60730aa7530863076186a3f7affbdd4ef081b7f5a32fb461bc5755ab4f860012631b74ae357fbc3cbd64f0eef8789c6c9dca894a41a005d272b4a57e761f91d221636d0ec7a49f10bb1b4264938604ff4dc7bc97eb799cea9e3e1d7a9b4bd66d88d244e22120bb311f502e66e60c5c9e42731ad320b23d6b06ae92a132b093ad924a1a7e08b5dccdc50e257bfdb63bf5705350588f61e93e4fc5042a2cad1bd6d9fbc82e875cf" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #11 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"8e92836dc5e4bbf9598803efb0d3871e5418cf18f379479bbcbd9262558af6cb6d97e73decb8781c30f69b61c1f5c91a5ea1f10fb1eef74b480e583710d9a6a2e57f8cfc9d0215fa73d1ce9c1562f3cc34be187940cd317b69139ab9aa58d064b6bca59ee6460c3db4e8b57fab0186f1":"6d9afc769985218745235e5af280eb45cec81a2e920c284ed5c77105489e8f4b":"711672f2ca12e7d8f32445a87163bc00f5d0f52c2f6799ba513b68c07c350de5":"426aeab2cfa56cd3146c0eb9facfbc048a504eec3273256b5e4db3d66c89560f":"56325373099fc1dd194555c3a1e69358fc7f80fe6610412cb31c14cdc70c73a74d040746c6cf388fb9718e7446888c6162de73ac097c32f8b4b00dd7f115fed1821d3786baaa1f64885cb93c75531e99171f98d3c3576337c1c41c5bfe83f94cef2adebc88c0790398d4c071488699edd599797c1f8f394b3e00e66bc4b68a7cacd209695961713c3bf2c9a5c8589d935e171f775f366217e2634ddf0db5f01ab31760ebd9ed9724292bec89db06d0145fb824a76292a35f39b01a06c43510a6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #12 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"a4f1fd83e53a406163862260fb9e2ec64d4af74f5fa41ff56c07c791b6bb6abbdb203670b1849afbf0931206ad6393798ff06fba8dca3318c29d9161c0ec18ec5d7d66847b1a618bb0e4f69fa1331fd1db5d5fffdeec5a2e045c588dc95a5d5eac6d35502ebe2e6a57318f15af53e001":"39dd79397f91a97432e5124e7b9b85928f62c598ecd19626070a81a5a8ed564a":"985724541d44c8b865672759c8d36ded75c2189c2281731888a741b305eb4161":"e2dae75950e417c18f1c3e5fbd66b1cc9fa617aa695c9d03d8768b9e197fea80":"703ab1f6a5332f01fa788cf73922a9f6cf856319772eeab07b4795702562cde350a8cf9395976fd227b08134feb469ca34f675c9b6f176ad684a5b0d02b4c135a7174bf0604a1546e7d8d978ecfd8cb6ae5efce3b228dc95cb413b010732c3e7f9ef8e547a93540e5e4aaaa3b0e5a8f45b83bb11209a03883c54f41e494fcbc66c2d57c01002137567ea2f99f7a1ed6c4c6080bdaa299d18f57bb3b386278a78b2ef23a03043e850bd9fd742527c45308e5b910fc586f9f21de7022d02b1493b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #13 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"f331ebcdbc0d2dfbf54758680dd49dd0bd666d0505ef6ba1c4bbfb7dee62edc34ea9063632c8e6719bbe140c3c840aabd66e7702c384700921dc1838c6c5a832c650a474e74270c378abff021d60d1a1884939bbdc51c547c72c929c0c73ca7f78668d33fba197642be8ac2d41cefde4":"ec299e456cd1985a3f1022d5c05f0ef9040cc8b8297ba5e404d92a6d36c3578f":"954f464877f7258f99acbfb9adfe4eedc89da71ca82e3581fb5bad127b2069e7":"515f9e746c7407196610bbae963b9bc15b1658972a30e62be6f78caee1287e88":"5aa30a796d46e789c498352ade179f0cd3336418fbeafae0d10fbf7798917672288b3b2a12267fc0435d88b4e99809c1e3067f0d65c910b12a330334b6a23d6d30910d301438c2c999353e1f78019ba7b20eaf68b499ff1e88db0431312a66f35305c4f3c3a2750c95bbc07ccbdf1e4d123eec378b9be8894b597bcc029c664e59e2b3c23fd72841af0ddc9374ecef21885a0b54d13186dc0a66ed3c3caca9e41753813ae61015a952142bd4d7ebbaa3193598be1267be937745fb0de09aa70d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #14 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 hmac_drbg_pr:MBEDTLS_MD_SHA384:"d99ddbd82ce9937cda083e30b3da47a6e6ca08b8f59f2fc934bb3f78e748bb28cfabddb375efc5f2025a53fd073a89b0fbec391290863ad862aa56fe6d945044e879ca05c3c019313f810dd559fa0e682d6b77ff7e612c7c40cd5231eece4018c5b3c0d8181ab44703f7a04c0a1c7c5e":"ebc2193d4a97b97d298f1305b2f7a54dab466f7c4e444831651cac29a6c5bd88":"6826aad41f8ac29e272884cb6d21300c7b0b3ca37205e1720afaf9f716f337ec":"5a7434648de82a3552e12aff800093776ca3e86565b29c0b3ad6c0bc3180623f":"cfc79a89a0a55dc9c6c6eccdfab5a9935335e806b73bab7f5eff5f9fea6aa3f47bf31f06d987a94e2bc2a4a6144ebe94d6f5aa8fcaabbf86a37c8d412207864322d3057b89fef358740c5962cf9e7c37072847fcaa6db693a5238ef270e8414e2b29448bbcc37dceaa75479c2ac5fee2d6fe9ed68516f6dbd90135ddcae8a12d1c1595e0edc34ea2bf00bee7ae773c240c2bc1ed828b7ff91a676891173eec1dabeecb2184df9186c3bd833e349351481655bda91bc0f4e419fb78e426de6b39" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"64a8afb71975256b6196f3f93038ba8b7a4d7089f7f268134cb3f5926868e4d104c60b44fbf3bc198f4bc58bf1260d123a5aaf8749136a86c4e5aba81692d587133d29d3b7a63fa6204ed84e93be6aebf50472d313ef5797d1a290a7cae086052b57e8d5a20ed22ec7702dd424d935ea":"":"":"":"4f61f6b5d46ea351dc6f8ff55bcb915d998c8e871b5e122dd95196da241c49a1170b1fc16ffa31a6dc4f0c4068ecc6e5cc0fa6966aedf72bcb19e666b191979f22580b6505c09a784e76f58d30af3abcbe840497ad88621a893ffe13af6aef0f8276f9540068943bb6bc51498a465129880df4c517f7fe70ec239c055102a78b8b0f26d36bc2634a0e61a1431850980c258326197cc80d07c3cafc49a20316a0fa2703f850b66ce274e839d6dddba4d3e744306d768b7437ec9c54ed864c7bca4ea8d0987d815e64f685e0726eb4223aa5eac1a0979fb335248ee59819c36c7c94dadf14474c7e2f10678da59f255474ea50c3ed5ccf86a399ba7f54ae96bff0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"e5b8dbea654b559f025c008c1f3b2eff92fe98932b0271228e3f4efa3303cd4f112660f48057fc56ed0eebacf559cdd14f523a3e948e8037427e65dd25c1eb41560f2f78dee139b3d721ba1c278c3855aeec3fd3a44a5331c8f54396ec3b9ba73c22da8ae1adc9748178d7d21341f7c9":"":"":"":"9bc5a8c111d4586131faef63689d0a7342bf601f04926f18cca7aeeb8edb129e33cae10e9e08fd44065db2aed4480b75878c6d1400d38fa2c9e836e4a6bc1d66df571ffa1dd0a073b89580005a09d1ce81492131771ec4ff987cf8a3260c9f90fb3ec07b82ab1db526b97ae856282ff7c62efeb2cedaacb75fda0b74df5e0e766a3573a829c32f53ef3b16ffb9d4cc1cfefc84e08aa1864f5d0fbe593abb26b488c90e351816e2d1073bcbb599b65b196b33dab9095bb28983172f3a61c992d44345f2947e1acd2df96ccaea3f6bc4c024a4e36868e358e5bfb9047ff11daeb34571051f0823265a15be9e4e4d64f7073bd5dc3b43ad0a4b39a5fb6bf4b154eb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"abe7121c768208f174ee9e545250014d031ebc647497a60e18e3462517027fea1c0e3854cfe5429bc105916e63a0d5a7585cfba737f887852f23a41039cca6e33de94901cc1aae91ac42db0ca34724b07368b1a3ab733dad24aee03bab50eaaf2acf15c2c700e5e070097132a92ae7bd":"":"":"":"7e082cce6774a3d21ff39db1ef9ed0251a6434462afd29fb8e05458b9ca7bd181a9e362ab4986c19fa1aa9bb1d00f1c3479b2b4be1512b2b5eb94b9ec0493266b6efce73d02d6acc653db9e4c194c7d169781aa78de7839e010adc7fd58efc988a5eec2feb89f2d0dc45ac6a7d4bedf11bc1294b4f312c723acbd664f28f85f676f3feb7d2d2db14b0acca2ac6d83d2877319cedbf816378365dc51368e1686f2e3cb0bd670c125cf484cca7d28cba04a25479dcfc3f80910422a583c35553ac7dd6d5a43c6cec465dd6c7ec33712c9f2289206b0f1e620ed23a335a95a1392d143fceffbc2f43a18c3426de0f2f1716f7234bdc880f61e3a1c1c2c57fe29336" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"07e570fa7cf079e066c5c30b6d24fd37906ab7aa07b1551be605b31f86dbc3cb3e95a0723e9344922d14185824c483bc5dc8341f10d698629736838fad6a190825a24482413b388265fb20b2a8e7c078b91090c97db01e6c6a72d1c067bedd73da1d7b1575b05870b8eee4343bc42213":"":"":"":"3cf6099489d2eaa6bc427cae2bbb4a1b121041bce2a4f8e747a3b4217910905156189420fa8b9698a8a316c537229a42509be9e75f7dbd5241de932475114fc9232c3325ee8d921aaa680078493856c2d0b14e6593bc3f36e0615143fc336054442e196dd152f53634a2fa3e74417aa2dfecf4367cbc1584cafcf583cbddf1283b73b35f9d1f1ecdb7104b80b838f2c1464ede50bca05e960efc6b62f5546a0d02e3420cb857050b49cb1e3b4ff8a936ae4aa7b1d774089c641d96a732164ee5b0cf77f2f729303c53de66e9d1b6f5eabde7fdd55bb7030671a274e3f7a41047d84f307dc1996d6efb671df8a01ca6ffef81950beab98a3e480cdda5241b6d69" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"99fa882ea5aa55ec9682719721a8e79d6afeec5cbb3577f1df7fe97e4edc479040efa1e51f8893210c302f2a2a3abbac2ddb3fa31758c8473a6f7c50d98e423ccf360a2f6a5d94f7ec6af04f656ad06d20e2be7e09f728b64f81d736ac3fb8263b0f7808abd5d7b0bbae1d4b3f445957":"":"":"":"5807f478399eb17159b096f7be7788769cf56beea8cf4604400f77b1035ce0b3c5d9afc256850445397d5c75d087de12f10889649d4e749ca891f30bc397b58a9b3c6321a08b89845e186e9a697377aebe36486886f74ac3bc353f033d458ba5d94634b162086b4b74563860f1f079be32789f8bfdd561e486839996db8e1de25583e2e64be914329bdbb0a42a13d668e47e4ff635d01a1daaaa29ae8459752d04b7c8ff5340fc8c97293f2b7b91c2c8e3f0519878c82a61a32687f693a64c3c1a222b664b83570ebedd96e8722ba6125f04a8ebb079597394de9de36ca42d828f90c7a5fc74d1ab03be73f7c5ffd332b90517aa6ef8c19aefed182de688cf5f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"75336fb0006f7aad995ae01b3f3ec24cef46d3f7ad07798e52f609ec34b266f1cb51865817281103b3be2c2bece85487e979f3a31ba75d6e6e4b357811b4aaf5fc958406721693eeec21e8c9808ceefbd17a0a6d5664162e7b988c19dbc911b6e3b68e90a1e6a3c9c5a4662d954ef5c5":"":"":"":"7e13788c362ebb6e6ae794ec50d39c2cf2bd25d8769ee91df5d210b3bae5021801e0d59ee503ea177dc01b3c606daf67a2fc8afa9f06b2d03759e2191d6dd0e916b5d21125322bbe9802259366a43d64f94c5408e62709d806970a83dffc4d78ff86dbcc7540f34dbf026dd308ee28971ee5e88681b342d15dbbbaff92a51e4b40e4c50e0b1e48d153d5d6e950de8a37326ddaf504382e20ffa85bcc91fb3f7f56130ad67250c7a9f1ee5f76cb265d567d448c50eec4f35c222331bf2dba2b00cc660e7015fc1e6a7161a01ccce02b5800cc1516c330e76f33789fb47ee8e13870ed588d145c016c3f73c6b64892b4faa7dea4fe536c5349fdd171019442680c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"f6d7401663547661563e5b2da208f1f8a4a0c17b97ddf0d4a4c1a17c23ee8c7d00d037839f2d95dde6a96886cd67c9a92fb7fbf77ca088d1e46f2dc386e16fb6f1d178f7c1a3dfe202f05d52ca20fe29b8084a9d597fd6b0e53f41a13fcefbb8aa5d539c7b09d8e7b8f687b3df92c606":"":"":"":"4fe6aabcc40e158316e49160ac523c41d4df8cb041e11549dec0a40cc854fe4b160fe38a1cc22b779789ef07012735f457fcd2a5594b344783cf6661d83b046cc403b1feb96cf81b05038dfdb40d2a027ea4ba93caf77f53fdcabc361ce48abba784fd9feb722c477cb9d9651d9db6d088e097a93e1dbaa2c3db1503d65680bd4b47352b04387f9c15a1c3a434e93ecc39647dad810ed96997f107e5131101ce20d4be82cc67d05309373792e15e2974aaa9aa9bc9e681815e07111f1f980fc8ca882478c32fcc3765b8e422a5369dbf36f72390ac8d3b728b8e5deb3d48e9ea85a31a0432b813471e6b02e4a12ed1aee0ab9dbb3c3e66217c45a174f9b4ed3e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"98bd225cfaa81e2111f83b4b3b2dfdf3507fe18aa97100062bcb5a1f665c091002fba3d84e3886048f67bc7f06750a19a65503d83a48045cd9b128c56c3e474b7d658fc590348bd9c14013fd20d2df32dbe9f9b73d47e43e58a6ecb5f85f93b3546817134746016f6886f6b63be830e1":"":"":"":"05cddb6391c5c2de3db999426f31238b5d3e14a35623272d6a72c73947b3521017cef377415dcdf09ededc0d34d9880b9c44f28099f270844e58f9a97f7388df83717ad48972036968e63f281fc0abe53135867cace0e427ccab04e0dfa8108d87a0b7cf7be14ab50e59e4aec8d367f54805c534a9ffa2f3686712caaead514caa30b1ca06c668b5f271ad8fd84909ef122d2fabde7b524d42b925a068d0bb265cbd7c6505a4c2c0bff7d47068b76f350fc85c745d099c78bc73f9ea0796381903e0d3512283b7fad05850e1bdf63b9cd52eebfed270f1622f057f102d6ab19c63ed59cf2cc1e5876257ab03e20e62f3a77761da32a5e1c2f8c95bcc7534ee00" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"7a324a646b53f28808f7c44303221ab36324d1c97660f7c333b3baa7537d1e1ea038b8ca6c159d91d02f3b206eb927570aac85674b59f419af2660cca8eb0ef996bac65dc33c08a946fb2abb9348dd7ebce4c71cb9de11b8d59aceaee2c9a29b154633df643f3787c2672ea7e789a2b6":"":"":"":"3c09f50bdc35e0ee8bc033da716f68fb71a68a339e26711e63f564723a70a0b9b4b01ae5422c8ce7cea7be0b35f6bbcbea110afc9c448d85e7a87d43c54ce117dba86d4b95a754c77a4c8ef5fbc11c2525173aef82f11f482611c426887643da6daf51bb3bc462bd5efc68b4b5e7e07c7cd991a2fd8672a8a5d8490a451d8df92057df0bbb8a6063489b84bbb0a75813ffcd498b146f11c5f16580dffd38812e305caf60d133679c2b8c9564aba044ae0192a9a5789c99cf5ec40a3c775d5976391d6adf9e4c77ecb0a8f3169bb3cb7e5f2112e18c44fb7505e7d5c4e6c0f425e8e552f75a340923a3186e49d7df1a3dca3df907115c075d39844548dcbc7655" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"59b84cf5a29b45a3f8e0ac384bed20d970f2b6d89661bbe2af90ef073eb061cbf323a13d0643dcdba902df168ded7b6094e18381181d91d3734cfb4e44cd4462de81aae064a9ae9d156bbb14079b78e2f612c2e0965d15b2563d888e2034d06e55f939ac2345c2638443f83b59152696":"":"":"":"88ceb600d0c319c5f22e4e91c5a1319fbc752ae314868f1fbc6a4d1c0aa4b5c7054d64924f841d06392294866ce399d9fa2475a4f53f42853b68f9851db002655dc96cc799fd6ee1d4498f005e25f76efb4c0478957de4b26deb3102c602fa08179c8ef26ee29e9c9e896c122e02650dcaf622fff729825aa87026ed8dfa96e9fb1510d9be44123dca5b9521ef9500f6e3832a7897a5e513e971f18726d32848a6452ff7347d5d8df6d401eca2b83c71a1d806a5374bf6e6a98013beecdeeba9b637f23808ebd39fc726061ad3ce44b02f73b2e6e7c558b74bd4a085c445100c627f2b71c54e5a43b7d36c131274c04a0941fd8cb584dff445037f622f4d69c5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"64688640a1d3f610528eabe2948e2eab2b453a8cbbccf58bb02a72b1bb466b8277f2c2f829fec66872cc8d6c03280b5074136e7f3e123d6fb72786fc29d1b55782b7283285cb53c4185801d2d7333b8ce76c1c661c1ef65864b8dddce781f5db520c666fe07fcbe4bd5ccacc115fbbdb":"":"":"":"a7dea45bfca9c6fe4ce5650369eee402b747034ce93272ffc44eb715e49e6fff83ce884956ed4eac3c76b5e664403040cce0d5343916a93bbc16933fb451432f14891473c93be2e17813f8119f579bf7207348020b2aeb7cf725a186db21fa9c16c27d63ae28b5d5299f163ce8d28739a1d583579a1c462f0f73ab2b6b0eba5b493c2dbc7d9d6e0819d80868a6b001971e8c205cc3b472ab62cbed1e3a1a0c0a6f95c5694f513654d7a240bb6672eabb745bc60024cdfcd8179fd3d5300b878ec93df4da38e00fd66809bcd8f9be8384cb16aead77de833e90c034ce24b18b096a84bf0281e0462e9e3a43497514b8eb283edde2108d425839aadc9e68ea4728" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"d77985d85e130fa02ee13b55cc7372c23565a56f588c70154b7d81dbfb8ef66ee861c781fa258019ef91d101367726ca46a60c705e0e3a305ab6a7c5179e6a14c6e7de93e5c95956660ba7357003f08a25a42e9bfc38fc882a063586285eebead74a78296c7c3e8112062d7fe1adb232":"":"":"":"94307b991cc83f919caee64c25db23bd3f456585b6edbd6c8256cbd9d12b8430d0f3be857d42f1437228be13ad5013e4539bef591a818c5efc7644da270857f61373008c614a06a6fd5fb5895f08d5ac4c84b5060498af63459629ad038d2f436cb5efbf258f9d2f1e491ec6d0bc0450c092939b56a489a89649c1ea700fadfcd9c36b8854320013de6c569234f8ca0ab171b25ae93048fe77e72a0730f6b3edc2fe103c82b78698c497db534000db2410c7945cb36da5a451834abd5035b0d4a6938116eb46014368aab7582352e2788691ade1dd337d7610cbc327f3664415c870a022f75d290c83d917c212ae517339d596c3a1cc4a1cc83cc7a1bd94d6b7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"ad321095c835f2c49f3abdd0f9117cf8ea30b237dc3f1eff7728fa9b08d4c0fc073c82bfae1b5771728917ae78d5e22f4989019b13c5f04a420f134d1cfcf1be81408a143e1372a468c1303292f717daf4f18ccdcb81d8c7ac6562deb4e07a9e146900123f39ef49a91e30e22cdca22c":"":"":"":"be680715dc989f5f1c459695603b2b97644dfe17f305beadf7cd3ff23a523aa61f3074f5c533cf8e88ce74888f95cc5e463de4ccec3aea10498efc0c335692fa648a1d7eb774037b993f7622a43f9fc4c75ef3d1a473c18216746dc7341dc9d78e7431291467af9a8c95d86ff407335226601541da1fc1220b5385d18833f792ee13f11641e2efb56237ae9b7ab9c1a87aa03a442f06cd7a18d8518a029e36e85369c2b52e351d3b435579938a05fee87c44496c4ff044f267f31e6d80f149d54cbbef4cfe5f249a6724c53f0a2082865eec01cb78ddb07667b40ec7391ca77fb48247b31b6dbc15fdefabaa6cc97d0bf8ebd34ef75cc48d5ac47899c89800e1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"67569721ff02c3862cefa68283ecb5b9afbfeb8395ae944c55e5da1b21b6c2270f0100b2cf014cef7a2e85dbf2738e97f8ee97eca692130d6541fa900eeef6b9858497faa2cd47c6874590190da6d5fbd36d2a1e124a94311c8508b9f70f34b97c32df3947aa4a0bf197b1ab35172233":"":"":"":"8543aa086777415188ef995fd4bf5ce52776c6574b7b769aa61d1e83a4c3ac4483bf90b492341443d6c92e14fe7114558d1855826e41772eefd54352a38da94293e317e0a05345a567e30e2299aeddc4980b3e797b7c980b822ff625db3ffed1f0acc314c11e2b62972750b0f448cbeeb08b7dcff21761b17fb63fd1655efadbdd6793e27c47588638c03348ad0fbc8b7772b7f7882b66b9cf4947c93443f793de5c2a4131dcbfe982ed2787a5cb0d99ae001707d12cadf5059eb4f373e7b5e4a99a28ff18841f9edaed7558ac0d062589cb3ccecaad4d9d6dc1a7dbcb35aef7a1738c6c66ba04e08f693d28f7499f57bd8b02d97eb3fb36d8bd767eeee07096" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"b19d6916dd39eab11165ff2066fea53f72488a78eba473a0e141de1d5b13fecd79e678b4b108c65f9c38fb2a2e5c29c4ea9dd450593b6b3c7be76ed2cf8baa1b44794ebef1c1105a445b79aafe471d9f9881be7e81282bec46431b505ca8bc5049da52cd4cb075cc818bb79697b739e0":"":"":"":"abf29caa9bcae107ac382204baa2f46ca2742090a3c895e41b345a6cda8660e44000984173f57e79cc7ab869d8d9f7f2d855b171c3007ff9c82f2a5291d509b6584f04346361de9aa373f587b6ce8cc43d589d876c95e813890c26ceae61bbe0b88072cacd0b857d6b33ad9e562c8e1aa1592ff16cf683e81142caf493896fdb325eef5ab6ef3238cc3eb3baea05825e57533ad8cb707b373d2d0a2c048a07bb40a5a68d14d21a796fa97db06331b480bdc39701bf2298fd3405a42f5f6b76b9f40dc8671db632c588ba89210767bc165ce88accc78424216e357cef52a31e7601d3f1cce1b5b5d71c3d622c9f68092f66787b32d241716996b2392376c48909" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"73afadfdf46ac9c528059ec5e4f940f120c19beda8d5b12ae692c1d3b12526754ce532c291c8ce823aeaf923b3be8c438d8b2a82162bce020237440d3445d4ef91793b983202b0f8532be2d78c34469d2c67fea05495feec67b76615967efa6f6bcde5bcf18285dd3d8f9b97b3463813":"":"7172619bf78c088c4f0d5b358f63cbcc019620c6ea9ffa31e040ec0d51665989":"a0670a6df2033cb19b082a3c83fd2eecddd9b9caebf3aed0b781ae9d4ac8bbe2":"38ebc242f240569f792379afe393a76698fd07dc05d5c86d00791c1b9d1d79f180c4360fc8f2e5332a961198d7486750671e14d39a2b4852aede2ae9745484ca05d7421191571d334cd714b9433ba026a058cab5619208f2e54f2d48286e49bd0b528d05785beb4ff8953fe875cd2c92277494f2e315ab2790a1cd58f02224387470bd7edb3181d2b587e5c319a262c7806f8b75e59f2857871d8a182ba0366cd3a968023c22582ec7bad2a204de0eba3d24566f213c1d88ca2b2ca8cafd8149193949da885bd744323f31b39956fdea7bccb1d64d3f14afd03e1755962d9df1f2507098455584358e951f7ff8619f1aab96e1481ede5289224053f603a98ae6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"cd453c328ae68152e074e18b660f03668cf264eaa4109afb941816f7bf1f73cd4043d4692942472482f44e7d6ba5486dbeea1cf1de6ba6ea1606cac41a92e34839fb26b5a9bee5f4f475558a5d8f673d838247ab81aaeeb2a72be405c3d24a625df7476b1133b56f6e7aeb184f73eafb":"":"c6c23cddded140a30079f35cf9e2dda6bb2b277d8a212d2fca1a83b507808e79":"edb8c8657883a17093ffd355e8145e26f65ce7071ba38c89fc031040996a9705":"635a7dbb7ff1dc4a90ce91ba13d79e09819ec7387c277c91946b59fad4bf5d606fa75cf03b6904c60f9a70697e662aeeebc7ba2e6e94632c4c5f3e1686e6e9497945c8889243719ad066847dc11efac141e58ac29d6d2779f702cd1d5fd0d82d232a004dfdc13c09147a77d71774761ab4e760a9d2714e9ffc52402633c8c3020b7b9822b177976f21b7e98cccea4a7eebe1cf9a604bdfa36f19e44cf4308172258576c3615cc26418e86a7269e0f88af7f15a114c5b8c6f96b8be098572aec4129fac371736b2fa0a88f1b5480c7c8657dd515417edbcd902b3d3e9f7e10df45160a37284933dac5fb105da145ff13f677d99c494e279b0b1990234fb8ed9d3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"3c4fed3a265818f6a323b9d52c04a92698223f3136c77428b29e1cd6fddc7e4da48d9115c5ad18a4182df480eddd529f35e2bd1908dfd05964cc3fefe53c38615f04ca5e12c06872a695971f9144f6b97bd32c620083a379d4f56e820105c5f5b0f98539936d05d57f6afdc191cce7f4":"":"7271afbed1b1f2be5643c5bdf0b6218247a6128bfbe2ff4d745a926a3f35d0fe":"00022d8acec09266a84673d056e7b235f0608d15989ddfd7059647522cf3c3e4":"610901399f45ef5a1b747c57b73706509f569e3a2dc84c6603f403cd49e99e288c9ab77d00e974eea625435dd126e9e783566a71396b1bf6364b36305d1986157eb59fd231b6aae35190347e1560f91bb388823504e563cd69f84535559a446ef83ae625cbd1c5a4d114ff394d407f19c8f9f906290dcd03a7b47091ad07f3b190b83de5787dff47cc54a3d53dd31f756eb5de9f7c965d70176a8ee71fe869e960ad33cc492e9568e5748f9ca869ff143252f4c9ec8a0bf937f138f7ad268abeed27e1d80bed0cb7b74411989b313043b1c65c8847cc3dd6d48509852d33903253ceb074dbc3d124749d8a8e41d27f96f7fbc9908d4ecbf04f60187f1a42c33c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"229b3318cb25189e12ce9ef25acd08bf56c631c6058daae6f377d58f7574576a4c0b7c634e11da5ccc02be824e6effb8ebc0d5403d79bb30572be47a5ef88fe35a0421dcf9547437cd3a563b6be7a158a7f601f75347509a12dba8d7f2abc7afdf89c43fc5538318654fbc90c3f51c5a":"":"f8f98c65ba1f619d376d41d1dd480d4a0446de56e0b3dd007ef7e1cc2bb98def":"b3bed7c4c2e1a762209b1fd2ce9ddda8fe47eb70225e60d5c5887a61bdef0009":"2467978b293afe33a96a7291286eeae2b1c8b5753ed4d45b3d5be906cf30a6051095cbca79d2871334e049b729068924a036ea914a5244fc71005385ed6ad7c7cdaabc267a8ef0074b14189763b5de2115d30da70eb815262aa511e9859b9d1cf2810c910bce18d179a0308fed6f6f911cde79031ead39f499ef85f7525140f1c497fabd879ae130f73fbbfe8c3fa749df48e484cc2fc313d234b5d0b49690988421611206059b42f6d72b0e5fde6bc11291b8533a9aa2c521e54749bc1929b71ff05dfc8f1716c9fb13cdad16b35d194a48ae377625300df479d3facd20c3b8fdf18b88b57753065e542f147248064278611e99ab92b33c68aabc4da08a49bf" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"4cfbfda3fe8ae7ffdd8450a52c78388a6c9d93c6e3ab537c91dffe23b5693158b7919e875d9ed6827a33d5ec5bdcf061c311aee36953d13c16f0e50f455705a9ab7a436b039551187a0f42e5f90b40cbd44e98cd5295550cc46e33be6f073a9e6c02ace6b0f896f9ec56ab7e8be7a07b":"":"9d155d6754ddcebaa3dd28ba27946ce3e22de29dc1db8359378390295e5aa287":"ec634fc86bfb45f49a1197a70875d7addeb257f1245375aa1f01b3bc359ed73b":"46f5a6402ea9e8a008925c8f5540c4366c599166baae8ac762da101550352f35ed9d34f82e7e2ce042cd3569be557e02aa87163d1e453904c5fcc998fa64c8e18fde61a8e54c21ad4da060943aa79de14317276414e71a8c132053c4dd35da0da1fbf7f0cffd264d887c8ae4f358afe7e8a1bec60fe7b4696a6b1c00fbb46012937b715ba8eb173e09c1316cc361819b24f7284f983b6824c39eddf3d0ba58e82a2c603d854cadc41d5b12af0a67b367f411c5c91820e414e30b3d2cfde6876a3d144a900eb2dcfcb750bdcf09c0a01db79aabf53e7f045b9c824c8662283bd4376c7179096c5c9c784d6c3b998c4d11b7ebc01a4a562852b9b82bd313fae0aa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"3351a083c1f6033be5cc879eaf34e25542ebabb2671b65f726e76ed711ae073e9bd7ef6d7888d6fc31e51dc7f60e8b07cc6fe94ea0f22cea1ad54ffad09700596f6320d980488ad48527f4e00937b6f736ebf1b9166e20c5b812c8b85a2a29d91ebb021b19d2374ed4e2895d1518e6cf":"":"9497a1c85796846de8d8b70d66d369ef59bd91203660d6df2935000e8bfcfe71":"8a681d6cbe1cda5e0f9eeaed12fdac75b7bb33d28d6855d498b6c61cd7ebca57":"5148fcd7c01eed1da1d8f68a706268b5028e4f3435ac5bcef9231cc81c6b6823156ff7432e51651d0d02d92e22297dfd12a9d507dd3137ca8ef216f969ab67f54c8d5fd5c22c9154b6caba4a147ce4aa20647e2bcdacb727cb0810e4106494db0e25e7e6f939d29129b0c5cf47adb35629006e6f5c7c1946c1e647d9aecac7fcc488a1c868378e014fc68afb684e1e043f53fda4431ff031107cc23833975bdac060783f9cdbe96ca164ed75c3280ff355e25e165eb36cdd4d651cdbec053a38b6406c26ab6f16cd0ffe1e8e5a017e25c5c93fc7ba11385164337d54123ba03e65c261e8379f2ab24aa0d27f57b9d7e0fa825f06986a4fb9b9973adb87914cc6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"3439b57a2d19db8b7e10ff9a34ac1d29b8d789b05f4cd2bcb0376c6e184cfdc695c6e26a0b15b11a685438f48dbd7433d63119fffb5e317d97a5b3e23fa6228221caadd163b66e36e41d1df89473ad3a114d25c8093128e2219a7f2206621b99ebe673bbcaa9a369aad3339927773b57":"":"dd1602f833057b77a8c763ec5aa302326920bc2dda46b4b83b3600673c1f4627":"e2328a109a4546f4311bbe3decb53b3a1028984ae73ef8849bf682ec29c9b5af":"e02326b477271366128cff2c88b703814c52547936ba90e776e383620eaa6f2a0aae1cbc6bf9fe8c395c088edf27ed3a3ee6f242dd6a6c3deeb19fbd7ab3e7d26b8c6f42f86803b885c733aafbd1c59e77e43277e244c0e9afb0629af510d03f6eb547bb0d455163d14beca53afb4e756b82ab5610502c1d74406222142f1cc1a41b4188d7994397a7ee7195482f22cfd997a611816e331cc62387c8d28177ea6727fc773c16278194b419f7e99fff2593bb0e6644ad653b63de83b244fcf531eb6db5716e60dc260510920754504146e4c727aa29b5659aa97a3ec63d07f9387277d487e4b855a6ec053289af6e17284a6deaefbd526dc3a379e5ef4434c698" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"f7c4995379079e036b9b10db6f163db23bce7399fa8b6268099fa5f2795b67ef06ec674197c73fe47eaf0c4986dd3566055eb14934bc8d5272baa751267c1dab1d52da6204ace6c869bef56eac006abe8eed565693e1854619266d400cd3f70222b6c671120173fe918d229d5e566886":"":"23ec7d6ba9a666ab49df45eeac006ad1f4f0e2aa4da2061d0429b510ea43d93d":"299253ffb0481d2a1dc2ccfa666123a3bda652666a77b52a32e4cf92a65f0d61":"4e4573833f4ee5dcfc4fb057e3ff8a7cd621b1c7a51fa4db8d02e6b62462ea9ab62414cfc3262569192a5960f8c3ab164ef2974ee03815281159ee50272730881d997a28ea2f9bbb2d7f2eea719416b80c73598e524f5fd9b41d17f386a30c194e2788278a61fe3f5633395e28a8f142e897d3b6cf34c00fc84a4407e0816518b218eb08a9d161981c84bfd3e47f3ba36f54587d62060e0fca65324a332a9aba7cc1d0e842bdbcc8b1bc57432f9d70e6475959da2fff2590438bd7b4faf19ebbaab175655189050781b7c7a27e9867073e1efe45b47ba3f86414229f5d2cc08a1d801f731c3099b747c68c1e6ca863a82265d3b2819cb0d2d4e80078ee7584e5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"376829aa929aa4fcad37b41f3a23bec28386329ca689317c49bdc2beccd5066b92e763dbe8a80fa1a1d21c38130fd999df05446bbf128bf23834d8c7cf89ceb5ee6b21124eb6d4966f0f5cdfa59ef58592dd2deda2f611b6c1ac8ea1b1dfb3a51dc5760c3a7e82fee6f09cc2b7a74d7a":"":"f14c07e0ca886373c563ca544c3ed069de697c538afaf009bbfbd935995955f6":"4d71578fb5a3211d3bdda82396507fe5193d21a2f70e6c2b03828fff53f5f6a4":"f6df98f9c4f7dc64208aa5804be843ae9a989bab73f6a36b603d1549ba0a58cb6511bf5776a786141e48305856b1db6f641975d0cb5102b51b539496438cf4cb905738c919e1b06092f1af89382fcab4e365688adddf02fc7ff640e111d5f3bb2c06da91a77242e1055c0b56f17abe0807b18f6a93f613899d37762bab607c05467dc89e58b21ac50bc01fa52d1e649bf74841b9643adb4699ec6ec0bb4d297c138fcec1f4249b9f9ab60c2743ab18ea5e202114260edff93f4148ca772f94572398bb387b78ccf50d6200f7369bdec44ba6403ae363f3b710d464b6f9389359030b61b2b6261addf488483e0c5e4cf854d9b601a1b1aada803af8feeca913df" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"981da820fa53e7184a1a214a114a943953eedb39e5bf2c3aa7028aafe57e482bf4c0dbdf862d55afbd0f0a97f6c61204711b46a8f5d1a69089add789f39cc3d6dc7fd19af6a630f03b1496d84aa83f1eb24c0d354407fa9664ee5f4c8de4ea75f05a17621aa9dc58ef38cdb9184d24b1":"":"2f4d6b4724cb715b0d553ae1ca6f3055d7c398c1c031a3a69946f099116d13f6":"76c1d679786f1752bcde1108b9977311f4af9e3d5f5fb9eb52565d0eff90b4f0":"a5b531a51e8118f33b20edc76adcc36fb0ba8e7f752518b84ce712479ce749ea893fd31368b10dd6832f9f2bdbae488dd9668a80c8091dde61e58336a8160fd7a167aae7a1d0f0af077f600b5ea21e64847901ba658fe40f20083907b25b30cad314cbd3f194f8be407359b94be74b34e2b4e2ce7371c12c28c7c7bf0032c03371a6247b60a113d56cf938d1e4eef85785fea90ed45a1b50fa40228fb23f154175fb0d436ad726306659e2e9b6a816e9f0716781a774b2c3386812e872fea9192fd9fe148bfd7a987f74d1c7e7b60a00bde3e4ab53d3fba5df0e2cb7a3cc6bd462e43b93871b3e238634174322a88078cf386fb210aa4df2c69ced8a4f72b2d1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"909f30f7186bfbae0615a701e3fc362fc6e8ce42162cd16fed11ecff70760d7d0679e0b79fec33f83bd722f2bca339e791e5db7af16fa629c84d1f4778d1b1dc24c9813711507349c26319e18084755cc392c9c2f2241406ebef3985a4ccb46b2d7c5f8b79321163bdfc3b5e21eadc89":"":"1fcffb9b047f2e904899eb6aa815b2eb51ed696db2478118c4225b7b308ce069":"becf0c41d3930f152260e0e6f06355bd0c1701b81e699fff7d8e5a750d57b980":"405cb18185e295e35bb8f758b0392d8e323555529b84e1dd0823586dc35f25e27c5a26da87ca57b1544d04b94cca967df7d7d89e00d3c919960e486e6f4cec6eac1951064efb3311e4be348558bb693438753460c65ace14479fcc44915dc6b223900fc84add04c48c57b2e9aa13c69a2cf2b0bdd2b2cc70c49a32e5fa0606fb1523b1da894dd7f6973050471a726fab3ba99de3033ea5a0c21e687a5ec9d66ca8460d74e5b1b99143ddfd4af6d95f6683b103133caae77649f00652f1e78295134ee42cf35bceb7d52f6cacb41effbb2ed661d8f89bab51a90c70862ee5fd5d3c6060ba0b5a5897f796f4107efb08e5d82501692401732abf5237e0585c9483" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"9586ebe27de089218433143fadc74eec6ef7c8d077536f7ecb62d412ef0e163437f6d84e8bc6e97ec02097815a99c338c8f3434b286ef26b1c234ebf1bb1d216b14b4c3b3df48ac3283b3ec9e50c9124a717eb398941ec0801f95ba6108bd9f89d9fbd72d6248ae50961354280d92df3":"":"65d08da7a1fc390f2400efb57520e16da932bbd328a236163c40a540de585488":"a1ffc217e71d1f1047a9657d61ffad559da3ebb75d5af74f3a1ca9fc5b964f76":"0e2958169b413044917124f867d8fd4b865587505d4a18040012319dbd472688bd90a28706c56bd1549271b1237a5cbff1844b8e1947ab97d0b1d33bec5ea32ba3bbb5b0986d95b8aebfeaa80b0a132ccefe9013cee4fe84597cd2c3deec46e5c4419ce2060433cfb696e34c6f3d6298f501a56dfd85ab8a9ae8163e5d09c707cd69a3db0a1ef4a1cbd9a75396f7face5eae9d63875898107e3043cdff7f6a7fed48362792b7a43771f06d97085525f5f38aaf38d5b668dbf84276c258029cea7435aa107334e69ecd50ddddfc8cf592373fdd7cc28eb73e9fd2d2d541d0d88f9fa1bb62ede17667f4c32cc9ae2038fb7763b922c34d70d5805d3896bf8319cd" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"90b824b7aa16b4954d99c3fded669a83d67460ca2fa861468f0ff6e8ef61aac7eff878ac34c2bc59a14dac9659cb558b11989f8e34d1f27c68ccd71f45f7a848c94ced0b18c175c7e1eb50fe0204cf630e39ba3deddeae5de4f2c3d254d6d9a747f486e20106f5a6d7b05a67fe474e57":"":"a76ba2ac232a282b3829d9442587fcff4693350232e976439b5b9dcbc1b704c9":"06eada44600f5d5eeac046e16cf576d59c1bbe6c608d7684453f353a644cd031":"c6d51f9aa217655be89a7b85241dac0cf4f59d983303c3c5e7c279cedf298072fa1cd70a2180c3b3a58f553d6d7dfdd01f995401993ed6f2cc3778f780262f93755c9f8d54d94e702dd6df82a737d57cb5784f035e7b2983e6253d0b2c26e4dc7182d5d06628bf7ff8be110f28b274bf2b9cdbc14d16fa1c9f2fa020b0470bb7744d04332c23bb198d2d7f98f15fdab1ae8bf310dc3b90d132d722ab183f806cdb324c503898f91d9ce12f8dd1942867b1a169089cf24f1508079db6184ab4fbc80292c439f7fc2230c22bcf022aa8ef29f23fd3cb8eff8fd9f033b5620d5845d4ec5d0c8f5d4f7d02dcd2e9feb143fa62885bf140aacc7a3160508ebae8183b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"0ad0edb50bccfc0fb68b5e7b5edf8ca338e5457cfe44af3fb5d683db120c6a09b9907dccf135c5cd0a97200abe245e144fa70365cdb06dddd7b59a557831ec9c3ac14b3de791421cbaacc609bb7659c4e178a7158d7651369655f9c570674fee2c5aed961f3c6baa0a092363b388add5":"":"f9880c0023486c8c8dcac2b40100a6e2bd78b9289e20a72f4cbf46fc156619f6":"f5bf191309d298ce4a39daa668d8c99935df9ae31f5bd1fbe77a3682858d5c0c":"febefa9a23eb4f236d1321d9abedbe0bda5de6fb8ae4259512dbe3f4df7e006e571d8b55db6a438de63917a2e476435ede5af77630241e7a213005f205d3857348b8282e790972e4a5983009e052cbc6bfd00c08306d346c351f32a7c01e5142cc65d5e951fd9186a098f6f22a5e4d5abd80982d1da86c39b1529e36d2341e18859518a425cbc198e9dba895591a1ae395b148f033e1375903fdcb478e8438e0622544d6cd990e5a4633698dee50a623a2b7d8596ccd647db9be1c2e6f383e5316081f2c076dcc98483279e87594ddca5ec4ef4f9f52439571f671087bba02708af107b771cf59bdd38f4f5b6c36aae8112f85a9b2828e048988bcec68098660" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"0425754d1610c14f6be928608ea3ce731ae818b200c54341aeb178f69e145fc6bd38473928da0d3638b0625d06f6b94fa009d920238b591c97ef48bdac9021fd85f19ce809a9627183e3b621036fd7e3bfe1dcf51b07ad45ea924e2d933f15c1172432b359ad72149e51e86e56ba7768":"":"f746e854338d81d89e81ba3655eac565866b56b2faccdc50a36156fe2faa661b":"06e81c2ff61b7c7e51f5238babc38887bc10d5fecd86b7a6d7c48baf4aa5adcf":"cf9bdaaa8be06039de98833ca92947aee84ab5a43b71a90855b2bcde9b6e69255a5a5e24c1bc8ade2b6338babac8fc0b90674bb700080951425ce67c51636f35025171f584f62ca49933f11883c9fec666305d88ad2d359ac2e0f2472e368332da2f5a15f857c8e8bc7b4897f7e12187ad9395a47a9f271541537ae1bb217f88f9b689933e5c6fcbbc2c39f5924862a4a68e068d06a485f2d80583eb6606f177f9ca7618e0ec018596e0b98376c95fc159fd68aff1a0ef3514529d4a717b8efb7b4764d11c0619ffb0b20106a5a541cfd4e68c002b99bae85f0e99627c91b3dc7f27c2415f7ceed21c542af170bb1398338041c181da40dc95bb0deec6decb48" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"d7d2a9a0b97f4564e05de6db7bf170d2a726e0f5eb2970839c4a0c686ef372faaa5d8afc07d7e9a44904fe9f7359d8b6205c7ce06021f5dd60656247503694960c78aa5e3b3f5008d48c6a264bb94e1c2950f734611e3e10291cdc0199ab9000a9c2eb74081b3c2cb4461ad6406a38e7":"db994880895242ced06eb29157756b25052257bd49ca08c7208d51e7b0ddeeb7":"":"":"6a45639360130d0a679f9addcbf6f46b9945b3b1e5a72eb175144e62786dbcbc8073cc2be8cac421b9576ec496452ecc1a611b1e5ac41500c4213404a2311247c5e828738a8cb55f67b97f39d05e36eb29871e3d709f3bc7c72567e776ae736b63c06f5b57c1127e305387b115f117e302727d042c2c0979b70e2a0674ace2922bcc2839c1a75044f740790b62b078bc3cb056a34a9ad7271e02a1fa86ec85226ecbb9b126c4a9b3b0b0f4ac6915c641af28b34d7b7da6bbf4ce280671c52eb919100e198a3feed6b4fd48c01d836c363904d640e475e0d0e6c6ce5f25d0b174c561ecbbae201bac53d8499706d83da43c268bc2c57e2405ed016d6198964c60" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"82037584f80266988ef6d15fa6003478c20d33265530c1767e3c23f0a0a95d61c9262c26dbd37083066bacce5f93dc86e2cb95521fa6dcc9e4d01c469c4a3fee33579c21058975dd91f9043d5ddb154f5390c4ca2c813938a8270b954a7c7197ec382f02c50dd19598017d2abd1e45ec":"52a6cc9fe891945e5039e95271ccc44ba9ab57f62086837ee64409d0fcaf1973":"":"":"c60f3bca5d6b1130c6fba93e3da9b81dd763828caa5ce81fa528e1326b675585bcec1b4284d9ecd46343000c1e2d6ea06f2d95f483ffea1902fa3935bea0e9adc40e85dfd1b59a597f2c498068af0ef4c15b51d535e4ed1de28b1b1250963dc00a70e199b48d8d7921bf6cbaf268e801eb241bf659dd38643f39de8b9e0710c22eb45780036ed3a86fd4b9c745d26e2d3a5b7e87ef6ac54d8d4f9d7d01412d940299fa1979716de0ebd7b26bb6d8ba4217dc4a660ee24a683440a12b00ac310b1acc6481d42656ad0b08eebe4883db71a6c64603e07f402829c2677663ec68fe1e7620b6fed23b7cf2da0f09773b85db63221fbc6550a7182d7b9d8b72ef1ad1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"5aebe22736577e69c5027cbd1dcc95146f8dccadf961020cae23562d70e9f0155bfced0ce2053114972614a45932eed8a6b4f4e746d8d9e8b25cc9d9fa67ee0b15cc5b3e3a2e4371a448c9f6bcffacb8a0a8f2c05e8a3a0abfd5d803a77a80fba75ff12cc0649af9bcb94fa5ae2edd2a":"3422191ee68de00c779434aba239e3cd7ad535c13d118bb226e1e013ea6e9511":"":"":"6bbaefdc1aa307ad401b6040da2036d6beb5c53bab45d72f4c679bc88c911fd2754a09f2f4b4ff37e7fe3cbd9cd788ea89436bf78817fcb3a6472198b675c837624de8525dedb7a3b7901faf8dd09db1216f55205e3719d31103379abac3a0806fcad0474b9bddd81e3fec33488893ead828e08291b0fbb37a12b74347d35131f1bd51aa4e4873096b1a35ee3db7b027fc5654e5a0352c22ee35d70f65b39a5b8f4a206970143d55f0e538fe28114fe3963cff7331e59dd25c1676bcea40c7074073a95b9cb044e114456079594d5c570da4e948bc35be44a524d79bf4c8155720418b8e7ad60990bebf67ec5fc083dff0fadd3e94ba110de23e8ba699c81548" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"f5340f1fea08877edb309b9b43228f11dfca26f340fa433f0b18eb9e6e07ccbe96f7a1d745a9b2910e21bc9522a989dbb2db642c5e4b2d59ffeed6c9e667b378588849338b385625f03a226389081858e86a222876f18a0d7ff69d0fede620a83caf254eb9376dac8ef99837dc491dd4":"98f5b7af38c1fbac43fa9cb358bec11923d103720a73591de2c6ed245e86e028":"":"":"5293ce6891b5641a33199c0a52c2b5ac46b261ed311d15a6eaa8df6478b217aeec221d488af74a347ac9a14d51e07a239c2a52d2db6d75dcd901452fa3b3403a15c449c2f1f9770501fe10884ddc3ef6db2d89ead176dd9d240446b5eaef3737666750f56dcc4370720419136b0e6268efa538c7468f6b21699d68fbca51a3c941df46fe9564d395c54d829a681864837fb2b6eeecc994478210317d5908886f6056293d53501a726cf4e786c6294381fc4af6e1109186759ec90999d8a21ab09053938fb545692ac03c776803868134c3e4f7ed87c9284cf16a7651458d7e68b625272687944e2e6c7ccb4fe8e003abbae93f98f694a8385a295c336b5a404f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"82738d1234a9393fab94ab99b841371f7046c6852bcdfce1b2d56825f5c58786e599005a8a79a30d89a4251d3a797cab8b3f30950b9a15d686f1259a11a516d399551928cd3cb5734c7839847bd584c364b95b8feb390567cb2ec23746543ace1371a089ed97f9968e83e75636203574":"3fa319b90a1038b544916123534aa5cb10f4da16cb12c3e00bc1306423742bad":"":"":"9bba6c3cef2838d115f1030925a01db7881df7e7b5d461a5f8dfa2a40795322df746a25ebbeff272d064aca9ae284b50b6f93fa566ea519e712c82f5ceb481f2ff873e73043352c7647238fe339336cd7aa3765882429a09293267613e29bcce17535efd1cbdbe5e40bb21bdde402e6ba7d554b30635d05f581dd1bfef0565c3f5dedc8210b5a01a10b58130442e3f8eb11b9a40e599ec8d5e1089ef1f5e6587b4120d1fc39576282c80c825e6e9507a0ceb3d0460832ffa079fb8492a3518f27f09c0bbf06f6ec00d80e145b5e848b688418419cec8ae52cda766da84a856f94a4bfbec26a97e2810fb1dec3b48f285fa4b0e2794fcd28455bb178b3d55340e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"e554287587131cc3297b05c8adab4610cc3d1634eab65119d8c546d13e9961594f9e6cc618ea0d782547d54aae466fa243c2265aae6d575f8fe22edcf71b3e77fd9f9ebb11c9e2e81c70abfb193239adb73e4fd14c93bd84bf79c328a86a433427b305a6425dd5711d83006dd2db95d6":"2a5741cd93041be381636c081f44a9410647961ce5265211ba69e09beb6e5cd3":"":"":"ab0f85e64e334bbc741b064a31aa9cda9049dee0d6ea68d1483a60e0f48999527042b7994d7a7131423bbd5a6cabb35b9c78628034fe31e5cc2b8ea2b94c91a488fd34fd344bdc862db00e234677fd0fb5155ac892c304361e0f5453cd2598115cff6a3341200ad7469fc5ea1eddbd85511cf20b842c997dbdf95e4841aaf0d365080a24faa003fba9226bbbf609086a6a378e5a5c2682ffd93234dafa69c2594cb53e77d04ba80367ee5dc92cc606fdf102d265d52a83511e2cc1d166f3b84586b2fb01f8c7ed39a344a40ff884e6a3f97f9474977b74318d88a6c70b8cb7d2489e655189fc97cf1384cf3927f608a1f451c77060f4309ff913f89d21398917" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"ee071e3f09552a53b8bd98d9e4b4b460577bae8629ca6e8461111a1ec08d5188654042148dfedabc409caeb5a03b26e422113d79729e75ccbe2466ae8197cf8ed14dd2a9382596da6daee3314b12ba42cd9ed90aafb911598d1863c9a72625d0ba9d711d1fd3dc462516a6b6286644dc":"fdbdc11a4f71667bd1561e87ee34d925b13d1e79967fcecee8b2656f04d6d379":"":"":"acf342f6537c1c3a8f050359730c185e2beaaba5686d2ffc0101e3eb2b153cc80ed5e8404bc849e330e980c0c2ee5df6e630b0d2e28ea50f9f8c06acc0c880304e321ed7205e673e4bb44ccf12ee27bc6f168b636d4297d53462db1c4816ac5ad684e532f35a21ccc6226dc6481d649158e75a6eb012eb95ff4b460b41f8ee1335fcc43f0cb9b5ee76a471283ffe0880e5cfa2ac200b18149712aa10b76fe3850dec22ef4639beeed69f01a4c25ce6110a2eb0a69c479c97a6ff2be4adf3c725511f932f86419ffffd0306bcba149390e1d30679c4d70d15637665419d17e508c0509bc4a1e73448c29df6944c00ce8e32ca8964418739734e8ba0aa4de20585" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"e0bc8c0b53acd8cf5e4c87ad24455bc34d456367bd2e71674d5ac59d0901a07abb52c4f264b0607bb8f1ac0efa4f974947bad42b482868d84208f064fa27f465865b910d8e536f011097bc0cfea07a934ae5023ac7098985c4e1e2d173bc835f7f6fca3200e38482a36c871386ff9b0d":"bc98fdca1133a21a2b4435105b1f96be16333f5ecc6618c54d28aab599b79549":"":"":"ec616993a60d7971858ab2ecbf86f613ad0d9edfaed88645565159ded90cbdcaeca3dec081f55857df77a3724f34e797729493e995594de81bd1d14f55fc76ff1c99e86f4bab5b01cc849180bc0721bcd7a1c694a523baaed436949882daefdb9f555ba163bc01780831c06fdaff5bcd58c61c08b39d051da943a1a3f831808ae982e3bddf40cdd47d580d3be6603c7818614eb0cbf303c6e6f7b52183e03e42b57153e9e0644c5ccd1018e242fb384d8327475b6c51c32b3dca5f32069539631747757301051a0eb4c2e4bfe6576ace08efc5b4ad888a4b8137797cc74625b847a5b6fe515ce186fbfe7a68ee1dd5796e7aa94e78a85c5bd46953d8c4fc0ea7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"9c61a730a0ab38830f36a44181988afa24fa5de5f298db058fb4a3443d3b71412ebe35851a12f942b7fc379ca1e14c6319cb485e125dde2482c5632976a2a9c11221a9fb6e65bad990a5b77b55b2b8623a5509cd919819e7f8adb23a99b27c2d05fb6a3fb3936d5fbfd44cf2b24a7a87":"a60b8962b18d686ea141e0f4f01572a25b69acf19740bde9588ea63a11e904ba":"":"":"bcad32168d8bec01482534ef7dcf27ea111d6b2a11311572e09bc2cdb376f30157ed19b90baf8e4e3c61e6f8dcc05839fb1b3f1a723c3ba9dd1c7cd49463278a6b2190dde8ee03242d1be9a40b570dd4c30437f0b15798874ac940dda5bed2c93323f1e79d54ae9bc86d82601987f048976a557c6173f9d3eb16649bf0044947206f3958af2cda743fc40416e645b9596b1ef4e7060c690d75efb4acad24976869627c20993d89359d39cb3a97799f9c9d37dd79d212c690cb148d2b3006cab6d43e798aae2a35e8094a21d632bb05a89ab1b6853f27b7e064041f140870a6bd9513bae4c18e791e2d8f1b3c7bcfbf82d28c9d6cd8ae224034c306e51d362e9e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"e3d186a9a4d9530906c58f9d1f3b415d1b60e2f12ca34a428d16fde09c700dc5ea9d104a92831936136691232ef64c887b71383be1523478c67387441c67fd7761e9f75fa0636e5a3caa845219f3582bddbd0017b9b95984cea6a3ddbeb0820f4f55ff15e22c00e8db7dd8fbea8f6526":"c33655a0e2973ba13785fe4edfb75749d84d818752f7658014448b7719982726":"":"":"e002203e9dcb191c5c0c3ca2e143e689ca9925337ae04c29547a56d4144b2657f826742c2af60a2ef56b4f76e68ecd423ca04eb79e92473c2b2096072918a2390b5e1ef596ed6a4302c181b03257f9defacd58796e10b5601ba9a1be767440ac0aadd4f647bbd81a084bbd8bed5a0091892bafba61259a46cea95f7be6ac76492a52957eb62e0c96f5dc74dc3d949e74310be664cc21b9c76d39101b76b7130f2cdf444e07bdfca000819dfefc2eedf897b1de0ab92e3d04f6dbe9438c71115e5d14fb663d712027be4c1348cc3c5c30bf8dc0f7f5a2456159a542e58aed5d10affdfed5b6eae77f3af607354ddfc4f1d7afed90463486f60dd9fbf10b32f6bb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"38eccee965505ba5136a8ab868ed1e741d343ad713075233bfebe196fcef6f4057a21d8b2d6c68abdf52633d54d9609e87542efa8f4b46f40a4e60a2dbcf3338138d46c1e14d6f752954a8fb992fb0260ca8890300556ca7092a7661b65fbbbf0c56e2d49875528aed1ebb0133f13c55":"7bf2914afa8ff9c3b384cb495d0a08bf7d8f0b7198df96db7371dfe987b2b73e":"":"":"830a9f61e8af4f322a46f3e75d475f9f6d076713ab98b2b9d1196e8fea098bb7a840ca4d7f32a850cbd7417297211fc37b47b068aba349d26a47b2d6d41e5883f656c287804fbc854521989c5de99b61c58d5144440ccffea4a0d9c455a40d4718cc1e9dbdc9c77c4848f466257f99ab6073dee83cf862511b68c2bba8bc907b88822fb1ba310b3901d7aee1eb3eeeb0ae5e8da38276886cd8a218d26a8d899afdc233944c97baf7b27444e27f9f3600b6d908fb179e504c5091e2febb7478b34bcf881c55fd9fc74e9eae1203e097ca67fcd62f03a1579d898d890c57445d9f6ee1b65b2e1542f490501384a8b98cc598dc8eacfe2260db6d65c54ef915f2db" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"19222f7886766642da4a80b97b9ab8b157b58ed63dcea2512f088644791475a5c6a33a2cce394d45da2f84b02a0abcaaeca4698d50d5bda435778b808397315654878e866ba0136f9c4e206f7749b60ded4198d69d1d077564a894375291991eb125d394547d226c2da17e8cd98853e1":"af34763c141bc212271d52a260c6d6d40e9f40a8a4cc3fb7ce6359bc71941f89":"":"":"5914df97ca36accfe40009f033bc6cd2195d0b1d354960d152157f2b868db4cbb736cdd0f077f230442ba0101789c5cc2ac727b0704a10b41c87d79c8aef748567a2eb6e61a7c499a6a1cd6a9d958cac18585b2e697dae4ff92bf913480968f3b2b8ca2e0cd85f1d9303e3a1a3830a30d6ef0a1e02c682958fd186e1be8ffb2a4a69d34bcbe617c3ecca0a77d460e3782cf10143df34adeaa7cf74d1d86fb1ed35da217f00cdf27f1637d2a188c3ce7ce6cfafda3adef4463a0e7e668eb1268ada8465ce909f368a0b12a439eb4d43a87cbf98f83a4f8c422ac90851ed081d74f212c854522437b2655959c081fdc8ca2945271821182691f6ee5fa0c13dcca8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"f314eba7451a0b721622be298659a3d253ea5925f5912196c62ed149daa11e26cd94e8e647da38bcbbeeef1da21ad92e0b9a5f1ad72826bf55097621314f9859f8f8d4d62cc9a00b3e9d95e996509d77413449aac8f9d8b311577a083f80364ad1d489262058aa11ce9fd3dcc6b1e4cc":"f8b1e97ec680f637a4792a0d50fff9a0edb028619a9dac05b8ba6d57e55a1a4a":"":"":"93db5a7ed48a819e9a237ad4eaa33946880ae85266418a264ec17b41a8c97c16c446f91c6d901871e70b6d9c10aaa07077c1d40242cb7c5cb89a137094aa81628278b9e453d7f0f034724110acf8a08fa244da256bf3e41960013e70974dc8c228218cd88ac4d7448bd13a4343866b656b16aaf42ff678dfb960523cb95776bfadde24e16ab0070305e084cd970093fcd08431b815f85fdc4f6a43fcad105965b6fb1661c7709a166ae6f3d1fb463689f752811fe7d6665689a06c60aae8a051abfbada40fc602fea2ced51aa910c09b78d97a4e85242c3d206cf31ccfee11c5dc141ebb5278b55de7e7aa9a08048d5cad072da32c449bd0dad2f7d6188a5b9a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"841cd7bfc5d87a0fa624f474af6d8ae9f2b5a1426cf1b752ddf11f792169f2f2c0b60427bf62df1b373302d91fa8dd891fd7542bf6425a7308f64e96b0c3e372d4addc747898731517a418210813f6f14d56651b2599bb2899b109b9c21367126ed5bf099f455ab5b67f47a1a3abc3f6":"c35726206d18f9fd3b8423fa9ee2fc5a896a013a95d052ff495b9cc6759d58f7":"":"":"b3eb113c19f33eeee3dd53fe58acbef68b652121f39e9b88472e9162f3429c8d98790405afe1368619366c88a487518e1ba7896eee2b4625a987d138569892b8f977798d6931b5d2fda6b8cdf314063e45a22c957a1b96a249c431bfcc2864fc00157fe6c2ced99a1cea466944f675e52cb8fa0027ce78f4e3ed72d19f125045aa824b57526ed20d527d371475f389c66a15e35c2ad1bb8a79842217a422e4b73a3ab5bc8cdac32eb4b12045202b1ff1323a6816c29ad0d65c9dfc8e9bb841ae0c813c0bced097877bf220961c0447162262a96b95dd93ee707393fa5eba4aba292982c216b05a8c2cf165b54e1bb50a9ec20151b229df3d32f54ea62648b340" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 0) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"dd62ed0d54d930fed1cd7582e376ab47da3138f77daadeda32fab95bf881fe90d9ab4dc5b1cf0641ad966ba1761aaedebad9ebc3f3b24688e16251c409267bec9b02cca6b8ea7969a5991ef647fdbe28d3126c505bc0d9f8241fdc49e8674ffd6bbdcc5f99c6e20d4271b4215e224156":"366c8ff666c2b42d735dcca5c0b12e352afa483d48d57c908b5263ad3d2affbe":"":"":"a774564295c318615e4d66e0d857dd6290ae074cb38b6322d8867f2c7bfb7b3bfc50c715c090794d794aae12b6aa1a91ce503b549d79435fd1f407fdbe286e4d607c624b44b5f0b91e65aa59a880c695a0fc2c9d53dfe0662944ad458ee6c364e56e6537ccb62deabf1321e8443cdb58e8833b708807e53ad86eca98e7cedb9bcabcd998f975b9b8722125da2d7f8e611b48e7df63ccd44439c615fc3bf237561345d85378a34c46b65bf5cada2e1c591f5a5ae4cae06bd2314bb5e5ba067eb65205aa2e4f625be97321a91d964c4be9896ecaf20aa78338627ea90578cc900d2abff4b50aca44b24088747e7e27ba9605bbd6f30c99d6697be460da653a1f37" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #0 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"3aca6b55561521007c9ece085e9a6635e346fa804335d6ad42ebd6814c017fa8aa7fd3c3dd5d03d9b8efc7f70574581f4cc19fae5a456f8a53a656d23a0b665d6ddf7f43020a5febbb552714e447565d637386b3ab33f78fd9751c7b7e67e1e15f6e50ddc548a1eb5813f6d0d48381bf":"4bc9a485ec840d377ae4504aa1df41e444c4231687f3d7851c26c275bc687463":"b39c43539fdc24343085cbb65b8d36c54732476d781104c355c391a951313a30":"b6850edd4622675ef5a507eab911e249d63fcf62f330cc8a16bb2ccc5858de5d":"546664042bef33064da28a5718f2c2e5f72d7725e3fbe87ad2ee90fbfe6c114ed36440fbbccf29698b4360bc4ad74650de13825838106adc53002bc389ee900691649b972f3187b84d05cecc8fd034497dd99c6c997d1914b4ef838d84abf23fae7f3ac9efdcdc04c003ac642c5126b00f9f24bf1431a4f19ef0b5f3d230aab3fdf091ba31b7ddcacdf2566f2cfab30f55b3123e733829b697b7c8b248420ab98ba6f11b017175256368e8d8361102c9e6d57386becbeabda092dd57aec65bc20ebee78eea7294571e168c454066d256b81bb8b7bb469207a18ebedbb4348fbe97a4d86d2bd095c41f6de59aa0800e131e98181886a2633cdcc550914d83b327" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #1 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"2531c41a234821eec46f8aa7dae8e3ae12d167d289bfbfdca928643b343eb951015c066e2d278ea39d2a459e6434e234e55fa1145583ede74e632ee8bef2a2ff76ca3b8c9c977a5813c4041f3f9328be6c67f1689d878e8ad61bfe6a39f5b034b75c40c9b305c1eeb92a3f4169ae1720":"d1952b7d0c4c94185adc025e67a29fda50f577770115c0931bfb03e8101d1d3e":"0be3f61ece380d63c68ff0d4bde36f58233358ce62c7bc588728cf1babbd4342":"01e76a0c9addb4dc2001bec231b72e2098a6e9e8d39ada13ff0c493aec8ba65a":"12336758fbec11ee264b06969bb37ff1d37034b66f8b823690758da074d4e09d84ffb493d0610b5c32f68b1a144ca654ab4f0e89c89c6ee6b872b6be4ed06a77b9809e68329addf4ebccb986dd48cf33469362af9d8f7b24aa1cc65bdb814c2e04b79860f2d53b3895b5f92502befe31729e40ceaeeecef456dbd723f485082ad475e46f6023dab6bab0eef61394823122c262baf562d55c687c3c3408c837e6383e11535e950e604df59cc0af1177283fedb5fe30966460dcf6b1625b39b590d455b9182097cfc143290556d68158fe20211effab9303115ebc5b699dc1613c195956dc61348bbb525e571c5407326a6e1628515c9275a6a5e35650c953d68f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #2 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"4d65ff2fd260eb6290b02b1fd71cffec840cc01807e984f07da64e6ad80ad37fb5810ed012d2ceec3a0418003a03343502219bd422c08e0321bbb86d923bbd04082f939ded421657f929b37e21604a2668b57d5606ac36456da916df82a8753d224b4f7c829d285254e9e851937b54af":"d75616aa0190a56af573e43605157c0e0d5275bca959f2c75d0e777943b200e2":"954fdc652d0bd8eea37342f5547241afb67f8d4c587bc2402c435a260144acd1":"ed07fea3a07e8846b4c3aae8cec0bf6df7c8ba7817e3e9699943e2d2e778c4ac":"20c1c41c0809e694b5ddcb8089946d74571144473dcd68af68cea5881859ac803c0192304966a3a6f4c24de0451451128663bafc20c9842bcf72f3d6294dc59b850dde77ec9b7b37d8e5a99ef1719ac29bd54027278db159476849d22d2b46ddc008cf76878eac8c709066aab5f1043ea588815aa48456d89d2657d2905422857f6b741218d22fb7a2a67e7efe5c2c56c9224170a75db10b9d7b93509a6b1c5e9b6d5faf354f79394151eaea71c83c8fa53446eedf70582c4976a4c16311f92cf7d1758c1d1f48e6d58b588b3cec5f2a7f8552dcd7a72cfa8f109c3f734a708304bdcdd6b25acc00899717a05fe98433f104b6fd268379051af36b111ba179f4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #3 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"313680a6ef5cc85924575195608f3b9cd852004343ab708e89d61c24696246166b0dbcdf61c59b0041fd2c55a829c99cf8468552aabddd993687c2b4a6017024c41100510ee10034ba4f66563db4d3388a7f6d475e080faa23ed43c674254bf9ed25f73109630647fa3c85575727d2e1":"cda08cd76f3bac2c30bda2069a1a7a461f2462ad2b2ab6a727da6836896a4d2f":"431c4fdeddd3da1de6fcf19a25d74af811f72fc2367a7f33cfcdf17cf38fcb6e":"4750344c23e4686b2bfe2dbd9301705d06969fedbc77841bf6591540aebfebd7":"40deadcd87a8e07ea73bb1f29157c7ae8a35e02ee60f9f62ebe3ec4bb325c81c2a17bcf6b863cad6ae29356c0e7f3d82052802fd7a14dc73954c78efd49b2d32f072b137af16a05bc97034b2102c25d6ae68df7141b101f468d79078033015763326dc3ce8bb2e960e7fed09905044ba2164deceafefd545e67a5715fe7e5a1fe51cc356096344245d431dc19eff99b402981b8531a8702f2ff1bf268716793367db8d0f6f454db57b6ae9164596850811fa2bf01dfdf91799b1b54c9773ddaa23164484fddc2cc781c1ff31393ea203420ab2cdfefe514d3089df1b20eba32c003576da5a9712c5c0ad744fa03df197f2ca8463df44d16135f05e1eab014073" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #4 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"95b698a454070603efe15cb4c359ae946da756d124939f916d67d77aaa0608d8e577b5f5567ba3c075128b528a6ecbcc2ff6d8d15ddd68039173c4b70df3651f4cb5ac62957781ac91563324a56b47409b02699662f68022be2d93eac367a21026ae95ff0cba67a630e4bd8e53469215":"de401ad1d2c339934a47822421eba0fb79c89863d1df0ef5d47e6be5bb3a8c48":"a002954ae5f7676a3230533dbdf59252ef051acc76574bd519ad56882bbf46e6":"5e3de2b53936a7890db7248802bb95e9093d9d7a15a9378d8f4ba42c52e679dd":"772a05c279c7fd85750793ee81bfc32719573ec519f5b64b0386e6414b73b153163fdd1dab6d22c637397a30adf86594de90c32f6482d50539eae8775799b89e4c6471493df4f90ce0b694fe1a81fb5b93bfd2719ee69cc576e632cc886824deb7622d487af450e95bd55a609ac30e95adde47b83ac654474c18f615dbfda68267cec8bcf70d094df6301e858d3076db2a85b2b4b3d94de82a6e0720d535d36d6e952811cc371b1e828b86fe00870aa5c55e575a6903303f9e2dbca40e5b66326192f1728bb89fa7d77e6d32cbf5f18b3306206c39697b71c404e38d496c52639f98eef9203baff52837a872f7688b53318c870d3b8cb024c865c81c3ad8b71e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #5 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"d7d3e83dd979bcfb524074f12a90f78873e983c2aa90e0241f00d2c691a4702bb452dbcc69a7793cc2081b984033295c4435495713c20295aa97bf42babb66edb4856370b9701020a8a79df7381650fd7a3aa5ace4bf54b3331a8d4092c19fde08cd51a06146cdfab9e3a32e5cd02b35":"5612ed7d790419dceab4befdce6e4e687d335a3aa972d8809db6291e3001f825":"915028d0610160a2516e926f06ed34b18ad1064b6efd56566494a92a3fa0eea5":"86cf5bdf061711d2361ab6d79c731c2fcf9aa47ae5bb5f6294486a14081b1862":"cf1b0dbfc3f6f3ab526299b7f7d8ce1a945bdeb0c0f6305cdd6876d40d5649ace9e78fbe2e1df6511145635f5acae90b6b9a38393db4bdabcb2fc5e93d252a2098fc082917b1485d387ac5e2efdb5fce0e82bf200ce0d1f6c7b5d22fba062574d9234fc9185f096848d10141ad39571035b3769a521165f7b63a0050a22485d8a47870028d3f3b6437938c3cb51781db9fda64019c049dbb7335dcf7c9c71f1ccf27cff4d379a274fea0d026f5de1dc8866f1dcf883e2e0fdb6316059d5172a6c1faa3203969969defcd8f367ce859aebf998349ba979afa5e63d94588ff02e3a428e93b98464997829cdd4b605a44393057fa27a2fb780b7daff4b64ad73b91" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #6 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"c1e64b99394e1241b31ffb7b482cfaaacf5f2fbc251f954e7e3dc0866aa81856a16ce83d9ce70b71479ae9ccd6c59ea4e99986d1e09ab16eb1f48b99cb9bc9d63701f6a9a1af0b1d8057339d5d7ffeacc8e5729134ef2148663227e348dc31b9d56626c0d43478d5d53bfe998fb85b1f":"42be743f8a9c0187d2d54b596caf64dfa630d60bd8c6de0b126d6a151d823cdc":"e925684793bf51a8a4a46c2ac5b91ed40843efd0878336f983f1001722231f1d":"df019e78efc5d3a85fbd9056ad05f97de81be05c069b32e68792ba8f5a775fb3":"cc3df6f1cbb0e1bd937e64b2d8be12c07cb256369040d834037226b96e4b8e7232c2abfcbbdc0bc2c432414845c5ebbc35fa4e903d5df19aef62dc702b20d0346daf20caebd8819df9210a721be34d9df72603a4370c0c6a653979d19282505d64ae09e0922149759ca0f5324f665eb83ceaf6dd46771c520b96885a8503b6be333ef6aa8d83d370edf100edb13b86724234442a15cc23f89359f629a2a15b645c2510099c0263d25e310567d822bf03aebbd4bac392b999414bd013fdb00b4fba8e30afb17f50145d11302d71dddad30ce6678fbede83e567a97f4deb3b1759e191319697efd9486f2b502a94e01c00a9b5b76230036665fc5d87f8c9e2fb4e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #7 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"071b46d52085a658309f2c35bdab443e1509aca159c1fb9c222951affaf1a243d0bdcfbcaa247fcb8da53fed8e5f8b3eed2fd022c96bdd6e86bff89beaa99f2bc34963d3ef118df9a5525a910c9540aeac5166f65f5d05c6277260081aa9b71ac58cbb5f1ba5000d4d8078c5a30d282c":"7ca33e3345bb333a5b1f412a6d57f8ebad65b427ccbbd7fe3ac837691da39219":"60efb3c75aeb2f4fb208659f20e79eb41d8d9b422066c235a14b9420bdf6f172":"4e2675c8009b5bde9882ce940d42daefe402fb11379e07db9a4c0c763e97f319":"80b56a4bbea08b2bb09fda9cb04b1ee7bda0164c2f12271d8857ee3af102ab25c56836354052e3d85bb02cf13607d746a62b24eafc989b35d4ba25449823bc1e7b14937523f96713c9098ef2ac3f9765070076f28d76c7e3c2a0fe7b6afd0ac2167ae070a7ff19c5bbce52948abbe94f0d55a5d1beb31a665e97f56f3b92314cad9ba764cc2e3d0c00064ca1b4f3efda14e7e0aca431b427dfef2443d9e3b8a6567c26eb0ddb166f9dd247371407676c6a46fcaa0f9f67f49276676369b725da29aa9ebb7c3e186de460452cc81c02266bb6e79a119c54f4bed8bc3de709bf6a62593273f4680136e95d6d121727d9fad55c4a110a08be1e0a06cdef98aa04eb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #8 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"06c7a8a74b6fe9e14fa2475ef8b8a1ff9610bfc1b4b93cf53a8c844d7dbac08ff743ea1bfc6c10d7707b5172a29af054491b573dc2cde1a3e74262f4fd2e9ec819ecae830db4f0c7021028737ffc5bc025a216f658065e27314c30c04925051c0d7caf6ef440cae263f49148c0398007":"1a33793d255386d47952bfc1f63ec15caff3603d5c28b2acdd799673affab589":"7eade98e717aaa32f74b033163ad76489a7d682783d2db67b9696ecc7b9be57a":"58369a241166bcc87e713b28b4ae216a8e61f8cba83969d42b91e55283286af6":"7bc84544b68eadac9cf1ca907d9166e094844b396e5d54672ec88dac573418125d50befe1097e2f3438aaaf3f13182ccf4593bddd52d6a41a5e58f267c6f0817d8d1ce3327a611f9fc591ae64c7c18d61958a598e0ec4383e25b46dfd34db10f609cf53ed76c86116018fc8e9027aa2f0b0fb3f22d6b86b11311daa5e78d1f4105ae4ac67f63707400b0f054b6f3d71f26ca5d463192952fb39ae00326db9cb1dc028525c31aa9beb7c3d299070cc3ed8279b8ca32940b21273afe8016d8069a577acdba6bf6d2fe327b2f6dc9c5c7875da6c3f584516db0365d16670db6d90cc1e5bb5309ce9fc8234326ddd68706e1d76830202cdba770bd40046b751f3c15" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #9 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"d5552efbb7f33481a574589c4bb56dbe43000ffe9ea67fd0c8d5638092c8469944a150b0dc1315ab0484976b128ccc961734d226d66c77dab3c22558ff2225e32191aa2dcec8e47a56f757f71c081acaf5df357c07952cf6de2e3564813ded982f72069ed1bcff6b48ba4b4625ba247b":"345b4acb2b0cac82139fd516ec3d39292438a916d2d2c8e97ef265a1192a65a9":"732451ce7bf5acc84a05de3474b622d07bd3d01eb6e3724538e454c4d669a994":"7c7ef660cebee96b425485296a8e88c37c66e385eb1cf7389a95c46fa68a34f6":"d82473db3bd554cdcb2aadbaaa9c919087d9b7bc8d883f99bc95a19fcf96f25698fca8a134ce441414852166998a6ee2f6a18f9f667907f8f8bcd0d2ade7dfcc03cbd6ecbcf3dec46558154dab59717f386bb33c9df9456b258feea593ae1d9bfe70799fce4b25cd6ffd0815e849cf93b496d6ef36cce4e14fc3de1506dbf34f7111b48027ce2aded4140bea8311d5de9df5290e80fb65462fc5433e00c344a3657f47f6a7b992c6ae362afd462280e7830d317192bd8dd26dfefe779dfd69ebfca34038b078c01644857c60c1f6db9da9877cbd2721d0b26a67c4eee1bc43f6d632110759e1e31e7c3d6105e3da30d297b69eb04e880d1f2bff2a54ea798178" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #10 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"bee5dd72828806929757afa02a92c5c54d86c5015047379b717c6608a71239b15255de5a2bd27e9c6ef23046c8a8217bd89744552137b24d93e5ed41250ecbcf6ec77734fed7a40680e801ea277e8c6eae57b4328acb1e1dfa04d0b5f799ce1e2f111c3fe8c9f954fdad6aceac7d27cd":"4c3c54284845fb2a494d1e452b2ba1eb0d3456cfa9560ca7c60878e8458eb7f3":"a8a333527a2158a087879a6f950d2af8d093c4f67945a140549a5e93e405b886":"bfa0025ac9774ac767a4d3810c27a3c8e3e48780cd0597a5a401f6c9b0067e7e":"ef4c169fe5fdb37142c71734b5b5c855a3b7693a0d78f48d76199aafa3d399b057ea78b2f1187bbd3215bca52e3bcdfbb74d1d0c1fbf91e7a81f7c3f6d8ff5276ca906704d2d3556ec8ec1d6d7ba9e7dd73738a7e90b1398d800617f3a5487179439e25d0a9d4ec4e38699b3703020a99c533a6282000544296e63b6ffe12dcaf3864a8502a68482f90fa7fe9aba6ca9e9a74c6e3f89541d18f2a909737280ac8e772fcce6a117411f36c9e82f2d77fc7a03e2f13f97da5bfd6bf69f1d46a64c519046e6d0d379964723bab2b89be9ec91a3e5a33c53a73304c1e89620188aa2e0b8e4112c5699e6a99d66b395cfbd2502e567a0a9e35ede140681b2ffd95fe4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #11 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"754e542dbb453f10f41e1361164f5e1ffda67a024ba26701cc86066caf2f9477a074690faa069cfec6fa38d8b2506aca34fd27d66708876f28d8ac08d28eeefcb728fb6226559d5a0646a8e183807a8e08469cc5535712a4426ddc5a340b6c71607ee1e2df489528a266b141d7c977ca":"3a9193fbb67a0fdd732a788d3ae5783de84968794b8c4c0b5ad4de067a5d1fe5":"034db3c40c2c181cb4d635aaf08f05e724f418ecf7b3d2ba6863e9ede616857f":"50058bcdd53c9d257dab7846fedca4ef99ed069604002cf58ab27014ca7100c0":"1d30904d8cd4e37357b1b9b4ad060fac12d1cf1d05e2b5b2fcc48bff12643b60f5e40a3f3e542e46804ddb904581cbd576f0dbb4b83b49af83c48b6c68051d7c7f4bbf09d3a4f999db4776089cbed57dd2a75be826ee34e13dd802d7dfa4442a0a0fe154ec9efe6684d6a400d04fa404123ba54d6b89b7dfeca4d4547e3197218dc36be5c0137c94b889c1aa22b7567887551eab168d365d11a5fbd0eb15116e929468e8eb445608d91388a9b3b05c95b9733bb3ff08d96c0899b50b47c570d75323c4d24062820b0a9afc7bb2771fe163ddceb411470f33554822e30dfceeefd0798ac9e4a48b8d30c8f725a4df6568d15a750131998e252dbf9199135f817f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #12 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"42824bd8944f49479f07cf6af8f02aeebda3ac074ab72a9eca8850c99b909d081f2382d4ecc9e923bf1a588f8db10bdce61c6f452c8e15c0f003d2231ce5cb69292ae1a37c602aa889f0d56df049717bd99005ff353c08eb29ebb8cee3aafeb52b3867a61a76335d86c2d7808ac94bba":"2b573345c4fbdb8382bbdac1d3e2c38fbafbcb599c67412296fb6912e1a640ac":"a5f43abb4634bedf1b199dcf6394bd3504ffa0cdc151b4e53cd0772d86a43f60":"a2f1ac52ec46d93b3b944055b7205da8fee95c9a3241418cfbdfb0e9ece9143a":"c751240283ec2480f6c7720c31e1f9f70c23907b38602ff74f707a14ac10989e29d1ec2e81d4cf85a9bd3440f445fdb9ef7955bdd2beecb5f3c69475b71abfb4ebd5134144b24b011e2fa6026d84f8fb511c7a44f2ad7cd212acf089dea4bf2db5be9a24cded5be8ad0b8ed17bbf0c5668fd644daa863616f68278b5f6dd95ab238451966bb5ae6679d1e99bad610befd419ac6bdab3440b7001139af8a2fca35c74ae65d05f490a480caafa1e3487b78450a5ba59fc0a59220395e14685d02f6b4180c72977f095e33c5cb5048b63bcca2767061c97c616f494c775c5d37a67c5ce996e94bb8ffde4a8dd3de97b74493c9b2d985a2492e1f97fba947d2940c5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #13 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"9d899a56a0660f18b98c921b0d409550fc225ffcfb975e9ec6b2315bc9a1eb3f68fc77abc3452380e30ac761a20a91565f5ce875a82ee08a46a1fc5d4aaa8918fb23970428c863dd1b24606b0118476b150f7a47f3962dfdd8ddec93fc8f82df7cda58cb3bb5623610eec69bdd0722a0":"67bf61b3eca94013fc165b110eafcb9126917a0ce7e2d9bdf7ef1b38bab6ca4b":"db144f531cee5efadc505f4d37a6e5413f638d46d419fbac76f81ecb63ea2809":"d737b2ba62c1ec1c766f30a5dea7363b5c570c1e7a33fb65c3fb89eab41f748e":"de518ac3034859a43cf6701722555be929a5ab2658de326696068b970ff2f77c75083fee45a6660b82fd1e960b472a50d96535559f60b3e3131a2e051af118063c1cc8b1356014538e6ed0e2da05c90baa041085f8f1575fc3103293a0303751077438a081fa3bc5c64aeeea5c4b34fb6957e91db47bc3f73710087db9843efa1a62e9f615843f69f3f450d6c58b33b1a4d55509df2f34b8a14407cd1a87dc9581dbe180e2d839417a4f6ca6a731aae3f08b515df8200890baae9b79db798c8e530b6a03ad13c3c08baa4cff0b055f35dbbc6cd08fbcac7c0fb78f8754921e000e622ce3042e740c64bc935aca85d7132723de8453c543d5cd5a40748e286b8f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 256, 256) #14 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 hmac_drbg_pr:MBEDTLS_MD_SHA512:"ae767959378e9f031c8f68d778cfc0dce1f9b4cc176c5f9f9f4c9c3aed9435f482585a0711812c3c79bda619b942c6eb8f5abbe8540aaeeedeaaeb52c156d07d8669179fc6967884db69c17186cb8fc96f2de9b0ac5922ab53c595df1e3513bb3f2642b458d96e3782dbb975a8b4faed":"830f178cf5f544140d2d8c0737790b97bc6f150784865548d73f1f37a5a39a65":"cb12a2b9a02aaaeae4c7c76cad9e006186d978bc046c1ea81532bc51601ede00":"2d3dde3b3581b863e1590bdc638c33bfd170555445e225f3a450d9e9762abec1":"fddf7f1b906861d49da9660e7716b5ef987163e7e2f51f4fef2cb3e8d01b736067765aaea11a7d193266b2e0071e4d4c8cc776399464563adb9deae22bd721ed03b148516100b9f340a00d2632c80c5b3e1f93825ffeb112fb90e658d638740e62d8031fabfe40f79c20532e667aeacc6be635f64a0580236d7d978c5db017c76a6767dc419ba2f89102a88e53254f41205866e875225380ae04943bcc8f152c9fd79a680557d1f2a0a8ac7b27900bba33db63e26e0d7363034af1430b6546a3ce2c01c8cfe0e152f106baa5b2fae1fe00cef10154b735fdfae354ececc7da44c914b054cd97d99866a9d5df42765cd62eaf1b8adc885fa2263911c837b4643f" diff --git a/tests/suites/test_suite_lmots.function b/tests/suites/test_suite_lmots.function index 8f06ee5a4..293287aab 100644 --- a/tests/suites/test_suite_lmots.function +++ b/tests/suites/test_suite_lmots.function @@ -122,7 +122,7 @@ void lmots_verify_test(data_t *msg, data_t *sig, data_t *pub_key, continue; } - ASSERT_ALLOC(tmp_sig, size); + TEST_CALLOC(tmp_sig, size); if (tmp_sig != NULL) { memcpy(tmp_sig, sig->x, MIN(size, sig->len)); } @@ -154,7 +154,7 @@ void lmots_import_export_test(data_t *pub_key, int expected_import_rc) if (expected_import_rc == 0) { exported_pub_key_buf_size = MBEDTLS_LMOTS_PUBLIC_KEY_LEN(MBEDTLS_LMOTS_SHA256_N32_W8); - ASSERT_ALLOC(exported_pub_key, exported_pub_key_buf_size); + TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size); TEST_EQUAL(mbedtls_lmots_export_public_key(&ctx, exported_pub_key, exported_pub_key_buf_size, @@ -162,14 +162,14 @@ void lmots_import_export_test(data_t *pub_key, int expected_import_rc) TEST_EQUAL(exported_pub_key_size, MBEDTLS_LMOTS_PUBLIC_KEY_LEN(MBEDTLS_LMOTS_SHA256_N32_W8)); - ASSERT_COMPARE(pub_key->x, pub_key->len, - exported_pub_key, exported_pub_key_size); + TEST_MEMORY_COMPARE(pub_key->x, pub_key->len, + exported_pub_key, exported_pub_key_size); mbedtls_free(exported_pub_key); exported_pub_key = NULL; /* Export into too-small buffer should fail */ exported_pub_key_buf_size = MBEDTLS_LMOTS_PUBLIC_KEY_LEN(MBEDTLS_LMOTS_SHA256_N32_W8) - 1; - ASSERT_ALLOC(exported_pub_key, exported_pub_key_buf_size); + TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size); TEST_EQUAL(mbedtls_lmots_export_public_key(&ctx, exported_pub_key, exported_pub_key_buf_size, NULL), MBEDTLS_ERR_LMS_BUFFER_TOO_SMALL); @@ -178,13 +178,13 @@ void lmots_import_export_test(data_t *pub_key, int expected_import_rc) /* Export into too-large buffer should succeed */ exported_pub_key_buf_size = MBEDTLS_LMOTS_PUBLIC_KEY_LEN(MBEDTLS_LMOTS_SHA256_N32_W8) + 1; - ASSERT_ALLOC(exported_pub_key, exported_pub_key_buf_size); + TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size); TEST_EQUAL(mbedtls_lmots_export_public_key(&ctx, exported_pub_key, exported_pub_key_buf_size, &exported_pub_key_size), 0); - ASSERT_COMPARE(pub_key->x, pub_key->len, - exported_pub_key, exported_pub_key_size); + TEST_MEMORY_COMPARE(pub_key->x, pub_key->len, + exported_pub_key, exported_pub_key_size); mbedtls_free(exported_pub_key); exported_pub_key = NULL; } diff --git a/tests/suites/test_suite_lms.function b/tests/suites/test_suite_lms.function index bfc3e062b..7116f6181 100644 --- a/tests/suites/test_suite_lms.function +++ b/tests/suites/test_suite_lms.function @@ -124,7 +124,7 @@ void lms_verify_test(data_t *msg, data_t *sig, data_t *pub_key, continue; } - ASSERT_ALLOC(tmp_sig, size); + TEST_CALLOC(tmp_sig, size); if (tmp_sig != NULL) { memcpy(tmp_sig, sig->x, MIN(size, sig->len)); } @@ -156,7 +156,7 @@ void lms_import_export_test(data_t *pub_key, int expected_import_rc) if (expected_import_rc == 0) { exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10); - ASSERT_ALLOC(exported_pub_key, exported_pub_key_buf_size); + TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size); TEST_EQUAL(mbedtls_lms_export_public_key(&ctx, exported_pub_key, exported_pub_key_buf_size, @@ -164,14 +164,14 @@ void lms_import_export_test(data_t *pub_key, int expected_import_rc) TEST_EQUAL(exported_pub_key_size, MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10)); - ASSERT_COMPARE(pub_key->x, pub_key->len, - exported_pub_key, exported_pub_key_size); + TEST_MEMORY_COMPARE(pub_key->x, pub_key->len, + exported_pub_key, exported_pub_key_size); mbedtls_free(exported_pub_key); exported_pub_key = NULL; /* Export into too-small buffer should fail */ exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10) - 1; - ASSERT_ALLOC(exported_pub_key, exported_pub_key_buf_size); + TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size); TEST_EQUAL(mbedtls_lms_export_public_key(&ctx, exported_pub_key, exported_pub_key_buf_size, NULL), MBEDTLS_ERR_LMS_BUFFER_TOO_SMALL); @@ -180,13 +180,13 @@ void lms_import_export_test(data_t *pub_key, int expected_import_rc) /* Export into too-large buffer should succeed */ exported_pub_key_buf_size = MBEDTLS_LMS_PUBLIC_KEY_LEN(MBEDTLS_LMS_SHA256_M32_H10) + 1; - ASSERT_ALLOC(exported_pub_key, exported_pub_key_buf_size); + TEST_CALLOC(exported_pub_key, exported_pub_key_buf_size); TEST_EQUAL(mbedtls_lms_export_public_key(&ctx, exported_pub_key, exported_pub_key_buf_size, &exported_pub_key_size), 0); - ASSERT_COMPARE(pub_key->x, pub_key->len, - exported_pub_key, exported_pub_key_size); + TEST_MEMORY_COMPARE(pub_key->x, pub_key->len, + exported_pub_key, exported_pub_key_size); mbedtls_free(exported_pub_key); exported_pub_key = NULL; } diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index a74106835..fb9b5effa 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -1,1018 +1,1261 @@ # Tests of the generic message digest interface -MD process -mbedtls_md_process: +MD list +mbedtls_md_list: + +MD <-> PSA conversion +md_to_from_psa: MD NULL/uninitialised arguments md_null_args: Information on MD5 -depends_on:MBEDTLS_MD5_C +depends_on:MBEDTLS_MD_CAN_MD5 md_info:MBEDTLS_MD_MD5:"MD5":16 Information on RIPEMD160 -depends_on:MBEDTLS_RIPEMD160_C +depends_on:MBEDTLS_MD_CAN_RIPEMD160 md_info:MBEDTLS_MD_RIPEMD160:"RIPEMD160":20 Information on SHA1 -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 md_info:MBEDTLS_MD_SHA1:"SHA1":20 Information on SHA224 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_MD_CAN_SHA224 md_info:MBEDTLS_MD_SHA224:"SHA224":28 Information on SHA256 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 md_info:MBEDTLS_MD_SHA256:"SHA256":32 Information on SHA384 -depends_on:MBEDTLS_SHA384_C +depends_on:MBEDTLS_MD_CAN_SHA384 md_info:MBEDTLS_MD_SHA384:"SHA384":48 Information on SHA512 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 md_info:MBEDTLS_MD_SHA512:"SHA512":64 +Information on SHA3-224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +md_info:MBEDTLS_MD_SHA3_224:"SHA3-224":28 + +Information on SHA3-256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +md_info:MBEDTLS_MD_SHA3_256:"SHA3-256":32 + +Information on SHA3-384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +md_info:MBEDTLS_MD_SHA3_384:"SHA3-384":48 + +Information on SHA3-512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +md_info:MBEDTLS_MD_SHA3_512:"SHA3-512":64 + generic mbedtls_md5 Test vector RFC1321 #1 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" generic mbedtls_md5 Test vector RFC1321 #2 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"a":"0cc175b9c0f1b6a831c399e269772661" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"a":"0cc175b9c0f1b6a831c399e269772661" generic mbedtls_md5 Test vector RFC1321 #3 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"abc":"900150983cd24fb0d6963f7d28e17f72" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"abc":"900150983cd24fb0d6963f7d28e17f72" generic mbedtls_md5 Test vector RFC1321 #4 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"message digest":"f96b697d7cb7938d525a2f31aaf161d0" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"message digest":"f96b697d7cb7938d525a2f31aaf161d0" generic mbedtls_md5 Test vector RFC1321 #5 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" generic mbedtls_md5 Test vector RFC1321 #6 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" generic mbedtls_md5 Test vector RFC1321 #7 -depends_on:MBEDTLS_MD5_C -md_text:"MD5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text:MBEDTLS_MD_MD5:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" generic mbedtls_ripemd160 Test vector from paper #1 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" generic mbedtls_ripemd160 Test vector from paper #2 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" generic mbedtls_ripemd160 Test vector from paper #3 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" generic mbedtls_ripemd160 Test vector from paper #4 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" generic mbedtls_ripemd160 Test vector from paper #5 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" generic mbedtls_ripemd160 Test vector from paper #6 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" generic mbedtls_ripemd160 Test vector from paper #7 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" generic mbedtls_ripemd160 Test vector from paper #8 -depends_on:MBEDTLS_RIPEMD160_C -md_text:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text:MBEDTLS_MD_RIPEMD160:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + +generic mbedtls_sha3 SHA3-224 Test vector from CAVS 19.0 with Len = 8 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +md_hex:MBEDTLS_MD_SHA3_224:"01":"488286d9d32716e5881ea1ee51f36d3660d70f0db03b3f612ce9eda4" + +generic mbedtls_sha3 SHA3-256 Test vector from CAVS 19.0 with Len = 8 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +md_hex:MBEDTLS_MD_SHA3_256:"e9":"f0d04dd1e6cfc29a4460d521796852f25d9ef8d28b44ee91ff5b759d72c1e6d6" + +generic mbedtls_sha3 SHA3-384 Test vector from CAVS 19.0 with Len = 8 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +md_hex:MBEDTLS_MD_SHA3_384:"80":"7541384852e10ff10d5fb6a7213a4a6c15ccc86d8bc1068ac04f69277142944f4ee50d91fdc56553db06b2f5039c8ab7" + +generic mbedtls_sha3 SHA3-512 Test vector from CAVS 19.0 with Len = 8 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +md_hex:MBEDTLS_MD_SHA3_512:"e5":"150240baf95fb36f8ccb87a19a41767e7aed95125075a2b2dbba6e565e1ce8575f2b042b62e29a04e9440314a821c6224182964d8b557b16a492b3806f4c39c1" generic HMAC-MD5 Hash File OpenSSL test #1 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" generic HMAC-MD5 Hash File OpenSSL test #2 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" generic HMAC-MD5 Hash File OpenSSL test #3 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" HMAC-MD5 Bouncy Castle test #1 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc" generic HMAC-MD5 Test Vector RFC2202 #1 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" generic HMAC-MD5 Test Vector RFC2202 #2 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" generic HMAC-MD5 Test Vector RFC2202 #3 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" generic HMAC-MD5 Test Vector RFC2202 #4 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" generic HMAC-MD5 Test Vector RFC2202 #5 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" generic HMAC-MD5 Test Vector RFC2202 #6 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" generic HMAC-MD5 Test Vector RFC2202 #7 -depends_on:MBEDTLS_MD5_C -mbedtls_md_hmac:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_hmac:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" generic HMAC-RIPEMD160 Test vector RFC 2286 #1 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" generic HMAC-RIPEMD160 Test vector RFC 2286 #2 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" generic HMAC-RIPEMD160 Test vector RFC 2286 #3 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" generic HMAC-RIPEMD160 Test vector RFC 2286 #4 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" generic HMAC-RIPEMD160 Test vector RFC 2286 #5 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" generic HMAC-RIPEMD160 Test vector RFC 2286 #6 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" generic HMAC-RIPEMD160 Test vector RFC 2286 #7 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_hmac:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" generic multi step mbedtls_md5 Test vector RFC1321 #1 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" generic multi step mbedtls_md5 Test vector RFC1321 #2 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"a":"0cc175b9c0f1b6a831c399e269772661" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"a":"0cc175b9c0f1b6a831c399e269772661" generic multi step mbedtls_md5 Test vector RFC1321 #3 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"abc":"900150983cd24fb0d6963f7d28e17f72" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"abc":"900150983cd24fb0d6963f7d28e17f72" generic multi step mbedtls_md5 Test vector RFC1321 #4 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"message digest":"f96b697d7cb7938d525a2f31aaf161d0" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"message digest":"f96b697d7cb7938d525a2f31aaf161d0" generic multi step mbedtls_md5 Test vector RFC1321 #5 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"abcdefghijklmnopqrstuvwxyz":"c3fcd3d76192e4007dfb496cca67e13b" generic multi step mbedtls_md5 Test vector RFC1321 #6 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"d174ab98d277d9f5a5611c2c9f419d9f" generic multi step mbedtls_md5 Test vector RFC1321 #7 -depends_on:MBEDTLS_MD5_C -md_text_multi:"MD5":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" +depends_on:MBEDTLS_MD_CAN_MD5 +md_text_multi:MBEDTLS_MD_MD5:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"57edf4a22be3c955ac49da2e2107b67a" generic multi step mbedtls_ripemd160 Test vector from paper #1 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31" generic multi step mbedtls_ripemd160 Test vector from paper #2 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"a":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe" generic multi step mbedtls_ripemd160 Test vector from paper #3 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"abc":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" generic multi step mbedtls_ripemd160 Test vector from paper #4 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"message digest":"5d0689ef49d2fae572b881b123a85ffa21595f36" generic multi step mbedtls_ripemd160 Test vector from paper #5 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"abcdefghijklmnopqrstuvwxyz":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc" generic multi step mbedtls_ripemd160 Test vector from paper #6 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq":"12a053384a9c0c88e405a06c27dcf49ada62eb2b" generic multi step mbedtls_ripemd160 Test vector from paper #7 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"b0e20b6e3116640286ed3a87a5713079b21f5189" generic multi step mbedtls_ripemd160 Test vector from paper #8 -depends_on:MBEDTLS_RIPEMD160_C -md_text_multi:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_text_multi:MBEDTLS_MD_RIPEMD160:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + +generic multi step mbedtls_sha3 SHA3-224 Test vector from CAVS 19.0 with Len = 48 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +md_hex_multi:MBEDTLS_MD_SHA3_224:"e7183e4d89c9":"650618f3b945c07de85b8478d69609647d5e2a432c6b15fbb3db91e4" + +generic multi step mbedtls_sha3 SHA3-256 Test vector from CAVS 19.0 with Len = 48 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +md_hex_multi:MBEDTLS_MD_SHA3_256:"e6fd42037f80":"2294f8d3834f24aa9037c431f8c233a66a57b23fa3de10530bbb6911f6e1850f" + +generic multi step mbedtls_sha3 SHA3-384 Test vector from CAVS 19.0 with Len = 48 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +md_hex_multi:MBEDTLS_MD_SHA3_384:"5a6659e9f0e7":"21b1f3f63b907f968821185a7fe30b16d47e1d6ee5b9c80be68947854de7a8ef4a03a6b2e4ec96abdd4fa29ab9796f28" + +generic multi step mbedtls_sha3 SHA3-512 Test vector from CAVS 19.0 with Len = 48 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +md_hex_multi:MBEDTLS_MD_SHA3_512:"71a986d2f662":"def6aac2b08c98d56a0501a8cb93f5b47d6322daf99e03255457c303326395f765576930f8571d89c01e727cc79c2d4497f85c45691b554e20da810c2bc865ef" generic multi step HMAC-MD5 Hash File OpenSSL test #1 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284" generic multi step HMAC-MD5 Hash File OpenSSL test #2 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"a16a842891786d01fe50ba7731db7464" generic multi step HMAC-MD5 Hash File OpenSSL test #3 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2" generic multi step HMAC-MD5 Test Vector RFC2202 #1 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"9294727a3638bb1c13f48ef8158bfc9d" generic multi step HMAC-MD5 Test Vector RFC2202 #2 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"750c783e6ab0b503eaa86e310a5db738" generic multi step HMAC-MD5 Test Vector RFC2202 #3 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"56be34521d144c88dbb8c733f0e8b3f6" generic multi step HMAC-MD5 Test Vector RFC2202 #4 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"697eaf0aca3a3aea3a75164746ffaa79" generic multi step HMAC-MD5 Test Vector RFC2202 #5 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:12:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"56461ef2342edc00f9bab995" generic multi step HMAC-MD5 Test Vector RFC2202 #6 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd" generic multi step HMAC-MD5 Test Vector RFC2202 #7 -depends_on:MBEDTLS_MD5_C -md_hmac_multi:"MD5":16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" +depends_on:MBEDTLS_MD_CAN_MD5 +md_hmac_multi:MBEDTLS_MD_MD5:16:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"6f630fad67cda0ee1fb1f562db3aa53e" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #1 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #2 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"4a656665":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"dda6c0213a485a9e24f4742064a7f033b43c4069" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #3 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"b0b105360de759960ab4f35298e116e295d8e7c1" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #4 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0102030405060708090a0b0c0d0e0f10111213141516171819":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #5 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"546573742057697468205472756e636174696f6e":"7619693978f91d90539ae786500ff3d8e0518e39" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #6 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"6466ca07ac5eac29e1bd523e5ada7605b791fd8b" generic multi step HMAC-RIPEMD160 Test vector RFC 2286 #7 -depends_on:MBEDTLS_RIPEMD160_C -md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +md_hmac_multi:MBEDTLS_MD_RIPEMD160:20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a" generic MD5 Hash file #1 -depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415" generic MD5 Hash file #2 -depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_2":"d17d466f15891df10542207ae78277f0" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_2":"d17d466f15891df10542207ae78277f0" generic MD5 Hash file #3 -depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_3":"d945bcc6200ea95d061a2a818167d920" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_3":"d945bcc6200ea95d061a2a818167d920" generic MD5 Hash file #4 -depends_on:MBEDTLS_MD5_C -mbedtls_md_file:"MD5":"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e" +depends_on:MBEDTLS_MD_CAN_MD5 +mbedtls_md_file:MBEDTLS_MD_MD5:"data_files/hash_file_4":"d41d8cd98f00b204e9800998ecf8427e" generic RIPEMD160 Hash file #0 (from paper) -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_5":"52783243c1697bdbe16d37f97f68f08325dc1528" generic RIPEMD160 Hash file #1 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_1":"82f1d072f0ec0c2b353703a7b575a04c113af1a6" generic RIPEMD160 Hash file #2 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_2":"996fbc8b79206ba7393ebcd246584069b1c08f0f" generic RIPEMD160 Hash file #3 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_3":"8653b46d65998fa8c8846efa17937e742533ae48" generic RIPEMD160 Hash file #4 -depends_on:MBEDTLS_RIPEMD160_C -mbedtls_md_file:"RIPEMD160":"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31" +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_md_file:MBEDTLS_MD_RIPEMD160:"data_files/hash_file_4":"9c1185a5c5e9fc54612808977ee8f548b2258d31" generic HMAC-SHA-1 Test Vector FIPS-198a #1 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":"53616d706c65202331":"4f4ca3d5d68ba7cc0a1208c9c61e9c5da0403c0a" generic HMAC-SHA-1 Test Vector FIPS-198a #2 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"303132333435363738393a3b3c3d3e3f40414243":"53616d706c65202332":"0922d3405faa3d194f82a45830737d5cc6c75d24" generic HMAC-SHA-1 Test Vector FIPS-198a #3 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:20:"505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3":"53616d706c65202333":"bcf41eab8bb2d802f3d05caf7cb092ecf8d1a3aa" generic HMAC-SHA-1 Test Vector FIPS-198a #4 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:12:"707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0":"53616d706c65202334":"9ea886efe268dbecce420c75" generic HMAC-SHA-1 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"7b10f4124b15c82e":"27dcb5b1daf60cfd3e2f73d4d64ca9c684f8bf71fc682a46793b1790afa4feb100ca7aaff26f58f0e1d0ed42f1cdad1f474afa2e79d53a0c42892c4d7b327cbe46b295ed8da3b6ecab3d4851687a6f812b79df2f6b20f11f6706f5301790ca99625aad7391d84f78043d2a0a239b1477984c157bbc9276064e7a1a406b0612ca":"4ead12c2fe3d6ea43acb" generic HMAC-SHA-1 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4fe9fb902172a21b":"4ceb3a7c13659c22fe51134f03dce4c239d181b63c6b0b59d367157fd05cab98384f92dfa482d2d5e78e72eef1b1838af4696026c54233d484ecbbe87f904df5546419f8567eafd232e6c2fcd3ee2b7682c63000524b078dbb2096f585007deae752562df1fe3b01278089e16f3be46e2d0f7cabac2d8e6cc02a2d0ca953425f":"564428a67be1924b5793" generic HMAC-SHA-1 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"d1f01455f78c4fb4":"00d40f67b57914bec456a3e3201ef1464be319a8d188c02e157af4b54f9b5a66d67f898a9bdbb19ff63a80aba6f246d013575721d52eb1b47a65def884011c49b257bcc2817fc853f106e8138ce386d7a5ac3103de0a3fa0ed6bb7af9ff66ebd1cc46fb86e4da0013d20a3c2dcd8fb828a4b70f7f104b41bf3f44682a66497ea":"56a665a7cdfe610f9fc5" generic HMAC-SHA-1 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4e5ef77fdf033a5b":"e59326464e3201d195e29f2a3446ec1b1c9ff31154e2a4d0e40ed466f1bc855d29f76835624fa0127d29c9b1915939a046f385af7e5d47a23ba91f28bd22f811ea258dbbf3332bcd3543b8285d5df41bd064ffd64a341c22c4edb44f9c8d9e6df0c59dbf4a052a6c83da7478e179a6f3839c6870ff8ca8b9497f9ac1d725fdda":"981c0a7a8423b63a8fa6" generic HMAC-SHA-1 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"bcd9ff8aa60be2be":"51be4d0eb37bab714f92e19e9d70390655b363e8cd346a748245e731f437759cb8206412c8dab2ef1d4f36f880f41ff69d949da4594fdecb65e23cac1329b59e69e29bf875b38c31df6fa546c595f35cc2192aa750679a8a51a65e00e839d73a8d8c598a610d237fbe78955213589d80efcb73b95b8586f96d17b6f51a71c3b8":"84633f9f5040c8971478" generic HMAC-SHA-1 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"4a661bce6ed86d21":"5ff6c744f1aab1bc29697d71f67541b8b3cec3c7079183b10a83fb98a9ee251d4bac3e1cb581ca972aaed8efd7c2875a6fb4c991132f67c9742d45e53bc7e8eaa94b35b37a907be61086b426cd11088ac118934e85d968c9667fd69fc6f6ea38c0fe34710b7ece91211b9b7ea00acd31f022aa6726368f9928a1352f122233f1":"739df59353ac6694e55e" generic HMAC-SHA-1 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA1_C -mbedtls_md_hmac:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_md_hmac:MBEDTLS_MD_SHA1:10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" generic HMAC-SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" generic HMAC-SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" generic HMAC-SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" generic HMAC-SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" generic HMAC-SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" generic HMAC-SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" generic HMAC-SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA224_C -mbedtls_md_hmac:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_md_hmac:MBEDTLS_MD_SHA224:28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" generic HMAC-SHA-256 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc" +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"cdffd34e6b16fdc0":"d83e78b99ab61709608972b36e76a575603db742269cc5dd4e7d5ca7816e26b65151c92632550cb4c5253c885d5fce53bc47459a1dbd5652786c4aac0145a532f12c05138af04cbb558101a7af5df478834c2146594dd73690d01a4fe72545894335f427ac70204798068cb86c5a600b40b414ede23590b41e1192373df84fe3":"c6f0dde266cb4a26d41e8259d33499cc" generic HMAC-SHA-256 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498" +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"6d97bb5892245be2":"13c2b391d59c0252ca5d2302beaaf88c4bcd779bb505ad9a122003dfae4cc123ad2bd036f225c4f040021a6b9fb8bd6f0281cf2e2631a732bdc71693cc42ef6d52b6c6912a9ef77b3274eb85ad7f965ae6ed44ac1721962a884ec7acfb4534b1488b1c0c45afa4dae8da1eb7b0a88a3240365d7e4e7d826abbde9f9203fd99d7":"31588e241b015319a5ab8c4527296498" generic HMAC-SHA-256 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438" +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_md_hmac:MBEDTLS_MD_SHA256:16:"3c7fc8a70b49007a":"60024e428a39c8b8bb2e9591bad9dc2115dfbfd716b6eb7af30a6eb34560caccbbfa47b710fa8d523aca71e9e5ba10fc1feb1a43556d71f07ea4f33496f093044e8caf1d02b79e46eb1288d5964a7a7494f6b92574c35784eece054c6151281d80822f7d47b8231c35d07f5cb5cf4310ddc844845a01c6bfab514c048eccaf9f":"1c98c94a32bec9f253c21070f82f8438" generic HMAC-SHA-256 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c" +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"369f33f85b927a07":"ae8e2a94ca386d448cbacdb0e9040ae3cb297c296363052cc157455da29a0c95897315fc11e3f12b81e2418da1ec280bccbc00e847584ce9d14deeba7b3c9b8dba958b04bba37551f6c9ba9c060be1a4b8cf43aa62e5078b76c6512c5619b71a6a7cf5727180e1ff14f5a1a3c1691bf8b6ebad365c151e58d749d57adb3a4986":"60b90383286533d309de46593e6ce39fc51fb00a8d88278c" generic HMAC-SHA-256 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412" +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"e5179687582b4dc4":"ce103bdacdf32f614f6727bcb31ca1c2824a850d00f5585b016fb234fe1ef2cd687f302d3c6b738ed89a24060d65c36675d0d96307c72ef3e8a83bfa8402e226de9d5d1724ba75c4879bf41a4a465ce61887d9f49a34757849b48bae81c27ebed76faae2ad669bca04747d409148d40812776e0ae2c395b3cb9c89981ce72d5c":"509581f6816df4b8cc9f2cf42b7cc6e6a5a1e375a16f2412" generic HMAC-SHA-256 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C -mbedtls_md_hmac:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_md_hmac:MBEDTLS_MD_SHA256:24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic HMAC-SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA384_C -mbedtls_md_hmac:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic HMAC-SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA384_C -mbedtls_md_hmac:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic HMAC-SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA384_C -mbedtls_md_hmac:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_md_hmac:MBEDTLS_MD_SHA384:32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic HMAC-SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA384_C -mbedtls_md_hmac:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] -depends_on:MBEDTLS_SHA384_C -mbedtls_md_hmac:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] -depends_on:MBEDTLS_SHA384_C -mbedtls_md_hmac:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_md_hmac:MBEDTLS_MD_SHA384:48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic HMAC-SHA-512 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c" +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"c95a17c09940a691ed2d621571b0eb844ede55a9":"99cd28262e81f34878cdcebf4128e05e2098a7009278a66f4c785784d0e5678f3f2b22f86e982d273b6273a222ec61750b4556d766f1550a7aedfe83faedbc4bdae83fa560d62df17eb914d05fdaa48940551bac81d700f5fca7147295e386e8120d66742ec65c6ee8d89a92217a0f6266d0ddc60bb20ef679ae8299c8502c2f":"6bc1379d156559ddee2ed420ea5d5c5ff3e454a1059b7ba72c350e77b6e9333c" generic HMAC-SHA-512 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2" +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"3b10b8fa718840d1dea8e9fc317476bcf55875fd":"f04f5b7073d7d0274e8354433b390306c5607632f5f589c12edb62d55673aff2366d2e6b24de731adf92e654baa30b1cfd4a069788f65ec1b99b015d904d8832110dbd74eae35a81562d14ce4136d820ad0a55ff5489ba678fbbc1c27663ec1349d70e740f0e0ec27cfbe8971819f4789e486b50a2d7271d77e2aaea50de62fd":"fc3c38c7a17e3ce06db033f1c172866f01a00045db55f2e234f71c82264f2ba2" generic HMAC-SHA-512 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa" +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_md_hmac:MBEDTLS_MD_SHA512:32:"4803d311394600dc1e0d8fc8cedeb8bde3fe7c42":"a10c125dd702a97153ad923ba5e9889cfac1ba169de370debe51f233735aa6effcc9785c4b5c7e48c477dc5c411ae6a959118584e26adc94b42c2b29b046f3cf01c65b24a24bd2e620bdf650a23bb4a72655b1100d7ce9a4dab697c6379754b4396c825de4b9eb73f2e6a6c0d0353bbdeaf706612800e137b858fdb30f3311c6":"7cd8236c55102e6385f52279506df6fcc388ab75092da21395ce14a82b202ffa" generic HMAC-SHA-512 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a" +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"aeb2f3b977fa6c8e71e07c5a5c74ff58166de092":"22457355dc76095abd46846b41cfe49a06ce42ac8857b4702fc771508dfb3626e0bfe851df897a07b36811ec433766e4b4166c26301b3493e7440d4554b0ef6ac20f1a530e58fac8aeba4e9ff2d4898d8a28783b49cd269c2965fd7f8e4f2d60cf1e5284f2495145b72382aad90e153a90ecae125ad75336fb128825c23fb8b0":"fa39bd8fcc3bfa218f9dea5d3b2ce10a7619e31678a56d8a9d927b1fe703b125af445debe9a89a07db6194d27b44d85a" generic HMAC-SHA-512 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5" +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"4285d3d7744da52775bb44ca436a3154f7980309":"208f0b6f2de2e5aa5df11927ddc6df485edc1193181c484d0f0a434a95418803101d4de9fdb798f93516a6916fa38a8207de1666fe50fe3441c03b112eaaae6954ed063f7ac4e3c1e3f73b20d153fe9e4857f5e91430f0a70ee820529adac2467469fd18adf10e2af0fea27c0abc83c5a9af77c364a466cffce8bab4e2b70bc1":"fe7603f205b2774fe0f14ecfa3e338e90608a806d11ca459dff5ce36b1b264ecd3af5f0492a7521d8da3102ba20927a5" generic HMAC-SHA-512 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C -mbedtls_md_hmac:"SHA512":48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8" +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_md_hmac:MBEDTLS_MD_SHA512:48:"8ab783d5acf32efa0d9c0a21abce955e96630d89":"17371e013dce839963d54418e97be4bd9fa3cb2a368a5220f5aa1b8aaddfa3bdefc91afe7c717244fd2fb640f5cb9d9bf3e25f7f0c8bc758883b89dcdce6d749d9672fed222277ece3e84b3ec01b96f70c125fcb3cbee6d19b8ef0873f915f173bdb05d81629ba187cc8ac1934b2f75952fb7616ae6bd812946df694bd2763af":"9ac7ca8d1aefc166b046e4cf7602ebe181a0e5055474bff5b342106731da0d7e48e4d87bc0a6f05871574289a1b099f8" + +HMAC-SHA3-224: NIST example #1: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_224 +mbedtls_md_hmac:MBEDTLS_MD_SHA3_224:28:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaab":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"078695eecc227c636ad31d063a15dd05a7e819a66ec6d8de1e193e59" + +HMAC-SHA3-224: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_256 +mbedtls_md_hmac:MBEDTLS_MD_SHA3_256:32:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"9bcf2c238e235c3ce88404e813bd2f3a97185ac6f238c63d6229a00b07974258" + +HMAC-SHA3-256: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_384 +mbedtls_md_hmac:MBEDTLS_MD_SHA3_384:48:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f9091929394959697":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"e5ae4c739f455279368ebf36d4f5354c95aa184c899d3870e460ebc288ef1f9470053f73f7c6da2a71bcaec38ce7d6ac" + +HMAC-SHA3-384: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_512 +mbedtls_md_hmac:MBEDTLS_MD_SHA3_512:64:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"5f464f5e5b7848e3885e49b2c385f0694985d0e38966242dc4a5fe3fea4b37d46b65ceced5dcf59438dd840bab22269f0ba7febdb9fcf74602a35666b2a32915" + +HMAC-SHA3-512: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_224 +md_hmac_multi:MBEDTLS_MD_SHA3_224:28:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaab":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"078695eecc227c636ad31d063a15dd05a7e819a66ec6d8de1e193e59" + +HMAC-SHA3-224 multi-step: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_256 +md_hmac_multi:MBEDTLS_MD_SHA3_256:32:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"9bcf2c238e235c3ce88404e813bd2f3a97185ac6f238c63d6229a00b07974258" + +HMAC-SHA3-256 multi-step: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_384 +md_hmac_multi:MBEDTLS_MD_SHA3_384:48:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f9091929394959697":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"e5ae4c739f455279368ebf36d4f5354c95aa184c899d3870e460ebc288ef1f9470053f73f7c6da2a71bcaec38ce7d6ac" + +HMAC-SHA3-384 multi-step: NIST example #4: keylenblocklen +depends_on:MBEDTLS_MD_CAN_SHA3_512 +md_hmac_multi:MBEDTLS_MD_SHA3_512:64:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687":"53616d706c65206d65737361676520666f72206b65796c656e3e626c6f636b6c656e":"5f464f5e5b7848e3885e49b2c385f0694985d0e38966242dc4a5fe3fea4b37d46b65ceced5dcf59438dd840bab22269f0ba7febdb9fcf74602a35666b2a32915" + +HMAC-SHA3-512 multi-step: NIST example #4: keylenNONE as this is not guaranteed */ } /* END_CASE */ @@ -44,64 +87,73 @@ exit: void md_null_args() { mbedtls_md_context_t ctx; +#if defined(MBEDTLS_MD_C) const mbedtls_md_info_t *info = mbedtls_md_info_from_type(*(mbedtls_md_list())); +#endif unsigned char buf[1] = { 0 }; + MD_PSA_INIT(); mbedtls_md_init(&ctx); - TEST_ASSERT(mbedtls_md_get_size(NULL) == 0); - TEST_ASSERT(mbedtls_md_get_type(NULL) == MBEDTLS_MD_NONE); + TEST_EQUAL(0, mbedtls_md_get_size(NULL)); +#if defined(MBEDTLS_MD_C) + TEST_EQUAL(mbedtls_md_get_type(NULL), MBEDTLS_MD_NONE); TEST_ASSERT(mbedtls_md_get_name(NULL) == NULL); TEST_ASSERT(mbedtls_md_info_from_string(NULL) == NULL); TEST_ASSERT(mbedtls_md_info_from_ctx(NULL) == NULL); TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == NULL); +#endif /* MBEDTLS_MD_C */ - TEST_ASSERT(mbedtls_md_setup(&ctx, NULL, 0) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_setup(NULL, info, 0) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_setup(&ctx, NULL, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA); +#if defined(MBEDTLS_MD_C) + TEST_EQUAL(mbedtls_md_setup(NULL, info, 0), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_starts(NULL) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_starts(&ctx) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_starts(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_starts(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_update(NULL, buf, 1) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_update(&ctx, buf, 1) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_update(NULL, buf, 1), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_update(&ctx, buf, 1), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_finish(NULL, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_finish(&ctx, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - - TEST_ASSERT(mbedtls_md(NULL, buf, 1, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - -#if defined(MBEDTLS_FS_IO) - TEST_ASSERT(mbedtls_md_file(NULL, "", buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_finish(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_finish(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); #endif - TEST_ASSERT(mbedtls_md_hmac_starts(NULL, buf, 1) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac_starts(&ctx, buf, 1) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md(NULL, buf, 1, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac_update(NULL, buf, 1) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac_update(&ctx, buf, 1) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); +#if defined(MBEDTLS_MD_C) +#if defined(MBEDTLS_FS_IO) + TEST_EQUAL(mbedtls_md_file(NULL, "", buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); +#endif - TEST_ASSERT(mbedtls_md_hmac_finish(NULL, buf) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac_finish(&ctx, buf) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_starts(NULL, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_starts(&ctx, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac_reset(NULL) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac_reset(&ctx) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_update(NULL, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_update(&ctx, buf, 1), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_hmac(NULL, buf, 1, buf, 1, buf) - == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_finish(NULL, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_finish(&ctx, buf), MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_process(NULL, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_md_process(&ctx, buf) == MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_reset(NULL), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_md_hmac_reset(&ctx), MBEDTLS_ERR_MD_BAD_INPUT_DATA); + + TEST_EQUAL(mbedtls_md_hmac(NULL, buf, 1, buf, 1, buf), + MBEDTLS_ERR_MD_BAD_INPUT_DATA); +#endif /* MBEDTLS_MD_C */ /* Ok, this is not NULL arg but NULL return... */ TEST_ASSERT(mbedtls_md_info_from_type(MBEDTLS_MD_NONE) == NULL); +#if defined(MBEDTLS_MD_C) TEST_ASSERT(mbedtls_md_info_from_string("no such md") == NULL); +#endif + +exit: + MD_PSA_DONE(); } /* END_CASE */ @@ -109,276 +161,314 @@ void md_null_args() void md_info(int md_type, char *md_name, int md_size) { const mbedtls_md_info_t *md_info; +#if defined(MBEDTLS_MD_C) const int *md_type_ptr; - int found; +#else + (void) md_name; +#endif + + /* Note: PSA Crypto init not needed for info functions */ md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); +#if defined(MBEDTLS_MD_C) TEST_ASSERT(md_info == mbedtls_md_info_from_string(md_name)); +#endif - TEST_ASSERT(mbedtls_md_get_type(md_info) == (mbedtls_md_type_t) md_type); - TEST_ASSERT(mbedtls_md_get_size(md_info) == (unsigned char) md_size); - TEST_ASSERT(strcmp(mbedtls_md_get_name(md_info), md_name) == 0); + TEST_EQUAL(mbedtls_md_get_type(md_info), (mbedtls_md_type_t) md_type); + TEST_EQUAL(mbedtls_md_get_size(md_info), (unsigned char) md_size); +#if defined(MBEDTLS_MD_C) + TEST_EQUAL(0, strcmp(mbedtls_md_get_name(md_info), md_name)); - found = 0; + int found = 0; for (md_type_ptr = mbedtls_md_list(); *md_type_ptr != 0; md_type_ptr++) { if (*md_type_ptr == md_type) { found = 1; } } - TEST_ASSERT(found == 1); + TEST_EQUAL(found, 1); +#endif /* MBEDTLS_MD_C */ } /* END_CASE */ /* BEGIN_CASE */ -void md_text(char *text_md_name, char *text_src_string, - data_t *hash) +void md_text(int md_type, char *text_src_string, data_t *hash) { - char md_name[100]; - unsigned char src_str[1000]; - unsigned char output[100]; + unsigned char *src = (unsigned char *) text_src_string; + size_t src_len = strlen(text_src_string); + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset(md_name, 0x00, 100); - memset(src_str, 0x00, 1000); - memset(output, 0x00, 100); + MD_PSA_INIT(); - strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(0 == mbedtls_md(md_info, src_str, strlen((char *) src_str), output)); + TEST_EQUAL(0, mbedtls_md(md_info, src, src_len, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void md_hex(char *text_md_name, data_t *src_str, data_t *hash) +void md_hex(int md_type, data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset(md_name, 0x00, 100); - memset(output, 0x00, 100); + MD_PSA_INIT(); - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(0 == mbedtls_md(md_info, src_str->x, src_str->len, output)); + TEST_EQUAL(0, mbedtls_md(md_info, src_str->x, src_str->len, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void md_text_multi(char *text_md_name, char *text_src_string, +void md_text_multi(int md_type, char *text_src_string, data_t *hash) { - char md_name[100]; - unsigned char src_str[1000]; - unsigned char output[100]; - int halfway, len; + unsigned char *src = (unsigned char *) text_src_string; + size_t src_len = strlen(text_src_string); + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; + size_t halfway; const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx, ctx_copy; + MD_PSA_INIT(); + mbedtls_md_init(&ctx); mbedtls_md_init(&ctx_copy); - memset(md_name, 0x00, 100); - memset(src_str, 0x00, 1000); - memset(output, 0x00, 100); + halfway = src_len / 2; - strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - len = strlen((char *) src_str); - halfway = len / 2; - - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(0 == mbedtls_md_setup(&ctx, md_info, 0)); - TEST_ASSERT(0 == mbedtls_md_setup(&ctx_copy, md_info, 0)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0)); +#if defined(MBEDTLS_MD_C) TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == md_info); TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx_copy) == md_info); +#endif /* MBEDTLS_MD_C */ - TEST_ASSERT(0 == mbedtls_md_starts(&ctx)); + TEST_EQUAL(0, mbedtls_md_starts(&ctx)); TEST_ASSERT(ctx.md_ctx != NULL); - TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str, halfway)); - TEST_ASSERT(0 == mbedtls_md_clone(&ctx_copy, &ctx)); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src, halfway)); + TEST_EQUAL(0, mbedtls_md_clone(&ctx_copy, &ctx)); - TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str + halfway, len - halfway)); - TEST_ASSERT(0 == mbedtls_md_finish(&ctx, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src + halfway, src_len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); /* Test clone */ - memset(output, 0x00, 100); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT(0 == mbedtls_md_update(&ctx_copy, src_str + halfway, len - halfway)); - TEST_ASSERT(0 == mbedtls_md_finish(&ctx_copy, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_EQUAL(0, mbedtls_md_update(&ctx_copy, src + halfway, src_len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx_copy, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); exit: mbedtls_md_free(&ctx); mbedtls_md_free(&ctx_copy); + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ -void md_hex_multi(char *text_md_name, data_t *src_str, data_t *hash) +void md_hex_multi(int md_type, data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx, ctx_copy; int halfway; + MD_PSA_INIT(); + mbedtls_md_init(&ctx); mbedtls_md_init(&ctx_copy); - memset(md_name, 0x00, 100); - memset(output, 0x00, 100); - - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(0 == mbedtls_md_setup(&ctx, md_info, 0)); - TEST_ASSERT(0 == mbedtls_md_setup(&ctx_copy, md_info, 0)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 0)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx_copy, md_info, 0)); +#if defined(MBEDTLS_MD_C) TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == md_info); TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx_copy) == md_info); +#endif /* MBEDTLS_MD_C */ halfway = src_str->len / 2; - TEST_ASSERT(0 == mbedtls_md_starts(&ctx)); + TEST_EQUAL(0, mbedtls_md_starts(&ctx)); TEST_ASSERT(ctx.md_ctx != NULL); - TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str->x, halfway)); - TEST_ASSERT(0 == mbedtls_md_clone(&ctx_copy, &ctx)); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src_str->x, halfway)); + TEST_EQUAL(0, mbedtls_md_clone(&ctx_copy, &ctx)); - TEST_ASSERT(0 == mbedtls_md_update(&ctx, src_str->x + halfway, src_str->len - halfway)); - TEST_ASSERT(0 == mbedtls_md_finish(&ctx, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_EQUAL(0, mbedtls_md_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); /* Test clone */ - memset(output, 0x00, 100); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT(0 == mbedtls_md_update(&ctx_copy, src_str->x + halfway, src_str->len - halfway)); - TEST_ASSERT(0 == mbedtls_md_finish(&ctx_copy, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_EQUAL(0, mbedtls_md_update(&ctx_copy, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_finish(&ctx_copy, output)); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); exit: mbedtls_md_free(&ctx); mbedtls_md_free(&ctx_copy); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE */ -void mbedtls_md_hmac(char *text_md_name, int trunc_size, +/* BEGIN_CASE depends_on:MBEDTLS_MD_C */ +void mbedtls_md_hmac(int md_type, int trunc_size, data_t *key_str, data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset(md_name, 0x00, 100); - memset(output, 0x00, 100); + MD_PSA_INIT(); - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(mbedtls_md_hmac(md_info, key_str->x, key_str->len, src_str->x, src_str->len, - output) == 0); + TEST_EQUAL(0, mbedtls_md_hmac(md_info, key_str->x, key_str->len, + src_str->x, src_str->len, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - trunc_size, hash->len) == 0); + TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len); + +exit: + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE */ -void md_hmac_multi(char *text_md_name, int trunc_size, data_t *key_str, +/* BEGIN_CASE depends_on:MBEDTLS_MD_C */ +void md_hmac_multi(int md_type, int trunc_size, data_t *key_str, data_t *src_str, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; mbedtls_md_context_t ctx; int halfway; + MD_PSA_INIT(); + mbedtls_md_init(&ctx); - memset(md_name, 0x00, 100); - memset(output, 0x00, 100); - - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(0 == mbedtls_md_setup(&ctx, md_info, 1)); + TEST_EQUAL(0, mbedtls_md_setup(&ctx, md_info, 1)); +#if defined(MBEDTLS_MD_C) TEST_ASSERT(mbedtls_md_info_from_ctx(&ctx) == md_info); +#endif halfway = src_str->len / 2; - TEST_ASSERT(0 == mbedtls_md_hmac_starts(&ctx, key_str->x, key_str->len)); + TEST_EQUAL(0, mbedtls_md_hmac_starts(&ctx, key_str->x, key_str->len)); TEST_ASSERT(ctx.md_ctx != NULL); - TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); - TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); - TEST_ASSERT(0 == mbedtls_md_hmac_finish(&ctx, output)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&ctx, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - trunc_size, hash->len) == 0); + TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len); /* Test again, for reset() */ - memset(output, 0x00, 100); + memset(output, 0x00, sizeof(output)); - TEST_ASSERT(0 == mbedtls_md_hmac_reset(&ctx)); - TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); - TEST_ASSERT(0 == mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); - TEST_ASSERT(0 == mbedtls_md_hmac_finish(&ctx, output)); + TEST_EQUAL(0, mbedtls_md_hmac_reset(&ctx)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x, halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_update(&ctx, src_str->x + halfway, src_str->len - halfway)); + TEST_EQUAL(0, mbedtls_md_hmac_finish(&ctx, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - trunc_size, hash->len) == 0); + TEST_MEMORY_COMPARE(output, trunc_size, hash->x, hash->len); exit: mbedtls_md_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ -void mbedtls_md_file(char *text_md_name, char *filename, +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_MD_C */ +void mbedtls_md_file(int md_type, char *filename, data_t *hash) { - char md_name[100]; - unsigned char output[100]; + unsigned char output[MBEDTLS_MD_MAX_SIZE] = { 0 }; const mbedtls_md_info_t *md_info = NULL; - memset(md_name, 0x00, 100); - memset(output, 0x00, 100); + MD_PSA_INIT(); - strncpy((char *) md_name, text_md_name, sizeof(md_name) - 1); - md_info = mbedtls_md_info_from_string(md_name); + md_info = mbedtls_md_info_from_type(md_type); TEST_ASSERT(md_info != NULL); - TEST_ASSERT(mbedtls_md_file(md_info, filename, output) == 0); + TEST_EQUAL(0, mbedtls_md_file(md_info, filename, output)); - TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - mbedtls_md_get_size(md_info), - hash->len) == 0); + TEST_MEMORY_COMPARE(output, mbedtls_md_get_size(md_info), hash->x, hash->len); + +exit: + MD_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine) +{ + const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); + mbedtls_md_context_t ctx1, ctx2; + + /* Intentionally no PSA init here! (Will be done later.) */ + + mbedtls_md_init(&ctx1); + mbedtls_md_init(&ctx2); + + TEST_ASSERT(md_info != NULL); + + /* Before PSA crypto init */ + TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx1, md_info, 0)); + TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx2, md_info, 0)); + +#if defined(MBEDTLS_MD_SOME_PSA) + TEST_EQUAL(ctx1.engine, MBEDTLS_MD_ENGINE_LEGACY); + TEST_EQUAL(ctx2.engine, MBEDTLS_MD_ENGINE_LEGACY); +#endif + + /* Reset ctx1 but keep ctx2 for the cloning test */ + mbedtls_md_free(&ctx1); + mbedtls_md_init(&ctx1); + + /* Now initilize PSA Crypto */ + MD_PSA_INIT(); + + /* After PSA Crypto init */ + TEST_EQUAL(0, mbedtls_md_setup(&ctx1, md_info, 0)); +#if defined(MBEDTLS_MD_SOME_PSA) + TEST_EQUAL(ctx1.engine, post_psa_engine); +#endif + + /* Cloning test */ + if (pre_psa_ret == 0) { + int exp_clone_ret = post_psa_engine == MBEDTLS_MD_ENGINE_PSA + ? MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE + : 0; + TEST_EQUAL(exp_clone_ret, mbedtls_md_clone(&ctx2, &ctx1)); + } + +exit: + mbedtls_md_free(&ctx1); + mbedtls_md_free(&ctx2); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_md.psa.data b/tests/suites/test_suite_md.psa.data new file mode 100644 index 000000000..3ae787cbe --- /dev/null +++ b/tests/suites/test_suite_md.psa.data @@ -0,0 +1,135 @@ +# These tests behave differently depending on the presence of +# drivers and/or built-in, so they're isolated here for the benefit of +# analyze_outcomes.py (driver vs reference comparison). + +PSA dispatch MD5 legacy only +depends_on:MBEDTLS_MD5_C:!MBEDTLS_MD_MD5_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_MD5:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch MD5 driver only +depends_on:!MBEDTLS_MD5_C:MBEDTLS_MD_MD5_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_MD5:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch MD5 legacy+driver +depends_on:MBEDTLS_MD5_C:MBEDTLS_MD_MD5_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_MD5:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch RIPEMD160 legacy only +depends_on:MBEDTLS_RIPEMD160_C:!MBEDTLS_MD_RIPEMD160_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_RIPEMD160:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch RIPEMD160 driver only +depends_on:!MBEDTLS_RIPEMD160_C:MBEDTLS_MD_RIPEMD160_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_RIPEMD160:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch RIPEMD160 legacy+driver +depends_on:MBEDTLS_RIPEMD160_C:MBEDTLS_MD_RIPEMD160_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_RIPEMD160:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA1 legacy only +depends_on:MBEDTLS_SHA1_C:!MBEDTLS_MD_SHA1_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA1:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA1 driver only +depends_on:!MBEDTLS_SHA1_C:MBEDTLS_MD_SHA1_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA1:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA1 legacy+driver +depends_on:MBEDTLS_SHA1_C:MBEDTLS_MD_SHA1_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA1:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA224 legacy only +depends_on:MBEDTLS_SHA224_C:!MBEDTLS_MD_SHA224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA224:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA224 driver only +depends_on:!MBEDTLS_SHA224_C:MBEDTLS_MD_SHA224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA224:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA224 legacy+driver +depends_on:MBEDTLS_SHA224_C:MBEDTLS_MD_SHA224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA224:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA256 legacy only +depends_on:MBEDTLS_SHA256_C:!MBEDTLS_MD_SHA256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA256:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA256 driver only +depends_on:!MBEDTLS_SHA256_C:MBEDTLS_MD_SHA256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA256:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA256 legacy+driver +depends_on:MBEDTLS_SHA256_C:MBEDTLS_MD_SHA256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA256:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA384 legacy only +depends_on:MBEDTLS_SHA384_C:!MBEDTLS_MD_SHA384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA384:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA384 driver only +depends_on:!MBEDTLS_SHA384_C:MBEDTLS_MD_SHA384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA384:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA384 legacy+driver +depends_on:MBEDTLS_SHA384_C:MBEDTLS_MD_SHA384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA384:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA512 legacy only +depends_on:MBEDTLS_SHA512_C:!MBEDTLS_MD_SHA512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA512 driver only +depends_on:!MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA512 legacy+driver +depends_on:MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-224 legacy only +depends_on:MBEDTLS_SHA3_C:!MBEDTLS_MD_SHA3_224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-224 driver only +depends_on:!MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-224 legacy+driver +depends_on:MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_224_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-256 legacy only +depends_on:MBEDTLS_SHA3_C:!MBEDTLS_MD_SHA3_256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-256 driver only +depends_on:!MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-256 legacy+driver +depends_on:MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_256_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-384 legacy only +depends_on:MBEDTLS_SHA3_C:!MBEDTLS_MD_SHA3_384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-384 driver only +depends_on:!MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-384 legacy+driver +depends_on:MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_384_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-512 legacy only +depends_on:MBEDTLS_SHA3_C:!MBEDTLS_MD_SHA3_512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_LEGACY + +PSA dispatch SHA3-512 driver only +depends_on:!MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA + +PSA dispatch SHA3-512 legacy+driver +depends_on:MBEDTLS_SHA3_C:MBEDTLS_MD_SHA3_512_VIA_PSA +md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_PSA diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function index 93f41014a..df94d16e1 100644 --- a/tests/suites/test_suite_mdx.function +++ b/tests/suites/test_suite_mdx.function @@ -10,8 +10,8 @@ void md5_text(char *text_src_string, data_t *hash) unsigned char src_str[100]; unsigned char output[16]; - memset(src_str, 0x00, sizeof src_str); - memset(output, 0x00, sizeof output); + memset(src_str, 0x00, sizeof(src_str)); + memset(output, 0x00, sizeof(output)); strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); @@ -19,7 +19,7 @@ void md5_text(char *text_src_string, data_t *hash) TEST_ASSERT(ret == 0); TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - sizeof output, hash->len) == 0); + sizeof(output), hash->len) == 0); } /* END_CASE */ @@ -30,8 +30,8 @@ void ripemd160_text(char *text_src_string, data_t *hash) unsigned char src_str[100]; unsigned char output[20]; - memset(src_str, 0x00, sizeof src_str); - memset(output, 0x00, sizeof output); + memset(src_str, 0x00, sizeof(src_str)); + memset(output, 0x00, sizeof(output)); strncpy((char *) src_str, text_src_string, sizeof(src_str) - 1); @@ -39,7 +39,7 @@ void ripemd160_text(char *text_src_string, data_t *hash) TEST_ASSERT(ret == 0); TEST_ASSERT(mbedtls_test_hexcmp(output, hash->x, - sizeof output, hash->len) == 0); + sizeof(output), hash->len) == 0); } /* END_CASE */ diff --git a/tests/suites/test_suite_mps.function b/tests/suites/test_suite_mps.function index 6d9a8a81a..0b8434b7c 100644 --- a/tests/suites/test_suite_mps.function +++ b/tests/suites/test_suite_mps.function @@ -60,7 +60,7 @@ void mbedtls_mps_reader_no_pausing_single_step_single_round(int with_acc) /* Consumption (upper layer) */ /* Consume exactly what's available */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 100, bufA, 100); + TEST_MEMORY_COMPARE(tmp, 100, bufA, 100); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0); @@ -108,14 +108,14 @@ void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds(int with_acc) /* Consumption (upper layer) */ /* Consume exactly what's available */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 100, bufA, 100); + TEST_MEMORY_COMPARE(tmp, 100, bufA, 100); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Preparation */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 100, bufB, 100); + TEST_MEMORY_COMPARE(tmp, 100, bufB, 100); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); @@ -162,11 +162,11 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_single_round(int with_acc) TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, buf, 10); + TEST_MEMORY_COMPARE(tmp, 10, buf, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 70, buf + 10, 70); + TEST_MEMORY_COMPARE(tmp, 70, buf + 10, 70); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0); - ASSERT_COMPARE(tmp, tmp_len, buf + 80, 20); + TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 80, 20); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); @@ -202,18 +202,18 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds(int with_acc) TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufA, sizeof(bufA)) == 0); /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 70, bufA + 10, 70); + TEST_MEMORY_COMPARE(tmp, 70, bufA + 10, 70); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, &tmp_len) == 0); - ASSERT_COMPARE(tmp, tmp_len, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp, tmp_len, bufA + 80, 20); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Preparation */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); TEST_ASSERT(mbedtls_mps_reader_feed(&rd, bufB, sizeof(bufB)) == 0); /* Consumption */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 100, bufB, 100); + TEST_MEMORY_COMPARE(tmp, 100, bufB, 100); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); @@ -243,7 +243,7 @@ void mbedtls_mps_reader_pausing_needed_disabled() TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -284,10 +284,10 @@ void mbedtls_mps_reader_pausing_needed_buffer_too_small() TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, buf + 50, 10); + TEST_MEMORY_COMPARE(tmp, 10, buf + 50, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); /* Wrapup (lower layer) */ @@ -295,7 +295,7 @@ void mbedtls_mps_reader_pausing_needed_buffer_too_small() MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, &tmp_len) == 0); - ASSERT_COMPARE(tmp, tmp_len, buf + 50, 50); + TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 50, 50); mbedtls_mps_reader_free(&rd); } @@ -325,7 +325,7 @@ void mbedtls_mps_reader_reclaim_overflow() TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); /* Excess request */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, (mbedtls_mps_size_t) -1, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -376,10 +376,10 @@ void mbedtls_mps_reader_pausing(int option) /* Consumption (upper layer) */ /* Ask for more than what's available. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 80, bufA, 80); + TEST_MEMORY_COMPARE(tmp, 80, bufA, 80); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); switch (option) { case 0: /* Single uncommitted fetch at pausing */ case 1: @@ -400,50 +400,50 @@ void mbedtls_mps_reader_pausing(int option) switch (option) { case 0: /* Single fetch at pausing, re-fetch with commit. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; case 1: /* Single fetch at pausing, re-fetch without commit. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); break; case 2: /* Multiple fetches at pausing, repeat without commit. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); break; case 3: /* Multiple fetches at pausing, repeat with commit 1. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); break; case 4: /* Multiple fetches at pausing, repeat with commit 2. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; case 5: /* Multiple fetches at pausing, repeat with commit 3. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); break; @@ -453,7 +453,7 @@ void mbedtls_mps_reader_pausing(int option) /* In all cases, fetch the rest of the second buffer. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 90, bufB + 10, 90); + TEST_MEMORY_COMPARE(tmp, 90, bufB + 10, 90); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ @@ -498,7 +498,7 @@ void mbedtls_mps_reader_pausing_multiple_feeds(int option) /* Consumption (upper layer) */ /* Ask for more than what's available. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 80, bufA, 80); + TEST_MEMORY_COMPARE(tmp, 80, bufA, 80); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* 20 left, ask for 70 -> 50 overhead */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == @@ -538,8 +538,8 @@ void mbedtls_mps_reader_pausing_multiple_feeds(int option) /* Consumption */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 70, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 20, bufA + 80, 20); - ASSERT_COMPARE(tmp + 20, 50, bufB, 50); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 50, bufB, 50); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 1000, &tmp, &fetch_len) == 0); switch (option) { case 0: @@ -591,14 +591,14 @@ void mbedtls_mps_reader_reclaim_data_left(int option) /* Fetch (but not commit) the entire buffer. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf), &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 100, buf, 100); + TEST_MEMORY_COMPARE(tmp, 100, buf, 100); break; case 1: /* Fetch (but not commit) parts of the buffer. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); + TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); break; case 2: @@ -606,13 +606,13 @@ void mbedtls_mps_reader_reclaim_data_left(int option) * fetch but not commit the rest of the buffer. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); + TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, buf, sizeof(buf) / 2); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, sizeof(buf) / 2, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, sizeof(buf) / 2, - buf + sizeof(buf) / 2, - sizeof(buf) / 2); + TEST_MEMORY_COMPARE(tmp, sizeof(buf) / 2, + buf + sizeof(buf) / 2, + sizeof(buf) / 2); break; default: @@ -646,16 +646,16 @@ void mbedtls_mps_reader_reclaim_data_left_retry() TEST_ASSERT(mbedtls_mps_reader_feed(&rd, buf, sizeof(buf)) == 0); /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 50, buf, 50); + TEST_MEMORY_COMPARE(tmp, 50, buf, 50); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 50, buf + 50, 50); + TEST_MEMORY_COMPARE(tmp, 50, buf + 50, 50); /* Preparation */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == MBEDTLS_ERR_MPS_READER_DATA_LEFT); /* Consumption */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 50, buf + 50, 50); + TEST_MEMORY_COMPARE(tmp, 50, buf + 50, 50); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); @@ -699,10 +699,10 @@ void mbedtls_mps_reader_multiple_pausing(int option) /* Consumption (upper layer) */ /* Ask for more than what's available. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 80, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 80, bufA, 80); + TEST_MEMORY_COMPARE(tmp, 80, bufA, 80); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -717,10 +717,10 @@ void mbedtls_mps_reader_multiple_pausing(int option) /* Consume */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, &tmp_len) == 0); - ASSERT_COMPARE(tmp, tmp_len, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, tmp_len, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -731,18 +731,18 @@ void mbedtls_mps_reader_multiple_pausing(int option) /* Consume */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufB + 10, 10); - ASSERT_COMPARE(tmp + 10, 10, bufC, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufB + 10, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufC, 10); break; case 1: /* Fetch same chunks, commit afterwards, and * then exceed bounds of new buffer; accumulator * not large enough. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 51, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -756,10 +756,10 @@ void mbedtls_mps_reader_multiple_pausing(int option) * then exceed bounds of new buffer; accumulator * large enough. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -769,19 +769,19 @@ void mbedtls_mps_reader_multiple_pausing(int option) /* Consume */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 20, bufA + 80, 20); - ASSERT_COMPARE(tmp + 20, 20, bufB, 20); - ASSERT_COMPARE(tmp + 40, 10, bufC, 10); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 20, bufB, 20); + TEST_MEMORY_COMPARE(tmp + 40, 10, bufC, 10); break; case 3: /* Fetch same chunks, don't commit afterwards, and * then exceed bounds of new buffer; accumulator * not large enough. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 80, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 80, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 20, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 10, bufA + 90, 10); - ASSERT_COMPARE(tmp + 10, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 10, bufA + 90, 10); + TEST_MEMORY_COMPARE(tmp + 10, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 21, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_OUT_OF_DATA); @@ -844,15 +844,15 @@ void mbedtls_mps_reader_random_usage(int num_out_chunks, mbedtls_mps_reader rd; if (acc_size > 0) { - ASSERT_ALLOC(acc, acc_size); + TEST_CALLOC(acc, acc_size); } /* This probably needs to be changed because we want * our tests to be deterministic. */ // srand( time( NULL ) ); - ASSERT_ALLOC(outgoing, num_out_chunks * max_chunk_size); - ASSERT_ALLOC(incoming, num_out_chunks * max_chunk_size); + TEST_CALLOC(outgoing, num_out_chunks * max_chunk_size); + TEST_CALLOC(incoming, num_out_chunks * max_chunk_size); mbedtls_mps_reader_init(&rd, acc, acc_size); @@ -884,7 +884,7 @@ void mbedtls_mps_reader_random_usage(int num_out_chunks, } tmp_size = (rand() % max_chunk_size) + 1; - ASSERT_ALLOC(tmp, tmp_size); + TEST_CALLOC(tmp, tmp_size); TEST_ASSERT(mbedtls_test_rnd_std_rand(NULL, tmp, tmp_size) == 0); ret = mbedtls_mps_reader_feed(&rd, tmp, tmp_size); @@ -1005,16 +1005,16 @@ void mbedtls_reader_inconsistent_usage(int option) case 0: /* Ask for buffered data in a single chunk, no commit */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 20, bufA + 80, 20); - ASSERT_COMPARE(tmp + 20, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 10, bufB, 10); success = 1; break; case 1: /* Ask for buffered data in a single chunk, with commit */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 30, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 20, bufA + 80, 20); - ASSERT_COMPARE(tmp + 20, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 20, bufA + 80, 20); + TEST_MEMORY_COMPARE(tmp + 20, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; @@ -1035,7 +1035,7 @@ void mbedtls_reader_inconsistent_usage(int option) /* Asking for buffered data in different * chunks than before CAN fail. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 10, &tmp, NULL) == MBEDTLS_ERR_MPS_READER_INCONSISTENT_REQUESTS); break; @@ -1044,10 +1044,10 @@ void mbedtls_reader_inconsistent_usage(int option) /* Asking for buffered data different chunks * than before NEED NOT fail - no commits */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 5, bufA + 95, 5); - ASSERT_COMPARE(tmp + 5, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); success = 1; break; @@ -1055,11 +1055,11 @@ void mbedtls_reader_inconsistent_usage(int option) /* Asking for buffered data different chunks * than before NEED NOT fail - intermediate commit */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 5, bufA + 95, 5); - ASSERT_COMPARE(tmp + 5, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); success = 1; break; @@ -1067,10 +1067,10 @@ void mbedtls_reader_inconsistent_usage(int option) /* Asking for buffered data different chunks * than before NEED NOT fail - end commit */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 5, bufA + 95, 5); - ASSERT_COMPARE(tmp + 5, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; @@ -1079,11 +1079,11 @@ void mbedtls_reader_inconsistent_usage(int option) /* Asking for buffered data different chunks * than before NEED NOT fail - intermediate & end commit */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 15, bufA + 80, 15); + TEST_MEMORY_COMPARE(tmp, 15, bufA + 80, 15); TEST_ASSERT(mbedtls_mps_reader_get(&rd, 15, &tmp, NULL) == 0); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); - ASSERT_COMPARE(tmp, 5, bufA + 95, 5); - ASSERT_COMPARE(tmp + 5, 10, bufB, 10); + TEST_MEMORY_COMPARE(tmp, 5, bufA + 95, 5); + TEST_MEMORY_COMPARE(tmp + 5, 10, bufB, 10); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); success = 1; break; @@ -1096,7 +1096,7 @@ void mbedtls_reader_inconsistent_usage(int option) if (success == 1) { /* In all succeeding cases, fetch the rest of the second buffer. */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 90, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 90, bufB + 10, 90); + TEST_MEMORY_COMPARE(tmp, 90, bufB + 10, 90); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ @@ -1131,7 +1131,7 @@ void mbedtls_mps_reader_feed_empty() /* Consumption (upper layer) */ TEST_ASSERT(mbedtls_mps_reader_get(&rd, 100, &tmp, NULL) == 0); - ASSERT_COMPARE(tmp, 100, buf, 100); + TEST_MEMORY_COMPARE(tmp, 100, buf, 100); TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data index ec8282417..2307ad564 100644 --- a/tests/suites/test_suite_nist_kw.data +++ b/tests/suites/test_suite_nist_kw.data @@ -111,43 +111,43 @@ depends_on:MBEDTLS_AES_C mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"98311985c4661d7e811ee56070e6fecf":"18840c96813864ef3093b48cdde6ac5d78248b96d4a2cd1f15f0b56f98213dbf87e1ccad04e0d4f1954c233ea3e48fdad8f2b1156e54e19e3b5f4a66d2e9149032b876c51249165fe8c28e112a685b2d228a8ac308017574274af36a4ea3877bcc9850bafe8fc0e0a712faca0dea98396f9143bc5819fe4933a806e9b965133e3c695a45f0fbd6961798c400d7477287df64798b651e0d3009c13f7a2246c28f983509b9e5339919f2cdffcdfc550693cba9491c00334c4a62d878c4d0ca57b1104bc0174968ea8e3730b9e68db49678b23cd508ebe3e12e94b0ad3791023a8ef95473f0b32f906738f34e94e45a4480ad768072e1853adb63996b9ac27a1dade70804b82290a2274c6dcc3ccd40a8b38a56a5eb03f59075de015e8f9096f53549f6374e02da947fb849287a447f757cc340b6bded71d480988b6d2fcd984fba841470519830304667fef0a577b4cf84f76aef9deb84dde36abfbd76673c17113dbea7a3e24bf9b57a8fd17173a1ef91497b732b3fa8889bed58a503a0d3e20bc27ec4dbf5d13a93cbad05495e3df15e1fe34a3a6d6f648ea4aa60b2f114f30944ae593675dac2db188f90a3c483fb82cec0f0d295544d798b62cdcb51c6c036af1a341d78babf87b92609c1d866e311a46abccc8ba8c6a41420359bb061d7e752c0ed25990eef57c9f9e190572203f8c473edf8cfc8c26d34e37240f45ded97":"625aea9122b7b57b9f36446f9053acc42c6435a7f69d91b41547026f833291d488e477c7ccba698c143633a304f463d6af4a3e72c189234fcfc360013e65b07b7f7a36c529d3fdbbdbd6224bf100c14bc5354893b44790f54c739a2b1f5bda82d70fb600ed9b0606dbddea52e508b492b72d8779856274aaaaddc0a3edb6cfc788b603101bedfcc3f44baa62336bd950c2e349d5daf04f2e23ec2628893d214e277569c565e5e6aa8b72ffa14118a3b57f814b4deb179980b5eeefa4fd93f1751850466e929be537801babc2120f3ff1ffe5fea813ec7788eaf43f5ef657e5af48395c3ad11aaf741549090b58670695f7c95c68e00576ca18ef0313f2b4b757219fc8db3dc2db28721d6f912547ebfebcd96935c3100aa4e4df9955acae1b4e2c10df1166d46c4285ab631c6d2ce58ad3ae99c07c019dcd15958694055281ccd6f803af290431f188cc4c429e84a4c30fd9c63968dfd0951c417efb71921c207de172a9546bdd3e2bb35b45e140892c649f88c31a438f864e801a69f8010aa3d77a26601a7a89067c81b0f7e70d8e82f21f88c7d0bb0c8ca0db875d6c3f8c6f6d709bbb31c7da2e31f3571daa2c5ab13bfc16624cf35abd526e84269fb45bbd2fcd8c383d6fbb700bc4b5205b3ef8c4323dc0d9e0370e56a3d1e5e76aa4de082e4c2a0afd092845bd5dab52a45943181461b76e3984b95f48bea80a94944241d04b5634c86274e7" NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 128 count 7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"13df8fa68a6e096b9b5bbaebb64ace2e6a05485b5cb7e43f":"3ee9367f631fb375ba47241966ad4ab8":"d0309b1291a06c595fcaa6dcf97817dbd7b7ad2cf48ddec2" NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 256 count 11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"17c25023ac76a8af777a6f71c0c0f97931554b0a15a79222":"15227ef52412346e83a18c54a75374f69a24de6a07cfba9082596eeb5d758bb0":"0f8e2fe4f3a28c1fcebf20fef2bfd3489deb284e03d057337496285f4ffe62f074bafa0a0a6e44e4" NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 192 count 8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"49d1c4ec51f2695ad7e47554efd24170ab03f628eba7d5fb":"8bf961097a6fa75694cf0ea47cfda23928fc433d5fc762e6":"dc72c58faca0dd662e5fefd05cd714987cc2470219db77baf779fca865f31529" NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 320 count 14 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e06ebf0145b178ea45687abe366fdec559877dbc9300a653":"f0104e9546628d801c4f7e875f1ca4f385e915b0c7bd52ed158b6b42d7301f1df6dd5bfc80d0318a":"5b4b1d4ef349fcf5eb7d720d84b2e79fbabf3db18277ada0752b9883c21f0e24281854420e6751af8fbcc4b98be0c1d7" NIST KW wrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"932ed6ee1db1c4cf7fd81efce5609641cb5f3409563089dc":"da8dd9c1dc8cbf95b0fa280747c1007ecb086b7c944b0db4dfa3bdf6ed0c9725901cb838c2e30131250188c22bd92b068aa0871ce58a0c22307671612fc4884a655329851d54afd48a9d3a7f97976850d6fd842034548aee67df1272b06f155eb21966858731c3c35d4bb94a1ea351ef5a8c4779c077d648ec1c4f27cfaa48f47541a8f36831e35a961b076307bea928e1856e448d7695a0f7fbcd8c82800d12f530c2086f3b67bc5081d384010b47d327120def5c92f815aaae31d32893cdd18a71ba4e208445ff3a2f68a0a46689458b0f2d6d9cd3726284e56b4c020b97a82d4463f74098cfd7bd7a5f12157a0bc812266b8f2c215933cb67518f900602f0825538e05765318b6d31150007e410b92d5d957e119c5d94aadba193cf6da230387b1c5e6448515f9789a8867571ea82ad34dc5b912d6cd243bd4fc2f19d132bd8f1f5cef00a141e30ec4d3f7a546a215d5b0c7e70c3b0ec4fc34b66c4170bf403ef910dd3897caef33405827a55f943904c4e1b1aee4cc3ffd0ad27e316c164e2b5bbcf73df60d8859201b6602be01ba638aff468f3136120c117ca848ae161ecafade668e2d04b227437d4b91c6fc40ebd9490f211bcd21fd7005d200ef584f37aa2c4c769174551cec0d7f2936ae78f6c389382212703d0e7c82aef1a736056ed9c45e71439731537a2edb8a63741825c678a11c42e5b2281b43e203b0523":"76b6772984932bb6314d1eab8f625e044920f9494789e9a0ac2affd9a209cabb72ee83331a30472934e02ef28697d541a071eff9eb5c7dd49862f11384d46e8f4c2ddb084e76ef382117a285993e4a9f89e1e0ba6612f63b3c8a54784f940d7e6baf12cb67d27038e91d1ad4feceb5bc44daf7444f76fd140ec7a94869b4f99b9fcf6dd68e78c6a0a4794d55a1c91756ceb9d28b43d9c72b26fafc25c71e63dc175b29282d4a70813b833c35354983f29796909a9ba515cc5c37c58e95aa6f35b850500ea933b27a5922188c2da64680362602d71d169f853af0564b53bc613c15772ed82f89c2f8625670179a83536972332509e7ae4e0726271c5381501d3d88a3cc34a56d80e3e553b9b595e358615e92f361d695837734cdaddd7068c441b310aa511407b53806f1fed984a73862ea2ded1ee67d14feb5d8661ed94a62f5768829d6feea30db392bf24f0ea103fd2a60acf1fcd4bb2465641712113375bc2c8d73650795689f9061608b65e0e608f9948f5efcc0fba62c50b8cd97f67df2b0eec4f5a0cd354e982ae6a62070f4127b6556714bb2267d558112638f10c78be201ba165e57ac9cab6f3e35a762b7fe83b3c7c050b77174a4bf14eb2cac4d6d58a94f0c02727ad020a6a05d9ed145151d4f1ed41d5a6d06c50c0e1d5c24d09100d4f06c50d06a332a95845f4192ef577dc484e7acb91f0b2a57c1f8bef97c23294c59099eea13b3" NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 128 count 7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e823c6ef53b110eeb3f178871cf436887cca9df061d1f26409ec3b410033d967":"f90c279e9e6423804a6505e8effd924c":"0abb50b222af66058646156d106df7c85c28b708395eb9dd" NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 256 count 11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e5cca71056548467bc9c2849aba67cfe0fd74c44d514535d2314022a3f3e6ec8":"326b6da4dce95c94226b63c2d38c4e005c566191b00028b59cc788e0af5261cc":"2a4f331f451589fd103d9a9cbbeae5d5f5be7acf15aa6e21c45e09362263cf34b0ccab7c8a28dfed" NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 192 count 8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"6a077f95496aba1bb80831280e7563f3a187e6d014342028349f766b791108ce":"a77b3ddac0e78c9176b7445f9ec349b2d85aa2f57e6cb362":"7c065be0a2173e0f14a3418779e7f3eb6eb7fbb7a3c20fd6c08b37d408bd9423" NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 320 count 14 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"752b21422647f1006de116360e88e2f6601eeb5aafd27cba56c20193fc1b941a":"a5948c20bc611187d688cb03caa04fb17774aa4f99ae3da5d821bcccfae950d72ca74b3a870008aa":"d71109224edc4233db8819aaca4db9c61ab5aad2806d0e985f1830acd8adde23ce75046b2057e0a23dec7a053bac6c4c" NIST KW wrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"931bf2c55eac657ae56fc0a9505a6ea7cc9af5162d844ccf01f19debfad09cbe":"aa8074a195abd88930825b947cbf3cca9810eb829d2e7a09f9e9cb1f8271986d00c5be478150fbbe990de8c61af879495274a60d83f98cfecb2473a35d86fba6ce839d259ede318a362e7abc1f8a18168606d5e680f456f1ca19942e67e5aee382536df7c28204b7842b99023336b735a861cf28363e7773d7b0bcf32b5fab14cb524249863fd7ce49a7a7882b53728f7ecd020393852494df09d9a69189ea713e730e002252af18864b948a642d7c0fb17b0cd5671f14ae340fb0e83b4bda920445927b8de8a82ac93158edbbd57fddcc1d908688770a07c27d2bdb7151d986e85cdf1606b0c1c959542e75090d8fdce9c2a9c162e6fd988746c9bc916ff3f20f054690173d143212b74c5a8961cd46663958744ca1334f6c1dfc13fa83c0a9cc229a1030c6c84d01751ffef54d0f9edb2a4851a187d02f097a5c716f8fbae29eae76738239516ed08c14f24f9378451e9e696742a4bcdd9e0ecba49fd05eb93698afaa1b0d5558521c7b4e77b15ca2612619bbd78f670a1562a9a0a0215fe64211115e60476525444b351a4f8ff5551dd198655423f3fcfb5967c4f77e25d3911504de1d034176d3ccecaeb31bd29677c7569c858ea24d7017ce0b31f1911f4fa14b2afa429c06115bc285ea8b90bbedbcc63f5f0829dddcb17e8f9d21bd71501679e514147e1957ccf986e7e96a0e63ded70a9d017162658a901f55b1001d":"6b75fa8070291ef7c89f5cc2060c56270f5077a6df65a8095cc76b717167e67af70dcce96de4aa32293c17d0812f666e1f42e7e662cef7a3148486d2be7f314631ed6606f326e9781c3ed6be1735bef8cd5d3ac7d2b45c4419ea61462baccc0ff87b83b9b6cc85278c0b20bc15e6baa0a15eedd9e99df82c8e61476529c98aebbc9d40d417f9af26e6da5d115acdd6007d83206c616a39fbe21c6331cc45af11c578532a7cac50aaba21f3cf317534564c2ee093ef127484aea62c7a90327fe9bbe8e45627974306d8cc7452e96033f0c8c30ba2d7fb644796a49c9b502d3db7d4995f920fe21962fd2b634c15be0d82e9cf0ae3fd2b6d45524e1003ab9788ee56cff3e2e62c5784061a5ff586b5907098b8ab54bb70fbc6cb066b071fedce10e013014d82162e3cc6f9be3b4067555907a4df55012a9b1001888c55dd94b4f8528bb29e7985ecb8a7958fc8559831db05002479b1f39e5de3659f3a6e8289d9b8ff4eaa3f864b1ea101d84b4c6138aa6ffb95dea4f825d23f5d368727ca0a8cacb74f7bfd70fccbc951db99f2f4a580425c31a8552fa27397cf8b7f420f13fdcddca553a5f31d8645615b98a88795fb4472bc7cd6e8e54707d7be1f3dd7d4871725f6bc0e65762f1e42e22c411fee6dfd8139068798c7ae9781c8e5bcf4732a83f9142edce36e1ee6e20142adf46c5abaea0ca78f61e16b6875927d4141f6b215da1f48748bd33c" NIST KWP wrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 8 count 3 @@ -171,43 +171,43 @@ depends_on:MBEDTLS_AES_C mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"6b8ba9cc9b31068ba175abfcc60c1338":"8af887c58dfbc38ee0423eefcc0e032dcc79dd116638ca65ad75dca2a2459f13934dbe61a62cb26d8bbddbabf9bf52bbe137ef1d3e30eacf0fe456ec808d6798dc29fe54fa1f784aa3c11cf39405009581d3f1d596843813a6685e503fac8535e0c06ecca8561b6a1f22c578eefb691912be2e1667946101ae8c3501e6c66eb17e14f2608c9ce6fbab4a1597ed49ccb3930b1060f98c97d8dc4ce81e35279c4d30d1bf86c9b919a3ce4f0109e77929e58c4c3aeb5de1ec5e0afa38ae896df9121c72c255141f2f5c9a51be5072547cf8a3b067404e62f9615a02479cf8c202e7feb2e258314e0ebe62878a5c4ecd4e9df7dab2e1fa9a7b532c2169acedb7998d5cd8a7118848ce7ee9fb2f68e28c2b279ddc064db70ad73c6dbe10c5e1c56a709c1407f93a727cce1075103a4009ae2f7731b7d71756eee119b828ef4ed61eff164935532a94fa8fe62dc2e22cf20f168ae65f4b6785286c253f365f29453a479dc2824b8bdabd962da3b76ae9c8a720155e158fe389c8cc7fa6ad522c951b5c236bf964b5b1bfb098a39835759b95404b72b17f7dbcda936177ae059269f41ecdac81a49f5bbfd2e801392a043ef06873550a67fcbc039f0b5d30ce490baa979dbbaf9e53d45d7e2dff26b2f7e6628ded694217a39f454b288e7906b79faf4a407a7d207646f93096a157f0d1dca05a7f92e318fc1ff62ce2de7f129b187053":"aea19443d7f8ad7d4501c1ecadc6b5e3f1c23c29eca608905f9cabdd46e34a55e1f7ac8308e75c903675982bda99173a2ba57d2ccf2e01a02589f89dfd4b3c7fd229ec91c9d0c46ea5dee3c048cd4611bfeadc9bf26daa1e02cb72e222cf3dab120dd1e8c2dd9bd58bbefa5d14526abd1e8d2170a6ba8283c243ec2fd5ef07030b1ef5f69f9620e4b17a3639341005887b9ffc793533594703e5dcae67bd0ce7a3c98ca65815a4d067f27e6e66d6636cebb789732566a52ac3970e14c37310dc2fcee0e739a16291029fd2b4d534e30445474b26711a8b3e1ee3cc88b09e8b1745b6cc0f067624ecb232db750b01fe5457fdea77b251b10fe95d3eeedb083bdf109c41dba26cc9654f787bf95735ff07070b175cea8b62302e6087b91a0415474605691099f1a9e2b626c4b3bb7aeb8ead9922bc3617cb427c669b88be5f98aea7edb8b0063bec80af4c081f89778d7c7242ddae88e8d3aff1f80e575e1aab4a5d115bc27636fd14d19bc59433f697635ecd870d17e7f5b004dee4001cddc34ab6e377eeb3fb08e9476970765105d93e4558fe3d4fc6fe053aab9c6cf032f1116e70c2d65f7c8cdeb6ad63ac4291f93d467ebbb29ead265c05ac684d20a6bef09b71830f717e08bcb4f9d3773bec928f66eeb64dc451e958e357ebbfef5a342df28707ac4b8e3e8c854e8d691cb92e87c0d57558e44cd754424865c229c9e1abb28e003b6819400b" NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 8 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"959b4595778d7b860e08fcb5e24b11f118fd5d67089f2ea4":"65":"1cf986a0fb2208977c37a4c3830eba72" NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"02dfb6662e0c1b95d34aaba7eb6c1fdd41c52b89213d5b18":"27361c34c2601fe6":"089f835f3210734aa1a2282c6ff30ef9" NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"9464f1af6aabad076661328bcfd15777da16a288a2660009":"431527c3a644c106bb":"d9b257b400d808a0b0386af3be9154fc7f2fb2d7edc06201" NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"df419ca84650ef28a1c5d1cb47917e4480a3aca4bd29dd5e":"3d84df372bc0b854c058441e952738ec79474b673c94e32dc78d23745fb5e7":"497e966414475938204c3b3d606d5160461c54dfdfe903b6624208d7cfc90bb403f384bfd54d1ed2" NIST KWP wrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"a85b4359ebd240012ec749459bc928eaa52c84e887ababb9":"9db71e2a2d40f6fcc1b8311167ae13fb101bdf7b5c4e078373c0c3cb3f3a3ca39a91a6985d3fdd48d93f2b5a09b2a69350da2846ce6a37d018dda95ddac93a92fda7b7c3bb6518dd78f367f70e34e0bf19dbba46fd13d3f3e0a1776350f27138c64b177aa39c54dc06184b320016b6305c2dea19fa6da634cd613d5a4f71bc045f555a1ccee39b8f1ab90840b5bae555932e08719bf38f72bc1057875e8c077a70629f46be91281b977ed6f2a71171a7cbaf8e0566e55da6220a85a7655758de3b372144ef76d0337d3133004c0db096b2c41f524f95706247a331d08a6ff72b425395fee8e1ad308ccfe5b0525c40803e529db72063731fe1644891bdc0d5961397006e1f5d6521ad4e5aee3544da101fd3cf6bcf879220a612b7016e5eefe7369f136086e8f5109ae83e8687519f2008406d20992b64ba1d27b436ea5db1fd734340f3b2279e026a96e3f9c5c7b99553e35ada9e1d7d708a73774718f9b7073c0889a298f212d47ff5960e04743070338f99b11687396da2120b8f132535c0911b04505c0e6c32590c82bf59486fadfbdc0f16a224b2f52082eb66201f041d64b34809e5e91cda89d80d78fe1e15862bcf84f65a301ae68d097c9be09f3411c11cf83225733dbc9306ad2630eb7994a0d112ba83dc542966414137fd008fbb7995f649edf844fe5ee86b94acade1a04f42dae21928b9b0cdde8cc66095772d":"72880f9f173f0ef4d99e3ae71f6f3b94f66a08aaa22be1d206faf431718c1a29bd0a574b1a28b69f0e64d56d3e43617dc73506a939b7de9005ef0ee3f02b9265e91a32aaec58b7ab990f39774f6769c9be9ced3339f6bf0159055abe237c4c755613a6c03271abea3bc89527f284a3e1557ae26b3910b779a77a128e773d11d7d641479d02f4888c989cbb8d928da0136b965531730a3c0c32404351f4c2390d996dff58985ed1d4f4021a5d6ccedf4555066a826a04055cdf8c9c44bdae26619390b3e22b064f86b28382094a3e299d55ab335ade601699e85f19d6f6f12407caf84ad47f03d75198691f1a9b2aa9ed95e508d8551b19601418922f3289fc1efc3abb1ebc2f4886dfe325cddfe25dd908e5aef8ad197ce2703e692b9c46a12201fa71ebc2e323ff8926ecc059ffeeacc0446d3f28496f17f1b4ad6504e4e24188862e25f3dfc36adc7f79920d88e6c53269cc4e5dbbebbba1a2347154683c840d178476ae11d6ce574c26b8b895957b8623807e8831b87b5639aeb415adf1bbef394046deb3bbe91a5c17f2f67131ae5f696352a488e3bed40df025e0a0846e0037847350fe8ae3cf73141d0ec550d82b89c05bbff7337bfe846411d3f0bd012e4de2fe5b83c7210214c0404b40e08abdd3f4bc441f9b6e1efdaa4ac13b85d139f670a6060a1ba8d2528bcd19f241d9ee5077d20c120f2b484c67c9c598b1b209824c3b8aec2b7b" NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 8 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"0070492ff3aaa190496c72bb0affdb6fac7fa9cb32e6e91a46ea34863422f807":"39":"643a9706af6bd06410b70ee38f546bc2" NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"c6e882f5b8e361e43bb3e54d5a7b8c690f485bcbec2dd2183c7e623f6b02c5fc":"99ae80eec64630ed":"de0680b34f7374539ad9b75f08f4d8e6" NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"70da43aac823c6dd37d1109f5b18feb4503c973288989745e2cc1cc21d9570c6":"edf17d966ed896aee3":"d67b5b2ad15c645450e23b5e7b6d682f8ae20e716d470db7" NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"e941febe4b683c02dce56194a86b72d4c569e1fc84bc7a6f24c3ae2b39bf5440":"c168cf12acb6679c24d424baa62ed56559caee163a4efa946478ad43d7dbd6":"4ad9979caa72fddff0876c0295a57fcf74e5980fec2cf622191ec6b5aebb75e0adebb12d0862ffae" NIST KWP wrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"20f31cded60b8ed8d9d3fd1e1fa6244e76c7cb7628bfd28a5d63ce8aa2c9494d":"f07225202842c8dede42215301e44b9bb7e625d3812f74f9b6ddbcd024ebd1f33e2cbf280b9004941f3cbf86c880a2357f88f92a6dcf8dad9da7dddcd00f3635efdff0af4382024e93c2af66b991e565eacca6b886f07178c9b4adad6f0d6ada5ff6aa7cd0712519a947a8089cea5e1e3e40ffe1806010b0149f9ffc7c4dd3c31b3d08d5ae1997c52369393d58611dff9bec501c1ab35e6ed3e7f9445a34e211010a8236686f154e0a5ae3433d6a844eb3884961aa6592216d93952b46bb58a4195aa80966ad0ccd4a7e23823912556a90d5ee9c3bb952ecbb9d895dabd3b11ab4f2e3a6c2582de50403289230ef4dc46e7c0d870a3f0cba9d643a0349503c1b162ddb6350e699589eb47bd563999f55a1adb6b78b52f006901b0427ea7d3394bb0adae4637b4f1ad5d5425e2c8ff3083506d7ad7ba4c7405a778b0a3a11760c96900a5256956cc9710091d073a19f46a985d004651fe2b6448ed761bf9bc81619cf273a6783d868d090753bf01318be21afd88d9f3a961a69f93e9d9fb822c80acc7b48cf14a08b5b7ef15c66975721b7cde9761a145b679155472a44dea8fedc0f86ae7ebf6283ecfde5f2444b51569e6723a7a19e28cdf8dec6791ccc14af95abad018f741575b343cb1a20a2a9adf4248f99728069a1e2e78ad8966c41c9918fb7019ef56c153a183a6247d22d9956564bb03075cbfd1b43d96818b28484":"a5b63618fc0c4512960f00a1f226d9837a90480baea75265453b9553b12a58c72153080842d7f8710f317f88fbbbf97caf879ab4bf416ba767ee9aeb34357f4a2d0e8b9571054d98e28804a70bc4d74807f2bfd95ee955bfdbb6f4d6969a0c3c3b541a514647d5cd8c9740ac3496095c3f145c50c97ec98b935158fbdf89705d5330015e48ece89188b8c1bcb2ad6825d865b375a9b9056b743dac720feeac033c9f757f6fe73dd7c4a747661b64cf490a0dd43b547cd791a5d78dac97efcd355f7ebac248fa2a33e4fad640dc34e0d40b0d36588aa32f0864c9446739a6b44ff84666d723bd7d646c5172cda932fec34ddaaba342b02a9604087ef042a2be4774194b5d32cb3fb112438fbf2801050b5424635fa2d3d3fb10332965c73e6669e65195310a3a30602640e9809179cdfc50de585aa1c0072423c626815d281a06eac3b6ffa137716318e288e3f9970e415ef0451bdc557968febf9eb6772c1f77cb8e95701246d9c567048142bb25e340351b87d7391822d9ee7fe51378bc0d08135f9f39cf44b348b87937939dc61f430dfe308cada632722e23aed5a0699e039cf0563ab8025163744b136a13ce3c62c748c89f5e17540f105e7c6ec9ba13515b504342f9e6dc7d65b9a633d8c0b5c9fa858dbb9b3a594406d478a81bb9abfa289730408c1e303c663a61d5caca00f615065312580042862397b9aa8c80ca812887664c439c8c68" NIST KW unwrap AES-128 CAVS 17.4 PLAINTEXT LENGTH = 128 count 3 @@ -251,83 +251,83 @@ depends_on:MBEDTLS_AES_C mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"6a7814a80acae9d03eda69cad200ffe5":"e1ebfaad7f6d46cd03c50ce4e9543ff01150e9a9a69c4bc8198fc08601ed71203e39375d600f69fd762b196bf50a7dee2be55574196005c8ad53234d789a9fa6f2f0eb7d7b53c7e39a7c70e9ef93c58bcd45c0f592fbcda19b5ea9a118bc2a0d49c8cf367d4c90823eafab86165db3aaa22eee9323de7d23b7729f7f088be9db421fc8256c20e5874bd0c8348c4a6e50436fc94136e568d0aa4c29d7b65136bb378ef010db091085c9c0802466d565eace2c0bd91648fa82f8045c57cc25c46bd8c9e4060ceb00e092f7beeaece1d4f8a2a01b5b1dc9de3c7d2ada7a44d4600085b7e76929198b9823b5ae0f74c652fb8793cae7c16cf062f39136789b213d1d500d560bda89bfc0df0e6bcb07fb4a48914e1af9058b73751aa4d98ef0363e48f9d1ed42230eca1b7b24631cbad80b2d4bfbc00ad1ab797c1c459214be8f64470b4d267ab576fc1d3c86a42610b8282437dc071336c325e606c2d36de1b24595f4888cfb2ddffb46557c964a4ac53ccc1d214d44ac84b8322c93db03bdf2a04b303de4f8482b8e7ee25030aa5ad8a8bfc5dd683726a0286486356f5a965599313a2c39034774ebf646fa7ccbda35316c54d443c6da466d9c95d716016326603c3989bd7545e3506333ab3e2ad7b45b225bc43ecb37e4c301b389e06b95f09b1a10beb5fd5320234fd6d488d5691ae2e078630f9f57dd0870cd617c30bd67ac8dbf4b3a8cf61067f7":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 128 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"26045402548ee6196fc0a60208ffde21137ddb1c6c5d2ba0":"fcd55c2c60ff6de19ec3e6b13490c2821f0c565abf10be2d":"94b8276743184d086962ce6c4e63bd53":0 NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 256 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"b3a0aa60fb14b658e1eb1c1a5a8e1f60307c9b9faa2f1587":"fdeda2a10e51da1817af2ba4c9f200414aec67545f5e71c608e85d14da8c5567bf51dec4ff2d8c05":"65986b3a6a3658a66cb5beb302540bb032b36c76d040b24fe278a1473ad4c32f":0 NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 192 count 6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"f0ee8ab6f804a2629e163b58c1a9e9039b53ac60493df11d":"3593dda0daead2dcf850f8670b7d0692332f57068213a772a8244d058e5634d7":"401df0c06aa4c58a71b9438e11a11a239f577b6037adf350":0 NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 320 count 8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"579e58b2bf9c34c31e8c644faef6b698131624063fb2d795":"b39acd09d9bf9daaa89304f76402065cc3d863e12df8a966f037146db9619e7be5ccbf50206773c5eca35e36492ef4b7":"9c1f66267c2083a42f3da4e754a073c1ff151681e2bc070e6e4682065fd109088a096e72024fdcb0":0 NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"366af2c7a1d7a1ee5a7c239fd526024472f674ab039bba25":"36fb77bd3890aa0a4a4d6f65d671156683c48214a327e5b2b0916c0031f9f4f2c643ca721aa22e84853096bcedd7ef57ab2ae05628099bdbb55111358a06c1e99233b94a568a3f59b06d8a64332acf888cb5bd1fe8ed344937137eff629bee3ad57c73344df80b303994889bbfcd0ec08b13b687ec909cc847f383d3ba91d108c84254af4ab4c22df19897fef44b62d88b0c1b269163de9a2db56a26c4dbd0481026d27e5003153eec761f21c02f4d04898dd3ed961ab158e572aaf3b828a30eedf62a8a7b0911eff27db48ce1b7bb79b14ba43d7ecc1f87c82664c99ea857746c99a993db5807f0fb06114c00428b85ddeb9cfb698d282b1d70eb7c17d4d12575e58103ef1ed37c558d7c312f0fb1d72cbadb84561a41e4745492c8b1eea557efb9f1e9664ee995aa82e7f2a1c86dabed0b2fecd9e938c796dbf2f9b4dc269545ece94e354ca3436e4c6936b51cea7abcd2e49fa263f79757c4b5a8d18c2c6a26435fbbaf3fc759bb323ffb962bdd445dc7e5c84f9d98812e7eae254d19a06ea378b1b262daf22b634dc30aaf9d911cfff0905e5e2cfdd7dde4dbca75729bf33ef6d27d5993f19c9a3e60fccf5fa201963cea0e7caec99d79f83435d11e3a90905103c302851c8d33cef77b39c104ad4d8f45abdb111780c46784e6fd6a78e57862350a671ecbf01dd936b8dae4ce4a91d86efad8b04724d7c17a89b1d43d8abd650f88e17f5df1":"40bc409ed0ba1966e733be4b2ff9d23691e6a9f44b0abebe971a47b4ebd51bb13bcf70bc1359f6b5e670be2e6b008ce9d219abd61ad20edd97aff7458b81e6114ea6d9c85a03400477b1a32f09ac5cd1a963731246011ef4908bacdbfae5e5921cba143b9395d17386e924db6ce40361740c6ae5acfdc979d45c8af70b443878adbb04bad439c9937a30bbecfc50b7005782bd01e3a87538220ca149286855129bd189f9bdb55ed1f7ab786f99c289032123c814e683db2f10970db79d2ef87f5a8a2cbbf7b9e2c447cb22d2a9d0f8c2b093a4d8aee57f0b05c2ac4f4ef780bad406b847d3c9d175f659105795236b072e96738043cbb8499292ad45acf7e576d8decdb635aeda6611da6c00a1badc11962dfa0643a83b865099de79416c86448280aad32f6797ef2fd879ba46abf36c9da45da4d0c936f6e25240cf30ffc79647720bf10ee18743f1ee3397dc0ed967445bb7b0df8eff0887d3f84abf20f0b2036837dd0308ed4a01f9d6447a9eccc9c471e75bd32f7d760216c326901ecd8590afcc2e697311e29f9d704dbeec409cc8c7fecc12fcf70cf9f718c12579fd17cef1e6bb44f89ad418005c2629a96275965f08c54a53e31cabcd4fb17021889bdcd4851ad33bb0d5438e55ba3b759dbf3c50fe20e6f3b8f1989f560818db1f2079b91b1e2d8bb22a7523c3137e9a30ab970f6019eca225e4b42bbe061f3b7b43":0 NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 128 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"9200a0f688d86c0b6bfd9abeff66341684a373fe3f9a3057":"5c685c8596e374710fe327bafc45cd09190215fdcc03d010":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 256 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"95c9e644559919cace6f93f545dbfe48b130808ed66d0964":"7b8d1307e992221f6ffdcc7909d972d5f02e92187139cfd77f79345cb998bbdbabedb3ac00a6cdc4":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 192 count 7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"ffdbcbd0abc94c7f15e5b6e8a7190f1ed4f01be11f4f7ccb":"e9ad95c8e9185a001509c50ae0098d45f7032575c7b8fd90a561716d2e5804fb":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 320 count 9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"253a5cbe79a291c0af1a3d7460e7f284bd672cd026753fc4":"f71014ba711602df5cff2b93e86253775ea308bf83fde65fbc9a9a7852f87357330450072aaa3d6ef8dffbee20d2de7c":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-192 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"ff8666e4e538a6cf0a2a002b63716b06ec5f187785c2fc1b":"f5bfda19b535cf39e240d5b42db06f385fb002be273e46d9e5ceed6be4b5f636031bd0622ea0b3abd0087a7280844ce7260594201214e601ada0f686da6e9b45fedbe36c7d13db025746fa6bba2e540a417a29cdde32f9a7ff56325233bf60929bfd49f80e21acc23f3abf572d81e96b556f6f4f20a7e00c1cacd6fad07df30d40de593c99f73dbd61bf9d9d5269a56006ae85d588324f7e140d9775403af631e695f7856b1bcaa377aa7f4f12c68096a974ef703435102d7110f4eeaca787744c942be1186d132bff2b39f160157617bcead75ae59288880fc0e7db9877d854f553e90e1c917a99b8f357082c50bf3b71cd30d016f164ccb85bff50212bab13cca8dcfff0be984daead905ab13054eb12908a73f37ed42c5638a5a410ba182a2bee2caa84e76af2a715ddd24e837988ec475e506faa130f0241e08d92567a69c9645fc2be3945d65a77387cfa307562c9b6c7055f98956c547ccc109da9277292f47cf43e3cbc0d2e91c916e4fbd70df4a980e9430f5c1c8cfbd6c83f0f756c436bc07e86d5c75aec7e4c039349f71fbb959db709427a33869c523c3486be0095c1fd61ac912cafb9065b94916afd9166d73678ffbcc396a037ebe75e44cd824b2196903950b528f537c8baa70530251bfd8a6f37b202453993534c06aada0d1dbf760879d0898026997f1baf63e343e94ae076da7d41ea325dd23ff2a9cbee74baca05a538543d":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 128 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e594f0067cedb74e883e7746d29ba725c884c25375323f367cf49d17ad0f567b":"3b51ae2b0e3ddeed94efd7bfdc22630187e1f7624d15ed78":"587e3f6c75644bb5c3db9c74714f5556":0 NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 256 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"049c7bcba03e04395c2a22e6a9215cdae0f762b077b1244b443147f5695799fa":"776b1e91e935d1f80a537902186d6b00dfc6afc12000f1bde913df5d67407061db8227fcd08953d4":"e617831c7db8038fda4c59403775c3d435136a566f3509c273e1da1ef9f50aea":0 NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 192 count 7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"e86b9c1f74cc87ab8ca6a2fa1723fef173077e684345b90dacd3d485f587d320":"c97e8c25d498430300982cdcef592e34176e33e45cd59b19f7605f52e3c7b997":"261313cbea4b246e53affe1f84bd4c900c9b1d1842d79337":0 NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 320 count 8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"5b7f48b8ce77007481667e9900f3077a0c9407a70082b0de29bbfbd716a07149":"3ed16c7e4fed98d76092936e94fa5696c787ab63cb764e930fd37f917be4e7e60c90f327f0865d279e6c449b96301ed7":"4e0e6c45137efbf858ce896c815268a10d9869ef5668a90739b7eff99617691fe63b911afa53feca":0 NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"9e92fc974e09541e6cdf1415575511436ac04a56db186bc0e60f0fac9bd58c6a":"201010a2a33fac1d20230bf5254204801de29e66cc44eb391b8e77284b3dbcfa3fabbdd4d9423d96af64ee0dde35786d79b7433021da27d6be753f91d2c1d63b40e9dc265b4a27cb2a61018a60ba5e29813c012b6acbf7d7d101ce227e45b5bc8a16c604c83a99ef35aaaa44fcd2033cddb6122db2dfb944d4b5c16dce911c5f4a1d8db46785534e7a090e31fd2192be64fe5b72efaa8b7965552bab4a20c8eac9a9e7b35e77df0277a90b0b1167e14a8be8d0bc37757354eff920ef93ad65c5a49b04bd553883efe9376811986002d4270d25c5749ee1454270a191084fdca53ae693f5a31b13929fbfd68b331a4fdd2259031f812ecf50d042a55fab302375057cb5b36735bcd2d75f745fd4a92580ecfd0fec44313ba9ca8cb1893f7a329638c17608c170de0ef68123c2233fea878fb1b49ec7478d9cf70591101bfd2d6b0328a27f7c497061b79289b6db4e46199c5db8121e9e1adcc8d64c85c27e329883775073d5f61b0bc470169ce8837b61fc23bbbe7e07d265b32cda5a94acea4bb2e52af17e13818a7ea424ca7fae7677caf405f04e37c2cad0c77eadfb4ead593f79ecbd8292e47b7838d775af9d9e252c6ceb147ccc2aadb01f8541871e5080109f9d94afc9103579bc9dbfcff8791d5eaa68521806590eeea74f411731b920a91c4f4542a60e6ffccb1285dd30e74292d5f37f33d4cb74742ac98c7a0475e069828dcd7d8301fc":"4b6f2257197b0692e6026d531bbe2f222a6764fe1cf277b0320a6bdf9efea0a3f304e94fd22372712f751aa377264b1600f3c1e7e0ada846082ab4885a5c9a51b1b25a593a269a7ca1b62a28f1a11b80fde57f0b9c0fc0e38e8edea8a294e18b4b1e0e24a5ae0e9d9fa0d8cf02378e592b322ff04c5a487332b5f58ad3fe9a0c20a205f6872c9e2d0c52c5b29c5c2f008444a3e8400b4822d39f646f9ed390c352615c4cca8cc0099ac1ec23ad7ef581ed33f9fd4a8a58eb240fc79bfc2df7c1606cc52fb97493fa59a0dc8dc01fdd9fc9fb51a2f1e9fd6a89cba67f001d105c456d99c3b1fd68dc9d01b1b8e0e4c2ed4eed63c0110ea6ee96b54eebcd56c5446dda210a9e143366014e72d5e4bf78bacc230641789ae7caa0e37682190d8007aad0a0983e7c970a6feb1112ee5920f628ba03493cc3b340aa9452e6698f818e6e409cd0a7f660094df05646ea0e6c6aa94e933f4fa4feae6207eb473f9d80e335d6020138f1fcd085a336bdea158823cd47079a89ac18bc8541918ccb6bbbe1aab5ba7d9c6b5fc9ba17cae707a556c2bf7d1f991f9a8ebe0f9aa6e395defecbb508cbbf68db8da443ce8fc40149c3c84314986615ca5685e5e2162ebc617929a7e402a6262a28e646d7f503253c30ff2e37ed6580676a9978aa2f5b4fe82e1c2fb83754fa855ee54a61e64a16b64a680732b14671ff55b3f2a6415233206188":0 NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 128 count 4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"08c936b25b567a0aa679c29f201bf8b190327df0c2563e39cee061f149f4d91b":"e227eb8ae9d239ccd8928adec39c28810ca9b3dc1f366444":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 256 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"605b22935f1eee56ba884bc7a869febc159ac306b66fb9767a7cc6ab7068dffa":"6607f5a64c8f9fd96dc6f9f735b06a193762cdbacfc367e410926c1bfe6dd715490adbad5b9697a6":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 192 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"81c93da5baa5157bf700fd38d7d67662670778b690cfbca9fe11e06268b35605":"875e1ca385586f83d1e23e44ca201006df04e1854e41b933fd607a7383ae1a39":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 320 count 4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"c42c53da9bd5393e63818ecc1336ec6dfcf1d633e51ebb51c68fb0997c979e7a":"52f7b481f72bc2d41edade5388d38c2ff75765939576e49bab400040a14ff488848bef57d1502c06a3faad471f5c3178":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KW unwrap AES-256 CAVS 17.4 PLAINTEXT LENGTH = 4096 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"7b51259246dd7252f6a7215fb11fbeabfabafb0f8856afae525af8feb81d3490":"c625853da9fdb8665264c30539a258ba61da8bbd214f3f493e292f686dce73c003aea5c4070ea94b19e486019b18a2f3f1d836b85414bab14eb99baa283cafffabc8498cf1151489a6a6a0d01e7041633c94f9cc6cc3dfcd661c9c4a0bf77d9be168eec29cb0efef33c74d2dad18ae2ac2b5efb519f4c1f12eaa7a7d7959e7a6dec681e4d1878b20054b7925d2da0b2f8730604445ff3fca3a06285a4a2d86648f10a2bc3cd422646f70224ec9025e7ce701c8b521c0392fd7d2ac883f2a37bb7e4d53a92a620e65e090b91dbcdd616a13b3948eb1b5a6b1bde80f03dad61aba3223fd91ca3df68b0749fd049813a7ab0268445793b16677bc1af00f877097cb14798777ac817d0df82507aec246f755ddf95b19bb56ef9f2e730bcf2863648d8b164656df37977d54eaf05063b0ee8ba61c2a2ba7dda8fae337d5f6ba965d9e643b4534ed9f4eea7b2b26680fff50260e245fa0d63139b40e2f152da3a976589e957be22cb0885cd582aa9468b08f08a22b486767a6b99c1778ecbd763ebfe2bd83c6191f4e8a84972e4920452b2b2dd28be5d7bda05dc3422419793ca8c26defd3b42b2cc99bbad98e7461f034abf137d7b3166c94e20bdba091653c6a17ccc4faf86a7ba6d2abc0ecada9103e73d9ee4659b6e991a1a209d2ebd96c24759c69ad13a03431ddc05abc20dc8581b1e526f4d98f6352ca4c77f5479db234125fa585ba275fbcbdbf":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-128 CAVS 21.4 PLAINTEXT LENGTH = 8 count 2 @@ -371,83 +371,83 @@ depends_on:MBEDTLS_AES_C mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"4b4c43c9de4fb4a2a7a7adafeabe2dbd":"6e4d08b8124f7d3e23303fac1a842014f95e3d71c438f8f1990307842796dc5e404ad81802e35c183fe000390a12c81ee684c5cf26c1d90e414cfffe6931b0f352936fcf0b31429eb5c7612cc359a15371390e518cf5c6a6bff1bb0348d14e2c39b98c9f30672ed2af1d96296df8b5567db25b9510a2083461810e119735490058ed1b46b7fdfa885041d8749f90a072b43ba49f2f51fbcda0dbf3cf99fca1d8f46330e5f6fe079d6679cfa26214c8831b782aaa023a2e0ea91050d277dab876aa6865f2bb3fc1a4a77db52f6179d5e5325993280948b6b7002b572829641d35ed3d735d8423e5b24673c4570ca25064fc2c2ad4840632536bcfaf2a7a814f3eaed92b4d501bc51c1719a0d8d8f420b66db845682bb41c88038cfedf13417143a3a701b521a9bf0bb639875a728c3b5ce6ca7e7a45bc75285c193902e6b5e7a4c6e720493d3937bf485e587bff894f70fd6165a1d0129cc673a992e0a4f5489d228a066b1df60002ec0521924f8d672cd1452fec927e58e75807b2a390256f920743fa4d0fc8f59f2469a595ef65095ca0c80adfc843e9e69b6d4a3f824af47b2bfbf2a7a6c1b650378f096f6f0bfabc752c8f279d4f45d56d09dce97962c119de3a64d83b93ea55066f24d4238a229ae86e6a7857af1d8aba823370a72fe358046049a84a70213ef31d9e77a722def8e21480e79b71299438070946bd459a7251707446c911e381":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 8 count 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"716da5cce5877d8f305b5478d671f6c73eb1bff4de15df07":"dbd5247ad2445575cafb00ee7707c218":"bf":0 NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"b94bc10b85a8c2f74a66fa723a25ea1b398a4f627efe1ce0":"18eef64a022b2c7db27648cbb5f1d5e6":"19c0f2f78606fae7":0 NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"f61cde8e515d59a8ca95efb1a98ed4216c4a9649151babf2":"83fce85e9bfc6ed784b052472e5780fee662f17a91faf1a9":"1c6883862ede37b31b":0 NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 248 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1c883af75147bae6f34205cd656ad30ec97e617456591ce6":"f24f6747711cf72fab0422026c6d548ccdba786d77ab900ac3fb8f39f116d38e92c82d5fd9a045dd":"bdd793f086d8733f69055bd79bbc448be857286e918fd4c54be4acf4eca5e4":0 NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1b38d4b366f844e71a8db6be2b77a05a9e81720d2d3f31ee":"62ddc158ecb048250bde439dc7aad34dbe7667d330a349026266c24cee9742953b623d1e247e501641b45b60cfbab665e68040ce06ebce478d9d77f5f344943a1edb14f0d9f165ecfe407031707961fedcd016559228bff5761cd6542944a5d86f9acf4e0a4114682c2312b8d4e8285d3efe1a7c1526642c73c332a9e484377a1c86714e3cb687781928c8a5fe28b4aa74e79f53ecd00793e00041b39b172e5fedef3d4164dcc6b2d2e47994e73f2ab048a4adb8cd94fcd7767314ae40f8cdbef2b26d25f74277a2f88f1de56342a0ec97fde4df2d052e6ebc62622f65725d845f670a647808666c7325725a3428e26fefe725c2badb8a8b8f04e30456bd1fd39fd0f7c782b7a2bc9d8c53922a54c5f103551271af6d7243133b96cd1c108811e4beb9a56472c1f9823a1e88832c5505e07cb93b9041f4b8d69cd27403680a18bb3848c269babbc52aaf568ee8245f4f72e177257103dd4bdffeee9b48e0660d6c2f4dfdce52462d0ed5cc5114dc0aa5a35601c9a644a1fdd3c57c3153e65a108eb94eea3bc9979a67a2f569eb7398a4bd24547c15faa361bb2950a379a1cad1737f56e7c210652aaea7581f39f07ee09a101fde8c34c3cfc404f2b8f682735fc4c721eceb4bd2295d8a74ee3cb858329509eba9049e7e791e04d8452b50c6e6225b94a8cc10ec1d262588fd2f05eee08113414e770c83caa84d310559286c393799117c177089a2":"b1c88d3e5648218ee085abcfcaf7f362f33e4d6de363cb84182af9f18a31475f0e14ae8eff76ca67455726392a110ca262b90d040abf49beb036db096be053d493787a67e983b63945277044acf648172c75b38d7f81dcd58e3bbcecb963dc95863877784ac04eba83481152c30b1ca9e9b78fe537deee6c95933e1b5fb414cfaf7ca1dbbae8b114f0538f4cbf433ef214b776faec9ce1d29f680f4c88ff7b9ba0e964898dd253f5f82ec9f25663ece9dbff5e284f63b0e0fd07fb13b41aa8359f1ba1666bcb26e65d28b1f899952beb28b8f902f048e31efb6ab4817cafc6d84c7f4676b50936715667a67df7ca965b3ab2a5fc472375b1446c810242eb1cb78b9ac496ed4715e0f89a4e1ae0e2724edd59c954f54196ab55ac1947528fa14e716b7707aeb023bd0a2242da7ac97f3feb7795d9be05cd5b1cc33095599ab4c4d8d583c9e2a4d4ed12b836722370569737fae2d6fa60c8a5b8a80fd71129fe29395746eb746528a8845c5a9d50e7bc4372e7f3f9c6333feec791529a6ae1bc0f620feb604f56969e4ea3445810c72dd0772856feb58f09796f461f7ab1b454c303c810eec7526aeb397520b6114f57a4d906e974e8d4a910afafbb0f030b18887b951052d18578022cb7e33408578cdca34f32012f62d3dd35cb74e9d0fecac52231c5cf5a34d470d3b5413644c4e2af1f1613093a3b0550f8df26d033a35b9b":0 NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 8 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"df8f5124b1e03228f2b96f0df31924bac1d3b5d094da22e6":"230bb26c1ea9d5c8fcf7c122ea994f41":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 64 count 7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"94c8dae772a43b5e00468e0947699b239dfe30ab5f90e2f6":"239c6bceee3583fe7825011e02f01cc0":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 72 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"d81b7162dc6e9e18bea6e258bddb53a1c9f22a4a7177d9dd":"4f3a2b7b229a665776f9cfa42e0c2a615a81f69cc0f0f465":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 248 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"688833d56cf1a0f492bf1f7e35c2fa6299a2b1b5ca2a2823":"4b7c17d7a7189e7955c03abb0ca95fc0c780953787972097ae596d46fe2a8cd75995e6309780ae5f":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-192 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"4b0faa630930b0ff8e624aeb4ddfa018a858cfa653132675":"1640db081e87ef7797a9f17509f5bc67d40beaef096131748f413cac3d2500462b61140b31bc3965958af51351903549e4a71db589a6bc67d72ec33b8605a25a539a2043704389e3e0781152dffa9b64d6ec186ed144847434345e6dccefbe26626eebc4c22e3957b2145c46fa11d7819d4195cb43a9db8d2de507c023607548b56a07628ce4c706939fde1bdef8364b2b8fb7db30fc5c8e99f29876130d9f71a8486d99f2c7fc09f646918d4c60e53c7b9f9a8a1e9a023d70448f6b79c3f35cc6b9ace0535147f7f27be66d918895b9106cc83eda1aacdc2bfb7daa75b2867ae63109ecbf9423526511c64c4261e395d9b5a68dd2503ada57cf1b8a18336b8d63d248ec4dedb6e30662336546c86ef83b53504bc3bedd85a027b6b9f0323bd9380d9ba696b77072d98f96b77f9b3ad9e219715122b2dd033529eaf7ecced8be6d1e6467b8e4a61105be9b7a7ce208b6dd6bd34481f80b3bf534fb87904d45986931a088480a8040047c681dc4e8ec1c625a5449d9ab28709d04989c4b1a4ef0f1e379d37fe6f0641b9e705207e9a0652463cd5da71cd50321116d4ff1cbae08063df336482eadc0d117bf119e01f2577afe182e7fa477ec53b754e347a2c742960b9bd355f969e6ae1df2210e75bb44c598b683dd4c8692f4cd1b92125ac9ed10ec4cef6289d3f815cb894e74dff0bb72d51c43cb420d74a31c681c10ad7f9258d77f1f186c926a":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 8 count 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"da862b25a629d328cf9fac7be0d6ead1cb2404e9bab87a2381a46eb1a81187c5":"5e01a2b9b8413f303a3578d2cc255fda":"d4":0 NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 64 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"362586d516d38e4d58b50a441443e75064cf6d6cdb6420862932ba7b0480b0fd":"ea7ee0f5af3a271a9777838ed13c61af":"f1b92d0db744bfee":0 NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 72 count 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"0e6d542f960c7e61ca190d7fd719fda157030a0a013164613a8c522b52ae685d":"b5cae8a82095abb3478ab167dbc0201d2f4dfc5f81bbe44e":"a957eb4ea02e68ba8b":0 NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 248 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"0445b86d13b7b76c0089a63dec70c32fded9607af63714b7c3cc724f49c1c6e2":"7f63167976e71e43b7b135c8cd12148f826f56e73f6fb6e7f6cefa23c34302ff374d44dd66b6bb01":"7af8c3b32e61f8b5c027383a273927b8fd09b75692bd0b713ec8ecec0bdd2c":0 NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"08f5c088acec18e6cf1f03a8f85d772e327e7fb07f8c2939eb554e84c42ab93d":"dff30fd43647d4be54cf2dfd6187e2ddffb55267313f980fb09c833a9c2bfa558a95861711f0acb2a5c7e731ba22f24a9c4dfdd9e9b0216e9088f817a175b9835b0e17615687a20f68c067205626494cd04fbabc0b3eea7c0a4cd6236bc8b3e52e721dfc357fb8a3722bfcc4c690d8f63dbb864bb6e3a15805aea7270f8eb748deebaa2d066fcda11c2e67221f9a91d2c29a6c79ffae76aa80a2590b4f9e35f623fbf2f8ceb2a205493077556a186e25e5bd52dcff7bcc6909b37a66c1d1431be1b363bb40da25386eaaf5fcabc7be6422a04434a21d1d3105328e7c56770b9f59b03395e4138f5f06fc7e6b80dab87b08caa7bfffc45a095c15263efd3f06c651ded6f58074efc20620d704997fc84721a0a8e9e5b9f5cd330bbb156b31d9d1b1c260e4a24535f30404dc5b2dd6b35d916a1391b25a7d8790be09d85483ed1522074a2785812005bda10dd55acb245b3bd3d9bb777dd23f9b02538ba1a114ba53386d7ca4d9524b2f8a18e0ffb21580b560540bb2146f08f04974b90eb324547d56222df95f44bc6e5f183bef283e4816fb1b2933f9c7c6726a245a495e304d8318d0008c51b0be8090f8f668fbc3f31e073be4b9e97468f4dd8c798e9d682868df493db8a85738b58cfd005190f365849072577772672c6f82555c65046eb34e86fe61103327a063bacbbe33cea7eaa3d1de45471b7269e1b6b38608626e323447a3d5fe0599a6":"8b68f66a3d2f59d419851b94d9a6f2f0e667f8125e11d463a6bc2cea46b12dcc40ce8018b204972c735fdd6d2d05b628f4905c6690f5ac5b1b51e12f3af2dc3ae9b9dab616f0a2a66a1ac197592fd5b15900547f32f54110b58d51a0340aa80e9eeb7b2e0eb97e80aa22ba918f2fe1c678c730ed5c3d8d24774f17d8ab6e01a06243d36e764df1dbb8af1faadbc55281f0242abd7a162c984fd0b05ab8b0bcaedffb2962024f009a8d7c9e71281c09f52ec0707ee3bbeb1ecb918be6ae3e9c1fabbcd3512af928db3ba6c109ff9e9839a616b2a53f092160a48222b84d53cd52490515ef93e1ebb33897263492ab8ec6fad2e633276ae367f76d7f926309478c0205d4f22506a451795dc98f5410d8f5d3e049cbedf381620861e7b4ae08f2d8a71abc1f230248cb636a2d7b4e7717ab2b7b5f2dc6e5b5a18e8043254208b50fd6f8929eaf974c48551233661ad67321b64d69245d536d9a8ca2a6a10966dddb9d2ce36641c9281c460ae524b077867258f638e6ac872cb5f5c6fb216b1ae60a9d0c5ea0dbcd060f255da26111175af4e9935df59ddade6a2a70cddff8cae6a98e4f3843c2dd59d09053b07b648a46f5de0eb21ebb192828279a386ea3eedf2cdc355d73d51111e8c1d522e059752bc56226a4225bcab713bfaaaec78167d7cfd33e913b26fda93ca7524aa8a8b17977c88ff9bc23ea810b4de59eac18d1523b":0 NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 8 count 5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5fc3ef43eef256993fb00e6ccc90f60319f10a3bc9fe5ca4ec876c165e2a7720":"f3d922a948969acca293bc3daa027e48":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 64 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"398444df32841be9e699c64faa92630c834564b8384876dceb471c4056fc8299":"30032c9a3ed00d29512d8c725fa86a4b":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 72 count 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"64b69233fe392c0bcda28a931cc3527b1a8f29235c1adf6256556c685cb89b9f":"6b5fd75ad16eda04a8b29f1bc0411ae28befbad9e474f2d8":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 248 count 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"8c35fb77766d04f48d5b52275c5c5f31f568078419e5c2335918965fbe53cedd":"bacccb1714dbaa4908c2654aa8dbb1ddbddd8ab819429b026619fb1c0fa75a8247372b2feeab1e1d":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED NIST KWP unwrap AES-256 CAVS 21.4 PLAINTEXT LENGTH = 4096 count 3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"1726706350c11e6883955f24ea11ab247ce3b2ab54d05e67ad9770b5564483dd":"b006f26a67d0e1e2cbeb5c23b6b300adc1526d1f17bbe964fe8237ae244878158e6b04cb488786b5258ac973c3a2eafd7fcf3a7ca6c825155659fbc53d112bc78b3a770cf059fdd5e68f2b4bfa36de3721231102e5041c947fba3d906bff39592ec3901a398da23035f1190e99b58659330cc2e856ee87ad4197dcc7d16e1f062275bced1ed5cd82163ae3e58da7368dc2aadac855385bd4fa0b8baadef608d0a5c27172d12b88c70b136eeccf37f36364361a990dc50815743cab1636e661bff04ca8345520c30b935a060b450526b1d6ac09170e5b0a327b88f42327b85c9a621d2ca745963c2815a2bfcf509d50b6058ed6e67f369b5608d2aa885238b67d1b8e0d83f9464aa473bf109350fcc02e360c2619236cbfbf895b607895530d8d3d2e41450750dad05b1c37ef15db7fb4707597ac252e8e58d4c1ab2713b427643d198164c908b5d8ff36e9700157284009c7b283633d8b27b378bb65eff8aa59b5fe5e6437a1d53a99c106c2c4d033d3d23950e313a10eb31d68524ae9f8e4f56437acf66db3e8f77407a15bbff4b393e5559908993146d93c673d2aeb7d4cb8fc8d0169de7ed6e2bbe6ce9958a0f5d201419e7acb17e47da827ba380d6b3ad3b5a8c2101c5fb501110c727169065f23297947f538ab3ec165d61edc1f6a9e1735e9b7fc06d4d3406cf8f9c6a68b196cf262324a986705fbc802cdd2e6b4ebcf68e6bb9e793ae644":"":MBEDTLS_ERR_CIPHER_AUTH_FAILED KW AES-128 wrap rfc 3394 @@ -455,11 +455,11 @@ depends_on:MBEDTLS_AES_C mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5" KW AES-192 wrap rfc 3394 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D" KW AES-256 wrap rfc 3394 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7" KW AES-128 unwrap rfc 3394 @@ -467,17 +467,17 @@ depends_on:MBEDTLS_AES_C mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F":"1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5":"00112233445566778899AABBCCDDEEFF":0 KW AES-192 unwrap rfc 3394 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F1011121314151617":"031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2":"00112233445566778899AABBCCDDEEFF0001020304050607":0 KW AES-256 unwrap rfc 3394 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_unwrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KW:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1":"00112233445566778899AABBCCDDEEFF0001020304050607":0 KWP AES-192 wrap rfc 5649 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"c37b7e6492584340bed12207808941155068f738":"138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a" KWP AES-192 wrap rfc 5649 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_nist_kw_wrap:MBEDTLS_CIPHER_ID_AES:MBEDTLS_KW_MODE_KWP:"5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8":"466f7250617369":"afbeb0f07dfbf5419200f2ccb50bb24f" diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data index 1738841d5..f8f1d43aa 100644 --- a/tests/suites/test_suite_oid.data +++ b/tests/suites/test_suite_oid.data @@ -59,33 +59,185 @@ OID get x509 extension - wrong oid - id-ce oid_get_x509_extension:"551D":0 OID hash id - id-md5 -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 oid_get_md_alg_id:"2A864886f70d0205":MBEDTLS_MD_MD5 OID hash id - id-sha1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1 OID hash id - id-sha224 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224 OID hash id - id-sha256 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256 OID hash id - id-sha384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384 OID hash id - id-sha512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512 +OID hash id - id-sha3-224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +oid_get_md_alg_id:"608648016503040207":MBEDTLS_MD_SHA3_224 + +OID hash id - id-sha3-256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +oid_get_md_alg_id:"608648016503040208":MBEDTLS_MD_SHA3_256 + +OID hash id - id-sha3-384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +oid_get_md_alg_id:"608648016503040209":MBEDTLS_MD_SHA3_384 + +OID hash id - id-sha3-512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +oid_get_md_alg_id:"60864801650304020a":MBEDTLS_MD_SHA3_512 + OID hash id - id-ripemd160 -depends_on:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_RIPEMD160 oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160 OID hash id - invalid oid oid_get_md_alg_id:"2B864886f70d0204":-1 +OID get numeric string - hardware module name +oid_get_numeric_string:"2B06010505070804":0:"1.3.6.1.5.5.7.8.4" + +OID get numeric string - multi-byte subidentifier +oid_get_numeric_string:"29903C":0:"1.1.2108" + +OID get numeric string - second component greater than 39 +oid_get_numeric_string:"81010000863A00":0:"2.49.0.0.826.0" + +OID get numeric string - multi-byte first subidentifier +oid_get_numeric_string:"8837":0:"2.999" + +OID get numeric string - second subidentifier not terminated +oid_get_numeric_string:"0081":MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" + +OID get numeric string - empty oid buffer +oid_get_numeric_string:"":MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" + +OID get numeric string - no final / all bytes have top bit set +oid_get_numeric_string:"818181":MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" + +OID get numeric string - 0.39 +oid_get_numeric_string:"27":0:"0.39" + +OID get numeric string - 1.0 +oid_get_numeric_string:"28":0:"1.0" + +OID get numeric string - 1.39 +oid_get_numeric_string:"4f":0:"1.39" + +OID get numeric string - 2.0 +oid_get_numeric_string:"50":0:"2.0" + +OID get numeric string - 1 byte first subidentifier beyond 2.39 +oid_get_numeric_string:"7f":0:"2.47" + +# Encodes the number 0x0400000000 as a subidentifier which overflows 32-bits +OID get numeric string - 32-bit overflow +oid_get_numeric_string:"C080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID get numeric string - 32-bit overflow, second subidentifier +oid_get_numeric_string:"2BC080808000":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID get numeric string - overlong encoding +oid_get_numeric_string:"8001":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID get numeric string - overlong encoding, second subidentifier +oid_get_numeric_string:"2B8001":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - hardware module name +oid_from_numeric_string:"1.3.6.1.5.5.7.8.4":0:"2B06010505070804" + +OID from numeric string - multi-byte subidentifier +oid_from_numeric_string:"1.1.2108":0:"29903C" + +OID from numeric string - second component greater than 39 +oid_from_numeric_string:"2.49.0.0.826.0":0:"81010000863A00" + +OID from numeric string - multi-byte first subidentifier +oid_from_numeric_string:"2.999":0:"8837" + +OID from numeric string - empty string input +oid_from_numeric_string:"":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - first component not a number +oid_from_numeric_string:"abc.1.2":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - second component not a number +oid_from_numeric_string:"1.abc.2":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - first component too large +oid_from_numeric_string:"3.1":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - first component < 2, second > 39 +oid_from_numeric_string:"1.40":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - third component not a number +oid_from_numeric_string:"1.2.abc":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - non-'.' separator between first and second +oid_from_numeric_string:"1/2.3.4":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - non-'.' separator between second and third +oid_from_numeric_string:"1.2/3.4":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - non-'.' separator between third and fourth +oid_from_numeric_string:"1.2.3/4":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - OID greater than max length (129 components) +oid_from_numeric_string:"1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +OID from numeric string - OID with maximum subidentifier +oid_from_numeric_string:"2.4294967215":0:"8FFFFFFF7F" + +OID from numeric string - OID with overflowing subidentifier +oid_from_numeric_string:"2.4294967216":MBEDTLS_ERR_ASN1_INVALID_DATA:"" + +mbedtls_oid_get_md_hmac - RIPEMD160 +depends_on:MBEDTLS_MD_CAN_RIPEMD160 +mbedtls_oid_get_md_hmac:"2B06010505080104":MBEDTLS_MD_RIPEMD160 + +mbedtls_oid_get_md_hmac - SHA1 +depends_on:MBEDTLS_MD_CAN_SHA1 +mbedtls_oid_get_md_hmac:"2A864886F70D0207":MBEDTLS_MD_SHA1 + +mbedtls_oid_get_md_hmac - SHA224 +depends_on:MBEDTLS_MD_CAN_SHA224 +mbedtls_oid_get_md_hmac:"2A864886F70D0208":MBEDTLS_MD_SHA224 + +mbedtls_oid_get_md_hmac - SHA256 +depends_on:MBEDTLS_MD_CAN_SHA256 +mbedtls_oid_get_md_hmac:"2A864886F70D0209":MBEDTLS_MD_SHA256 + +mbedtls_oid_get_md_hmac - SHA384 +depends_on:MBEDTLS_MD_CAN_SHA384 +mbedtls_oid_get_md_hmac:"2A864886F70D020A":MBEDTLS_MD_SHA384 + +mbedtls_oid_get_md_hmac - SHA512 +depends_on:MBEDTLS_MD_CAN_SHA512 +mbedtls_oid_get_md_hmac:"2A864886F70D020B":MBEDTLS_MD_SHA512 + +mbedtls_oid_get_md_hmac - SHA3_224 +depends_on:MBEDTLS_MD_CAN_SHA3_224 +mbedtls_oid_get_md_hmac:"60864801650304020D":MBEDTLS_MD_SHA3_224 + +mbedtls_oid_get_md_hmac - SHA3_256 +depends_on:MBEDTLS_MD_CAN_SHA3_256 +mbedtls_oid_get_md_hmac:"60864801650304020E":MBEDTLS_MD_SHA3_256 + +mbedtls_oid_get_md_hmac - SHA3_384 +depends_on:MBEDTLS_MD_CAN_SHA3_384 +mbedtls_oid_get_md_hmac:"60864801650304020F":MBEDTLS_MD_SHA3_384 + +mbedtls_oid_get_md_hmac - SHA3_512 +depends_on:MBEDTLS_MD_CAN_SHA3_512 +mbedtls_oid_get_md_hmac:"608648016503040210":MBEDTLS_MD_SHA3_512 diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function index 687b2168a..337f84310 100644 --- a/tests/suites/test_suite_oid.function +++ b/tests/suites/test_suite_oid.function @@ -3,7 +3,6 @@ #include "mbedtls/asn1.h" #include "mbedtls/asn1write.h" #include "string.h" -#include "mbedtls/legacy_or_psa.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -96,3 +95,76 @@ void oid_get_md_alg_id(data_t *oid, int exp_md_id) } } /* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_oid_get_md_hmac(data_t *oid, int exp_md_id) +{ + mbedtls_asn1_buf md_oid = { 0, 0, NULL }; + int ret; + mbedtls_md_type_t md_id = 0; + + md_oid.tag = MBEDTLS_ASN1_OID; + md_oid.p = oid->x; + md_oid.len = oid->len; + + ret = mbedtls_oid_get_md_hmac(&md_oid, &md_id); + + if (exp_md_id < 0) { + TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND); + TEST_ASSERT(md_id == 0); + } else { + TEST_ASSERT(ret == 0); + TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str) +{ + char buf[256]; + mbedtls_asn1_buf input_oid = { 0, 0, NULL }; + int ret; + + input_oid.tag = MBEDTLS_ASN1_OID; + /* Test that an empty OID is not dereferenced */ + input_oid.p = oid->len ? oid->x : (void *) 1; + input_oid.len = oid->len; + + ret = mbedtls_oid_get_numeric_string(buf, sizeof(buf), &input_oid); + + if (error_ret == 0) { + TEST_EQUAL(ret, strlen(result_str)); + TEST_ASSERT(ret >= 3); + TEST_EQUAL(strcmp(buf, result_str), 0); + } else { + TEST_EQUAL(ret, error_ret); + } +} +/* END_CASE */ + +/* BEGIN_CASE */ +void oid_from_numeric_string(char *oid_str, int error_ret, + data_t *exp_oid_buf) +{ + mbedtls_asn1_buf oid = { 0, 0, NULL }; + mbedtls_asn1_buf exp_oid = { 0, 0, NULL }; + int ret; + + exp_oid.tag = MBEDTLS_ASN1_OID; + exp_oid.p = exp_oid_buf->x; + exp_oid.len = exp_oid_buf->len; + + ret = mbedtls_oid_from_numeric_string(&oid, oid_str, strlen(oid_str)); + + if (error_ret == 0) { + TEST_EQUAL(oid.len, exp_oid.len); + TEST_ASSERT(memcmp(oid.p, exp_oid.p, oid.len) == 0); + mbedtls_free(oid.p); + oid.p = NULL; + oid.len = 0; + } else { + TEST_EQUAL(ret, error_ret); + } +} +/* END_CASE */ diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data index 1c9e0bf22..a4dff45f0 100644 --- a/tests/suites/test_suite_pem.data +++ b/tests/suites/test_suite_pem.data @@ -16,29 +16,36 @@ mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102 PEM write (exactly two lines + 1) mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" +PEM write length reporting +mbedtls_pem_write_buffer_lengths + PEM read (unencrypted, valid) mbedtls_pem_read_buffer:"^":"$":"^\nTWJlZCBUTFM=\n$":"":0:"4d62656420544c53" PEM read (DES-EDE3-CBC + invalid iv) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:"" PEM read (DES-CBC + invalid iv) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:"" +PEM read (AES-128-CBC + invalid iv) +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C +mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,00$":"pwd":MBEDTLS_ERR_PEM_INVALID_ENC_IV:"" + PEM read (unknown encryption algorithm) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C mbedtls_pem_read_buffer:"^":"$":"^\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-,00$":"pwd":MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG:"" PEM read (malformed PEM DES-CBC) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:"" PEM read (malformed PEM DES-EDE3-CBC) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: DES-EDE3-CBC,AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:"" PEM read (malformed PEM AES-128-CBC) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC mbedtls_pem_read_buffer:"-----BEGIN EC PRIVATE KEY-----":"-----END EC PRIVATE KEY-----":"-----BEGIN EC PRIVATE KEY-----\nProc-Type\: 4,ENCRYPTED\nDEK-Info\: AES-128-CBC,AA94892A169FA426AA94892A169FA426\n\nMAAA\n-----END EC PRIVATE KEY-----":"pwd":MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:"" diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index 25b66f8b6..413dc551c 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -3,8 +3,6 @@ #include "mbedtls/pem.h" #include "mbedtls/des.h" #include "mbedtls/aes.h" -#include "mbedtls/legacy_or_psa.h" - /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ @@ -34,6 +32,35 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ +void mbedtls_pem_write_buffer_lengths() +{ + unsigned char data[256] = { 0 }; + unsigned char buf[1024]; + size_t olen_needed, olen; + int ret; + for (size_t l = 0; l <= sizeof(data); l++) { + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, NULL, 0, &olen_needed); + TEST_EQUAL(ret, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); + + /* Test that a bigger buffer still only requires `olen_needed` */ + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, sizeof(buf), &olen); + TEST_EQUAL(ret, 0); + TEST_EQUAL(olen_needed, olen); + + /* Test that a buffer of exactly `olen_needed` works */ + memset(buf, 1, sizeof(buf)); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, olen_needed, &olen); + TEST_EQUAL(ret, 0); + TEST_EQUAL(olen_needed, olen); + /* Test the function didn't overflow the given buffer */ + for (size_t i = olen_needed; i < sizeof(buf); i++) { + TEST_EQUAL(buf[i], 1); + } + } +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C */ void mbedtls_pem_read_buffer(char *header, char *footer, char *data, char *pwd, int res, data_t *out) @@ -44,6 +71,8 @@ void mbedtls_pem_read_buffer(char *header, char *footer, char *data, size_t pwd_len = strlen(pwd); const unsigned char *buf; + MD_PSA_INIT(); + mbedtls_pem_init(&ctx); ret = mbedtls_pem_read_buffer(&ctx, header, footer, (unsigned char *) data, @@ -60,5 +89,6 @@ void mbedtls_pem_read_buffer(char *header, char *footer, char *data, exit: mbedtls_pem_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index d796f6ffa..e69749140 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -8,44 +8,44 @@ PK write valid parameters depends_on:MBEDTLS_RSA_C valid_parameters_pkwrite:"308204a20201000282010100a9021f3d406ad555538bfd36ee82652e15615e89bfb8e84590dbee881652d3f143504796125964876bfd2be046f973beddcf92e1915bed66a06f8929794580d0836ad54143775f397c09044782b0573970eda3ec15191ea8330847c10542a9fd4cc3b4dfdd061f4d1051406773130f40f86d81255f0ab153c6307e1539acf95aee7f929ea6055be7139785b52392d9d42406d50925897507dda61a8f3f0919bead652c64eb959bdcfe415e17a6da6c5b69cc02ba142c16249c4adccdd0f7526773f12da023fd7ef431ca2d70ca890b04db2ea64f706e9ecebd5889e253599e6e5a9265e2883f0c9419a3dde5e89d9513ed29dbab7012dc5aca6b17ab528254b10203010001028201001689f5e89142ae18a6ffb0513715a4b0b4a13b9e5b3729a2bd62d738c6e15cea7bf3a4d85ab2193a0628c9452bb1f0c1af8b132789df1c95e72778bf5330f5b0d915d242d5e0818e85001ed5fa93d1ce13455deb0a15438562e8e3c8d60ec1e4c9ebff9f2b36b9cde9332cc79f0d17a7ae79cc1353cd75409ad9b4b6d7ee3d82af6f3207656cf2ac98947c15c398db0cebf8dc3eef5398269480cdd09411b960273ae3f364da09af849f24aa87346c58618ea91d9d6cd1d3932c80dbfc1f0a4166a9036911999ca27761079f0ce02db02c1c909ff9b4278578d7bb1b54b2b7082fc9e864b6b394e331c0d11a9a68255565b6dd477f4119c5809839520700711102818100d7db987ad86de6a9b0749fb5da80bacde3bebd72dcc83f60a27db74f927ac3661386577bfce5b4a00ad024682401d6aad29713c8e223b53415305ca07559821099b187fdd1bad3dc4dec9da96f5fa6128331e8f7d89f1e1a788698d1a27256dc7cd392f04e531a9e38e7265bf4fd7eec01e7835e9b1a0dd8923e440381be1c2702818100c87025fff7a493c623404966fbc8b32ed164ca620ad1a0ad11ef42fd12118456017856a8b42e5d4ad36104e9dc9f8a2f3003c3957ffddb20e2f4e3fc3cf2cdddae01f57a56de4fd24b91ab6d3e5cc0e8af0473659594a6bbfdaacf958f19c8d508eac12d8977616af6877106288093d37904a139220c1bc278ea56edc086976702818043e708685c7cf5fa9b4f948e1856366d5e1f3a694f9a8e954f884c89f3823ac5798ee12657bfcaba2dac9c47464c6dc2fecc17a531be19da706fee336bb6e47b645dbc71d3eff9856bddeb1ac9b644ffbdd58d7ba9e1240f1faaf797ba8a4d58becbaf85789e1bd979fcfccc209d3db7f0416bc9eef09b3a6d86b8ce8199d4310281804f4b86ccffe49d0d8ace98fb63ea9f708b284ba483d130b6a75cb76cb4e4372d6b41774f20912319420ca4cbfc1b25a8cb5f01d6381f6ebc50ed3ef08010327f5ba2acc1ac7220b3fa6f7399314db2879b0db0b5647abd87abb01295815a5b086491b2c0d81c616ed67ef8a8ce0727f446711d7323d4147b5828a52143c43b4b028180540756beba83c20a0bda11d6dec706a71744ff28090cec079dffb507d82828038fe657f61496a20317f779cb683ce8196c29a6fe28839a282eef4de57773be56808b0c3e2ac7747e2b200b2fbf20b55258cd24622a1ce0099de098ab0855106ae087f08b0c8c346d81619400c1b4838e33ed9ff90f05db8fccf8fb7ab881ca12" -PK utils: RSA 512-bit +PK utils: RSA Minimum key depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_utils:MBEDTLS_PK_RSA:512:512:64:"RSA" +pk_utils:MBEDTLS_PK_RSA:MBEDTLS_RSA_GEN_KEY_MIN_BITS:MBEDTLS_RSA_GEN_KEY_MIN_BITS:(MBEDTLS_RSA_GEN_KEY_MIN_BITS /8):"RSA" PK utils: ECKEY SECP192R1 -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 pk_utils:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC" PK utils: ECKEY_DH SECP192R1 -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:192:24:"EC_DH" PK utils: ECKEY_DH Curve25519 -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE25519_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE25519:255:32:"EC_DH" PK utils: ECKEY_DH Curve448 -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_CURVE448_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE448 pk_utils:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_CURVE448:448:56:"EC_DH" PK utils: ECDSA SECP192R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP192R1 pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:192:24:"ECDSA" PK utils: ECDSA SECP256R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1 pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:256:32:"ECDSA" PK utils: ECDSA SECP384R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1 pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:384:48:"ECDSA" PK utils: ECDSA SECP521R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP521R1 pk_utils:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:521:66:"ECDSA" PK PSA utilities: ECDSA setup/free, info functions, unsupported operations -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_psa_utils:0 PK PSA utilities: RSA setup/free, info functions, unsupported operations @@ -53,95 +53,95 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_psa_utils:1 PK can do ext: ECDSA(ANY)/NONE, invalid check STREAM_CIPHER -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:256:PSA_ALG_STREAM_CIPHER:PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDSA(ANY)/NONE, invalid check RSA_PKCS1V15_SIGN(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:256:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDSA(ANY)/NONE, invalid check RSA_PKCS1V15_CRYPT -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:256:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDSA(ANY)/NONE, invalid check RSA_PSS(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:256:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDSA(ANY)/NONE, invalid check ECDH -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:256:PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDSA(ANY)/NONE, check ECDSA(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDSA(SHA256)/NONE, check ECDSA(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE/ECDSA(ANY_HASH), check ECDSA(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: NONE/ECDSA(SHA256), check ECDSA(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDSA(SHA256)/NONE, invalid check ECDSA(ANY) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDSA(SHA1)/NONE, invalid check ECDSA(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA(PSA_ALG_SHA_1):PSA_ALG_NONE:256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0 PK can do ext: ECDH/NONE, invalid check STREAM_CIPHER -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_NONE:256:PSA_ALG_STREAM_CIPHER:PSA_KEY_USAGE_DERIVE:0 PK can do ext: ECDH/NONE, invalid check RSA_PKCS1V15_SIGN(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_NONE:256:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE:0 PK can do ext: ECDH/NONE, invalid check RSA_PKCS1V15_CRYPT -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_NONE:256:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DERIVE:0 PK can do ext: ECDH/NONE, invalid check RSA_PSS(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_NONE:256:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE:0 PK can do ext: ECDH/NONE, invalid check ECDSA(SHA256) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_NONE:256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE:0 PK can do ext: ECDH/NONE, check ECDH -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_NONE:256:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE:1 PK can do ext: ECDH/ECDSA(ANY), check ECDH+SIGN -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDH+DERIVE -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE:1 PK can do ext: ECDH/ECDSA(ANY), check ECDH+DERIVE|SIGN -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDSA(SHA256)+DERIVE|SIGN -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDSA(SHA256)+SIGN -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: ECDH/ECDSA(ANY), check ECDSA(SHA256)+DERIVE -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_DERIVE|PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):256:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_DERIVE:1 PK can do ext: RSA_PKCS1V15_SIGN(ANY)/NONE, check not allowed COPY usage @@ -289,11 +289,11 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_can_do_ext:1:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: MBEDTLS_PK_ECKEY, check ECDSA(SHA256) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:0:MBEDTLS_PK_ECKEY:0:0:0:MBEDTLS_ECP_DP_SECP256R1:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 PK can do ext: MBEDTLS_PK_ECKEY, check ECDH -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP256R1 pk_can_do_ext:0:MBEDTLS_PK_ECKEY:0:0:0:MBEDTLS_ECP_DP_SECP256R1:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE:1 PK can do ext: MBEDTLS_PK_RSA, check RSA_PKCS1V15_SIGN(SHA256) @@ -313,96 +313,96 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_can_do_ext:0:MBEDTLS_PK_RSA:0:0:0:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:1 RSA verify test vector #1 (good) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 pk_rsa_verify_test_vec:"6a8a1f225703fe39753c1017b43eec9e070a70b1":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA verify test vector #2 (bad) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 pk_rsa_verify_test_vec:"9f294f0c7b32da6221a3ef83654322038e8968fa":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED ECDSA verify test vector #1 (good) -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP192R1 pk_ec_test_vec:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0 ECDSA verify test vector #2 (bad) -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP192R1 pk_ec_test_vec:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED EC(DSA) verify test vector #1 (good) -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP192R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0 EC(DSA) verify test vector #2 (bad) -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP192R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED EC(DSA) verify test vector: good, bitlen(r) = 256 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3046022100faecc085c6c5362b91ff1fd6dd77da80bc071bee9ff1ac0ef9509c017f13267c022100a7d0b908c938d3dd6c6a9cdc5b0a4a4ee455c519c1ff6cda959806b7e7461ba0":0 EC(DSA) verify test vector: good, bitlen(r) = 255 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0 EC(DSA) verify test vector: good, bitlen(r) = 248 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220009109f967f9082abc9c46e5ea07936529b82023a1a49b872c046f430983db2602210085f0b1960d61f8d75109b5b7ff991d3171320d2ab547104f864048455a965090":0 EC(DSA) verify test vector: good, bitlen(r) = 247 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3044021f461786833b50247b07194da6cedbd3caefbcd19c73b6283ccff5097cd0d73b022100d85d20b0b8c3b596eb1cdb0381e681fa0a8bccde4e89c139020af3b0f88e099c":0 EC(DSA) verify test vector: good, bitlen(s) = 256 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0 EC(DSA) verify test vector: good, bitlen(s) = 255 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"304402206ae26950c606d08fe5e1682efdccfb3a7213ca46bd523ffd20c4213fe1400d3402207612106ada7055926167650b257da7f4c42c190b8aa9e3b680f8751fe90c63a5":0 EC(DSA) verify test vector: good, bitlen(s) = 248 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3045022100fd4d718ab483827492e10b89745fad100d2dd257102b99aff179ee596a569f1f022000a1b777e32a8b4909763b615b805e59194e6196eb05719287a36eb5f17aa485":0 EC(DSA) verify test vector: good, bitlen(s) = 247 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0 ECDSA sign-verify: SECP192R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP192R1 pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP192R1:0:0 ECDSA sign-verify: SECP256R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:0:0 ECDSA sign-verify: SECP384R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1 pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:0:0 ECDSA sign-verify: SECP521R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1 pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:0:0 ECDSA sign-verify: BP256R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_BP256R1 pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP256R1:0:0 ECDSA sign-verify: BP512R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_BP512R1 pk_sign_verify:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_BP512R1:0:0 EC(DSA) sign-verify: SECP192R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP192R1 pk_sign_verify:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:0:0 EC_DH (no) sign-verify: SECP192R1 -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 pk_sign_verify:MBEDTLS_PK_ECKEY_DH:MBEDTLS_ECP_DP_SECP192R1:MBEDTLS_ERR_PK_TYPE_MISMATCH:MBEDTLS_ERR_PK_TYPE_MISMATCH RSA sign-verify -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME -pk_sign_verify:MBEDTLS_PK_RSA:512:0:0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_RSA_GEN_KEY_MIN_BITS >= 512 +pk_sign_verify:MBEDTLS_PK_RSA:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:0 RSA encrypt-decrypt test depends_on:MBEDTLS_PKCS1_V15 @@ -425,111 +425,111 @@ depends_on:MBEDTLS_PKCS1_V15 pk_wrap_rsa_decrypt_test_vec:"a42eda41e56235e666e7faaa77100197f657288a1bf183e4820f0c37ce2c456b960278d6003e0bbcd4be4a969f8e8fd9231e1f492414f00ed09844994c86ec32db7cde3bec7f0c3dbf6ae55baeb2712fa609f5fc3207a824eb3dace31849cd6a6084318523912bccb84cf42e3c6d6d1685131d69bb545acec827d2b0dfdd5568b7dcc4f5a11d6916583fefa689d367f8c9e1d95dcd2240895a9470b0c1730f97cd6e8546860bd254801769f54be96e16362ddcbf34d56035028890199e0f48db38642cb66a4181e028a6443a404feb284ce02b4614b683367d40874e505611d23142d49f06feea831d52d347b13610b413c4efc43a6de9f0b08d2a951dc503b6":2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_ERR_RSA_INVALID_PADDING EC nocrypt -depends_on:MBEDTLS_ECP_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_ec_nocrypt:MBEDTLS_PK_ECKEY EC-DH nocrypt -depends_on:MBEDTLS_ECP_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_ec_nocrypt:MBEDTLS_PK_ECKEY_DH ECDSA nocrypt -depends_on:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN pk_ec_nocrypt:MBEDTLS_PK_ECDSA RSA_ALT consistency -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_RSA_GEN_KEY_MIN_BITS >= 512 pk_rsa_alt: Verify ext RSA #1 (PKCS1 v2.1, salt_len = ANY, OK) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:128:0 Verify ext RSA #2 (PKCS1 v2.1, salt_len = ANY, wrong message) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"ae6e43dd387c25741e42fc3570cdfc52e4f51a2343294f3b677dfe01cd5339f6":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:128:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #3 (PKCS1 v2.1, salt_len = 0, OK) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:0:128:0 Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:128:0 Verify ext RSA #5a (PKCS1 v2.1, wrong salt_len) !USE_PSA -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:!MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_USE_PSA_CRYPTO pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:128:MBEDTLS_ERR_RSA_INVALID_PADDING Verify ext RSA #5b (PKCS1 v2.1, wrong salt_len) USE_PSA -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:128:0 Verify ext RSA #6 (PKCS1 v2.1, MGF1 alg != MSG hash alg) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:128:0 Verify ext RSA #7 (PKCS1 v2.1, wrong MGF1 alg != MSG hash alg) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_NONE:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:128:MBEDTLS_ERR_RSA_INVALID_PADDING Verify ext RSA #8 (PKCS1 v2.1, RSASSA-PSS without options) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:-1:MBEDTLS_RSA_SALT_LEN_ANY:128:MBEDTLS_ERR_PK_BAD_INPUT_DATA Verify ext RSA #9 (PKCS1 v1.5, RSA with options) -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:128:MBEDTLS_ERR_PK_BAD_INPUT_DATA Verify ext RSA #10 (PKCS1 v1.5, RSA without options) -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:128:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #11 (PKCS1 v2.1, asking for ECDSA) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_ECDSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:128:MBEDTLS_ERR_PK_TYPE_MISMATCH Verify ext RSA #12 (PKCS1 v1.5, good) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 pk_rsa_verify_ext_test_vec:"6a8a1f225703fe39753c1017b43eec9e070a70b1":MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":MBEDTLS_PK_RSA:-1:MBEDTLS_RSA_SALT_LEN_ANY:128:0 Verify ext RSA #13 (PKCS1 v2.1, salt_len = max, sig_len too long) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:129:MBEDTLS_ERR_PK_SIG_LEN_MISMATCH Verify ext RSA #14 (PKCS1 v2.1, salt_len = ANY, sig_len too long) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:129:MBEDTLS_ERR_PK_SIG_LEN_MISMATCH Verify ext RSA #15 (PKCS1 v2.1, salt_len = ANY, sig_len too short) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:127:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #16 (PKCS1 v2.1, salt_len = max, sig_len too short) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:127:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #17 (PKCS1 v2.1, salt_len = ANY, wrong message, sig_len too short) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"ae6e43dd387c25741e42fc3570cdfc52e4f51a2343294f3b677dfe01cd5339f6":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:127:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #18 (PKCS1 v2.1, salt_len = max, wrong message, sig_len too short) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"ae6e43dd387c25741e42fc3570cdfc52e4f51a2343294f3b677dfe01cd5339f6":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:127:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #19 (PKCS1 v2.1, salt_len = ANY, wrong message, sig_len too long) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"ae6e43dd387c25741e42fc3570cdfc52e4f51a2343294f3b677dfe01cd5339f6":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:129:MBEDTLS_ERR_RSA_VERIFY_FAILED Verify ext RSA #20 (PKCS1 v2.1, salt_len = max, wrong message, sig_len too long) -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_verify_ext_test_vec:"ae6e43dd387c25741e42fc3570cdfc52e4f51a2343294f3b677dfe01cd5339f6":MBEDTLS_MD_SHA256:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:129:MBEDTLS_ERR_RSA_VERIFY_FAILED Check pair #1 (EC, OK) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PEM_PARSE_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/ec_256_prv.pem":0 Check pair #2 (EC, bad) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PEM_PARSE_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server5.key":MBEDTLS_ERR_ECP_BAD_INPUT_DATA Check pair #3 (RSA, OK) @@ -541,7 +541,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/server1.pubkey":"data_files/server2.key":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED Check pair #5 (RSA vs EC) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C mbedtls_pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":MBEDTLS_ERR_PK_TYPE_MISMATCH RSA hash_len overflow (size_t vs unsigned int) @@ -549,134 +549,134 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_HAVE_INT64 pk_rsa_overflow: ECDSA restartable sign/verify: ECDSA, max_ops=0 (disabled) -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0 ECDSA restartable sign/verify: ECKEY, max_ops=0 (disabled) -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":0:0:0 ECDSA restartable sign/verify: ECDSA, max_ops=1 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000 ECDSA restartable sign/verify: ECKEY, max_ops=1 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":1:1:10000 ECDSA restartable sign/verify: ECDSA, max_ops=10000 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0 ECDSA restartable sign/verify: ECKEY, max_ops=10000 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":10000:0:0 ECDSA restartable sign/verify: ECDSA, max_ops=250 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64 ECDSA restartable sign/verify: ECKEY, max_ops=250 -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64 PSA wrapped sign: SECP256R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 pk_psa_sign:MBEDTLS_ECP_DP_SECP256R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 PSA wrapped sign: SECP384R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1 pk_psa_sign:MBEDTLS_ECP_DP_SECP384R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 PSA wrapped sign: SECP521R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1 pk_psa_sign:MBEDTLS_ECP_DP_SECP521R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 PSA wrapped sign: SECP192K1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192K1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP192K1 pk_psa_sign:MBEDTLS_ECP_DP_SECP192K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 ## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336 # PSA wrapped sign: SECP224K1 -# depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP224K1_ENABLED +# depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP224K1 # pk_psa_sign:MBEDTLS_ECP_DP_SECP224K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 PSA wrapped sign: SECP256K1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256K1 pk_psa_sign:MBEDTLS_ECP_DP_SECP256K1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 PSA wrapped sign: BP256R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_BP256R1 pk_psa_sign:MBEDTLS_ECP_DP_BP256R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 PSA wrapped sign: BP384R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP384R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_BP384R1 pk_psa_sign:MBEDTLS_ECP_DP_BP384R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 PSA wrapped sign: BP512R1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_BP512R1 pk_psa_sign:MBEDTLS_ECP_DP_BP512R1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 PSA wrapped sign: RSA PKCS1 v1.5 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024 PK Sign ext:RSA2048,PK_RSA,MD_SHA256 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 PK Sign ext:RSA2048,PK_RSA,MD_SHA384 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 PK Sign ext:RSA2048,PK_RSA,MD_SHA512 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 PK Sign ext:SECP256R1,PK_ECDSA,MD_SHA256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256 PK Sign ext:SECP384R1,PK_ECDSA,MD_SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA384 pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384 PK Sign ext:SECP521R1,PK_ECDSA,MD_SHA512 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1:MBEDTLS_MD_CAN_SHA512 pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512 PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA256 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA384 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA512 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 13b5162f0..881429c2d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1,14 +1,13 @@ /* BEGIN_HEADER */ #include "mbedtls/pk.h" +#include "pk_internal.h" /* For error codes */ #include "mbedtls/asn1.h" #include "mbedtls/base64.h" #include "mbedtls/ecp.h" #include "mbedtls/rsa.h" - -#include "hash_info.h" -#include "mbedtls/legacy_or_psa.h" +#include "pk_internal.h" #include #include @@ -17,9 +16,60 @@ * but the test code generator requires test case data to be valid C code * unconditionally (https://github.com/Mbed-TLS/mbedtls/issues/2023). */ #include "psa/crypto.h" +#include "md_psa.h" -#define RSA_KEY_SIZE 512 -#define RSA_KEY_LEN 64 +/* Used for properly sizing the key buffer in pk_genkey_ec() */ +#include "psa_util_internal.h" + +#define RSA_KEY_SIZE MBEDTLS_RSA_GEN_KEY_MIN_BITS +#define RSA_KEY_LEN (MBEDTLS_RSA_GEN_KEY_MIN_BITS/8) + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) +{ + psa_status_t status; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + size_t curve_bits; + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(grp_id, &curve_bits); + int ret; + + if (curve == 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); + psa_set_key_bits(&key_attr, curve_bits); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE); +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_set_key_algorithm(&key_attr, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); +#else + psa_set_key_algorithm(&key_attr, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); +#endif + + status = psa_generate_key(&key_attr, &pk->priv_id); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } + + status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), + &pk->pub_raw_len); + if (status != PSA_SUCCESS) { + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + goto exit; + } + + pk->ec_family = curve; + pk->ec_bits = curve_bits; + + return 0; + +exit: + status = psa_destroy_key(pk->priv_id); + return (ret != 0) ? ret : psa_pk_status_to_mbedtls(status); +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /** Generate a key of the desired type. * @@ -44,22 +94,34 @@ static int pk_genkey(mbedtls_pk_context *pk, int parameter) parameter, 3); } #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY || mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECKEY_DH || mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) { int ret; - if ((ret = mbedtls_ecp_group_load(&mbedtls_pk_ec(*pk)->grp, - parameter)) != 0) { + +#if defined(MBEDTLS_ECP_C) + ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, parameter); + if (ret != 0) { + return ret; + } + return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec_rw(*pk)->grp, + &mbedtls_pk_ec_rw(*pk)->d, + &mbedtls_pk_ec_rw(*pk)->Q, + mbedtls_test_rnd_std_rand, NULL); +#endif /* MBEDTLS_ECP_C */ + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + ret = pk_genkey_ec(pk, parameter); + if (ret != 0) { return ret; } - return mbedtls_ecp_gen_keypair(&mbedtls_pk_ec(*pk)->grp, - &mbedtls_pk_ec(*pk)->d, - &mbedtls_pk_ec(*pk)->Q, - mbedtls_test_rnd_std_rand, NULL); + return 0; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + } -#endif +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ return -1; } @@ -157,12 +219,9 @@ void pk_psa_utils(int key_is_rsa) size_t len; mbedtls_pk_debug_item dbg; - PSA_ASSERT(psa_crypto_init()); - mbedtls_pk_init(&pk); mbedtls_pk_init(&pk2); - - TEST_ASSERT(psa_crypto_init() == PSA_SUCCESS); + USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_setup_opaque(&pk, MBEDTLS_SVC_KEY_ID_INIT) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); @@ -200,10 +259,11 @@ void pk_psa_utils(int key_is_rsa) } /* unsupported operations: verify, decrypt, encrypt */ - TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg, - b1, sizeof(b1), b2, sizeof(b2)) - == MBEDTLS_ERR_PK_TYPE_MISMATCH); - if (key_is_rsa == 0) { + if (key_is_rsa == 1) { + TEST_ASSERT(mbedtls_pk_verify(&pk, md_alg, + b1, sizeof(b1), b2, sizeof(b2)) + == MBEDTLS_ERR_PK_TYPE_MISMATCH); + } else { TEST_ASSERT(mbedtls_pk_decrypt(&pk, b1, sizeof(b1), b2, &len, sizeof(b2), NULL, NULL) @@ -255,9 +315,8 @@ void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg, mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - PSA_ASSERT(psa_crypto_init()); - mbedtls_pk_init(&pk); + USE_PSA_INIT(); if (opaque_key == 1) { psa_set_key_usage_flags(&attributes, key_usage); @@ -303,6 +362,7 @@ void pk_invalid_param() size_t buf_size = sizeof(buf); mbedtls_pk_init(&ctx); + USE_PSA_INIT(); TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA, mbedtls_pk_verify_restartable(&ctx, MBEDTLS_MD_NONE, @@ -338,6 +398,7 @@ void pk_invalid_param() NULL)); exit: mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -350,6 +411,7 @@ void valid_parameters() void *options = NULL; mbedtls_pk_init(&pk); + USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_setup(&pk, NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); @@ -425,6 +487,7 @@ void valid_parameters() TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, NULL, 0) == MBEDTLS_ERR_PK_KEY_INVALID_FORMAT); #endif /* MBEDTLS_PK_PARSE_C */ + USE_PSA_DONE(); } /* END_CASE */ @@ -435,6 +498,8 @@ void valid_parameters_pkwrite(data_t *key_data) /* For the write tests to be effective, we need a valid key pair. */ mbedtls_pk_init(&pk); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_pk_parse_key(&pk, key_data->x, key_data->len, NULL, 0, mbedtls_test_rnd_std_rand, NULL) == 0); @@ -455,6 +520,7 @@ void valid_parameters_pkwrite(data_t *key_data) exit: mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ @@ -464,6 +530,7 @@ void pk_utils(int type, int parameter, int bitlen, int len, char *name) mbedtls_pk_context pk; mbedtls_pk_init(&pk); + USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); TEST_ASSERT(pk_genkey(&pk, parameter) == 0); @@ -476,6 +543,7 @@ void pk_utils(int type, int parameter, int bitlen, int len, char *name) exit: mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ @@ -483,12 +551,23 @@ exit: void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret) { mbedtls_pk_context pub, prv, alt; - - USE_PSA_INIT(); +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_pk_init(&pub); mbedtls_pk_init(&prv); mbedtls_pk_init(&alt); + USE_PSA_INIT(); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* mbedtls_pk_check_pair() returns either PK or ECP error codes depending + on MBEDTLS_USE_PSA_CRYPTO so here we dynamically translate between the + two */ + if (ret == MBEDTLS_ERR_ECP_BAD_INPUT_DATA) { + ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&pub, pub_file) == 0); TEST_ASSERT(mbedtls_pk_parse_keyfile(&prv, prv_file, NULL, @@ -509,7 +588,20 @@ void mbedtls_pk_check_pair(char *pub_file, char *prv_file, int ret) == ret); } #endif +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(&prv) == MBEDTLS_PK_ECKEY) { + TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&prv, &opaque_key_id, + PSA_ALG_ANY_HASH, + PSA_KEY_USAGE_EXPORT, 0), 0); + TEST_EQUAL(mbedtls_pk_check_pair(&pub, &prv, mbedtls_test_rnd_std_rand, + NULL), ret); + } +#endif +exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key(opaque_key_id); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_pk_free(&pub); mbedtls_pk_free(&prv); mbedtls_pk_free(&alt); @@ -534,10 +626,8 @@ void pk_rsa_verify_test_vec(data_t *message_str, int digest, int mod, mbedtls_ecp_set_max_ops(1); #endif - USE_PSA_INIT(); - mbedtls_pk_init(&pk); - + USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); rsa = mbedtls_pk_rsa(pk); @@ -576,8 +666,8 @@ void pk_rsa_verify_ext_test_vec(data_t *message_str, int digest, void *options; int ret; - USE_PSA_INIT(); mbedtls_pk_init(&pk); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); rsa = mbedtls_pk_rsa(pk); @@ -620,16 +710,15 @@ void pk_rsa_verify_ext_test_vec(data_t *message_str, int digest, exit: mbedtls_pk_free(&pk); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY */ void pk_ec_test_vec(int type, int id, data_t *key, data_t *hash, data_t *sig, int ret) { mbedtls_pk_context pk; - mbedtls_ecp_keypair *eckey; mbedtls_pk_init(&pk); USE_PSA_INIT(); @@ -637,11 +726,18 @@ void pk_ec_test_vec(int type, int id, data_t *key, data_t *hash, TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); TEST_ASSERT(mbedtls_pk_can_do(&pk, MBEDTLS_PK_ECDSA)); - eckey = mbedtls_pk_ec(pk); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + TEST_ASSERT(key->len <= MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); + memcpy(pk.pub_raw, key->x, key->len); + pk.ec_family = mbedtls_ecc_group_to_psa(id, &(pk.ec_bits)); + pk.pub_raw_len = key->len; +#else + mbedtls_ecp_keypair *eckey = (mbedtls_ecp_keypair *) mbedtls_pk_ec(pk); TEST_ASSERT(mbedtls_ecp_group_load(&eckey->grp, id) == 0); TEST_ASSERT(mbedtls_ecp_point_read_binary(&eckey->grp, &eckey->Q, key->x, key->len) == 0); +#endif // MBEDTLS_MD_NONE is used since it will be ignored. TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, @@ -665,20 +761,20 @@ void pk_sign_verify_restart(int pk_type, int grp_id, char *d_str, unsigned char sig[MBEDTLS_ECDSA_MAX_LEN]; size_t slen; - USE_PSA_INIT(); - mbedtls_pk_restart_init(&rs_ctx); mbedtls_pk_init(&prv); mbedtls_pk_init(&pub); + USE_PSA_INIT(); + memset(sig, 0, sizeof(sig)); TEST_ASSERT(mbedtls_pk_setup(&prv, mbedtls_pk_info_from_type(pk_type)) == 0); - TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(prv)->grp, grp_id) == 0); - TEST_ASSERT(mbedtls_test_read_mpi(&mbedtls_pk_ec(prv)->d, d_str) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(prv)->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_test_read_mpi(&mbedtls_pk_ec_rw(prv)->d, d_str) == 0); TEST_ASSERT(mbedtls_pk_setup(&pub, mbedtls_pk_info_from_type(pk_type)) == 0); - TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec(pub)->grp, grp_id) == 0); - TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec(pub)->Q, 16, QX_str, QY_str) == 0); + TEST_ASSERT(mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(pub)->grp, grp_id) == 0); + TEST_ASSERT(mbedtls_ecp_point_read_string(&mbedtls_pk_ec_rw(pub)->Q, 16, QX_str, QY_str) == 0); mbedtls_ecp_set_max_ops(max_ops); @@ -726,7 +822,7 @@ void pk_sign_verify_restart(int pk_type, int grp_id, char *d_str, slen = sizeof(sig); ret = mbedtls_pk_sign_restartable(&prv, md_alg, hash->x, hash->len, - sig, sizeof sig, &slen, + sig, sizeof(sig), &slen, mbedtls_test_rnd_std_rand, NULL, &rs_ctx); TEST_ASSERT(ret == MBEDTLS_ERR_ECP_IN_PROGRESS); @@ -740,7 +836,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) { mbedtls_pk_context pk; @@ -761,17 +857,17 @@ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) #endif mbedtls_pk_init(&pk); - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); - memset(hash, 0x2a, sizeof hash); - memset(sig, 0, sizeof sig); + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); TEST_ASSERT(pk_genkey(&pk, parameter) == 0); TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256, hash, hash_len, - sig, sizeof sig, &sig_len, + sig, sizeof(sig), &sig_len, mbedtls_test_rnd_std_rand, NULL, rs_ctx) == sign_ret); if (sign_ret == 0) { @@ -796,7 +892,7 @@ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) } TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, hash, hash_len, - sig, sizeof sig, &sig_len, + sig, sizeof(sig), &sig_len, mbedtls_test_rnd_std_rand, NULL) == sign_ret); if (sign_ret == 0) { @@ -811,12 +907,12 @@ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) if (verify_ret == 0) { hash[0]++; TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len, rs_ctx) != 0); + hash, sizeof(hash), sig, sig_len, rs_ctx) != 0); hash[0]--; sig[0]++; TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len, rs_ctx) != 0); + hash, sizeof(hash), sig, sig_len, rs_ctx) != 0); sig[0]--; } @@ -825,7 +921,7 @@ exit: mbedtls_pk_restart_free(rs_ctx); #endif mbedtls_pk_free(&pk); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -845,12 +941,11 @@ void pk_rsa_encrypt_decrypt_test(data_t *message, int mod, mbedtls_pk_init(&pk); mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + USE_PSA_INIT(); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); memset(output, 0, sizeof(output)); - USE_PSA_INIT(); - /* encryption test */ /* init pk-rsa context */ @@ -918,15 +1013,13 @@ void pk_rsa_decrypt_test_vec(data_t *cipher, int mod, mbedtls_pk_context pk; size_t olen; - USE_PSA_INIT(); - mbedtls_pk_init(&pk); mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + USE_PSA_INIT(); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); - /* init pk-rsa context */ TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); rsa = mbedtls_pk_rsa(pk); @@ -975,11 +1068,10 @@ void pk_wrap_rsa_decrypt_test_vec(data_t *cipher, int mod, mbedtls_svc_key_id_t key_id; size_t olen; - USE_PSA_INIT(); - mbedtls_pk_init(&pk); mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); + USE_PSA_INIT(); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -1037,6 +1129,7 @@ void pk_ec_nocrypt(int type) int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; mbedtls_pk_init(&pk); + USE_PSA_INIT(); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); memset(output, 0, sizeof(output)); @@ -1054,6 +1147,7 @@ void pk_ec_nocrypt(int type) exit: mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ @@ -1061,17 +1155,14 @@ exit: void pk_rsa_overflow() { mbedtls_pk_context pk; - size_t hash_len = SIZE_MAX, sig_len = SIZE_MAX; + size_t hash_len = UINT_MAX + 1, sig_len = UINT_MAX + 1; unsigned char hash[50], sig[100]; - if (SIZE_MAX <= UINT_MAX) { - return; - } - - memset(hash, 0x2a, sizeof hash); - memset(sig, 0, sizeof sig); - mbedtls_pk_init(&pk); + USE_PSA_INIT(); + + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); @@ -1086,12 +1177,13 @@ void pk_rsa_overflow() sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, - sig, sizeof sig, &sig_len, + sig, sizeof(sig), &sig_len, mbedtls_test_rnd_std_rand, NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); exit: mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ @@ -1106,21 +1198,21 @@ void pk_rsa_alt() mbedtls_rsa_context raw; mbedtls_pk_context rsa, alt; mbedtls_pk_debug_item dbg_items[10]; - unsigned char hash[50], sig[64]; - unsigned char msg[50], ciph[64], test[50]; + unsigned char hash[50], sig[RSA_KEY_LEN]; + unsigned char msg[50], ciph[RSA_KEY_LEN], test[50]; size_t sig_len, ciph_len, test_len; int ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; + mbedtls_rsa_init(&raw); + mbedtls_pk_init(&rsa); + mbedtls_pk_init(&alt); USE_PSA_INIT(); - mbedtls_rsa_init(&raw); - mbedtls_pk_init(&rsa); mbedtls_pk_init(&alt); - - memset(hash, 0x2a, sizeof hash); - memset(sig, 0, sizeof sig); - memset(msg, 0x2a, sizeof msg); - memset(ciph, 0, sizeof ciph); - memset(test, 0, sizeof test); + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); + memset(msg, 0x2a, sizeof(msg)); + memset(ciph, 0, sizeof(ciph)); + memset(test, 0, sizeof(test)); /* Initialize PK RSA context with random key */ TEST_ASSERT(mbedtls_pk_setup(&rsa, @@ -1145,34 +1237,34 @@ void pk_rsa_alt() /* Test signature */ #if SIZE_MAX > UINT_MAX TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, - sig, sizeof sig, &sig_len, + sig, sizeof(sig), &sig_len, mbedtls_test_rnd_std_rand, NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); #endif /* SIZE_MAX > UINT_MAX */ - TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof hash, - sig, sizeof sig, &sig_len, + TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, sizeof(hash), + sig, sizeof(sig), &sig_len, mbedtls_test_rnd_std_rand, NULL) == 0); TEST_ASSERT(sig_len == RSA_KEY_LEN); TEST_ASSERT(mbedtls_pk_verify(&rsa, MBEDTLS_MD_NONE, - hash, sizeof hash, sig, sig_len) == 0); + hash, sizeof(hash), sig, sig_len) == 0); /* Test decrypt */ - TEST_ASSERT(mbedtls_pk_encrypt(&rsa, msg, sizeof msg, - ciph, &ciph_len, sizeof ciph, + TEST_ASSERT(mbedtls_pk_encrypt(&rsa, msg, sizeof(msg), + ciph, &ciph_len, sizeof(ciph), mbedtls_test_rnd_std_rand, NULL) == 0); TEST_ASSERT(mbedtls_pk_decrypt(&alt, ciph, ciph_len, - test, &test_len, sizeof test, + test, &test_len, sizeof(test), mbedtls_test_rnd_std_rand, NULL) == 0); - TEST_ASSERT(test_len == sizeof msg); + TEST_ASSERT(test_len == sizeof(msg)); TEST_ASSERT(memcmp(test, msg, test_len) == 0); /* Test forbidden operations */ - TEST_ASSERT(mbedtls_pk_encrypt(&alt, msg, sizeof msg, - ciph, &ciph_len, sizeof ciph, + TEST_ASSERT(mbedtls_pk_encrypt(&alt, msg, sizeof(msg), + ciph, &ciph_len, sizeof(ciph), mbedtls_test_rnd_std_rand, NULL) == ret); TEST_ASSERT(mbedtls_pk_verify(&alt, MBEDTLS_MD_NONE, - hash, sizeof hash, sig, sig_len) == ret); + hash, sizeof(hash), sig, sig_len) == ret); TEST_ASSERT(mbedtls_pk_debug(&alt, dbg_items) == ret); exit: @@ -1182,7 +1274,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO */ +/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO */ void pk_psa_sign(int parameter_arg, int psa_type_arg, int expected_bits_arg) { @@ -1208,12 +1300,12 @@ void pk_psa_sign(int parameter_arg, * - parse it to a PK context and verify the signature this way */ - PSA_ASSERT(psa_crypto_init()); + mbedtls_pk_init(&pk); + USE_PSA_INIT(); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if (PSA_KEY_TYPE_IS_RSA(psa_type_arg)) { /* Create legacy RSA public/private key in PK context. */ - mbedtls_pk_init(&pk); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk), @@ -1222,32 +1314,40 @@ void pk_psa_sign(int parameter_arg, alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256); } else #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ -#if defined(MBEDTLS_ECDSA_C) +#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) { mbedtls_ecp_group_id grpid = parameter_arg; /* Create legacy EC public/private key in PK context. */ - mbedtls_pk_init(&pk); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)) == 0); - TEST_ASSERT(mbedtls_ecp_gen_key(grpid, - (mbedtls_ecp_keypair *) pk.pk_ctx, - mbedtls_test_rnd_std_rand, NULL) == 0); + TEST_ASSERT(pk_genkey(&pk, grpid) == 0); + alg_psa = PSA_ALG_ECDSA(PSA_ALG_SHA_256); } else -#endif /* MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ { (void) parameter_arg; TEST_ASSUME(!"Opaque PK key not supported in this configuration"); } /* Export underlying public key for re-importing in a legacy context. */ +#if defined(MBEDTLS_PK_WRITE_C) ret = mbedtls_pk_write_pubkey_der(&pk, pkey_legacy, sizeof(pkey_legacy)); TEST_ASSERT(ret >= 0); klen_legacy = (size_t) ret; /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ pkey_legacy_start = pkey_legacy + sizeof(pkey_legacy) - klen_legacy; +#else + ret = mbedtls_ecp_point_write_binary(&(mbedtls_pk_ec_ro(pk)->grp), + &(mbedtls_pk_ec_ro(pk)->Q), + MBEDTLS_ECP_PF_UNCOMPRESSED, + &klen_legacy, pkey_legacy, + sizeof(pkey_legacy)); + TEST_EQUAL(ret, 0); + pkey_legacy_start = pkey_legacy; +#endif /* MBEDTLS_PK_WRITE_C */ /* Turn PK context into an opaque one. */ TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&pk, &key_id, alg_psa, @@ -1260,20 +1360,34 @@ void pk_psa_sign(int parameter_arg, TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE); - memset(hash, 0x2a, sizeof hash); - memset(sig, 0, sizeof sig); + memset(hash, 0x2a, sizeof(hash)); + memset(sig, 0, sizeof(sig)); TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sizeof sig, &sig_len, + hash, sizeof(hash), sig, sizeof(sig), &sig_len, NULL, NULL) == 0); + /* Only opaque EC keys support verification. */ + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) { + TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, + hash, sizeof(hash), sig, sig_len) == 0); + } /* Export underlying public key for re-importing in a psa context. */ +#if defined(MBEDTLS_PK_WRITE_C) ret = mbedtls_pk_write_pubkey_der(&pk, pkey_psa, sizeof(pkey_psa)); TEST_ASSERT(ret >= 0); klen_psa = (size_t) ret; /* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */ pkey_psa_start = pkey_psa + sizeof(pkey_psa) - klen_psa; +#else + psa_status_t status; + + status = psa_export_public_key(key_id, pkey_psa, sizeof(pkey_psa), + &klen_psa); + TEST_EQUAL(status, PSA_SUCCESS); + pkey_psa_start = pkey_psa; +#endif /* MBEDTLS_PK_WRITE_C */ TEST_ASSERT(klen_psa == klen_legacy); TEST_ASSERT(memcmp(pkey_psa_start, pkey_legacy_start, klen_psa) == 0); @@ -1282,10 +1396,26 @@ void pk_psa_sign(int parameter_arg, TEST_ASSERT(PSA_SUCCESS == psa_destroy_key(key_id)); mbedtls_pk_init(&pk); - TEST_ASSERT(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start, - klen_legacy) == 0); + + /* If we used "pk_write" previously, then we go for a "pk_parse" here; + * otherwise if we went for "ecp_point_write_binary" then we'll go + * for a "ecp_point_read_binary" here. This allows to drop dependencies + * on "PK_WRITE" and "PK_PARSE" if required */ +#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_PK_PARSE_C) + TEST_EQUAL(mbedtls_pk_parse_public_key(&pk, pkey_legacy_start, + klen_legacy), 0); +#else + TEST_EQUAL(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0); + TEST_EQUAL(mbedtls_ecp_group_load( + &(mbedtls_pk_ec_rw(pk)->grp), + (mbedtls_ecp_group_id) parameter_arg), 0); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp), + &(mbedtls_pk_ec_rw(pk)->Q), + pkey_legacy_start, klen_legacy), 0); +#endif TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, - hash, sizeof hash, sig, sig_len) == 0); + hash, sizeof(hash), sig, sig_len) == 0); exit: /* @@ -1307,7 +1437,7 @@ void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) size_t sig_len; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; unsigned char hash[PSA_HASH_MAX_SIZE]; - size_t hash_len = mbedtls_hash_info_get_size(md_alg); + size_t hash_len = mbedtls_md_get_size_from_type(md_alg); void const *options = NULL; mbedtls_pk_rsassa_pss_options rsassa_pss_options; memset(hash, 0x2a, sizeof(hash)); @@ -1334,8 +1464,8 @@ void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) TEST_ASSERT(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg, hash, hash_len, sig, sig_len) == 0); exit: - PSA_DONE(); mbedtls_pk_free(&pk); + PSA_DONE(); } /* END_CASE */ @@ -1350,7 +1480,7 @@ void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_al unsigned char pkey[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; unsigned char *pkey_start; unsigned char hash[PSA_HASH_MAX_SIZE]; - psa_algorithm_t psa_md_alg = mbedtls_hash_info_psa_from_md(md_alg); + psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg); psa_algorithm_t psa_alg; size_t hash_len = PSA_HASH_LENGTH(psa_md_alg); void const *options = NULL; diff --git a/tests/suites/test_suite_pkcs12.data b/tests/suites/test_suite_pkcs12.data index 601b5bbc6..64c999187 100644 --- a/tests/suites/test_suite_pkcs12.data +++ b/tests/suites/test_suite_pkcs12.data @@ -1,35 +1,71 @@ -PKCS#12 derive key : MD5: Zero length password and hash -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +PKCS#12 derive key: MD5: Zero length password and hash +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 PKCS#12 derive key: MD5: NULL password and hash -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"":USE_NULL_INPUT:3:"6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b6afdcbd5ebf943272134f1c3de2dc11b":0 PKCS#12 derive key: MD5: Zero length password -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: NULL password -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: Invalid length NULL password -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_NULL_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: MD5: Zero length salt -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_GIVEN_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: NULL salt -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"":USE_NULL_INPUT:3:"832d8502114fcccfd3de0c2b2863b1c45fb92a8db2ed1e704727b324adc267bdd66ae4918a81fa2d1ba15febfb9e6c4e":0 PKCS#12 derive key: MD5: Invalid length NULL salt -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_NULL_INPUT:3:"":MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA PKCS#12 derive key: MD5: Valid password and salt -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_MD5 pkcs12_derive_key:MBEDTLS_MD_MD5:48:"0123456789abcdef":USE_GIVEN_INPUT:"0123456789abcdef":USE_GIVEN_INPUT:3:"46559deeee036836ab1b633ec620178d4c70eacf42f72a2ad7360c812efa09ca3d7567b489a109050345c2dc6a262995":0 + +PBE Encrypt, pad = 7 (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAAAA":16:0:"5F2C15056A36F3A78856E9E662DD27CB" + +PBE Encrypt, pad = 8 (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":16:0:"5F2C15056A36F3A70F70A3D4EC4004A8" + +PBE Encrypt, pad = 8 (Invalid output size) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":15:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"5F2C15056A36F3A70F70A3D4EC4004A8" + +PBE Encrypt, pad = 8 (PKCS7 padding disabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"AAAAAAAAAAAAAAAA":0:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" + +PBE Decrypt, pad = 7 (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A78856E9E662DD27CB":16:0:"AAAAAAAAAAAAAAAAAA" + +PBE Decrypt, pad = 8 (Invalid output size) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A70F70A3D4EC4004A8":15:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"AAAAAAAAAAAAAAAA" + +PBE Decrypt, pad = 8 (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A70F70A3D4EC4004A8":16:0:"AAAAAAAAAAAAAAAA" + +PBE Decrypt, (Invalid padding & PKCS7 padding disabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A79F2B90F1428110E2":16:0:"AAAAAAAAAAAAAAAAAA07070707070708" + +PBE Decrypt, (Invalid padding & PKCS7 padding enabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pkcs12_pbe_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA1:"0409CCCCCCCCCCCCCCCCCC02010A":"BBBBBBBBBBBBBBBBBB":"5F2C15056A36F3A79F2B90F1428110E2":16:MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH:"AAAAAAAAAAAAAAAAAA07070707070708" diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index ab51e02fa..1d0c287fd 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -2,8 +2,6 @@ #include "mbedtls/pkcs12.h" #include "common.h" -#include "mbedtls/legacy_or_psa.h" - typedef enum { USE_NULL_INPUT = 0, USE_GIVEN_INPUT = 1, @@ -32,6 +30,8 @@ void pkcs12_derive_key(int md_type, int key_size_arg, size_t salt_len = 0; size_t key_size = key_size_arg; + MD_PSA_INIT(); + if (password_usage == USE_GIVEN_INPUT) { password = password_arg->x; } @@ -44,7 +44,7 @@ void pkcs12_derive_key(int md_type, int key_size_arg, salt_len = salt_arg->len; - ASSERT_ALLOC(output_data, key_size); + TEST_CALLOC(output_data, key_size); int ret = mbedtls_pkcs12_derivation(output_data, key_size, @@ -59,12 +59,123 @@ void pkcs12_derive_key(int md_type, int key_size_arg, TEST_EQUAL(ret, expected_status); if (expected_status == 0) { - ASSERT_COMPARE(expected_output->x, expected_output->len, - output_data, key_size); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output_data, key_size); } exit: mbedtls_free(output_data); - + MD_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void pkcs12_pbe_encrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, data_t *ref_out) +{ + int my_ret; + mbedtls_asn1_buf pbe_params; + unsigned char *my_out = NULL; + mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; + mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + + MD_PSA_INIT(); + + TEST_CALLOC(my_out, outsize); + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + +#if defined(MBEDTLS_TEST_DEPRECATED) + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } +#endif + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + + my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_ENCRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif + +exit: + mbedtls_free(my_out); + MD_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void pkcs12_pbe_decrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, data_t *ref_out) +{ + int my_ret; + mbedtls_asn1_buf pbe_params; + unsigned char *my_out = NULL; + mbedtls_cipher_type_t cipher_alg = (mbedtls_cipher_type_t) cipher; + mbedtls_md_type_t md_alg = (mbedtls_md_type_t) md; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + + MD_PSA_INIT(); + + TEST_CALLOC(my_out, outsize); + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + +#if defined(MBEDTLS_TEST_DEPRECATED) + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs12_pbe(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } +#endif + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + + pbe_params.tag = params_tag; + pbe_params.len = params_hex->len; + pbe_params.p = params_hex->x; + + my_ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, + md_alg, pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif + +exit: + mbedtls_free(my_out); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs1_v15.data b/tests/suites/test_suite_pkcs1_v15.data index 1496a8906..44e5a0124 100644 --- a/tests/suites/test_suite_pkcs1_v15.data +++ b/tests/suites/test_suite_pkcs1_v15.data @@ -5,51 +5,51 @@ RSAES-V15 Decryption empty output with NULL buffer pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_NONE:"":"aafd12f659cae63489b479e5076ddec2f06cb58f":"42c6fce63a3b858ba89fe83004cac3651d1497c15090bf0086b9a4b9ff3bd451502838a413095aefe231832ba10bb467ae3f95c889cd8e9a6e32b4df633b2170d07a2168c086745f0017cf1d9facff2eee55af2fcb03730209173b2a0bbfb2d4c34d7ea93b3b0cb84a8a7b6371670e14482e6dcedbdd9efe66d906e0238586fe":0 RSAES-V15 Encryption Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f67c6697351ff4aec29cdbaabf2fbe3467cc254f81be8e78d765a2e63339fc99a66320db73158a35a255d051758e95ed4abb2cdc69bb454110e827441213ddc8770e93ea141e1fc673e017e97eadc6b968f385c2aecb03bfb32":"6c5ebca6116b1e91316613fbb5e93197270a849122d549122d05815e2626f80d20f7f3f038c98295203c0f7f6bb8c3568455c67dec82bca86be86eff43b56b7ba2d15375f9a42454c2a2c709953a6e4a977462e35fd21a9c2fb3c0ad2a370f7655267bf6f04814784982988e663b869fc8588475af860d499e5a6ffdfc2c6bfd":0 RSAES-V15 Decryption Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"28818cb14236ad18f4527e7f1f7633e96cef021bc3234475d7f61e88702b6335b42a352ed3f3267ac7c3e9ba4af17e45096c63eefd8d9a7cb42dfc52fffb2f5b8afb305b46312c2eb50634123b4437a2287ac57b7509d59a583fb741989a49f32625e9267b4641a6607b7303d35c68489db53c8d387b620d0d46a852e72ea43c":0 RSAES-V15 Encryption Test Vector Data just fits -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0 RSAES-V15 Decryption Test Vector Data just fits -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"4293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"18cdb161f40a18509a3501b7e8ec1c7522e2490319efee8581179b5bcf3750f83a865952d078efd48f58f8060b0d43f9888b43a094fe15209451826ef797195885ff9fa3e26994eee85dbe5dd0404a71565708286027b433c88c85af555b96c34c304dc7c8278233654c022ef340042cfff55e6b15b67cfea8a5a384ef64a6ac":0 RSAES-V15 Encryption Test Vector Data too long 1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-V15 Decryption Test Vector Padding too short 7 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"b84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"05abded6751d620a95177abdba915027b58dd6eecf4ebe71f71c400b115e1d9e12465ace4db3cc03eb57fcbbfe017770f438cf84c10bad505919aefebfa0752087f6376b055beabf0e089fbb90e10f99c795d2d5676eea196db7f94a8fd34aedaba39fb230281bb9917cc91793eb37f84dedb2421e9680c39cfda34d4a012134":MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 Encryption Test Vector Data too long 3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-V15 Decryption Test Vector Padding too short 5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"aa1ab84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"10d60b8040d57d8701bacb55f2f283d54601ec24d465601ac7f7d5a2f75cac380ba78ca4ab6f3c159f3a9fd6839f5adde0333852ebf876c585664c1a58a1e6885231982f2027be6d7f08ff1807d3ceda8e41ad1f02ddf97a7458832fd13a1f431de6a4ab79e3d4b88bb1df2c5c77fcde9e7b5aa1e7bb29112eae58763127752a":MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 Encryption Test Vector Data too long 8 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-V15 Decryption Test Vector Padding too short 0 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_v15_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"a5a384ef64a6acb84293cecc8095232ae595b84c15ec26f35cf5fde88ae7a9aaa717bcb1ecc4de498da81db97425000770817b5dde5eed01ca3745ff5ab894d0fc0921e5a10b081490129d8ccbaa154ad3dd461397af8ec964ef99402d60a7591ee44b8ce1c16ef88fcb2717076c730d88223893bdd8000b23d87d38ab":"aafd12f659cae63489b479e5076ddec2f06cb58f":"72f98d12ddc230484179ec3022d11b3719222daaa0dc016fc3dbd6771a3f2c9fdd0560f86d616dd50ef1fa5b8c7e1fc40b5abf7b845d7795b3a6af02457b97f783360575cde7497bdf9c104650d4e9a8f4034406de1af95ace39bef2b9e979b74d9a2c0a741d8a21221d9afc98992776cad52d73151613dbc10da9bd8038751a":MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-V15 Signing Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_v15_sign:1024:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"37b66ae0445843353d47ecb0b4fd14c110e62d6a":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 RSASSA-V15 Verification Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_v15_verify:1024:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"37b66ae0445843353d47ecb0b4fd14c110e62d6a":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 RSAES-V15 decoding: good, payload=max, tight output buffer diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index d0ea23cdb..711327455 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -1,8 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" #include "mbedtls/md.h" - -#include "mbedtls/legacy_or_psa.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -28,10 +26,17 @@ void pkcs1_rsaes_v15_encrypt(int mod, char *input_N, mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); mbedtls_rsa_init(&ctx); + + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), MBEDTLS_MD_NONE); + TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); memset(output, 0x00, sizeof(output)); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); @@ -77,6 +82,9 @@ void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + memset(output, 0x00, sizeof(output)); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -281,6 +289,9 @@ void pkcs1_rsassa_v15_sign(int mod, char *input_P, memset(output, 0x00, sizeof(output)); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); @@ -322,6 +333,9 @@ void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); diff --git a/tests/suites/test_suite_pkcs1_v21.data b/tests/suites/test_suite_pkcs1_v21.data index 39afb79de..42450d958 100644 --- a/tests/suites/test_suite_pkcs1_v21.data +++ b/tests/suites/test_suite_pkcs1_v21.data @@ -1,1292 +1,1292 @@ RSAES-OAEP Encryption Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0 RSAES-OAEP Encryption Test Vector Data just fits -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd":"aafd12f659cae63489b479e5076ddec2f06cb58f":"3082f2288fff275213d53168f0a272573cff81837c249dc1f380a12ac124c8f217b700708a1ce7dce154265f31a126ebdd9ed3ef9145ae29124a25f4e65aa52c5a9ff34f6cf4de9ba937ae406dc7d1f277af4f6fb7ea73bfbab2bd397b6b2c53570e173ffcf3b9f0bb96837623a4f87bd81b41446c59e681a2f3da81239e9bdf":0 RSAES-OAEP Encryption Test Vector Data too long -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd32a7c8a05bbc90d32c49d436e99569fd00":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSAES-OAEP Encryption Test Vector 1_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0 RSAES-OAEP Encryption Test Vector 1_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0 RSAES-OAEP Encryption Test Vector 1_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0 RSAES-OAEP Encryption Test Vector 1_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0 RSAES-OAEP Encryption Test Vector 1_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0 RSAES-OAEP Encryption Test Vector 1_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1024:"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0 RSAES-OAEP Encryption Test Vector 2_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0 RSAES-OAEP Encryption Test Vector 2_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0 RSAES-OAEP Encryption Test Vector 2_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0 RSAES-OAEP Encryption Test Vector 2_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0 RSAES-OAEP Encryption Test Vector 2_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0 RSAES-OAEP Encryption Test Vector 2_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1025:"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0 RSAES-OAEP Encryption Example 3_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0 RSAES-OAEP Encryption Example 3_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0 RSAES-OAEP Encryption Example 3_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0 RSAES-OAEP Encryption Example 3_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0 RSAES-OAEP Encryption Example 3_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0 RSAES-OAEP Encryption Example 3_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1026:"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0 RSAES-OAEP Encryption Example 4_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0 RSAES-OAEP Encryption Example 4_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0 RSAES-OAEP Encryption Example 4_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0 RSAES-OAEP Encryption Example 4_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0 RSAES-OAEP Encryption Example 4_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0 RSAES-OAEP Encryption Example 4_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1027:"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0 RSAES-OAEP Encryption Example 5_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0 RSAES-OAEP Encryption Example 5_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0 RSAES-OAEP Encryption Example 5_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0 RSAES-OAEP Encryption Example 5_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0 RSAES-OAEP Encryption Example 5_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0 RSAES-OAEP Encryption Example 5_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1028:"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0 RSAES-OAEP Encryption Example 6_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0 RSAES-OAEP Encryption Example 6_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0 RSAES-OAEP Encryption Example 6_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0 RSAES-OAEP Encryption Example 6_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0 RSAES-OAEP Encryption Example 6_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0 RSAES-OAEP Encryption Example 6_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1029:"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0 RSAES-OAEP Encryption Example 7_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0 RSAES-OAEP Encryption Example 7_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0 RSAES-OAEP Encryption Example 7_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0 RSAES-OAEP Encryption Example 7_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0 RSAES-OAEP Encryption Example 7_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0 RSAES-OAEP Encryption Example 7_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1030:"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0 RSAES-OAEP Encryption Example 8_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0 RSAES-OAEP Encryption Example 8_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0 RSAES-OAEP Encryption Example 8_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0 RSAES-OAEP Encryption Example 8_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0 RSAES-OAEP Encryption Example 8_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0 RSAES-OAEP Encryption Example 8_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1031:"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0 RSAES-OAEP Encryption Example 9_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0 RSAES-OAEP Encryption Example 9_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0 RSAES-OAEP Encryption Example 9_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0 RSAES-OAEP Encryption Example 9_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0 RSAES-OAEP Encryption Example 9_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0 RSAES-OAEP Encryption Example 9_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:1536:"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0 RSAES-OAEP Encryption Example 10_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0 RSAES-OAEP Encryption Example 10_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0 RSAES-OAEP Encryption Example 10_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0 RSAES-OAEP Encryption Example 10_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0 RSAES-OAEP Encryption Example 10_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0 RSAES-OAEP Encryption Example 10_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0 RSAES-OAEP Encryption input=NULL with length=0 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_encrypt:2048:"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0 RSAES-OAEP Decryption Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda493b81a9e3d84f632124ef0236e5d1e3b7e28fae7aa040a2d5b252176459d1f397541ba2a58fb6599":"c97fb1f027f453f6341233eaaad1d9353f6c42d08866b1d05a0f2035028b9d869840b41666b42e92ea0da3b43204b5cfce3352524d0416a5a441e700af461503":"bbf82f090682ce9c2338ac2b9da871f7368d07eed41043a440d6b6f07454f51fb8dfbaaf035c02ab61ea48ceeb6fcd4876ed520d60e1ec4619719d8a5b8b807fafb8e0a3dfc737723ee6b4b7d93a2584ee6a649d060953748834b2454598394ee0aab12d7b61a51f527a9a41f6c1687fe2537298ca2a8f5946f8e5fd091dbdcb":"11":MBEDTLS_MD_SHA1:"d436e99569fd32a7c8a05bbc90d32c49":"aafd12f659cae63489b479e5076ddec2f06cb58f":"1253e04dc0a5397bb44a7ab87e9bf2a039a33d1e996fc82a94ccd30074c95df763722017069e5268da5d1c0b4f872cf653c11df82314a67968dfeae28def04bb6d84b1c31d654a1970e5783bd6eb96a024c2ca2f4a90fe9f2ef5c9c140e5bb48da9536ad8700c84fc9130adea74e558d51a74ddf85d8b50de96838d6063e0955":0 RSAES-OAEP Decryption Test Vector 1_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34":"18b776ea21069d69776a33e96bad48e1dda0a5ef":"354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a":0 RSAES-OAEP Decryption Test Vector 1_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5":"0cc742ce4a9b7f32f951bcb251efd925fe4fe35f":"640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44":0 RSAES-OAEP Decryption Test Vector 1_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051":"2514df4695755a67b288eaf4905c36eec66fd2fd":"423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb":0 RSAES-OAEP Decryption Test Vector 1_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85":"c4435a3e1a18a68b6820436290a37cefb85db3fb":"45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755":0 RSAES-OAEP Decryption Test Vector 1_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"8da89fd9e5f974a29feffb462b49180f6cf9e802":"b318c42df3be0f83fea823f5a7b47ed5e425a3b5":"36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439":0 RSAES-OAEP Decryption Test Vector 1_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1024:"d32737e7267ffe1341b2d5c0d150a81b586fb3132bed2f8d5262864a9cb9f30af38be448598d413a172efb802c21acf1c11c520c2f26a471dcad212eac7ca39d":"cc8853d1d54da630fac004f471f281c7b8982d8224a490edbeb33d3e3d5cc93c4765703d1dd791642f1f116a0dd852be2419b2af72bfe9a030e860b0288b5d77":"a8b3b284af8eb50b387034a860f146c4919f318763cd6c5598c8ae4811a1e0abc4c7e0b082d693a5e7fced675cf4668512772c0cbc64a742c6c630f533c8cc72f62ae833c40bf25842e984bb78bdbf97c0107d55bdb662f5c4e0fab9845cb5148ef7392dd3aaff93ae1e6b667bb3d4247616d4f5ba10d4cfd226de88d39f16fb":"010001":MBEDTLS_MD_SHA1:"26521050844271":"e4ec0982c2336f3a677f6a356174eb0ce887abc2":"42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255":0 RSAES-OAEP Decryption Test Vector 2_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7":"8c407b5ec2899e5099c53e8ce793bf94e71b1782":"0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e":0 RSAES-OAEP Decryption Test Vector 2_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2d":"b600cf3c2e506d7f16778c910d3a8b003eee61d5":"018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245":0 RSAES-OAEP Decryption Test Vector 2_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e":"a73768aeeaa91f9d8c1ed6f9d2b63467f07ccae3":"018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053":0 RSAES-OAEP Decryption Test Vector 2_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a":"9a7b3b0e708bd96f8190ecab4fb9b2b3805a8156":"00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641":0 RSAES-OAEP Decryption Test Vector 2_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"2ef2b066f854c33f3bdcbb5994a435e73d6c6c":"eb3cebbc4adc16bb48e88c8aec0e34af7f427fd3":"00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec":0 RSAES-OAEP Decryption Test Vector 2_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1025:"0159dbde04a33ef06fb608b80b190f4d3e22bcc13ac8e4a081033abfa416edb0b338aa08b57309ea5a5240e7dc6e54378c69414c31d97ddb1f406db3769cc41a43":"012b652f30403b38b40995fd6ff41a1acc8ada70373236b7202d39b2ee30cfb46db09511f6f307cc61cc21606c18a75b8a62f822df031ba0df0dafd5506f568bd7":"01947c7fce90425f47279e70851f25d5e62316fe8a1df19371e3e628e260543e4901ef6081f68c0b8141190d2ae8daba7d1250ec6db636e944ec3722877c7c1d0a67f14b1694c5f0379451a43e49a32dde83670b73da91a1c99bc23b436a60055c610f0baf99c1a079565b95a3f1526632d1d4da60f20eda25e653c4f002766f45":"010001":MBEDTLS_MD_SHA1:"8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0":"4c45cf4d57c98e3d6d2095adc51c489eb50dff84":"010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a":0 RSAES-OAEP Decryption Example 3_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"087820b569e8fa8d":"8ced6b196290805790e909074015e6a20b0c4894":"026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80":0 RSAES-OAEP Decryption Example 3_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04":"b4291d6567550848cc156967c809baab6ca507f0":"024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5":0 RSAES-OAEP Decryption Example 3_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"d94cd0e08fa404ed89":"ce8928f6059558254008badd9794fadcd2fd1f65":"0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a":0 RSAES-OAEP Decryption Example 3_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"6cc641b6b61e6f963974dad23a9013284ef1":"6e2979f52d6814a57d83b090054888f119a5b9a3":"02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0":0 RSAES-OAEP Decryption Example 3_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223":"2d760bfe38c59de34cdc8b8c78a38e66284a2d27":"0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60":0 RSAES-OAEP Decryption Example 3_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1026:"01bf01d216d73595cf0270c2beb78d40a0d8447d31da919a983f7eea781b77d85fe371b3e9373e7b69217d3150a02d8958de7fad9d555160958b4454127e0e7eaf":"018d3399658166db3829816d7b295416759e9c91987f5b2d8aecd63b04b48bd7b2fcf229bb7f8a6dc88ba13dd2e39ad55b6d1a06160708f9700be80b8fd3744ce7":"02b58fec039a860700a4d7b6462f93e6cdd491161ddd74f4e810b40e3c1652006a5c277b2774c11305a4cbab5a78efa57e17a86df7a3fa36fc4b1d2249f22ec7c2dd6a463232accea906d66ebe80b5704b10729da6f833234abb5efdd4a292cbfad33b4d33fa7a14b8c397b56e3acd21203428b77cdfa33a6da706b3d8b0fc43e9":"010001":MBEDTLS_MD_SHA1:"3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1":"f174779c5fd3cfe007badcb7a36c9b55bfcfbf0e":"00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730":0 RSAES-OAEP Decryption Example 4_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2":"1cac19ce993def55f98203f6852896c95ccca1f3":"04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8":0 RSAES-OAEP Decryption Example 4_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8":"f545d5897585e3db71aa0cb8da76c51d032ae963":"0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e":0 RSAES-OAEP Decryption Example 4_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99":"ad997feef730d6ea7be60d0dc52e72eacbfdd275":"0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065":0 RSAES-OAEP Decryption Example 4_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"fb2ef112f5e766eb94019297934794f7be2f6fc1c58e":"136454df5730f73c807a7e40d8c1a312ac5b9dd3":"02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4":0 RSAES-OAEP Decryption Example 4_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284":"bca8057f824b2ea257f2861407eef63d33208681":"00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2":0 RSAES-OAEP Decryption Example 4_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1027:"027458c19ec1636919e736c9af25d609a51b8f561d19c6bf6943dd1ee1ab8a4a3f232100bd40b88decc6ba235548b6ef792a11c9de823d0a7922c7095b6eba5701":"0210ee9b33ab61716e27d251bd465f4b35a1a232e2da00901c294bf22350ce490d099f642b5375612db63ba1f20386492bf04d34b3c22bceb909d13441b53b5139":"051240b6cc0004fa48d0134671c078c7c8dec3b3e2f25bc2564467339db38853d06b85eea5b2de353bff42ac2e46bc97fae6ac9618da9537a5c8f553c1e357625991d6108dcd7885fb3a25413f53efcad948cb35cd9b9ae9c1c67626d113d57dde4c5bea76bb5bb7de96c00d07372e9685a6d75cf9d239fa148d70931b5f3fb039":"010001":MBEDTLS_MD_SHA1:"f22242751ec6b1":"2e7e1e17f647b5ddd033e15472f90f6812f3ac4e":"00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9":0 RSAES-OAEP Decryption Example 5_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8":"44c92e283f77b9499c603d963660c87d2f939461":"036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5":0 RSAES-OAEP Decryption Example 5_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399":"cb28f5860659fceee49c3eeafce625a70803bd32":"03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad":0 RSAES-OAEP Decryption Example 5_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7":"2285f40d770482f9a9efa2c72cb3ac55716dc0ca":"0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967":0 RSAES-OAEP Decryption Example 5_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"15c5b9ee1185":"49fa45d3a78dd10dfd577399d1eb00af7eed5513":"0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf":0 RSAES-OAEP Decryption Example 5_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a":"f0287413234cc5034724a094c4586b87aff133fc":"07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723":0 RSAES-OAEP Decryption Example 5_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1028:"03b0d3962f6d17549cbfca11294348dcf0e7e39f8c2bc6824f2164b606d687860dae1e632393cfedf513228229069e2f60e4acd7e633a436063f82385f48993707":"02e4c32e2f517269b7072309f00c0e31365f7ce28b236b82912df239abf39572cf0ed604b02982e53564c52d6a05397de5c052a2fddc141ef7189836346aeb331f":"0aadf3f9c125e5d891f31ac448e993defe580f802b45f9d7f22ba5021e9c47576b5a1e68031ba9db4e6dabe4d96a1d6f3d267268cff408005f118efcadb99888d1c234467166b2a2b849a05a889c060ac0da0c5fae8b55f309ba62e703742fa0326f2d10b011021489ff497770190d895fd39f52293c39efd73a698bdab9f10ed9":"010001":MBEDTLS_MD_SHA1:"541e37b68b6c8872b84c02":"d9fba45c96f21e6e26d29eb2cdcb6585be9cb341":"08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a":0 RSAES-OAEP Decryption Example 6_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4":"dd0f6cfe415e88e5a469a51fbba6dfd40adb4384":"0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3":0 RSAES-OAEP Decryption Example 6_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7":"8d14bd946a1351148f5cae2ed9a0c653e85ebd85":"0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f":0 RSAES-OAEP Decryption Example 6_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c":"6c075bc45520f165c0bf5ea4c5df191bc9ef0e44":"0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65":0 RSAES-OAEP Decryption Example 6_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"684e3038c5c041f7":"3bbc3bd6637dfe12846901029bf5b0c07103439c":"008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8":0 RSAES-OAEP Decryption Example 6_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693":"b46b41893e8bef326f6759383a83071dae7fcabc":"00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab":0 RSAES-OAEP Decryption Example 6_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1029:"04a6ce8b7358dfa69bdcf742617005afb5385f5f3a58a24ef74a22a8c05cb7cc38ebd4cc9d9a9d789a62cd0f60f0cb941d3423c9692efa4fe3adff290c4749a38b":"0404c9a803371fedb4c5be39f3c00b009e5e08a63be1e40035cdaca5011cc701cf7eebcb99f0ffe17cfd0a4bf7befd2dd536ac946db797fdbc4abe8f29349b91ed":"12b17f6dad2ecd19ff46dc13f7860f09e0e0cfb677b38a52592305ceaf022c166db90d04ac29e33f7dd12d9faf66e0816bb63ead267cc7d46c17c37be214bca2a22d723a64e44407436b6fc965729aefc2554f376cd5dcea68293780a62bf39d0029485a160bbb9e5dc0972d21a504f52e5ee028aa416332f510b2e9cff5f722af":"010001":MBEDTLS_MD_SHA1:"50ba14be8462720279c306ba":"0a2403312a41e3d52f060fbc13a67de5cf7609a7":"0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470":0 RSAES-OAEP Decryption Example 7_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"47aae909":"43dd09a07ff4cac71caa4632ee5e1c1daee4cd8f":"1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1":0 RSAES-OAEP Decryption Example 7_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7":"3a9c3cec7b84f9bd3adecbc673ec99d54b22bc9b":"1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6":0 RSAES-OAEP Decryption Example 7_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d976fc":"76a75e5b6157a556cf8884bb2e45c293dd545cf5":"2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b":0 RSAES-OAEP Decryption Example 7_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb":"7866314a6ad6f2b250a35941db28f5864b585859":"0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac":0 RSAES-OAEP Decryption Example 7_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"bb47231ca5ea1d3ad46c99345d9a8a61":"b2166ed472d58db10cab2c6b000cccf10a7dc509":"028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478":0 RSAES-OAEP Decryption Example 7_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1030:"0749262c111cd470ec2566e6b3732fc09329469aa19071d3b9c01906514c6f1d26baa14beab0971c8b7e611a4f79009d6fea776928ca25285b0de3643d1a3f8c71":"06bc1e50e96c02bf636e9eea8b899bbebf7651de77dd474c3e9bc23bad8182b61904c7d97dfbebfb1e00108878b6e67e415391d67942c2b2bf9b4435f88b0cb023":"311179f0bcfc9b9d3ca315d00ef30d7bdd3a2cfae9911bfedcb948b3a4782d0732b6ab44aa4bf03741a644dc01bec3e69b01a033e675d8acd7c4925c6b1aec3119051dfd89762d215d45475ffcb59f908148623f37177156f6ae86dd7a7c5f43dc1e1f908254058a284a5f06c0021793a87f1ac5feff7dcaee69c5e51a3789e373":"010001":MBEDTLS_MD_SHA1:"2184827095d35c3f86f600e8e59754013296":"52673bde2ca166c2aa46131ac1dc808d67d7d3b1":"14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115":0 RSAES-OAEP Decryption Example 8_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967":"7706ffca1ecfb1ebee2a55e5c6e24cd2797a4125":"09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61":0 RSAES-OAEP Decryption Example 8_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc":"a3717da143b4dcffbc742665a8fa950585548343":"2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d":0 RSAES-OAEP Decryption Example 8_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8604ac56328c1ab5ad917861":"ee06209073cca026bb264e5185bf8c68b7739f86":"4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f":0 RSAES-OAEP Decryption Example 8_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc":"990ad573dc48a973235b6d82543618f2e955105d":"2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0":0 RSAES-OAEP Decryption Example 8_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"4a5f4914bee25de3c69341de07":"ecc63b28f0756f22f52ac8e6ec1251a6ec304718":"1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2":0 RSAES-OAEP Decryption Example 8_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1031:"0a02ef8448d9fad8bbd0d004c8c2aa9751ef9721c1b0d03236a54b0df947cbaed5a255ee9e8e20d491ea1723fe094704a9762e88afd16ebb5994412ca966dc4f9f":"092d362e7ed3a0bfd9e9fd0e6c0301b6df29159cf50cc83b9b0cf4d6eea71a61e002b46e0ae9f2de62d25b5d7452d498b81c9ac6fc58593d4c3fb4f5d72dfbb0a9":"5bdf0e30d321dda5147f882408fa69195480df8f80d3f6e8bf5818504f36427ca9b1f5540b9c65a8f6974cf8447a244d9280201bb49fcbbe6378d1944cd227e230f96e3d10f819dcef276c64a00b2a4b6701e7d01de5fabde3b1e9a0df82f4631359cd22669647fbb1717246134ed7b497cfffbdc42b59c73a96ed90166212dff7":"010001":MBEDTLS_MD_SHA1:"8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be":"3925c71b362d40a0a6de42145579ba1e7dd459fc":"3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210":0 RSAES-OAEP Decryption Example 9_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6":"8ec965f134a3ec9931e92a1ca0dc8169d5ea705c":"267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72":0 RSAES-OAEP Decryption Example 9_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659":"ecb1b8b25fa50cdab08e56042867f4af5826d16c":"93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8":0 RSAES-OAEP Decryption Example 9_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"fd326429df9b890e09b54b18b8f34f1e24":"e89bb032c6ce622cbdb53bc9466014ea77f777c0":"81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3":0 RSAES-OAEP Decryption Example 9_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e":"606f3b99c0b9ccd771eaa29ea0e4c884f3189ccc":"bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858":0 RSAES-OAEP Decryption Example 9_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d":"fcbc421402e9ecabc6082afa40ba5f26522c840e":"232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e":0 RSAES-OAEP Decryption Example 9_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:1536:"fc8d6c04bec4eb9a8192ca7900cbe536e2e8b519decf33b2459798c6909df4f176db7d23190fc72b8865a718af895f1bcd9145298027423b605e70a47cf58390a8c3e88fc8c48e8b32e3da210dfbe3e881ea5674b6a348c21e93f9e55ea65efd":"d200d45e788aacea606a401d0460f87dd5c1027e12dc1a0d7586e8939d9cf789b40f51ac0442961de7d21cc21e05c83155c1f2aa9193387cfdf956cb48d153ba270406f9bbba537d4987d9e2f9942d7a14cbfffea74fecdda928d23e259f5ee1":"cf2cd41e34ca3a728ea5cb8aff64c36d27bdef5364e336fd68d3123c5a196a8c287013e853d5156d58d151954520fb4f6d7b17abb6817765909c576119659d902b1906ed8a2b10c155c24d124528dab9eeae379beac66e4a411786dcb8fd0062ebc030de1219a04c2a8c1b7dd3131e4d6b6caee2e31a5ed41ac1509b2ef1ee2ab18364be568ca941c25ecc84ff9d643b5ec1aaae102a20d73f479b780fd6da91075212d9eac03a0674d899eba2e431f4c44b615b6ba2232bd4b33baed73d625d":"010001":MBEDTLS_MD_SHA1:"b6b28ea2198d0c1008bc64":"23aade0e1e08bb9b9a78d2302a52f9c21b2e1ba2":"438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f":0 RSAES-OAEP Decryption Example 10_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee":"47e1ab7119fee56c95ee5eaad86f40d0aa63bd33":"53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc":0 RSAES-OAEP Decryption Example 10_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"e6ad181f053b58a904f2457510373e57":"6d17f5b4c1ffac351d195bf7b09d09f09a4079cf":"a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795":0 RSAES-OAEP Decryption Example 10_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124":"385387514deccc7c740dd8cdf9daee49a1cbfd54":"9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede":0 RSAES-OAEP Decryption Example 10_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9":"5caca6a0f764161a9684f85d92b6e0ef37ca8b65":"6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8":0 RSAES-OAEP Decryption Example 10_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9":"95bca9e3859894b3dd869fa7ecd5bbc6401bf3e4":"75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0":0 RSAES-OAEP Decryption Example 10_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46":0 RSAES-OAEP Decryption empty output with NULL buffer -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsaes_oaep_decrypt:2048:"ecf5aecd1e5515fffacbd75a2816c6ebf49018cdfb4638e185d66a7396b6f8090f8018c7fd95cc34b857dc17f0cc6516bb1346ab4d582cadad7b4103352387b70338d084047c9d9539b6496204b3dd6ea442499207bec01f964287ff6336c3984658336846f56e46861881c10233d2176bf15a5e96ddc780bc868aa77d3ce769":"bc46c464fc6ac4ca783b0eb08a3c841b772f7e9b2f28babd588ae885e1a0c61e4858a0fb25ac299990f35be85164c259ba1175cdd7192707135184992b6c29b746dd0d2cabe142835f7d148cc161524b4a09946d48b828473f1ce76b6cb6886c345c03e05f41d51b5c3a90a3f24073c7d74a4fe25d9cf21c75960f3fc3863183":"ae45ed5601cec6b8cc05f803935c674ddbe0d75c4c09fd7951fc6b0caec313a8df39970c518bffba5ed68f3f0d7f22a4029d413f1ae07e4ebe9e4177ce23e7f5404b569e4ee1bdcf3c1fb03ef113802d4f855eb9b5134b5a7c8085adcae6fa2fa1417ec3763be171b0c62b760ede23c12ad92b980884c641f5a8fac26bdad4a03381a22fe1b754885094c82506d4019a535a286afeb271bb9ba592de18dcf600c2aeeae56e02f7cf79fc14cf3bdc7cd84febbbf950ca90304b2219a7aa063aefa2c3c1980e560cd64afe779585b6107657b957857efde6010988ab7de417fc88d8f384c4e6e72c3f943e0c31c0c4a5cc36f879d8a3ac9d7d59860eaada6b83bb":"010001":MBEDTLS_MD_SHA1:"":"9f47ddf42e97eea856a9bdbc714eb3ac22f6eb32":"32b75304e631e94d4b02819642c7ffa66116af504cb3c4687420cc4b7f069fc6cc3b1a254611995ce2914a9e88152d38bbf87ccedcad9b9890341284e56e802a1b1f8f6bd3d5c991bd92eb8a8ea0a1d8bae141088ff8dceaebdb73515cf06ce33baa37c53093f1d1edc3502818cc70edcfddb41646374beb5b4f67f7f773e43778d4d31012e5a207c474e762ac3251ea6ede9018ad6e8e9ea65a3528a62b694eb9d8becff220a7c6c70d33eaafa52cf67a8090f67b6f9c43c6fe0b0f2375cbb9e611c0fcfef5312feb5e53d4a89d3d7e06c966e0c92ab9e5838239f390bcfd918d94c224df8e8ccb57ee364389908b6a0e550133f7565016804fbd6cb338314a":0 RSASSA-PSS Signing Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"37b66ae0445843353d47ecb0b4fd14c110e62d6a":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Verification Test Vector Int -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"37b66ae0445843353d47ecb0b4fd14c110e62d6a":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"8daa627d3de7595d63056c7ec659e54406f10610128baae821c8b2a0f3936d54dc3bdce46689f6b7951bb18e840542769718d5715d210d85efbb596192032c42be4c29972c856275eb6d5a45f05f51876fc6743deddd28caec9bb30ea99e02c3488269604fe497f74ccd7c7fca1671897123cbd30def5d54a2b5536ad90a747e":0 RSASSA-PSS Signature RSA-1016, SHA-512: minimum salt size not met -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1016:"0e3cb6845e528229e19cfb24611e6859ac1cea7d35992b6e2e796823c52affa03400e42830f90697f084499c3e3587defc19e749e72433dd7b70c28b0c8280b7":"0c48f9e45ae38fdb4a5143be37d79a10cd4f1f9782ef26a4848a4449c72cfd712c68350818736385cb4a9ab6db5aef8e96c551039cfcc8915821aee069ed660d":"00aee7874a4db2f1510044405db29f14df0f37bbcf61fcbcc994a3d31caaf858a74cc8f2a40ac9a9ce7aa9a0680f62cf9d8d4b827114533fdbf86f16fc9dfe5cbf857d86135519a4611ffc59cb7473861619a78e3ec314715e804cff82d6f32e9f57ddf390563629883bd34f40e8db413209b151cee97d817a5d65c7da54734b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"391cad6ca7e43059db25e85e9055b00a1087dd8709b40e07fd2b20327ba5dbe1eaac18bc4ddc9d9fd27572895a05553c613d7fe57da7543b19eba91860e1ca12":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature RSA-520, SHA-512: no possible salt size -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:520:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"391cad6ca7e43059db25e85e9055b00a1087dd8709b40e07fd2b20327ba5dbe1eaac18bc4ddc9d9fd27572895a05553c613d7fe57da7543b19eba91860e1ca12":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature RSA-528, SHA-512: zero salt size -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"391cad6ca7e43059db25e85e9055b00a1087dd8709b40e07fd2b20327ba5dbe1eaac18bc4ddc9d9fd27572895a05553c613d7fe57da7543b19eba91860e1ca12":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":MBEDTLS_RSA_SALT_LEN_ANY:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature Example 1_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cd8b6538cb8e8de566b68bd067569dbf1ee2718e":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 1_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"cd8b6538cb8e8de566b68bd067569dbf1ee2718e":"dee959c7e06411361420ff80185ed57f3e6776af":"9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c":0 RSASSA-PSS Signature Example 1_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 1_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd":"ef2869fa40c346cb183dab3d7bffc98fd56df42d":"3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843":0 RSASSA-PSS Signature Example 1_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0652ec67bcee30f9d2699122b91c19abdba89f91":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 1_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0652ec67bcee30f9d2699122b91c19abdba89f91":"710b9c4747d800d4de87f12afdce6df18107cc77":"666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1":0 RSASSA-PSS Signature Example 1_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"39c21c4cceda9c1adf839c744e1212a6437575ec":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 1_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"39c21c4cceda9c1adf839c744e1212a6437575ec":"056f00985de14d8ef5cea9e82f8c27bef720335e":"4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87":0 RSASSA-PSS Signature Example 1_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"36dae913b77bd17cae6e7b09453d24544cebb33c":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 1_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"36dae913b77bd17cae6e7b09453d24544cebb33c":"80e70ff86a08de3ec60972b39b4fbfdcea67ae8e":"1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad":0 RSASSA-PSS Signature Example 1_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1024:"e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443":"b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd":"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45eef191f4f79c31fe5d2ede7e5098994e929d2d":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 1_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1024:"a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"45eef191f4f79c31fe5d2ede7e5098994e929d2d":"a8ab69dd801f0074c2a1fc60649836c616d99681":"2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58":0 RSASSA-PSS Signature Example 2_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"5c81a3e2a658246628cd0ee8b00bb4c012bc9739":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 2_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"5c81a3e2a658246628cd0ee8b00bb4c012bc9739":"57bf160bcb02bb1dc7280cf0458530b7d2832ff7":"014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3":0 RSASSA-PSS Signature Example 2_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"27f71611446aa6eabf037f7dedeede3203244991":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 2_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"27f71611446aa6eabf037f7dedeede3203244991":"7f6dd359e604e60870e898e47b19bf2e5a7b2a90":"010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea":0 RSASSA-PSS Signature Example 2_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"03ecc2c33e93f05fc7224fcc0d461356cb897217":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 2_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"03ecc2c33e93f05fc7224fcc0d461356cb897217":"fca862068bce2246724b708a0519da17e648688c":"007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4":0 RSASSA-PSS Signature Example 2_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"246c727b4b9494849dddb068d582e179ac20999c":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 2_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"246c727b4b9494849dddb068d582e179ac20999c":"8070ef2de945c02387684ba0d33096732235d440":"009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b":0 RSASSA-PSS Signature Example 2_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e8617ca3ea66ce6a58ede2d11af8c3ba8a6ba912":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 2_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e8617ca3ea66ce6a58ede2d11af8c3ba8a6ba912":"17639a4e88d722c4fca24d079a8b29c32433b0c9":"00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf":0 RSASSA-PSS Signature Example 2_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1025:"016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1":"014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079":"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7a6fdc1a4e434ecbc35d657ad49a2f4fafd43bc8":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 2_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1025:"01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7a6fdc1a4e434ecbc35d657ad49a2f4fafd43bc8":"37810def1055ed922b063df798de5d0aabf886ee":"00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6":0 RSASSA-PSS Signature Example 3_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"3552be69dd74bdc56d2cf8c38ef7bafe269040fe":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 3_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"3552be69dd74bdc56d2cf8c38ef7bafe269040fe":"f31ad6c8cf89df78ed77feacbcc2f8b0a8e4cfaa":"0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f":0 RSASSA-PSS Signature Example 3_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"609143ff7240e55c062aba8b9e4426a781919bc9":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 3_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"609143ff7240e55c062aba8b9e4426a781919bc9":"fcf9f0e1f199a3d1d0da681c5b8606fc642939f7":"02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af":0 RSASSA-PSS Signature Example 3_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afd22f879a9cda7c584f4135f8f1c961db114c0":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 3_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0afd22f879a9cda7c584f4135f8f1c961db114c0":"986e7c43dbb671bd41b9a7f4b6afc80e805f2423":"0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c":0 RSASSA-PSS Signature Example 3_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"405dd56d395ef0f01b555c48f748cc32b210650b":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 3_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"405dd56d395ef0f01b555c48f748cc32b210650b":"f8312d9c8eea13ec0a4c7b98120c87509087c478":"0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8":0 RSASSA-PSS Signature Example 3_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a2c313b0440c8a0c47233b87f0a160c61af3eae7":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 3_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a2c313b0440c8a0c47233b87f0a160c61af3eae7":"50327efec6292f98019fc67a2a6638563e9b6e2d":"021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83":0 RSASSA-PSS Signature Example 3_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1026:"01bd36e18ece4b0fdb2e9c9d548bd1a7d6e2c21c6fdc35074a1d05b1c6c8b3d558ea2639c9a9a421680169317252558bd148ad215aac550e2dcf12a82d0ebfe853":"01b1b656ad86d8e19d5dc86292b3a192fdf6e0dd37877bad14822fa00190cab265f90d3f02057b6f54d6ecb14491e5adeacebc48bf0ebd2a2ad26d402e54f61651":"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1bf6ca7b4bbdbb6bf20a4bf55728725d177154a":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 3_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1026:"02f246ef451ed3eebb9a310200cc25859c048e4be798302991112eb68ce6db674e280da21feded1ae74880ca522b18db249385012827c515f0e466a1ffa691d98170574e9d0eadb087586ca48933da3cc953d95bd0ed50de10ddcb6736107d6c831c7f663e833ca4c097e700ce0fb945f88fb85fe8e5a773172565b914a471a443":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f1bf6ca7b4bbdbb6bf20a4bf55728725d177154a":"b0de3fc25b65f5af96b1d5cc3b27d0c6053087b3":"012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce":0 RSASSA-PSS Signature Example 4_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f8b0abf70fec0bca74f0accbc24f75e6e90d3bfd":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 4_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f8b0abf70fec0bca74f0accbc24f75e6e90d3bfd":"ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d":"0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948":0 RSASSA-PSS Signature Example 4_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04a10944bfe11ab801e77889f3fd3d7f4ff0b629":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 4_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"04a10944bfe11ab801e77889f3fd3d7f4ff0b629":"22d71d54363a4217aa55113f059b3384e3e57e44":"049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598":0 RSASSA-PSS Signature Example 4_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ba01243db223eb97fb86d746c3148adaaa0ca344":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 4_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ba01243db223eb97fb86d746c3148adaaa0ca344":"4af870fbc6516012ca916c70ba862ac7e8243617":"03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad":0 RSASSA-PSS Signature Example 4_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"934bb0d38d6836daec9de82a9648d4593da67cd2":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 4_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"934bb0d38d6836daec9de82a9648d4593da67cd2":"40d2e180fae1eac439c190b56c2c0e14ddf9a226":"0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f":0 RSASSA-PSS Signature Example 4_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ec35d81abd1cceac425a935758b683465c8bd879":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 4_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ec35d81abd1cceac425a935758b683465c8bd879":"2497dc2b4615dfae5a663d49ffd56bf7efc11304":"022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a":0 RSASSA-PSS Signature Example 4_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1027:"029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995":"020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1":"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"72ce251d17b04dd3970d6ff1fbe3624899e9e941":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 4_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1027:"054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"72ce251d17b04dd3970d6ff1fbe3624899e9e941":"a334db6faebf11081a04f87c2d621cdec7930b9b":"00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e":0 RSASSA-PSS Signature Example 5_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"d98b7061943510bc3dd9162f7169aabdbdcd0222":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 5_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"d98b7061943510bc3dd9162f7169aabdbdcd0222":"081b233b43567750bd6e78f396a88b9f6a445151":"0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d":0 RSASSA-PSS Signature Example 5_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7ae8e699f754988f4fd645e463302e49a2552072":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 5_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7ae8e699f754988f4fd645e463302e49a2552072":"bd0ce19549d0700120cbe51077dbbbb00a8d8b09":"08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e":0 RSASSA-PSS Signature Example 5_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d46c7c05534c1ba2cc7624500d48a4531604bff":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 5_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8d46c7c05534c1ba2cc7624500d48a4531604bff":"815779a91b3a8bd049bf2aeb920142772222c9ca":"05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979":0 RSASSA-PSS Signature Example 5_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ee3de96783fd0a157c8b20bf5566124124dcfe65":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 5_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ee3de96783fd0a157c8b20bf5566124124dcfe65":"9aec4a7480d5bbc42920d7ca235db674989c9aac":"0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1":0 RSASSA-PSS Signature Example 5_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1204df0b03c2724e2709c23fc71789a21b00ae4c":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 5_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1204df0b03c2724e2709c23fc71789a21b00ae4c":"e20c1e9878512c39970f58375e1549a68b64f31d":"0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd":0 RSASSA-PSS Signature Example 5_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1028:"03f2f331f4142d4f24b43aa10279a89652d4e7537221a1a7b2a25deb551e5de9ac497411c227a94e45f91c2d1c13cc046cf4ce14e32d058734210d44a87ee1b73f":"034f090d73b55803030cf0361a5d8081bfb79f851523feac0a2124d08d4013ff08487771a870d0479dc0686c62f7718dfecf024b17c9267678059171339cc00839":"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"29926bc3280c841f601acd0d6f17ea38023eddbc":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 5_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1028:"0d10f661f29940f5ed39aa260966deb47843679d2b6fb25b3de370f3ac7c19916391fd25fb527ebfa6a4b4df45a1759d996c4bb4ebd18828c44fc52d0191871740525f47a4b0cc8da325ed8aa676b0d0f626e0a77f07692170acac8082f42faa7dc7cd123e730e31a87985204cabcbe6670d43a2dd2b2ddef5e05392fc213bc507":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"29926bc3280c841f601acd0d6f17ea38023eddbc":"23291e4a3307e8bbb776623ab34e4a5f4cc8a8db":"02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f":0 RSASSA-PSS Signature Example 6_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ab464e8cb65ae5fdea47a53fa84b234d6bfd52f6":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 6_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"ab464e8cb65ae5fdea47a53fa84b234d6bfd52f6":"5b4ea2ef629cc22f3b538e016904b47b1e40bfd5":"04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1":0 RSASSA-PSS Signature Example 6_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"92d0bcae82b641f578f040f5151be8eda6d42299":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 6_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"92d0bcae82b641f578f040f5151be8eda6d42299":"83146a9e782722c28b014f98b4267bda2ac9504f":"0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773":0 RSASSA-PSS Signature Example 6_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"3569bd8fd2e28f2443375efa94f186f6911ffc2b":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 6_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"3569bd8fd2e28f2443375efa94f186f6911ffc2b":"a87b8aed07d7b8e2daf14ddca4ac68c4d0aabff8":"086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456":0 RSASSA-PSS Signature Example 6_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7abbb7b42de335730a0b641f1e314b6950b84f98":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 6_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7abbb7b42de335730a0b641f1e314b6950b84f98":"a37932f8a7494a942d6f767438e724d6d0c0ef18":"0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f":0 RSASSA-PSS Signature Example 6_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"55b7eb27be7a787a59eb7e5fac468db8917a7725":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 6_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"55b7eb27be7a787a59eb7e5fac468db8917a7725":"7b790c1d62f7b84e94df6af28917cf571018110e":"02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b":0 RSASSA-PSS Signature Example 6_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1029:"04f0548c9626ab1ebf1244934741d99a06220efa2a5856aa0e75730b2ec96adc86be894fa2803b53a5e85d276acbd29ab823f80a7391bb54a5051672fb04eeb543":"0483e0ae47915587743ff345362b555d3962d98bb6f15f848b4c92b1771ca8ed107d8d3ee65ec44517dd0faa481a387e902f7a2e747c269e7ea44480bc538b8e5b":"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"de2fa0367ef49083ff89b9905d3fd646fcc12c38":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 6_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1029:"164ca31cff609f3a0e7101b039f2e4fe6dd37519ab98598d179e174996598071f47d3a04559158d7be373cf1aa53f0aa6ef09039e5678c2a4c63900514c8c4f8aaed5de12a5f10b09c311af8c0ffb5b7a297f2efc63b8d6b0510931f0b98e48bf5fc6ec4e7b8db1ffaeb08c38e02adb8f03a48229c99e969431f61cb8c4dc698d1":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"de2fa0367ef49083ff89b9905d3fd646fcc12c38":"fbbe059025b69b89fb14ae2289e7aaafe60c0fcd":"0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef":0 RSASSA-PSS Signature Example 7_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8be4afbdd76bd8d142c5f4f46dba771ee5d6d29d":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 7_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"8be4afbdd76bd8d142c5f4f46dba771ee5d6d29d":"b7867a59958cb54328f8775e6546ec06d27eaa50":"187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823":0 RSASSA-PSS Signature Example 7_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"402140dc605b2f5c5ec0d15bce9f9ba8857fe117":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 7_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"402140dc605b2f5c5ec0d15bce9f9ba8857fe117":"0c09582266df086310821ba7e18df64dfee6de09":"10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8":0 RSASSA-PSS Signature Example 7_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"3e885205892ff2b6b37c2c4eb486c4bf2f9e7f20":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 7_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"3e885205892ff2b6b37c2c4eb486c4bf2f9e7f20":"28039dcfe106d3b8296611258c4a56651c9e92dd":"2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1":0 RSASSA-PSS Signature Example 7_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1fc2201d0c442a4736cd8b2cd00c959c47a3bf42":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 7_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"1fc2201d0c442a4736cd8b2cd00c959c47a3bf42":"a77821ebbbef24628e4e12e1d0ea96de398f7b0f":"32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19":0 RSASSA-PSS Signature Example 7_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4351b66819e5a31501f89acc7faf57030e9aac5":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 7_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"e4351b66819e5a31501f89acc7faf57030e9aac5":"9d5ad8eb452134b65dc3a98b6a73b5f741609cd6":"07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1":0 RSASSA-PSS Signature Example 7_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1030:"07eefb424b0e3a40e4208ee5afb280b22317308114dde0b4b64f730184ec68da6ce2867a9f48ed7726d5e2614ed04a5410736c8c714ee702474298c6292af07535":"070830dbf947eac0228de26314b59b66994cc60e8360e75d3876298f8f8a7d141da064e5ca026a973e28f254738cee669c721b034cb5f8e244dadd7cd1e159d547":"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"49f6cc58365e514e1a3f301f4de16f9fb5347ff2":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 7_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1030:"37c9da4a66c8c408b8da27d0c9d79f8ccb1eafc1d2fe48746d940b7c4ef5dee18ad12647cefaa0c4b3188b221c515386759b93f02024b25ab9242f8357d8f3fd49640ee5e643eaf6c64deefa7089727c8ff03993333915c6ef21bf5975b6e50d118b51008ec33e9f01a0a545a10a836a43ddbca9d8b5c5d3548022d7064ea29ab3":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"49f6cc58365e514e1a3f301f4de16f9fb5347ff2":"3f2efc595880a7d47fcf3cba04983ea54c4b73fb":"18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33":0 RSASSA-PSS Signature Example 8_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a1dd230d8ead860199b6277c2ecfe3d95f6d9160":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 8_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"a1dd230d8ead860199b6277c2ecfe3d95f6d9160":"1d65491d79c864b373009be6f6f2467bac4c78fa":"0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5":0 RSASSA-PSS Signature Example 8_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f6e68e53c602c5c65fa67b5aa6d786e5524b12ab":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 8_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"f6e68e53c602c5c65fa67b5aa6d786e5524b12ab":"435c098aa9909eb2377f1248b091b68987ff1838":"2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e":0 RSASSA-PSS Signature Example 8_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"d6f9fcd3ae27f32bb2c7c93536782eba52af1f76":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 8_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"d6f9fcd3ae27f32bb2c7c93536782eba52af1f76":"c6ebbe76df0c4aea32c474175b2f136862d04529":"2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96":0 RSASSA-PSS Signature Example 8_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7ff2a53ce2e2d900d468e498f230a5f5dd0020de":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 8_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"7ff2a53ce2e2d900d468e498f230a5f5dd0020de":"021fdcc6ebb5e19b1cb16e9c67f27681657fe20a":"1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7":0 RSASSA-PSS Signature Example 8_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"4eb309f7022ba0b03bb78601b12931ec7c1be8d3":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 8_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"4eb309f7022ba0b03bb78601b12931ec7c1be8d3":"c558d7167cbb4508ada042971e71b1377eea4269":"33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee":0 RSASSA-PSS Signature Example 8_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1031:"08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb":"0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d":"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"65033bc2f67d6aba7d526acb873b8d9241e5e4d9":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 8_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1031:"495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"65033bc2f67d6aba7d526acb873b8d9241e5e4d9":"76fd4e64fdc98eb927a0403e35a084e76ba9f92a":"1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e":0 RSASSA-PSS Signature Example 9_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2715a49b8b0012cd7aee84c116446e6dfe3faec0":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 9_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2715a49b8b0012cd7aee84c116446e6dfe3faec0":"c0a425313df8d7564bd2434d311523d5257eed80":"586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e":0 RSASSA-PSS Signature Example 9_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2dac956d53964748ac364d06595827c6b4f143cd":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 9_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"2dac956d53964748ac364d06595827c6b4f143cd":"b307c43b4850a8dac2f15f32e37839ef8c5c0e91":"80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958":0 RSASSA-PSS Signature Example 9_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"28d98c46cccafbd3bc04e72f967a54bd3ea12298":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 9_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"28d98c46cccafbd3bc04e72f967a54bd3ea12298":"9a2b007e80978bbb192c354eb7da9aedfc74dbf5":"484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca":0 RSASSA-PSS Signature Example 9_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0866d2ff5a79f25ef668cd6f31b42dee421e4c0e":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 9_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"0866d2ff5a79f25ef668cd6f31b42dee421e4c0e":"70f382bddf4d5d2dd88b3bc7b7308be632b84045":"84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e":0 RSASSA-PSS Signature Example 9_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6a5b4be4cd36cc97dfde9995efbf8f097a4a991a":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 9_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"6a5b4be4cd36cc97dfde9995efbf8f097a4a991a":"d689257a86effa68212c5e0c619eca295fb91b67":"82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c":0 RSASSA-PSS Signature Example 9_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:1536:"f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367":"ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d":"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b9dfd1df76a461c51e6576c6c8ed0a923d1c50e7":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 9_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:1536:"e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b9dfd1df76a461c51e6576c6c8ed0a923d1c50e7":"c25f13bf67d081671a0481a1f1820d613bba2276":"a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f":0 RSASSA-PSS Signature Example 10_1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9596bb630cf6a8d4ea4600422b9eba8b13675dd4":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 10_1 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"9596bb630cf6a8d4ea4600422b9eba8b13675dd4":"04e215ee6ff934b9da70d7730c8734abfcecde89":"82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666":0 RSASSA-PSS Signature Example 10_2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b503319399277fd6c1c8f1033cbf04199ea21716":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 10_2 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"b503319399277fd6c1c8f1033cbf04199ea21716":"8b2bdd4b40faf545c778ddf9bc1a49cb57f9b71b":"14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3":0 RSASSA-PSS Signature Example 10_3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"50aaede8536b2c307208b275a67ae2df196c7628":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 10_3 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"50aaede8536b2c307208b275a67ae2df196c7628":"4e96fc1b398f92b44671010c0dc3efd6e20c2d73":"6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb":0 RSASSA-PSS Signature Example 10_4 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"aa0b72b8b371ddd10c8ae474425ccccf8842a294":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 10_4 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"aa0b72b8b371ddd10c8ae474425ccccf8842a294":"c7cd698d84b65128d8835e3a8b1eb0e01cb541ec":"34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb":0 RSASSA-PSS Signature Example 10_5 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fad3902c9750622a2bc672622c48270cc57d3ea8":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 10_5 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"fad3902c9750622a2bc672622c48270cc57d3ea8":"efa8bff96212b2f4a3f371a10d574152655f5dfb":"7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc":0 RSASSA-PSS Signature Example 10_6 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_sign:2048:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6f76fdfcb8b38c4f71dc9e88bd6a6f76371afd65d2af1862b32afb34a95f71b8b132043ffebe3a952baf7592448148c03f9c69b1d68e4ce5cf32c86baf46fed301ca1ab403069b32f456b91f71898ab081cd8c4252ef5271915c9794b8f295851da7510f99cb73eb":"cc4e90d2a1b3a065d3b2d1f5a8fce31b544475664eab561d2971b99fb7bef844e8ec1f360b8c2ac8359692971ea6a38f723fcc211f5dbcb177a0fdac5164a1d4ff7fbb4e829986353cb983659a148cdd420c7d31ba3822ea90a32be46c030e8c17e1fa0ad37859e06b0aa6fa3b216d9cbe6c0e22339769c0a615913e5da719cf":"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"122196deb5d122bd8c6fc781ff6924d7c695aade":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Signature Example 10_6 (verify) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"122196deb5d122bd8c6fc781ff6924d7c695aade":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0 RSASSA-PSS Signature verify options #1 (OK) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"122196deb5d122bd8c6fc781ff6924d7c695aade":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0 RSASSA-PSS Signature verify options #2 (ctx_hash none) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:20:"122196deb5d122bd8c6fc781ff6924d7c695aade":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0 RSASSA-PSS Signature verify options #3 (ctx_hash diverging) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:"122196deb5d122bd8c6fc781ff6924d7c695aade":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_INVALID_PADDING:0 RSASSA-PSS Signature verify options #4 (mgf1_hash diverging) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:"122196deb5d122bd8c6fc781ff6924d7c695aade":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS Signature verify options #5 (wrong msg_hash) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:"6a38f6327be8fb5334639c621937dd95958cc3e07da6ba29dd6a7bbd94c1e4bc":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":MBEDTLS_ERR_RSA_VERIFY_FAILED:MBEDTLS_ERR_RSA_VERIFY_FAILED RSASSA-PSS Signature verify options #6 (wrong expected_salt_len) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:21:"122196deb5d122bd8c6fc781ff6924d7c695aade":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS Signature verify options #7 (wrong expected_salt_len) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:2048:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:19:"122196deb5d122bd8c6fc781ff6924d7c695aade":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS Signature verify options #8 (non-default salt_len: max) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:94:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":0:0 RSASSA-PSS Signature verify options #9 (non-default salt_len: 0) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0 RSASSA-PSS Signature verify options #10 (non-default salt_len: 0, ANY) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0 RSASSA-PSS Signature verify options #11 (MGF1 alg != MSG hash alg) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0 RSASSA-PSS Signature verify options #12 (MGF1 alg != MSG hash alg, ctx wrong) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":MBEDTLS_ERR_RSA_INVALID_PADDING:0 RSASSA-PSS Signature verify options #13 (MGF1 alg != MSG hash alg, arg wrong) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 pkcs1_rsassa_pss_verify_ext:1024:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:MBEDTLS_RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS verify ext, 512-bit key, empty salt, good signature -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":0:0 RSASSA-PSS verify ext, 512-bit key, empty salt, bad signature -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf247":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS verify ext, 522-bit key, SHA-512, empty salt, good signature -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify_ext:522:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:0 RSASSA-PSS verify ext, 522-bit key, SHA-512, saltlen=64, good signature with saltlen=0 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify_ext:522:"02d302753e3dda28f42f4d9f92c8647420ea6fbc97c10f8498b966a953f357698d6581060dfe32c8ab98db4bc5ce2acdf0c1e6e404a75a13282550c1aa37d3cdc8bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"016752ae0b5dfbade6bbd3dd37868d48c8d741f92dca41c360aeda553204c2212a117b1a3d77e0d3f48723503c46e16c8a64de00f1dee3e37e478417452630859486":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS verify ext, 528-bit key, SHA-512, empty salt, good signature -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify_ext:528:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:0 RSASSA-PSS verify ext, 528-bit key, SHA-512, saltlen=64, good signature with saltlen=0 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify_ext:528:"00e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:64:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"a9ad7994ba3a1071124153486924448cc67a5af3a5d34e9261d53770782cc85f58e2edde5f7004652a645e3e9606530eb57de41df7298ae2be9dec69cc0d613ab629":0:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS verify ext, 512-bit key, SHA-512 (hash too large) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"ace8b03347da1b9a7a5e94a0d76359bb39c819bb170bef38ea84995ed653446c0ae87ede434cdf9d0cb2d7bf164cf427892363e6855a1d24d0ce5dd72acaf246":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS verify ext, 521-bit key, SHA-512, empty salt, bad signature -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:0:"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e":"00471794655837da498cbf27242807b40593a353c707eb22fd2cc5a3259e728ac4f1df676043eeec8e16c1175b3d9ac8cae72ec1d5772dd69de71c5677f19031568e":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, good signature -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd":"009c4941157fa36288e467310b198ab0c615c40963d611ffeef03000549ded809235955ecc57adba44782e9497c004f480ba2b3d58db8335fe0b391075c02c843a6d":0:0 RSASSA-PSS verify ext, 521-bit key, SHA-256, empty salt, flipped-highest-bit signature -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:521:"0131b69860f3cb9bf85ea358fdf2bd2990f1b77a80d6a4fdf817a43dd896bdf7dd26af8ac0237f526e0d33b105c971fdbd4ffa9ece99fc469f31ecf429e8f562c1c3":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:0:"559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd":"00e11a2403df681c44a1f73f014b6c9ad17847d0b673f7c2a801cee208d10ab5792c10cd0cd495a4b331aaa521409fca7cb1b0d978b3a84cd67e28078b98753e9466":MBEDTLS_ERR_RSA_BAD_INPUT_DATA:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS verify ext, all-zero padding, automatic salt length -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_verify_ext:512:"00b076d23250816f9aab02307e452b97f0cae7598369b41624e8afc7971a59a13892f64b07eaa6ec928c160b2d6ec8f9d0dd5b63c8b3ac0767b4f65c892f56c10f":"010001":MBEDTLS_MD_NONE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:MBEDTLS_RSA_SALT_LEN_ANY:"":"63a35294577c7e593170378175b7df27c293dae583ec2a971426eb2d66f2af483e897bfae5dc20300a9d61a3644e08c3aee61a463690a3498901563c46041056":MBEDTLS_ERR_RSA_INVALID_PADDING:MBEDTLS_ERR_RSA_INVALID_PADDING RSASSA-PSS Signature RSA-1024, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1024:"00e8f95a716c127d5147dcc241a7c1fe8d5487b3e8b6e95e48a83334d21d00c79ad0a90e29941c0c53065b20059de95e9e406061416f7ac12edca1983b9ee28cc3":"00d72348b297e7e5dc4329f6ab874b17982584e0ab43174070a9be983c0f040320d6f893c40d2717cb3044380cb3230b7133621eb1c55a3ea56d0e7cee694b5df3":"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Verification RSA-1024, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify:1022:"00c3c9873548543591c1f947e412c33da56b9d1b94a58c2f410a8a620e9b4f1d9197643ebf527f5f62b202b9d67a32654d05f326a9b61e0106efdf4829673c4f3d23655996e2424059916ab47aa67e406c129679e5979ca46708866608ffa21f619843b959b4442e422598a2faab54a8cef1f131992677d2cf5bcaf2b5564f7419":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"655d1cf86a7af5113d1791ab7b6627845ea2aa7efbae82705a3563e5ba0337a1d033cb9283b38c042056e0a1d0529891173e3df6621dd8b184930caec8b3cbe4d1068524dab0ec6854f6638d86b77434cd792ddec0d02327a9eebffcd6911ffd32ad9bcb569d3237398c8169d9c62e7eea81c1b456fd36019aad1e4b268c604d":0 RSASSA-PSS Signature RSA-1032, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1032:"0dfaedb709ada2105223e5e7764a5f31d07ae7a37bdc7b4a56c2499e1173147bcdcb165b8fb01a2528190cb6874656a936491898fca330db8af5a9ed5417268ed7":"0c339c56797a90c641292560d0ef675f71ac2c99fcaba6260c38e4f167dfd179eb7a9e255f9bdbc549e4181f9a2a19b1f30a80b292d5ef1ad75b9e658eaa6fb0bb":"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Verification RSA-1032, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify:1032:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13ad40169494129b907f061d885fbe50ab654fc7b4be657ff8629d7ca291838159e9a7b7adc93560dda2bb9127966eb8d57377fb19d5b043dca67a07ba3c23069b391ddd921b507a8cca2d5eb7ccc84b90089092ca88530e074e629c3cb6902b2d0475000269a28c4cd89cec0dca66571fa7fbe4976373abe905cbe4c66c8d5fbb":0 RSASSA-PSS Verification of OpenSSL-generated signature RSA-1032, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify:1032:"00aa94ab91b4c26be257e469528228c4b0b6b4c99e73a84a272b3101892c07406911372b83ec4a7b8191f0ba4b4cb4cb3b732074e96c668297e1323b8ad0822a7e151182def03871a66a47b704b92845c6194142d4eeda19903e04043581f7a835dc288117863d21944c3aeded518458f1a30a41c7638aa4e098a88fdf2c2097270d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"1de40b1c452691dfd8ceb42ecf5f0cbda944d871141b4407c1e30a6657c58c2e496b2a3ad10e025d45ca9606d25602ac1de04af8e0d24aa06e57ec3fea5c961ecf1e0a4e442fda0cdaba42469288cde5d7d0c223facceaf4c7caabe93505acd5664c9b4fae64272af4d5b74326a01724a25fabdb10b177821d2273650a84426dbd":0 RSASSA-PSS Signature RSA-1040, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1040:"00fc7f4b490b4d3ef729db23fb5afbb5f2fc620a472342d8b8ff310cfdc124be76dc22ab6f4be35a38ddd31f24d7f64d310f67ab3a375e83f4e0559e4cb5dc43e875":"00d51e8680ab71dc01e1a8a68a298636bb1658cfab8d73ce528a62697722d485ab90cdafc5e27768b761839ff93420458ae55f15a69465dbc0c7b524dc9a385ff925":"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Verification RSA-1040, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify:1040:"00d2340538231dcd5a61edf83ab94b2e4b3a784394c4ed35a424c050c294157b7625f9aca8258c21e2d0a7aa9b7c9db576404e63090dba50d998f9a3ec72b1a5cf28d83251ab93341c7d2c1a90403d70f67bc1a9e413bc62facccb52441e24c3f2bc9fdeca1a783012e70b9528176260580c4e1026c58209e8dcc4de3bf3f5be5565e9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"13e695948d59ded5a975cd9fb14bffc48e4ff9725576a96a6693da1a3c4c90d17d6811a97a633180d76dba5b957d2244e3b97e7bf3463a77d0b6c39b28a88e0b6739113726cd74937ad5f693ae5a8fd77febc270a115df05c344ddffebc2438ae67a5eea6572f434881bdf350aed4ec8f3a530d279d3fff07bb78e510807114e6ee7":0 RSASSA-PSS Signature RSA-1048, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1048:"0f39b79809516becc2e3481b6b47584aa2299bd2027ab8a303b9de5b0adcb4a5d38e38edb8c1fac3ea1dbd7e1d50b84323e362cff4df3f5a5182dafa9bb9217a73d7":"0d18164f8bd0d58d019998c8cb17c4c0354e62b8a9462acca30816894f982c2ae114e73993e30698930437b4eec44adec24d32ccbcbae7cc4c9f8911b1eb2100685b":"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":MBEDTLS_RSA_SALT_LEN_ANY:0 RSASSA-PSS Verification RSA-1048, SHA-512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_verify:1048:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"353cef1c3aa58b0acc2f53c3aa01bf7d77a65ed9407df668fc29155b11845a72e987e3897cb902c7a4a0267038c1f16bef5df67da50f66a4993ceb4b7234f769":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0 RSASSA-PSS Signature RSA-1024, SHA-224, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1698b7da13806451366b9658e44e2c7dc15dc96c588c720c4d5f454c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"53d859c9f10abf1c00284a4b55bf2bd84d8e313b4f3c35b8dec7bc3afe39b9b8a155418ead1931895769ce2340be2091f2385bbcf10d9e92bcf5d0e2960d10e792e7d865c64e50d19ffa13e52817d7d8d8db34392c2374a2e9b69184f92a4ad9b1b8bae99ca614d204b65a438e38dbbfc8c7cc44ed5677af70ce6c4f951f0244":20:0 RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"0c37233c694cc81c4ca1027009269b64e9e32288e3522a2cd76da6613d8c5cd7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7b1d37278e549898d4084e2210c4a9961edfe7b5963550cca1904248c8681513539017820f0e9bd074b9f8a067b9fefff7f1fa20bf2d0c75015ff020b2210cc7f79034fedf68e8d44a007abf4dd82c26e8b00393723aea15abfbc22941c8cf79481718c008da713fb8f54cb3fca890bde1137314334b9b0a18515bfa48e5ccd0":20:0 RSASSA-PSS Signature RSA-1024, SHA-384, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"8e75cb3239b2b4ebf15bf74e8017340305c99d2fc1a97384257bf91cae15d57c80d7f78a487c3e16a5d1cf894da90fcb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8f16c807bef3ed6f74ee7ff5c360a5428c6c2f105178b58ff7d073e566dad6e7718d3129c768cd5a9666de2b6c947177b45709dc7cd0f43b0ba6fc75578e1196acc15ca3afe4a78c144cb6885c1cc815f7f98925bc04ad2ff20fc1068b045d9450e2a1dcf5a161ceabba2b0b66c7354fdb80fa1d729e5f976387f24a697a7e56":20:0 RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"c3366c552451274a4042e4357447786cce3a25a8dbd8cf3c2f8a8ddc02161bda332bb45062f7c61b7aa7a88ed3b5d51b6103abcf1769642b11ab95f92fa39adf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"a833ba31634f8773e4fe6ea0c69e1a23766a939d34b32fc78b774b22e46a646c25e6e1062d234ed48b1aba0f830529ff6afc296cc8dc207bbc15391623beac5f6c3db557ca49d0e42c962de95b5ff548cff970f5c73f439cfe82d3907be60240f56b6a4259cc96dfd8fe02a0bfa26e0223f68214428fff0ae40162198cc5cbd1":20:0 RSASSA-PSS Signature RSA-1536, SHA-224, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"5c69f2cc59e63b6f9ee0c954d2b7db7e4d63b7e2347f8791f1353d31":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"1d85cec0da1a74825ab796480c6e1235808387106ac1411d68f313246c65040111d74a9a45ebae10ac7686fddf4a340c4f9d24685d708bbf7b0ab4563794f5f90e0405b5d7d56c998e996b8bde2b022ae45fecf29a21836fcf362042e77e13cbf67b8a4da3f1e378dfcab2143aa8b9a145c2ee7d593e31626baa47fe623a3c3f859bb63e9336e11c5ff398a6597623318e098230b09e553ba0a4257692a0bc0a1ce1c17b2d541b52d134627229c141d351c16f1bdfe33384a9e163ecaa13e2fa":20:0 RSASSA-PSS Signature RSA-1536, SHA-256, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"f19c43966938402a6e5145088e65ea888f3792373983d359a7e864864bc25e3c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8eb2ba2367b8f0b36b566c938b4d9948b4a0a87dd1c8300a160ec024ad0fa37174d1bba2ae6ee8c7fdbb4d172ac9615f1428599030a33515e2925a268b87c867242ccddcce6c9c03045eccbfee5eeb6e0ce2d89a9c51f40c1732927a6c7d283627dd87eca27270b117e658a3cc9d2ca7da46a76097213a7f3e2a58d7c9d306e796eee94809042bc6768d6cca4e003a40529bffa267914a232f315ddedd2768c60877bdcb05c8f2026179713084a0daf8b494959c347fb65a4414034d21c7a750":20:0 RSASSA-PSS Signature RSA-1536, SHA-384, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"1412b9f046aeba0a7c63e744a4f30a3656d41300726e66d8825a1043f08285b7e6e250efcc9a0405c6da019d042a7e14":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9fa4e64bab336017e19015ee7ea1e267bf426633fb2ac5f4d65bc754aba17f7a9f0f1ee2bf0a3b9f2dd354ed8eba596f5ca3e26495ef268658bd247474d3524b11a2953f591f8abb14ef4bcd44dadc36a41f9daef1bf88b7e441160278c8a39945524557b84ce5cdcb79eecbad63658e8470d8dc94b44aad1f04b05400ea04e5f959dd18f6f718311f6dfec98a7e1aaa7ba11771f61448b12d7901a2530e830dccc531fd0dbe222215b3f7b9dafa5fc20d5af15ab312b621d71b2106150a801b":20:0 RSASSA-PSS Signature RSA-1536, SHA-512, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"9a89e38ce0fe8b008f58c3c07621fcf18e76ca5d304f17fbb52d82d8368425ec305e20b70b839fcad3511a194e99e907e3f0e2a801c0b9cd4497c4a0bdf1ea49":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"32e688063ea24ccb2ca998fb7091877c103ce6576b11a175bc896af454042a5731b91c1c58b4d8e38f0619f6ddc8ced6b5397545f9571a4c90767593d11c00b75eb58a0ae4932265f0ab1790be2c83dff65357a301b3b3e2ee2e3683afe0b4b35ee8b6e58a96b4009c98d8faba75f86ffb548f0501884f3528d8eabad353e28d0132c4c01fa3af5dec922f02eff22020481615e4cd35b9eccfd711cb3b0d65af95c0637d79aaa2433f2854de3560adb284248bac8cbd4717317011a5159c93ed":20:0 RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"b777a83dd25a4fa36a5ea663aa16403c67368e4711e8c121b01f83ac":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"cd1fe0acb89969ae139c178bfef1cc982993521b3a020ec847c89c0cc6c869d970f43f018d495b9e991457e7501a344c33c376fd2efcf05ad6eb2bd0b3c0e7cc3c88a4124398ca16585490a0817a36149cc82cdc01b20e9026261215dd06f9db4e13613c6a569c2187a0e00bc63c281149433ac7f061bd218e79f8eca9dd9c93ebc3cc013bf27aa0bf286e124593e76d3c7012f97ae1d0c4bf5823cf17fe76d505a54cef174add58ae616f47de825049e9916bf2ab7de4d443745763b0c314cfae3a6e57ad475cc5fae47cddcad7b526c2154a15f9ee8eab02f4c36f7a41d7a19b23c5996b627270ceb2c0dbed1a6b6dd2ff94868e073cb7b1a1fa3429e487ae":20:0 RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b416e0843040b35277be7734bc23ac9e9eb47a7f57f55e94d826285c9c00100a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6375755eff8d48afb3263b3b96988a2afd181ba061793ea009783bb1599d03944d987620a2668ac9714d6f2a21f7e5200d63923f42cb32e63301c8de58c70a203910640da967d03f4f6292f6cb199759822790c0c5bcfb1d4faa59465c3db2ea1fffd5e543335632b74745bf1e18473c0a8b4a89def6b27edf0d7d735ee13f887041c9d8a91e62186a9a1e0b1afb48e577f6887ca61b7c1bb26b4a8e2cc464a9af03444b3da5bed08b73f1262bd3d61f4c78f49fac6a3bfc9e8548b4bbe64cce6a6090fc480efd1f36c18c10bc09be9d957a79f707a10577a1bf6e9e2d4849693fa58d8877c8f1e55181955d6c2b94b1d6d9401b5fb80cc32b358934fec2aedb":20:0 RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"41f2bf25c2544062c78b59886eea442c884e4b9bb87f643abcb4d5c1c661a0fb0dd592107f6173438c34f67ec9f6c97a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"b43d87deefa7df127a717f4065f831c58cd84bf78c916ba52ed32769abd541df52233b8583507c539b1d51e0437ab1a41e17fc1599b92aabdb5b040dc79027c60c9cc3ed3de36aeea28f20360635be5bf654d6c1b7fe6da77d0c45b9ea2802ad22eba182cbed95d33da7f78ac844f4891cebc0396caa2f8daaf55254fdafe98b5fe6c4dd3967d23ea99497060820e108e818cd0aa94e65770bde892c62233b96d87fe545162d6ba077f110274bddacb2a7cbf17d437bfe004b34c3ea24fb46e5ed9cce4de96b0694efd73832ec76e19e5a25c49c5843393ce6b919ea35e4d264e0a0855f518a63c008c183798ca612cd8f75688a09210413e0a23cafcf2d4158":20:0 RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"7641739d2f4fc0eba07e212218af4d77e78ae3a225ef253a7ec96215a1197e681a93fd534288cda156f216d21f02b2dc60b49c41874c26c0a2be0aca13babc53":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2cdb0d5ea5f0aad1f7af8108bff56eec5c0dcd0522c5dc6ae4c6e0f66821cdf698ccfeace65fd6e47f95febd879e580e5ee648972cc265f9a117fc720db4f2545a432eae24a367b0aaa70a011ac8fdec94a95c3cd48cfa7102de8dc26c877e974688b3919de6cf06e27028995ac85da88cb3851a5761e17f215e5c593e13e481088c7d747ecb34d3ce61a5b56eb2a65be5363363294eb365f83c4c709644d857e2ccb14a5851724420fc81178144ef3f9e1138b5750eb7196eba3319d799c3494a7e399115a62b1ca4f1d5da079b495d35fd651a1de78d54000b06bdd3122d7404013f2ed8fdf8a7d012f9812b8e4c2e0b24192d5f899d70a3cc5c7e08c81be7":20:0 RSASSA-PSS Signature RSA-3072, SHA-224, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"f145387c7a70e478968e238037e8d561b1665e0e15ac547ed4a72ea1":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7171c74df24272dfe6b34db78f24507a68062bd791f68796d5001be354de6fddab81e9252e151884f4cc1f3cd3e7760e263c0c34e63c557eb32c8336e0cef40855c5e279dbba3170da5a14ac60e4cc8d402633a383b88709f3306fb02708e39f3039e7e614edcb89609c8c71137de5211659a41e9e5682cfe0463f3bc97558d3bf77bd798976f09db69153123923835ac9bbd7648c2773e38b5228640fde6df005e9f44819eca31f41ccddbd45d61ae7e1ed0640f0736f52bf5fc1c62f5430de6a96d5aabccfcfef508ac299c7f3f0f7d222ef1f19b288273690b3275b68f874301afa95d243316284ed117bded69da11f5ce1435dd67717bae82ed468ff1b6ac7f2483397d310ffe91775189f671a82b493039d8c233830d20e290bc9be880a47f0b36bf2e1da2c1f23dafeb9f42d9f084feb808a98e894e8501937ba932594a6d202e20a0afddcef8fa48c1682d3179edebf8ea44ea1216a2f55c305cdf487249010909fa8a21d9ba9e3dbbeec046a823922390b7d902d77ec176bb447b05d":20:0 RSASSA-PSS Signature RSA-3072, SHA-256, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"14ea4dca3559976c7d8943a51d69c1322c7860d496f742b9c0c2d03ce629613b":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3a0622ddff5a0c1f5b545d684054e46211786a2e40627e0cb6795ea0d176f3c97e6536fb64c5eca7b28b7ac52e48e3d50b916d2fccb87d70cd8eda7c15c2308734254716e5b400592cc2e5e033ba27866cb14fefbdcbc35d5d85d4eee8ba6bc2da995e8ebcc27d50c48aa988bf45fde27311a9e2ec029d0fa6fa6d3efea460fc1a90e443d807d209a4c06bf3022d529ab2e4a877325fcccb3f86ac16200ab95628bf0c1c8c70f6fe1a9f288bbc0162a392f40ad1109cdbbaf03d9b2d514a60983874350be9aef886c3c481a66325f137aecb4c82a8a73046dbc1dd8598ffbdb828a3d638f9dd8139a768dcd8d30d79740ef345c1644d03e6fb86a46367f6d82a7a819057ae490e1b100b5842ed385845f379101e37ce604531c61de423df66200d45b7229662fd0ec3572593b09a5213ec14c1d7b2338ca9c763c0d18946f04eaaf57ea2ebc79e093f2fd4c64cb1c1a7f0e888dc2d87a15eb769f56dc180cfe1597cc3e4e1811d4e27852fa188c8fec4fc917d4724d33ce5f3211895cf7e8b8c":20:0 RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"bc9fb8fc6d4c6ce8865c758063e55639f98afc15e5d71f4f1ecf89d6fbb904aecc28126bd5e6b5a7f8f31729949dbf8a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3f90aeabfa9a5f00e241f3f65dfe61baf67c1356353042c3566edacb11c7649737e5adf94cfb05f2619aecc8895db45190fbdf35dab01144e207b6f0923927a6148d3f16eaad05e73bccb562dc087e2d82db3dce130a83e8303bd7c3447b3ae4d3700d4763ba6981d82618ac82a6e66423f294781a59b20cc978c79e2d5c103bfb9d47119294c3c85b1d3c45a36897d42e183514cc8edbbfa1be9ef17b78280b5b6214dad79d60db057f22506515b6843ce7d4dd6bd861a889b36164c325147baeed714d7a3f55ae51ef6e6d4ae9e862d677caba1a2df369c23d3ffe33dd42fe707e1fd8ba6283aaa0b570353b48a8e39ff72a09f700e024150ce87c044a3ec745b212ae81aa5743b981a8bb95deb6b3e15c2487f7900178d5840f8e794662706dcdb19bc0bdd56cb7fdf0e21d10b03adac41b749f31bd3e7c4d07d5d4ec8e79d424812b6e83f1c7b59779e58029f9b07da3e77795fcff6ae8bb098b1c00d1d2a5bc0cb005ef3d8aab63ddd883d38bacdc64307e911c6e51946744f361fe978d":20:0 RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"c57911bf353ef106479bd0ac85a4f70b6d3298f8e5882c5d0bfb28cb6f27129ae53b4fab702ccd3d5457d5fd662d29f34b445e60fc5da3c0c943cee17b81e255":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"607b7731ecb232f9b8e9ea03be28cc1e948acc3ec12a1222ba0f63935440c3effeaf460d7066d260d174d0ed18a9193550000c2fa0119712fb1ab1e27b4e6f5f84be9b63a1ede17a01174060e2d9e46121cc5d10515a342a26649539341eb1b44b82e346a0102e7ca45be3149b5f1444bd7fdf43da441c59deb37da9a223bcd7a8244237bb5404ea532eb470e80891c0fe9403d12734100284e99cfd96de2ab4058529d91bf348c6cbdb7fcfeea3f9925e93efd6adb3ef6946008738f4577a49c42ac0203a2d982fd77cb421ae030b81b97dd04490605179626903471cf68835dd5e4ac41acfe54e048878df89db9c2de5f1e822266c325e0be0991c7f18cd3de4b2110e14f56100e45f8ba19edf917150c2074f379293f73cb587ff77ad63e4cbec9eeaed77ca90261b2813ae8e6533b09b223a68abe2beeec888088ff91fea5c63de3b55238aef018c368f98651572bc7b8cf3d14c15b24bb5534ae07a6c4c9d5ecd0b86961b550859036ba6fa8e50d06228d89bcc943581b26e302795d1e3":20:0 RSASSA-PSS Signature RSA-4096, SHA-224, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"bb21ead0163de468ab3580ab57c7959cc1db437d6f2f47a878dc19bc":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3742d8a9627e2e10145c31a3548977f87f8019b1d9093c42f806c8df5ef7fad8330e2a05846c346cb64d9e8af2cd3806eb0df40cd097b3f8841525786ed53746498aa565f8945cf55e24944e8e3d86eb219f65c3385e1e7d45fe3a403773f3057bf22839d5903cd64c95a417c00b429ee068f0fe8ec17305a122979cabee8c3ad31b597da7c71fa1db3da842f7f7048f4396e1768197ccd84c5d9a0450d66f0bc88da7605cc8cdfe52bce60793704dafea504349ff14c481bea73dd761c848387d12f2d1b9227a959fec8b9eef0e9780cb6a427af946597d7e6059a07d50e878d7ae14eed8b571ac88e1c5d1a00d16c0de1c5148ec5781036676c6355e0cbca06346eebaf6c7de938cedd47a244f908ba1189bfbd97bd2667e8eba95e007a64b165dbfc4bf35878cd606732fd469f922ec141e5bc6a7d5c1875233cff612d336c28466c271764ef94e9c07e701923f1f68f39e2f003487dbe41d5505862eb4e90402e50f7b3cb918ef3eff893d0f00b203e2a511cfea4ca54c043ed0598d022c947cad5129fc47f5e79db97a0eea5afd7bb801a367a7bb8d929de1c12a54865e1e183ed926bb8da9d454c7a52b30cfcfe9ed3479799276f4a65b30f430e61fcf520e46e4eb9bea59ba064e7c9c72c9b58bf4ff633897d3ea46d989cec31ce4fc32e46e5a3d1805c35a30b387fb77afe20dba19be37252e40b252d346b69d3cf2":20:0 RSASSA-PSS Signature RSA-4096, SHA-256, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"480aa96e4b3a710d9924a84998e46b7246e26671e7d11efa6c6ec34919eac963":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2e512f73d198e623afe019bd4cea9192ff8b24ab555099d31bd52d705fc808229a269bf749c8061a3dc7ffae9ef7c6bdcd8c34910f92f0a0fcd6d73017ca3388ca5e99a1735e005ff5d5eade3ec0ea0c2436f0e78b197c2d999ba4351b9e37a09195504b63a42762bea22d307a0328fc9c80acdc28fc8f4050e25fbd5890233028f97ea3a2669ff4d5f4232c1e48571499af28ed6f5a92e7936de39d913e12c5cef51e25f90a1e903f3f60a6a9cddbc56564b146aca6af6236b899c2cb7223a6941f0beaa3aa787b2333e4f3e66b334b99b90825153ebd0095f27691880f44e4e77135f26df376e261adfe0d8354cfa15b49138d624d9f62a9751221ee0598097891c9864ad3651e89723bc9ec6086f571e199619ceb6720ab5a4998254cb807dce75a5a5203d38a9f5d56adee4239ff50cefe3e927eba91de7e1f8e1ae8b0505c077788372af7d8ef00735cc531fd46dbe86702ac49171f0a921f4626442ae960e972a5594ee3bcbfbf687cd96ed300aa9df1b9487607b5bae0f1abecbc1d2291fe93b9f8a091ffac8469b0f00ba561f0628f5e004ed1fd8713650e147c4b2cab7f4d69a4ad57b145c1e5e4c1412e86fbbda5a6096f66293203207e35098bf94dafff75ed094d10e6034cd22179d94655004fa4bf4de774807b6f5cd27d90255468cf01db7b6f82607df597f72d1f9c9c91d17740a14a4816ae65e63fde480d":20:0 RSASSA-PSS Signature RSA-4096, SHA-384, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"c6e4881e3f76394a6d8cfb1786e1757f78d66cf048ba1a8aaaa28be02430097e30d92e459257f8f571c6389d1d94b0d5":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"364ad106da2cec6ce94e141e16af855f6d6e31ac6d7bdb2649695645a3d7f176a9b55f60b861776d49077dcfda4db42bb584767606f90de7289e71f188ff139b138bbd24f7a7f50192a137f2c648e19fe78a836bd2a01d31b248857cd29dbf3d1251c2d4cb339f2ff78add26304fbc3e44f8a2f04b47dc754b984169fba4a091d70f956074880c709ee849a05f8f2dcffee09b221078e98b6e28a965a2d44fcde72c6b27ff0a3def818d80aaba17915d37ad1d72755548310062e73da15a8d2544b311060b404683c00394666dc3a890f60ec9d85b2d0fca8a76fc96c4cfd0e3c4a83594957bac42866c395f8feab3b40c9bc9a675f47a1cd62fc43ebe0fff2bbd239130bbbe5257c5c3756044eb2190db7a309cddc4ef410e9abccd0f93158e0edfab2f0a50e80d814a428f61c531b2b747e64feb41523c5802a53c374f35df21abe67a877d062f56a001b47ee6ab571b0bbe7141e0b49cfdc97a15dc19138863d140cc772074c12b3d751985b7852fe76932be1f44a165f4fe58a341d28c3f86924defab4cf2458ba4cc3fb92558511ceee6d91c672b24b8727b867132bf6b8d7af714ab668f06f046448c1e854ae98e59cf21f2b7370c9378ee0eb34b031f9f4795057557773af0f7fc18ddeec7e95c2ccdd5f66ed224d08fbdfb37995e87f4df9691e499d77afaa8d5b93f3275c43f69edbe37672cf192f94509df0a4e9b":20:0 RSASSA-PSS Signature RSA-4096, SHA-512, Salt Length 20 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"ebbca26fb18da6226cc47dea14c57d9f3c935cb449462cc9446689577031ebc915fdd09cdb79d4703a53eb5dd447852f3bc72f974487ffb998cbe996d206c80c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6edfb6bfb20da2621e7ca0b8e13bfc3801d8bcb43ef3822be960b96a67d3e8afbbe2ef22e206b328ce99dd8f9758052d42a8ee93e16d8e160a50687e8ffce72d258610064ebde4c4cc2ab96c8e516ec2c1eed816c8e6ac537a0570c9eff81a38147bcd8f4747390676f9d755f613687ac59dbac14f69ca6e56a26727699fa11c200eb77339ead56fc6883acf9b92c6deb6f4d79f82ccdc493fedc6165f78c174adcf32941eeb237a4ae369dbbafb4553c98e413823f6f46da0d47d47a164b792aaf1324a8be4f01601bceb809f8c08f3458b1de2c6378cf93fb293212f6bd4a7b1fd1bfa14a1af29575a5ecc4281420179758e96b4465ec07f6cce4e5e5c2307d531e400e494725eb7dceb1d8dac1000d92f62f319534063c01aec9c6ec0c7675351f2883e462b0454db364f03700d6593c9be195fbea5800ebb81578c765409ac2c37f78fabe8783c5d324fa4dfabe4f192866e34037901615304237f08028a75f00a3904bea03219ef9dbfeb48d10ec59d481eb0429cfc9ae835cc578377e61023d5ceedfd3d0a05aceddb274c13782dda9299d6197519e14791208f8d86d63e0ab7fb42a1e14f8f37f49732e23d4b7d4f07cd0bc828649a12748e8d70f53683580bca87290992a349730370bbed6ed743e705759734872c54ff03c1a97037a7b9ee3c8c42d12c3ebe0c1bf3b42854d04a9177d1a24000bd388fa289fd77d5":20:0 RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 15 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"3be4397c9467ec90f5d5640834f6e9febee4ce2477aa3f385cab9435":"463729b3eaf43502d9cff129925681":"7e628bcbe6ff83a937b8961197d8bdbb322818aa8bdf30cdfb67ca6bf025ef6f09a99dba4c3ee2807d0b7c77776cfeff33b68d7e3fa859c4688626b2441897d26e5d6b559dd72a596e7dad7def9278419db375f7c67cee0740394502212ebdd4a6c8d3af6ee2fd696d8523de6908492b7cbf2254f15a348956c19840dc15a3d732ef862b62ede022290de3af11ca5e79a3392fff06f75aca8c88a2de1858b35a216d8f73fd70e9d67958ed39a6f8976fb94ec6e61f238a52f9d42241e8354f89e3ece94d6fa5bfbba1eeb70e1698bff31a685fbe799fb44efe21338ed6eea2129155aabc0943bc9f69a8e58897db6a8abcc2879d5d0c5d3e6dc5eb48cf16dac8":15:0 RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 25 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"1c389ed84b9f252bedde76a9a694986fa130906633047674c9a44e887f359e1cfc19d2d9a53a8fdfb2f826d813ca7a58":"b750587671afd76886e8ffb7865e78f706641b2e4251b48706":"2ca37a3d6abd28c1eaf9bde5e7ac17f1fa799ce1b4b899d19985c2ff7c8ba959fe54e5afb8bc4021a1f1c687eebb8cba800d1c51636b1f68dc3e48f63e2da6bc6d09c6668f68e508c5d8c19bef154759e2f89ade152717370a8944f537578296380d1fe6be809e8b113d2b9d89e6a46f5c333d4fd48770fc1ea1c548104575b84cf071042bfe5acf496392be8351a41c46a2cab0864c4c1c5b5e0c7b27e7b88c69f37ffa7e1a8cd98f343ac84a4ad67025a40ed8f664e9d630337de6e48bb2125e2552123609491f183afd92634487f0b2cf971f2626e88858879d45a29b0fefb66cd41b2e4e968385bd9fc8c7211976bc6bd3e1ad6df60856985a825f4726d2":25:0 RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 30 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"2f2d33aab9c36773ce676a4c61c1e50fbd4f40bcea18eb45f83e5ee9d693bdbb8cffce61a91e0b11ff88c49ce778dada0d367c7fb6205d26cee33b19aa85c969":"aa10fec3f83b7a97e092877a5bf9081283f502a0a46b50e395ab983a49ac":"5e0712bb363e5034ef6b23c119e3b498644445faab5a4c0b4e217e4c832ab34c142d7f81dbf8affdb2dacefabb2f83524c5aa883fc5f06e528b232d90fbea9ca08ae5ac180d477eaed27d137e2b51bd613b69c543d555bfc7cd81a4f795753c8c64c6b5d2acd9e26d6225f5b26e4e66a945fd6477a277b580dbeaa46d0be498df9a093392926c905641945ec5b9597525e449af3743f80554788fc358bc0401a968ff98aaf34e50b352751f32274750ff5c1fba503050204cec9c77deede7f8fa20845d95f5177030bc91d51f26f29d2a65b870dc72b81e5ef9eeef990d7c7145bbf1a3bc7aedd19fa7cbb020756525f1802216c13296fd6aac11bf2d2d90494":30:0 RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 62 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:3072:"dd553696db8ccb107609b8917e688bdd8373a8926bc9d114c1c77f7958070e236ca1bd2025ded59a71093b63afbfce39e92bde9ffca983959e7c3e18d75650612258c24eebb61a1b4a68603a2721e3e2483d6da27475a228b1341c78f140948b5c922822ccaed76dae338dddec1e4c5c34b9c53f34a09ff0b2b61a62254e73e6f0ac8013edc2cfa7ecbeb86fcc7309cb0f5b5eddb707af4b9337d34d672af413f3b6efd11e3b49c978f06a356f6f4e0ea50a90797fe32ccaa983547ff18ea167":"c1e3089e1bea1141638ca912da01c134f67231a2f737d97e28486e004a43e9c5592ff968ee18109fc71aa4c1a97aa88ece5c4734352bc0c1f67726bc4aac59c19301f23a705be5b3f7825fb284e58a950d795f63d18fe72231eaba9d6a5f90866f8dd34b2b0dfc132db8348efa5a62634e5584a788aebbf073ccb4f3e9f5cde8d0c2e831412485c7f8cf1473abffabcc5d51d8a2a87a22f39d1a250b3cb66d90c573669071aeba9b1080dc079243094a9ae0e5a62e4e8b653cb57f54f4eeaf3d":"a7a1882a7fb896786034d07fb1b9f6327c27bdd7ce6fe39c285ae3b6c34259adc0dc4f7b9c7dec3ca4a20d3407339eedd7a12a421da18f5954673cac2ff059156ecc73c6861ec761e6a0f2a5a033a6768c6a42d8b459e1b4932349e84efd92df59b45935f3d0e30817c66201aa99d07ae36c5d74f408d69cc08f044151ff4960e531360cb19077833adf7bce77ecfaa133c0ccc63c93b856814569e0b9884ee554061b9a20ab46c38263c094dae791aa61a17f8d16f0e85b7e5ce3b067ece89e20bc4e8f1ae814b276d234e04f4e766f501da74ea7e3817c24ea35d016676cece652b823b051625573ca92757fc720d254ecf1dcbbfd21d98307561ecaab545480c7c52ad7e9fa6b597f5fe550559c2fe923205ac1761a99737ca02d7b19822e008a8969349c87fb874c81620e38f613c8521f0381fe5ba55b74827dad3e1cf2aa29c6933629f2b286ad11be88fa6436e7e3f64a75e3595290dc0d1cd5eee7aaac54959cc53bd5a934a365e72dd81a2bd4fb9a67821bffedf2ef2bd94913de8b":"1415a7":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"08ccc9fa3166cf6815240e0dbb886ea054210fa9faeb57d3efb0d310ad93ad693c07211872ebc33b7a8e4dfeac5ffae0ec1d393e78905bdf3ba6984af5904d3a":"2d0c49b20789f39502eefd092a2b6a9b2757c1456147569a685fca4492a8d5b0e6234308385d3d629644ca37e3399616c266f199b6521a9987b2be9ee783":"8f47abc2326e22cf62404508b442e81ad45afff7274096b9a13e478cdd0a72f99a76bf517f1bb0f872a523d8c588d4402569e948fd6a108ae1a45c65830828a10e94d432765314ba82ead310fc87ac99a5b39f30ab8820bf69e6934a9c1c915c19f36ea7717eaff7af67b4991315b1873ba929bedf18a975be808e7aa14a6726126c79cc93f69541c5cefdeb5b67ec279d8f5a446583e4b4faed1685140ee4b3b757c8ff4a1ef9cd76a88e05319ee62003d2d77290c94c579b0ca2ab0deb3176ef10a3fdb85c80ffbc9e2a665a23744fc836f9a9a103cd9fb756952356a2f1acdd68a645e20179006558b5d4d0b9b0bd3adf5e290f49dae60b9d19920953ea8bb237d5b3dcfe149a60f12a4ee3a889b33bcd3a3b753d610757cbcd093dd5a734255333689695ab636963e3d215a8e77ff31973718a4944a1e9e44f45754d39f6fa431c53f9a2ef36e16a5f70636eb5fba54e15c20a714f2809a7cff4b8dc1165f836607eb5a5a3bb0c4567eee26941fef46fb41e73b565c0cf8c72e404221264":62:0 RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 0 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"0c37233c694cc81c4ca1027009269b64e9e32288e3522a2cd76da6613d8c5cd7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"ac777fd1f72fb4598b30ec1d343488e83bc03cac3380492225efad8c0d7e2c15a0031b8e027bf4e80747ce3de188b405dfeec2b4b5439599bef733a120fd80532e0fcc0629f86cc990e312b2b73ee1f3586198bf81f3af05ef0cfbed3d1b5c620927d2084f31847784c2ba8d55a0f038a5eaf8c2ea85ea81eebdc0fe1f0d75c1":0:0 RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length = max -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"0c37233c694cc81c4ca1027009269b64e9e32288e3522a2cd76da6613d8c5cd7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"6708ae77c8c32056d89d8186f1d74d84a02cf69a084516c3525901e7c2c8359c1e8939f95b1184ca8e57508a28673243f1580f0eaef13a8eb64c9b78c8a5c2249f7601faa9a55743d056c08bbf213bd5d461e134078b11458a76707fe80df58ca477c2455665734cb498dde2a87065d8bdb8851f7943f4c38ae243752dc79da3":94:0 RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length = max+1 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"0c37233c694cc81c4ca1027009269b64e9e32288e3522a2cd76da6613d8c5cd7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3af3c4bd6d4cfcad8a03290e237b0cb3f05a4640d4ff655aa36fd36b4089817a7d4538ea9134971c37c12a5b3c360e2c90546c6553d2bff7419262821ce3fc99283483b9691ad5a0dbff":"":95:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = 0 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b416e0843040b35277be7734bc23ac9e9eb47a7f57f55e94d826285c9c00100a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"293c65933fb46e6bc50d9c34a266a5e1b9e3b3ff3c99c691a88eb2d1b652ab28144e9e6a18468995febb5ce84b38efb295b1ebf1b7b4b7bce29c35dfbdc81b0944bdb3cdba914215de4380cf5226c6c7af172bf82dbebade614d710be5b4256d588d12d3a0f4494b863b09e8962bbc1d97cdaebd92d40a0485476178acbb943d1bec59aabfb60a15b1cb8f17f600fc10ec1f97148ecacca4b3715ec173e641525a1331b1b5b504bc9f930b7061f10e63509d2223c49c3050bab6edba11dc426a8b5dbfdb31b43ab3dedc392f3d4d0401f67b83cdb59e592dbedad5ed407854310e1304b4e998b8e4074caafba6fb006335c64666758401a508813d307f466e3a":0:0 RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = max -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b416e0843040b35277be7734bc23ac9e9eb47a7f57f55e94d826285c9c00100a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3f04e3159073f7ad2fe70738168779091facbabfc4df54d6f49c7c7849a2e888a6cb9d363e94e46d7ceba692721f9b92cc56519035a5662941e2a18a8489122b55af6193444501c030a752a3c6ed3592438623782c89a16d6c42f8f0cc0a1b21ba7db4fec2b5bef35c109623fdcbb54151d8b97d625bebce9de3be69edda8aa7573fa519f4630c5173a274716d29b2bf026b3c64c62732640af0cdf8ca589f2197453b8ba847dc1cea508d577a3f167caa53e0717a12d58502a27dcdfa1cee9161291d0a71f9265b4ab3":"558dcb8c4ed92d22618fb2169a552bf5ada493ad66890639caecce025839f44d2f8b7004d70586296fd94278e478dfbb63a6867f3fd909a558cca1fba1b329a3f230c2874886eb0b5a3de01e02100a939f216a07a445f9e8f7279b8cc31966de23c912c477bed5ac99996f09ec817bd02acb671310b33d5a9bf79bfc14a0e38abef9169c01e7743a408868f42705743023ec7892c2e437b918b40d873d99c56faa58543a8eb41d91d38ab8ca5165b95ac84b30624a6517b2893f432c63d34352059c9a6ad3353fe3859d0b51a971e3d58a287612b1a7b6eeb76b7101850f809960c1c137ea396ede4c570817bef93b2ff901c2d175909f48a6b6a73dc3aa6cef":222:0 RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length = max+1 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b416e0843040b35277be7734bc23ac9e9eb47a7f57f55e94d826285c9c00100a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":223:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 0 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"c3366c552451274a4042e4357447786cce3a25a8dbd8cf3c2f8a8ddc02161bda332bb45062f7c61b7aa7a88ed3b5d51b6103abcf1769642b11ab95f92fa39adf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7289bf65540f4925c608e62c8d077789828560945a27fd3f3918e4258b38be488d54b546bfe46d56e519583e77fbf3988538e26fd05793cea925934d714e748a23c429356d3c09e51e08d425923e4237c0f00c3c9f77d8544b8e089d265497a683c2f19b80776671ad36d1cadd38e24c3049461f3d3d964ddc9afdf1d4b9022a":0:0 RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length max -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"c3366c552451274a4042e4357447786cce3a25a8dbd8cf3c2f8a8ddc02161bda332bb45062f7c61b7aa7a88ed3b5d51b6103abcf1769642b11ab95f92fa39adf":"6f2841166a64471d4f0b8ed0dbb7db32161da13bc5bd8f242a193ead499173ae97c2313d53874c791b13e0adda0ee89fef3668b5f3f7d91d1117cb5aa93e":"a063080224f2659a25ce69417f3240779712d93a69461eb7712c137ed5d4ed7c8490b3e4e7e70e560921da59899a542d1f28db68c1247fd7a0db983ded9f6db9a8d9445c28ba3e4afffb4ed6fd4c93e774082a6dadc8052f3d48cb899d63b9a82f34315f999deb065da600207ea78bfd199e2249f86a55c79761933ee87337aa":62:0 RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length max+1 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"c3366c552451274a4042e4357447786cce3a25a8dbd8cf3c2f8a8ddc02161bda332bb45062f7c61b7aa7a88ed3b5d51b6103abcf1769642b11ab95f92fa39adf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":63:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 0 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"bc9fb8fc6d4c6ce8865c758063e55639f98afc15e5d71f4f1ecf89d6fbb904aecc28126bd5e6b5a7f8f31729949dbf8a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9110b39c1ffc2d8a5f24e965e3985b06871c2be23e677bb3ea879b7b6b25c327ebdd9434387cfe5f64bcb6900a5c8395549e3681390583786b709257ff0ad90507a02ec6abb40e33dec80097322876a84ee98b1fe79ced62ba4f983bb9b52758bf9856098af527924ea83291762b179894f1fab6d8c9867b0244393fa32b5871836fa4446b247153bc117ccaf7cd51c5ec026bcaf9b634182cd19a0eb95ec40dd5e4274750c9ee3b1379fb339fa4ed8348b104936396355bea0a00337b83f47d2fd7e7353f3009752f970eebc1bbade601b912f7b0984bccc68941ed23bd31fcd23a7d0f2b0cfaabdb3d361969f485e5d198442661ee71eef258ae9fc27a19d995a5695c668f9ab78622486d6ccfe4ae11de9240588fafbc75f8bd0d04de5f2959c126b7c672eac8bb65031ea22ebb4a4e36c12f427d2dc4619eb30ef1c90ec951337a364566f0d2e32f311b425a68fd5277a85dc8d8041ab2a0165c39fd4e39160498d5eae98965e8745b77390e5ddeff0aeffc0fb18839455d524826a1f366":0:0 RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"bc9fb8fc6d4c6ce8865c758063e55639f98afc15e5d71f4f1ecf89d6fbb904aecc28126bd5e6b5a7f8f31729949dbf8a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3fe26ee600cfb2d187384e529f280485cf84830af8cb015878cb7c4c74ad6ab38fd8998fa74b612e84af8123d785a8a60a2bb002f7b15a6f7cd6bbf18325a412fd3ea2a48903d30db2543089d9d82fe304dfe5fb903f6a0d1625fe994aa2ac47e04eeb6a51be770312a88cec80bbcf849ab57f2af4e9370a0e35a458d8509fb89e8b22ef499af25c427e48c2391747d3ccc6fdc1b035cbbe6a6f1742bfb6fb5d411d4c8bb73ee7f9bc2fbcf54603c813c9c6d479fb9f38650f4fa8ce05a32c47c078d278b7b97173e82d692e303141faf71573f2b5ab58c4fa009200a3be47633719dbeed24d61ba7acae8abfc2aa5f33f18e6f4c43eb8be3e4bbee1090544401e202ef06d90aae75a939256bd374afc5030f1146ea9d2acf4918dfe96d13eb5f16da55efd504657e3d8aea010f89c60288d74963746422bd7cf":"57a5511992b30d39e150b6a7a760a74136db0a24bc635f3a700a74f865a7c9c0ed2e2e196022a6d17ad7c2d3f12946828458015beffb0c0652de2cc9c3366aaeb7634c5d6ccbdf6c7c93b8feff21a7d2831ac3ee73fd98f9c972dcb833ac61323b77ec249db0e4fb9bf33c71aef9d2aaef40aafab2cb3870f0224c8d0c3ada2abb9d3dd601a038594d290177277a8b791ebcc211d7e5379323a633c62fe9cc2394bd7a977a604122ee9799e5368cc17e1af1795046e76899aa6e7be8f27b1a3e96daa81784d967e9a36cf1912936d7ae11f80aed79c27c53237e7fa009daf9240fb205f83e8c6f8f57d3c3520e0e60213a203432c18d92979b13555ce6eab075ddb38b6d820e378ac4e3afcb3d57e5c6d3c11f165745996fdb61e36b842c6ec81d6437073fe9fc96a4dbc3b188ca766a7f7ef786f39729cadcc5700fb0fffeca0eb0bc47243783f129917948df9bee23da83fadadfa87708e0a839a62965a5d2b9a7cd16b4675cef6afc8fbc2615d97d11ede47f4dfd83e74847dc184ccdc4fd":334:0 RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max + 1 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"bc9fb8fc6d4c6ce8865c758063e55639f98afc15e5d71f4f1ecf89d6fbb904aecc28126bd5e6b5a7f8f31729949dbf8a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":335:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Sign. RSA-520 SHA-512: Salt Len. 0, no possible salt size -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:520:"0feea5f6220fac291b9508ec2ba8ed281eb39aee4d5dc693254106816ebc700ecf":"0d68918785c3aafe31eaaa2d8d8156dce645940ff7734a457337a51bd00bc88811":"00d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"391cad6ca7e43059db25e85e9055b00a1087dd8709b40e07fd2b20327ba5dbe1eaac18bc4ddc9d9fd27572895a05553c613d7fe57da7543b19eba91860e1ca12":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":0:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Sign. RSA-528 SHA-512: Salt Len. 0, only room for empty salt -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"391cad6ca7e43059db25e85e9055b00a1087dd8709b40e07fd2b20327ba5dbe1eaac18bc4ddc9d9fd27572895a05553c613d7fe57da7543b19eba91860e1ca12":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"5bf02a1ff652052be266d0630fb802bde71d363904e2e001267dba592c88e755befb9b8004ecf1c5de07ad8cd260ede04971b201d524434e657396d6bfd8917def84":0:0 RSASSA-PSS Sign. RSA-528 SHA-512: Salt Len. 1, only room for empty salt -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pkcs1_rsassa_pss_sign:528:"00d272aa28ed2085ac6df3c05c6719eed5deb618afa2e4ca4a6f7330b430ad48672d":"00c578836bab27145db9dd66f17470b62d4a6100f8ca0dedf457ee3639c3b9596325":"00a2554eba715bf66e5ecdf3d6d718e3e5d907e8666e7bf5a76b415106e04eb827ec4cb2199cff66491d45419082059aa5b54b0cf5eef4443402f3047c0b0e6f025081":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"391cad6ca7e43059db25e85e9055b00a1087dd8709b40e07fd2b20327ba5dbe1eaac18bc4ddc9d9fd27572895a05553c613d7fe57da7543b19eba91860e1ca12":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"":1:MBEDTLS_ERR_RSA_BAD_INPUT_DATA diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 376c752f4..626197995 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -1,6 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" -#include "mbedtls/legacy_or_psa.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -18,6 +17,8 @@ void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, mbedtls_test_rnd_buf_info info; mbedtls_mpi N, E; + MD_PSA_INIT(); + info.fallback_f_rng = mbedtls_test_rnd_std_rand; info.fallback_p_rng = NULL; info.buf = rnd_buf->x; @@ -29,6 +30,9 @@ void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, MBEDTLS_RSA_PKCS_V21, hash) == 0); memset(output, 0x00, sizeof(output)); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); @@ -44,12 +48,13 @@ void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, message_str->x, output) == result); if (result == 0) { - ASSERT_COMPARE(output, ctx.len, result_str->x, result_str->len); + TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); } exit: mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); mbedtls_rsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -66,6 +71,8 @@ void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, mbedtls_mpi N, P, Q, E; ((void) seed); + MD_PSA_INIT(); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&E); @@ -73,6 +80,9 @@ void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + memset(output, 0x00, sizeof(output)); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -100,7 +110,7 @@ void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, output, sizeof(output)) == result); if (result == 0) { - ASSERT_COMPARE(output, output_len, result_str->x, result_str->len); + TEST_MEMORY_COMPARE(output, output_len, result_str->x, result_str->len); } } @@ -108,6 +118,7 @@ exit: mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); mbedtls_rsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -123,6 +134,8 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, mbedtls_test_rnd_buf_info info; mbedtls_mpi N, P, Q, E; + MD_PSA_INIT(); + info.fallback_f_rng = mbedtls_test_rnd_std_rand; info.fallback_p_rng = NULL; info.buf = rnd_buf->x; @@ -134,6 +147,9 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + memset(output, 0x00, sizeof(output)); TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); @@ -151,7 +167,7 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, &ctx, &mbedtls_test_rnd_buffer_rand, &info, digest, hash_digest->len, hash_digest->x, output) == result); if (result == 0) { - ASSERT_COMPARE(output, ctx.len, result_str->x, result_str->len); + TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); } info.buf = rnd_buf->x; @@ -163,13 +179,14 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, digest, hash_digest->len, hash_digest->x, fixed_salt_length, output) == result); if (result == 0) { - ASSERT_COMPARE(output, ctx.len, result_str->x, result_str->len); + TEST_MEMORY_COMPARE(output, ctx.len, result_str->x, result_str->len); } exit: mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q); mbedtls_mpi_free(&E); mbedtls_rsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -182,11 +199,16 @@ void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, mbedtls_mpi N, E; ((void) salt); + MD_PSA_INIT(); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); mbedtls_rsa_init(&ctx); TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); @@ -201,6 +223,7 @@ void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, exit: mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); mbedtls_rsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ @@ -215,11 +238,16 @@ void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, mbedtls_rsa_context ctx; mbedtls_mpi N, E; + MD_PSA_INIT(); + mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); mbedtls_rsa_init(&ctx); TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash) == 0); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), ctx_hash); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); @@ -239,5 +267,6 @@ void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, exit: mbedtls_mpi_free(&N); mbedtls_mpi_free(&E); mbedtls_rsa_free(&ctx); + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 5c6df7ce5..f3ea5536f 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -1,214 +1,246 @@ PBKDF2 RFC 6070 Test Vector #1 (SHA1) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":1:20:"0c60c80f961f0e71f3a9b524af6012062fe037a6" PBKDF2 RFC 6070 Test Vector #2 (SHA1) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":2:20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957" PBKDF2 RFC 6070 Test Vector #3 (SHA1) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f7264":"73616c74":4096:20:"4b007901b765489abead49d926f721d065a429c1" PBKDF2 RFC 6070 Test Vector #5 (SHA1) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pbkdf2_hmac:MBEDTLS_MD_SHA1:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038" PBKDF2 RFC 6070 Test Vector #6 (SHA1) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA1 pbkdf2_hmac:MBEDTLS_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3" PBKDF2 Python hashlib Test Vector #1 (SHA224) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":1:20:"3c198cbdb9464b7857966bd05b7bc92bc1cc4e6e" PBKDF2 Python hashlib Test Vector #2 (SHA224) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":2:20:"93200ffa96c5776d38fa10abdf8f5bfc0054b971" PBKDF2 Python hashlib Test Vector #3 (SHA224) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":4096:20:"218c453bf90635bd0a21a75d172703ff6108ef60" PBKDF2 Python hashlib Test Vector #5 (SHA224) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"056c4ba438ded91fc14e0594e6f52b87e1f3690c0dc0fbc057" PBKDF2 Python hashlib Test Vector #6 (SHA224) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA224 pbkdf2_hmac:MBEDTLS_MD_SHA224:"7061737300776f7264":"7361006c74":4096:16:"9b4011b641f40a2a500a31d4a392d15c" PBKDF2 RFC 7914 Sec 11 Test Vector #1 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"706173737764":"73616c74":1:64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783" PBKDF2 RFC 7914 Sec 11 Test Vector #2 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"50617373776f7264":"4e61436c":80000:64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d" PBKDF2 Python hashlib Test Vector #1 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":1:20:"120fb6cffcf8b32c43e7225256c4f837a86548c9" PBKDF2 Python hashlib Test Vector #2 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":2:20:"ae4d0c95af6b46d32d0adff928f06dd02a303f8e" PBKDF2 Python hashlib Test Vector #3 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f7264":"73616c74":4096:20:"c5e478d59288c841aa530db6845c4c8d962893a0" PBKDF2 Python hashlib Test Vector #5 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c" PBKDF2 Python hashlib Test Vector #6 (SHA256) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA256 pbkdf2_hmac:MBEDTLS_MD_SHA256:"7061737300776f7264":"7361006c74":4096:16:"89b69d0516f829893c696226650a8687" PBKDF2 Python hashlib Test Vector #1 (SHA384) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":1:20:"c0e14f06e49e32d73f9f52ddf1d0c5c719160923" PBKDF2 Python hashlib Test Vector #2 (SHA384) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":2:20:"54f775c6d790f21930459162fc535dbf04a93918" PBKDF2 Python hashlib Test Vector #3 (SHA384) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":4096:20:"559726be38db125bc85ed7895f6e3cf574c7a01c" PBKDF2 Python hashlib Test Vector #5 (SHA384) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"819143ad66df9a552559b9e131c52ae6c5c1b0eed18f4d283b" PBKDF2 Python hashlib Test Vector #6 (SHA384) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA384 pbkdf2_hmac:MBEDTLS_MD_SHA384:"7061737300776f7264":"7361006c74":4096:16:"a3f00ac8657e095f8e0823d232fc60b3" PBKDF2 Python hashlib Test Vector #1 (SHA512) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":1:20:"867f70cf1ade02cff3752599a3a53dc4af34c7a6" PBKDF2 Python hashlib Test Vector #2 (SHA512) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":2:20:"e1d9c16aa681708a45f5c7c4e215ceb66e011a2e" PBKDF2 Python hashlib Test Vector #3 (SHA512) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f7264":"73616c74":4096:20:"d197b1b33db0143e018b12f3d1d1479e6cdebdcc" PBKDF2 Python hashlib Test Vector #5 (SHA512) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pbkdf2_hmac:MBEDTLS_MD_SHA512:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868" PBKDF2 Python hashlib Test Vector #6 (SHA512) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:MBEDTLS_MD_CAN_SHA512 pbkdf2_hmac:MBEDTLS_MD_SHA512:"7061737300776f7264":"7361006c74":4096:16:"9d9e9c4cd21fe4be24d5b8244c759665" +PBES2 Encrypt, pad=6 (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":144:0:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7" + +PBES2 Encrypt, pad=8 (OK) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55":136:0:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC2262AD99FBD6C3B0AB" + +PBES2 Encrypt, pad=8 (Invalid output size) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":151:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22D8D337E00CB5D1B5B76BE4AE393414050646A102DEF61A9F" + +PBES2 Encrypt, pad=6 (PKCS7 padding disabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" + +PBES2 Encrypt, pad=8 (PKCS7 padding disabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_encrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D5510101010101010101010101010101010":138:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:"" + PBES2 Decrypt (OK) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" + +PBES2 Decrypt (Invalid output size) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":143:MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" + +PBES2 Decrypt (Invalid padding & PKCS7 padding disabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" + +PBES2 Decrypt (Invalid padding & PKCS7 padding enabled) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FDA3488A7144097565":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060607" PBES2 Decrypt (bad params tag) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_SEQUENCE:"":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_SEQUENCE:"":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad KDF AlgId: not a sequence) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"31":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"31":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad KDF AlgId: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"3001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"3001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (KDF != PBKDF2) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300B06092A864886F70D01050D":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" PBES2 Decrypt (bad PBKDF2 params: not a sequence) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad PBKDF2 params: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300D06092A864886F70D01050C3001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad PBKDF2 params salt: not an octet string) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010500":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad PBKDF2 params salt: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"300E06092A864886F70D01050C30010401":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad PBKDF2 params iter: not an int) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70300":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad PBKDF2 params iter: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301906092A864886F70D01050C300C04082ED7F24A1D516DD70201":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (OK, PBKDF2 params explicit keylen) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301E06092A864886F70D01050C301104082ED7F24A1D516DD702020800020118301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208000201":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0207301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:0:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF" PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301D06092A864886F70D01050C301004082ED7F24A1D516DD7020208003001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302706092A864886F70D01050C301A04082ED7F24A1D516DD702020800300A06082A864886F70D0206":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" PBES2 Decrypt (bad, PBKDF2 params extra data) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"302806092A864886F70D01050C301B04082ED7F24A1D516DD702020800300A06082A864886F70D020700":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:"" PBES2 Decrypt (bad enc_scheme_alg: not a sequence) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003100":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:"" PBES2 Decrypt (bad enc_scheme_alg: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD7020208003001":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad enc_scheme_alg: unknown oid) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300A06082A864886F70D03FF":"":"":0:MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE:"" PBES2 Decrypt (bad enc_scheme_alg params: not an octet string) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070500":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" PBES2 Decrypt (bad enc_scheme_alg params: overlong) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800300C06082A864886F70D03070401":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA:"" PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301306082A864886F70D030704078A4FCC9DCC3949":"":"":0:MBEDTLS_ERR_PKCS5_INVALID_FORMAT:"" PBES2 Decrypt (bad password) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC394910":"F0617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" PBES2 Decrypt (bad iter value) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 -mbedtls_pkcs5_pbes2:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +pbes2_decrypt:MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:"301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020801301406082A864886F70D030704088A4FCC9DCC394910":"70617373776f7264":"1B60098D4834CA752D37B430E70B7A085CFF86E21F4849F969DD1DF623342662443F8BD1252BF83CEF6917551B08EF55A69C8F2BFFC93BCB2DFE2E354DA28F896D1BD1BFB972A1251219A6EC7183B0A4CF2C4998449ED786CAE2138437289EB2203974000C38619DA57A4E685D29649284602BD1806131772DA11A682674DC22B2CF109128DDB7FD980E1C5741FC0DB7":144:MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH:"308187020100301306072A8648CE3D020106082A8648CE3D030107046D306B0201010420F12A1320760270A83CBFFD53F6031EF76A5D86C8A204F2C30CA9EBF51F0F0EA7A1440342000437CC56D976091E5A723EC7592DFF206EEE7CF9069174D0AD14B5F768225962924EE500D82311FFEA2FD2345D5D16BD8A88C26B770D55CD8A2A0EFA01C8B4EDFF060606060606" PKCS#5 Selftest pkcs5_selftest: diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index fd731e99f..2b0b0c1e0 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -1,6 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/pkcs5.h" -#include "mbedtls/legacy_or_psa.h" +#include "mbedtls/cipher.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -14,50 +14,123 @@ void pbkdf2_hmac(int hash, data_t *pw_str, data_t *salt_str, { unsigned char key[100]; - PSA_INIT_IF_NO_MD(); + MD_PSA_INIT(); TEST_ASSERT(mbedtls_pkcs5_pbkdf2_hmac_ext(hash, pw_str->x, pw_str->len, salt_str->x, salt_str->len, it_cnt, key_len, key) == 0); TEST_ASSERT(mbedtls_test_hexcmp(key, result_key_string->x, key_len, result_key_string->len) == 0); - PSA_DONE_IF_NO_MD(); + +exit: + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ -void mbedtls_pkcs5_pbes2(int params_tag, data_t *params_hex, data_t *pw, - data_t *data, int ref_ret, data_t *ref_out) +void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, + data_t *ref_out) { int my_ret; mbedtls_asn1_buf params; unsigned char *my_out = NULL; - - PSA_INIT_IF_NO_MD(); +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + MD_PSA_INIT(); params.tag = params_tag; params.p = params_hex->x; params.len = params_hex->len; - my_out = mbedtls_test_zero_alloc(ref_out->len); + ASSERT_ALLOC(my_out, outsize); - my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_DECRYPT, - pw->x, pw->len, data->x, data->len, my_out); - TEST_ASSERT(my_ret == ref_ret); - - if (ref_ret == 0) { - TEST_ASSERT(memcmp(my_out, ref_out->x, ref_out->len) == 0); +#if defined(MBEDTLS_TEST_DEPRECATED) + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_ENCRYPT, + pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); } + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } +#endif + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + my_ret = mbedtls_pkcs5_pbes2_ext(¶ms, MBEDTLS_PKCS5_ENCRYPT, + pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif exit: mbedtls_free(my_out); - PSA_DONE_IF_NO_MD(); + MD_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void pbes2_decrypt(int params_tag, data_t *params_hex, data_t *pw, + data_t *data, int outsize, int ref_ret, + data_t *ref_out) +{ + int my_ret; + mbedtls_asn1_buf params; + unsigned char *my_out = NULL; +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + size_t my_out_len = 0; +#endif + + MD_PSA_INIT(); + + params.tag = params_tag; + params.p = params_hex->x; + params.len = params_hex->len; + + ASSERT_ALLOC(my_out, outsize); + +#if defined(MBEDTLS_TEST_DEPRECATED) + if (ref_ret != MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { + my_ret = mbedtls_pkcs5_pbes2(¶ms, MBEDTLS_PKCS5_DECRYPT, + pw->x, pw->len, data->x, data->len, my_out); + TEST_EQUAL(my_ret, ref_ret); + } + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, ref_out->len, + ref_out->x, ref_out->len); + } +#endif + +#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) + my_ret = mbedtls_pkcs5_pbes2_ext(¶ms, MBEDTLS_PKCS5_DECRYPT, + pw->x, pw->len, data->x, data->len, my_out, + outsize, &my_out_len); + TEST_EQUAL(my_ret, ref_ret); + if (ref_ret == 0) { + ASSERT_COMPARE(my_out, my_out_len, + ref_out->x, ref_out->len); + } +#endif + +exit: + mbedtls_free(my_out); + MD_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void pkcs5_selftest() { + MD_PSA_INIT(); TEST_ASSERT(mbedtls_pkcs5_self_test(1) == 0); + +exit: + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkcs7.data b/tests/suites/test_suite_pkcs7.data index 571d5adf4..d3b83cdf0 100644 --- a/tests/suites/test_suite_pkcs7.data +++ b/tests/suites/test_suite_pkcs7.data @@ -1,83 +1,3257 @@ PKCS7 Signed Data Parse Pass SHA256 #1 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha256.der":MBEDTLS_PKCS7_SIGNED_DATA PKCS7 Signed Data Parse Pass SHA1 #2 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha1.der":MBEDTLS_PKCS7_SIGNED_DATA PKCS7 Signed Data Parse Pass Without CERT #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs7_parse:"data_files/pkcs7_data_without_cert_signed.der":MBEDTLS_PKCS7_SIGNED_DATA +PKCS7 Signed Data Parse with zero signers +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_parse:"data_files/pkcs7_data_no_signers.der":MBEDTLS_PKCS7_SIGNED_DATA + PKCS7 Signed Data Parse Fail with multiple certs #4 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_data_multiple_certs_signed.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE -PKCS7 Signed Data Parse Fail with corrupted cert #5 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +PKCS7 Signed Data Parse Fail with corrupted cert #5.0 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_data_signed_badcert.der":MBEDTLS_ERR_PKCS7_INVALID_CERT +PKCS7 Signed Data Parse Fail with disabled alg #5.1 +depends_on:MBEDTLS_RSA_C:!MBEDTLS_MD_CAN_SHA512 +pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha512.der":MBEDTLS_ERR_PKCS7_INVALID_ALG + +PKCS7 Parse Fail with Inlined Content Info #5.2 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_with_signature.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE + +PKCS7 Signed Data Parse Fail with no RSA #5.3 +depends_on:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_cert_signed_sha256.der":MBEDTLS_ERR_PKCS7_INVALID_CERT + PKCS7 Signed Data Parse Fail with corrupted signer info #6 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_data_signed_badsigner.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) +PKCS7 Signed Data Parse Fail with corrupted signer info[1] invalid size #6.1 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_signed_badsigner1_badsize.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO + +PKCS7 Signed Data Parse Fail with corrupted signer info[2] invalid size #6.2 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_signed_badsigner2_badsize.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO + +PKCS7 Signed Data Parse Fail with corrupted signer info[1] unexpected tag #6.3 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_signed_badsigner1_badtag.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) + +PKCS7 Signed Data Parse Fail with corrupted signer info[2] unexpected tag #6.4 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_signed_badsigner2_badtag.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) + +PKCS7 Signed Data Parse Fail with corrupted signer info[1] fuzz bad #6.5 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_signed_badsigner1_fuzzbad.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO + +PKCS7 Signed Data Parse Fail with corrupted signer info[2] fuzz bad #6.6 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_parse:"data_files/pkcs7_data_signed_badsigner2_fuzzbad.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO + PKCS7 Signed Data Parse Fail Version other than 1 #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs7_parse:"data_files/pkcs7_data_cert_signed_v2.der":MBEDTLS_ERR_PKCS7_INVALID_VERSION PKCS7 Signed Data Parse Fail Encrypted Content #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs7_parse:"data_files/pkcs7_data_cert_encrypted.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE +PKCS7 Signed Data Verification Pass zero-len data +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 +pkcs7_verify:"data_files/pkcs7_zerolendata_detached.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_zerolendata.bin":0:0 + +PKCS7 Signed Data Verification Fail zero-len data +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +pkcs7_verify:"data_files/pkcs7_zerolendata_detached.der":"data_files/pkcs7-rsa-sha256-2.der":"data_files/pkcs7_zerolendata.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED + PKCS7 Signed Data Verification Pass SHA256 #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin":0:0 PKCS7 Signed Data Verification Pass SHA256 #9.1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin":MBEDTLS_MD_SHA256:0 PKCS7 Signed Data Verification Pass SHA1 #10 -depends_on:MBEDTLS_SHA1_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha1.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin":0:0 PKCS7 Signed Data Verification Pass SHA512 #11 -depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_MD_CAN_SHA256 pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha512.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data.bin":0:0 PKCS7 Signed Data Verification Fail because of different certificate #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-2.der":"data_files/pkcs7_data.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED PKCS7 Signed Data Verification Fail because of different data hash #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-sha256-1.der":"data_files/pkcs7_data_1.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED PKCS7 Signed Data Parse Failure Corrupt signerInfo.issuer #15.1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_signerInfo_issuer_invalid_size.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO PKCS7 Signed Data Parse Failure Corrupt signerInfo.serial #15.2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_signerInfo_serial_invalid_size.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO -pkcs7_get_signers_info_set error handling (6213931373035520) -depends_on:MBEDTLS_RIPEMD160_C -pkcs7_parse:"data_files/pkcs7_get_signers_info_set-missing_free-fuzz_pkcs7-6213931373035520.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +PKCS7 Signed Data Parse Fail Corrupt signerInfos[2] (6213931373035520) +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_parse:"data_files/pkcs7_signerInfo_2_invalid_tag.der":MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) -pkcs7_get_signers_info_set error handling (4541044530479104) -depends_on:MBEDTLS_RIPEMD160_C -pkcs7_parse:"data_files/pkcs7_get_signers_info_set-leak-fuzz_pkcs7-4541044530479104.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO +PKCS7 Signed Data Parse Fail Corrupt signerInfos[1].issuerAndSerialNumber.serialNumber, after multi-element .name (4541044530479104) +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_parse:"data_files/pkcs7_signerInfo_1_serial_invalid_tag_after_long_name.der":MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO PKCS7 Only Signed Data Parse Pass #15 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pkcs7_parse:"data_files/pkcs7_data_cert_signeddata_sha256.der":MBEDTLS_PKCS7_SIGNED_DATA -PKCS7 Signed Data Verify with multiple signers #16 -depends_on:MBEDTLS_SHA256_C -pkcs7_verify_multiple_signers:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin":0:0 +PKCS7 Signed Data Verify with multiple(2) signers #16.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_verify:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin":0:0 + +PKCS7 Signed Data Verify with multiple(3) signers #16.1 +depends_on:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_MEMORY_BUFFER_ALLOC_C +pkcs7_verify:"data_files/pkcs7_data_3_signed.der":"data_files/pkcs7-rsa-sha256-1.crt data_files/pkcs7-rsa-sha256-2.crt data_files/pkcs7-rsa-sha256-3.crt":"data_files/pkcs7_data.bin":0:0 PKCS7 Signed Data Hash Verify with multiple signers #17 -depends_on:MBEDTLS_SHA256_C -pkcs7_verify_multiple_signers:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin":MBEDTLS_MD_SHA256:0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_verify:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin":MBEDTLS_MD_SHA256:0 + +PKCS7 Signed Data Hash Verify Fail with multiple signers #18 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA512 +pkcs7_verify:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin":MBEDTLS_MD_SHA512:MBEDTLS_ERR_PKCS7_VERIFY_FAIL + +PKCS7 Signed Data Verify Pass Expired Cert #19 no TIME_DATE +depends_on:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_HAVE_TIME_DATE +pkcs7_verify:"data_files/pkcs7_data_rsa_expired.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data.bin":0:0 + +PKCS7 Signed Data Verify Fail Expired Cert #19 have DATE_TIME +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_HAVE_TIME_DATE +pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data.bin":0:MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID + +PKCS7 Signed Data Verify Fail Expired Cert #19 no DATE_TIME 1 +depends_on:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_HAVE_TIME_DATE:MBEDTLS_RSA_C +pkcs7_verify:"data_files/pkcs7_data_cert_signed_sha256.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED + +PKCS7 Signed Data Verify Fail Expired Cert #19 no TIME_DATE 2 +depends_on:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_HAVE_TIME_DATE:MBEDTLS_RSA_C +pkcs7_verify:"data_files/pkcs7_data_rsa_expired.der":"data_files/pkcs7-rsa-expired.crt":"data_files/pkcs7_data_1.bin":0:MBEDTLS_ERR_RSA_VERIFY_FAILED + +PKCS7 Parse Failure Invalid ASN1: Add null byte to start #20.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"003082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Add null byte to end #21.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd000" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #22.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"0282050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1280 to 1281 #23.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050106092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #24.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050106092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd000" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #25.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050002092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #26.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"30820500060a2a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #27.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006082a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag a0 to 02 #28.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702028204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1265 to 1266 #29.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f2308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag a0 to contain one unaccounted extra byte #30.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f2308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1265 to 1264 #31.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f0308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #32.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1028204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1261 to 1262 #33.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ee020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #34.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ee020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1261 to 1260 #35.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ec020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #36.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed040101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #37.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020201310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #38.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020001310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #39.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101020f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 15 to 16 #40.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed0201013110300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #41.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed0201013110300d0609608648016503040201050000300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 15 to 14 #42.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310e300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #43.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f020d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #44.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300e06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #45.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300e0609608648016503040201050000300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #46.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300c06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #47.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d02096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #48.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d060a6086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #49.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06086086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #50.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010200300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #51.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010501300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #52.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500020b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #53.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300c06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #54.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300c06092a864886f70d01070100a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #55.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300a06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #56.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b02092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #57.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b060a2a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #58.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06082a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag a0 to 02 #59.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d0107010282034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 845 to 846 #60.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034e3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag a0 to contain one unaccounted extra byte #61.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034e3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d97273003182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 845 to 844 #62.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034c3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #63.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d0282034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 841 to 842 #64.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034a30820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #65.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034a30820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d97273003182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 841 to 840 #66.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034830820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #67.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034902820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 561 to 562 #68.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820232a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #69.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820232a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff00300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 561 to 560 #70.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820230a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag a0 to 02 #71.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231020302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #72.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00402010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag a0 to contain one unaccounted extra byte #73.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a0040201020002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #74.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00202010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #75.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00304010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #76.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302020202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #77.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302000202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #78.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010204147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #79.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202157bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #80.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202137bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #81.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf020d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #82.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #83.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e06092a864886f70d01010b0500003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #84.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300c06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #85.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d02092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #86.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d060a2a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #87.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06082a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #88.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b02003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #89.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05013034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #90.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05000234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #91.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #92.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203100301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #93.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #94.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #95.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #96.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #97.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #98.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #99.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #100.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #101.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #102.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #103.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #104.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #105.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #106.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #107.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #108.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #109.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #110.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #111.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #112.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #113.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #114.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #115.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #116.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #117.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #118.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #119.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #120.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #121.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #122.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #123.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #124.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b4353372043657274203100301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #125.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #126.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #127.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #128.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b4353372043657274203100301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #129.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #130.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #131.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #132.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #133.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #134.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #135.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #136.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031021e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 30 to 31 #137.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301f170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #138.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301f170d3232313032383136313035365a170d3233313032383136313035365a003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 30 to 29 #139.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301d170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 17 to 02 #140.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e020d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #141.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170e3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #142.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170c3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 17 to 02 #143.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a020d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #144.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170e3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #145.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170c3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #146.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #147.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #148.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420310030820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #149.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #150.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #151.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #152.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #153.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #154.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #155.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #156.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #157.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #158.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #159.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #160.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #161.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #162.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #163.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #164.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #165.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #166.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #167.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #168.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #169.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #170.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #171.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #172.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #173.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #174.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #175.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #176.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #177.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #178.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #179.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #180.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b435337204365727420310030820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #181.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #182.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #183.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #184.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b435337204365727420310030820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #185.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #186.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #187.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #188.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #189.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #190.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #191.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #192.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 290 to 291 #193.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820123300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #194.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820123300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf08353020301000100a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 290 to 289 #195.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820121300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #196.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122020d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #197.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300e06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #198.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300e06092a864886f70d0101010500000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #199.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300c06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #200.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d02092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #201.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d060a2a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #202.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06082a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #203.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010102000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #204.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105010382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 03 to 02 #205.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000282010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 271 to 272 #206.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d010101050003820110003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 271 to 270 #207.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010e003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag a3 to 02 #208.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf08353020301000102533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 83 to 84 #209.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3543051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 83 to 82 #210.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3523051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #211.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff020d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #212.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300e06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #213.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300e06092a864886f70d01010b0500000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #214.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300c06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #215.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d02092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #216.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d060a2a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #217.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06082a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #218.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b02000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #219.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05010382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 03 to 02 #220.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000282010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 257 to 258 #221.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010200821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 257 to 256 #222.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010000821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #223.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972730282017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 375 to 376 #224.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017830820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #225.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017830820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 375 to 374 #226.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017630820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #227.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017702820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 372 #228.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #229.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 370 #230.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820172020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #231.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173040101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #232.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020201304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #233.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020001304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #234.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101024c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 77 #235.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #236.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf00300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 75 #237.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304b3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #238.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #239.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #240.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #241.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #242.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #243.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #244.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #245.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #246.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #247.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #248.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #249.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #250.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #251.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #252.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #253.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #254.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #255.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #256.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #257.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #258.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #259.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #260.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #261.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #262.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #263.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #264.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #265.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #266.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #267.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #268.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #269.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #270.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #271.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #272.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #273.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #274.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #275.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #276.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #277.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #278.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #279.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #280.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #281.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #282.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #283.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #284.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203104147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #285.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102157bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #286.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102137bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #287.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf020d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #288.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #289.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e0609608648016503040201050000300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #290.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300c06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #291.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d02096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #292.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d060a6086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #293.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06086086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #294.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010200300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #295.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010501300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #296.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500020d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #297.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300e06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #298.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300e06092a864886f70d010101050000048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #299.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300c06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #300.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d02092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #301.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d060a2a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #302.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06082a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #303.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010200048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #304.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010501048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change tag 04 to 02 #305.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500028201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + +PKCS7 Parse Failure Invalid ASN1: Change length from 256 to 257 #306.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082050006092a864886f70d010702a08204f1308204ed020101310f300d06096086480165030402010500300b06092a864886f70d010701a082034d3082034930820231a00302010202147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06092a864886f70d01010b05003034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742031301e170d3232313032383136313035365a170d3233313032383136313035365a3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203130820122300d06092a864886f70d01010105000382010f003082010a0282010100c8b6cf69899cd1f0ebb4ca645c05e70e0d2efeddcc61d089cbd515a39a3579b92343b61ec750060fb4ed37876332400e425f1d376c7e75c2973314edf4bb30c8f8dd03b9fcff955a245d49137ad6e60056cac19552a865d52187187cc042c9c49e3e3a9c17a534b453cdabc0cb113b4f63f5b3174b9ee9902b1910d11496a279a74326adcfee10bfd9e7ebafbb377be9b63959165d13dd5751171cadad3c1d3adac68bc8011d61b54cf60178be36839a89ac91ab419e3ca37d6ba881d25518c4db68bca6f7c83602f699a86b17fb1e773bcbe74bb93a49b251ae86428b5740e1868bb1d6fab9e28712e98ec319ad8fca4d73010c4b09c4b80458961e7cf083530203010001a3533051301d0603551d0e041604148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8301f0603551d230418301680148aeee5947cc67c5dd515a76e2a7ecd31ee52fdc8300f0603551d130101ff040530030101ff300d06092a864886f70d01010b05000382010100821d6b98cd457debd2b081aca27ebecd4f93acc828443b39eabffa9fa4e9e4543b46fcc31e2b5b48177903dea6969ac4a2cc6570650390f1b08d43a4c2f975c7ed8bf3356c7218380212451a8f11de46553cbcd65b4254ddb8f66834eb21dda2a8f33b581e1484557aca1b94ee8931ddf16037b7a7171321a91936afc27ffce395de75d5f70cb8b5aee05ff507088d65af1e43966cd42cbe6f7facf8dae055dd8222b1696521723f81245178595c985ae917fd4b3998773e1a97b7bd10085446f4259bcc09a454929282c1b89b71ed587a775e0a3d4536341f45dae969e806c96fefc71067776c02ba22122b9199b14c0c28c04487509070b97f3dd2d6d972733182017730820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201015becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd0" + + +PKCS7 Parse Failure Invalid ASN1: Add null byte to start #307.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"003082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Add null byte to end #308.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640000" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #309.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"0282032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 806 to 807 #310.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032706092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #311.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032706092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 806 to 805 #312.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032506092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #313.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032602092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #314.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"30820326060a2a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #315.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606082a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag a0 to 02 #316.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d0107020282031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 791 to 792 #317.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031830820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag a0 to contain one unaccounted extra byte #318.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031830820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 791 to 790 #319.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031630820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #320.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031702820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 787 to 788 #321.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820314020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #322.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820314020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 787 to 786 #323.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820312020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #324.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313040101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #325.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020201310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #326.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020001310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #327.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101020f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 15 to 16 #328.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a0820317308203130201013110300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #329.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a0820317308203130201013110300d0609608648016503040201050000300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 15 to 14 #330.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310e300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #331.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f020d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #332.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300e06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #333.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300e0609608648016503040201050000300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #334.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300c06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #335.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d02096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #336.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d060a6086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #337.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06086086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #338.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010200300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #339.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010501300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #340.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500020b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #341.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300c06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #342.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300c06092a864886f70d01070100318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #343.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300a06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #344.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b02092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #345.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b060a2a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #346.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06082a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #347.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701028202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 750 to 751 #348.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ef30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #349.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ef30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 750 to 749 #350.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ed30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #351.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee02820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 372 #352.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #353.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd00030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 370 #354.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820172020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #355.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173040101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #356.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020201304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #357.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020001304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #358.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101024c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 77 #359.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #360.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf00300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 75 #361.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304b3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #362.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #363.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #364.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #365.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #366.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #367.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #368.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #369.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #370.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #371.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #372.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #373.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #374.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #375.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #376.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #377.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #378.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #379.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #380.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #381.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #382.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #383.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #384.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #385.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #386.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #387.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #388.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #389.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #390.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #391.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #392.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #393.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #394.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #395.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #396.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #397.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #398.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #399.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #400.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #401.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #402.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #403.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #404.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #405.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #406.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #407.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #408.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203104147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #409.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102157bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #410.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102137bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #411.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf020d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #412.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #413.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e0609608648016503040201050000300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #414.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300c06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #415.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d02096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #416.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d060a6086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #417.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06086086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #418.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010200300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #419.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010501300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #420.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500020d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #421.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300e06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #422.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300e06092a864886f70d010101050000048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #423.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300c06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #424.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d02092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #425.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d060a2a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #426.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06082a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #427.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010200048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #428.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010501048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 04 to 02 #429.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500028201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 256 to 257 #430.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201015becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #431.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd002820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 372 #432.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #433.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 370 #434.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820172020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #435.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173040101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #436.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020201304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #437.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020001304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #438.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101024c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 77 #439.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #440.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c00300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 75 #441.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304b3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #442.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #443.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #444.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742032000214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #445.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #446.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #447.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #448.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #449.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #450.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #451.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #452.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #453.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #454.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #455.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #456.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #457.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #458.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #459.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #460.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #461.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #462.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #463.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #464.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #465.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #466.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #467.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #468.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #469.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #470.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #471.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #472.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #473.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #474.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #475.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #476.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b43533720436572742032000214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #477.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #478.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #479.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #480.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b43533720436572742032000214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #481.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #482.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #483.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #484.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #485.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #486.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #487.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #488.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320414564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #489.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320215564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #490.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320213564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #491.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c020d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #492.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300e06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #493.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300e0609608648016503040201050000300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #494.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300c06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #495.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d02096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #496.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d060a6086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #497.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06086086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #498.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010200300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #499.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010501300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #500.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500020d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #501.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300e06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #502.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300e06092a864886f70d01010105000004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #503.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300c06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #504.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d02092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #505.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d060a2a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #506.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06082a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #507.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101020004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #508.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050104820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change tag 04 to 02 #509.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050002820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + +PKCS7 Parse Failure Invalid ASN1: Change length from 256 to 257 #510.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082032606092a864886f70d010702a082031730820313020101310f300d06096086480165030402010500300b06092a864886f70d010701318202ee30820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820101046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a6400" + + +PKCS7 Parse Failure Invalid ASN1: Add null byte to start #511.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"003082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Add null byte to end #512.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae88000" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #513.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"0282049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1181 to 1182 #514.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049e06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #515.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049e06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae88000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1181 to 1180 #516.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049c06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #517.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d02092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #518.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d060a2a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #519.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06082a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag a0 to 02 #520.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d0107020282048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1166 to 1167 #521.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048f3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag a0 to contain one unaccounted extra byte #522.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048f3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae88000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1166 to 1165 #523.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048d3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #524.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e0282048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1162 to 1163 #525.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048b020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #526.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048b020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae88000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1162 to 1161 #527.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e30820489020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #528.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a040101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #529.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020201310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #530.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020001310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #531.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101020f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 15 to 16 #532.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a0201013110300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #533.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a0201013110300d0609608648016503040201050000300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 15 to 14 #534.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310e300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #535.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f020d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #536.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300e06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #537.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300e0609608648016503040201050000300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #538.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300c06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #539.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d02096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #540.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d060a6086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #541.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06086086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #542.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010200300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #543.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010501300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #544.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500020b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #545.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300c06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #546.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300c06092a864886f70d010701003182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #547.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300a06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #548.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b02092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #549.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b060a2a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #550.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06082a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #551.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107010282046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1125 to 1126 #552.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046630820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #553.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046630820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae88000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1125 to 1124 #554.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046430820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #555.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046502820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 372 #556.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #557.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd00030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 370 #558.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820172020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #559.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173040101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #560.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020201304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #561.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020001304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #562.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101024c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 77 #563.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #564.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf00300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 75 #565.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304b3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #566.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #567.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #568.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #569.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #570.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #571.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #572.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #573.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #574.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #575.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #576.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #577.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #578.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #579.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #580.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #581.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #582.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #583.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #584.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #585.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #586.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #587.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #588.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #589.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #590.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #591.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #592.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #593.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #594.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #595.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #596.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #597.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #598.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #599.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #600.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #601.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #602.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #603.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #604.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b435337204365727420310002147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #605.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #606.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #607.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #608.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #609.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #610.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #611.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #612.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203104147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #613.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102157bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #614.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102137bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #615.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf020d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #616.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #617.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300e0609608648016503040201050000300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #618.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300c06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #619.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d02096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #620.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d060a6086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #621.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06086086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #622.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010200300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #623.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010501300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #624.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500020d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #625.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300e06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #626.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300e06092a864886f70d010101050000048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #627.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300c06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #628.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d02092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #629.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d060a2a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #630.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06082a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #631.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010200048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #632.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010501048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 04 to 02 #633.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500028201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 256 to 257 #634.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201015becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #635.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd002820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 372 #636.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #637.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a64000030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 370 #638.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820172020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #639.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173040101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #640.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020201304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #641.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020001304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #642.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101024c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 77 #643.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #644.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c00300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 75 #645.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304b3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #646.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #647.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #648.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742032000214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #649.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #650.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #651.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #652.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #653.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #654.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #655.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #656.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #657.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #658.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #659.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #660.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #661.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #662.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #663.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #664.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #665.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #666.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #667.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #668.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #669.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #670.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #671.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #672.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #673.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #674.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #675.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #676.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #677.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #678.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #679.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #680.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b43533720436572742032000214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #681.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #682.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #683.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #684.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b43533720436572742032000214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #685.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #686.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #687.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #688.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #689.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #690.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #691.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #692.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320414564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #693.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320215564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #694.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320213564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #695.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c020d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #696.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300e06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #697.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300e0609608648016503040201050000300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #698.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300c06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #699.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d02096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #700.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d060a6086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #701.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06086086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #702.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010200300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #703.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010501300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #704.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500020d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #705.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300e06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #706.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300e06092a864886f70d01010105000004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #707.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300c06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #708.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d02092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #709.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d060a2a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #710.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06082a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #711.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101020004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #712.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050104820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 04 to 02 #713.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050002820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 256 to 257 #714.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820101046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #715.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640002820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 372 #716.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #717.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820174020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae88000" + +PKCS7 Parse Failure Invalid ASN1: Change length from 371 to 370 #718.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820172020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #719.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173040101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 2 #720.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020201304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 1 to 0 #721.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020001304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #722.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101024c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 77 #723.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #724.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304d3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb00300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 76 to 75 #725.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304b3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #726.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c0234310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 53 #727.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #728.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3035310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203300021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 52 to 51 #729.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3033310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #730.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034020b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 12 #731.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310c3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #732.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310c3009060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 11 to 10 #733.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310a3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #734.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b0209060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #735.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b300a060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #736.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b300a060355040613024e4c00310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #737.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3008060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #738.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009020355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #739.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060455040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #740.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060255040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 13 to 02 #741.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040602024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 3 #742.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613034e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 2 to 1 #743.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613014e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #744.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c020e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 15 #745.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #746.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310f300c060355040a0c05504b435337003115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 14 to 13 #747.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310d300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #748.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e020c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #749.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #750.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300d060355040a0c05504b435337003115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #751.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300b060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #752.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c020355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #753.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060455040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #754.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060255040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #755.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0205504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 6 #756.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c06504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 5 to 4 #757.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c04504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 31 to 02 #758.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353370215301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 22 #759.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 31 to contain one unaccounted extra byte #760.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373116301306035504030c0c504b4353372043657274203300021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 21 to 20 #761.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373114301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #762.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115021306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 20 #763.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #764.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301406035504030c0c504b4353372043657274203300021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 19 to 18 #765.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301206035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #766.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301302035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 4 #767.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306045504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 3 to 2 #768.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306025504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 0c to 02 #769.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b435337311530130603550403020c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 13 #770.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0d504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 12 to 11 #771.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0b504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 02 to 04 #772.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033041462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 21 #773.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021562477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 20 to 19 #774.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021362477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #775.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb020d06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #776.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300e06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #777.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300e0609608648016503040201050000300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #778.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300c06096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #779.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d02096086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #780.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d060a6086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #781.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06086086480165030402010500300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #782.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010200300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #783.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010501300d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 30 to 02 #784.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500020d06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 14 #785.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300e06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change contents of tag 30 to contain one unaccounted extra byte #786.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300e06092a864886f70d010101050000048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 13 to 12 #787.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300c06092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 06 to 02 #788.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d02092a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 10 #789.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d060a2a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 9 to 8 #790.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06082a864886f70d0101010500048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 05 to 02 #791.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010200048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 0 to 1 #792.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010501048201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change tag 04 to 02 #793.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500028201006d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" + +PKCS7 Parse Failure Invalid ASN1: Change length from 256 to 257 #794.0 +depends_on:MBEDTLS_MD_CAN_SHA256 +pkcs7_asn1_fail:"3082049d06092a864886f70d010702a082048e3082048a020101310f300d06096086480165030402010500300b06092a864886f70d0107013182046530820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b4353372043657274203102147bdeddd2444cd1cdfe5c41a8102c89b7df2e6cbf300d06096086480165030402010500300d06092a864886f70d0101010500048201005becd87195c1deff90c24c91269b55b3f069bc225c326c314c1a51786ffe14c830be4e4bc73cba36c97677b44168279be91e7cdf7c19386ae21862719d13a3a0fff0803d460962f2cda8371484873252c3d7054db8143e2b081a3816ed0804ca5099ae5fece83d5c2c3783b1988b4b46dc94e55587a107ea1546bf22d28a097f652a4066dc2965269069af2f5176bb8ce9ca6d11f96757f03204f756703587d00ad424796c92fc7aeb6f494431999eda30990e4f5773632ed258fe0276673599da6fce35cdad7726a0bb024cad996b88e0cb98854ceb5c0b6ec748d9f9ce6a6cd437858bacb814618a272ff3a415c6e07f3db0988777fdec845a97bf7d102dd030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b435337204365727420320214564d554025af599e327079b2720ef00df37cfb7c300d06096086480165030402010500300d06092a864886f70d010101050004820100046098dc5f2b99e3bc2ed6642d7f0a61efabc15c38c76333bccceeee369a4f4a5bdda8ea59264124e429f08632683ddba17bbf262d82b6befa3b4e1480376a8c7f3c7d7e2a6779bbf18262aa857de8c20a12b6a2ce8e4d7f31dd1b195392cf6185afce34afe05896057b36e9b171b6c67ed7c2286cbfa83ff8a167c7bc7109aee7d7e1909bd384fbfc61938efca51c8993c71db317730f16e7e776867ae4fdc562d6f15de585e7b94ef496a3676367a2cbaab7b636648b0076bad5cdf1e09740ec6a451bff534efa21509f3ba77b8101b91ea7e55ddbfe1401517067d7b01a2a0879f0885c894a87cfb68c4d7ee890604881aeb97c22d1f337ef923e035a640030820173020101304c3034310b3009060355040613024e4c310e300c060355040a0c05504b4353373115301306035504030c0c504b43533720436572742033021462477298759e8e04718ae563155f3523cfb84cdb300d06096086480165030402010500300d06092a864886f70d0101010500048201016d2cbb37fd12957e5a7480ce0435e8ef6077def08ff270844de2516a4742f211d8c74690bc0948e08a296abba9285f6bb305b95b7f9408ce44e83880c719444672ec99746ba78cc4bde475319d01bde77c49d58d16d3b2e91c2e61e8303ca3d7eda3797fd8b35ca72bb14b15a24b56bb70dc13484565808110ff5db58c56f7a0435607e3c352fbf4f55106f2980fd3cd42397dbf7137ee7f1e32cd80a3b7ab12b46c169220278d7717b78a3c45d6395a130a8b58841cbc290e4f817de3a4fe16ecd077ca33a0aa25e235cc7f6655a80ba8aeec87905bb2a75459b7bcc5a133f2993493b41ffcf63cd7a391e3e6f78094ca442c80144403cb0a5f00bfc61ae880" diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function index 4fc416ae7..65384a855 100644 --- a/tests/suites/test_suite_pkcs7.function +++ b/tests/suites/test_suite_pkcs7.function @@ -7,12 +7,36 @@ #include "mbedtls/oid.h" #include "sys/types.h" #include "sys/stat.h" +#include "mbedtls/rsa.h" +#include "mbedtls/error.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_RSA_C + * depends_on:MBEDTLS_PKCS7_C * END_DEPENDENCIES */ +/* BEGIN_SUITE_HELPERS */ +int pkcs7_parse_buffer(unsigned char *pkcs7_buf, int buflen) +{ + int res; + mbedtls_pkcs7 pkcs7; + + mbedtls_pkcs7_init(&pkcs7); + res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen); + mbedtls_pkcs7_free(&pkcs7); + return res; +} +/* END_SUITE_HELPERS */ + +/* BEGIN_CASE */ +void pkcs7_asn1_fail(data_t *pkcs7_buf) +{ + int res; + res = pkcs7_parse_buffer(pkcs7_buf->x, pkcs7_buf->len); + TEST_ASSERT(res != MBEDTLS_PKCS7_SIGNED_DATA); + +} +/* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ void pkcs7_parse(char *pkcs7_file, int res_expect) @@ -21,47 +45,67 @@ void pkcs7_parse(char *pkcs7_file, int res_expect) size_t buflen; int res; - mbedtls_pkcs7 pkcs7; - - mbedtls_pkcs7_init(&pkcs7); - res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen); TEST_EQUAL(res, 0); - res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen); + res = pkcs7_parse_buffer(pkcs7_buf, buflen); TEST_EQUAL(res, res_expect); exit: mbedtls_free(pkcs7_buf); - mbedtls_pkcs7_free(&pkcs7); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */ -void pkcs7_verify(char *pkcs7_file, char *crt, char *filetobesigned, int do_hash_alg, +void pkcs7_verify(char *pkcs7_file, + char *crt_files, + char *filetobesigned, + int do_hash_alg, int res_expect) { unsigned char *pkcs7_buf = NULL; - size_t buflen; + size_t buflen, i, k, cnt = 0, n_crts = 1; unsigned char *data = NULL; - unsigned char hash[32]; + char **crt_files_arr = NULL; + unsigned char *hash = NULL; struct stat st; size_t datalen; int res; FILE *file; const mbedtls_md_info_t *md_info; - mbedtls_md_type_t md_alg; - mbedtls_pkcs7 pkcs7; - mbedtls_x509_crt x509; + mbedtls_x509_crt **crts = NULL; + + MD_OR_USE_PSA_INIT(); mbedtls_pkcs7_init(&pkcs7); - mbedtls_x509_crt_init(&x509); - USE_PSA_INIT(); + /* crt_files are space seprated list */ + for (i = 0; i < strlen(crt_files); i++) { + if (crt_files[i] == ' ') { + n_crts++; + } + } - res = mbedtls_x509_crt_parse_file(&x509, crt); - TEST_EQUAL(res, 0); + TEST_CALLOC(crts, n_crts); + TEST_CALLOC(crt_files_arr, n_crts); + + for (i = 0; i < strlen(crt_files); i++) { + for (k = i; k < strlen(crt_files); k++) { + if (crt_files[k] == ' ') { + break; + } + } + TEST_CALLOC(crt_files_arr[cnt], (k-i)+1); + crt_files_arr[cnt][k-i] = '\0'; + memcpy(crt_files_arr[cnt++], crt_files + i, k-i); + i = k; + } + + for (i = 0; i < n_crts; i++) { + TEST_CALLOC(crts[i], 1); + mbedtls_x509_crt_init(crts[i]); + } res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen); TEST_EQUAL(res, 0); @@ -69,6 +113,13 @@ void pkcs7_verify(char *pkcs7_file, char *crt, char *filetobesigned, int do_hash res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen); TEST_EQUAL(res, MBEDTLS_PKCS7_SIGNED_DATA); + TEST_EQUAL(pkcs7.signed_data.no_of_signers, n_crts); + + for (i = 0; i < n_crts; i++) { + res = mbedtls_x509_crt_parse_file(crts[i], crt_files_arr[i]); + TEST_EQUAL(res, 0); + } + res = stat(filetobesigned, &st); TEST_EQUAL(res, 0); @@ -76,119 +127,44 @@ void pkcs7_verify(char *pkcs7_file, char *crt, char *filetobesigned, int do_hash TEST_ASSERT(file != NULL); datalen = st.st_size; - ASSERT_ALLOC(data, datalen); - TEST_ASSERT(data != NULL); - - buflen = fread((void *) data, sizeof(unsigned char), datalen, file); - TEST_EQUAL(buflen, datalen); - fclose(file); - - if (do_hash_alg) { - res = mbedtls_oid_get_md_alg(&pkcs7.signed_data.digest_alg_identifiers, &md_alg); - TEST_EQUAL(res, 0); - TEST_EQUAL(md_alg, (mbedtls_md_type_t) do_hash_alg); - md_info = mbedtls_md_info_from_type(md_alg); - - res = mbedtls_md(md_info, data, datalen, hash); - TEST_EQUAL(res, 0); - - res = mbedtls_pkcs7_signed_hash_verify(&pkcs7, &x509, hash, sizeof(hash)); - } else { - res = mbedtls_pkcs7_signed_data_verify(&pkcs7, &x509, data, datalen); - } - TEST_EQUAL(res, res_expect); - -exit: - mbedtls_x509_crt_free(&x509); - mbedtls_free(data); - mbedtls_pkcs7_free(&pkcs7); - mbedtls_free(pkcs7_buf); - USE_PSA_DONE(); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */ -void pkcs7_verify_multiple_signers(char *pkcs7_file, - char *crt1, - char *crt2, - char *filetobesigned, - int do_hash_alg, - int res_expect) -{ - unsigned char *pkcs7_buf = NULL; - size_t buflen; - unsigned char *data = NULL; - unsigned char hash[32]; - struct stat st; - size_t datalen; - int res; - FILE *file; - const mbedtls_md_info_t *md_info; - mbedtls_md_type_t md_alg; - - mbedtls_pkcs7 pkcs7; - mbedtls_x509_crt x509_1; - mbedtls_x509_crt x509_2; - - mbedtls_pkcs7_init(&pkcs7); - mbedtls_x509_crt_init(&x509_1); - mbedtls_x509_crt_init(&x509_2); - - USE_PSA_INIT(); - - res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen); - TEST_EQUAL(res, 0); - - res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen); - TEST_EQUAL(res, MBEDTLS_PKCS7_SIGNED_DATA); - - TEST_EQUAL(pkcs7.signed_data.no_of_signers, 2); - - res = mbedtls_x509_crt_parse_file(&x509_1, crt1); - TEST_EQUAL(res, 0); - - res = mbedtls_x509_crt_parse_file(&x509_2, crt2); - TEST_EQUAL(res, 0); - - res = stat(filetobesigned, &st); - TEST_EQUAL(res, 0); - - file = fopen(filetobesigned, "rb"); - TEST_ASSERT(file != NULL); - - datalen = st.st_size; - ASSERT_ALLOC(data, datalen); + /* Special-case for zero-length input so that data will be non-NULL */ + TEST_CALLOC(data, datalen == 0 ? 1 : datalen); buflen = fread((void *) data, sizeof(unsigned char), datalen, file); TEST_EQUAL(buflen, datalen); fclose(file); if (do_hash_alg) { - res = mbedtls_oid_get_md_alg(&pkcs7.signed_data.digest_alg_identifiers, &md_alg); - TEST_EQUAL(res, 0); - TEST_EQUAL(md_alg, MBEDTLS_MD_SHA256); - - md_info = mbedtls_md_info_from_type(md_alg); - + md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) do_hash_alg); + TEST_CALLOC(hash, mbedtls_md_get_size(md_info)); res = mbedtls_md(md_info, data, datalen, hash); TEST_EQUAL(res, 0); - res = mbedtls_pkcs7_signed_hash_verify(&pkcs7, &x509_1, hash, sizeof(hash)); - TEST_EQUAL(res, res_expect); + for (i = 0; i < n_crts; i++) { + res = + mbedtls_pkcs7_signed_hash_verify(&pkcs7, crts[i], hash, + mbedtls_md_get_size(md_info)); + TEST_EQUAL(res, res_expect); + } } else { - res = mbedtls_pkcs7_signed_data_verify(&pkcs7, &x509_1, data, datalen); - TEST_EQUAL(res, res_expect); + for (i = 0; i < n_crts; i++) { + res = mbedtls_pkcs7_signed_data_verify(&pkcs7, crts[i], data, datalen); + TEST_EQUAL(res, res_expect); + } } - res = mbedtls_pkcs7_signed_data_verify(&pkcs7, &x509_2, data, datalen); - TEST_EQUAL(res, res_expect); - exit: - mbedtls_x509_crt_free(&x509_1); - mbedtls_x509_crt_free(&x509_2); + for (i = 0; i < n_crts; i++) { + mbedtls_x509_crt_free(crts[i]); + mbedtls_free(crts[i]); + mbedtls_free(crt_files_arr[i]); + } + mbedtls_free(hash); mbedtls_pkcs7_free(&pkcs7); + mbedtls_free(crt_files_arr); + mbedtls_free(crts); mbedtls_free(data); mbedtls_free(pkcs7_buf); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index a493325fd..f82dcb5e2 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -1,13 +1,13 @@ Parse RSA Key #1 (No password when required) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #2 (Correct password) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0 Parse RSA Key #3 (Wrong password) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_DES_C +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #4 (DES Encrypted) @@ -23,11 +23,11 @@ depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_ pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes128.pem":"testkey":0 Parse RSA Key #7 (AES-192 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes192.pem":"testkey":0 Parse RSA Key #8 (AES-256 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes256.pem":"testkey":0 Parse RSA Key #9 (2048-bit, DES Encrypted) @@ -43,11 +43,11 @@ depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_ pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes128.pem":"testkey":0 Parse RSA Key #12 (2048-bit, AES-192 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes192.pem":"testkey":0 Parse RSA Key #13 (2048-bit, AES-256 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes256.pem":"testkey":0 Parse RSA Key #14 (4096-bit, DES Encrypted) @@ -63,11 +63,11 @@ depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_ pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes128.pem":"testkey":0 Parse RSA Key #17 (4096-bit, AES-192 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes192.pem":"testkey":0 Parse RSA Key #18 (4096-bit, AES-256 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes256.pem":"testkey":0 Parse RSA Key #19 (PKCS#8 wrapped) @@ -75,819 +75,819 @@ depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0 Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTest":0 Parse RSA Key #20.1 (PKCS#8 encrypted SHA1-3DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #20.2 (PKCS#8 encrypted SHA1-3DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #21 (PKCS#8 encrypted SHA1-3DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTest":0 Parse RSA Key #21.1 (PKCS#8 encrypted SHA1-3DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #21.2 (PKCS#8 encrypted SHA1-3DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #22 (PKCS#8 encrypted SHA1-3DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTest":0 Parse RSA Key #22.1 (PKCS#8 encrypted SHA1-3DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #22.2 (PKCS#8 encrypted SHA1-3DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #23 (PKCS#8 encrypted SHA1-3DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.der":"PolarSSLTest":0 Parse RSA Key #24 (PKCS#8 encrypted SHA1-3DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.der":"PolarSSLTest":0 Parse RSA Key #25 (PKCS#8 encrypted SHA1-3DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.der":"PolarSSLTest":0 Parse RSA Key #26 (PKCS#8 encrypted SHA1-2DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSSLTest":0 Parse RSA Key #26.1 (PKCS#8 encrypted SHA1-2DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #26.2 (PKCS#8 encrypted SHA1-2DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #27 (PKCS#8 encrypted SHA1-2DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSSLTest":0 Parse RSA Key #27.1 (PKCS#8 encrypted SHA1-2DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #27.2 (PKCS#8 encrypted SHA1-2DES, 2048-bit no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #28 (PKCS#8 encrypted SHA1-2DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSSLTest":0 Parse RSA Key #28.1 (PKCS#8 encrypted SHA1-2DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #28.2 (PKCS#8 encrypted SHA1-2DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #29 (PKCS#8 encrypted SHA1-2DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.der":"PolarSSLTest":0 Parse RSA Key #30 (PKCS#8 encrypted SHA1-2DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.der":"PolarSSLTest":0 Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0 Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTest":0 Parse RSA Key #38.1 (PKCS#8 encrypted v2 PBKDF2 3DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #38.2 (PKCS#8 encrypted v2 PBKDF2 3DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #39 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"PolarSSLTest":0 Parse RSA Key #39.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #39.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #40 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"PolarSSLTest":0 Parse RSA Key #40.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #40.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #41 (PKCS#8 encrypted v2 PBKDF2 3DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"PolarSSLTest":0 Parse RSA Key #41.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #41.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #42 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"PolarSSLTest":0 Parse RSA Key #42.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #42.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #43 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"PolarSSLTest":0 Parse RSA Key #43.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #43.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #44 (PKCS#8 encrypted v2 PBKDF2 DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"PolarSSLTest":0 Parse RSA Key #44.1 (PKCS#8 encrypted v2 PBKDF2 DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #44.2 (PKCS#8 encrypted v2 PBKDF2 DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #45 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"PolarSSLTest":0 Parse RSA Key #45.1 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #45.2 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #46 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"PolarSSLTest":0 Parse RSA Key #46.1 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #46.2 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #47 (PKCS#8 encrypted v2 PBKDF2 DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"PolarSSLTest":0 Parse RSA Key #47.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #47.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #48 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"PolarSSLTest":0 Parse RSA Key #48.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #48.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #49 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"PolarSSLTest":0 Parse RSA Key #49.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #49.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #62.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #62.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #63 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #63.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #63.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #64 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #64.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #64.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #65 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTest":0 Parse RSA Key #65.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #65.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #66 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTest":0 Parse RSA Key #66.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #66.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #67 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTest":0 Parse RSA Key #68.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #68.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #69 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #69.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #69.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #70 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #70.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #70.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #71 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #71.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #71.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #72 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTest":0 Parse RSA Key #72.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #72.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #73 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTest":0 Parse RSA Key #73.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #73.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #74 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTest":0 Parse RSA Key #74.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #74.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #88.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #88.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #89 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #89.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #89.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #90 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #90.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #90.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #91 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTest":0 Parse RSA Key #91.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #91.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #92 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTest":0 Parse RSA Key #92.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #92.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #93 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTest":0 Parse RSA Key #93.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #93.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #94 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #94.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #94.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #95 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #95.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #95.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #96 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #96.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #96.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #97 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTest":0 Parse RSA Key #97.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #97.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #98 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTest":0 Parse RSA Key #98.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #98.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #99 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTest":0 Parse RSA Key #99.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse Public RSA Key #1 (PKCS#8 wrapped) @@ -905,117 +905,215 @@ Parse Public RSA Key #4 (PKCS#1 wrapped, DER) pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs1_2048_public.der":0 Parse Public EC Key #1 (RFC 5480, DER) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP192R1 pk_parse_public_keyfile_ec:"data_files/ec_pub.der":0 Parse Public EC Key #2 (RFC 5480, PEM) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP192R1 pk_parse_public_keyfile_ec:"data_files/ec_pub.pem":0 +Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_pub.comp.pem":0 + Parse Public EC Key #3 (RFC 5480, secp224r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP224R1 pk_parse_public_keyfile_ec:"data_files/ec_224_pub.pem":0 +# Compressed points parsing does not support MBEDTLS_ECP_DP_SECP224R1 and +# MBEDTLS_ECP_DP_SECP224K1. Therefore a failure is expected in this case +Parse Public EC Key #3a (RFC 5480, secp224r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP224R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_224_pub.comp.pem":MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE + Parse Public EC Key #4 (RFC 5480, secp256r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_public_keyfile_ec:"data_files/ec_256_pub.pem":0 +Parse Public EC Key #4a (RFC 5480, secp256r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_256_pub.comp.pem":0 + Parse Public EC Key #5 (RFC 5480, secp384r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP384R1 pk_parse_public_keyfile_ec:"data_files/ec_384_pub.pem":0 +Parse Public EC Key #5a (RFC 5480, secp384r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_384_pub.comp.pem":0 + Parse Public EC Key #6 (RFC 5480, secp521r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP521R1 pk_parse_public_keyfile_ec:"data_files/ec_521_pub.pem":0 +Parse Public EC Key #6a (RFC 5480, secp521r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_521_pub.comp.pem":0 + Parse Public EC Key #7 (RFC 5480, brainpoolP256r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_BP256R1 pk_parse_public_keyfile_ec:"data_files/ec_bp256_pub.pem":0 +Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_BP256R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_bp256_pub.comp.pem":0 + Parse Public EC Key #8 (RFC 5480, brainpoolP384r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_BP384R1 pk_parse_public_keyfile_ec:"data_files/ec_bp384_pub.pem":0 +Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_BP384R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_bp384_pub.comp.pem":0 + Parse Public EC Key #9 (RFC 5480, brainpoolP512r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_BP512R1 pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.pem":0 +Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.comp.pem":0 + +Parse Public EC Key #10 (RFC 8410, DER, X25519) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_public_keyfile_ec:"data_files/ec_x25519_pub.der":0 + +Parse Public EC Key #11 (RFC 8410, DER, X448) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_CURVE448 +pk_parse_public_keyfile_ec:"data_files/ec_x448_pub.der":0 + +Parse Public EC Key #12 (RFC 8410, PEM, X25519) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_public_keyfile_ec:"data_files/ec_x25519_pub.pem":0 + +Parse Public EC Key #13 (RFC 8410, PEM, X448) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_CURVE448 +pk_parse_public_keyfile_ec:"data_files/ec_x448_pub.pem":0 + Parse EC Key #1 (SEC1 DER) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0 Parse EC Key #2 (SEC1 PEM) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP192R1 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0 +Parse EC Key #2a (SEC1 PEM, secp192r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP192R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_prv.sec1.comp.pem":"NULL":0 + Parse EC Key #3 (SEC1 PEM encrypted) -depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pw.pem":"polar":0 Parse EC Key #4 (PKCS8 DER) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP192R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8.der":"NULL":0 Parse EC Key #4a (PKCS8 DER, no public key) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.der":"NULL":0 Parse EC Key #4b (PKCS8 DER, no public key, with parameters) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.der":"NULL":0 Parse EC Key #4c (PKCS8 DER, with parameters) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.der":"NULL":0 Parse EC Key #5 (PKCS8 PEM) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP192R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pem":"NULL":0 Parse EC Key #5a (PKCS8 PEM, no public key) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.pem":"NULL":0 Parse EC Key #5b (PKCS8 PEM, no public key, with parameters) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.pem":"NULL":0 Parse EC Key #5c (PKCS8 PEM, with parameters) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0 Parse EC Key #8 (SEC1 PEM, secp224r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP224R1 pk_parse_keyfile_ec:"data_files/ec_224_prv.pem":"NULL":0 +Parse EC Key #8a (SEC1 PEM, secp224r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP224R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_224_prv.comp.pem":"NULL":0 + Parse EC Key #9 (SEC1 PEM, secp256r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1 pk_parse_keyfile_ec:"data_files/ec_256_prv.pem":"NULL":0 +Parse EC Key #9a (SEC1 PEM, secp256r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP256R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_256_prv.comp.pem":"NULL":0 + Parse EC Key #10 (SEC1 PEM, secp384r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP384R1 pk_parse_keyfile_ec:"data_files/ec_384_prv.pem":"NULL":0 +Parse EC Key #10a (SEC1 PEM, secp384r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_384_prv.comp.pem":"NULL":0 + Parse EC Key #11 (SEC1 PEM, secp521r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP521R1 pk_parse_keyfile_ec:"data_files/ec_521_prv.pem":"NULL":0 +Parse EC Key #11a (SEC1 PEM, secp521r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SECP521R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_521_prv.comp.pem":"NULL":0 + Parse EC Key #12 (SEC1 PEM, bp256r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_BP256R1 pk_parse_keyfile_ec:"data_files/ec_bp256_prv.pem":"NULL":0 +Parse EC Key #12a (SEC1 PEM, bp256r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_BP256R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_bp256_prv.comp.pem":"NULL":0 + Parse EC Key #13 (SEC1 PEM, bp384r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_BP384R1 pk_parse_keyfile_ec:"data_files/ec_bp384_prv.pem":"NULL":0 +Parse EC Key #13a (SEC1 PEM, bp384r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_BP384R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_bp384_prv.comp.pem":"NULL":0 + Parse EC Key #14 (SEC1 PEM, bp512r1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_BP512R1 pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0 +Parse EC Key #14a (SEC1 PEM, bp512r1, compressed) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_BP512R1_ENABLED +pk_parse_keyfile_ec:"data_files/ec_bp512_prv.comp.pem":"NULL":0 + Parse EC Key #15 (SEC1 DER, secp256k1, SpecifiedECDomain) -depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED +depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0 +Parse EC Key #16 (RFC 8410, DER, X25519) +depends_on:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_keyfile_ec:"data_files/ec_x25519_prv.der":"NULL":0 + +Parse EC Key #17 (RFC 8410, DER, X448) +depends_on:MBEDTLS_ECP_HAVE_CURVE448 +pk_parse_keyfile_ec:"data_files/ec_x448_prv.der":"NULL":0 + +Parse EC Key #18 (RFC 8410, PEM, X25519) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_keyfile_ec:"data_files/ec_x25519_prv.pem":"NULL":0 + +Parse EC Key #19 (RFC 8410, PEM, X448) +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_CURVE448 +pk_parse_keyfile_ec:"data_files/ec_x448_prv.pem":"NULL":0 + Key ASN1 (No data) pk_parse_key:"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT @@ -1095,5 +1193,58 @@ depends_on:MBEDTLS_RSA_C pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (ECPrivateKey, empty parameters) -depends_on:MBEDTLS_ECP_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_parse_key:"30070201010400a000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (OneAsymmetricKey X25519, with invalid optional AlgorithIdentifier parameters) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_key:"3030020100300706032b656e050004220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (OneAsymmetricKey X25519, with NULL private key) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_key:"300e020100300506032b656e04020500":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (OneAsymmetricKey with invalid AlgorithIdentifier) +pk_parse_key:"3013020100300a06082b0601040181fd5904020500":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (OneAsymmetricKey X25519, with unsupported attributes) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_key:"304f020100300506032b656e04220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59a01f301d060a2a864886f70d01090914310f0c0d437572646c6520436861697273":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (OneAsymmetricKey X25519, unsupported version 2 with public key) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_key:"3051020101300506032b656e04220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a598121009bc3b0e93d8233fe6a8ba6138948cc12a91362d5c2ed81584db05ab5419c9d11":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (OneAsymmetricKey X25519, unsupported version 2 with public key and unsupported attributes) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_key:"3072020101300506032b656e04220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59a01f301d060a2a864886f70d01090914310f0c0d437572646c65204368616972738121009bc3b0e93d8233fe6a8ba6138948cc12a91362d5c2ed81584db05ab5419c9d11":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + +Key ASN1 (Encrypted key PKCS5, trailing garbage data) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS5_C +pk_parse_key_encrypted:"307C304006092A864886F70D01050D3033301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC3949100438AD100BAC552FD0AE70BECAFA60F5E519B6180C77E8DB0B9ECC6F23FEDD30AB9BDCA2AF9F97BC470FC3A82DCA2364E22642DE0AF9275A82CB":"AAAAAAAAAAAAAAAAAA":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +Key ASN1 (Encrypted key PKCS12, trailing garbage data) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS12_C +pk_parse_key_encrypted:"3058301C060A2A864886F70D010C0103300E0409CCCCCCCCCCCCCCCCCC02010A04380A8CAF39C4FA001884D0583B323C5E70942444FBE1F650B92F8ADF4AD7BD5049B4748F53A2531139EBF253FE01E8FC925C82C759C944B4D0":"AAAAAAAAAAAAAAAAAA":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +# From RFC8410 Appendix A but made into version 0 +OneAsymmetricKey X25519, doesn't match masking requirements #1 +depends_on:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_fix_montgomery:"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3f":"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f" + +# Full inverse of the expected x25519 pattern: +# - 3 LSb to 1 +# - 1st MSb to 1 +# - 2nd MSb to 0 +# Note: Montgomery keys are written in Little endian format. +OneAsymmetricKey X25519, doesn't match masking requirements #2 +depends_on:MBEDTLS_ECP_HAVE_CURVE25519 +pk_parse_fix_montgomery:"302e020100300506032b656e04220420ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbf":"302e020100300506032b656e04220420f8ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f" + +# Full inverse of the expected x448 pattern: +# - 2 LSb to 1 +# - MSb to 0 +# Note: Montgomery keys are written in Little endian format. +OneAsymmetricKey X448, doesn't match masking requirements #3 +depends_on:MBEDTLS_ECP_HAVE_CURVE448 +pk_parse_fix_montgomery:"3046020100300506032b656f043a0438ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f":"3046020100300506032b656f043a0438fcffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index ff19981e0..64a3175bc 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -2,11 +2,18 @@ #include "mbedtls/pk.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" -#include "mbedtls/legacy_or_psa.h" +#include "mbedtls/ecp.h" +#include "mbedtls/psa_util.h" +#include "pk_internal.h" + +#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C) +#define HAVE_mbedtls_pk_parse_key_pkcs8_encrypted_der +#endif + /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_BIGNUM_C + * depends_on:MBEDTLS_PK_PARSE_C * END_DEPENDENCIES */ @@ -17,8 +24,8 @@ void pk_parse_keyfile_rsa(char *key_file, char *password, int result) int res; char *pwd = password; - PSA_INIT_IF_NO_MD(); mbedtls_pk_init(&ctx); + MD_PSA_INIT(); if (strcmp(pwd, "NULL") == 0) { pwd = NULL; @@ -38,8 +45,9 @@ void pk_parse_keyfile_rsa(char *key_file, char *password, int result) exit: mbedtls_pk_free(&ctx); - PSA_DONE_IF_NO_MD(); + MD_PSA_DONE(); } + /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_FS_IO */ @@ -48,8 +56,8 @@ void pk_parse_public_keyfile_rsa(char *key_file, int result) mbedtls_pk_context ctx; int res; - PSA_INIT_IF_NO_MD(); mbedtls_pk_init(&ctx); + MD_PSA_INIT(); res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); @@ -64,41 +72,50 @@ void pk_parse_public_keyfile_rsa(char *key_file, int result) exit: mbedtls_pk_free(&ctx); - PSA_DONE_IF_NO_MD(); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_HAVE_ECC_KEYS */ void pk_parse_public_keyfile_ec(char *key_file, int result) { mbedtls_pk_context ctx; int res; mbedtls_pk_init(&ctx); + USE_PSA_INIT(); res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); TEST_ASSERT(res == result); if (res == 0) { - mbedtls_ecp_keypair *eckey; TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); - eckey = mbedtls_pk_ec(ctx); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + /* No need to check whether the parsed public point is on the curve or + * not because this is already done by the internal "pk_get_ecpubkey()" + * function */ +#else + const mbedtls_ecp_keypair *eckey; + eckey = mbedtls_pk_ec_ro(ctx); TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0); +#endif } exit: mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_ECP_C */ +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_HAVE_ECC_KEYS */ void pk_parse_keyfile_ec(char *key_file, char *password, int result) { mbedtls_pk_context ctx; int res; mbedtls_pk_init(&ctx); + USE_PSA_INIT(); res = mbedtls_pk_parse_keyfile(&ctx, key_file, password, mbedtls_test_rnd_std_rand, NULL); @@ -106,14 +123,18 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) TEST_ASSERT(res == result); if (res == 0) { - mbedtls_ecp_keypair *eckey; TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); - eckey = mbedtls_pk_ec(ctx); +#if defined(MBEDTLS_ECP_C) + const mbedtls_ecp_keypair *eckey = mbedtls_pk_ec_ro(ctx); TEST_ASSERT(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d) == 0); +#else + /* PSA keys are already checked on import so nothing to do here. */ +#endif } exit: mbedtls_pk_free(&ctx); + USE_PSA_DONE(); } /* END_CASE */ @@ -123,11 +144,67 @@ void pk_parse_key(data_t *buf, int result) mbedtls_pk_context pk; mbedtls_pk_init(&pk); + USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_parse_key(&pk, buf->x, buf->len, NULL, 0, mbedtls_test_rnd_std_rand, NULL) == result); exit: mbedtls_pk_free(&pk); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:HAVE_mbedtls_pk_parse_key_pkcs8_encrypted_der */ +void pk_parse_key_encrypted(data_t *buf, data_t *pass, int result) +{ + mbedtls_pk_context pk; + + mbedtls_pk_init(&pk); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_pk_parse_key_pkcs8_encrypted_der(&pk, buf->x, buf->len, + pass->x, pass->len, + mbedtls_test_rnd_std_rand, + NULL), result); +exit: + mbedtls_pk_free(&pk); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_WRITE_C */ +void pk_parse_fix_montgomery(data_t *input_key, data_t *exp_output) +{ + /* Montgomery keys have specific bits set to either 0 or 1 depending on + * their position. This is enforced during parsing (please see the implementation + * of mbedtls_ecp_read_key() for more details). The scope of this function + * is to verify this enforcing by feeding the parse algorithm with a x25519 + * key which does not have those bits set properly. */ + mbedtls_pk_context pk; + unsigned char *output_key = NULL; + size_t output_key_len = 0; + + mbedtls_pk_init(&pk); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_pk_parse_key(&pk, input_key->x, input_key->len, NULL, 0, + mbedtls_test_rnd_std_rand, NULL), 0); + + output_key_len = input_key->len; + TEST_CALLOC(output_key, output_key_len); + /* output_key_len is updated with the real amount of data written to + * output_key buffer. */ + output_key_len = mbedtls_pk_write_key_der(&pk, output_key, output_key_len); + TEST_ASSERT(output_key_len > 0); + + TEST_MEMORY_COMPARE(exp_output->x, exp_output->len, output_key, output_key_len); + +exit: + if (output_key != NULL) { + mbedtls_free(output_key); + } + mbedtls_pk_free(&pk); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_pkwrite.data b/tests/suites/test_suite_pkwrite.data index e0101ccdf..d58226e52 100644 --- a/tests/suites/test_suite_pkwrite.data +++ b/tests/suites/test_suite_pkwrite.data @@ -1,47 +1,155 @@ Public key write check RSA -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_pubkey_check:"data_files/server1.pubkey" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_pubkey_check:"data_files/server1.pubkey":TEST_PEM + +Public key write check RSA (DER) +depends_on:MBEDTLS_RSA_C +pk_write_pubkey_check:"data_files/server1.pubkey.der":TEST_DER Public key write check RSA 4096 -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_pubkey_check:"data_files/rsa4096_pub.pem" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_pubkey_check:"data_files/rsa4096_pub.pem":TEST_PEM + +Public key write check RSA 4096 (DER) +depends_on:MBEDTLS_RSA_C +pk_write_pubkey_check:"data_files/rsa4096_pub.der":TEST_DER Public key write check EC 192 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_write_pubkey_check:"data_files/ec_pub.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_SECP192R1 +pk_write_pubkey_check:"data_files/ec_pub.pem":TEST_PEM + +Public key write check EC 192 bits (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 +pk_write_pubkey_check:"data_files/ec_pub.der":TEST_DER Public key write check EC 521 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_write_pubkey_check:"data_files/ec_521_pub.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_pubkey_check:"data_files/ec_521_pub.pem":TEST_PEM + +Public key write check EC 521 bits (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_pubkey_check:"data_files/ec_521_pub.der":TEST_DER Public key write check EC Brainpool 512 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -pk_write_pubkey_check:"data_files/ec_bp512_pub.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_BP512R1 +pk_write_pubkey_check:"data_files/ec_bp512_pub.pem":TEST_PEM + +Public key write check EC Brainpool 512 bits (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_BP512R1 +pk_write_pubkey_check:"data_files/ec_bp512_pub.der":TEST_DER + +Public key write check EC X25519 +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_CURVE25519 +pk_write_pubkey_check:"data_files/ec_x25519_pub.pem":TEST_PEM + +Public key write check EC X25519 (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_write_pubkey_check:"data_files/ec_x25519_pub.der":TEST_DER + +Public key write check EC X448 +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_CURVE448 +pk_write_pubkey_check:"data_files/ec_x448_pub.pem":TEST_PEM + +Public key write check EC X448 (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE448 +pk_write_pubkey_check:"data_files/ec_x448_pub.der":TEST_DER Private key write check RSA -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_key_check:"data_files/server1.key" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_key_check:"data_files/server1.key":TEST_PEM + +Private key write check RSA (DER) +depends_on:MBEDTLS_RSA_C +pk_write_key_check:"data_files/server1.key.der":TEST_DER Private key write check RSA 4096 -depends_on:MBEDTLS_RSA_C:MBEDTLS_BASE64_C -pk_write_key_check:"data_files/rsa4096_prv.pem" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C +pk_write_key_check:"data_files/rsa4096_prv.pem":TEST_PEM + +Private key write check RSA 4096 (DER) +depends_on:MBEDTLS_RSA_C +pk_write_key_check:"data_files/rsa4096_prv.der":TEST_DER Private key write check EC 192 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED -pk_write_key_check:"data_files/ec_prv.sec1.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_SECP192R1 +pk_write_key_check:"data_files/ec_prv.sec1.pem":TEST_PEM + +Private key write check EC 192 bits (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 +pk_write_key_check:"data_files/ec_prv.sec1.der":TEST_DER Private key write check EC 256 bits (top bit set) -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED -pk_write_key_check:"data_files/ec_256_long_prv.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_SECP256R1 +pk_write_key_check:"data_files/ec_256_long_prv.pem":TEST_PEM + +Private key write check EC 256 bits (top bit set) (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP256R1 +pk_write_key_check:"data_files/ec_256_long_prv.der":TEST_DER Private key write check EC 521 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_write_key_check:"data_files/ec_521_prv.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_key_check:"data_files/ec_521_prv.pem":TEST_PEM + +Private key write check EC 521 bits (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_key_check:"data_files/ec_521_prv.der":TEST_DER Private key write check EC 521 bits (top byte is 0) -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED -pk_write_key_check:"data_files/ec_521_short_prv.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_key_check:"data_files/ec_521_short_prv.pem":TEST_PEM + +Private key write check EC 521 bits (top byte is 0) (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_key_check:"data_files/ec_521_short_prv.der":TEST_DER Private key write check EC Brainpool 512 bits -depends_on:MBEDTLS_ECP_C:MBEDTLS_BASE64_C:MBEDTLS_ECP_DP_BP512R1_ENABLED -pk_write_key_check:"data_files/ec_bp512_prv.pem" +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_BP512R1 +pk_write_key_check:"data_files/ec_bp512_prv.pem":TEST_PEM + +Private key write check EC Brainpool 512 bits (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_BP512R1 +pk_write_key_check:"data_files/ec_bp512_prv.der":TEST_DER + +Private key write check EC X25519 +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_CURVE25519 +pk_write_key_check:"data_files/ec_x25519_prv.pem":TEST_PEM + +Private key write check EC X25519 (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_write_key_check:"data_files/ec_x25519_prv.der":TEST_DER + +Private key write check EC X448 +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PEM_PARSE_C:MBEDTLS_PEM_WRITE_C:MBEDTLS_ECP_HAVE_CURVE448 +pk_write_key_check:"data_files/ec_x448_prv.pem":TEST_PEM + +Private key write check EC X448 (DER) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE448 +pk_write_key_check:"data_files/ec_x448_prv.der":TEST_DER + +Derive public key RSA +depends_on:MBEDTLS_RSA_C +pk_write_public_from_private:"data_files/server1.key.der":"data_files/server1.pubkey.der" + +Derive public key RSA 4096 +depends_on:MBEDTLS_RSA_C +pk_write_public_from_private:"data_files/rsa4096_prv.der":"data_files/rsa4096_pub.der" + +Derive public key EC 192 bits +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP192R1 +pk_write_public_from_private:"data_files/ec_prv.sec1.der":"data_files/ec_pub.der" + +Derive public key EC 521 bits +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP521R1 +pk_write_public_from_private:"data_files/ec_521_prv.der":"data_files/ec_521_pub.der" + +Derive public key EC Brainpool 512 bits +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_BP512R1 +pk_write_public_from_private:"data_files/ec_bp512_prv.der":"data_files/ec_bp512_pub.der" + +Derive public key EC X25519 +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 +pk_write_public_from_private:"data_files/ec_x25519_prv.der":"data_files/ec_x25519_pub.der" + +Derive public key EC X448 +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE448 +pk_write_public_from_private:"data_files/ec_x448_prv.der":"data_files/ec_x448_pub.der" diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 7e8a32d34..730bb881b 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -2,88 +2,218 @@ #include "mbedtls/pk.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" +#include "psa/crypto_sizes.h" + +typedef enum { + TEST_PEM, + TEST_DER +} pkwrite_file_format_t; + +/* Helper function for removing "\r" chars from a buffer. */ +static void fix_new_lines(unsigned char *in_str, size_t *len) +{ + size_t chars_left; + unsigned int i; + + for (i = 0; (i < *len) && (*len > 0); i++) { + if (in_str[i] == '\r') { + if (i < (*len - 1)) { + chars_left = *len - i - 1; + memmove(&in_str[i], &in_str[i+1], chars_left); + } else { + in_str[i] = '\0'; + } + *len = *len - 1; + } + } +} + +static int pk_write_any_key(mbedtls_pk_context *pk, unsigned char **p, + size_t *buf_len, int is_public_key, int is_der) +{ + int ret = 0; + + if (is_der) { + if (is_public_key) { + ret = mbedtls_pk_write_pubkey_der(pk, *p, *buf_len); + } else { + ret = mbedtls_pk_write_key_der(pk, *p, *buf_len); + } + if (ret <= 0) { + return ret; + } + + *p = *p + *buf_len - ret; + *buf_len = ret; + } else { +#if defined(MBEDTLS_PEM_WRITE_C) + if (is_public_key) { + ret = mbedtls_pk_write_pubkey_pem(pk, *p, *buf_len); + } else { + ret = mbedtls_pk_write_key_pem(pk, *p, *buf_len); + } + if (ret != 0) { + return ret; + } + + *buf_len = strlen((char *) *p) + 1; /* +1 takes the string terminator into account */ +#else + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif + } + + return 0; +} + +static void pk_write_check_common(char *key_file, int is_public_key, int is_der) +{ + mbedtls_pk_context key; + unsigned char *buf = NULL; + unsigned char *check_buf = NULL; + unsigned char *start_buf; + size_t buf_len, check_buf_len; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t opaque_id = MBEDTLS_SVC_KEY_ID_INIT; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + USE_PSA_INIT(); + + mbedtls_pk_init(&key); + USE_PSA_INIT(); + + /* Note: if mbedtls_pk_load_file() successfully reads the file, then + it also allocates check_buf, which should be freed on exit */ + TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0); + TEST_ASSERT(check_buf_len > 0); + + /* Windows' line ending is different from the Linux's one ("\r\n" vs "\n"). + * Git treats PEM files as text, so when on Windows, it replaces new lines + * with "\r\n" on checkout. + * Unfortunately mbedtls_pk_load_file() loads files in binary format, + * while mbedtls_pk_write_pubkey_pem() goes through the I/O layer which + * uses "\n" for newlines in both Windows and Linux. + * Here we remove the extra "\r" so that "buf" and "check_buf" can be + * easily compared later. */ + if (!is_der) { + fix_new_lines(check_buf, &check_buf_len); + } + TEST_ASSERT(check_buf_len > 0); + + TEST_CALLOC(buf, check_buf_len); + + if (is_public_key) { + TEST_EQUAL(mbedtls_pk_parse_public_keyfile(&key, key_file), 0); + } else { + TEST_EQUAL(mbedtls_pk_parse_keyfile(&key, key_file, NULL, + mbedtls_test_rnd_std_rand, NULL), 0); + } + + start_buf = buf; + buf_len = check_buf_len; + TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key, + is_der), 0); + + TEST_MEMORY_COMPARE(start_buf, buf_len, check_buf, check_buf_len); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + /* Verify that pk_write works also for opaque private keys */ + if (!is_public_key) { + memset(buf, 0, check_buf_len); + TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&key, &opaque_id, + PSA_ALG_NONE, + PSA_KEY_USAGE_EXPORT, + PSA_ALG_NONE), 0); + start_buf = buf; + buf_len = check_buf_len; + TEST_EQUAL(pk_write_any_key(&key, &start_buf, &buf_len, is_public_key, + is_der), 0); + + TEST_MEMORY_COMPARE(start_buf, buf_len, check_buf, check_buf_len); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key(opaque_id); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_free(buf); + mbedtls_free(check_buf); + mbedtls_pk_free(&key); + USE_PSA_DONE(); +} /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO + * depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_FS_IO * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void pk_write_pubkey_check(char *key_file) +/* BEGIN_CASE */ +void pk_write_pubkey_check(char *key_file, int is_der) { - mbedtls_pk_context key; - unsigned char buf[5000]; - unsigned char check_buf[5000]; - int ret; - FILE *f; - size_t ilen, pem_len, buf_index; - - memset(buf, 0, sizeof(buf)); - memset(check_buf, 0, sizeof(check_buf)); - - mbedtls_pk_init(&key); - TEST_ASSERT(mbedtls_pk_parse_public_keyfile(&key, key_file) == 0); - - ret = mbedtls_pk_write_pubkey_pem(&key, buf, sizeof(buf)); - TEST_ASSERT(ret == 0); - - pem_len = strlen((char *) buf); - - // check that the rest of the buffer remains clear - for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { - TEST_ASSERT(buf[buf_index] == 0); - } - - f = fopen(key_file, "r"); - TEST_ASSERT(f != NULL); - ilen = fread(check_buf, 1, sizeof(check_buf), f); - fclose(f); - - TEST_ASSERT(ilen == pem_len); - TEST_ASSERT(memcmp((char *) buf, (char *) check_buf, ilen) == 0); - -exit: - mbedtls_pk_free(&key); + pk_write_check_common(key_file, 1, is_der); + goto exit; /* make the compiler happy */ } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C */ -void pk_write_key_check(char *key_file) +/* BEGIN_CASE */ +void pk_write_key_check(char *key_file, int is_der) { - mbedtls_pk_context key; - unsigned char buf[5000]; - unsigned char check_buf[5000]; - int ret; - FILE *f; - size_t ilen, pem_len, buf_index; - - memset(buf, 0, sizeof(buf)); - memset(check_buf, 0, sizeof(check_buf)); - - mbedtls_pk_init(&key); - TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, - mbedtls_test_rnd_std_rand, NULL) == 0); - - ret = mbedtls_pk_write_key_pem(&key, buf, sizeof(buf)); - TEST_ASSERT(ret == 0); - - pem_len = strlen((char *) buf); - - // check that the rest of the buffer remains clear - for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { - TEST_ASSERT(buf[buf_index] == 0); - } - - f = fopen(key_file, "r"); - TEST_ASSERT(f != NULL); - ilen = fread(check_buf, 1, sizeof(check_buf), f); - fclose(f); - - TEST_ASSERT(ilen == strlen((char *) buf)); - TEST_ASSERT(memcmp((char *) buf, (char *) check_buf, ilen) == 0); - -exit: - mbedtls_pk_free(&key); + pk_write_check_common(key_file, 0, is_der); + goto exit; /* make the compiler happy */ +} +/* END_CASE */ + +/* BEGIN_CASE */ +void pk_write_public_from_private(char *priv_key_file, char *pub_key_file) +{ + mbedtls_pk_context priv_key; + uint8_t *derived_key_raw = NULL; + size_t derived_key_len = 0; + uint8_t *pub_key_raw = NULL; + size_t pub_key_len = 0; +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_svc_key_id_t opaque_key_id = MBEDTLS_SVC_KEY_ID_INIT; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + mbedtls_pk_init(&priv_key); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_pk_parse_keyfile(&priv_key, priv_key_file, NULL, + mbedtls_test_rnd_std_rand, NULL), 0); + TEST_EQUAL(mbedtls_pk_load_file(pub_key_file, &pub_key_raw, + &pub_key_len), 0); + + derived_key_len = pub_key_len; + TEST_CALLOC(derived_key_raw, derived_key_len); + + TEST_EQUAL(mbedtls_pk_write_pubkey_der(&priv_key, derived_key_raw, + derived_key_len), pub_key_len); + + TEST_MEMORY_COMPARE(derived_key_raw, derived_key_len, + pub_key_raw, pub_key_len); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + mbedtls_platform_zeroize(derived_key_raw, derived_key_len); + + TEST_EQUAL(mbedtls_pk_wrap_as_opaque(&priv_key, &opaque_key_id, + PSA_ALG_NONE, PSA_KEY_USAGE_EXPORT, + PSA_ALG_NONE), 0); + + TEST_EQUAL(mbedtls_pk_write_pubkey_der(&priv_key, derived_key_raw, + derived_key_len), pub_key_len); + + TEST_MEMORY_COMPARE(derived_key_raw, derived_key_len, + pub_key_raw, pub_key_len); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +exit: +#if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_destroy_key(opaque_key_id); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_free(derived_key_raw); + mbedtls_free(pub_key_raw); + mbedtls_pk_free(&priv_key); + USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data new file mode 100644 index 000000000..4d5745076 --- /dev/null +++ b/tests/suites/test_suite_platform.data @@ -0,0 +1,9 @@ + +Time: get milliseconds +time_get_milliseconds: + +Time: get seconds +time_get_seconds: + +Check mbedtls_calloc overallocation +check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2 diff --git a/tests/suites/test_suite_platform.function b/tests/suites/test_suite_platform.function new file mode 100644 index 000000000..c65d011f0 --- /dev/null +++ b/tests/suites/test_suite_platform.function @@ -0,0 +1,136 @@ +/* BEGIN_HEADER */ + +/* This test module exercises the platform_* module. Since, depending on the + * underlying operating system, the time routines are not always reliable, + * this suite only performs very basic sanity checks of the timing API. + */ + +#include + +#if defined(MBEDTLS_HAVE_TIME) +#include "mbedtls/platform_time.h" + +#if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \ + defined(__MINGW32__) || defined(_WIN64) +#include +#elif _POSIX_C_SOURCE >= 199309L +#include +#else +#include +#endif +void sleep_ms(int milliseconds) +{ +#if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \ + defined(__MINGW32__) || defined(_WIN64) + Sleep(milliseconds); +#elif _POSIX_C_SOURCE >= 199309L + struct timespec ts; + ts.tv_sec = milliseconds / 1000; + ts.tv_nsec = (milliseconds % 1000) * 1000000; + nanosleep(&ts, NULL); +#else + usleep(milliseconds * 1000); +#endif +} +#endif + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES */ + +/* END_DEPENDENCIES */ + +/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */ +void time_get_milliseconds() +{ + mbedtls_ms_time_t current = mbedtls_ms_time(); + (void) current; + /* This goto is added to avoid warnings from the generated code. */ + goto exit; +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */ +void time_get_seconds() +{ + mbedtls_time_t current = mbedtls_time(NULL); + (void) current; + /* This goto is added to avoid warnings from the generated code. */ + goto exit; +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */ +void time_delay_milliseconds(int delay_ms) +{ + mbedtls_ms_time_t current = mbedtls_ms_time(); + mbedtls_ms_time_t elapsed_ms; + + /* + * WARNING: DO NOT ENABLE THIS TEST. We keep the code here to document the + * reason. + * + * Windows CI reports random test fail on platform-suite. It might + * be caused by this case. + */ + sleep_ms(delay_ms); + + elapsed_ms = mbedtls_ms_time() - current; + TEST_ASSERT(elapsed_ms >= delay_ms && elapsed_ms < 4000 + delay_ms); + /* This goto is added to avoid warnings from the generated code. */ + goto exit; +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */ + +/* + * WARNING: DO NOT ENABLE THIS TEST. We keep the code here to document the + * reason. + * + * The test often failed on the CI. See #1517. CI failures cannot be + * completely avoided due to out-of-sync clock sources. + */ +void time_delay_seconds(int delay_secs) +{ + mbedtls_time_t current = mbedtls_time(NULL); + mbedtls_time_t elapsed_secs; + + sleep_ms(delay_secs * 1000); + + elapsed_secs = mbedtls_time(NULL) - current; + + /* + * `mbedtls_time()` was defined as c99 function `time()`, returns the number + * of seconds since the Epoch. And it is affected by discontinuous changes + * from automatic drift adjustment or time setting system call. The POSIX.1 + * specification for clock_settime says that discontinuous changes in + * CLOCK_REALTIME should not affect `nanosleep()`. + * + * If discontinuous changes occur during `nanosleep()`, we will get + * `elapsed_secs < delay_secs` for backward or `elapsed_secs > delay_secs` + * for forward. + * + * The following tolerance windows cannot be guaranteed. + * PLEASE DO NOT ENABLE IT IN CI TEST. + */ + TEST_ASSERT(elapsed_secs - delay_secs >= -1 && + elapsed_secs - delay_secs < 4); + /* This goto is added to avoid warnings from the generated code. */ + goto exit; +} +/* END_CASE */ + +/* BEGIN_CASE */ +void check_mbedtls_calloc_overallocation(intmax_t num, intmax_t size) +{ + unsigned char *buf; + buf = mbedtls_calloc((size_t) num, (size_t) size); + /* Dummy usage of the pointer to prevent optimizing it */ + mbedtls_printf("calloc pointer : %p\n", buf); + TEST_ASSERT(buf == NULL); + +exit: + mbedtls_free(buf); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_platform_printf.data b/tests/suites/test_suite_platform_printf.data new file mode 100644 index 000000000..891771b91 --- /dev/null +++ b/tests/suites/test_suite_platform_printf.data @@ -0,0 +1,114 @@ +# The test cases for printf and integers have two purposes: they exercise +# the printf function family, and they exercise the passing of integers +# and strings through the test framework. + +printf "%d", 0 +printf_int:"%d":0:"0" + +printf "%d", -0 +printf_int:"%d":-0:"0" + +printf "%d", 0x0 +printf_int:"%d":0x0:"0" + +printf "%d", 0x00 +printf_int:"%d":0x00:"0" + +printf "%d", 0x000000000000000000000000000000000000000000 +printf_int:"%d":0x000000000000000000000000000000000000000000:"0" + +printf "%d", -0x0 +printf_int:"%d":-0x0:"0" + +printf "%d", 1 +printf_int:"%d":1:"1" + +printf "%d", 0x1 +printf_int:"%d":0x1:"1" + +printf "%d", 0x0000000000000000000000000000000000000000001 +printf_int:"%d":0x0000000000000000000000000000000000000000001:"1" + +printf "%d", -1 +printf_int:"%d":-1:"-1" + +printf "%d", -0x1 +printf_int:"%d":-0x1:"-1" + +printf "%d", -0x0000000000000000000000000000000000000000001 +printf_int:"%d":-0x0000000000000000000000000000000000000000001:"-1" + +printf "%d", 2147483647 +printf_int:"%d":2147483647:"2147483647" + +printf "%d", 0x7fffffff +printf_int:"%d":0x7fffffff:"2147483647" + +printf "%d", -2147483647 +printf_int:"%d":-2147483647:"-2147483647" + +printf "%d", -0x7fffffff +printf_int:"%d":-0x7fffffff:"-2147483647" + +printf "%d", -2147483648 +printf_int:"%d":-2147483648:"-2147483648" + +printf "%d", -0x80000000 +printf_int:"%d":-0x80000000:"-2147483648" + +# Test that LONG_MAX is coming out untruncated through the test framework. +printf "%lx", LONG_MAX +printf_long_max:"%lx":LONG_MAX + +# The next few test cases exercise how the test framework handles special +# characters in strings. +printf "%c%c", SPACE, SPACE +printf_char2:"%c%c":SPACE_CHAR:SPACE_CHAR:" " + +printf "%c%c", NEWLINE, SPACE +printf_char2:"%c%c":NEWLINE_CHAR:SPACE_CHAR:"\n " + +printf "%c%c", DOUBLE QUOTE, SPACE +printf_char2:"%c%c":DOUBLE_QUOTE_CHAR:SPACE_CHAR:"\" " + +printf "%c%c", COLON, SPACE +printf_char2:"%c%c":COLON_CHAR:SPACE_CHAR:"\: " + +printf "%c%c", QUESTION, SPACE +printf_char2:"%c%c":QUESTION_CHAR:SPACE_CHAR:"? " + +printf "%c%c", BACKSLASH, SPACE +printf_char2:"%c%c":BACKSLASH_CHAR:SPACE_CHAR:"\\ " + +printf "%c%c", SPACE, BACKSLASH +printf_char2:"%c%c":SPACE_CHAR:BACKSLASH_CHAR:" \\" + +printf "%c%c", COLON, COLON +printf_char2:"%c%c":COLON_CHAR:COLON_CHAR:"\:\:" + +printf "%c%c", COLON, NEWLINE +printf_char2:"%c%c":COLON_CHAR:NEWLINE_CHAR:"\:\n" + +printf "%c%c", QUESTION, QUESTION +printf_char2:"%c%c":QUESTION_CHAR:QUESTION_CHAR:"??" + +printf "%c%c", QUESTION, NEWLINE +printf_char2:"%c%c":QUESTION_CHAR:NEWLINE_CHAR:"?\n" + +printf "%c%c", BACKSLASH, NEWLINE +printf_char2:"%c%c":BACKSLASH_CHAR:NEWLINE_CHAR:"\\\n" + +printf "%c%c", BACKSLASH, DOUBLE QUOTE +printf_char2:"%c%c":BACKSLASH_CHAR:DOUBLE_QUOTE_CHAR:"\\\"" + +printf "%c%c", BACKSLASH, COLON +printf_char2:"%c%c":BACKSLASH_CHAR:COLON_CHAR:"\\\:" + +printf "%c%c", BACKSLASH, QUESTION +printf_char2:"%c%c":BACKSLASH_CHAR:QUESTION_CHAR:"\\?" + +printf "%c%c", BACKSLASH, BACKSLASH +printf_char2:"%c%c":BACKSLASH_CHAR:BACKSLASH_CHAR:"\\\\" + +printf "%c%c", BACKSLASH, n +printf_char2:"%c%c":BACKSLASH_CHAR:LOWERCASE_N_CHAR:"\\n" diff --git a/tests/suites/test_suite_platform_printf.function b/tests/suites/test_suite_platform_printf.function new file mode 100644 index 000000000..643accf1f --- /dev/null +++ b/tests/suites/test_suite_platform_printf.function @@ -0,0 +1,89 @@ +/* BEGIN_HEADER */ + +/* The printf test functions take a format argument from the test data + * for several reasons: + * - For some tests, it makes sense to vary the format. + * - For all tests, it means we're testing the actual printf function + * that parses the format at runtime, and not a compiler optimization. + * (It may be useful to add tests that allow compiler optimizations. + * There aren't any yet at the time of writing.) + */ + +#include "mbedtls/platform.h" + +#include +#include +#include + +#define NEWLINE_CHAR '\n' +#define SPACE_CHAR ' ' +#define DOUBLE_QUOTE_CHAR '"' +#define COLON_CHAR ':' +#define QUESTION_CHAR '?' +#define BACKSLASH_CHAR '\\' +#define LOWERCASE_N_CHAR 'n' +/* END_HEADER */ + +/* BEGIN_CASE */ +void printf_int(char *format, /* any format expecting one int argument, e.g. "%d" */ + int x, char *result) +{ + char *output = NULL; + const size_t n = strlen(result); + + /* Nominal case: buffer just large enough */ + TEST_CALLOC(output, n + 1); + TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, x)); + TEST_MEMORY_COMPARE(result, n + 1, output, n + 1); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void printf_long_max(const char *format, /* "%lx" or longer type */ + long value) +{ + char *expected = NULL; + char *output = NULL; + /* 2 hex digits per byte */ + const size_t n = sizeof(value) * 2; + + /* We assume that long has no padding bits! */ + TEST_CALLOC(expected, n + 1); + expected[0] = '7'; + memset(expected + 1, 'f', sizeof(value) * 2 - 1); + + TEST_CALLOC(output, n + 1); + TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, value)); + TEST_MEMORY_COMPARE(expected, n + 1, output, n + 1); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); + mbedtls_free(expected); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void printf_char2(char *format, /* "%c%c" */ + int arg1, int arg2, char *result) +{ + char *output = NULL; + const size_t n = strlen(result); + + /* Nominal case: buffer just large enough */ + TEST_CALLOC(output, n + 1); + TEST_EQUAL(n, mbedtls_snprintf(output, n + 1, format, arg1, arg2)); + TEST_MEMORY_COMPARE(result, n + 1, output, n + 1); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_platform_util.data b/tests/suites/test_suite_platform_util.data new file mode 100644 index 000000000..b820293b9 --- /dev/null +++ b/tests/suites/test_suite_platform_util.data @@ -0,0 +1,47 @@ +Zeroize len 0, null +mbedtls_platform_zeroize:0:1 + +Zeroize len 0, non-null +mbedtls_platform_zeroize:0:0 + +Zeroize len 1 +mbedtls_platform_zeroize:1:0 + +Zeroize len 4 +mbedtls_platform_zeroize:1:0 + +Zeroize len 5 +mbedtls_platform_zeroize:1:0 + +Zeroize len 32 +mbedtls_platform_zeroize:32:0 + +Zeroize len 127 +mbedtls_platform_zeroize:127:0 + +Zeroize len 128 +mbedtls_platform_zeroize:128:0 + +Zeroize uninitialised 1 0 +mbedtls_platform_zeroize_uninitialised:1:0 + +Zeroize uninitialised 16 0 +mbedtls_platform_zeroize_uninitialised:16:0 + +Zeroize uninitialised 16 1 +mbedtls_platform_zeroize_uninitialised:16:1 + +Zeroize uninitialised 16 10 +mbedtls_platform_zeroize_uninitialised:16:10 + +Zeroize uninitialised 16 15 +mbedtls_platform_zeroize_uninitialised:16:15 + +Zeroize uninitialised 128 0 +mbedtls_platform_zeroize_uninitialised:128:0 + +Zeroize uninitialised 128 64 +mbedtls_platform_zeroize_uninitialised:128:64 + +Zeroize uninitialised 128 127 +mbedtls_platform_zeroize_uninitialised:128:127 diff --git a/tests/suites/test_suite_platform_util.function b/tests/suites/test_suite_platform_util.function new file mode 100644 index 000000000..a4c11433a --- /dev/null +++ b/tests/suites/test_suite_platform_util.function @@ -0,0 +1,61 @@ +/* BEGIN_HEADER */ +#include "mbedtls/platform_util.h" +/* END_HEADER */ + +/* BEGIN_CASE */ +void mbedtls_platform_zeroize(int len, int null) +{ + char buf[130]; + char *p = NULL; + + TEST_ASSERT(len <= 128); + + /* Write sentinel values */ + buf[0] = 2; + buf[len + 1] = 2; + + /* Write non-zero content */ + if (!null) { + p = &buf[1]; + for (int i = 0; i < len; i++) { + p[i] = 1; + } + } + + /* Check content is non-zero */ + TEST_EQUAL(buf[0], 2); + for (int i = 0; i < len; i++) { + TEST_ASSERT(p[i] == 1); + } + TEST_EQUAL(buf[len + 1], 2); + + mbedtls_platform_zeroize(p, len); + + /* Check content is zero and sentinels un-changed */ + TEST_EQUAL(buf[0], 2); + for (int i = 0; i < len; i++) { + TEST_ASSERT(p[i] == 0); + } + TEST_EQUAL(buf[len + 1], 2); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void mbedtls_platform_zeroize_uninitialised(int len, int p) +{ + /* + * As per #7301: on some platforms, including modern Linux, Clang with Msan + * does not recognize that explicit_bzero() writes well-defined content to + * its output buffer. For us, this causes CMAC operations to fail in Msan + * builds when mbedtls_platform_zeroize() is implemented over + * explicit_bzero(). + * + * This test ensures we have a simple/obvious MSan test rather than + * spurious errors in crypto code that are hard to track down. + */ + char buf[128]; + mbedtls_platform_zeroize(buf, len); + + TEST_EQUAL(buf[p], 0); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_poly1305.function b/tests/suites/test_suite_poly1305.function index fffa89f6f..dbf817e91 100644 --- a/tests/suites/test_suite_poly1305.function +++ b/tests/suites/test_suite_poly1305.function @@ -22,8 +22,8 @@ void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str) TEST_ASSERT(mbedtls_poly1305_mac(key->x, src_str->x, src_str->len, mac) == 0); - ASSERT_COMPARE(mac, expected_mac->len, - expected_mac->x, expected_mac->len); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); /* * Test the streaming API @@ -36,8 +36,8 @@ void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str) TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE(mac, expected_mac->len, - expected_mac->x, expected_mac->len); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); /* * Test the streaming API again, piecewise @@ -53,8 +53,8 @@ void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str) TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE(mac, expected_mac->len, - expected_mac->x, expected_mac->len); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); } /* @@ -69,8 +69,8 @@ void mbedtls_poly1305(data_t *key, data_t *expected_mac, data_t *src_str) TEST_ASSERT(mbedtls_poly1305_finish(&ctx, mac) == 0); - ASSERT_COMPARE(mac, expected_mac->len, - expected_mac->x, expected_mac->len); + TEST_MEMORY_COMPARE(mac, expected_mac->len, + expected_mac->x, expected_mac->len); } mbedtls_poly1305_free(&ctx); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 9ced77c2b..7b1974865 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1,3 +1,6 @@ +PSA can_do_hash +psa_can_do_hash: + PSA compile-time sanity checks static_checks: @@ -15,11 +18,11 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:128:0:PSA_SUCCESS:1 PSA import/export AES-192 -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:192:0:PSA_SUCCESS:1 PSA import/export AES-256 -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:256:0:PSA_SUCCESS:1 PSA import/export raw: 1 bytes, opaque @@ -39,11 +42,11 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):128:0:PSA_SUCCESS:1 PSA import/export AES-192, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):192:0:PSA_SUCCESS:1 PSA import/export AES-256, opaque -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import: bad usage flag @@ -54,299 +57,299 @@ depends_on:PSA_WANT_KEY_TYPE_AES import_with_data:"0123456789abcdef":PSA_KEY_TYPE_AES:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export RSA public key: good, 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:-1:PSA_SUCCESS:0 PSA import/export RSA public key: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (+1 byte), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2-1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:161:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:162:PSA_SUCCESS:1 PSA import/export RSA public key: good, larger buffer (*2+1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:163:PSA_SUCCESS:1 PSA import/export RSA public key: export buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (+1 byte), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:1:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2-1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:609:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:610:PSA_SUCCESS:1 PSA import/export RSA keypair: good, larger buffer (*2+1), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:611:PSA_SUCCESS:1 PSA import/export RSA keypair: export buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export RSA keypair: trailing garbage ignored, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:-1:PSA_SUCCESS:0 PSA import RSA keypair: truncated -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: public key -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_with_data:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA public key: key pair -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_with_data:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_INVALID_ARGUMENT PSA import RSA keypair: valid key but EC -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_INVALID_ARGUMENT PSA import/export-public RSA public key: good, 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: good, 1024-bit, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA public key: buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export-public RSA keypair: buffer too small, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):-1:PSA_ERROR_BUFFER_TOO_SMALL:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" PSA import/export RSA public key: 1016-bit (good) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1016:0:PSA_SUCCESS:1 PSA import/export RSA public key: 1016-bit (good), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_CRYPTO_DRIVER_TEST import_export:"30818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import/export RSA keypair: 1016-bit (good), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C import_with_data:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1022-bit (not supported) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C import_with_data:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: 1023-bit (not supported) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C import_with_data:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1023-bit (not supported) -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import/export EC secp224r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_224 import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_224 import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_256 import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_256 import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_384 import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_384 import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_512 import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_512 import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export EC curve25519 key pair: good (already properly masked) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255 import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:255:0:PSA_SUCCESS:1 PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255 import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:255:0:PSA_SUCCESS:0 PSA import/export-public EC curve25519: accept unmasked input -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255 import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export-public EC curve25519: accept masked input -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255 import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448 import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:448:0:PSA_SUCCESS:1 PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output, key from RFC 7748 6.2 Alice)) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448 import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:448:0:PSA_SUCCESS:0 PSA import/export-public EC curve448: accept masked input (key from RFC 7748 6.2 Alice) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448 import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public EC curve448: accept unmasked input (key from RFC 7748 6.2 Alice) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448 import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:0:0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public: cannot export-public a symmetric key -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" PSA import/export EC secp256r1 public key: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export EC secp521r1 public key: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521 import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:521:0:PSA_SUCCESS:1 PSA import/export EC brainpoolP256r1 public key: good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256 import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0:256:0:PSA_SUCCESS:1 PSA import/export curve25519 public key: good -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255 import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:255:0:PSA_SUCCESS:1 PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448 import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0:448:0:PSA_SUCCESS:0 PSA import/export AES key: policy forbids export @@ -358,123 +361,123 @@ depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):0:256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:0:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export EC secp224r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_224:PSA_CRYPTO_DRIVER_TEST import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):224:0:PSA_SUCCESS:1 PSA import/export-public EC secp224r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_224:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_224:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7" PSA import/export EC secp256r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export-public EC secp256r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" PSA import/export EC secp384r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384:PSA_CRYPTO_DRIVER_TEST import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 PSA import/export-public EC secp384r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_384:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" PSA import/export EC secp521r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 PSA import/export-public EC secp521r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" PSA import/export EC brainpool256r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY::PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool256r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" PSA import/export EC brainpool384r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_CRYPTO_DRIVER_TEST import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):384:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool384r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" PSA import/export EC brainpool512r1 key pair: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_CRYPTO_DRIVER_TEST import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):512:0:PSA_SUCCESS:1 PSA import/export-public EC brainpool512r1: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_ALG_ECDSA_ANY:0:0:PSA_SUCCESS:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" PSA import/export EC curve25519 key pair: good (already properly masked), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 PSA import/export EC curve25519 key pair: unmasked input (check export-import-export yields properly masked output), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:0 PSA import/export-public EC curve25519: accept unmasked input, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export-public EC curve25519: accept masked input, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" PSA import/export EC curve448 key pair: good (already properly masked, key from RFC 7748 6.2 Alice)), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:1 PSA import/export EC curve448 key pair: unmasked input (check export-import-export yields properly masked output, key from RFC 7748 6.2 Alice)), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:0 PSA import/export-public EC curve448: accept masked input (key from RFC 7748 6.2 Alice), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"988f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a59872eb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public EC curve448: accept unmasked input (key from RFC 7748 6.2 Alice), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_SUCCESS:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0" PSA import/export-public: cannot export-public a symmetric key, opaque -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ERROR_INVALID_ARGUMENT:"2b7e151628aed2a6abf7158809cf4f3c" PSA import/export EC secp256r1 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export EC secp521r1 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521:PSA_CRYPTO_DRIVER_TEST import_export:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):521:0:PSA_SUCCESS:1 PSA import/export EC brainpoolP256r1 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_CRYPTO_DRIVER_TEST import_export:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_SUCCESS:1 PSA import/export curve25519 public key: good, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255:PSA_CRYPTO_DRIVER_TEST import_export:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):255:0:PSA_SUCCESS:1 PSA import/export curve448 Public Key: good (key from RFC 7748 6.2 Alice), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448:PSA_CRYPTO_DRIVER_TEST import_export:"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):448:0:PSA_SUCCESS:0 PSA import/export AES key: policy forbids export, opaque @@ -486,23 +489,187 @@ depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC:PSA_CRY import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):256:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (crypt), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export RSA keypair: policy forbids export (sign), opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 # Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS # extension which we may drop in the future. PSA import/export RSA public key: import PEM -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PEM_PARSE_C import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 PSA import/export RSA keypair: import PEM -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PEM_PARSE_C import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 +PSA import/export FFDH RFC7919 2048 key pair: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:2048:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 2048 public key: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 3072 key pair: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"A13B0B091871DE0F21FA9031BFFB6F37C485F0553B0468169A04AC0E2710185C9D8B5C5FB01C2846CEBA007298CB0F208DA2CF551C5098281EB4490647B733636EE14F6F4540EA05434AC258090A575D10EF9523AA4B545D27851878FAA04361D9412E3B55645A52BE03EE2E6DF0F83DBA295363E68F7307B5A19E205B655E6CFE005217D69B2F521A61CE23C286426D11A09768B5657A32E9965A49AE2BF4476582A278B7515B3B46F70368F324724ED4A1F36364AB4D6E3ADCA53142834353A9EB37747D26680A4B8D9A30BADACD172872BC677212B328B47B117901B4EA22C8760D7B727FFF276FA4E36082A0605E590F732F24468201DD05BF4A5710C546FAE1B153F8668D6E1A9707340B82493CADCC0721032E627DB9AD3D04124FAA19BB7FBD38FFA4416C05741C688F21B11C63508F5A3F50C219D1A4F46F0D3CC74EBD762A241C328F20C7169566E5E8E60B8F4442497B92A65FE69CD12E57BB4F44ED11A6075541B50FD95BB0224621193779873711B6616F6D9E31DE7D7369E963":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:3072:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 3072 public key: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"57214B78F3045CA8996F024B97AFCE32F3B8D24A0F1A6E37F83559C3B07270F830D9EEB40E22BE7D53C8215832C024DF8602815D087CFD546392EC338C2683FF2329BEA2236E94184037284C8A8FE6DC9F56BBEC47C887953FE2AF8700A96ED13B1DD50EA7065C2D102DE1CF037699C47A3A96CC561C5B7E1D5DCE028BB8CEB15EC9B6A8D7E12224B95D893DA596B0C198C0E07C566C7A008C2F260D358DA9D2C2EFD7182B6B03501321408791769D567FC61BE2F9BEF8D58A82AEEA857F088FF89075B0263074FF403EA94673AA2C4728ED966B23BDEB1A240BBEE9343548E02755579FFB158F9BBB11525C5081C0681A969BC6D828F74CF577FA27AEA68A5E56E8505688653590CB9CAA5D76B40BD113764141E1DD7BB09A24023C0EDE10D2C8826FACCD4EC7B2896FE6F2A1E9925C0DFBEB48A4501D57B23A2F6624772664472B5FA76AD952EEE3AABEE33897324DA167ABCD13504F85114A57CA038629437333F6B2D93F8776C8B4ACED82696BEFBE802B3281A2E1FB32A940A4A714C853":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:3072:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 4096 key pair: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"46EEB441AF38234285F3ED05BC650E370B051170543816366235B4460F6A45736145651F383B4C14AED4BC6E4A08AA1AFBEFBA457C2669362EFBF459F1447A64C25A502F8121362FF68D144BCE30592511FD902DD6338315447C21055DD9BC7AA8348445AF1E9B0C5B970500DABC792C004C897F32FD592CD383DC0B463A3E41E1357D6E5877CA1102A04C78EC3A8E5EACAFE04764D5003FFCA4D3510DF545679C104D53AA79904057FDEF019700081926A0F97686F8E45B8845827DE9FA4926071A1B0B7FD39648B72BA34B1917AC3855071A5EFCA7C45076F06833FD3B9E23ABC65F5DD1876E33D7F81750AB12E95C0385C85FAA7CF45BF14C271EE4BA454E02F4BE6DF3EC7316D0F5D32CAEA39F3558C27455CC9AA77EBC98E51CF4D2C1287714383F1396D51E8CD3C9419DB43136998EBA7A14194C3F86AF7B5CA1A8D50593ECE2073EDB1E28BABF813EE9F3FC653A83E37830B0EA71E62F9B09E549435601385925BE28B359915C2C3304BD210568A5A73582A95351E87767536B9966237696C767B86D3B00193D0659CE583C3D8508E37ED5D5EB75C22BFE65FC1C1B3EE96BC1144EFFC72799D14C7482FA7B0F631814672081C85023A35115F604F76E5E5CE778DD62D353DFF8F35498DFCA710D13BE45C6288F5E7D290E480E4B176B845142380E863A7B12083970ECF6E96D912F8E4CFA7FA0435790501107C65533":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:4096:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 4096 public key: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:4096:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 6144 key pair: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF18524A":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:6144:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 6144 public key: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:6144:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 8192 key pair: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE387881224C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:8192:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 8192 public key: good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:8192:0:PSA_SUCCESS:1 + +PSA import/export FFDH RFC7919 2048 key pair: export not permitterd +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_NOT_PERMITTED:1 + +PSA import/export FFDH RFC7919 2040 key pair: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_with_data:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 2040 public key: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_with_data:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):2048:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 3064 key pair: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_with_data:"A13B0B091871DE0F21FA9031BFFB6F37C485F0553B0468169A04AC0E2710185C9D8B5C5FB01C2846CEBA007298CB0F208DA2CF551C5098281EB4490647B733636EE14F6F4540EA05434AC258090A575D10EF9523AA4B545D27851878FAA04361D9412E3B55645A52BE03EE2E6DF0F83DBA295363E68F7307B5A19E205B655E6CFE005217D69B2F521A61CE23C286426D11A09768B5657A32E9965A49AE2BF4476582A278B7515B3B46F70368F324724ED4A1F36364AB4D6E3ADCA53142834353A9EB37747D26680A4B8D9A30BADACD172872BC677212B328B47B117901B4EA22C8760D7B727FFF276FA4E36082A0605E590F732F24468201DD05BF4A5710C546FAE1B153F8668D6E1A9707340B82493CADCC0721032E627DB9AD3D04124FAA19BB7FBD38FFA4416C05741C688F21B11C63508F5A3F50C219D1A4F46F0D3CC74EBD762A241C328F20C7169566E5E8E60B8F4442497B92A65FE69CD12E57BB4F44ED11A6075541B50FD95BB0224621193779873711B6616F6D9E31DE7D7369E9":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):3072:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 3064 public key: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_with_data:"57214B78F3045CA8996F024B97AFCE32F3B8D24A0F1A6E37F83559C3B07270F830D9EEB40E22BE7D53C8215832C024DF8602815D087CFD546392EC338C2683FF2329BEA2236E94184037284C8A8FE6DC9F56BBEC47C887953FE2AF8700A96ED13B1DD50EA7065C2D102DE1CF037699C47A3A96CC561C5B7E1D5DCE028BB8CEB15EC9B6A8D7E12224B95D893DA596B0C198C0E07C566C7A008C2F260D358DA9D2C2EFD7182B6B03501321408791769D567FC61BE2F9BEF8D58A82AEEA857F088FF89075B0263074FF403EA94673AA2C4728ED966B23BDEB1A240BBEE9343548E02755579FFB158F9BBB11525C5081C0681A969BC6D828F74CF577FA27AEA68A5E56E8505688653590CB9CAA5D76B40BD113764141E1DD7BB09A24023C0EDE10D2C8826FACCD4EC7B2896FE6F2A1E9925C0DFBEB48A4501D57B23A2F6624772664472B5FA76AD952EEE3AABEE33897324DA167ABCD13504F85114A57CA038629437333F6B2D93F8776C8B4ACED82696BEFBE802B3281A2E1FB32A940A4A714C8":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):3072:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 4088 key pair: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_with_data:"46EEB441AF38234285F3ED05BC650E370B051170543816366235B4460F6A45736145651F383B4C14AED4BC6E4A08AA1AFBEFBA457C2669362EFBF459F1447A64C25A502F8121362FF68D144BCE30592511FD902DD6338315447C21055DD9BC7AA8348445AF1E9B0C5B970500DABC792C004C897F32FD592CD383DC0B463A3E41E1357D6E5877CA1102A04C78EC3A8E5EACAFE04764D5003FFCA4D3510DF545679C104D53AA79904057FDEF019700081926A0F97686F8E45B8845827DE9FA4926071A1B0B7FD39648B72BA34B1917AC3855071A5EFCA7C45076F06833FD3B9E23ABC65F5DD1876E33D7F81750AB12E95C0385C85FAA7CF45BF14C271EE4BA454E02F4BE6DF3EC7316D0F5D32CAEA39F3558C27455CC9AA77EBC98E51CF4D2C1287714383F1396D51E8CD3C9419DB43136998EBA7A14194C3F86AF7B5CA1A8D50593ECE2073EDB1E28BABF813EE9F3FC653A83E37830B0EA71E62F9B09E549435601385925BE28B359915C2C3304BD210568A5A73582A95351E87767536B9966237696C767B86D3B00193D0659CE583C3D8508E37ED5D5EB75C22BFE65FC1C1B3EE96BC1144EFFC72799D14C7482FA7B0F631814672081C85023A35115F604F76E5E5CE778DD62D353DFF8F35498DFCA710D13BE45C6288F5E7D290E480E4B176B845142380E863A7B12083970ECF6E96D912F8E4CFA7FA0435790501107C655":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):4096:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 4088 public key: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_with_data:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):4096:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 6136 key pair: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_with_data:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF1852":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):6144:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 6136 public key: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_with_data:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE688":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):6144:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 8184 key pair: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_with_data:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE38788122":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):8192:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 8184 public key: import invalid key length +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_with_data:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F02811":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):8192:PSA_ERROR_INVALID_ARGUMENT + +PSA import/export FFDH RFC7919 2048 key pair: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 2048 public key: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 3072 key pair: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"A13B0B091871DE0F21FA9031BFFB6F37C485F0553B0468169A04AC0E2710185C9D8B5C5FB01C2846CEBA007298CB0F208DA2CF551C5098281EB4490647B733636EE14F6F4540EA05434AC258090A575D10EF9523AA4B545D27851878FAA04361D9412E3B55645A52BE03EE2E6DF0F83DBA295363E68F7307B5A19E205B655E6CFE005217D69B2F521A61CE23C286426D11A09768B5657A32E9965A49AE2BF4476582A278B7515B3B46F70368F324724ED4A1F36364AB4D6E3ADCA53142834353A9EB37747D26680A4B8D9A30BADACD172872BC677212B328B47B117901B4EA22C8760D7B727FFF276FA4E36082A0605E590F732F24468201DD05BF4A5710C546FAE1B153F8668D6E1A9707340B82493CADCC0721032E627DB9AD3D04124FAA19BB7FBD38FFA4416C05741C688F21B11C63508F5A3F50C219D1A4F46F0D3CC74EBD762A241C328F20C7169566E5E8E60B8F4442497B92A65FE69CD12E57BB4F44ED11A6075541B50FD95BB0224621193779873711B6616F6D9E31DE7D7369E963":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:3072:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 3072 public key: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"57214B78F3045CA8996F024B97AFCE32F3B8D24A0F1A6E37F83559C3B07270F830D9EEB40E22BE7D53C8215832C024DF8602815D087CFD546392EC338C2683FF2329BEA2236E94184037284C8A8FE6DC9F56BBEC47C887953FE2AF8700A96ED13B1DD50EA7065C2D102DE1CF037699C47A3A96CC561C5B7E1D5DCE028BB8CEB15EC9B6A8D7E12224B95D893DA596B0C198C0E07C566C7A008C2F260D358DA9D2C2EFD7182B6B03501321408791769D567FC61BE2F9BEF8D58A82AEEA857F088FF89075B0263074FF403EA94673AA2C4728ED966B23BDEB1A240BBEE9343548E02755579FFB158F9BBB11525C5081C0681A969BC6D828F74CF577FA27AEA68A5E56E8505688653590CB9CAA5D76B40BD113764141E1DD7BB09A24023C0EDE10D2C8826FACCD4EC7B2896FE6F2A1E9925C0DFBEB48A4501D57B23A2F6624772664472B5FA76AD952EEE3AABEE33897324DA167ABCD13504F85114A57CA038629437333F6B2D93F8776C8B4ACED82696BEFBE802B3281A2E1FB32A940A4A714C853":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:3072:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 4096 key pair: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"46EEB441AF38234285F3ED05BC650E370B051170543816366235B4460F6A45736145651F383B4C14AED4BC6E4A08AA1AFBEFBA457C2669362EFBF459F1447A64C25A502F8121362FF68D144BCE30592511FD902DD6338315447C21055DD9BC7AA8348445AF1E9B0C5B970500DABC792C004C897F32FD592CD383DC0B463A3E41E1357D6E5877CA1102A04C78EC3A8E5EACAFE04764D5003FFCA4D3510DF545679C104D53AA79904057FDEF019700081926A0F97686F8E45B8845827DE9FA4926071A1B0B7FD39648B72BA34B1917AC3855071A5EFCA7C45076F06833FD3B9E23ABC65F5DD1876E33D7F81750AB12E95C0385C85FAA7CF45BF14C271EE4BA454E02F4BE6DF3EC7316D0F5D32CAEA39F3558C27455CC9AA77EBC98E51CF4D2C1287714383F1396D51E8CD3C9419DB43136998EBA7A14194C3F86AF7B5CA1A8D50593ECE2073EDB1E28BABF813EE9F3FC653A83E37830B0EA71E62F9B09E549435601385925BE28B359915C2C3304BD210568A5A73582A95351E87767536B9966237696C767B86D3B00193D0659CE583C3D8508E37ED5D5EB75C22BFE65FC1C1B3EE96BC1144EFFC72799D14C7482FA7B0F631814672081C85023A35115F604F76E5E5CE778DD62D353DFF8F35498DFCA710D13BE45C6288F5E7D290E480E4B176B845142380E863A7B12083970ECF6E96D912F8E4CFA7FA0435790501107C65533":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:4096:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 4096 public key: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:4096:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 6144 key pair: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF18524A":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:6144:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 6144 public key: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:6144:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 8192 key pair: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE387881224C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:8192:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export FFDH RFC7919 8192 public key: export buffer to small +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:8192:0:PSA_ERROR_BUFFER_TOO_SMALL:1 + +PSA import/export-public FFDH RFC7919 public key 2048 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export_public_key:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0" + +PSA import/export-public FFDH RFC7919 key pair 2048 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export_public_key:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"AA396C4E08F47E499243FF17B3E0D019415A52FB6E31FCA71B2B9F46FE84E3A611757DD414A21E1BE8A8FFD60479348245918F7D771EC4A78733F627F72CE0FE1717EE3950B4DB7982577A332CC66C3F3EEB79CD604568644FD3EDAE35A08F3C75C7A99E1A24CB8B56CF7D102984568C0D93BAB9C760F22BB2AC3BEE62E532010E6EEB5A3FB2ABE1EEE1562C1C8D9AC8F781B7283C846B435F4BD4F437EE4D60B97B6EF6ECE675F199E6A40EEFFDC8C65F2973B662782FD2069AEFC026560FA57DE67474AD1A5C8837FF0644F6D0E79161DE5AC38B4837818A5EC38D335D6ECCCC1F9FC676D3548BA30635C5DB24C02BF86977E401E47C3262B81C84C340D729" + +PSA import/export-public FFDH RFC7919 public key 3072 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export_public_key:"8B6C629D0251EAA04FF127A9E2D748D744813E6F158F7BA3E4BBC50F928F9EFD689A7DDDA44023F0177DBDA344B2A9B9FED648F911118EA3C4ADBB6D3B1A85880BA80DD28B6E6FBB766D1B6858618013AAFA5A8FD4290E7D52FFD75682CB0EDD99B7AD314F4F4780F00114C344BA0574AD59975DD4FB0A93A46F1BBE98A52C21735381BCB8D3886F0345C4ABDFAD2C1B877E910D64AB4F57CCB419E386E3C81BD09E5755F88E7EA724967AD1C2E8D7AC2B2417CD6B0EB9C1366B413A461BF3249316B71912496EBA269A38E90CB324BA06BEA3B555D5E0D62EF817B2503017AD3D120EAC0CD61FB0A5C71E1C50FEEC90F4CFB11890AF21C2F1EDB501B2BB44AE3CED3C64204033144F293F696FEE4468623B3EFA405C2C00B9CD040B52442DA32C3C23E33930E4129390A5BCD061198C75AFE7DA8FF0EADA0DE931A5233C7C46D36C02B855315084CCDA54BFD155CEEA2C0C17AFB80987C54680828E1B9B2F6D2BB5FA3F7E70455CE8B66AC2D54762BB6D76CF6CE345BCD6CD2AF6A56010F512":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"8B6C629D0251EAA04FF127A9E2D748D744813E6F158F7BA3E4BBC50F928F9EFD689A7DDDA44023F0177DBDA344B2A9B9FED648F911118EA3C4ADBB6D3B1A85880BA80DD28B6E6FBB766D1B6858618013AAFA5A8FD4290E7D52FFD75682CB0EDD99B7AD314F4F4780F00114C344BA0574AD59975DD4FB0A93A46F1BBE98A52C21735381BCB8D3886F0345C4ABDFAD2C1B877E910D64AB4F57CCB419E386E3C81BD09E5755F88E7EA724967AD1C2E8D7AC2B2417CD6B0EB9C1366B413A461BF3249316B71912496EBA269A38E90CB324BA06BEA3B555D5E0D62EF817B2503017AD3D120EAC0CD61FB0A5C71E1C50FEEC90F4CFB11890AF21C2F1EDB501B2BB44AE3CED3C64204033144F293F696FEE4468623B3EFA405C2C00B9CD040B52442DA32C3C23E33930E4129390A5BCD061198C75AFE7DA8FF0EADA0DE931A5233C7C46D36C02B855315084CCDA54BFD155CEEA2C0C17AFB80987C54680828E1B9B2F6D2BB5FA3F7E70455CE8B66AC2D54762BB6D76CF6CE345BCD6CD2AF6A56010F512" + +PSA import/export-public FFDH RFC7919 key pair 3072 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export_public_key:"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"c6dbc8151d22313ab19feea7be0f22f798ff9bec21e9da9b5020b6028395d4a3258f3db0cee7adda3f56864863d4c565498d59b205bcbcc3fc098d78efd4e6b4e09b97971c6fd00cd2fa63bb0b3c7380cc1c19fbb34d077fda61c4a71c254242aa5870786b5d0fd3cb179f64f737eb7ab83b57ca70f93955f49b43869ca2ea441650f48a516137229be2926b02129de4089c9d129df7d76848ecda1bcecda1cf95df195e8e388ee70fac0f1c4d9b38e745b067ee88b32e6d59cb159a95852f18b121f85fedfbb6a2c6962ed70cc1ae471813e1bdc053abacccd1eec79359a6f15ec55d92bbf3890b912fbbb2c029407e1493315394a290f4ce81c0d9dccfbab386b745145cb173b9e08f018d309200691b72acafb313cebf483ff8810080bce9516aa5382a18c3c10965a33176d93d8c51f83d6fca7f606200bb7c779a891fd65dd7ed6972f6835f4e94d928f89f1d0ee204b1ef073a761c65241a76f254695ac31842600aa0753c94e6c805c24ed101bbb26c96928db1166a91c7fea8bc3b90" + +PSA import/export-public FFDH RFC7919 public key 4096 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export_public_key:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B" + +PSA import/export-public FFDH RFC7919 key pair 4096 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export_public_key:"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"e0c2e35be32adb92560e6557d07ba9bab295792063a2724f9e381e9f2644423e73efeb074ddee70388444bc1a67edfe496a6c38eafff45ec500278f9b896a6fb1de4a59461e6fcf1de17867018e0c362876ae107fd4287383989a4ab41cd44844b103cf58085aa52b49527df433446fa5c4665037475e8f78c8d64d5d60a462603d292d02c539329e9d48c25e05083fa98fd6a513c84f0e2ced9121c2f5922559abb5e2fe3081e6bf2256d6043af211a70fe48e371bf683b953f199821fe0fbe924151dc772e72db53492ba5613bcf5661b7ed419fa02f332443be5f8b97908800077306abf6fd796afdbbdbc2badb21501ccee5ed67635b3cf37819f5d1db5370d77960ac0535a029b0af1bf634679367d35db0e7f38bbe0a022392efefc6b8ccf1e9f53bd7ac28012f6bf5e3701476606eb4649c64377b1e0c418840486bb4a286ebaf685449061ee375487e9e9164d0a7c9327c7b667b1933dc3adb11358e76457d594c19b88e8a689107c641d3503a7639159f3cdae7f58398204d29895e84fb82e192b796866c27d8373a36c5c062a445f6fd515e561d7c2328e7424057229689fe7851432f706f21e114f74d21ca3b01f1aa57d2743f28f8dbfa5ef5c584de2012d82ee978bb7cd713001237e76b5ee12e3cc51393cbcfe1717cefdf885022f18e66661097fe1ce91d0508e1931cf3774bd83d8f068711e09943b82355" + +PSA import/export-public FFDH RFC7919 public key 6144 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export_public_key:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D" + +PSA import/export-public FFDH RFC7919 key pair 6144 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export_public_key:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF18524A":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D" + +PSA import/export-public FFDH RFC7919 public key 8192 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +import_export_public_key:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187" + +PSA import/export-public FFDH RFC7919 key pair 8192 good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +import_export_public_key:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE387881224C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187" + PSA import: reject raw data key of length 0 # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED import_with_data:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT @@ -516,59 +683,59 @@ PSA import: reject raw data key of length 0 and declared size 8 bits import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size=255 for secp256r1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_NOT_SUPPORTED PSA import EC keypair: explicit bit-size=521 for secp521r1 (good) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_SUCCESS PSA import EC keypair: explicit bit-size=528 for secp521r1 (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_NOT_SUPPORTED PSA import EC keypair: explicit bit-size, DER format -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size, too short -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13e":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size, too long (00 start) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"0049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size, too long (00 end) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee00":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size, public key -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: implicit bit-size, not a valid length -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_NOT_SUPPORTED PSA import EC keypair: secp256r1, all-bits-zero (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d == n - 1 (good) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_SUCCESS PSA import EC keypair: secp256r1, d == n (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, d > n (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_with_data:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC public key: key pair -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 import_with_data:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import AES: bits=0 ok @@ -580,11 +747,11 @@ depends_on:PSA_WANT_KEY_TYPE_AES import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:128:PSA_SUCCESS PSA import AES: bits=256 wrong -depends_on:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_ERROR_INVALID_ARGUMENT PSA import AES: bits=256 ok -depends_on:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH import_with_data:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:256:PSA_SUCCESS PSA import AES: bits=128 wrong @@ -598,11 +765,11 @@ PSA import large key: raw, 65536 bits (not supported) import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED PSA import RSA key pair: maximum size exceeded -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: maximum size exceeded -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_RSA_C import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy: AES ECB @@ -614,31 +781,31 @@ depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES check_key_policy:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING PSA key policy: ECC SECP256R1, SIGN_HASH -> SIGN_HASH+MESSAGE -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, VERIFY_HASH -> VERIFY_HASH+MESSAGE -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, SIGN+VERIFY_HASH -> {SIGN,VERIFY}_{HASH,MESSAGE} -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, {SIGN,VERIFY}_{HASH,MESSAGE} -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY PSA key policy: ECC SECP256R1, SIGN_MESSAGE -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy: ECC SECP256R1, VERIFY_MESSAGE -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy: ECC SECP256R1, SIGN+VERIFY_MESSAGE -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Key attributes initializers zero properly @@ -857,151 +1024,151 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 8):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:4:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 4):PSA_ERROR_NOT_PERMITTED PSA key policy: asymmetric encryption, encrypt | decrypt -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, alg=0 in policy -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA key policy: asymmetric encryption, encrypt but not decrypt -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, decrypt but not encrypt -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric encryption, neither encrypt nor decrypt -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign | verify hash, ECDSA SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign, key usage extension -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature, verify, key usage extension -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign | verify, key usage extension -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong alg family (PSS std/any salt) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong alg family (PSS any/std salt) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong alg family (RSA v15/PSS) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, wrong alg family -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, ECDSA SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wildcard in policy, PKCS#1v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, wrong hash algorithm -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, alg=0 in policy -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, sign but not verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: asymmetric signature, verify but not sign -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: asymmetric signature, neither sign nor verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:0 PSA key policy: msg asymmetric signature, sign | verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wrong alg family (PSS std/any salt) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wrong alg family (PSS any/std salt) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wrong alg family (RSA v15/PSS) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wildcard in policy, wrong alg family -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wildcard in policy, ECDSA SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wildcard in policy, PKCS#1v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, wrong hash algorithm -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, alg=0 in policy -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: msg asymmetric signature, sign but not verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_SIGN_MESSAGE PSA key policy: msg asymmetric signature, verify but not sign -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1:PSA_KEY_USAGE_VERIFY_MESSAGE PSA key policy: derive via HKDF, permitted @@ -1029,43 +1196,39 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_ derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224) PSA key policy: agreement + KDF, permitted -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS PSA key policy: agreement + KDF, not permitted -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 agreement_key_policy:0:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED -PSA key policy: agreement + KDF, wrong agreement algorithm -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_PERMITTED - PSA key policy: agreement + KDF, wrong KDF algorithm -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_224)):PSA_ERROR_NOT_PERMITTED PSA key policy: agreement + KDF, key permits raw agreement -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_SUCCESS PSA key policy: raw agreement, permitted -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_SUCCESS PSA key policy: raw agreement, not permitted -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 raw_agreement_key_policy:0:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED PSA key policy: raw agreement, wrong algorithm -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH:PSA_ERROR_NOT_PERMITTED PSA key policy: raw agreement, key permits raw agreement, but algorithm is not raw -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECDH_C +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ERROR_NOT_SUPPORTED PSA key policy: raw agreement, key specifies KDF -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 raw_agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH:PSA_ERROR_NOT_PERMITTED PSA key policy algorithm2: CTR, CBC @@ -1073,15 +1236,15 @@ depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES key_policy_alg2:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ALG_CBC_NO_PADDING PSA key policy algorithm2: ECDH, ECDSA, HASH usage -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy algorithm2: ECDH, ECDSA, HASH+MESSAGE usage -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) PSA key policy algorithm2: ECDH, ECDSA, MESSAGE usage -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy key: raw, 1 byte @@ -1120,63 +1283,63 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:0:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, extended usage flags -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy key: raw, 1 byte, opaque @@ -1216,63 +1379,63 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:0 Copy key: RSA key pair, same usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, extended usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, fewer usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, more usage flags, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #0, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, intersect usage flags #1, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in target, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 Copy key: RSA key pair, wildcard algorithm in source and target, opaque -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0 Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+ECDH, extended usage flags, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDSA+ECDH, target=ECDSA+0, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0 Copy key: source=ECDSA+ECDH, target=0+ECDH, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:0:PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:0:PSA_ALG_ECDH Copy key: source=ECDSA(any)+ECDH, target=ECDSA(SHA256)+ECDH, opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH Copy key: source=ECDH+ECDSA(any), target=ECDH+ECDSA(SHA256), opaque -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) Copy fail: raw data, no COPY flag @@ -1399,19 +1562,19 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_CRYPTO_DRIVER_TEST copy_success:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":0:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(PSA_ALG_CCM, 8):0:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 12):0 Copy fail: RSA, incompatible target policy (source wildcard) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (target wildcard) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, incompatible target policy (source and target wildcard) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: RSA, ANY_HASH is not meaningful with OAEP -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):0:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: incorrect type in attributes @@ -1422,21 +1585,17 @@ Copy fail: incorrect size in attributes copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_TYPE_RAW_DATA:"404142434445464748494a4b4c4d4e4f":0:42:PSA_KEY_USAGE_EXPORT:0:0:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDSA(SHA224)+ECDH, target=ECDSA(SHA256)+ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDSA(PSA_ALG_SHA_224):PSA_ALG_ECDH:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_ECDH:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: source=ECDH+ECDSA(SHA224), target=ECDH+ECDSA(SHA256) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_224):0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256):0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT Copy fail: AES, invalid persistent key identifier in attributes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT -Copy fail: AES, invalid lifetime (unknown location) in attributes -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_DRIVERS -copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 11):PSA_ERROR_INVALID_ARGUMENT - Copy fail: AES, copy to a readonly lifetime in attributes depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_READ_ONLY, 0 ):PSA_ERROR_INVALID_ARGUMENT @@ -2071,11 +2230,11 @@ depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256 cipher_bad_key:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" PSA cipher: incorrect key type (RSA) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT cipher_bad_key:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" PSA cipher: incorrect key type (ECC Family Sep R1) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 cipher_bad_key:PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320" PSA cipher encrypt: without initialization @@ -2802,83 +2961,83 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=0, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"ab2265b4c168955561f04315":"":"":"f149e2b5f0adaa9842ca5f45b768a8fc" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=16, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"41c5da8667ef725220ffe39ae0ac590ac9fca729ab60ada0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"05ad13a5e2c2ab667e1a6fbc":"8b5c124bef6e2f0fe4d8c95cd5fa4cf1":"":"204bdb1bd62154bf08922aaa54eed705" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=20, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"093ef7551ebbff8eb0c0a8a4a62b198f0c2e838de10eeeee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"e656e93930ed5210ba3f0322":"3da22dacfd11b21b0a713157f60aec0cd22f1add":"":"1b2d2764573e20ae640bf29d48e5fe05" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"31389612d244c9792a510eca3f9c94f9f48c97ed67ae965a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"df6b54ec8b58114df5b09279":"0863bec42ee93385efbec665adfc46dafcd793f29e859e3b531c15b168f1888dd13e905cd7d5bc03f9f1f6495717df62":"":"77e5682a49243d5b9016eb1adafa2d" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":"69482957e6be5c54882d00314e0259cf191e9f29bef63a26860c1e020a21137e" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=8, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"c50ac59e50556e47b834380018c0dc0380af9df3bf6714e6":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"f303bf4b6cfbba7104cd9436":"":"d3f3f57033df30c22860231334b099cb":"2269c72d77f2b6f9d57da1820ec5a5d3d62d4491e3e4e9e7" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=14, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"8ef391e4b7a2fe05b959be27823357080f963ed2f64b9e59":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0080052a2a5bb0e95222a419":"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":"88d674044031414af7ba9da8b89dd68e69897d99d8e1706f38c613896c18" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=4, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"1cb5a0db778d3eb430b2816ceef9e455f519a8977b074183":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"c1df5e9e2e3165c54242a306":"7134e5ddc396c2a8a7da23906c8f7b40":"636871d4c0aae3da7b55abd8b5f21297":"14eb02562aa1d963d0033626cdc8a5c8972f4bdf" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=20, TAG=13, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"45148f42669f8ab8fad689d9b9180e39d7ea8fc95696297e":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"5afcb134acc78b4eb9d11e79":"aec409e5fd82e50b824ebc1f45e75188d80615c6":"3d952be11deb421b56e0ce9d7ce99553":"077c0d53869869e191df116fd7baa8a293d2b577a29b0953c91b5d3b9d" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"5255428457fe75e64447971ec5af0d13c5b60a07ee2d07b0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"40cb6ebafc202f82223db097":"b2da2bd05ab1f3e39613efc8d80c5d0f240ee08f6abad5791649e9c1d0f48fa3dc59c1e535d1db1a4d3fa2263f5a1117":"fdd8a462c86d4365c8bfee0e25fc8a62":"9ca4a6d08267038f6f7999c84105bb5eaf8f7b3b9310ec688e033088a03482" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"516c33929df5a3284ff463d7":"":"":"bdc1ac884d332457a1d2664f168c76f0" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=12, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"98ebf7a58db8b8371d9069171190063cc1fdc1927e49a3385f890d41a838619c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"3e6db953bd4e641de644e50a":"":"":"2fb9c3e41fff24ef07437c47" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"3a8efa1cd74bbab5448f9945":"519fee519d25c7a304d6c6aa1897ee1eb8c59655":"":"f6d47505ec96c98a42dc3ae719877b87" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=13, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"a7c928738b89c3258b910ac31bc465338b2e133b143fd52d9c9859eb1d01f2a0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"a483a7e94fbb2d694d3c4a8d":"bdb613cd3c2f0edd37b3ed43041bacb949ee51fa":"":"5233f95bdcf5d666fb957acdcb" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"16a5b58a1dbb273a8fc6a4af722d46dbb898dd86ab128cb93d8388a8647a80a3":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"59e0c40d6675923cf5e004d5":"5b4b4ffc9c66bd394abeed3f03b695b949b3b69a42198cc3bfad971174915df913b967ccf36ee1f001f54efbcd117b68":"":"d57e27914ecb4a764359d3c0f8d4d6" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=4, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"5dd13092dd695b90ab835ed6343031c4cdb710d32f4d3804d72b46d921fcfa18":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"1de4bd816c8ec6bffc1e6453":"1b63d6278702abacf8b6c2faf542a808659fd5da03cdc1061a8593ea8ce9fc8ff54ffef6ebf3e15f7a832b4ae750a6ce":"":"72901467" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"b6ac8e4963f49207ffd6374c":"":"722ee47da4b77424733546c2d400c4e5":"1224dfefb72a20d49e09256908874979882eafea22adf8dbed06a2265f907b" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=12, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"b33b0e4c5b9f7ef77cec1a29ed5844bda3853238bdf7766e7645029931f169f0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"f226d65e8654fdf5193ed721":"":"bcf48ddcfe9d011a1003973d68d2d78a":"d2eb20898a301b5d8e69e9926272021393af01abb6a970047a7fc010" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=16, TAG=14, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"c6e126a65faec77ab62318e30d8a50c39a664670039a66ae5a6874201bc68f9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0ba5193b2d3a8378d67163ce":"5844b289dc74327f9fd93f7aae1c3d39":"c37aada3d4408e880d47e41df77da9b9":"b5cd7563989b460a2fe187e90c41fc3179c73d0d1e3a4484909969de93b0" PSA AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_encrypt:PSA_KEY_TYPE_AES:"2e6942d537f1a98444c2f9dbdb5d8db42a503a00a17b57d516399569e044a703":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"7eb67721581ed52cfcfc2c4d":"a96cc73451502c7278b467ac85d5fc14fc1a2f51bc685645b173f0cd9af02d383095de063e6eaa50374ce9bc951e9e61":"e5f410fe939e79b7ad33fbd3aaf5856f":"727f5e19a5582e5782bbbe73517f0c04c492319abf12b03b380724ff1483a3" PSA AEAD decrypt, AES-GCM, 144 bytes #1 @@ -2930,83 +3089,83 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=0, TAG=16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"caf72ee1e62e1001e8cfbc63":"":"db1a74ffb5f7de26f5742e0942b1b9cb":"":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=48, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"e79fb7defce4f650402e6b521170686d3eb2a0b9514f3a64":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"40e0d2d836c0519e7042419b":"41c5b5d971c0723bc1b63a259fe7e06c2961de1241bc34c13965f43636e4da3da8c75ed5956abe3a42f3039af005925a":"434ff68f2436f48418fd69f52158":"":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=0, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"e41d1f533d5b342ffe434b94b1372683bfd5d9d8cb79f9ee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"5fe11a596dfcd3a305c1d711":"":"1847f64fff986476d1d2f758692f856da4a0ff98c0c1101694c84fd86680c9":"b03c2c20f758a93a8d1220232ad87098":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=20, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"8e7da473c057a2a4669a0d22bf9b7c9913fba48930ca0c9b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"f9ff8ef80d76c50f9ca0e9ff":"f141bae18a1b54f065554fd34aa02c91c90f505c":"5deb093b6e7c766a64bb9d5170af1ff8bf130b64eebdce06a9bdb2cf1da15a":"b22b2dcdcc18adc30d16297b84b459d8":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=12 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"01bf150add51bb11623e3bfbebd62a7ea81c5b192b8eb6de":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"dfacbc6791b785d324c646b7":"e35412a625324257bef35399a7eacca34fec2d2d24166e6bb3e94d96f5c57599ded45e2a74503f07116caa1692398a07":"77579db3c6da769e17731faac4732d7cce65d960a49f94f6b583e54a":"7e5fd8b595ddc4753676107951d900e2":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=8 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"551266c4ed166fe1c43761927801ed50cb9c0b3864fc97df":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"e711afbeccd567f866340abb":"562d1697237ebc563941076d459727dfa094eb9ac00d30ed5836825d163dd27517c7660a01056b2d868c7fc5d0343830":"2b54cc27f6ee71882e8b1ead207d2b042d262e87eac97b58":"37245449db8f72b1ecdb420f629d3d80":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=0, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"78fa4a2a5b5b1b1d9580ea527f2e1653e9336e15cc5462f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"98b774f7110e0bea624b487f":"":"a642aabed8b99e15e297ee705a40c3e2e506cb889727b327b7e044a8":"496909523f574b205d757659c5":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=16, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"61f4c2e55d729c4657e503dfe2b604e2853675dbdeb0982a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"0c4d5548aa2d8d54964e1e63":"5affdf8886dabb14790aff3dbfcbdd80":"0d4eacc3db304f46cb7a9eba6ec105bf86d9dc0639b7cebbd5260f47":"b6e056de521a27266dffbc0d96":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=20, TAG=13 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"73245c4f115a74fe71d6fefb9094c57c75f28033a3c7372b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"536a82485999b93b0bb7ef24":"64dcad870a42eeec0730fd7a7e4154638a85d739":"29333e87bfe65d0e37da2936f695824d4e3f37fab3b8e2b868f6":"f6d56f8c86f27d957fa63aea22":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=48, TAG=4 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"9002e74638e09dd1f091439518e1460cdd5905bd9e1a37ae":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"76c81a95d24be5c8bac63b50":"aa3ae4531aaac8f3eb07f748712c55a680bc8df5cf845edc66d09049500b41688b8023f5746879b45bdd586af29c4ede":"31bf37acbc53ca3fdbc9e5eaaebbb85a7f":"bd94b34511bc65ae47684805cb":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=0, TAG=16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"58d2240f580a31c1d24948e9":"":"15e051a5e4a5f5da6cea92e2ebee5bac":"":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=16, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"3395a1485315c5b5e6353acb05ae9499c440a2e9f5c57494662f827235ea314c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"3b7e632571602456b49880f0":"f283f80226dacb69c8af089ec6b59e81":"84c8beff4b0d160ee68ac613097f51":"":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=20, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"4dc46ca55c1c1fcb4720c274c0e675c2ac5bf93d8dd5e951ca9f6b61f884edc9":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"6473ab77dc885127422f5594":"e2cf8172ab4cf77eba45cd2c8ff939b938080a90":"8d6351f18d873242204c20144e2b83":"":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=48, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"a7f95798434f9a0fe6fd8acd30b8bad96dbdcfacee4594f01cbf26479be7d154":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"9ef5a77b02137b46e8461d09":"5595a16fa12d4dcdba6b128480dce2d39c1211c3fb6068cde6013f6a80dfcda5eb92af8879e40ee9c177fd0e446fc8ca":"3bfd3d99fe2063e8ef8255519fe0":"":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"473360e0ad24889959858995":"":"d2c78110ac7e8f107c0df0570bd7c90cc26a379b6d98ef2852ead8ce83a833a7":"7789b41cb3ee548814ca0b388c10b343":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=4 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"57805f98aae1b8b64bb49756529ab8181b3ada674a90c55422e9eb26c48bcd7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"9735945d8ca161777206632a":"":"58375442ab1c0e6a8952c83d128d9fc5f45bb315":"4860116a6d2deb9bf794bfd6ac5bbbd6":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=16, TAG=8 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"f913bb823a1d0c10b0b72d56866907b893f2266f15de1abc17f93600824db55a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"d4fe686a14592b6ca1bd6b42":"e35d880c1c53688eb83869de9dd8a473":"35af9b502ea6b56269f896bf98affdd59c2aa418b38bc7fd":"ff426dd751190ff826e8b4a0792d746e":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=20, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"74e9d9d7cd0728cea94e169af485f21f9d2447e022f16008f803dcf5c4f7cc0c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"ecba39edc96667da726122c0":"ae9ab021f86f5b81bb2e0fcbd4b855e1501e9f82":"e5745ce0e02dbba05363b548c3ac7047eacca7e61db6f72fc9b9e5bdb2bb":"0a0b284515694188b6b6c15bc8a09036":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=0, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"60667fce64b8c7169ddf45f335e46951248f69abc4e0f4f292d0ffe3dfd5219f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"1057322a39f08ef761c3c8fc":"":"501b033c841acb430c52d88fe9cb44c751f2f1641d1e801a534ac8":"f386b28e7eb4c2fb8eb5dc66a2":PSA_SUCCESS PSA AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=20, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_decrypt:PSA_KEY_TYPE_AES:"e67590da399cbcdcddcc56110562ade8665b50287a8ab38e8b9ee7520531b560":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"2c36ab6b686a66fba1805196":"823493d42f4f60b2d1433ad75eccaafd7e7c7d12":"cff6b6f03c67152f3ce1030653d9bd9a6559f5b04b48d77c2a1fc364":"da1c61fbfcdb73445ad4c7d889":PSA_SUCCESS PSA AEAD encrypt: ChaCha20-Poly1305 (RFC7539) @@ -3046,7 +3205,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_INVALID_ARGUMENT PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20) -depends_on:MBEDTLS_CHACHA20_C +depends_on:PSA_WANT_KEY_TYPE_CHACHA20 aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart AEAD encrypt: AES - CCM, 23 bytes (lengths set) @@ -3162,163 +3321,163 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":1:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=0, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"ab2265b4c168955561f04315":"":"":0:"f149e2b5f0adaa9842ca5f45b768a8fc" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=0, TAG=16, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"ab2265b4c168955561f04315":"":"":1:"f149e2b5f0adaa9842ca5f45b768a8fc" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=16, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"41c5da8667ef725220ffe39ae0ac590ac9fca729ab60ada0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"05ad13a5e2c2ab667e1a6fbc":"8b5c124bef6e2f0fe4d8c95cd5fa4cf1":"":0:"204bdb1bd62154bf08922aaa54eed705" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=16, TAG=16, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"41c5da8667ef725220ffe39ae0ac590ac9fca729ab60ada0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"05ad13a5e2c2ab667e1a6fbc":"8b5c124bef6e2f0fe4d8c95cd5fa4cf1":"":1:"204bdb1bd62154bf08922aaa54eed705" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=20, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"093ef7551ebbff8eb0c0a8a4a62b198f0c2e838de10eeeee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"e656e93930ed5210ba3f0322":"3da22dacfd11b21b0a713157f60aec0cd22f1add":"":0:"1b2d2764573e20ae640bf29d48e5fe05" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=20, TAG=16, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"093ef7551ebbff8eb0c0a8a4a62b198f0c2e838de10eeeee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"e656e93930ed5210ba3f0322":"3da22dacfd11b21b0a713157f60aec0cd22f1add":"":1:"1b2d2764573e20ae640bf29d48e5fe05" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"31389612d244c9792a510eca3f9c94f9f48c97ed67ae965a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"df6b54ec8b58114df5b09279":"0863bec42ee93385efbec665adfc46dafcd793f29e859e3b531c15b168f1888dd13e905cd7d5bc03f9f1f6495717df62":"":0:"77e5682a49243d5b9016eb1adafa2d" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=0, AAD=48, TAG=15, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"31389612d244c9792a510eca3f9c94f9f48c97ed67ae965a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"df6b54ec8b58114df5b09279":"0863bec42ee93385efbec665adfc46dafcd793f29e859e3b531c15b168f1888dd13e905cd7d5bc03f9f1f6495717df62":"":1:"77e5682a49243d5b9016eb1adafa2d" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":0:"69482957e6be5c54882d00314e0259cf191e9f29bef63a26860c1e020a21137e" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=16, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":1:"69482957e6be5c54882d00314e0259cf191e9f29bef63a26860c1e020a21137e" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=8, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"c50ac59e50556e47b834380018c0dc0380af9df3bf6714e6":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"f303bf4b6cfbba7104cd9436":"":"d3f3f57033df30c22860231334b099cb":0:"2269c72d77f2b6f9d57da1820ec5a5d3d62d4491e3e4e9e7" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=0, TAG=8, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"c50ac59e50556e47b834380018c0dc0380af9df3bf6714e6":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"f303bf4b6cfbba7104cd9436":"":"d3f3f57033df30c22860231334b099cb":1:"2269c72d77f2b6f9d57da1820ec5a5d3d62d4491e3e4e9e7" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=14, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"8ef391e4b7a2fe05b959be27823357080f963ed2f64b9e59":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0080052a2a5bb0e95222a419":"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":0:"88d674044031414af7ba9da8b89dd68e69897d99d8e1706f38c613896c18" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=14, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"8ef391e4b7a2fe05b959be27823357080f963ed2f64b9e59":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0080052a2a5bb0e95222a419":"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":1:"88d674044031414af7ba9da8b89dd68e69897d99d8e1706f38c613896c18" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=4, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"1cb5a0db778d3eb430b2816ceef9e455f519a8977b074183":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"c1df5e9e2e3165c54242a306":"7134e5ddc396c2a8a7da23906c8f7b40":"636871d4c0aae3da7b55abd8b5f21297":0:"14eb02562aa1d963d0033626cdc8a5c8972f4bdf" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=16, TAG=4, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"1cb5a0db778d3eb430b2816ceef9e455f519a8977b074183":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"c1df5e9e2e3165c54242a306":"7134e5ddc396c2a8a7da23906c8f7b40":"636871d4c0aae3da7b55abd8b5f21297":1:"14eb02562aa1d963d0033626cdc8a5c8972f4bdf" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=20, TAG=13, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"45148f42669f8ab8fad689d9b9180e39d7ea8fc95696297e":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"5afcb134acc78b4eb9d11e79":"aec409e5fd82e50b824ebc1f45e75188d80615c6":"3d952be11deb421b56e0ce9d7ce99553":0:"077c0d53869869e191df116fd7baa8a293d2b577a29b0953c91b5d3b9d" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=20, TAG=13, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"45148f42669f8ab8fad689d9b9180e39d7ea8fc95696297e":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"5afcb134acc78b4eb9d11e79":"aec409e5fd82e50b824ebc1f45e75188d80615c6":"3d952be11deb421b56e0ce9d7ce99553":1:"077c0d53869869e191df116fd7baa8a293d2b577a29b0953c91b5d3b9d" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"5255428457fe75e64447971ec5af0d13c5b60a07ee2d07b0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"40cb6ebafc202f82223db097":"b2da2bd05ab1f3e39613efc8d80c5d0f240ee08f6abad5791649e9c1d0f48fa3dc59c1e535d1db1a4d3fa2263f5a1117":"fdd8a462c86d4365c8bfee0e25fc8a62":0:"9ca4a6d08267038f6f7999c84105bb5eaf8f7b3b9310ec688e033088a03482" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=24, IV=12, IN=16, AAD=48, TAG=15, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"5255428457fe75e64447971ec5af0d13c5b60a07ee2d07b0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"40cb6ebafc202f82223db097":"b2da2bd05ab1f3e39613efc8d80c5d0f240ee08f6abad5791649e9c1d0f48fa3dc59c1e535d1db1a4d3fa2263f5a1117":"fdd8a462c86d4365c8bfee0e25fc8a62":1:"9ca4a6d08267038f6f7999c84105bb5eaf8f7b3b9310ec688e033088a03482" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"516c33929df5a3284ff463d7":"":"":0:"bdc1ac884d332457a1d2664f168c76f0" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=16, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"516c33929df5a3284ff463d7":"":"":1:"bdc1ac884d332457a1d2664f168c76f0" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=12, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"98ebf7a58db8b8371d9069171190063cc1fdc1927e49a3385f890d41a838619c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"3e6db953bd4e641de644e50a":"":"":0:"2fb9c3e41fff24ef07437c47" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=0, TAG=12, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"98ebf7a58db8b8371d9069171190063cc1fdc1927e49a3385f890d41a838619c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"3e6db953bd4e641de644e50a":"":"":1:"2fb9c3e41fff24ef07437c47" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=16, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"3a8efa1cd74bbab5448f9945":"519fee519d25c7a304d6c6aa1897ee1eb8c59655":"":0:"f6d47505ec96c98a42dc3ae719877b87" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=16, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"3a8efa1cd74bbab5448f9945":"519fee519d25c7a304d6c6aa1897ee1eb8c59655":"":1:"f6d47505ec96c98a42dc3ae719877b87" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=13, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"a7c928738b89c3258b910ac31bc465338b2e133b143fd52d9c9859eb1d01f2a0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"a483a7e94fbb2d694d3c4a8d":"bdb613cd3c2f0edd37b3ed43041bacb949ee51fa":"":0:"5233f95bdcf5d666fb957acdcb" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=20, TAG=13, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"a7c928738b89c3258b910ac31bc465338b2e133b143fd52d9c9859eb1d01f2a0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"a483a7e94fbb2d694d3c4a8d":"bdb613cd3c2f0edd37b3ed43041bacb949ee51fa":"":1:"5233f95bdcf5d666fb957acdcb" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"16a5b58a1dbb273a8fc6a4af722d46dbb898dd86ab128cb93d8388a8647a80a3":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"59e0c40d6675923cf5e004d5":"5b4b4ffc9c66bd394abeed3f03b695b949b3b69a42198cc3bfad971174915df913b967ccf36ee1f001f54efbcd117b68":"":0:"d57e27914ecb4a764359d3c0f8d4d6" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=15, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"16a5b58a1dbb273a8fc6a4af722d46dbb898dd86ab128cb93d8388a8647a80a3":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"59e0c40d6675923cf5e004d5":"5b4b4ffc9c66bd394abeed3f03b695b949b3b69a42198cc3bfad971174915df913b967ccf36ee1f001f54efbcd117b68":"":1:"d57e27914ecb4a764359d3c0f8d4d6" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=4, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"5dd13092dd695b90ab835ed6343031c4cdb710d32f4d3804d72b46d921fcfa18":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"1de4bd816c8ec6bffc1e6453":"1b63d6278702abacf8b6c2faf542a808659fd5da03cdc1061a8593ea8ce9fc8ff54ffef6ebf3e15f7a832b4ae750a6ce":"":0:"72901467" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=0, AAD=48, TAG=4, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"5dd13092dd695b90ab835ed6343031c4cdb710d32f4d3804d72b46d921fcfa18":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"1de4bd816c8ec6bffc1e6453":"1b63d6278702abacf8b6c2faf542a808659fd5da03cdc1061a8593ea8ce9fc8ff54ffef6ebf3e15f7a832b4ae750a6ce":"":1:"72901467" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"b6ac8e4963f49207ffd6374c":"":"722ee47da4b77424733546c2d400c4e5":0:"1224dfefb72a20d49e09256908874979882eafea22adf8dbed06a2265f907b" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=15, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"b6ac8e4963f49207ffd6374c":"":"722ee47da4b77424733546c2d400c4e5":1:"1224dfefb72a20d49e09256908874979882eafea22adf8dbed06a2265f907b" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=12, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"b33b0e4c5b9f7ef77cec1a29ed5844bda3853238bdf7766e7645029931f169f0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"f226d65e8654fdf5193ed721":"":"bcf48ddcfe9d011a1003973d68d2d78a":0:"d2eb20898a301b5d8e69e9926272021393af01abb6a970047a7fc010" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=0, TAG=12, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"b33b0e4c5b9f7ef77cec1a29ed5844bda3853238bdf7766e7645029931f169f0":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"f226d65e8654fdf5193ed721":"":"bcf48ddcfe9d011a1003973d68d2d78a":1:"d2eb20898a301b5d8e69e9926272021393af01abb6a970047a7fc010" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=16, TAG=14, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"c6e126a65faec77ab62318e30d8a50c39a664670039a66ae5a6874201bc68f9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0ba5193b2d3a8378d67163ce":"5844b289dc74327f9fd93f7aae1c3d39":"c37aada3d4408e880d47e41df77da9b9":0:"b5cd7563989b460a2fe187e90c41fc3179c73d0d1e3a4484909969de93b0" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=16, TAG=14, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"c6e126a65faec77ab62318e30d8a50c39a664670039a66ae5a6874201bc68f9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"0ba5193b2d3a8378d67163ce":"5844b289dc74327f9fd93f7aae1c3d39":"c37aada3d4408e880d47e41df77da9b9":1:"b5cd7563989b460a2fe187e90c41fc3179c73d0d1e3a4484909969de93b0" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=48, TAG=15, -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"2e6942d537f1a98444c2f9dbdb5d8db42a503a00a17b57d516399569e044a703":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"7eb67721581ed52cfcfc2c4d":"a96cc73451502c7278b467ac85d5fc14fc1a2f51bc685645b173f0cd9af02d383095de063e6eaa50374ce9bc951e9e61":"e5f410fe939e79b7ad33fbd3aaf5856f":0:"727f5e19a5582e5782bbbe73517f0c04c492319abf12b03b380724ff1483a3" PSA Multipart AEAD encrypt, AES-GCM, CAVS 14.0, KEY=32, IV=12, IN=16, AAD=48, TAG=15, (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_encrypt:PSA_KEY_TYPE_AES:"2e6942d537f1a98444c2f9dbdb5d8db42a503a00a17b57d516399569e044a703":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"7eb67721581ed52cfcfc2c4d":"a96cc73451502c7278b467ac85d5fc14fc1a2f51bc685645b173f0cd9af02d383095de063e6eaa50374ce9bc951e9e61":"e5f410fe939e79b7ad33fbd3aaf5856f":1:"727f5e19a5582e5782bbbe73517f0c04c492319abf12b03b380724ff1483a3" PSA Multipart AEAD decrypt, AES - GCM, 144 bytes #1 @@ -3362,163 +3521,163 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_multipart_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":1:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=0, TAG=16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"caf72ee1e62e1001e8cfbc63":"":"db1a74ffb5f7de26f5742e0942b1b9cb":0:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=0, TAG=16 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"0e5d6e68f82f32bea3f0b69498c1a31ef6d955cd3d27a2a8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"caf72ee1e62e1001e8cfbc63":"":"db1a74ffb5f7de26f5742e0942b1b9cb":1:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=48, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"e79fb7defce4f650402e6b521170686d3eb2a0b9514f3a64":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"40e0d2d836c0519e7042419b":"41c5b5d971c0723bc1b63a259fe7e06c2961de1241bc34c13965f43636e4da3da8c75ed5956abe3a42f3039af005925a":"434ff68f2436f48418fd69f52158":0:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=0, AAD=48, TAG=14 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"e79fb7defce4f650402e6b521170686d3eb2a0b9514f3a64":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"40e0d2d836c0519e7042419b":"41c5b5d971c0723bc1b63a259fe7e06c2961de1241bc34c13965f43636e4da3da8c75ed5956abe3a42f3039af005925a":"434ff68f2436f48418fd69f52158":1:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=0, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"e41d1f533d5b342ffe434b94b1372683bfd5d9d8cb79f9ee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"5fe11a596dfcd3a305c1d711":"":"1847f64fff986476d1d2f758692f856da4a0ff98c0c1101694c84fd86680c9":0:"b03c2c20f758a93a8d1220232ad87098" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=0, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"e41d1f533d5b342ffe434b94b1372683bfd5d9d8cb79f9ee":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"5fe11a596dfcd3a305c1d711":"":"1847f64fff986476d1d2f758692f856da4a0ff98c0c1101694c84fd86680c9":1:"b03c2c20f758a93a8d1220232ad87098" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=20, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"8e7da473c057a2a4669a0d22bf9b7c9913fba48930ca0c9b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"f9ff8ef80d76c50f9ca0e9ff":"f141bae18a1b54f065554fd34aa02c91c90f505c":"5deb093b6e7c766a64bb9d5170af1ff8bf130b64eebdce06a9bdb2cf1da15a":0:"b22b2dcdcc18adc30d16297b84b459d8" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=20, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"8e7da473c057a2a4669a0d22bf9b7c9913fba48930ca0c9b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"f9ff8ef80d76c50f9ca0e9ff":"f141bae18a1b54f065554fd34aa02c91c90f505c":"5deb093b6e7c766a64bb9d5170af1ff8bf130b64eebdce06a9bdb2cf1da15a":1:"b22b2dcdcc18adc30d16297b84b459d8" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=12 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"01bf150add51bb11623e3bfbebd62a7ea81c5b192b8eb6de":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"dfacbc6791b785d324c646b7":"e35412a625324257bef35399a7eacca34fec2d2d24166e6bb3e94d96f5c57599ded45e2a74503f07116caa1692398a07":"77579db3c6da769e17731faac4732d7cce65d960a49f94f6b583e54a":0:"7e5fd8b595ddc4753676107951d900e2" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=12 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"01bf150add51bb11623e3bfbebd62a7ea81c5b192b8eb6de":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 12 ):"dfacbc6791b785d324c646b7":"e35412a625324257bef35399a7eacca34fec2d2d24166e6bb3e94d96f5c57599ded45e2a74503f07116caa1692398a07":"77579db3c6da769e17731faac4732d7cce65d960a49f94f6b583e54a":1:"7e5fd8b595ddc4753676107951d900e2" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=8 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"551266c4ed166fe1c43761927801ed50cb9c0b3864fc97df":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"e711afbeccd567f866340abb":"562d1697237ebc563941076d459727dfa094eb9ac00d30ed5836825d163dd27517c7660a01056b2d868c7fc5d0343830":"2b54cc27f6ee71882e8b1ead207d2b042d262e87eac97b58":0:"37245449db8f72b1ecdb420f629d3d80" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=16, AAD=48, TAG=8 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"551266c4ed166fe1c43761927801ed50cb9c0b3864fc97df":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"e711afbeccd567f866340abb":"562d1697237ebc563941076d459727dfa094eb9ac00d30ed5836825d163dd27517c7660a01056b2d868c7fc5d0343830":"2b54cc27f6ee71882e8b1ead207d2b042d262e87eac97b58":1:"37245449db8f72b1ecdb420f629d3d80" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=0, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"78fa4a2a5b5b1b1d9580ea527f2e1653e9336e15cc5462f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"98b774f7110e0bea624b487f":"":"a642aabed8b99e15e297ee705a40c3e2e506cb889727b327b7e044a8":0:"496909523f574b205d757659c5" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=0, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"78fa4a2a5b5b1b1d9580ea527f2e1653e9336e15cc5462f5":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"98b774f7110e0bea624b487f":"":"a642aabed8b99e15e297ee705a40c3e2e506cb889727b327b7e044a8":1:"496909523f574b205d757659c5" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=16, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"61f4c2e55d729c4657e503dfe2b604e2853675dbdeb0982a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"0c4d5548aa2d8d54964e1e63":"5affdf8886dabb14790aff3dbfcbdd80":"0d4eacc3db304f46cb7a9eba6ec105bf86d9dc0639b7cebbd5260f47":0:"b6e056de521a27266dffbc0d96" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=16, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"61f4c2e55d729c4657e503dfe2b604e2853675dbdeb0982a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"0c4d5548aa2d8d54964e1e63":"5affdf8886dabb14790aff3dbfcbdd80":"0d4eacc3db304f46cb7a9eba6ec105bf86d9dc0639b7cebbd5260f47":1:"b6e056de521a27266dffbc0d96" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=20, TAG=13 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"73245c4f115a74fe71d6fefb9094c57c75f28033a3c7372b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"536a82485999b93b0bb7ef24":"64dcad870a42eeec0730fd7a7e4154638a85d739":"29333e87bfe65d0e37da2936f695824d4e3f37fab3b8e2b868f6":0:"f6d56f8c86f27d957fa63aea22" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=20, TAG=13 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"73245c4f115a74fe71d6fefb9094c57c75f28033a3c7372b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 13 ):"536a82485999b93b0bb7ef24":"64dcad870a42eeec0730fd7a7e4154638a85d739":"29333e87bfe65d0e37da2936f695824d4e3f37fab3b8e2b868f6":1:"f6d56f8c86f27d957fa63aea22" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=48, TAG=4 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"9002e74638e09dd1f091439518e1460cdd5905bd9e1a37ae":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"76c81a95d24be5c8bac63b50":"aa3ae4531aaac8f3eb07f748712c55a680bc8df5cf845edc66d09049500b41688b8023f5746879b45bdd586af29c4ede":"31bf37acbc53ca3fdbc9e5eaaebbb85a7f":0:"bd94b34511bc65ae47684805cb" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=24, IV=12, IN=13, AAD=48, TAG=4 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"9002e74638e09dd1f091439518e1460cdd5905bd9e1a37ae":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"76c81a95d24be5c8bac63b50":"aa3ae4531aaac8f3eb07f748712c55a680bc8df5cf845edc66d09049500b41688b8023f5746879b45bdd586af29c4ede":"31bf37acbc53ca3fdbc9e5eaaebbb85a7f":1:"bd94b34511bc65ae47684805cb" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=0, TAG=16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"58d2240f580a31c1d24948e9":"":"15e051a5e4a5f5da6cea92e2ebee5bac":0:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=0, TAG=16 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"f5a2b27c74355872eb3ef6c5feafaa740e6ae990d9d48c3bd9bb8235e589f010":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"58d2240f580a31c1d24948e9":"":"15e051a5e4a5f5da6cea92e2ebee5bac":1:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=16, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"3395a1485315c5b5e6353acb05ae9499c440a2e9f5c57494662f827235ea314c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"3b7e632571602456b49880f0":"f283f80226dacb69c8af089ec6b59e81":"84c8beff4b0d160ee68ac613097f51":0:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=16, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"3395a1485315c5b5e6353acb05ae9499c440a2e9f5c57494662f827235ea314c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"3b7e632571602456b49880f0":"f283f80226dacb69c8af089ec6b59e81":"84c8beff4b0d160ee68ac613097f51":1:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=20, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4dc46ca55c1c1fcb4720c274c0e675c2ac5bf93d8dd5e951ca9f6b61f884edc9":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"6473ab77dc885127422f5594":"e2cf8172ab4cf77eba45cd2c8ff939b938080a90":"8d6351f18d873242204c20144e2b83":0:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=20, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4dc46ca55c1c1fcb4720c274c0e675c2ac5bf93d8dd5e951ca9f6b61f884edc9":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"6473ab77dc885127422f5594":"e2cf8172ab4cf77eba45cd2c8ff939b938080a90":"8d6351f18d873242204c20144e2b83":1:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=48, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"a7f95798434f9a0fe6fd8acd30b8bad96dbdcfacee4594f01cbf26479be7d154":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"9ef5a77b02137b46e8461d09":"5595a16fa12d4dcdba6b128480dce2d39c1211c3fb6068cde6013f6a80dfcda5eb92af8879e40ee9c177fd0e446fc8ca":"3bfd3d99fe2063e8ef8255519fe0":0:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=0, AAD=48, TAG=14 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"a7f95798434f9a0fe6fd8acd30b8bad96dbdcfacee4594f01cbf26479be7d154":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"9ef5a77b02137b46e8461d09":"5595a16fa12d4dcdba6b128480dce2d39c1211c3fb6068cde6013f6a80dfcda5eb92af8879e40ee9c177fd0e446fc8ca":"3bfd3d99fe2063e8ef8255519fe0":1:"" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"473360e0ad24889959858995":"":"d2c78110ac7e8f107c0df0570bd7c90cc26a379b6d98ef2852ead8ce83a833a7":0:"7789b41cb3ee548814ca0b388c10b343" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=16 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4c8ebfe1444ec1b2d503c6986659af2c94fafe945f72c1e8486a5acfedb8a0f8":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 16 ):"473360e0ad24889959858995":"":"d2c78110ac7e8f107c0df0570bd7c90cc26a379b6d98ef2852ead8ce83a833a7":1:"7789b41cb3ee548814ca0b388c10b343" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=4 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"57805f98aae1b8b64bb49756529ab8181b3ada674a90c55422e9eb26c48bcd7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"9735945d8ca161777206632a":"":"58375442ab1c0e6a8952c83d128d9fc5f45bb315":0:"4860116a6d2deb9bf794bfd6ac5bbbd6" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=0, TAG=4 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"57805f98aae1b8b64bb49756529ab8181b3ada674a90c55422e9eb26c48bcd7b":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 4 ):"9735945d8ca161777206632a":"":"58375442ab1c0e6a8952c83d128d9fc5f45bb315":1:"4860116a6d2deb9bf794bfd6ac5bbbd6" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=16, TAG=8 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"f913bb823a1d0c10b0b72d56866907b893f2266f15de1abc17f93600824db55a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"d4fe686a14592b6ca1bd6b42":"e35d880c1c53688eb83869de9dd8a473":"35af9b502ea6b56269f896bf98affdd59c2aa418b38bc7fd":0:"ff426dd751190ff826e8b4a0792d746e" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=16, TAG=8 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"f913bb823a1d0c10b0b72d56866907b893f2266f15de1abc17f93600824db55a":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 8 ):"d4fe686a14592b6ca1bd6b42":"e35d880c1c53688eb83869de9dd8a473":"35af9b502ea6b56269f896bf98affdd59c2aa418b38bc7fd":1:"ff426dd751190ff826e8b4a0792d746e" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=20, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"74e9d9d7cd0728cea94e169af485f21f9d2447e022f16008f803dcf5c4f7cc0c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"ecba39edc96667da726122c0":"ae9ab021f86f5b81bb2e0fcbd4b855e1501e9f82":"e5745ce0e02dbba05363b548c3ac7047eacca7e61db6f72fc9b9e5bdb2bb":0:"0a0b284515694188b6b6c15bc8a09036" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=16, AAD=20, TAG=14 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"74e9d9d7cd0728cea94e169af485f21f9d2447e022f16008f803dcf5c4f7cc0c":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"ecba39edc96667da726122c0":"ae9ab021f86f5b81bb2e0fcbd4b855e1501e9f82":"e5745ce0e02dbba05363b548c3ac7047eacca7e61db6f72fc9b9e5bdb2bb":1:"0a0b284515694188b6b6c15bc8a09036" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=0, TAG=14 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"60667fce64b8c7169ddf45f335e46951248f69abc4e0f4f292d0ffe3dfd5219f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"1057322a39f08ef761c3c8fc":"":"501b033c841acb430c52d88fe9cb44c751f2f1641d1e801a534ac8":0:"f386b28e7eb4c2fb8eb5dc66a2" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=0, TAG=14 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"60667fce64b8c7169ddf45f335e46951248f69abc4e0f4f292d0ffe3dfd5219f":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 14 ):"1057322a39f08ef761c3c8fc":"":"501b033c841acb430c52d88fe9cb44c751f2f1641d1e801a534ac8":1:"f386b28e7eb4c2fb8eb5dc66a2" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=20, TAG=15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"e67590da399cbcdcddcc56110562ade8665b50287a8ab38e8b9ee7520531b560":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"2c36ab6b686a66fba1805196":"823493d42f4f60b2d1433ad75eccaafd7e7c7d12":"cff6b6f03c67152f3ce1030653d9bd9a6559f5b04b48d77c2a1fc364":0:"da1c61fbfcdb73445ad4c7d889" PSA Multipart AEAD decrypt, CAVS14.0, AES-GCM, KEY=32, IV=12, IN=13, AAD=20, TAG=15 (lengths set) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_decrypt:PSA_KEY_TYPE_AES:"e67590da399cbcdcddcc56110562ade8665b50287a8ab38e8b9ee7520531b560":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 15 ):"2c36ab6b686a66fba1805196":"823493d42f4f60b2d1433ad75eccaafd7e7c7d12":"cff6b6f03c67152f3ce1030653d9bd9a6559f5b04b48d77c2a1fc364":1:"da1c61fbfcdb73445ad4c7d889" PSA Multipart AEAD encrypt: ChaCha20-Poly1305 (RFC7539) @@ -3674,19 +3833,19 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:16:13:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_SUCCESS PSA Multipart Nonce Generation, AES - GCM, NONCE = (Req 12 / Expect 12) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:12:12:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Nonce Generation, AES - GCM, NONCE = (Req 11 / Expect 0) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:11:0:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_ERROR_BUFFER_TOO_SMALL PSA Multipart Nonce Generation, AES - GCM, NONCE = (Req 0 / Expect 0) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:0:0:"":"":PSA_ERROR_BUFFER_TOO_SMALL PSA Multipart Nonce Generation, AES - GCM, NONCE = (Req 16 / Expect 12) -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:16:12:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Nonce Generation: ChaCha20 - Poly1305, NONCE = (Req 12 / Expect 12) @@ -3734,35 +3893,35 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):14:SET_LENGTHS_AFTER_NONCE:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL) (too small), set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:0:SET_LENGTHS_AFTER_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL) (too small), set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:-1:SET_LENGTHS_AFTER_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM, NONCE = 16, set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:16:SET_LENGTHS_AFTER_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM, NONCE = 20, set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:20:SET_LENGTHS_AFTER_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (NULL) (too small), set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):0:SET_LENGTHS_AFTER_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL) (too small), set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):-1:SET_LENGTHS_AFTER_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16, set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):16:SET_LENGTHS_AFTER_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM_12, NONCE = 20, set lengths after nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):20:SET_LENGTHS_AFTER_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11 (too small), set lengths after nonce @@ -3814,35 +3973,35 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):14:SET_LENGTHS_BEFORE_NONCE:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL) (too small), set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:0:SET_LENGTHS_BEFORE_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL) (too small), set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:-1:SET_LENGTHS_BEFORE_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM, NONCE = 16, set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:16:SET_LENGTHS_BEFORE_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM, NONCE = 20, set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:20:SET_LENGTHS_BEFORE_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (NULL) (too small), set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):0:SET_LENGTHS_BEFORE_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL) (too small), set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):-1:SET_LENGTHS_BEFORE_NONCE:"":"":PSA_ERROR_INVALID_ARGUMENT PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16, set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):16:SET_LENGTHS_BEFORE_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM_12, NONCE = 20, set lengths before nonce -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):20:SET_LENGTHS_BEFORE_NONCE:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11 (too small), set lengths before nonce @@ -3870,7 +4029,7 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:12:DO_NOT_SET_LENGTHS:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_SUCCESS PSA Multipart Set Nonce, AES - GCM_12, NONCE = 16, do not set lengths -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):16:DO_NOT_SET_LENGTHS:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 12, do not set lengths @@ -3886,11 +4045,11 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL PSA AEAD output buffer test: AES - GCM, IN = 16, BUF = 15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:15:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL PSA AEAD output buffer test: AES - GCM, IN = 16, BUF = 0 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:0:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL PSA AEAD output buffer test: ChaCha20 - Poly1305 IN = 130, BUF = 129 @@ -3914,19 +4073,19 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:0:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL PSA AEAD finish buffer test: AES - GCM, BUF = 8, TAG = 16 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:8:16:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_SUCCESS PSA AEAD finish buffer test: AES - GCM, BUF = 15, TAG = 20 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:15:20:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_SUCCESS PSA AEAD finish buffer test: AES - GCM, BUF = 15, TAG = 15 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:15:15:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL PSA AEAD finish buffer test: AES - GCM, BUF = 15, TAG = 0 -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:15:0:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL PSA AEAD finish buffer test: ChaCha20 - Poly1305, BUF = 0, TAG = 20 @@ -4054,7 +4213,7 @@ depends_on:PSA_WANT_ALG_CHACHA20_POLY1305 aead_multipart_state_test:PSA_KEY_TYPE_CHACHA20:"0000000000000000000000000000000000000000000000000000000000000000":PSA_ALG_CHACHA20_POLY1305:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E" PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw @@ -4062,59 +4221,59 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128 PSA signature size: RSA keypair, 1024 bits, PSS -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128 PSA signature size: RSA keypair, 1024 bits, PSS-any-salt -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS_ANY_SALT( PSA_ALG_SHA_256 ):128 PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC signature_size:PSA_KEY_TYPE_RSA_KEY_PAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA keypair, PSS-SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA keypair, PSS-any-salt-SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA public key, PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA import/exercise RSA public key, PSS-SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise RSA public key, PSS-any-salt-SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ) PSA import/exercise: ECP SECP256R1 keypair, ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDH PSA import/exercise: HKDF SHA-256 @@ -4126,311 +4285,503 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) PSA sign hash: RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" PSA sign hash: RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign hash: deterministic ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA sign hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" PSA sign hash: deterministic ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" +PSA sign hash int (ops=inf): det ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0 + +PSA sign hash int (ops=inf) det ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca":0 + +PSA sign hash int (ops=inf): det ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f":0 + PSA sign hash: RSA PKCS#1 v1.5 SHA-256, wrong hash size -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: RSA PKCS#1 v1.5, invalid hash (wildcard) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: RSA PKCS#1 v1.5 raw, input too large -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: RSA PKCS#1 v1.5 SHA-256, output buffer too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL PSA sign hash: RSA PSS SHA-256, wrong hash length (0 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: RSA PSS-any-salt SHA-256, wrong hash length (0 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"":127:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: RSA PSS SHA-256, wrong hash length (129 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: RSA PSS-any-salt SHA-256, wrong hash length (129 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":127:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, output buffer too small -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign hash: RSA PKCS#1 v1.5 SHA-256, empty output buffer -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, empty output buffer -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (0) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: invalid key type, signing with a public key -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY sign_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: invalid algorithm for ECC key -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT PSA sign hash: deterministic ECDSA not supported -depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED +PSA sign hash int (ops=inf): det ECDSA SECP256R1 SHA-256, out buf too small +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_SUCCESS:PSA_ERROR_BUFFER_TOO_SMALL:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA SECP256R1 SHA-256, out buf too small +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_SUCCESS:PSA_ERROR_BUFFER_TOO_SMALL:0 + +PSA sign hash int (ops=inf): det ECDSA SECP256R1 SHA-256, empty out buf +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_SUCCESS:PSA_ERROR_BUFFER_TOO_SMALL:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA SECP256R1 SHA-256, empty out buf +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_SUCCESS:PSA_ERROR_BUFFER_TOO_SMALL:0 + +PSA sign hash int (ops=inf): det ECDSA SECP256R1, invld hash alg (0) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA SECP256R1, invld hash alg (0) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA sign hash int: det ECDSA SECP256R1, invld hash alg (wildcard) +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int: invld alg for ECC key +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int: ECDSA not supported +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:!PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=inf): det ECDSA not supported +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign hash int (ops=min): det ECDSA not supported +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:0 + PSA sign/verify hash: RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" PSA sign/verify hash: RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify hash: RSA PSS SHA-256, 32 bytes (hash size) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify hash: RSA PSS-any-salt SHA-256, 32 bytes (hash size) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" PSA sign/verify hash: deterministic ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +PSA sign/vrfy hash int (ops=inf): rand ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int (ops=min): rand ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0 + +PSA sign/vrfy hash int (ops=inf): det ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int (ops=min): det ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0 + +PSA sign/vrfy hash int (ops=inf): rand ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int (ops=min): rand ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":0 + +PSA sign/vrfy hash int (ops=inf): det ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int (ops=min): det ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":0 + +PSA sign/vrfy hash int (ops=inf): rand ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int (ops=min): rand ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0 + +PSA sign/vrfy hash int (ops=inf): det ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int (ops=min): det ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 +sign_verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0 + PSA verify hash: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify hash with keypair: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_1 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS SHA-256, slen=0 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b" PSA verify hash: RSA-1024 PSS SHA-256, slen=31 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"797914eadbbe8293a7b0fe29d2db9fb246b519128d46d3ec93142a1a08a2992ba5325ad9b5ce55344b37996dbb81eb89628263cae4e3fc0e947dec0b8b0c7b0ee94bca02dd287f9cc619e2d88fb2279fb2a8f8301271c58009bb1223f3cfa730cb852947685678cfdef2968c82a9b8bffd8c0d518476b1ea2a5ad6c100045d8e":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=31 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"797914eadbbe8293a7b0fe29d2db9fb246b519128d46d3ec93142a1a08a2992ba5325ad9b5ce55344b37996dbb81eb89628263cae4e3fc0e947dec0b8b0c7b0ee94bca02dd287f9cc619e2d88fb2279fb2a8f8301271c58009bb1223f3cfa730cb852947685678cfdef2968c82a9b8bffd8c0d518476b1ea2a5ad6c100045d8e" PSA verify hash: RSA-1024 PSS SHA-256, slen=32 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df" PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=32 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df" PSA verify hash: RSA-1024 PSS SHA-256, slen=94 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS-any-salt SHA-256, slen=94 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800" PSA verify hash: RSA-1024 PSS SHA-512, slen=61 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=61 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a" PSA verify hash: RSA-1024 PSS SHA-512, slen=62 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4" PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=62 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4" PSA verify hash: RSA-528 PSS SHA-512, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955" PSA verify hash: RSA-528 PSS-any-salt SHA-512, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955" PSA verify hash: RSA-520 PSS SHA-512 (hash too large) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA-520 PSS-any-salt SHA-512 (hash too large) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_512 verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PSS-any-salt SHA-256, wrong hash length (0 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PSS SHA-256, wrong hash length (129 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: RSA PSS-any-salt SHA-256, wrong hash length (129 bytes) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308":PSA_ERROR_INVALID_ARGUMENT PSA verify hash: ECDSA SECP256R1, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify hash with keypair: ECDSA SECP256R1, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +PSA verify hash: deterministic ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" + +PSA verify hash: deterministic ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"dbf3b9a150a2ec12ec4b16ff7d37be2fe354a357cb267af4296ccfda3acca2d796989f63eb192e4c43a7ff0d0b7f493b1334dfb3c32375351debcdd532f41e13" + +PSA verify hash: deterministic ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"bed412df472eef873fb0839f91a6867d1c6824d4c5781d4b851faa43c7df904d99dbdd28c0d2fd3a4a006e89d34993a120aff166deb4974e96449a7ffe93c66726ad9443b14b87330c86bdde3faff5fd1cbfdc9afe46f8090376f9664cb116b4" + +PSA vrfy hash int: ECDSA SECP256R1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int w/keypair: ECDSA SECP256R1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash: det ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash: det ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"dbf3b9a150a2ec12ec4b16ff7d37be2fe354a357cb267af4296ccfda3acca2d796989f63eb192e4c43a7ff0d0b7f493b1334dfb3c32375351debcdd532f41e13":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash: det ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"bed412df472eef873fb0839f91a6867d1c6824d4c5781d4b851faa43c7df904d99dbdd28c0d2fd3a4a006e89d34993a120aff166deb4974e96449a7ffe93c66726ad9443b14b87330c86bdde3faff5fd1cbfdc9afe46f8090376f9664cb116b4":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + PSA verify hash: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: ECDSA SECP256R1, wrong signature of correct size -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: ECDSA SECP256R1, wrong signature (empty) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: ECDSA SECP256R1, wrong signature (truncated) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: ECDSA SECP256R1, wrong signature (trailing junk) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: ECDSA SECP256R1, wrong signature (leading junk) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE PSA verify hash: invalid algorithm for ECC key -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 verify_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT +PSA vrfy hash int: ECDSA SECP256R1, wrong sig size (correct but ASN1-encoded) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int (ops=inf): ECDSA SECP256R1, wrong sig of correct size +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_SUCCESS:PSA_ERROR_INVALID_SIGNATURE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int (ops=min): ECDSA SECP256R1, wrong sig of correct size +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_SUCCESS:PSA_ERROR_INVALID_SIGNATURE:0 + +PSA vrfy hash int: ECDSA SECP256R1, wrong sig (empty) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int: ECDSA SECP256R1, wrong sig (truncated) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int: ECDSA SECP256R1, wrong sig (trailing junk) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int: ECDSA SECP256R1, wrong sig (leading junk) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA vrfy hash int: invld alg for ECC key +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +verify_hash_fail_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_BAD_STATE:PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED + +PSA sign/vrfy hash int state test: randomized ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +interruptible_signverify_hash_state_test:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + +PSA sign/vrfy hash int edge case tests: randomized ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +interruptible_signverify_hash_edgecase_tests:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + +PSA sign/vrfy hash int ops tests: randomized ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 +interruptible_signverify_hash_ops_tests:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" + PSA sign message: RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_message_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA sign message: deterministic ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548" PSA sign message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066" PSA sign message: deterministic ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"3548ea85eb66d756ae90fd64a3104b5b9a17aa282f8722409762e9da4811ec5d3060a97d3450b4bc484cd21ac588f563c4873843506fed8609b7d093db0e9a2496c36995ee74c906528af6898feb502f45bfb1e9ccf371416c68d32bb5ebc1b6" PSA sign message: RSA PKCS#1 v1.5, invalid hash (wildcard) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"616263":128:PSA_ERROR_INVALID_ARGUMENT PSA sign message: RSA PKCS#1 v1.5, invalid hash algorithm (0) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(0):"616263":128:PSA_ERROR_INVALID_ARGUMENT PSA sign message: RSA PKCS#1 v1.5 SHA-256, output buffer too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":127:PSA_ERROR_BUFFER_TOO_SMALL PSA sign message: RSA PKCS#1 v1.5 SHA-256, empty output buffer -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign message: RSA PKCS#1 v1.5 without hash -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":0:PSA_ERROR_INVALID_ARGUMENT PSA sign message: RSA PKCS#1 v1.5 SHA-256, invalid key type @@ -4438,19 +4789,19 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20 sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":128:PSA_ERROR_INVALID_ARGUMENT PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash (wildcard) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"616263":64:PSA_ERROR_INVALID_ARGUMENT PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash algorithm (0) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(0):"616263":64:PSA_ERROR_INVALID_ARGUMENT PSA sign message: ECDSA SECP256R1 SHA-256, output buffer too small -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":63:PSA_ERROR_BUFFER_TOO_SMALL PSA sign message: ECDSA SECP256R1 SHA-256, empty output buffer -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL PSA sign message: ECDSA SECP256R1 SHA-256, invalid key type @@ -4458,355 +4809,355 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20 sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":64:PSA_ERROR_INVALID_ARGUMENT PSA sign message: invalid algorithm for ECC key -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":72:PSA_ERROR_INVALID_ARGUMENT PSA sign message: deterministic ECDSA not supported -depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":96:PSA_ERROR_NOT_SUPPORTED PSA sign message: ECDSA without hash -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"616263":96:PSA_ERROR_INVALID_ARGUMENT PSA sign/verify message: RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263" PSA sign/verify message: RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263" PSA sign/verify message: RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"616263" PSA sign/verify message: RSA PSS SHA-256, 0 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" PSA sign/verify message: RSA PSS SHA-256, 32 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify message: RSA PSS SHA-256, 128 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify message: RSA PSS SHA-256, 129 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263" PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 0 bytes -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"" PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 32 bytes -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 64 bytes -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 65 bytes -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263" PSA sign/verify message: randomized ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263" PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263" PSA sign/verify message: deterministic ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263" PSA verify message: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify message with keypair: RSA PKCS#1 v1.5 SHA-256, good signature -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" PSA verify message: RSA-1024 PSS SHA-256, slen=0 (bad) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b":PSA_ERROR_INVALID_SIGNATURE PSA verify message: RSA-1024 PSS-any-salt SHA-256, slen=0 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"616263":"abc4b612c6b71e13fa5965b2e25ee6adec5b1f211b2db158e9f3c4547d6cbef909a73dfb474b8caaf6c8fcafa10ec0bbadfd1883289ce33ad08ad533c61ea004fef4d9b76a1efc267efd066ae8918cb8e994faad30ff5e340e14c941926ba7ca9422b86e8055df1c1b90a5959a59cc7a5fc15cbd0d848cd40f7857b7629b668b" PSA verify message: RSA-1024 PSS SHA-256, slen=32 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df" PSA verify message: RSA-1024 PSS-any-salt SHA-256, slen=32 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"616263":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df" PSA verify message: RSA PSS SHA-256, good signature, 32 bytes (hash size) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d" PSA verify message: RSA PSS-any-salt SHA-256, good signature, 32 bytes (hash size) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d" PSA verify message: RSA PSS SHA-256, good signature, 128 bytes (signature size) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5" PSA verify message: RSA-any-salt PSS SHA-256, good signature, 128 bytes (signature size) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5" PSA verify message: RSA PSS SHA-256, good signature, 129 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830" PSA verify message: RSA PSS-any-salt SHA-256, good signature, 129 bytes -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830" PSA verify message: ECDSA SECP256R1 SHA-256, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256 verify_message:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b" PSA verify message with keypair: ECDSA SECP256R1 SHA-256, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ALG_SHA_256:PSA_WANT_ECC_SECP_R1_256 verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b" PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE PSA verify message: RSA PKCS#1 v1.5 without hash -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT PSA verify message: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"304502200b295f3dc3ac2bde92f550b7e73a2de15a753b4ebc761c521a32d1ed9bf5800a022100fe7301254058347c3dec7768f62dfc63f7c049d28bfdd1d6712126fd888e9f04":PSA_ERROR_INVALID_SIGNATURE PSA verify message: ECDSA SECP256R1, wrong signature of correct size -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf00":PSA_ERROR_INVALID_SIGNATURE PSA verify message: ECDSA SECP256R1, wrong signature (empty) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE PSA verify message: ECDSA SECP256R1, wrong signature (truncated) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf":PSA_ERROR_INVALID_SIGNATURE PSA verify message: ECDSA SECP256R1, wrong signature (trailing junk) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0bff":PSA_ERROR_INVALID_SIGNATURE PSA verify message: ECDSA SECP256R1, wrong signature (leading junk) -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"ff0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b":PSA_ERROR_INVALID_SIGNATURE PSA verify message: invalid algorithm for ECC key -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA verify message: ECDSA without hash -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, good, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-384, good, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, key pair -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA OAEP-SHA-256, key pair -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS PSA encrypt: RSA PKCS#1 v1.5, input too large -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: salt not allowed -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA OAEP-SHA-384, input too large -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:PSA_WANT_ALG_SHA_384 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: invalid algorithm -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5: invalid key type -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"" PSA encrypt-decrypt: RSA OAEP-SHA-256 -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"" PSA encrypt-decrypt: RSA OAEP-SHA-256, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00" PSA encrypt-decrypt: RSA OAEP-SHA-384 -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_ALG_SHA_384 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"" PSA decrypt: RSA PKCS#1 v1.5: good #1 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" PSA decrypt: RSA PKCS#1 v1.5: good #2 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff" PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, output too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":0:PSA_ERROR_BUFFER_TOO_SMALL PSA decrypt: RSA PKCS#1 v1.5, 0 bytes, good -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:"1b4c1d06439b99f886048b8544607b5e8e5ac6828ad9d0b7ad4ec0b314a4d8052f8bbeab6c85dbddff0b90cc76395a7a0c4f9cc29cd7be20be0b38ff611800d6":"":"" PSA decrypt: RSA OAEP-SHA-256, 0 bytes -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":"" PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":"" PSA decrypt: RSA OAEP-SHA-256, 30 bytes -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-384, 30 bytes -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_ALG_SHA_384 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765" PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5, invalid padding -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: RSA PKCS#1 v1.5: salt not allowed -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, invalid padding -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":128:PSA_ERROR_INVALID_PADDING PSA decrypt: invalid algorithm -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP, invalid key type (RSA public key) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":128:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_AES asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":16:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too small -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA PKCS#1 v1.5, input too large -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too small -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":127:PSA_ERROR_INVALID_ARGUMENT PSA decrypt: RSA OAEP-SHA-256, input too large -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT Crypto derivation operation object initializers zero properly @@ -4840,6 +5191,9 @@ PSA key derivation setup: bad algorithm depends_on:PSA_WANT_ALG_SHA_256 derive_setup:PSA_ALG_CATEGORY_KEY_DERIVATION:PSA_ERROR_NOT_SUPPORTED +Parse binary string +parse_binary_string_test:"123456":0x123456 + PSA key derivation: HKDF-SHA-256, good case, direct output depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS @@ -4968,12 +5322,29 @@ PSA key derivation: HKDF-SHA-256, reject seed step depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE +PSA key derivation: HKDF-SHA-256, reject using input integer with direct secret +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:INPUT_INTEGER:"0b0b0b0b0b0b0b0b":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, reject input cost step using input_bytes +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:PSA_KEY_TYPE_NONE:"100000":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, input cost using input_integer after secret +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"100000":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: HKDF-SHA-256, reject input cost using input_integer after secret and info +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"100000":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + + PSA key derivation: TLS 1.2 PRF SHA-256, good case depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: TLS 1.2 PRF SHA-256, missing label @@ -4981,7 +5352,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, missing label and secret @@ -4989,7 +5360,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, no inputs @@ -4997,7 +5368,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, key first @@ -5005,7 +5376,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, key first -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS 1.2 PRF SHA-256, label first @@ -5057,29 +5428,197 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_input:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: ECDH on P256 with HKDF-SHA256, info first -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS PSA key derivation: ECDH on P256 with HKDF-SHA256, key output -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE +PSA key derivation: TLS12_ECJPAKE_TO_PMS, good input, output too short +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: TLS12_ECJPAKE_TO_PMS, input[0]=0x02 +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"02aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS12_ECJPAKE_TO_PMS, input too short +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: TLS12_ECJPAKE_TO_PMS, input too long +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, good case, direct output +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, good case, key output +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, good case, DERIVE key as password, key output +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, salt missing +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, password missing +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, salt and password before cost +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, password before cost +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, password bad key type +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_RAW_DATA:"706173737764":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, direct password, direct output +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, direct empty password, direct output +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, direct password, key output +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED + +PSA key derivation: PBKDF2-HMAC-SHA256, DERIVE key as salt +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"73616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, duplicate cost step +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, duplicate salt step +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"6c74":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, reject secret step +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, reject label step +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, reject seed step +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, reject zero input cost +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"00":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-HMAC-SHA256, reject cost greater than PSA_VENDOR_PBKDF2_MAX_ITERATIONS +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_input_invalid_cost:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_VENDOR_PBKDF2_MAX_ITERATIONS+1ULL + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, direct output +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, key output +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, DERIVE key as password, key output +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt missing +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password missing +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt and password before cost +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password before cost +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password bad key type +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_RAW_DATA:"706173737764":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct password, direct output +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct empty password, direct output +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct password, key output +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, DERIVE key as salt +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"73616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, duplicate cost step +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, duplicate salt step +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"6c74":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject secret step +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject label step +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject seed step +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject zero input cost +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"00":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject cost greater than PSA_VENDOR_PBKDF2_MAX_ITERATIONS +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_input_invalid_cost:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_VENDOR_PBKDF2_MAX_ITERATIONS+1ULL + PSA key derivation over capacity: HKDF depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256) @@ -5654,15 +6193,15 @@ depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"4bc6f832d2c78493b1c3bf2c1dee3567fd7e0813792f12452a7cbbaa2e5c4e919c248ed866364b9785ea27fc1fac969cf1ab24ea3d0f8583c297f8093557f41f2604bcca464cf6540a861e29eb41991e11b6bbc165fbc2eea1d8305ecd28eec95c256a9652f19699d838551c4254f98e0580c121daa1e7020ff45b19caca81b5999f013c8bbc235b069e3d9705919d26a11871d3a635050c6025528e0c743600ae882593acb0cacf8dfe262fe16b0726104aea462e4acf37d2c577314b548e04f21755365b4b741a4f35393d91bf7df1af50b5c1073497064398cafce10e4ab2a2c1f1a8e7b007f6ecce394bc4bf875b6d1859bfd75d701ad4a3af792436e43a4422a1376f4f116a7bb27cf233b9130f2facd9844080154890fa3da59bb58012309d3528c4a19c020a0b6ebece627f47a0523373d52729a4df19b4a042d9a704744c1ce57197372c421a08434508084693855a9000e7dcef41264bee7066fe001d5fefa45abf9fd86f8aba0243f45af26bd769c924f56658f86cda510723d601":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"":48:"":"4e68326ca1b8647d8e25f6baf131a71a0cebb2916337a8affe66a3627ce41e16184c361dfedce617a8b16370620bbdcd":1:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 48+0, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)) :PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"bdb7a5e3f169ce61432e6e1b10e398abf5c96099bf517b5fa61481f556193eaf884e30290d79b186c9cba7f4976e5085":"":2:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 24+24, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)) :PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"bdb7a5e3f169ce61432e6e1b10e398abf5c96099bf517b5f":"a61481f556193eaf884e30290d79b186c9cba7f4976e5085":2:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 0+48, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)) :PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"":"bdb7a5e3f169ce61432e6e1b10e398abf5c96099bf517b5fa61481f556193eaf884e30290d79b186c9cba7f4976e5085":2:1:0 # bad state: other secret passed before seed @@ -5675,7 +6214,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c4eb02cb10175ab8a33aeeb068ba23df08206b0e":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"":48:"":"":1:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #1, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"":"":2:1:0 # bad state: other secret passed after secret @@ -5688,7 +6227,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c4eb02cb10175ab8a33aeeb068ba23df08206b0e":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"":48:"":"":1:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #2, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"":"":2:1:0 # bad state: other secret passed after label @@ -5701,7 +6240,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c4eb02cb10175ab8a33aeeb068ba23df08206b0e":PSA_ERROR_BAD_STATE:"":48:"":"":1:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #3, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"01020304":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:"6d617374657220736563726574":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"":"":2:1:0 # bad state: other secret passed twice @@ -5714,7 +6253,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c4eb02cb10175ab8a33aeeb068ba23df08206b0e":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c4eb02cb10175ab8a33aeeb068ba23df08206b0e":PSA_ERROR_BAD_STATE:0:"":PSA_SUCCESS:"":48:"":"":1:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #4, ka -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_OTHER_SECRET:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:0:"":PSA_SUCCESS:"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":48:"":"":2:1:0 PSA key derivation: TLS 1.2 Mix-PSK-to-MS, other key is raw data @@ -5797,6 +6336,141 @@ PSA key derivation: over capacity 42: output 43+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff":0:1:0 +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, 64+0 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, 54+10 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e3":"0bd509112041d3a19783":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 20+0 +# https://www.rfc-editor.org/rfc/rfc6070#section-2 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9b524af6012062fe037a6":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 0+20 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"":"0c60c80f961f0e71f3a9b524af6012062fe037a6":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 1+19 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c":"60c80f961f0e71f3a9b524af6012062fe037a6":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 10+10 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9":"b524af6012062fe037a6":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #2 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"02":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #3 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"4b007901b765489abead49d926f721d065a429c1":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #5 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726450415353574f524470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":25:"3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #6 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361006c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"7061737300776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"56fa6aa75548099dcc37d7f03425e0c3":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, salt=2+2 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"6c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, salt=0+4 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, salt=4+0 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), salt=0+0 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:"":64:"b03ada2451aa1084ce14cf51c93eeea9d2bd435db3f93a70031b2de39fdef45d2ccb1fe2078e79773c148311d3e6ec5dec9da7f30d78584ec21c94de839671b2":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, password as key, derive key +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:1:1 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, password as bytes +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:0:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, password as bytes, derive key +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:0:1 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, salt before cost +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_ERROR_BAD_STATE:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9b524af6012062fe037a6":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 20+1 (over capacity) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9b524af6012062fe037a6":"00":0:1:0 + +#The following test vectors were generated by a python script. Details can be found in the commit message. +#The input cost, salt and password are the same as PBKDF2-HMAC test vectors +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1, 20+0 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1, 10+10 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e2777":"7606a315876ec71227de":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1, 0+20 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"":"1b72f6419173a06e27777606a315876ec71227de":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 2 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"02":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"160597e28021fb3dd9cf088b007b688360fed438":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 3 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"38ba9795fe87e47d519eacb77e82e35daa795870":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 4 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726450415353574f524470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":25:"25e7c43283d2e98cb6d9537a783e93153a45595a876779e00d":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 5 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361006c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"7061737300776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"3d2828c5a437d781e7733ca353c40579":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 6 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"28e288c6345bb5ecf7ca70274208a3ba0f1148b5868537d5e09d3ee6813b1f524d9ecbf864eb814a46cda50ad5ec4c0dc03578c6c5fb4a3f9880deb5cab537e4":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, empty direct password +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"db00f3996d041b415eb273362d8c8c83":"":0:0:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, 16 byte password +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"c4c112c6e1e3b8757640603dec78825f":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, salt in two step +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"6c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as key, derive key +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:1 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as bytes +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:0:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as bytes, derive key +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:0:1 + PSA key derivation: ECJPAKE to PMS, no input depends_on:PSA_WANT_ALG_SHA_256 derive_ecjpake_to_pms:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:32:PSA_SUCCESS:"":PSA_ERROR_INVALID_ARGUMENT @@ -5859,7 +6533,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_ derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise AES256-CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: HKDF SHA-256, exercise DES-CBC @@ -5883,7 +6557,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: TLS 1.2 PRF SHA-256, exercise AES256-CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR PSA key derivation: TLS 1.2 PRF SHA-256, exercise DES-CBC @@ -5906,12 +6580,61 @@ PSA key derivation: TLS 1.2 PRF SHA-256, exercise HKDF-SHA-256 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256) +# Input cost is set to 1U for testing purposes. +PSA key derivation: PBKDF2-HMAC-SHA-256, exercise AES128-CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +derive_key_exercise:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: PBKDF2-HMAC-SHA-256, exercise AES256-CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +derive_key_exercise:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: PBKDF2-HMAC-SHA-256, exercise DES-CBC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +derive_key_exercise:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: PBKDF2-HMAC-SHA-256, exercise 2-key 3DES-CBC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +derive_key_exercise:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: PBKDF2-HMAC-SHA-256, exercise 3-key 3DES-CBC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DES +derive_key_exercise:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: PBKDF2-HMAC-SHA-256, exercise HMAC-SHA-256 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_HMAC +derive_key_exercise:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, exercise AES128-CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, exercise AES256-CTR +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, exercise DES-CBC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:PSA_WANT_KEY_TYPE_DES +derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, exercise 2-key 3DES-CBC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:PSA_WANT_KEY_TYPE_DES +derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, exercise 3-key 3DES-CBC +depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:PSA_WANT_KEY_TYPE_DES +derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, exercise HMAC-SHA-256 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_KEY_TYPE_HMAC +derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) + PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_ECP_LIGHT derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY PSA key derivation: HKDF-SHA-256 -> ECC curve25519, exercise ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH PSA key derivation: HKDF SHA-256, derive key export, 16+32 @@ -5930,20 +6653,36 @@ PSA key derivation: TLS 1.2 PRF SHA-256, derive key export, 1+41 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_key_export:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41 +PSA key derivation: PBKDF2-HMAC-SHA-256, derive key export, 16+32 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key_export:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":16:32 + +PSA key derivation: PBKDF2-HMAC-SHA-256, derive key export, 1+41 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key_export:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":1:41 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, derive key export, 16+32 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key_export:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":16:32 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, derive key export, 1+41 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key_export:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":1:41 + PSA key derivation: HKDF-SHA-256 -> AES-128 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:"3cb25f25faacd57a90434f64d0362f2a" PSA key derivation: HKDF-SHA-256 -> AES-256 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf" PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_ECP_LIGHT derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5c0" PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_ECP_LIGHT derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4869212049276d20612074657374206b65792120486f772061726520796f753f":"":"e1ab5d0000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:"46a5850b60ba10b0fd8e0feb8790e2819d46ea26fede564ff6dea94ef1945660" PSA key derivation: HKDF-SHA-256 -> raw (same input as secp256r1+redraw) @@ -5951,77 +6690,93 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4869212049276d20612074657374206b65792120486f772061726520796f753f":"":"e1ab5d0000000000":PSA_KEY_TYPE_RAW_DATA:256:"ffffffff55f60cea989fe02543c81b28aff09b5b51fdc43f91fe5c2511b0b9d9" PSA key derivation: HKDF-SHA-256 -> ECC secp384r1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384:MBEDTLS_ECP_LIGHT derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993c" # For secp521r1, the leading byte of the representation of the private key can # be either 0 or 1. Have one test case where it's 0 and one where it's 1. PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521:MBEDTLS_ECP_LIGHT derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:"00b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993b89b9b65683d60f0106d28fff039d0b6f3409" PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521:MBEDTLS_ECP_LIGHT derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fa":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:"01122f37d10965c8455ecbd2bc73d5da5347d0ce772e54305d528295a64ffb7c567f5042e2d7e5803b407c08d1e110adcefc35564035d706582f723a2f76a32260da" # For Curve25519, test a few different outputs to exercise masking (last byte of input_2 variation). PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"38b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c57f" PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #2 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fa":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"b8122f37d10965c8455ecbd2bc73d5da5347d0ce772e54305d528295a64ffb7c" PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #3 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"e029d8a4f83cfad631f18dca6aa995f3fa69dd6488a39e8d92fe8de6ca88694f" PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #4 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fc":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"90958ef02dae8c97921a6e59eaa79f5445f76d0f4ab16cd97feba5e6586c264d" PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #5 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fd":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"c099f692a89df2e9008aebe07012b5e128c9cfc1243bd32b7043ab21912d985d" PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #6 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fe":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"d8929e4677193ca3b8b1035d93711ba917edac23c47fd45a403997361ec1475b" PSA key derivation: HKDF-SHA-256 -> ECC curve25519 #7 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:"c89d06c33cec5b3d08221a7228050e6919150a43592ae710162c97c0a2855b65" # For Curve448, test a few different outputs to exercise masking (last byte of input_2 variation). PSA key derivation: HKDF-SHA-256 -> ECC curve448 #1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993b89b9b65683d60f81" PSA key derivation: HKDF-SHA-256 -> ECC curve448 #2 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fa":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"bc122f37d10965c8455ecbd2bc73d5da5347d0ce772e54305d528295a64ffb7c567f5042e2d7e5803b407c08d1e110adcefc35564035d786" PSA key derivation: HKDF-SHA-256 -> ECC curve448 #3 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fb":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"e429d8a4f83cfad631f18dca6aa995f3fa69dd6488a39e8d92fe8de6ca88694fedcdc273f4cefcb73478e8cbcc344c5d713b5eb26e89a9dd" PSA key derivation: HKDF-SHA-256 -> ECC curve448 #4 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fc":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"90958ef02dae8c97921a6e59eaa79f5445f76d0f4ab16cd97feba5e6586c264dc114d7391112c6083b48ccc60d63c47642f5693898fe498c" PSA key derivation: HKDF-SHA-256 -> ECC curve448 #5 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fd":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"c099f692a89df2e9008aebe07012b5e128c9cfc1243bd32b7043ab21912d98dd4f73c807b5cc60cbf3364e606ecaeccd3ce44ac46595959d" PSA key derivation: HKDF-SHA-256 -> ECC curve448 #6 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fe":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"d8929e4677193ca3b8b1035d93711ba917edac23c47fd45a403997361ec1479b4eccf10bc9d1fa1a2e96b5c965a0045295516ab00665fc9b" PSA key derivation: HKDF-SHA-256 -> ECC curve448 #7 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8ff":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:"cc9d06c33cec5b3d08221a7228050e6919150a43592ae710162c97c0a2855b25c373305784895a1c48ca511ee42fc50c3f67d419569007ea" +PSA key derivation: PBKDF2-HMAC-SHA-256 -> AES-128 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES +derive_key_type:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:128:"55ac046e56e3089fec1691c22544b605" + +PSA key derivation: PBKDF2-HMAC-SHA-256 -> AES-256 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +derive_key_type:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:256:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc" + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128-> AES-128 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key_type:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:128:"28e288c6345bb5ecf7ca70274208a3ba" + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128-> AES-256 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +derive_key_type:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_AES:256:"28e288c6345bb5ecf7ca70274208a3ba0f1148b5868537d5e09d3ee6813b1f52" + PSA key derivation: invalid type (0) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_NONE:128:PSA_ERROR_NOT_SUPPORTED:0 @@ -6057,12 +6812,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6072,12 +6827,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6087,12 +6842,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6102,12 +6857,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6117,12 +6872,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6132,12 +6887,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6147,12 +6902,12 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):7:PSA_ERROR_NOT_SUPPORTED:0 @@ -6162,16 +6917,15 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):7:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC disabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):7:PSA_ERROR_NOT_SUPPORTED:0 - PSA key derivation: raw data, 8 bits depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS:0 @@ -6180,6 +6934,56 @@ PSA key derivation: invalid length (9 bits) depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT:0 +PSA key derivation: PBKDF2-HMAC-SHA-256, invalid type (0) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_NONE:128:PSA_ERROR_NOT_SUPPORTED:0 + +PSA key derivation: PBKDF2-HMAC-SHA-256, invalid type (PSA_KEY_TYPE_CATEGORY_MASK) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_NOT_SUPPORTED:0 + +PSA key derivation: PBKDF2-HMAC-SHA-256, invalid length PSA_KEY_TYPE_RAW_DATA (0) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA key derivation: PBKDF2-HMAC-SHA-256, invalid length PSA_KEY_TYPE_RAW_DATA (7 bits) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA key derivation: PBKDF2-HMAC-SHA-256, raw data, 8 bits +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS:0 + +PSA key derivation: PBKDF2-HMAC-SHA-256, invalid length (9 bits) +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, invalid type (0) +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_NONE:128:PSA_ERROR_NOT_SUPPORTED:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, invalid type (PSA_KEY_TYPE_CATEGORY_MASK) +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_ERROR_NOT_SUPPORTED:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, invalid length PSA_KEY_TYPE_RAW_DATA (0) +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +# The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:0:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, invalid length PSA_KEY_TYPE_RAW_DATA (7 bits) +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:7:PSA_ERROR_INVALID_ARGUMENT:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, raw data, 8 bits +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:8:PSA_SUCCESS:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, invalid length (9 bits) +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:9:PSA_ERROR_INVALID_ARGUMENT:0 + # This test assumes that PSA_MAX_KEY_BITS (currently 65536-8 bits = 8191 bytes # and not expected to be raised any time soon) is less than the maximum # output from HKDF-SHA512 (255*64 = 16320 bytes). @@ -6191,110 +6995,198 @@ PSA key derivation: key too large depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED:0 +PSA key derivation: PBKDF2-HMAC-SHA-256, key too large +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_key:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, key too large +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_key:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_RAW_DATA:PSA_MAX_KEY_BITS + 1:PSA_ERROR_NOT_SUPPORTED:0 + PSA key agreement setup: ECDH + HKDF-SHA-256: good -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader than required -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDH:"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS PSA key agreement setup: ECDH + HKDF-SHA-256: key algorithm KDF mismatch -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_512)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_PERMITTED PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ff":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH + HKDF-SHA-256: public key on different curve -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ECC_SECP_R1_384 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH + HKDF-SHA-256: public key instead of private key -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: ECDH, unknown KDF -depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_ECDH_C +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: bad key agreement algorithm -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(0, PSA_ALG_HKDF(PSA_ALG_SHA_256)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: KDF instead of a key agreement algorithm -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_setup:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_HKDF(PSA_ALG_SHA_256):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA raw key agreement: ECDH SECP256R1 (RFC 5903) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de" PSA raw key agreement: ECDH SECP384R1 (RFC 5903) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_384 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"04e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746" PSA raw key agreement: ECDH SECP521R1 (RFC 5903) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"0400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea" PSA raw key agreement: ECDH brainpoolP256r1 (RFC 7027) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_BRAINPOOL_P_R1_256 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b" PSA raw key agreement: ECDH brainpoolP384r1 (RFC 7027) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_BRAINPOOL_P_R1_384 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42" PSA raw key agreement: ECDH brainpoolP512r1 (RFC 7027) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_BRAINPOOL_P_R1_512 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f" PSA raw key agreement: X25519 (RFC 7748: Alice) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a":"de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742" PSA raw key agreement: X25519 (RFC 7748: Bob) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_255 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb":"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742" PSA raw key agreement: X448 (RFC 7748: Alice) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b":"3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609":"07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d" PSA raw key agreement: X448 (RFC 7748: Bob) -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_MONTGOMERY_448 raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d":"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":"07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d" +PSA raw key agreement: FFDH 2048 bits +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"718ab2b5da3bc6e7767a98fb2c172bd74003fae2acffbc9a53d9b358401c1c748da36cab277e9397bc5eeec3010321d0f882d959eb097adddc99745526b213e30dc0df9fb1e4cd3fc27bfb1d6e89c715373439a66b9a13aa1334c84799827c17be1c36c1bc02fe60ea698da790fe4d2af710a435a1aae7fb11cd2a90a17ad87dde4f154b325dc47d8ea107a29d10a3bfa17149a1f9e8a1f7b680bfdca90fb0913c0b681670d904de49d7d000d24060330d4d2e4a2381d78c49e272d313174218561ceeb37e2ef824905d0fa42d13d49a73018411aeb749f7f4fc765bdc6db58bcebd995d4c949b0061f20759e1263d8f9ba3fd56afda07c178997256bb7d5230" + +PSA raw key agreement: FFDH 2048 bits (shared secred with leading zeros) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"9156de25da686a831ca0645bfb49df73e4a126ab864393e943b3d12b7ad32cbf21709268bf918c4e03e9a3b54bd230d88f1ceaa2810fae5fd4091d31e76153daaf0da9168a7b39fa85acf618622efd1f70d5866e518f256d0ff90a0c468c41a329fb1dd837b18a4300be0f25b108fe7210705cdc0436df84592c1a8b372c5028d67ed5231f846452c942a5f087b3830aa139b0b045a7ae38903497e4ddd0585ce20504ff70e13dbadf77a73d5514eb9c38feeae3cb773311b360f8304f67cf3f2282e4aad47f1494b5823ae2196a23ca426426bef427e4056df1f9144b20bf0b1f6da451f8eead38fdc5bb71074e4d43e21bc6fa787a681c0ef92c633d73b348":"8a73c0f5d874a2afb718efa66f78c80adf713562145a9f5a1df5f2bb9ead8827eb518a769dc089364768b27b2e49ca465ec7c0710b3054ae256aec25de72bd435b3ede0e17ab50cc8ed102fa6a83a9f09454e59e218b894ee130fbd772fb95a83aba29c6b270daba1f3842b2eae2ad1eafe7945888a55cb459547d6cb0b276d25218df8948a86e49f3fefae9c5b30ca8a7fd1bac1c3a5cb4dedfbcbb5c6e5bafbdf8ffcb37d245260d00658450fad1ced83b5afedc43def222c7196f0531e101b3a777e5f5141597fe8c093485d0c8cc752b03e7f551ef3648b1da330fe3ba5dbbb9f11c1a44ef6c0c9c492b6140391254abb7ae8d3e77b4655ab6dd155ba2a1":"00a376f5bed9c27cfa7fa6e01ecd4094b6a189a6184270ea22cb5b2649a6c4b33682e0625536f7d61722fe85381d8ead8b283496db84f8e6b2eb7c5b015eb15c9bfa5eae290612e2aef4014d6bdce902f5907f73f6722d827b73297d14aa677ed1b75bc26785bb32cf60bed1d9467b2ac069ebe48ee9196bdbaa4565f9cfbff3c31e812c58d65bd5b4c45751d1439930d2ea237030307623a0b149a21077397ec5e2c50610c01f76cdec43ff2f9177a0b3a2b18de2a787d42b6f8bdacdcce49a6884f38c5a729e54ce616da439fc9fd6d7d266188b79e40800f22b8c21adcb1f8ffd2f5225e3dc4c485dc4df8184c04f0dea3b2c3f9b04e42e229fe1a24a77ba" + +PSA raw key agreement: FFDH 3072 bits +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"ff5de4e90966aadab8299ddbf8169af2c0d8d0d99a17b4a2e62ff55b36a69fe4566a775970dd0c2904465884b75b67756b0d04b68838e80d8bc84a741cd67d735ba7aec9b55a30cce1df81203fd5deb57bbec027846eb010054b4d5b911041f721358fc8acfc9c5f06d76932f42103adcde97d5607d93303a94fa9f9caea7108ce67a9ce866ef11b2b4ea8c2acb27340735ee8c64e7516e17bff3cf3ede166767f30cada892997f6b5309fc2cca54364678b93d044b4d8e5570e1f64127fcc21d8724fff275290d803df5fa413ec2f5231ce75a58f14a467cb80cc3c4f1f0a4a62ecc17c65f2723d3f7f804b2a02c91adbfea1b2bbbc9cf9a38df29da92a71375447c81c55b8fb4086f71d57e3260da06e08393f6329aa35e673a75545dee66d01e0c7243412c6e2043a984849b67095be3fb3bf39fff291639c57e44fda5d7c1898327c40c1815e88efe0330b4481e462d30e235f607dc9e53d99521f527d65bf3edb4d0332d6d074e652e84a2ffc5d75d1734b55f3b446db122af2a502f8a0" + +PSA raw key agreement: FFDH 3072 bits (shared secred with leading zeros) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"1c357f078144dbbf6815e798fbc6d98037a65bbd01961c6eb82d1f97bd0993132cfbba209e95e8a231e3bed2616b41119cc5a2f97d5da71ac2d6d0a6617a4e7b5d61857627cbfa57161de3aa6a2afac23f50e4a35dca1a82376879e695892a88323af1c0728eb1a76b2d3a1684df3f91ced0728f954d5349981cec5e309137f6d4e837d22f24a13fbd7985e2169b61aae812a68a1a4b3427b1e9f8612002b5fd711b9c9518c777c4e554a5109c9f079b929d5895df748a24d659d39e787076a1f1d9237a89b52c296644165d2625c541ff5052371093046f4b6abc28d3d2fbb4eb1cd2aa3d393a030f71c7050681b017febccd3bb947c6dbecf6fca28adb2a0f06e7cd9a6aa6eda160f0a3098bdd7a719f31beda56ffa0e26a212834d0da1f53e0739ef3ddbd119ff61b497d420585e3a8ea7cc3370829297da76edd3fb701d8efff6116dd87e6e542e82a76ab76cf5a75eb4638e817679fe06a5a3f04e67a101d154f4c2ccbf70b8bec0e5663fdd838ac0f4a4da02f0071e514b6c6d0ff3358":"17ec74c211f655be646c2f006056230208dcff38644efc429591562f3869f867e7b79cdfb3e426fef60ca77d9fc80ea39e21ec060321bab3c7820177eba4242d0cd9f0301e4da7146608409add169ed05dfda2702a437f3e2b8cd162a0e50da2682433d50c37cc1aeabc5c7cd8fdd359381a8d192af00d7f41b8c049b1e552b832224b40f9d85c4307f0b76b0e2605858fb33e594ac1d0c04d358209ad47133e76fa8dafd0f2370b1944a4780138618eaf66f6d4961c584aa7a34bcc1c78bbd15e7f5a2b8beaa8f66819dc04eabe08b24cabfe69e2b78a12470162ba6703bbbcf34890b8af761d36c33e3b72f631dbc5dd6f1fbafca18a8498623ea00bd9aa6b426da30e2ebc27075eb589b237d1dc54e215a6b6ec40220f14e320b72c5f702ee496b53a63edd5620294d9be88a862544c561b4e175ff3c094ab3adacc579334cb95fa2d29b17fa483ba50d6270b6478ce4f26b564bec6ae82a60e2c15456c4610b6567ba7d91218b59a670c517179d30d743751ae3c3e777ec1f29af890b2ec":"00abc3c15e3f8156a2785949d76c96c22fffb49b0701c29fb6711b51af0ce2851a8b469b4cb25750e2c35938f848f31f179470e3271eb6b8780ad5d757a2c1353f825baf55e5c76fbf4c73d2f0cdab409e8c4f85c3001da101cc97bea764c72e844cfad5f00cb8a81a5bfce5a4bf62b68ff2d13515064b17f23b7f6e6a65440856715d2696fa1957cc022b29e38fdbb8c2a0a54e22595ed66bc4c74c36d525b60900c7427274a9d60ea289a04715a677fb9c71eb1dbb38e30f30b2af8fa24f18a5a13e9f6ee83aeb4ec3f9452986399e2673ada70826b0a84cf446a21cce41e5119bf50798bc5fc9ffca9febe4ffc9d64f1b8abae11c7c8f5da0da2288b0f7a8aed286af03d06cdb1914fc50054bdd46c289c18b14297c4254b39ab5fd719264841b981c6531a80ebc8a59ebdfec9ae0413f3f9795622fad3bd34778e539ae104b8a85918401b10a3802a81db413bddac66f83b6428a33fe5c217a2d0feef50c8ef933d6e3d0f10d8b8630c52c89ae78385716efbfb855729ad0e5ef39828e6b" + +PSA raw key agreement: FFDH 4096 bits +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"262392693c8ca0da404d0195742df69a6b87d22984765c91e3c9dbbc0293960cf1f9deb7a25998a91f8c6b9756224435fc143f31690af35eb211acffec542c8f8fbea3c9112d666639d40a699467bb195815b8b816363ca44baa4df22eca425fa9ab1471ddf045f4e252090663c1c536dd29623c324c7e18b694f83a6c655fb3d95d5a9831ccc9978f66916e95aff49d973f322e2b43f5632a19d79d615a56539aa2ec8f4441bbf4f8016f8c23407e371e9de212c6f1d7d3ca4093c2648451eef68c03aa251547e94046d5fbdffb5cdc0f713bc390111d6727fc1d11243046203ad6632d91c1df3efa77ce530ff26376a208349f2b18628422c9ae13ef84f4a15c1e05ce5fb92ff55547943db4727d091308deb85f54acb94d14411049924b79da131e736a9af42a3fa7139d0357925f430c6cd4330b01ff66f5f8cca26f4230d562f45d5f75bd6d133114449205263c5631f3d561e2ed81e6aa54376094757cbb6f6857c03574e9f6042dc80ea78be470b836c5371a3fae8c119f67c28f856fe70c2affb46574a4356e995a45bdf35e50a6f3a2556d3d1d7c42db8e63430933ffc4783d571908a1270a3cd20d87678cc288ccc183c7cd7512587536a8e15267dd5af0ad3b501ecebc0ecd9ecfd410ce356f9305e4a32cfcafa676da5b5a9ed9b13a5e4cfc06e87310ccdc3ed988699610d7d3125de13a8ac0b59f782859f0b1" + +PSA raw key agreement: FFDH 4096 bits (shared secred with leading zeros) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"d39cf86d9d81011fc48d3bd489decd4cd520ba87e469b5899fae777109ff7b43c8c809814521a8d66ac33099c9bd2a8567a202c21a8b5457603ac1ce95ea9ae705efd69fb7c514295059938d818bb65b7c881d1ef9541346be2131143f51db13109e9a4fdff1ef2208839c89eb1c1d52018c77c33f5b7e73a747002997c75f4a3dcf15e7cd73938ece0cdefc9fcfa2c4b1c3416eb2fecc00ce328b0b2bead58493b3e8c25d3c0a675bf6ce2363917d1e74a7987a464709fcfcd1b512b67dc1023ade2cc027109169ffcb51625fbb0c607946a6009811be07047024bb6e517f388a99a08f2c73b7e0b779d8469797eb3153f2e5ddde2931a8f97c586e20c5e521b84d015a52f8e13d5fa34c32bc118b62d34cf157f1db40423f384a16a78c7e1569a5d754db6216f6412abfa7c440586c506d5be88d5172a311b8f16f70a06162dbab6ee09fea55c47f6538d3775d236cfa50824f5c8bafa44bcd9424aa620ef17466413f35aa6e6eb5c8d8a26a7ffd6e8bda2dc5ada4b296885635fc8a73933de059ff403fb0a322bf6daba24330a7be204c307f44260b4d34000d2142f79654360af82179f9d5e18e8f47c7d94a10fd077f011bdef578a2b57d5a382ca404f67fd3c59d95a3481f1311c7454bb45acba1e1c30acb6a9fbda70aea30a9ca76471dc46e504abae9a06eb9a8cfed83143cffef3c530b03185609a55484aaf9f677":"b7baa37aca4cd56e4107c3e428a7a568adbf678e741ad89f157f66803370618abfd8ec7c159d84a741c276ea119eaf2ec1bc4431a073d92de3dbca1287a37522b2ca4ef8c0a0fa76c1dd5f665d498ae62e5e2925b6d921d797d76d86e27ac8286643c19a2a2b1361fe7dd772766e9511127fd0cf92ad98099a9e1760ad969be0a7df4936f1b37455cbfe3a1ac9b3b83205594f018bb5f64970371d4e5396f4c5e8cf0cffaa4525ee811b39632551af470efc435fab26e3cbd643feb0113bf56fd4bced3ad743e55be2eaefa7d36833f56af570ff773a3a3cf649b1ef62fb300c4c5a70d70e4d6ba1ca405483f036092f5b9f94960306515fcd4a0d8a086d826c105924d05ce5ee3dd7c62d61d1a460772b169fd943824e0efffdde3f27439e112766780bca7b4c82a2c8fac1d18894fcbd40ea5f7f23aa27024870404cf1832cfa025df193f31aa275fc685fb348c321a2186adf32c9cd203cb4b1c49b8afffbfe11e1d443711a5a1da302fa0e52b5143e6ae7aa40ed4828d03a17443f04061f56c2d3b83298d617cd3a78cd84233dda83c4e541e9b98f0f4e7fed504f888ac929f0f3e00e3569e0f0aa95dd811297efa8af84c645d59bb6c2e968c1ba77772d858ff2d7448b65c723f6a87604ce938b670b612b3eebaa795593be2cac1d631c1b7d9baccb2cbebda6019eb42469ae4209a953f48c3cd438cd1b7b06c8c54819":"0053ad8c14e1ec87d76bf9127e084beaead313bf93f0f241442316af144097077da91c83d68c78692dd952036731624ec8ea8bf8bf85f7a278289f667bd5d92a6aa2e41337ee9e6089f8ead48ff7e179c80bedc10fa6e6e0c1511f33afe96f0890e6ef9b6f981f8337e60ada56ce0ed30ab1f6f8b72a3234cbc77db017c470d549173ae203cf73b4a5901a4edf713a866069bc7790e799becde1a088e8c3e3c41ac8f9c9abf8561af51f738577e183197c85e5d3ea5bfc6471577e7daa5cd3ed53f7e72849890d2d1f8ff0a830a1ce6283dd61e5e04b25183b42074e193cfde4ed2e35b25fb57715f74290a612d21e404394d9bc4116952cf962c14149287cf71d7c8bc26a9eac0231a0dfc4ed68fad9ceb195f82ca0012c8c9ff4350bb0a2da913af26fb0f0940541dc3ad788d3cc8512e0dfdf7e5f9604437492ed8b52c5b0eabfa04231a90abbf1b29298f33b55c4e94fe7af4aa94b572d4a7f4cd67de41b90f3224b9ce57d6656835560a8c8d22496d8dd15ac37866dc1b04cdbc23847e5f2bd8d1a5639c6e91612ceba11bd1125a75dbed89f01ba738bd27ca0a788fddcec35b823f986d5be1acc037f56d236eebedf8ec50e831f532194a62740ef45b49511abbe51b7179ec04b1aa752c0182dbef3e099579fdfe2624848bfa1c389a06039bff756d4cc0cb9cb4cc2fd382336afce62a20975409e0fc5a45e7a83416c" + +PSA raw key agreement: FFDH 6144 bits +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"ede0361026e81a9ad960f674de49449f12ee33c2dda7028c6b7fad7f8f8a7edc495621a6d13e47847873a954adfe7bb6a2ed7c9bc21f3b57458d9116ff4ed06cfca40e2002a70bca91a9a9e0475dd74be7d58453d3cc155ee0b0be20197e14674a7a6f8d903e211cbdbdad1e3383d0d1ae6b4d56837671589d8f151acb34bb4d1cdda55a0f9d1f70e80c61553fd0152bc871e930054efe763fdcd1f8fd1702afa61b3471e7a504612c58ab05ed581b34e2a884c5dd8d2aa919855351719e2cb290d00f0b161c104415f5579731072c1382508421c8d674113b2fe25a0e979455c8f145285ed3d32b744153d3ffab7625a3173440f026ecc62d9dd1bbdff6136f5d9d5245ff307eabfa91f6a10e7cf62a889975c0afd2f707eb8a43c2499c05029ca613edae2741f8e56b186a6390fbb0962323ed6c492620c1c8a24f9a89f15c00bd7263423e714db0fe0381556a15a8e4d1b7383d52fd524425e0200f9d410833330253306b1c23c15c08310bfc12b48131c120db8444d34dd951c5fd6df44e0eecbe92ad5f13641600db68d1d2c7d8ff460058c09d89d4febf2fcaacb40c900e19e4dc868a24ec61361c452541a0fb13da53d61b59806e0598985031e161a2e887420e4c6ce217587c72cd3a7b3085d2383112e1066277ed63e82ec16ac6dc7ce0ade255f30275b9798d4476f31d8d237c4d79b13da9dc6ceed7fe626e4da6eb6cfd234b8fdec4fd4520898b13a77aa034361c0d63edef55595e3e638b48c1c00e8c683c8cffd9fac2a33f73e04aff1f4624669057c7faf51f996e3d64bea3097b4810f99c8f078887be2440f67b249467eb26a03210b4d2baeaa8dc9746a14a6cfb45297e121eef8540eb438270403105c11ef4fed87127545b81e37ee1f942605a5a46253752351dee91d0a171031defa9dd20cbb942e3940fa43542f6fbcb0980f6ef2b36297527f7c0d47e36ea203ab924e937ca10e9d9e64c6419a061a300f86ffed0e2e72a1f73310efc00118dd315a6b01e19406471e071e4c153e2216d525195357fedf3d1f12d2c1ca659bbd1a6d1fa28b6bfb648deec17f8a894" + +PSA raw key agreement: FFDH 6144 bits (shared secred with leading zeros) +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"8bc903e9b5b0742e86d657f64082205c1d50268b8d1d9260e5474e8b686e63adfab13484cc24e35b6f43f5e998fcd7d92c4aece9eb30b0f51b7a2200911e6d38b41da23f04e37697b6a7ac053d15676b75538aefb6693be8eda8b7d07b7611fbc9673e98d8580131cd3462d8851ab00f5831497cb89b4fdfd597a4fc84a9fe1a28ca3ceb17b70334af2414fff73584f2a21fda89c10e2b23a4b454ea4cd6d901312e52a557d45b9350dc8e8b08eb31a73095f014efebf1336ea2c4938fd477f90da212c92eeba483d784b377514c3afb7e34f8dbd6d4ca281aa0bb9167d6d96894b225deccfee7453739becb849c1f381720a59836df967d6525876509515014e46b0a8b27afd304b5db238dfdbe14afb8fb1433b05a00654abede04978f84116e4e3e3a6bdc9ef558dbc1a9cc5c5ba1ee4bd8654845f04106d3b1b48b3208d109aa96609cad246e543d94683b8963e13597dc4aec21b0959e7e6d73efc91ff2b9b52f0e9189f0619264b9893f9289dd8e9bd6d3cbccf079ab8fbd525151e704bd517ee8f29505046620048a684883e6fb858ce7b9e72ea35ae4ad7ded04f39e37a3056b6b695ef2032cb5cf99e22ce5500ba0315aff86516c42b1288c94b46dc0548c7ba07c2b2ca8423b9ba4782c1d4626589ae2b325917484f8eda07f2071276d3fb78bb71a5c501396302eacd1b07b28487c580c5ec5be236e1ad4fcc434325b24a2409c236a85f7b9e0e66f6548a1814c519919d8215b0370b9b3256aa10a28a05f0d2265f6fa7842dfbc67c8f32e9fe12d0df647665ba9809349e5ef6911a4755330d004de03e598cbd7e2b80c259d9d66050177df8984263a7c53abb5ea3157945b727fbf1866649260e321a7ad5eaea41639b35ed6e98b74ab679eab93e5873857342fbb55cda604f57222555631741aa97d74b5eff885aa45ce5a25d34841aa0ea4ea317267e86c45f713c81c3de81cd6eb252053544a5dcacd9f7388704bda8acf83276975f03bffd403eaf199a7a1367d2e6b40c7d94e23679b6520eb40b5d61f5f56c6939f21a4f1dc00f13b5cdcaaf827c760a6e4a9c5601961":"b3795eb1aead05ed8b950e0a00fa12ac0ce4679e6f7715ffd8b5df04e5b068c82210482d3a377b224dc7aec1dfb7e4d635b9fbc22a5534b6a4cb50d3c39cd0dd5e0ec45ea69a3296b83ce89b5cc0c5e15e4934212e8c33ed23939912d0cd738eaa949f763450d5a07fb1540207065f1159a55af7f80bc48c49f88164cd4492b0020902c78295dacfe593fedc1914ddefebf45b5eccd6830681a80c853a3f2389798c391aab3baafd578ad0bf0dfe5b63fd05835e215c6850c0f61e48698053fec9281f0a11b45cc4e259b310a9720456c481031e0467401afeade395ab9b664d9fdb42f953aaf9fb6501c2e105868201ef26d58d31d473c676c751bd892a84a59441f92f7b6ba49a7e385b3d13f806e701a7c339d37e5596414631ed95908c7118f45250acb68f6f2d9ea4bfcb85dc75d21a03a5dc2b86d41cc55753a72a185ce94d20cb897f8759b4ba41e56fe9cf6edf7ee733581589b319e85300b7f479b093030e2d345584e2934dafddda62701404b628b2f25a15992b7ded6271fecb37b817316a908ede803285da3b57986196d59b164692384d469c09b4551b37862d588294a022db7deca641ae90f9a96d75612d55b673213419a450f7ccf78a2fdad291f6c905b5e1a0bbe90baec1c2706d7d81ea8f6d68d350004ea00f24009f6121650547e84b3edb66d969af206f5011ededee736eafe4100e4625ced482caf2cdf6b4465927d8fb138bebaeff652d6afa0fbfd03ea03cf70e80bd95ade41443b85bfa1c56f770f123ba3666412cc2c6997de49e90d7d9fa1722894d6c4f7dfa349e9a9c400eb59b4ce4f6a64763359ed1bf2327f552052070bd4bd2fc1a816e8eddf72645e7fb0ef10bf9c5dee2b386ee2258c99f8ec5b91d8e043b9411870c6f02d2df7863359e46e732e3ffc398993a232d812f934737c503f9d3532d4126c72d5dabf8ff9d6da214fb9571ad180935cb6d01ec1404c85346d9ca858adff2a8ae87ae2d9b99c3ea1557a801703bade1d349410304dfaca488cd5b90086dbee91d60c7dba504721fd54b38fa0835cf70b2f48837430476d5fe8349ad1f2f38":"00e17befd66905acec575c87804c61c047abc9a724db6337e34975980eb0395cf4da8c956c823fa23c52b901bb58a9d26eff282dc6a0f588d71a1636bb919ca1d564f400d7a8e909cc9c59cbaf18f09d5a2101a7afd32687657a3cd1b00148cc84411ff3f07609acc8c07eed678162d1d69280f1072674dfc1d6819d45d8710e2be12402b06b846d68f4088895ce64243f24156c1be33031dac21fb60916ebfdc3939a6bcb012c66c7ef748e30f43bcc08e13c5dea85703a4928166501bb1eec25e61ba5c187531bd982fb310e56656cadfe4f7f756c8b71062388d50cbb70a7d07220912891c4c736ef1ec6390d4bc12803f20c8f1ffa7f41996ce3c8ab792753165fc25d2c1b373f5664c38ed688b4d096a34bf2669e8245bb55ad4c0ad51206fd082969bef351c271b103aa1592889536a2b9ed18e02035a457735317bdca6b7f7104af64d30270c732cfff302d7b82c1a602f16194ea62290c1ed35e93911a62743b3d1bee83c01669320408f2219f2d53c926acf014150ab47ddcee73c6159b368ab26f4da25c5440f79fb898473bdc2b7c333cff7cc5f8332b43ba1a49c327bc5b5ad9459afabf5e9c8421cee51ec0a6821e7af83af0ba2857ef2dd1417b250e2e1e14045883a26e3c70404c53998daf94d8452ade76e0e886324cc6301cdd40d04be33c59ba11bb7e5ef62186647d3891b221bd955e109f5b9b3dc625b44cbc3359e8b2dc4b90171d4a0a47537e095e0108827b3228e6ba325e935a2eb2eb82985443c7691ac208d55ca8d7200adef6c9b9e224190f672efbba75554a4c72af539c70d0bb7af67ada46a2c46311a91bd67d7ce724581695f6b4b2c0a58cd23b84873a76556bf573e447fcf583395895600aca30340ba327b44df33b1aa5c51f515c542c37fd9dba35534f94383300c23ceb8426e46ada509e03dd06fc2ea3fc6b973ef02dd6cb6adc36d76158c21dd8975c0eaa3d50082b53d328acd5894a1229c27aabd513ff6d8de6e2e780ef8342182182f85a89e6697452166f4e012a6f3f137c8d2a5e279e1f490995d9618f177acfac9f16f65bb89c2087e7b5" + PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_capacity:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":8160 PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4":"41" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3b":"f511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":"7883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0 -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":"" +PSA key agreement: FFDH RFC7919 2048 key + HKDF-SHA256: read 256+0 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"8f6f6b349b2c11a941882de0d6bd0dfde68d596c1f0b85d15cf94d651f99e1527e829d95fec5ffac32da6c5367785e735f126e1f2a326e8edcd6192452ce0ef7a11c541feb6b7b81bcb8c15a5db04ab407e8776426227ec335c2840c2a909d7914b158754dde8980dbdf607d63f0b9778f81df82836529b2e27f4a81a390bdbf848ee16817fa80d745bf93626ad0e19930fcde46a034a25f168c14e006a7d4e3cb2fce48797b5b2edb0a6c4995cf1ec0dc32d218a4b52d929ff1fa50b63af9b2c0e7045bbb7f7a0f976d1da8a2617294a67cd0f763e5bc50e1037ba5b49a02f3b1b5b6509bb0e2cfd67ff49da0e6fec01c06a219cb943151fa095bf5dda27ada":"" + +PSA key agreement: FFDH RFC7919 2048 key + HKDF-SHA256: read 255+1 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"8f6f6b349b2c11a941882de0d6bd0dfde68d596c1f0b85d15cf94d651f99e1527e829d95fec5ffac32da6c5367785e735f126e1f2a326e8edcd6192452ce0ef7a11c541feb6b7b81bcb8c15a5db04ab407e8776426227ec335c2840c2a909d7914b158754dde8980dbdf607d63f0b9778f81df82836529b2e27f4a81a390bdbf848ee16817fa80d745bf93626ad0e19930fcde46a034a25f168c14e006a7d4e3cb2fce48797b5b2edb0a6c4995cf1ec0dc32d218a4b52d929ff1fa50b63af9b2c0e7045bbb7f7a0f976d1da8a2617294a67cd0f763e5bc50e1037ba5b49a02f3b1b5b6509bb0e2cfd67ff49da0e6fec01c06a219cb943151fa095bf5dda27a":"da" + +PSA key agreement: FFDH RFC7919 2048 key + HKDF-SHA256: read 1+255 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"8f":"6f6b349b2c11a941882de0d6bd0dfde68d596c1f0b85d15cf94d651f99e1527e829d95fec5ffac32da6c5367785e735f126e1f2a326e8edcd6192452ce0ef7a11c541feb6b7b81bcb8c15a5db04ab407e8776426227ec335c2840c2a909d7914b158754dde8980dbdf607d63f0b9778f81df82836529b2e27f4a81a390bdbf848ee16817fa80d745bf93626ad0e19930fcde46a034a25f168c14e006a7d4e3cb2fce48797b5b2edb0a6c4995cf1ec0dc32d218a4b52d929ff1fa50b63af9b2c0e7045bbb7f7a0f976d1da8a2617294a67cd0f763e5bc50e1037ba5b49a02f3b1b5b6509bb0e2cfd67ff49da0e6fec01c06a219cb943151fa095bf5dda27ada" + +PSA key agreement: FFDH RFC7919 3072 key + HKDF-SHA256: read 256+0 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"d9f28018a351a7483e40752ef75085e44eddc029a61f8702e4f33a0ff6d5153696a01ce519e7489f19abb13417800e9daed64bb366e08c706b75025d57c4a1e29717d8d2f28ec23a59ea667863b9ab0e8e5a01140df46df7f36aed84852f9b09bb0a8552a2454c936b50f1a9db290a039336e431bf3b58eeb1b6ca7eaac7dfca12a5cec02a648807cf14a112fc47ca1201133a39e0d361308a76aa313ca1e7d5118e27c7f2ee4aac78b29eccb8888ef1cf6a389df7ae25daef1c8c89184d1cce78a7d61831920b43b08122996090a0e790070d002a56227be45a06c070632e832901a71b3515c77439b094321da0b4b5f37ecdbec3a9f6f8a1635c5beec73dc6":"" + +PSA key agreement: FFDH RFC7919 3072 key + HKDF-SHA256: read 255+1 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"d9f28018a351a7483e40752ef75085e44eddc029a61f8702e4f33a0ff6d5153696a01ce519e7489f19abb13417800e9daed64bb366e08c706b75025d57c4a1e29717d8d2f28ec23a59ea667863b9ab0e8e5a01140df46df7f36aed84852f9b09bb0a8552a2454c936b50f1a9db290a039336e431bf3b58eeb1b6ca7eaac7dfca12a5cec02a648807cf14a112fc47ca1201133a39e0d361308a76aa313ca1e7d5118e27c7f2ee4aac78b29eccb8888ef1cf6a389df7ae25daef1c8c89184d1cce78a7d61831920b43b08122996090a0e790070d002a56227be45a06c070632e832901a71b3515c77439b094321da0b4b5f37ecdbec3a9f6f8a1635c5beec73d":"c6" + +PSA key agreement: FFDH RFC7919 3072 key + HKDF-SHA256: read 1+255 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"d9":"f28018a351a7483e40752ef75085e44eddc029a61f8702e4f33a0ff6d5153696a01ce519e7489f19abb13417800e9daed64bb366e08c706b75025d57c4a1e29717d8d2f28ec23a59ea667863b9ab0e8e5a01140df46df7f36aed84852f9b09bb0a8552a2454c936b50f1a9db290a039336e431bf3b58eeb1b6ca7eaac7dfca12a5cec02a648807cf14a112fc47ca1201133a39e0d361308a76aa313ca1e7d5118e27c7f2ee4aac78b29eccb8888ef1cf6a389df7ae25daef1c8c89184d1cce78a7d61831920b43b08122996090a0e790070d002a56227be45a06c070632e832901a71b3515c77439b094321da0b4b5f37ecdbec3a9f6f8a1635c5beec73dc6" + +PSA key agreement: FFDH RFC7919 4096 key + HKDF-SHA256: read 256+0 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"01ef64db547f29894000820395bbe27406c2c6482207d6bd3f517802b02726478627a4d965c9f062626ec5b6bea63abdfa71f6de07509edf1240d420d4f0ae3d439bfa6758d6831335688b5d78082f394ed26d171426ef7649363a951a789c463afe76d1cd55f58b4b7ab2db2ee8091e7b1f3148b2352fde97b9928bf417047e9eff62ad76ab117ba9fb35605a71973be36e71a4d2aec600255a75eba63983bd0750d5080d380d00d91248470b9850d3e8e5bb464732ddb838427c1685e337694774229a0d4ffec532220e75aa289bc9c62c0621851c4c4e7325a3eb02bd195ceb855dec066ed250238ee546fa45aa00661bbb8dddc006a40c976243af58de87":"" + +PSA key agreement: FFDH RFC7919 4096 key + HKDF-SHA256: read 255+1 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"01ef64db547f29894000820395bbe27406c2c6482207d6bd3f517802b02726478627a4d965c9f062626ec5b6bea63abdfa71f6de07509edf1240d420d4f0ae3d439bfa6758d6831335688b5d78082f394ed26d171426ef7649363a951a789c463afe76d1cd55f58b4b7ab2db2ee8091e7b1f3148b2352fde97b9928bf417047e9eff62ad76ab117ba9fb35605a71973be36e71a4d2aec600255a75eba63983bd0750d5080d380d00d91248470b9850d3e8e5bb464732ddb838427c1685e337694774229a0d4ffec532220e75aa289bc9c62c0621851c4c4e7325a3eb02bd195ceb855dec066ed250238ee546fa45aa00661bbb8dddc006a40c976243af58de":"87" + +PSA key agreement: FFDH RFC7919 4096 key + HKDF-SHA256: read 1+255 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"01":"ef64db547f29894000820395bbe27406c2c6482207d6bd3f517802b02726478627a4d965c9f062626ec5b6bea63abdfa71f6de07509edf1240d420d4f0ae3d439bfa6758d6831335688b5d78082f394ed26d171426ef7649363a951a789c463afe76d1cd55f58b4b7ab2db2ee8091e7b1f3148b2352fde97b9928bf417047e9eff62ad76ab117ba9fb35605a71973be36e71a4d2aec600255a75eba63983bd0750d5080d380d00d91248470b9850d3e8e5bb464732ddb838427c1685e337694774229a0d4ffec532220e75aa289bc9c62c0621851c4c4e7325a3eb02bd195ceb855dec066ed250238ee546fa45aa00661bbb8dddc006a40c976243af58de87" + +PSA key agreement: FFDH RFC7919 6144 key + HKDF-SHA256: read 256+0 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"105d324ec021d57640dee474c442f3a25390de6ff13175f70fad977003bd78fcdfeda87d2a5cc8447b9729990b11e7949c6ebb37a2d3c2fa69a85d79d216a6a489c8c5186576c112ca94c1bce156b819fb010a4168e8c91e777b87dceb0de4f1828c45297e3b513f4ff57bfb874a7c0d3cd709332922394bcddbc0bf959668810ce1ec8dbff662ea620b9ee7186cdde9845185ea87ded242fbffb7f526d875b6b1dbd09a4008b4d2c1034621a75efd6140c7d6fc883d79f7c3b7f7ae21b74e62a9c26f682c9dd48cacdc7f0c4ec5eb32a5c505aa5949d4008ece502bca5612f84ae73164acd2d3399cc9aee5cf615de62dd31c63a407f5c988b5c61a124ce08c":"" + +PSA key agreement: FFDH RFC7919 6144 key + HKDF-SHA256: read 255+1 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"105d324ec021d57640dee474c442f3a25390de6ff13175f70fad977003bd78fcdfeda87d2a5cc8447b9729990b11e7949c6ebb37a2d3c2fa69a85d79d216a6a489c8c5186576c112ca94c1bce156b819fb010a4168e8c91e777b87dceb0de4f1828c45297e3b513f4ff57bfb874a7c0d3cd709332922394bcddbc0bf959668810ce1ec8dbff662ea620b9ee7186cdde9845185ea87ded242fbffb7f526d875b6b1dbd09a4008b4d2c1034621a75efd6140c7d6fc883d79f7c3b7f7ae21b74e62a9c26f682c9dd48cacdc7f0c4ec5eb32a5c505aa5949d4008ece502bca5612f84ae73164acd2d3399cc9aee5cf615de62dd31c63a407f5c988b5c61a124ce0":"8c" + +PSA key agreement: FFDH RFC7919 6144 key + HKDF-SHA256: read 1+255 +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"10":"5d324ec021d57640dee474c442f3a25390de6ff13175f70fad977003bd78fcdfeda87d2a5cc8447b9729990b11e7949c6ebb37a2d3c2fa69a85d79d216a6a489c8c5186576c112ca94c1bce156b819fb010a4168e8c91e777b87dceb0de4f1828c45297e3b513f4ff57bfb874a7c0d3cd709332922394bcddbc0bf959668810ce1ec8dbff662ea620b9ee7186cdde9845185ea87ded242fbffb7f526d875b6b1dbd09a4008b4d2c1034621a75efd6140c7d6fc883d79f7c3b7f7ae21b74e62a9c26f682c9dd48cacdc7f0c4ec5eb32a5c505aa5949d4008ece502bca5612f84ae73164acd2d3399cc9aee5cf615de62dd31c63a407f5c988b5c61a124ce08c" + PSA generate random: 0 bytes generate_random:0 @@ -6324,7 +7216,7 @@ generate_random:2 * MBEDTLS_CTR_DRBG_MAX_REQUEST + 1 PSA generate key: bad type (RSA public key) depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0 +generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT:0 PSA generate key: raw data, 0 bits: invalid argument # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED @@ -6375,93 +7267,117 @@ PSA generate key: invalid key size: AES, 64 bits depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT:0 -PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0 +PSA generate key: RSA, minimum allowed key size, good, sign (PKCS#1 v1.5) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS > 128 +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0 -PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0 +PSA generate key: RSA, 1032 bits, good, sign (PKCS#1 v1.5) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= 1032 +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1032:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0 PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= 1024 generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:0 PSA generate key: RSA, 1024 bits, good, sign (PSS-any-salt SHA-256) -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= 1024 generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:0 -PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS:0 +PSA generate key: RSA, minimum allowed key size, good, encrypt (PKCS#1 v1.5) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS >= 256:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= 2048 +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS:0 PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= 1024 generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS:0 PSA generate key: RSA, 0 bits: invalid -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_INVALID_ARGUMENT:0 -PSA generate key: RSA, 1022 bits: not supported -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0 +PSA generate key: RSA, size not multiple of 8: not supported +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS + 62:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0 -PSA generate key: RSA, 1023 bits: not supported -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0 +PSA generate key: RSA, size not multiple of 2: not supported +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS + 63:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0 PSA generate key: RSA, maximum size exceeded -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME -generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED:0 PSA generate key: ECC, SECP256R1, good -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_SUCCESS:0 PSA generate key: ECC, SECP256R1, incorrect bit size -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 # INVALID_ARGUMENT would make more sense, but our code as currently structured # doesn't fully relate the curve with its size. generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_ERROR_NOT_SUPPORTED:0 PSA generate key: ECC, Curve25519, good -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_255 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0 PSA generate key: ECC, Curve448, good -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_MONTGOMERY_448 generate_key:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_SUCCESS:0 PSA generate key: RSA, default e -generate_key_rsa:512:"":PSA_SUCCESS +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"":PSA_SUCCESS PSA generate key: RSA, e=3 -generate_key_rsa:512:"03":PSA_SUCCESS +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"03":PSA_SUCCESS PSA generate key: RSA, e=65537 -generate_key_rsa:512:"010001":PSA_SUCCESS +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"010001":PSA_SUCCESS PSA generate key: RSA, e=513 -generate_key_rsa:512:"0201":PSA_SUCCESS +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"0201":PSA_SUCCESS PSA generate key: RSA, e=1 -generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT PSA generate key: RSA, e=2 -generate_key_rsa:512:"01":PSA_ERROR_INVALID_ARGUMENT +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT + +PSA generate key: FFDH, 2048 bits, good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 + +PSA generate key: FFDH, 3072 bits, good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):3072:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 + +PSA generate key: FFDH, 4096 bits, good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):4096:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 + +PSA generate key: FFDH, 6144 bits, good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):6144:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 + +PSA generate key: FFDH, 8192 bits, good +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):8192:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 + +PSA generate key: FFDH, 1024 bits, invalid bits +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_ERROR_NOT_SUPPORTED:0 PSA import persistent key: raw data, 8 bits -depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:MBEDTLS_PK_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2a":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY PSA import persistent key: AES, 128 bits, exportable -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY PSA import persistent key: AES, 128 bits, non-exportable -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:IMPORT_KEY PSA generate persistent key: raw data, 8 bits, exportable @@ -6480,12 +7396,12 @@ PSA generate persistent key: DES, 64 bits, exportable depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_DES:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY -PSA generate persistent key: RSA, 1024 bits, exportable -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_PSA_CRYPTO_STORAGE_C -persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY +PSA generate persistent key: RSA, minimum size key, exportable +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:MBEDTLS_PSA_CRYPTO_STORAGE_C:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS >= 512 +persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY PSA generate persistent key: ECC, SECP256R1, exportable -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:GENERATE_KEY PSA derive persistent key: HKDF SHA-256, exportable diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 5e46ca0ab..2dfc7a4bf 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -13,6 +13,9 @@ #include "psa/crypto.h" #include "psa_crypto_slot_management.h" +/* For psa_can_do_hash() */ +#include "psa_crypto_core.h" + #include "test/asn1_helpers.h" #include "test/psa_crypto_helpers.h" #include "test/psa_exercise_key.h" @@ -22,7 +25,6 @@ #else #define TEST_DRIVER_LOCATION 0x7fffff #endif -#include "mbedtls/legacy_or_psa.h" /* If this comes up, it's a bug in the test code or in the test data. */ #define UNUSED 0xdeadbeef @@ -292,6 +294,8 @@ exit: ((void) 0) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ +#define INPUT_INTEGER 0x10000 /* Out of range of psa_key_type_t */ + /* An overapproximation of the amount of storage needed for a key of the * given type and with the given content. The API doesn't make it easy * to find a good value for the size. The current implementation doesn't @@ -316,6 +320,7 @@ typedef enum { USE_GIVEN_TAG = 1, } tag_usage_method_t; + /*! * \brief Internal Function for AEAD multipart tests. * \param key_type_arg Type of key passed in @@ -413,7 +418,7 @@ static int aead_multipart_internal_func(int key_type_arg, data_t *key_data, data_true_size = input_data->len - tag_length; } - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); if (is_encrypt) { final_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg); @@ -423,7 +428,7 @@ static int aead_multipart_internal_func(int key_type_arg, data_t *key_data, TEST_LE_U(final_output_size, PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE); } - ASSERT_ALLOC(final_data, final_output_size); + TEST_CALLOC(final_data, final_output_size); if (is_encrypt) { status = psa_aead_encrypt_setup(&operation, key, alg); @@ -486,7 +491,7 @@ static int aead_multipart_internal_func(int key_type_arg, data_t *key_data, part_data_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, (size_t) data_part_len); - ASSERT_ALLOC(part_data, part_data_size); + TEST_CALLOC(part_data, part_data_size); for (part_offset = 0, part_count = 0; part_offset < data_true_size; @@ -567,8 +572,8 @@ static int aead_multipart_internal_func(int key_type_arg, data_t *key_data, } - ASSERT_COMPARE(expected_output->x, expected_output->len, - output_data, output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output_data, output_length); test_ok = 1; @@ -676,8 +681,8 @@ static int mac_multipart_internal_func(int key_type_arg, data_t *key_data, PSA_ASSERT(psa_mac_sign_finish(&operation, mac, PSA_MAC_MAX_SIZE, &mac_len)); - ASSERT_COMPARE(expected_output->x, expected_output->len, - mac, mac_len); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + mac, mac_len); } test_ok = 1; @@ -728,8 +733,8 @@ static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, psa_status_t expected_status = PSA_SUCCESS; psa_status_t status; - ASSERT_ALLOC(buffer0, buffer_length); - ASSERT_ALLOC(buffer1, buffer_length); + TEST_CALLOC(buffer0, buffer_length); + TEST_CALLOC(buffer1, buffer_length); switch (round) { case 1: @@ -1220,6 +1225,34 @@ typedef enum { INJECT_ANTICIPATE_KEY_DERIVATION_2, } ecjpake_injected_failure_t; +#if defined(MBEDTLS_ECP_RESTARTABLE) + +static void interruptible_signverify_get_minmax_completes(uint32_t max_ops, + psa_status_t expected_status, + size_t *min_completes, + size_t *max_completes) +{ + + /* This is slightly contrived, but we only really know that with a minimum + value of max_ops that a successful operation should take more than one op + to complete, and likewise that with a max_ops of + PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED, it should complete in one go. */ + if (max_ops == 0 || max_ops == 1) { + + if (expected_status == PSA_SUCCESS) { + *min_completes = 2; + } else { + *min_completes = 1; + } + + *max_completes = PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED; + } else { + *min_completes = 1; + *max_completes = 1; + } +} +#endif /* MBEDTLS_ECP_RESTARTABLE */ + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1227,6 +1260,18 @@ typedef enum { * END_DEPENDENCIES */ +/* BEGIN_CASE */ +void psa_can_do_hash() +{ + /* We can't test that this is specific to drivers until partial init has + * been implemented, but we can at least test before/after full init. */ + TEST_EQUAL(0, psa_can_do_hash(PSA_ALG_NONE)); + PSA_INIT(); + TEST_EQUAL(1, psa_can_do_hash(PSA_ALG_NONE)); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void static_checks() { @@ -1310,7 +1355,21 @@ void import_with_data(data_t *data, int type_arg, psa_set_key_bits(&attributes, attr_bits); status = psa_import_key(&attributes, data->x, data->len, &key); - TEST_EQUAL(status, expected_status); + /* When expecting INVALID_ARGUMENT, also accept NOT_SUPPORTED. + * + * This can happen with a type supported only by a driver: + * - the driver sees the invalid data (for example wrong size) and thinks + * "well perhaps this is a key size I don't support" so it returns + * NOT_SUPPORTED which is correct at this point; + * - we fallback to built-ins, which don't support this type, so return + * NOT_SUPPORTED which again is correct at this point. + */ + if (expected_status == PSA_ERROR_INVALID_ARGUMENT && + status == PSA_ERROR_NOT_SUPPORTED) { + ; // OK + } else { + TEST_EQUAL(status, expected_status); + } if (status != PSA_SUCCESS) { goto exit; } @@ -1354,7 +1413,7 @@ void import_large_key(int type_arg, int byte_size_arg, /* Skip the test case if the target running the test cannot * accommodate large keys due to heap size constraints */ - ASSERT_ALLOC_WEAK(buffer, buffer_size); + TEST_CALLOC_OR_SKIP(buffer, buffer_size); memset(buffer, 'K', byte_size); PSA_ASSERT(psa_crypto_init()); @@ -1416,7 +1475,7 @@ void import_rsa_made_up(int bits_arg, int keypair, int expected_status_arg) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT(psa_crypto_init()); - ASSERT_ALLOC(buffer, buffer_size); + TEST_CALLOC(buffer, buffer_size); TEST_ASSERT((ret = construct_fake_rsa_key(buffer, buffer_size, &p, bits, keypair)) >= 0); @@ -1463,9 +1522,9 @@ void import_export(data_t *data, psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; export_size = (ptrdiff_t) data->len + export_size_delta; - ASSERT_ALLOC(exported, export_size); + TEST_CALLOC(exported, export_size); if (!canonical_input) { - ASSERT_ALLOC(reexported, export_size); + TEST_CALLOC(reexported, export_size); } PSA_ASSERT(psa_crypto_init()); @@ -1474,8 +1533,15 @@ void import_export(data_t *data, psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, type); + if (PSA_KEY_TYPE_IS_DH(type) && + expected_export_status == PSA_ERROR_BUFFER_TOO_SMALL) { + /* Simulate that buffer is too small, by decreasing its size by 1 byte. */ + export_size -= 1; + } + /* Import the key */ - PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); + TEST_EQUAL(psa_import_key(&attributes, data->x, data->len, &key), + PSA_SUCCESS); /* Test the key information */ PSA_ASSERT(psa_get_key_attributes(key, &got_attributes)); @@ -1511,7 +1577,7 @@ void import_export(data_t *data, } if (canonical_input) { - ASSERT_COMPARE(data->x, data->len, exported, exported_length); + TEST_MEMORY_COMPARE(data->x, data->len, exported, exported_length); } else { mbedtls_svc_key_id_t key2 = MBEDTLS_SVC_KEY_ID_INIT; PSA_ASSERT(psa_import_key(&attributes, exported, exported_length, @@ -1520,14 +1586,18 @@ void import_export(data_t *data, reexported, export_size, &reexported_length)); - ASSERT_COMPARE(exported, exported_length, - reexported, reexported_length); + TEST_MEMORY_COMPARE(exported, exported_length, + reexported, reexported_length); PSA_ASSERT(psa_destroy_key(key2)); } TEST_LE_U(exported_length, PSA_EXPORT_KEY_OUTPUT_SIZE(type, psa_get_key_bits(&got_attributes))); - TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE); + if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { + TEST_LE_U(exported_length, PSA_EXPORT_KEY_PAIR_MAX_SIZE); + } else if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type)) { + TEST_LE_U(exported_length, PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + } destroy: /* Destroy the key */ @@ -1578,7 +1648,7 @@ void import_export_public_key(data_t *data, PSA_ASSERT(psa_import_key(&attributes, data->x, data->len, &key)); /* Export the public key */ - ASSERT_ALLOC(exported, export_size); + TEST_CALLOC(exported, export_size); status = psa_export_public_key(key, exported, export_size, &exported_length); @@ -1594,8 +1664,8 @@ void import_export_public_key(data_t *data, PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(public_type, bits)); TEST_LE_U(expected_public_key->len, PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); - ASSERT_COMPARE(expected_public_key->x, expected_public_key->len, - exported, exported_length); + TEST_MEMORY_COMPARE(expected_public_key->x, expected_public_key->len, + exported, exported_length); } exit: /* @@ -1875,8 +1945,8 @@ void cipher_key_policy(int policy_usage_arg, output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, exercise_alg, input_buffer_size); - ASSERT_ALLOC(input, input_buffer_size); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(input, input_buffer_size); + TEST_CALLOC(output, output_buffer_size); PSA_ASSERT(psa_crypto_init()); @@ -2065,7 +2135,7 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, key_bits = psa_get_key_bits(&attributes); buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, exercise_alg); - ASSERT_ALLOC(buffer, buffer_length); + TEST_CALLOC(buffer, buffer_length); status = psa_asymmetric_encrypt(key, exercise_alg, NULL, 0, @@ -2366,12 +2436,12 @@ exit: /* BEGIN_CASE */ void copy_success(int source_usage_arg, int source_alg_arg, int source_alg2_arg, - unsigned int source_lifetime_arg, + int source_lifetime_arg, int type_arg, data_t *material, int copy_attributes, int target_usage_arg, int target_alg_arg, int target_alg2_arg, - unsigned int target_lifetime_arg, + int target_lifetime_arg, int expected_usage_arg, int expected_alg_arg, int expected_alg2_arg) { @@ -2435,11 +2505,11 @@ void copy_success(int source_usage_arg, psa_get_key_enrollment_algorithm(&target_attributes)); if (expected_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC(export_buffer, material->len); + TEST_CALLOC(export_buffer, material->len); PSA_ASSERT(psa_export_key(target_key, export_buffer, material->len, &length)); - ASSERT_COMPARE(material->x, material->len, - export_buffer, length); + TEST_MEMORY_COMPARE(material->x, material->len, + export_buffer, length); } if (!psa_key_lifetime_is_external(target_lifetime)) { @@ -2563,7 +2633,7 @@ void hash_setup(int alg_arg, /* Hash Setup, one-shot */ output_size = PSA_HASH_LENGTH(alg); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); status = psa_hash_compute(alg, NULL, 0, output, output_size, &output_length); @@ -2606,7 +2676,7 @@ void hash_compute_fail(int alg_arg, data_t *input, psa_status_t expected_status = expected_status_arg; psa_status_t status; - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); PSA_ASSERT(psa_crypto_init()); @@ -2697,8 +2767,8 @@ void hash_compute_compare(int alg_arg, data_t *input, output, PSA_HASH_LENGTH(alg), &output_length)); TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); - ASSERT_COMPARE(output, output_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compute with tight buffer, multi-part */ PSA_ASSERT(psa_hash_setup(&operation, alg)); @@ -2707,16 +2777,16 @@ void hash_compute_compare(int alg_arg, data_t *input, PSA_HASH_LENGTH(alg), &output_length)); TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); - ASSERT_COMPARE(output, output_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compute with larger buffer, one-shot */ PSA_ASSERT(psa_hash_compute(alg, input->x, input->len, output, sizeof(output), &output_length)); TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); - ASSERT_COMPARE(output, output_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compute with larger buffer, multi-part */ PSA_ASSERT(psa_hash_setup(&operation, alg)); @@ -2724,8 +2794,8 @@ void hash_compute_compare(int alg_arg, data_t *input, PSA_ASSERT(psa_hash_finish(&operation, output, sizeof(output), &output_length)); TEST_EQUAL(output_length, PSA_HASH_LENGTH(alg)); - ASSERT_COMPARE(output, output_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); /* Compare with correct hash, one-shot */ PSA_ASSERT(psa_hash_compare(alg, input->x, input->len, @@ -3321,7 +3391,7 @@ void mac_sign(int key_type_arg, PSA_ERROR_BUFFER_TOO_SMALL); mbedtls_test_set_step(output_size); - ASSERT_ALLOC(actual_mac, output_size); + TEST_CALLOC(actual_mac, output_size); /* Calculate the MAC, one-shot case. */ TEST_EQUAL(psa_mac_compute(key, alg, @@ -3329,8 +3399,8 @@ void mac_sign(int key_type_arg, actual_mac, output_size, &mac_length), expected_status); if (expected_status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_mac->x, expected_mac->len, - actual_mac, mac_length); + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } if (output_size > 0) { @@ -3348,8 +3418,8 @@ void mac_sign(int key_type_arg, PSA_ASSERT(psa_mac_abort(&operation)); if (expected_status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_mac->x, expected_mac->len, - actual_mac, mac_length); + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } mbedtls_free(actual_mac); actual_mac = NULL; @@ -3417,7 +3487,7 @@ void mac_verify(int key_type_arg, PSA_ERROR_INVALID_SIGNATURE); /* Test a MAC that's too long, one-shot case. */ - ASSERT_ALLOC(perturbed_mac, expected_mac->len + 1); + TEST_CALLOC(perturbed_mac, expected_mac->len + 1); memcpy(perturbed_mac, expected_mac->x, expected_mac->len); TEST_EQUAL(psa_mac_verify(key, alg, input->x, input->len, @@ -3747,7 +3817,7 @@ void cipher_encrypt_fail(int alg_arg, output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); @@ -3806,7 +3876,7 @@ void cipher_encrypt_validate_iv_length(int alg, int key_type, data_t *key_data, unsigned char *output = NULL; output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); PSA_ASSERT(psa_crypto_init()); @@ -3864,7 +3934,7 @@ void cipher_alg_without_iv(int alg_arg, int key_type_arg, data_t *key_data, &key)); output_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, plaintext->len); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); /* set_iv() is not allowed */ PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); @@ -3899,8 +3969,8 @@ void cipher_alg_without_iv(int alg_arg, int key_type_arg, data_t *key_data, output_buffer_size - output_length, &length)); output_length += length; - ASSERT_COMPARE(ciphertext->x, ciphertext->len, - output, output_length); + TEST_MEMORY_COMPARE(ciphertext->x, ciphertext->len, + output, output_length); /* Multipart encryption */ PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); @@ -3917,24 +3987,24 @@ void cipher_alg_without_iv(int alg_arg, int key_type_arg, data_t *key_data, output_buffer_size - output_length, &length)); output_length += length; - ASSERT_COMPARE(plaintext->x, plaintext->len, - output, output_length); + TEST_MEMORY_COMPARE(plaintext->x, plaintext->len, + output, output_length); /* One-shot encryption */ output_length = ~0; PSA_ASSERT(psa_cipher_encrypt(key, alg, plaintext->x, plaintext->len, output, output_buffer_size, &output_length)); - ASSERT_COMPARE(ciphertext->x, ciphertext->len, - output, output_length); + TEST_MEMORY_COMPARE(ciphertext->x, ciphertext->len, + output, output_length); /* One-shot decryption */ output_length = ~0; PSA_ASSERT(psa_cipher_decrypt(key, alg, ciphertext->x, ciphertext->len, output, output_buffer_size, &output_length)); - ASSERT_COMPARE(plaintext->x, plaintext->len, - output, output_length); + TEST_MEMORY_COMPARE(plaintext->x, plaintext->len, + output, output_length); exit: PSA_ASSERT(psa_cipher_abort(&operation)); @@ -4014,8 +4084,8 @@ void cipher_encrypt_validation(int alg_arg, output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(output1, output1_buffer_size); - ASSERT_ALLOC(output2, output2_buffer_size); + TEST_CALLOC(output1, output1_buffer_size); + TEST_CALLOC(output2, output2_buffer_size); PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); @@ -4053,8 +4123,8 @@ void cipher_encrypt_validation(int alg_arg, output2_length += function_output_length; PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE(output1 + iv_size, output1_length - iv_size, - output2, output2_length); + TEST_MEMORY_COMPARE(output1 + iv_size, output1_length - iv_size, + output2, output2_length); exit: psa_cipher_abort(&operation); @@ -4106,7 +4176,7 @@ void cipher_encrypt_multipart(int alg_arg, int key_type_arg, output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); TEST_LE_U(first_part_size, input->len); PSA_ASSERT(psa_cipher_update(&operation, input->x, first_part_size, @@ -4152,8 +4222,8 @@ void cipher_encrypt_multipart(int alg_arg, int key_type_arg, if (expected_status == PSA_SUCCESS) { PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE(expected_output->x, expected_output->len, - output, total_output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: @@ -4205,7 +4275,7 @@ void cipher_decrypt_multipart(int alg_arg, int key_type_arg, output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); TEST_LE_U(first_part_size, input->len); PSA_ASSERT(psa_cipher_update(&operation, @@ -4252,8 +4322,8 @@ void cipher_decrypt_multipart(int alg_arg, int key_type_arg, if (expected_status == PSA_SUCCESS) { PSA_ASSERT(psa_cipher_abort(&operation)); - ASSERT_COMPARE(expected_output->x, expected_output->len, - output, total_output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: @@ -4301,13 +4371,13 @@ void cipher_decrypt_fail(int alg_arg, /* Allocate input buffer and copy the iv and the plaintext */ input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); if (input_buffer_size > 0) { - ASSERT_ALLOC(input, input_buffer_size); + TEST_CALLOC(input, input_buffer_size); memcpy(input, iv->x, iv->len); memcpy(input + iv->len, input_arg->x, input_arg->len); } output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); /* Decrypt, one-short */ status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output, @@ -4320,7 +4390,7 @@ void cipher_decrypt_fail(int alg_arg, output_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input_arg->len) + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(output_multi, output_buffer_size); + TEST_CALLOC(output_multi, output_buffer_size); if (iv->len > 0) { status = psa_cipher_set_iv(&operation, iv->x, iv->len); @@ -4391,13 +4461,13 @@ void cipher_decrypt(int alg_arg, /* Allocate input buffer and copy the iv and the plaintext */ input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); if (input_buffer_size > 0) { - ASSERT_ALLOC(input, input_buffer_size); + TEST_CALLOC(input, input_buffer_size); memcpy(input, iv->x, iv->len); memcpy(input + iv->len, input_arg->x, input_arg->len); } output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); @@ -4409,8 +4479,8 @@ void cipher_decrypt(int alg_arg, TEST_LE_U(output_length, PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(input_buffer_size)); - ASSERT_COMPARE(expected_output->x, expected_output->len, - output, output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, output_length); exit: mbedtls_free(input); mbedtls_free(output); @@ -4445,7 +4515,7 @@ void cipher_verify_output(int alg_arg, PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); output1_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); - ASSERT_ALLOC(output1, output1_size); + TEST_CALLOC(output1, output1_size); PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, output1_size, @@ -4456,7 +4526,7 @@ void cipher_verify_output(int alg_arg, PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); output2_size = output1_length; - ASSERT_ALLOC(output2, output2_size); + TEST_CALLOC(output2, output2_size); PSA_ASSERT(psa_cipher_decrypt(key, alg, output1, output1_length, output2, output2_size, @@ -4466,7 +4536,7 @@ void cipher_verify_output(int alg_arg, TEST_LE_U(output2_length, PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length)); - ASSERT_COMPARE(input->x, input->len, output2, output2_length); + TEST_MEMORY_COMPARE(input->x, input->len, output2, output2_length); exit: mbedtls_free(output1); @@ -4522,7 +4592,7 @@ void cipher_verify_output_multipart(int alg_arg, output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); TEST_LE_U(output1_buffer_size, PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE(input->len)); - ASSERT_ALLOC(output1, output1_buffer_size); + TEST_CALLOC(output1, output1_buffer_size); TEST_LE_U(first_part_size, input->len); @@ -4565,7 +4635,7 @@ void cipher_verify_output_multipart(int alg_arg, PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, output1_length)); TEST_LE_U(output2_buffer_size, PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE(output1_length)); - ASSERT_ALLOC(output2, output2_buffer_size); + TEST_CALLOC(output2, output2_buffer_size); if (iv_length > 0) { PSA_ASSERT(psa_cipher_set_iv(&operation2, @@ -4606,7 +4676,7 @@ void cipher_verify_output_multipart(int alg_arg, PSA_ASSERT(psa_cipher_abort(&operation2)); - ASSERT_COMPARE(input->x, input->len, output2, output2_length); + TEST_MEMORY_COMPARE(input->x, input->len, output2, output2_length); exit: psa_cipher_abort(&operation1); @@ -4661,7 +4731,7 @@ void aead_encrypt_decrypt(int key_type_arg, data_t *key_data, TEST_LE_U(output_size, PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); } - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); status = psa_aead_encrypt(key, alg, nonce->x, nonce->len, @@ -4682,7 +4752,7 @@ void aead_encrypt_decrypt(int key_type_arg, data_t *key_data, TEST_EQUAL(status, expected_result); if (PSA_SUCCESS == expected_result) { - ASSERT_ALLOC(output_data2, output_length); + TEST_CALLOC(output_data2, output_length); /* For all currently defined algorithms, PSA_AEAD_DECRYPT_OUTPUT_SIZE * should be exact. */ @@ -4701,8 +4771,8 @@ void aead_encrypt_decrypt(int key_type_arg, data_t *key_data, &output_length2), expected_result); - ASSERT_COMPARE(input_data->x, input_data->len, - output_data2, output_length2); + TEST_MEMORY_COMPARE(input_data->x, input_data->len, + output_data2, output_length2); } exit: @@ -4750,7 +4820,7 @@ void aead_encrypt(int key_type_arg, data_t *key_data, PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); TEST_LE_U(output_size, PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); status = psa_aead_encrypt(key, alg, nonce->x, nonce->len, @@ -4768,8 +4838,8 @@ void aead_encrypt(int key_type_arg, data_t *key_data, } PSA_ASSERT(status); - ASSERT_COMPARE(expected_result->x, expected_result->len, - output_data, output_length); + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + output_data, output_length); exit: psa_destroy_key(key); @@ -4820,7 +4890,7 @@ void aead_decrypt(int key_type_arg, data_t *key_data, TEST_LE_U(output_size, PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE(input_data->len)); } - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); status = psa_aead_decrypt(key, alg, nonce->x, nonce->len, @@ -4841,8 +4911,8 @@ void aead_decrypt(int key_type_arg, data_t *key_data, TEST_EQUAL(status, expected_result); if (expected_result == PSA_SUCCESS) { - ASSERT_COMPARE(expected_data->x, expected_data->len, - output_data, output_length); + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output_data, output_length); } exit: @@ -5079,13 +5149,13 @@ void aead_multipart_generate_nonce(int key_type_arg, data_t *key_data, output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_data->len); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); ciphertext_size = PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg); TEST_LE_U(ciphertext_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(ciphertext, ciphertext_size); + TEST_CALLOC(ciphertext, ciphertext_size); status = psa_aead_encrypt_setup(&operation, key, alg); @@ -5182,13 +5252,13 @@ void aead_multipart_set_nonce(int key_type_arg, data_t *key_data, output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_data->len); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); ciphertext_size = PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg); TEST_LE_U(ciphertext_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(ciphertext, ciphertext_size); + TEST_CALLOC(ciphertext, ciphertext_size); status = psa_aead_encrypt_setup(&operation, key, alg); @@ -5205,12 +5275,12 @@ void aead_multipart_set_nonce(int key_type_arg, data_t *key_data, /* -1 == zero length and valid buffer, 0 = zero length and NULL buffer. */ if (nonce_length_arg == -1) { /* Arbitrary size buffer, to test zero length valid buffer. */ - ASSERT_ALLOC(nonce_buffer, 4); + TEST_CALLOC(nonce_buffer, 4); nonce_length = 0; } else { /* If length is zero, then this will return NULL. */ nonce_length = (size_t) nonce_length_arg; - ASSERT_ALLOC(nonce_buffer, nonce_length); + TEST_CALLOC(nonce_buffer, nonce_length); if (nonce_buffer) { for (index = 0; index < nonce_length - 1; ++index) { @@ -5299,11 +5369,11 @@ void aead_multipart_update_buffer_test(int key_type_arg, data_t *key_data, PSA_ASSERT(psa_get_key_attributes(key, &attributes)); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); ciphertext_size = PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(ciphertext, ciphertext_size); + TEST_CALLOC(ciphertext, ciphertext_size); status = psa_aead_encrypt_setup(&operation, key, alg); @@ -5386,11 +5456,11 @@ void aead_multipart_finish_buffer_test(int key_type_arg, data_t *key_data, ciphertext_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_data->len); - ASSERT_ALLOC(ciphertext, ciphertext_size); + TEST_CALLOC(ciphertext, ciphertext_size); - ASSERT_ALLOC(finish_ciphertext, finish_ciphertext_size); + TEST_CALLOC(finish_ciphertext, finish_ciphertext_size); - ASSERT_ALLOC(tag_buffer, tag_size); + TEST_CALLOC(tag_buffer, tag_size); status = psa_aead_encrypt_setup(&operation, key, alg); @@ -5475,11 +5545,11 @@ void aead_multipart_verify(int key_type_arg, data_t *key_data, plaintext_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_data->len); - ASSERT_ALLOC(plaintext, plaintext_size); + TEST_CALLOC(plaintext, plaintext_size); verify_plaintext_size = PSA_AEAD_VERIFY_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(finish_plaintext, verify_plaintext_size); + TEST_CALLOC(finish_plaintext, verify_plaintext_size); status = psa_aead_decrypt_setup(&operation, key, alg); @@ -5616,13 +5686,13 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data, output_size = PSA_AEAD_UPDATE_OUTPUT_SIZE(key_type, alg, input_data->len); - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); finish_output_size = PSA_AEAD_FINISH_OUTPUT_SIZE(key_type, alg); TEST_LE_U(finish_output_size, PSA_AEAD_FINISH_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(final_data, finish_output_size); + TEST_CALLOC(final_data, finish_output_size); /* Test all operations error without calling setup first. */ @@ -5968,8 +6038,10 @@ void aead_multipart_state_test(int key_type_arg, data_t *key_data, } psa_aead_abort(&operation); +#endif /* Test for calling set lengths with a plaintext length of SIZE_MAX, after setting nonce */ +#if SIZE_MAX > UINT32_MAX PSA_ASSERT(psa_aead_encrypt_setup(&operation, key, alg)); PSA_ASSERT(psa_aead_set_nonce(&operation, nonce->x, nonce->len)); @@ -6418,7 +6490,7 @@ void sign_hash_deterministic(int key_type_arg, data_t *key_data, key_bits, alg); TEST_ASSERT(signature_size != 0); TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); /* Perform the signature. */ PSA_ASSERT(psa_sign_hash(key, alg, @@ -6426,8 +6498,8 @@ void sign_hash_deterministic(int key_type_arg, data_t *key_data, signature, signature_size, &signature_length)); /* Verify that the signature is what is expected. */ - ASSERT_COMPARE(output_data->x, output_data->len, - signature, signature_length); + TEST_MEMORY_COMPARE(output_data->x, output_data->len, + signature, signature_length); exit: /* @@ -6442,6 +6514,135 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * sign_hash_interruptible() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test interruptible sign hash with known outcomes (deterministic ECDSA + * and private keys / keypairs only). + * + * 2. Test the number of calls to psa_sign_hash_complete() required are as + * expected for different max_ops values. + * + * 3. Test that the number of ops done prior to start and after abort is zero + * and that each successful stage completes some ops (this is not mandated by + * the PSA specification, but is currently the case). + * + * 4. Test that calling psa_sign_hash_get_num_ops() multiple times between + * complete() calls does not alter the number of ops returned. + */ +void sign_hash_interruptible(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + data_t *output_data, int max_ops_arg) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = PSA_OPERATION_INCOMPLETE; + uint32_t num_ops = 0; + uint32_t max_ops = max_ops_arg; + size_t num_ops_prior = 0; + size_t num_completes = 0; + size_t min_completes = 0; + size_t max_completes = 0; + + psa_sign_hash_interruptible_operation_t operation = + psa_sign_hash_interruptible_operation_init(); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + + /* Allocate a buffer which has the size advertised by the + * library. */ + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + psa_interruptible_set_max_ops(max_ops); + + interruptible_signverify_get_minmax_completes(max_ops, PSA_SUCCESS, + &min_completes, &max_completes); + + num_ops_prior = psa_sign_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Start performing the signature. */ + PSA_ASSERT(psa_sign_hash_start(&operation, key, alg, + input_data->x, input_data->len)); + + num_ops_prior = psa_sign_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Continue performing the signature until complete. */ + do { + status = psa_sign_hash_complete(&operation, signature, signature_size, + &signature_length); + + num_completes++; + + if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) { + num_ops = psa_sign_hash_get_num_ops(&operation); + /* We are asserting here that every complete makes progress + * (completes some ops), which is true of the internal + * implementation and probably any implementation, however this is + * not mandated by the PSA specification. */ + TEST_ASSERT(num_ops > num_ops_prior); + + num_ops_prior = num_ops; + + /* Ensure calling get_num_ops() twice still returns the same + * number of ops as previously reported. */ + num_ops = psa_sign_hash_get_num_ops(&operation); + + TEST_EQUAL(num_ops, num_ops_prior); + } + } while (status == PSA_OPERATION_INCOMPLETE); + + TEST_ASSERT(status == PSA_SUCCESS); + + TEST_LE_U(min_completes, num_completes); + TEST_LE_U(num_completes, max_completes); + + /* Verify that the signature is what is expected. */ + TEST_MEMORY_COMPARE(output_data->x, output_data->len, + signature, signature_length); + + PSA_ASSERT(psa_sign_hash_abort(&operation)); + + num_ops = psa_sign_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops == 0); + +exit: + + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void sign_hash_fail(int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data, @@ -6457,7 +6658,7 @@ void sign_hash_fail(int key_type_arg, data_t *key_data, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); PSA_ASSERT(psa_crypto_init()); @@ -6487,6 +6688,154 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * sign_hash_fail_interruptible() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test that various failure cases for interruptible sign hash fail with the + * correct error codes, and at the correct point (at start or during + * complete). + * + * 2. Test the number of calls to psa_sign_hash_complete() required are as + * expected for different max_ops values. + * + * 3. Test that the number of ops done prior to start and after abort is zero + * and that each successful stage completes some ops (this is not mandated by + * the PSA specification, but is currently the case). + * + * 4. Check that calling complete() when start() fails and complete() + * after completion results in a BAD_STATE error. + * + * 5. Check that calling start() again after start fails results in a BAD_STATE + * error. + */ +void sign_hash_fail_interruptible(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + int signature_size_arg, + int expected_start_status_arg, + int expected_complete_status_arg, + int max_ops_arg) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t signature_size = signature_size_arg; + psa_status_t actual_status; + psa_status_t expected_start_status = expected_start_status_arg; + psa_status_t expected_complete_status = expected_complete_status_arg; + unsigned char *signature = NULL; + size_t signature_length = 0xdeadbeef; + uint32_t num_ops = 0; + uint32_t max_ops = max_ops_arg; + size_t num_ops_prior = 0; + size_t num_completes = 0; + size_t min_completes = 0; + size_t max_completes = 0; + + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_sign_hash_interruptible_operation_t operation = + psa_sign_hash_interruptible_operation_init(); + + TEST_CALLOC(signature, signature_size); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + + psa_interruptible_set_max_ops(max_ops); + + interruptible_signverify_get_minmax_completes(max_ops, + expected_complete_status, + &min_completes, + &max_completes); + + num_ops_prior = psa_sign_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Start performing the signature. */ + actual_status = psa_sign_hash_start(&operation, key, alg, + input_data->x, input_data->len); + + TEST_EQUAL(actual_status, expected_start_status); + + if (expected_start_status != PSA_SUCCESS) { + /* Emulate poor application code, and call complete anyway, even though + * start failed. */ + actual_status = psa_sign_hash_complete(&operation, signature, + signature_size, + &signature_length); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + + /* Test that calling start again after failure also causes BAD_STATE. */ + actual_status = psa_sign_hash_start(&operation, key, alg, + input_data->x, input_data->len); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + } + + num_ops_prior = psa_sign_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Continue performing the signature until complete. */ + do { + actual_status = psa_sign_hash_complete(&operation, signature, + signature_size, + &signature_length); + + num_completes++; + + if (actual_status == PSA_SUCCESS || + actual_status == PSA_OPERATION_INCOMPLETE) { + num_ops = psa_sign_hash_get_num_ops(&operation); + /* We are asserting here that every complete makes progress + * (completes some ops), which is true of the internal + * implementation and probably any implementation, however this is + * not mandated by the PSA specification. */ + TEST_ASSERT(num_ops > num_ops_prior); + + num_ops_prior = num_ops; + } + } while (actual_status == PSA_OPERATION_INCOMPLETE); + + TEST_EQUAL(actual_status, expected_complete_status); + + /* Check that another complete returns BAD_STATE. */ + actual_status = psa_sign_hash_complete(&operation, signature, + signature_size, + &signature_length); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_sign_hash_abort(&operation)); + + num_ops = psa_sign_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops == 0); + + /* The value of *signature_length is unspecified on error, but + * whatever it is, it should be less than signature_size, so that + * if the caller tries to read *signature_length bytes without + * checking the error code then they don't overflow a buffer. */ + TEST_LE_U(signature_length, signature_size); + + TEST_LE_U(min_completes, num_completes); + TEST_LE_U(num_completes, max_completes); + +exit: + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void sign_verify_hash(int key_type_arg, data_t *key_data, int alg_arg, data_t *input_data) @@ -6517,7 +6866,7 @@ void sign_verify_hash(int key_type_arg, data_t *key_data, key_bits, alg); TEST_ASSERT(signature_size != 0); TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); /* Perform the signature. */ PSA_ASSERT(psa_sign_hash(key, alg, @@ -6557,6 +6906,178 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * sign_verify_hash_interruptible() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test that we can sign an input hash with the given keypair and then + * afterwards verify that signature. This is currently the only way to test + * non deterministic ECDSA, but this test can also handle deterministic. + * + * 2. Test that after corrupting the hash, the verification detects an invalid + * signature. + * + * 3. Test the number of calls to psa_sign_hash_complete() required are as + * expected for different max_ops values. + * + * 4. Test that the number of ops done prior to starting signing and after abort + * is zero and that each successful signing stage completes some ops (this is + * not mandated by the PSA specification, but is currently the case). + */ +void sign_verify_hash_interruptible(int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + int max_ops_arg) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = PSA_OPERATION_INCOMPLETE; + uint32_t max_ops = max_ops_arg; + uint32_t num_ops = 0; + uint32_t num_ops_prior = 0; + size_t num_completes = 0; + size_t min_completes = 0; + size_t max_completes = 0; + + psa_sign_hash_interruptible_operation_t sign_operation = + psa_sign_hash_interruptible_operation_init(); + psa_verify_hash_interruptible_operation_t verify_operation = + psa_verify_hash_interruptible_operation_init(); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + + /* Allocate a buffer which has the size advertised by the + * library. */ + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + psa_interruptible_set_max_ops(max_ops); + + interruptible_signverify_get_minmax_completes(max_ops, PSA_SUCCESS, + &min_completes, &max_completes); + + num_ops_prior = psa_sign_hash_get_num_ops(&sign_operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Start performing the signature. */ + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + num_ops_prior = psa_sign_hash_get_num_ops(&sign_operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Continue performing the signature until complete. */ + do { + + status = psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length); + + num_completes++; + + if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) { + num_ops = psa_sign_hash_get_num_ops(&sign_operation); + /* We are asserting here that every complete makes progress + * (completes some ops), which is true of the internal + * implementation and probably any implementation, however this is + * not mandated by the PSA specification. */ + TEST_ASSERT(num_ops > num_ops_prior); + + num_ops_prior = num_ops; + } + } while (status == PSA_OPERATION_INCOMPLETE); + + TEST_ASSERT(status == PSA_SUCCESS); + + TEST_LE_U(min_completes, num_completes); + TEST_LE_U(num_completes, max_completes); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + num_ops = psa_sign_hash_get_num_ops(&sign_operation); + TEST_ASSERT(num_ops == 0); + + /* Check that the signature length looks sensible. */ + TEST_LE_U(signature_length, signature_size); + TEST_ASSERT(signature_length > 0); + + num_completes = 0; + + /* Start verification. */ + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + /* Continue performing the signature until complete. */ + do { + status = psa_verify_hash_complete(&verify_operation); + + num_completes++; + } while (status == PSA_OPERATION_INCOMPLETE); + + TEST_ASSERT(status == PSA_SUCCESS); + + TEST_LE_U(min_completes, num_completes); + TEST_LE_U(num_completes, max_completes); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + verify_operation = psa_verify_hash_interruptible_operation_init(); + + if (input_data->len != 0) { + /* Flip a bit in the input and verify that the signature is now + * detected as invalid. Flip a bit at the beginning, not at the end, + * because ECDSA may ignore the last few bits of the input. */ + input_data->x[0] ^= 1; + + /* Start verification. */ + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + /* Continue performing the signature until complete. */ + do { + status = psa_verify_hash_complete(&verify_operation); + } while (status == PSA_OPERATION_INCOMPLETE); + + TEST_ASSERT(status == PSA_ERROR_INVALID_SIGNATURE); + } + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void verify_hash(int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, @@ -6589,6 +7110,138 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * verify_hash_interruptible() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test interruptible verify hash with known outcomes (deterministic ECDSA + * only). Given this test only does verification it can accept public keys as + * well as private keys / keypairs. + * + * 2. Test the number of calls to psa_verify_hash_complete() required are as + * expected for different max_ops values. + * + * 3. Test that the number of ops done prior to start and after abort is zero + * and that each successful stage completes some ops (this is not mandated by + * the PSA specification, but is currently the case). + * + * 4. Test that calling psa_sign_hash_get_num_ops() multiple times between + * complete() calls does not alter the number of ops returned. + * + * 5. Test that after corrupting the hash, the verification detects an invalid + * signature. + */ +void verify_hash_interruptible(int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data, int max_ops_arg) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = PSA_OPERATION_INCOMPLETE; + uint32_t num_ops = 0; + uint32_t max_ops = max_ops_arg; + size_t num_ops_prior = 0; + size_t num_completes = 0; + size_t min_completes = 0; + size_t max_completes = 0; + + psa_verify_hash_interruptible_operation_t operation = + psa_verify_hash_interruptible_operation_init(); + + TEST_LE_U(signature_data->len, PSA_SIGNATURE_MAX_SIZE); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + + psa_interruptible_set_max_ops(max_ops); + + interruptible_signverify_get_minmax_completes(max_ops, PSA_SUCCESS, + &min_completes, &max_completes); + + num_ops_prior = psa_verify_hash_get_num_ops(&operation); + + TEST_ASSERT(num_ops_prior == 0); + + /* Start verification. */ + PSA_ASSERT(psa_verify_hash_start(&operation, key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len) + ); + + num_ops_prior = psa_verify_hash_get_num_ops(&operation); + + TEST_ASSERT(num_ops_prior == 0); + + /* Continue performing the signature until complete. */ + do { + status = psa_verify_hash_complete(&operation); + + num_completes++; + + if (status == PSA_SUCCESS || status == PSA_OPERATION_INCOMPLETE) { + num_ops = psa_verify_hash_get_num_ops(&operation); + /* We are asserting here that every complete makes progress + * (completes some ops), which is true of the internal + * implementation and probably any implementation, however this is + * not mandated by the PSA specification. */ + TEST_ASSERT(num_ops > num_ops_prior); + + num_ops_prior = num_ops; + + /* Ensure calling get_num_ops() twice still returns the same + * number of ops as previously reported. */ + num_ops = psa_verify_hash_get_num_ops(&operation); + + TEST_EQUAL(num_ops, num_ops_prior); + } + } while (status == PSA_OPERATION_INCOMPLETE); + + TEST_ASSERT(status == PSA_SUCCESS); + + TEST_LE_U(min_completes, num_completes); + TEST_LE_U(num_completes, max_completes); + + PSA_ASSERT(psa_verify_hash_abort(&operation)); + + num_ops = psa_verify_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops == 0); + + if (hash_data->len != 0) { + /* Flip a bit in the hash and verify that the signature is now detected + * as invalid. Flip a bit at the beginning, not at the end, because + * ECDSA may ignore the last few bits of the input. */ + hash_data->x[0] ^= 1; + + /* Start verification. */ + PSA_ASSERT(psa_verify_hash_start(&operation, key, alg, + hash_data->x, hash_data->len, + signature_data->x, signature_data->len)); + + /* Continue performing the signature until complete. */ + do { + status = psa_verify_hash_complete(&operation); + } while (status == PSA_OPERATION_INCOMPLETE); + + TEST_ASSERT(status == PSA_ERROR_INVALID_SIGNATURE); + } + +exit: + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void verify_hash_fail(int key_type_arg, data_t *key_data, int alg_arg, data_t *hash_data, @@ -6623,6 +7276,612 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * verify_hash_fail_interruptible() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test that various failure cases for interruptible verify hash fail with + * the correct error codes, and at the correct point (at start or during + * complete). + * + * 2. Test the number of calls to psa_verify_hash_complete() required are as + * expected for different max_ops values. + * + * 3. Test that the number of ops done prior to start and after abort is zero + * and that each successful stage completes some ops (this is not mandated by + * the PSA specification, but is currently the case). + * + * 4. Check that calling complete() when start() fails and complete() + * after completion results in a BAD_STATE error. + * + * 5. Check that calling start() again after start fails results in a BAD_STATE + * error. + */ +void verify_hash_fail_interruptible(int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data, + int expected_start_status_arg, + int expected_complete_status_arg, + int max_ops_arg) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t actual_status; + psa_status_t expected_start_status = expected_start_status_arg; + psa_status_t expected_complete_status = expected_complete_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint32_t num_ops = 0; + uint32_t max_ops = max_ops_arg; + size_t num_ops_prior = 0; + size_t num_completes = 0; + size_t min_completes = 0; + size_t max_completes = 0; + psa_verify_hash_interruptible_operation_t operation = + psa_verify_hash_interruptible_operation_init(); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + + psa_interruptible_set_max_ops(max_ops); + + interruptible_signverify_get_minmax_completes(max_ops, + expected_complete_status, + &min_completes, + &max_completes); + + num_ops_prior = psa_verify_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Start verification. */ + actual_status = psa_verify_hash_start(&operation, key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len); + + TEST_EQUAL(actual_status, expected_start_status); + + if (expected_start_status != PSA_SUCCESS) { + /* Emulate poor application code, and call complete anyway, even though + * start failed. */ + actual_status = psa_verify_hash_complete(&operation); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + + /* Test that calling start again after failure also causes BAD_STATE. */ + actual_status = psa_verify_hash_start(&operation, key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len); + + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + } + + num_ops_prior = psa_verify_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops_prior == 0); + + /* Continue performing the signature until complete. */ + do { + actual_status = psa_verify_hash_complete(&operation); + + num_completes++; + + if (actual_status == PSA_SUCCESS || + actual_status == PSA_OPERATION_INCOMPLETE) { + num_ops = psa_verify_hash_get_num_ops(&operation); + /* We are asserting here that every complete makes progress + * (completes some ops), which is true of the internal + * implementation and probably any implementation, however this is + * not mandated by the PSA specification. */ + TEST_ASSERT(num_ops > num_ops_prior); + + num_ops_prior = num_ops; + } + } while (actual_status == PSA_OPERATION_INCOMPLETE); + + TEST_EQUAL(actual_status, expected_complete_status); + + /* Check that another complete returns BAD_STATE. */ + actual_status = psa_verify_hash_complete(&operation); + TEST_EQUAL(actual_status, PSA_ERROR_BAD_STATE); + + TEST_LE_U(min_completes, num_completes); + TEST_LE_U(num_completes, max_completes); + + PSA_ASSERT(psa_verify_hash_abort(&operation)); + + num_ops = psa_verify_hash_get_num_ops(&operation); + TEST_ASSERT(num_ops == 0); + +exit: + psa_reset_key_attributes(&attributes); + psa_destroy_key(key); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * interruptible_signverify_hash_state_test() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test that calling the various interruptible sign and verify hash functions + * in incorrect orders returns BAD_STATE errors. + */ +void interruptible_signverify_hash_state_test(int key_type_arg, + data_t *key_data, int alg_arg, data_t *input_data) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_sign_hash_interruptible_operation_t sign_operation = + psa_sign_hash_interruptible_operation_init(); + psa_verify_hash_interruptible_operation_t verify_operation = + psa_verify_hash_interruptible_operation_init(); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + + /* Allocate a buffer which has the size advertised by the + * library. */ + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + /* --- Attempt completes prior to starts --- */ + TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + TEST_EQUAL(psa_verify_hash_complete(&verify_operation), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + /* --- Aborts in all other places. --- */ + psa_sign_hash_abort(&sign_operation); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + psa_interruptible_set_max_ops(1); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length), + PSA_OPERATION_INCOMPLETE); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + PSA_ASSERT(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length)); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + psa_interruptible_set_max_ops(1); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + TEST_EQUAL(psa_verify_hash_complete(&verify_operation), + PSA_OPERATION_INCOMPLETE); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + PSA_ASSERT(psa_verify_hash_complete(&verify_operation)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + /* --- Attempt double starts. --- */ + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + TEST_EQUAL(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + TEST_EQUAL(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * interruptible_signverify_hash_edgecase_tests() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test various edge cases in the interruptible sign and verify hash + * interfaces. + */ +void interruptible_signverify_hash_edgecase_tests(int key_type_arg, + data_t *key_data, int alg_arg, data_t *input_data) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + uint8_t *input_buffer = NULL; + psa_sign_hash_interruptible_operation_t sign_operation = + psa_sign_hash_interruptible_operation_init(); + psa_verify_hash_interruptible_operation_t verify_operation = + psa_verify_hash_interruptible_operation_init(); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, + &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + + /* Allocate a buffer which has the size advertised by the + * library. */ + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, + key_bits, alg); + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + /* --- Change function inputs mid run, to cause an error (sign only, + * verify passes all inputs to start. --- */ + + psa_interruptible_set_max_ops(1); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length), + PSA_OPERATION_INCOMPLETE); + + TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature, + 0, + &signature_length), + PSA_ERROR_BUFFER_TOO_SMALL); + + /* And test that this invalidates the operation. */ + TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature, + 0, + &signature_length), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + /* Trash the hash buffer in between start and complete, to ensure + * no reliance on external buffers. */ + psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + input_buffer = mbedtls_calloc(1, input_data->len); + TEST_ASSERT(input_buffer != NULL); + + memcpy(input_buffer, input_data->x, input_data->len); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_buffer, input_data->len)); + + memset(input_buffer, '!', input_data->len); + mbedtls_free(input_buffer); + input_buffer = NULL; + + PSA_ASSERT(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length)); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + input_buffer = mbedtls_calloc(1, input_data->len); + TEST_ASSERT(input_buffer != NULL); + + memcpy(input_buffer, input_data->x, input_data->len); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_buffer, input_data->len, + signature, signature_length)); + + memset(input_buffer, '!', input_data->len); + mbedtls_free(input_buffer); + input_buffer = NULL; + + PSA_ASSERT(psa_verify_hash_complete(&verify_operation)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */ +/** + * interruptible_signverify_hash_ops_tests() test intentions: + * + * Note: This test can currently only handle ECDSA. + * + * 1. Test that setting max ops is reflected in both interruptible sign and + * verify hash + * 2. Test that changing the value of max_ops to unlimited during an operation + * causes that operation to complete in the next call. + * + * 3. Test that calling get_num_ops() between complete calls gives the same + * result as calling get_num_ops() once at the end of the operation. + */ +void interruptible_signverify_hash_ops_tests(int key_type_arg, + data_t *key_data, int alg_arg, + data_t *input_data) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + uint32_t num_ops = 0; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + psa_sign_hash_interruptible_operation_t sign_operation = + psa_sign_hash_interruptible_operation_init(); + psa_verify_hash_interruptible_operation_t verify_operation = + psa_verify_hash_interruptible_operation_init(); + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); + PSA_ASSERT(psa_get_key_attributes(key, &attributes)); + key_bits = psa_get_key_bits(&attributes); + + /* Allocate a buffer which has the size advertised by the + * library. */ + signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); + + TEST_ASSERT(signature_size != 0); + TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); + TEST_CALLOC(signature, signature_size); + + /* Check that default max ops gets set if we don't set it. */ + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + TEST_EQUAL(psa_interruptible_get_max_ops(), + PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_size)); + + TEST_EQUAL(psa_interruptible_get_max_ops(), + PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + /* Check that max ops gets set properly. */ + + psa_interruptible_set_max_ops(0xbeef); + + TEST_EQUAL(psa_interruptible_get_max_ops(), 0xbeef); + + /* --- Ensure changing the max ops mid operation works (operation should + * complete successfully after setting max ops to unlimited --- */ + psa_interruptible_set_max_ops(1); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + TEST_EQUAL(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length), + PSA_OPERATION_INCOMPLETE); + + psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + PSA_ASSERT(psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length)); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + psa_interruptible_set_max_ops(1); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + TEST_EQUAL(psa_verify_hash_complete(&verify_operation), + PSA_OPERATION_INCOMPLETE); + + psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); + + PSA_ASSERT(psa_verify_hash_complete(&verify_operation)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + /* --- Test that not calling get_num_ops inbetween complete calls does not + * result in lost ops. ---*/ + + psa_interruptible_set_max_ops(1); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + /* Continue performing the signature until complete. */ + do { + status = psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length); + + num_ops = psa_sign_hash_get_num_ops(&sign_operation); + + } while (status == PSA_OPERATION_INCOMPLETE); + + PSA_ASSERT(status); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + PSA_ASSERT(psa_sign_hash_start(&sign_operation, key, alg, + input_data->x, input_data->len)); + + /* Continue performing the signature until complete. */ + do { + status = psa_sign_hash_complete(&sign_operation, signature, + signature_size, + &signature_length); + } while (status == PSA_OPERATION_INCOMPLETE); + + PSA_ASSERT(status); + + TEST_EQUAL(num_ops, psa_sign_hash_get_num_ops(&sign_operation)); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + /* Continue performing the verification until complete. */ + do { + status = psa_verify_hash_complete(&verify_operation); + + num_ops = psa_verify_hash_get_num_ops(&verify_operation); + + } while (status == PSA_OPERATION_INCOMPLETE); + + PSA_ASSERT(status); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + + PSA_ASSERT(psa_verify_hash_start(&verify_operation, key, alg, + input_data->x, input_data->len, + signature, signature_length)); + + /* Continue performing the verification until complete. */ + do { + status = psa_verify_hash_complete(&verify_operation); + + } while (status == PSA_OPERATION_INCOMPLETE); + + PSA_ASSERT(status); + + TEST_EQUAL(num_ops, psa_verify_hash_get_num_ops(&verify_operation)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); + +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + + psa_destroy_key(key); + mbedtls_free(signature); + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void sign_message_deterministic(int key_type_arg, data_t *key_data, @@ -6653,15 +7912,15 @@ void sign_message_deterministic(int key_type_arg, signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); TEST_ASSERT(signature_size != 0); TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); PSA_ASSERT(psa_sign_message(key, alg, input_data->x, input_data->len, signature, signature_size, &signature_length)); - ASSERT_COMPARE(output_data->x, output_data->len, - signature, signature_length); + TEST_MEMORY_COMPARE(output_data->x, output_data->len, + signature, signature_length); exit: psa_reset_key_attributes(&attributes); @@ -6691,7 +7950,7 @@ void sign_message_fail(int key_type_arg, size_t signature_length = 0xdeadbeef; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); PSA_ASSERT(psa_crypto_init()); @@ -6751,7 +8010,7 @@ void sign_verify_message(int key_type_arg, signature_size = PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, alg); TEST_ASSERT(signature_size != 0); TEST_LE_U(signature_size, PSA_SIGNATURE_MAX_SIZE); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); PSA_ASSERT(psa_sign_message(key, alg, input_data->x, input_data->len, @@ -6891,7 +8150,7 @@ void asymmetric_encrypt(int key_type_arg, output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); /* Encrypt the input */ actual_status = psa_asymmetric_encrypt(key, alg, @@ -6900,7 +8159,11 @@ void asymmetric_encrypt(int key_type_arg, output, output_size, &output_length); TEST_EQUAL(actual_status, expected_status); - TEST_EQUAL(output_length, expected_output_length); + if (actual_status == PSA_SUCCESS) { + TEST_EQUAL(output_length, expected_output_length); + } else { + TEST_LE_U(output_length, output_size); + } /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ @@ -6915,7 +8178,11 @@ void asymmetric_encrypt(int key_type_arg, output, output_size, &output_length); TEST_EQUAL(actual_status, expected_status); - TEST_EQUAL(output_length, expected_output_length); + if (actual_status == PSA_SUCCESS) { + TEST_EQUAL(output_length, expected_output_length); + } else { + TEST_LE_U(output_length, output_size); + } } exit: @@ -6965,13 +8232,13 @@ void asymmetric_encrypt_decrypt(int key_type_arg, output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); TEST_LE_U(output_size, PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); output2_size = input_data->len; TEST_LE_U(output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)); TEST_LE_U(output2_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(output2, output2_size); + TEST_CALLOC(output2, output2_size); /* We test encryption by checking that encrypt-then-decrypt gives back * the original plaintext because of the non-optional random @@ -6990,8 +8257,8 @@ void asymmetric_encrypt_decrypt(int key_type_arg, label->x, label->len, output2, output2_size, &output2_length)); - ASSERT_COMPARE(input_data->x, input_data->len, - output2, output2_length); + TEST_MEMORY_COMPARE(input_data->x, input_data->len, + output2, output2_length); exit: /* @@ -7039,7 +8306,7 @@ void asymmetric_decrypt(int key_type_arg, /* Determine the maximum ciphertext length */ output_size = PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg); TEST_LE_U(output_size, PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); PSA_ASSERT(psa_asymmetric_decrypt(key, alg, input_data->x, input_data->len, @@ -7047,8 +8314,8 @@ void asymmetric_decrypt(int key_type_arg, output, output_size, &output_length)); - ASSERT_COMPARE(expected_data->x, expected_data->len, - output, output_length); + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output, output_length); /* If the label is empty, the test framework puts a non-null pointer * in label->x. Test that a null pointer works as well. */ @@ -7063,8 +8330,8 @@ void asymmetric_decrypt(int key_type_arg, output, output_size, &output_length)); - ASSERT_COMPARE(expected_data->x, expected_data->len, - output, output_length); + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output, output_length); } exit: @@ -7094,7 +8361,7 @@ void asymmetric_decrypt_fail(int key_type_arg, psa_status_t expected_status = expected_status_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); PSA_ASSERT(psa_crypto_init()); @@ -7206,6 +8473,15 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void parse_binary_string_test(data_t *input, int output) +{ + uint64_t value; + value = mbedtls_test_parse_binary_string(input); + TEST_EQUAL(value, output); +} +/* END_CASE */ + /* BEGIN_CASE */ void derive_input(int alg_arg, int step_arg1, int key_type_arg1, data_t *input1, @@ -7218,7 +8494,7 @@ void derive_input(int alg_arg, { psa_algorithm_t alg = alg_arg; psa_key_derivation_step_t steps[] = { step_arg1, step_arg2, step_arg3 }; - psa_key_type_t key_types[] = { key_type_arg1, key_type_arg2, key_type_arg3 }; + uint32_t key_types[] = { key_type_arg1, key_type_arg2, key_type_arg3 }; psa_status_t expected_statuses[] = { expected_status_arg1, expected_status_arg2, expected_status_arg3 }; @@ -7245,12 +8521,13 @@ void derive_input(int alg_arg, mbedtls_test_set_step(i); if (steps[i] == 0) { /* Skip this step */ - } else if (key_types[i] != PSA_KEY_TYPE_NONE) { - psa_set_key_type(&attributes, key_types[i]); + } else if (((psa_key_type_t) key_types[i]) != PSA_KEY_TYPE_NONE && + key_types[i] != INPUT_INTEGER) { + psa_set_key_type(&attributes, ((psa_key_type_t) key_types[i])); PSA_ASSERT(psa_import_key(&attributes, inputs[i]->x, inputs[i]->len, &keys[i])); - if (PSA_KEY_TYPE_IS_KEY_PAIR(key_types[i]) && + if (PSA_KEY_TYPE_IS_KEY_PAIR((psa_key_type_t) key_types[i]) && steps[i] == PSA_KEY_DERIVATION_INPUT_SECRET) { // When taking a private key as secret input, use key agreement // to add the shared secret to the derivation @@ -7263,10 +8540,17 @@ void derive_input(int alg_arg, expected_statuses[i]); } } else { - TEST_EQUAL(psa_key_derivation_input_bytes( - &operation, steps[i], - inputs[i]->x, inputs[i]->len), - expected_statuses[i]); + if (key_types[i] == INPUT_INTEGER) { + TEST_EQUAL(psa_key_derivation_input_integer( + &operation, steps[i], + mbedtls_test_parse_binary_string(inputs[i])), + expected_statuses[i]); + } else { + TEST_EQUAL(psa_key_derivation_input_bytes( + &operation, steps[i], + inputs[i]->x, inputs[i]->len), + expected_statuses[i]); + } } } @@ -7295,6 +8579,26 @@ exit: } /* END_CASE */ +/* BEGIN_CASE*/ +void derive_input_invalid_cost(int alg_arg, int64_t cost) +{ + psa_algorithm_t alg = alg_arg; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; + + PSA_ASSERT(psa_crypto_init()); + PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); + + TEST_EQUAL(psa_key_derivation_input_integer(&operation, + PSA_KEY_DERIVATION_INPUT_COST, + cost), + PSA_ERROR_NOT_SUPPORTED); + +exit: + psa_key_derivation_abort(&operation); + PSA_DONE(); +} +/* END_CASE*/ + /* BEGIN_CASE */ void derive_over_capacity(int alg_arg) { @@ -7425,7 +8729,7 @@ void derive_output(int alg_arg, expected_outputs[i] = NULL; } } - ASSERT_ALLOC(output_buffer, output_buffer_size); + TEST_CALLOC(output_buffer, output_buffer_size); PSA_ASSERT(psa_crypto_init()); /* Extraction phase. */ @@ -7436,6 +8740,16 @@ void derive_output(int alg_arg, switch (steps[i]) { case 0: break; + case PSA_KEY_DERIVATION_INPUT_COST: + TEST_EQUAL(psa_key_derivation_input_integer( + &operation, steps[i], + mbedtls_test_parse_binary_string(inputs[i])), + statuses[i]); + if (statuses[i] != PSA_SUCCESS) { + goto exit; + } + break; + case PSA_KEY_DERIVATION_INPUT_PASSWORD: case PSA_KEY_DERIVATION_INPUT_SECRET: switch (key_input_type) { case 0: // input bytes @@ -7463,12 +8777,17 @@ void derive_output(int alg_arg, PSA_TLS12_PSK_TO_MS_PSK_MAX_SIZE); } - PSA_ASSERT(psa_key_derivation_input_key(&operation, + TEST_EQUAL(psa_key_derivation_input_key(&operation, steps[i], - keys[i])); + keys[i]), + statuses[i]); + + if (statuses[i] != PSA_SUCCESS) { + goto exit; + } break; default: - TEST_ASSERT(!"default case not supported"); + TEST_FAIL("default case not supported"); break; } break; @@ -7518,7 +8837,7 @@ void derive_output(int alg_arg, key_agreement_peer_key->len), statuses[i]); break; default: - TEST_ASSERT(!"default case not supported"); + TEST_FAIL("default case not supported"); break; } @@ -7580,8 +8899,8 @@ void derive_output(int alg_arg, /* Success. Check the read data. */ PSA_ASSERT(status); if (output_sizes[i] != 0) { - ASSERT_COMPARE(output_buffer, output_sizes[i], - expected_outputs[i], output_sizes[i]); + TEST_MEMORY_COMPARE(output_buffer, output_sizes[i], + expected_outputs[i], output_sizes[i]); } /* Check the operation status. */ expected_capacity -= output_sizes[i]; @@ -7667,7 +8986,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS */ void derive_ecjpake_to_pms(data_t *input, int expected_input_status_arg, int derivation_step, int capacity, int expected_capacity_status_arg, @@ -7683,7 +9002,7 @@ void derive_ecjpake_to_pms(data_t *input, int expected_input_status_arg, psa_status_t expected_capacity_status = (psa_status_t) expected_capacity_status_arg; psa_status_t expected_output_status = (psa_status_t) expected_output_status_arg; - ASSERT_ALLOC(output_buffer, expected_output->len); + TEST_CALLOC(output_buffer, expected_output->len); PSA_ASSERT(psa_crypto_init()); PSA_ASSERT(psa_key_derivation_setup(&operation, alg)); @@ -7703,8 +9022,8 @@ void derive_ecjpake_to_pms(data_t *input, int expected_input_status_arg, TEST_EQUAL(status, expected_output_status); if (expected_output->len != 0 && expected_output_status == PSA_SUCCESS) { - ASSERT_COMPARE(output_buffer, expected_output->len, expected_output->x, - expected_output->len); + TEST_MEMORY_COMPARE(output_buffer, expected_output->len, expected_output->x, + expected_output->len); } exit: @@ -7804,8 +9123,8 @@ void derive_key_export(int alg_arg, psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; size_t length; - ASSERT_ALLOC(output_buffer, capacity); - ASSERT_ALLOC(export_buffer, capacity); + TEST_CALLOC(output_buffer, capacity); + TEST_CALLOC(export_buffer, capacity); PSA_ASSERT(psa_crypto_init()); psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE); @@ -7855,8 +9174,8 @@ void derive_key_export(int alg_arg, TEST_EQUAL(length, bytes2); /* Compare the outputs from the two runs. */ - ASSERT_COMPARE(output_buffer, bytes1 + bytes2, - export_buffer, capacity); + TEST_MEMORY_COMPARE(output_buffer, bytes1 + bytes2, + export_buffer, capacity); exit: mbedtls_free(output_buffer); @@ -7889,7 +9208,7 @@ void derive_key_type(int alg_arg, psa_key_attributes_t derived_attributes = PSA_KEY_ATTRIBUTES_INIT; size_t export_length; - ASSERT_ALLOC(export_buffer, export_buffer_size); + TEST_CALLOC(export_buffer, export_buffer_size); PSA_ASSERT(psa_crypto_init()); psa_set_key_usage_flags(&base_attributes, PSA_KEY_USAGE_DERIVE); @@ -7916,8 +9235,8 @@ void derive_key_type(int alg_arg, PSA_ASSERT(psa_export_key(derived_key, export_buffer, export_buffer_size, &export_length)); - ASSERT_COMPARE(export_buffer, export_length, - expected_export->x, expected_export->len); + TEST_MEMORY_COMPARE(export_buffer, export_length, + expected_export->x, expected_export->len); exit: mbedtls_free(export_buffer); @@ -8061,31 +9380,31 @@ void raw_key_agreement(int alg_arg, PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE); /* Good case with exact output size */ - ASSERT_ALLOC(output, expected_output->len); + TEST_CALLOC(output, expected_output->len); PSA_ASSERT(psa_raw_key_agreement(alg, our_key, peer_key_data->x, peer_key_data->len, output, expected_output->len, &output_length)); - ASSERT_COMPARE(output, output_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); mbedtls_free(output); output = NULL; output_length = ~0; /* Larger buffer */ - ASSERT_ALLOC(output, expected_output->len + 1); + TEST_CALLOC(output, expected_output->len + 1); PSA_ASSERT(psa_raw_key_agreement(alg, our_key, peer_key_data->x, peer_key_data->len, output, expected_output->len + 1, &output_length)); - ASSERT_COMPARE(output, output_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output, output_length, + expected_output->x, expected_output->len); mbedtls_free(output); output = NULL; output_length = ~0; /* Buffer too small */ - ASSERT_ALLOC(output, expected_output->len - 1); + TEST_CALLOC(output, expected_output->len - 1); TEST_EQUAL(psa_raw_key_agreement(alg, our_key, peer_key_data->x, peer_key_data->len, output, expected_output->len - 1, @@ -8174,8 +9493,8 @@ void key_agreement_output(int alg_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; - ASSERT_ALLOC(actual_output, MAX(expected_output1->len, - expected_output2->len)); + TEST_CALLOC(actual_output, MAX(expected_output1->len, + expected_output2->len)); PSA_ASSERT(psa_crypto_init()); @@ -8201,14 +9520,14 @@ void key_agreement_output(int alg_arg, PSA_ASSERT(psa_key_derivation_output_bytes(&operation, actual_output, expected_output1->len)); - ASSERT_COMPARE(actual_output, expected_output1->len, - expected_output1->x, expected_output1->len); + TEST_MEMORY_COMPARE(actual_output, expected_output1->len, + expected_output1->x, expected_output1->len); if (expected_output2->len != 0) { PSA_ASSERT(psa_key_derivation_output_bytes(&operation, actual_output, expected_output2->len)); - ASSERT_COMPARE(actual_output, expected_output2->len, - expected_output2->x, expected_output2->len); + TEST_MEMORY_COMPARE(actual_output, expected_output2->len, + expected_output2->x, expected_output2->len); } exit: @@ -8230,8 +9549,8 @@ void generate_random(int bytes_arg) TEST_ASSERT(bytes_arg >= 0); - ASSERT_ALLOC(output, bytes); - ASSERT_ALLOC(changed, bytes); + TEST_CALLOC(output, bytes); + TEST_CALLOC(changed, bytes); PSA_ASSERT(psa_crypto_init()); @@ -8322,7 +9641,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:MBEDTLS_GENPRIME */ +/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_SIGN */ void generate_key_rsa(int bits_arg, data_t *e_arg, int expected_status_arg) @@ -8349,8 +9668,8 @@ void generate_key_rsa(int bits_arg, is_default_public_exponent = 1; e_read_size = 0; } - ASSERT_ALLOC(e_read_buffer, e_read_size); - ASSERT_ALLOC(exported, exported_size); + TEST_CALLOC(e_read_buffer, e_read_size); + TEST_CALLOC(exported, exported_size); PSA_ASSERT(psa_crypto_init()); @@ -8376,7 +9695,7 @@ void generate_key_rsa(int bits_arg, if (is_default_public_exponent) { TEST_EQUAL(e_read_length, 0); } else { - ASSERT_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len); + TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len); } /* Do something with the key according to its type and permitted usage. */ @@ -8412,7 +9731,7 @@ void generate_key_rsa(int bits_arg, TEST_EQUAL(p[1], 0); TEST_EQUAL(p[2], 1); } else { - ASSERT_COMPARE(p, len, e_arg->x, e_arg->len); + TEST_MEMORY_COMPARE(p, len, e_arg->x, e_arg->len); } } @@ -8448,12 +9767,12 @@ void persistent_key_load_key_from_storage(data_t *data, unsigned char *first_export = NULL; unsigned char *second_export = NULL; size_t export_size = PSA_EXPORT_KEY_OUTPUT_SIZE(type, bits); - size_t first_exported_length; + size_t first_exported_length = 0; size_t second_exported_length; if (usage_flags & PSA_KEY_USAGE_EXPORT) { - ASSERT_ALLOC(first_export, export_size); - ASSERT_ALLOC(second_export, export_size); + TEST_CALLOC(first_export, export_size); + TEST_CALLOC(second_export, export_size); } PSA_ASSERT(psa_crypto_init()); @@ -8510,7 +9829,7 @@ void persistent_key_load_key_from_storage(data_t *data, break; default: - TEST_ASSERT(!"generation_method not implemented in test"); + TEST_FAIL("generation_method not implemented in test"); break; } psa_reset_key_attributes(&attributes); @@ -8521,8 +9840,8 @@ void persistent_key_load_key_from_storage(data_t *data, first_export, export_size, &first_exported_length)); if (generation_method == IMPORT_KEY) { - ASSERT_COMPARE(data->x, data->len, - first_export, first_exported_length); + TEST_MEMORY_COMPARE(data->x, data->len, + first_export, first_exported_length); } } @@ -8548,8 +9867,8 @@ void persistent_key_load_key_from_storage(data_t *data, PSA_ASSERT(psa_export_key(key, second_export, export_size, &second_exported_length)); - ASSERT_COMPARE(first_export, first_exported_length, - second_export, second_exported_length); + TEST_MEMORY_COMPARE(first_export, first_exported_length, + second_export, second_exported_length); } /* Do something with the key according to its type and permitted usage. */ @@ -8600,7 +9919,7 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, size_t buf_size = PSA_PAKE_OUTPUT_SIZE(alg, primitive_arg, PSA_PAKE_STEP_KEY_SHARE); - ASSERT_ALLOC(output_buffer, buf_size); + TEST_CALLOC(output_buffer, buf_size); if (pw_data->len > 0) { psa_set_key_usage_flags(&attributes, key_usage_pw); diff --git a/tests/suites/test_suite_psa_crypto.pbkdf2.data b/tests/suites/test_suite_psa_crypto.pbkdf2.data new file mode 100644 index 000000000..3b8e7e066 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto.pbkdf2.data @@ -0,0 +1,16 @@ +PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #4 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"eefe3d61cd4da4e4e9945b3d6ba2158c2634e984":"":0:1:0 + +PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #2 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d":"":0:1:0 + +# For PBKDF2_AES_CMAC_PRF_128 the output for the test vectors was generated using a python script. Refer commit message for details. +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, inputs from RFC6070 #4 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"c19b71d2daf483abc9e04fbc78928b4204398d1e":"":0:1:0 + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, inputs from RFC7914 #2 +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"3298e89bc3560e61b59aef2c104f93380b5fa26e2e011cb5ac5895fcd5a3bd5a92e617d7cae020fa2c6ef895182d9ffa0cc8f9c22778beb02856127719d95570":"":0:1:0 diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 6069a696c..54558f0f0 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -1,318 +1,318 @@ sign_hash transparent driver: in driver ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS sign_hash transparent driver: fallback ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS sign_hash transparent driver: error ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR sign_hash transparent driver: fake ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS sign_hash transparent driver: in driver RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS sign_hash transparent driver: fallback RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS sign_hash transparent driver: error RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_ERROR_GENERIC_ERROR sign_hash transparent driver: fake RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":1:PSA_SUCCESS sign_hash transparent driver: in driver RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_hash transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_hash transparent driver: error RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR sign_hash transparent driver: fake RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS verify_hash transparent driver: in driver ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash transparent driver: fallback ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash transparent driver: error ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash transparent driver: fallback Public Key ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash transparent driver: error Public Key ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key RSA-1024 PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: fallback Public Key RSA-1024 PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: error Public Key RSA-1024 PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key RSA-1024 PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: fallback Public Key RSA-1024 PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: error Public Key RSA-1024 PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR sign_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS sign_message transparent driver: fallback ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS sign_message transparent driver: error ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_ERROR_GENERIC_ERROR sign_message transparent driver: fake ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS sign_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_message transparent driver: error RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR sign_message transparent driver: fake RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS verify_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS verify_message transparent driver: fallback ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS verify_message transparent driver: error ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS verify_message transparent driver: fallback Public Key ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:MBEDTLS_PSA_BUILTIN_ALG_ECDSA verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS verify_message transparent driver: error Public Key ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: error RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS verify_message transparent driver: fallback Public Key RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS verify_message transparent driver: error Public Key RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS verify_message transparent driver: fallback Public Key RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS verify_message transparent driver: error Public Key RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_ERROR_GENERIC_ERROR -generate_key through transparent driver: fake -generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS +generate_ec_key through transparent driver: fake +generate_ec_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS -generate_key through transparent driver: in-driver -generate_key:PSA_SUCCESS:"":PSA_SUCCESS +generate_ec_key through transparent driver: in-driver +generate_ec_key:PSA_SUCCESS:"":PSA_SUCCESS -generate_key through transparent driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR -generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_SUCCESS +generate_ec_key through transparent driver: fallback +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE +generate_ec_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_SUCCESS -generate_key through transparent driver: fallback not available -depends_on:!MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR -generate_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_ERROR_NOT_SUPPORTED +generate_ec_key through transparent driver: fallback not available +depends_on:!MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE +generate_ec_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_ERROR_NOT_SUPPORTED -generate_key through transparent driver: error -generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR +generate_ec_key through transparent driver: error +generate_ec_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR validate key through transparent driver: good private key -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through transparent driver: good public key -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 validate_key:PSA_SUCCESS:PSA_KEY_LOCATION_LOCAL_STORAGE:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: fallback private key -depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:132:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through transparent driver: fallback public key -depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_LOCATION_LOCAL_STORAGE:133:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through transparent driver: error -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_LOCATION_LOCAL_STORAGE:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR validate key through opaque driver: good private key -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:130:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS validate key through opaque driver: good public key -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 validate_key:PSA_SUCCESS:PSA_CRYPTO_TEST_DRIVER_LOCATION:131:1:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS validate key through opaque driver: error -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT validate_key:PSA_ERROR_GENERIC_ERROR:PSA_CRYPTO_TEST_DRIVER_LOCATION:134:1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR export_key private to public through driver: fake -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 export_key:PSA_SUCCESS:"0102030405":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_SUCCESS export_key private to public through driver: in-driver -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS export_key private to public through driver: fallback -depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256 export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS export_key private to public through driver: error -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 export_key:PSA_ERROR_GENERIC_ERROR:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"":PSA_ERROR_GENERIC_ERROR raw key agreement through driver: fake -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement:PSA_ALG_ECDH:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"0102030405":PSA_SUCCESS raw key agreement through driver: in-driver -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement:PSA_ALG_ECDH:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"":PSA_SUCCESS raw key agreement through driver: fallback -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_ECDH +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_ECDH key_agreement:PSA_ALG_ECDH:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"":PSA_SUCCESS raw key agreement through driver: error -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 key_agreement:PSA_ALG_ECDH:PSA_ERROR_GENERIC_ERROR:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":"":PSA_ERROR_GENERIC_ERROR PSA symmetric encrypt validation: AES-CTR, 16 bytes, good @@ -604,15 +604,15 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MAX + 1:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR:"3677397A24432646294A404E63526655":PSA_ERROR_INVALID_HANDLE PSA opaque driver builtin key export: secp256r1 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT builtin_key_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"dc7d9d26d67a4f632c34c2dc0b6986183882c206df04cdb7d69aabe28be4f81a":PSA_SUCCESS PSA opaque driver builtin pubkey export: secp256r1 -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN + 1:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_SUCCESS PSA opaque driver builtin pubkey export: not a public key -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT builtin_pubkey_export:MBEDTLS_PSA_KEY_ID_BUILTIN_MIN:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"0485f64d89f00be66c88dd937efd6d7c445648dcb701150b8a9509295850f41c1931e571fb8f8c78317a20b380e866584bbc2516c3d2702d792f131a922095fd6c":PSA_ERROR_INVALID_ARGUMENT Hash compute: SHA-256, computed by the driver @@ -690,7 +690,7 @@ depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT asymmetric_encrypt_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:PSA_SUCCESS PSA encrypt-decrypt transparent driver: fallback not available RSA PKCS#1 v1.5 -depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT asymmetric_encrypt_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED::PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED PSA encrypt-decrypt transparent driver: encryption error RSA PKCS#1 v1.5 @@ -722,7 +722,7 @@ depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP asymmetric_encrypt_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:PSA_SUCCESS PSA encrypt-decrypt transparent driver: fallback not available RSA OAEP-SHA-256 -depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_OAEP asymmetric_encrypt_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED::PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED PSA encrypt-decrypt transparent driver: encryption error RSA OAEP-SHA-256 @@ -746,7 +746,7 @@ depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT asymmetric_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"2dfabbd0dd2cd9bd61f122615dae67d3952f6b6c169d924ae0ca452eb71bc2075875039b0bcf1781bbb42887e1d26b7727a294050ca3df9ea5b44c4b3052164f66a1ff8723393d64fb76afe86fc3dae97b1a86ddde6dd1aa697f20d81b5c559780c8f5c6b2919676203a52de10a5f6e76ac218642072f4868085555345f26a61":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA decrypt transparent driver: fallback not available RSA PKCS#1 v1.5 -depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT asymmetric_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"2dfabbd0dd2cd9bd61f122615dae67d3952f6b6c169d924ae0ca452eb71bc2075875039b0bcf1781bbb42887e1d26b7727a294050ca3df9ea5b44c4b3052164f66a1ff8723393d64fb76afe86fc3dae97b1a86ddde6dd1aa697f20d81b5c559780c8f5c6b2919676203a52de10a5f6e76ac218642072f4868085555345f26a61":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED PSA decrypt transparent driver: in-driver RSA OAEP-SHA-256 @@ -762,7 +762,7 @@ depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP asymmetric_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"13fd8220c266b34b894f916448d854f7438e075f55cc4df95edf7002bd88fd4b156305112f48362c1563a490ae56c29b546edb31dd5901db0c60197724d0a56ba1a33bfb0ed23bc806b0b2ca87ae9323ff86c7a06bf05108281a324b9f9af0bd50220aaf003606be1e5333fb53b97dff13261f8c6d2e4a5cefcd2b5589eb2a21":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA decrypt transparent driver: fallback not available RSA OAEP-SHA-256 -depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_OAEP asymmetric_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"13fd8220c266b34b894f916448d854f7438e075f55cc4df95edf7002bd88fd4b156305112f48362c1563a490ae56c29b546edb31dd5901db0c60197724d0a56ba1a33bfb0ed23bc806b0b2ca87ae9323ff86c7a06bf05108281a324b9f9af0bd50220aaf003606be1e5333fb53b97dff13261f8c6d2e4a5cefcd2b5589eb2a21":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED PSA encrypt transparent driver: in-driver RSA PKCS#1 v1.5 @@ -778,7 +778,7 @@ depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT asymmetric_encrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA encrypt transparent driver: fallback not available RSA PKCS#1 v1.5 -depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT asymmetric_encrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED PSA encrypt transparent driver: in-driver RSA OAEP-SHA-256 @@ -794,7 +794,7 @@ depends_on:MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP asymmetric_encrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA encrypt transparent driver: fallback not available RSA OAEP-SHA-256 -depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP +depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_OAEP asymmetric_encrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt setup, AES-GCM, 128 bytes #1 @@ -820,3 +820,48 @@ aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_G PSA AEAD decrypt setup, AES-GCM, 144 bytes #1, insufficient memory depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INSUFFICIENT_MEMORY:PSA_ERROR_INSUFFICIENT_MEMORY + +PSA PAKE transparent driver: setup(via input) in-driver forced status +pake_operations:"abcd":PSA_ERROR_GENERIC_ERROR:PSA_SUCCESS:"":PSA_ERROR_GENERIC_ERROR:0 + +PSA PAKE transparent driver: setup(via output) in-driver forced status +pake_operations:"abcd":PSA_ERROR_GENERIC_ERROR:PSA_SUCCESS:"":PSA_ERROR_GENERIC_ERROR:1 + +PSA PAKE transparent driver: input in-driver forced status +pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:2 + +PSA PAKE transparent driver: output in-driver forced status +pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:3 + +PSA PAKE transparent driver: output in-driver forced output +pake_operations:"abcd":PSA_SUCCESS:PSA_SUCCESS:"1234":PSA_SUCCESS:3 + +PSA PAKE transparent driver: get_key in-driver forced status +pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:4 + +PSA PAKE transparent driver: abort in-driver forced status +pake_operations:"abcd":PSA_SUCCESS:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR:5 + +PSA PAKE transparent driver: setup(via input) fallback not available +depends_on:!MBEDTLS_PSA_BUILTIN_PAKE +pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:0 + +PSA PAKE transparent driver: setup(via output) fallback not available +depends_on:!MBEDTLS_PSA_BUILTIN_PAKE +pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:1 + +PSA PAKE transparent driver: input fallback not available +depends_on:!MBEDTLS_PSA_BUILTIN_PAKE +pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:2 + +PSA PAKE transparent driver: output fallback not available +depends_on:!MBEDTLS_PSA_BUILTIN_PAKE +pake_operations:"abcd":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:"":PSA_ERROR_NOT_SUPPORTED:3 + +PSA PAKE: ecjpake rounds transparent driver: in-driver success +depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:1 + +PSA PAKE: ecjpake rounds transparent driver: fallback success +depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS:MBEDTLS_PSA_BUILTIN_ALG_JPAKE +ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:0 diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 8bb3e35f6..1d96f72ac 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1,6 +1,420 @@ /* BEGIN_HEADER */ #include "test/drivers/test_driver.h" +/* Auxiliary variables for pake tests. + Global to silent the compiler when unused. */ +size_t pake_expected_hit_count = 0; +int pake_in_driver = 0; + +/* The only two JPAKE user/peer identifiers supported for the time being. */ +static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' }; +static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' }; + +#if defined(PSA_WANT_ALG_JPAKE) && \ + defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + defined(PSA_WANT_ECC_SECP_R1_256) && defined(PSA_WANT_ALG_SHA_256) +static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, + psa_pake_operation_t *server, + psa_pake_operation_t *client, + int client_input_first, + int round) +{ + unsigned char *buffer0 = NULL, *buffer1 = NULL; + size_t buffer_length = ( + PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_KEY_SHARE) + + PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PUBLIC) + + PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PROOF)) * 2; + /* The output should be exactly this size according to the spec */ + const size_t expected_size_key_share = + PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_KEY_SHARE); + /* The output should be exactly this size according to the spec */ + const size_t expected_size_zk_public = + PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PUBLIC); + /* The output can be smaller: the spec allows stripping leading zeroes */ + const size_t max_expected_size_zk_proof = + PSA_PAKE_OUTPUT_SIZE(alg, primitive, PSA_PAKE_STEP_ZK_PROOF); + size_t buffer0_off = 0; + size_t buffer1_off = 0; + size_t s_g1_len, s_g2_len, s_a_len; + size_t s_g1_off, s_g2_off, s_a_off; + size_t s_x1_pk_len, s_x2_pk_len, s_x2s_pk_len; + size_t s_x1_pk_off, s_x2_pk_off, s_x2s_pk_off; + size_t s_x1_pr_len, s_x2_pr_len, s_x2s_pr_len; + size_t s_x1_pr_off, s_x2_pr_off, s_x2s_pr_off; + size_t c_g1_len, c_g2_len, c_a_len; + size_t c_g1_off, c_g2_off, c_a_off; + size_t c_x1_pk_len, c_x2_pk_len, c_x2s_pk_len; + size_t c_x1_pk_off, c_x2_pk_off, c_x2s_pk_off; + size_t c_x1_pr_len, c_x2_pr_len, c_x2s_pr_len; + size_t c_x1_pr_off, c_x2_pr_off, c_x2s_pr_off; + psa_status_t status; + + TEST_CALLOC(buffer0, buffer_length); + TEST_CALLOC(buffer1, buffer_length); + + switch (round) { + case 1: + /* Server first round Output */ + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_g1_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(s_g1_len, expected_size_key_share); + s_g1_off = buffer0_off; + buffer0_off += s_g1_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_x1_pk_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(s_x1_pk_len, expected_size_zk_public); + s_x1_pk_off = buffer0_off; + buffer0_off += s_x1_pk_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_x1_pr_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_LE_U(s_x1_pr_len, max_expected_size_zk_proof); + s_x1_pr_off = buffer0_off; + buffer0_off += s_x1_pr_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_g2_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(s_g2_len, expected_size_key_share); + s_g2_off = buffer0_off; + buffer0_off += s_g2_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_x2_pk_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(s_x2_pk_len, expected_size_zk_public); + s_x2_pk_off = buffer0_off; + buffer0_off += s_x2_pk_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_x2_pr_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_LE_U(s_x2_pr_len, max_expected_size_zk_proof); + s_x2_pr_off = buffer0_off; + buffer0_off += s_x2_pr_len; + + if (client_input_first == 1) { + /* Client first round Input */ + status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_g1_off, s_g1_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + s_x1_pk_off, + s_x1_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + s_x1_pr_off, + s_x1_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_g2_off, + s_g2_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + s_x2_pk_off, + s_x2_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + s_x2_pr_off, + s_x2_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + } + + /* Adjust for indirect client driver setup in first pake_output call. */ + pake_expected_hit_count++; + + /* Client first round Output */ + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_g1_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(c_g1_len, expected_size_key_share); + c_g1_off = buffer1_off; + buffer1_off += c_g1_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_x1_pk_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(c_x1_pk_len, expected_size_zk_public); + c_x1_pk_off = buffer1_off; + buffer1_off += c_x1_pk_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_x1_pr_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_LE_U(c_x1_pr_len, max_expected_size_zk_proof); + c_x1_pr_off = buffer1_off; + buffer1_off += c_x1_pr_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_g2_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(c_g2_len, expected_size_key_share); + c_g2_off = buffer1_off; + buffer1_off += c_g2_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_x2_pk_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(c_x2_pk_len, expected_size_zk_public); + c_x2_pk_off = buffer1_off; + buffer1_off += c_x2_pk_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_x2_pr_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_LE_U(c_x2_pr_len, max_expected_size_zk_proof); + c_x2_pr_off = buffer1_off; + buffer1_off += c_x2_pr_len; + + if (client_input_first == 0) { + /* Client first round Input */ + status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_g1_off, s_g1_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + s_x1_pk_off, + s_x1_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + s_x1_pr_off, + s_x1_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_g2_off, + s_g2_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + s_x2_pk_off, + s_x2_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + s_x2_pr_off, + s_x2_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + } + + /* Server first round Input */ + status = psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + c_g1_off, c_g1_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PUBLIC, + buffer1 + c_x1_pk_off, c_x1_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PROOF, + buffer1 + c_x1_pr_off, c_x1_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + c_g2_off, c_g2_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PUBLIC, + buffer1 + c_x2_pk_off, c_x2_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PROOF, + buffer1 + c_x2_pr_off, c_x2_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + break; + + case 2: + /* Server second round Output */ + buffer0_off = 0; + + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_a_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(s_a_len, expected_size_key_share); + s_a_off = buffer0_off; + buffer0_off += s_a_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_x2s_pk_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(s_x2s_pk_len, expected_size_zk_public); + s_x2s_pk_off = buffer0_off; + buffer0_off += s_x2s_pk_len; + PSA_ASSERT(psa_pake_output(server, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + buffer0_off, + 512 - buffer0_off, &s_x2s_pr_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_LE_U(s_x2s_pr_len, max_expected_size_zk_proof); + s_x2s_pr_off = buffer0_off; + buffer0_off += s_x2s_pr_len; + + if (client_input_first == 1) { + /* Client second round Input */ + status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_a_off, s_a_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + s_x2s_pk_off, + s_x2s_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + s_x2s_pr_off, + s_x2s_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + } + + /* Client second round Output */ + buffer1_off = 0; + + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_a_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(c_a_len, expected_size_key_share); + c_a_off = buffer1_off; + buffer1_off += c_a_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_x2s_pk_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(c_x2s_pk_len, expected_size_zk_public); + c_x2s_pk_off = buffer1_off; + buffer1_off += c_x2s_pk_len; + PSA_ASSERT(psa_pake_output(client, PSA_PAKE_STEP_ZK_PROOF, + buffer1 + buffer1_off, + 512 - buffer1_off, &c_x2s_pr_len)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_LE_U(c_x2s_pr_len, max_expected_size_zk_proof); + c_x2s_pr_off = buffer1_off; + buffer1_off += c_x2s_pr_len; + + if (client_input_first == 0) { + /* Client second round Input */ + status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_a_off, s_a_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PUBLIC, + buffer0 + s_x2s_pk_off, + s_x2s_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(client, PSA_PAKE_STEP_ZK_PROOF, + buffer0 + s_x2s_pr_off, + s_x2s_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + } + + /* Server second round Input */ + status = psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + c_a_off, c_a_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PUBLIC, + buffer1 + c_x2s_pk_off, c_x2s_pk_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + status = psa_pake_input(server, PSA_PAKE_STEP_ZK_PROOF, + buffer1 + c_x2s_pr_off, c_x2s_pr_len); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + TEST_EQUAL(status, PSA_SUCCESS); + + break; + } + +exit: + mbedtls_free(buffer0); + mbedtls_free(buffer1); +} +#endif /* PSA_WANT_ALG_JPAKE */ + #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) /* Sanity checks on the output of RSA encryption. * @@ -46,13 +460,13 @@ static int sanity_check_rsa_encryption_result( TEST_EQUAL(buf[0], 0x00); TEST_EQUAL(buf[1], 0x02); TEST_EQUAL(buf[length - input_data->len - 1], 0x00); - ASSERT_COMPARE(buf + length - input_data->len, input_data->len, - input_data->x, input_data->len); + TEST_MEMORY_COMPARE(buf + length - input_data->len, input_data->len, + input_data->x, input_data->len); } else if (PSA_ALG_IS_RSA_OAEP(alg)) { TEST_EQUAL(buf[0], 0x00); /* The rest is too hard to check */ } else { - TEST_ASSERT(!"Encryption result sanity check not implemented for RSA algorithm"); + TEST_FAIL("Encryption result sanity check not implemented for RSA algorithm"); } #endif /* MBEDTLS_BIGNUM_C */ @@ -71,7 +485,7 @@ exit: /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_DRIVERS:PSA_CRYPTO_DRIVER_TEST + * depends_on:MBEDTLS_PSA_CRYPTO_C:PSA_CRYPTO_DRIVER_TEST * END_DEPENDENCIES */ @@ -124,7 +538,7 @@ void sign_hash(int key_type_arg, TEST_ASSERT(signature_size != 0); TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); actual_status = psa_sign_hash(key, alg, data_input->x, data_input->len, @@ -132,8 +546,8 @@ void sign_hash(int key_type_arg, &signature_length); TEST_EQUAL(actual_status, expected_status); if (expected_status == PSA_SUCCESS) { - ASSERT_COMPARE(signature, signature_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(signature, signature_length, + expected_output->x, expected_output->len); } TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, 1); @@ -251,7 +665,7 @@ void sign_message(int key_type_arg, TEST_ASSERT(signature_size != 0); TEST_ASSERT(signature_size <= PSA_SIGNATURE_MAX_SIZE); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(signature, signature_size); actual_status = psa_sign_message(key, alg, data_input->x, data_input->len, @@ -259,8 +673,8 @@ void sign_message(int key_type_arg, &signature_length); TEST_EQUAL(actual_status, expected_status); if (expected_status == PSA_SUCCESS) { - ASSERT_COMPARE(signature, signature_length, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(signature, signature_length, + expected_output->x, expected_output->len); } /* In the builtin algorithm the driver is called twice. */ TEST_EQUAL(mbedtls_test_driver_signature_sign_hooks.hits, @@ -334,10 +748,10 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ -void generate_key(int force_status_arg, - data_t *fake_output, - int expected_status_arg) +/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */ +void generate_ec_key(int force_status_arg, + data_t *fake_output, + int expected_status_arg) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -381,8 +795,8 @@ void generate_key(int force_status_arg, psa_export_key(key, actual_output, sizeof(actual_output), &actual_output_length); if (fake_output->len > 0) { - ASSERT_COMPARE(actual_output, actual_output_length, - expected_output, expected_output_length); + TEST_MEMORY_COMPARE(actual_output, actual_output_length, + expected_output, expected_output_length); } else { size_t zeroes = 0; for (size_t i = 0; i < sizeof(actual_output); i++) { @@ -513,8 +927,8 @@ void export_key(int force_status_arg, } if (actual_status == PSA_SUCCESS) { - ASSERT_COMPARE(actual_output, actual_output_length, - expected_output_ptr, expected_output_length); + TEST_MEMORY_COMPARE(actual_output, actual_output_length, + expected_output_ptr, expected_output_length); } exit: psa_reset_key_attributes(&attributes); @@ -583,7 +997,7 @@ void key_agreement(int alg_arg, mbedtls_test_driver_key_agreement_hooks.hits = 0; mbedtls_test_driver_key_agreement_hooks.forced_status = force_status; - ASSERT_ALLOC(actual_output, expected_output->len); + TEST_CALLOC(actual_output, expected_output->len); actual_status = psa_raw_key_agreement(alg, our_key, peer_key_data->x, peer_key_data->len, actual_output, expected_output->len, @@ -592,8 +1006,8 @@ void key_agreement(int alg_arg, TEST_EQUAL(mbedtls_test_driver_key_agreement_hooks.hits, 1); if (actual_status == PSA_SUCCESS) { - ASSERT_COMPARE(actual_output, actual_output_length, - expected_output_ptr, expected_output_length); + TEST_MEMORY_COMPARE(actual_output, actual_output_length, + expected_output_ptr, expected_output_length); } mbedtls_free(actual_output); actual_output = NULL; @@ -639,8 +1053,8 @@ void cipher_encrypt_validation(int alg_arg, output1_buffer_size = PSA_CIPHER_ENCRYPT_OUTPUT_SIZE(key_type, alg, input->len); output2_buffer_size = PSA_CIPHER_UPDATE_OUTPUT_SIZE(key_type, alg, input->len) + PSA_CIPHER_FINISH_OUTPUT_SIZE(key_type, alg); - ASSERT_ALLOC(output1, output1_buffer_size); - ASSERT_ALLOC(output2, output2_buffer_size); + TEST_CALLOC(output1, output1_buffer_size); + TEST_CALLOC(output2, output2_buffer_size); PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); @@ -679,8 +1093,8 @@ void cipher_encrypt_validation(int alg_arg, PSA_ASSERT(psa_cipher_abort(&operation)); // driver function should've been called as part of the finish() core routine TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE(output1 + iv_size, output1_length - iv_size, - output2, output2_length); + TEST_MEMORY_COMPARE(output1 + iv_size, output1_length - iv_size, + output2, output2_length); exit: psa_cipher_abort(&operation); @@ -757,7 +1171,7 @@ void cipher_encrypt_multipart(int alg_arg, output_buffer_size = ((size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; @@ -807,8 +1221,8 @@ void cipher_encrypt_multipart(int alg_arg, PSA_ASSERT(psa_cipher_abort(&operation)); TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE(expected_output->x, expected_output->len, - output, total_output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: @@ -885,7 +1299,7 @@ void cipher_decrypt_multipart(int alg_arg, output_buffer_size = ((size_t) input->len + PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type)); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); if (mock_output_arg) { mbedtls_test_driver_cipher_hooks.forced_output = expected_output->x; @@ -936,8 +1350,8 @@ void cipher_decrypt_multipart(int alg_arg, PSA_ASSERT(psa_cipher_abort(&operation)); TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 0); - ASSERT_COMPARE(expected_output->x, expected_output->len, - output, total_output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, total_output_length); } exit: @@ -984,13 +1398,13 @@ void cipher_decrypt(int alg_arg, /* Allocate input buffer and copy the iv and the plaintext */ input_buffer_size = ((size_t) input_arg->len + (size_t) iv->len); if (input_buffer_size > 0) { - ASSERT_ALLOC(input, input_buffer_size); + TEST_CALLOC(input, input_buffer_size); memcpy(input, iv->x, iv->len); memcpy(input + iv->len, input_arg->x, input_arg->len); } output_buffer_size = PSA_CIPHER_DECRYPT_OUTPUT_SIZE(key_type, alg, input_buffer_size); - ASSERT_ALLOC(output, output_buffer_size); + TEST_CALLOC(output, output_buffer_size); PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); @@ -1008,8 +1422,8 @@ void cipher_decrypt(int alg_arg, TEST_EQUAL(status, expected_status); if (expected_status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_output->x, expected_output->len, - output, output_length); + TEST_MEMORY_COMPARE(expected_output->x, expected_output->len, + output, output_length); } exit: @@ -1037,7 +1451,7 @@ void cipher_entry_points(int alg_arg, int key_type_arg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_test_driver_cipher_hooks = mbedtls_test_driver_cipher_hooks_init(); - ASSERT_ALLOC(output, input->len + 16); + TEST_CALLOC(output, input->len + 16); output_buffer_size = input->len + 16; PSA_ASSERT(psa_crypto_init()); @@ -1277,7 +1691,7 @@ void aead_encrypt(int key_type_arg, data_t *key_data, PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); TEST_ASSERT(output_size <= PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_encrypt(key, alg, @@ -1293,8 +1707,8 @@ void aead_encrypt(int key_type_arg, data_t *key_data, PSA_SUCCESS : forced_status); if (status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_result->x, expected_result->len, - output_data, output_length); + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + output_data, output_length); } exit: @@ -1339,7 +1753,7 @@ void aead_decrypt(int key_type_arg, data_t *key_data, output_size = input_data->len - PSA_AEAD_TAG_LENGTH(key_type, key_bits, alg); - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; status = psa_aead_decrypt(key, alg, @@ -1356,8 +1770,8 @@ void aead_decrypt(int key_type_arg, data_t *key_data, PSA_SUCCESS : forced_status); if (status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_data->x, expected_data->len, - output_data, output_length); + TEST_MEMORY_COMPARE(expected_data->x, expected_data->len, + output_data, output_length); } exit: @@ -1402,7 +1816,7 @@ void mac_sign(int key_type_arg, PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); - ASSERT_ALLOC(actual_mac, mac_buffer_size); + TEST_CALLOC(actual_mac, mac_buffer_size); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* @@ -1425,8 +1839,8 @@ void mac_sign(int key_type_arg, TEST_EQUAL(mbedtls_test_driver_mac_hooks.hits, 1); if (forced_status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_mac->x, expected_mac->len, - actual_mac, mac_length); + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } mbedtls_free(actual_mac); @@ -1477,7 +1891,7 @@ void mac_sign_multipart(int key_type_arg, PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); - ASSERT_ALLOC(actual_mac, mac_buffer_size); + TEST_CALLOC(actual_mac, mac_buffer_size); mbedtls_test_driver_mac_hooks.forced_status = forced_status; /* @@ -1543,8 +1957,8 @@ void mac_sign_multipart(int key_type_arg, } if (forced_status == PSA_SUCCESS) { - ASSERT_COMPARE(expected_mac->x, expected_mac->len, - actual_mac, mac_length); + TEST_MEMORY_COMPARE(expected_mac->x, expected_mac->len, + actual_mac, mac_length); } mbedtls_free(actual_mac); @@ -1717,7 +2131,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ void builtin_key_export(int builtin_key_id_arg, int builtin_key_type_arg, int builtin_key_bits_arg, @@ -1738,15 +2152,15 @@ void builtin_key_export(int builtin_key_id_arg, psa_status_t actual_status; PSA_ASSERT(psa_crypto_init()); - ASSERT_ALLOC(output_buffer, expected_output->len); + TEST_CALLOC(output_buffer, expected_output->len); actual_status = psa_export_key(key, output_buffer, expected_output->len, &output_size); if (expected_status == PSA_SUCCESS) { PSA_ASSERT(actual_status); TEST_EQUAL(output_size, expected_output->len); - ASSERT_COMPARE(output_buffer, output_size, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output_buffer, output_size, + expected_output->x, expected_output->len); PSA_ASSERT(psa_get_key_attributes(key, &attributes)); TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits); @@ -1768,7 +2182,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ +/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ void builtin_pubkey_export(int builtin_key_id_arg, int builtin_key_type_arg, int builtin_key_bits_arg, @@ -1789,15 +2203,15 @@ void builtin_pubkey_export(int builtin_key_id_arg, psa_status_t actual_status; PSA_ASSERT(psa_crypto_init()); - ASSERT_ALLOC(output_buffer, expected_output->len); + TEST_CALLOC(output_buffer, expected_output->len); actual_status = psa_export_public_key(key, output_buffer, expected_output->len, &output_size); if (expected_status == PSA_SUCCESS) { PSA_ASSERT(actual_status); TEST_EQUAL(output_size, expected_output->len); - ASSERT_COMPARE(output_buffer, output_size, - expected_output->x, expected_output->len); + TEST_MEMORY_COMPARE(output_buffer, output_size, + expected_output->x, expected_output->len); PSA_ASSERT(psa_get_key_attributes(key, &attributes)); TEST_EQUAL(psa_get_key_bits(&attributes), builtin_key_bits); @@ -1828,11 +2242,13 @@ void hash_compute(int alg_arg, unsigned char *output = NULL; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - mbedtls_test_driver_hash_hooks.forced_status = forced_status; PSA_ASSERT(psa_crypto_init()); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); + + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); + mbedtls_test_driver_hash_hooks.forced_status = forced_status; TEST_EQUAL(psa_hash_compute(alg, input->x, input->len, output, PSA_HASH_LENGTH(alg), @@ -1841,7 +2257,7 @@ void hash_compute(int alg_arg, TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); if (expected_status == PSA_SUCCESS) { - ASSERT_COMPARE(output, output_length, hash->x, hash->len); + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: @@ -1864,12 +2280,14 @@ void hash_multipart_setup(int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); mbedtls_test_driver_hash_hooks.forced_status = forced_status; + TEST_EQUAL(psa_hash_setup(&operation, alg), expected_status); TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 1); TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); @@ -1887,7 +2305,7 @@ void hash_multipart_setup(int alg_arg, forced_status == PSA_ERROR_NOT_SUPPORTED ? 1 : 4); TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); - ASSERT_COMPARE(output, output_length, hash->x, hash->len); + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: @@ -1909,10 +2327,12 @@ void hash_multipart_update(int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); + + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); /* * Update inactive operation, the driver shouldn't be called. @@ -1942,7 +2362,7 @@ void hash_multipart_update(int alg_arg, TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 2); TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); - ASSERT_COMPARE(output, output_length, hash->x, hash->len); + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: @@ -1964,10 +2384,11 @@ void hash_multipart_finish(int alg_arg, psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); + + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); /* * Finish inactive operation, the driver shouldn't be called. @@ -1995,7 +2416,7 @@ void hash_multipart_finish(int alg_arg, TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, forced_status); if (forced_status == PSA_SUCCESS) { - ASSERT_COMPARE(output, output_length, hash->x, hash->len); + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: @@ -2018,10 +2439,11 @@ void hash_clone(int alg_arg, psa_hash_operation_t target_operation = PSA_HASH_OPERATION_INIT; size_t output_length; - mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); - ASSERT_ALLOC(output, PSA_HASH_LENGTH(alg)); - PSA_ASSERT(psa_crypto_init()); + TEST_CALLOC(output, PSA_HASH_LENGTH(alg)); + + /* Do this after psa_crypto_init() which may call hash drivers */ + mbedtls_test_driver_hash_hooks = mbedtls_test_driver_hash_hooks_init(); /* * Clone inactive operation, the driver shouldn't be called. @@ -2054,7 +2476,7 @@ void hash_clone(int alg_arg, TEST_EQUAL(mbedtls_test_driver_hash_hooks.hits, 3); TEST_EQUAL(mbedtls_test_driver_hash_hooks.driver_status, PSA_SUCCESS); - ASSERT_COMPARE(output, output_length, hash->x, hash->len); + TEST_MEMORY_COMPARE(output, output_length, hash->x, hash->len); } exit: @@ -2117,11 +2539,11 @@ void asymmetric_encrypt_decrypt(int alg_arg, mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = fake_output_encrypt->len; output_size = fake_output_encrypt->len; - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); } else { output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); TEST_ASSERT(output_size <= PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); } /* We test encryption by checking that encrypt-then-decrypt gives back @@ -2138,8 +2560,8 @@ void asymmetric_encrypt_decrypt(int alg_arg, if (expected_status_encrypt == PSA_SUCCESS) { if (fake_output_encrypt->len > 0) { - ASSERT_COMPARE(fake_output_encrypt->x, fake_output_encrypt->len, - output, output_length); + TEST_MEMORY_COMPARE(fake_output_encrypt->x, fake_output_encrypt->len, + output, output_length); } else { mbedtls_test_driver_asymmetric_encryption_hooks.forced_status = forced_status_decrypt; @@ -2149,13 +2571,13 @@ void asymmetric_encrypt_decrypt(int alg_arg, mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = fake_output_decrypt->len; output2_size = fake_output_decrypt->len; - ASSERT_ALLOC(output2, output2_size); + TEST_CALLOC(output2, output2_size); } else { output2_size = input_data->len; TEST_ASSERT(output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)); TEST_ASSERT(output2_size <= PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE); - ASSERT_ALLOC(output2, output2_size); + TEST_CALLOC(output2, output2_size); } TEST_EQUAL(psa_asymmetric_decrypt(key, alg, @@ -2165,11 +2587,11 @@ void asymmetric_encrypt_decrypt(int alg_arg, &output2_length), expected_status_decrypt); if (expected_status_decrypt == PSA_SUCCESS) { if (fake_output_decrypt->len > 0) { - ASSERT_COMPARE(fake_output_decrypt->x, fake_output_decrypt->len, - output2, output2_length); + TEST_MEMORY_COMPARE(fake_output_decrypt->x, fake_output_decrypt->len, + output2, output2_length); } else { - ASSERT_COMPARE(input_data->x, input_data->len, - output2, output2_length); + TEST_MEMORY_COMPARE(input_data->x, input_data->len, + output2, output2_length); } } } @@ -2229,10 +2651,10 @@ void asymmetric_decrypt(int alg_arg, mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = fake_output_decrypt->len; output_size = fake_output_decrypt->len; - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); } else { output_size = expected_output_data->len; - ASSERT_ALLOC(output, expected_output_data->len); + TEST_CALLOC(output, expected_output_data->len); } TEST_EQUAL(psa_asymmetric_decrypt(key, alg, @@ -2242,8 +2664,8 @@ void asymmetric_decrypt(int alg_arg, &output_length), expected_status_decrypt); if (expected_status_decrypt == PSA_SUCCESS) { TEST_EQUAL(output_length, expected_output_data->len); - ASSERT_COMPARE(expected_output_data->x, expected_output_data->len, - output, output_length); + TEST_MEMORY_COMPARE(expected_output_data->x, expected_output_data->len, + output, output_length); } exit: /* @@ -2302,10 +2724,10 @@ void asymmetric_encrypt(int alg_arg, mbedtls_test_driver_asymmetric_encryption_hooks.forced_output_length = fake_output_encrypt->len; output_size = fake_output_encrypt->len; - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); } else { output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg); - ASSERT_ALLOC(output, output_size); + TEST_CALLOC(output, output_size); } TEST_EQUAL(psa_asymmetric_encrypt(key, alg, @@ -2316,8 +2738,8 @@ void asymmetric_encrypt(int alg_arg, if (expected_status_encrypt == PSA_SUCCESS) { if (fake_output_encrypt->len > 0) { TEST_EQUAL(fake_output_encrypt->len, output_length); - ASSERT_COMPARE(fake_output_encrypt->x, fake_output_encrypt->len, - output, output_length); + TEST_MEMORY_COMPARE(fake_output_encrypt->x, fake_output_encrypt->len, + output, output_length); } else { /* Perform sanity checks on the output */ #if PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY @@ -2333,7 +2755,7 @@ void asymmetric_encrypt(int alg_arg, { (void) modulus; (void) private_exponent; - TEST_ASSERT(!"Encryption sanity checks not implemented for this key type"); + TEST_FAIL("Encryption sanity checks not implemented for this key type"); } } } @@ -2402,7 +2824,7 @@ void aead_encrypt_setup(int key_type_arg, data_t *key_data, PSA_AEAD_ENCRYPT_OUTPUT_SIZE(key_type, alg, input_data->len)); TEST_ASSERT(output_size <= PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE(input_data->len)); - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); status = psa_aead_encrypt_setup(&operation, key, alg); @@ -2451,11 +2873,11 @@ void aead_encrypt_setup(int key_type_arg, data_t *key_data, forced_status == PSA_SUCCESS ? 1 : 0); /* Compare output_data and expected_ciphertext */ - ASSERT_COMPARE(expected_ciphertext->x, expected_ciphertext->len, - output_data, output_length + finish_output_length); + TEST_MEMORY_COMPARE(expected_ciphertext->x, expected_ciphertext->len, + output_data, output_length + finish_output_length); /* Compare tag and expected_tag */ - ASSERT_COMPARE(expected_tag->x, expected_tag->len, tag_buffer, tag_length); + TEST_MEMORY_COMPARE(expected_tag->x, expected_tag->len, tag_buffer, tag_length); } exit: @@ -2504,7 +2926,7 @@ void aead_decrypt_setup(int key_type_arg, data_t *key_data, output_size = input_ciphertext->len; - ASSERT_ALLOC(output_data, output_size); + TEST_CALLOC(output_data, output_size); mbedtls_test_driver_aead_hooks.forced_status = forced_status; @@ -2557,8 +2979,8 @@ void aead_decrypt_setup(int key_type_arg, data_t *key_data, TEST_EQUAL(mbedtls_test_driver_aead_hooks.hits_abort, forced_status == PSA_SUCCESS ? 1 : 0); - ASSERT_COMPARE(expected_result->x, expected_result->len, - output_data, output_length + verify_output_length); + TEST_MEMORY_COMPARE(expected_result->x, expected_result->len, + output_data, output_length + verify_output_length); } exit: @@ -2567,3 +2989,306 @@ exit: PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */ +void pake_operations(data_t *pw_data, int forced_status_setup_arg, int forced_status_arg, + data_t *forced_output, int expected_status_arg, + int fut) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_status_t forced_status = forced_status_arg; + psa_status_t forced_status_setup = forced_status_setup_arg; + psa_status_t expected_status = expected_status_arg; + psa_pake_operation_t operation = psa_pake_operation_init(); + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + psa_key_derivation_operation_t implicit_key = + PSA_KEY_DERIVATION_OPERATION_INIT; + psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE( + PSA_PAKE_PRIMITIVE_TYPE_ECC, + PSA_ECC_FAMILY_SECP_R1, 256); + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + unsigned char *input_buffer = NULL; + const size_t size_key_share = PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, + PSA_PAKE_STEP_KEY_SHARE); + unsigned char *output_buffer = NULL; + size_t output_len = 0; + size_t output_size = PSA_PAKE_OUTPUT_SIZE(PSA_ALG_JPAKE, primitive, + PSA_PAKE_STEP_KEY_SHARE); + int in_driver = (forced_status_setup_arg == PSA_SUCCESS); + + TEST_CALLOC(input_buffer, + PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, + PSA_PAKE_STEP_KEY_SHARE)); + memset(input_buffer, 0xAA, size_key_share); + + TEST_CALLOC(output_buffer, + PSA_PAKE_INPUT_SIZE(PSA_ALG_JPAKE, primitive, + PSA_PAKE_STEP_KEY_SHARE)); + memset(output_buffer, 0x55, output_size); + + PSA_INIT(); + + mbedtls_test_driver_pake_hooks = mbedtls_test_driver_pake_hooks_init(); + + if (pw_data->len > 0) { + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, PSA_ALG_JPAKE); + psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD); + PSA_ASSERT(psa_import_key(&attributes, pw_data->x, pw_data->len, + &key)); + } + + psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE); + psa_pake_cs_set_primitive(&cipher_suite, primitive); + psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256); + + mbedtls_test_driver_pake_hooks.forced_status = forced_status_setup; + + /* Collecting input stage (no driver entry points) */ + + TEST_EQUAL(psa_pake_setup(&operation, &cipher_suite), + PSA_SUCCESS); + + PSA_ASSERT(psa_pake_set_user(&operation, jpake_server_id, sizeof(jpake_server_id))); + PSA_ASSERT(psa_pake_set_peer(&operation, jpake_client_id, sizeof(jpake_client_id))); + + TEST_EQUAL(psa_pake_set_password_key(&operation, key), + PSA_SUCCESS); + + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + + /* Computation stage (driver entry points) */ + + switch (fut) { + case 0: /* setup (via input) */ + /* --- psa_pake_input (driver: setup, input) --- */ + mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; + mbedtls_test_driver_pake_hooks.forced_status = forced_status; + TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, + input_buffer, size_key_share), + expected_status); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1); + break; + + case 1: /* setup (via output) */ + /* --- psa_pake_output (driver: setup, output) --- */ + mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; + mbedtls_test_driver_pake_hooks.forced_status = forced_status; + TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE, + output_buffer, output_size, &output_len), + expected_status); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1); + break; + + case 2: /* input */ + /* --- psa_pake_input (driver: setup, input, abort) --- */ + mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; + mbedtls_test_driver_pake_hooks.forced_status = forced_status; + TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, + input_buffer, size_key_share), + expected_status); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, in_driver ? 3 : 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.input, in_driver ? 1 : 0); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, in_driver ? 1 : 0); + break; + + case 3: /* output */ + /* --- psa_pake_output (driver: setup, output, (abort)) --- */ + mbedtls_test_driver_pake_hooks.forced_setup_status = forced_status_setup; + mbedtls_test_driver_pake_hooks.forced_status = forced_status; + if (forced_output->len > 0) { + mbedtls_test_driver_pake_hooks.forced_output = forced_output->x; + mbedtls_test_driver_pake_hooks.forced_output_length = forced_output->len; + } + TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE, + output_buffer, output_size, &output_len), + expected_status); + + if (forced_output->len > 0) { + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, in_driver ? 2 : 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.output, in_driver ? 1 : 0); + TEST_EQUAL(output_len, forced_output->len); + TEST_EQUAL(memcmp(output_buffer, forced_output->x, output_len), 0); + } else { + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, in_driver ? 3 : 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.setup, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.output, in_driver ? 1 : 0); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, in_driver ? 1 : 0); + } + break; + + case 4: /* get_implicit_key */ + /* Call driver setup indirectly */ + TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, + input_buffer, size_key_share), + PSA_SUCCESS); + + /* Simulate that we are ready to get implicit key. */ + operation.computation_stage.jpake.round = PSA_JPAKE_FINISHED; + operation.computation_stage.jpake.inputs = 0; + operation.computation_stage.jpake.outputs = 0; + operation.computation_stage.jpake.step = PSA_PAKE_STEP_KEY_SHARE; + + /* --- psa_pake_get_implicit_key --- */ + mbedtls_test_driver_pake_hooks.forced_status = forced_status; + memset(&mbedtls_test_driver_pake_hooks.hits, 0, + sizeof(mbedtls_test_driver_pake_hooks.hits)); + TEST_EQUAL(psa_pake_get_implicit_key(&operation, &implicit_key), + expected_status); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 2); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.implicit_key, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, 1); + + break; + + case 5: /* abort */ + /* Call driver setup indirectly */ + TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, + input_buffer, size_key_share), + PSA_SUCCESS); + + /* --- psa_pake_abort --- */ + mbedtls_test_driver_pake_hooks.forced_status = forced_status; + memset(&mbedtls_test_driver_pake_hooks.hits, 0, + sizeof(mbedtls_test_driver_pake_hooks.hits)); + TEST_EQUAL(psa_pake_abort(&operation), expected_status); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 1); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.abort, 1); + break; + + default: + break; + } + + /* Clean up */ + mbedtls_test_driver_pake_hooks.forced_setup_status = PSA_SUCCESS; + mbedtls_test_driver_pake_hooks.forced_status = PSA_SUCCESS; + TEST_EQUAL(psa_pake_abort(&operation), PSA_SUCCESS); +exit: + /* + * Key attributes may have been returned by psa_get_key_attributes() + * thus reset them as required. + */ + psa_reset_key_attributes(&attributes); + mbedtls_free(input_buffer); + mbedtls_free(output_buffer); + psa_destroy_key(key); + mbedtls_test_driver_pake_hooks = + mbedtls_test_driver_pake_hooks_init(); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ +void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg, + int derive_alg_arg, data_t *pw_data, + int client_input_first, int in_driver) +{ + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + psa_pake_operation_t server = psa_pake_operation_init(); + psa_pake_operation_t client = psa_pake_operation_init(); + psa_algorithm_t alg = alg_arg; + psa_algorithm_t hash_alg = hash_arg; + psa_algorithm_t derive_alg = derive_alg_arg; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_derivation_operation_t server_derive = + PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t client_derive = + PSA_KEY_DERIVATION_OPERATION_INIT; + pake_in_driver = in_driver; + /* driver setup is called indirectly through pake_output/pake_input */ + if (pake_in_driver) { + pake_expected_hit_count = 2; + } else { + pake_expected_hit_count = 1; + } + + PSA_INIT(); + + mbedtls_test_driver_pake_hooks = mbedtls_test_driver_pake_hooks_init(); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD); + PSA_ASSERT(psa_import_key(&attributes, pw_data->x, pw_data->len, + &key)); + + psa_pake_cs_set_algorithm(&cipher_suite, alg); + psa_pake_cs_set_primitive(&cipher_suite, primitive_arg); + psa_pake_cs_set_hash(&cipher_suite, hash_alg); + + /* Get shared key */ + PSA_ASSERT(psa_key_derivation_setup(&server_derive, derive_alg)); + PSA_ASSERT(psa_key_derivation_setup(&client_derive, derive_alg)); + + if (PSA_ALG_IS_TLS12_PSK_TO_MS(derive_alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(&server_derive, + PSA_KEY_DERIVATION_INPUT_SEED, + (const uint8_t *) "", 0)); + PSA_ASSERT(psa_key_derivation_input_bytes(&client_derive, + PSA_KEY_DERIVATION_INPUT_SEED, + (const uint8_t *) "", 0)); + } + + if (!pake_in_driver) { + mbedtls_test_driver_pake_hooks.forced_setup_status = PSA_ERROR_NOT_SUPPORTED; + } + + PSA_ASSERT(psa_pake_setup(&server, &cipher_suite)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + PSA_ASSERT(psa_pake_setup(&client, &cipher_suite)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + + + PSA_ASSERT(psa_pake_set_user(&server, jpake_server_id, sizeof(jpake_server_id))); + PSA_ASSERT(psa_pake_set_peer(&server, jpake_client_id, sizeof(jpake_client_id))); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + PSA_ASSERT(psa_pake_set_user(&client, jpake_client_id, sizeof(jpake_client_id))); + PSA_ASSERT(psa_pake_set_peer(&client, jpake_server_id, sizeof(jpake_server_id))); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + PSA_ASSERT(psa_pake_set_password_key(&server, key)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + PSA_ASSERT(psa_pake_set_password_key(&client, key)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, 0); + + /* First round */ + ecjpake_do_round(alg, primitive_arg, &server, &client, + client_input_first, 1); + + /* Second round */ + ecjpake_do_round(alg, primitive_arg, &server, &client, + client_input_first, 2); + + /* After the key is obtained operation is aborted. + Adapt counter of expected hits. */ + if (pake_in_driver) { + pake_expected_hit_count++; + } + + PSA_ASSERT(psa_pake_get_implicit_key(&server, &server_derive)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); + + /* After the key is obtained operation is aborted. + Adapt counter of expected hits. */ + if (pake_in_driver) { + pake_expected_hit_count++; + } + + PSA_ASSERT(psa_pake_get_implicit_key(&client, &client_derive)); + TEST_EQUAL(mbedtls_test_driver_pake_hooks.hits.total, + pake_in_driver ? pake_expected_hit_count++ : pake_expected_hit_count); +exit: + psa_key_derivation_abort(&server_derive); + psa_key_derivation_abort(&client_derive); + psa_destroy_key(key); + psa_pake_abort(&server); + psa_pake_abort(&client); + PSA_DONE(); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data index 322363d25..68a7f984e 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.data +++ b/tests/suites/test_suite_psa_crypto_entropy.data @@ -10,19 +10,19 @@ external_rng_failure_generate: # Key types and non-randomized auxiliary algorithms (in practice, hashes) can # use an external implementation. PSA external RNG failure: randomized ECDSA -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:32 PSA external RNG failure: deterministic ECDSA (software implementation) -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ECC_SECP_R1_256 external_rng_failure_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):32 PSA external RNG failure: RSA-PSS -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):32 PSA external RNG failure: RSA PKCS#1v1.5 (software implementation) -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN external_rng_failure_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:32 PSA validate entropy injection: good, minimum size diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function index 1bb9efb9c..4d5eda2ba 100644 --- a/tests/suites/test_suite_psa_crypto_entropy.function +++ b/tests/suites/test_suite_psa_crypto_entropy.function @@ -12,28 +12,56 @@ MBEDTLS_ENTROPY_BLOCK_SIZE) #if defined(MBEDTLS_PSA_INJECT_ENTROPY) +#include -#if defined(MBEDTLS_PSA_ITS_FILE_C) -#include -#else -#include -#endif +/* Check the entropy seed file. + * + * \param expected_size Expected size in bytes. + * If 0, the file must not exist. + * + * \retval 1 Either \p expected_size is nonzero and + * the entropy seed file exists and has exactly this size, + * or \p expected_size is zero and the file does not exist. + * \retval 0 Either \p expected_size is nonzero but + * the entropy seed file does not exist or has a different size, + * or \p expected_size is zero but the file exists. + * In this case, the test case is marked as failed. + * + * \note We enforce that the seed is in a specific ITS file. + * This must not change, otherwise we break backward compatibility if + * the library is upgraded on a device with an existing seed. + */ +int check_random_seed_file(size_t expected_size) +{ + /* The value of the random seed UID must not change. Otherwise that would + * break upgrades of the library on devices that already contain a seed + * file. If this test assertion fails, you've presumably broken backward + * compatibility! */ + TEST_EQUAL(PSA_CRYPTO_ITS_RANDOM_SEED_UID, 0xFFFFFF52); -/* Remove the entropy seed file. Since the library does not expose a way - * to do this (it would be a security risk if such a function was ever - * accessible in production), implement this functionality in a white-box - * manner. */ + struct psa_storage_info_t info = { 0, 0 }; + psa_status_t status = psa_its_get_info(PSA_CRYPTO_ITS_RANDOM_SEED_UID, + &info); + + if (expected_size == 0) { + TEST_EQUAL(status, PSA_ERROR_DOES_NOT_EXIST); + } else { + TEST_EQUAL(status, PSA_SUCCESS); + TEST_EQUAL(info.size, expected_size); + } + return 1; + +exit: + return 0; +} + +/* Remove the entropy seed file. + * + * See check_random_seed_file() regarding abstraction boundaries. + */ psa_status_t remove_seed_file(void) { -#if defined(MBEDTLS_PSA_ITS_FILE_C) - if (remove("00000000ffffff52.psa_its") == 0) { - return PSA_SUCCESS; - } else { - return PSA_ERROR_DOES_NOT_EXIST; - } -#else return psa_its_remove(PSA_CRYPTO_ITS_RANDOM_SEED_UID); -#endif } #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ @@ -86,8 +114,8 @@ void external_rng_failure_sign(int key_type, data_t *key_data, int alg, size_t signature_size = PSA_SIGNATURE_MAX_SIZE; size_t signature_length; - ASSERT_ALLOC(input, input_size); - ASSERT_ALLOC(signature, signature_size); + TEST_CALLOC(input, input_size); + TEST_CALLOC(signature, signature_size); PSA_ASSERT(psa_crypto_init()); PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, @@ -135,7 +163,7 @@ void validate_entropy_seed_injection(int seed_length_a, } else { seed_size = seed_length_b; } - ASSERT_ALLOC(seed, seed_size); + TEST_CALLOC(seed, seed_size); /* fill seed with some data */ for (i = 0; i < seed_size; ++i) { seed[i] = i; @@ -143,18 +171,34 @@ void validate_entropy_seed_injection(int seed_length_a, status = remove_seed_file(); TEST_ASSERT((status == PSA_SUCCESS) || (status == PSA_ERROR_DOES_NOT_EXIST)); + if (!check_random_seed_file(0)) { + goto exit; + } + status = mbedtls_psa_inject_entropy(seed, seed_length_a); TEST_EQUAL(status, expected_status_a); + if (!check_random_seed_file(expected_status_a == PSA_SUCCESS ? seed_length_a : + 0)) { + goto exit; + } + status = mbedtls_psa_inject_entropy(seed, seed_length_b); TEST_EQUAL(status, expected_status_b); + if (!check_random_seed_file(expected_status_a == PSA_SUCCESS ? seed_length_a : + expected_status_b == PSA_SUCCESS ? seed_length_b : + 0)) { + goto exit; + } + PSA_ASSERT(psa_crypto_init()); PSA_ASSERT(psa_generate_random(output, sizeof(output))); TEST_ASSERT(memcmp(output, zeros, sizeof(output)) != 0); + exit: mbedtls_free(seed); - remove_seed_file(); PSA_DONE(); + mbedtls_test_inject_entropy_restore(); } /* END_CASE */ @@ -168,25 +212,40 @@ void run_entropy_inject_with_crypto_init() for (i = 0; i < sizeof(seed); ++i) { seed[i] = i; } + status = remove_seed_file(); TEST_ASSERT((status == PSA_SUCCESS) || (status == PSA_ERROR_DOES_NOT_EXIST)); + if (!check_random_seed_file(0)) { + goto exit; + } status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); PSA_ASSERT(status); + TEST_ASSERT(check_random_seed_file(sizeof(seed))); status = remove_seed_file(); TEST_EQUAL(status, PSA_SUCCESS); + if (!check_random_seed_file(0)) { + goto exit; + } + status = psa_crypto_init(); TEST_EQUAL(status, PSA_ERROR_INSUFFICIENT_ENTROPY); status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); PSA_ASSERT(status); + if (!check_random_seed_file(sizeof(seed))) { + goto exit; + } + status = psa_crypto_init(); PSA_ASSERT(status); PSA_DONE(); + /* The seed is written by nv_seed callback functions therefore the injection will fail */ status = mbedtls_psa_inject_entropy(seed, sizeof(seed)); TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); + exit: - remove_seed_file(); PSA_DONE(); + mbedtls_test_inject_entropy_restore(); } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data index 9f5133988..0a5f8765f 100644 --- a/tests/suites/test_suite_psa_crypto_hash.data +++ b/tests/suites/test_suite_psa_crypto_hash.data @@ -158,6 +158,70 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8 depends_on:PSA_WANT_ALG_SHA_512 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9" +PSA hash finish: SHA3-224 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7" + +PSA hash finish: SHA3-256 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_finish:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a" + +PSA hash finish: SHA3-384 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004" + +PSA hash finish: SHA3-512 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26" + +PSA hash finish: SHA3-224 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" + +PSA hash finish: SHA3-256 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" + +PSA hash finish: SHA3-384 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" + +PSA hash finish: SHA3-512 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" + +PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33" + +PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376" + +PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22" + +PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e" + +PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc" + +PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18" + +PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7" + +PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" + PSA hash finish: MD5 Test vector RFC1321 #1 depends_on:PSA_WANT_ALG_MD5 hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e" @@ -246,6 +310,22 @@ PSA hash verify: RIPEMD160 depends_on:PSA_WANT_ALG_RIPEMD160 hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37" +PSA hash verify: SHA3-224 +depends_on:PSA_WANT_ALG_SHA3_224 +hash_verify:PSA_ALG_SHA3_224:"bd":"79bd1a58a357d1a0ac15b43400bc396d17bdc6d3d90369f16f650b25" + +PSA hash verify: SHA3-256 +depends_on:PSA_WANT_ALG_SHA3_256 +hash_verify:PSA_ALG_SHA3_256:"bd":"b389fa0f45f21196cc2736e8de396497a2414be31e7a500a499918b8cf3257b2" + +PSA hash verify: SHA3-384 +depends_on:PSA_WANT_ALG_SHA3_384 +hash_verify:PSA_ALG_SHA3_384:"bd":"5a337b67965736040c5b1f2d4df7f9ca76cf01866c7d64ed8dd812b97995da9b14ef07f9c4d9190888e4b15c4df2203d" + +PSA hash verify: SHA3-512 +depends_on:PSA_WANT_ALG_SHA3_512 +hash_verify:PSA_ALG_SHA3_512:"bd":"72bacd82495cb72a44523cda462f0f02c9f33b6312e24e44f5c40deed2bbc37854b606cb2f62cce6a394b4157d8e6e89b22682380dc129dddd402693ffa98a6c" + PSA hash multi part: SHA-1 Test Vector NIST CAVS #1 depends_on:PSA_WANT_ALG_SHA_1 hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709" @@ -465,3 +545,126 @@ hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565 PSA hash multi part: RIPEMD160 Test vector from paper #8 depends_on:PSA_WANT_ALG_RIPEMD160 hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb" + +PSA hash multi part: SHA3-224 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7" + +PSA hash multi part: SHA3-256 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a" + +PSA hash multi part: SHA3-384 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004" + +PSA hash multi part: SHA3-512 Test Vector NIST "" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26" + +PSA hash multi part: SHA3-224 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" + +PSA hash multi part: SHA3-256 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" + +PSA hash multi part: SHA3-384 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" + +PSA hash multi part: SHA3-512 Test Vector NIST "abc" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" + +PSA hash multi part: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33" + +PSA hash multi part: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376" + +PSA hash multi part: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22" + +PSA hash multi part: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e" + +PSA hash multi part: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_224 +hash_multi_part:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc" + +PSA hash multi part: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_256 +hash_multi_part:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18" + +PSA hash multi part: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_384 +hash_multi_part:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7" + +PSA hash multi part: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +depends_on:PSA_WANT_ALG_SHA3_512 +hash_multi_part:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185" + +# HMAC test vectors generated in python with e.g. +# import hmac; hmac.new(bytes([0xaa]*32), b'abc', 'SHA3-224').hexdigest() + +PSA HMAC SHA3-224 +depends_on:PSA_WANT_ALG_SHA3_224 +hmac:PSA_ALG_SHA3_224:"abc":"bf0905154ad610b6a3d6d0b9a1c692494e987337d956624a066d7a1f" + +PSA HMAC SHA3-256 +depends_on:PSA_WANT_ALG_SHA3_256 +hmac:PSA_ALG_SHA3_256:"abc":"a986419a162b6d4731a8e96e44a2c6e784d50137907b457c9fb77c62705dc4d9" + +PSA HMAC SHA3-384 +depends_on:PSA_WANT_ALG_SHA3_384 +hmac:PSA_ALG_SHA3_384:"abc":"87b864ee25f8bfebd516eddd7cdd400d3c368a09e4b1fabaee5636da8a9c876c3f802c366537663910f2e6c5a8426381" + +PSA HMAC SHA3-512 +depends_on:PSA_WANT_ALG_SHA3_512 +hmac:PSA_ALG_SHA3_512:"abc":"2cef45b6950e41a70bc85cb431b2161d47c9e2932187fa15d80e3b7af1da38aa8fe823a72efd7e536e5236a5b0798418d8c8f08b0de5fc262867bb3752b6482d" + +PSA HMAC SHA-1 +depends_on:PSA_WANT_ALG_SHA_1 +hmac:PSA_ALG_SHA_1:"abc":"0b3a7f96afea3e14a0835f7c9468a24649f85596" + +PSA HMAC SHA-224 +depends_on:PSA_WANT_ALG_SHA_224 +hmac:PSA_ALG_SHA_224:"abc":"249c405cef8bcd3ceeafdb9a933179739fb9b1d7f174df4667ec82f3" + +PSA HMAC SHA-256 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"abc":"b89a1b878289c739595104da55b6f7a8afec3e0757fc166080dc267c09c46841" + +PSA HMAC SHA-384 +depends_on:PSA_WANT_ALG_SHA_384 +hmac:PSA_ALG_SHA_384:"abc":"25a8b55c884bc38286305f76332631726498f5586280b88bc6179cd00c6878fb7d1bb3ee1643fcd2fb02b95823ff1af2" + +PSA HMAC SHA-512 +depends_on:PSA_WANT_ALG_SHA_512 +hmac:PSA_ALG_SHA_512:"abc":"d6e5eebb5cf27f5b686fefc416ee8c431bb10770216aa3c6ba13897ef3fc040b98abc53b95039f2c50622473f958af64a3cae1afbea8ffffa8d35ca24f31e222" + +PSA HMAC RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160 +hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2" + +PSA HMAC MD5 +depends_on:PSA_WANT_ALG_MD5 +hmac:PSA_ALG_MD5:"abc":"39677b12b80118927387aa4a65d16a5e" + +PSA HMAC input length 0 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"":"63210aee265762634fa3db8c1aa920dcd07d31ec297309580394a21412f83372" + +PSA HMAC input length 1 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"x":"f61c11d66441e3c0b9902a8491caa2da5a0d0d95ef0fc61d8a3b5ea5e0416f5c" + +PSA HMAC input length 2890 +depends_on:PSA_WANT_ALG_SHA_256 +hmac:PSA_ALG_SHA_256:"0123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999":"dd2e08786029097be5f634fda74a7e20e3e1638e71282892c4fd21d9a71ae418" diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function index f12541d68..20167fdab 100644 --- a/tests/suites/test_suite_psa_crypto_hash.function +++ b/tests/suites/test_suite_psa_crypto_hash.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include +#include "psa/crypto.h" /* END_HEADER */ @@ -25,8 +26,8 @@ void hash_finish(int alg_arg, data_t *input, data_t *expected_hash) PSA_ASSERT(psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_length)); - ASSERT_COMPARE(expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length); + TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); exit: psa_hash_abort(&operation); @@ -34,6 +35,52 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void hmac(int alg_arg, char *input, data_t *expected_mac) +{ + psa_algorithm_t alg = PSA_ALG_HMAC(alg_arg); + + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = PSA_KEY_TYPE_HMAC; + const uint8_t key_data[] = { // 32 bytes of 0xaa + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa + }; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT(psa_crypto_init()); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_type(&attributes, key_type); + PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), &key)); + + uint8_t mac[PSA_MAC_MAX_SIZE + 10] = { 0 }; + size_t mac_length = 0; + + size_t input_len = strlen(input); + PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), + &mac_length)); + + // manual comparison against expected MAC + ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length); + + // use psa_mac_verify to compare to expected MAC + PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, + expected_mac->len)); + + // corrupt the MAC and check that psa_mac_verify fails + expected_mac->x[0] ^= 0x7f; + TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, + expected_mac->len), PSA_ERROR_INVALID_SIGNATURE); + + PSA_ASSERT(psa_destroy_key(key)); +exit: + PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE */ void hash_verify(int alg_arg, data_t *input, data_t *expected_hash) { @@ -83,14 +130,14 @@ void hash_multi_part(int alg_arg, data_t *input, data_t *expected_hash) PSA_ASSERT(psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_length)); - ASSERT_COMPARE(expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length); + TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); PSA_ASSERT(psa_hash_finish(&operation2, actual_hash, sizeof(actual_hash), &actual_hash_length)); - ASSERT_COMPARE(expected_hash->x, expected_hash->len, - actual_hash, actual_hash_length); + TEST_MEMORY_COMPARE(expected_hash->x, expected_hash->len, + actual_hash, actual_hash_length); } while (len++ != input->len); exit: diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data index 9620a642a..8c5b41d6c 100644 --- a/tests/suites/test_suite_psa_crypto_init.data +++ b/tests/suites/test_suite_psa_crypto_init.data @@ -25,7 +25,10 @@ validate_module_init_key_based:1 Custom entropy sources: all standard custom_entropy_sources:0x0000ffff:PSA_SUCCESS +# MBEDTLS_PSA_INJECT_ENTROPY means that a source of entropy (the seed file) +# is effectively always available. Custom entropy sources: none +depends_on:!MBEDTLS_PSA_INJECT_ENTROPY custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY Fake entropy: never returns anything diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function index f0b98e7fd..7a434322a 100644 --- a/tests/suites/test_suite_psa_crypto_init.function +++ b/tests/suites/test_suite_psa_crypto_init.function @@ -74,11 +74,7 @@ static void custom_entropy_init(mbedtls_entropy_context *ctx) #endif ctx->accumulator_started = 0; -#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) - mbedtls_sha512_init(&ctx->accumulator); -#else - mbedtls_sha256_init(&ctx->accumulator); -#endif + mbedtls_md_init(&ctx->accumulator); #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) if (custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM) { @@ -271,7 +267,7 @@ void entropy_from_nv_seed(int seed_size_arg, uint8_t *seed = NULL; size_t seed_size = seed_size_arg; - ASSERT_ALLOC(seed, seed_size); + TEST_CALLOC(seed, seed_size); TEST_ASSERT(mbedtls_nv_seed_write(seed, seed_size) >= 0); custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED; diff --git a/tests/suites/test_suite_psa_crypto_low_hash.function b/tests/suites/test_suite_psa_crypto_low_hash.function new file mode 100644 index 000000000..6dabceff9 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_low_hash.function @@ -0,0 +1,209 @@ +/* BEGIN_HEADER */ +/* + * Test suite for the PSA hash built-in driver + * + * This test suite exercises some aspects of the built-in PSA driver for + * hash algorithms (psa_crypto_hash.c). This code is mostly tested via + * the application interface (above the PSA API layer) and via tests of + * individual hash modules. The goal of this test suite is to ensure that + * the driver dispatch layer behaves correctly even when not invoked via + * the API layer, but directly from another driver. + * + * This test suite is currently incomplete. It focuses on non-regression + * tests for past bugs or near misses. + */ + +#include + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_BUILTIN_HASH + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void hash_valid_one_shot(int alg_arg, data_t *input, + data_t *expected) +{ + psa_algorithm_t alg = alg_arg; + uint8_t *output = NULL; + size_t output_size = expected->len; + size_t length = SIZE_MAX; + + /* Nominal case */ + ASSERT_ALLOC(output, output_size); + TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected->x, expected->len, output, length); + mbedtls_free(output); + output = NULL; + + /* Larger output buffer */ + output_size = expected->len + 1; + ASSERT_ALLOC(output, output_size); + TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected->x, expected->len, output, length); + mbedtls_free(output); + output = NULL; + + /* We don't test with a smaller output buffer because this isn't + * guaranteed to work: the core must pass a sufficiently large + * output buffer to the driver. */ + +exit: + mbedtls_free(output); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_valid_multipart(int alg_arg, + data_t *input1, data_t *expected1, + data_t *input2, data_t *expected2) +{ + psa_algorithm_t alg = alg_arg; + uint8_t *output = NULL; + size_t output_size = expected1->len; + size_t length = SIZE_MAX; + mbedtls_psa_hash_operation_t operation0; // original + memset(&operation0, 0, sizeof(operation0)); + mbedtls_psa_hash_operation_t clone_start; // cloned after setup + memset(&clone_start, 0, sizeof(clone_start)); + mbedtls_psa_hash_operation_t clone_middle; // cloned between updates + memset(&clone_middle, 0, sizeof(clone_middle)); + mbedtls_psa_hash_operation_t clone_end; // cloned before finish + memset(&clone_end, 0, sizeof(clone_end)); + mbedtls_psa_hash_operation_t clone_more; // cloned before finish + memset(&clone_more, 0, sizeof(clone_more)); + + /* Nominal case with two update calls */ + ASSERT_ALLOC(output, output_size); + TEST_EQUAL(mbedtls_psa_hash_setup(&operation0, alg), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_start), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_update(&operation0, input1->x, input1->len), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_middle), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_update(&operation0, input2->x, input2->len), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_end), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_finish(&operation0, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected2->x, expected2->len, output, length); + + /* Nominal case with an operation cloned after setup */ + memset(output, 0, output_size); + TEST_EQUAL(mbedtls_psa_hash_update(&clone_start, input1->x, input1->len), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_finish(&clone_start, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected1->x, expected1->len, output, length); + + /* Nominal case with an operation cloned between updates */ + memset(output, 0, output_size); + TEST_EQUAL(mbedtls_psa_hash_update(&clone_middle, input2->x, input2->len), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_finish(&clone_middle, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected2->x, expected2->len, output, length); + + /* Nominal case with an operation cloned before finish */ + TEST_EQUAL(mbedtls_psa_hash_clone(&clone_end, &clone_more), + PSA_SUCCESS); + memset(output, 0, output_size); + TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected2->x, expected2->len, output, length); + mbedtls_free(output); + output = NULL; + + /* Larger output buffer */ + TEST_EQUAL(mbedtls_psa_hash_clone(&clone_more, &clone_end), + PSA_SUCCESS); + output_size = expected2->len + 1; + ASSERT_ALLOC(output, output_size); + TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected2->x, expected2->len, output, length); + mbedtls_free(output); + output = NULL; + + /* We don't test with a smaller output buffer because this isn't + * guaranteed to work: the core must pass a sufficiently large + * output buffer to the driver. */ + + /* Nominal case again after an error in a cloned operation */ + output_size = expected2->len; + ASSERT_ALLOC(output, output_size); + TEST_EQUAL(mbedtls_psa_hash_finish(&clone_more, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected2->x, expected2->len, output, length); + mbedtls_free(output); + output = NULL; + +exit: + mbedtls_free(output); + mbedtls_psa_hash_abort(&operation0); + mbedtls_psa_hash_abort(&clone_start); + mbedtls_psa_hash_abort(&clone_middle); + mbedtls_psa_hash_abort(&clone_end); + mbedtls_psa_hash_abort(&clone_more); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void hash_empty(int alg_arg, data_t *expected) +{ + psa_algorithm_t alg = alg_arg; + uint8_t *output = NULL; + size_t output_size = expected->len; + size_t length = SIZE_MAX; + mbedtls_psa_hash_operation_t operation; + memset(&operation, 0, sizeof(operation)); + + ASSERT_ALLOC(output, output_size); + + /* One-shot */ + TEST_EQUAL(mbedtls_psa_hash_compute(alg, NULL, 0, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected->x, expected->len, output, length); + + /* Multipart, no update */ + memset(output, 0, output_size); + TEST_EQUAL(mbedtls_psa_hash_setup(&operation, alg), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_finish(&operation, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected->x, expected->len, output, length); + + /* Multipart, one update */ + memset(output, 0, output_size); + memset(&operation, 0, sizeof(operation)); + TEST_EQUAL(mbedtls_psa_hash_setup(&operation, alg), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_update(&operation, NULL, 0), + PSA_SUCCESS); + TEST_EQUAL(mbedtls_psa_hash_finish(&operation, + output, output_size, &length), + PSA_SUCCESS); + ASSERT_COMPARE(expected->x, expected->len, output, length); + +exit: + mbedtls_free(output); + mbedtls_psa_hash_abort(&operation); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index bf5f04e4f..b1672ec10 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -26,6 +26,22 @@ Hash: SHA-2 SHA-512 depends_on:PSA_WANT_ALG_SHA_512 hash_algorithm:PSA_ALG_SHA_512:64 +Hash: SHA-3 SHA3-224 +depends_on:PSA_WANT_ALG_SHA3_224 +hash_algorithm:PSA_ALG_SHA3_224:28 + +Hash: SHA-3 SHA3-256 +depends_on:PSA_WANT_ALG_SHA3_256 +hash_algorithm:PSA_ALG_SHA3_256:32 + +Hash: SHA-3 SHA3-384 +depends_on:PSA_WANT_ALG_SHA3_384 +hash_algorithm:PSA_ALG_SHA3_384:48 + +Hash: SHA-3 SHA3-512 +depends_on:PSA_WANT_ALG_SHA3_512 +hash_algorithm:PSA_ALG_SHA3_512:64 + MAC: HMAC-MD5 depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5 hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64 @@ -59,11 +75,11 @@ depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 MAC: CBC_MAC-AES-192 -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 MAC: CBC_MAC-AES-256 -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 MAC: CBC_MAC-3DES @@ -75,11 +91,11 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 MAC: CMAC-AES-192 -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 MAC: CMAC-AES-256 -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 MAC: CMAC-3DES @@ -118,16 +134,20 @@ Cipher: XTS depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C cipher_algorithm:PSA_ALG_XTS:0 +Cipher: CCM* +depends_on:PSA_WANT_ALG_CCM_STAR_NO_TAG +cipher_algorithm:PSA_ALG_CCM_STAR_NO_TAG:ALG_IS_STREAM_CIPHER + AEAD: CCM-AES-128 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128 AEAD: CCM-AES-192 -depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192 AEAD: CCM-AES-256 -depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_algorithm:PSA_ALG_CCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256 AEAD: CCM-ARIA-128 @@ -159,11 +179,11 @@ depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:128 AEAD: GCM-AES-192 -depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:192 AEAD: GCM-AES-256 -depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aead_algorithm:PSA_ALG_GCM:ALG_IS_AEAD_ON_BLOCK_CIPHER:16:PSA_KEY_TYPE_AES:256 AEAD: GCM-ARIA-128 @@ -286,6 +306,10 @@ Key derivation: HKDF-Expand using SHA-384 depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_384 key_derivation_algorithm:PSA_ALG_HKDF_EXPAND( PSA_ALG_SHA_384 ):ALG_IS_HKDF_EXPAND +Key derivation: TLS1.2 ECJPAKE-to-PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +key_derivation_algorithm:PSA_ALG_TLS12_ECJPAKE_TO_PMS:0 + Key derivation: TLS 1.2 PRF using SHA-256 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF key_derivation_algorithm:PSA_ALG_TLS12_PRF( PSA_ALG_SHA_256 ):ALG_IS_TLS12_PRF @@ -339,6 +363,12 @@ key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED Key type: secret for key derivation key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED +Key type: password +key_type:PSA_KEY_TYPE_PASSWORD:KEY_TYPE_IS_UNSTRUCTURED + +Key type: password hash +key_type:PSA_KEY_TYPE_PASSWORD_HASH:KEY_TYPE_IS_UNSTRUCTURED + Block cipher key type: AES depends_on:PSA_WANT_KEY_TYPE_AES block_cipher_key_type:PSA_KEY_TYPE_AES:16 @@ -364,7 +394,7 @@ depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA Key type: RSA key pair -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT key_type:PSA_KEY_TYPE_RSA_KEY_PAIR:KEY_TYPE_IS_KEY_PAIR | KEY_TYPE_IS_RSA ECC key family: SECP K1 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index b28ed2a75..b51f2a28b 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -699,7 +699,7 @@ void ecc_key_family(int curve_arg) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ +/* BEGIN_CASE depends_on:PSA_KEY_TYPE_DH_PUBLIC_KEY:PSA_KEY_TYPE_DH_KEY_PAIR */ void dh_key_family(int group_arg) { psa_dh_family_t group = group_arg; diff --git a/tests/suites/test_suite_psa_crypto_op_fail.function b/tests/suites/test_suite_psa_crypto_op_fail.function index 046e3c3a0..20942bf81 100644 --- a/tests/suites/test_suite_psa_crypto_op_fail.function +++ b/tests/suites/test_suite_psa_crypto_op_fail.function @@ -221,6 +221,13 @@ void sign_fail(int key_type_arg, data_t *key_data, uint8_t input[1] = { 'A' }; uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; + psa_sign_hash_interruptible_operation_t sign_operation = + psa_sign_hash_interruptible_operation_init(); + + psa_verify_hash_interruptible_operation_t verify_operation = + psa_verify_hash_interruptible_operation_init(); + + PSA_INIT(); @@ -237,6 +244,13 @@ void sign_fail(int key_type_arg, data_t *key_data, psa_sign_hash(key_id, alg, input, sizeof(input), output, sizeof(output), &length)); + + TEST_STATUS(expected_status, + psa_sign_hash_start(&sign_operation, key_id, alg, + input, sizeof(input))); + + PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); + if (!private_only) { /* Determine a plausible signature size to avoid an INVALID_SIGNATURE * error based on this. */ @@ -253,6 +267,13 @@ void sign_fail(int key_type_arg, data_t *key_data, psa_verify_hash(key_id, alg, input, sizeof(input), output, output_length)); + + TEST_STATUS(expected_status, + psa_verify_hash_start(&verify_operation, key_id, alg, + input, sizeof(input), + output, output_length)); + + PSA_ASSERT(psa_verify_hash_abort(&verify_operation)); } exit: @@ -339,7 +360,7 @@ void key_agreement_fail(int key_type_arg, data_t *key_data, mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; uint8_t public_key[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE] = { 0 }; size_t public_key_length = SIZE_MAX; - uint8_t output[PSA_SIGNATURE_MAX_SIZE] = { 0 }; + uint8_t output[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE] = { 0 }; size_t length = SIZE_MAX; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; diff --git a/tests/suites/test_suite_psa_crypto_op_fail.misc.data b/tests/suites/test_suite_psa_crypto_op_fail.misc.data index 147c3b76f..7158f2dcb 100644 --- a/tests/suites/test_suite_psa_crypto_op_fail.misc.data +++ b/tests/suites/test_suite_psa_crypto_op_fail.misc.data @@ -11,5 +11,5 @@ depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES sign_fail:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_INVALID_ARGUMENT PSA sign RSA_PSS(SHA_256): RSA_PSS not enabled, key pair -depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +depends_on:!PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0:PSA_ERROR_NOT_SUPPORTED diff --git a/tests/suites/test_suite_psa_crypto_pake.data b/tests/suites/test_suite_psa_crypto_pake.data index f447ef05b..baebded38 100644 --- a/tests/suites/test_suite_psa_crypto_pake.data +++ b/tests/suites/test_suite_psa_crypto_pake.data @@ -1,203 +1,243 @@ PSA PAKE: uninitialized access to psa_pake_operation_t -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_UNINITIALIZED_ACCESS:PSA_ERROR_BAD_STATE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_UNINITIALIZED_ACCESS:PSA_ERROR_BAD_STATE PSA PAKE: invalid alg -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_SHA_256:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_SHA_256:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_SETUP:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: invalid primitive type -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_DH, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_DH, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED PSA PAKE: invalid primitive family -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_K1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_K1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED PSA PAKE: invalid primitive bits -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 128):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 128):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED PSA PAKE: invalid hash -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_1:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SETUP:PSA_ERROR_NOT_SUPPORTED +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_1:"client":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED PSA PAKE: duplicate a valid setup -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_DUPLICATE_SETUP:PSA_ERROR_BAD_STATE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_DUPLICATE_SETUP:PSA_ERROR_BAD_STATE -PSA PAKE: ecjpake setup invalid role NONE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_NONE:0:ERR_IN_SET_ROLE:PSA_ERROR_NOT_SUPPORTED +PSA PAKE: ecjpake setup role +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_SET_ROLE:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: wrong password key type -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_HMAC:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: wrong password key usage -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_ENCRYPT:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_NOT_PERMITTED +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_ENCRYPT:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_IN_SET_PASSWORD_KEY:PSA_ERROR_NOT_PERMITTED + +PSA PAKE: set empty user +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"":"server":0:ERR_IN_SET_USER:PSA_ERROR_INVALID_ARGUMENT + +PSA PAKE: set empty peer +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"":0:ERR_IN_SET_PEER:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: set invalid user -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_INVALID_USER:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"something":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED PSA PAKE: set invalid peer -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_INVALID_PEER:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"something":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED -PSA PAKE: set user -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_SET_USER:PSA_ERROR_NOT_SUPPORTED +PSA PAKE: user already set +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_DUPLICATE_SET_USER:PSA_ERROR_BAD_STATE -PSA PAKE: set peer -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_SET_PEER:PSA_ERROR_NOT_SUPPORTED +PSA PAKE: peer already set +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_DUPLICATE_SET_PEER:PSA_ERROR_BAD_STATE + +PSA PAKE: user and peer both servers +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"server":"server":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED + +PSA PAKE: user and peer both clients +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"client":0:ERR_IN_OUTPUT:PSA_ERROR_NOT_SUPPORTED PSA PAKE: invalid input -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: unkown input step -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: invalid first input step -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE -PSA PAKE: input buffer too large -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_INVALID_ARGUMENT +PSA PAKE: input buffer too large #1 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_INVALID_ARGUMENT -PSA PAKE: valid input operation after a failure -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:1:ERR_INJECT_VALID_OPERATION_AFTER_FAILURE:PSA_ERROR_BAD_STATE +PSA PAKE: input buffer too large #2 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":1:ERR_INJECT_WRONG_BUFFER_SIZE_2:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: invalid output -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_EMPTY_IO_BUFFER:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: unkown output step -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_UNKNOWN_STEP:PSA_ERROR_INVALID_ARGUMENT PSA PAKE: invalid first output step -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_INVALID_FIRST_STEP:PSA_ERROR_BAD_STATE PSA PAKE: output buffer too small -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_BUFFER_TOO_SMALL - -PSA PAKE: valid output operation after a failure -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_PAKE_ROLE_SERVER:0:ERR_INJECT_VALID_OPERATION_AFTER_FAILURE:PSA_ERROR_BAD_STATE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_setup:PSA_ALG_JPAKE:PSA_KEY_TYPE_PASSWORD:PSA_KEY_USAGE_DERIVE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:"client":"server":0:ERR_INJECT_WRONG_BUFFER_SIZE:PSA_ERROR_BUFFER_TOO_SMALL PSA PAKE: check rounds w/o forced errors -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:0:ERR_NONE PSA PAKE: check rounds w/o forced errors, TLS12_PRF -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"abcdef":0:0:ERR_NONE PSA PAKE: check rounds, key is destroyed after being passed to set_password_key -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:1:ERR_NONE PSA PAKE: check rounds w/o forced errors, client input first -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":1:0:ERR_NONE PSA PAKE: force early key derivation 1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:0:ERR_INJECT_ANTICIPATE_KEY_DERIVATION_1 PSA PAKE: force early key derivation 2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS ecjpake_rounds:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"abcdef":0:0:ERR_INJECT_ANTICIPATE_KEY_DERIVATION_2 PSA PAKE: no injected errors -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_NONE:PSA_SUCCESS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_NONE:PSA_SUCCESS:0 PSA PAKE: no injected errors, client input first -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:1:"abcdef":ERR_NONE:PSA_SUCCESS +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:1:"abcdef":ERR_NONE:PSA_SUCCESS:0 PSA PAKE: inject ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART1:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART1:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART1:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART1:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART1:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART1:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART2:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_KEY_SHARE_PART2:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART2:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PUBLIC_PART2:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART2:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_CLIENT_ZK_PROOF_PART2:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART1:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART1:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART1:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART1:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART1 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART1:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART1:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART2:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART2:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART2:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PUBLIC_PART2:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART2 -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART2:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART2:PSA_ERROR_DATA_INVALID:0 PSA PAKE: inject ERR_INJECT_ROUND2_CLIENT_KEY_SHARE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_CLIENT_KEY_SHARE:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_CLIENT_KEY_SHARE:PSA_ERROR_DATA_INVALID:1 PSA PAKE: inject ERR_INJECT_ROUND2_CLIENT_ZK_PUBLIC -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_CLIENT_ZK_PUBLIC:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_CLIENT_ZK_PUBLIC:PSA_ERROR_DATA_INVALID:1 PSA PAKE: inject ERR_INJECT_ROUND2_CLIENT_ZK_PROOF -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_CLIENT_ZK_PROOF:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_CLIENT_ZK_PROOF:PSA_ERROR_DATA_INVALID:1 PSA PAKE: inject ERR_INJECT_ROUND2_SERVER_KEY_SHARE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_SERVER_KEY_SHARE:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_SERVER_KEY_SHARE:PSA_ERROR_DATA_INVALID:1 PSA PAKE: inject ERR_INJECT_ROUND2_SERVER_ZK_PUBLIC -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_SERVER_ZK_PUBLIC:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_SERVER_ZK_PUBLIC:PSA_ERROR_DATA_INVALID:1 PSA PAKE: inject ERR_INJECT_ROUND2_SERVER_ZK_PROOF -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 -ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_SERVER_ZK_PROOF:PSA_ERROR_DATA_INVALID +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_ROUND2_SERVER_ZK_PROOF:PSA_ERROR_DATA_INVALID:1 + +PSA PAKE: inject ERR_INJECT_EXTRA_OUTPUT +depends_on:MBEDTLS_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_EXTRA_OUTPUT:PSA_ERROR_BAD_STATE:0 + +PSA PAKE: inject ERR_INJECT_EXTRA_INPUT +depends_on:MBEDTLS_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:1:"abcdef":ERR_INJECT_EXTRA_INPUT:PSA_ERROR_BAD_STATE:0 + +PSA PAKE: inject ERR_INJECT_EXTRA_OUTPUT_AT_END +depends_on:MBEDTLS_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:1:"abcdef":ERR_INJECT_EXTRA_OUTPUT_AT_END:PSA_ERROR_BAD_STATE:1 + +PSA PAKE: inject ERR_INJECT_EXTRA_INPUT_AT_END +depends_on:MBEDTLS_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 +ecjpake_rounds_inject:PSA_ALG_JPAKE:PSA_PAKE_PRIMITIVE(PSA_PAKE_PRIMITIVE_TYPE_ECC, PSA_ECC_FAMILY_SECP_R1, 256):PSA_ALG_SHA_256:0:"abcdef":ERR_INJECT_EXTRA_INPUT_AT_END:PSA_ERROR_BAD_STATE:1 PSA PAKE: ecjpake size macros -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 ecjpake_size_macros: + +PSA PAKE: input getters: password +pake_input_getters_password + +PSA PAKE: input getters: cipher suite +pake_input_getters_cipher_suite + +PSA PAKE: input getters: user +pake_input_getters_user + +PSA PAKE: input getters: peer +pake_input_getters_peer diff --git a/tests/suites/test_suite_psa_crypto_pake.function b/tests/suites/test_suite_psa_crypto_pake.function index 4dffa3b9d..96c119592 100644 --- a/tests/suites/test_suite_psa_crypto_pake.function +++ b/tests/suites/test_suite_psa_crypto_pake.function @@ -2,20 +2,23 @@ #include #include "psa/crypto.h" +#include "psa/crypto_extra.h" typedef enum { ERR_NONE = 0, /* errors forced internally in the code */ ERR_INJECT_UNINITIALIZED_ACCESS, ERR_INJECT_DUPLICATE_SETUP, - ERR_INJECT_INVALID_USER, - ERR_INJECT_INVALID_PEER, ERR_INJECT_SET_USER, ERR_INJECT_SET_PEER, + ERR_INJECT_SET_ROLE, + ERR_DUPLICATE_SET_USER, + ERR_DUPLICATE_SET_PEER, ERR_INJECT_EMPTY_IO_BUFFER, ERR_INJECT_UNKNOWN_STEP, ERR_INJECT_INVALID_FIRST_STEP, ERR_INJECT_WRONG_BUFFER_SIZE, + ERR_INJECT_WRONG_BUFFER_SIZE_2, ERR_INJECT_VALID_OPERATION_AFTER_FAILURE, ERR_INJECT_ANTICIPATE_KEY_DERIVATION_1, ERR_INJECT_ANTICIPATE_KEY_DERIVATION_2, @@ -37,8 +40,14 @@ typedef enum { ERR_INJECT_ROUND2_SERVER_KEY_SHARE, ERR_INJECT_ROUND2_SERVER_ZK_PUBLIC, ERR_INJECT_ROUND2_SERVER_ZK_PROOF, + ERR_INJECT_EXTRA_OUTPUT, + ERR_INJECT_EXTRA_INPUT, + ERR_INJECT_EXTRA_OUTPUT_AT_END, + ERR_INJECT_EXTRA_INPUT_AT_END, /* erros issued from the .data file */ ERR_IN_SETUP, + ERR_IN_SET_USER, + ERR_IN_SET_PEER, ERR_IN_SET_ROLE, ERR_IN_SET_PASSWORD_KEY, ERR_IN_INPUT, @@ -50,6 +59,10 @@ typedef enum { PAKE_ROUND_TWO } pake_round_t; +/* The only two JPAKE user/peer identifiers supported for the time being. */ +static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' }; +static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' }; + /* * Inject an error on the specified buffer ONLY it this is the correct stage. * Offset 7 is arbitrary, but chosen because it's "in the middle" of the part @@ -61,6 +74,13 @@ typedef enum { *(buf + 7) ^= 1; \ } +#define DO_ROUND_CONDITIONAL_CHECK_FAILURE(this_stage, function) \ + if (this_stage == err_stage) \ + { \ + TEST_EQUAL(function, expected_error_arg); \ + break; \ + } + #define DO_ROUND_UPDATE_OFFSETS(main_buf_offset, step_offset, step_size) \ { \ step_offset = main_buf_offset; \ @@ -117,8 +137,8 @@ static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, size_t c_x1_pr_off, c_x2_pr_off, c_x2s_pr_off; psa_status_t status; - ASSERT_ALLOC(buffer0, buffer_length); - ASSERT_ALLOC(buffer1, buffer_length); + TEST_CALLOC(buffer0, buffer_length); + TEST_CALLOC(buffer1, buffer_length); switch (round) { case PAKE_ROUND_ONE: @@ -177,6 +197,12 @@ static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, buffer0 + buffer0_off); DO_ROUND_UPDATE_OFFSETS(buffer0_off, s_x2_pr_off, s_x2_pr_len); + size_t extra_output_len; + DO_ROUND_CONDITIONAL_CHECK_FAILURE( + ERR_INJECT_EXTRA_OUTPUT, + psa_pake_output(server, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_g2_off, 512 - s_g2_off, &extra_output_len)); + (void) extra_output_len; /* * When injecting errors in inputs, the implementation is * free to detect it right away of with a delay. @@ -215,6 +241,12 @@ static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, s_x2_pr_len); DO_ROUND_CHECK_FAILURE(); + /* Note: Must have client_input_first == 1 to inject extra input */ + DO_ROUND_CONDITIONAL_CHECK_FAILURE( + ERR_INJECT_EXTRA_INPUT, + psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, + buffer0 + s_g2_off, s_g2_len)); + /* Error didn't trigger, make test fail */ if ((err_stage >= ERR_INJECT_ROUND1_SERVER_KEY_SHARE_PART1) && (err_stage <= ERR_INJECT_ROUND1_SERVER_ZK_PROOF_PART2)) { @@ -436,6 +468,16 @@ static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, buffer1 + buffer1_off); DO_ROUND_UPDATE_OFFSETS(buffer1_off, c_x2s_pr_off, c_x2s_pr_len); + if (client_input_first == 1) { + size_t extra_output_at_end_len; + DO_ROUND_CONDITIONAL_CHECK_FAILURE( + ERR_INJECT_EXTRA_OUTPUT_AT_END, + psa_pake_output(client, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + c_a_off, 512 - c_a_off, + &extra_output_at_end_len)); + (void) extra_output_at_end_len; + } + if (client_input_first == 0) { /* Client second round Input */ status = psa_pake_input(client, PSA_PAKE_STEP_KEY_SHARE, @@ -473,6 +515,12 @@ static void ecjpake_do_round(psa_algorithm_t alg, unsigned int primitive, buffer1 + c_x2s_pr_off, c_x2s_pr_len); DO_ROUND_CHECK_FAILURE(); + DO_ROUND_CONDITIONAL_CHECK_FAILURE( + ERR_INJECT_EXTRA_INPUT_AT_END, + psa_pake_input(server, PSA_PAKE_STEP_KEY_SHARE, + buffer1 + c_a_off, c_a_len)); + + /* Error didn't trigger, make test fail */ if ((err_stage >= ERR_INJECT_ROUND2_CLIENT_KEY_SHARE) && (err_stage <= ERR_INJECT_ROUND2_CLIENT_ZK_PROOF)) { @@ -537,7 +585,7 @@ exit: /* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, - int primitive_arg, int hash_arg, int role_arg, + int primitive_arg, int hash_arg, char *user_arg, char *peer_arg, int test_input, int err_stage_arg, int expected_error_arg) @@ -549,7 +597,6 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, psa_key_type_t key_type_pw = key_type_pw_arg; psa_key_usage_t key_usage_pw = key_usage_pw_arg; psa_algorithm_t hash_alg = hash_arg; - psa_pake_role_t role = role_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; ecjpake_error_stage_t err_stage = err_stage_arg; @@ -557,8 +604,12 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, psa_status_t status; unsigned char *output_buffer = NULL; size_t output_len = 0; - const uint8_t unsupp_id[] = "abcd"; const uint8_t password[] = "abcd"; + uint8_t *user = (uint8_t *) user_arg; + uint8_t *peer = (uint8_t *) peer_arg; + size_t user_len = strlen(user_arg); + size_t peer_len = strlen(peer_arg); + psa_key_derivation_operation_t key_derivation = PSA_KEY_DERIVATION_OPERATION_INIT; @@ -566,7 +617,7 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, size_t buf_size = PSA_PAKE_OUTPUT_SIZE(alg, primitive_arg, PSA_PAKE_STEP_KEY_SHARE); - ASSERT_ALLOC(output_buffer, buf_size); + TEST_CALLOC(output_buffer, buf_size); psa_set_key_usage_flags(&attributes, key_usage_pw); psa_set_key_algorithm(&attributes, alg); @@ -581,19 +632,19 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, PSA_ASSERT(psa_pake_abort(&operation)); if (err_stage == ERR_INJECT_UNINITIALIZED_ACCESS) { - TEST_EQUAL(psa_pake_set_user(&operation, NULL, 0), + TEST_EQUAL(psa_pake_set_user(&operation, user, user_len), expected_error); - TEST_EQUAL(psa_pake_set_peer(&operation, NULL, 0), + TEST_EQUAL(psa_pake_set_peer(&operation, peer, peer_len), expected_error); TEST_EQUAL(psa_pake_set_password_key(&operation, key), expected_error); - TEST_EQUAL(psa_pake_set_role(&operation, role), + TEST_EQUAL(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER), expected_error); TEST_EQUAL(psa_pake_output(&operation, PSA_PAKE_STEP_KEY_SHARE, - NULL, 0, NULL), + output_buffer, 0, &output_len), expected_error); TEST_EQUAL(psa_pake_input(&operation, PSA_PAKE_STEP_KEY_SHARE, - NULL, 0), + output_buffer, 0), expected_error); TEST_EQUAL(psa_pake_get_implicit_key(&operation, &key_derivation), expected_error); @@ -606,24 +657,27 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, SETUP_CONDITIONAL_CHECK_STEP(psa_pake_setup(&operation, &cipher_suite), ERR_INJECT_DUPLICATE_SETUP); - SETUP_ALWAYS_CHECK_STEP(psa_pake_set_role(&operation, role), + SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_role(&operation, PSA_PAKE_ROLE_SERVER), + ERR_INJECT_SET_ROLE); + + SETUP_ALWAYS_CHECK_STEP(psa_pake_set_role(&operation, PSA_PAKE_ROLE_NONE), ERR_IN_SET_ROLE); + SETUP_ALWAYS_CHECK_STEP(psa_pake_set_user(&operation, user, user_len), + ERR_IN_SET_USER); + + SETUP_ALWAYS_CHECK_STEP(psa_pake_set_peer(&operation, peer, peer_len), + ERR_IN_SET_PEER); + + SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_user(&operation, user, user_len), + ERR_DUPLICATE_SET_USER); + + SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_peer(&operation, peer, peer_len), + ERR_DUPLICATE_SET_PEER); + SETUP_ALWAYS_CHECK_STEP(psa_pake_set_password_key(&operation, key), ERR_IN_SET_PASSWORD_KEY); - SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_user(&operation, NULL, 0), - ERR_INJECT_INVALID_USER); - - SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_peer(&operation, NULL, 0), - ERR_INJECT_INVALID_PEER); - - SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_user(&operation, unsupp_id, 4), - ERR_INJECT_SET_USER); - - SETUP_CONDITIONAL_CHECK_STEP(psa_pake_set_peer(&operation, unsupp_id, 4), - ERR_INJECT_SET_PEER); - const size_t size_key_share = PSA_PAKE_INPUT_SIZE(alg, primitive, PSA_PAKE_STEP_KEY_SHARE); const size_t size_zk_public = PSA_PAKE_INPUT_SIZE(alg, primitive, @@ -633,7 +687,8 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, if (test_input) { SETUP_CONDITIONAL_CHECK_STEP(psa_pake_input(&operation, - PSA_PAKE_STEP_ZK_PROOF, NULL, 0), + PSA_PAKE_STEP_ZK_PROOF, + output_buffer, 0), ERR_INJECT_EMPTY_IO_BUFFER); SETUP_CONDITIONAL_CHECK_STEP(psa_pake_input(&operation, @@ -656,6 +711,11 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, output_buffer, size_zk_public + 1), ERR_INJECT_WRONG_BUFFER_SIZE); + SETUP_CONDITIONAL_CHECK_STEP(psa_pake_input(&operation, + PSA_PAKE_STEP_ZK_PROOF, + output_buffer, size_zk_proof + 1), + ERR_INJECT_WRONG_BUFFER_SIZE_2); + SETUP_CONDITIONAL_CHECK_STEP( (psa_pake_input(&operation, PSA_PAKE_STEP_ZK_PUBLIC, output_buffer, size_zk_public + 1), @@ -665,7 +725,8 @@ void ecjpake_setup(int alg_arg, int key_type_pw_arg, int key_usage_pw_arg, } else { SETUP_CONDITIONAL_CHECK_STEP(psa_pake_output(&operation, PSA_PAKE_STEP_ZK_PROOF, - NULL, 0, NULL), + output_buffer, 0, + &output_len), ERR_INJECT_EMPTY_IO_BUFFER); SETUP_CONDITIONAL_CHECK_STEP(psa_pake_output(&operation, @@ -712,7 +773,8 @@ void ecjpake_rounds_inject(int alg_arg, int primitive_arg, int hash_arg, int client_input_first, data_t *pw_data, int err_stage_arg, - int expected_error_arg) + int expected_error_arg, + int inject_in_second_round) { psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); psa_pake_operation_t server = psa_pake_operation_init(); @@ -728,6 +790,7 @@ void ecjpake_rounds_inject(int alg_arg, int primitive_arg, int hash_arg, psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); psa_set_key_algorithm(&attributes, alg); psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD); + PSA_ASSERT(psa_import_key(&attributes, pw_data->x, pw_data->len, &key)); @@ -738,17 +801,20 @@ void ecjpake_rounds_inject(int alg_arg, int primitive_arg, int hash_arg, PSA_ASSERT(psa_pake_setup(&server, &cipher_suite)); PSA_ASSERT(psa_pake_setup(&client, &cipher_suite)); - PSA_ASSERT(psa_pake_set_role(&server, PSA_PAKE_ROLE_SERVER)); - PSA_ASSERT(psa_pake_set_role(&client, PSA_PAKE_ROLE_CLIENT)); + PSA_ASSERT(psa_pake_set_user(&server, jpake_server_id, sizeof(jpake_server_id))); + PSA_ASSERT(psa_pake_set_peer(&server, jpake_client_id, sizeof(jpake_client_id))); + PSA_ASSERT(psa_pake_set_user(&client, jpake_client_id, sizeof(jpake_client_id))); + PSA_ASSERT(psa_pake_set_peer(&client, jpake_server_id, sizeof(jpake_server_id))); PSA_ASSERT(psa_pake_set_password_key(&server, key)); PSA_ASSERT(psa_pake_set_password_key(&client, key)); ecjpake_do_round(alg, primitive_arg, &server, &client, client_input_first, PAKE_ROUND_ONE, - err_stage, expected_error_arg); + inject_in_second_round ? ERR_NONE : err_stage, + expected_error_arg); - if (err_stage != ERR_NONE) { + if (!inject_in_second_round && err_stage != ERR_NONE) { goto exit; } @@ -813,8 +879,10 @@ void ecjpake_rounds(int alg_arg, int primitive_arg, int hash_arg, PSA_ASSERT(psa_pake_setup(&server, &cipher_suite)); PSA_ASSERT(psa_pake_setup(&client, &cipher_suite)); - PSA_ASSERT(psa_pake_set_role(&server, PSA_PAKE_ROLE_SERVER)); - PSA_ASSERT(psa_pake_set_role(&client, PSA_PAKE_ROLE_CLIENT)); + PSA_ASSERT(psa_pake_set_user(&server, jpake_server_id, sizeof(jpake_server_id))); + PSA_ASSERT(psa_pake_set_peer(&server, jpake_client_id, sizeof(jpake_client_id))); + PSA_ASSERT(psa_pake_set_user(&client, jpake_client_id, sizeof(jpake_client_id))); + PSA_ASSERT(psa_pake_set_peer(&client, jpake_server_id, sizeof(jpake_server_id))); PSA_ASSERT(psa_pake_set_password_key(&server, key)); PSA_ASSERT(psa_pake_set_password_key(&client, key)); @@ -905,3 +973,228 @@ void ecjpake_size_macros() PSA_PAKE_INPUT_MAX_SIZE); } /* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */ +void pake_input_getters_password() +{ + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + psa_pake_operation_t operation = psa_pake_operation_init(); + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + const char *password = "password"; + uint8_t password_ret[20] = { 0 }; // max key length is 20 bytes + size_t password_len_ret = 0; + size_t buffer_len_ret = 0; + + psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE( + PSA_PAKE_PRIMITIVE_TYPE_ECC, + PSA_ECC_FAMILY_SECP_R1, 256); + + PSA_INIT(); + + psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE); + psa_pake_cs_set_primitive(&cipher_suite, primitive); + psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256); + + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, PSA_ALG_JPAKE); + psa_set_key_type(&attributes, PSA_KEY_TYPE_PASSWORD); + + PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite)); + + PSA_ASSERT(psa_import_key(&attributes, (uint8_t *) password, strlen(password), &key)); + + TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs, + (uint8_t *) &password_ret, + 10, &buffer_len_ret), + PSA_ERROR_BAD_STATE); + + TEST_EQUAL(psa_crypto_driver_pake_get_password_len(&operation.data.inputs, &password_len_ret), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_pake_set_password_key(&operation, key)); + + TEST_EQUAL(psa_crypto_driver_pake_get_password_len(&operation.data.inputs, &password_len_ret), + PSA_SUCCESS); + + TEST_EQUAL(password_len_ret, strlen(password)); + + TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs, + (uint8_t *) &password_ret, + password_len_ret - 1, + &buffer_len_ret), + PSA_ERROR_BUFFER_TOO_SMALL); + + TEST_EQUAL(psa_crypto_driver_pake_get_password(&operation.data.inputs, + (uint8_t *) &password_ret, + password_len_ret, + &buffer_len_ret), + PSA_SUCCESS); + + TEST_MEMORY_COMPARE(password_ret, buffer_len_ret, password, strlen(password)); +exit: + PSA_ASSERT(psa_destroy_key(key)); + PSA_ASSERT(psa_pake_abort(&operation)); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */ +void pake_input_getters_cipher_suite() +{ + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + psa_pake_operation_t operation = psa_pake_operation_init(); + psa_pake_cipher_suite_t cipher_suite_ret = psa_pake_cipher_suite_init(); + + psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE( + PSA_PAKE_PRIMITIVE_TYPE_ECC, + PSA_ECC_FAMILY_SECP_R1, 256); + + PSA_INIT(); + + psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE); + psa_pake_cs_set_primitive(&cipher_suite, primitive); + psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256); + + TEST_EQUAL(psa_crypto_driver_pake_get_cipher_suite(&operation.data.inputs, &cipher_suite_ret), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite)); + + TEST_EQUAL(psa_crypto_driver_pake_get_cipher_suite(&operation.data.inputs, &cipher_suite_ret), + PSA_SUCCESS); + + TEST_MEMORY_COMPARE(&cipher_suite_ret, sizeof(cipher_suite_ret), + &cipher_suite, sizeof(cipher_suite)); + +exit: + PSA_ASSERT(psa_pake_abort(&operation)); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */ +void pake_input_getters_user() +{ + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + psa_pake_operation_t operation = psa_pake_operation_init(); + const char *users[] = { "client", "server", "other" }; + uint8_t user_ret[20] = { 0 }; // max user length is 20 bytes + size_t user_len_ret = 0; + size_t buffer_len_ret = 0; + + psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE( + PSA_PAKE_PRIMITIVE_TYPE_ECC, + PSA_ECC_FAMILY_SECP_R1, 256); + + PSA_INIT(); + + psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE); + psa_pake_cs_set_primitive(&cipher_suite, primitive); + psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256); + + for (size_t i = 0; i < ARRAY_LENGTH(users); i++) { + uint8_t *user = (uint8_t *) users[i]; + uint8_t user_len = strlen(users[i]); + + PSA_ASSERT(psa_pake_abort(&operation)); + + PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite)); + + TEST_EQUAL(psa_crypto_driver_pake_get_user(&operation.data.inputs, + (uint8_t *) &user_ret, + 10, &buffer_len_ret), + PSA_ERROR_BAD_STATE); + + TEST_EQUAL(psa_crypto_driver_pake_get_user_len(&operation.data.inputs, &user_len_ret), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_pake_set_user(&operation, user, user_len)); + + TEST_EQUAL(psa_crypto_driver_pake_get_user_len(&operation.data.inputs, &user_len_ret), + PSA_SUCCESS); + + TEST_EQUAL(user_len_ret, user_len); + + TEST_EQUAL(psa_crypto_driver_pake_get_user(&operation.data.inputs, + (uint8_t *) &user_ret, + user_len_ret - 1, + &buffer_len_ret), + PSA_ERROR_BUFFER_TOO_SMALL); + + TEST_EQUAL(psa_crypto_driver_pake_get_user(&operation.data.inputs, + (uint8_t *) &user_ret, + user_len_ret, + &buffer_len_ret), + PSA_SUCCESS); + + TEST_MEMORY_COMPARE(user_ret, buffer_len_ret, user, user_len); + } +exit: + PSA_ASSERT(psa_pake_abort(&operation)); + PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:PSA_WANT_ALG_JPAKE */ +void pake_input_getters_peer() +{ + psa_pake_cipher_suite_t cipher_suite = psa_pake_cipher_suite_init(); + psa_pake_operation_t operation = psa_pake_operation_init(); + const char *peers[] = { "client", "server", "other" }; + uint8_t peer_ret[20] = { 0 }; // max peer length is 20 bytes + size_t peer_len_ret = 0; + size_t buffer_len_ret = 0; + + psa_pake_primitive_t primitive = PSA_PAKE_PRIMITIVE( + PSA_PAKE_PRIMITIVE_TYPE_ECC, + PSA_ECC_FAMILY_SECP_R1, 256); + + PSA_INIT(); + + psa_pake_cs_set_algorithm(&cipher_suite, PSA_ALG_JPAKE); + psa_pake_cs_set_primitive(&cipher_suite, primitive); + psa_pake_cs_set_hash(&cipher_suite, PSA_ALG_SHA_256); + + for (size_t i = 0; i < ARRAY_LENGTH(peers); i++) { + uint8_t *peer = (uint8_t *) peers[i]; + uint8_t peer_len = strlen(peers[i]); + + PSA_ASSERT(psa_pake_abort(&operation)); + + PSA_ASSERT(psa_pake_setup(&operation, &cipher_suite)); + + TEST_EQUAL(psa_crypto_driver_pake_get_peer(&operation.data.inputs, + (uint8_t *) &peer_ret, + 10, &buffer_len_ret), + PSA_ERROR_BAD_STATE); + + TEST_EQUAL(psa_crypto_driver_pake_get_peer_len(&operation.data.inputs, &peer_len_ret), + PSA_ERROR_BAD_STATE); + + PSA_ASSERT(psa_pake_set_peer(&operation, peer, peer_len)); + + TEST_EQUAL(psa_crypto_driver_pake_get_peer_len(&operation.data.inputs, &peer_len_ret), + PSA_SUCCESS); + + TEST_EQUAL(peer_len_ret, peer_len); + + TEST_EQUAL(psa_crypto_driver_pake_get_peer(&operation.data.inputs, + (uint8_t *) &peer_ret, + peer_len_ret - 1, + &buffer_len_ret), + PSA_ERROR_BUFFER_TOO_SMALL); + + TEST_EQUAL(psa_crypto_driver_pake_get_peer(&operation.data.inputs, + (uint8_t *) &peer_ret, + peer_len_ret, + &buffer_len_ret), + PSA_SUCCESS); + + TEST_MEMORY_COMPARE(peer_ret, buffer_len_ret, peer, peer_len); + } +exit: + PSA_ASSERT(psa_pake_abort(&operation)); + PSA_DONE(); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 6d208e9e6..3a35505e3 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -42,87 +42,87 @@ Save larger than maximum-size persistent raw key save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED Persistent key destroy -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_destroy:2:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key destroy after restart -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_destroy:17:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key import (RSA) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS Persistent key import with restart (RSA) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS Persistent key import (RSA) invalid key id (VENDOR_MIN) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT Persistent key import (RSA) invalid key id (VOLATILE_MIN) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT Persistent key import (RSA) invalid key id (VENDOR_MAX) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT Persistent key import garbage data, should fail -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT import/export persistent raw key: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0 import/export persistent key RSA public key: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:0 import/export persistent key RSA keypair: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:0 import/export persistent raw key file not exist: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1 import/export persistent key RSA public key file not exist: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:1 import/export persistent key RSA keypair file not exist: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1 import/export-persistent symmetric key: 16 bytes -depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0 import/export persistent raw key with restart: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0 import/export persistent key RSA public key with restart: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:0 import/export persistent key RSA keypair with restart: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:0 import/export persistent raw key file not exist with restart: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1 import/export persistent key RSA public key file not exist with restart: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:1 import/export persistent key RSA keypair file not exist with restart: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1 import/export-persistent symmetric key with restart: 16 bytes -depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C +depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0 Destroy invalid id: 0 diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index 23535df32..a48114ff6 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -61,13 +61,13 @@ void format_storage_data_check(data_t *key_data, psa_set_key_algorithm(&attributes, key_alg); psa_set_key_enrollment_algorithm(&attributes, key_alg2); - ASSERT_ALLOC(file_data, file_data_length); + TEST_CALLOC(file_data, file_data_length); psa_format_key_data_for_storage(key_data->x, key_data->len, &attributes.core, file_data); - ASSERT_COMPARE(expected_file_data->x, expected_file_data->len, - file_data, file_data_length); + TEST_MEMORY_COMPARE(expected_file_data->x, expected_file_data->len, + file_data, file_data_length); exit: mbedtls_free(file_data); @@ -111,8 +111,8 @@ void parse_storage_data_check(data_t *file_data, (uint32_t) expected_key_alg); TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), (uint32_t) expected_key_alg2); - ASSERT_COMPARE(expected_key_data->x, expected_key_data->len, - key_data, key_data_length); + TEST_MEMORY_COMPARE(expected_key_data->x, expected_key_data->len, + key_data, key_data_length); exit: mbedtls_free(key_data); @@ -127,7 +127,7 @@ void save_large_persistent_key(int data_length_arg, int expected_status) size_t data_length = data_length_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC(data, data_length); + TEST_CALLOC(data, data_length); PSA_ASSERT(psa_crypto_init()); @@ -267,7 +267,7 @@ void import_export_persistent_key(data_t *data, int type_arg, size_t exported_length; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - ASSERT_ALLOC(exported, export_size); + TEST_CALLOC(exported, export_size); PSA_ASSERT(psa_crypto_init()); @@ -307,7 +307,7 @@ void import_export_persistent_key(data_t *data, int type_arg, PSA_ASSERT(psa_export_key(key_id, exported, export_size, &exported_length)); - ASSERT_COMPARE(data->x, data->len, exported, exported_length); + TEST_MEMORY_COMPARE(data->x, data->len, exported, exported_length); /* Destroy the key */ PSA_ASSERT(psa_destroy_key(key_id)); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data index 2bcf4e4b7..cc89c0fc2 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data @@ -139,6 +139,7 @@ Key generation smoke test: AES-128-CTR generate_key_smoke:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR Key generation smoke test: AES-256-CTR +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH generate_key_smoke:PSA_KEY_TYPE_AES:128:PSA_ALG_CTR Key generation smoke test: HMAC-SHA-256 @@ -178,25 +179,25 @@ Key registration: key id max volatile register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:7:PSA_KEY_ID_VOLATILE_MAX:1:PSA_ERROR_INVALID_ARGUMENT Import-sign-verify: sign in driver, ECDSA -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Import-sign-verify: sign in driver then export_public, ECDSA -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Import-sign-verify: sign in software, ECDSA -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:0:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in driver, ECDSA -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 sign_verify:SIGN_IN_DRIVER_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in driver then export_public, ECDSA -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 sign_verify:SIGN_IN_DRIVER_THEN_EXPORT_PUBLIC:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" Generate-sign-verify: sign in software, ECDSA -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 sign_verify:SIGN_IN_SOFTWARE_AND_PARALLEL_CREATION:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA_ANY:256:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"54686973206973206e6f74206120686173682e" diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 5c9437159..9c5ef23a6 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -605,9 +605,9 @@ static int check_persistent_data(psa_key_location_t location, int ok = 0; PSA_ASSERT(psa_its_get_info(uid, &info)); - ASSERT_ALLOC(loaded, info.size); + TEST_CALLOC(loaded, info.size); PSA_ASSERT(psa_its_get(uid, 0, info.size, loaded, NULL)); - ASSERT_COMPARE(expected_data, size, loaded, info.size); + TEST_MEMORY_COMPARE(expected_data, size, loaded, info.size); ok = 1; exit: @@ -720,7 +720,7 @@ static int smoke_test_key(mbedtls_svc_key_id_t key) buffer, sizeof(buffer), NULL, 0, buffer, sizeof(buffer), &length)); -#if defined(MBEDTLS_SHA256_C) +#if defined(PSA_WANT_ALG_SHA_256) /* Try the key in a plain key derivation. */ PSA_ASSERT(psa_key_derivation_setup(&derivation_operation, PSA_ALG_HKDF(PSA_ALG_SHA_256))); @@ -753,7 +753,7 @@ static int smoke_test_key(mbedtls_svc_key_id_t key) alg, key, buffer, length, buffer, sizeof(buffer), &length)); } -#endif /* MBEDTLS_SHA256_C */ +#endif /* PSA_WANT_ALG_SHA_256 */ ok = 1; @@ -965,8 +965,8 @@ void key_creation_import_export(int lifetime_arg, int min_slot, int restart) PSA_ASSERT(psa_export_key(returned_id, exported, sizeof(exported), &exported_length)); - ASSERT_COMPARE(key_material, sizeof(key_material), - exported, exported_length); + TEST_MEMORY_COMPARE(key_material, sizeof(key_material), + exported, exported_length); PSA_ASSERT(psa_destroy_key(returned_id)); if (!check_persistent_data(location, @@ -1328,7 +1328,7 @@ void sign_verify(int flow, key_management.p_export_public = ram_export_public; break; default: - TEST_ASSERT(!"unsupported flow (should be SIGN_IN_xxx)"); + TEST_FAIL("unsupported flow (should be SIGN_IN_xxx)"); break; } asymmetric.p_verify = ram_verify; diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data index 147773416..7d364acab 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.data +++ b/tests/suites/test_suite_psa_crypto_slot_management.data @@ -47,35 +47,35 @@ Persistent slot, check after restart, id=max persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:131:PSA_KEY_ID_USER_MAX:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable), close -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING Persistent slot: ECP keypair (ECDSA, exportable), close+restart -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:133:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDSA, exportable), purge -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:132:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING Persistent slot: ECP keypair (ECDSA, exportable), restart -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:134:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:0:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING Persistent slot: ECP keypair (ECDH+ECDSA, exportable), close+restart -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:136:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN Persistent slot: ECP keypair (ECDH+ECDSA, exportable), purge -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:135:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_PURGING Persistent slot: ECP keypair (ECDH+ECDSA, exportable), restart -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN Persistent slot, check after closing, persistence=2 diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index e3bb0d34f..5bd12eb09 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -303,12 +303,12 @@ void persistent_slot_lifecycle(int lifetime_arg, int owner_id_arg, int id_arg, psa_get_key_type(&read_attributes)); TEST_EQUAL(psa_get_key_bits(&attributes), psa_get_key_bits(&read_attributes)); - ASSERT_ALLOC(reexported, key_data->len); + TEST_CALLOC(reexported, key_data->len); if (usage_flags & PSA_KEY_USAGE_EXPORT) { PSA_ASSERT(psa_export_key(id, reexported, key_data->len, &reexported_length)); - ASSERT_COMPARE(key_data->x, key_data->len, - reexported, reexported_length); + TEST_MEMORY_COMPARE(key_data->x, key_data->len, + reexported, reexported_length); } else { TEST_EQUAL(psa_export_key(id, reexported, key_data->len, &reexported_length), @@ -402,8 +402,8 @@ void create_existent(int lifetime_arg, int owner_id_arg, int id_arg, PSA_ASSERT(psa_export_key(id, reexported, sizeof(reexported), &reexported_length)); - ASSERT_COMPARE(material1, sizeof(material1), - reexported, reexported_length); + TEST_MEMORY_COMPARE(material1, sizeof(material1), + reexported, reexported_length); PSA_ASSERT(psa_close_key(id)); @@ -575,11 +575,11 @@ void copy_across_lifetimes(int source_lifetime_arg, int source_owner_id_arg, psa_get_key_enrollment_algorithm(&target_attributes)); if (expected_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC(export_buffer, material->len); + TEST_CALLOC(export_buffer, material->len); PSA_ASSERT(psa_export_key(returned_target_id, export_buffer, material->len, &length)); - ASSERT_COMPARE(material->x, material->len, - export_buffer, length); + TEST_MEMORY_COMPARE(material->x, material->len, + export_buffer, length); } else { size_t length; /* Check that the key is actually non-exportable. */ @@ -689,11 +689,11 @@ void copy_to_occupied(int source_lifetime_arg, int source_id_arg, psa_get_key_algorithm(&attributes2)); if (target_usage & PSA_KEY_USAGE_EXPORT) { size_t length; - ASSERT_ALLOC(export_buffer, target_material->len); + TEST_CALLOC(export_buffer, target_material->len); PSA_ASSERT(psa_export_key(returned_target_id, export_buffer, target_material->len, &length)); - ASSERT_COMPARE(target_material->x, target_material->len, - export_buffer, length); + TEST_MEMORY_COMPARE(target_material->x, target_material->len, + export_buffer, length); } PSA_ASSERT(psa_destroy_key(returned_source_id)); @@ -775,7 +775,7 @@ void invalid_handle(int handle_construction, mbedtls_svc_key_id_make(0, PSA_KEY_ID_VENDOR_MAX + 1); break; default: - TEST_ASSERT(!"unknown handle construction"); + TEST_FAIL("unknown handle construction"); } /* Attempt to use the invalid handle. */ @@ -813,7 +813,7 @@ void many_transient_keys(int max_keys_arg) uint8_t exported[sizeof(size_t)]; size_t exported_length; - ASSERT_ALLOC(keys, max_keys); + TEST_CALLOC(keys, max_keys); PSA_ASSERT(psa_crypto_init()); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); @@ -840,8 +840,8 @@ void many_transient_keys(int max_keys_arg) PSA_ASSERT(psa_export_key(keys[i], exported, sizeof(exported), &exported_length)); - ASSERT_COMPARE(exported, exported_length, - (uint8_t *) &i, sizeof(i)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); } PSA_ASSERT(psa_close_key(keys[i - 1])); @@ -917,8 +917,8 @@ void key_slot_eviction_to_import_new_key(int lifetime_arg) PSA_ASSERT(psa_export_key(key, exported, sizeof(exported), &exported_length)); - ASSERT_COMPARE(exported, exported_length, - (uint8_t *) &i, sizeof(i)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); PSA_ASSERT(psa_destroy_key(key)); } @@ -942,7 +942,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() TEST_ASSERT(MBEDTLS_PSA_KEY_SLOT_COUNT >= 1); - ASSERT_ALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT); + TEST_CALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT); PSA_ASSERT(psa_crypto_init()); psa_set_key_usage_flags(&attributes, @@ -988,7 +988,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() exported, sizeof(exported), &exported_length)); i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1; - ASSERT_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i)); + TEST_MEMORY_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i)); PSA_ASSERT(psa_destroy_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1])); /* @@ -1016,8 +1016,8 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() PSA_ASSERT(psa_export_key(keys[i], exported, sizeof(exported), &exported_length)); - ASSERT_COMPARE(exported, exported_length, - (uint8_t *) &i, sizeof(i)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &i, sizeof(i)); PSA_ASSERT(psa_destroy_key(keys[i])); } @@ -1028,8 +1028,8 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() PSA_ASSERT(psa_export_key(persistent_key, exported, sizeof(exported), &exported_length)); - ASSERT_COMPARE(exported, exported_length, - (uint8_t *) &persistent_key, sizeof(persistent_key)); + TEST_MEMORY_COMPARE(exported, exported_length, + (uint8_t *) &persistent_key, sizeof(persistent_key)); exit: /* * Key attributes may have been returned by psa_get_key_attributes() diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function index 8434fc1c6..116f4cd53 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/tests/suites/test_suite_psa_crypto_storage_format.function @@ -36,11 +36,11 @@ static int test_written_key(const psa_key_attributes_t *attributes, /* Check that the key is represented as expected. */ PSA_ASSERT(psa_its_get_info(uid, &storage_info)); TEST_EQUAL(storage_info.size, expected_representation->len); - ASSERT_ALLOC(actual_representation, storage_info.size); + TEST_CALLOC(actual_representation, storage_info.size); PSA_ASSERT(psa_its_get(uid, 0, storage_info.size, actual_representation, &length)); - ASSERT_COMPARE(expected_representation->x, expected_representation->len, - actual_representation, length); + TEST_MEMORY_COMPARE(expected_representation->x, expected_representation->len, + actual_representation, length); ok = 1; @@ -259,12 +259,12 @@ static int test_read_key(const psa_key_attributes_t *expected_attributes, TEST_EQUAL(psa_get_key_enrollment_algorithm(expected_attributes), psa_get_key_enrollment_algorithm(&actual_attributes)); if (can_export(expected_attributes)) { - ASSERT_ALLOC(exported_material, expected_material->len); + TEST_CALLOC(exported_material, expected_material->len); PSA_ASSERT(psa_export_key(key_id, exported_material, expected_material->len, &length)); - ASSERT_COMPARE(expected_material->x, expected_material->len, - exported_material, length); + TEST_MEMORY_COMPARE(expected_material->x, expected_material->len, + exported_material, length); } if ((flags & TEST_FLAG_EXERCISE) && can_exercise(&actual_attributes)) { diff --git a/tests/suites/test_suite_psa_its.function b/tests/suites/test_suite_psa_its.function index 7864b9c88..0f66c7951 100644 --- a/tests/suites/test_suite_psa_its.function +++ b/tests/suites/test_suite_psa_its.function @@ -10,7 +10,7 @@ * before changing how test data is constructed or validated. */ -#include "../library/psa_crypto_its.h" +#include "psa_crypto_its.h" #include "test/psa_helpers.h" @@ -92,7 +92,7 @@ void set_get_remove(int uid_arg, int flags_arg, data_t *data) unsigned char *buffer = NULL; size_t ret_len = 0; - ASSERT_ALLOC(buffer, data->len); + TEST_CALLOC(buffer, data->len); PSA_ASSERT(psa_its_set_wrap(uid, data->len, data->x, flags)); @@ -100,7 +100,7 @@ void set_get_remove(int uid_arg, int flags_arg, data_t *data) TEST_ASSERT(info.size == data->len); TEST_ASSERT(info.flags == flags); PSA_ASSERT(psa_its_get(uid, 0, data->len, buffer, &ret_len)); - ASSERT_COMPARE(data->x, data->len, buffer, ret_len); + TEST_MEMORY_COMPARE(data->x, data->len, buffer, ret_len); PSA_ASSERT(psa_its_remove(uid)); @@ -122,14 +122,14 @@ void set_overwrite(int uid_arg, unsigned char *buffer = NULL; size_t ret_len = 0; - ASSERT_ALLOC(buffer, MAX(data1->len, data2->len)); + TEST_CALLOC(buffer, MAX(data1->len, data2->len)); PSA_ASSERT(psa_its_set_wrap(uid, data1->len, data1->x, flags1)); PSA_ASSERT(psa_its_get_info(uid, &info)); TEST_ASSERT(info.size == data1->len); TEST_ASSERT(info.flags == flags1); PSA_ASSERT(psa_its_get(uid, 0, data1->len, buffer, &ret_len)); - ASSERT_COMPARE(data1->x, data1->len, buffer, ret_len); + TEST_MEMORY_COMPARE(data1->x, data1->len, buffer, ret_len); PSA_ASSERT(psa_its_set_wrap(uid, data2->len, data2->x, flags2)); PSA_ASSERT(psa_its_get_info(uid, &info)); @@ -137,7 +137,7 @@ void set_overwrite(int uid_arg, TEST_ASSERT(info.flags == flags2); ret_len = 0; PSA_ASSERT(psa_its_get(uid, 0, data2->len, buffer, &ret_len)); - ASSERT_COMPARE(data2->x, data2->len, buffer, ret_len); + TEST_MEMORY_COMPARE(data2->x, data2->len, buffer, ret_len); PSA_ASSERT(psa_its_remove(uid)); @@ -167,8 +167,8 @@ void set_multiple(int first_id, int count) mbedtls_snprintf(stored, sizeof(stored), "Content of file 0x%08lx", (unsigned long) uid); PSA_ASSERT(psa_its_get(uid, 0, sizeof(stored), retrieved, &ret_len)); - ASSERT_COMPARE(retrieved, ret_len, - stored, sizeof(stored)); + TEST_MEMORY_COMPARE(retrieved, ret_len, + stored, sizeof(stored)); PSA_ASSERT(psa_its_remove(uid)); TEST_ASSERT(psa_its_get(uid, 0, 0, NULL, NULL) == PSA_ERROR_DOES_NOT_EXIST); @@ -214,7 +214,7 @@ void get_at(int uid_arg, data_t *data, size_t i; size_t ret_len = 0; - ASSERT_ALLOC(buffer, length + 16); + TEST_CALLOC(buffer, length + 16); trailer = buffer + length; memset(trailer, '-', 16); @@ -223,8 +223,8 @@ void get_at(int uid_arg, data_t *data, status = psa_its_get(uid, offset, length_arg, buffer, &ret_len); TEST_ASSERT(status == (psa_status_t) expected_status); if (status == PSA_SUCCESS) { - ASSERT_COMPARE(data->x + offset, (size_t) length_arg, - buffer, ret_len); + TEST_MEMORY_COMPARE(data->x + offset, (size_t) length_arg, + buffer, ret_len); } for (i = 0; i < 16; i++) { TEST_ASSERT(trailer[i] == '-'); diff --git a/tests/suites/test_suite_random.data b/tests/suites/test_suite_random.data index c23d9223f..9211591a5 100644 --- a/tests/suites/test_suite_random.data +++ b/tests/suites/test_suite_random.data @@ -2,15 +2,15 @@ Generate random twice with CTR_DRBG random_twice_with_ctr_drbg: Generate random twice with HMAC_DRBG(SHA-1) -depends_on:MBEDTLS_SHA1_C +depends_on:MBEDTLS_MD_CAN_SHA1 random_twice_with_hmac_drbg:MBEDTLS_MD_SHA1 Generate random twice with HMAC_DRBG(SHA-256) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_MD_CAN_SHA256 random_twice_with_hmac_drbg:MBEDTLS_MD_SHA256 Generate random twice with HMAC_DRBG(SHA-512) -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_MD_CAN_SHA512 random_twice_with_hmac_drbg:MBEDTLS_MD_SHA512 Generate random twice with PSA classic wrapper diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function index 3026bae0e..58cddb715 100644 --- a/tests/suites/test_suite_random.function +++ b/tests/suites/test_suite_random.function @@ -18,7 +18,7 @@ /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_CTR_DRBG_C */ void random_twice_with_ctr_drbg() { mbedtls_entropy_context entropy; @@ -26,6 +26,8 @@ void random_twice_with_ctr_drbg() unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; + MD_PSA_INIT(); + /* First round */ mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&drbg); @@ -54,10 +56,11 @@ void random_twice_with_ctr_drbg() exit: mbedtls_ctr_drbg_free(&drbg); mbedtls_entropy_free(&entropy); + MD_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_PSA_INJECT_ENTROPY:MBEDTLS_HMAC_DRBG_C */ void random_twice_with_hmac_drbg(int md_type) { mbedtls_entropy_context entropy; @@ -66,6 +69,8 @@ void random_twice_with_hmac_drbg(int md_type) unsigned char output2[OUTPUT_SIZE]; const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type); + MD_PSA_INIT(); + /* First round */ mbedtls_entropy_init(&entropy); mbedtls_hmac_drbg_init(&drbg); @@ -94,6 +99,7 @@ void random_twice_with_hmac_drbg(int md_type) exit: mbedtls_hmac_drbg_free(&drbg); mbedtls_entropy_free(&entropy); + MD_PSA_DONE(); } /* END_CASE */ @@ -163,7 +169,7 @@ void mbedtls_psa_get_random_length(int n) unsigned char *output = NULL; PSA_ASSERT(psa_crypto_init()); - ASSERT_ALLOC(output, n); + TEST_CALLOC(output, n); TEST_EQUAL(0, mbedtls_psa_get_random(MBEDTLS_PSA_RANDOM_STATE, output, n)); diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 2be93996d..0a60f314e 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -8,145 +8,145 @@ RSA init-free-init-free rsa_init_free:1 RSA PKCS1 Verify v1.5 CAVS #1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 # Good padding but wrong hash mbedtls_rsa_pkcs1_verify:"9f294f0c7b32da6221a3ef83654322038e8968fa":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #2 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"6a8a1f225703fe39753c1017b43eec9e070a70b1":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA PKCS1 Verify v1.5 CAVS #3 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"6a8a1f225703fe39753c1017b43eec9e070a70b1":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA PKCS1 Verify v1.5 CAVS #4 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"693c1ac1a3fc23157b4a854f886b6b8d18e28b321b8382a93dcf2426":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0 RSA PKCS1 Verify v1.5 CAVS #5 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"944d593f3e31817d712038dbf88a17c1772b135c34c66b236daf9a7413c2a8af":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0 RSA PKCS1 Verify v1.5 CAVS #6 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"5a3b396a237f5460a9c8d40628e4bc324d046d0bf3ad6417db59ff3904513a79297d51656ab6c70cc07f08b8eefd2f15":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0 RSA PKCS1 Verify v1.5 CAVS #7 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 # Bad padding after performing the public key operation mbedtls_rsa_pkcs1_verify:"900ada01bc5536ee88ee7f2b95d15e2e6353bc3de0ef9610f8e6deb736c30623b961eda17f316229c013bb4696fc7346":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #8 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"9f02745a7a8903de5d2fe44fe3728db6b1e404a5f7e96bb49df694d2f226c65c387abc5c82cdf3a10f36ad741e9bca4ed71305187fe3bd046e6920a6bd979036":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"3":"a853e67f928281d11506c9d39e5ea9b2d742782c663c37d0a7c9e9fe15379cde1e75d94adbfb1ca08691f320af4ff2b0a29a4d2ea10a20cb95d85f3dabac3d56cca9039c851d0181408c00b385fc82cafa4cfa7380d0c2c024fb83fec59d5ee591d63806dcb18b21ea440c3d3f12c1e7795eb15b7ce4c4b288d646cf1d34bdf1":0 RSA PKCS1 Verify v1.5 CAVS #9 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"5d185e3120228ffb6f353ef5e7e1fdefd2c5f611":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"e27a90b644c3a11f234132d6727ada397774cd7fdf5eb0160a665ffccedabb8ae9e357966939a71c973e75e5ff771fb01a6483fcaf82f16dee65e6826121e2ae9c69d2c92387b33a641f397676776cde501e7314a9a4e76c0f4538edeea163e8de7bd21c93c298df748c6f5c26b7d03bfa3671f2a7488fe311309e8218a71171":0 RSA PKCS1 Verify v1.5 CAVS #10 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"f0571d8513c4ff68dc68c605dfe856f27bdfed91":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #11 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"16d8bbe3323f26b66f1513e1ffc0ff2cd823747a3cc1534fdb1de304":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0 RSA PKCS1 Verify v1.5 CAVS #12 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"63030cef0e2d4067573222bef3a3f83e7c98ec4c2d21780a7438673ad48bfe29":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0 RSA PKCS1 Verify v1.5 CAVS #13 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"b6a6dcf38a14037e598508fcff07f8da0e3f00538961cb159402f60442cbaf8d8abec885c4f0017018e2c2f45f3b076d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0 RSA PKCS1 Verify v1.5 CAVS #14 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ef9660959073aa342a440ed8ee3f0d13aa86f9585841f1a7bfa8fde9e69a16b29cbe11e3dd0677e6a86273f1123ecaa55723e51cea3f851ad22a46f037ee3a77":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1024:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":"10001":"27280b92eab5cbf0d787ff6fa6b0151d6610adfd25116113f2f186f3f8d39736d91ae510ec2bd96f2de135aefda79178138696dcc6d302e4a79ddabbe16e39ab96075776afce863e84a2e6013cb457e4047e22d43f67bf64ae5e1d844a7c12ac696efbb3cda7c0e0aca71f8a7ada9a0547bfaefe1ba2e04058c672c803720dd9":0 RSA PKCS1 Verify v1.5 CAVS #15 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"1340fc324c96aa313425ecfa971297f2cddca172":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0 RSA PKCS1 Verify v1.5 CAVS #16 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"64d856065bbe1590ed1cc1e2ad048641b3aedbfe13ea2f9df2270b74":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0 RSA PKCS1 Verify v1.5 CAVS #17 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"7743dd578de944491852bfddfdeb0d239eb8d3d40a3315b8a028854627dd0ff7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0 RSA PKCS1 Verify v1.5 CAVS #18 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"c293af20d96cc76b460fe8d4a7f02bf6e131750cadeaa898c7c2086a70ee9021986e408e896fbfdde338cbc9ab5ab94e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0 RSA PKCS1 Verify v1.5 CAVS #19 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"91348892bd820bca0a140cbeba3ed9a0d0da802e5cc03f8d88325f6c957550440e93af31bf2fd83ca79067e4bcf940b7478a901764bcb533731ddc0d763cab54":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"2b8b794a8621d492eec18a4efd239e0e077c89340a34b0fdbf467f2bf3112c7f33d00ee736f2988af8569c1a74891efbefa839e295fffdf4d908c1ede61a861a4d24b154a09d1b3f923fd2bb7906994cf82a97da285bf48e61f90cc3596f9350ab9b66a216ffca323195bb213f5a77fe8c697475595a1857dbee58128cbf1be7cb220229ce52766fefd88cc129ad5cbbdcd31fb4eede6c4fdd3193a9aaaa54362bcea4082981d9b7c40483814828f3297d95ad933c76f31c47e37a93ffaf0d4a":0 RSA PKCS1 Verify v1.5 CAVS #20 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"173ce611665c0258cc9118343b95430cc765313f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"180630d2f4dc91ddb1159978e278cda7ac4b178e82477f9770c4d2e1c5017d2f222348658044c1be4cda24ce3c9ba3d423536a39bf60324c1b30eabdad700b0982e58072f7e18216e7e4c07e17674ec3eabcfbafce317d2f539f129902d80031ca201a8b325629a96ca4a70b51294c2fddd1d0aca1537d7d8b780e1e62d34be2f98104d876a4990396c8628e6498d9651f468bdf1139664eabe9166efbe909bf87d7305d5f60f1acc3599ed339fcf4e009fbad4059af1a50264cb0a4ec1d23f3":0 RSA PKCS1 Verify v1.5 CAVS #21 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"a827c0785f663e39a08106f8036fd669d05b345c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #22 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"e5979f65ad7572ed4b0bc3a5fcad893a142a73379a1a16b45570d77d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #23 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"7af156b6b8089300a6d8cd3f32176c4c619135f4eced14dcfd633d2e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0 RSA PKCS1 Verify v1.5 CAVS #24 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"f5f493fc1dfc2221e2a5d61d8fc88480ec03b1fddec8b14d1d77c558859659db":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0 RSA PKCS1 Verify v1.5 CAVS #25 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"d8758fac95ed9177581c1eb690c5fad797f47e798c4a92706dd57eb038af9dbfa02c0b964c301053bb50ac8fc652d564":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0 RSA PKCS1 Verify v1.5 CAVS #26 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ec3c711f09b4a99eec37fc65da2141aabcdcc718ce131b9b54a02049006287aa8919282688bf6126f6fe25cc07092bed4fc3b255b133b9e89235611a0d0b98d3":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"8e10a1ae470e6e57a8d234185f78fdb600cc636c41565a9f3694a84ae102f6251984f54d11a7785fdcfdfaf80a821e05d57ef6b8edc03d9076755779322fd53eb98c805da77dc9316744e393c2fecd291a7e6043b1ca89fd8248f661e1d53110211b91edb41b31e848cde1115d8afd9963ebcc36aff5a27085949f0781bc69167c140ecfe71c44aacaf4123e557eaf2b528c6d0ea875b4ceefa942fe338af8df10562c438af04cd7521da912b3e3899cef0d75722161be6abed5e4e9009dbf40":0 RSA PKCS1 Verify v1.5 CAVS #27 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"46ba38d521ffa6fc01bd69512008fd557785c783":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0 RSA PKCS1 Verify v1.5 CAVS #28 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"807ca5785542d26b3d1615209ab0ad3ff5f58707fe25f986abc19c0a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0 RSA PKCS1 Verify v1.5 CAVS #29 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"dac9130c9b23cfd303135b60be56829e08b441035250579b40d5b2e2ead5b9ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"9677300bbee003be3c445634f8ed5beb152b63f46f84cf5a8e721e0fafe8f3f7e99a6d50741f23f449d3026da3e8a7ac36be99ab44831803486ae552f7aa01f075287829b231d2d0840908e09081ae177ed888fe46a9d937a0871eb5d52ec541c8411c4cbf7efea6ca213b12cea513b0739eedca7c9473e10a7796936f4eaa0c5d3a9013ca5536781ac68eb2ca5779144de23da2e9875114aca885b3219dfc292d73940c5992ea3c4882889e7543430652860e441a01a45d9f4005a012421493":0 RSA PKCS1 Verify v1.5 CAVS #30 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"db7e6ef51ffecd9c1cb88078275c362c0e36730860a33a0802c4a9237467d48d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #31 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"810b988d9966877681759634c332d6099cf905c7cd57c871b9e3399730fe4ef8cd1d3c7391ec4def78d4624b384664c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #32 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"cc43d91a2ae21a1a1fe7e51801f48f5a2f21ff4827d79cf6193e7610e2a5d9881f21577dcd100b2b5d087d936f867960":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0 RSA PKCS1 Verify v1.5 CAVS #33 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"e5d33b5664b68b9bf3eded8f43216e534ce2db07df358e920d258e882c16eab36e0bac09b0ffa33837bdaeb261da2c376dd57f872146ab4f48434a4d493e09ff":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"2f30629c1117d013bb36e6099dee931dcaf0a1032b07ec23e2b262898a8945e569c9573d81e22bb0a5f8a28b0d7b8ff01367dd7f089c68ed1daa11cf53a96ee91b38e6b839b6e90bea34d14b78f5d2c7629b68c5b4f2ecfff66b483b2233cb14f95df533c867a2b610aebcdbb7ea3109aaf2f5762ab3edc2571deccc7da0c9a5b443ca2b924c0f18de7bbb736a08fed3916795018a436a3ae62c85d554a53a6d48623908e06e7d275f4251d3b3bd530bd11e155dcf2b5c2adf030cdf931ae749":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #34 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"2c9aeb9e5bd5457bd60bbeff465c4e1519161ebe965b6627d7cd458f27e221027061e7dee759c5b46f38d509ba0c54a92c4b6f62b7d81d373cc7f44eb0b66953":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":"11":"0b4d96f411c727a262d6d0ade34195b78603551061917d060f89add47b09dfe8715f4f9147d327dc25e91fe457e5d1a2f22cd8fe6fe8e29d2060658307c87a40640650fef3d4b289a6c3febc5a100b29a8b56623afb29fd3c13ea372bf3c638c1db25f8bd8c74c821beec7b5affcace1d05d056a6c2d3035926c7a268df4751a54bc20a6b8cfd729a7cba309ae817daccbef9950a482cf23950a8ca1d3a13ddb7d8d0f87ad5587d4d9ebe19fe93457597a7bdd056c2fd4cea7d31e4a0e595a7b":0 RSA PKCS1 Verify v1.5 padding too short -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"7b0ebd4445c64f64c5702ede8b29af836a6c6f14":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:"9292758453063D803DD603D5E777D7888ED1D5BF35786190FA2F23EBC0848AEADDA92CA6C3D80B32C4D109BE0F36D6AE7130B9CED7ACDF54CFC7555AC14EEBAB93A89813FBF3C4F8066D2D800F7C38A81AE31942917403FF4946B0A83D3D3E05EE57C6F5F5606FB5D4BC6CD34EE0801A5E94BB77B07507233A0BC7BAC8F90F79":"10001":"6edd56f397d9bc6d176bbe3d80946fc352ad6127b85b1d67d849c0a38cbde7222c5fafbb18dcef791178a8e15f5c8cd91869f8ca4b758c46ce3e229bf666d2e3e296544351bcb5db7e0004f6c0800f76a432071297e405759d4324d1cf1c412758be93a39f834e03dee59e28ac571ce2b0b3c8fe639979f516223b54027340a5":MBEDTLS_ERR_RSA_VERIFY_FAILED # The following tests check whether the use of reduced length encodings (as mandated for DER in contrast to BER) is enforced in @@ -156,76 +156,76 @@ mbedtls_rsa_pkcs1_verify:"7b0ebd4445c64f64c5702ede8b29af836a6c6f14":MBEDTLS_RSA_ # See the documentation of `mbedtls_rsa_rsassa_pkcs1_v15_encode` for the layout of the relevant ASN.1 structure. # Correct signature with DER-compliant reduced length encodings RSA PKCS1 Verify v1.5 reduced length encoding -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ed330f43e866378f5c5ff867ea51d9dceac622bab59552f3faf22fa3b1823bf9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"5B56096ECADA4DAC299FD3D6091C1BE4D7C4210086E61ADA6FFC267A690034DAFB3734035880B9E71CEB0331C32C8DE1A254D777DFE3C848AC7764907602452EC16FD8EB3664E2E682DB3AA8979059BFADFE6192D9029844C8CAF310552717DD5B5B36A9910CFABE5C54AC16F3A3461DEE730060981BD9B47EE8D6644963B7CA":0 # Non-reduced 1-byte length encoding in `DigestInfo` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #1 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ed330f43e866378f5c5ff867ea51d9dceac622bab59552f3faf22fa3b1823bf9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"2FCF7FC1B60B3C083872B1BD9C666745921951A8A9E099FD629675F620B670713519C4A97B870591B97FE5C5DB2FC2A0A3FCB0016536D1205AA32BA8BFCF54ABD542C02F7FCEA3C3531D7A87C82ED5B151A9599F1BDB070A905F5B721DE3C22F8AC35034C607920CE0699D7F79E5913915F3A01856B5D30F9E68F0CD7856D40F":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 2-byte length encoding for `digestAlgorithm` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #2 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ed330f43e866378f5c5ff867ea51d9dceac622bab59552f3faf22fa3b1823bf9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"3C27512A8FDC973D856C0F288BE27D00D54FC0B359C520DA73A05156D98CDD6A83E6657BFA81D7B9716EEDFD98C08CD82F399298782782AE341D9AABCBB6B5F9C6552DE1D8B93047E1135032653F4F65A8937352E903864E008429E049680E3AA80F5DE1C7408C403011CEF4A3ECA549C027C8954BFBCA21F2A41C3EB0278029":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 3-byte length encoding for optional parameters in `digestAlgorithm` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #3 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ed330f43e866378f5c5ff867ea51d9dceac622bab59552f3faf22fa3b1823bf9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"24BEB8502F24E0D11D9C10CEE4435EA972CEC93C23936E815ED2DF41BECEDDE889AF85BBEAF1B8C6928913AC523EA1D6653832E9D4E74F55B76771EA84F5A607342C341A14AB258019F38DBAEE4B967C8C8D26D6AF2583D32988471BA38751B6A67BA3D1147619C266A9AAC34244740BB59CD9DB3AFF19438B04C619AB719123":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 4-byte length encoding in `digest` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #4 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ed330f43e866378f5c5ff867ea51d9dceac622bab59552f3faf22fa3b1823bf9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"13172EF7362CF421103FE1893429FAE85F83636BA8AF545252599A39892E62CEC317DC47C1D6B19328B63CDFD02FA0B49CE7980504635251FF08C0A1308C64D6466DFBF1EF2BA49EFDD6C2C888A30870EC2DC0FA4D67FDE6631C85ED2CEF8EEBF5578C974CBA4A04034D9B579B420D6CA93E4BFC09E014542A0EFB902AF90C5E":MBEDTLS_ERR_RSA_VERIFY_FAILED # Non-reduced 3-byte length encoding for OID in `digestAlgorithm` ASN.1 element RSA PKCS1 Verify v1.5 non-reduced length encoding #5 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ed330f43e866378f5c5ff867ea51d9dceac622bab59552f3faf22fa3b1823bf9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:"A1D46FBA2318F8DCEF16C280948B1CF27966B9B47225ED2989F8D74B45BD36049C0AAB5AD0FF003553BA843C8E12782FC5873BB89A3DC84B883D25666CD22BF3ACD5B675969F8BEBFBCAC93FDD927C7442B178B10D1DFF9398E52316AAE0AF74E594650BDC3C670241D418684593CDA1A7B9DC4F20D2FDC6F66344074003E211":"10001":"65DD518F63A2E289C035E9F2A9927BF5A6A74FF6FEFFF61AFCC52ED4A8A5B93534A3AD1709136306EE1379B47A4863BC6ED879E92CD6F99AA5B5F106102BDAE8DAFB15CF6EF00CB5FA63967706528DEE8876F3D04E8D75533009C73DA4C5744D20FFDB18EA78EE4D5D9D6F7BD3AFC2AD9A0EDDD56AA40AAEF789E6FB12AB6DE7":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Sign #1 (SHA512, 1536 bits RSA) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"2c9aeb9e5bd5457bd60bbeff465c4e1519161ebe965b6627d7cd458f27e221027061e7dee759c5b46f38d509ba0c54a92c4b6f62b7d81d373cc7f44eb0b66953":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"c8c67df894c882045ede26a9008ab09ea0672077d7bc71d412511cd93981ddde8f91b967da404056c39f105f7f239abdaff92923859920f6299e82b95bd5b8c959948f4a035cbd693ad83014294d349813d1ad57911a6355d0731fe3a034e9db":"f15147d0e7c04a1e3f37adde802cdc610999bf7ab0088434aaeda0c0ab3910b14d2ce56cb66bffd97552195fae8b061077e03920814d8b9cfb5a3958b3a82c2a7fc97e55db5978b47a922156eb8a3e55c06a54a45d1670abdfb995489c4d0051":"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0 RSA PKCS1 Sign #1 Verify -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"2c9aeb9e5bd5457bd60bbeff465c4e1519161ebe965b6627d7cd458f27e221027061e7dee759c5b46f38d509ba0c54a92c4b6f62b7d81d373cc7f44eb0b66953":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA512:1536:"bd429bb7c3b00bbea19ba664c0f8172d1a73c3cfa05e2ed656d570c1590918bb7e372ed25e2cd71395ba0a9b1a30f3ee012ffb0546cab8e3581fe3e23f44ab57a8aee9717e71a936a580fa8572d450fb00339a6f6704b717df0c149a465bab768c61500cd93b61113ff3e4389167f7b2c8e3c0da2d4765286bee555b0bcb4998f59b14fad03180a17c8b4f69bcd1234f4ae85950137665ac2ba80b55cc9b1aafb454b83771aa755acd2a00e93ddb65e696dbed8bdca69fb5e0c5c2097b9cfe4b":"3":"93b6fa99485c116ca6efdd4202ea1cf49f4c6345fae692584413743ce5b65510e8e4690aee9a19ea1ff10d57f22aa3548d839f28a8525a34354e9e58e0f3947e056ce2554e21bf287e220b98db3b551258cd42b495e5d1a3bbc83c9d1a02f2a300ef6d866ea75108e44ebb3e16b47df2f6de28feb2be3874dbbf21599451082d86e9f2f462575a8185c69aa1f1fcb6a363c5d71aeba2103449eaf3845285291148d5f78d1646b8dc95cbcc4082f987d948b0e7d4e80b60595f8a7517584e1643":0 RSA PKCS1 Sign #2 (SHA256, 2048 bits RSA) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"8cfd7c2f07a94aea1ff222dc9b80c58a946c975470ff2d2d3fbdb45eac1efa5c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0 RSA PKCS1 Sign #2 Verify -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"8cfd7c2f07a94aea1ff222dc9b80c58a946c975470ff2d2d3fbdb45eac1efa5c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc7287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd762d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":0 RSA PKCS1 Sign #2 Verify (Fail) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"8cfd7c2f07a94aea1ff222dc9b80c58a946c975470ff2d2d3fbdb45eac1efa5c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Sign #3 (SHA224, 2048 bits RSA) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"32f339fe33f10a0fa152bf9659cdf7a0e4b741444ea31a85d40ed4bb":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #3 Verify -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"32f339fe33f10a0fa152bf9659cdf7a0e4b741444ea31a85d40ed4bb":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"7fccca8778575cf67d95d44e6825128e2ba5155f7cc91d968a923dbac35bc04b4d45bf6fd0009144ef9d70898948eeec":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #4 Verify -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"7fccca8778575cf67d95d44e6825128e2ba5155f7cc91d968a923dbac35bc04b4d45bf6fd0009144ef9d70898948eeec":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #7 (MD5, 2048 bits RSA) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"6b54bbcfbfe18eefa044d9d828477fa8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 RSA PKCS1 Sign #7 Verify -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"6b54bbcfbfe18eefa044d9d828477fa8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0 RSA PKCS1 Sign #8 (RAW, 2048 bits RSA) @@ -249,11 +249,11 @@ depends_on:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:255:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA PKCS1 Sign #10 (RIPEMD160, 2048 bits RSA) -depends_on:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_RIPEMD160:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 RSA PKCS1 Verify #10 (RIPEMD160, 2048 bits RSA) -depends_on:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_RIPEMD160:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160:2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"aa2d9f88334d61bed74317ba549b1463600a9219801240cca5c11b9cdda29373172a28151313fb2cf73bb68af167e4ec645b6f065028802afbcfbc10e6c2c824e3c4d50c7181193b93734832170f0c5d3dd9ba5808f0e2a5c16b3d0df90defefef8e8fde5906962d42a2f0d62d7f81977f367f436f10c8b1183ccf6676953f7219445938f725d0cb62efbabf092de531642863b381e2694f2bf544ff6a4fefa7b37cdbf6292dbedcacf6e57d6f206ce5df0fd2771f9f64818f59a0ab7a5f003b368dc3eb51ab9409a0ec4e43f45281ee9a560664de88965ab207e256303d9dcb8233ed6ad0a5ad7f81e2f8c7a196dc81e2c8b6dde8a77fb6cfd1e5477ece9df8":0 RSA PKCS1 Encrypt #1 @@ -385,8 +385,12 @@ mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b RSA Public (Data = 0) mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0 -RSA Generate Key - 128bit key -mbedtls_rsa_gen_key:128:3:0 +RSA Generate Key (Minimum size key) +mbedtls_rsa_gen_key:MBEDTLS_RSA_GEN_KEY_MIN_BITS:3:0 + +RSA Generate Key (Key less than minimum size) +depends_on:MBEDTLS_RSA_GEN_KEY_MIN_BITS >= 130 +mbedtls_rsa_gen_key:MBEDTLS_RSA_GEN_KEY_MIN_BITS-2:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Generate Key (Number of bits too small) mbedtls_rsa_gen_key:127:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA @@ -395,14 +399,16 @@ RSA Generate Key (Exponent too small) mbedtls_rsa_gen_key:128:2:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Generate Key - 1024 bit key +depends_on:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 1024 mbedtls_rsa_gen_key:1024:3:0 RSA Generate Key - 2048 bit key +depends_on:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 mbedtls_rsa_gen_key:2048:3:0 -RSA Generate Key - 1025 bit key +RSA Generate Key (Odd sized key) # mbedtls_rsa_gen_key only supports even-sized keys -mbedtls_rsa_gen_key:1025:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA +mbedtls_rsa_gen_key:MBEDTLS_RSA_GEN_KEY_MIN_BITS+1:3:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA Validate Params, toy example mbedtls_rsa_validate_params:"f":"3":"5":"3":"3":0:0 diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index a2fe6c8ac..37bed6dcd 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1,8 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" #include "rsa_alt_helpers.h" - -#include "mbedtls/legacy_or_psa.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1376,6 +1374,10 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void rsa_selftest() { + MD_PSA_INIT(); TEST_ASSERT(mbedtls_rsa_self_test(1) == 0); + +exit: + MD_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index 2af85c3cd..5769aa26a 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -184,3 +184,2233 @@ sha384_selftest: SHA-512 Selftest depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA512_C sha512_selftest: + +SHA3_224 short #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"01":"488286d9d32716e5881ea1ee51f36d3660d70f0db03b3f612ce9eda4" + +SHA3_224 short #1 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"69cb":"94bd25c4cf6ca889126df37ddd9c36e6a9b28a4fe15cc3da6debcdd7" + +SHA3_224 short #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"bf5831":"1bb36bebde5f3cb6d8e4672acf6eec8728f31a54dacc2560da2a00cc" + +SHA3_224 short #3 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d148ce6d":"0b521dac1efe292e20dfb585c8bff481899df72d59983315958391ba" + +SHA3_224 short #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"91c71068f8":"989f017709f50bd0230623c417f3daf194507f7b90a11127ba1638fa" + +SHA3_224 short #5 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e7183e4d89c9":"650618f3b945c07de85b8478d69609647d5e2a432c6b15fbb3db91e4" + +SHA3_224 short #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d85e470a7c6988":"8a134c33c7abd673cd3d0c33956700760de980c5aee74c96e6ba08b2" + +SHA3_224 short #7 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e4ea2c16366b80d6":"7dd1a8e3ffe8c99cc547a69af14bd63b15ac26bd3d36b8a99513e89e" + +SHA3_224 short #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"b29373f6f8839bd498":"e02a13fa4770f824bcd69799284878f19bfdc833ac6d865f28b757d0" + +SHA3_224 short #9 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"49ec72c29b63036dbecd":"47cab44618f62dd431ccb13b3b9cd985d816c5d6026afc38a281aa00" + +SHA3_224 short #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"502f4e28a6feb4c6a1cc47":"bbe61d85b4cae716329e2bcc4038e282b4d7836eb846228835f65308" + +SHA3_224 short #11 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e723c64b2258b5124f88405f":"d09da094cfefaad46b7b335830a9305570f4f4afe79f8629ff9d0c3d" + +SHA3_224 short #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0d512eceb74d8a047531c1f716":"29ae0744051e55167176317eb17850a22939d8d94ebb0a90b6d98fde" + +SHA3_224 short #13 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"3b9ab76a23ae56340b5f4b80e1f3":"c0903be96f38051cfc2a5ad256aa0b8332217f450eab904ee84b6541" + +SHA3_224 short #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e9fef751a20297ad1938662d131e7a":"48eba36dfe0575597d13ca26133267199dae76d63d1b9e9612720d08" + +SHA3_224 short #15 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"2bbb42b920b7feb4e3962a1552cc390f":"0dfa61f6b439bf8e3a6f378fe30a4134e8b2dfb652997a2a76c2789f" + +SHA3_224 short #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"2254e100bde9295093565a94877c21d05a":"6965256463276dbb26ad34a378c4bacaeae79d700283b188d44d73eb" + +SHA3_224 short #17 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"784ef7adecbb9a4cb5ac1df8513d87ae9772":"e918a5d52a0d42ab8ba2ea386eb6ad83cb8dd9a6bd461506be356ead" + +SHA3_224 short #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f4e68964f784fe5c4d0e00bb4622042fa7048e":"765f050c95ae3347cf3f4f5032b428faeab13694e8c7798eafb82475" + +SHA3_224 short #19 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"a9ca7ec7aaf89db352fecba646ff73efe8e4a7e8":"65d6a49739c0e287584ff9d1f3463ce2e555ae9678147e21b5889e98" + +SHA3_224 short #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"b2f7018581a4e459cf9b9d9816fc17903ba8033f13":"c6837f12227bfbd86ccfe794053ce3a54052c8ca8430f526fd64b5f2" + +SHA3_224 short #21 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f50086b4dc7bca0baec0076a878dd89571d52e47855b":"e39aa96fad581961bda032ed33dce36defde958baf9bae5dc558cf89" + +SHA3_224 short #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6e6ef963f5000d0b91b0ad537ddc9697f8db8f10a3d5ee":"66dcb292b4d6bb4cdd4099b8e7bfea9658680c92c51562c091577056" + +SHA3_224 short #23 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"12a7b1a73b0b26a66362ec2a91ea5ff11af49a7a148a8cc5":"6fc91ec8ad448173f591b865ed3eb89115a278003376523c00e22f2a" + +SHA3_224 short #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"8a4768add4a9bd7b3f27461220ceae0218cf3322f4d2a980d1":"9a88bc64e743f2acaa1670cca7e201a299e1cce6df7015b0d2535213" + +SHA3_224 short #25 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"5c5b8c1902c8608c204e72a813e2b625021b3182c48b00f7fe4f":"31802a0fa9ae7ae88626604ad9ae41381d6f7c3c90effcfcf70efcf7" + +SHA3_224 short #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e89e5cf07afb4a58ebeee17ff596d90b3274ba348f14f284fff025":"3bc9b7973f55735b612ddee8cc7907a3f1429b06df7cb1293b989802" + +SHA3_224 short #27 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"eb9e1143782a0f9fa815261c2adc2758fb1d88ffe40a0ae144189a48":"9d70d22520094a113297a192ead33e316924fdc7a2a9f8ea7098b84b" + +SHA3_224 short #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"c4ba3bff885fb78357221a9a903bc7ebd11c771faf5789e5aabc993a5f":"7b0212b4ee0b14dba62c2db7a765ac56db46e0b06eb744ee35726ddd" + +SHA3_224 short #29 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"07810e6b785177e52d0feac0394f3ecc41f35aa08ff1ed8162575f85888c":"b413d6f0cce14b7a1044a14bb2803d53bef907093769a5aa63a8e316" + +SHA3_224 short #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"01c742dc9ab0b05df925d4a351e38bea7ca7ad783594e22487d5b8198583f3":"c42c707ddc7b630939544adbdbe567a333ac88c3b5e738dee8f862be" + +SHA3_224 short #31 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"dd0f85b55fdf56ba254e06f8c2b650cc6b86bf28a14d714011141a86b8f14bd9":"0fe92469297c2c34911eae424710db6d312047898b9756edc5c2deb2" + +SHA3_224 short #32 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ddf48f4cdc856c448326092dcf6bfc4ebcf4b36fc2e516eba0956807588b6e827b":"6cd83ba70e1bd387d603ab14c9fdcbf9862d2ebf0987215f011abee8" + +SHA3_224 short #33 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"c34d1f8729663569569f87b1fd6e0b954ae2e3b723d6c9fcae6ab09b13b4a87483b2":"e57e1d24dbd9a30ab311291f5d6a95530caa029c421dde0b487a577e" + +SHA3_224 short #34 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"808de7cbf8d831ad4f17eb58031daed38bdab82f467f87c6b2e3a7c5de25c8e8229413":"b3c13f11227f4386afdcf7663a120990f27da205ffb9bf83676f86dc" + +SHA3_224 short #35 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"5204a0a63707bd1cab67a8797994a052ee73884b325fdf37d86ef280b3f550c9eb4e7fd3":"6aa1060f84127bf2c988230a907242e7d6972a01c6772ba0f7b8bc86" + +SHA3_224 short #36 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"da9439bd090dfc2eccc1203a7a82c5d6467fec4e5b0a2b2c2b9ea65b03203a8ce365fbd98e":"e8f0929f1f6209d41185292d35ebbf5a3bfe5492713b06d56579458d" + +SHA3_224 short #37 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"668bbd38c0ad0881a7f095157d00f29b576b01ba54a8f1392e586c640ecb12b2a5c627a67884":"75dd056962c5bb5d6f616a9f57892992946d048df57c0a36a40a365a" + +SHA3_224 short #38 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d63ac3bcfee3a5bc503cf20fe8ff496bf7a8064769870c8fc514c29b55825b6288975beb94ba56":"c694da941a7a506cef471fdffb5230bb6c3cd2715341033ab7268e9b" + +SHA3_224 short #39 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"985f06121aed603171020badc2075fd33256d67d40430839575ddaa7a3f1f22325d06ea40252d5e4":"29f8846aaf234281b515ea1d45674535a6126c38bd959c1995cad7c9" + +SHA3_224 short #40 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"8783849552be4540cb24d67996a10d16444b2d936d2fa5fcff51fb0dd5ee03998c0454289215fce47f":"84502256e3f4291ef4d15e8705e579951fc0e39a2d58fda74852551f" + +SHA3_224 short #41 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"dab31c7b3f40825aac13f6772771b7e7fbc09fedf6eff778d51190ecfd4b0f256cf189baeeec507e945f":"97168a9c3b07ec4987a4cf1f2478731fc674f56a2caeef074590ed6b" + +SHA3_224 short #42 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"1119b962bed5815734af7827ec536701a494ac5d4ab83eea1b16ecc80ce4e5f8694a7d11bcba2e34f084dd":"205d89e032f03c8519cf43b720478389b1788f3522c3d347febd2c70" + +SHA3_224 short #43 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d2c45e2c1fa0c44efc84e6c0654cc0d867a3e33733c725aa718d974ed6a4b7f8f91de7d3622b1e4be428de2a":"d483e39b7add050eb4a793e54c85b250746e382399c74736f33da890" + +SHA3_224 short #44 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"a873b148fe1807b89cbed930a7802abad6ca0442340e62ed21b84ead9a634713bb4de5648208c0eed6738d9cc8":"c86bcc12a6ab792c149aa83a6783ca8bb52b0ca4b2c12661c0a25d22" + +SHA3_224 short #45 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"b3008f6f567d1eed9ab5b3bbce824d290e66f66bcfcff7f9b8994835b4d54a4e45c9b8651b37dbefe5e3fe5b674f":"23929753ad07e8476e7bdac8a0ca39e9aac158132653be10ebeeb50c" + +SHA3_224 short #46 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"78d073b4e13f6850dc1ca36683abac72336465d790eb3575c942667d1e3ecc849f37a8d73604cb0fe726ffe55744a2":"6229233fc655ea48bb5b48b73a081897d855f6cf10478228fc305842" + +SHA3_224 short #47 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"45325b80e043c0cdce3ec421ecda529481910c09730128b4bb927dda1659ddd8fd3ca667d857941e6f9fd939a1c57098":"776aa1f54e038f390491a5d69bde7a2dbcba97c35574ebe60c9a772f" + +SHA3_224 short #48 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"3bdd6821d938fac52101fbee5d6ba191fb3b6cb634dbf42cebaae57bd897481ae5ee04e2d871a4c333ab5ab6588144f2f1":"62f8f3baea6dcf5af25d53ddfdac0bdcde88e3895df567c6c416a541" + +SHA3_224 short #49 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"86fc66f2618c98fe9efa1e3ac04e340385dc2b746cbc0f7c757b88342810fe70d81200952928e7aad0c0b6b19a044537b009":"20a21eb1d3130a4519ce6abd5ab6817081ae1bef3603056476a00e41" + +SHA3_224 short #50 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f2a6168e7f92d313fc30f9e6f825a480916216f02e0308db70773ec165e25e81ffbf0220c5ca0cc6c91d3a09da99fa6efa877f":"5d6e5c82574f5e5c0339d3af1f9c28e17bcddc306a15187aff5d3dd7" + +SHA3_224 short #51 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"5e3b6b75b54f21b8016effb39276f5e7f493117ac4c0f2dec38a80ae2917dad83c68900120db1325f1f4697e0f5c25a8b92a9702":"5dc2147f1cf655dabb5ca4b2970b4564eb19ec456e6f966bbae19762" + +SHA3_224 short #52 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e7f17c131950c06311f47799a0f5a6b4996f4cc890334450e1bd6cc6f5670771c0dc607f8eceb15300ec4220510ed5b7deb3429de6":"4ce80dab9f933112a3fd78c1f76434b197806eddfe35cb0bdd845c15" + +SHA3_224 short #53 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"c9aa3d0f6d878db11235e7b028f8d67e2ce26eee718f308e21132e377e3170e26ece95bd37a4bd7f873ba7f8b71517ec50297b21cf94":"5963b41b13925a90c9e8fbcded9a82ade8aae36dee920199f6d6ac7f" + +SHA3_224 short #54 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0f170afafcefdfa8b0de328dab30b4e44d98d6aea2bc39557ff4658fce4fbf8526d8b5359f173c14e4da7cf88935c9369fc7d607863f25":"fe7e59028c7855c37ae3dc5ee324864cfee6b8bccc2c3b5a410b65d9" + +SHA3_224 short #55 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6b2b92584146a433bee8b947cc1f35b617b73f5b1e0376ac8bdadfe5bfdf2263b205f74dfa53db7a29e5078f5c34a268119736ba390961f6":"132cfa7e71fe0991abbd88ef588ac95ac9289b1d775b42033567dd33" + +SHA3_224 short #56 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"39f7a94312bea1b4fa989f5a6775df538f01704120838c4a3104256478b5c0cfbe8b86e2912c980b390ea412edddb69d461e50f9f313bc17af":"fcc59655b8fec1a3d878345df9108bd99f4dd0e5218a55fc335e57f7" + +SHA3_224 short #57 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ac582b5a4bb0c5e9c40d8f277bda9de3d07fff01e820a1cdaf88708f1d60be60b9a5e83b5c593657387802b4182d1df4e9466e6d7ae6dc7c8079":"5c2e10fae8f4304cd9361690e5d2c4cd15f10a7b14ea60208739579b" + +SHA3_224 short #58 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"072753981998453438a520d9de2d5704292910148b8f794ec3765b240c7af1b79462fa9a2f000dd94d592d3a2a069dc244daf57b12c57675f3f89b":"b0d290a6ebdd950811a2715f354b0d8935cb610a471cfc5dff5e0660" + +SHA3_224 short #59 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"66a9a6d0a322ed2852378af82c0a2c027b1082098ab750925a4dc2e8961d0062c9db02e8cf42a6b48afb0056d6c1f1fbbec3fbeef049535f6e9b3864":"d683488c8420eb2d61e528ab0a7b73aa780a085b9c7982293b2ac6ad" + +SHA3_224 short #60 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"18419a8498d4e9bfaa911748186c5753d5da5aa033371ffc56650d0ae9b73f430f0d1f3c9d40362786c0429d977b899b64016eca82e64203f6685c12ee":"51d0cd33fd6579b05c366c6fcc653638b7b13b62798b99b36792cdc4" + +SHA3_224 short #61 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"4fc52009d58a0fc2573e83fa335b5c1df8c14b2e6daaf05bd6e13fd5722f28de4816772424c2f94ddc3de0d3d7e26812d014bb9fd83012dc9abf1ec9e3f1":"630ee2beaf1c1592eaa6263fc562a260b6054e9eab1aa19536fda170" + +SHA3_224 short #62 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"acdaa28692f334732088f5efab2c7951fe0f845b9e2c6f1253c3cdcde30a4e8d2120e38c26422219df41eda2c8334e13f669a65f5ba2075b467eded32936d5":"7d4991d54c78af5809cd17024cadae783c6f5a1f0feb365b532580c2" + +SHA3_224 short #63 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d1593cd338b7a25bb5413f112a639fe31c981e505c81a820e638c25209e2ce56c8838a7c8117dbadccdec959a6f7cab0cf304315701d4ccf0167b4026a6744de":"84e18330723e4f90520d0b051a9bf9bd7b5c7ec0177803f15cf740e5" + +SHA3_224 short #64 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"8cf8ea25310126ae1fdce3c9195395a9d45051a2a3f08ce154d8265b54cca7031a7ec840c3a3359efa4c91c41b74baa698d54ffb9b0170f2edadc5201650c2bdc6":"75de14169d16a9902f6e8a3359d94594a889c4aed9246caa6cf5612c" + +SHA3_224 short #65 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e0320fee19af5bfd511a23cabba75acb0815525a3734305aafa49c1d8bdfbd853579646a36a7873c4cfff2eabd7e3902eccff1192aca1f6dce3cf1c988e6aca9f2c8":"d7f2018c303ee045de4b8cdefcfb5395674e3a8770d65f0757b4cd5e" + +SHA3_224 short #66 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"1a424ecce1a82c47742171a701ad6e0ff1a762ce26f8e332818a7fa1a800a4e506a4bdc813a09ee1d57222ada79a12e2399549ffd80f1628ef55e231ce0913f9ab1930":"277f96fca5d9ab055fae5d4dd10cc49c2237bd38d95bd8dbd168ec21" + +SHA3_224 short #67 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"af172809570cc306333c25523f863c6d0e0154c55e404722f0d4ed419713dabf8e18493a0e0b53b220a36535b1e8f0bbe43e624fac9f566f992807b6f2d70bb805933e2e":"9581170093600cb67063a314d8decf109ff9368ffbc90ea2d3250577" + +SHA3_224 short #68 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"a62f4b43250cdf3f43c1da439bc5e4224b15185b60d615e38e3c512425aab145401b57ac3fc0bcc178eafef52a2b7b04b2b89e760212f96c4ee694990831858f0fa7c13c24":"a0f5775a2d001a66f0882ce1415261994021988690840c6b4a3470c8" + +SHA3_224 short #69 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"fcf81c93f917bb06f278f48826ef9ca8ba99ac8f00129fd9f8e81ca31750d5e54818af0331dd239eb77ee4b0c4d0c2d84794cef27da6bfeb707794d3bdbc7b349968f2a316d8":"a97a74fb01fec5caf3477220eef6e7c36d0ba4199ddc755f7ccf94ee" + +SHA3_224 short #70 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e61d24b500581734c29902ade4c5035c090868df9f24bb330609fcdff4a72d6f18001424fd813cea32923d8aa86c3d215b2ab7d134237bb62e78f61cb9e9b4ef5ced23729d019a":"40758314f1abbd43e0bc9c73a1c7e24719d56eebcd967b39d355e978" + +SHA3_224 short #71 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"37b14f04233dfb4da5e5bd1852f77c41e25c4926936fe414c8108200f6f3cd78c03e2dd9615446c14bebc2c70d65506a7a5dec4808806291769e0dbab200e576f9fdb9e240c8b8ff":"2d36af0dd95619a96c5664d8987bbb82d183466ff44151034fed687b" + +SHA3_224 short #72 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"45efb0a3d8fb7bb683913459727e8756d67959cfdd4f5b80e13ddf45e09debdc2cc68ceb632d6d45a2d0a869f6d4dc4c136c805849fe77b4b381e4c6b22a3ff69947a9b5aa6b7cbe42":"125e983229f65bf01b59a9b619810a88f1c53b4c3b1960b52a205d99" + +SHA3_224 short #73 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"9b6c3c77746219dd88976966c68ead59eb62aa3cf6647798dc06d4fc7ef8bd44d8903f1b7b6f8bbf3d6249052f862e9ccfb0d1957f0bba233603bca0766286d17eb9746bc002abd69583":"762629518833ba68333fc3e3b4d482c60b4e0e828872826b68313315" + +SHA3_224 short #74 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"9f452f900219017199edfc5d7d86a162d9750bba4cec77428ed1032e5711b6fb7c37c1a65b3d041c7aa1d4f16bbcfc54f35001436b60abfb6544c0b393fc1389e5c5bdbdf2eaab1d99dd59":"19b432f5c38f665441d36c472d386008a5bbd82aa4eabeaabe3d28cc" + +SHA3_224 short #75 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"cbfd186592fa68dc3a21d62db1ba55121f58fecb11695859d70bd7ed2a21a2a013a699640842973b571bf4a7c8ee4f617d5e8a4d1e8c15ae33e77097d146eba27934b1e33d8a041f2444ca3a":"b32ad13ba4a0b9fc1aa9a1a57bdbfbebdfab71cf5a16e06040f75787" + +SHA3_224 short #76 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"173225324c6c350ddba227b89a651e576d1ab6a96895453c33ea61ddb37fa253e666a84d0fea609814688495246161eb9cccdd792cb1b88f36f3125d766e2eabe84175cbe66dbecc91a0ccf173":"fc8feecaefffdaa966e9536b91dfc85ea5113a01d6b320677d727a7d" + +SHA3_224 short #77 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6999f398407480cd43bafdaedb8624d9ba0972aa5a2f3504a67fe54ef744b7bb41ea70cf8faa771fac6a2f5823de83826af4c3865b6faeeee3d1d0edfe7f0e9fe3207f917b467d841850fc6e648f":"e7abcb4c0f218814ecf45fbf28a3f286d90c5e740aafd1647437c1e1" + +SHA3_224 short #78 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"2727eeb1d51098c69fd8141d78f21275b2bb949e7115fd3860526bbda25547c20cf31b79919fa37bfd4726c4e77906ffe0ca9705f1782da0454e799422c815e01e785d418fa881f84341d8cd71ec77":"2be332c873ed4fb70bc1916c76bef2cd3385e674b83aa1ee8ad28a01" + +SHA3_224 short #79 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"1f48a5b401d88e6cbe37f3f634d55462865f7cde7990052a1e4a1e4cb2e58c84c2c7ef82923447d7c068b6aa25e388acfc05704e46da14316d37ccdd2706a7b79ddeb02dcdd76f342c9cb2f490c18dc1":"448b70f575a8a1eb74030a985e9c504d4eaf6b1814e1146f782c9af5" + +SHA3_224 short #80 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6dce9a9ecb48b9da8aef51a89e7f7fc1a6a78966b7bac0ac5ba7ab18d92b616bb74537bf7eeb9bd3bdfb40a450747c3de2e6eecfb12763049148fa9134c7870ba80636fb21fc7134f92b0364f5d27deaca":"df855d544e17f01125022bc18e9ffced12f3cd39674e68184657ec7e" + +SHA3_224 short #81 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d498b6901345afddc5aa50cac77f7f794d7929eed571d95b59c289a0c9f3b812b896bc7b566f5a639ed9948ed066c2c622c6e4dbb2ea37e7c06806d61a22c326d72356ec48c9b5182c29b5f923af20046605":"5b225c29e4547777a2c6a1a2bbe9da2dc6a8c6d0d01d8d8022988be2" + +SHA3_224 short #82 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e958b80489aa6a38526244da165dc4464e7961e457f763abdb23f7e48d368331197b37cd5ab1e515ceb1124848504d8be587bf3041d10437ebd53915164556b59106bebdf99115122d99529e02ee155138a13a":"364a988400424557a9c60e4e1f32f0855a3383c90b007d30ee3ec333" + +SHA3_224 short #83 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f33ba982bc2c3308f948a1b64c7fb68fb891bc05fa18781b1dc95dc749f7009adc58cca2bb0cf790ebdbb4165bbfab9304a2a6f234688dcf273094dcd8d7b38416be57cedace5783d8b92993548256b5373f2b4e":"ca37e52f2843a0f65692c5aeed0169601da3275dfb3ee6d81b467f60" + +SHA3_224 short #84 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"8b5d77a906c7ec7563af7551a796e5d5dcf02c42121d7b13a49aa9d4bc79d637190e4e6510ecaf92d1104fd4ec5bd8351446350722d1b2775dbc5e65f8fab473dc637b5ca8a9eb88f68d11dde15275d7c472f9db43":"9337537de482f0cf88cad6b86e195a1e422e59cc60d41d0eca8b0091" + +SHA3_224 short #85 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"3a564a84c2b48ee26da138ce2d1ae3c7933bcd65e40288406e56f30d1c48690a4998389dd27b55376f9b4e7f43607fadb16e8933726f00a3e41264cda553532761fefc73e86ed79b849b94e0895451332dc80fe39a4b":"88eab3e16ca8da5716542bae3c7c736b541c896199b2cb941213767b" + +SHA3_224 short #86 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"618a53989ffbbf54a76f01f9b87772491d87c8f25c58eb11b18a04f5ba8ed62574c351a466df64731c911458d765cbde83e7f29de90bc1bb26cc56b35c140555a7dcf00f5394d76a4cc531d7d5f57bac7dcbd06a4f73ba":"4a727cc6b4bd93d5ff2ecb81ab5057dfdcbe3e0c49436a58b9ff3ef2" + +SHA3_224 short #87 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"31857bb4e82497b526e426de6920a6063d02264d5249feffd14abdbbf03563d4c59ad1f7572c7d0efbc46a65dea9580bde0e387c9edce27cd9b20a46f62a70e6dd5f58e40aac3a22dfb6ba073facdadd58cd6f78c02bd219":"9e614fc139645e158cd1b216e2623e586242af64f8483e6fca20ed4b" + +SHA3_224 short #88 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"14859008c83f2831be4d6e54b781b9fb61dadc40c459a93ede11b4c78a7e5a55a71701427526a03b42d883f247904813cd812e7a947c8fa37406aa6145aea6d3fd9ed494186f35333d423ce31e0cd473a031a5803c5593e9a4":"545fafa43afcaf38063d8a312c3a27e0d74bff957f8ef4d51cb29698" + +SHA3_224 short #89 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"267a14bad702ef0a8468b31c72715f0533f6b97e6e943839dea420719d6defc5a399f84689e64ecf931ee395ee49f1fe362199b73cc6cb0105b3654b16f19f06ee8aa6b5d5418743d4804f9a059270710d126765e6a49c4ce2e3":"9b9360a5c747e6e1288f6f9d971051ffd84641f6d64e0a4b5142e4ec" + +SHA3_224 short #90 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6c98a8eb3ea4451401e0424c10cb722683b23f75ae254d62eba75abb9aa9698e65ba1ff7c9f86d36d1ca6f0425d19428441b00450e9a2ef685d5da1cd4de1e779184db743fc95a461797333808ae6e42fce1e9da5d82f90cd71b54":"0c6f33f9534fc52f3700f37b9ee678b4c5c8a90b1a2eb1574002e377" + +SHA3_224 short #91 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"4bae62a008d9fdba351a1903c66d58e587361990f7c9eea05a2f51f90a2892f60e6c14c4ed36b908c4039bc89797fd88e54281b37f619b3d9a274587229ef48351e8cb1881cb0fc83e6ddc90a05b160fd7d0a1eb0835d57158e42c7b":"989c156ba1fd1f70deb378e46ffcbf6f2cf9cf977a92ac51643c97b4" + +SHA3_224 short #92 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"83ca6d4ebdf1c04062ca1abb977670ef9bcc889906935fd64ff4c739912e541b8f8c7932f595ef66e18256dfa1f51f63bfe7a9df3ae2aa431771d19318d6aa3bccfac1a4c8aa0a0433ff807a881e0d5a9722aac6cd57c77eb6a9edf8c0":"fb831f2456595fabee9d458625283a80bb4f8f031e9abdbf48b7b51e" + +SHA3_224 short #93 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f4c7ad8d24ed5a682c473463e85391050c026fef0b0e6dca388e1a7e2bc872a46746a63f3a2c1ca6e4c8b7c5fb6b58850d77a58988ba091bd7fafb66ced184e548bcfb1b0e6e1485fb6a19cd5ed07640a0777b82273d5e80799b7fa7a57d":"13bee617474b3fc3447025f2a488dba8825d46a4e128b9a8bdeb1b85" + +SHA3_224 short #94 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"5f81c5aec92385bfdc55ebd600f23cb04ac9d5c7a1396f801ffea1a6b94aa617231761bdeebc9ec0f4bf9bfaf5ebc7ac82a2c96f1a74c46d94f0dad0bcb9ef7b41ddaff8cf63d2b278239e6558dbaed2797ef3b7f4cff8fe592f6a3551b3d7":"143a6f0a20d5b4dbc5df64a7e50f9985631453eb09ded71667709083" + +SHA3_224 short #95 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0735cecaedef99bf4c53242f0552f49f56bbe589a2f611af75f4f3aec366cdd6702d46391512580202b869097fceb8a45889fbbf9852472f94bc2f432bb8309c4d0c4d3fba01f6e90c5c2ea3f890ed95d132c31f4dadbf268c378fac5604e8a4":"9f5e9f7429e5488a843c52ffb46ae2e84228919d32330a9193af3b21" + +SHA3_224 short #96 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"9b4e4df92e5152fe1ec56a9fc865f30bac7e949fc4f62f0b158d10b083636b4de9bb05db69fe31b50103fefc5f8daf3af7156b4552ca3667a9d720bbb2e4bcdabadfd4b7f4fc5bc811faa36710a9d17758a98d4a0474fec27e9ef5b74f5c689935":"487a6f2f875cb253de4cef18ecb4f2a54388ebaffbfc4259bdd97f09" + +SHA3_224 short #97 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"a61bef838867710ff4341b26b13b8d7af7e461ccd317b160cc4fdaaec7f1805a28ddd3663a4210a7d1b64a752e866aa7224a75bf77bd0d618bcc3b0a3eed6bfe0eb2b882819e6a4cc437bd38915ce53c55d94e9e9339286483dc230d0049777ea1c4":"e257bc45b62d0853ba4b0f8578698f4262c31a778cb6a6317b6e6d60" + +SHA3_224 short #98 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"c0bd79e0c5f72fcb1de6c234bdb67bd0d3f481b962a3a01f2d8c483bd7d5d98548d51d27532716b195fdfb0ea0b77db759b54e269e69e48e2cb07bc9c06259927d2755f48e8d9a020c58a9c9221a9d836f03b30eabf9099c8eeba6abed63bb38275b28":"92df7f848ada8a9698ddc2e7452ac8fc43cf83d2ca2cadd712c595f2" + +SHA3_224 short #99 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"77823af9b8796c63baebe7ba9dcde12c626b840ea04f42d878646970ca5bf7aba94eaf110da36ce0c834b654bcac93264a349f520e505f1ec903d3589e3a4adf82687a65ee6dd072d6bc05acdfbdf257cd70a5183a54b4fe8e87d1c22b2e9f4ee817c57d":"819a4340938497cd8b1def8444bb03f8429b9e87bad8000002d60b83" + +SHA3_224 short #100 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ada5651b4e240335600940f207b98371f7e743988957bffe0de8ef0862d1ba52c52b6950e7b05c3542c2fb13acaff0442d33940a0e3ea67232f8437eaa02128283ffc0cfe254ac8f542be3f05fbe4e855dd22ae98a81b9a55b3d3753111210048f2b50e068":"b6177d179cf17eddcd8988c9108b42af9c41adcc5942c4d33b0f1be2" + +SHA3_224 short #101 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ff4704bbbd719b011244ebedf2f2355338fcc7d64844c3a0f36a21569b55f74a9710f8f3d8d83b9bcd733f5885c32b3d149a5ad137d016c03b93a4d11aff8218e8eeec6d6d12a41d1441f3df040feb098ca2f003c4c277fc71300cdd2a399a7bb98ae711c446":"a1072b28f3453422e611421309aa49aaebba0273c72b835fdeea1132" + +SHA3_224 short #102 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"eae4b62f697cf0bf40a1c2c109143c1dde18e24f1c289aba67e5c83eef52b70cf1433bb98013949285969630054e074ca2e249d465cb383dba51561cbcb626f0b3b1d542db1e1ff168f371c7c6764b4f25ade9eb351622212e99903614bbf1fe3914cdf203035a":"f5273e4d0bf9779a0975fee23c447b3abb1cd17c34c723d62f3a2fd1" + +SHA3_224 short #103 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0e39e0e6933c6104984fffe115dd8cde77edfee495480aa5e5def424f066a5770345fecb28b16caa5416bc79e2b83145409bd4bfe9a00c8493f06ea2a99dd658fb87b71eb57dafe58da55fa0411e790341e31a8ba8f35bbe71af23b4e8833fd65ec8b4e621e95340":"62fb7d6b3810d0fd7d96b4ff5efe7bd283ddbbeda4a21a62f985a3dc" + +SHA3_224 short #104 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e32bea9ab02de7d893ecb7857ba66df2c35ed258123065ca80e2a067fabb7dd4e79839ea0b3c58abace8e97bf42b0b8d97fcb09bb606a1da0243c32d24cc98985df008f8698362f2aa789e2a82b3e5b5011853d0c0e8fbd20c4d2b5f4733f2df8c5ae02e92a90d95d3":"278e06fd12a3e314f60d59a323673ba0a22003e42ac48e1cd04a70d0" + +SHA3_224 short #105 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"4157752d3d175a4bc1334fd42c204111728e7059659dcedf334ea7ce30378798d67c598a0afacca5a1c5fba923d54c72cffc9887df1b8df10d96514955056815fd2dd855d32e8b58b6fdf4d45715f636416a0137179f7eb01d786daffa924ccabd523bb31d1b5f0d05c4":"1cab43635d501e43ac42beee263755b9a29827e2a18b21d7be42e447" + +SHA3_224 short #106 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"2df12d8c256cd1a127e525ac3763e30c895982eee67ab7c150ce3deae906d2b9110d829ccfdf2793729e31e478e3a310ae525e059971a29515bad2273cee77ad89ad88d63d44e98402c63180cf5eb06d0be3b1faf5adfc5c43a79ffc09a6ee6cddf9c9a039421d5b2184ad":"ee60f0d01008cface49af2ee5780ccdee37404c37642008a55fafaf2" + +SHA3_224 short #107 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"03be6940e859f9b072660dff28a187551c2425481dd0555d2dee4acc36164f84f8505b6f467ae6f772eafcc9065490d9b4ed12a690d044bf7da14986e571fe34aee28e1d698c4136cc9f95d462c990b6815a54467da6f41c1baa86c448f37ac10bbc2ad1b957b17368ce01a7":"a8aa80d4c925889b58eff41b89682b92bea60c1c3995043dac312d2d" + +SHA3_224 short #108 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0baf1ac243c1f34ca5e00aed4d867f967bc2b963e93956c35b6b68da7737de23d7a1405a5dd4a099c663cdc182d4c91bc35f7d3fd5f3ac35ad7a26dbc45e3e86264c7decc538984214a1a0a1d11679ae22f98d7ae483c1a74008a9cd7f7cf71b1f373a4226f5c58eb621ec56e2":"f12f7a1c5c1c383a2a5fff8932e2ae9dc342b37652d47356ffc1cb37" + +SHA3_224 short #109 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"3c29a8c83e48194a7b87b69e376a06063de2449bd171fa91e58ed2bc904ba853bb35e3f51e7c06e96b5482aac89acfa383bbba3701d20104f8101d69de615f45a24c3e02991bf0d3bb3d37390fe87ecc64032438424218862093a69dd7b99008573661f9996ffe8ed50b7e54f49c":"5c6b29c3cbfd1d2eadf7c791513b27f21c934de6378ef748b779b71d" + +SHA3_224 short #110 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"68a3c06e0740b569c72ea6a90d8b45e83c7c350d2bcf1cf6d6dffa7553b8b998087c052e1c065d862bcc6a7a3e0a90acfa1dc410172c9dab140ead9a296811557e1647359acd40341efeb6f5b3fdc0044162a45e62b0ec341634bcecb830626930392f8c6bde85fa088a322054acfc":"58a691524398a5746df28ac083f15861750e0cdd1fd5e5f57c982c18" + +SHA3_224 short #111 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d4f757d1c33b9c0b38b4e93e8e2483ec51b4861299f1d650961457496d86614d42a36e3696bf168fd4663efc26e88cd58d151e1531467b73f69dc9ce4f8d41ce579ce1c91e6760e340e7677abdf4fec1040745aa5144640a39b8c4f884df80753a691653003d634fa5bfce81f94ec3f6":"be11259377f09821d9dc358592b6565d8ef2b414dfaa7db5609fb751" + +SHA3_224 short #112 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ecd9e95f7c5efc8336f80fe67e113657b31482bafc22dc5b45073482846cdc48414d2ea855ae75d9f28a0bdbe30dbe511503788e578f20f25e20bb770ca1d787f2f02911139275dbeaa5ae1aaf155f40d7134915dac34d0938358dc8be97cf1005a922bf3d71c331282f41c86993e0ccff":"6950ad0f91398b39965b1859ea918c531212face1e51d4d390f094e1" + +SHA3_224 short #113 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"834ddd8fc7ea0c3385ef8280d3a7b22d59ad17d710a51a544a293544f30659e816a98d38a2d4d92f6f96626a7c79d6f17bfd0a558f45e2fb541172b720ec629c88a7971326050f2b9ab80d30cf8c777f80e37c98fa61797523e81e1bbbc7cd6ee22e4249dae679ce0f3eccfb54495d7e7046":"ef21ee8d568c009eaa8d1ea770968cb718c4d56e7b2d966bfcbbf398" + +SHA3_224 short #114 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6ff611208395d81500505dae050ff0c29c0afde2a8e89c96192863ea62c17e292d0502e94dcb7f47f4cdd574264f48716d02d616cf27c759fdf787cdcd43b169ea586c8bca25fa3ce1a08eb615655e2471a0faa81d2edca28eff4030fabf36f10fb5f50fe4eb727c308f317bba995b6310ae12":"8a29f2c0d564935b8d31b7d007f58138489d140917a28ee85d43b6f2" + +SHA3_224 short #115 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f977ea38076328bb0ee2297cbe3b2a9755fe8bb95ae726298e04df05201a7ccf2046b82836e092da94a4eb1c291450121718159468e8a330fc2b1272c661fb62397e874ffcd7cccbe5425af725791001c0c035ea41c8c48dabd206ddb217666e2b688237c2127e96eb049d941b34126b373e1345":"15180df5554387337f04de2f37a16b28125adbd02b6fa6cfdb24195d" + +SHA3_224 short #116 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"22a8fb43d54fff82749cdce98abe8adafcd443ffe16bf0e99341e1f7064fc07a5907c816abdb326c30fef0f5846e9e313f32b602c9e00352706358fcb7fb81eaf1857a7b0ffddf27b741a465961806ccf672c17993f284b2aaa9a2c854250a4212aa7937a9bfeefc30ec5f0067c3aaf34a1dce2ee6":"d11fcbbb2fa03109f952a56e16867c70904552eb580a6659314bd5fe" + +SHA3_224 short #117 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"68727636ff38c0ba8999dde3cbd9503900d5ccb01d3c9b7959fb411eedf95cce1805cef6670d1e1133901cc06b55c41d945e654c0d18035498d4f92d167ae21b927cba3a810a41594885a00bff354ffc753e368274d01374469f1b3f7793e436ddc0822ad698f13bd15fb3ed10e0b97fac5f8778d9ce":"21c71bd09ebf5d09155347c4f476b8f9c5aed4579573211887ab6084" + +SHA3_224 short #118 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"167cb772f096b2e3b1599cce3440d1af57c5b7df5d2f460b91acc7e52c9fdb19793bc0833751d09f3f664a4167095586a564420a7810125b832e38ae7bb3a0d14403ef6157c20d3d67e6e13a44115b19ff1fb8b64ffa018133b6d532d9da69b9bffbcd74189071a57101e7239401ea50ad1ea04aab961c":"c46cb2dfeb8b961e6e84d72e05111e04d62e3f93a055164b135b9072" + +SHA3_224 short #119 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"b88ff728c8f829841a14e56194bbf278d69f88317a81b4749aa5fdbc9383486e09bff96a2c5b5bdf392c4263438aef43334c33170ef4d89a76263cb9745f3fea74e35fbf91f722bb1351b56436cdd2992e61e6266753749611a9b449dce281c600e37251813446c1b16c858cf6ea6424cdc6e9860f07510f":"8891cdfe486a582e8340bd8b893996d7a4e547e3bf50551902e722f2" + +SHA3_224 short #120 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"520f27a4d096d4193d2bc0983cf83bbb5084845b41844800c1f5669b4f67f5785c9c886eac51b059005cc3caf2f7dcfc205c230a8c924f604386696f3d5dd2a68509879d991aa49314d7271a8a8ef711b42825d3cd0071ae3bf6109772bfac1b167fad995f99b7afc2c573f2ce6493e25411101dca79b6d2f1":"216ea50997596f71edc94ed96e2b686628640f94a3c64adef05c2b63" + +SHA3_224 short #121 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"75c23e556178f00440533bcd25257934d0c6f5e68a64f1aa511bee9435c5277b02145fae1fdedce3b6b7b47015c547be55d00dfa3999920d586dbecf7ff95a775160d057308b32c661c17e5d6a772166bf69b9919ee91fe93877a50711939c85a9cf1ab65c28fa94879623faece20e1458b8821383fda2253762":"d1631028a8e0ec4adc689cabba8bf681d11e2e2a5059f293f7ef5be3" + +SHA3_224 short #122 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"d23373b9405024d0c4b17aa503f7e2ff7d308083124ed2cbc4d990b9bee0d70b9635872fcfdaea58a2b696d1fd8c9492cd2ec11179ee755aae5663626219c0981348a8be50c9bdf77b061121cde246649af1f30bd7e84a93d952f8025f854d7bd3d59d0ecd07e6d4d909b23c7ae03fa06fe1de1c3424999fcc3618":"726f6584ff9ea998ff326c9f73291ace8726d8697e7aa94f1ed42f7e" + +SHA3_224 short #123 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6f057f91480fecee8a7e3879dbf8c52040f96f5929c6b8b6aea223b91843ddeba387a2288264df3d241d14b5b6bc7defe9bcf174f5060a88de1f86fff59fed52a3e574f2620922dc0c12316e5869b779a18e8697ea0a50bf20a50f169ed8a308f785bd98efe6fdf4cac4574dcae9bbe5f3d7f56a11bad282fc9c84a7":"6b40e5c86db3d9c384c22a46cbef5f8e8c427bb6bf43268edd918aeb" + +SHA3_224 short #124 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"6f77874dcad9479f5bcac3763662cc30cb99823c5ff469dcbd64c028286b0e579580fd3a17b56b099b97bf62d555798f7a250e08b0e4f238c3fcf684198bd48a68c208a6268be2bb416eda3011b523388bce8357b7f26122640420461abcabcb5004519adfa2d43db718bce7d0c8f1b4645c89315c65df1f0842e57412":"0228626c63c20465d5139d1af0b9ce17e334ebe10a5eee2cafe96cb1" + +SHA3_224 short #125 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ea841bd41b22e4c98b223332918eb791f51d1978540785f9c617675dbd02721831f7e7fdfa7714af7d671b588a64f49d8556b5d1c448116839771faf51a85dbb1bbff59fad8e3fe3c4eb8631aa050f505df85757ed9e9d1a26a8a0e96feeaa7af204cd23fd0e6d4ca8d5ff25b91a0f94c42a887297b230f6d5d57271e07c":"ff33c64231dedfc247e11e35aaf82d283a9ad62034102ee2bb5d4609" + +SHA3_224 short #126 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"7216a825029da1c9a9328d499b3ff98f6e18b8af368e2b19efc1c0121b35b965ab282f55232356d7fad002fe3f0b6ab7833b2cb6f2e392b0c37414cbd3661e538c8613ae0c9291928303f775dd2a2445a27e825a1a3544a9b411eb3aa87d0fdcdcd85c170511db620e747296bdc3afa39489c181f5abc76a8a404e47e4a214":"9440d3710b43e79899e116987366b2dd36b44b2f39e377fa2d4fe143" + +SHA3_224 short #127 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"44a8508a3c3976d563e933705be4dbeebc726304b511203df7c7d1efceb6e06e91f1e57f3d8e6c105dfdf8262d984816fe7ad8f8dc95ab596fff48301f8d03137ba37dabdc4a6e664583a26b8edc42d3c2405516c51386c33a7f2875a3087702ca6721f56195053fe5263a29c8d8538dce6ce146b8b43ae520ee79a5a450c6a2":"a2743d341023ff5f775d90185d3139a7756b0a65c19ee876ebeb92ae" + +SHA3_224 short #128 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"a8ef4107f41ebbc5799a716b6b50e87c19e976042afca7702682e0a2398b42453430d15ed5c9d62448608212ed65d33a5ca2bcdca7728037df2e5f9fd9e974d0315dde8290241e3e2b2cc06f8c653ebc95bc2195c24d690caed42fe7d96589f3a85eae9bad995ab829e674abcfb8efaacb1eee5703f52b979d5d99a1c1694855a0":"b411a28ff46513d0c3d63cf78a9b6353466cba3b926a8d895ee14fdd" + +SHA3_224 short #129 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"f649d801b4040b7b5152f58a01e7852f565efc77b5dafe4607eee953b0ba6774c5573f1c79767121d94381c3ba9013ebef2fb8b0bf9f081f96ecf13cfad04e44c11ebb358160a89049bfad5e8e241d71689ddeecff0278063fd86b0ad475c6a25265f556b30ddb50078e216267edcd4a2b7016345d4b76806d7b02c625f3f717e0f6":"b94debadc833d5706cd4736bb1dc75039827832ae408859e2e6a6941" + +SHA3_224 short #130 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"eb71b45a494e76462edf41a9fdcbb3f46fb863b9e259d0c8f4a79898516eebe8c90c3ea5a675440f3c7b1a18c14dc20c5f3dd27788c66d448acd73226327f52cd65cecc8beaa2acfa34d90ef8bfe824e12ba9870bdc4965b8ced9ff9ce13a5bd39e824893af410d08ade0cf802e7dc02b0b71d6c2a5c3356229084e53b3ae4e51b384f":"fbbec05ee1fb5f5cd1106ed7384850059cdcda474ba7cec0407a272b" + +SHA3_224 short #131 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"4eca0c51d30829b9a1d2712da1fac31f52942d77c9f20c2bf6d3751028d7d4f0d336d3dc92b27ec368caa4444b3180c1e37e98b58f25e647a9a6361f0b04cf78d17955766168eebaa993a435a88e0b39307423d6ead87f639afea75ba44bbc6bd0fb5ac84a12c2c6ed9539a7c0f9abb0c1dc9483e2f321a85244926dfd95e2f05624aa7a":"fe313eb74f955c0cbb1c446dd4ff853f32b3232d93faba7db6d1fab8" + +SHA3_224 short #132 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"97784d14db62a7f98f5ac3df742e013489ec0b8777b05ef82bba06edc5c3a807b191c65513ca3fc7690615e56c2773c036edef29aac50c2211e20392018fc33d83c436f274f7c6062c3420025e7037993f1b8cddebf4aeb20421fc829c7fb23255372455c69244a0210e6a9e13b155a5ec9d6d0900e54a8f4d9f7a255e3a7fd06f1218e5d1":"5504f39131773550b6f459f33a5b57a2ce60ce8bb78c574fef83dcf7" + +SHA3_224 short #133 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"1ee9047351e2a13e4a2d5a826e304fef82241fbab5100835e1f850a20e51e34938b93dc852e58aab8adb0c3ccf61be9c90b53713c77ed0a5370309e6f19b290f1d642550f738c36818ddff74f77cae04af55617403b08c7a9f17e8fba0c21523575384b44ac4949e7c9dfbd1ef6a684f666c67856f8f84dba19cb38a23b0efad6eed229c536f":"b8f253512dabf9d89d2080830f23da5893b0f87edc0bd624ea767f14" + +SHA3_224 short #134 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"1f363d2f7aa89e2b6c5e172f530d1a35531d0083a5acfcd232d64db06134b8232da2368f7a46ead9a9ce55cd6af8cdbdd1582b6bad56c52a15769c3f43dcd68da60f6e7232fd2aecfb3fcd00029f8e5c4ed7ca3b3f9cf68920dbd747fb43f532b1034d9f49d546aa893be68fc3084658f22343b9068877387b8f68903071fe5877083be068d626":"e59a19686df36bf5fe798a9565722b8e0bdd9f8eedbbb4a34a9ca7ab" + +SHA3_224 short #135 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ecf5d9e29c1c04c11a9503cc223d0cee4866fa26df2b4f7c1a017939718f545746c0f137c9169692194105b2acf001e2f0e70f2332517a20c05899644af454cb8e00e5363593dc83f78d66bd0670ce8faa7244ff28d0de59e964dc68d87a30ec0ce03e49a73ce07dfea2ad54fa667bdfbe2f2222894d830dde4dc9aee3caefa4088683d7e8b9a966":"a886eb94f15df208be122912d4edf02561482278a9f847ddc91c9bd2" + +SHA3_224 short #136 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"9f44357664b5e3a958780641cca52049f3b49f07484b5f762a5571f7c9541b4346f81fa416f04065a80003864754b3b54114a77a4938c8b21a9e4d3e5d59c9fccd4d68f699f975da099320ab655a7fb51328d2c6ff460b9b40858e99f88a35be7b6a97d6b4778af2c559e616ee608c32b018a753321e321be333bb6f618f666f9a7734ab3112859323":"8839f755eee84e15c586b52e29a41ddc640ac432cf31370680987a44" + +SHA3_224 short #137 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"c1aa1266f223c148bfa3d0ab29f278334d8fcbfbf0f4ebef5c1b7a766b415155e1ea75d0fe2546115411faced7a04a27339b6bcd62e740697d06ce3cd2e0f00238c44c1d9faa85efebbbb3880313108124c5f3277c1f03ddf430a4bb4d88b67b6e3f7f96fc39e5aa2ca7e11fd5d1300aca144c5166269a1168a2e53c01c00b872c63f6833e5ace09bedf":"439e3c7a0d655a30a9749afdefb7e048814335849df76d526c287727" + +SHA3_224 short #138 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0a367d3789827ccd4bef5fe8eb78c20503241f07fb8c41d81e97fb53f3891962ca3c976395ac11d1f9ba7b20a52912e8e3ed92466ca5aa808166ade737ba8a0213e8fee8d67608ee9aed9e821edc9e575f1f07c3686169656ae09a0a0f70abd10cc31a8ef6e7496d56102fd8ff984e9a9f44e54495c966cf028f2a8423b46419de54541d9a08bd9654ac98":"40318036a595630e4135f10703be1d759a6c7e5146e0fc82abeba184" + +SHA3_224 short #139 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"8a05b00ae2d5f652f02f98a1b035003f8fa7ba1b17fc3778cdb1cae35ae1f768ea16ed05d25f515f75a23db468348911d4a749c51ce39615c07892318233a667c7f00e973fae98e7c8e9a8b7902480d87ac5bef8c4252661e6e8a2e4bd8a870fe83b1aa773ed5352b2abe193702c6dfb4aa8239e55ea6fc507a704e2540e23c917a01a1cb4420b07fb90ee2e":"9a26f054e57aea14242d7801f3d61ddca1523b738fc26fecfa5d9a6a" + +SHA3_224 short #140 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"ba6442c6d2139201dfef32c1ffb0ce92dd64091bd507c250595395e993d9a5124b5199640c2fe51482774b6a27d1a1751fe0d4fe5fd02dba152ed3c344fd9249af06da85f96f0bef0a8fefb1b501885b97f70dd842d12fa19befa03080c3d6b8ae2a0d13e2fc8bfc3fe1277ef0670cac0e52bb93c4344f6db13d05188d53fbc6106538f50ffdeda2e915fab921":"58470da58476bcb89450c521fc396c6dc51b9fb6465c979aba5f8eb4" + +SHA3_224 short #141 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"96fdb76f83bf12b3f4f322bf613fc38b2c8e0678856230418b6b062fb358488d6eed7c5c0656ec48c9bbf2da6a1473eea43faa68204f27239928172a3e49c52b58e861282c4401702337e5ce280aff00528eb26ac368db0cd0ad0eb262af226a9b16ef3bbd325614488f820363ca6ea77da4a7e8345554e57623732ee6326534819eadfe81c7f51d81ec51e1e3fc":"be92d4a6946de0e93d5bbe420651a8befb97cbdb5d63b22aaecf453d" + +SHA3_224 short #142 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"0eef947f1e4f01cdb5481ca6eaa25f2caca4c401612888fecef52e283748c8dfc7b47259322c1f4f985f98f6ad44c13117f51e0517c0974d6c7b78af7419bcce957b8bc1db8801c5e280312ef78d6aa47a9cb98b866aaec3d5e26392dda6bbde3fece8a0628b30955b55f03711a8e1eb9e409a7cf84f56c8d0d0f8b9ba184c778fae90dc0f5c3329cb86dcf743bbae":"98ec52c21cb988b1434b1653dd4ac806d118de6af1bb471c16577c34" + +SHA3_224 short #143 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_224:"e65de91fdcb7606f14dbcfc94c9c94a57240a6b2c31ed410346c4dc011526559e44296fc988cc589de2dc713d0e82492d4991bd8c4c5e6c74c753fc09345225e1db8d565f0ce26f5f5d9f404a28cf00bd655a5fe04edb682942d675b86235f235965ad422ba5081a21865b8209ae81763e1c4c0cccbccdaad539cf773413a50f5ff1267b9238f5602adc06764f775d3c":"26ec9df54d9afe11710772bfbeccc83d9d0439d3530777c81b8ae6a3" + +SHA3_256 short #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e9":"f0d04dd1e6cfc29a4460d521796852f25d9ef8d28b44ee91ff5b759d72c1e6d6" + +SHA3_256 short #1 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d477":"94279e8f5ccdf6e17f292b59698ab4e614dfe696a46c46da78305fc6a3146ab7" + +SHA3_256 short #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"b053fa":"9d0ff086cd0ec06a682c51c094dc73abdc492004292344bd41b82a60498ccfdb" + +SHA3_256 short #3 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e7372105":"3a42b68ab079f28c4ca3c752296f279006c4fe78b1eb79d989777f051e4046ae" + +SHA3_256 short #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"0296f2c40a":"53a018937221081d09ed0497377e32a1fa724025dfdc1871fa503d545df4b40d" + +SHA3_256 short #5 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e6fd42037f80":"2294f8d3834f24aa9037c431f8c233a66a57b23fa3de10530bbb6911f6e1850f" + +SHA3_256 short #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"37b442385e0538":"cfa55031e716bbd7a83f2157513099e229a88891bb899d9ccd317191819998f8" + +SHA3_256 short #7 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"8bca931c8a132d2f":"dbb8be5dec1d715bd117b24566dc3f24f2cc0c799795d0638d9537481ef1e03e" + +SHA3_256 short #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"fb8dfa3a132f9813ac":"fd09b3501888445ffc8c3bb95d106440ceee469415fce1474743273094306e2e" + +SHA3_256 short #9 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"71fbacdbf8541779c24a":"cc4e5a216b01f987f24ab9cad5eb196e89d32ed4aac85acb727e18e40ceef00e" + +SHA3_256 short #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"7e8f1fd1882e4a7c49e674":"79bef78c78aa71e11a3375394c2562037cd0f82a033b48a6cc932cc43358fd9e" + +SHA3_256 short #11 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"5c56a6b18c39e66e1b7a993a":"b697556cb30d6df448ee38b973cb6942559de4c2567b1556240188c55ec0841c" + +SHA3_256 short #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"9c76ca5b6f8d1212d8e6896ad8":"69dfc3a25865f3535f18b4a7bd9c0c69d78455f1fc1f4bf4e29fc82bf32818ec" + +SHA3_256 short #13 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"687ff7485b7eb51fe208f6ff9a1b":"fe7e68ae3e1a91944e4d1d2146d9360e5333c099a256f3711edc372bc6eeb226" + +SHA3_256 short #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4149f41be1d265e668c536b85dde41":"229a7702448c640f55dafed08a52aa0b1139657ba9fc4c5eb8587e174ecd9b92" + +SHA3_256 short #15 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d83c721ee51b060c5a41438a8221e040":"b87d9e4722edd3918729ded9a6d03af8256998ee088a1ae662ef4bcaff142a96" + +SHA3_256 short #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"266e8cbd3e73d80df2a49cfdaf0dc39cd1":"6c2de3c95900a1bcec6bd4ca780056af4acf3aa36ee640474b6e870187f59361" + +SHA3_256 short #17 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"a1d7ce5104eb25d6131bb8f66e1fb13f3523":"ee9062f39720b821b88be5e64621d7e0ca026a9fe7248d78150b14bdbaa40bed" + +SHA3_256 short #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d751ccd2cd65f27db539176920a70057a08a6b":"7aaca80dbeb8dc3677d18b84795985463650d72f2543e0ec709c9e70b8cd7b79" + +SHA3_256 short #19 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"b32dec58865ab74614ea982efb93c08d9acb1bb0":"6a12e535dbfddab6d374058d92338e760b1a211451a6c09be9b61ee22f3bb467" + +SHA3_256 short #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4e0cc4f5c6dcf0e2efca1f9f129372e2dcbca57ea6":"d2b7717864e9438dd02a4f8bb0203b77e2d3cd8f8ffcf9dc684e63de5ef39f0d" + +SHA3_256 short #21 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d16d978dfbaecf2c8a04090f6eebdb421a5a711137a6":"7f497913318defdc60c924b3704b65ada7ca3ba203f23fb918c6fb03d4b0c0da" + +SHA3_256 short #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"47249c7cb85d8f0242ab240efd164b9c8b0bd3104bba3b":"435e276f06ae73aa5d5d6018f58e0f009be351eada47b677c2f7c06455f384e7" + +SHA3_256 short #23 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"cf549a383c0ac31eae870c40867eeb94fa1b6f3cac4473f2":"cdfd1afa793e48fd0ee5b34dfc53fbcee43e9d2ac21515e4746475453ab3831f" + +SHA3_256 short #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"9b3fdf8d448680840d6284f2997d3af55ffd85f6f4b33d7f8d":"25005d10e84ff97c74a589013be42fb37f68db64bdfc7626efc0dd628077493a" + +SHA3_256 short #25 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6b22fe94be2d0b2528d9847e127eb6c7d6967e7ec8b9660e77cc":"157a52b0477639b3bc179667b35c1cdfbb3eef845e4486f0f84a526e940b518c" + +SHA3_256 short #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d8decafdad377904a2789551135e782e302aed8450a42cfb89600c":"3ddecf5bba51643cd77ebde2141c8545f862067b209990d4cb65bfa65f4fa0c0" + +SHA3_256 short #27 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"938fe6afdbf14d1229e03576e532f078898769e20620ae2164f5abfa":"9511abd13c756772b852114578ef9b96f9dc7d0f2b8dcde6ea7d1bd14c518890" + +SHA3_256 short #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"66eb5e7396f5b451a02f39699da4dbc50538fb10678ec39a5e28baa3c0":"540acf81810a199996a612e885781308802fe460e9c638cc022e17076be8597a" + +SHA3_256 short #29 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"de98968c8bd9408bd562ac6efbca2b10f5769aacaa01365763e1b2ce8048":"6b2f2547781449d4fa158180a178ef68d7056121bf8a2f2f49891afc24978521" + +SHA3_256 short #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"94464e8fafd82f630e6aab9aa339d981db0a372dc5c1efb177305995ae2dc0":"ea7952ad759653cd47a18004ac2dbb9cf4a1e7bba8a530cf070570c711a634ea" + +SHA3_256 short #31 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"c178ce0f720a6d73c6cf1caa905ee724d5ba941c2e2628136e3aad7d853733ba":"64537b87892835ff0963ef9ad5145ab4cfce5d303a0cb0415b3b03f9d16e7d6b" + +SHA3_256 short #32 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6ef70a3a21f9f7dc41c553c9b7ef70db82ca6994ac89b3627da4f521f07e1ae263":"0afe03b175a1c9489663d8a6f66d1b24aba5139b996400b8bd3d0e1a79580e4d" + +SHA3_256 short #33 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"0c4a931ff7eace5ea7cd8d2a6761940838f30e43c5d1253299abd1bd903fed1e8b36":"dc5bebe05c499496a7ebfe04309cae515e3ea57c5d2a5fe2e6801243dd52c93b" + +SHA3_256 short #34 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"210f7b00bf8b4337b42450c721c3f781256359d208733846b97c0a4b7b044c38dbb219":"3305c9d28e05288a2d13994d64c88d3506399cd62b2b544213cf3539a8e92e2e" + +SHA3_256 short #35 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"3cb8992759e2dc60ebb022bd8ee27f0f98039e6a9fe360373b48c7850ce113a0ff7b2ae5":"3c00bf3e12ade9d2de2756506f809f147c8d6adc22e7bb666e0b1d26469e65a5" + +SHA3_256 short #36 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"22634f6ba7b4fccaa3ba4040b664dbe5a72bf394fb534e49c76ec4cdc223f4969e2d37e899":"a87e5c78837d7be0060d8f5eda975489ec961b28d7088f42a70f92414ae17793" + +SHA3_256 short #37 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6e1dcd796b2015ee6760f98fdb40e668b2cf38b05c91f6a91e83bcc8ac59f816f90a59d64e8e":"746bf845c08aa186b5fe1ca35528232c4a491a3a2a32cd23e990bc603f3268ae" + +SHA3_256 short #38 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"ee0be20320f9d44073281265a6e9fa6b9d252495624b8d016b8ef57e1b4e859d8ad3b50b89416d":"a3257baf14ca16e1137dc5158703f3b02ebc74fc7677165fe86d4be1f38e2f7c" + +SHA3_256 short #39 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"8ae2da242635b6568289bf6bec8a438dbac1f5b4d50a90bb7449bdb92a59378e23452dbcabbbe879":"e25c44802c5cf2e9f633e683d37aa8c8db8a0e21c367808121d14d96c8a400b5" + +SHA3_256 short #40 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"bdd0252dec5b798ef20e51791a18e8ca234d9bfde632a9e5395337a112dd97cdf068c9f57615424f59":"e02c1b197979c44a5a50d05ea4882c16d8205c2e3344265f8fe0e80aed06c065" + +SHA3_256 short #41 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"c4c7b6315cb60b0e6cd01ef0b65f6486fdae4b94c6be21465c3a31c416ad2f06dcf3d6eae8eecf84ca7a":"2da21867cd6b5402d3caff92a05fddfca90199fd51a94a066af164ce3d36c949" + +SHA3_256 short #42 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"b17977aced3a1184b14b0e41a04dd8b513c925ca19211e1abdc6c1b987ac845545fb3b820a083b4f7883c0":"f91b016d013ede8d6a2e1efd4c0dd99417da8b0222d787867ca02b0ea2e80e45" + +SHA3_256 short #43 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"f65c3aa1d9981a84e49fc86d938f3f756f60e3858d5e1f6957dd4d268e28d68e90ba9a11d7b192d6c37fb30b":"3acbebf8eda9d3c99a6b6b666366c391e8200d55fd33ad8680734def1dc7ae85" + +SHA3_256 short #44 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"49abba1fa98f3c4470d5dd4ed36924af4a7ad62f4c2dd13e599238883ed7d0cb95bbaae58b460332e6b7681446":"02bcd9ea4f1aa5276f38e30351a14a072bc5d53a52d04d559a65ca46f1bcb56e" + +SHA3_256 short #45 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"275645b5a2514fe65a82efac57e406f224e0259677674f1d133f00a5ee9a6d1a8fed0eadbbff5a825041d2a9715d":"c70a874d786cd0f3f09fa4dc1bb8f551d45f26d77ad63de1a9fdfb3b7c09c041" + +SHA3_256 short #46 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"cd02b32107b9a640fc1bf439ac81a5c27d037c6076e1cfe6ad229638037ac1550e71cf9557c29c2fc6017afd5a8184":"36c73d11d450784eb99af068cd4e1cbc5768c8a2118010aceec6d852dda80d95" + +SHA3_256 short #47 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"5a72e0e1aec82a6541f04883bb463b0c39c22b59431cfb8bfd332117a1afb5832ce5c76a58fcf6c6cb4e3e6f8e1112de":"90fc3193552ec71d3315ebbb807913afd4cd2f0833a65e40d011d64de5e66513" + +SHA3_256 short #48 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"43402165911890719f9179f883bbbc2a3be77682e60dd24b356a22621c6d2e3dcdd4cb2ce613b0dfe9f58629ee853e0394":"5c4b6ceac9441defa99b10b805a725d4018b74b3e1f24ad8934fc89b41b8fd9e" + +SHA3_256 short #49 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"fc56ca9a93982a4669ccaba6e3d184a19de4ce800bb643a360c14572aedb22974f0c966b859d91ad5d713b7ad99935794d22":"e21806ce766bbce8b8d1b99bcf162fd154f54692351aec8e6914e1a694bda9ee" + +SHA3_256 short #50 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"ace6297e50d50a11388118efc88ef97209b11e9dfcb7ad482fc9bf7d8deecc237ad163d920c51f250306d6cedc411386a457c7":"f5581403a082bbf5ad7e09bdfccc43bf9683ebc88291d71d9ce885a37e952bd6" + +SHA3_256 short #51 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"3bad18046e9424de24e12944cd992cfba4556f0b2ae88b7bd342be5cff9586092bb66fac69c529040d10dd66aa35c1023d87eb68":"faed76ff5a1cd99183b311e502c54e516d70a87050cf8961c8cd46f65c1358cd" + +SHA3_256 short #52 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e564c9a1f1aaf8545a259f52c3fd1821ed03c22fd7424a0b2ad629d5d3026ef4f27cbe06f30b991dfa54de2885f192af4dc4ddc46d":"811529c600c9d780f796a29a6b3e89f8a12b3f29c36f72b06cca7edc36f48dc0" + +SHA3_256 short #53 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6043fa6465d69cab45520af5f0fd46c81dbf677531799802629863681cea30ffa3b00836fbf49f87051d92aaeac0ed09bcb9f0755b7b":"b0fceecdaef6c76d5fc3835b523ce2416f4a9b9bd1f90234445df0f2b689f2f5" + +SHA3_256 short #54 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"2040c538c79237e6f2b8188c6375ec2f610ac2301607b9c23660c3a1e1c3a902cb2950c59aac3af28f984f6369c4debe8623dfa74c967b":"e33dbdc0acc23fcfad3c759c4333410bd3a40efb1366ade157d2c81d65a0a6c7" + +SHA3_256 short #55 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"00ff6c96b7aa3cf27d036cf20af7031434113252574bda9cf9244d85aef2593d3a7a83bff6be904b75164a1766828042bc3f4f090d98a03d":"d000eafca34815783bed9b050c6901c97f2e77d4771a0ed724dd8f6ff1448791" + +SHA3_256 short #56 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e8df14936cce118139e690f1662f88cfbc9c333b6dea658c02cb1d959644592842542fd9d8d61a04d4a892128f0ddff7b6502efffbabe5cb0a":"3479a9617a3adca35854c08fe987c2fe7ff2b01b04f2d952c107b3f066420551" + +SHA3_256 short #57 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4ed981a31f70dd6b70c161be1f01fc1bba54d06d9494e7eb194e213d5e0e71e0fddd49cb1f075353da22624cbe4ba871aab32906e45b6fbb691b":"9c824a00e068d2fda73f9c2e7798e8d9394f57f94df0edeb132e78e8a379a0cf" + +SHA3_256 short #58 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"7802b70c6158bc26d5f157671c3f3d81ab399db552b9f851b72333770348eb1fdb8a085f924095eb9d5ccfd8474b7ba5a61c7d7bcde5a7b44362cf":"fa9726ccb068c0adb5d20079c35a318b3d951eb43b196c509ab790b7e9202207" + +SHA3_256 short #59 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"ff83dcd7c1a488e5a128d5b746284552f1f2c091615d9519f459bc9010ca5e0ac19796c4a3fd7a15032a55a1410737d07855b07f61fbd8f5759e9218":"8bd8d494a41acda4b7cd2994badaecff0f46ba2743458f6c3fdc0226f9492ede" + +SHA3_256 short #60 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"afd4764cc7d5de16a3cf80c51d0c0d919f18700c7dc9bc4e887d634fe0a3aa94097d590e4123b73f11ccb59e23496a3d53d2bfa908056c11c52c23abfb":"e9e3b3da648cf230f1973f3814eb81316d2a496826ea39adf4674576f97e1167" + +SHA3_256 short #61 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6fa6de509719ffbf17759f051453c0ac3cbe13346546bbc17050541074b034af197af06e41142211ee906a476039b3e07d6cb83a76aac6fca8eac307c034":"766630993fbb651fd8d3603e3eebc81931fb1302a46791df259a6e13ca2cba9f" + +SHA3_256 short #62 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"93cbb7e47c8859bef939155bea488090283ecf5023d99767c960d86baa333af05aa696fc170fb8bbac1e6473956d96b964580ee6640f0cc57be9598e55fc86":"d3212abca1100eb7658c0f916daf2692c57a47b772ee031c4ec6ad28a4a46de9" + +SHA3_256 short #63 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"67e384d209f1bc449fa67da6ce5fbbe84f4610129f2f0b40f7c0caea7ed5cb69be22ffb7541b2077ec1045356d9db4ee7141f7d3f84d324a5d00b33689f0cb78":"9c9160268608ef09fe0bd3927d3dffa0c73499c528943e837be467b50e5c1f1e" + +SHA3_256 short #64 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4bef1a43faacc3e38412c875360606a8115d9197d59f61a85e0b48b433db27695dc962ed75d191c4013979f401cf3a67c472c99000d3a152227db61de313ab5a1c":"8703a1f7424c3535f1d4f88c9b03d194893499478969fbb0a5dc2808a069ab8f" + +SHA3_256 short #65 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"f0be5e961bb55b3a9452a536504f612a3e66aec8160a882e5156eb7278433b7ea21de31e39383d57fcdfb2fb4a8d227a9d6085fb55cad3abb78a225535da0e34efea":"2fa180209bf6b4ad13c357d917fabb3e52c101a0cdb3f2299fa0f7f81dfb848e" + +SHA3_256 short #66 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"206f1c36ba25aea73398fffc9b65c4637cc1f05a6bbee014dccbd61e3b7aa9423887bbac62152a4bf73a4b7afabe54e08720589464da7985d8e6591ac081d115df2fe6":"558ea7c800b687380cce7e06006e1ebe0b89973f788c4caac5780f22dbf382e8" + +SHA3_256 short #67 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"8cd71434c00663f3bda0205508a4a266548dc69e00ca91fde06d165b40279af92674f75bd8133e5a9eb9a075c9068f68f4b820008a1fb42d89d1d759859e68f8efc6fb60":"085b343b08516f320a9b90fe50440a8bc51ae0850fa38d88724a4d6bd3df1ad4" + +SHA3_256 short #68 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4cf5bbd91cac61c21102052634e99faedd6cdddcd4426b42b6a372f29a5a5f35f51ce580bb1845a3c7cfcd447d269e8caeb9b320bb731f53fe5c969a65b12f40603a685afe":"f9dbb88c5bb4415e17dee9222174538eeab371b12d8d572cfdf55b806e3158e4" + +SHA3_256 short #69 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e00e46c96dec5cb36cf4732048376657bcd1eff08ccc05df734168ae5cc07a0ad5f25081c07d098a4b285ec623407b85e53a0d8cd6999d16d3131c188befbfc9ebb10d62daf9":"3571326a1577c400b967ac1c26df2a0dcf5db7070eac262a8071da16afa7c419" + +SHA3_256 short #70 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"981f41a83d8f17f71fc03f915a30cd8ac91d99aa1b49ef5c29fb88c68646b93a588debcd67474b457400c339cca028731df0b599875ab80df6f18b11b0b1c62f2a07b3d8209402":"62aea8760759a996f4d855e99bcd79e9a57ea362522d9b42fd82c12c9294a217" + +SHA3_256 short #71 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"5c589fc54fefc4d6e2249a36583e1992fc6b8a9c070e8e00c45a639af22063e66ae5cdb80238c82db043a5e1f39f65626e6d7be5d6a2d3380fa212f89211200412e5e4315fc04e40":"18deba74e9d93ae7df93c6c316ef201bf5e3a661e68868e14d4f56264f5d858c" + +SHA3_256 short #72 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"7c8691e7b2560fe87fcc5e2877f7e3c84d9101eca4818f6322a58986c6cf05627c0d6919ef2edc859f81fa1f33e0cc1f10edf7e52a9c33981af2ff0d720c94ea4d62170b2a4d1224fa":"5a5a438b57c1b3ce8756094252362afeaa9fc91cd45b385d16994ec8af49aa6b" + +SHA3_256 short #73 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"97359b564b2bc20800ed1e5151b4d2581a0427ce9539d324c3637cfb0e5378dc2cf6d72946e2a3535a2f664ede88ed42a6814c84072b22c43de71e880a77c2d9a05b673bc15a82e3255f":"be54f2e435f760d5b77c0ae61ef0aa7f5f3366f47819f350dc8a39aff8c73a8f" + +SHA3_256 short #74 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"a0dfaecd3e307c5ddf9a93603f7e19725a779218734904525b14586ff0ce0425e4efe7e1c06e745c28ed136f6031c4280fd4061d433ef700b6d1bc745064231fecf387015f94f504b6ad8c":"60d80f1c703dad5da93db222fb45fb7fa768c8aa2787f4b81f1e00365b8f49e2" + +SHA3_256 short #75 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"568d66d061306c3419a1928ce7edc8e3400c30998f09bdac6f63ff351eb23d362e8dc5927eac805d694ac9563dcd7fb2efa9591c0d827af9f39146f0424873aa8e3963d65734b1713baf0a44":"7a4fe37f296991121792dd7c2c30390725a1eebbf20b766a5a1c3c6c3646d996" + +SHA3_256 short #76 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d65b9f881d1fc7f17d6dd429faca8404e6ce60fba7d89b7fba003c8ef84d8083182979327611fc341291ba80dc70ad3b2f28b6d29b988445e7fdb7c6561f45822ac81dbf677a0b27d961dc6358":"51cc71b6934afcf28fa49942b76323f36cd6a0aecc5a0e49c10994ddcabdbb80" + +SHA3_256 short #77 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"711c88adf13e7a0e694652f2b9a397543f4937fafb4ccca7f1ad1d93cf74e818d0fedfaee099f019014ec9e1edfe9c03fdb11fe6492ad89011bf971a5c674461de15daff1f44b47adad308baa314":"1780e52e306858478290c46b04d8068f078a7f6ad8e3790a68fc40dccfbdadc9" + +SHA3_256 short #78 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"f714a27cd2d1bc754f5e4972ab940d366a754e029b6536655d977956a2c53880332424ddf597e6866a22bfca7aa26b7d74bc4c925014c4ed37bfe37245fa42628d1c2ee75dc909edc469ee3452d894":"f4afa72f3e489ad473dc247aae353da99fb005b490e2c4e1f5bd16a99732b100" + +SHA3_256 short #79 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"fe0c3280422c4ef6c82116e947da89f344d6ff997bf1aec6807e7379a695d0ba20ae31d2666f73bbdbc3a6d6ac2c12dcfb5a79173dfc9cd2e0d6000e3114f2767edec995772c6b47dadc136d500251e5":"89198e2363efd4e0ba7a8a45f690f02712e6f856668517bae118d11e9a9dc7cc" + +SHA3_256 short #80 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"02e238461d0a99d49c4cd16f442edf682c39b93114fc3d79f8546a99e5ead02f0cfc45081561da44b5c70eb48340418707fd6b2614580d5c581868ba32f1ee3ac34bf6224845b32ba7f867e34700d45025":"abef81b33591eedcac0cf32fb5a91c931f2d719c37801409133552170ce50dbf" + +SHA3_256 short #81 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"fb7c8cd4031007f8159d5c4c6120dee6777a3ace0a245b56f31e8aae7828dab3cf35c308de1d0d684592ef3a9e55796603a92f68d109f7a3ac1635f7c4d334955614c812753431bb0a0743291a0fc41547f3":"5a67284d39e4f37caa64ca1a54593c35f6d8f3a3ec20d460393a39f6f57c4486" + +SHA3_256 short #82 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6b2e868c7d0ee1c240d3a67e2fdf36e8e23817c02644a54453d10454da5859d41e833a5285ec63e8ce28aa64a50435a7740eea4b7d5827892678b35993d3f5da7a1c64f533173f3d0fa37e1aebf70827052c26":"aecf5dab6fea9ffd1bce2cdfeec0bee9d214a669e8306d5b6688afa8957fc91f" + +SHA3_256 short #83 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e5f3ba000c43bb6aca4e0a711a75912a48241cffa5b4b0b17f901f9e5097d94036c205f7a307d008567d05e58ac0dfaf6d971bf9d3d450cf2c7c83f6b328f676e9ab425642f5a5a71e389dc4fa49b6d7e848a09f":"182d6e4316f4bc18d7163b1b21462d99f99c6f34d2c00ee771ce54fd6c5018b9" + +SHA3_256 short #84 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"939c61e68af5e2fdb75a2eebb159a85b0c87a126ce22701622f5c5ef517c3ab0ed492b1650a6c862457c685c04732198645b95f84ccb0e726a07ce132827a044dc76b34d3f19a81721f1ea365bc23e2604949bd5e8":"121057b0b9a627be07dc54e7d1b719f0a3df9d20d29a03a38b5df0a51503df93" + +SHA3_256 short #85 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"9eadaf4811a604c65eaa7b1c6e89f2c0ab96bebec25a950ba78aac16d9371ca1e7458acf331e077ef6a735d68474ab22d2389bdf357fb2136c9f40e1e1eb99592c2bbb95d94931016b4d37faa08b1e9bf71bf2d3708a":"c237194b902e48dca5bd096cb51562079d0cdccb2af8088197676c17b0896be2" + +SHA3_256 short #86 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"71dcca239dced2ac5cc49a9bf9ea69a99be22ba62216716b524db80f337dee5eb7e032869e4adc1497babd1fa82fa8c3cfbd30d2eadfb4c5d40f99f9d194d7182c9cb7d41e8adbdcf2917e086782fdd756e2961c944070":"377d1cffb626735810b613fd31ef9bbb4577cd752521abe3a41afa921e623da0" + +SHA3_256 short #87 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"ea130d3236bca7dffb4b9e50e805309a503e7347227aeb9f1bd15c263a98dd65753d2eedaa734b9ad88f41158f32419ca529f3062b910c019f3f239f635fc1116e5ab7b242feb4471ed9168474e501d39d6bae52cc21061a":"85c7a52d53f7b41162ea9f1ef0d07c3fb8f0ec621617f88cb3828ebe5388ab3d" + +SHA3_256 short #88 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"28f1be1156792af95c6f72e971bf1b64e0127b7653ff1e8c527f698907a27d1544815e38c7745529bc859260832416f2b41cd01e60c506239a7bf7553650bf70d1fe7a2c1220ac122ea1e18db27490447d8545a70bf0ffc8fa":"b2eb3762a743d252567796692863b55636cb088e75527efd7306a2f6e3a48a85" + +SHA3_256 short #89 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"c8400ef09c13e8acc8a72258f5d1d20302c6e43b53250c2f6c38ff15be77e3cac04d04b8421fc8fdff8be5ca71edd108e9287b42dea338bf859100eea376da08a0e695f0dc90b95e467cbd3c2a917a504a5ae01c310ae802c4bd":"69966e89b7bc7f39cd85791b92180ff3fed658d8240e393e1e6d7c24b8d0ac95" + +SHA3_256 short #90 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"a48950c961438e09f4d054ac66a498e5f1a4f6eabfde9b4bf5776182f0e43bcbce5dd436318f73fa3f92220cee1a0ff07ef132d047a530cbb47e808f90b2cc2a80dc9a1dd1ab2bb274d7a390475a6b8d97dcd4c3e26ffde6e17cf6":"44c00cf622beca0fad08539ea466dcbe4476aef6b277c450ce8282fbc9a49111" + +SHA3_256 short #91 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e543edcff8c094c0b329c8190b31c03fa86f06ace957918728692d783fa824ba4a4e1772afbe2d3f5cba701250d673405d2c38d52c52522c818947bcc0373835b198c4cc80b029d20884ac8c50893c3f565d528a0cb51bf8a197d9d6":"6d5260384f3cefd3758fb900dcba3730d2b23cee03d197abeff01369dc73c180" + +SHA3_256 short #92 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4e10ab631718aa5f6e69ee2c7e17908ec82cb81667e508f6981f3814790cfd5d112a305c91762c0bd9dd78e93ef3a64c8be77af945b74ff234a0b78f1ed962d0d68041f276d5ea40e8a63f2cab0a4a9ed3526c8c523db7cb776b9825b4":"d88e5f3b2d0a698fd943233760a3000a3360d9040e7374b22e39ea58d868102d" + +SHA3_256 short #93 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"604d8842855354811cd736d95c7f46d043a194048b64bf6cda22c3e0391113dcc723e881ae2ad8dc5740aa6bda6669ddb96bb71acd10648380693f7b3d862c262553777004bd6852831618519fbb824759f4dd65af1b2a79cc01096d7c8d":"8a8ab6cf5c02b9ae8f4c170740eff1592f3eda11d3420ac8b421d93cfbb35db8" + +SHA3_256 short #94 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"628180e14f41ebdfde3b4439de55ee9cd743d41040f3457ef2280370dd659619fa0ce69580c709725b275a6eda8bcb82a8447c20fdf68cba15412f83e2a10079fe9399a3e3fa61975ec0a64041c0ecde59e4844e9f8a608cb22d2576854182":"8d154bf6f9cb72efc0d8b3927a8f690060d1d48bbe5cc72094d2c8b149a75132" + +SHA3_256 short #95 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"fc150b1619d5c344d615e86fca1a723f4eeb24fbe21b12facde3615a04744ef54d8a7191a4454357de35df878cb305692278648759681919d1af73c1fb0ff9783678aec838da933db0376e1629fcca3f32913f84bc2ff3ffc3f261d2312f591c":"3f626c8bb20a132495bd3022b3fcd0ce0604b91a9d70132dab4099f73dde23d5" + +SHA3_256 short #96 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6dadbecdd15e5646e3f37a6fe5b328e06113cce3c8cf07285939afba44d117321017902b3a9d2ff51f60d18e1b585dcdf34e49e170ee60fa4d1dc246548d2c1fc38e7983f42769c43d65a28016f3f4d479ebe1cd8fec5d1f886dd21aca5067d94f":"9098ea34c40b541b153e80a8bd92da19432b18b7d329760b302f8a54c395dd06" + +SHA3_256 short #97 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"9cc5fd3035b72dc63b8c3c326fd013081e6b8716f526d3fe176b45256d4c37cc3dc8417dff49ada96c702b8fd715c65fc08a17a0a720b9cf1eedfd4922ccde6baba437f782ee33b95371056b0350dad743470c3b663299f16fcfd34f6fc459cd0ee4":"b0c04f24bb6d3d4fcbfdf9222d0e886f1eb60a0566a478085f7623a025a5b981" + +SHA3_256 short #98 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"f3f063fbcf2d74aa5a02d240c962ed7bb119b3a212bdb41594e28428108e613152ed16e01e451fcf702b0e5a08f82eb12677652b93e05fdee00ae86cf2dc9a1fbf05b93952ec5b8515eacc324fb830e1ec236afd7d073d4b7f7ab1c2e048b99cbfa012":"f930d79360b581b1bbfdeac57133a339444f5c44538c921631eabaf058277d32" + +SHA3_256 short #99 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"840739a3d6992c13ec63e6dbf46f9d6875b2bd87d8878a7b265c074e13ab17643c2de356ad4a7bfda6d3c0cc9ff381638963e46257de087bbdd5e8cc3763836b4e833a421781791dfcae9901be5805c0bbf99cca6daf574634ec2c61556f32e642730510":"19795657e08cfbb247a17cf209a4905f46e4ddf58eea47feee0be9bb9f5c460f" + +SHA3_256 short #100 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4a51b49393ab4d1b44fb6dc6628855a34e7c94d13b8b2142e5d5a7bf810e202cefdca50e3780844a33b9942f89e5c5b7dd6afb0a44541d44fb40687859780af5025fecc85e10cf8249429a3b0c6ff2d68c350c87c2fcbf936bd9de5701b2c48ce9a330c9ee":"128fb4114e43eefd19277c708be9e6873e66d7fd59c58a1485b7b015facfa795" + +SHA3_256 short #101 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"afc309e6b7b74dfb0d368e3894266fc4a706c3325e21f5550d07a6560e3d9703c134ca6ad078e4a7b82ad6fa85b0bc1ddcab05d43f29d5c58d1da78ac80c37051b089ff31ce2c0c44e9ce3abea1da0f1df28008e178fdefafca493413bf1d256c729d0a9225e":"03e782b01a4ba10f640470bb3cae487eb9cbbaab8c9941978b194f6a312cf79e" + +SHA3_256 short #102 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"c5ae750f2230642092397b84ad5526c46ae9480ada16892816e0f2db7690b751035653ea2f33da3cc4168b591b46a5548eff7d012f60ccfdbb854deec9f0880c472de8e127b5144c56147cccee4732fbac68fc59a48da74b33ed9e643644bbe279795c7c737eba":"f64b7ab243ce6e6c04b483888ba8a655465c21d95eb60c7b8d6e566a3811bae2" + +SHA3_256 short #103 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"603e13f61499e12ec6b33b68847a281d314f54dc705c0f3fc428981ff5689c04b519fadf83cbc9fcd0409c326035045df480570e265bb080940037ce4076a36437aafdb371c1a62af9ad9b614dfef89708fbbb5ebef2cb9528cc399781e4c5b22f1aa4dba623809f":"5f76962fd3d373e5db2953c0823a51fe81f874450bedf7e46876394b04d3ef66" + +SHA3_256 short #104 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e03115cfa19efcd796da389063c4be6acce684d983f8edfb3da6887b0b94fbb5e89e3a1a8e64fdd68f0670b1a02c2c33384a660c5a2266b3ae8a3b4cd76faecf011a7467b9b2a818020278a5a57d1eb1c87f1224c2d67dd02e81f1553eb75841532c2b7cca8fe5e418":"d107ee6ee4a58871a33c49657faa2573e475f11918c4a4e3801d0e17fb93c6e3" + +SHA3_256 short #105 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"0e6c1d58b1b9d3a2d399aafd60529e07d483a2755bb7e44c373b5355632d5fca76d6ff56c93af93ddcec5ed6f62753420c1b1758e48542df7b824b00a3a54dfaf0470b18d51e31e10b12dd8e324b5dc1bb8f3b7305cb762ec6ef137dadffd4a2466748861d9004f626b0":"02ab2dbb02944354799051247b1a25c19f3696e1afcb502b859e83798b33fd77" + +SHA3_256 short #106 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"6db2a43a229b10c3629249fc5136468b4d84df7b89ec90ebf7aa7a036c53aa2dffae9e81b2c60580543dc706a5e3457abc87e248a60ec29150c2d221a6ec08a1fda4ec0daee8576904ec7ab059b1230e7bd93c4e55ba9496cbb1e352e5b8086e303b94c861288ce53c466b":"8cc4d39b2f5ba0bc9d2ee2a8777cf08533e60cc69b65a7b31c5c2121193aa31e" + +SHA3_256 short #107 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"31d995f7ff8b6de70829a8336c610f10df2c866107a4922b25151849f8566861df5a79163d02767f21357ad82733997899261f03dafb1ce1056f20efd16d4374b89768565823c38e19e899d910b847b023f1867b6e4fed02e604b8243c0bc7cb05b9ea1f17955bfa36698c9c":"c99c7191b34c9ad3f941d4ad442cc865205cbb4c2a6927c592e831cbc4d36fcf" + +SHA3_256 short #108 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"cb0b8cb7de621c8e0a0fc6be2fc18d0e8818a2c2dd0b3219fa87831a61583f903c4d105495976ccac973b3ae3a09771145931a9e74c19f22f45cba4c492b29b1401347122581dfe2370d3e0359578cd10a355c619711810a8f8c232578671312c0a45c7cf7e81bdd3b249044f3":"6d2f57a7e42b35369cf2cd60caf9e65aca7d9aa019e6824bb806348f1acf3c7c" + +SHA3_256 short #109 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"48dff78aed5f6e823054924a78dc1b8e51a117f1610181529f6d164ebf0f6406f0b02422cad8c916823759a361437ca17423d3fd84cc8afe486a31ccda01c732685418a32c064a7b9effb288e811ecc99adb2a759feecc3f702f31d9877dcdb717937c15fa2f163bea744400f58c":"14b631f0f00a3024ad1810dabf02711e28449668abe27f69380942268968d4f6" + +SHA3_256 short #110 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"06cc9fa542ceb35c88fb6ab82c29d5dcd530f807d3f1c3bcb3974421101d1aa6ac112de6bf979cd28eb0f70c40bcaf91ed3eca9bf9e0dbc6a0b73271d1c7506740ca9ebfb72d5e00ac5ce189193ffa308804b42a6d20402bb99031cdac65ec36eb7f59f5d299df2e0b8690f760b9a0":"574fd82a9fceb8f7bbbf244d16e0412cbda8153b720846c32b8f10fe5779a881" + +SHA3_256 short #111 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"8d93627c0b7cbf61a7fe70e78c2c8ed23b1344b4cfed31bd85980dd37b4690e5b8758f7d6d2269957a39a1ac3451cc196696ae9e9606a04089e13456095a1ce1e593481b3ac84f53f1cb10f789b099f316c948398ad52fa13474bdf486de9b431bd5d57ef9d83a42139a05f112b2bd08":"344ec86642eabb206b2fd930e4c5dde78aa878577d6c271cb0069d4999495652" + +SHA3_256 short #112 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d0af484b8be6b41c1971ae9d90650a1e894356c9191d6be303fa424f2b7c09544ec076a0f1865c8c97927ca137529d5bedc0df2ef08a4cc7c470b094b1eeaa86731c041633d24086b60f7369d59c57652dec9b3817477df9db289ba020e306c9a78a99b539128992deb23cfc508c5fc3af":"b7ba998726477c32792e9c3eddc1cb6feb7c3933e49f2e7590d8ce7a2113e6f8" + +SHA3_256 short #113 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"b212f7ef04ffcdcf72c39a6309486c0eeb390ff8f218d6bd978b976612f7f898c350e90bd130723e1126af69295019b4f52c06a629ab74e03887020b75d73f0f78e12785c42feb70a7e5f12761511c9688c44da6aaa02afa35b31edc94c3a0779b6ab9462525c0ccfba76986f873fe1e6ba9":"2f26b96c1fa3f3dee728f17584e733b4189821c659b8885a5fb1d12d60d2aaa9" + +SHA3_256 short #114 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"86591ada83fba8175a0fe91d264e7f9b2df97ee4c32570e76b579d6140508951932abdadd6a4ca53b8bb8c42927aac0a02126881d52d97b82b80e72dd59f6a42021651ee1bb5f7b3eb2b21d003d784b75dda87c13f714b216282e8175474fa661b445d071bd5341f3a88302f410d0f8a857962":"e3edbc8c42ce5d2384dfb24fb1de5d4798b1bc3cc78c97033894040dfa6feb6c" + +SHA3_256 short #115 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"92b5a8e84b6a2ac4d5b1e61d63804abd641dd630058ec6d5f752f135724ef1947a0a84c6611d32448de6307f7b7d857404e96b81df94f87768fcfdf09faa2fe37468847542afe012995ff1bd40b257a47a7309f8896bf4fb711de55bfeb3a8be0837729ef6067c578182f17ebb080a754f22773c":"80ed0a702812297c2aa1b6b4b530c2b5ed17ecfba6d51791cf152d4303ced2e6" + +SHA3_256 short #116 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"d284a0a9a4de5d4c68cc23884c95ad7619aa39b20a2cf401deaeb3362c3ce356f79cc3fa82d3d1f565ec8137e1f435f171496afaa1152f722315dca5209f0031cce39b6c3d718e007dfb4fd8de5ce1408dda04476aa8a96817afa86a4f8fb5857ae091c67ebd7db5d783f434ead699aa96e56f610d":"654eccefd0a4fdb2ac0ab56288c64399b37bc4d57ff4a9f1cce94362fc491bda" + +SHA3_256 short #117 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"f57f0f8795385b805246a0a2573afc274346a9eccf50c626b0455a50bfb09668578b5a5afe54fbbd486444bdf97dba586aa224ce2e2b4b52f418ff06afa65a26f5204983a5f84734cd166c88cb70a73fb2db48f9ef20c1ee2c53ade07460114e98e7e2ebd24ac84ea90422eb143c4a42e2991a565959":"135ec8b144a667dceae8fadd287df81c10ef3ebef87ff2fb56e60ae708a88f3b" + +SHA3_256 short #118 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"2a41a52e6578873588a57f11f1be7c7eb398d01f3bfdec2c33fe6b65a68a534a6540978daa82e0c8fccb8c6c5242f7f97b8ffa75bdedb217bd8083439eea5cbb6d193c13bd62f5658ed4304774c6b1faf5b3dce432487840cabab415fb5d67640a739ca6e5414e760869708a9d7331e7e7ad7d55e035c7":"a6a1b8a26f6f440f19f16dce1d3001477d73ee7f6c374bce2922167b81970d6a" + +SHA3_256 short #119 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4d11aa5d3c6b6900f49ff90dd815744572be5648b64bde638b9db7a9877dd745fa8ea80e2f7f655cee85c71a4509e21d899e49b4973579815f947587a404ad83fd4a248020d9d2a65f46485373fc926d793161f63a196ae0af590923c5be2a0e5d2f69da97e0788550c9c1dee9574ddc4a61e533275d7729":"fc5159f0ddd6d765c85fcc3fc3ac1dc0d317d8ea0b110e96ac9f7a398dc386c5" + +SHA3_256 short #120 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"05cd99bfe031d123ca7061d3de0956f4bbf164bad792db881713d6599ddab55ee24fcee804e360896152c8766424f8309f7a24641a07be0feb5da5e5076a9af45842f385101f93433ca5199f9c6b5872b2b808e4198aba8e18dd12db772930b4912d6f5cabeb529884f4bb142de55e021b3276047b22b64cc5":"8aa07742e6f1f47ad020ed6684edc8dba4af36b782955f0f972be3ae980aea0e" + +SHA3_256 short #121 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"529684398d68bdc19e7a00ce32cc1a8c1315b97f07137474f61f0cb84a04f2879b1109c78c6dacf7f0abf362329e3298f36fc31ef4ec06653723a5f961301dfb63537ad15946611cb2cd54ea928e322e7423fd6d146ee0b98c2c71e3bdcd33edf0845fbebd9ae4192d07acd01b432135e05af0d22f3f0c5a3d62":"a07049b6ebd7b355479a3d802fda436b83ae6747d741cf9626f7c62f47cbd563" + +SHA3_256 short #122 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"982fb5f4af498a4a75e33a033235ea3ddb70d9d236519f883ff5b388cbef30126b98d96e93a65a26fb00d17246d18cf4e2db14a52f0f6b10e35a93beadc14ff118b02e95b38fc4736f973ba848e40b5527cb0599076d96bc578c4aada09e8faf6820bc4f562d5199974f808b7f95edca74e6b3940894a7f66534e0":"09c60fec5a089a23f5da3ed2492aa21fcf7aa36183850fafc15ae8c63f596db0" + +SHA3_256 short #123 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"ca88614828f8acdb5fcffab6bb2fb62d932b7808e4d9cc3139a835b0cef471d9f4d8ffc4b744dffebf4f997e74ce80db662538bceb5d768f0a77077e9700149ea0e6a46a088a62717216a14b60119dd19c31038ed870b4709161c6c339c5cc60945a582263f3be9a40cd1a04c921947900f6e266f2390f3c970f7b69":"fe2d4183ccdaa816b4446a9b6c07d0ba4b42ac743599db5dc482b1941f443c71" + +SHA3_256 short #124 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"ab6b92daf83275cb9c1b76cfb59fbcc8ac53188e0b6980918e7ac0c07c836ca9372d19e11251cca664bbb3c3db2e13b412a9820b65e95612042f5db24643cf9340b9808597735a1f92670ba573a2fb2f088d81087d70565574344af7576d35b2ed98318e2ca0067d4fa8e63f28045b83b6887d4ffa0668a10712ed5759":"744538e1ae1cd7357710b56c3bc6f1bd7a8564118a1e0f9acc30fcf0b5396eef" + +SHA3_256 short #125 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"bfd4c7c8e90858ccf9c8834abefd9c1846ca4a11966fdd139d6de24a6bebf4b19f58d5d51e52bddd0bc6f1c7f35998f44707cae7100aeb4adefe373101429da3fca1d15737329dbbf47c783a84de59bfbb2fcd75a1a148d26aebb8d3a9a76089c0f8e4d49b71a06f9e323e2cdb54888189887a44b1fa9cb32b7c8fb7c9e0":"58b17843bc851a721c5a258eef57b3854d02190e732d9b8e7a9f926ac409c173" + +SHA3_256 short #126 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"c5019433c285da2bb93f119e58b4f36cd1e4d99dda35dbf4f8ae39c7fe65fa0ed03bd2b96dc649472d8f1a94477ed9f29592d97c9cd54da7c790ad1af3bb5cc030b7871bc64050db779d2caf0419895bf3b7b50b8e22fbe62fe30fe7bbd6ace86ddf7b00d5d9370f20cf0f97996f4bce70bb33f1ba022cdaba0f25d55fa031":"f7c92a3fb7f180370d628be78de874d693f74ccc7a54c741634258d8c512fd7f" + +SHA3_256 short #127 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"84b60cb3720bf29748483cf7abd0d1f1d9380459dfa968460c86e5d1a54f0b19dac6a78bf9509460e29dd466bb8bdf04e5483b782eb74d6448166f897add43d295e946942ad9a814fab95b4aaede6ae4c8108c8edaeff971f58f7cf96566c9dc9b6812586b70d5bc78e2f829ec8e179a6cd81d224b161175fd3a33aacfb1483f":"8814630a39dcb99792cc4e08cae5dd078973d15cd19f17bacf04deda9e62c45f" + +SHA3_256 short #128 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"14365d3301150d7c5ba6bb8c1fc26e9dab218fc5d01c9ed528b72482aadee9c27bef667907797d55514468f68791f053daa2df598d7db7d54beea493bdcbb0c75c7b36ad84b9996dca96354190bd96d9d7fbe8ff54ffaf77c55eb92985da50825ee3b4179f5ec88b6fa60bb361d0caf9493494fe4d28ef843f0f498a2a9331b82a":"9b690531dee948a9c559a2e0efab2ec824151a9175f2730a030b748d07cbaa7f" + +SHA3_256 short #129 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"4a757db93f6d4c6529211d70d5f8491799c0f73ae7f24bbd2138db2eaf2c63a85063b9f7adaa03fc348f275323248334e3ffdf9798859f9cf6693d29566ff7d50976c505ecb58e543c459b39acdf4ce4b5e80a682eaa7c1f1ce5fe4acb864ff91eb6892b23165735ea49626898b40ceeb78161f5d0ea4a103cb404d937f9d1dc362b":"1ac7cc7e2e8ea14fb1b90096f41265100712c5dd41519d78b2786cfb6355af72" + +SHA3_256 short #130 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"da11c39c77250f6264dda4b096341ff9c4cc2c900633b20ea1664bf32193f790a923112488f882450cf334819bbaca46ffb88eff0265aa803bc79ca42739e4347c6bff0bb9aa99780261ffe42be0d3b5135d03723338fb2776841a0b4bc26360f9ef769b34c2bec5ed2feb216e2fa30fa5c37430c0360ecbfba3af6fb6b8dedacbb95c":"c163cd43de224ac5c262ae39db746cfcad66074ebaec4a6da23d86b310520f21" + +SHA3_256 short #131 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"3341ca020d4835838b0d6c8f93aaaebb7af60730d208c85283f6369f1ee27fd96d38f2674f316ef9c29c1b6b42dd59ec5236f65f5845a401adceaa4cf5bbd91cac61c21102052634e99faedd6cdddcd4426b42b6a372f29a5a5f35f51ce580bb1845a3c7cfcd447d269e8caeb9b320bb731f53fe5c969a65b12f40603a685afed86bfe53":"6c3e93f2b49f493344cc3eb1e9454f79363032beee2f7ea65b3d994b5cae438f" + +SHA3_256 short #132 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"989fc49594afc73405bacee4dbbe7135804f800368de39e2ea3bbec04e59c6c52752927ee3aa233ba0d8aab5410240f4c109d770c8c570777c928fce9a0bec9bc5156c821e204f0f14a9ab547e0319d3e758ae9e28eb2dbc3d9f7acf51bd52f41bf23aeb6d97b5780a35ba08b94965989744edd3b1d6d67ad26c68099af85f98d0f0e4fff9":"b10adeb6a9395a48788931d45a7b4e4f69300a76d8b716c40c614c3113a0f051" + +SHA3_256 short #133 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"e5022f4c7dfe2dbd207105e2f27aaedd5a765c27c0bc60de958b49609440501848ccf398cf66dfe8dd7d131e04f1432f32827a057b8904d218e68ba3b0398038d755bd13d5f168cfa8a11ab34c0540873940c2a62eace3552dcd6953c683fdb29983d4e417078f1988c560c9521e6f8c78997c32618fc510db282a985f868f2d973f82351d11":"3293a4b9aeb8a65e1014d3847500ffc8241594e9c4564cbd7ce978bfa50767fe" + +SHA3_256 short #134 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"b1f6076509938432145bb15dbe1a7b2e007934be5f753908b50fd24333455970a7429f2ffbd28bd6fe1804c4688311f318fe3fcd9f6744410243e115bcb00d7e039a4fee4c326c2d119c42abd2e8f4155a44472643704cc0bc72403b8a8ab0fd4d68e04a059d6e5ed45033b906326abb4eb4147052779bad6a03b55ca5bd8b140e131bed2dfada":"f82d9602b231d332d902cb6436b15aef89acc591cb8626233ced20c0a6e80d7a" + +SHA3_256 short #135 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_256:"56ea14d7fcb0db748ff649aaa5d0afdc2357528a9aad6076d73b2805b53d89e73681abfad26bee6c0f3d20215295f354f538ae80990d2281be6de0f6919aa9eb048c26b524f4d91ca87b54c0c54aa9b54ad02171e8bf31e8d158a9f586e92ffce994ecce9a5185cc80364d50a6f7b94849a914242fcb73f33a86ecc83c3403630d20650ddb8cd9c4":"4beae3515ba35ec8cbd1d94567e22b0d7809c466abfbafe9610349597ba15b45" + +SHA3_384 short #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"80":"7541384852e10ff10d5fb6a7213a4a6c15ccc86d8bc1068ac04f69277142944f4ee50d91fdc56553db06b2f5039c8ab7" + +SHA3_384 short #1 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"fb52":"d73a9d0e7f1802352ea54f3e062d3910577bf87edda48101de92a3de957e698b836085f5f10cab1de19fd0c906e48385" + +SHA3_384 short #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6ab7d6":"ea12d6d32d69ad2154a57e0e1be481a45add739ee7dd6e2a27e544b6c8b5ad122654bbf95134d567987156295d5e57db" + +SHA3_384 short #3 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"11587dcb":"cb6e6ce4a266d438ddd52867f2e183021be50223c7d57f8fdcaa18093a9d0126607df026c025bff40bc314af43fd8a08" + +SHA3_384 short #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"4d7fc6cae6":"e570d463a010c71b78acd7f9790c78ce946e00cc54dae82bfc3833a10f0d8d35b03cbb4aa2f9ba4b27498807a397cd47" + +SHA3_384 short #5 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"5a6659e9f0e7":"21b1f3f63b907f968821185a7fe30b16d47e1d6ee5b9c80be68947854de7a8ef4a03a6b2e4ec96abdd4fa29ab9796f28" + +SHA3_384 short #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"17510eca2fe11b":"35fba6958b6c68eae8f2b5f5bdf5ebcc565252bc70f983548c2dfd5406f111a0a95b1bb9a639988c8d65da912d2c3ea2" + +SHA3_384 short #7 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"c44a2c58c84c393a":"60ad40f964d0edcf19281e415f7389968275ff613199a069c916a0ff7ef65503b740683162a622b913d43a46559e913c" + +SHA3_384 short #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"a36e5a59043b6333d7":"bd045661663436d07720ff3c8b6f922066dfe244456a56ca46dfb3f7e271116d932107c7b04cc7c60173e08d0c2e107c" + +SHA3_384 short #9 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"c0920f2bd1e2d302259b":"3d1584220409f88d38409a29ecaebb490ef884b5acba2c7eaf23914bab7f5f0fc97ee1e6336f88dfd4d0a06e902ccd25" + +SHA3_384 short #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"70ae731af5e0d92d264ec9":"563359fd93fe09f3fe49fcf5f17e7f92aab589cdec3e55e4c3715e7775814bbbfb8c4c732e28d3b6e6404860812dc6e9" + +SHA3_384 short #11 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"69c74a9b0db538eeff64d93d":"88c66389ca2c320a39022aa441fa884fbc6ed2d3cc9ac475372d947d4960579a64e061a297d1831d3524f98d8094404b" + +SHA3_384 short #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"a4a9327be21b9277e08c40abc7":"751f5da5ff9e2460c99348070d5068d8a3d7ffcec7fd0e6f68f6cd4a2ef4226df8d9b4613c3b0d10a168eaf54eabe01a" + +SHA3_384 short #13 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"cc4764d3e295097298f2af8882f6":"10f287f256643ad0dfb5955dd34587882e445cd5ae8da337e7c170fc0c1e48a03fb7a54ec71335113dbdccccc944da41" + +SHA3_384 short #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"5a23ad0ce89e0fb1df4a95bb2488f0":"23840671e7570a248cf3579c7c8810b5fcc35b975a3a43b506cc67faefa6dbe1c945abc09a903e199f759dcbc7f2c4d0" + +SHA3_384 short #15 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"65b27f6c5578a4d5d9f6519c554c3097":"dd734f4987fe1a71455cf9fb1ee8986882c82448827a7880fc90d2043c33b5cbc0ed58b8529e4c6bc3a7288829e0a40d" + +SHA3_384 short #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"a74847930a03abeea473e1f3dc30b88815":"dba6f929fe55f9d66c5f67c0af3b82f17bcf58b36752f3165c16083fea8fd478ee6903f27f820ad2dd9950afb48c6700" + +SHA3_384 short #17 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6efaf78ed4d293927eef2c3a71930e6e887a":"8218498ab01b63041c2ba0709e3309496124ddf0904543a9e0d9d096a750dda97f7a02208af3d8c618d4be7c2bb2a288" + +SHA3_384 short #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"fd039eb6e4657388b947ec01e737efbbad47da":"c5b3130ef8dbc580e1103fecae69c9a882d9ebf5a3def5938b07f843452a09c9f72f0dbca91d33b021cf6aa6fe60d2ed" + +SHA3_384 short #19 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"9c694943389bdc4e05ad7c2f63ceac2820e1d2d7":"f692c025c5c5f3d1275213c1df9bf9eb6d2188eda90ab5bffe631f1dbf70ebd628caee88b7d149e1ac4e262873979afe" + +SHA3_384 short #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"0fb18357b018b9bbb2cbb4cac50bc85609c92b8e7f":"d164306c99e3798790f0923fe92dbf2f96c3907127dacaa467c766ac75788062589272cb7690b8af2030dd8bd61a3df2" + +SHA3_384 short #21 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"26cb40a460e2e727aeb867e0140d0f34790110deb5d7":"af2a42a4c67c3226c55b89605b0dee27e796c2792115f6097203db5aed89e35f563a8246d399fde00c2a5b97ed5a5e17" + +SHA3_384 short #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6690a3a0373c829facc56f824382f4feed6eb184642b4f":"84e1b68bc9e2daefc19b567dec911ef46f5f37a74fdbbb6155e7e646f2735df2ac44e239689eb5b536465dc571e55cb2" + +SHA3_384 short #23 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"7d80b160c4b536a3beb79980599344047c5f82a1dfc3eed4":"041cc5861ba334563c61d4ef9710d4896c311c92edbe0d7cd53e803bf2f4eb6057235570770ce87c5520d7ec14198722" + +SHA3_384 short #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"02128283ffc0cfe254ac8f542be3f05fbe4e855dd22ae98a81":"3840981a766d725f83d334e8982965033a5fbb5107d94ffef33b1f700cd46348091a49f6620c37ae3ef5b20513494826" + +SHA3_384 short #25 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"27911dd0a6843ccae965d876aa1916f1dcd71e518f7f2197152e":"f59f8428555984d1526cded8129c649fb1b683d35cec7c5e1209441a6a9e7c17f0784151b5ab8a8c492b402a3acb98c4" + +SHA3_384 short #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"d9378bb66e8c8dee556d691cbc9fdddd6333ca5d50668862c3c57d":"994532d1a557e990b1cc9e0395a2ad8b05619ca322db9da3c4ed2ee194c051d04582fde72dd2b8f674cf6ec958db75da" + +SHA3_384 short #27 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"ae1828047c5f82a7b9712f3399832124b892f2f7aea51c8fe3536cd6":"d51111f8bffb44d81ad19683198f29d2033144d3cd856c749cac5b9cae0e712f500f8d0ef813f38e305ce175a7d6162c" + +SHA3_384 short #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"7dd2d76fa054cf461e132e9ef914acdc53080a508cdc5368ab8c6224ff":"6c0b3395e4c86518ab0a06267320ee9ec95e50385b7a2527ddaa1bd0ead262c56122d4f4eb08b0ae22b3ee7e6f44dd18" + +SHA3_384 short #29 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6fd72888a021f36e550967cb5605b55b78657c9272d93c3ded340d67da6f":"0551583a5b4007401c77ef4382fd8e245c9cf12e976c9766af6b7ae3c7e07a82b3079f903b083d5ec85cb94e46a85ac0" + +SHA3_384 short #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"d500eb9546553619cdc31e0848c502db92d547efef3ae5eeaa22258afcf0a9":"5edde2f94f8695f277ec05efcc00761fafd272200aed0e63d221c2b6c65b4972a6526f9a1f2e6ace0e81938f043fe877" + +SHA3_384 short #31 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6189597e0198a18c65fa0bdd0797f13037c75c4058b7d3454c0f71bd2dd13b6c":"110630ca7631b7620e6bee6ed6e929098965571936c34829484983eba9532b8175528c228c57439453f027a4f7c83ca3" + +SHA3_384 short #32 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"243b941d748541af303f8e9d2c371cd03e437d62a9df485ddc176dc65da8c7da00":"5884201f7a555ea3c5deeb019fd9e8c161e1b89756045e475b141ec5135ce5a41c93e5e1f79534d36fd8345ba434da43" + +SHA3_384 short #33 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"2dc3d789582c1a806c3b491d5972ef8f1733f1f5e02866dc9de2a8029ec0ab608d13":"05a3903b519cdf679120c7ccb4ef178b58e4502fcd461360988fa06669294851e629d9dd3e77ffb73d24599d5d3edd36" + +SHA3_384 short #34 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"e5b3f6962fe57230780b3d55b29effe0dfebde2c81ba97d4512ecdbd33eca1576a7f82":"7ac2776afb74f55bbc4f6eccf825ee13ac7445fb54974e6c24ebc0f03fdcd8530199a61106a31b4279e02201ee0f54fd" + +SHA3_384 short #35 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"da03486aa3cebbd6502e9f5a6f0f835e973a581befcc1aadefe7b3696ba71c70cd58c584":"02c44ceec0bb7dc0f664ebe44230192b5b0bb646bb944d23fa1ff3586dc0523fa9d7f0dd6df5449ab9edd9a1096b07dc" + +SHA3_384 short #36 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"3c686d321ba66185cdca83ba9f41984fa61b826ef56b136e13f1239dadf6e03d877866ccb8":"ad624edd9f2c3a32b56c53d9e813c01d66bcfe424c4a96907d52ac1ddd68370ec86dac67504a90e8a8e75502e01081d2" + +SHA3_384 short #37 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"4dcff99fac33840f6532547fb69b456902d6718fd5d4538e23462db6d00da61975f2b8e26298":"cf37dd27997c1bb7e6dc405170066e74c6ce517c029ed8dce126d025da74e0b8e86da567e8d7d8d5b5d3e2a546df7489" + +SHA3_384 short #38 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"2799f672328834d7eaef9439795d35ce93c9094f58ded9f17c968a97a50a9e461489fed988e7f6":"85cfc23c97cb13910b808e7033809a45aa0b7f7138de618c2ca622c8b813c988e264af3b96c7925dcbd1d2761757d800" + +SHA3_384 short #39 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"c7e947507822f28a562745a8fe6fed6cb47d73145804c894954e21245cde04fa9155a35904926aca":"8bddf3baebbc5b04fe0b0a9c3c2b730abe918ce4892d2843c613ee96da0228512f0d1307c7d1a8922e79a92e957dd18e" + +SHA3_384 short #40 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6c497bf6ff69cb39e3faa349212b8b6691ca237905ac0099c450b6d33abf362bedb65bdeb307bfea23":"3639fab6191b35246278522cfacee0cd5b15580a26c505ae3c46b4b1c2572016b48f1b012bbbedec47916950fbb33a1d" + +SHA3_384 short #41 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"d15936f3b0c9018271812b4c81453c4457c7edd110bcea7f5735d6f5882d8f27155eb4cc285a65138ad6":"0293eeef0aa3392c93d9c6ca89c08b317622572d4de2286a4b9ae6c2f9c9e0e64ee6c483d4f10859077e3c6868430214" + +SHA3_384 short #42 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"df18139f34b8904ef0681c1b7a3c86653e44b2535d6cecd1a2a17cd5b9357be79b85e5e04dd9eff2ca8b9a":"db9e171d6e3336631c9ceec6b4d732ce62b015939269fb69fae7d22725500e8a2fc9f1459cf0a31fb9d16d7c44583f52" + +SHA3_384 short #43 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"0459dcbc149333ea2f937b779a5f3728148449a9aea3662cdd2cc653ce6a2050f9c0d54bf9326c039b263eb9":"464ba409fbb45e985f84ee24662eb7c042c3c2ad9649f1ac4a8b2be9c07d37ed2e4284362057493f6a7e52c356b05bc5" + +SHA3_384 short #44 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"eb3f7002c8352270340b8da8643622e5f7e32cdb208a0dec06c6cb9e6b64cc4d8cb9de1d49397b3386464a25d1":"a26bd76ce42d818dbec462d8fe7cdd957e6b84ae8750fb5e1c9c76bc6000e23737e073a59b4600e5056524edc667909d" + +SHA3_384 short #45 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"47e3e3d8c68ac9d9f4b3759d8c7d9dd901e35b096ee4c8b6cbe0cdf467463630926c08289abe153bfa1bcde3cd7c":"b504ef475a568f9caba8352a0b2d243acdf3d2b41d8890a6fb3abb8aa28a29e0c7527d20e2d79b25b400ec27c314db72" + +SHA3_384 short #46 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"838d9c181c5ab59592723bd69360e0d7fd15232beada7591ea899ac78ffd53a32fc73a5fe522ed35d92a6e2bc148ca":"53e99e1158d59032ffe4b5ea304c7d2f7a61b6b2a96ac97832ca26013549fe3f7dcdf926bd74ceabe4f1ff172daed6e6" + +SHA3_384 short #47 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"a90d2aa5b241e1ca9dab5b6dc05c3e2c93fc5a2210a6315d60f9b791b36b560d70e135ef8e7dba9441b74e53dab0606b":"4a16881ce156f45fdfdb45088e3f23be1b4c5a7a6a35315d36c51c75f275733319aca185d4ab33130ffe45f751f1bbc5" + +SHA3_384 short #48 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"8c29345d3a091a5d5d71ab8f5a068a5711f7ba00b1830d5ed0bcdfb1bb8b03cd0af5fe78789c7314f289df7eee288735fe":"e27b39a96255ff69c45285fca6edaaa3954ce32c1e3d9b1f60c1b6676594bb45caf0889fc11daf93a1b60746229689dd" + +SHA3_384 short #49 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"32876feefe9915a32399083472e3c3805ef261800b25582aa7c36395fd3ec05d47b49c4944bbcc2b8b5ebd081f63ae7943d0":"f96433cdb69a607433ea2eb77d87d3328867dc4076b67ccf17f50f9e08e89a86624b60f2ecdb8affcd431fc13173fe75" + +SHA3_384 short #50 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"e2e77eb54f321f86f52ea3d3c8cdc3bc74d8b4f2f334591e5e63b781034da9d7b941d5827037dee40c58dc0d74c00996e582bc":"a352ab33ca730482c376bdc573c9d1dc6d3597f9be9f798b74a57beaa8e9c57b78ee6761056eb67363e882fefcad4fb9" + +SHA3_384 short #51 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"da14b6d0b2ec4cf1e7c790e7f8f4212b8f4d05f50e75e2a56a5d70623c0d2e0115a15428129109b3b136d756e38a5c8463304290":"aae7ad977e17ac0e560c0e0186433420f9fddcd191b9e91567cee05df88f1e1aee50424a313998a873f7a9c289a02217" + +SHA3_384 short #52 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"2db06f09abaa6a9e942d62741eacd0aa3b60d868bddf8717bef059d23f9efe170f8b5dc3ef87da3df361d4f12bfd720083a7a035e8":"85d4e3e5abcb1b59ca6f551eb43b43ff64890511f73a9083a2ce6e9c2861c6e9664c765629024f4b01b0cd1594a5981b" + +SHA3_384 short #53 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"26bad23e51c4560c172076538b28716782ee6304962f68e27182048948d5c367a51a1c206a3e9b25135b40883b2e220f61cb5787ed8f":"a44c7f84ab962f68283404f8c5c4029dbc35d2138e075c9327580baf89f292937bf99422e45756b3f942bf0a5ae4acb6" + +SHA3_384 short #54 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"77a9f652a003a83d22fb849b73fed7d37830c0dc53f89cea7dbec24e14f37197765206fe0e6672016e4dec4d9ebbe3e1b4423771a5d0a8":"29c8bb39bb2aad419a00a80216ec71ec5ec9ab54c41927e3e3f2f48f079a5886d7fe89db98c807ab686d2339001d6252" + +SHA3_384 short #55 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"268c7b3a84849fec5c769bc4ad377dea10c9d20c91dd17fdbd9670a2fc909d0e212129ec40dee41dbf6194a3b04ae8be5e84ad5426ca4496":"0dfc6ffcf4a387ec09ff862c6139a6f7ac77abb2b5e1f6dc814eb71525f8657ac74a7697c2975c70a543af0e227d03ca" + +SHA3_384 short #56 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"b8324341a6891a6b5e001a7d2ebba6e02e8335c124185309a4c9e9907c43bd8d4fa73c527fdf783650316dd24b148870e1436ac05111e9cdcc":"6278d1cc17fb6d54129d04987d4774fa846dcac4ba8b6b72f41e63dc387ce0081ba29fb2c17c6744edae24e669cc9e75" + +SHA3_384 short #57 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"5ef8b3d79d299bee2c414560c7de626cc0d9fb429884aa69cc30095ef1f36b7e03a8ca25fb3601189f163b209e0facf8dc447f690b710fb47b72":"7ec9505f33f4a5493574422de078e0490b61be8e8d6f158192bb7d2bdc2dc335598dc88d9b443cd1c14b883a77119df1" + +SHA3_384 short #58 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"ad7321c9a8b8f0bfe100811114270daad57f6e88772326b62d88a37a6f55c2cf9f759115ed6a590878e4dcefb592db151538db7de20229d26a181c":"3782d2caa537294e809e9df837b1b07e2f1df07d0f4c12e12459f56eeaa478d5b3a41e519d9414eafa5ddd5661c831ba" + +SHA3_384 short #59 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"0719d9664541f0a824f71c83b809bb6afc973c9f7428e1ed11f7c29a558e1698b796aefb49eec2b098faf06bd43e82e1312bf0388c38a5bb523506d3":"362c05f678df92883d56e19221391fb00d0f0afcec51d3e0feb15ba2fb60693b09d69118af649648933259d7b1e240ab" + +SHA3_384 short #60 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"5415c2596aa7d21e855be98491bd702357c19f21f46294f98a8aa37b3532ee1541ca35509adbef9d83eb99528ba14ef0bd2998a718da861c3f16fe6971":"8f9fd7d879d6b51ee843e1fbcd40bb67449ae744db9f673e3452f028cb0189d9cb0fef7bdb5c760d63fea0e3ba3dd8d1" + +SHA3_384 short #61 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"b979a25a424b1e4c7ea71b6645545248498a2b8c4b568e4c8f3ff6e58d2ac8fbe97be4bea57d796b96041d1514511da5f6351120be7ab428107ef3c66921":"e248a64b6ef112bf3d29948b1c995808e506c049f3906d74c3ee1e4d9f351658681901fe42c8e28024fe31014e2d342b" + +SHA3_384 short #62 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"e64c7bb9cd99ce547d43de3cc3b6f7d87a2df9d8a4760c18baf590c740ec53c89bfa075827e1f3f2858ce86f325077725e726103fbe94f7a1466c39f60924f":"d1e5a72d2595f38714c6198ac14f8a5cdd894dcf9b4b8e975174b100df7bbf4f7ce291b4864f27c0b64e6330f6c1c82c" + +SHA3_384 short #63 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"91b7a1fd0e20072d9c5be7196e5eaf8df36fdf145895b30d4e4c02010d7c663499ac9d7a44732f4c7430511ba6fb0ae4b3dc9405523a054fdf962f5c5b79c423":"07c2e0aeae30da83b5a6b320aa1cf727b10c2034583d7acda55648fa3daa017aa15588b6e2149101c56e3d7df7c76df1" + +SHA3_384 short #64 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"5bbc2d4efe63cbfc9fc221dd8d8384075a79c80a27d6a8c5219e677f4c5bb8338013dc2ab1770acf735d13c0bc704621ec2691350cf3ea2f53bded45ef8fc70702":"dd0bbfe4b799642191abe316df9d59a3743566778b4459c51c3be3f658bdce45516ad188fbe1a8cad8a1fa78f8ebb645" + +SHA3_384 short #65 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"129549278e8976c38b5505815725400c3d2081edf141ad002e62ff299d9a0743f9c9f25971710b194dc88285d50b6cec6e140c19072f51cab32a9f6497abd3e407c6":"ca26aec527fadcd5ebeb4eafa7c102f79a3c2edb452afd04f6162dd7a17bdd1aad7d616508a89a3ec6a40791d915acc8" + +SHA3_384 short #66 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"b9a9f378adeff4337bc7ec10d526c6dda07028375549f7fda7a81d05662c8a0da3b478f4152af42abb9f9a65c39da095abb8161ba6676b35411234bd466c2914e00370":"99914f684e0b317f9338af0c71e9655a3af7153eb9fabaae61454bf8de9e0bfd274c1eff6c4b550e47afcb3b20fa7d9e" + +SHA3_384 short #67 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"101da5b09700dcadf80e5b7900f4e94c54d5f175569a854e488aa36fb41ab7220b0662178ca07a596768528123de3b2a3d944aa412875cedfeaf58dcc6d5b4a033a53b69":"d3e32c9b271e11e4968397d85d76938b974ac1ba55bcbe8d7b7da02dbd7e3b9c9af0d98bbd7e50c436fcf9e3551e3432" + +SHA3_384 short #68 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"14761bbc5685b5de692973e2df7c9c4750889c19a952f912c817890546d5e37d940d13a14ac7925abbd875b8cd60e4920896ce6decc8db9f889da2b5489e1d110ff459d885":"272222ed50631aff465c0e6fe49ecdfdca983bcb7231e50903e200b335b845108202c28315912c9c4fd50e2c6f13a9ea" + +SHA3_384 short #69 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"ed538009aeaed3284c29a6253702904967e0ea979f0a34a5f3d7b5ab886662da9b8e01efc4188e077c2cdeb5de0a8252aafbee948f86db62aae6e9e74abc89e6f6021a4db140":"8361b680243b1661d6f1df53db363cae41c2ebb7438c00606d76b9c2a253faa1f09d6f520d69d692ec1dca0c7885119c" + +SHA3_384 short #70 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"c434d88468f1eda23848d0804b476933f24baeadec69743dd90d8455f1e1f290f6f1aaf3670c4c74f76d3ab83e9bef21ad8d9208c712ca478e70d5fb3c4bd48834c969dd38f484":"9c26e96fcc09a76cc13d24ad25c9cef4300e96e97e4fb59b441baffed07f6a70b1464f2548c7fd7839810dbb9e9c1e18" + +SHA3_384 short #71 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"3064e5ba1e7751bf7198e0811ff4d4ca17d1311c25d9c3a316b562691cde75c974b0b52645c134ddcc709d77b6c1bd24cd684265d723c308bb4d0159e6b16d97ed9ceaa57436d302":"1ea779739b204abe911b4923e6f60fece271eedfc7f074fe1919f0cbc6ce2a99234b003389520884b660165f5a1e80f8" + +SHA3_384 short #72 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"89d9521ad84b1c9afc2fbd0edc227193acd3330764b0d2cb71bf47c7aac946af85be13858b55976009f3b36b09ced4308052c817c9c4d0295225f61a9659a0874b88667cdcc5213919":"4209bb8f869f6f17c8d5c368c489ac51a75e24a85a12de1b16fefc292ce636ff8fa360e82f05684f6b0b074ba370a933" + +SHA3_384 short #73 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"3216662da0227993d88288187177a0287de4eccf245d7c718b8045bbfb8869d93f1fb9e94d7478b0298e628c07e0edaab01dcf79264dc05f8b2181aa3f831dc949726fbcf80de4c9c9ed":"64c45e018cfbc88f8f4ffe3cef0df3a94aab3049fafae28e28efbb2a4b94809eb302caf901010abfa194f72965663d35" + +SHA3_384 short #74 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"e776e6749c5b6c7def59cb98340984539280a9874f80412d4df0ee73d58acd1094d49ed4e35125834cf8cfe349e599144e4f2e200aba4fd3eb6d78cde027c1d5620e0270b5e83ab26b8d32":"94bd67b7f2587b0bda5487cc45d00e4365f1ee40073cdf0d23a5ea3fba01eef42a46bfbac5306d67be02d8d918ae5c9a" + +SHA3_384 short #75 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"5d8f84b2f208b58a68e88ce8efb543a8404f0ec0c9805c760ad359d13faab84d3f8bb1d2a4bb45e72c0ec9245ffda2e572f94e466cffa44b876d5c5ed914d1ff338e06b74ad1e74d1405d23d":"947350307748c29467f00103d0a07c3c228c5f494fc88fe2352ca5d10449d0dda7076780c05439a09694eb528d1f477a" + +SHA3_384 short #76 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"357d5765595065efe281afb8d021d4764fba091adde05e02af0a437051a04a3b8e552ec48fb7152c470412c40e40eec58b842842d8993a5ae1c61eb20de5112321bc97af618bbfbaf8e2a87699":"32286970204c3451958f5155f090448f061dd81b136a14592a3204c6b08e922ee5bb6d6534dbf8efb4bb7387092c8400" + +SHA3_384 short #77 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"a8cb78e1485cbb7a9474c1c1f8e0f307cda5139a7e947df5ea20ac330a6dffcad4a9bd755f9f58724789eeee532615be550dd84f5241fde0e3058aeedbf287f02a460445027f5e6b3829bf71ecf4":"51168bfeef8a981c0def0c4cb067baf15ce5feb8d5f7e9d6076b2836267391aee1fd3a0b5d3434ceb5cf2d6fa06fa063" + +SHA3_384 short #78 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"81acca82545e767ab59dcc750a09849cebad08ff31c9297f4fd510ebe6c27769938319180ccc66f36b1a7cf9c9f3538b0f6f371509f77cf0bc4d6d87facc85b933f2e27f8e1bf6cf388f80c0fcbfba":"4ae44d6509986893a8414753b57d11f9c554d89c15ad6d70687c56c6c2ac73537acbb0d51f48e6bea6cf762d58890d7a" + +SHA3_384 short #79 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"94987498b1ca87a6f3fa4b999db726115c455d0ec24029b2f5810e49a94668864b8c470f7fc07c3dcd97f41c973b45ba4fa7879ee7546596881573b6863fc39d940eb3fa3444084f721341f5d23d2561":"a733b118be72a187ddcbe5ba67e04b589f9cd9f8482c4bd9d64c580aba7d19d2d1f9c1ddf95fe6efdeffd44f67fcabb5" + +SHA3_384 short #80 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"de6b32c2d40d0659166db235259b530ea43f44e75d8b3e9e856ec4c1410bbea3696964af8b6c5dfd3304282369a4bc4e7cf66b91fecd0c7c105b59f1e0a496336f327440980a34614ee00fff2587d6b813":"17ba30c0b5fc185b3245313b83dd0481145953101128914765784af751745b8a2b6a90a434548f3adaf1f07f18649890" + +SHA3_384 short #81 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"854211bedacc19f77b46cfa447a4ad672ea9b643f09f5cf5274ba28888207e2466b38127776fb976db8ad7165a378df6ee1e3a0f8109c9aff7e0d6126fd71333c6e6ebe15d7a65151d6a4a83b82c8a6f3149":"ca85632a9f7c32ac4705c6458770025dda4fd07a8d5d6921b897b0da490d64400587649f2d20bf608b9a18d071b63b48" + +SHA3_384 short #82 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"822373d9d3d5b06a8da48a43095740fb98c9caf717350fd2c3b058024ff705b9346b7f0a495a6d4d93802bc45ece777f8c6a6e7c2ef6b8135115ff911a2ba5241665b6f7cbfa1b9d93b011b3aaa1dac1853fb2":"6e84587c8c6e54353a6032e7505902ef7f0f0538dd1bb32922e13a7d4d98c47a541015381eab27e9186398120da7fb32" + +SHA3_384 short #83 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"c04b701f688092bbd1cf4217bc4b5877f2e60c087bdac46611482a61d51f820140403bc85be0c336332da0938734bde8c502014f3509266c73c6c93c22a1bd0ddf15a5ce7410c2894e9d092e32c079922ba1abb7":"75c585503f15a526113608bc183180b1cb80f4d1b466c576bf021b1ce7a1528391f70e10446681849fa8a643cb2b6828" + +SHA3_384 short #84 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"009dd821cbed1235880fe647e191fe6f6555fdc98b8aad0ff3da5a6df0e5799044ef8e012ad54cb19a46fdd5c82f24f3ee77613d4bed961f6b7f4814aaac48bdf43c9234ce2e759e9af2f4ff16d86d5327c978dad5":"02a09d37d31e4365c26bec0eaacecf29eea4e8d21ab915dd605248764d964f10ebb8fafdb591982d33869a1d08a7e313" + +SHA3_384 short #85 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"0b7dd6709d55e0d526d64c0c5af40acf595be353d705be7b7a0b1c4c83bbe6a1b1ec681f628e9d6cfc85ad9c8bb8b4ecac64c5b3a9b72f95e59afefa7bcec5be223a9b2b54836424afde52a29b22ab652d22cce34b39":"5c84ae39d959b79555231746ad5b33689a31720ed0070f6772147977edd0aead07fb8b7b71b0bd587ebc5c1a80d564c7" + +SHA3_384 short #86 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"3e9b65d7bf4239420afa8639c8195b63902b24495b95c4143978e49843d88a92d1feed2eed1a88cd072d6d04ea26dce8ee4b14896fdb69bc7ff2971ed8ac5655148d2e9921218d74efdf17c56b533d0bb17d11e07d7458":"ab7890d1b51af10285752bf9da5eee5c3e87a285dc33262d0261aa9a575f303e94845d7ab21b48f4e6884568cd78b550" + +SHA3_384 short #87 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"9436da433d1ebd10b946b129cb34bccec9b8f705aaba3f8561352ed36a8449aba2dd7ba15b1bc308b0c02913163af63a346524dff5521432db477f529606afb5d552efc95cb040db566b4d39eddaa19319e518a7b5c6931e":"968ae9104f9c907c5a72936250dfedd62cd04f6e5ddd2c113490808a11884449aaef5d013ea3993a6cb6fc5c08754408" + +SHA3_384 short #88 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"37254bf9bc7cd4ed72e72b6bb623a0cc8eeb963d827aef65ad4bc54913235b6d3551533ce33421aa52ffbf186eb9a2787188eeb1b52ee645c6d4a631bc071415c80014940c28fbfeb0db472c326c8dacfd6ab21f3e225edef3":"975e10fac9aa77b780e5f6c2151ec4a3c72ff26e41233cc774c074df1b78cce5af1191ba955a0bce15926ae691b0ffe7" + +SHA3_384 short #89 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"79e77cd08a6ef770bbe4bedf61557ea632b42d78637149670d4d6157d56ed7b2ccaee45d9439dcebc557b4118e86c15aa0ccc21c474b21abda1676cc56434d6d46422993e66dc99387dfa985358accf69884b9dd18a2c4d04448":"94729f5f99a54f5a3ea69233ff9d522392d4596eb6ac2bbb07492ece3c67317412bb47ae317ddd20536c3adc003862f1" + +SHA3_384 short #90 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"64b76cb554f6becc238a3fcfc3eb97993667ec82fdc3fb28d42567709c3250c7997328aeddfdc2750451ac462281bf66fa94f4b8712c7a8342660574f20268e707c466627519c56259fea55be91e10faab3ad2ade6ce8b6557f202":"26d48ef5067d704ee9e2a64e399de23068908b3c911ffc4056c168362c37385c92d37d51354b6505a82c4d22fec37eaa" + +SHA3_384 short #91 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"3df27829bfb1ab7d381f146b30370ef56b392b73b35b1be5d8bbcf88f499dda7f3c327b45350b8972991ee466545de96560cf451711fda884e3d9b2af3e909d655d25cee1c931beda79c40fa507097bdf1126771a7b9543ad5cb84b9":"5fa4ebfa24150236c03409f0857b31cb95b0150f381c8858b01559957b1268f73c698709233e6b15468675a102d0c5e5" + +SHA3_384 short #92 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"b00f4e67ca08ccfa32b2698f70411d8f570f69c896e18ec8896cfe89551810543303f7df0c49f5b94783cce7df8d76d0b88d155633302d46003711f233339b1c9a8c20164ec8a328890a4932b7d90d92d023b548e4820558f8bd327010":"eaa756b5892fdfc793d74e3f9f4d6c7a5a6a2241dd11e0c38ced59c8ec7be377a41d1d06774a5970ce9722d8e119d0ad" + +SHA3_384 short #93 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"a4f95f6a46a9cbf384a7e98e102d1fdc96839d1bf26b35a5a0bd6cb9734fd17e8a178d4581943c0fe469fb4fe94cc2f15e1ef59ae05b35324eb57ca07dfc69d42d41d80b3c3bb64e1aea143c7d79790a56697dc803ec93e6c68f27f6761c":"1aff8d9c64f0c162ed0195d1f3a342a010d14be0636903c48020ba42de1cfa8b98ae2142d89af3e69e9eb4c735857dd1" + +SHA3_384 short #94 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"02713084bf93fdc35135515243c3bc0f4b2b447f2d3461c0dc104cbfe23479ab036762a91d1987c953f7b3386abc80b8734a1d4eabf94f3a9f2fb62c943152b5253846fc2ec8dbb2e93dc74857a7b05fe2d7ec8040ba8b0d9ae69777ee739a":"84da02114e341a3636f00822b32bd21a8a1f7b39f2956bd97f39346fedf9aae63b304c65c93a541e8bcda549576d5f27" + +SHA3_384 short #95 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"00ce225eaea24843406fa42cc8450e66f76ac9f549b8591f7d40942f4833fc734a034c8741c551d57ddafb5d94ceb4b25680f045038306e6bcc53e88386e2b45b80b3ba23dec8c13f8ca01c202ae968c4d0df04cdb38395d2df42a5aff646928":"81d6e0d96575a9b8ca083ee9ec2ead57ddf72b97d7709086a2f4a749d3f61d16423463487562c7f09aba1b26e8cae47b" + +SHA3_384 short #96 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"7af3feed9b0f6e9408e8c0397c9bb671d0f3f80926d2f48f68d2e814f12b3d3189d8174897f52a0c926ccf44b9d057cc04899fdc5a32e48c043fd99862e3f761dc3115351c8138d07a15ac23b8fc5454f0373e05ca1b7ad9f2f62d34caf5e1435c":"00e95f4e8a32a03e0a3afba0fd62c7c3c7120b41e297a7ff14958c0bdf015a478f7bab9a22082bfb0d206e88f4685117" + +SHA3_384 short #97 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"2eae76f4e7f48d36cd83607813ce6bd9ab0ecf846ad999df67f64706a4708977f0e9440f0b31dc350c17b355007fed90d4b577b175014763357ce5a271212a70702747c98f8f0ad89bf95d6b7fbb10a51f34d8f2835e974038a3dd6df3f2affb7811":"eb396cfaf26ee2775af3c9a3a3047664ca34cbc228ccbb966df187d518717df6a328ecc316ed0ed09b170080eccc486f" + +SHA3_384 short #98 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"093e56d33bd9337ad2ad268d14bac69a64a8a7361350cf9f787e69a043f5beb50eb460703578a81be882639f7e9ac9a50c54affa3792fd38464a61a37c8a4551a4b9ff8eed1f487ef8a8f00430e4d0e35a53ff236ce049b7a3abdc5cd00b45c4f3d49b":"4a339128486e5b274fc4ed538c0ec9e57f780e9c500c5f92b04ae81a22fbeebf3785259a0bb3b6d9b47f31873cd8dffa" + +SHA3_384 short #99 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"0593babe7a6202077c026e253cb4c60ee7bad7b1c31a20da7aa0ce56b622eb57ed07d21a7f0ae6c6fe3c8398cc48353decfb287f1204e024fcf82a13059953b9f85797ab2217dc8dab34a13226c33104661c1ca79396e7d97e91039d32bafc98cc8af3bb":"5981815c1618cc49cd5cf71a4b7b32b8cd7b7ef553bfaef2149ac723ff2582a2d345c5bd05943e155ced1e5f091c5601" + +SHA3_384 short #100 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"ae1828047c5f82a7b9712f3399832124b892f2f7aea51c8fe3536cd6a584b4a7777cc1ecac158c03354bb467b8fe2c8ce2f4310afd1e80fec51cc5ad7702566b2c5d21bc6571e4b8e7c59cb4c9e23f1ecb57ada9e900e4aa308874c2d12d34be74c332bbce":"7257f5bfa7d33d1cf5f4550d0cb78750e84c5b7d25027da6acec64bdf30879a0e5c97fe7c468e743aa5ec2bddb29d193" + +SHA3_384 short #101 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"3bceedf5df8fe699871decb7dd48203e2518fb0fce0f865f46adce5c133a921320bf40915456204869a3ceb5fca3ed40e0a41a64b8951f0fc580694cfc55bd1f5ce926b07e3e32ac6e055de9b961ce49c7ee41e06b024559b933a79518192e969855889c85d1":"60d7f8bd85fb7a13701db5aded2b7771ab5e476ec34f1fd4298978defbd2b31bb2979391559a164b3ed28f6a39031a11" + +SHA3_384 short #102 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"6c36147652e71b560becbca1e7656c81b4f70bece26321d5e55e67a3db9d89e26f2f2a38fd0f289bf7fa22c2877e38d9755412794cef24d7b855303c332e0cb5e01aa50bb74844f5e345108d6811d5010978038b699ffaa370de8473f0cda38b89a28ed6cabaf6":"b1319192df11faa00d3c4b068becc8f1ba3b00e0d1ff1f93c11a3663522fdb92ab3cca389634687c632e0a4b5a26ce92" + +SHA3_384 short #103 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_384:"92c41d34bd249c182ad4e18e3b856770766f1757209675020d4c1cf7b6f7686c8c1472678c7c412514e63eb9f5aee9f5c9d5cb8d8748ab7a5465059d9cbbb8a56211ff32d4aaa23a23c86ead916fe254cc6b2bff7a9553df1551b531f95bb41cbbc4acddbd372921":"71307eec1355f73e5b726ed9efa1129086af81364e30a291f684dfade693cc4bc3d6ffcb7f3b4012a21976ff9edcab61" + +SHA3_512 short #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"e5":"150240baf95fb36f8ccb87a19a41767e7aed95125075a2b2dbba6e565e1ce8575f2b042b62e29a04e9440314a821c6224182964d8b557b16a492b3806f4c39c1" + +SHA3_512 short #1 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"ef26":"809b4124d2b174731db14585c253194c8619a68294c8c48947879316fef249b1575da81ab72aad8fae08d24ece75ca1be46d0634143705d79d2f5177856a0437" + +SHA3_512 short #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"37d518":"4aa96b1547e6402c0eee781acaa660797efe26ec00b4f2e0aec4a6d10688dd64cbd7f12b3b6c7f802e2096c041208b9289aec380d1a748fdfcd4128553d781e3" + +SHA3_512 short #3 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"fc7b8cda":"58a5422d6b15eb1f223ebe4f4a5281bc6824d1599d979f4c6fe45695ca89014260b859a2d46ebf75f51ff204927932c79270dd7aef975657bb48fe09d8ea008e" + +SHA3_512 short #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"4775c86b1c":"ce96da8bcd6bc9d81419f0dd3308e3ef541bc7b030eee1339cf8b3c4e8420cd303180f8da77037c8c1ae375cab81ee475710923b9519adbddedb36db0c199f70" + +SHA3_512 short #5 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"71a986d2f662":"def6aac2b08c98d56a0501a8cb93f5b47d6322daf99e03255457c303326395f765576930f8571d89c01e727cc79c2d4497f85c45691b554e20da810c2bc865ef" + +SHA3_512 short #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"ec83d707a1414a":"84fd3775bac5b87e550d03ec6fe4905cc60e851a4c33a61858d4e7d8a34d471f05008b9a1d63044445df5a9fce958cb012a6ac778ecf45104b0fcb979aa4692d" + +SHA3_512 short #7 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"af53fa3ff8a3cfb2":"03c2ac02de1765497a0a6af466fb64758e3283ed83d02c0edb3904fd3cf296442e790018d4bf4ce55bc869cebb4aa1a799afc9d987e776fef5dfe6628e24de97" + +SHA3_512 short #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"3d6093966950abd846":"53e30da8b74ae76abf1f65761653ebfbe87882e9ea0ea564addd7cfd5a6524578ad6be014d7799799ef5e15c679582b791159add823b95c91e26de62dcb74cfa" + +SHA3_512 short #9 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"1ca984dcc913344370cf":"6915ea0eeffb99b9b246a0e34daf3947852684c3d618260119a22835659e4f23d4eb66a15d0affb8e93771578f5e8f25b7a5f2a55f511fb8b96325ba2cd14816" + +SHA3_512 short #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"fc7b8cdadebe48588f6851":"c8439bb1285120b3c43631a00a3b5ac0badb4113586a3dd4f7c66c5d81012f7412617b169fa6d70f8e0a19e5e258e99a0ed2dcfa774c864c62a010e9b90ca00d" + +SHA3_512 short #11 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"ecb907adfb85f9154a3c23e8":"94ae34fed2ef51a383fb853296e4b797e48e00cad27f094d2f411c400c4960ca4c610bf3dc40e94ecfd0c7a18e418877e182ca3ae5ca5136e2856a5531710f48" + +SHA3_512 short #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"d91a9c324ece84b072d0753618":"fb1f06c4d1c0d066bdd850ab1a78b83296eba0ca423bb174d74283f46628e6095539214adfd82b462e8e9204a397a83c6842b721a32e8bb030927a568f3c29e6" + +SHA3_512 short #13 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"c61a9188812ae73994bc0d6d4021":"069e6ab1675fed8d44105f3b62bbf5b8ff7ae804098986879b11e0d7d9b1b4cb7bc47aeb74201f509ddc92e5633abd2cbe0ddca2480e9908afa632c8c8d5af2a" + +SHA3_512 short #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"a6e7b218449840d134b566290dc896":"3605a21ce00b289022193b70b535e6626f324739542978f5b307194fcf0a5988f542c0838a0443bb9bb8ff922a6a177fdbd12cf805f3ed809c48e9769c8bbd91" + +SHA3_512 short #15 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"054095ba531eec22113cc345e83795c7":"f3adf5ccf2830cd621958021ef998252f2b6bc4c135096839586d5064a2978154ea076c600a97364bce0e9aab43b7f1f2da93537089de950557674ae6251ca4d" + +SHA3_512 short #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"5b1ec1c4e920f5b995b6a788b6e989ac29":"135eea17ca4785482c19cd668b8dd2913216903311fa21f6b670b9b573264f8875b5d3c071d92d63556549e523b2af1f1a508bd1f105d29a436f455cd2ca1604" + +SHA3_512 short #17 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"133b497b00932773a53ba9bf8e61d59f05f4":"783964a1cf41d6d210a8d7c81ce6970aa62c9053cb89e15f88053957ecf607f42af08804e76f2fbdbb31809c9eefc60e233d6624367a3b9c30f8ee5f65be56ac" + +SHA3_512 short #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"88c050ea6b66b01256bda299f399398e1e3162":"6bf7fc8e9014f35c4bde6a2c7ce1965d9c1793f25c141021cc1c697d111363b3854953c2b4009df41878b5558e78a9a9092c22b8baa0ed6baca005455c6cca70" + +SHA3_512 short #19 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"d7d5363350709e96939e6b68b3bbdef6999ac8d9":"7a46beca553fffa8021b0989f40a6563a8afb641e8133090bc034ab6763e96d7b7a0da4de3abd5a67d8085f7c28b21a24aefb359c37fac61d3a5374b4b1fb6bb" + +SHA3_512 short #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"54746a7ba28b5f263d2496bd0080d83520cd2dc503":"d77048df60e20d03d336bfa634bc9931c2d3c1e1065d3a07f14ae01a085fe7e7fe6a89dc4c7880f1038938aa8fcd99d2a782d1bbe5eec790858173c7830c87a2" + +SHA3_512 short #21 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"73df7885830633fc66c9eb16940b017e9c6f9f871978":"0edee1ea019a5c004fd8ae9dc8c2dd38d4331abe2968e1e9e0c128d2506db981a307c0f19bc2e62487a92992af77588d3ab7854fe1b68302f796b9dcd9f336df" + +SHA3_512 short #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"14cb35fa933e49b0d0a400183cbbea099c44995fae1163":"af2ef4b0c01e381b4c382208b66ad95d759ec91e386e953984aa5f07774632d53b581eba32ed1d369c46b0a57fee64a02a0e5107c22f14f2227b1d11424becb5" + +SHA3_512 short #23 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"75a06869ca2a6ea857e26e78bb78a139a671ccb098d8205a":"88be1934385522ae1d739666f395f1d7f99978d62883a261adf5d618d012dfab5224575634446876b86b3e5f7609d397d338a784b4311027b1024ddfd4995a0a" + +SHA3_512 short #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"b413ab364dd410573b53f4c2f28982ca07061726e5d999f3c2":"289e889b25f9f38facfccf3bdbceea06ef3baad6e9612b7232cd553f4884a7a642f6583a1a589d4dcb2dc771f1ff6d711b85f731145a89b100680f9a55dcbb3f" + +SHA3_512 short #25 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"d7f9053984213ebabc842fd8ce483609a9af5dc140ecdbe63336":"f167cb30e4bacbdc5ed53bc615f8c9ea19ad4f6bd85ca0ff5fb1f1cbe5b576bda49276aa5814291a7e320f1d687b16ba8d7daab2b3d7e9af3cd9f84a1e9979a1" + +SHA3_512 short #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"9b7f9d11be48e786a11a472ab2344c57adf62f7c1d4e6d282074b6":"82fa525d5efaa3cce39bffef8eee01afb52067097f8965cde71703345322645eae59dbaebed0805693104dfb0c5811c5828da9a75d812e5562615248c03ff880" + +SHA3_512 short #27 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"115784b1fccfabca457c4e27a24a7832280b7e7d6a123ffce5fdab72":"ec12c4ed5ae84808883c5351003f7e26e1eaf509c866b357f97472e5e19c84f99f16dbbb8bfff060d6c0fe0ca9c34a210c909b05f6a81f441627ce8e666f6dc7" + +SHA3_512 short #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"c3b1ad16b2877def8d080477d8b59152fe5e84f3f3380d55182f36eb5f":"4b9144edeeec28fd52ba4176a78e080e57782d2329b67d8ac8780bb6e8c2057583172af1d068922feaaff759be5a6ea548f5db51f4c34dfe7236ca09a67921c7" + +SHA3_512 short #29 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"4c66ca7a01129eaca1d99a08dd7226a5824b840d06d0059c60e97d291dc4":"567c46f2f636223bd5ed3dc98c3f7a739b42898e70886f132eac43c2a6fadabe0dd9f1b6bc4a9365e5232295ac1ac34701b0fb181d2f7f07a79d033dd426d5a2" + +SHA3_512 short #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"481041c2f56662316ee85a10b98e103c8d48804f6f9502cf1b51cfa525cec1":"46f0058abe678195b576df5c7eb8d739468cad1908f7953ea39c93fa1d96845c38a2934d23804864a8368dae38191d983053ccd045a9ab87ef2619e9dd50c8c1" + +SHA3_512 short #31 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"7c1688217b313278b9eae8edcf8aa4271614296d0c1e8916f9e0e940d28b88c5":"627ba4de74d05bb6df8991112e4d373bfced37acde1304e0f664f29fa126cb497c8a1b717b9929120883ec8898968e4649013b760a2180a9dc0fc9b27f5b7f3b" + +SHA3_512 short #32 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"785f6513fcd92b674c450e85da22257b8e85bfa65e5d9b1b1ffc5c469ad337d1e3":"5c11d6e4c5c5f76d26876c5976b6f555c255c785b2f28b6700ca2d8b3b3fa585636239277773330f4cf8c5d5203bcc091b8d47e7743bbc0b5a2c54444ee2acce" + +SHA3_512 short #33 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"34f4468e2d567b1e326c0942970efa32c5ca2e95d42c98eb5d3cab2889490ea16ee5":"49adfa335e183c94b3160154d6698e318c8b5dd100b0227e3e34cabea1fe0f745326220f64263961349996bbe1aae9054de6406e8b350408ab0b9f656bb8daf7" + +SHA3_512 short #34 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"53a0121c8993b6f6eec921d2445035dd90654add1298c6727a2aed9b59bafb7dd62070":"918b4d92e1fcb65a4c1fa0bd75c562ac9d83186bb2fbfae5c4784de31a14654546e107df0e79076b8687bb3841c83ba9181f9956cd43428ba72f603881b33a71" + +SHA3_512 short #35 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"d30fa4b40c9f84ac9bcbb535e86989ec6d1bec9b1b22e9b0f97370ed0f0d566082899d96":"39f104c1da4af314d6bceb34eca1dfe4e67484519eb76ba38e4701e113e6cbc0200df86e4439d674b0f42c72233360478ba5244384d28e388c87aaa817007c69" + +SHA3_512 short #36 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"f34d100269aee3ead156895e8644d4749464d5921d6157dffcbbadf7a719aee35ae0fd4872":"565a1dd9d49f8ddefb79a3c7a209f53f0bc9f5396269b1ce2a2b283a3cb45ee3ae652e4ca10b26ced7e5236227006c94a37553db1b6fe5c0c2eded756c896bb1" + +SHA3_512 short #37 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"12529769fe5191d3fce860f434ab1130ce389d340fca232cc50b7536e62ad617742e022ea38a":"daee10e815fff0f0985d208886e22f9bf20a3643eb9a29fda469b6a7dcd54b5213c851d6f19338d63688fe1f02936c5dae1b7c6d5906a13a9eeb934400b6fe8c" + +SHA3_512 short #38 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"b2e3a0eb36bf16afb618bfd42a56789179147effecc684d8e39f037ec7b2d23f3f57f6d7a7d0bb":"04029d6d9e8e394afa387f1d03ab6b8a0a6cbab4b6b3c86ef62f7142ab3c108388d42cb87258b9e6d36e5814d8a662657cf717b35a5708365e8ec0396ec5546b" + +SHA3_512 short #39 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"25c4a5f4a07f2b81e0533313664bf615c73257e6b2930e752fe5050e25ff02731fd2872f4f56f727":"ec2d38e5bb5d7b18438d5f2029c86d05a03510db0e66aa299c28635abd0988c58be203f04b7e0cc25451d18f2341cd46f8705d46c2066dafab30d90d63bf3d2c" + +SHA3_512 short #40 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"134bb8e7ea5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0a09921237acd7d66f4da23480b9c1222":"8f966aef96831a1499d63560b2578021ad970bf7557b8bf8078b3e12cefab122fe71b1212dc704f7094a40b36b71d3ad7ce2d30f72c1baa4d4bbccb3251198ac" + +SHA3_512 short #41 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"f793256f039fad11af24cee4d223cd2a771598289995ab802b5930ba5c666a24188453dcd2f0842b8152":"22c3d9712535153a3e206b1033929c0fd9d937c39ba13cf1a6544dfbd68ebc94867b15fda3f1d30b00bf47f2c4bf41dabdeaa5c397dae901c57db9cd77ddbcc0" + +SHA3_512 short #42 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"23cc7f9052d5e22e6712fab88e8dfaa928b6e015ca589c3b89cb745b756ca7c7634a503bf0228e71c28ee2":"6ecf3ad6064218ee101a555d20fab6cbeb6b145b4eeb9c8c971fc7ce05581a34b3c52179590e8a134be2e88c7e549875f4ff89b96374c6995960de3a5098cced" + +SHA3_512 short #43 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"a60b7b3df15b3f1b19db15d480388b0f3b00837369aa2cc7c3d7315775d7309a2d6f6d1371d9c875350dec0a":"8d651605c6b32bf022ea06ce6306b2ca6b5ba2781af87ca2375860315c83ad88743030d148ed8d73194c461ec1e84c045fc914705747614c04c8865b51da94f7" + +SHA3_512 short #44 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"2745dd2f1b215ea509a912e5761cccc4f19fa93ba38445c528cb2f099de99ab9fac955baa211fd8539a671cdb6":"4af918eb676ce278c730212ef79d818773a76a43c74d643f238e9b61acaf4030c617c4d6b3b7514c59b3e5e95d82e1e1e35443e851718b13b63e70b123d1b72c" + +SHA3_512 short #45 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"88adee4b46d2a109c36fcfb660f17f48062f7a74679fb07e86cad84f79fd57c86d426356ec8e68c65b3caa5bc7ba":"6257acb9f589c919c93c0adc4e907fe011bef6018fbb18e618ba6fcc8cbc5e40641be589e86dbb0cf7d7d6bf33b98d8458cce0af7857f5a7c7647cf350e25af0" + +SHA3_512 short #46 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"7d40f2dc4af3cfa12b00d64940dc32a22d66d81cb628be2b8dda47ed6728020d55b695e75260f4ec18c6d74839086a":"5c46c84a0a02d898ed5885ce99c47c77afd29ae015d027f2485d630f9b41d00b7c1f1faf6ce57a08b604b35021f7f79600381994b731bd8e6a5b010aeb90e1eb" + +SHA3_512 short #47 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"3689d8836af0dc132f85b212eb670b41ecf9d4aba141092a0a8eca2e6d5eb0ba4b7e61af9273624d14192df7388a8436":"17355e61d66e40f750d0a9a8e8a88cd6f9bf6070b7efa76442698740b4487ea6c644d1654ef16a265204e03084a14cafdccf8ff298cd54c0b4009967b6dd47cc" + +SHA3_512 short #48 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"58ff23dee2298c2ca7146227789c1d4093551047192d862fc34c1112d13f1f744456cecc4d4a02410523b4b15e598df75a":"aca89aa547c46173b4b2a380ba980da6f9ac084f46ac9ddea5e4164aeef31a9955b814a45aec1d8ce340bd37680952c5d68226dda1cac2677f73c9fd9174fd13" + +SHA3_512 short #49 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"67f3f23df3bd8ebeb0096452fe4775fd9cc71fbb6e72fdcc7eb8094f42c903121d0817a927bcbabd3109d5a70420253deab2":"f4207cc565f266a245f29bf20b95b5d9a83e1bb68ad988edc91faa25f25286c8398bac7dd6628259bff98f28360f263dfc54c4228bc437c5691de1219b758d9f" + +SHA3_512 short #50 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"a225070c2cb122c3354c74a254fc7b84061cba33005cab88c409fbd3738ff67ce23c41ebef46c7a61610f5b93fa92a5bda9569":"e815a9a4e4887be014635e97958341e0519314b3a3289e1835121b153b462272b0aca418be96d60e5ab355d3eb463697c0191eb522b60b8463d89f4c3f1bf142" + +SHA3_512 short #51 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"6aa0886777e99c9acd5f1db6e12bda59a807f92411ae99c9d490b5656acb4b115c57beb3c1807a1b029ad64be1f03e15bafd91ec":"241f2ebaf7ad09e173b184244e69acd7ebc94774d0fa3902cbf267d4806063b044131bcf4af4cf180eb7bd4e7960ce5fe3dc6aebfc6b90eec461f414f79a67d9" + +SHA3_512 short #52 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"6a06092a3cd221ae86b286b31f326248270472c5ea510cb9064d6024d10efee7f59e98785d4f09da554e97cdec7b75429d788c112f":"d14a1a47f2bef9e0d4b3e90a6be9ab5893e1110b12db38d33ffb9a61e1661aecc4ea100839cfee58a1c5aff72915c14170dd99e13f71b0a5fc1985bf43415cb0" + +SHA3_512 short #53 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"dfc3fa61f7fffc7c88ed90e51dfc39a4f288b50d58ac83385b58a3b2a3a39d729862c40fcaf9bc308f713a43eecb0b72bb9458d204ba":"947bc873dc41df195f8045deb6ea1b840f633917e79c70a88d38b8862197dc2ab0cc6314e974fb5ba7e1703b22b1309e37bd430879056bdc166573075a9c5e04" + +SHA3_512 short #54 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"52958b1ff0049efa5d050ab381ec99732e554dcd03725da991a37a80bd4756cf65d367c54721e93f1e0a22f70d36e9f841336956d3c523":"9cc5aad0f529f4bac491d733537b69c8ec700fe38ab423d815e0927c8657f9cb8f4207762d816ab697580122066bc2b68f4177335d0a6e9081540779e572c41f" + +SHA3_512 short #55 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"302fa84fdaa82081b1192b847b81ddea10a9f05a0f04138fd1da84a39ba5e18e18bc3cea062e6df92ff1ace89b3c5f55043130108abf631e":"8c8eaae9a445643a37df34cfa6a7f09deccab2a222c421d2fc574bbc5641e504354391e81eb5130280b1226812556d474e951bb78dbdd9b77d19f647e2e7d7be" + +SHA3_512 short #56 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"b82f500d6bc2dddcdc162d46cbfaa5ae64025d5c1cd72472dcd2c42161c9871ce329f94df445f0c8aceecafd0344f6317ecbb62f0ec2223a35":"55c69d7accd179d5d9fcc522f794e7af5f0eec7198ffa39f80fb55b866c0857ff3e7aeef33e130d9c74ef90606ca821d20b7608b12e6e561f9e6c7122ace3db0" + +SHA3_512 short #57 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"86da9107ca3e16a2b58950e656a15c085b88033e79313e2c0f92f99f06fa187efba5b8fea08eb7145f8476304180dd280f36a072b7eac197f085":"0d3b1a0459b4eca801e0737ff9ea4a12b9a483a73a8a92742a93c297b7149326bd92c1643c8177c8924482ab3bbd916c417580cc75d3d3ae096de531bc5dc355" + +SHA3_512 short #58 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"141a6eafe157053e780ac7a57b97990616ce1759ed132cb453bcdfcabdbb70b3767da4eb94125d9c2a8d6d20bfaeacc1ffbe49c4b1bb5da7e9b5c6":"bdbdd5b94cdc89466e7670c63ba6a55b58294e93b351261a5457bf5a40f1b5b2e0acc7fceb1bfb4c8872777eeeaff7927fd3635ca18c996d870bf86b12b89ba5" + +SHA3_512 short #59 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"6e0c65ee0943e34d9bbd27a8547690f2291f5a86d713c2be258e6ac16919fe9c4d491895d3a961bb97f5fac255891a0eaa18f80e1fa1ebcb639fcfc1":"39ebb992b8d39daae973e3813a50e9e79a67d8458a6f17f97a6dd30dd7d11d95701a11129ffeaf7d45781b21cac0c4c034e389d7590df5beeb9805072d0183b9" + +SHA3_512 short #60 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"57780b1c79e67fc3beaabead4a67a8cc98b83fa7647eae50c8798b96a516597b448851e93d1a62a098c4767333fcf7b463ce91edde2f3ad0d98f70716d":"3ef36c3effad6eb5ad2d0a67780f80d1b90efcb74db20410c2261a3ab0f784429df874814748dc1b6efaab3d06dd0a41ba54fce59b67d45838eaa4aa1fadfa0f" + +SHA3_512 short #61 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"bcc9849da4091d0edfe908e7c3386b0cadadb2859829c9dfee3d8ecf9dec86196eb2ceb093c5551f7e9a4927faabcfaa7478f7c899cbef4727417738fc06":"1fcd8a2c7b4fd98fcdc5fa665bab49bde3f9f556aa66b3646638f5a2d3806192f8a33145d8d0c535c85adff3cc0ea3c2715b33cec9f8886e9f4377b3632e9055" + +SHA3_512 short #62 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"05a32829642ed4808d6554d16b9b8023353ce65a935d126602970dba791623004dede90b52ac7f0d4335130a63cba68c656c139989614de20913e83db320db":"49d8747bb53ddde6d1485965208670d1130bf35619d7506a2f2040d1129fcf0320207e5b36fea083e84ffc98755e691ad8bd5dc66f8972cb9857389344e11aad" + +SHA3_512 short #63 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"56ac4f6845a451dac3e8886f97f7024b64b1b1e9c5181c059b5755b9a6042be653a2a0d5d56a9e1e774be5c9312f48b4798019345beae2ffcc63554a3c69862e":"5fde5c57a31febb98061f27e4506fa5c245506336ee90d595c91d791a5975c712b3ab9b3b5868f941db0aeb4c6d2837c4447442f8402e0e150a9dc0ef178dca8" + +SHA3_512 short #64 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"8a229f8d0294fe90d4cc8c875460d5d623f93287f905a999a2ab0f9a47046f78ef88b09445c671189c59388b3017cca2af8bdf59f8a6f04322b1701ec08624ab63":"16b0fd239cc632842c443e1b92d286dd519cfc616a41f2456dd5cddebd10703c3e9cb669004b7f169bb4f99f350ec96904b0e8dd4de8e6be9953dc892c65099f" + +SHA3_512 short #65 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"87d6aa9979025b2437ea8159ea1d3e5d6f17f0a5b913b56970212f56de7884840c0da9a72865e1892aa780b8b8f5f57b46fc070b81ca5f00eee0470ace89b1e1466a":"d816acf1797decfe34f4cc49e52aa505cc59bd17fe69dc9543fad82e9cf96298183021f704054d3d06adde2bf54e82a090a57b239e88daa04cb76c4fc9127843" + +SHA3_512 short #66 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"0823616ab87e4904308628c2226e721bb4169b7d34e8744a0700b721e38fe05e3f813fe4075d4c1a936d3a33da20cfb3e3ac722e7df7865330b8f62a73d9119a1f2199":"e1da6be4403a4fd784c59be4e71c658a78bb8c5d7d571c5e816fbb3e218a4162f62de1c285f3779781cb5506e29c94e1b7c7d65af2aa71ea5c96d9585b5e45d5" + +SHA3_512 short #67 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"7d2d913c2460c09898b20366ae34775b1564f10edea49c073cebe41989bb93f38a533af1f425d3382f8aa40159b567358ee5a73b67df6d0dc09c1c92bf3f9a28124ab07f":"3aa1e19a52b86cf414d977768bb535b7e5817117d436b4425ec8d775e8cb0e0b538072213884c7ff1bb9ca9984c82d65cb0115cc07332b0ea903e3b38650e88e" + +SHA3_512 short #68 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"fca5f68fd2d3a52187b349a8d2726b608fccea7db42e906b8718e85a0ec654fac70f5a839a8d3ff90cfed7aeb5ea9b08f487fc84e1d9f7fb831dea254468a65ba18cc5a126":"2c74f846ecc722ea4a1eb1162e231b6903291fffa95dd5e1d17dbc2c2be7dfe549a80dd34487d714130ddc9924aed904ad55f49c91c80ceb05c0c034dae0a0a4" + +SHA3_512 short #69 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"881ff70ca34a3e1a0e864fd2615ca2a0e63def254e688c37a20ef6297cb3ae4c76d746b5e3d6bb41bd0d05d7df3eeded74351f4eb0ac801abe6dc10ef9b635055ee1dfbf4144":"9a10a7ce23c0497fe8783927f833232ae664f1e1b91302266b6ace25a9c253d1ecab1aaaa62f865469480b2145ed0e489ae3f3f9f7e6da27492c81b07e606fb6" + +SHA3_512 short #70 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"b0de0430c200d74bf41ea0c92f8f28e11b68006a884e0d4b0d884533ee58b38a438cc1a75750b6434f467e2d0cd9aa4052ceb793291b93ef83fd5d8620456ce1aff2941b3605a4":"9e9e469ca9226cd012f5c9cc39c96adc22f420030fcee305a0ed27974e3c802701603dac873ae4476e9c3d57e55524483fc01adaef87daa9e304078c59802757" + +SHA3_512 short #71 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3:MBEDTLS_SHA3_512:"0ce9f8c3a990c268f34efd9befdb0f7c4ef8466cfdb01171f8de70dc5fefa92acbe93d29e2ac1a5c2979129f1ab08c0e77de7924ddf68a209cdfa0adc62f85c18637d9c6b33f4ff8":"b018a20fcf831dde290e4fb18c56342efe138472cbe142da6b77eea4fce52588c04c808eb32912faa345245a850346faec46c3a16d39bd2e1ddb1816bc57d2da" + +SHA3_224 long #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"31c82d71785b7ca6b651cb6c8c9ad5e2aceb0b0633c088d33aa247ada7a594ff4936c023251319820a9b19fc6c48de8a6f7ada214176ccdaadaeef51ed43714ac0c8269bbd497e46e78bb5e58196494b2471b1680e2d4c6dbd249831bd83a4d3be06c8a2e903933974aa05ee748bfe6ef359f7a143edf0d4918da916bd6f15e26a790cff514b40a5da7f72e1ed2fe63a05b8149587bea05653718cc8980eadbfeca85b7c9c286dd040936585938be7f98219700c83a9443c2856a80ff46852b26d1b1edf72a30203cf6c44a10fa6eaf1920173cedfb5c4cf3ac665b37a86ed02155bbbf17dc2e786af9478fe0889d86c5bfa85a242eb0854b1482b7bd16f67f80bef9c7a628f05a107936a64273a97b0088b0e515451f916b5656230a12ba6dc78":"aab23c9e7fb9d7dacefdfd0b1ae85ab1374abff7c4e3f7556ecae412" + +SHA3_224 long #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"ab4f9d765085ccb474be6e2369568292532f6fa4dd9c50d02a7d8fab0fabb56a7f9680a2462c3753fafd3a252f9dddf1eb4a76835acfb59fc2a83441b8674f2995573697245e40549d2883f1d781a153b903e470f2f28e53e9646a66f7a5a7f0d5d9e6dd50e392be44867010c7ca77c1a5a2e1f00dcb82f589f759a1332b65c62766b9fa3483d399d7602a0969400642976e948d13243a8b89aa287ad5c230b47344d7783606aced3dfed86424abf7de77b026ce6cc35d20d1c500794332b0c1a1bc67dfc033c4c360a8a3aa5fd2f19d2db1bf3b807094b949900827e6438ef5991692b539d3c42227a6b362847e9d88a1b6855db7f58760d953690b26bd7258439a7f8409ae53137a3f2f14fa77a2a6bc0aa3bb7a19dd1c69554aae6c6703f3879057d3978c1a9d41bd3f492985aa0064f43fde2fa33ff6e1dfd4961e0aeacd4e3f412b4d35c0c864660d8779705a9c82bb824c405c54f429392e4da66ecfee7ef066139270ee9ccc83be5952ff5c84ffa8938f130cc52129ab825b6a5b585f01ebed13ce074c225f5b7d441cfc58c0c1039a2f127b3982ca7df546d4993027bd78ffb36ac08161063870d23f2df556b214":"d61f04985026eee29d0f9700f8c5aea32ec2c23b1a9357edeb2be20c" + +SHA3_224 long #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"1050e9023d6cef2477171a5af4875e12763dc68568ce1d9629e9eefda896b0a431bc3a5186e67d86324671a61afb5058558f03303dc4d98dc6907fbd0f662d6837b71d2b72b941835c6735ed8dc9734b6d75c68a49560182a7acf01dd7548fbccb4a7ad6296ca5e29d804d7874792eb367f6f7d9b40cfb3e7445296528e83e69957b399bd2870f6d9f9ba18ff893eb57ea1a7e66a66e3089d46412dd29aba2373c5442c29592e9ea07bf197941a011009fea43794605082a6f0f93cd032423ed69dd7d939b169a2280f59d80762808762d6d2e5abc58ecebee51947cdddc2a55c31dd3560c9b8addb04415eabfb137813eac285031ef4292f92ffd33e0591d35f31c2a5210a721e33fb4690045c508e977ad17a4cd5373e837b3b63a34256656a0e26cd0cdc4c7fbd64d810a30ebe275827ae59fb70be8b551e4a7d900c86b8073787f186e79e4ef1d184550a8ac2def071b7886189f08c1eecab9586cc8967a13e54d72194ee085bb1c9e19d48e521dad96baa417983ad3b76ed2fea2af4e0e2a31bc26f7cc2386596172afdc1bb7c71df59140dd7de8b554d7db14c704fa025d65b67b2f7a15b99ef0ab58e9dbc5b7ff40e7a191d6792d6c0dbde20650041f568722bae9e11fe833d02f5d2355e4b4fa7da3105c2c5504a7195eb0851ad32dbda2e72c4f87a7d9bf09e806b1117d85b6b6add56605e402af02a8c66ceacff439bbef1686f61755eba4bc9abb97f6f3dcf2ed38d6ec8dee29d0826be448603b73dc21c3b9b6d5245fa895636b70b9c6143a4b81d466bb91c08cd3e915bdeecc130c65":"5c029633dfd4cd9b6ce97e1d20783a41cd2235b03c38832b90f759ee" + +SHA3_224 long #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"a63ebf8f97c6529298e4d4b573ca01d65d6758837bdec40fa4367ce56953281d5225454d6b1fcaa2ffeb0c2fa45cdf8477a4fe83a9c7ad6f3b4f9c4605420f51fd513cf9b652f4dc27f08620aea1e10755d9f8c4537e6b8ed69b63f2ff58bd6d2e2a6c3a81471869975d0b319a834e877c700fef80ea4693fd8299925f7f7c9a6e189cb9d3e67e70d798630a6fe9702b76cf0bac39f588a6386c05cd2b9e92004483961eb4176e1a700b565235ba8d1cc960b4a2858677f110c1704c6d9c48c638d320102cc22f8fe91cacb1f4e0ee820089d27a6c865d990ce9a2b72c63e615d270033744cf0af6ca352cd1b542db84a0b42cdcf6db80c9b54d63b571dab4149bc2073c032647779cbda0577fc89b4a33488b6e2c6e29a791537bee43e9faec1a32f3c772af2e3ce61cceee5b5a78fd41adb7db15279f5b2a64b10baa78ffc4d726917f9753066a30b97e3c50e0b8c5504a78c9b9ee2c0e08e9ceb4ae6f0cc55b07a70d7cf8192c03fe7ae96642a4c9ea8996e121ac16e8b1489b9058b669162d3efe182987ada8e552899ea568843296d1d8ca5447a610afebdd48af365ee1d6315e49a4e90b06611d7203163ba027dd8b072c5aa924af8a385f83bbd5334bdc4a8e48f7047b6ffcc8febfc0a13fd1451debb13cb8d8ecc899e8ea857c2f7ec9f058bc2ac2440b40b9f57bac83ab5858f04cff015e09f0f3753f2514149ba2248a824e430ab001b4591fdee0ca2ae39e6cf2beb18201e292332ddb7183bfde7682d5a54cc3057ae0104391665c059a9ef9a597550c06eb2e3d7ab4a2b3e35b463f196a4cd78c9d4d472b3b462384a6e0002c31f4e361334efaee5ab18a4f411c2916444c2d8d9382649d858606ee2fece7503696f15ae17ad25072a5f24ab780a893dc53ad508307d1621630ec8d5c4b18d94b431d381e3b2d6aa787d21ee5fb245ad9693f1c9665f442984bbfa75684f98f1a044f45111773029e5e1111f4140531e496cb3bf3233704b0e06685451ff4394b":"c09d926eaef34cfacc701434da80c340337ba48e8b044b1a60da9cda" + +SHA3_224 long #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"0f625082eaee9f064f2501022e4d7df85310de128b17fd5a08db3e2d06b85dedaf446bf73cde13d55e8a22b4dcfc47187df216ce28c753234a456e5378bc4a4456504274b7976e3005642208e4ddb87f12d490079154542c0979810f68852316cb31e0e2a14137810d5b0ae58d195a95da5d53a30fe588de0c1f7f481d3e70cbd78d4a274303f72f3f18e13520d8b5c39c36678ce8a276a11dde71e8e00dbacb420d8a2de50635a26143afdfe5414f6f2206d4a864b4a6de025e5ed6f91a877dd458a6dacf7279423b847dcb247db2033276a2e1cd43a0fb84484efab08e624b5417a918486e4c77978152e125b366e5952eda1d6976ed626b44493c4c91d09c8cf198ce992234a93be536092f0cf17f13d58446827614797ff95884174a5bd9428f7de40bb7bb40f056312b8cb0dd377313a6435e6b9daa881082ba57e28a683f985f41e45569a47e7c4c2f82c6b2777f924afc457c115c4d30d0c65581e5b24bb547cf6c23c53dad018efd5a77f6a6fdf7775981d1f6f697024890594df51f2d8e3c75ed4a5774458a007d5cea332bb6ed36425993d7e22e2ef501ab714118afca461badf2a7af0dc2a898cf48f070721a8e9f14ea3987da5bdcff9213520397116da9f5413e57ce4e9034fdb8b6dcf8268758fbfda64d63310773585cae49ae0dba080d62a3d550d9c03a2c630cd712ba295556f5a59c905a7d464373df53bc64341e3d7b5e8f5b093e93a5707ac9867e7d7f6df9bfdc2a7b465e9c806d8889bee4d4cdb5f8efb7861425b008881a1d198abc87327a75f93f6ba5aaadde4fdcc4d0130437f85c2bf94ada9453bf339f3458f5edc861d0c54bf302b720bc127f1d02c12c2ae63e810ae6999b78a67ad476f013e8e2f953564ae65c09018e38387282c78bb54bfc7f60f2490ba0c658848859fcbea8cc6774e24c9de979dd29d06b560e6901ad00eea475d42df2a53676119b9ab7436175e6bb2eac9fb0304c0faf887d103597b1957d78214997cd7a73babfd31ddb40e3757e937173cd0f0bbce720fbc77a8e773e940218a7b6c68e432bcc913697f21ae9d384d4adf802cda1ba2472d5f81cbaaf901ba18e7816d8ae0bcabb4ca0fe830a6108bd945b92fb84d19ec983d6c8e2b11bcba4480547c27c02c239a51eec859fd12714711b46fb2ed395e8193d1a570cda1b091b84e1b274babbf38938458772cae9c18c63a736676912b7df":"f62851d28512913aff9f697fc17bf46fe4a2548899f29af5d0c412f6" + +SHA3_224 long #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"b7b8ac96733943c648cf833e75ca4dee7bb6cce48130fbbff6f96867784937fbf566690b10745f08c68f99f85117c46e4c4bf4ba191a2e5d803529c098695525eb2c1dddd57669bb2dd268ca27b48c3b790dd6a1bd1d53611788e76317ad490ee1334f748be46cc9c6bf771ac148ad3b4a23fa0237e174b2041a28babdbc1aa01ea28738fa696d19d97f4e51e57c305807b6e8434d0f983a8f12772c523fd0c1eca24e91e9ab7693ae3975d85cf81c79f7ed29cec84fc8e0ff9959219ddd745b915b2ae721528e1f8c167515ee63798663f144096f480b8c9ed65801673f0d5556f4a6a26b07bea5bd3ed4726266506693e9c15e0ca36926b2f2fb35780ca3978396472a8d720d0d87d81d5682a8a803cffe29346507ea978414ca2398ed3f09606897e74f3a833f330cd52914d289445f5802f2441d97c55c654e348f8ae79335931d427b07282408048652e18bfb118a1ed7026f8d7799820d0ed0248aa61d493e61a1d78305a250e5b73bb17c07529a792dcbaefe92fb3d3393602196818fe592ec6d2d5421a251daf14b4c4cb4efd5908eb5cb19f1d4d6ff634a4c5582d151b7450f4322840d5508bbea79a40bd1848c81288c859b0a959a08f86d70b0cbd5d4f4ede19637c9a29a9d80022c12deee948f8cbbea9887c22c0ad04e8e1366b9118271d15741c080b61f75ad8bd3ff5dd13e491ef2f131a5dcef3cb658b48844977602da0eaad83985ca32436a561d176a19c77e43adf286d341a36c759a1abf8e5807c3637bfb142e251d8b70a11e6588a56fa285d4b1ac39876d398ecd05721eb1ea55fdbb1058d9b99f4f46beec8f536ca754616f5660354a01e54b562fa56d0712588572ff4eb00c215593b56dddf2f5d85a7e85c8eaef11c938533c82a0a6e5e794a2a8b03ed8a80966008c8b978ec86b7d861ef19290642cfa4f87e5aaefd0d1d0fd660a6f7c15c04a354d2c044e6ec6851e42b8a040cb92f2e6403f0d705238d63eb3f72bc2d9afc9d9003a6d5b6e533af0fa055b26cf63e9c16e7a0f53f2846c0c985fb8d27e3dab94ab9c1adc507964a44dc00c6bf708a788197df9bd391d5b0f1c285fd58cd1b710583a53fa9d9fcae244d2fb36cce7f4e2493013d8ad6c6af0473b68f389d5b6f20efc60dddc2f3551e62170b0d5699877077ba4ccd8d7635721801b53ffb071e5d6ca88ac95906d993b96b3019af65af05a46f6c142c70cebb3dfc01e75caad8fb78c1590502a3a634b190b50a3f703f54b794fde71a52f5504419e7b748b3598b92a4db0966564571f93c2c579d25b2de1fcf84befd7923d1c8cfe93835bd0a9e48c7935eea9b21cbeea1e8aa3f12a4124b7393144c7fe4904aa288e2aa2456a419be046e15eed5b300868c4a9ba38d81c9359b8f6db3a24c3816493f1c85d82d73dcc0cf6ecddbb":"e93d038156082ba508def0a26ea9172930f546dbec5b5652928a28c7" + +SHA3_224 long #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"b7174dd7242f30f5bcd81cb23c6f52617ff1290845b0f8b4344b36101cdce0367f731bc551c41b34fc1c4366a79a8e7eb89b2df4977672e9b56aecb7ced4d4cd6ba5a7baaa14158741901a4ac1f96bf8180f137b5a2b5e04c12df6a3f2b54c15819639ddb887e696941ce98711f5b078a73623c4153685b05d7c9bfb10e711b6cb2c195602865508fca8f7441ff727a56ef6a5f85001af93933f25e8b0d2eb5951508f4e10772b85821c8daa746596287438e03e94f3a3556a5eda915bdea1a61aebe2ed6bc330b72d60f3e197a8c6a8c2e51dbf67742b9febc1031f9873fd442ee35b5a9ad32c43055d711010297fce5ee3a4a254ec0d191c50e7b9f0f9c5dc952242be250ee7d412f94f5f684f8842521cbd10e0c3126a07f4d088ead8c215578edf4095db28105d1dd4f72681ababa676b0319562023ab49304b30e78bc987d11790971a4b99fedb24900d229aeb160dbc42cfa2fa5332916cc63e4417b0c0f92594041d0602aca9ef6a1f5ae5afd8a32422a9793c3fb706670c0f59cc61a13f8c80e8ec7e659fdcb2303167877372b637252f5f7233a916938f1c8ef666a932d0c9bdef013d38d1f184ebdefcd074c559ccd9bc18e9992096c1fe5a324a396186d0ebcb5ae4182841ca9727b2313f4f208c2115bccbf7d2d5371d521c66d25a1358fad7d814ae5e1793cbe8443062b21fe5ae02ba55659bd36101fd0147247b0aa483bb15297bd1d75302872f386f9cac5bd8f9be1032fa05d234b17d857042d165eedb7eacf122259ad39adfc3b67d5a612a611477006c010d3e260d8c76400bffc4bf8119becd76dda779d26cf7c2be981aef7a045e60497486b12dd687012ee48dedc8ea35424f8e06caa38e741b2d6342eb4b429d85439a96e94afe22f49ea6a2dcc2b8e51f144e7a03dfc2ebc53b450aeb04bc5e298401e735016deaa8efd8bc12eae05ec2697169abc3849f7f7cd00b6532dc10fb8f2d103adda04e7ca6dd3206be0af2cac3a95e291b5e3fa84676acf0521c4649d98e7a513c2fbf0e38369d4ec89351969758d00223ba2cbe4cbb6802ef176eb2d798be2ea986ccdc387766518713ebb468f267cd9922e74fd410d52366381ab51dfe3419b22fe8450c12159565f731b2bd287df1d8130fdb91097cc85408aacf210174a8c295a1f7478933a101d7b400184d9b155d1506cfe827b76834f3cf7f6555085267427a515f6f38fad710032aeee4378eb4a35cbb6dde2d8995a3c9347f6b67bd1cd0e1f1d816ae19524a7fa1c58eebe46b48821c86af37b2d273588cb3b70b3f6fab794736220b72ffe1a9f3109010aced7f0771c71d7e6a980cddf6c6ca7b5fbc4c90cffe13c99e5c60129d74ba5e5eb7b16d49a3ab5a1732bac9f10d0820a4af3ed90a945e70f1e4603a1f56402d60567a1402a0cb635f5f07bd0a1b02a39494fca2659d848a24344c90e739d3f6584643ac4b43102299599e27a0654c6ca629f09d9f7e088d9ba89fb78383e851ad03a896620efc005bdec88a627047f46fcad51ae6ba6ce3decdd40e72e8ffb7e51b13530568f1852d4b3165cec087d347e3f4baf9d724355410740643cd8ca187090e72a3e58339642b433a23da7e71c521e9ee3768c0ea922d1":"b5151a41c59cc98cab7b493dae476f5a2d8b6dd9fd8ff982eca3907f" + +SHA3_224 long #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"a51ee3b7c42fae9e771e085d14fb8eacc2653931db58e1f79547ff1de26bb7cb945a166ac5db981576f9ed4a7656fce686c22950ba0cd3f4221821f3aa32ff183fa2630f3381d5d1e3cb2e6397b5a0c0a940f614ea0e1d2a4174e42895d2007aed1f530cd6c86ebc06bb540f3ebe802275062ae43205c7833a83cf246bf0c2d7e8f96dca76596abd26f2e6b5351ca6f5303d4c2a5b9ad7e6546c6a4ff4374e19765739b1dbdbd1bb8c976cbf42751a1f230ce54d2e74573ad8583d12f74cab26e061402accf7aba081d36e942e72e28a969c7cb5703c4e690e6ed1d33edae1e86e41099b135501534bce759cc0ba081cd01499caec99c55a3ed7adfb8f87f945671c1d6d769cdabc32af083fc2f694bf1b9dc5f36934c3f5b0ba59f3b3fbfa27151d0209be753fc3809fb0e5facd8c5abd5f869baeb45022ac405e2272dfec75be6942d5b38737507bc5f4f632e8fad5ff81672784c274c9799143ef93dbd817ab2b653b1c7bca4b6d4a5cda30eee518292ced00b30638d260d490c4e096c5f42489f1a2c2f8009c9c5570f9bd88560a8387a28e0327a325a932ce081fb9bbf670ab70726ea7e22b510fb9bca05e549555bb0d393ccebeab9cd2842219ebc204d9ba6912e62f77e0d39fbe89a317e7a0e6efb66a25a2904a80dd3a7c96d5e306a5de65ecf23ac8a46c2e07c98c5b17147f4c2687874c21eb9f7a787d5e1f25e51d3eeb675c6ddb5d62e41de524d4edd768fae4fa2a7379773fd2c78d38709187890383ebeb72baf5fee88743332870d2e9207829d6c0a1d4a90cae14ed702dd53154b5e066f16d528863cd4d81ffa9ed4ae66b7e53daa0ec2551b67a46c803b75c5a0aaf9691fa5e487c786ad5029e11d275445f686b7ea5fac9652808201b16543d09be43fb6bff855c0f01f8d85924caf58b36df1843e9729b4684fe1f7bd85f243b7634d7c81f892a1a7cb32ae20f7a8ec96a7e8bf89fd3f0def7ef6e2de7c637263f33cc17a59a0f2242cca03fbb2a6684630e6ca5af66efb7eaa2b53929d1a05482068262790133aebb0be17a0f22a847895662500073c158c3e09ba588c7844da576a2b08306bd464f3a969bf2a97a97442016037c428d49ec71c87bebf20e97124bd40aabf0d672661f66a84e0904fefc3230c50a1a7c13cb1de5c3399863bc2f4dbf77d909a5bb6884faab0a886f031955579f9245b63dcaac9a835c02ae4466440cfff59753a8bd2ff9ab0e6fe32f03513397fd09624f4fe58ec53b7815b51ef762aae7e307c2cde80cb14206870822ee6db831afa8d1c4916a90be41c099be2f6a819735ea8f0179dbc48e948418dff4ad07177eb14c9078d5edcda7d877b0b4cc8bedd52499bfa90decda6302e7a02a9a8e97c0a5481b6278e250f085d85b4e2fd0d20adc68703f4b310eb928fbce59dd549abbac4bcd17fa7a2f65ee4327c53b592c1d3a827d043c9c12df1eded2491e6106b9ecdf0e5e05ba524e3c407ce0992de55667714cc08934ce1d0d1812c204bec500908b46013eaca2f39657c268f154e3fd8bbd473ad9022aba1d2ff88c3772bdd8bed8ddc64f57059b25116126ead7105acdecd53cd50c0f0075adeb6e6085d88b9e4c3b76e0c3649011f5c1df2dbd52b556885d8c255c63353e1a52322700fc605a71c8d998f9a818818c4b5e620e93554e1949f370fa10a29ffc979e33ea139e17cfedb62000b77c9d5c656a30d3ba83dc2500395eecfc8fc1dd217b2d4b048e00ec10d61fe07b048fef78ca3f13af872836ea26983c1143cb445890bc2bb7783a529b023ea2dbf77ccded4738d65aa95bd36f82c6f23508e6baa4a7899314":"92219c95e8983ffddcd73fc9669ddf1085eb87fdc3f2a8b707fee881" + +SHA3_224 long #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"11964921b3db3564118a0f62b02225c3e7b21e1e40a6836d20e17ebeab0ce12be22d690b0e7b456a6271d2b7dc21a9bd6ccbdbd558ae7b59df1e5d5b1dd71e972e9164a796d46776e00eb1f786e3221711c436f081c38b3fefa59d187139d4d83ee9c25c138fa570d58a348a771098b91ec5b8d8838db907999fc55c71dc0cd55a5e09914c530740870ce3d97751138bdbf8e7f526b60f9925345e8ee365ce76ca18c3b00ac994cf3fbd474a4e4e9c748f834eaf32e395dddb8bef18907f20a3d53e77201599540344c4e746c3ae3a5f848e726f6ebe52bc03cd006140d00c44c4f8ae49356a4fc5e04a4b369f19f6310042dd9ba3ef4e1ce4211ad1ba009941df70ef9332e48efe5977fc80aa39d7d34cc6169d991e91e7c7b0c4d0c8b8cf826ecbc266d3b01894f872818eacb3e52db043a5db18f22403f4a286c630a0b7f0b934af2ae176f571056462c66d32282773e113bfe8130e5ab31ee81bbb5f587108d13f4725dd2e7bc8742892b45ca9aadfc7e6afd02a57d24c4c7337319ebbeea2caf925648eca9c88cb5a594bd96f9c3a1ea9159adf08550655ae835a04e650d048662c6931d1bb8f908082f85282e7cd0de1580cd927ca2b612165fe3ae37dda730cc5fb6d4cbf23ec2377846feb71e0bd18e0efc1bf1801975546e4e7ba5f08727556e1ea42928d07ca9fb7d7b124bb56d5150a3ed529d120d18fd5b471dda16e2949e451bb1b1508fd625833dce6a5ffa15f27f973e4e2241da6994812deef8eae04cc4abf4202184428312a75a1e8e003260c99a0317ecac2f5f84da44c38fb8ef1617c57ef9e5e28590865823cca2283d282c765f8eb3a47e2ba68300ec5dc51766a908a0a2f03305da68b0e9f94eda9cb512bc921729d34d7a643bd0cde5a7dfdb12d617bfe2ee59dd3451eb28d68fe79416cd4955b1b123b8586532ecb9d9cedfcfce22a5308cd7f563bbc5dffbc09451a338e3aeedb68761fd9fa5cd3cc35ae14a5170076b9726cf914ef8830105295a32700f97306bef03ce2bb7e3f0fd1a8c1cf08e3ae685ccd8279c01b698d62d2a5f131bb31c39d10a44c9d7c5790f743ca22bcbc443d1108ba1135fef25bc065e9382966713b8b401ebda93e63742fe7f9483b7480611b876985591913a1f4b434a5f1e37b9512e874dde6acabe602fc14e68df1aafc02b0577c31541488872951e0901b97faba6e6c565caf770cf6eae4a7bb1d0a354ced4b9fc7983c37002b06900ef50d920a3bcfcd132d0e0e95193130cbdfe83583a50f9622cbd5d6e7211d5d745824848ab764ed140fb91567f1c32cc81e8b242e3f69084ad7258fc5755cf1c92e25f9c24af55b663ec049f3db6141b7c43c29d625229d48a27588218e8cf1155e58183b5d48c211a16bd1c13dd517a2b8436c02be02fe23160ce983d4750860d0050a7c5627c81e1f01d55980e55790e2e8163a72d0d3e31a34db73afdedcb36c74f60d9f581594a2cc7f440d5aa98a2a734f07a956c3919533867a879015151aed05779ea3527b1112f5094bfbb497782b3eefcb5a77337152111fc4545c8fc2b75f41bdd227db531c5f30a19221bfb4590c7c40a597d495d9a4ebcef059284c1b2bf363ab3bbd5232e64179e5970ac645e03671ffca79e91069650e2cb3e8a0619216f7f83728f59cb2c53abebf819637e3a4c42fb82c553e8515ead212d7a6d1bb31e37fc22524a1ea444be3412b0d773d4ea2ff0af4c1ad2383cba820fe47b2cecc8e0985bbc78ab644161cc411114c15bc743568da15a369381a788264694ef56f605d28f2c79f3f4f0233f0398b009377a09a79e439697fbb3d08e311f5eb56a3c14552d20a28adec77ee6fad64d9e10690f6e61c15478e949e20e90ed4d219ef1987ab64796d28a4dd17e675822024f1aa11568a9284be4ca38a3c62ec4b67dcd0ecdcaffcb6d7fd9d740097cf1c87c158b27235966a366ab60d8515279d68f14e3c8dbb7c4ae2811dce631d32172ffd01a3e2250a3f1f763e706c306c1243b6fc3f6591df7272b8c6ecb70e9257":"c7ed1c52072e982a7ada5351119d4a03ef04b483c95ed386d054642d" + +SHA3_224 long #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"6c4688c2c4a18eaa6010b613be6a8935c6494b13fd6bd001fb5892641f4500ba813918da286e377c7efa30fb00ae9c5a3a3f7286f3a3d8daa5be38e8303e9577cec420c84a44061e6dae8d7cbace5fb15b7125925ac9588714125449eb76afe93c2ec81591eba3971774f41e529079410f268dc19aa3fb0e329c100dbab5f419b1c13a48642ab5ef62938d6831bd93123fa7d29a1bfa6679e5a392be04c20c0e16c39be92dcae42e385581e2bf1d542dd43d1ba5469544d0177102e33066a0d0547d16805394da5d8000f81464776599b42e906b813e3b19af4c8905a86958685137d0963e4d3c8422dd198789946d5ec9c25b7335bbf35e957d4fabd393dbddf739f4b255c0b5a905340dc2943d1585f943a145cbd516a6b14c7b5d19abd2372dcaa85d02b4ebd6134dfc4def3805152ef78d6aa95449faeb0035a4e27be47fda33141eadf08612336f0db1004de4164f284469390036612be3a70696c9babce8bd627dbc3d2f664de4687531465b91441cf1cae2a185e3593bf60d9d5efbf63eadb70298638ed84af23621e9ea118cf51bba160bfede885d514d4160025035c44e3e36a92a4a7310e29f3e8f00af124a6fc7d41ee0e7591f6dd229457c618262e71ca0575a0b3c88fcca538d51dc282b5f418c820f4b5d87d7ad4db596d5e400bf7cc90bba7b3d9a87e0e84aa541d8803250c79f53b09c7ed6073519165564861f84372b13407d2fcd08852ec3852931311b0bdd74bf1feab3086ad7c58809dc4f5c74212d02042d146bb3a175512426a4cbe3a4391fedb5b7d773596b17dbeb972d0853d06adb7ea530f90b814dcf47d387d45c6b780ec5279dd805d0a9e2993f1f792bc41f0908c880e0d4b020347d0578686dd2748b044e812245bbe727cf8e59510fd0ca96b5c483ef64ca735bae83c6263f36b96b5873acd880f678b176cd041769be138b6be360ae2497ed4ac39698963a5fefb6abdd45821d47068874454754a054a1ef146b40a57adf370ba5841641c715bf75e4d575a8867736b5b33b4b8f1c5b1dca97a54a5dcf69f8a63a956aae4c1fd1afeba364d3224eb23f19fa3750459a2e24dcd9a75d8cfed9216c13b9653346cc6ca88f398a5993222e90c9342083db7d06cb4f7e2d1766828622442eefe25258b403e11d5693102d8bffef6a853ee4b2774c4ef856da699add4472eed3c30b1e90e4e037be388b7c5d4db50009de7e7480471f3d5f3bceca2cb9e324993c38c60733d5b04ab0cdb7ac64631f34cb716b28a40b74d0a45fb97d6bdff6cab7a3f822d808af82649e85802b41ee8d6d8540774b58c6327ce20fd741b08ced9b125be8bbc15defbac58ee28a96969c2d829b75244e5a0b2b207643239d0f8a504e9761c448e1181b0c7bd969ac3ee9712f232b183759e619e194c7f9eda72a3e1f5595dce46485f039f46eb0c90ffda25581a00d59ea48aeed116eabe97b54cd4c3d8de9df0ebf9f15a0a84736315f29bc5ddcecfe36bb520b963d22d9b490659ff650d47f064d9268288f173bcb976c2c5de89e6c64c66d05cb3e440579666ede29e6860d75b72ffa332b061f052ed56d2ccb0aeb9df267a15778fab4f35f50d27d58e6d08286e0926a85fd2c08abcb46708d17c509c5a8a8e3f32d2f4a0273439baddb1256410cfa75a4e5a8fc96b581d237af40cfc998e116b8c3bfa5d73ff92aed4f1918701af8fb90a4dc0978fde4f9d0b9a618869f1699cea6aa2c671dbbd320292ff19c7455a452241055d70a388e601c3d0b83260d133dbc38093973523e4f519a094c81d81af14b8c0b3e444438f0c24ed148938f2d0eefb361d6aa871282aea28708a94b02750397513213d2a0869220915d50648f4825615fc42b20f7bf2a919458547407e7337a4f3ddfa86d2d74fd744bc354e0f3488c288d5de59710acad57c5ea1dcf4ec37e2fe6108f48ea502ba2995627c8183f7ae7b8a7a0977c1d40f9d6d30c02b29ae816b50e4fd9c70ef342cf70a4f1bdf273c2ce7317a20b6390a114780a491ba2032e3342b0c7cb979d7c75789500ed49c1e15628135ec667e678053fde4c92c2169fe7127abbfed1717a14d8c0a0ad2cab6dd82d5c73b41189a6339152b21ee268915ae7745c69a5b76133f7ed770783788eddecba8ade4ac35226d72c23c8ea422b122a685313fbb65c5b3de62d0236716becccf54b4af8daa46477354997c3ec9599411c4705bcb7901312726ba62dde2d8d35d45d020417":"14123df0afadc8a3142ac07958417877c4ddc5718acee7a8ee44c48d" + +SHA3_224 long #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"44533d2c876e82db402fbb00a6c2f2cc3487973dfc1674463e81e42a39d9402941f39b5e126bafe864ea1648c0a5be0a912697a87e4f8eabf79cbf130ea8e6f989f3177335e2b0b87d078b843aa378becd69ea596c85f078b9dd67d599976f6343db1b3297da6d93b20f817ebfc408300fd9f8186dc182f4abcd453881adc1af98340e64e15bcdc32b8960fcf51156a880fc29af290a2c69f6f3bf036ff2c525af8458d1ba6ebb8f11fd8fc784914a6e485de6e44968d61dc1d73e000a6f630cb1566141cb191c3e8cf378a7154dcdc98e81958175e3685935022bf5fb2b84aec52f907cbc66d919c3f48263504bc5037af2a04c5484ca657afbecabe92e0e5114994f49345dda68df8715c5dc951c6236376d0e8f52e589b74aebea7d81eb3ec51b0672db050773073599936233b82fe7d8668ecd559f0d15788e795f2b01bd013e1bbd5a66488164857696892b83b1b85df196b796e138bb0c3f2236343a15f088f7f3598886db1eff1596fa876332cf4f78ecf51c9454d18e65abaaa57c90b98302dc7f74a7ca5c2bdc5b5c4f42f8543662592ef09ea7818767dd6585b17485b7a43f75319594469234ac5889074c709817a50a18e97af17eaf800cdcc00a7bab46e5e3c7368105bb8652963f9a764affff98339e5b1449fba45c4ab3919ac4e74e976f3f74dbc12e3816bd78e3be0cf282fa4e89debfb286ae38c4110c6c87f3261bc4a036e8a174b4be753dc96cdbfa089206e259c154a835de25fe19c7ed58343988f263f2ce146012689537c7e29ef92900b0b36356e8a1141382a0f51e9de2bb643de53f7096a6dc3c8812184666bd87e7fbd6ede0cf5ba336a6893c414a9767ff8aa317ae83ede2991e43a732dabc7461cca9a71ce4c9533871bce57ee7ba0702e085c4b0629ced2860b2bccc835eb8162a14d830af54ebbeec2137fefdb5611448738d9fbb1dc59055479f3ce80c1ab01dffca44b86435731da17ce913ef3edec955b9a317d7327a05eb97ab912c64d4ad52c3818862f7fc0e22fa67b2d065076b1391e3fc32fc8e7984ee4107285c2ce3f50c0ea6b4fa04c78dfb9e61c0a03836965d88f596ea73b8fbea25d166cb60c6d1ed149ac406314ecbc5b9a827b51933c465b9876bc6d2ca39d480775078185eccadbbedf9e32badc3a0de0f6d6d516986f09f3c195652b825f479824c2dfbb4cf962a26ba589bec5cd6361ffa9089e1c547619b08639c89a6913979c4b0b1cfc3ee8acd712e291180aee85f37e668a167b3292ca1b45745a6f4e7e41fcae3b88efe026a852d7c26166f1c588a3697b3557a1c784a132cf50c66ac4cc54339751a0ebb865e1d3d320562fc905c4abd1e78e464066c46c3a0c02db0371ee35a104d66dda864c6133e37cfad9116e883ebb73b295e7016c34ea9911a309272ef90114d8f59fff0a75193fe5ae31ed99121f9c59209bc4bd507b1dc12bc89b79ffe4d0df9209762a1730136290cdee58ec828ccc88ebaada0d4bf54c2656b7b1361e9ec448594e5a8ac69c04296bcd323e92b96f375d103cdbcbc4350b2a086f2c1cc3398105e416405b3e4ce09226df78bea6b3947681703c88eefe42b90a0e527e0291c4a5d3e7e85c8eaf5eb7779b3b64d95c58be9afebff1ea1a759a39194990c18f9baf9a39e358e1adec623c0fe723c5bbdc9bb942c6954a0c0c34220a622384656e99b3a6b1beebcb2218e0a81c89f044a8a468e6f0e183658f2d317c4c74cfc5c5da9c98e41d0179885201fe3bf5ed99354f2655cf753a9976cc03c9592318233a08d19aeaf1d74b97941c6cd606122c1b227e09a2beb42a4bb6f58c28acd20023aadf2746cbb1b3d8559c9e7b29027fb294dc8d2b2ca49a8664a32f2b7091ef1b1731c888094544b31d0eed8bdd42f6a43cce5ab95d606caf6b794ce22cec32a8f465e91f38f670b060efe4989138335870cffcedbf9c033f22044fdd20259d25b8d8138cd939ba68b7bc0e11f376c867d76dee28c1ac10ae2ec0b28cf8e26149eb24e24178a3a44497ffe4986263082ae704990b1214f784f83b1f7225b7316df1c8afdd95b8a0cc6837e28c6ca1753a1630a8050f5b3a5c04dfe11d2508700a633006d19eed4278ced0927e8096b21deb8e759748035b8bdb2ba1fe754acfb7c5f771ae12b5fbd232767eef2cd7213eed5a9c422a91cdace1aacc86a51282fe708b6ac38fa75f511976024effd7652582418686458b2327ced9db5622e44c3719686cc27435cf7e0a7bc71e481bd05a40bfbee41753de94e93558ed7d348dfa271af22b4ee5dec17be427fdb418f555bf41bfdc2e90626cd749cfad2287cad0101f955eae3c0fc3f43bbf3db24366a0446413eed9a55127ff83aa15914275216af2c0ece0acd4edfa0f078ed14f96b27693358cc7172d5ee88f62c778293f969e10ff46a4bcc0b7f3ca6b418f91f814dc5":"664b21533bc159c450ba98f77dd81616e6e8843d4eb69f28add3b08c" + +SHA3_224 long #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"e9acd147a1103f6a34a8c62f199f2d50f1a3c1f90c51f7d72fed5273945787be333ae0ec4087de86f52222bb91db8df8a19fa7b87eef3d9c17924fbef08729436b3ecf2f47089e7d66cb3170d3fa822403c451685b8ccad0f39a62059a1002601a1f67b7bd7ac9770f0bbaf3e6e652fca07b89b2ac0fe4994c6d54f098d85b3ec745702daac7a59b794b87efd28545a9ff2a153e7860d422a873ec26f4c97b04fa18b23816d67b122bf15e0aa0c1a553a83bbeb3c767e2919214f450b6caacdb3b00f4810a8f9204ad6708ec5780b82124144cb9a10c550f8fb83215e4c234eb136500b08dda349888134d3effacc83cfa1f87fa0f3777c329c7701e889b5c5b09af9c6ca89fa7f6435ff4a8a12c1bccb2c2371b18d08ed6e7a97412a93c6c54a646915d62c6344766b2c7d143e8f9f8d56723c7c5bfe36f51c6069a508dacfd7092a62cc33723b37a738c62f0c8ace8ea7514a41decbeb7f086f05e8476637ff1fca581d3dbbc61060c0c02adb47bc57954d25a283f66d64b52f9054ddfdb01b1ea54039b98477a92e40f5a8494adb70a6b2592eea125f3eb90e838b3b05aac37c57d5b22570b25a6635d127c508be52624d5f478f8413656aa869ebfd129a70bf6e6317001518bcbf1bdd19dd05d7854e6a927cd2e03c816069be0782a901bb5e3582c8e7c61d388f6f83ff0fd6b971d1a6ad4f529b3d1b30eefa5e7a4d630bdf69af483b2832666dad6057cbdfc6b0826e0a2f9d39978b32849961225450dac9676325789ffacec051fcb4af9591c9d73d33ae012fde6a0be725a039623db0a2ab28e13eb1c8ca2e09b38609acbd164690b43b2d026430137339ac2e0b9c15d1c17afbebf23ef10d112f5c88698b2e6704f6677f45db65ffb52fe55e94fe82fd36d3e60ed5cfcbf414baa8aa708e8aaf1694b3866ea674172972dc69b2d7807b77ce2025c0fdc36990ffeace3659b38521f99fd0e157f2f04ccd01ddd9a986e300b44aaf684b6fd3f26993824f5f219fd3af8ccd42626b119b78e6096e070eba6e40b63a203b39d9d582435510216d4588212afa064835019221099b045290681cde03248d3fb9d196d47ac52d22ff1cdbe8cad5a18bf936cd3fecf1212eb47298f6b21d13db5851d2ca9a40fad64f9c3b811ceea8a01037a92ff0ba48edd3707f2533723890ade105ef3256fdddd73a236471b38027226ab29bb544e03285d81bd417c27ff212e5acbcc385da9c3e7d101d69b2cc83a87685edbb2f8b7f34100badcf9c5e62300633bdde3be583eddbae16757af2380ab17fb072d8af3676cedafcdb5e68837d99276ce307b3375dec49da255a75d6c1c22c6e6ceecffac65ae65bbb8702b8643514346277c82917157ff2e9ffebc2861ef88219c0723e9b4ada44f0b4d1837c5086cedcfa98db91fdbcdb43d9a89d902e8085f9fc1a747e2503331b5639773e81db76c30ea9b166fb8d0db35650baa87731049e003d2ed7601dc08be9cef6232f9ed6b5228f5d0e957d04c91458cc179fa668766b6ee03f827657c2fde6a2b2d04d6913e49e40e151e95ae5924524660e4d3c03ac041b3f12997370f134ef761a63987fb37aef87c76e6aa93e9a662c2991f9c620b1423e8713ade6622e4ed5548dff591d89bb7a5c88ce8497cd03c298112c5e87dae7b6566161c3df37436915091810916f573187a500f82c518fe1c0474e0d30059e4f070f2969b6e46f99d2815d66ad802535ef6f8c747abc6cd248a0c982c7b5b8612f798f7887ba15f0236339abc050c80fea24cba9f1921d4c87ba392fad5fd885263cee50c02cf9047e4b5760787592280e8168e92f47238903f017945f88712391d5d0830eb16b3f4996111544531606d2f1ceb28250124043eeef316cb414e4e8b0d0afb1ebff091bc0114aa27de624cde277a6a9416beade032a8743672621916a59076831170a7b75b261215a751a55fffe25f29f92e128e9442672164762226ef45a703565bbdf138f093f7d35501196ccc0fcdf19dbbaede66f7745db3f224b1ce9884d4d95cd25f1935b5ab95e67436e08366483331aad6be2d17a6401076b4d651efd5100bc29a4a0038773adfd824c5c2dd4417fbe845f210f387460486c003d82d9f2b5229af2bfd667f6b71ad0024d41b2e72a1d2f2aaa8ee47ed57bb9dfd37257a50b96f676333280a51265b90a4c2074e6baccea78dfef1305c907c126d76beb0a8c9fc8a9bab676113854a9dee9388eb2ba3462a4319e588bc3733e8fb9be2885a0939e07a6b09cddb16e3eea94f884ed90ea1447502b09834d447e74eb078498e028c30a97df794ce628c4d7effeec09e7647bdcbbf3ca8edf020d70fbc673c6e3a5e44cfe81afe16f0ae8015aaa287a261a05dec5a6f000f122680e5c899a91f3b18e295b55955db48b25015588beb0c5a14ec81da33e7c1c3c1aa79dbf5d8cc8d20d3a3eb9bdf44f3fe852711933604e60b3131486fa72b8a591c73fd63109bb6e0dfa092cae67a78fce7f2dea1aeb48fedf5a5ab0b8676ef569f7a36cb9ab440becd35b3cdb0a55f133d1fc69e9d42dc2200840beecdca7a20fb368f15be40b3246709558c85eb31aa5155d27049d655121a777102c34eb41ff8500f2ac467957973c580efaf77752be93d0900fb9983250b26":"6a9a23e09105428915a6b648b3eee2b6a97a3a27ca6973c2eb4f862b" + +SHA3_224 long #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"662c1cf710b71b5334e7fca1b65bed275331a4959029f443f0069ebb6a3869771ab975ec3735ccc7456d3a768cdd5feac89c029b2285a8cd5f9465125892f311aaf50185ae02cd89ac34f5124be18bbd4c1b67cb78d5c169d746ff352393cbff7ca869cc5d664721cf04d67eddaf992847747c2b7b6066a0c0e6112cb5801ac9fa9954c92dab621818a585c1288fb2b32170e8c61170c0f9833a46fdf4a407f88b926b83041745f4eedea9e316c9fee743d753a1234bf7fc860b43b2ca46bb1396595602ccf41940b878eaed8ea4a44b137167c69a3a32313220b3531ead5da285b8bc4e6b880581e03cf2e67769cc68fa06c93c5c859921ef433ce6d722162dbf744570cb1c3241cdef66d6bb61a0c4615d240b53745553263a8675dfed0e3dac589a6fd2f7c807e75cf1c541d145e9ae3f1e3c654f8e4f3dce3a071d566c59b42b63536a63ee5c964a39bcf104e65f4b745fd57c5d6b9e9ec700a579a5590a3fb447247aa6ccc74280e6c2b341a9ac9ec490e17fe715c7afed7f56db21fcd7b5bcefebe9098bd053c7a1e06fcfb65a11f759655635b452da0860222b137e487e0b03b0a1d453ff31e7121d0df736f10ad4616be98f6fc886df4a1151c306e502692a79894f4bdd44a8e081750151f7f32451fa203d6eb01a3be62c3679bd37aa9e0c5089c29cf1f5d2b31490352ef633afd01be386da9200e4dc7ac07dcac5dc71523c89746dc3aa2c35df44daf675323d87d51ab4dbf69fa2d303d816561701aca44671aee7dccc7f0ce97a3ad0fd58961e30ad0d98655f3d74d0678e89b68215a97429b832c3c493e03a1b9be5150d813c3484da3a67a87c66e8532b8a29c5750ad09ada7500f9305adb0d465d45b9c889ea8762e882e2285154863682f834936f62aa5cd91cd21e21d33a835f15c431af599fefcb407509df1ae6f698ac36397e314285859eb924de2a889a130e96855389b2c70b28cae7b6445db5f5cc322de2454b9ea10e150c39e9e1d2a2b7978b2083a933cfc2478a7ed9d2b9c0e0923841a6abef57f54d9cd9172c743498300dbb4e6d7b3f9755bae0e22c4c2271bd22445d4cc0cddacb9d67bc51c8f03ac7d1cff2e5e7842e5d3e836655b443061bb3927014592b45f6d68ae13716ff24c6a10278f8bfc60fc5df116d34394a2714b3d4eaed019abe3611eb8cc8a689de9343fce7904a2cc3f6652f00b125605c10e9b1d0be0242cef31432c8ebbfb5f1987f664794d1dfd159988725b4beac2e771ed22c6fa24afc95a8069a88ababe43b1fe8a1eb9c07c1553fc1e6254e5724b11ade05e72adad184950f0c88b0943fe6e929fc7ff3ca1c5124854bec1b88c726a57e6410e21cd429a3f625d117988b00a7d260371e5369b70d795bf26e689d3f875a50d111368dea9a63ed4c28de4ff11f8ad5fb64c830eec3481e1d8e1f30628719d1120050843041fd6de12a8f13201afa64b30f52fa5e0e989c56c5d408f86f63efbbf8934264616dac7967d260f75fca144765184d6fb512de8659afab6a05e2b3b53f264eecc25ab2fa25d0bcddb8a1eea0af43b489825deb9393d9a31e123b24e61d3230322c6d884eadb0b23aeb27f8a434fab4143b21cb67bb7a787e5d194b37dcdf719c674e355b479bc777c1053c3c3e66d778a90887e819b9b0f1b0222e90c35498943aa4c10b3ab985fa02e3c25113aea41d94b82600f4bfd5ded1fed7da19ba2d816f183544d031732c766890c9fcfca36cc4d9b09696b46eaf89564efb2738b8cbcc5198f04f2c1975e43db08e41755dcb00142e9145bf04cba0d299dd35f7c2d91af8f2f600d1003e160a2a862a4359a31111a7db4a081e9ade19c2668a1fd21520b44c3e2b49afedd276049bff8e1f5dc077235bedb844840bd4d18070d771e6a82eadb018bbaeece12948b4077d385fd3eeaaf975f7fff1eeaacc122d4726b4780d1d340e5086a10bccfeb88b392b131220459d2cecd5495044bd040a9879e85afaa4b25730be7617072c91d3ea80e047b2fb2f58c050f4f949ab3e4ff2f2e8139d4b123982ded1cf81dc2627b6c02d384fd597429af85ab1629fa7447c1a1d6e9d193cfd6f6f1cf9e3155fcfc87264ae9dd9bd32a354e44037a029315f78ef32a31718ea1ef8be5ed4e02412461eec7144118a6f03ecf86d6fb6ab5dc295c726564b8f4ab7011fc6fd445d3a594d2d49ed85e443e1480001b3e91611cef70b145fbf87636412a7f90549f28d28858ffe403cb5f465f162c5aa425095ab2825c2657be97f4bb4bebe96f7cb54dc517a57e43ee3cbb96e887efdc8423180b07bf811859ee4946eccde5557d1d69c36561e829357100247d8f75384d42d751577800be78dda68c93922ec70ea5d91be8b19c144fa0b6b05bcf7557cefd0b4e17f21faa99dabef4c6d4f034aff2fe27081114a57b304192f9b45abba7963629bfda286d1b89d507fd13041eef995b8d4a0cdc4d76942374ddcaafc465c2eaacc58cc5869c5fab4eacb8c4f63bed73b735117d8c9060eebe7e9eef0267e79b2fbf8671878ab084216c42ad4b1383d92d4fab52e3771b05d8629d93064c98ca2b0453b6e075410238a25d379e14d0fe68005706d289270b7b10432640823aea374a70f001da7597ece544fe6fae7945efdd8103da551951ef1e2c334187629ddcd86ac79c28c2d7c6bbb66c204ed1523d5dd5d48b59669bccd2b52469ea94377464adb7ffeebd245e8c0e0b60847da5c8f7a1f33604932b9cd47a845a1a44599645b62badaac9100cdcd84690cdd2b32b4191da9ae52393d799f8dd72a4f776db12109d45db8b2d5a3491b841b9750cdcb212050a899c66f5a99c9a440922018b4059a7290f5":"c445ddb56fa04b4a181ca4b1e97d2a3d4d561d10560ba6ceeab15fa4" + +SHA3_224 long #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"d18793d705f8597b71ec1aa00854935f8dbdaf4861d3f9059a2456395427f4ae4c7d7eb0ab7692b41fd7743e30db0401d277ed4736e22093e65581851110dfff239d2a869958e0eb142fc92aaca7e492861fa126a95950440d36da84f5c1afe37f6fff217aa62d67777b812d23c01d5bd43e32ae613f735e3750cafea9444aa3887c6648f46660717144040f3e2f95a4e25b08a7079c702a8b29babad5a19a87654bc5c5afa261512a11b998a4fb36b5d8fe8bd942792ff0324b108120de86d63f65855e5461184fc96a0a8ffd2ce6d5dfb0230cbbdd98f8543e361b3205f5da3d500fdc8bac6db377d75ebef3cb8f4d1ff738071ad0938917889250b41dd1d98896ca06fb8a48c45be11eeb2cde1866bf5e3293065a08eca6b38ee84e2f011c47be1da64d0391cb9e0fb0df50706965e76a79782784df6a274790aaa7426deba3517282291f301067ea7d6208866a95c1a5757e26550049c3ca025f685efd8ec4d6306435e70ddbdff9ed3cfc2a033d72968e6cabd653d1a1c64bcf388b994cd1d5be121c6210742dc46934d3631ca425c52d0c5d0dc14ceac2d3c2c0d2296ef3d78654849822227bd35713353a9d1300bbb824e5043000c5470200a83a953c5163eff41692292feeaf20a1ccb56ed22bff997deac389365bdc405097ccc5fe140161b879570ee1b0df2da63ddf7729cf1936df1550b536d309f57c358fa1fc6339446a55efba81e9ebe5ea33bda1601492f9120eb59b485656894a2b8b127e679401d054631456c05caf345459d2be21f149dd7cfa22b40c4c648321c8fecb4799feb31cba03aa5eb8f54e48baf38c1fbe8d09082534c11c72eeefbe4f4f2c2cd1a4da55fc71c3eb8a1efeb8e8ed1335822f5e5940b8b9af509055ab27ebe93ec25b0fa83245ea8e57920d4ceca6988cc396a4185295e2ec6fb07e9058bc4aa4f68c18bc6367676fa9b843abcd08664b0c2aa3ec64b585fc56b83313eba89687f59dbe3b97be82b707fa677e93fac49be253237e7dffe9068d0e3adfe799170e45f8c9cad634838efabf436c4663f9a4cf79eb75a55b58339d1c5b9a547613627003011329b0b11b09709d1eef2d4e8d5a04c47ae4b118ab0d4860ed3a27d3aafe282ebe971b5687bc733e3b963f0b7f0c5c763543e9729565fc0f7fa2939f0f75ce1773295bb8f99b31ee6c418178a16be9c94dc9ecae192e9f32f993a4bfb95f5c85d9e6591f9a2f127459fadbdc1c0114856b7fa01461ef998f0216417acf433c4098d6fdd592ff7f9aa9c8358117564371366beeec923051ef433252197aaad510590130210893de2605b477adbbf0df565797be7dd77a311963efc0e4e11b8fbdc470d84a247498e114c489a9305951fc750bf9105653a0d70b5571232d1ed20e802ade99102916937f0253bd9d19002b39ce85ed374606efe36d4e1e853b06cc36372b56f13abf04ed76be302ab653ab4ae74c5ca3d8cc2a923e3f1d12fb93bf8da0a6c9f230fafb0727b04c01bab443526135a5c2935850c1d02d67fbe5e2af2e6c363938923142751d125747ad8abdf641270fbbfe1329172cfe4569825964c0a3c5f0eee8cb9fde60cd9a27153cdfe0910ce3b7a1657c3d599cff845861a5ec4e3a343abb30dbeaf9c75dc77c3472b859cb6add05b713da5feddd73f1633c5a737c4e4491c7be42efeae84f69d93d259f4ce956b16fb49747db265fd5c5efb11d758635f5fa0f8e4a1d82e865930ad06d77ab492df7281c184d246f8af18799510c23356c309875124774baf7ca9f61ca34f7df02b53710da2a1dcc9a4dccbc19296f6b80d21fa0505207eca7e6c57fbf6b143fb713a81c965c5a9d8d4385bf7cb4b000b8466db70c2580a6fd4f44d252044b93d47745e753ca230be9397c4d83962f1c9cf54a614ca82a12826ee4038de7e400e24bd41a195cc03e3899770c34b534e5b5477d461ac34c55bda96dba78fc27b068f61e5cf0fa785d01ca3fa499fa06868aa5d00f7d5e2d9a3669a69e1a2c5bcbeee0eb56e18c9491cd349cbeba4def25a47509647e611607761758587b5dca78fc7103aff3fa5c01233f55029d9735eb8920f1ec23b44fc404194b90a378bae01b112d102f2c18d68b5334174cbe21ffc30f5050764020fa68d947ed9b66742bd22833219b0b10378dd8ffa6cfacfb89daa9ee387febd1d12bbd14176a0d4080aa1edb89427d8c4db2367f562c470bb35455924a459ea970d42f79b7185765072a5beef1296bd33f81d57cd06d7998a3bb7d0631d042f100eb964075ae2b2deada4733005abe2e36831ebebb9a29ec819688109328bdf2a8f95a2ff83370de4e424b745fdc5ce55a3e770cc0b93f4d766ede791956f9f19185e20fe9af10c15debcd77b5b72f40d23c492f87d4a204aacae7086a61dc39e21798a7ef2af21e3f5c3705abf31e86c705fdf0b7f23c5944320a872f515011c437e3c1b3adfe3d1c1defe6e9991001601ff915f81cf4936c2eb2bc0f2e3cc05f6e2b23dc3f1c651bb75fe216b1eff7c614a766f459b2fc4c474471b301878fda43d99613e934e064b1edc1da41a2b1206c6ead50b15eda0904296cc2d21bc65e3f53e200b22ef42093034adf53117797adb5b0b72ce176ceeec976e5a7dfad12e802cf4aa2f2ea77e60846caee24915361e638cfd32118c18b8c56c48abb8b1fc94e259ac1690a9030647e461bc3467b0f680d40ad07080a66dbd6068297aaac67a0ab9718799b94fc7eb7f9e1d6df3840a3f7b3c27b8dd2041cbc53975b50e24c5e2aeaae0be7aacfc0bc8b4845a4b17bffbed01b66f041efb9d155d2f0c6e9fff26b3a8b0834fb339154a558f8dd0f48e4293ebfae7a7eae18ddb13a3c54e808c23330b856cbafaf5946ef1ad7d2792fba02a6b63d70b2c9a3a812d8284107f0384d743cdff4edcc815b1095cbcb18b9e90faf09f91d04c8c0f91eb29cd7703dba80ad1f89f6dd106f5bb1d1ba0f136dd91902bfccc89d34d9997dd3815c487ab293836a3e1ba8058c0e79d78ee793d4f2e746e09db8a4955551d840bd19ba2c874fa024e5a97633403b11ae":"a88eb8ce917b17c34800b6bcfe9683deb431e128256f4edc7c084add" + +SHA3_224 long #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_224:"cf97461544530735f9349d0800dab7d1a432227642f63f265b73b53ee68f636eeb0a99184d0487f8e8c0f50adba735a8279056f37a3e9b75452a2b0514830aea1f7448431ca579a65804650706c500dbd7a79c7ecb7a5dd246deed2a664d7266945cbd5f593dc485738953c6293cfeb2db025addddb16d858616627583f48129714a5f33acd552de61d62810eb1519755c26f9d959ebb3d62c5af2b01480217ddfc69689bb740af84a734dadf457376b819de23ae730160d603205a1c0fa39a80659ca273122d41d55e92865ed0a42dd73ee7cc82e8981714c2703123069b1f30d8a63d6b4e79893aabf23007e37211359a12e4bd7fdd94b15c055c90cd571a61de2c95eeccc3ea3727da5454ee5bc555c3e628a899507e3e686618efb4760095de8658783d8af95d5ac15fd061cfbeba44e7f4eed58f381e500902ba5c56864f6249d191e14d1b1fad3ddf04de4c61c5859ed5fab4e856d3ab64a66b35a70fe0f1edadb68868d3f0a7a64e6cc460532a1e513856a7fa6ee0e30f809cd0b6120d15f85960638cc862c2912a72b49a073a67c5b88d2f43c4e89f700da9ae22112646e0412a33274cf89694ffa11f67f2890a52c2f8cb430d3d292cca2c3e6991cefd3c117e57a6e6248c183a926538b9886e9ee4340c76bc61289c228ef1fb1869a17226d741aa38793ba167a136baa0db1ce0a8d9536d46f70654c36c79652978fc191dbf91afa868fda71368043c5cd38dee6d23408521515acd192f3526298f359752b1c805aa666acfaa514e5c52144a1ebddc545cf0128e9b9051a5bcad1f16736238456ad3040b51a8e78589051fd9e8175eff5327cd2a16b57e4ba738aae743c8cdaa4da6c447f39ba54a410a58a5d11615a2163cc3b5e5150fb76440b5507ee2dc570c9a29b91c0f24fd22b651466016aafd149398aa7d2b80497249b0ca9b6d0eec4621a6c7315fc11e8cbd8c242bb58960bce0de8055656aa26fd84fbe1fb3bfca78d1be0aea2a043f1d747bd78a5f3b6d9d98e7cff45f3922ab60c4c372637982232ef1fc9cea88df237fa2c902902b84253066f1d085767ab377c24339d8c6a3b39dc504c00da96f5d3393812ae4f434f22bbe8e7054acfb2681cae5ec90219fc8a2b9cbfa2000701934c09879ca000062ff610e6a594724531330f3f12614e6d0d242aab1be0871f5f7ac6775abe977162fe0ea150fcfa6f7a0b725fe170b095ab0e2398d343bf561f0d98685271af98a31d0ba06f4c0c352beafd449cf8e87c4a33ae0c32f056aebb4ba6e4eb80f081db992f6c684a53a12c19d878adc19d2ad3d9f491a0b1f52f1b7d19728db50436f0bba18ca5bf74ba65e02c837a9378a82f491cae854c44e227ea189ba0d690bfcccb8a888c721a88be8621eb6d3621fd44cb4fec498aeacec8dccce58cac3f22551111e9872deb142055de3aec713f31fca6b5d1543390fbe4995cdabaffb66975d45f36fdb68f6571938cf7610e7a4d3e2475e70e0fdd72646af1029097a09c135e9bf756d6af839b8952ab33d37c57f18bb8b6e0e57a3a3197b3e4773ba3c117f5eeb5f955f377847f59ddca89ea5aff24a5c5307f0e5b3168c908d8b567e268e280f650fb024816bcc8158ef86f5b4f37659c67a342de4e255cf619cb9506f06d7845c29085fe378ac8dce7e7b164c90c1fc3ee1abeca6f159337a446d53696ddff27b7db23a2d12f81b83d1f587c55eafcc32bac29277c819752dfedce79427c3c2697a5853bcbf41a34f8690dacdb1b242288202cfe5cb18fcf348a29d7dc9058c9cbb652d10d21bcd5808b78fb43e5be6b6c406e56f9eda4370ae38d584d627a98b9d6336d7ffe8e253d4d40717591f2233fd298373a7dfe10c8c2a3057b3acb1ccacdd01509d3b9ab98790d165a66ead4689f51a907a8c4e5d8ed13e54f6073dc6662d0d493e764eff7d589f3d8aecb05516f42b548b81f3ba12c8400b11b9961f65fdcaf0583b87ac32b5a0fd8afc03f610a1262e5f3369c8b499f5f8ab46531e08a9bb047efddd36541287243b3ee0900376ab9c7a2328ffe0a0b09c07300d68eabb6de4173fa8243df9c25ff0080eb96c0f2c0d40c3a9d623970063da092d8668cd441dc573710c7cf5d2ff6de9c6d8b6b5181f57b774c1f9c785fe78342bdd2f49ee2fee2bd0458d814980e976b1848013004133510279dfcc91ba864390f39aabbc8905db4e65dc16969317214733349364f14832eb345200b42678a9f550377d4fb7b10443f405303a946b6bf07b50d0c6ce2adf97a7dd2e7dd0c3e9b1897239184a543939568568b6035ac965a3713596363fb9803aed804f37ec855df5f76996af83ecc733d92a896e69cbef61f24c63a81b534d641fb0c8ca770f632c23895b55b48155e27ce035440cd6263d608fbfb2222f47c9c03a4b06e7ea69928302c6eb5ab96e08ed444a12d89a827c5879fae308b017c29b87668bb398c9df927079cf0ad7980da6a12869516b8cc53695a599238825e4fe22abb76ead1c59ee5ce47f397e3c77359150a5ebdbbdae775d6063071a0ab754868b288d99c9a7d322877a6b1fe3bc268f63571c6d9d7eb74b8bcf27e83ea05b3d754d74e16a3ffd6bd35f142f2662d615d0fb679394dc62fab84c0a652a366eb1fa94c9167688c983688bc94e7d01d0af1a1151e04c3e06b55658233365e00b8e9b9cfe9b6718d413b79efed04fffb2d5bf277fc61c2a1f35e67206b56a43be2dd8d49a02b476899730f7296717d2d90430ac25c79d1718e6f928297dbfc7f30a22ca0fcf071876887522dd757d21dfc4ff2e0867478b80330ef91feecef346be19ebe462a7750761e4a09f7de8431382ab1b7c2793fde1b488533eab204c25b41ec89c504e22d8be100ec402d1dd30e7a4f3158b0af4b9e605c51a154c391c86b1debc3a438856e787bc0f86d256a44e8d5358f424f67541f7dd46cfbb4097a0639cb863204c0e88ac36b68c5225ea31b4aaab157a79b042eefa293cf609338bb491057d7cb45c1bfe1d7d85e9e16f3bcb67a0416404d7834baa55ef74e95cc3253a47eba177ec1c1dcea8f5f20fcfc72228cd1a8a1e776dae7c3159c0679fc12626e43056fd2af35bc8ed7f1317785e695c85f3552cfc7c87de6ffe511a591037b56eedd5ca955c68aaaf63c58ef58bf1716f8e4dc6f33a584f565fbf68353afa844c66c656c791a4d2535671dcc3ba6b05ee2ddc62d811905d88f053d7909bbf02014da1281e4d90de9dc9b0877f7436988664998737bce0677":"6081b2be0c1cf8977092b63deb954403a5879a0abe8ac4c153008cdf" + +SHA3_256 long #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"b1caa396771a09a1db9bc20543e988e359d47c2a616417bbca1b62cb02796a888fc6eeff5c0b5c3d5062fcb4256f6ae1782f492c1cf03610b4a1fb7b814c057878e1190b9835425c7a4a0e182ad1f91535ed2a35033a5d8c670e21c575ff43c194a58a82d4a1a44881dd61f9f8161fc6b998860cbe4975780be93b6f87980bad0a99aa2cb7556b478ca35d1f3746c33e2bb7c47af426641cc7bbb3425e2144820345e1d0ea5b7da2c3236a52906acdc3b4d34e474dd714c0c40bf006a3a1d889a632983814bbc4a14fe5f159aa89249e7c738b3b73666bac2a615a83fd21ae0a1ce7352ade7b278b587158fd2fabb217aa1fe31d0bda53272045598015a8ae4d8cec226fefa58daa05500906c4d85e7567":"cb5648a1d61c6c5bdacd96f81c9591debc3950dcf658145b8d996570ba881a05" + +SHA3_256 long #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"712b03d9ebe78d3a032a612939c518a6166ca9a161183a7596aa35b294d19d1f962da3ff64b57494cb5656e24adcf3b50e16f4e52135d2d9de76e94aa801cf49db10e384035329c54c9455bb3a9725fd9a44f44cb9078d18d3783d46ce372c31281aecef2f8b53d5702b863d71bc5786a33dd15d9256103b5ff7572f703d5cde6695e6c84f239acd1d6512ef581330590f4ab2a114ea064a693d5f8df5d908587bc7f998cde4a8b43d8821595566597dc8b3bf9ea78b154bd8907ee6c5d4d8a851f94be510962292b7ddda04d17b79fab4c022deb400e5489639dbc448f573d5cf72073a8001b36f73ac6677351b39d9bdb900e9a1121f488a7fa0aee60682e7dc7c531c85ec0154593ded3ae70e4121cae58445d8896b549cacf22d07cdace7625d57158721b44851d796d6511c38dac28dd37cbf2d7073b407fbc813149adc485e3dacee66755443c389d2d90dc70d8ff91816c0c5d7adbad7e30772a1f3ce76c72a6a2284ec7f174aefb6e9a895c118717999421b470a9665d2728c3c60c6d3e048d58b43c0d1b5b2f00be8b64bfe453d1e8fadf5699331f9":"095dcd0bc55206d2e1e715fb7173fc16a81979f278495dfc69a6d8f3174eba5a" + +SHA3_256 long #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"2a459282195123ebc6cf5782ab611a11b9487706f7795e236df3a476404f4b8c1e9904e2dc5ef29c5e06b179b8649707928c3913d1e53164747f1fa9bba6eeaf8fb759d71e32adc8c611d061345882f1cdeee3ab4cab3554adb2e43f4b01c37b4546994b25f4dcd6c497bc206865643930157cb5b2f4f25be235fa223688535907efcc253bcd083021407ea09cb1c34684aa0c1849e7efe2d9af6938c46525af9e5afb4da6e5b83da4b61dc718672a8090549cbe5aadb44f5bc93a6b3fbdc2e6d32e2eaaae637465179ea17f23ad1e4f1ebc328e2c6dc90c302b74a1edbbb0676c136b269d70c41040a313af06ab291bf489d9700950b77f207c1fc41884799931b3bca8b93331a6e96b7a3f0a8bd24cdb64964c377e0512f36444bb0643a4e3ecb328194cd5428fd89ede167472a14a9bf5730aff1e3b2c708de96eff1ebaaf63beb75f9c7d8034d6e5471e8f8a1f7efce37793a958e134619c19c54d3d42645f7a7263f25471fbaae8be3ea2fbd34ec6d7aacd7d5680948c3cd9a837c9c469a88f600d95829f4d1e4e4a5ef4ed4623c07815a1c33d9fb3b91333ff04eac92806a68a46cf2e9293f8bff466ce87fe66b46fbff7c238c7f9b2c92eb2fdc7d8084167f6f4e680d03301e5c33f78f1857d6863b1b8c36c7fce3e07d2a96a8979712079ae0023a1e3970165bfcf3a5463d2a4fdf1ca0e044f9a247528cd935734cb6d85ba53ceb95325c0eaf0ff5cd81ecb32e58917eb26bfc52dba3704bf5a927fee3220":"cb1c691c87244c0caf733aacd427f83412cd48820b358c1b15dd9fadee54e5af" + +SHA3_256 long #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"32659902674c94473a283be00835eb86339d394a189a87da41dad500db27da6b6a4753b2bb219c961a227d88c6df466ba2fc1e9a2d4c982db4398778c76714d5e9940da48bc3808f3c9989131a07683b8c29d6af336e9aee1dfa57d83c48a86f17146edec07869bb06550689ebf4788159ed0a921048b4a6e3e3ec272413bec15d8e1f6a40897fa0e11d9df223ef9fc270106249ae220fdc6ebdef6d6611805421ccc850f53ee9c836baf657a94005883b5a85def344d218264f07b2ea8714afcc941096c6ded0bb6bf5b8bf652fd15a21931c58c9f526e27363ddff98c0a25bc7af9f469ab35bffea948b333f042cc18a82cec0177f33c3bdbf185b580353de79e51e675b03b31e195f19ba1f063d44def0441dc52820426c2c61cf12974ec249fd3502f017ffa06220075ced7e2d6b86a52677ba3916e8e8726062aec5bc8ea1c18b1e4137680b2c9d002191b423bee8691bd7e0f93c3b9959bc1c14d5c5cbe8f7c9c336aa16e9de9faa12f3f048c66d04cb441eb2bbc5e8a91e052c0f9000856896f9b7ba30c1e2eead36fc7ac30a7d3ddfc65caaba0e3b292d26dfba46b5e2dc9bc9acadde1c9f52b2969299bd1281ddff65822b629cfba2928613200e73661b803afdcc4a817d9361389e975e67dfadd22a797bdaf991ddf42db18711c079ecec55925f9978e478612609bacd900172011c27e24bad639ffc24a23877278318872153aef6893ccb5b68b94b33154df7334375aadd3edbb35272cc7b672dec68faa62900873ded52f6049891b77f2d0311a84b19b73660e09d1f1998095c1da1edecfa9f741b5fd6db048dd68255085d43529279021d59ed853470d6863b7c8e07fcb0d1e6acfb1eb16f7f60bb1f46ce70493010e57930a3b4b8b87e065272f6f1dd31df057627f4214e58798b664e1e40960f2789d44ccacfb3dbd8b02a68a053976711f8034c1ed3a8":"5ac9275e02543410359a3f364b2ae3b85763321fd6d374d13fe54314e5561b01" + +SHA3_256 long #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"a65da8277a3b3738432bca9822d43b3d810cdad3b0ed2468d02bd269f1a416cd77392190c2dde8630eeb28a297bda786017abe9cf82f14751422ac9fff6322d5d9a33173db49792d3bc37fff501af667f7ca3dd335d028551e04039ef5a9d42a9443e1b80ea872fd945ad8999514ae4a29a35f60b0f7e971b67ae04d1ba1b53470c03847a3225c3ddf593a57aed3599661ae2d2bb1cddd2fa62c4a94b8704c5c35c33e08e2debe54e567ae21e27e7eb36593ae1c807a8ef8b5c1495b15412108aaf3fce4130520aa6e2d3bdf7b3ea609fdf9ea1c64258435aae2e58a7b3abda198f979c17dbe0aa74253e979bf3a5800f388ea11a7f7454c4e36270a3083a790c77cbe89693205b32880c0d8f79b1c000ee9b5e58f175ba7696616c17c45673cff25d1221f899836e95cc9e26a887a7115c4537e65ad4eacc319ba98a9a8860c089cbc76e7ea4c984d900b80622afbbbd1c0cdc670e3a4c523f81c77fed38b6aa988876b097da8411cc48e9b25a826460a862aa3fadfe75952aa4347c2effebdac9138ebcc6c34991e9f5b19fc2b847a87be72ff49c99ecf19d837ee3e23686cd760d9dd7adc78091bca79e42fdb9bc0120faec1a6ca52913e2a0156ba9850e1f39d712859f7fdf7daedf0e206dff67e7121e5d1590a8a068947a8657d753e83c7f009b6b2e54acc24afc9fdc9601a1d6d9d1f17aab0ce96c4d83405d1e3baba1dffa86ecccee7f1c1b80b1bbf859106ce2b647ae1e4a6a9b584ae1dfc0a4deebb755638f1d95dcc79b1be263177e2a05c72bde545d09ba726f41d9547117e876af81bfc672e33c71442eb05675d9552df1b313d1f9934f9ddd08955fa21d6edf23000a277f6f149591299a0a96032861ecdc96bb76afa05a2bffb445d61dc891bc70c13695920b911cad0df3fa842a3e2318c57556974343f69794cb8fa18c1ad624835857e4781041198aa705c4d11f3ef82e941be2aee7a770e54521312fe6facbaf1138eee08fa90fae986a5d93719aeb30ac292a49c1d91bf4574d553a92a4a6c305ab09db6bbeffd84c7aa707f1c1628a0220d6ba4ee5e960566686228a6e766d8a30dddf30ed5aa637c949950c3d0e894a7560670b6879a7d70f3c7e5ab29aed236cc3527bdea076fec8add12d784fbcf9a":"68f62c418a6b97026cc70f6abf8419b671ee373709fa13074e37bd39f0a50fcb" + +SHA3_256 long #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"460f8c7aac921fa9a55800b1d04cf981717c78217cd43f98f02c5c0e66865c2eea90bcce0971a0d22bc1c74d24d9bfea054e558b38b8502fccb85f190d394f2f58f581a02d3b9cc986f07f5a67d57ab4b707bd964ecc10f94f8cc538b81eeb743746c537407b7b575ced0e1ec4c691a72eb0978be798e8be22b278b390be99c730896fdc69b6a44456be5ee261366e8b1351cbb22aa53e45ec325ed2bca0bfeeebc867d7d07681581b6d56ed66ac78280df04053407a7b57561261dd644cc7b20f0a95709e42795b5402dd89fcb11746c597e0b650a008bc085c681bb24b17db4458e1effba3f414a883ddfc4bccb3ace24d9223839d4b3ca9185ad5cc24193134b9339b0e205a4cc0fa3d8f7a85b4230d1b3ee101fbae9ee14c2153da5f337c853573bd004114cb436ee58ab1648373ee07cc39f14198ac5a02a4dd0585cf83dfd4899df88e8859dae8bc351af286642c1c25737bf8712cb941cbbb741d540feb9f5d831f901fbe2d6facd7dab626bd705f2fd7c9a7a0e7a9127e3451af2ae8509dd7b79dce41c1e30b9dba1c38cb4861dad3ac00d68fa5d07ba591c1c3b9d6b7d6e08099d0572ca4c475240601decba894fa3c4b0ea52ed687281beee268a1c8535e283b1fc7c51aa31d5ec098c50fec958acdd0d54a49643bef170093a1102a1b3bf5ad42fb55ebaf7db07385eadcd6e66da8b7b6e6c022a1e3d01f5fccec86365d3014c159a3bff17d614751b3fa0e8e89152936e159b7c0ea8d71cd4ffd83adae209b254b793f6f06bb63838a303b95c85b4edfa4ddcca0ed952165930bca87140f67f5389d1233fe04f0a3d647050410c44d389513084ad53155af00de02cc7943a3b988d8e1454f85153aff0816e24b964ec91dc514c588a93634ff3dd485c40575faa2f254abdf86fbcf6d381337601a7b1ba5b99719f045eb7bf6f2e8b9dd9d053ef0b3126f984fc9ea87a2a70b3798fab593b83a4ff44d9c0c4ec3e570ac537c10d9e3c4996027a813b70d7867b858f31f508aa56e7b087370707974b2186f02f5c549112f2158c0d365402e52cba18fe245f77f7e6fbf952ec2dc3c880b38be771caea23bc22838b1f70472d558bdf585d9c77088b7ba2dceaeb3e6f96df7d91d47da1ec42be03936d621ecf747f24f9073c122923b4161d99bc8190e24f57b6fac952ed344c7eae86a5f43c08089c28c7daf3aa7e39c59d6f1e17ece1977caf6b4a77a6ff52774521b861f38ebc978005e5763cc97123e4d17c7bc4134c8f139c7d7a9a02646fef9525d2a6871fc99747e81430b3fec38c677427c6f5e2f16c14eee646ebf6eb16775ad0957f8684c7045f7826bc3736eca":"7d495ddf961cbff060f80b509f2b9e20bed95319eef61c7adb5edeec18e64713" + +SHA3_256 long #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"c8a2a26587d0126abe9ba8031f37d8a7d18219c41fe639bc7281f32d7c83c376b7d8f9770e080d98d95b320c0f402d57b7ef680da04e42dd5211aacf4426ecca5050ca596312cfae79cee0e8c92e14913cc3c66b24ece86c2bfa99078991faad7b513e94f0b601b7853ddb1eb3c9345f47445a651389d070e482ea5db48d962820257daf1cbe4bb8e5f04a3637d836c8c1bc4d83d6eda5f165f2c2592be268412712ae324ef054bb812f56b8bc25c1d59071c64dd3e00df896924c84575817027861faa5f016c5c74142272daa767e8c9dacee4c732ab08b5fa9ad65a0b74c73fb5a889169f645e50d70e41d689415f7d0b4ec071e9238b5a88110856fc6ae9b9944817e21597d1ccd03b60e60472d1e11d3e9063de24a7b59609b6a2a4ee68238690cf2800614746941c48af9566e07494f0dd236e091e75a8f769e3b179b30c10f5277eec7b3f5c97337189b8b82bc5e717ff27355b2009356caa908e976ae1d7f7a94d36202a8d5e03641aeac0e453a8168ee5a0858ceecfcbf11fb8c1f033201add297a0a89476d2ea8b9a82bda8c3c7ef4f55c3295a4ecb7c607ac73d37eadc13b7a2494ec1928f7a80c8d534efe38a3d9ccb4ccdab9f092a1def6478532c5ad3cd5c259b3812600fa89e6d1e228114795d246cedc9c9fff0d1c1297a5ddfc1169c2efb3800df8dd18a8511214785abcc1bc7eb31bdb2f5f70358dfe860ed5a03ab7e95cc21df5ee7aee68be568d6985e5c1e91408e4432663b1c4e6d613d6dc382b5b900a4fc1b7a9c27a1138c5e2356ab9026c34465006602753daf6ab7427da93c307c901d0bb1ddb21c53bc0493dd8d857161e8ffa51fdecb75568243205aa979c2e7ed2a77b5f8edc34cffb0321a8c653bc381f96ab85a86bf0bb2c9518208d636eac40aa7ad754260a75d4a46362f994c90173b975afb0ee17601311b1c51ba562c1ca7e3c2dd18b90bdebb1858fe876c71b3ad742c4bcba33e7763c750098de856fde8731cb6d698218be9f0a98298630e5b374957d126cf0b1c489c48bab6b50f6fb59ee28be6c3916bbd16514234f80e1ac15d0215852b87f9c6e429eb9f85007bf6ae3de1af0202861fd177c7c4f51af533f956a051815815c6e51e25af20d02893e95442991f1de5f86a4397ae20d9f675657bf9f397267831e94cef4e4d287f759850350ce0898f2e29de3c5c41f4246fe998a8d1359a2bed36ded1e4d6b08682025843700fee8cab56703e342212870acdd53655255b35e414fa53d9810f47a37195f22d72f6e555392023a08adc282c585b2ae62e129efccdc9fe9617eecac12b2ecdabd247a1161a17750740f90ebed3520ceb17676f1fa87259815ff415c2794c5953f689c8d5407dbbd10d1241a986e265cea901af34ec1ded0323ca3290a317208ba865637af4797e65b9cfcad3b931bbf6ac896623e2f4408529172911f1b6a9bcae8279ec7e33452d0cd7b026b46a99cbe8a69cd4d21cdc6d3a84002fab527c4fd18a121526d49890ced3fb89beb384b524015a2e03c049241eb9":"b8d4b29b086ef6d6f73802b9e7a4f2001e384c8258e7046e6779662fd958517e" + +SHA3_256 long #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"3a86a182b54704a3af811e3e660abcfbaef2fb8f39bab09115c1068976ff694bb6f5a3839ae44590d73e4996d45af5ceb26b03218ab3fef6f5f4ef48d22839fb4371c270f9535357b22142c4ffb54e854b64cab41932fe888d41ca702e908c63eae244715bfbf69f481250f16f848dc881c6996e6f9d76f0e491de2c129f2a2ab22e72b04644f610a2fabc45aa2d7b3e5d77b87a135d2fd502ca74a207bddaf9a43e945245961a53c7bfcfe73a1ae090e6606ffe8ddbf1e0f0d6d4fa94526578c6faf282dd592b10bf4bce00a7b1846625690623667e83b9b59b465d42c6944e224ad36698f5f2ee938404b7775c2e66207bc41025adaf07590312f398812d24c0178126fdd334964a54b8353482a83be17cf2ee52d23b72e5f57fe31eebf8a1a64742eb9459bcb0eca231a1658ab88b7056d8e47554f0a46058d6565c6cbf6edec45fdde6f051e38255b82493de27ffd3efbe1b179b9642d2166073db6d4832707420237a00bad7125795e645e5bc3e1431ecbabf0ff5f74416626322545c966241cce6d8f2c035a78f100e030741f13b02a9eaf618d468bc40274db98bc342be12ad4d892c2ba546e571c556ac7cbf4e4c3fd3431efd40457cf65a297845dd8cce09811418c3cef941ff32c43c375157f6f49c2e893625e4b216b1f985aa0fd25f29a9011d4f59c78b037ed71f384e5de8116e3fc148c0a3cad07cb119b9829aac55eed9a299edb9abc5d017be485f690add70ff2efbb889ac6ce0da9b3bdbeb9dd47823116733d58a8d510b7f2e2c8244a2cbf53816b59e413207fb75f9c5ce1af06e67d182d3250ea3283bcbb45cb07ea6a6aa486361eb6f69199c0eb8e6490beff82e4ab274b1204e7f2f0ba097fba0332aa4c4a861771f5b3d45ce43e667581a40fee4bebe7fa9d87b70a5bb876c928f7e6d16ae604b3a4e9c7f1d616e2deab96b6207705b9a8f87468503cdd20a3c02cc8da43d046da68b5ed163d926a5a714a4df1b8ef007bca408f68b9e20de86d6398ad81df5e74d5aaac40874b5d6787211ff88e128cf1676e84ca7f51aee5951efee1915dcc11502a8df74fac4c8451dda49b631a8fb87470f0ebe9b67449bbd1640ceee6101e8cd82aa1033fa84f75b28450e461b93f65da5c43759b0e83660d50961702bb1ad015dad42e600117475237cf6e7279d4a02d1f67cf59de0108355d03963e3d84ce7647173dd7d77a6b3f275d7de74236d7bbb2df437d536136dbe1dbe8f307facc7bc7d0cde1abf745cbeb81af1ab2c46138cf007e901f22668377958bcbbadb7e9905973b27ff0c5baaece25e974c1bd116cc81dd1c81a30bae86a6fb12c6a5494068e122153128313eb3e628d76e9babc823c9eb9d3b81bacfa7a6b372abe6b1246a350f23e2e95b09c9037a75aac255ef7d4f267cad3ce869531b4165db2e5a9792094efea4ae3d9ea4d0efdc712e63df21882a353743190e016b2166e4da8a2c78e48defc7155d5fdfc4e596624e6a19c91b43719a22c1204b1cefe05989d455773d3881fa8d3eefc255f81dfe90bd41dc6f1e9c265a753298a6e98c999acd9525a9db5f9f9456a0f51a93dd9693e1d9c3fa283f7c58a9c752afcaa635abea8dfc80e2c326b939260069457fdad68c341852dcb5fcbbd351318defd7ae3b9f827478eb77306a5ae14cf8895f2bc6f0f361ffc8aa37e286629dc7e59b73a8712525e851c64d363065631edc1609f3d49a09575876a":"b71ec00c0fcc4f8663312711540df1cd236eb52f237409415b749ff9436dc331" + +SHA3_256 long #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"c041e23b6d55998681802114abc73d2776967cab715572698d3d497ec66a790b0531d32f45b3c432f5b2d8039ea47de5c6060a6514f3ff8fb5f58e61fd1b5b80524c812a46dad56c035a6e95ecb465ea8176d99b836e36f65977b7dbb3932a706d3af415b6f2549b7120ecb0db1e7d9e6f8df23607eda006436bccd32ef96d431fa434d9de22ca2608ab593eb50b4d6a57f45c1ce698c3283a77d330b876ad6030324a5c0693be7790a4bd26c0a25eb403531f37689829c20546d6dc97327131688b3d88766db8f5d1b22050450c37e53951446dd7155a3e6d7edcbe1354411d8f58154475d74008937e8ba48b706066c296d1a87936dd023ac8eebe7605a58c6c40da774cf9df189db0050adcf7629e66cbd1cf9824397834cb13c4066c26e6c8ec950b44fc1c8db8ef976a7ec8c4f4ec9849ca7a07f906223053b80db24b946b034ee7a30880d0ace348acba0d0ed21ea443816706a216ce9eb682d1fe9dfc1d2e0bf3b1449247413520b8d8ebc99fc298c6dca949be0ffebe450b9b79a387a615d617b8d9da5b3e8d2776208c7cc2a11bdbc387f9d4597b380739b24ae59dcd5fb63bfeefe0746d9266cfda18afa583d6891e483e6d5c0db305f5609beba75bb5b447ccac2dfb94ede4a94db6eaaf3070d8d5353f107f7bd74528eb913e0b19bed6236a3b48567c46a9eec28fb6486f92d0d09625452d8f4dd1b89c566533cc2326b820c2b9efed43be8481cb9ad809e47af7b31795cb0fbdb18fbb12e8853f8bacec366a092daf8f2a55d2911fc7c70ddd33d33e86c2c4ceeb9390ec506b399f6fa8f35abf7789d0f547fd09cb7e6fb6016a3fc2a27a762989ae620d234c810777d5a1bb633744af2844495d2963c986ef8540ca715bed7692c77b9dec90e06acc5986b47dd4a8d3ca3300b2bedf9f26ae6d1c7e7acef05c0fc521c3309e1e70771eea6e96b67de5e3fb6833145bb73d46081b074539498307929da779e003c27f0a171035458b8c7c86c905b23dda74c040878d5a05be94821537724ebd5608ec0754c3e3e99a719bbb6d5320eed07323fca637429b18378936364c389de1e9c6fce8af270a713b4b829b43e7d761e17724c22e84611e1322dde45cbee86a0e16d01cfb8910d99391c39afd8e5f5567c59f219aa8c19ad158f287cb6807ba1fe46d38d091639a217766b3aa9ded73ac14570ba236225218305d68c0be6099c336ba8455c86b7c8c04542e729ceb84596c33ca6eb7ec1091b406cf64495ccfa2169f47b3b590477d4073537c14c05015d51ba527b3869ae4ebd603df906323658b04cb11e13bc29b34ac69f18dd49f8958f7e3f5b05ab8b8ddb34e581bde5eb49dd15698d2d2b68fe7e8baf88d8f395cfcafcdff38cf34b59386f6f77333483655ee316f12bfeb00610d8cba9e59e637ca2cab6ed24dd584143844e61fcca994ba44a4c029682997ab04285f479a6dc2c854c569073c62cd68af804aa70f4976d5b9f6b09d3738fcccb6d60e11ba97a4001062195d05a43798d5f24e9466f082ac367169f892dfd6cc0adeef82212c867a49cba65e0e636bab91e2176d3865634aa45b13c1e3e7cdb4e7872b2437f40f3de5493792c06611a9ca97d0baed71bfb4e9fdd58191198a8b371aea7f65b6e851ce22f4808377d09b6a5a9f04eddc3ff4ef9fd8bf043bb559e1df5319113cb8beea9e06b0c05c50885873acd19f6e8a109c894403a415f627cd1e8f7ca54c288c230795aaddde3a787c2a20ac6dee4913da0240d6d971f3fce31fc53087afe0c45fa3c8f744c53673bec6231abe2623029053f4be0b1557e00b291ebb212d876e88bcc81e5bd9eb820691dca5fbdcc1e7a6c58945a2cac8db2d86c2a7d98dc5908598bda78ce202ac3cd174d48ad9cac9039e27f30658eef6317cd87c199944343e7fce1b3ea7":"ad635385a289163fbaf04b5850285bfe3759774aee7fd0211d770f63985e1b44" + +SHA3_256 long #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"01ec0bfc6cc56e4964808e2f1e516416717dad133061e30cb6b66b1dc213103b86b3b017fa7935457631c79e801941e3e3a0e1a3016d435e69a390eaac64f3166d944c8eb8df29fe95fdf27adc34631e4a1f3ff1d5af430f3d6f5908e40c0f83df1447274dfe30bbe76b758bd9abb40ed18331c7552dcc6959a1303e11134ec904bd0aab62de33c39703b99920851afd9d531eeb28f1c4b2e6c17c55db8296320316fbe19e881b5fcb4d266c58ca7f31d9176e26f70315330b58a516ec60d10404a78393aa03ced7acd225cb2a83caf3ab5888406a69a534f1ed1346e9b5e68831f90b872d57367361191c803eb7e38b3b9cd601282d5efdbf082db07d89bd06b093f986d08d3a7b12aa74513b6eb241b26ebf31da5726d59e315d1b4ee53ec6a9fdb6583bacc136e90e9607cab01e5d3853ab9727ede706b6f10b4e04d0510f45c0abc515bcb5ed0bcce86a92861126f4d502fcb8f988d62ecf9d124853de2bab633f9506c6fde8a36cd4413cf773e50f7b2d283482f18e2f547c2fc275cd60056ed98fb8d0816fd777c1566f0c2ae3b1cd92e344910a75e006106d193e06f7786ae37dd0e529cacf74176fd4cc1f6500549af5902dbbd56a70c194f5b671372edec425f90add40b4eb3d55123f3ab62797ad25bf5eecf4f417f86b00e6f76a4f52e44fd949851aae649dd0d26d641d4c1f343c7a2c851ca7851bbbdfd57ed6024eabc518a909a1e4689ea7bc5f83e19872950368a06e93ab41944c3d8befc5705b814e5f33511a7f7ea8a4771c804b321a3a3f32c18fa127d3c9e6c011337dc100ceb156ed45d0a62f238dacac44a3429f89bb7f98d09043c42451106e30471cc6fab7a4e1ce0a8202772b0218b631f287ec3ef82b1aa6299a0b54d6aad06aa9346d28f117d20f3b7f0d462267bd3c685cca8f4584532dfee0e8b9bacefa3092d28fcce7953a28f82e4ba6b3a1430ecca58b770dab656bed1b224663e196dffc28c96a2c65ef9de1989a125ecf2fed47eb96bef8a636a91bd521c47aeb8bc011bf81cc688fd8b620446353cbf7692201b5552cb07fb02eb3954dfaa6f5c31bf91e20b84419dcbbdaba0c31a124d8f4218b2f88da3eba44dbe40eb290052538dccd0ff7670de5f33a83ff74895b66adcff58c9c21e93b31bb49ccb2e026995ee155b5517b72daa76526a2e42aa6fa94357cd42e2a8a1d3e7d4cefc33d5d07d6303d798d2551a21f862b5f492d0c7cf078a77007a02847b34675dfad4fb457e9f20dc5750fb127a3c31b9d6a3996d50ac3ffc6ef29cca1d8414d0438bf3271dc4f4e00cfe19a507b447dc310f74aeb2a3c0b3fae6d7d13f4935bc72c35df3efa6e879164421505ee32d93b030e32a7970b53430b1643855167278e5058c4a48a7840e2fcdb282e45b5b86c0b2756f19b595f3bcfc926df35e33ac26dd1e88cd394015a5f54deb4c9f4a0bef0eabcb27c4eb88dc2302f09e92f1bcc4b4754df1eeb536154543c7dbf181c9979fe6ed08311e5a3acf365ebb5745212b2630e83b3a5bd5fa4834c727248b165700c7435f8cb6ee455bad16ee0da68fe6acd2062dae9c8bc178b157b29ade98a9bbbd4c723a3dcb7852c7978b488e4f73a2c9163dbdffae175119f812b6f4b70c2b498704bc2b58603f167f277a74e64ec296a6dfdb0de3486c0f36ac1b55f80af9fc817ba4f84b898b2a3c5725e2faf466bb26a8a84f91e123d182033a7ae2029236aa4b673ceb50c1733d7edd60e3f119b7141c882d508e0331689c96fbfb9f7e888fe88561de427c721123036737c1460b0da00d3f958b948f68fcb321ab4e297290f781ff8afb06b755d82a7e6ce1963761d799eed786524bf19801b4877b2d856becdf7e87d71aa359f2d51f09de64bcbf27d0c3aceac70790e314fd06c2f5216f3d10574b7302d6bc2775b185145c1b741524567c456d42c5826f93afa20ae7196ca7224c3b69b1eada9eee752fb6d43f24170fcc02af7e1dea73f0f884f936f900165800acb9d57480a31e409d3f676ed92b6812cf182a088fc49d68082aa19c7be0711f436db1d7be44d97dc9405591a8d3e7f6f731c6f3e6c401749829b7624497f5eeac1fc782e7d6988340541f2617a317e":"2a6283b1c02c6aaf74c4155091ff54a904bb700077f96a9c4bd84e8e51b54d01" + +SHA3_256 long #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"9271fd111dcf260c04cf4b748f269ac80f7485c41f7724352a7ed40b2e2125b0bf30f3984ee9d21aab6eb07ec976b557c2426e131ad32bd0485aa57172f0e4f1798760f8352067ac023fbeca7b9c8bf5851c724e90ffff44195b44ae73c9c317c85e8e585bddac6d0f2abf812d02e44b62eadb9d0765683aa56af8e9b91588c7b49dc3e146866a02dc18f9ca680f88006094ef29096c2d5af5700b4aca3dfcab462c48bb8085691671efb5ceb22b3ebd8702f71a1d7c184b1053c3fa30a7e76b85f3650d9140714fd4993bb496becf2ae01d3a98ccfdefb6fefd692173bd11af7adb61ffff214a550ffcd3a5993004ee72cb02ca9c577b42c85444e619e6411e2bca86bb548ebbd12a02c5c945eaa3b246f595d817f3849875429e72ac894160a2a91a6617f18e6b2b9258472152741d62843cebc537d25f0daebdedb410d71ee761662bd1b189ca1c93d648b5d141d8d05e3f2b2d8c2c40997fea7eb7e2cc0000d8b2300936759704ef85f38ad0d08a986de6bfd75b5be3209f6d4d3f67e7adf7f8469d47e81979ec8dae7127b5eadcc09779cf4b0a28efaaf58e83d307f2ced4a8699b142f3f19db5598e914e9577652c63f851203580d40699548fc2ab30a9dcf6452f673ad1ed92f8d84dad5dfff55e18107b3acb6e4e8e3c9c34038f40a5c577fe9771c2c31ef03d36a00e04a20d2d0877db66f091dac4b741d2a997b75182702881f9284fa23b9b3c20e715f80d07b9910a4b3185f9489dc7d3fb510f4da273559753d7d207f3975b48df2e7c857caffe703dfac53a786490c09f57d2fa93f60810186df4c0b6b616a04caab9f70a5002c5e5d8da0ed2805f20fbf89cd8d57ca2b4bd37125ce38bf09fb6170ae21f4e6043a9483ef6e585756d97cfb778e57bc7ddc8dfc54d086d6bcfa1f019c749ff79921ec56e833ff8660f0959cd4b5277e9f3b1d4880193fefa98a6c2512718e7c139acdcd324303db3adb70348d09b058baf0e91d52b24952f832b0a3b81fa9bc9a2e9fb276a64e9e0922778b4992d892f6845b4372a28e47d27b53443586d9015463cacb5b65c617f84e1168b15988737a7eda8187f1f4165fecbdd032ae04916cc4b6e18a87558d2ce6a5946c65a9446f66cda139a76506c60d560f56a013b508d6ccbbaa14e24ad0729dd823bf214efcc59e6932cdc860306687c84a63efb551237223641554940a7a60fa7e6ddad64a21b4a2176b046dc480b6c5b5ff7ed96e3211df609195b4028756c22479ba278105771493870372abe24dcc407daa69878b12b845908cf2e220e7fabeeaab88c8f64f864c2bacba0c14b2a693e45aacc6b7db76bc1a2195cfce7b68f3c99440477ea4c1ea5ee78c109f4f1b553c76eb513dd6e16c383ce7f3187ad66c1d5c982724de8e16299c2fde0a8af22e8de56e50a56ac0fef1c52e76864c0ad1eeedd8907065b37892b3eca0ddcdf5c8e0917dec78fedd194ea4b380a059ccc9452e48a9eba2f8b7a4150b7ba17feac83c61604c3cfcfe6655c2be37ef0ae6fc29072f9b1cfb277b64a8d499dd079ad9aa3d5e9a7ccbec8c100596c6fac51e13a260d78d8cd9066edc558e2219cfcda1310dc1fbbdd36f348756855349f33eb6b82186a8c1a55f361305833edd3e4ac8d9b9cf99897c4e06c19ed10765fd0c8c7433851445c5f87b119ef913b2bcdbf7aa2ad19c672e53a9c6c3c309d549513edd7c1cf8a0a399e6df0939cc1fb146d6ad460e2ce05144c69eafa3822141d473fbe5927c58a50c1e842f8b8fad85540ce9f6d06f7b4dea045248b999d24c5fd4d75631caf73518cc08f73684e2a1cd4266235d90c08a0d0ce8784c776fd1b80978b83f0705ba8498744884d5496b791f2db3ffb5377175856b25a643803aa8b9e7f1055e089c1929cf0cbba7674c204c4590fb076968e918e0390d268eeef78c2aebcbf58a429f28212a2425c6ad8970b6a09cadddd8336d519bca4820556d2c4b8cd9f41216de3c728a0774edf47d3489cd29cf1b2a192bc53325d0bed7d23e51be7684297f9d0ecb14acbf648bc440c5fde997acc464fb45e965e6f0dced6d4568ebcd55e5a64633b05a2cb4d8263b721a252b1710dc84d8a5d4b43fcc875e2e7281f621b0bf8bb3465be364456bcd990b26b3e474486f864fb85f320f68bc14c37d271249b18552bef50dfc385a9f41b831589c5a716357cf5a12520d582d00452a8ab21643dd180071d2041bbc5972099141c6292009540d02f3252f1f59f8dfcf4488803f3b0df41759055559a334e68c98ea491b0984f2f82a35db84ea0779b3801cf06b463a832e":"4e75bf3c580474575c96ec7faa03feb732379f95660b77149974133644f5d2a0" + +SHA3_256 long #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"075997f09ab1980a3179d4da78c2e914a1ff48f34e5d3c2ab157281ef1841052d0b45a228c3cd6b5028efd2d190d76205e1fdf4cec83c9868fe504f429af1e7c5423267c48a7b5bc005f30a1980147a3fae5c100b95c7cb23d43af9f21d87311d9cc826598993e077015f59ebc476383bb7a78787d915c97039ab188a2a618f7a8d7f64542ba787e9dd7d48c4c87d2aaea068c1b00c9711b2812901673c11418096d0a850fb36b0acece56d311689dfeceb0835009adc427f6d2d6b05ed26f5a43b6478bc72c1f914a2202dbd393cb69b1a1e78162e55ca4b3030ac0298131a7a0d934c032cc9dfc5afa600c59b064d2d9013f15d1184278a8ccb5ad9d7563e666fe5a8c173cec34467ef9cf6d6671208ff714741fee7c8d1d565edf82570dffde4f3f584024142056d8548ad55df83d1babed06141114c95ac88dbea0ce35d950f16d8a732a1ea7d22dfaa75a3e0410c546523277261116a64bcbb2be83e55e040f6c8c79f911b301a8718cc4b19a81d5f0cb6312d87c5b4b079e23a61d247541cfc2c41a37f52b2c6e43a3db5dc47892d0e1feabcc5c808f2391791e45fb065159f99c1d8dd2f69baaf75267eb89dd460f1b6c0badb96cbbc8291cefa370fa7ad6997a4ca2b1fe968216032f02f29837d40215fa219c09161df074e1de8e37056e28c86d1f992a651e271dfc4b0592ad481c613fd00c3eea4b6deabb9f5aa63a4830ed49ab93624fa7b208966eccb1f293f4b9a46411f37d7928e4478dde2f608d3851a8efa68e9d45402bc5124fde4ddc0f83ef82b31019d0aacb4b5121bbc064c95c5292da97981f58f051df9502054bf728e9d4fb7e04787a0890922b30a3f66a760e3d3763855e82be017fa603630a33115a02f02386982001def905784f6ba307a598c6dbaf2946fe9e978acbaf3e4ba50ab49ae8e9582520fc2eb6790deafc77e04a8ee75da92d16f0d249403112c74bc09102b573e110ccb4d8461d249bfe2e85fc9770d606be6fbfd5ec4c30ac306d46412f736e5b696ccc9fbe4adea730955c55ea5c63678271d34b7bd6f6340e72626d290820eeb96a0d2d25ea81361a122ffe8e954cf4ff84f4dafcc5c9d3e7c2ddbdf95ed2c0862d3f2783e4566f450ec49e8b01d9d7bf11e92a7903f2b045c57ed8a65ccbfc5b1d2a38e020a57b38f2e4deea8a52354a7e7be4f977b8f5afe30f6738e955c8bda295064586b6827b245766b217fe39263572b0850965c7ae845611b8efb64c36244a39b9fed0ab970ee5ddeb8f2608dd9c963524a14050c9101d7f2d5537b24d0b0f7a45703c1e131656ec9edc12cdf71dae1cde2790b888ef2a589f03201f8bbfad71f0c4430477a6713ad2e50aaefa1f840cbb839e277389454517e0b9bd76a8ecc5c2e22b854c25ff708f9256d3700adeaec49eb2c4134638ee9bd649b4982f931ec3b23cc819fbc835ddcb3d65e04585aa005e13b7ef8fcafa36cc1a2c79ba6c26fc1dc0f6668f9432c578088cd33a41a778ac0b298fcac212edab724c9fb33d827409fd36bc4b2b0e4e81006fd050d94d3271e0427c61e9ddca599a3c9480cfdd33603cb1a196557281ce6a375fef17463893db293dba0704d4bfda25e08beadd4208c58ea0d8d9066448910b087fc13792fc44075a3fe42e13c5792f093a552aa8ebe0f63e7a807102d5bc145468a0cb469263035c5647049054c18199f7da6d6defd51105e2125c605e327aca137ca85e3f7f46ca69f92d5252f84418293f4e9afeeb067c79576e88cc3c64f3e61d76e1e9e2f72cdfc35261a9679f0c374d7436ff6cfe2ba71650810522fa554a4aded87ad23f0b206b1bc63f56bbff8bcc8849d99e209bd519a953f32c667aa8cd874ad99846ed94b92f88fe0dbf788c8431dc76ca9553692622077da2cdea666c1b3fee7c335da37737afccd3d400a23d18f5bd3784dbcd0663a38acb5a2beef03fc0a1c52ee0b56bda4493f2221e35bee59f962f16bc6781133204f032c7a6209dd3dabd6100325ec14e3ab0d05aadd03fdfe9f8737da15edab9d2598046f8c6dd8381aaf244821994d5a956073c733bcebf9edbc2a6e2676242dc4e6a2e4ba8a7d57ed509340d61fae2c82bee4dedc73b469e202cc0916250d40a1718090690a1d3b986cf593b019b7b7f79ae14843b2e7ccf0fd85218184f7844fbb35e934476841b056b3a75bf20abb6866e19a0614e6a1af0eee4de510535724363b6598cccf08a99066021653177559c57e5aaff4417670a98fe4bd41a137c384f98c0324c20ef8bc851a9b975e9440191ff08deb78c9fa6fc29c76b371a4a1fa08c30fc9d1b3323d897738495086bfd43ef24c650cfa80c42ecbadc0453c4437d1a11b467e93ca95fbae98d38dcb2da953e657fb7ea6c8493d08cf028c5d3eb0fcbcb205493f4658440719e076e02deb07332d093e4d256175ca56f4c785d5e7e26c6090a20429f70b3757daac54153bc16f5828dc6c1c9f5186e2117754be5f1b46b3631980d9e4a9a5c":"2e07737d271b9a0162eb2f4be1be54887118c462317eb6bd9f9baf1e24111848" + +SHA3_256 long #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"119a356f8c0790bbd5e9f3b4c5c4a70e97f462364c88cad04d5435645342b35484e94e12df61908fd95546f74859849b817ee92fbd242435c210b7b9bfbffb3f77f965faa1a9073e8feb5a380f673add8fde32208402fa680c8b3e41d187a15131f1028f9d86feaf3fd4b6e0e094d2ba0839c67267c9535173ec51645343ad74fcfaae389aa17cca3137e2588488531c36ba2b8e2f2238d8415c798a0b9a258f1e3cef605fa18977ad3d6707c3ecc5ea5f86ebdaa4b4b0e5bc023d1bc335138ae0de506cb52f2d9efa0ecc546468310cccc88ec08d28c3602e07257f41bb7e4d8a0956c564f3712761d199a931a39e69c5a69aa7b3257931dd92b91e4ed56fbf64e48bd334945cfa2aaf576df04614eb914899f7df54db4012cc8261b12bedcab69876feedbbf7009dcf8d076af89b797ad71217d75cf07514dc07ae34640055c74c9faf560f491f015ac3e167623cfbc67b8e7163e7c1b92debd06e9d28b049e0298f4c38395a40a0778162af2cfe5abe5b946c4d9a54f2a321660ab521068c4957cd3f5be0324cc04f50f209fdea7caaa0ac705c1fb30abfa550e844f509074afde1ee87adda29aa09b7f93e7d064ad2715ee5571ee6e7c9a01672124cc2a22b4354c3844759c1a6ce3fdf17555cac7df73334073ef3730939410fe6cf37463352ad241958b7fafbc66e0d592df48bf55ab2c33428e494c6995826892572d9ab52747b1085fcbef318cfe9cfacd4cd80c164fba584c1344ae7e321c4f77b44db6b322f2f7831f4d4ede7dc407b065c6754cf4424f9903adb4c6b675ded58700bc36da83fd95e84e76c404f7342921ef23d7d07772f5b8ec2f077601cae13448385b04e074f895574be61a831a87efd68a1f6aa67cf291847fa8f74cbe3b4a78ad780895183bc51c30ad2514255d4e013abc097bc8103c0b1933b0b303341836ae167c1e31dfe5f1b791cb06ef29cae398065343eecf06e4ae2048d1547c4bf69ccec5e86c45867c633c62f7d27dc51234b6debb5b9f80a5810716240c64443d0c098c80220d0520a5f5834369b9eb019325e23e88f237c24440bf27959caf7e7e4f1671fda710630255a2962f7e9b3625dc243a0177aacf6a758a68aa85dc3f56181a4a59a406c7fae5575c9e2c64248f520b5a5f904821661e2e43a5a058f445fd0e55b07476c4122d18033053b45112201e0bfdcc9e7cb9931155018ca431a0564930aca8defbca954b2680753a4060bec2cb668d2c15e77cba29589b5c7c07bc7177a8b1adb3a6968732f9213476fd96901514626fa17243af1d156cd037eea81d773f1f71a018d942b524b851794b300c7591ecd783ec8066ccb261bdf9b7a183dbda42b92593b614297dcb0fabcc23ae69797d0251b8ab57a4da2a544615216b01f4dbe2d8c9b5520c7ed9cd9312e9ec6d05a36e7f693d1821d727518169b03976394b9d1e1d7fa2daa25529d391eb5d0cf0f07a8160be2ee043d9345037c655c4f2023689f14d8d2072dd92c1dba056a5b5d4c4fc4196e25caab05b1701ec666ac9a04d90f7d7575a7ac3970252c18fd3bec0cc448e5ff8f3765d546a4a8ad1d41a9640c79375b80534b7b50989976f238654fefea981c9413130beae943a3e9d8f64ce9256d1259d1b2a6b3c02ca5af1a701db8f25a4e9c255dad8785172f323728c3585a45206ae988c283e30a2f9ea9b47f07a7521b0f36e9c504c14bd96027e8d24161e70f196576d8a74a5e9c26acda7cc452a90e550e625a49e50829db70de808c827c67d00c23ee073d4e72aeed891dd73b86acd6756e753e3975a80cdab1d521052caef6a5380f8b03023ba0326a6928aa127ffb33b51dcb05bbdd592d0ad9e8321e6ef2f95c401be6a37e634425689fe7750e2a0fe05ad89001502b309095ca517b2e2ed0388b9f2c59c45feb61222539d6e1ccd397344d23708aebacec10ada96a7711f173f7ff1e4b94fceec6a0a0ea5d814a4581b412063012ff6ac5527b8314d00326b68c2304a276a217fde9fa4034750a2e47e10f816870d12fc4641a27a1c16c35a953f32685f2b92cae0519848045765591c42ddc402dc7c6914d74dd38d2b5e7f35358cb1d91a9f681fde7fd6c7af5840663525ee1d04bf6d3156fed018c44043d95383d92dada3d1cd84af51d9bee814ec8675073e1c48632c5f59e257682542e1f7dc20b56b5c92a9e2cb2be30cb1512fb55fa1de99a3f5864ed3acc19d79e6ffb0da3b08ba0615157747d75c1f308fa0202a4086f34e9eafa3e071dfbacaca731d228aa0304cf390c0a9e6ad7ce22ade758965cfbfc4c9390d24e41a667447fc7b29821464ad98bc5d65dc7f9c42bd4b23e174015592ff92c905660a2722f9fc7973d3cdad848ef88bf02b1b03dea16699b71dc46b35bc4d96069a0753335ae38685d244918e30c5fb0d45283a1281c1659ea591573999d9c2acd2ca9141d55230d41011b70748b518e1cd2fa58ad8dc05fcbdf0bffaf2c7fd6cb2ac67bb13b8f6d31fad64ac113664223599dca411270955c95aec06518894dabc352d2b70984727437040d944da7b42e0ef560ac532de3e4a4891e8509c275b51ed780f8660b0354e12c21b3e11bcc88198980b5f7ff31ad342182d5a933373164dced3cfb2a081720d7eee676cb7378a3e19326a7ee67fd6c00521f9de37c66bcea814b6feb6a061b8cdcf7b4bd8f45d48602c5":"c26d0b064e409df64819cd7c1a3b8076f19815b9823adac4e3ce0b4d3a29de18" + +SHA3_256 long #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"72c57c359e10684d0517e46653a02d18d29eff803eb009e4d5eb9e95add9ad1a4ac1f38a70296f3a369a16985ca3c957de2084cdc9bdd8994eb59b8815e0debad4ec1f001feac089820db8becdaf896aaf95721e8674e5d476b43bd2b873a7d135cd685f545b438210f9319e4dcd55986c85303c1ddf18dc746fe63a409df0a998ed376eb683e16c09e6e9018504152b3e7628ef350659fb716e058a5263a18823d2f2f6ee6a8091945a48ae1c5cb1694cf2c1fe76ef9177953afe8899cfa2b7fe0603bfa3180937dadfb66fbbdd119bbf8063338aa4a699075a3bfdbae8db7e5211d0917e9665a702fc9b0a0a901d08bea97654162d82a9f05622b060b634244779c33427eb7a29353a5f48b07cbefa72f3622ac5900bef77b71d6b314296f304c8426f451f32049b1f6af156a9dab702e8907d3cd72bb2c50493f4d593e731b285b70c803b74825b3524cda3205a8897106615260ac93c01c5ec14f5b11127783989d1824527e99e04f6a340e827b559f24db9292fcdd354838f9339a5fa1d7f6b2087f04835828b13463dd40927866f16ae33ed501ec0e6c4e63948768c5aeea3e4f6754985954bea7d61088c44430204ef491b74a64bde1358cecb2cad28ee6a3de5b752ff6a051104d88478653339457ac45ba44cbb65f54d1969d047cda746931d5e6a8b48e211416aefd5729f3d60b56b54e7f85aa2f42de3cb69419240c24e67139a11790a709edef2ac52cf35dd0a08af45926ebe9761f498ff83bfe263d6897ee97943a4b982fe3404ef0b4a45e06113c60340e0664f14799bf59cb4b3934b465fabefd87155905ee5309ba41e9e402973311831ea600b16437f71df39ee77130490c4d0227e5d1757fdc66af3ae6b9953053ed9aafca0160209858a7d4dd38fe10e0cb153672d08633ed6c54977aa0a6e67f9ff2f8c9d22dd7b21de08192960fd0e0da68d77c8d810db11dcaa61c725cd4092cbff76c8e1debd8d0361bb3f2e607911d45716f53067bdc0d89dd4889177765166a424e9fc0cb711201099dda213355e6639ac7eb86eca2ae0ab38b7f674f37ef8a6fcca1a6f52f55d9e1dcd631d2c3c82bba129172feb991d5af51afecd9d61a88b6832e4107480e392aed61a8644f551665ebff6b20953b635737a4f895e429fddcfe801f606fbda74b3bf6f5767d0fac14907fcfd0aa1d4c11b9e91b01d68052399b51a29f1ae6acd965109977c14a555cbcbd21ad8cb9f8853506d4bc21c01e62d61d7b21be1b923be54914e6b0a7ca84dd11f1159193e1184568a6134a6bbadf5b4df986edcf2019390ae841cfaa44435e28ce877d3dae4177992fa5d4e5c005876dbe3d1e63bec7dcc0942762b48b1ecc6c1a918409a8a72812a1e245c0c67be6e729c2b49bc6ee4d24a8f63e78e75db45655c26a9a78aff36fcd67117f26b8f654dca664b9f0e30681874cb749e1a692720078856286c2560b0292cc837933423147569350955c9571bf8941ba128fd339cb4268f46b94bc6ee203eb7026813706ea51c4f24c91866fc23a724bf2501327e6ae89c29f8db315dc28d2c7c719514036367e018f4835f63fdecd71f9bdced7132b6c4f8b13c69a517026fcd3622d67cb632320d5e7308f78f4b7cea11f6291b137851dc6cd6366f2785c71c3f237f81a7658b2a8d512b61e0ad5a4710b7b124151689fcb2116063fbff7e9115fed7b93de834970b838e49f8f8ba5f1f874c354078b5810a55ae289a56da563f1da6cd80a3757d6073fa55e016e45ac6cec1f69d871c92fd0ae9670c74249045e6b464787f9504128736309fed205f8df4d90e332908581298d9c75a3fa36ab0c3c9272e62de53ab290c803d67b696fd615c260a47bffad16746f18ba1a10a061bacbea9369693b3c042eec36bed289d7d12e52bca8aa1c2dff88ca7816498d25626d0f1e106ebb0b4a12138e00f3df5b1c2f49d98b1756e69b641b7c6353d99dbff050f4d76842c6cf1c2a4b062fc8e6336fa689b7c9d5c6b4ab8c15a5c20e514ff070a602d85ae52fa7810c22f8eeffd34a095b93342144f7a98d024216b3d68ed7bea047517bfcd83ec83febd1ba0e5858e2bdc1d8b1f7b0f89e90ccc432a3f930cb8209462e64556c5054c56ca2a85f16b32eb83a10459d13516faa4d23302b7607b9bd38dab2239ac9e9440c314433fdfb3ceadab4b4f87415ed6f240e017221f3b5f7ac196cdf54957bec42fe6893994b46de3d27dc7fb58ca88feb5b9e79cf20053d12530ac524337b22a3629bea52f40b06d3e2128f32060f9105847daed81d35f20e2002817434659baff64494c5b5c7f9216bfda38412a0f70511159dc73bb6bae1f8eaa0ef08d99bcb31f94f6be12c29c83df45926430b366c99fca3270c15fc4056398fdf3135b7779e3066a006961d1ac0ad1c83179ce39e87a96b722ec23aabc065badf3e188347a360772ca6a447abac7e6a44f0d4632d52926332e44a0a86bff5ce699fd063bdda3ffd4c41b53ded49fecec67f40599b934e16e3fd1bc063ad7026f8d71bfd4cbaf56599586774723194b692036f1b6bb242e2ffb9c600b5215b412764599476ce475c9e5b396fbcebd6be323dcf4d0048077400aac7500db41dc95fc7f7edbe7c9c2ec5ea89943fe13b42217eef530bbd023671509e12dfce4e1c1c82955d965e6a68aa66f6967dba48feda572db1f099d9a6dc4bc8edade852b5e824a06890dc48a6a6510ecaf8cf7620d757290e3166d431abecc624fa9ac2234d2eb783308ead45544910c633a94964b2ef5fbc409cb8835ac4147d384e12e0a5e13951f7de0ee13eafcb0ca0c04946d7804040c0a3cd088352424b097adb7aad1ca4495952f3e6c0158c02d2bcec33bfda69301434a84d9027ce02c0b9725dad118":"d894b86261436362e64241e61f6b3e6589daf64dc641f60570c4c0bf3b1f2ca3" + +SHA3_256 long #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"bdb13d9509e694e748c75c966b0fae62ffa91aadb022498c0c5fe11e8a8ba91dcb54eeb21f57258e4bd8d1368ab7a79ed19ff0fa578130d1554105530aaf51ec03b89b1999deb37bbbe5952aeecf904b910ba8e566ea38f04e52dcaf54b68d40ed450e727e6288d61f5571199f40b190c8540815e444aa1280fa2ddb6f8aa54112640e64d7cdeac800902aaba6f05296fde2d933d979ce5e71a2c27e6311e116f97b6297ab062279e5fe8b890ac9bb85b81de2e64e70ecfdabb06141393589e82bf4d3b402f5771056075b5bd3b23484826dedd749114c16b68ed3ccf8dce4de2e352963e58233b5db1361c8099204bbe13ac0add54436d218a2dfc6a8f03b218ca82c4b5a959c92fd8a6679b55374535fec2511f7f1f1595b564fd85258d6d8ccb3a3156c16fccc43d43216dfdccc7484ebe1abb900c6d20611eaa9fdfcfd2c77c0586820ed998e36598d468d155445d79fbf222259fd65a23a77e2b1c4f845143611ed8002bcfe5c813fb1c9e653efe071861f3ae5de3cb63bbf2a76980e4a2b7d974c933dac4440b50f009a37139927c7fd490a8ab07cca7b8a2a5560896345fdb22c6187b389675bc7db09f0da6c350aee499931bd5067629f895504afbae91d2935f3c617f55bdd2de91cf9f19091a31fc6f0c34bde1458c8f07f6cc9749f48c61050e421afa3a10ad3dd3aa02cc3f858691526a34e59c5cb07d9811ebcefe34f6580c719e0c7112540549c2e69547363da12440dc9be1171756e29f8b862578ddb8c5947af4f9348d98805e56ecb7b07c0ef03d077cca482e3434d9d907f0c481b7b80f245c4913946815e0b64b0770bc3b24d367f0ae7c6f862d6566dce6a48cd552664c9ae72c12e4790e9728cd1388c650985090040055dd2aa6b77d8da54982332e364939ea83ae382c7c1e5f056c30f1f063f371806b99bb324d524c23624ec8cb83efd7db6115c1bed78463c2d10b976014736d892b5c6d7c9b03b8bb41ab81c2b7e7377b35bba45a2c0341d84196af8be4985e671f95900a12fa39e97228fca834d7ef466c205e72fc139fb24892a8c846eadac6b2c5f15f57be661a6e37a7e0ad2a55c98ec46e8dca2dc3ed606011a9ddd359047f6ddfe0dbb8b3eab0680200636701711818532f18ca64e6038f88b4fbfa5fccf01dda331181b9c6c32aa98c0a0678d992ac8acb6a61d948ac916c5e33c8657c9f266eca9ba1de3b310ffce80391326f88f193e7319cb761e5e64b1a17b5f09fe7481c1bcc8197a464887aa8e28fb4bf5577fd06f0c385de2a2e837d0a5b87a362d350ab46a98cbed814a153196a7625a2a034af3a8eab2a03aac40b9e1191239c58aafd7ca213d726351f5b2aba0d5edb2ab9447146bdb1ed1b8b2a5580b39cee588986e0d3c389c98a334598e6d0a77948197b3794342250d1277da321557bf3538adc05e712432c548b86e68966bbf7b8d397ffff84d7c96c475a196c0d4d25ca1d717e3496afd95496b3960a45e8f0dd663f2cd1466ed15d69641ac9318d003cbfcb9c44b70c5adad33029f1e4dadf264fe550c1ff43e324ec0049d168b80d1bf05ef2a009f51b87cfa104d8c9fe2d33ff0f0e39f5f389436dd3091d195ac6f84db013dee5f6b5cbea7ac9176bcf65870230b7b1e0ea3e495d40eaf4d9f1a84226437249f19d9417c221e93650cb128fe7deefc236b47c9748de620110f93b9a28ad9089b336410be53ae7ce1f7dbecf1e8e18d37ddebecdaf0000ca54fdfb60b342e106817d4718a22a47470e53b4b514b2b56e1cc59f4cfe5a39a92c5c622654a7f65902bf10bea7747a29c3e9aee278d1580a9a0578a5c5418f25fdb10a5b9b3142e9bd98387e53ae02fec6ac07c7a98e73317c2ae568725a83d94f884e80e5935940f88518c8353b742e8d1759e5353e996b49826ff5a4098a3ba83ec936c232abf769f24c3cdaa140419db81fcb9a662d2078b862edd8d334b58e60e4edbf93ad65788c4d4ca273f9d06f1ab3db4799c0e9804988a17f5c05ef688b2bf64c3af013baaf96683b37f343879bc0a4cb4dd73f06922bc105e86031cd1a2910e69cf6aa96d8b21fe341ef135dd7d0a8a406e299623ed6bd0b2ce635329a56ae2d4e336293941af459462fd8783b3e675039757129bc14060d7e0a522f882f3e6ea32904376e4b560b99480b5d5294516e69f26ed3865e3c7b704f312a602d32494069e808c3cde558dfba14839a6d073d1d0bdae61a3fb0d388272aa9bedb2a4bba58867e411cf2ef6e189c719f12f96ad7045dd8041303b44a14c72400b3a6d45587781e42b33f3de8c60badcd3098760c8e503fc082c57c2aba9f2fb2311861c679354f552b0aa2c454daaea14064cd420c6a73dc0946c99e6b0b335ffdffa261a036a804dee5dc854781eab7ccfefefc00f51ab31137fb39b8a3c57654dce4db9f04bebe5961399010a9e87d20c789befe989ae224f9af7115e15c71e020c778b817d9fe250d589942bb2e6e064edbff67cd8ae5df0c44d9255c7eff2a7bc8ed9df8a050cc3aa7f5402e3306c8058431defc513a89f069d6497d936a8e4e479eb31fa842a989a648bb8b8cd3f08c00eac6ad945cc0467cfd04bd3030a608e2009a053830677ad1e7f74ba2521a32e0aeb179aac91c6efcc1e9a3ec0dec4c16b7b541f6c6606ec96785f6fa0daf9a91e221c92b0be8da67a96aba0d4edb786428874e5a613f05eb4c0a161a731b3393298a149ba1d0395c280a784a7ffe2e48d7a282e99d5db0b619e6118a0ef79e62f96cf463074cec38c23b56fa1dcede334979a81ad7370fc8359c71bf5dcf2b9fb64cd117c8c9638c1c8feeb2a4b7f8b1f28ef664ab75638033afdf20cc0c7b97f4ac432042d04fd47b7a97faa1540e537745265d86735c7ca8928254f63a0efa390dc31321ebf190838dfb48902daf862c5e907bf4cb7b2bf8e733c248d2361507d3c976d297094eb93c8102fdaf2cc8961dcd3672e8200c99004c0f505fb196c5a0dec1c14bf77d70f8b1d0465336a9591545239d53eb9d2d903392994ce1fe06f76b6a9a853c9b6f55163716b42d96c9d790a9b0894e6c1af992d280245799504":"baeda8f50d302bb2a30a5bd5376af9aab5fe9f3c306613de91e5841eaf1fea17" + +SHA3_256 long #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_256:"f419d39625deb2ac11d7d361e2d2de958d3d94d0088da7cbb7e0cf3227e01aa8feeb840c3272c7fa7a9f7495023b438463cea73bd208a67c975fe81dc2fa0e0b19ce458f54071ad08da9909af2776f5dbd14e079666837b81645101c604a9ddc2c083ea9f3645235323c4ef6184e0c28825565112a7401881bd86eb8699a70221ee298e17752183251a2d633de87bfeb9cda5e8b88f6adf38f622b7845b02ee5d9a47bbf499914ced22151d8abec32b0f2ebf470e7b4e20258296ee55c54802d44960ecccf01ed119d02e76ee6430d7e6ccf4e46ae7849bc5f76608516500e0347007a8f72524c039a8dbf7cf955f75ef2d0969847088a298c9028e3dc6b7f6eca29e6919a53d8adb209028a4bea99566c34f1eb192c4c51c8c1f084146c7c77b55a7b58b0cd3a16cbc0d72144ca9b71c24489c98cae373df94fddf2281cac25f0db616e1a881946cef867c84cbca4b4dd4886b90855f4f4088319b47e43b88064f4bf5b424c1e46a4fad907cb895c29a3881044f5e82b7edea5cc5280a94790f7edbda58ee1f11d330e566629f96dd7fd4b4df0bb3083e461fd1d549415025e920d85d6680e39d3657b066eced47cc6d3db6848c2f5a52d7bd23543245090f11e9d3c75379c9e71218b10a623e234ff0e7e87d173fe3961136e3ca797239b5181e50d0b6354cafe4e849d968eeb3a89947dd3153415e689111759065553c887a52d1e1f54fb6282d6afd4c778b6396c4f20739b6e0054ab5c16b4eac6abc19a70bd9739715c1106a054dec04a0cd7b126ae8feb8a882cd2deb376da52f22e92ccdca1e2243e7d9094bbe2096ab5bc5f0071518eee7516037e35c75f61efb678a0d464a0d5684e2b9a2b092b4279917ec7afdf0b048fb94824e6ce005b6b0253d4eb07feeaa32ddc9aee7bad3820fe1762b161ea339ebea8b80cb445a82eba2b4f6ab281ccb7c2ad7c4a5f17b671aa30b9bf00b4e269cc2c23f0a0b6b0008508fb998fb3e36cb4a52888ddf223353ed4b420e3f07bb98cda4bdabbdcdba90bf3bfbfc31b978aabcc87ef1fc5e73461083b1e34266556a6bc19112d3e92f0f5f38325794151d8512b7fc94a186a36bcd636ff18de0808c1da75df1d643b9feb112f14d7ae771f4bc9f95c89741303f7458d0cb9a1cc97853a488ab3d7407c9454acd205e9732744afdef2025f4c62b95d288d3ff619ca9ce6785b191e075099c4e0a72c7aabb8e2e314d1dd637d1daa27efcad266576aabe6ef9a74c1fae2a169b4dd74ea899acd6f854143080cfa73aacb0a9878ee3f5d40938fef497ffc554c10bb04c07394ae5a178c5cd562c2bcefa297bcb4461157fe4e82af3d00645d74dd880584d3702dadb4f94f52e73c2cfc5eb764a2c7a8442807badf25e4e360e9018d9ebf10f4f16f43cf450703326cdbe5b3b9cbdacccac4a680a58a934107b46612f8f892e9a3a8ac57657d1f6a249421d3e2b6e54491dc121c29f27546f9dcf25e3ab7c116ea61d7d9d83ba1aefb2df85e07eb52d9427735d694e8f2bade698fbb8d8405456fa1ac9cc5c9f3c499b0549e52f38753859ef6f50ef172646064246f19e8c63cda7013ea55b07b74a7241cd9e955ee7a01583dc3be975d0d25d499c3056a6cc4d2d6f409af77a388cd923858f499ed155fadf286cd611b7dd5c1d6ff7a935fa5ffdc3742fda6d2c6b2018f639c48eeee46a5fe8763d7147c1933c26b9fe907a70a89c4dd64c66ff8ff790b4108e958cb5f49470ea682b0d29933474f9df6cd929be683220e5ee4e45b03933c6204937552a0b663c1e95846fcc84cf29b42172d59f95c5923f698536fa5109acf2107b4c6b233cdda9572a2eafbba9dc2534e41edcc38c9ca16f30ce36968a479c91c4f6488a7951a0c68ac0dd377983ab3db96fe67fdbb2c475dd95e5784a288833a10d329f804a8d8a02d0a586c2b2aea24f435d0957771103e8088764cdc24d8c9bdbb9d1060ad8084ec8c92819eba7e93233a11e645c0fafeca0acea899734f311fc6edd5f1508d7ab3398a9f3814f98feab432da6d418c057f8c678123a070dafe9a203101ba86ec48b947ac425de37f134c3958361e4ebc67b54abdc0d1c32c22df3e0bd612f34174b5d19104c0c2cd64a93047ea7cc889492e7e46b92fd190523e504ab9815de1ffd53137c66320e0a6741e91cf8683d5ef9e0b0256e1216c585e5dd8f22f4b34b1c06e85d06e8420a0540c1d2d6106091faefadbde0f3b29fae96d9cc94345a2521f9062690a77f51cf201d34e38d98ba20652b89be3a8300184897e86e5d393a999a0b8db5f80c7e0f5059b793185c5404d1b80d383efe834d9b766703f7e6f7fd7a46e6c9427feb606205df574911dc02c5d1dcf1798b85d90013cd076cd9e9c80a76c65d1f40264cd5b010b2a85fdec4a2176d7c82c0a42516fe8eeb54988c83dae9a0e40703cb2f1bd6f037beacc8a506e7332bd3245adc3085312227895cbb6c3e0ae0622126a1b4f90258e46f263e54dfc2a2032d0648ed46384e5e42e6c92ed268e4e92ed52f2184ab88c24d73fb2c5f90516b4152f5bdb018b2715b9747a3554f73e4936341f2086069c09e3e65ede520cc9417bd8d22616711092a0ac15a1522ffece53d6496f2d55e77f7e1f92a0f08761606a259abc887cc7e349d90c3c087eb7a9ae00190e25ee950d10b3f614b9be059a4ae05ca541f575901ec6060b5e2e9163ad7c36045819cd3c016b314196f8de7684cfbfea27244121853aac183d86b383ba114a59ac1eb792b90dec306f7f147c7ebb6c922450541fe8fca66a8bcd46913c86fa150b447c99a061cee72d99ce34a16b0aa51fc2d512aed59b09324c71169ba4f0415cd444d91e318070b68f342755a9422cffc3ed803f8d33fe184b5d993e33d4e5871636d99c43a9d3f4a970dc033bbc2dae99c4f303ec1750271131a28ffb4d0773527b218060f216ce2ea7db11ea1fb3138c81f262baef0745e816b9f5c304b10ad03a39345003432b6804ade97e13c316e64d06c4be622c5c163467d855a1ea33d79caa1edb8361f59dacd9f1bf42679fed4fb591c119c553e4b233a077cbbbd6b1c9faa8c91b791316cae7937551a696ebb08a318bbcdd129ab9a6b6f22a2adca4e8b439e172926d1b84603667eb89e326970a0ce4f27981807046808d67422bf9225d38ec31b4ebf302cb415eb6166fe72dbf8a9463a388de009e67122a08acf89e7f0fb3ffe775e86db01e225a57207599301462b8620ffb9033d4471a8647e885a125fb8534f340ed97347b8054":"7dfa7b3eb61c13390a56bdb01a354a51066825378ce22367a1d118d4bc47957d" + +SHA3_384 long #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"5fe35923b4e0af7dd24971812a58425519850a506dfa9b0d254795be785786c319a2567cbaa5e35bcf8fe83d943e23fa5169b73adc1fcf8b607084b15e6a013df147e46256e4e803ab75c110f77848136be7d806e8b2f868c16c3a90c14463407038cb7d9285079ef162c6a45cedf9c9f066375c969b5fcbcda37f02aacff4f31cded3767570885426bebd9eca877e44674e9ae2f0c24cdd0e7e1aaf1ff2fe7f80a1c4f5078eb34cd4f06fa94a2d1eab5806ca43fd0f06c60b63d5402b95c70c21ea65a151c5cfaf8262a46be3c722264b":"3054d249f916a6039b2a9c3ebec1418791a0608a170e6d36486035e5f92635eaba98072a85373cb54e2ae3f982ce132b" + +SHA3_384 long #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"035adcb639e5f28bb5c88658f45c1ce0be16e7dafe083b98d0ab45e8dcdbfa38e3234dfd973ba555b0cf8eea3c82ae1a3633fc565b7f2cc839876d3989f35731be371f60de140e3c916231ec780e5165bf5f25d3f67dc73a1c33655dfdf439dfbf1cbba8b779158a810ad7244f06ec078120cd18760af436a238941ce1e687880b5c879dc971a285a74ee85c6a746749a30159ee842e9b03f31d613dddd22975cd7fed06bd049d772cb6cc5a705faa734e87321dc8f2a4ea366a368a98bf06ee2b0b54ac3a3aeea637caebe70ad09ccda93cc06de95df73394a87ac9bbb5083a4d8a2458e91c7d5bf113aecae0ce279fdda76ba690787d26345e94c3edbc16a35c83c4d071b132dd81187bcd9961323011509c8f644a1c0a3f14ee40d7dd186f807f9edc7c02f6761061bbb6dd91a6c96ec0b9f10edbbd29dc52":"02535d86cc7518484a2a238c921b739b1704a50370a2924abf39958c5976e658dc5e87440063112459bddb40308b1c70" + +SHA3_384 long #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"7f25b2c0eb1a6911cc3328fcdcd40f28f010375f7b1b51a05402896fb999b17093b59b34fb9cc653feba3dbb9d96bd47180416946d9bd3101b691d532be6ddb3712721121054c1fb3c5c42ee44e7faf7cf8d75856545187a3220047f07373e9aa2e10c022f2aa2320f81fd3cd7b110609c131edd6e016707228d069a55731a4ead4d24ab6206b01ffd91384e60db45a907fed7428db707de721aeb4c1b84baf61ad230b6b0d034eb90f4b9cbe64de2fb98b6695dcc4f4129aa2e7a3f635166bb72d7faca227076bd5013495c72ef2e7dd8a39cd532b15d0d53307c1834c265c53cc64890becfbebec454afa90ba973584e2d3752c7c6a3b4f48aba8297bf013b0006e3b08ed354157420b559b963f7b383bd047e94745a4615a3f9239230804547ff93d19a657fece8e02114840504b7fdb9c9fea0a4ccea3ee304a330fd2b0d97191f9be86e8968a9fabc847577e08b468b4f7df43f3fc9f8b2a2ab760f4ab87bbc51b883d4b8b33ed84e4f93a1d359e6995ea1962bfc0bca789ae36e4c25717850efcd708155f52fe09f1de76b2746634dbe1290524bd73d9db5f21f9d035e183dc2":"927962c873a69caa05cadc1cb485eb1cbb07748e47d942192df4af9233f42b95a638918306ae83a8237d21c2824f666d" + +SHA3_384 long #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f242":"d30ec9a7baeabe40f6648a624dddf8721c89542e258f0fa9afcc9e68433faef781824048b0b771a94e8f0c17a403f9fb" + +SHA3_384 long #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"8c569727f1d4548f1c66a5c830346259612d10c5fef90518ae2fcdbffac9cd9c0bd5265ab56ddcfeb5e838bf37526a189c1a731b790b4208e37d1d1eeacd43b1630ad07debf1e03a281cf7715276a18df2f25535ea7d9fd9b6317f8bf1cb0c111b5f5c38994aa86bfd69ac8388884de1ed1d7eba583764b3afb1b8ae18ab6ee3bb3a9432c95f7cb7bd361da0e270b73b1503b653cc20d9bd5766932e6655b250cc053e148218a449efed136e661627c4f10dc5a84d22462035b8d7b4e4b11f7fd5272385cd5d67471bf556951e63e4a409a17260e324f203d2104be798a8ff985e080b2eb1160fdacab6aebe123d3802e5298624960f268fb4d4b9708c2098c5ef10beb6362be2298298e391498e69060e0bca9b6fc92aec656ee7f6c802342c11a703c76484295dce03bcb5cb3cc0da0bb1036e753b46416d449d22523719f54b35a306440a2b9d335f03d3a03085a36481fc44b14dc2b652c0a59c34a68f492622671ddda332123b147e92d153008ca2e57cc629e8e5759e48c60b7636e05029d614b4373884e36d8af69b648c79ba4c444a9ce7f2f8a3d846c7171ed15231dcba75725bb26a395129329564c23758ea052f6df355436b89217169365e2f15c734510050f72c3c705afc29d6df838c0492f3e153f70ef338418ca9c5c4bd2373ad6f051ef1121351831affc4caa57e23525ea111c2a1636d0ee07fd4ed4584678e982ace8664e77d0e55be356be558cead3755359c43e4b1f034916ac00e5f2b3d941767a069df7a61750e32aa8a3f8e0b48a5c56f3e9e8a4f518a8f2562dd48242b73f1266a24d2e64299c26fde5dead45737cb22d8b8839300104b04872645a925e77500afdd0c038404eda227da6a702db64e":"91e24f999cac1b9ab9ae456ecf47b52c1144ffd1df2d95feb05fce930e37ff767a005cf07bb7af45c8a73585e8544965" + +SHA3_384 long #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"eeaa4e8e343caa827d348cba7d83f4c6cf69f00b968a6174654501655c41a5f19448c04cbe59298306f81e6a3ec988d6385d800d734c137bfa8442a78ae04d65f3fd324cc049706a1a5c1037ea8ce6c83ebb1545ee74d19d7f3769784710846ed26eaa76853307a181086c08cbf39702a92bb49b4f2b2442ba057cc2ddf9d174fb4633b25440778e03a33ac4272722ee415467f7dd9892d27597856c92c2bcdf342bd2e87497479b68d58055474f0ff3cddf3541e1e4a5b576948b5eaf94cd1746c691002e62ff2f774848a27394e77817732761a336e55486a597807b968d84f9be77e2cac628b1f9a19993f21e31e7e5b943406bb7d9156c72b0ba40f1838e14bb8c7790ed498bb78b7c100e1475a7005993c4818e0961f2a2def444cc389e6167d9a5c7ffea2476acf7010d9e3c2030fa1fd62ce5fda1dedd2916d150321aa6676555b92393e401ac154e38e60cba3c44ed5fb6e13e3bf9cd9a082da4fb6cac663970ac82cd331f34dbe0d71170ddeee1084565ac53990b1838b2a0f21bfa3b0a5bdce9441f7997ec539d324aedf10c767572826ec421dc660cfc745f182e1bfbd583b890121e327b846e90b70d5e5fae3dcc544e1a3d33601ccfef157c6f13e2af4b608e2d8ab88a763b3b80578caf2e693d2575dc54d9ad72115b3cce24ec67ef1e2b68f826f1c032ed79ce53e4c4a101ac3b0b92cd97f616acfefb97b76e319fe35f43fb58a4c6bf6a93c98acc65ad0b00e037c41233e30e86217b5e8f61e9c682454abf899b43259cd19883ad5cfa91235921fb8a751b64890be4ab148d366de225a2cb229ce06d6a7a64c6f06f319afcf1f2be9d2747209c065d07aebac19bed4776a78970459ebbd854dcfb67fa2f73efd296b30f0e48a6580ef8c5af32588af2ecdc28df19c07931914c380bfc57709ae80a34f719e6914a2008c13530aca1702cf166b004dc8bce429e0d25e01adb3c5da288a510014424bbbf0a1463a01b075f6eaaadb0f8d9f7905be47b4d809c1b58e618e199a2a72e06":"2865a64e54bf077b8343beca94a9bcc137797cc916019722f5889726fb0a74efd3ee0f6526ad7e076fe4f23526714130" + +SHA3_384 long #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"42262515ac21c5c23edf72494250e8c57116d67c0c458fc22867021a4ac4ec9f33e04ca2fd44189567812e276e738db11dc3c5d1a5afac54b00e535af38e38b40241bd916958d95af82e0eda5e889ba2fa1bf2aced4e6c3e74423c11750fa2b35751612a17e472da98ebfaa93b177a60b02645540ca938471b0ba589f7cf9062d9191eb530704addf0c2dadb2da891b3e8eca713294976364e717608a2556b8b31a0dd79db84c92ba8ba96b95bc44a634a76fe2f6cb490d4b47d97d79d299cf407ee87bf41a9578b67db168beef20c377dcb34f1fe74ece9f636f03e11d38966020c02cf89665cc6d52e43990dbb40f82af32fa10711f43dbba56a8426db9ca8ca0138f1dc4440a49bba032ae1a64c6ef8f7d987ae110e97acd0ebf303ca3c8408d50f6d62ca6bed61883f87923b996190de18eb1cfea4c070c15cd1d128d0c06491718a42804669ce9ee0f947028f9999b0d614795f1d81b080a667b77bc225853c4591a5ee37e08b06ccc6288496ddbc75fa4becbde1a01413affdde4d797b14de73cab29da71940c8ed365e4817f7a1366cd89d9f58e5438461db6e255d8ab880e27d9214ffdd94ea299311d678adeffb1403b58dea1ae6dba3488e8cd6191a287cf26cdba5f42f766a2368b723c84ecada145c0fff05a41e5c8e66094cf2e1e12871697b0326ba7397308c727e1068ada652b9aeff70265776f31f2427dbb6b0ce41b17b7f3bddea9800a58ff34ce2ab6006f5f15221148dd8c0e165cf9d419f57ab6b6383fa3fe255dbda97e94667ccf078376160e015c96a3cd355ad0029b5a9f7c0bc762c8963b50b5311c8c49d193ef0a8849177d11214b11e7b27cb17faad6dd70cc0996276a3d73985f78f2c9932b670e54eacf170be65e95fa6c8b2774b54d9dec90973210486b47be06fbd55b511b609fd491deb50a15d8a93bda3336cf6edb7f844646ec161eb7cea2bf853ad4ba27a0814fc8cb2ada28354739136f6993c21b711dc65c2b0070f7d8d849d04aa5ebfd5d6375acdd1dfd253b22589d386eda36e3a830defbb2fbd015b0a3ba0770f60ce56755d87553d00f6410733e90529c68385026e30c98c0dde5e31336bf9e0e5595e5f9ec980e394a7eade3c225d18105fbb01906e2346877d5ea28f4b7af7d7e0b49d247c9cf916cd7352ad64d8e10b6a":"694b79148a8b6a3278b9088467c5f62e295275254c62ece9ba3586dd09f4791ceae4445999199f421eb5ad6d04fff52e" + +SHA3_384 long #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"aab61e333ac01069b347e201015bef397cbf857704a4992c50b8b8ff835f41280040d21980040064625a4bd9423f50eecc7c4165d27093289d0ff678812b8a46b4f350e161b9dfd2f7f85804c7959b29ce65bb58cff0b0fba6744ce8d82d71ce6ed480d30466147b1d26f1ccb9e537b02a81dc9a23ac586c12eea299afed5c86d5ed4a37929309277aeefe7740b88c4b87d88a72f52cf4458986e0d12ff4b4389245975432c8259eb657674e839402c48d73ae276df9ea4cb543efd980c9e2aa4de44d730d8ed0a77a691499ab0401e2e5593102b59aa44a3b2db5f9c9f54ca5add356dc4a6c720c6e2deda0df8df16c3792f94bf2978806c64c1b7833fe5cf05a1998d712eb739339aadbaa48b93a2b2a27f04a4f79004afca909a0e56e7955fdbefdac8d913c0583e9c4010d0f44e7671ffd46f2c673dc854b68b707cc0a9a3ecb6ca2e2e93329f6f092eb5817786796820789030949850a3a1e06c3a17988c447cc023a78c1c938c92bb14e5a3c755e59f859abc7e90d337f15d53f742de7383a0714bcc84eabf17c799b195ff9d767abb7ff118abd3ca721336ca3cd8e7f41ac042091604398ca0f62f0e1ae18565a802cc35fd92cda0f2862121834041788a6ab6ee0c806586a8cd0facdd0ffbadfe03fecba3d9eae129d8910c632f779b42fe446d28901b37bfaaaff064c18cb9dd4d8c44c3d7b81598790aed44ecf6b6e5097ef8f2a9b71a262d848b4aaca513d63df913d612c1b8bee5e346a11f4b65e10acb23e333b5989cb411dfd737c1366963c9cb531174451daddeab202cf222b770bd7072c4b35d83dcfc50c2e98dac174d72ddb36a5c45354f418d1a9c6767e8d9da6139e32cb37c1698a0763856ef605988bd7f73e6238638b05f28e427cfe5b48668a1158e34c5df7b2179bab97ac516800d2fc4be7a9108bfa3b3aacfa54e8f561940b2547c21b6286635c721d8b612dd2f4ce321c4d62da3fd4346ab9273c8ddd571601be3f03904e143142c73d3cd14a64f45dc6cd61611ce604e6812060f623feb9540f6b1c6a52519f835e67ea3ab04bf632b0d01508d999338619e75b1a7baf7d8603f06ed8d943309dabb474524cd05d1ba1ff87b8bd1448b44b2335df2c92e8ff627301c32d116bf873c9e1ff651cb07f6002be571180cbd7dd7cf72f80d18427f49fde1194e4d8fc8151392b455677c6b680c2ce1d044456989ca8f1bd91d96780190cac57e400129cf284bd32a73b576b219c0629c93c9b4428500d2cfd6d25d08c937abe386aa08b54cb9d7537829c478e53e67df73b0da9cbf76a153acbcaaa9e7c6510099e1017":"93d4fc2b9e42c2a48e6103f17d9d2fb38330aba7de7a43011cc4bb93d161d6a3b2746baad5d88e6f37cba4cba42fa053" + +SHA3_384 long #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"389dee6ad8582da38c63df546651dd4320c8c4e76c86ed8485a2a0980a1484760c785a31660febbb4c073f4e27fc100ba0be7ee2fb5505b1a742abb013087e0cc3eb3dd2a2f8560f9a451036627a0ac19790e41b0fd93cbe6a41dc98e9d331b4847f0016361a54e79ca6bbd2bed4b1ad2dc75d5c4e1b7bf2f5269a1a357d87b677ba09c5ca7dce8a7ab1a6ebe411ef1788ea506b6022ab9771794cfc9f0f6759c527c1a7052aad415def3a487b39ab46d3812711eef6b2f305c35c07ce90b8e6964b90839028d7546de6dfb32c55cd8334154916a0a07a4eda8a31036b0864a511b0df23127f360bd120fef29f6b3c16d32d1e421d27e9f2175933b81d8052de5fdd144d3438b1adb225fdce7b86e247d9510e5d0e93e926e5b5caee8dfe6ad9a75a99ca9e5a2f84377b460f69aba65e6e09812e1aed61316c285e6c638d94dd12b0d462f7ed9ad689ac3f7d10e470a2b9dedf7eea3c385cd33957fb4632b834c8662fdce8fad9eccf4052df1938285ce3579015258858ef43711d63def7be24f00410021887d40e32bde6ff2bb0b7d413fdfcbb74d9a832e356186cd4e38ef6b312e19a309f7384daad62a3ef52035272568c387f38106cdc72b1ddd0fe11f23819096dd7479e95ee9730940c28f51e28eca653edac78e7554d4e8079512d5fa8a1f043b6893d8a9604b79a2b3a757f5c47b4d5673ec8e9776d591b78e3cb872a30fee4746c38abfc7b5f7cf48e6cbf37ed1c8794f5e8bb695c387774bdd4b0e7509b17baf87740458490040e2ec024e068482e1dd9c1a554a2555c16e52e2306882fa53036e2919ca7b2f822225bf77f409e95a9f239ee60c516920665c328b06022577d2d62e6276d2d21d770237f3efb8883e14939e0b44fe5e0eb4579060d61dcf34ae6dd860e5d6a47d622020643236cbf6ce5aac179c8290f6e8b3a074412c6413e673cba7a00cf32c740dfd2b63fb412f4ce72dad6b649e73641ed717efc460b02ba68ca93dcc5a950d0a12cc0d8c7441e0d7b73f4a3af30ec6e7a8de2a5c5173de748fe807bb5761cdc325c89750d1d94a9abd4fb16c2b2371bc8a39997ac2e98f4c39d6a65055fd16b79aa389eee65feaaec441298ea35c04fc1fbca5a6118bbebc3f178201f2d18865e5ef5dcd2e30319250d61b08f802e124cdc9e744e9d4dd32f40d33669a89834c9bfeab521604cfd3e7511e6195c2a6c51903d6fd985f7b5eed3a22f4d97fa7da2163cb343a4815e1ec54ac2f1915c66b95dced36c976098eaf20e9131c3e569d1ab165ea1774944af4433cd7de76b076a8c79266e9c30840ae53fe67ff502013fc69e3da1a14cb8d83cf58e262600584d6468f2475d118236f35cb59ef3f94cd2affcd8ace933c181f3b78d5415c25f4a2fc0be5e9fa99856658d87f685715273ad59b72b18a66892b2a253707d5a264a33ac131d2da0d15383fce3ef75121c0b0add6384f64cb4f4c1de":"60742329b560bbc7929cd578f87e0979db19c938d413f36360aed6361550501941f32ee8e362478c96202683a28e4f25" + +SHA3_384 long #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"23cd7e8b7828a0ceed470598e88bde61d1487d471abd71a87c4af3ef83dd81ae4caec8ee8e2cc7c3d7363223188f14f7648cb973f510cba370babb47695d62e12ab1e90cb048e60ff7c3c7b278457451ef28302e61efc00b5e7cd0f98484926b443fa88ee96444ddd5548ef00e954694fa83aa2167429a08cef7faacd938587322c1ce1c3e682a53fa534d82e468d1eb0e05eff40ef19fc1499300087262fb214d9d235db93ce099ed26cd1302a45e7cb216c64e5fe5185f56b8acb756ebc49e4c3d6ffa61c8aed83637d6496e33356f6e1ef8d760044c097ecec45e8db9fb12a7077a9a3ef5dc385eec30cc32fb9eedca854e381b3785e8483d11a820b6e8a5e7650ce659a9b1e0ecafa24556e6e11e4fb38d19986709243c6e5b3a16c8d27d93beec86b9cd76f968e7f55ce0db452984118021de7a22e4e2c76abf77d903c53379e321664a74aa5bfbf1b8dac11336f105eef9f55a1550c3b105dd4bd0c1a35000b95f6906f01c4c555e024b82946f1ff89e49e5ed2d926695f63c9b95553f71ba36eac9eb3576c35c04e13c050dfa955359b8b61db1cf53d903856e1007c21e0f21678ee08ae14878abfeb432c9ffdb7ce7ee71d0e83213e7f560cd291e54df674481c1cc368564111a00bbf10fa77add10941ef01be02d259374bfc8e41c3d2a65de699982899e8f1a90592a2619f9dc9c52c364930429fda76a4cd59f43bfc04d268e2eb6167f5b735697c5577ee0e352cf6a1495c490d6f7e97c3898f0ee92c40238731a538edbedf97caaeafeb859fbb41ae86c48e9174d9a58d9174c5006921a7050f56953784f2211c227c008a65fa8dcc85fb9bc2a6f25e7a0637f6f857e153dad917f569a63785df355ed58314654b79cb53f927625313276c6b0d378519ba87234be20aaefa46826beac3164785fb34cb701f16339663f4186080245d356b887274e380ebc4d3a44a82619a6bc72d8c0ad286459716e18ebecae8656cceb75d4b2562630921cdc335c839a60dc352fe1dfdb70c097eec55a40cae7110405e7421cfe737739b955dd22ea3cf89e4fbf9594439f0071914c78ca86abe0434a17b7af70a64a78cbad28418386d7cb6990c515887881c8fcb72bd1085c2a50620c1cb1d1471318faecfe037700652b2aab5aabd183ac63da0e5d9f788156f4f6ce5a6b4cde39e2f01b46aeee320a853b173a9c4649e70cd157f57affa3cef7ae66572506f4249b5242e88b0fa52fa243dc4f3011519b89899cdbabc549f92131dbfd272a103b0ecb67cbe203e03a4beb037fb1572331a3ace4f77af1fb3f39283533b8debbe8020194d9fbf26b9546db93b46543480f22df38312eab4208093a7de0214a7c933e9cd0f91d03cfa65bba94d596fa479fcecc9f71111da4bc5710baeeab98dba28b452413925e93d754310fca8aa7a8486f1b219f696cabc3ec51f4449bed607eb1a49610a02c3f8ff8e70a7b8970f471cc74c6a37fc3df8690a633ca3c74948f786031d690955c350e8590d0dd7db284ae7d97659b48c76b0ab78068d552fe3da821fa4eaac071335fb2a6b1cdf76ae8dde19bcd0523ebdb242be206adb227f10891fb6035d606f0b3175606a006a5052146dac4047dd33f":"b6b1090cdb31627388f87c4fbe6253464215b812169a48fc8897d64e7b004742da4891264f0ce2bd2512f48a03c0afc7" + +SHA3_384 long #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"7ad50f6f55fea7b59e17c2727e72fc22910fe36cf463ac02a05925c9f697eb3a9a02dd088584d002560d853ce9d7d8692bef398c2df160d077123db39e642e6a19567581507ae9c3f68ceb5999af9c3677f94eb29432387409d96d969f680f049cdabf25dd6959be259cde13b581b24f1d37082551b09ab8ffb59db8202bf4cece94a43b55d988bc8c4646b066d6817cc4b1502f8df3ef6201afb5634a344692548e0a0adf50de84d3910979d3357187146e0f167081a03bb6ce9ddd450b6e16d9d0dbdba458c3e0a18610b62526ea36b7762b2321e4130bc71a3e6e3838d2230360fdf6cc789f969e2b43af8331545352d18e9ec9a4b29adb9b7e604b43dc807a485aa37e39da6f738a8aab16df17a490881ecf8f47e4af9b5a46f9a8b5f3f7e790d82ae221dc33c8abcef405b79bf216a1c5fd9c571014af5e7f8374167e4ef23e61d221ba0daa4494f5d0794249048f276972175ca08fbeaf0f44daece74e425cdce5638cd69b904fe9889a0687a4a11ff47429dcfbe97056e08500c195bf80f130a9cf1d9dd054e490638f8dbe98f4934d4cfa6189ea6f5ad88d0e1cf069530647678ef8cb0f3759d4ab815f57a9318a5c42b172b25960c3e1a62d86601364a20866c7a2c921e1b89ca69702b89f000d099d7798deffee9ae21685864d875bcd5bf0a3a4fecefb09cf9efa004b4208233ca7735975a5bfe6c2263da41f8bdf8f284b4a87d1dd2d5257d9d1e1775af2d4dda6ce40df117baf6b1e7d683ee898f157c0e3d3ac181e9d1ba0452ba3ae6528d4e3afd2840ccbfdc4466f5b13662ffad197970ef64577f1033a7e6839070a2809a63f99cd5d57d9b5e5380404cc4cb37c188dc2162ddf57f7f1a31fa02d89db6537a51c20cec64a264503eb7ae49622418bee767698ffd5df0bddd940e8894acedd0ae3e625c059ffacf699de74b6510937e1b37d4e7f76a3d1531d8100b27b2de19677882bef0d2863399596455348ba658f009316063f2c8b2e73cb3cae786b8b705f6ca8f86e8ab2f5670c1f160e3d5d1fe520b93c3a60819563866522496e23c123fc6486840be05298a6c9a7aa7b67baea8c00ca6e28fab1761a43b9f420f1b04c9f263f58943777afce0dad275bcb889840b058e36d40a933ef9e1983683d6661bcb7cbf10efd8d34ebb1d18ac4d0b076a2948da21599a6236d3eeafd2d4e0beabde0d3575f7bbbb0647ebadda0bf5b0d1b7312b2094ed0ccfdebd56b596dc66f0967ff9371f92aaaa33c1028d6e0b0e314148e1b32a64eb8056c81d4d3e2bf790814f6ac2abf01aa0fb37d714e7bd882f340aae677eb496fef8a984083f51f8f22b161aa7414693810aaa7c2f0d8fa7221bf0e1abf63e877210dbfb851ee0e3abf04e79636428add0eeb3622a43f3f39075961bff458545a05bda0422514b30147d73177588f8b20713cd39a52f7cf610cd64cdefd10b4a00161e3e9e7b0376c22f0e655c144958aa2662630e249d17297fd767dc2d431cf7fc330b27f0ac103b817af385ba8cfa20731d6ee3c7d6df2129788a72bebf371e6a92da7d56a7a4f721634290d0562f009648cdc48dbcd6be46c2961209f210d9edc85cfd2188ad7b6b41c2fbfa175fc10c9ef01efaa1664754402b58936e42c0f24de325c5b1823edb8105359c6314f8526a865173473662de7baaa4ef96355a148e1d95c7d4cbc80ebb79cc4babe70ce445e10a9bf0af8741dfa485730c710bc1235cbbbc44f29d515ba12e6c543e755ebba0b8e9403a2b2ad6a988c":"cd1a0d7f2bbac5cdac53fadf236c4675b5b23ff4847aef227cd71e653bae85e0da3bda458eae87bbcb5b4640d9451d45" + +SHA3_384 long #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"221710ca1c521ea4c3fe7aaf826691b9bcf37e7d0f587277da0c59f7fcfdba75df83df24b69237c90235f8ce5b3708926d231e0441702570bef5e1996fa3d407867263a2219c3580cd0adcfc480bb7088c4c16c40805a04f3170f2dc397f89091ecee26de7d7df702b656d60d24b64c11f55afe4ef7facbb3b65d5ebe4fba123b07ea5ac8faaff42242ef423805dd86531262e8c7b46115ce5bcd3ecf87de3fc436af488a27f5b9ec04db96cdbaadb9dc7a7dee636c297db365d3208fb6f183ddf7a1729a7bdbd2a08aa04646a9a3511ebc00617a75b05e037303a667738088d8c9655b626cbeb91032d1d32b596ad68a459ed4a567a2512ee1e352ff3407b9553a6f758a813ad79b9bf4b0044040c4afb5adca5cc85bd1a650d698af8ef39fd3b924536b4fccd8b3346d8f3a04d1a61f6ab1b5090e6969fa4e61fa00dad096c4d428779d2ee116e78ab0a3550da9f52a034f2742a03784ab1929f98bae2b58a909e05488a5143ca90d72aeedc1263c8fedea93923462bc396f8319b87f603000c8f07cc658e294984b17f45cd5c2d691a8f87c6021676b15bff1dd1fd51bc76c9fbd42cea0b8c915b205363a922c7ddfb30d5444fda22bd0691aa61a35ba893d0ccb591a231334a1d0eec70fbcbf7cda9aadcda93fcf78ea1952274017d8e0028e8f2231368e81dd362939348bf86e12de3e1b154e3bdcd33f2cb31a01d3765d939d309c71971b1840490f41a653cc08ec52ff01df73c21c592eec107a56c68eca59f6c46aa97b038db2bbcf827e013d4370dc073a03c335e5cd24bbe7bf3b46816a073168522bff7d1ac136b6c3c810720c249e04684aa0638c1f84e0994ef55731c47c110da88cacd5a20fa9d16b3306a97b2eb51dd2fc50e01f03eb519c2bba45c0fcfb587b3b8b87f0c2d20375057fcd4241d290f6aa4c6db5a16e948d4a390a8f4c6dbf0e8ca7861fe8c5e670182bec1c6fc36e202aa49975e5f0cebce1421481e30e9dece07f6481fa0bf6d6ebb98a5c112e11ea0e07d7d26a086c857173e83b49449190d771a7e97f0ac133e0972ca3ce7908aeb4c4bd5d761bea818b3cfa2df7b62694e22cd4a8d048b1f1a7534766001acef8cf89be69c2b1e52b8f0bdedc66c9c963911f5f32965c55aa905c6f255ea9e152aec56f99b840d90e0d6eeac92ef5f67754b7bc2959ac38c94c31086422acdc46e2f6256fcf7f328386e4b276a8c13a5abd848fff62bec7d82b7fb794f47a0c4ffc8a945e80939e367bfbca677cc201882c143f277a1a7f41ce86d15a6cb81dc87c2120e8744458916d12a70e036ef88a30d53e23d835ebb0a5e4fa06c3ed7d6ab2284f8002f80e2ecad7bcece53e6bdb5c4621973597898f3218a63cc26097815f2e94c7c5252b5925a990869a96e7e61ef57dd3fac5d547f3a04a6ec0d818b6d3a2853223624ccafe06a66d8c2f0954f941977c90274b757b0a7b1f47aa6d65a0029521b625cedec48d82f4426d2c826be922f3ae62788238b5acb0df6e023854ed4948e5e64e1f199caadd45b7ee08e72a94cbadddd918ad3043d5f089738962b1160a4b3a27065db2726b1eb5aa531ba46187071ff9835918f50113833de34a0c8fd84e88061f117d9e3025ed0deb49d51d98529f366cccde2494b0e1cdd07b3e1b45885647e3c54c72cf03a4655c224b3d8218d22c3f68de5733713bbfdb86e44cd4513b88def9ad949a30926d00155525d6a26f4765bdb8015face7606efd9d9907519e357b1f1f7814252d718193a17af8b7bd249a4be9b76bfc7b6bf53fb8944101f4da42b62091df69ec1f5b3dbea18aa152202793f1edfac87e4f18ddc3a333dad5e3c04f4f765e6744c2e773eb4def07a4d6a8164f198e99566644584d5a3254c7ee6e5b0a9a13b5ce08d0c6d5b4a8434bc496537fde99f":"d028f9a585a081207101ff8c32a54829879883fa0f4c4180542842168df757cac06a951aa68b277ca0fa99850b928e75" + +SHA3_384 long #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"111ab27c5b389f1e76246e429e34e71a8a54190f4e5956b680927e0099a081b19f881f130107f2ebc326afacda0da9ebda1c9613ce38965a676371f35a90208503b590dd4e21a2e0d71076c3507de97e24375c7d5937b899bb31ae483769441085c88d420a2fb7e4fc0b4cefc72ab1bbafcdf3b7b7fec25dc223be65f9d4f2396cea9eaafcd83ae1783fb79806bc088ac505e127b034bf8dc66228b4687834e802424c7dedc532be94d34126d6dcf7d3ac07b0370c81b4110d15749b4bfe11058df91e23a59ea76398ef7201ff32847eadfce74e928fabd1df652b846b0d927956369d04ec0aa2b8ccbdd1914965ba73100c0fd30b03abb4867ad4d6914ebd2aa5224f888ab129a47762e63f7c1e9e9a1d5eaf304088bda4497bf7f983689c01c2e5be18463c4712e30939715f043adb1c1b4fccf6c4e8896f911d550a0437e6f4a6721ae95301e756d85390bbc0951f546a780ff85f344941e3cd52edca94c2848df2f83b9d610c19f7bb0558f9b74c0e74b0610d02a9cd079a8f58f661bd7bbac3c61804c36e69748ff937fe58a94c9260822afc5550fd09ddebcfeb72bafbde7076e40c6c30e6aec8968d75847205285773d28eff30c18ed56a1f95a4912838bb8ac21b41b06c11c9197184261a6118810dc18ba95102e0a993b0bca04cec10cd8b1cf8eaf5e1e3bb0a4af5e6aa47a905d760bbfabca64582eeea280ef32eadce01596c0e072f6dc5f27f8e6b299e240c5915e59b789706880436a0948cd658e572e13f55ef3cf710577a185e9f50d1bd1c49d3338dbb6ae25cfaeddd21cb593a681c3969b4f2c9c4c4a25a661444f841a7654b6b04fcbbb97f9fd78fb9f7f8f66a7221ef5e372a08be5f1e2c9162e1bf82cf16ebe4413f34f38e26535d417d41014bc192f6f56404cf192a581d92d46036f1fc5a3571407c422ea2d014912f42b30fdff88313bde17e384791c1bc184c4a32c460007604b8f3e613afe6cf57220b2644c90d797ec753243d7f84c8f6aa46f938a64c37d4118f204097dbe33d088ef8b8ae9d0feeddd746d4cb6e9eb6a2b3b01ed4219cf7af9d43f231fcb6291dc6ed034e39bd574c9104d41d8727a05e18be3f92878db7b9a5b7f125502e63893a6eec53ec6bff3b0ac7041cd849fb03fd8b638687f25a5830e3051adf34327372e13c62bb012fd3c8f82d7168ed11bcea7f515b28b329b3c531f6b8b2b1e003f7b0bb26b0672f3c55fd17c43ffc28af6802d3b773b96cf3ec088ba8d08bb36350413144d285479d39408abc665c8904fe7caf436eea6b3f2dd08d9241acf4b805fe66672943bf1efa274e01e4f77ce43555aea6232f6dc011f2c51d0efaea2d9f4e2235be8adee9221c2a3cc1b3487794f598889a71bc9d1fd4f8f23e5fdfe7a5982c569840ee233986e815067a37e4a3c43593da969effe0dff1b9d9c219119f464d73bf4f35f7c5cd4e33ba338f54ea2b4d6deb875c0eda7b7719e80ae1d115bf4d343c9dfc8b5058253fe5c699eef290a7bed52d3df1971151ba72217f4f906bf44016148a07619134e08f1a9ddb425c0c2fa06f8bd19f0748457fee3bb598b20940559b299481df45bfc119e34262f8446755348cd578c7246218595d28b3fc56db02191f5a36aa1e8383aab24cdbca170ffc668a26acb7adb8434a2cd26bb1a1ba2478b5800b5b88d5dbb55420343c4dcf9beccbebc341aaf00aa9f1db4739b384c39f332e85584b5dd3230fe8f5b5ad4e3cae984d43cce5b1755ef56bcffc54e2e776e18e2e0a2fc272da2cc9a79d0035e6943874b6bf24a48b527da88c634b7c99e506c58dd9fcadc0c3f2edd15b0e2ba286f587a3843071546bd4bd05d462f9e0d4ecfe2a2e79c5c6c6ab7cfb599fd9776c15af9382d1bfd89241d0c2b85f02c52bd95f8e6f6fb38bcc9d9dadfe7be76d2ee1130d21ce3620b00b0a4c780b3e4fd216104006a71e17bb127970b269fc8cb4a1dc99c9f17f33ab7b922a7a2e5686b1eb3ac859e6af737d5038cbdd33c0dde69d31bfe20042196dd991e42890f172b19f05afd2f70ea6f89f0147e79fdd67ad1c3b08d4c4":"265fecfad0705b6deb29e1bc690f4eaee2a03c699e6352db82d94f71658b24f5fde1e885968b639d8361928cbcad8506" + +SHA3_384 long #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"9de3e6cef3da54cc609e2734c4dc69b8987e6b34dcd05deb50e11c13e72d4b957978a50eb8fd911965c8f7d0c46153904daa08fda40af646cbcb4eab97c1a53c602d48e3fde0d0a4efa4f624ddd7a86841595ce060a9a4a47f4a02fd546cfe27bbc87755aacc37f667f8ca37f8888fc9dc530fe4f8f38e8cd426e01307747edff012d96da707ee96338d1b11feba313a865fca115431dd8632268ff499224ceb69d31732dcd91e0cbd2b92bbd5b6b543a74735705daab81a0114b8a8f0be91d38cd3d8ad328cefe16c99d63c67c4446ca7d1f708f9a848d1a9b60238f6907420c3d9c5e48f67889ca7a1909c9a2b063eeec6b8e21171b43292d416ab91df1e5975af86e1ddb112c5d80968e458352240e4ed22048e4e25c625389b09abf5b706091bc2ac02b3b4e5669a051b8828c1fbf110db785687c313c8a93a5a2b1866afe9e6214be8b59783b91c1049124d0af57ef58b465364b5a3e4ee9ba7f99153dd7cd84dc875fee22739573076ddec26b8f165db746b2d24fee2d065f7fda8a7172ab8eb2a93d8be594e130eabd34d3cccb428720c882937aa281741531fa48ae65b50a67a298953a2601752f0dbb775b72d06fa1591a11731208bd6c247cf23d1776623bf1e5ac889d72ca34bdd74f903c6c718986eddeb1b31f3cd4c5d6f9b60e6c30d015c9346971b1aa9c6c2caef37e632769c0725dceec219cdf949cd191b112f0a49ca7cf45294a90d6870027fdcf411bc2944c112343dc37fd2f331c68b5e71c29e505dfb44aaa07739d063d3795a2a92470df8b47409ba8ade43e2ca373653df08d67d82f5c6c98e42ca3710967f459eff4a14eb378ec69826222a4ca7029b068f4425b2ec4eeafb8a47c461bccb2c8b58e35bde0434ae4eb0764f74642812e13c829db3b1accc66192d54ec71a6a6ff5bc016b663633c5686299a6bf512801816792daccc463775f8662dd940787aa20fc98c9adc833658b0215359e226ad53250f1dc5c686f3d32ed89751aea9711e7ce707b3f8fc65fb3448c266b4ce6039722db42825d3c726c36ddc7c45a15318aa00cd283e3691e81c842fb8f271637204bc3bfa74947c17c00b43818cc9e83ba2fd2722379a82c770bfe17a24767ca7e4a2fa663833da4d2c9c13880b87f72c6bc75dc9698eff3f36e021d2d347748018c93991fb17a9710f0795bb4b444a960d44b7445e7bd2f878cf37e8864b12a4aa1740a644a8b12a72341140d369a71f915e7dbc9ecac19b3d746be5c5ea20bca17656cb9c4eba215c0bce3f2b5cd76ffefcf658afe195d08eb704f1188c646f06cdc5288a718bfdd57416e1dc87a22f5c066b411b2a153e72804c330899a866e003d3e79679ed67e5572f4d6d51cf07b363249e6a0b0b8ef1b789d41c79b2483702c92d48cea807959c62ac6621289e0cfd699822ee3d67134404fbdd954abe14b1ef2529d88484ec2bf7265061739d6ebb8257cd3a7572e10f05d1d1533a707ef88cf4c0004987f2ec36e2b27879abe285b602f25779576200d47e821c49057dbfe9c595acbeb7b0c8670914ce02716f434fc21aad11bd9e00b82978593e2619ee4fbe3145acbd2da5d1c2fecbd6971ddd93becca4074c9ef5fbfb3970e27a5b6e04071b34db40726dbd36f9d7bcc4f43ccb1f90a422ad69c9e31b4fcbfdaa4a2550c9dbe013e98506738d8c5a7da0fd463e0cee1529880762b9b142d0575deefc7d2cfab01c60705a3bee40bce1d43fe436ae6f5fe58481aac4e798e9b73c50dbd257ff0ebd4c3b4f5d819c65b008c2fff92c9aea1e4ade874ee3db7de6ee77ab96737261c055eccf207028bdb2e38f7dd0aff81e9b8226e39dcd92f3ad1c6b5212a7dc10eb248dc1cee06c2daf0ead48035f0f6426d362a5face46b5d26e35ba8e1cc4850761250cadfbf11b6e312446da636a2285e599b5ad0e7e2a1d8bdcc951f9b227dbb4bd9a06e93ef0b8f3fd619de48ec18161d3fbfeb4c2ba581c6869a5672e5e31c35c5220d2db1555fc3f7f930905aae2ef185e35e89acd49c8e281d08ec192cf390a1c45dd51f00df5f28a05fb5644703671c999d48fcbba3851f91b95f22b7ebccfe0bb3227eba8861f693be109f6f3dfe521739d281d7114bdb9cea54a9106f4b486cbfae56ded56cd047de4a62a32917d4f0b6eee2936032fa831e5502d2f8bc0f7bd5d14dda50e0443132cb647f6f5403ba96d6858d3adadb08c":"e1207486293acd4065b8bcaa23562d32a0e532a2080f7825b8600fb85635cc9a11cddad32d2a6b8804f57c1ca7a71447" + +SHA3_384 long #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"daf3dafeb903e95c40cbb9ae4028ca494ab948721f89282168ef7405a7b3e3c76e72ad93cf449dd5139b6840ae6f3d1573989da2057b6d098ee84a42b3431c63c7e2ee1f3eb7fd8d652f0e2b51590523154bb4cd39c2f1746708eb5d661bbe054d0b44abf0a42e0e9f4d547810304afb999b34fba2a6dbed5b17005daa82f03668b5583ecc535be027bee22ed23a33266550c6342a7153f9d2dc304b66c2da7d80a7d2e0ba0baa89674a5f5581c1e92be3321181b86983223420242e8221a562fdaa5999a2154393c5b874f6040b94927a08bee935d891efe9ab830ee5e8796d478695726cb94f86abd2c81843605ae4919c74758704a5e85945f6f4795e7d27c6032f72013ff6e8805e04c3260a66a892b4dc2c9736e896ecb625e625cdda17e2e8cfa247ef5f43ac25cfff9550de66e4199d164db581800bc5b7efd17bb7c604ff1c082711b31e97efd2d57879eba7ef93603b91cb992f1c3c551465b13dba920ebfae89ec1902a984b44cb7ceb4f11beacda44cbe582989e1a65fcab7947df6de5f9c56c9ba764aab1e6d3a9762cfd0e58b5864d7e5f8b87d53d7e6d5e3979637a5d974f0be02e22eb83fe91c1cc6764d435fc35e692313d70384a253528edce1396dcda94c2ed9d329caada40b6075ea9cc24f9b0b3300b95f6fe7780bec2fa3c260483c8c8397631a166c78562435843f88f2d5f4afe9e90e9f9b8e3338f646e9baccf0a78884a5322c10e1279a1fe3d3b993564b1f3530b91ca7dbf5fb9b935584430fc5c608631a137f25a34b99ce015e1a64390c4c5608eff4a877bc854faec694df0dc38c6379d3a38cf4be0c0f717d6e48e6fd9623a21f693ce1031c459e86a7a9a809766ef8756260427be16cca21794a797a7b5f30b4ede15c59c83ccbce64b4be20304c3fffa6e7b40b7eaeb54f22b11b0b63d159b76add1044f1fbdda5b34a768e20c5f57c566b73f54d9dd91151c7f339b642c62fc779244eff4b7d147cb1f8ddb0a1c2f15a32a6c1b400df6eeed22a8bdc7a1f24ecfdc0ff5af45321a7326d9447a750689a8476f81da06e6fe21be78a3d410b9fc1b10ede6abe06d71c15fd3c4ca044e8fdab0b21ef462f1a13ea53bc415f32a62ddc337398713f3bc3a2cf5c2955497a6dee8cc492b8c9796a8796ab519b3d441bc85a464ad4a55784210c7c458b0525d294226a6ebfe594cf39d7dfd3bed47e70bba9e0e9b0e13248d9db25080d20f112e6f49aeb222b712b493edf31909e5e15fe48c8decd9ad4f51365dddaa243e6162c2bdc71ab421a64fff433d1d944ebf2d9608690f379467517d12f2311160dc6aeeeb86820d39764a321631d616d2def9319a366ea258fae2d48a04b23406d0ab366b7384a85ee117decf77bf0c22df5769aa6ca7947b78a9df2babaa06a0ecb85ba6049f1012955d57e78554debf2eac80c17236a87c7f0aef604d9503bf9ef6a133b03ddef5017f2ff6e12418f84b8d2967fd8838cc6c7a97d060efa5c3560ab99d1cfd5f5693f1d965f1a9456ec45dc6164538dffbcf9d6ae49c26874ca048f73a913a2be7eb49e6bd5d50eea317b2e9551fb4f87b16d7db2545e602cc1c560ca4c380cf09660bda757ab76f05b400f59cb3893cdae0be6b0af48ab2c218a64c540a7db34ba2ac2726e049613737ec9d55c721f79babb59d1e3ea111bf23ae58d0fc7d731f1faf4f3a04834f9801ca2328b11bc32de651d3d77ab59a13dbf294940ffc89043b89c5378df194a8a02e398e07d32a021f17b1bf3f24d67090079225cb975f8b84c02b97b310daf9a18d32ee41f496c8b47bb93e029b3155ee51c40ea5ca712599f6e4e33a6d8cfb646bc1d1e5dc93e245025cfc5b7545344565cca725026862d97283a27a74154e974e48c17a079bdf5f200f42a04f8c7c43b7fe97dfcbafb3c1d77a4df9a11e3388a94a4555122920516962d9778661ce57ccec492ca2b198f1aa5b4e4e91027ad70148d62d68c655ca52da0957b68f8b0029184392140892d74f894bdfa06c54f0eac6ec6997fdd03850e75ab75c4042bb31050fa69c2f31e15b969f237bb68264ca46f0700c3a201a081d562ce43e7607892515e0b7afe6be32f5e0c07f7b63b1343baaf751f5d5edccde841eead49573a61aeec6d2d531bc8a49892d181579549d374465f5db623233cd5d03dcad417dfc3902df8a69a36ab5e420cff22f43cd89ac852264354575c14c59724622ea850011fa714ac7ac573a68202f8a23539a6e1dc5d319ae0026f9edf1f093cff12766282e42a069bcf0ac480fd24c9c1939defd8eeea29012c43224cef5521f05d3830e26ca07da65c57006685eb5e4152a40ee58eb8ba60dec2e8338f71d9a8927db166":"56da709aa4104a9348bb7cc4531084395cae7cffdb79616dd8df2b74b03a7a717ea4215bd79036aee38c1de07affc6ad" + +SHA3_384 long #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"e756099dc8c4c789ce92fe40d53a1129f77d8a35affb5d153e0171ab4ea25cbed6096ff13d0df2f6c206b0ff1bdfb7755c6d59ed1bff7658d237fe798418b19da45f298632171ba82768da9813b01cc105d50159abd95193baae0516904c0aaf19024142ef09ca07c55f82f205d2ca73b85b8b60a7ae7730bf0f9169ba67ef5bfc97be0fbb0c887b6394b2f7397049f53eaafeec56a96e95a902a75a4a91e80c17c9a9d4e048db6ccbae718ef6b01fad5f6862e401efc02c402e51d187f17e27303d0979a4e44e42c356c89f86bad605e23ebf2ff0abf45b4c3c96b6bbb03815109ee6e5500966651434bd132fb7f66391d31eb76b03938c94d37ff12cf59f3e7f9249022bdead3d86ef5bd03acf053132d08663ba1f2426e19c126b22e9390a44c139b77f8caa33e030a7bfef298dd68edc001b24282f91fb3f590ae7b491e229d5beec923ae5adec9eabc895ee15ba6da093c7f2463d34aa635cb7c27d2c2cf473e089ae11e71470e26ed47545264597c347506da0d579b6b0225bfa6c94516e45a877193937d135a3f8c9d85747dfd3ee249cda5f7fc7e6d0b3dcd8ab50ba5ff31d9c1bd95d4a038a5291044c00f0eac9339484aac38703681724a45fe8ce8f2547e1fe19e2e9a13f8312424bd9e0a5fb7b20b2aa2a1fd5235619a6b3e4f4c5822f2e08224d15d9699336d97c5b17ca2d0429ab873bf824a679a525cdcd96cbb2dc6c831c263571b08be313080dfe2106d795b8687f7ab89c88af6bd52b1b675e5681b52ff6b332be7203361777fb742ffb4e21757c0d59ab891ebef484eb622ea657e78143f6e438507d8bd02277894f783a2ed8bc1ace7b86dc6751626e83c9d3d5603d98664fc92d395a5c95db290f574327b6c707e0b586d0ad164c0c94d8e5e26a897a6b3a17121febe3588d1c179f50533a233e570192e2da68cb2d5b02e5684b8d736d6fca0617858cf4f72a0e5848fb895a25fb06b1fa35716639a2f0da4e4c730ad4b48b1209717ff07f1b9d8b1567cef426936deb000559a5982f49cc7cb560c808d2023dddf8e5d48fb66b3f9edf2f77a8e9dd48dc934810b2cab6c4d9ce7e337191d68f7b60e6298ec4217ccbabd46d13c3ffd177276530ef3ddfc84fdef5d578b8af10cbf1a976e40d664a8412e65dceea7b8db708d88cb84f6be3c52fed36831137c9b6f55743f859e3b2b15d8dd04326f8858580caac73c7031a24078ddcfc6213c122b2171934703fbb3ad5f04dd93e1ebfcad563198a6e4e7752affd514974ee00f971127eff1a236e07bf385cf8fc97456c50ca5a630cf501386f661dd40f6e8f217a6ffdc11e37d101668c850826081f553928f768699fc0be8ef0c603fa3b758415571be34522ef0e11155171851c536bd8a479ff4cf5bdcd56c2d640fffeba088af262cb578dcd1707fb479ce179eb98746767927e9eff4b0d05d5f2e45f6797206759e21c1f75059165f0ef02c7eec257984988c8438e22fce049807205831821df88905b81eebef77bd2d3afaf65d3c760a849f08c73386b7cbc5471991672d381783ede5a402c816777b1b2d857b20de70a3dbe20b577a200b5d5a9c2298f7f76b0526b537436774e67efd1eccc477154faccfca85cc5e895bd6be229c2566ce5b836cb1490c3205b28f7d590cd7a3acffd5e70cb710c87635b7ee376ecafe4f71950c6449fbdc5b3442f856e6033b2829d5be332fb33c59117767550ac822dd45a0a238ba60bae814301ab2e905a1f93612b1e850222eb4879bc605f0cb790a303cbac93af9523ebabd40d7862d7ca2ad136e66b8fc140af0ab66c4c1337558d9dfa2701c1436c19060f75f2e092fb7076e4068ca8f80eef51cd60bfc9e8c4b9af015d80e5fdd034db1ca9471174fa8cd79e449158af9b2fd669065f37b3254fc14716b622ab9864b362711dfd630ea77dca6a22a4ce319822f324d56480bf795b34194b80350dd01549971dad4880e9eed23ee6963d1652bcd183c85938db5d063030e8078374a18939e1ee280c9879b41c898635e492842c6debe11cc1c12349a32135c07d18fe979a193876959e80571212a989abef56fb2e24c8b705b9f4adf5b5d9b20c4010c8d405a5a0cdda255d1aa3f89b7b73f1b07bf52431eb0bf8b98eb47de51633ffa34f6edbad9b9491509e021b723a687dd3be279e935afe56f5d7e6c862843af2b1741b82a5e613ebb705f8b916d21421ed5e82dde43cdb37e9361363303f9d1178a9d6439198a05c1bb74d7a9029c00685c3ce8a2c78eac21e1402f5572ea485825765c67898830c031cc908e729b3542355d34c74f673201bda7c27e038977657e791b262ce0422f79c340823b937324f7c59ccc39ebe7868ee49a1d247bd0b7dbf22af57226bc77f9f55254dc092c892a027b1215813f38eba310a35425f6d7e49e067607cff22248df5056c280d3f732906a4960cb9b914a4fc0a1210c5c4e2ec937f84c4095c6dcedc5088d8f0bf7b7fbe4d2ba2f9f18216714b709b37372f0f":"2ad3d03e159d5ea831351e90ac1a86a1bc9c607da81908cc7d14f8f222088c1576363a6f00e37c0ebd34b11a0aeded55" + +SHA3_384 long #32 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"d2e63418b5ed46aae4f5b414cffa98d391f80b6d2553f6fad77625e3f8ba9dead68a306aecc64ee055641eab875dcd103dc72781b53e641f1c89447d477b5ea7a316b4636ff78cb628ee7baa45ecc34f2522df0046675be7b7dae9c4d0c9b2e920d2ea89a748a73345d9f39a736d1f9731505b713f94845b90b13d3efc6f41b93506f867fc834860956dad0278a98cf1499bc45c0a8e8782905668753333b41ecaf90682d76e1643fef4d26abc68b063554942490e1d0b659d1091f1dedfb321c7f43d649ed3bae769b4895aa77133f83da3fcc1b308b80aa029e0386339e5c9143fc494bb78db51bff6fb5ba18ebeb5e9f11b4b6119377b82e77ed42c0af31e9a22c49a9425228be6024ff41285f9a4427bc670801630c02993934d9f1984283fe565ff93a4369cc820aeae621f8bcc2e8826b778c84adf7f744629263041f0eccfce4a1ebcc18c4c984010f9241d35966263a8b2f72ee26bd4c0f22815d27d8a2928039f34686359b12ca23f5c56e8634fa4cb946b84d0d4f9292f0d91ded7ff3b9ab27dd5d52ad9b59bec9d8fdfec7b9811a987ebf3b2a42ca8693c6c0d07354d4de02067b0e9b3eab47779845f49c885d3c9f441238fc2b565271f6e091412a76914f0b2a0a6cf99a0ca3c047f08315d12b34133bd6f16dc89f11d5f7706809115d7557d4e6b1509866d4fd7e7309d6af5f0d88a695b88e93c4f9e0602e6665279b0b792623f6d848fe918c53ec9f6f2a5071f0dce590023a5ca0a2c50bbab33be277eb7832bbf50e3c501962cdc233e4a808086957466d4ede9ca99098d397c0cc412b55935f3b6a98971115b6f0c960be461bb65b1a2423b354415d664f7758a10db538d68f1fe0abed0ff708d994110ba2c76e71a9cb5b835e1685f49cd656192425bc7c9a1702deb8528163bb289828a487dc3b63d778c7109594b43a396b8d2ad93ae62eb543b98fa54f3833fb489dd1d98a08d6bcfde7125b2425b614eb85985c5eb3ab8f15b4d964baf6c280b4c39139126a80f04d6be9b39ee98f0d689ae33b72659ee90b693c1d4f3fe55d6f429922ffe0e125f9edfd5b7f4023676525a1d3206c8777973f1e3b96742ae5da8320239d0c75a285b5c39f3ffa11c753ce3adfd338e39f4bbf064c0b23f1ce791decb7843dcd1a738be31b7b57e8a1d6ed34ae256b31e49b616adb27cfe85bed6b455b400545e235b8b24c9bea069b410b15ba717400dbf8bee24566f85d328a13c09b4af37e8e6ec4e7af2c30f9f834c064a151d3ced9f63fd327631deec6e17ff4d42f78e5936148c9afa6cd416d248597ef411afa83165cd3fd86a11bad862848a248060985cfacfeea960f6b4e92c325f0c9aa125bdbae5b445c32423adaa532923f3b58da0c89eddc7487d630f21195524611b4c8b89cdf785e321113716f59007f8952049a382cf1bcb720a8d4f97c8060d2405e3fb0e7260740f6bbccff12998360939a1b5022c6e92dc91abdd33207847c5380c382f8c9e1bf71985fdcf5b9e5618c0ee26a65d8844c3dfb1f376c543b705cd4f67b8ac0682e002dac6188de0ffcb9d791ef6c8318a2fdee7bbe7202f04ecacf4b0313c6251d2100255532927da29b88ac47bd6310c2975955a0e9703d782be433c23a37830d62a47d008963b8f3af96840bcef4f71b88c02fb739389d7d0e98333164910c5f238ef60c03ce4c506495dbb417c5462e50c77c49f7d87addd16febd9096f4bb3023432c0183ea24968eaf5d93e30986b7db3cdd19bbc600b12efa001bf2ebb898d18b5d56d31456f1b2a74d398e338636e2996f69b70e795517c0273ec5bc64312b0f1a44942b001f9b8db4bbe39d096a09d6a218d726c0d0bb9858827730690319168c552ef8cd2933a9b9a24c0eb85c393a9dad85d87c2a00c9bb6d700f6c1684eada100940621660428575304d3b13580e89b028ea556cd09d7a891821187352d12dfd8dce6aee0ca23fbcf72339974f9a8da92725f59d125aba5ed82d12216d14ada523698bb91e0f100008585af10726d221ec5101c5ae49a67216fd0528bbfb818f31d86d807ed220c7cdb4472867fa80a0de3624ec8bb263503b57979126cdd24321e4b94b1433969cadffa844565ebeac659b041b93dd1c7db004706395d4c74a59551720c8799a041000244ebe99b4cfe94a495aad11f782dccc39a6ef56892b43f32e0982ee56895e80644d86f48b90d2099cafc1981ce826769a621e9c3f6e4585a70d2ad8efb20047104996b76b7789a1a524b8b8b437f8cc3aa009ee129cc9d52934a88090075c1dcf4ad62a7b0d74da0bc078bae7f5b994c26898932a3c36a95d87e42e5f11dbca49592e94e4d9fc7b768beae6dcacd097d9c0b3d5aed6f4caeb0dc62a8457e515277d863fcd64894e908ef683bce3a79d28b242fac7f36b007acf37bb2862e3c711bfc6715f348419fed085dbae23a56e57452d4b9c1a0312b2d31d2a73b83ba8ae25d673c2d353a56b597d34dbf332d10d815c1056d324ca3d2362c08ce35780a7ba9e8d1dc960ba7d32c8d76bdbb68ff26fb8911ca636eec0c7ecc29c6b9d17a3830606989c121fdc624c0c85639970af162715171ca147e6c5a57bcad677354b8af7285dd6d09e31f1f31a5114443cec7f92e66ebccd9d542773323fae4ca147d657":"355ddfc00153e895e8f8f3a4b7a5d45d4307783744f95dcaa92d64b166a0b8cbb09aa505035c486e3925d92959fd00bd" + +SHA3_384 long #34 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"ae6d4141b918177a21ebbc69f6c36ee6044eef3db26586272a9c46f9ba17921c7a9fe1bd30f4bfc57065150c089fa9c99bc3e84e8bbbe4f21ccd994ed77074ac2d5f16bc5ded5589989883ac62e0f3bf3b5aba157f00b3a88bcbc653218469420ed766a609a9dfaddfab90b1cd2f55b02d3becfc56dcfb33bdbd557260f879c6642c5ce3fcd068198ec7c4831134d682ba8f0669d7f9c57afbccce125b77ac2078897ddbfe0bf5b5ec13a68af6967e1e287e91c6cbfc18658c20ba9adba70b38921453f7d702906943b8be2f44fe556cbf2f147afa90fddcbae0a174a8309df6f9f5659d4e5c401dd9dd94d8c2136454c9cb17ed2c5b7bc7cb3509078abb6b43f7553b362dc10eb9f8abb1ef397eb2bf8c79228729059a0e08467cbb49f07b05d25c5e2b3adb0025e64a9cda71e647935162beb0b837629ab93c81f8ac76d726d33155e23e4f2149ebe1dd0332f42cba60ad72d0a399dc51263ea1267cf6878c42fda8c500c8760d5198fdd04450681a0183c74fb0d20f1c967562ad8117912167e7e03b4aec095a5e9883ab6ea1039d7c0c4495a88b04e453084ff68382ffcb891884abe263e1165c09f7fb798f062a186f710a526bc18fa320ed674aded974f2b71c7f91d6062b9113e2272ec478a81fd5d617781b5006cfe5c6699dd42503e8ed301e1fed817f46dcca9952e56101d765fc22e042b9321e7e6165460ced60b4e249f0544f59fcc28f3ab8b09dca1c89486a95538902fada1446c10b2d38739ebdee5df8a596894f52b7ec0f91bae17ca5a8d69998354549cefee7b5e00f24eda7a8cdd296410d334dcb9d366c3938faa53f4f7a1659fdb5d5103d0ccc795bebc7fea8abcb6072b7aafd33eed44f094970b666beab77096450042dd79a7e00de4678564bebfe9f238ed516ff71053cb22d95852c0096519f68631de0f126fb0f4b9e3f7a9f207cbf23dcaf31ed62b97d0565138ebdbebdad45b377ed7a7a34c6fff9cc008fd0f1d29199644ced6e68f21fac78aa8af735d80e7fa2c7dc81934b891063a46215e6a600959e171c323259a4f51b480d4aa166ec4c0636c04301e5126b6e2fc1f843819756c65b1fb5fdf9bbc56632f1bee9a006a40b01cec964ddc293536a537ff0ac7e6642e0a100b31b8da6c02fdc5cf5ce850e19f2ad1aa67bc00f7c1ac1b4d56fde4d7c6e48193a07411f9106772bad38901398cf063ead0735674f0ab29fdb11df91dacdbc0a7c0500b942806933fa255039f061803e63c948243601cf47e8dca8bcc6c4a6db5f5df2fa39655a7cc2dfec0b8970c421ae0922cd98c6c0b4e5166256a71dae92cd563e6cdf7df40fefac8d0eccc479ef780eeaeadc222ceebb0834e5e59e7b39ad390d979c8fdcf367d55bcc1f2448b1a821c9046cddbbfe50fa47f3e810b6d7e64e8602d965bd3014a17dcceb59d96e268ae7a2afbf16eb8e34c207173a067562ddd235fcc53dcfdc5a1c96992cd32eda916b4c0d90e5bd5cfdceaadce6141a082e18b86f7804d7a9465fb38f62dff9ac7e7e8aee17cf7ca19f93629eda88cec08981149846bb5062af6faa37c6a4d8849847e5ba1d7d31476038bac6df0999723535d0e1f60a42efdb7303f81fcbd24a28efe4d96a97e43589e637babd3f84067b5b74b15298b6381394473934fbf0e6769d10b4c6c49b5361c463e33cd39665a31b886f200eb3249efafd64cedd3940ca7aefb1f9ac608932fbc5a9246dd875f59e95852913429dc6ccade0b518b5406cae0b39caf83abf42b2e5753cb4501fb80c235a35506a8bd133df15b1556ccfa360ecb5025032dddb124cad4d51084c368db8560c6d33d408561c6b8a3c67d3b9b8188b695b4ecb434381bb1feb08e2b547dee17511a561b35eeb4a0774ad35f4df1925c7c29871c26c0c057a2b56cb7e651c6339e4c91a1a72d51af2a646de9dfd77e9e42c18b8a2b576f526b9fcedd90dfa442090a6e784bb614311793bb5fb39b8418842d586294746f1ea3c02320d6801ecf2ba44b13b60172d2d9693a158bc66947aacd7c5a14a0463905d6e80649db8c4770cac5e858a7f400da4568cfaae08498311265b50e539b2dec34ac124d4a832772ee5d8ab6122e57b4c8c5d2a3627ca6b1acb327f416c469d169edc9637579fb9c8f705f40c87823d363efc307c4a7efa6ecd3075862587940070b902eb4f740681ebcfaab436811c09745054a9f9cdf7b6343f7cdbecdd8d27ca40b01b18172601c81d1380b848e06e3443dee5bd1f2c990846da684ab04e33b359e7ed38f2e1f196d679999441510c88bc15571cdc5fc0522cd856c668a1cd34ecf189396bfff95ee4222652d2368c77a44328a06c59d21adbbecde96d4c9d53e11418a3ec47c0272e57507b65599509e1ae7fd138e278663ad4f43927174a1a2099c2fcdc82eff99c5f3f966180d0475c9e8536a6c25a403161f440ffcc7d9191c8aecea3782ddc16841a2b2e74e438fd5d62571fc01fafa8aff5865b31ddbf1de805a0a9f123d9840c0ac234fd7ae5ad323dbc0ca56fbc87041e92a41013acaa43eefb55b579f7ce4036e4dae23a5452643eeed339f46db6a997ec432fc660211f9266118bd63fdd68c7188aedcb8fd53c8f74de4453cc1ee6891c9e569fe46bc51969453de2b797cce4e7ace4d69e1f0255d6938e37e1a5021caa1f4f453f6e7daa8c57914669e5b3b6d8a690028717febb9d5cde46b33447771f2de16279148e6d58b050aa5db0676473e1b9f854a477e650a0fe284ab4fbc3032fd39b9b44428b54b842b59ade2e1740c527600db0b70177c6b486ae0b6727":"35176b0bd105670592c7d16861e82818e5c86d37bbaecede6f37dbbda4d9d841fc16d51b3778382fef376e05db0cf6ab" + +SHA3_384 long #36 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"b6ebf0e81aa4563dc7d8421f685cc3b59d1ea2f493659408d759b3f56cc52f7e1b1c41460aba6135906db91d4834d99d6446ac464456abfd481650a0e2faceedef3eff9f472a9ed99295b6c85ea85a856fe497385666a783466a671e220f0cbeda5a113cf87c73f37658216ad340ae3366ff4a12f11df062795ee1b5558c50bb86765f6546394a49e3bee249ce843e6fefa0ad1c3c02ee628af9a4aea3fa04aa989dd16159e88aa582d0e2ad78fd7003b5cea89e609d0a4a2144995133df8f54bbd44f7a58119bcdfb9507e0f932adb55e9123df8576aae4e545a8e52ec659819525c1f66b3de589f5153a2978ab5e4f93f10628d11638f67f06bab4bb34caf8ce970f1ebcf2d0a3195964cf1df1e997fbf739c16f041a49968fb50403b34a830f32213a70bbc4e10e686b1b128bb8563faaa4f285c8baa5d3e6831e2eca41e800ffdf92b21d290d7c4b39557c013153061330033ceb7ed2de150a4a630217f04805326da8a267ed0d08b4c586dcbe58f938c33bbbf4d0975e2434cfcae134638f4d00157ad1e64a67a9c6b255a3c62bc02346e32b6b17bdfc19e7f78cf100097fdd33d051320eeb3235566614deb19502dca243b3d8ba0d5ffe0d08d1bae4aabebfb1e7554e489a17b54b27e916e65e6769bda37cc4234c2fda8d4bc0c3460df4fb64a2adacfa1dbd308f3efcd1cf4e99d4814badb7b94516b64f0882948ffbca97324882d58e3dceae09f3769ad32d3d25d5826f37e4bfba993b873eb5283ce79d0523fb4f6ac2ef38a18d7ff65ac2fe62a092eace0c81c38b390f1daf7798f514c47941a4f874cad43f563e6fccd68195ccc145039954da9531e94708e6d7990557937b5b9e1b078dcb94dc8c923171c54058a95ef300a7bd0b5ee34bdcc07d77a5b9d2fdc67e4e682d9081d5129b74fbe49e3d68834dd10dafb41afdc11c497298326e11d766456f4e9253d3b5dc323ea0dd2aa8af03018d053313a8fcb3a5ff1748761f399b97a914e17d0de3bb55965c5b97a7e0e9de44f625f7d3f74d37240b4112b053e5ea1e68c7250c0502820b0062adeb7fc8113a68d0ed0719b2aaeb5a666c4b8f0ce7d7338a7456817763a6743893fef2684177447e1ecbcaa9a45cedffa97854d735db5b739175c1e3a06ea0257268a39117047375b1a772fccd7eac54f4bf0b0f7c32cacaa4f12b0de16c6d7372aff80b3ae8dcfdcf237971cf597fac73a91a7c66e566d7d75029bfcda6c168ba5d5b9d542b6660a0c848d14ff54f514ebdeae699fb19e1501c22bf0c26864e73f933110ad6fbe44b1d45e3f85b0289ae83e315bd7cc93237dc7ed647f4a26bc40ce82d06ef82d3f9abd9716f92829dbb846dd17b716010b519a4cc2616ff08d61de2baf081e273d1f86c415fa2b5d59c47f1e17be1c5c4f25afe695096836cd1b4887f6f91050dfc8e671d6e9485787a55d50e64d4e0961527f3756e7b18e1dc5a44462c29d2e8a1f530cb446fd9d07c348320de5299cd4608ebb727cea5ad1f957dd5cf50314ee9b331138a3b9823cb6e61df9364d8b3af864ef824961119c3f09cf5ff0f0a85fc52d1bfe800acba8e8bd9122811858e752885000cdb466df0f0076e646d45d6015a779505c7fcddee115283486288a7c377f69788a62bf1cd1f2708a772cb8920518d5f8a9770d3138a34f8995dc946bffa0a8540fea8ed8304648b702682e683c17ae31e79f0e6247de63ac30c31b391392991dbeba5a8392727be669253354f31a6ea6a74645c4973d2116f77a63562bcbc8502750a6b1811d66a32bd26bdaf2a793b1690b47eacf35f4445a511155a0c29275ca5bf7e4849db577cafe4c7c9335ba0c9d5c9947285f59dec9e5b9ca0b0da409282ad29f0579c4deb71739bc5d4b4df2b4c89e6c6b1fce20d6a6a0f5d3035974b14bab439c48314270abd81cc95ecc1e5fcddbbce00dcdc4f1228b9b815a4f63064cf664a17f673d982a9c106ff6b0e9feead5db2f9fe535b9d7ce1dae58e23e879d5884cd85f34a9e21ea29a99998e0028e2129b25c80fd8134dceea2b5be71c5cb2626690251d3e31066db0ebdf08b1b46223b10aa3d76f7c85c9116c720a7413503cc1c6b0f74177486b727ea3465a9a17d81b32f874c8e10b1a77323d5497a8955e8402688959bccce106d94e0ea2e0e87802252daf8a49c7094304238d2e226b0fd8ccb59d2f097a1a948549293190bc4d8d69ac4e5dbda1de9e6b8c7ce08ab999e5adfff96a653a5d4508fb5fb0b17d9de588db19eb4481e0afeee0ea56e76742d22cae66b3d9f4f140eccb77c74c12b1310a24dad9e64f589f15889f38415c53c8d22aacb26c901faeb8233b1d6863d19a75ee57d2abf38e9568ea632da18213ee25db930e26f62fb7f56a715b0d58444853a0597c9c55caba706ffedd0ec0cc6daf2ae3700f0e69822a07e22843d954622ba4a87fc05e5435b47f37f190fec46cf87d637f30c11438df64562d13ce471086610c8420f4732fbc83d7112f244514863ddce490f57a009de89512841f667ceb3f4d33c20071d011e1a7e4f41b958ce3d317463793e103eafb667e9fb4f9cbe2a63233b06b943f3a036c13e6c9fcfd97a5d94e2e849269510592196b754828f3fe852df21b25a5bf4ff1450d17c48f281deda47caed559576ee28cf04b9ab9a7af0cc88efa6b29292ffd2372ed336920a21aef29fbf2fb869f1b7f361c39a6852190ad8eefb0f4ff0a57551c3493b4079b27d73e52307865fe089946d26b1816bdd883f9e13a2dc948c88213d22a976372dd06c29ad8f87cf4708327537937e0e9aef3d8ba53fd1050185260b1413bbe8e0421bdbd32a254ea1ae5e189ab2a6d0ed8a53261418c5a8c0f6f0ab71fc89f5764d338a2869f7446cf657d5a481a45951f400fbe4c013263747e19ce0e658f35c4c139311c17647157ae02b09a2eeee44b6d78b9be851d3d112a96dd":"7d9c9b9bf8f498815a36dd421a3fd4a67d8333a7801f4abb9e4b46270dc52cb17feb3b953fc34fb0f18b36f22c66f723" + +SHA3_384 long #38 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"8a73cb778c74f6adfe1c404bf6fd8505690589e74148a13aafffb0abc3d155aa3a52631197ca9206753774221b95aad3515c57fe724bd5e9c364a7590338aff74364a1f8f85cb8fd4f67a838c0ebd3d1e6ebbf888ecec89b0e6212ead820c2594eb26e76d8b2d15c34b5c4d70e886ac8d1b9aacbbc59e2183801d9a76913f6980342b0d15f5546e9ce27b0452df3d580b9cefe1025758b27ea49e5d8df98b37b091e5152b4cc7d6dc2c854ca44b47ec14733a59ff0a92b92cc431cc5613861cb094e3741009fe0afbb9d98b07b54cb5323ef85c0467e2a1f85f667b518796850aad84ce66a57d6795fb0653dfb5a26fdf40a88bb4f7bf097be6baff22be631d295c676881b7bc6915608a1bbec4ef688628d95d73228e5c11ea8dac2c304221971209f713a931ac049ad367076b9a2bd177f935e180d72674eb7d16e085da4ece7ecaee7f02739cee0a80aa5bf219461b8e86c9628b3fd4ff5a07d3d217820159f348b3365c08b83c20007a1f211333ff0d107c88ba1f042bc69c57937ddfc5a40ff1e9dc0e578a798bd14ae350ee71e64414c3b685fb1084b1c90687115a28473564f6c2a1f680109e81812b0a218c5bf402339e876aa6949c0c854f8a7785bdf4006eacaf5c35abe87fd168d542efda7d67408336d412d5e5e5483f31be8a62dc52b5dc9eff17a5ea5aa02f1ac918ec40c27f170cce01b33fd1c3e8bfa582f04eda60e4e955a299247071e0633aa40c0e9243cc81ceefd70a508cce8ca32bc0dc15f458270672f0277fcb1f470dfdb4075533162e3d399bd5e00773116dd16ef483e4a8c077e53553c7105e3ec9926efb99d1867acf6b7c031ec858f63c105538a2c6495e2095e349f4e60fa2d41ea72bce838fefcc1212425b43f293b4650e1900fdcc58a6e1946a67b0b61bd3def74871eda505d9b9e8f4340ed2825d4c14061d1fa43861749345be04e4124f7fd9b2025468456ecf5aa9278d7b3aad31e19055806385e6ab9a5c66670c2e8d5dc8f91e7c4c3701def1c1a4544f350ab3013858e48cb9bd13042eef3bb0b934153f9e24a9c353194548de38d7e0fa2c4bfd7e8590825c4b375b3db707545ada22c811938150123baeca7f63acb302587930c36a38d6d6177519f95c6e797bc602dce40987850cef77e0f5a32747e635a735b785320ccfb878cae25db592a4ae31f895e510d49b9b4d470175fc020e3a6286cb551096a194aee8992991325de92c9597c4d1c156c57b47036a7f93f2dd47be6f585906e43283fd8e4e75cb101d7f5e7a173eddb6f4ae7b7bef46502ca4a317240d7fd010189464223ac7ef6391969dbd5abc8c44bf335eeb72d4e92417215b79f2f974adcd5cc7058d2bf1b11c1eedc20ddf4f887bc65bd293afa161ab3ee5e1975a7725b74990a8b4068490e354c928bf1ba9eab0c41cb1d03b2b7de74830eb79175a007cf75b7c2dec0a7bade4ba61dd062de3f4a8fc19a6fbd9d141f9d70806b49fd664c281f0794115e9c24b3c0df6034e1cce01846a96865ef441b042b7ceb6bb1025479eb614aa1953c704b87d78a77cfda35a40351d6f0d6f6d080e8b3fa22e3635031c3d9e8ba752328dca40f3775d0efb1fba09a9fa779b3a6d94f2e7eb8bb0fa6184e7556a226d8b62ebe8f4d740a95bce4c48cacd2010205d607f460736290c0f6353f7ca1cfe380097e5db6bda853be281730e5b9956c5541b90d899c006e04931f3f430198cdf0358c835898d0b11f8f438d32a35e78fee00c82e07abc2fdcb7b57c9108aa1d6c798f091d4cab3847e1edab7cda83ae687ca95a4c57bf5daf299ffe50002d5b5e9f30f5eb23606f9fe6bf93a9a42d96fbdc379db779317fe4b284cd662f48102d6d1651ac6317df8d66614ca34a84b920ca5f530829391ee51a0df2bdde24c341ace9254755fa0e7a287bde5013af9e3d0cc98527afffc11929e1743b54e9fc02235377a4412e86cff5b4529a49d7cdbc6b1c3bfb53acf0e8a6a95bcadbbe43d89cfa51ab6fdecff295b4af683223cf03af017b6e5d6834ba5b0caf51b9cb212bdd86ba4426306f4dd024fda118bc2b7ca01f4f67145a13f70eb379b737391d63b0a0bb57b04cf0466eac452f41c9698d051fbecfc2ab17078845c1e69d30c0e8dbf05acc535bda4736f38ef9f67312a0a8a8d08cad82c853916b8dc533d79022261da18b5885b3b7f1a2e0e77ee2ad1c4f638e871d08ad41f1cde73c4057177a5bd0987c07f105fe676043e1233dc269c3f7ffa85c654e3a6f12d6330ed8dd5640b04688a7c8578460d6c0cf2badd9efcc0d2cd8b1c033a7d4e26392e381691f9f66b395823132b0a4ac5e99df597b15314d1bfd6341e5eee8e79441087a433e3e99e78cde551decfa892628876a2f45bc5ed600bb12eb7973c67329c5ecf319e5f2eb56045ca0a02c151e626b077ee733e965ca0158cdae3d2a083061ff011a5e18c6d93c6d433200f95030d259ef615f95ce427d3e14f70db95a3f26daf6a870b580ffcdb08f0b3fddc47b06870a1c080b1b4f76e947bbad1b713f5aa65a2ae26e22af014e0b93b16881294dba5780f6f354db3684ee61e3f95516468ab30a7dedb2d11e6f40321d438f23f01a5ff6f0f47fcd0335915378fb0fae32af8baf09da3b4c6d3ab4514c16f65236cea9e4c0b6a60d2624b9f834c8a5ed663c69814edcc20a36d8f1560788be9d69ffbdb32ce2d082e77bedb8de0922bd295ad6e8139c51f2c1717fab1441f0ebcfd424ccfd2006168d5fb6fb40658b05c531594c22c2efec552ce4b63bea9426b2766595fa174fb062fa9b292085eaad80e87a1541f5a5e03b31aae1462bb035580c0878ed70b338ac7424aa4710469ca3a8c1ab39dd7ab6bca95893fbab4e000abf96dc9cd23a97b4f5d9e77dafa8bc7598b777d12376561ebc77332413756f0fb79629d1e6edb3c2a44346890a17f440e1e3dfd36fa1a9a9918e2b870a2e6ab11b90c65254d3751da9e93035c89b2c4aaacd4c05680495a75125e2ed3980d936130c1de7c3f4c50f2d530e47923c4cdd1cfe2731b7a6035e23c5c01d4773a4e7c993955adb598cde580a46880f033d3f5ffdd61d048fdc1730f42de1dd0fb30c":"3aa0630a5e6dacff792164a3a0da804495daf356a6c4628965924f03c16f9a0280f18362ae52a88df4a81eacb859938e" + +SHA3_384 long #40 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"a9daec3394c46f2d6362b15276e72c043565b6914a3657b50e9c586040a49cbafd503464ecf42d01bae1acf6c6413e6d1d4269a0a8778754a47bd4a353d7c5fff1259b74ea76392d4af2323a75be2791182350525fec584f690f6ecbf99099826ea34beaf5113ab9fddc6ba7eb268f750f4f932ed75e73ad43a24f5f9999c04a5a106c4e748cd8abb9e97ec490412023eb0f5bbc79947f761c7a9ee79db8e35f9fb52529d1b0bc0d685f9419cdd680a292abd085ab5825b2dbe084ec6cb6aaca23da9f0273458ee6f187d42f08af57faee6b1910d6700d6a681c29f56e5abc92d0c70261c213f53f3ca9678daa924e34e6965fe563a5dea6ab76b48a0b6ec2bf8cc375ce26e19a1f310d74bc1c480c566176c98db8bf406c8c364d33abb8635a411720d20778258eb8fa2442c5993a6b4951808f3f86ddc6f3a31e79b602486ad60c2cf4cda13d95b9ba9fa90c4c80788570ab735fc25abbc8064ce3941218f733e8c1bde0228a3a1c930c785b2b8587fd1b73c27f3a6253f3a702faadb07c0a40f306b4a9c3b687c9ce933819fcf29f999a000309b79b975cce66446aa61ca9e57724618e4e6684a8b25e70ad886ec9413479be6401ad8eebc3a04b31bb9fdf0aba434cf8894438a28992a88197a20cdd32067cf8e0414189cdd9976bb6aeb1970589fe503ef8ab9d995a69fcf1367055dcd1c32d1cffb61c3639ae8160f02974a021fefc332ae5822cdc39865dd1fd917aff1e6b7c8ef78d44e71ad9810e4e89d331d4663181ef3a8840a387a41bbc7954bb121ac9970cc5400c63dde1af28bee6e209f4ffa5d0acf5af2c678ebeb4f6b22b29a2cbc1fbab72cf0ff4477cc0fc205b2410673f90bfbd515e8fe35fedeedb77ea6b4ab5ce262159a8857c1c1d29cbc5ad212ff7385d274dc0656ba9704b18c8dddd0e1a8d2096d1b6fa4938472f2d472c8f2074ce6d7acbda52ee4144f3b1468b61de993e801a60bfba747847f48e0a2ac1025f5dd6fff535bf33d271d0ee187b5d84daeb2ef32e4d2dc583246238352f219d5fea82fef15812030200c81667353bc6849b116962e7bb0602e66072f1c116b81d7f58bee7cbb52679f8c5735a42616d3f5713c62516ccfd9c96d583666a081d4023408900170e64e061ae4b1a293941b5261b509e60c873fa3babb4bbb15f9271df22a563c38785df446be7ce7229098b101251f6501731c4ddc94d191e84e058bae65b3a5786501da8e38f9fa69b8f6c1dde0f546b21fca1841796a73addcf9cbc75f3aa5c758e4395008bb54cf699fe5668d3e13b4f9f39397dd68e8cd326e6edb5b5dd59bb07f813a92237eca2f0e9c298e4c44707e03503e357f59dcfafdd568fe9fbd6c083e52bc69d4d0f075cd669578c2617b2893deb315f05f337302afeebd62b5beccab2e44044213c8da46d548b112f34b960f8f84f37e518747274edb2c59671a7a30647fd5fd8fb9c92558a1dbc0625822e0f322527bf94ef3d642ccafe649f59d8895ae6369dd49cec3713f6d5d47277ba29a19c76b8ed0f58a2c21dc9bc6e6a2fe427e3119650f57bbaf8fca4c0a4ffceef4e9a6efaad3b8dd5b7926ec6654271bfb6dd37ebf60f0787401970f342813009400855ad5bdda2a5141034ac0c4966c10dbaf1c54e525845f3348395d467a91e7fcf74f8805c60bce0816593ebe8d5933664874ce127359d1a3523cde21801d614d51304a3208fbf23cc47a58b8587dd39c141a736f46737bc0399c3f5fc00db06047af94c91f759e5d9230a738a45461cbb66ffd622b7bae1882da0947b6ed25d43f0fe04175f302f9040ea2b5dd576e939407b471aeacf91ab268c48fd12662279be3b511a91ec08d9e86c3c68ff16a82215441343cb1dd554ceae98eab53d5c902dd9be025336799c61b82d118dce5f602e81c104214db46b6b2f0caa1fff136f8300d0376eb689c1f4f786c2454518dad35bdac7b30637d946362ca518554ffe08d71121aa134030e951d0e2f124da784cfae5f34af16584a7ec814468e7192506870828cef5a6d188ed91d95712ae22e0856af0aeb54655d57992edd65c78ccc3373db5a406c48c18f4540e40b89ac0d824f225a7fbe2341a04e7092c5c75db8810392ef2eba14ae38d9eeb73bda93a7c0104fcfd6b420abcb509013091173a9d3a83fd814f45f12fe1f9d7bacbe078144128dc77ac6dbd04b57f3baba066d24adca38819d8b96b4518ec3adb874963e80fe62ddf676b373a2cd12164346a89d71f2239812e049e6d59007d9f9bebe14091c758fb43455ea642881a25f32c488b2a877783fa2e74efccbb06ceafcedb63ef52c394e9021c901d2b8db485b3f8b0265aa9e5e440d4129aa83e306afb3a9a5210d77100aa583fe842e4da93077f8c3a2439709341a51feb4c8d8c7579e42de287fc5c3146fafcc956865fc531c7678f6b8eecb039d15ee6315cac7750c364c6419b1b24dce90fe8eedb0bc238b68b4cba1021e2313f17b4de11561989be8627c61a7780770fc06e924ba63324363f9a9627d7d22fd7927cdb1653032bbcdd2c9ce338ee1c535783ca3ef7bffe2ecaa1893bd5283e811667b1d16bdc3ea7affe4d5c2615d59d1b4e1f1cc70fcd8575881ab4e48b6325ed9de7ac654dcb6645c461ef089ea9d555f8184ddeca99258878d2facca3a8ab5d45050d0bfdd8e1e7a75e03a830a1e44da83e3904996af54b983775551914fbaf88935e23957000ddcfceffcc74c3b04b871749012449dd0511d38e4695affe2b8d1a0676bc98ab6e63384d3d11192297bd2de39c123dc5000a2eab69be829a187d226dcc1b5acae38b2554c3b0ab22787108719e0c4f9582acce36843d94b8c07f31fbed59bd4584711c7c25f97f9938cc2e59d0b98635d41e3d9560b9ee4169bcd118a01fc904993aa52d2d939f6d1df52905f7c2ea8e3e890332c5db961b5c5b892cae1587ef6a1148cfa1271388701481dbdece83860715a6737b4b9630e185e19fe0e2feef3f1c8eca4a5ce1d07853bc454c865a0679e9b0c249b0f6663f6262d9fc2f37ea5f83fe87f0db132f7fd864a9089176f7da2ea986f8b3bca7c0199343caa338c9136f216c5b4cb18ccbcb0071db99df3f730b172650fbf2daaad3fd4314e70b75a3087de25255c1cea55519048d439ec88ca9840c19319fe746b72642a0a2b8d557759c529fa14ddf559e36cae639ba786d30779f1bfcccb5dcee98a9377d45d076df062208d65ca623cddf2bae233b395dc77947":"1501bc2bc0f94c7caed9eec2b30d3febd3d7a6fada1031805e176f53a46e6e5f51376ae05c640f4f76a414bfaf064d7c" + +SHA3_384 long #42 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_384:"1f5619064d40421f8d25e387b2dc8d5fee1f1fd44532dfea41c5ca79e81c2974eb6d6571208a1c6632bf74b198feb05cc339019e9c109ea52dac16929eebe5c664bd465cb5ce49f63f6525bd198ccfa3fa71cceca90c43ecb402561265c9b225f20d65cef453f1571add9eb21fcd14bdf98d28c4546df7473e8e31fe2400b81bfd276acfc5633a0f2def8698910aa5312a55bf30857de13f33195060c3d61e2fedd1fc6710444fa8df658678568baa87f493363724822a5bfc6b5b3f29940dea2ad4c39fbd3f56aa9706455958984c48be0d38e119c5f924ff4cf9a44081acd21cf8697eb49c789bbf996c437e79b2fbf28c6b374c8e7721a584d296efe724712c04930ddea3dc05bee7a23eb0750628f7d87740a525cbda56da8f1d1e0c9c4fc0c2eb53219cab6ffcb89053d6d56d5735b905050dd11fd77b18d841b5393df242f8195866ce0c62e1d3dd89d9e2111114f7bd8c6adb98a17a04540b9db62fe4186fc52496822865d50232e99fe11addfc5946dfa68b60bfbd67ac82bccb99adacef96c097002600400b3779111db04455a94906a7299fb9aa0888affbc0a3d36440343353902fbb8ab7934317ddf9cd87ad6d0757fd7c18abb18e9842dc77e0aa294885b07a6b1f1bceef4f9a682000fa2e5bec9c4f2062272869477a693a5ce5737abe980501b35b18f2a380074b6516f3babd6066b3228636bfc489ad17cd7ce671e7f27a1affb35d4549b302a38544c633808a8b5cdd2fa3391559f134bdd94ad608a621dd8c89648f4919a14fe7ea6d6e3f0206431d8c377e44d17cb9b3636750279b4273e146f679a99c2c771372b11201b01f916904ba3759d898cf388205884ebb25038753dbab7323ea4592425ac7cf7c1e6e4afff30b5a588b9ed39eeb2584ed12b60416dbccaf9524dfebc43037b04e4a0147e5aba351389e4d0c1fe2d0d21950b4e2f9bd8463dc226da65efb08ac0eec73e81faaa6456019046b6eb2313e272824a8634b7d99df2c184c7a82e2cba44cebb513b8bd3fb744ed79f123efd300e22edfbc4b5c58868a07647f8e6e16f8b292372a9d904627662dbd11fcb3968ac6fc0e6b86cca9b9836476d5e75394f26690f5cc20c66298c9efbf36072491ae1bb3bddac473926060540ae4553a4d7baf0c77620b079bf0b35908c90aebcb552b7e7570cdf91e636a01a913a0cb4a79d72e465224fdfa186d931f30ceaf4c653c83bc95680752aae693dacc8fad92d62420e906344e86f83fc68cd51b191dc897ea1db15f45381e1f322677eb892d78df07e8e402a24878701ad81eb9d1456484dc1d2c785ad7a55c04147a7c0624494f0ecc5658a246814ab68a756f7ecc234a81466f7cef3728e4342c3e0acd7e2fbe5a1cc3fcf58af913c32a4106c8bbeb33001fe032ab619000e8f62b5d85431472166093b7441cca146841ea475919a6858130e864375cc3f849fbaa3cd77cdfb468212d513702da95ce56d8f7d6ee3b892e02f0d83a30ab147ec221716b3078cc78e5fb92754613de1cf172e1ea4292872d1c5e575de62f9cafd3f9c2e867c7026f376442a7f05b367b9a22cc3b1e93c7a6069ba9488536d706b79bf8f729b39e759cd02874069ce713da507f71892690c2491096a215aa0ea8f56ddb3f7f26e7b19ea70d8592bd370b3862c3358c332ca86c24e6139f7289c015d932697008264cc452b9819ba66f8c3dc1602f2ea2e182f73e604529769074a046c71c053fa46e9637f4112a3fd6bd6fd51e06775bf87573c8ceddbe9e6bec1d1c600145b4a63d9dbf86dd4670b6c75906c5626f46b8ab6729f68663d2615114c2c6bf384f77e46052368cf72155d180bd1ced1f4c6b4c5bc9a0e622fabbcb0da2c1ffe6f95e896859cdc7453afd046e60ec4c8e53577fd71096a502fec281912318695898a2553b3a143539a3f488aa59fd2ac444c66d64669f6c0cc6bb9c27ad95a495158c6f635fd07fda448284bc0e172dca08fe3e893382e3463af14358a8fe59a55964ff682ecc4c3105f1202de902fda7854819cfdf08b1ba43ab9fab7c1c2f914b722fd011cf4544cf87868350854363a5eb26bdd2f97e70c730d8a892b7cf60d2fd25256fa0121d888edb49ad6aa7074f318fdb741df46eafc915d75097e01ad84f09eeb0085ac41a4c4a046777d09a6b6079b12e3bb9bee4be7ec11f830bc844ae04b43bcfc53f6b0af83ee6756724e0c10ec8661d75684d573ded6844f870fe633efe7abdfd98650f107e922b13ae989c76a78589d172d1dc77e391a24e1dedb5de54d499a7d7efa5b84dd3637d3e7a39d9d6f44874e65a94572c0465b6d4fbee0c3eb12d6e02f012183211e34ddf6edf5ede1a2208cbcfc8024f2755d79f0f55f245793ff723529f5ab5b4742a965cd72d465ede322a17c0a3d4643a5a851131b5f09598ed41fc94a35e24debc6d2c6a6f962a469c0a1cc4604422dbe68feacb80c86b00f665d6391eb6c9e9ac6bc6dd4c57e520ee73c51c6126c80124c3806b7954643fba96c8d5f0440c5da298137beb10f635cf6efa0fcf02c074bb2bbc58c81ce81ce3dcbab24490530145fdf98b7549c74de801a3e6d26171fc54cf86dc96a86060163f94164023079e3ea16154118abf30e137a9ea91c9436197b5c73d0b8132d3fdc83e4a0c8491fc348d341fe85c46a56115f26035c59e6a2be765c44e2ec83d407ea096d13b57e3d0c758342246c47510a56793e5daeae1b96d4ab988378966876aa341b7d1c31bba59b7dbe6d1a16898eef0caca928f8ce84d5c64e025dc1679922d95e5cd3c6b994a385c5c8346469ef8764c0c74f5336191850c7f7e2b14be0027d884b7299d16a3c2feade719d7cdccdf62d20885a0cc41acfb8ccddd29ffbc7a53bb18f477d86b3f0b018283e3ca71155444d7a59ad063b97730975a1de4cc0c4eb37704c288aa96c97fdeed3140effe6a8c68bee8150193c9936609b8143ac711935cc145cd69af815082bd8ad54f84eccf43395344222439dcc154c1380e92e3844f93ca50af727a9bf65db631988e2138f17ca305cf530e3431a202f74e540eaed9e217b884c7fe89c3337dfdd20352ecf9f1a0ff0f0892c23d5c41fa04f7d8388116f6aef096534270a9a7e105cdc716e3ff11dbea2b0baf6de847e837628a4bd0972cdafcc7c2ed8525fb843ad3c8dc380dc04068a5c22249afdc6af07d6b0e4dce84e3af4293b38a11428f79fd9d667f8573d7925cff445a19c7283630c5aa8021c57212ef0ebb08d444a9c8338ddd40cef3486f390a3c278fd2c91163de46f1f9b62e2bb67b2e87d6c97b315de1690450083a07242a333877c3f689fe000b29bf21c0048021338d7f99adbb63e231517379556306a851163a6356a7e97121afd9cccfa53349f3a4377be66e2dd5":"583678431befa78e113f621fe22396ed963c825826e9314faaff5b9a53643552dbe0f3922b28558c4ecb26bdbb2dfa30" + +SHA3_512 long #0 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"664ef2e3a7059daf1c58caf52008c5227e85cdcb83b4c59457f02c508d4f4f69f826bd82c0cffc5cb6a97af6e561c6f96970005285e58f21ef6511d26e709889a7e513c434c90a3cf7448f0caeec7114c747b2a0758a3b4503a7cf0c69873ed31d94dbef2b7b2f168830ef7da3322c3d3e10cafb7c2c33c83bbf4c46a31da90cff3bfd4ccc6ed4b310758491eeba603a76":"e5825ff1a3c070d5a52fbbe711854a440554295ffb7a7969a17908d10163bfbe8f1d52a676e8a0137b56a11cdf0ffbb456bc899fc727d14bd8882232549d914e" + +SHA3_512 long #2 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"991c4e7402c7da689dd5525af76fcc58fe9cc1451308c0c4600363586ccc83c9ec10a8c9ddaec3d7cfbd206484d09634b9780108440bf27a5fa4a428446b3214fa17084b6eb197c5c59a4e8df1cfc521826c3b1cbf6f4212f6bfb9bc106dfb5568395643de58bffa2774c31e67f5c1e7017f57caadbb1a56cc5b8a5cf9584552e17e7af9542ba13e9c54695e0dc8f24eddb93d5a3678e10c8a80ff4f27b677d40bef5cb5f9b3a659cc4127970cd2c11ebf22d514812dfefdd73600dfc10efba38e93e5bff47736126043e50f8b9b941e4ec3083fb762dbf15c86":"cd0f2a48e9aa8cc700d3f64efb013f3600ebdbb524930c682d21025eab990eb6d7c52e611f884031fafd9360e5225ab7e4ec24cbe97f3af6dbe4a86a4f068ba7" + +SHA3_512 long #4 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"22e1df25c30d6e7806cae35cd4317e5f94db028741a76838bfb7d5576fbccab001749a95897122c8d51bb49cfef854563e2b27d9013b28833f161d520856ca4b61c2641c4e184800300aede3518617c7be3a4e6655588f181e9641f8df7a6a42ead423003a8c4ae6be9d767af5623078bb116074638505c10540299219b0155f45b1c18a74548e4328de37a911140531deb6434c534af2449c1abe67e18030681a61240225f87ede15d519b7ce2500bccf33e1364e2fbe6a8a2fe6c15d73242610ed36b0740080812e8902ee531c88e0359020797cbdd1fb78848ae6b5105961d05cdddb8af5fef21b02db94c9810464b8d3ea5f047b94bf0d23931f12df37e102b603cd8e5f5ffa83488df257ddde110106262e0ef16d7ef213e7b49c69276d4d048f":"a6375ff04af0a18fb4c8175f671181b4cf79653a3d70847c6d99694b3f5d41601f1dbef809675c63cac4ec83153b1c78131a7b61024ce36244f320ab8740cb7e" + +SHA3_512 long #6 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda7":"f08819ec3a9a9806a1f55be4f0e56bce084e66fa271784974bf80e1bed7b2be559ebf5b6396ce52f7db7ef45543965f83064095a70328489178718b491a4100d" + +SHA3_512 long #8 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"cfa6c0413dfc1a619417ac3f80fd38247b56941da8c2adf3ff70cc5dabed1875b0395d69d1200b73b1c7820b38868c5b38f52bf3514a96be12e27e34601d95d21c6f51c700b4edf1cac4b2079d487418a4cc5f34f815f469c4b44ef1a7dbaaa9597026c59260c9c22736c49d76ecf7430500b74866cbcfdb5e0fc4fa46cf5ee2b06363ca4ecba6d0104440348d191ec4a4bcbc9763152ffe271a69b805a0b9656970913dfd9e8c02cd16af33a878f083c926f48ab79b1db969fec493aef6c31accc1378867808440a5d5990490b07568bc66e9872904a0f46ae25ef4077b85ea217bdd12541a9472e2a9840e0d6ab55cc4a523f782f8c19774efbd41dad506bbafc90c438c14c780cab9fab9e74eb9452a0b29438a21878bcd4c6be4edac4e77bfd14a83d6152253a62e826de503880d37bf82d10924fab6bd23f04308a9660499bb223afcc5afd1bd2fa592d0322a9a30eab90bc7ac22018e99d2c8f573554c85b019d0c4cd75e359e5e9907082a8d660b353588b5f085486d89bd97bb32335cbd8b9adf7d57c72c078d9d08d9c09a70e43da1f1fe5b398ef08d2e06111d9a9b25a893a5d84cd643b0ffab8ef2755f781c1d6ca49":"3a4c2c9284c90515cb34a0895d0374e87467ffbbc7c1dda3239893a12aeae3b9951169fe85605ef7aa2c483662f3a65c72ff12becde50c23ec6a2bc8864c27c1" + +SHA3_512 long #10 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"43025615521d66fe8ec3a3f8ccc5abfab870a462c6b3d1396b8462b98c7f910c37d0ea579154eaf70ffbcc0be971a032ccfd9d96d0a9b829a9a3762e21e3fefcc60e72fedf9a7fffa53433a4b05e0f3ab05d5eb25d52c5eab1a71a2f54ac79ff5882951326394d9db83580ce09d6219bca588ec157f71d06e957f8c20d242c9f55f5fc9d4d777b59b0c75a8edc1ffedc84b5d5c8a5e0eb05bb7db8f234913d6325304fa43c9d32bbf6b269ee1182cd85453eddd12f55556d8edf02c4b13cd4d330f83531dbf2994cf0be56f59147b71f74b94be3dd9e83c8c9477c426c6d1a78de18564a12c0d99307b2c9ab42b6e3317befca0797029e9dd67bd1734e6c36d998565bfac94d1918a35869190d177943c1a8004445cace751c43a75f3d80517fc47cec46e8e382642d76df46dab1a3ddaeab95a2cf3f3ad70369a70f22f293f0cc50b03857c83cfe0bd5d23b92cd8788aac232291da60b4bf3b3788ae60a23b6169b50d7fe446e6ea73debfe1bb34dcb1db37fe2174a685954ebc2d86f102a590c24732bc5a1403d6876d2995fab1e2f6f4723d4a6727a8a8ed72f02a74ccf5f14b5c23d9525dbf2b5472e1345fd223b0846c707b06569650940650f75063b529814e514541a6715f879a875b4f08077517812841e6c5c732eed0c07c08595b9ff0a83b8ecc60b2f98d4e7c696cd616bb0a5ad52d9cf7b3a63a8cdf37212":"e7ba73407aa456aece211077d92087d5cd283e3868d284e07ed124b27cbc664a6a475a8d7b4cf6a8a4927ee059a2626a4f983923360145b265ebfd4f5b3c44fd" + +SHA3_512 long #12 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"e34acd510cb32ca5f97298a3829244bb23322229fd7a07821dd40a8d01582d5558873f7c0a3d00d278e1872605dfe15dd558fbc1d518c19bfbc88803cf64a9f72af06fab3d673420d6f5c6f8df65108927ddf63066c980e77b153b1af79fdcb7dfec2785ae1a0fb69a151fbf180e1867a229dc1eb8768a912523eb7b83f00dbe01e22db2643cdabd4cab5824b9c14320cda47435d40829bf815a5fce7a3e8333183c4adb67b6de5c751e3acec966d7dc31b7881ac165a29a182361bae573873faa6146a8c07160bc9cd68d6650e41dc254c8de788777404971e4b7e7cb76610a41b9e9c07654ab04493b199357255dfbc04140f52f244af414062afe342f59bb64acfbcc9146065d04b5a5fee410dfaefd887439bf5607c58af282a72986b77b9ca243731a31b8ef56acfb4e028dea04910742ed42f4c0e25a0f8789b063c2716f038a5e18fc0ae1c688e12cb684c725062474b9bde6be730cc4014dd4aec3c667379834938f445cddb120400addbf38e449d0443a1446a1297bb79a9a4f02a10ca6359e94d2ae87218f803105801866b1dd2037c066a393389b72190c2ec72be5b9294421ad8f8b1c8ac8a8af561ad6f7482a3958c41b73c18cfa7231345a8b7ad63bcd4508318f560bc24c11450fb13df1b7f30916f8664cb5174c114702ea536735e205cbdabc567834c632363d1e0c428e0ddb4480966280914fb5500970f9d2dd2a6bded33aa43be7bd1b12ed46eba2792ed636fc2b8a542f242438b544f381fc4e7e296430c8baa3dad2bf685062793efe03d4b34d4d99ba7366e54f8fc9da59f54694d4":"a1416054e488c1e013762d642b2c63361b33e4fc528149845606de20998bf2afec05da53067477a3c27ebb3c0d24ad3dd6ed390335977f129f1b6b1526c0e0c8" + +SHA3_512 long #14 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"0d542102f215c793f81cae2e79e5ae58b4439fa0d05577301eb6b2a19ff5f714c645f87e7e759a436f2256077d2bdec0926504109e90d8d3dc8a11f456c3af84abf1de0d10051c23955d9e3daa3bf0c3e176dd68f56f8eba0c47f6f7394f6d2345c09a57afad975cf135507905fd2c8828def04fdedae00e365527554f8178181b1bf605635551150b1332629859da38ef04066e5fb915f7e21c6cb4a0421a8cb568b8bf34e593776c5d0ea16a3841fabf52e66d83f4769c99048fbd357899a79c10a92c2b45a5aa9b7daadd8380aaf71e2f5af34f744b26e2755617150d3e90577c91f54f5dcfd520d9cebfec1b5d57970328a8cd1fdcbc46d78b6a48e751706e1338c2a915592184db44eeacefa241af37193604de70874c92f460d7f01a6e6a3c653a3f568ab54ee9d313cbe6c1ddf031f542fc9a50af7c0e5a9fc90ee0b3d261e2051b06acba066d42d652e70154e15a8477be39c55b5eb384cf262bed672ee975cc450f055735ce5ade48d9acce0a1a8d7a51a515b37bea3c99f72e87b0073ce737c357deb56274e3d4b5a60872f4dadaf6bdc488e05a1948a543fff7b9e3c2ffed9fc87efb15c7a55fa1355e69260031910b80680a83aa719a128685a84de38797e1492f52d62f6728156ef5db28f65bf342bffb587f037f206cab78a6ca0745dc8fc137e22e14f3d7183917ef832220c56a6b8bf3d58e3ae15a561adae4960365b31adfd2a4de0f13b37e0acdbeee47af8c6b5e030db16a82e36fb16d22f887d9543b6f4bc1f58484ed25179e61c19a58aea7bcafb0d6d6ae10de86860c9599e17b0c2f740bc119d3ce16868af502df69db07ef1f4564470be88be14e2bd503252f7566760cab98a85e3a9fb8011bdf8918733e7c54c38541735e09ed06218c4c785e5e784c19c7aaa677aa51":"0cd249160510bdbc1a117600ed8dec1b68b541c684337ad39e8dcdf84bc7a9856cd8e210098e1ac47fabb3af0a4313a4a70f388b11ef53771651d95131936ce4" + +SHA3_512 long #16 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"802c4c6faa7e25b79a985cc98b972847a2dfef587e5f7205101646e4add583f46147c0c987303ee996f263753e556a0cb4875aec4a62345a42ee7145e427ab26ce009b2a8ca74393680b6c5b839c531b2551a02c52f0970c9e8a92034244af066e5ec6dbe16d9e7eb8eb60c483f24b3e9e45aa60bf9003e2cbf19267eeb6f55dea692924af0ab5722d9b25f666e2ba3bc76a60d0b8cbe0a6722b57b91005e7f2e929ac4c1e04f2376f22a53a53f108db47c8aac36627971e3a41cb41d2b7ec8f14a7389d55e5bc942788c6d772a99ee6c7677183f02e8e13cc3ad5465a566bfa13eab35d7d347a52fdd67217ec91e224ee509b567f682e4ccf1e5c12d06acefc8dfa07d5bd7a963998139040e9313d5d658a12853b5cdf93ecf54aeb5d797c5d2be01a4d3e3e7711a147089b90121858d31dbc574b920aaecbc8861a290ddde594a3d60d270885a2bf7ac2700abbd9dee1128316d8921566139ef8e65bad595c704b215ca16128b49bb5a5077fb4eab737704e0809e56a836c8088991be2588969e1e584d4cfc80edcff9ba71686b1ab7c3f047707126fcd80751e7a93324235256b09cbe7dccd792b618c99f7b8988258878fa9f9a18e0cf485a2d0e8287f284cf4757a03109fbd30e25e264bd205037551d6e7081a2e0773b8fce44549772a878111d84ff2a6a2928afa943a5d62f778a4c1785c06b687a31714fed01f93037e1cc52ff40a4bf0fa61482bebe016260c8938a61ced90542ca9d265b131397ad8cc79c519e0f46e0f70303587e38958d70723b771552336b7771f631107d2593d9a15e4e7fd0be57abe9bf835ee235581266af482c8d7f5ec87e13e182ac766578c81d286e8f61de2536fbd1e8a4ce4b3eef6a578cd145872e3023fed217e6acbada5d71d291fdef03896cc693e6ccf1568ad127aed4228f29368aeb974612c4402693dd449ecf04c74f66d3f93ebdc4e9b7882b1aec92d139dfdd3a3acd7766895b64ad4cfc71a9d0f79e8c81031d40790403f449b122f7e":"238726f9c46f44f3457be33cd360e9a369b31280ab718b01c4b8e324e40712f8911aa4220bc5f0e9023f47f48028fa37108dcc8938a34943775617eb129bf7a5" + +SHA3_512 long #18 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"1f93eb3cefd64eca5d7ec36cb7f21d768cd6854262ebc930a730f7eaea4e2bed4b32a54530fc1e973a185c6578aa058eda30b114e8634222b35d784e0c01c01bf5984dc255b86a32f06a0f55958bb29599735f9f85d50b660ce6266b40c26f3d050b0c3bc5d3daa165bc02c3785dcd93b3e8b969a10acc04981328ccec57e05962d40a39e81515ee83565d3788e8fd910fd7e4fca5cb2c02412ca7f67a89ba7af63b6e432645c421307f49392df4eb9595880be0f7ded36aee78ca735020a5a5a88761e2e72d8e405680ee52cf483eaa2d42549b010b6a448740bac9d8e44be460020a9d93931c55dca17309d6ad9fd5bf4fe7b72a1c9996f3cc9e83789d513e06f292fc92401567aa2a00e7abebb62033f5edbcd9d7076a1c649f269a1262bc83a020874cfc227fa863bf73b4ca2a92717d8e3078065dc7e950e53ca50c2464bd54ddc72a8eeba4be94d6355a12a433622ff19d6e6f42b642d7974d01533f409d56f04392c017ded4046db5058acb0cec523f8a23db5f3d0f43dddf15af5c580bed8283ed584f35d2fcad7c1efb4824f8309f80ff115c6738dae07c4be823b2f062bb10a41f3ab2a0c4bd110b2dc2846f0f3a066adbe039a6e5c8ab0ac53b5832fdc2711ddd815c26a4c6fc36e8e232373838a4ccff93bd3fabbdf5bb0f4d52bb06c02ec25acb3c4de4f0c605f450383af3c0e28d461efaec76e6e0c48e00a671c5dcd0fa5dc158fbcb62f6e218b39e5e87fa49157829f8968c6bf68e0afd5e3e823fde2cb00bba19a24514341db36a8d3e0f60cc5d5bc0233675bf814beb82098410e0c219506a90b1c0a863ccf9a6ae5e27af1bbc5d597dbc2cc205187318ba14785f2361386e4640fc3bd7eb2d59a93069bf685fd6cb8a66b787833b3d2a387a9fe2b7506dd025972154f742f78c66fcfe171c0c6f1f347c3e96617af0bf6dfeacf1e6ad949814fe567c2d9bfd46cc0a0e40a08cd05c6145eb78099e34e040e8c814184258ccfabcc33ae1bcea8fc5a1c0c05ba7a08afb0ae4b4e16fb394997f1ad4b5d55e76c11a9116796e646f390a3c21b42488b2e91351d253b412e3600ccbb8252f519d5060e8985e7913ef0e8eabea15cd2fda13a85b5ac637fcd57dd7":"d75e227a5ad2d3ea262dc663adac6e339126163ac683b3e62aff92653a3de00986329e4c6b79c0af3ed614a3d10135279b92d6f4100613f41feeaffa170bd098" + +SHA3_512 long #20 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"09ab78274714140e9e25d81ca9a1cb475945094f39fb2296f651bd311e29813f28b23579b597250b1576c8a30d93a1c7d7ce636b6bd258c3fd900356c7ec055408b53d294ddb3352efdcb76fdd80c59a9bc6acf88b1e6f8d6cd86c5520dd3b90b29dd95d9748068a3441ebaba1d00069ad172d1d2247309e4a133e56b165ed9c2d50513e1c47655ced8cad7de2ea1adc13a72e03b7b5609b9f28c28303ede11f81b8edf3633e1a7021a5450d2638db9ad760f7d1d2cfca2f73ff40029ddbe0c2b7bcf5a4f496eb6dd874fb84f8210b4c0128cfb0fbff3500cf8000fb0798b22dd643b07b58b8a1fc1ae0170add0d719997e900c8bbad68b6ba934997ca8d1f07e637679d160a04c4f0d3e0c65f64d62aa38ad040993f2cfa3d2065fd6d21eff8f07f6235b6f6db6e61359fe1058f02a62cf388411e1e49745f0f9a5778bbe9aafa03e969c1e3f0a176ec9d8357f4bdb63b0c6ff2d0b287cb284831ca74c5d7c20fab4461be39090636e11fd2defccf02d7bdcf7c3a63aea7a0b37180e8a67feb345fba46355fef44a9fc70f9210fff3108eeee06e19a85b2d039a4a15cc6a9cb73079440aebf6a04d726d71ea99616ecd68716b94fbdd591bfc01054588d1f0ad38b1b76b2c041eec9459b6afcf7ddda4a708dbd0b3666ef7531ffc26563a8515dd39411c8ca3ea986420504a49c19a46b919b399d6b0072fb75b7130ab00b4817c74a38794527de16065d1429eb95f142d28a558ec66bc25872816ed0dc11960b5084144c99c5348278ebc4114e186ad51ca03b64ad6e889412a4fb3e4f82e3415489cdc92fe054d17ff63ae62c69b72e552710aa8ad36cb83c6ae4dc7126d9bfbca28a786d40e50b05c89e2fed517f556765ffe5c46015cbd8194e32abc41e8f711773e2bcac9039f1a71975f8986a5038a32d9fc3de2cd5cdfa63c963265ab95a30b28e85edfd612bdcd33fb7062229b228c55fef1458df05554b28021236435e356c042ecbd38e9aaef31591624ce8bc3eedaeb0cc42ef67722ed7f1515937676dcccd210ebbc52867a17fee7693933d2bcd136ecc9210db98335f97ab6d9c5c21f770c47e5c10bc4e070636089c341f388f1691ddef47491082475be7177b2499187581e35f763eaa4a31d2e112d249ad583f81c7019e99234417a7cf01dba91d5565bf046b0097c4958928c99b76a3d25317a652711cb316a158e229d3c4d2f5d6c7e5aa29b4ade4":"2c1182eee0a90b686a14e5c7f7bd47f89d44d531a53c84e88c459c1460ac7d2cc7922b7be672596d55654cb388cf9b3300a9f31f18fbb45f89a7dbee27ed462d" + +SHA3_512 long #22 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"85ff5f072442756665a41f36cb2c99d3152f3458bfc3fcb5cc759901c33f7311f8b41a490c7ee4b2b70ad84dc582caa75ffcc8ae8cf1b5c3f8f03410f393c81cbcb3399c00d8398d9ef3477fad50d434c0c6a469683178f4fb22ea0f94d498f45b6284aa0738bb1ea1c735758a7efda1bff591325c6b8c6f5f7282a6afe92cc05d2bc5182986b38e48ef6ad764f38e17e5f157b16f873a5dab4ac67c4bbacca94875c2916eaa69041bd1ae4c4499cebdb822be8da96dcae668117c3a702fbfd7a6a744bbdf8c25a9a3d6c97c315707bcc2f18e6f120584311d2e6d8726304f71fe2b133e83152fa46766821033157f3b8bc48efeb338af67520b610c76a5c29fd968f7c3632bce1eefeaa2b052bb8063990487e393ec95af900f20716776618bbec6b8f285b74c3fc4c8f2039732505b761a42c5ba0a7c325da2715d028b745a35ad1d72f3a2ef2e6d6a37b20960374caa6c844d317bad18442c1d784ecc4337c685f0ecb5d2001472363c64b02e7f5ebb641823ff257088ca15ed6b53221548fab6f707d131c6185c96c8c295846eb83369c5ee2cf20daa79c6a6de197334b558a8fb6c51a68b63b2f1a274bf4b4e839ae25256c1c9cba7d8a51378a9a9e6a769c4c3c23c18951cfcaf9321366965e676398805c591f3a76f1bfbe20aaa7446b37019b29b712e6cc337637103c8fc0a51d52fa04034cdd1c79125c4446026b9c015c3e475989c7b8df3da0e2d4e5a17b21e0fd23b99a14e676d5ac460b14329181c8affd2752770e54abf9dbce5c934227cef40bca8b746d718628d658715bd41eb36acbbf0197450a4dcc9b9748f8928579895ce4956e0a0fb05c55bc9e29ec5ec8f9236f1b8ae5869f7372be3f53f4c17d3777664c844497d0b154a5ff3f32c865c5a4e604e478402d9921a1a437e1624668fbee1539b5a053b243b3090e5fc2067ab082521665cd54a808f00c16d0fe71984ada8400d5cfd5e9b3526009cbf24762e6e287934694b12a9907fb735bec6b6fe4ba2d7c1d6cc3c2141288d3ffcf9528a8752a0d932cdf8b7287e6cfdab2a03a7a1b55fe050da9d5f661f7df63c07c3685b89dd7c40c1c54f5ce629ee5f7cca24b6ca2291528f49fcacf119eb06b69170f3b677451990411b369d36306122d12093ca66fd655307a11b87a943e26e834956c2b75d47a334c3bd8cdbea3986e1413e9b744b108ea1f6bcc975295897629c8c93e5ec526166eff99b6045700ec12fc12794a4dca8dda2969fc4c3f199f6109e134919c0319f46f3b30c688d243b9324540d305009844eb1f2e03934dc074e93282a0d1b7da670b2ba287b182f1515":"6d87f523d51ebfc11fffb33357ed7ff3e4051f58a52d45fba208429ee5b53995e5129d35e3b8d3448a3f56d32dbfdc762a1458569c839a4a1c57b4d69251f565" + +SHA3_512 long #24 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"d43522210236c67e4981bf3f441b941cd52c5732b94ad76160fa16f3fc74fe7ed9a74f0bec7ddc77ae60f71a2bfd2aa7554828539fc0023ac7f49efef34666b100ef3df51743b76181368927bc203ef4cebd2c18d978a7e7f0e9745f299c800bf314d226aa0fbf04690c5dae200b3acde6944dc990fa2c3182e1805ec5feb6535a1ef8e8ce6a5c280fe95bf77e4684f845d471adebcffbe026e5aa42f0f46f53dc169681abdbf6941ad56b49ff5a863d9485820d137e7abc83fbda55d10714d12203943a68eaf51133d975eecbcea6667baf67312f8f138c422ef8dd91be0b96d4edd95b2e1fc16702fb612c092a4e39a15b0861688b2d1a0a83ec2357a2bd6a99dc4f2c2403c25e2e45174ce1f7e580af914de5e6f92f2c84049e6f4c3a921419d9ddf5731d61bd60bf7f957cbbd3014c571e04d061838b57b8f709970ef35efdeb6bfd42f5044e3f70825102017f8521b763084e4b90ff2ca7dd3862a6460eed1be28dba1415d7746006c69b4e53d3d6b804378a40be50abda3945d28bf4ed907028ed0301fa21a697f43e6d2cb6b51262e9daa9c775457b58f478114466c38ff2266544441df47e1e35ffa32210f17dbefb38d6691da74529f4194759035891a9c43da566e418a4fcaf5163b9ca50c0d3209b37ad1e3eb05623709b5232733f9eebbc4feeb954bf394c7ed5774a9a83aa4149f41be1d265e668c536b85dde41d8812b6a64037177def3cd23e7f9976d49478b363bcc2b0be1aa5f4013eb5f3e5f6fd21d51293876f18c85728e3f0e27ba18a9259648104b50d387e0e944bfdf3c9ef9913c956e617dfeefedf685c959059eebe8b3be4bcd3aca853ec4d0c5cb76f5e8eeadaedee3873353b9a6318eaa30bf99a81a94a238a777a1832bf63baa155be65b2cdc4fa21912f90126ad26c24565fa8c5434de359fc223d7a721e72622ba3d00428788463a8328ebff5f594a4b7757bde804c76b2b935261bfb693e5a3f9330676175278f36e299fb8b1eeea4bddf8625e6e248352d2774afb1e058fa300119551f475e04bbb4546d90aaf494c7f25a43fd8bf241d67dab9e3c106cd27b71fd45a87b9254a53c108ead16210564526ab12ac5ef7923ac3d700075d473906a4ec1936e6eff81ce80c7470d0e67117429e5f51caa3bc347accd959d4a4e0d5ea05166ac3e85eff017bff4ec174a6ddc3a5af2fcbd1a03b46bff61d318c250c3745da8c19b683e4537c11d3fd62fc7fefea88ae2829483871d8e0bd3da90e93d4d7ec02b0016fb4273834674b577ce50f927536ab52bb1441411e9fc0a0a65209e1d43650722b55c5d7ef7274fb2df76ac8fb2f1af501b5ff1f382d821cf2311d8c1b8ec1b0beb17580ca5c41f7179e4ab2a4013eb92305f29db7cd4ac3fc195aff4874ca6430af7f5b4e8d77f342c0f578f714df4728eb64e0":"3e2fd51b402408073de5e665b81cd82052a11805345132a80f769f9574779081de8604f9a40699db3473fba4807eb1287dc2eb3e59763f21d81737b0ac6915f4" + +SHA3_512 long #26 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"211909dedf08fb0d8aa87bab8d45f6894b458761625e5fb031066ac3982b3015fe25f9d899e934d2e97f196a86b68e031c164788b4163248358f12052a716947c5b59cf624925228d4f41d38942a5c185bde60e89c4bcdc7c8aa43e915ed3ee97eb03b610a6d1db952efce3c3d0929710f8718a8a265f9d3f23f4797e00976a32f001e41d3e05c2a6b58769f0cbbbdb540f8b8f14ecc7e14bc366438132cd81ce28c8dbd0555d92627175b8886a8e08df61987ea29e824342d77e3f436bd2efd9e3cd0fd2a335a538f14c52035385aa13ad2cfbcba22b3d84eeb0cf2d2263eed6cf82e2ac9e2a859aa38fe8fa0d4f298130bd68e89e0f2aa2578265b6eced19553a8f16c6bca8be181694dfc4fe2721b8aace6891f8baa52bd077b56931dae9d5b345fea9753ca931a90f98fcbcca0d1a69d45d4038ca3781b81510cc87b9fac8c84c1cdd5e52f167f964b729bf844636fc63b99bd49a5c349ccf1a595506a6aef815e3cade88013b8618bca47d02878ed1012fdd62c78db4ed2a3488204d8818b118060a8c48631cbdb01c258ba13b92961102ad59ce3693279ae1d18ffb196681d6d614de10919c2ebf47f5520cccd2aa37f484201b015fdab5c4ddeaabd548f8e6e6625a7d172a478ae2cc6691c5ef8bca57ea6c2a586b84ff3005d6bc360074acb97b77fa5e57a6c75ef33fdcb119c96cbf588498b656b4dbc5d1bab8d65d83bcc1d8bcf4e1a4bae92f02544a1901d1738d570fd29591c8dff8da2d3e1090b48b920290095b81f264d5824a6668383293645e646490bd5f604b87a4988f4a758d9c71a7b4068ffbced4fb68be191d7b30b6d738cb1229d72120429774acfb455753be5a717d1f158bcfc655bdb63209c00769e372a477de9729c39c3ee423b26d5a412ebe49c00e20088b87e1ca166ce5d88f0af7c227b416da632973ef442b3412929b16d703142021b375c6cf2b1306acaf05d6f5aa263494b9a5a008ed4e401f2b3607bf68e600adb6b5d93fe0aaa6f6526a7cb98f7374eb2fb74fdb7f6a15c28385fd6d51e245ff3dbea586e7824b3811af6578384a5c604dc4dfd18b2d29cf33e1846b6e9774b89106984ea04867f4455b3dcc45096f768c64dc8590f5f077a4ff29341f83f14c69044df19b5b81bd95e44220263f02a0740dc25211630e6e6f255841d526603d1e5e131a493a3cf66bd13f1e6c69da808d262dd18cd2d805eb0a9e3f3ffd260d396aa4232a62de314fb8611188083b6940447b8e73e3f1f0b0f57766a086d73f32c05da6cf73f9e0a9f07493f998c9fd35ff37e36714c091599c5062b741d835a2e5cc0fa8dc2497131fd63031a9fa9ec6acef7ac6c3d87a3d65c5add4bccda2f2416bd83709c2c7039d0250e0aa31e08ad41ebf239fbe1dd4d843c299661be9b979b99afa9b78f3040e758057182444eb1b221b0e06d5fec86a672b75cc478c60e531c283ff9bad8cdacc493572364e7fd8a628d677a49f80928c52ea5dd50d711a60d933a4cf4916986305ec56ec5fa1a327631d80ce6285f74":"07a66b976af9b5982d5d776da8a7db28746161bd43a43e562c136357b0aefa7b8c33b8ad2af6add3b95cc962cd9617341322fdd2c07b4d65becc43a80f3df2a9" + +SHA3_512 long #28 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"97a89d3246067de18c799589040075c9e0d2083280a2c7a944222c0c9ec66a196bca5b8b8376ba858ea192341a74f6b1eb70f32492b2c32f4276438adedba8ea56e66d2834c88f9f7264fdd68f0c4a5fe28ba6fe2d690c0e756abd211158ece70202bb51828566f5dfcabeb58a50da9b6b2c0908784e0a0e8605801a5fc6a0d614292d4d9534a6517edcbe1934c90c2f315a048a9ce926f61d5075bdefab2b803760ab66945db779f7a1e34cb5fe49e1da1d7fcbc1c2c690e1518451ea92f5ad11b11de2a7890135f12116953477fa7b0f7d62140d6254a27b129620770066244a236b0af83eec4f1565403bd9bd85c3778395adab5036f5929b9170bf7fe6af8bbe7d26ac07e08d0a744787ce575482bb3600dec114d651cff25f8aea96dd147c8b3b7eee6945b9785715c138cdcd7f829f8cef78379a7eda21e6b61fceb31cc4918e59e4ee83990914903142a85a8475c41f27f740ec435a30103b86add08f0bd95c01b61d02f663b5a21e116f62573cafa2cf67b73369f825c36348bd9c35fb698fbc8d7e2a972e4132d2d0aa4dc17e68fe2fef24d6b95b0ae9748d8680d63a4b0dd3919a644613c12793a5e2828ae3f5198fb8103ff82be669b77c8fe2397087c08ee9f816c9b93c6baab89d6b7a1560dd37e903d5f112c22b743e602b2746238e34be21aae9cabae55f32666f59b9b1316eab83006bb6a517f3fa81c4686329610f379b866eeb447df93bc2f6ee7aeefc7e261a282dbf97157bd97b13c471a020657df01420c6e01bc2fa3b6802fd2128ad814fb500d6a10d5503d482031591b37fb7a7bac70399a70098582e5ded519c44e5aa0faca3c9e7ca9f1778ecf90301a50e49e22a4a7409fc3da1aec7f087408a79b49ff9cd198b20d6c95d48c5fef41eaa5df312417b2afe0f9f5108aecafcc966f4cbaffd99e19fcf7498df218b7334b26b554793b5f04d39d97fe7d122b847d3f3fc95da50d291b39f9379b3b0672d4efc6f91e62a4433e1d8a12efe975c4ee9379b740d46443ca9d3b5de2677b652a897abb8e3e30ff630221da3df32d024cf4a0e143d8320eada9766d520e849ebe5c4708331e737df4d415d0f1cfafc11aeb4bf3d13104fe16d730e28490a0840300b27bb783ea63660bdc7395df8c95faefb14b736f4b8698bef159d4be5db98aff5362862f14243931cc5eb49321d54f6a97749503742cc5c94e4fdcb81ab3d8a0906929507f54d0ce8beeb88b2e23aaf454fbd06e2d75007e9e10f74e75e75eacfffc1b988a59ef3a81a02c380fe57005804d902fb5e3fb577759deb1ede89f7d0897d777d3c7c71e540f8a2a25bf41269fe66ec8dbedf8dc4086ddb2e11c1d8930d8d77eda130ae269a95cc22df580d00a42b6b9de179b85a0349ea20e164b6a1f1ba60e0bc02d1f38fa1ea0774cd18a660f22835ae545dc1ccf7c0fb35bcb8809fccda5e753902d487e3a35a01995be19981cb5c0dbaa57fcd3f06c7f40f07ba7d8b8f70b41f6b52ea24a0226d05ff3cb8a1fb1be6f1b81e6deb648c08a6cad7f5be241d61fa31f4212c8867a2592c3c231a60792142bd2613c1815358c92a5d6e2f446e64137f4392c3043287dd096b43b4a37ea7f5dc1d298b0623ccbf4fd650a49569a5b27bc6a6":"767272f34a51e2ee0b69bc9d7a8b15f71c7f1d6c392ad37b4d2b43d8e989f076ff7167e368639eaad6df910eacf848c5f47979935988265bea455a15466876fc" + +SHA3_512 long #30 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"dfb77844e75f85583be98d8b02b601d95449ea7c954cd81001d31bf487e536f3db399124c73d6e0ec25c1e10c381750157d77b13f2d464fd8275c3594acbfa4aeeb6f563caf118c4884e7586f243435a04a68b6c46b5258e5959e392cfac0cf740b80cc9998269c2b847f9b53605532d843d83513af7020aab08e568bd905442f8c63e1ddcf84b4f78cd126538ce8dc1ff24c98875a3e2bba3082fa3bd7fba733e69f3293a5ba5b5f06a285da0a6d9609ce4c7d9a0c1afe766e32b0b768226d13c2793b35cb45e3a4aa5a36615951f508304e40e635750d71f203f6791a080a5178b8684ea0a6027ab06ec483fa447dadd0c87ed656fadd3f448d581b5e2b037fa1a34648b6692c43d1669cbc7da3946d2851a404f10ae220de2541f8b4e9ecf0b5e061ae7cfdc58285c83b65540dddc89f604cdc8433b0e9376240abaef33b572de6270a74d262d9461a2d390dc1be42be7ad5d790f3cddae8dad0aebca55305822b12c73e85889a8ab2fe821b8dca5dfe07db70a7c99d885ae56e7c6e9ed8ae5b35c17f2a95bb58cc490beafdc0668ce6adca522923a4741618968f253e4094018c9f9cd9715f969342f1de34e83751f0c32ed695a0772092eae56181020f692d9629aacbb6f9c678173cd65183914fb4fe75889dbe9a0069e2b79df298b99027f8ec1351b51e8ad35c395dc42128d8aba63ae271dc61b60386999f0a50c39b991b43813c1a42364d7893ef1d2f527f3d50eb7ee2988293e84d07ef28c8a1fde973ec5ecb54e96b3f02c914bd2c92b5f28513a83061513c80bc9ef8ee6ef949a19933169fd3989c3071453934978e1f53c920191bc57212854bab66cbc22de15a01b4331a34b43bba4a94f7040e991de983ad2be54349a83e80c9933150b4576b33ec5edaf6e0ec450524c8bbe048341c4b276b2d596c8044d28618cfa9213e6db647d4427893006917a118bcbb1ff474961b5164764f1d00d74d61e729f8e8c9ff535df1584f2a8f28667196fd84c18aeae5692b3865e12b05abf92851a00918759b36580479cd3f8df16ddb361b3db7b0323cd20e357f0bc41e58f3bebaf1c1bf8c07f71b976ae2dede67e9e347cb939c7e27096652392bb9111be9dfae456e43b23d5efc4c86218189fa5393aefd96f615c221df30c2134b109c6b22fe6666988a60e024fd91641c908f98b595364a53b598cbe7558c5b00b95518373ff7532480fd2b243f2f33166ea239c7af28163bca15680d450a5b6067f0416ac75abc8e427cb08865b216f590dca74861259324cfb276cf63ceace0a8e8975c4912fb2c2b69f0b015cc7830839971c63fc13995330a788c464bb807f8988a8a19b2a784c84f6c49c3d0df6dd36319bfbf8d82139097fde260f4155ce39a8b52ddbc3a3e958793940451c4f3ecb42f9344dd050674b57760587a4d45d6692a64e9823ba00fbcf74d3bd1c1695c26f3ef84522b143c1d65647120b8695d7ee83ee1c7145fb36a17d3eed35d449e162732e26f7c93632a588d6f99ef1de566352f4add6cd41cf975a6a1d8d0fc2f1c3a0be397622a9656c149884879fa1a9991d48947ad93a8e58153e954f5268b939cb8fc6c8430223d20077faeb18449939ebd21984f14e3d8db6a19ca122a3036dfe8b1514b4ab347f565aa5f5e231eeebc57a831d9de5a2dd437d7cab09db950740996d83fe0a601c1e28cbca87ce7056b2281c6c666787f1c6b97b968e7838ae9aa1183da8896f515ecbb5":"c6844ef20c8d121ce80dd8a3cee4f36501003232dc3e71519de69a4cf77329ece5f08967517804941bb00d65a864a0e82df5b5452d3700e4cc0f5b539ced454a" + +SHA3_512 long #32 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"1d024b761257e905688412b42057f150daba54c4ec7d5ef4b5557be82f24992dc47a9678635cf48dd245d45f466b227931430d9c5b47baaa34f739c2691eb8adb556f679facefb63904b07fbdc6dc8822534cf97a4c24513da63da3127cafff2979e55bfff356550499f91ce0ce64a34609484fbf07667f650a0487b91b1d7c313589a939b179a1ca5475c21fc5d1257876b131166ea891c3eb669e8d05aa9e9d18ead3df5fe028f4e4d4e3bd45a87b345c264212fa6114e4aae27c20c4ddb2d7847760537710571e9b85166bd65110f3fa05f73723269521f8f694f6c13d755b08cdc3386f90b8921914ce8df071835200dec4e5817f7f0636116d9193303292364ca0e0d1d7ca09bdf260a61c704eb8e11f3fc09dc25f2bf2c18a63b35c97377d725dff165c07e02aac9146b2e3efa31b55cc3ac095a1edaf956fef9a290f954edd6ee5d593febfcfb1c4e27c32c2ab3000fec6926fd3e5dcfb82b7b01bf8463afc583778261af31d907ffbb0e3742b9fbf4be69bc7818efb72674eadac0dc4b24dae667678f914b4c72714f97c70ceeacf483d452327539b888206eb6fac9b554fe5e56902f5bef5c45ea0ce7454ef71df581d271931ce2dac6782e1bd513494817356c86abd3c71268b3198517d17f56e00289a003d79325c9c45394b981ae070eb1d0d069c27b75c4149ff9a75d2c5d9e4c2467ea6cf4a2774c04a60edd8d99cc1babf6d3efb38d3f54c6cc5cbaa63c16a7c94eb0a4ac58b9576adb3ced8d0738bb24814f241663c2bdb5859daf96fb2f5da1debd476450782eacbaab7a575839d864f847274cfe369595acd405a4a0d3b5d39e7a1dc3909a1af4cbc44b9294b9bb92e322c1fe6781258dc968847735e9f687174ded722208616797ed2ae7c49fadd7cb48bad4a48db5c665c1f4b8c15869e7cf9f81180dab4b2fa58fddfeefd3f45b3621da75bf408d6807471d0e4d0a561850d99f5e5a6a22747d132d7e1d3cd845af15e98abf84f49a3862c722e0e60545226110ec102c2c5da8dfe21056c4a3bdbb8caebaad4034847f7ab99c82d4bd94cba19c6937dbb313ad5dc45ba3529bede4eef2ae905c934f64f7bc233bbcc72dd5ff0a7ed85efdbe14f49a080bcf0afbb1a37d0d70bf5a236f41985f14866b39c8e524d2fa9d5284660b2ebe9721360faa1317805653d02729c015f9141bf1e02abab00ea580fc902a0c46264e31685258a688af48ff3f8419dcfa994461a14985e677d9e1ef4208e85eabe738e7e7eb42c5974151abed61c8fe11e6aa41c39d60d141dcb7d26b15296925aa5d2bfd03f1d60edf763f23e7bc8c208950a39e0344e3d6be2e11c0de73957c17c6e6f0c2eb43b330c1a4293e7ff0f0293e707ba4b884fd284f94898c514a77d57afe094fba724fdd39c0478d9990496f7b8ea2a8441c80c221430e4648f0df8d815d90d3e5cda98de67cc5fc90d6f3030fe75b3670132533ac079635e2ef7ce6e4e9cd75f5ba8be9d1c1eab5ee29b58c0262ee76c5d1b524f8c66a80a6af1689aa8c075e71a3bb98017500dd3af058b35ce6a291cabef73c0e6ad3511c99751ddb2d88b5e1ef02437e814d9ffd95a51f265dc1af0842b524f5d917cdcd13604b80b496a3ce06289251ce1a21be7f617868ae91f705c6b583b5fd7e1e4086a1bb9f087a50bf50f52c8143ae8b0516576828c15b924bb0c00257bc526cfd5bfe1443137ce33c3531ba16c753065bc24e95707e66a8626a9e49e100d9de8df840ff71bce385cd1da3e319444fba46eb0da747cdfc60d05a17ff5eb05d9d77c72f2333ebf95dfb70145091a1ebce50f95d47b69663e21feaf3ccd3b424d0432e9229":"b250f9455a5a90e3b7d2e2c7a70e42547b63550cab908ab514de782b6215584404971db76d6e2f2c604f0697bc309e7f53672b617c8967943a896ba260d65eab" + +SHA3_512 long #34 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"ea850f0e319762b788d715889a51d30b160d54ab0de3df249c900d37ca0acfa2b311b24fe70762cc0d016dfbcc1e4a0beb189aa6b618ad6ca4cf48a138c2a62225e5bc9eb56cc2026bdeee35e86b83060b7f0a635c97dfcbab54f005f4cdc213862ab562646f8843ec951f9fb6df84e5bf6b2d48c7087d28f7478ccdc7d52b5b1f072302bcb7be76d64f899f002357914f0489bebe118d6ad1d1a560797feae438a590e885ed6b837233b29e8cde04f10371a82e0b5d197b811ac226d2750694192c837b87b89851086a240523b991ec22db12fe749228424f496b879a5f875509c385238ac14ccae01b673a8d5c086cf6694d98c259c3a7838629eb98e4760e52921d4855af8fd5416f01a7926e7058c544e362bd59f19264fb82ba95addaa73ac2d352b12b695a758e7cb2fa98d297d8935cc62c3bbaeb3bcd005c5962bb070a7b2faa66dde342c29f60c58c813513777f3e2ad8a6269a50272b3aacaa211809e4bab63c6c047371ca334711d1a1b3ea3013f88a433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a1fc6eec93140b03a00af0a76adc3bec7ad2b8f786fab02893e6f62a8689f065da033d785a1090c01143438afb4988799b0b4446d50be9f2edcf5ae28ba33b129d6c19aee4770cddc2fe524f1e23536f94bb2d9058c04e519e57b3b25d7a30636891941ee6a9e7a32186ad52281c2534e48cd54266aa45bb321a8128508188eed80e3d36c53ba9b6a986a532bd76967006daebfba31c68a6457253a3295bacfb485c6594f4bedb8ee778ea7f52d50f97783fd21a82a94f8955199bb12c6b053f45e6ada81985f5a257d7dd867ca9f911a516183d89d332facd5ad9e0fe223a216d4785ee98237087771dfee68f87fb753a183ec32d1ceb713ac09ea10333a4280af98ee6f539e4b4c1d5ef2e2fd18f48a390b649e108b16309e54a7fcff1ebd9cb77190fb51bbaa0c47a0ebbc2291cf25e2a0f404a092d66d7236ddbd8ff69bd1b4ac4e75c6b7ad1fb84de1deaf12d18d64eaa24cca0c7e31f259953a2beb62866df030c5f8b9dcee380edc30ecc5802a8793785ed62197e3e462d75b1b259c25abe63dd430eac0df8f8be59920d0676413407e220cf8a8ed11fca908a6cbd01536367d88b571e05b846b0304955b0ba4cf9bbb81b4ba39b641cd1529150587bed687f8cad177c4cbe0563f56918ff650844c3761158ed3a63b7d22a6b0fd48885381b783ca24f5956bf6a0785d93afd2fafbfaac789dfd25c9b5d867bfd89bdb74cdc199e99ffa23edf02e524190be90f94f0d48250f3f9bb11d40558ac1081f02131ef676115bdb2eeff1cc84aeacf449f0771f640b2170bc5c615659de18bcc6fad780b9a1a127f599f2cf7014ff64b18740177db92c0cb21b44537357521a852bf321f978536e0c9638414beb424afbbc711ab742e7d85b01ef3521553fa10a4e7ac080bdf917398fcb0c5e5afa0ded36100f5cceda3a7fb76ce2ab0065ba1c0a754494991c8c452cb416f18ab115509e28ddb2848e9be5e4c344597f4ecb8207eb977e344334f814fa494ca3eecaeb9bbe6e028d8a645631fa4272fb823e05eee4a086b5f67719f0a58bb6cc3a9488d6dca9931156fb9a451bc3409b87796d676847f345bdbd7267bec6792d1cdbedf68976af377bca79ca2db10988e7e6821980740f0b216ec9224be1dbef1c07e3a4cebd9c278037bb6539f316e92aeb0bad330f2030a9f2e7c857c4253ac2803288b266a30aedac27c04671afe7d6f2d2ca8a006fdbdeb29402e7579e3597aea2493d5a0c08":"74aa96e89e9ad0f23e1cb37ed4cecc53a0af47a68fa3289dd2c91da6f8b0ddd5d290418ea43abf0f3700bef12ce62de3f9969d45f8410381153c5d698f1f4406" + +SHA3_512 long #36 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"e6e9e74abc89e6f6021a4db140520c7c02e0271d894f0a1fc12e1e1a736e9934bc0b9ae8beef750695134bfb8ce7df5391f4a47ce7bf1bcd1bf15bc639b6f19a3f63ebead25b30d43033132c66142709c36154848c9a2abcf181761e407b13e3593803d96296be67bcc3cacb35a28ca77f715ebce1a8e2f52c2495a7f184a717f1d40a3dd569c9c71f0b9b61615ab834ac6aebac4cb1e87fb223e1ebb29b543fef7d279c9399f6fd4353ac75520150b8349522dd367ce7626dc68171ec86c2613a7c828004f1ef100ee3258f6f62ff3cfe3a2cd608d285a744549dc1080e9a88bc19447090385c086a022f3822446bc6f2a1301f287b6a551e175f646cfb84b95c9b95f59f35e4ee3efaf2f6d36e3c61f8115741003f3f74e555ede1821527fe024c9c9699b130c972119554e8a91b12f8d4c9c3f6e6ac0d80576fc0b1242c5e967282dbe674e8a1ed9040d7cabdb0e3da30ad2d74375826d7650e8a60ef3ae201566e4cee46b37e99bf1d09e172a2db866e2b08e1fbeccad2c6f1c6f93ffa902940897219ef39695de5517195909902e5d56ddba5fa0ffe59c442fce3dc1472f777fbd4d0362369214b07974fde3f61ddaf982e28fc6acc54a526b4868e2f905345ebfa79e51987cd3a6504752539ff5742d78ad1c9a53babb2c7774a1df3f026f0816d7ec2c2ca4af8933f712d32e53cd850750a28675346334dcc97500a9c56c1e7b44596c73a7ecdbad0a9bed01972b72b793be3581d0d70e03cd5f0199ccd0042573828cfdf5203024087a0bba5e327911ecac021a0e9b0a64e6cc5cbf671f5bddfbd4283c2aee19216719a9c907572aaeb20886ae5c03dca8ac497c5b42ce87dd33eaa8bea7bae93dad1761be312df9d68a502daf27c5d7278452eb2dee520adbb22298e5f9fb32c150efadfa5a1b5931dc1f81ad10359c7a15852387a84e67320d187352a0438864e90ef91de0a3db393dd30d28a3f79f08c63caff92f082f788b38c27529084c80dbf1cd89735bf26515f74a923160415c1d05fb02d133c627e30000cdf2de11bda034b5dd70a8213dfb18a47a6724460c905d9f354d45bdc87b0aa8edac295a73ec442c8a671d0a3c6393a551a3a7ff72b6c006f0e1b298c2d9b53534a37e993c06acac00c52effd8d614e7b8856fe026f6b9bcd63d0ec9bf759c30337742508e95dabed1295284bbc908c60f7ad09aa1e6c74b45bdced316d52c247a960912d3f05adf8bf22c3b2dc2dbead6f29e716bfd651cdff25747418ee18c7a9e5752b4ccb98891ce1085c74a2aa09f9b1e270da11fbc05694c98f7f968c2a3eea1829981533472fba3f710c56191d9b2e40ddf7853a34681133a82bb0e8187158c350a94c47db0296af182cb1d2915f864a879f9ad5d23e85fbe8a2a6f23b4915bec809d99cec9d5ba17a5d1b9f0c4da2489659b89641dfd66a766ede7338ce0a51b84022fa2306f35dbf26fc46366c6a8232ae47432953eec67b16c232ba081fc448d491292847442b0e10bc90b8c4c63f8125afa534a3b3571e23b8f967003d5ea24f8df0a26838538fa2c3453a5d9fc9ae46588408d60f67881c2a8ee7bd4a68eb397d193a6fb61c6c647a2d6340db66df99aaa84df4e93ce0897fbae3472f2a4e18cb6a9766a5d0cade470fdc74645f3da70ed8ac06281f4ff31f4503a7d5ecf176deac6254efb5d49993b54c0120fceff7eadecc13b658fde172f7eee423f6fcda1ea642427b13af1cc7e55cf0f9841d11a78057237a2f11dbe0984d06008f98cdf322e037313486ef4968b448d641f17eae87f23f5cecb369d1efc7165601edd6c5e6e33bf95f7f9b8306fb119e7991c566ba476d44d60d14adc5051a0c92227dfcbcf456bbdbc2a7db86da533b75256e36e3feb71a364463dce2ae1d0a8b5f4a006abb915ff1789bbbb2f817947dd60288c8bf25c65483dfc60e6b243834cec63ab8dff3cde9c9008a50fe6491d8cb08c33331be3178f00ed311e4397ed4947810700985ee0bdc5cb02993431ad02e084eeafc8a41eab37a6cb2c063c4b4dce8eb58e04ea89eda":"a598cdcbc02e98ca000e739872235834bc639971465f52cefe54304c0af4cc86f6e60e0292bc9bad2654bfde619eab534202675ef22b3b1c321fef534a5d190a" + +SHA3_512 long #38 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"a48a4ae3ffa7acd035454bc8188419fed665629dc37eb21759f3f4b97da1d784049c763876dc37b11233f37612825890302d8c9868cc13140024f304c65516b79954efe32a9c61f50421dca6ca86c9cfc08f287e8dd9774940c9d6e290c26aec689bff0da350f14514f74c7ec9f6326490747d76bb0da65d21cae67d65509acb7b57ecde675eb048489d8c26963c5cf6a8c2d4a979d067f9ab0f68fdcc6770fbd972ff7d003066a7aafce4c7b9be0f2e0e63753f4f8a84c5e780a78a4e6fb2258ad28013f62cda0942fa9b89bbe612b4cc3da85fc5a3c368dc06ea4a72d029f09761b7c7cfbcd6171680fb93231b2f2fea3ab5316483ed8b92877868c0f29d050705ebc21547207931774a0e79c42c476e41e3deb393cad512ec9a0ac03ed60be2a8662b4f3581d698c5d121464bd2a562397c8e3b3921ef631e9859fb1a9bab30316e2b06edc1d65554d8f51017e9f1cd0cc66882debb808d04ba7cf8efb58dfa884ceac1d9a8226e0aa7b1629039d2b8a10a9512eb61319985489b3f26ed584895488f0860fe62eed1857ec11e89f12ae08f3d73c6d9aa8e8b89e0592509b42040a94363ea8a3dda90bc84b729a3f62bb19f862bd9eb9274fdc671cd56d14b8c71b92d5bdf155c3c2f92eacb194d88c3fc809bc48b619254c2477623200fc29310be7677a867671b9550d98656504ffba97ba2c643025135c45418e4ea89c43d05014540ab480580ac3d786e4874f5daa0d8c4b76b95781fea357e971e08f79338cac33d5180de725ba3f00d58801f69cadf28216ae3ae1a1c31d2c42354039c916117f602d69bf98ac868ebec3e77af0dd8f78ba8b49c2f429139f361359161f90d6bf32714e41d21f5098e6e74a5b4520a587e8dcfe965459eddad407349e85617e4bd260060e70972fb8044eb518082be748181fe3ec50b9de67928d5d23b92c7acdb6963b85e28876549d86b221c833c721cec0743557dd97ce08125d5629365ebd55604948b677c6f6f90bcc08f3fcc7bd736b39f1f8399c569b329f9634339c83457ad9a74ae98437cd6a5d4e19cb6b73bc7cafb2b0624ec9c26aae748888b6c7ed3247523e62506f811ef061a84414dcf0714fe7fecc31701426f46194ca2ff3e3232cba0f569e369a862fd43deb6661b5f5951251fbe6f217042bfdc76c7a8f9db9f45f1c5ad005905c66264925d29a835609b25855d1b8316e9fa9bee428f3938338a203d38854f8fe3dc83877ebffdf2f2858508e843af9e2d9e5d9c5bdd85b0b6433544549bd4ae8114aaa7614fa3ffd7b74f8fa6112e6ed6532b685aba66abef1736c4476a6fca67b1e0d94e0220c2d7d88b01e0ab87f0acc30c3a864d6391a7af2da45a19a84b5e5c2e058c00fea5b9903f48de39428a779408fa28bf04cba6b221ccd5d0079a2ebd9a136470c40f4789754be8e4e8a6fe6e27908837d1bfb4c91b2300b9151d9f7b2fec1e7afb68476834f246d300ab0afa72e4eede53d6999c229322f9593d783ff27602482a1782d885253f30120163dff0dea2dc11781cd23e0485bb5b6283b0ed9a57ffd986c07f6ecc1c20a610d1c6a967eb58930e0713775c6f25a4f58677274167ca911cc905facf26cd453f1c57a665137a62fe2009d684295fbb5c4a3ba85178cfd84164132e16a25f76f80b39eec2606c05b2305a6264fb92280197a579b4d336395d5b51148adbfec2a3671589641b530490feae24e42ce6744a355da150c02839d87466b31118d0b0a6f89280358b5ae80254ae22ed068226a1eb0a280f86cd621b78fb1394a000c86a8659da1bfaa6386ff8016665cf8fc66d825417d76f4c3b8c2eb73dfcbcb49257d9119f00ae627c3fb350f836d034dd16c3e57592c1cd4c946043382fb41597d6b863d8cbf0b43dd94d43de46519af20473624a27c57a1e9cd4460c17d04a5e4dedf78c6408c401a78e81227f9ae88d9e5d769e7ec379380a5369c29b587b6f253e74c3b33ebb53103eb3ccc7f247364e48c77a7f03f22247a55461a293d253c77483859fdac1b87c2480e208a3df767cfbfde512cc0e65bc92aef116ca74919957cbdb1223fdba5309916e29f3d7d48e3fc1e81f68f488d0e21f7bde458cb105aef5ccf46298e0feb58d77122b58d9eddcbb8a8e1dce13ea5c5105e24c40":"10f9dea4b2b5fba6d63e37612450a26a3ca900804c0d3ab8426d4539a1b89d4da38ed3821232bd9ffb1f27c26418072cf44369e48b86ec8b4015e37cd29ce5f4" + +SHA3_512 long #40 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"b5033dd03db57f3da4ba033569a3e4fd0ff36b4bc630d2fb473a4d0300db4ba9719ef8f4d6e507600636b0d59bd6f4da53992807b6f8b1b8f9640d0923da13fe6eb87b01f0cfa0927ab9853ac16c16c0bb10b1a04c0ee5b9226a7a46de52b10f74f7cce1d49bd13bcaeb8c4a2290d31711010e00d09bf6658af39ca3786bad464b03f57aca7223c3bc76ccee0868b2481b13450d8ac66a23f8a87c083b4c900aba85feb6197c1d9219ff4d0fb91c3bb9a2ef60b1c1b8cb5d3630215e6d1ee2c28a25ed7b0be04710a83118937ed5f6d36d3c66d2bf98a07a0a35938b570829d8838accb3e6c729a633b134649fbb6cfe46a3605aca8f72e23d5cdb794133efb36d5da245f3584cba802aa96864f524a3f3cc55302bc5c8fc974f000e72c6bbbb104578197abc37b65942808915aca6283d5e4d3c2a612a32dfb60a3434ea165834eb5517c31a720084a1c0adf9077bf7ec0251660e8c20ebdf3802d2cdc787f2a0f64127159b8602c9f071be592f2a76c85f6796216d33905d7eefd0868496f11d0f4531ba67fa22f2d79ba37d4b3b0f981e9ab4a92dea872230d915a74acbbd73de671df8a556cac5fd4744ad84372926e6efa8eff3ce39f6f5c88b7840afbe6a0ab1d3187d23610c0b7d893102a52b3860705a3be8660ea075c519418fc95dc93c2b3b6118e74f8da8435a50ec0d7f973324b3d5333a6fea59d7a7495ea1005a1bdc3e1d9e2dfb117da39f546af78c0b08139904fed2c29a49071ed9d6c011e350ccc292377acf5f32a44083a6ecba5c8746f5116eb77079ec5c64391fadf62d8203b00a095832416e4e2526c573715157c4b044ad70e24febde62b160f019005a8af1cb3f4e8c7dd9aa3784f21519b32195b0e5e3857fe4ed950089c112e02480686b1dffe546dc1cbf5ce753591a4a8cc2df3c377eaeff9b8a27086b9ab5609ba5084a71a3c626df967d9510c7ddde41522491d2e4d96a9dc4bd778610ff7d534aaf99bf137523c93583d752e7c837e74d662bdc3f67eb9a4bab1e39fd2544525d48510ebabb9a83a654f54142441c27bc8f537c15c04b3b28da45ade8917a3de9babb89220155b5f1da37045fba57a9a68651daf04c51276231340a59aaeabff3ef1f55d2ad1a061cfbe5c4c690ae1413336d1f5772c70601973277d8d85b7e85cec59d5229b21e31a146a80030ea110b7eef73d39d73820ef6891cee839422a63ff4872bdbe5a637b3a3d99400d347974f1efdeb321f418f357f2222135e545f2af53be42d7a463719447e0a6a305fbe8e43e6279a91eb8f3c5db1fdf081bcb77711e205863ba538bb71c0ebd4cb008923a6550f3d922913f36bf00683c501b60f8da4164dee6c428172c7bea86ad3fef68f732c83e9a32542f008c532f2cb64d8b4a8a0ec5c425d538eba0b4dd67f28f0466805d56000cc113621c266cfc4cabbcd172bca4dd092190fc15b2bd7ad0cf7125b2299bde81148836186882592efa01f183d4f89bee8bb3b0634aa3405b4f43d740c39c905facf20f398febcdddb70f3d460e3d7b368215bae2132b72e27d00ddd4a1b4cfc928e55fd80325c4e971191731bee00571933b6e4a72b26d16d71cbbb64a90e78de6d69a8c78acd8c2a6d411cf6d8cd5303da96ce50fd4a958fc1be39e349d61fe855a61bf470d6409c6b4bf77a09034f2efc4194a310eb2394a7307c4e656d99b72c527f8f4b4112f6f2f62d2eea6df2a382005f28cdd122840a67af2d649c8f53dcb6fb2083d4a93fec8ce69be1d2e569551b57689ac33b67d4acf809ae29a9c54b1ab8308058ae7f4053494757f9d0885bdaa3eae08a1646ec477f68abdc8e1463c5dd46a994c8bed6947fbcb5ab59097e856c3608ee5a283a806dd5c37fe7480a0193eb6852a0059696af8261b02bf3a563d9d578b7b016a69fead55ed85b6a2a1402a62458de5b68a3021fc5d0ec4eb8bd134e9aadbf1718eb1df2e4b19380aa4751ff466f29c93401a01d47d345229edb4129d598303378ad2fb3bdd0369572e2a97e345f2956e2f9b0045180dd7841058cef903faa72ae2e48a051fdedae6a2d31ac57f0870a5ad35b5a4aa05d5788831c27356bd6dda2b38e42080260d57a70121017eaebed84d7c8a99afb6cc85b9c18592be45b7b3d872c204ba636118af27333dd14fc08484d2078a859b3d2a29aa80eda72e35565f148c380b0186b82fc7d9b0f3763628f7c8a50de82d97d45c3f6ccaadd137103380bb111e9ade94ad657d2171bc8033fad":"eed31b1cf35dfa5d2afe01f13448ee3ff01e89b6da29d36c93d9292ba8d142f96945c645a888e6a13e22532b6e3f7f434d4ab47e791bf3b0159a9b70d4753fad" + +SHA3_512 long #42 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"48645a050dcd38634f2edc65bdcf79462f72e06324ef96fb6f1c2a332defc55dfae7037965a701fca1e5b8d17d82899e95fa1848caff5eb9f161fae1c831c8fa2e26b511933fd2c2adaaa7436ce5c9a43123af543bf1c1e86119b21807c7100a4bea19d47fddd13cdc4751c1744062e069b54a905d0de60f290cf9e0d2f8c415b9fbd7ca11c926f296825f567cda7bdaa6779402199bf6b6b0027842110e0da1df2196fb324afa6c442579076dfc3d1b513232b458e218655ec3d745ac4f12382724fe70c8aa75334cf646de2deed02ad0aecfae002b75a59b16bdf28b04fc61f8cbb830bc2fbece18be6fe2a5f85b8f8db311f6fabe34fdcfc5d24f9774f2a5badf6c43f722fec50e449b1bbd6206d3ee09a0962fe37ff66296bf67b6e91d8ad629c1b260cb5ca1985273925e73fb7d5d77259686e27b16bd522c3fd1a9a49ab26e6084de7101e81dae9f4e6e745f1541c748fce60252e846c1c0e1d1fdb05db779f1c15b5d14250521c657d6ad5d2302bfb0d2398c2cf166aa24549c2d695a4d111b71bed8beddb77390b67f661a300828062066c830bb85d600a01c81f619ddfd869def28279a9d6ca77250e7c1c3bac9f1ec55fe87cd0c0efbce37418022cd06db4dd59576e31ed4b09330777865826c1a40ee7658af6118bde4d7b42efe87f4c2875a69d441a27256220960679dc7d728231977cceaeebcefede3232934718fe25565ea683b910f3e26c2e8b8f3f2d3c49ebe4b0b051ac439ee43d6984cf59ee4bedf625b59547313a7435890ef692896b7c5383c884cf642f1df15a4ce7aeb6fcbae17d42351667bae74f81a1a959e4578168788fbee1cb3fd9f287543683c2c82bb52fc22f1b01e413d0f7bfbdefd7ae9998016e767fc331b6b563233265ac3edee5afadd9c18a66b86e7de1bad0cdc11376a0fd41f5f6b522be904241e0ddb142f79f7dcbb68b83137c66900689414f8d68f9a487e0c02aac72712a0b71c1cfd67f51ba8b466ff9d38f54434795dc9a65f35e0cdeccda12b2759852e595130b27c178dc8f1db20b671bc983f462fa424bba508ead168f0de33c684576c72bc3b582776c4d88ec684ca628da739d24d79d0273b2895a696cad4b838a158486b9ee16dfd25d34997102c314af6b80d6bad8802a10da04f3cf7f075c896869be2e501304b7249d23b617d6ff8b32daaa6c9ca8061235a2b896e70465dbe5c33cc189fba8733a2f25b7fa765be67ff6fa8d37de7a4f22c0126363d731fa043d7cf3da351daf145719f73905bc599962516d68b8091017c9bba573d4435c4a451935ef43e6c329c17ae44229834d15a949bd7db9351d8b3bfeeda5a01c8b2e567c1827cc964810eac31fa43663498b383dde055680bff3a366ac67bf1fff370e201b22239eb6303f7cf9edd0bed7409bb84f8e146e8ff77c8d523885d030eab89faf5ced82862e3c13137d7d086f0c40539286777105ed43cd8fa688dfb8b0026555368ec440517d2fecd19fd28914c27a477cf41aaa7b85c1a5205c910f3d67fb9d4d9be66d405f2df698bdafae109e96ced01edde5f8bee443346596acc945ecf810796b75816e97c1115af256764153992e6c2d610b4bbfda5138430a1a4893f61dbbc5f18b27e7cd09fc3d0abc371b56f640ab7419d8beeb154948bf76dc8b07c3d77859d427b88ab115f24368fc7868b640bac7bad26be5ef1cfa25857e5cbdb1610516d2ca647ac53cb498f31dd54eecf0fda454c5316b5d37e9e4bcaa637854ccfec12dac762da4d4f663e0f7bc8a18b5c6c27e2dc9ebce0e8a6592ed59c82c9fc7e14b2a8803de833a3cc936b89ab823a88a9d787fd7d0157e308eb38a4db73df2ef91e104ade0abe29c0247440149af35754941ddc001f117ce36998f59734c0254b85c667c49c3920a2295d95e5bdce00af7f65e24b205f9a6f11bc37bef3e68b914f9380f787ecb0fb0cef2f25d212ab430129b868ee896536496e1359989a8754e33f3d80b11fff5134f2b7dcc1088296832f055f6fd704bf7a74306f0a24411bab924566041a382f092ed41272f8aa326b4072368d91a0920d97380833cce26e0e5441b16724811af36a2fd0cc294e9f2224a7f72efe6038689fd02cfada92d5744cd86ac187029c5a70701db9e5946311a34baa3c676d38f554a2e4479578d94543b398fc89e53ca6063e022172a4089f8506559e14ee1a1b7e56370246bd01ea017a43ff734f833ff54186ea19a716339182023c4d0c6741e4942e143588d6c94ed473b28d6af78e0422b1fd22c513379064b8fe5aefa6d14f03d063aa02df4bf26931fd1e5e22f9fd898b42d52589124b5780cc82be5f32874b25d8ed53a4d8b4e284c870":"72db99e7a99975cdf4792f4649e2d08a1beb53bbdb7b6b186f2e7dc03abdd649c43b3b1f43b7cab4da8603eb6327e9595f186188aa798312837e61a4276657a1" + +SHA3_512 long #44 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"2109959848fbc919af4f76595c42f41e8f61a908f8f1da17288dc06d4611df5503b79385cf80eca04ed6bbff056fedb15a7418c0bbe354b61d324c60a83595d2b0413eabe892a89bd2ea97227a7b8a9a64074877c346bcceeb880214099bc22912efbd94f9f8a51125d43249222e72e0976261b478e1b9647cd80b10d20c0f60100839c86c7b8c0a2edcb3fc654f4e8bd9cc8a00427ef482b7698fdc6950238191d6d9cda7e3058ed54943c3aba8c5a4148febe289e3142f8485b501382fa8937f9fc62d14f8b7a6026509275cff80312ff1ade2b5d9c274cb72a506a571439fc1ac277019814b599d762eafe01d263d123bf8882e28a658747988731add9eac3f45251c204868b08ec5d9e4a0ca60cda5b4f35d5c9867e368e286d1fe3c61c2e1b2e8bb9013b7b1bd9a334c02cdd6ebd0a6c7e8a8f1ae1d8df5c6a7b95634e98f3a97d4d1abe066133d64716ff02f9e7b579bb178fa220fccfa717db3f3bd2a31265af04bd88ad776f593db50f914ef8e109841357c6cc00e38aedc53dba78cafbe5b9666615d0bcf0be8100bb12ce4f119e61f4840333839f8a64a03d59818f14abf4e8a10030a07c78c9a0ae020888cbaacd3170b2080368280512bab38d5df12b1a11fab21dc0471a701b34e97e0473b13e60ca8db9fee1e6579312331cb625e57158dfb628ab05160cb70c23af60be342df8edd0b9d48147d497e0628026075d9343cc86b1af2afe082a806b1d1befc6146047458832babef497a1bc883c2a0608694dae797b1d24fadc2e0a3794acc9aa4d8336c58812ce4018d2cb65571271492fef87c06d703d4d52819b8f7959c138071e3ec2431df83fa20ff9d8054521ce0e0ecd2714b8a97814179995289b3f462374c83ef230cf5bb995e230d5268a0f8a37c92dff5afc13975c7ee920d5b66d29235d7c23ffb61cc620ff00355b3ca63b0716459bdba7a862ccd5ec008da9159ea6790a46df4f0b6e1daad6a4479c0a86e92efe68bf2e9eece5192e264799c7ea7ab579e953eca008089024a0603aa4f44a9dc8e47a037fbc31c32030880afca31c7d4b79f221632a6e296ac8599b1e09c7cd259d90c8b3574f6e528dc37f4c4f183aef773e8fdd5baaf1297a883fde4ddd57a50297e0e2347a6535bc8e590f44da98d66f9d8a67026b61d145708b5e36e7a7c7a203ee84da5f625a3b4d4aee2aeff1b0d1a39398b51c0602a7a710163b9337fe0a493403bf7ac0309884a74177d4ffdf3bc55e0aea39483e1fa060aee25ca2b889ec73e76a39194932c900a1a205fde20c872c16284fc2d41bd0ff80b1a052a7cf7200c85136d814b88ee997301f7649d27d9042e5cbe0653acd4f34300ae21c495e7cff0ad08713985ab49ab86e13771bfd2d29b93a3b71eaf9d221c408bbb666263b240db290d640911414919e400a47aa453309173e8aaafb1ad2040659e6c45dedafc049afdd4fd66aad521c7673f3f99ae75bff640009259bdd7690372dd259e72ac8f21e8914af3abd706531349f5f70cf283f3682742dd7ac8232fe0c2ececa0d8e68777a4d6006dd82f50adca8607943046340827a5850b7bd7af8f2281108c09709351148bd518600686dccbd9116fb6717fc709a5989878eb4c2905cc5260c6950f1ee950b9d3f5f2bc4952d65dc40c6a9d4dd429604b48c9ce5374b5fa4198bdc1882b0cf6c6215bbc9c6a6532bcbb9b56439018234a72d7fdb775244f5906507335e3a9d21a6ba94c7c186eda7f4a6a7151465c2abd7e7fa1fd13019ad098b6ebcd190e96f75b45359166d99b344141b81efddcbdcdf42881cd533423ced658f2f9d32389847a953e845b8ebe032987f153bd8024a15d3966cd3fa5327a499c4f611bd0f5ea4f0231fdff768a1588a4e5978e30a663411c18a8de3d0ffc78ebccacf8fd205063f5d5a35b774992e9005c9379d48c3826385f0438e2027debae2f82739253df3cd4f11f767a41a2d1031eef85541f4a96f5038a567d52252b4b418d9277d6bf64084e185968bc6bca15f252bb98a4c118bbcbe13ff7481bbf2cca725f95f11763fab4370a2700185b9ea164218966c535f280b1fb362c882fb792dce2d2ec0fbf11ea2493a155cf0d06f4cec20dac7c7302eaa4932446930456607122170ed102b4ba86fbbc05b866b5b038a30dbd115d54d1600ea8dd65c570fdd9274da182b34dea064b6257fdf013a049ce72e2aa784efd8d74a93a25fa6c32bdf95aeb4d5b43434b8a7a92c333898baa4a2263704e5936d4ce11a6fc2cb4c5c5a128355881fe8dfec0ecff35b67d38031f07888a66de43dd23c76712e2af7e98269dc6cbade690c6f6a0e678015870fb560899204843ed4f7bb3c58ea4c527df90a3e8cf6863134c337d8fb79c83fb3af50cdd5c7df2fcd2debd0a98fa5e8641e721e18c38dde0377f6d41181064a16907fd9d648c51381055cd7c5a6de2656734fefa29a8bcbd30":"c69d1e7b32f7300a89291d2fe03c63b4bf50c6746003100ef82cbefd20468ac8536c697ac1cf5340ab21b15e80745665516e708f028bb37728e2d13440d4b384" + +SHA3_512 long #46 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"97586b625a8aa48ba39ed7e0134446b480871e853d00e6d39b491d32afb51f9f563e491077bf5d4f88642807545e621ffbdbd5483a35c2d2ec6980c4d1cc662b8ff9ebb2f60e0c738818ee0d39cbc5f77377f4145d3776875d6c7cc8dc6957f74970997160de77a2aca2721a4af337e2f143c3102f6eca99f5385a6756f6bcab8c8b9b753c966782fbeafc54103f7f887b278965374388b1bdb662c8c9da5bef603238e512a0a4bb7dd8d4e6121567931c0b903afd1c7676bbcedb14bc7dfc69ce4db9e96b63f6f63a5541f6d8deb5a8d9d71eb80a625e91f9690f72b84769c4ddc466abcd4725db3b478cadeb033271bc737c06e57e06a97f6d440b44a069a6967f8750c3b4f8118798fe32d2eaa696ccc7f24e16d6366753c4c306e8f0c3b8ff676403d2123941262eddae15fdd9bf11bbc7b526d4b8737f54d48c2c9f40a1236245ea84c9ae1221f371483da39293943845659cdf53740b07bec59915a8090759712d6041202d7fcd0429d1439bba5c24b286005ece12fdc3cbd8b6bac39ab53531f5eee3563948a6dc785947badd7169573fdbbbf2f65f7241ee0bf758fa34dccd6ab7151adf8465425e5e16b8a4dced7cb9b45d87c838fb692e213231d18c388db3424032c73cf27e0367185cb6a49a691c13ac552f91468bc17fd414c8c630b8f917cd67987835d88efcb570bcd156658f801023d4713befceae46ca86e8ab9863bf2281fa3e169827a555ba5d6c0bb93a84f1ba5fe0c2dc7e34ef1bb4fd93731ac1a94897987d05f8eb6004427ca0ae46a6b7e377e7c39cf99b36cefa0acf9245a5c984148d526826553e141209fd8adb6fca64c48c2675666a85adff19473d0df4e9fc1c257d09dc6c57b2761c0a9520669305f0d9d3b0ed2a437e6c31e3bc9a3573795569e63040b614a816bbaf193e137890a0d6b294b862d70ae85b8b5613f0cec3676075257abddbbd99f1d45c5dfee2cb7e8aac6bec9aab191c9e2754a0ae62a2fb13132fb30915b8a8c361a7a3b03a8032fda77bb45b2673b0029ffe6bf597deb988a69813202b62ea3b3e423bb0e67564378c0e362bb0df4b8fdb9c9950d53e48c917a6c18c8383086053754b865073bb41446a9a95b126954ec3765544848b51de4fa2e6d587e3a93a8888fcbbde41df22b6d7091e9110384640d4c55b0c8d7bcd35d4a9819e4976d2c6c275d6faa979e2c99fab50b965d97f38fd111cd50c6fa0b083331a2f7e162ff36ddf5f0b71318a6709a7b28fed2302953a620f47d0d45faaf8ab28a44b3259f9cf61de7962ae20775c25cc7c70bbd63dd3e0bdcba053100a7c3a3164767259be3024dcab4499afe0e14f27e9b54c031a10b2adc74694bdb85508bfd7c77d362cda4fe10bdf993c8ce04b4a3c857c9212380167a5883e6d9bcb3c596508fcf82a140b7300fa57d162a041bddfa8f38a0f95f474cb2ff9299d28ff8876ff96a89f25801cf25f7a754a6b5a0938e65af3f86db45ba3036ff8a5b278d27275f44d7556d56349d4ab312c87bdb5b10759d6b50968a493cb45e29cb3d0c2c133beef93ef33d06e22920cf03d9449b0d2973a2db139d8055126ef68712eddcbfe9b96e138c1ecc711d60e7fd5044e9f10bd274aad4f7e605bb828f235bbadf9a1334b4778a83ebd68203fbf97374be58972a5f344d11e0cb2a39422469eb9b1e22f15adf90f4fb9f117a899cb55c8ea055fbd10bfe741711e903be1ee00895c8b37fdfb011fa521726450f5b8854d164c2c768a66bb6ef7662726157309a66362f20a19d9ffca5eb4ae3fbca7f063d12580d94781722d06540f5ca71ee0972c300944efc9d946d97f9e7ed4e0be91835a03ec3058370606aef1e58037aee421bc23b36618d29ff99adc1427ab166094b15eb92d3330825f3d74ca86069a16a9d0e9606410145f25cf0f099c5020576cf339482759852879c94112a3d2cdb42b320352d2f7c70dc7e4df661a1606fe73e83b9f04135f80bc1affc5bee56f4611ab18919916123246a2f6328b47eddd12570dc8aea9e61391f757ecbf85a754c203d0269fb51e550ad1f975d629ff7daf0957cb0b6341685e29f18e8dfb9d67a602d518ce1c13fe7b399337e3056465b4c7c0ae058899088c7974b3128f7a062570cc6f0d9218b601a16a819a22441d8757f07b8362157984ac8963358866baa71460344360550304d3265ae3cac62e9281903a6c37de45ad8dd7a7de30880a94b7376e5acff370ec9570cba643121f3b0f48f1aa501bf36ee30786f5cd097e5421f92539251a8221b0f0dbcbd65178ecc7bfaa24f5f50c3175c00963a8109e4f1a4f61c8aaf1c30bec4d923acbabc20c739e6cc26e94175d0cab370e09c6f3ee6ae12befa8a1ba12102ff8db6a478303d98c406c021f9c5a706f18df37530497d8568a966551ef9fe6401696fa4e4638c2322c0afabe248f69b5b4be7cde59b32e5687a52a2aeb183425f354c5e79015f5373b849e9b3666bf2514941e8f7bab328b29043f5435e7c38997fb113beb013c4572c236db5a4639663f47668ff1e5ad9a789cecf655725b120b752772de645d01":"19f109cb86236a5ef1eb3064413da5712989d87ab7eda21313d72471ad577ada2632cf058a554cf2512c821a0638dc343d62744199c2ea2507ab0fa09e740faa" + +SHA3_512 long #48 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"b8fc129b4d456a3fa1cc832b81859386066bb9cb556849ca897565f0ee02cdc97098f7c353bd63352418299fefd5d434b24b729512dcece04d1d94e97037fdc7ca8e0f93a0a05a6c222fabbe9ea2ddc4f4a9f24c4a2063bb0036b350e6ce4aadad2581939cb5faed845a3210f6b45941b3cc617764fa55638c06ecaeba8d5e8203a6764bafc6e8bf33e1e61c60d2eeb0d9fde69fca336ae1d7d6658a533dde4eb35915444299cfea160cee6a42c6441b4d84a94be3934b3ccbed466c19a67519a5868705bbf855771422728205560489f7a9d30317e1a07c4f95b8dc748fc9ecc175f31684a9226d176d9ced124bd603bfb48c50cee710aa4a14e363ccc182ceef6e82000374dfd406339232d06c61908decfbb8706b44cca6b3ee88890549c817b85c4aa22334b4c8bd7cd9a6834e38499a49c56536e4ed4aba01d41321c6e1219ca87cc87cc8164753836afe564403db069dff161097121e7146ced3dda021f5628f1fdc4944016a3dcf6e3fafecfa2b7820ede9c005450a1fe2fe2f037f907b5238ba48504f7e19c2876dd054ee242238fa174710d78df60e00ec90590d379cb3cbd5735a92943c2bd3ed1b0df18aa68d520599c6b5f3ca84c6215fa9ef1d3ecf72f8c52eb54bbcc0dc7887a49d32a0c1504045ab467d6eca5c2402b9d04a4aec53aca6965fab7fc9ca957cdf9c26f91a1e4fb5873335ca28eb7de35156c7a95396787e5838bd6e8ec5cd6288936e97e1e1ba4f222323c7e59bb5683b299b414c64e5b53de9887157f4a6a2652d10645dc40a7d43bf4e4b4b9353fb3ef2cefc1ee57ab30d1a14716b7faaa23f101647d8ecc6a6b4afbe3fa0fcdf03215969c11340bfe190726a54138f61cbdde48727988476313b9a7b8c2dfde1e8ad057377719e3ca58d9a9104974c528509526ceee6b2a288a1298e183abfe211aa9ff40881267a68ce3a91673fdd05398901cc830a9ed312ad03fecd0f6a6ae8e0cef55b8b01009319f97367526a024d269bafce4c72903729d0d392f325ffd4163b7c58d756568c377f3eeb1a1dd22ba8c51eb7f453625fdb3a154e30182b3d168e94e7ac4e05bdf075fadadd1cfc39d7291f26496bd0f28de7cdeb0c6c758ba66e42f05411948c0b83b01ee48f08e17b6fbd0394e26258057f0350d04965278f83905b15c68b635250679e779f7e8a5b3ffd361de0a0fa0cabbd65c3d6847798768510389573a98b852742de73e79b403fe9a72c8c133e691305122f3c59e48bef29f804a7d2c67fc9f8f26035cb7ef21a883f090e428de65ee23f5aa26dd72f9585f9c3243322f6c5e396460ab09a3976e2e4fc8fb55049345dd48d3146b64b11a0fcbb341b25b821ef16d91c2057ddfc007f4c37f5ed5b3f7cb910116eeaa80a83ea36fd14378c84255a5e93a21da553e9f9422d89cee42449d72b696ddc0e2934a97aaaa5c03b968b4b2097bf545a23a538269af959ac8ecc142661c9f34416bd23cf6157288e002ccf664efd64c4163d2640a5cef87a230c5948230c961478253e7f4ab0d74a6a0dcf77e3e7b6abd2b8aad7778f12178b118fdbd4bd2f44f875e4d18f3a353a7b38349c7c02b0d7ff1eab3437c40e4c6fe39c259f65259d3db4fc0c557dab25dcb4e41d42d8bb10467813a00ef656df778b6a6faa8be0e7f0ea6e79c7009fd23589c9425cf0401d4fcdc96124ac51984a10df001db7c8eab82022600a4b7a0a2dc0ca53f2d2a5c7c125b5bfa06e6741917ae5222172456d3e5dff0949e6a5956c5fce972e0754d64488bf04aac400a0f3d1631bde42bf3a29a9efbbaa5a863b9b71bf573616b31282ffcf766c37847f191e40347bb29e17220cdabf552d87c462fb84db32872c422091cd5f0b4e5ba4aa6966b520474acdd18fa65e73ea0ff76807056b4be32530c947a105b292eed74fb8bce6f78b2b24dd393cdd2c16859d569c2a4fa8b008a2232733b18789a3e2b0152a0e2505a9e3ef138487a73b537ed3c3dbce73793c61d63c6baab2bde38c74879877d53d2dd4ae2366a30de0e06288830031d1c329358b8b323a5cb6179c4417ee672dbc1dbdc373cb78858e94111ce481c1ec1837e5ea1e6ea7adfaa5dbc7cb14275509e367d50b994f38ccd75238ee46c3ecffce3b9afc093acc13f711a6adf3ff76ace59a8df1ba704e2211ef84aa3782f90156fd442de93be289730588c57136b82e8d1d932f1423ee18aaaea71f3d4539a537f48fbaf8f216e2838116197716421642ba8ecd91b040370a584a553e53d773d9e824aa1ca691a88e4bf8b4eee53dec6b3726d1185e6d069ab5145523f5f9f3a5a1aa053fa17a62fc2cd59bbcecd039725d044590779d0ec08cae26d573c8ae01e6cad34829fa9934ec55d8cb732483bef4d030e341f7d5e5a6bfd03b156b2b56802c1d1f8739d4a053217101c26055b7c4319bf805a4e572ccf05c3c230af20d3877ebac035e9ba729e1714820ad34c594d08db70accc6cdc4e9d1c2e4cf8c8cd45343d7e49276b1353cdd87d733aa502e550e089a95fe60565137b4a1e0803d1c6a2f8874fcee2640dbbfa62d193ec0586726d3fb2a17924cd197f9a2655687da61b6a7f9c58a6f12661e8c6b88797ddbaede0076b199ca6d10f87b2f8797d1d4e3e01cbc14d3f273840323d8a7e1ef7fd43d7753530a7280b76221":"d1b2db67f3b0539ca9c4cb755343efe7076e0c28625d3e63e98b864c98db3184cebce0f2d4fac97c36920f7c6e29ec3c801986fe9b30e2eecb4b4e9b7707d755" + +SHA3_512 long #50 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"a23675723ccfb3decbe4652fdde21951fd2f660d1f0473803f7fb8cc44f4090d2a85d08f60f29a3e6fb2d55ddd42d77b51bd23a3f7ade8d42620cbb041ffe678db9c11381e8a603f6db1edd248a1d72270278a7b4c1e41bd8c88ca100cde89d4fba4c0d73c3f0ecb0c0b35f7e6a9202ca39624fbe6028625b7df3d536e38fa07d3c466d383bbaac996e835327e00b9833232778c8dffbdf3f04cade12fb53ffbab258a94bba33f20516f76ecda4ead0d65220d9708bdf00f7ff7a12217fe6296cbeeb482aca2d2ba86c97f8ec03c01b4848f6e8220e52660ac09a17eedbb6bc27a486c051d5e6d7e7c1dd87ef971bf5ed6a020b69d1f68d0bfaa355d7b936066015b3b85d87f17547d940a264d96eff5a47ead9c4712bd46ff01e627872f4b6aa84ea86aa3aed924cf569ced8353976036509d9be5672dabb6373b44da3733b5b7493c1c4793bad6bb8a163a654fc187d43f761a41c6c0e52a73bd1c3c52213176767d038cd5c25389590177b9337452c673c28321d57fdda3def21775281cc52dfbf587391cf98181eae30b48a6b9a95313083d4e3f717b6ba0649e4c622c5923002c1118126849eb66475eda519774c547d1b090aa9ea8c9e09b178aa859d6a1aea907ef5d16930ef4b2d837dc169b6239a444aebf0f4a04c61eecf7a1ac22ef2cf4d387a50b4833bdaee126ee3e06730e09617225cb4a657c75835bf62c2655a395dba893504ea2e8c2e1702f189e3ff1886fa284da91342728467e4fe2ca1b3b148919ceec8fa39e7740dd49ab491008aad607864506b9f2bf9b2852d4f7881bfa44a4ffe7f27e07536635e1fff02c7bf6fe69d113903b03c3ec20aa0c93e56ccf730fce4a5e7a4ae0bb40a21d7cdc73f550900d4c190482bca02ffd92877a55198023e21cbde090a6a8c6310cd368182d3243e3f9885a98301f1df46cbc8fff62d2a8e465f6f8002c938e39d4df1891280d4cfa21c5866da9d1b236a4196c9231d1667b2df10ac3fae561607e8634076e4a71fcccb7cf28ae1eb56c428559350fe525507d965e009807074e11b203a1854f7b8e02487ff1c86ef03d4cea9d108376ac0b5ccd3ce08f5f48ac954ace88f786315acc5fddf27d292952cc2f814c15ecc453d37eeb8b6557ec221336dde34c555d0831e4305058b72952c93c4d114daf35d0e991b428a556ba57915e78db0a26c5403ac0c136de80b8e64cf94986b427c72ba6eedfdfd4c37bf41aaae798bb6032a9eed9d8ca99ed9db65c4ebcd4d1bd410c127db4da7c08f7a0b3027141e66b6deb5518bc341064a2690123f0222cd76d1a36277a3e248cf604664e60fe14af3baf7765b79dcb4e8da743602b994edf11fe19d27b3655b740c83a76faf9cc94679d5da90f2d5314271a2bedb661be3bf660c367fde796f19c93386288579682b75c0eca0d0b2f1c3868c0b2d9a10455e4e63dcf497c6fa2d40d66fa5143fae1f59592b2f960e7d088390b97db82a993a33b8ef0a71b6832aedfce279fe38119e7eff2471b530497de361285062b345ffa05beb45eed0a0af3b178cfb85fb29256133573ba0d0dd80406df62a0c42d20b2edd602b819dc906b2a6adbe5e016b409a8631d20b58afdc0527a18f2771d3d939addc1fbc7672dddf3ae346e8e33e8ca57852d9374036ddbc2e98d446a8b2065b5dbdb7021314912b44cc09b9094945fc8a18a5c7201901dfd36abdec5ff30f0e5d9375f4cc44dd3144a69b40fbe2291a2c21ec3d60bce4dac695807b101d5fcd3ddbd1073a89fe6bbb21600323bf8288dedd00fc9aa8f3576887e08561a775026f255cabc63a913528cafc8229180ec332c888a72653b9b049d0429dbd17eb5871de7d74f7fd22481de1b54064b20a539862e7afac43a48fdafd2b268af53f39e685b7d558481dfefb244ec07ee421a4a04ab28884ff4040ac7d0eb273b5cd212da9905f6f8200e450f11d84d044d140cace5dc458fd296d3ece61c3efd021a8c7b8ab7596516772afe6a5fff15a95b2788c5de580b3ac8ff26fc8cd57dad92b35414daa752cbe3478537cb45a7bdb744a03375ea4b9560377dfa841544c603306c20b80748a71944af60624844f3f00bfa18ea23d84c2722fac84c25d9b335aacc9797a2ce12e3c881ce6d3073b2cd23a05a852a39c5e569a44e2c2ec4def0ca7a5fc0a06c74077b05673325bd6317359ae38e28f66a62b384756c588eadfc3880627b28aa354e064214fe4ea86c96e8ee994d4498a265a9a02353cabe8a209be6860f6211bd801140be14d3be3612e5a6660aa7a6d4b8f302412aaddcdc259bb2b5c67728746543084bbedd872953d3ca310c78a86a2138b2b83928700bd4e1eed6e68f77c3c445a1a544948aad205b60e29ce027cb6920b66ec864037ff315a1d1b8d1871067be13b2ee1f4f2b432572600207aa5f5855184d1f891c9f4adfd48e8466dfc41457675c04a65e0982d807958614b98eb57ce03c86be44d5a3e58ef49276084894b8a489cd5340b1a61c28687030dcc04a401422442b0289c4d2d7ed29288803af88d223924c7c89779bdcc107829c5ddd46bee9a2f9de21764cb76192a4e95c2c70fa119bb99afbbcfa2b88943380cd3739e578e850600681fb37361613b2bdd517223b30c3226e3fe41da55f6a117820bf92b75e5711a0ad895e55fb9d6c8d7026558999929d4ac6ffbb01b050d5c75f80cc8e4b377857c29b35a689699e33c64498e31d4d93f61af30c82cf0d5620be269be5f9171e9487dcc2110aa0d0199f1af531061c":"f230ef921cde7b61cfef00b479835a892a7eb41794545a494e141749cc18734d0df36ed0f57e5d1519ffb3845a751ac726c6926551c738ff001ccd040473b197" + +SHA3_512 long #52 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"a1990301c5f0fb63024de2f5b828a00fb2ab0749f066b7d9a9443e1c90be8472574e674f7127a28f1d23f30aa0fd7d69d1c06b38db7fd63c3f47e806185242c8a37d9c68fefcabd3304d48946a6acea58d43c484eb6bbc8a52127a79473359548f0eeb73f4d9e0d645b329ba9fd95d6aeb1c5b58a893316ceb8d3c9ca3c991bd22ea9c98d9250741633ddda4c6b1f061f53478da995dfc8910a07698b67db2ab64f7f7013748e9bb93d3ae7b675a5031b27162324632e78bcc336f9408b583c85e1e43d395aa4eeddc5de2670a3c45832abc6389377bb817242e70b91fdacdb91748ca397cb3fe7e46c3c28f38bf96ff66fec107f59e38d82279c12e85555829975bd25973cbc017d9ed961c784b0d4c6d1dc5d307052f73cdfcaa1cc28cecbee741a45b025a5d609ec3a635534870134703b716f51665932da073ab5ce951200ee08868b1c89e009c2e3903501e88fbfd96dff7483ba1de4b4b6302ddd34ef81422c5a8097d48a0db1499aef7351dad96c0849f87dbadfc2ee6c34acdb2adee02eda54291e126e7645f0c5dd0f5f7d01a67f0353a5d4f96de5adbaab2ed34a9df2b6e5ed15cff7e3ef5db3864c7dd0d927569e2e92b5054648df34b16eeacd2b3c3692652579a0c71c04e683a11980c05d138ce1dac77ddc7695355801cdc10879ddec09b38c03a06a6ac15da3cf1747b63a5205d488eda0fd543ef79df8e0c62a11554356939b004913f66cdb1adeefc13f70132675bf245b80a41889f886e4cb7550ba650cd1573684d849ad7972191c978982371a8ce70fcf17435c493dd4dc7e80c785744125c131f97c91576b6416d6e0eb8ce3b15988840b008b677016eb9148032e5654ec679fdc6e3d5115415e7228a79e7dc70c5443f1c8adefc83b675228f5d61f972b9842e396f7e31a4131fdc35ef225587001835e142a2ea0b2ee35a608035c8253d1bfc19f5789e4d45fee436a1e86d0150ec6c26b86b0840dcec031c23c89a105b26ad8efd2a20f8b36a81b617a2eb87bea82a1475a21fcbca7666eacf8237da1a8e8abf10fe7f4d644cfcdddab698c05134b8d300adf753006accf30acb672c8339dbd5b55b82f3608d9dd2718e3c5511785e8ae1f6588184b17b5f5f0bf1ae9c10e8f775a9f393af13acbe64909fed065d6362a1e30afd6031bc5553aa9e076ffbf84ed75198d45ac871c83c26883139c91182c7ded46e9cd4d6fd701036e004e3550263b9395f6793341980b7c0c8b1a5ae12db4e807d3e8113803da681e061ae453aa14aa0dbe15b3cd8b8aa105c76da833c669bd4d15020b90642d246b09046111e1a6c94f1cd0ad22e6d693e92914fd826ef2c9913d99811b608fd4ff7999101d75588dc4935873e43255b121409ebf5f8fe6b96eae2d363b91690625e82795c8dda04418a20bac83e6be8568ae69821db1bbf95ff72b8f737f4f1488d55e56c67324a8b5d978bb848c478d09b313da5f7cf905cf9912f14572b8ac92b1abc778ee4c08269a1e25588ba7349f0f1c1c973a147b5814720034142c2ace0d7e8c62a78d0ed5746a7e827d4428a312e0ed5771a4a663f9d730d1ec100bb569650a16277e196ce8ec2b94c9b4b5805f00b112dc00237da9a10781631aebc325edc4f5e685a4377821b102095f77e1440a0c5bb1ed7f2fb47e08c501933781f38741a47d3a5bdfa299b35cb4caec20725b53849b9325d49aac993f501f7b7c32a0048454029ccfe8c286f7448d9ee86a832b3001b79426dceb4d32c716240c63f68227f384e372bb1ab08430fdec838d0ff7e07cb16670eb88a951ef2dcddd17c94f01e427cc82aa20d46612b2719c6a505e187516f94d5723121f20bcd548ceb6dfa49e71b45a3673472f6241aa8d72f2a24a836ee93690393bfd1459d6e9e93d98729ae93773d060ad32980213f1477578e9101f92b747397b7e327b4f3b07cc1e1e61f4d26a18976b323c9a3a4258475686b3afa239bca24504f397aab69af0e4ea7c2af1a77f75f580c8608a0b15e6afa5d695844881124d43e03585e7233a6179420221a6659af0b0b40b7fb600e208c90177b56e3507e89d70eb4d372107384d6c00ff016b64d14487e1a7ddc9b7d662ccbcb21538d1ab843e1f7d3124f5cdc952adc62301621bbecc898eeca0d6bd0580eb06c81d2e0a8a9048a26faf74869f8e7f3395c8213481fa69915d56dd1113c6792011526b8a33200d394d1102171287eba3c41000b0208a185bba3c29672015ed9a6b6928aef065c3ce53fa3ce3d4d779b35889bf133d040c5a8dc14a43bcf7bed240c1c3ed54ca02ce0eeb637158e5bfcead858ad219e0cbfa4296be2b4cd473642c0cfbc9d2d550b4e8354444013b14725da4127149b8cdc7732d0382424491dca7ab0ec8fd00240f7a982dd080501e3ac365d4856ef4884e89e4a8ed5fb090882e1c9b6f35e2f35a3064aeab38cd4384793b4f62ec1c820c115e2cc0d7b1060349e210310fe64511a42b3538acfb0aec0994f1ae3399516c8419fdb15cce58ea659c0b92fd92afc2306c500d5f720addef1359dbe8136d0c6c789a1351511f8a1b9afc29816089e88fa89d9dc2ba99d68436e6507be33b48252a807b47f1a08ec66f50493de879f0fc506c7e694d5e62736035c061b152cc68805f5dc318a2551099a6968592d68810f45b03d592bf0e373fb6902be629f5811a754f353e8b6964aa7d85eae855fa5824c7e27a4332463a25e7345cfa5750196960a420fbd2584d02338be0614ed45c42517ed9a76e8716a35641577631589bfdb01118b90d9e3441673d088647a277dd865d7657ba5d3738723bbdd26e9b8337d1fa8efe93a7b4d8870dc5dfc6f14566b4e2c2dcac452665c987f2b7558569b844e4e":"074228e463f71f74ffc3d270373c247acf7ff36b7796419d917d7ed1b1f9312417410b8d59070f5ccc7a6ccf2a4b3fafa5951107cfca1c01dccf0be9fd422529" + +SHA3_512 long #54 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"9d0f499d8552ce5d995e158c400d5b033f2324c7dae07f383bd68b8c18f93a7c91f5553d57c4c1b2137f00e00674faa2ec7afe9e27810477196d3545d225ad42ebe67fc5b1def97587f62ab685efa26865b079d1a0de93d7d4ae217369f76b62748cce1edbc8000cbb6a9cf706a3dabd716e9d488d20b4c0334059ff2698fe46f48c4a2e1dab5ee177845c89d1bb2a09d75c73ec366eef9a00cce5d25130ee543391fbdebfaf995a85ec74562e5d1ab4602102a3e2f1cdce01f9cbd332e6c1f6f841ea1708fb3be1ac49eb4565b23326d4655356dad1d5c2ff7015e910e301930c441ebf42b8ccddb343ca3dbde1fcc8fbd26cee673590dfc1d8cbfe354f359238439fbfb30dd2b6638318287f12fe009c0e5751cf45848d11daf3f9e751e65d42e67600a323d7d384b1ddedf46fbf3781c11c695a2b3b35b51e97c16f119b5bf2d4aa695c21629ede752274611dc9d67094c11c520c3d3d764bbe4015b8dcf412b643e12530fc7e3875eea51147a443322e5054fd13100f1c09715d206e329068334a5245782bdb5b5c49684b13d6e88f39d0f8a5653e116f02b700da5a2397bef4c6a305207a1e10d03ba556a9e92c4e5a4af0902d4fad37db981189a53971daa0bfbcad516ead1d79cd447b326576393bc5240691c94a3b3f1c797676fc8784e03d85853291f14a01062d02d6d0301684497c51b9364f44d44c1ee9f6f33f865c49e6d4ec6a52610def4833bcb4c1aedddfe0b8ce1d261a422fe9294da602a7bbeac7e4a6813928488e7e550d9891c9ec8d3882f807368532cdc280a29d39aea62910fb895f0c6957edb5b2f005082f5c5d6cf85e7be74d4c2f92341d614a64c40ca962bd8b34eae514d6908e828ea7d35764622901a139375c3f8ee8799f91be9e7a61698d1a749809ca380f978bfaf98208088021cc129c5cb3d6286d9efd3be46b3fb5ee25ce18d677f29acc67f078e641318c64d0a02238d45408c6b16fe4e86546ca35bcc20e83c70657aa8a51f58bf526755116ab72f78c50ae0b3fb061b14ebcd0ea49162216a1bb6fb85ce51b7a0d30627104fb33a1c21142c4b089594710eaee963393fb99ec5a0a7e46748fba72957b4a03570e3f5ee0ed796bbf74b391184dc0e2014213922b4f85aec5fc530a9dea667c89abd84705d6b3da1d5bfcbb8e15f0be289e8d7a766754fda1084ebf92d44dd557b17467c827f9646ab62a74936dae2fcfb80e8c837a749cd05bb278ba6485788ac91ba57005d4716d2c46a6707d839dc0379eb099af6bf11a9e871d5fbf98cbea9ad6e9479acb69ef6656386e6ef670c1c445ce022ec3664779d595c7100e383ecdac1b930e66b5b80c6512d36890109b070cce042003621e93a5ca3a7d6d255009a6249d892dbb90c5781ce792d7e516a7fa98e8adb44d6895fea3022e3ffce6f7cbeaad32a9e43f39993ef4155558f94d1815f6fc5d8eed26e908664c0b24c93e23560b3161988c11cf60401992cf0ea06d2b7536868f75ef6de1adff5a05c187b650feafdd4041f5236a14c515b31b4901c3af82b8b7c8989216206eb307957a8dc1cfd4a642248c9b44b841666de9efdcc6ea09796eadc8609007c29e920fbeaf8fc7c74308fe7f42d674b60d63403b071a6ff2541cee27e035aa22a30ef5fc24a42cb13cf896751d09904c92ffe7d589a98666ce29515e19ee50b74be310dbf5e646b91a7cb61736c3532a7ea8a8646a59768d71fe9f1513a442a91d792804293f5f0864fb240d94ed077959c54990b214898ec4019ff3d73dc91fa239051ec896bdc5a2dda9fe3f70f260a9c093036ac105924f9b1ba16ca32b4160896ed2dbd2a9195d890d9340325c08f8004e629a4833c09b34d9c7dabcb038e1d22cc868dd6b2c1b6918739e1d8f98cded425848915b412f35a30c2a72a22cad7d08a77a9e4b2567e492466118d239b1ef368b7e83c53c93043f1863ab47444af0c71816fd912cc66242b6920a6c132b6ef4a34308b8da500b75948d51e9a9429534c246e2846bc24bf16937dda64dc3d24249a0077e43edb10f28b14bce831dd3164e11356d07e20867075b78c8100183e9259b695d9ef25dd37bd6813ef96111346380de942baeff6c3903c31a836eeab1de3f149e13e8798b3604db833398b957aa99c641fdaf99c8a739a6e3cf916d611c91f188cc566cfd004341e45a493247ca66d3bca56c3e42f804096d1bf275c3899be865eec49ef2829c9ba896fde4cc6cefee4c4c6e57a4d46dd4fe901a6b9dcb64e27ba4ba77316416d1180e3b37ae383b003b1a3b4ab4e57aefdf5690b5b88af4c51414c15f844dbacb7ceb8b93b4d552efcf365d813bd035425894dcbddc6f547b766660beb1e58f721c547560a8ec3ca551c95c620040a6b6b07287e9d0218beae9c320fc81d59dac3f7282065024010808fabe57cddbd431311918a35e49a1fcb7538881bcc5ec622e6d39ed7426aa023ef20dc76849c79c21b117524c8f9f97263d20b52a5c857d326c237dde9a3f7a39d8d01a9a3387e0c9610d5d639a8ca580aa700192436fe39197c61f5526c65743d590b72b411de37152812e6b13700d0bc101cbbe22b27e9317ac39a0754983a211d408e31a908f61acfb2c2ca153b710ab5a7c74a0573482145d35882dcfe59eb324748a67e8cbe09603bf6eed3e8bd68f037d7d6564efa4b56079d5f7616581e40863e7cf2d7e3738224ff89f3871a7968535a11ae49643233c6f4f7a06eb91cb093dc3fb6892afbbdf44935e4a51c9e7670ba767dc11a5867c7dbd5fc65f1891ae6be692a1ee8e47c30707d27b1385ac316959f356481205a50de94da9a95c5d8053183dde7a1c0355fe1ca4d39f230a6cb67d675923d4c8418699edb8b2a658065e21a4291ea3181d92997c5addeb2b9f59dc6aee8a32f8d75096e7fa603da9c8f4c86e89c269aea32b480119b6253752bc3ea51c6573bdf0d3a8e2789c6b7a4e7ed644074e":"5f88a84dbc3b2769aad1604365f5aa701340b42867fc44aebba6b0a73f06f0ef6261b0c90ff2884cb78c4569ac3f8a678441263fc3afc1bd9f8a2187a11ff4c5" + +SHA3_512 long #56 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"a8a3016669bcdd9f98deabda37529e4f2db001ed3d00cc9e392075cc7366082475857a9af2b53badfc0e0aec76350db9cd3b214de3c26ffc4c6240babd4b12dfc12bea27ae52edfdd8142af9046ebba720ed0c8a31cc7a608c5c20a849a9ed62f55bfa1687da1b1795b6b509c845cfa18e8e6bac0e65165361d8be9dffcac43577de526e6497ef849cbd5025aa02712f7fe5e5bc64d76b5c339cc1a1c7f5bde1b17c99372ccf8fcb54f0a55392eccbda5bbb23c01a68a0036a72d2bc897100ed09fc7879c9cb237424195c9d684c02298ad8ccc31861ddd06e2099f72d87b6e1e928963d22d3d40876fe1d0b146a41a5740489ca460a4c4ca86ebd599b7f0746b8c69c8a1f2ec90eb1698fa47f8eaed4810702df8caa12fe7e26e7ebbca11aa2de9f3169a8262c0e3c205a708f0071401aa8de09d28a5a6e590ebeb476341880c37bfee1a501229081eb27772d07b371a5b0c65100f34a25a2f0ebbcb2822865cf22aafafe08d51de7949ec242ed9cee8ce861bdfe2b0aaabf92150b59d173db6a5bdebc9c836d3cd6e16658b4f8533f35155858b47ac3851abce5aa516a2169fcef423065ba1176b69c28416d7101ec0a0252270a2a9d3f193802a084955998eda77d5d42f4ea52f08b8b8653a0cd7d7176f834e982bf5f26cd16f5d89a43eea549384c1b7b2058ea77382e50cce07bd438f28637c9526da842c6b137c008f58c9d1a03d995da100d27d6414b3e616e9a11e725de487df20760bcdd8850d0350a6dcc8c628b4003c1650ec82b3f79dc2bc97f1ac4476975aaefa081b392c235887ff5efa0a57cb86ff788c9da15504fef28636cd30d3d7efbb719a39fce077d6c9c3e327a2ab3b77da6eb4f3f080d4e4ef63b23f1e42295617fd04d364cc695208c4f5fd7641089553adf5f4262d962b0faae480812404344116d865f5328060a17cf7da199b8b55d7b0e03cb69db117dfd65e1ffe0be0f0c339757022d555694056795bf12d6c3ff311d42c2673ce61dc708f9be96c58222aef6c608207410251dbeae1917903ca223b7250fa22366f8203e952d7c7c22ec4933de5775aeb924287dd097ef0ea7ad1a82b29b63b91b76d0afbf34da0c7ad3cef6a4d8742adbfbef4b0321e4798c8ade26f34cf1258c009e047ebbf79c0f4003e622736411fd1137d1509f3cf973a0374cf00b969041fc53e5dbaa1c556b99b2ac5f118f8aa8cecbb6bef940b5e557ed9cb0c19822c3d4b7f9dce9915f1547a1f063983bbe639a72a3561738d66917c7bd3b54400299ee92e98c609ee195b3995937f2b1d4b6ddf3401fe16c8388488e5899aed6594bb4ac5cf0f88b037444618fe20539f529ff1734214023e5c9520a14d3b5a24e628ccdfb12979fef3961c33b6cbb1a494568a628641aa724b49e039aef53eb0a65e0bc6ef92623ca6c748505defa9ef7918168c3f1593e67d1924191f86ffbb5dc17425cad8e5fbf95e470943fac0b2896b024aecfe331d6a9978ba2f3f018764f99276e37b59bf33d194c9197b8aa03da5ea49006a2c89bc316ab75eac08b7547ce334b9e851f91eb7be1a3ee06c3b1e7f4ae129f7c4adba77567b1e4c69cdb4c1e2d9beae532bf2872f6734d7e9e5945d80bdca15b01c1de1e88feeaea92d0e4f1df0823bc1ea57b6655a8bb0882247a74839514263372ef77d6060314b77b99af0f3852f4296d6cbfc4eb418cb93a102fdde500c5291962ea186e372c5105f2c086d37f749c3c83e50ce4e6f289c28f70e3766e1f2bdcc0dd18e18e1aa995778c0c82b024bf3d4940f53ab2223be47da15bed651e80e390ba9c0511c60754b17c69edefecd99545384696ad0416ca64290ef5eea972575ae86d82c719b26a27f664bb43b4346f0036c99fe0816499cb70c43410a84760a7cf5301b9f9f4fe6163c694b56416f100a044fe527f6b7c3bde4452d3044825fdd7152aed4f1338e82c57224be4c843cfe0805a0be775993bdb58f83fa3bdcfe7687da46d04584143b7df0a0f1c928ef55c455c14a2c81853cfc6ce5d6eee85eaea511841fe0b41fa6e26f709f5bbfaf87e5aac7497ac220b22577b344d227090c55a2d6f27745f96b8f38f40558dae62ad89f133ad6bdfec3cd3a8cc29a3b86061608c0166dbc49efc107abc264ed3ba5098d35ace4c767d8502fc2ee8b784e2272bdcfea287989aa44361854e479089d150fcf0e1960f4666ac206174a7fc9f7d82c66fc5c102131755eca4b7c00e56977911fdcd92d4d04598bb6db3bb4a1ecc2ef25bb6d12a90bd0ec220470074a90adbbd8a7c88eba28b8f765b8f3a93e77df807ca5dff3999fe358c01e851eb0a923da69dd5bf7c45a159f932ef6e0283f6a5aec5a29357b64294f14f81f99b0297697441c081b03fedbeebfaba9dbc79a1008e526dd4ab70f1f19a13f941ab188125d07b2514ae1ad986f4bcda10ec51e5d0507ca60b5e4e73152e553a7144d5b83a6255ecc19f5dcc78bd7f360fb89429dc9b48358097d930c8561b2bd18dc0a470d1d6fed0ab912e5dee4bb6e148c9d7ed18c0027b7f9791d1ba6fb4a9af61ae8ec5064189f93d66fd2f2842d0c57856cb6eebf6443e12fcfa0158bd40d1403c5ee8ee9e34b2e9de20261fc222572a0e3e46d1f722fbd2da09d4df2edf1ce6b8a6df95fd18fd1efd8e7e371e202565670e487bee5fdf5d94c7da0aefceb8da882f5504477e03622b0edd793e1258b4c9021bf0c441113d90fcbce3e955cca416c1f04162aeec40d06aeceb0b40179c9ce468385f11b9fa3870217202bc80cdc824585638f0df3d546852976bf18ba7487ad65ca916011af3eab2be234afddc081f364ab08c04e320d1b785476fdc5c358d0e63899a0f27283417cf35486b593d7b3226b1c984b99a6cc5bc88003143cbe4b755e6e30ba94114f7ad1efef2ccce00f3f125f187472b03224414edb2e573497a3baa3a1e26a553fa61c8b4b8be257622b3f34a34163b5c7625d57e89c99382ff1cbce77028bcb9c9f219b2e8b7a9a56675031db4ad33416a67b2fadb789558ed0004322836ee0d0c68fb3fa83dc255683e3db12f947978a51392abd378df93edef6a":"b9c0384217f755b7392a0c9adfbea180e16a45f77ac535a42337eb8ddf3c854eb92c69caae0ee2aaf72cbe24f5b6b11dc985d7c8003c8aa0663c8d4f269fa9c2" + +SHA3_512 long #58 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"993a3df248d8a14607a75122f59986a73c80d6e245760851287c27a36761d5c0dbe6e209ee1f1de10b1c6a6c53c9159692136658714c7637edd1400d07eafb0bbdf1a8ff3ab7e7d34a230e56101c7c40fba92b70f6578577dfdc795a3bf9cd9428a5b65b9267a624aa046569945a63aa608c4db23c5fde1be8e4f8146a58f362024835a560f802dd1506962c484b71deaa02f3a6ac2c282aef33e5c2fbcd147d35234c660b33a5057272ca2892b64fe3bf5445d5ac850caddb0f69ed5821d8eea77e2424fbdd34a4a99028e3db65a5c189ca6cc6a53432ab96c1ac1ce81ce9bc42a1e46a98c15ac3a1a8d9e78c1e1a80efab900100ff412c0790d5d71385ecefecd3b5bd4aa6bd68440204bc0baa5629d841d80f23afe23916c60ca741268c908f5dbfa77953059e79e6d2e8c2d102c42ed26d77780cbcd8abaa7b12dac56fa6128729af8d91db6a289b6bf5175ac657d8a777c165dd7814ae8347a2462b3d395d991c5eee28e7d6396af66b740f49ecbe081d7654ecbdf2079a9bdfee209f5258dbbf3a04e0d0e9959b9bd040b6348ac83c871dacff347c9f379d50386b3cf7eb953bcd38813eab227684aee3182e3ade8dde3ed5df84b95ca1757d8dd6be33fe0eb79ff0d2db25c942d68cc5fde003e8414a61375456b127224cee5627ca0b798f5c36959c4c5e7349bcf34e2df1edcea1f20f3a25526de9004a2cf9270b894460511c90a73c5e06d15c6ae66f0a0078f5ffcf461c1ff4888496bee09e26b447c9bfd947bb512e6c23de79f58cd345ce85982ac3ff664eeef6592c7154c6946b12cef324a033d58b876ba8e34df3c3b998e6a71997ce84019ebaff161091329682a5f48e1d8b5b4d442b80187713821f7811ceb0ac009dabc3e2be369c2f95b1626d64edfc01c998a44588fcd5da8bea6b4027f006a3a1d2aff8f138be49c5a5fa4dc9a8033c2656ede148f72ef1e500ba9b3b426c609960a82520863f87cb58926ead29fbe57a6e6829497249ff984bad4b910ca7df8c3cf791d487e690aeb472f897d7aba3cec85d4312d3efadadb18b78b1b780c7824ee46394a37d0d76a0e212101add1f294c14572c84e8a32b1c9e4924acbcc1837eb6c4e942caa52c0329e49f5a570193e2d48e1debfc881a732ce77152267498b4b7db5acc9701d7c79097ccffe2f01472e70f6f72f305839e7e7a20108589c8d82dd16fa9aac87fd35f531f714694b5e49303a98094c16d84dc29ba50a0a71cd261cdb042cba32c0fde3f21194b967d202192547ca865e00f8d1cc67940779a8a9bf8a6fdc43ae7635484595db99e750ed9e3f7d0f798e426db7cccf32da04ce92379d8435c34b7b70b494fa65753a397021f1ae3490382b10c7154252fcb3ad54079ce7d5a3aa5f349b78c5dee5e11a1e56d461d664dc1996922e7790ea06b373b20111187f3b8ff57f697e84666c715cbf601e6161faac43ab80c5691c6e7f85c952869ab08f8c37d2df8b12714cbdcfae2d6a62021431bc75a4c2482e6b6feeb019beb8e206d280285381e591027dcbb584ac54dfa968657312e4ca7a7e133308bf301f7e420143025de99a301e3ff5580e7ab6553abee34653a34c8b26e7e735cb712affb18704d357289cf90052c128334c130d38839a41df845afae68c6fb9b6f857f0f5d25a2df7d56a364974b3889b96d75233751f081f1e72344d4f51171a4c42dc5f81a77498667e826a04310b9ff18feeac01c60baac83eb1cbcf2fd06dc3681c7f036149b1526657d29fee23c8d2b91d129843bf0b17fd0dd27a50781a24345bd4d63c0feb2fae4123963f63aeb0cf7807c70cb4a89459a301ef6770b7b533f4e1888c49ae64b2b8cd85a93daa225f89ec1c756f1bb3b11bca8cd94cbf1ce3823588c6896388204940ecb024439dd5bd3fe73250dcfcbfc2acd12a7ea8b1df9e41559f41a310535d2e49e8ca1389beac93d5b80c54e5c252195adf88fd2a6473857d6b050573d86ed61bb771928c96b258567ae41bf55524a0986cfe34cd2edc727ebe45e3592c18e8e0b0bd390cea792df7ff9aaaa204c4d3086740e8309b13a8c80d76c506dac5c717492f8f81266b6518ba7289724dbd113932e37ffb45d398f7dd2a33234110015df52afe8fd6f39e67301e20fc9c67eb89647864639b76b37ca1d2a6251b6217f359421e9f78cc4a31f4f019977d7fd29780524e20288798c50002a682a6368b95ca075826883ff9278d9acbe96d4f66e1fb1395b75970a96f5c3cbcd29e27cca3ebed43cb81d91ba64e60c058e86108d7592ec37fcaec75ea2ad3418b4fa07bac236669e4f222323ccc049f6c8b5f49061f26600fe9358eb40078ed13572ae91cf4f5230955a5cd699ad8a19aa294a7eca17cf3de30f6445b519008013131b584f53c17af38de5dab1f6f7f79da9b9609a4a4e7712ea9375eb2bb3aeb6a5f6172988da05cf826537fee3b9170affe93db8d30b35f5ec8f82c885cfe286f0e6d44537c658920285f667bbf80157f1831d0cfa2ffff3ddfd74366f7ba5ebbb94998ba7acfba5d5ed1ed3c8db3eee482f097e07e25d748488541c30df7e4dd0a86de322b5776ec344b72c508b5535cb9407f6414bd8e0aad629611124f514f5c95935ee0953579432ca599c30ce96445b225cf293f7a0178ffbef5a7292a8f39f636954cf17c70f615d42f4f13277792b5f9860e1431a935cd2ad53f0de7191d396679c304c26fd767bcf9ff6084234adc892d35e43b7e6e5b78343c760d8990df7170e5379db261c29e8e768d85e3b89643395327fdfd7d1b159741ea043d1f49061f261265052f97175126f2b3356663b61ed847ffb30c8c9172c1e271b0331682e8f81dbec49b55a5e693287294fec5605227ccc71b77406a6b4ef7cc9f56c87642edc2117d2f9ec8b34da77a8edc4bc087d44edab357a70ec54b828b3704cf6ed17997f39b76d30e4bb8e8018f796755046016a0f71850fd253a2b1433b79bcaf92e17ebabeb82d5245772ce136098ac7c5decc07353bec40fbd4a1e0209ce194e7dca403b082ecbb1cbc026b72c60254410199fa47440e1f92767ff1e55d6e835db17c7a5475730986878a1f7275e5de04925c5070497d5561b2d4e053636a633d898b887437cc22ccfd4d6300bd3c4f54ba9a7078f242ccb0ae27143257dd1ecf8b5b95d670fff03648d2a0e2":"d9b7d7f2ab02c4229f0cce5a02939b5ecd8364070d1861c72a5590a9825d153fe146f044ba8fee3f26fa3923b0a66d751fc360b19a43e5e3f10b6921b8e4097f" + +SHA3_512 long #60 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"b7571241008d792f0e1be9cea346e4aae82967db6aaa119262ad88f1398819204bb69e9deccfa5d3a8b7ceefcf1675ef320991fb2718dcf9d367355ca830423c2c7059acfce1a1481129740d4351086e0b784fa38dc91b45d6aa861862369128e1ee0b173aabb5b5d1d8a3d106dde54ffede677ba5a6169df3de44ce6f834e09f2977c85ae1628426e2b23e21fa454bb90a4a22a7697152ab36b3725d8fec10ae8d2739f5f084419728cbbea998d9dda4b30c85908855f139dba27c6a48e31504a09ba0d556a4f5f6562358e797f07d3b6eba1af64563d813a31dc58db1de806a0a317769825923fcd145778c964dbcf593df4d591f4f79c10391d8486922c5273085382311f55df340cea50912362f5bd8f8b729745d58ba93bb4f2abd4465c499f36da2742e06721b1b5bdd7a4e16e69472c2f7f331e778d9d674955cd7e4dadd2872682757a001d6b8268a5cfa361e5cfa0b450a51c8742c9ff3189641b4d2408100d4a9f6cd2afa217f9028ceff7ba8dafa8128215e4522544545181678338aa973888aaff045fbe3d17f7c30c576feb20b4ceb452b5451bfd57b40ca818701ee54f447d78beb527bc6a8a5c43ab8c4fbd7f8b221b23a111f4e5bbee273454cdc2f98400222a3a465c9bc53fdc189a234cb251b4b856f071efa46c0d2cfd6d1ff5de521b446d7581e552b0541fc820ce96f428527075b9a2b73cd152fe9e427d48a7b5b625b2ee411e36528453e3a6b863ee19e48ca9850c1456f2a5e73d5c4d81fcb6b90e1f2eefd0f0b3b5c290b4497b472b525419db17cd9ad5ef2d0341f869845b0c47dcbcf1c328dbd0b2f8d3e9a5a8678410ee432bacaf841619177be7c8e8ae98181220b1bf85d3be6c438a00abb9d363084f45b0773e0704f3a1928166d0b743c9e9e3958cafa265389862f653217ad584656a0ef7ee649f03cb0c2d0ae27df6a1888c07f14f50af5d1fe233668961c3cb5739adf468a5d190bb73557ec9089ae918a36eb80de6832502921fab989216264e3bf63653d281e4994e60882b6015eac0b132a7906bc8d666fa23ecf714b4dd72f64f8458f197458e26b6f1b18e51e9a93dba8781e768b975a3a5ef4def8738eaf421a71f0cfafcc282bf8002993431facf701f87624a1657140f7d432b767edfbdd5684f2a94515ceae2ffc789a809dcefbb394be5563534d5c75e81d168f978d7d18d90544c8b84e68a34a76694b87726039b7477745d336f375aaee947efdecc7fde8c910af464ff1ce94b39df87f2fbb10eab218cd87c69c5397279faa938244625e8e9b6d221bc01e45a0a73be76f72b5a98ea86ec384bdbc2778b696faf658d284f64396ee6a6a1ee7ddf37a52aa0da47e2da4ae28f9ee0be62267c896b19beb0670b7910d94364ce5cc213833781269d32f9c102a8e83cf6de531b3e93c74085d8e55f00221eb34e9ebaefa2c41f78232f50d193acb4562f91192ed750f87b6f4bfad385eabcf434ebcfb348fa0436a282e663dfc287983423809d9cc933d7366853bee859a79149ed0a48be01b7cae3d2c3602c13eb69cc3d9050d52700bca1d6f706729666f0554972944c00c09aabc8f0aec3c76731be87522fca91e7927a3eee9568ca817b20aa1080391fa810c50c7437ec058459d3a8cd23c33071c187474151151c809871b6eaf4cf88f592f84557e1eef5c847d3490912072b25b1919af724c0b5ecb111150bd95460328a0b1ba29613c0bd6486110fe6dfab8cca5fde18f5b0bc4d2dc970781511d2e45fc7385c3da18eeb18b3a9e68593d82c75bbbcadab2e5a29745f6f3a924e039579f4418dbee186d9cc24b896d96bd990186bdcbd3082b70aee9bb95a36531ecc405ae13d011bd10fe69fe728c8aed73d1d38e5506bf4fa770347f7e0eb6749121cc0be75ed979615d0eddea33ca6f9bdeaea806e44cc4cf91b29d0d298d3acee75ef803c6c9cfe74f0d6440f1c996896e9495420a351d4179e0bed3a25e071e8b3b0d09b667331b3b021c17550d04b53801c0a6d70ccbb59f4b3f51f79d3bd883ec95699c165565a7798ffdcbf93cb79192d495e9385284785e9918a7ef7bb577e02b93e66b896f1ac01a34c532a10921b42bafaf5c4446ab97769821b9390dcdc25a1923db41801b92558cdf3dc4126ee2404497cd13649f924240f38ee679fbef8b89e2ea3051105ccc46887f287bbfa9bd05311f3276cabb76b39be5166298d45a36922cb84aaf8bd8f24f8b409dba66fc6219d743f5c39f9e5099304b501b2d20dfbff76be53fac2620a2c6af00d5c678dba069aa5a009b23b86a04f7daf93679c5dafeada9473a1e5200c5c63da844cce2636ae82c085a914b9cd7ae6bc9acef896186f01f5cb23bf7080d28bc884e6306e13f7fd4513a819a803cc17af2ececaae244f5bff6a10980271138f61c5fd5c9987bf3fb61d75f25d288e3910b62ebaaebad00f39b9301adcc568982daf59f9af794c709b0ad946e0250973689cb76f9dc13c462c1e4beb086619ceb3abc1b0b9d0e8b67d429cbd37e382ee3e4731928323d9275e0228b38e3a6e587b1fff29bd76d93ce22d86006c4944d11a1f64ca69c7f0db59ce901b742bae5f0d74d90bc652672855335fb7873e9645848c17c05695c889a5e84bcac420230af21318ffd94cdca35bbcee8a8eacbf7205f6141c5275ab5ac8ba216a86001382b16284ac004c7ed47e30fc1f8b7a087f24c52185654fdf764caadaa0c0b5c7eed2cbe4bb423a97e445f751218590b9956a6107a3980bad04b9223d167c268777ddb501d3a8fe6dfa3879b53685d61adb5e338d1ff2915d2c95891374c13b9b455b88a49d3881483fe01ef0069234727a88a17da17bc937186a47246198dc4a7fd4ab93c0fca972dbc44fc93ab4920b9970149ed03c9c83edbfc4388607f1dd4ece8897e5fc5f32f56d720a7af3d82b619ff5b7553cf088d61d67178b19629cd9d38677b43f8ccfb561f1796d58ee1bfa9caa91d784af8ff90b9a8817d317cf496a0dfdd4cd1692442a32dfbceabc238bef9df4ff1abfe07e11c555d23ff9bec51c85efeeaee7c3ca509f030fb22a8a3c2134a775080ac38eb74e446664eeb1766f5616a9ebe5aa6e599eaf0cb6219a37b9d974e056768051869e1e784adfef83ede93aae8afa8e59cf99a95e008799a13ff321e90aed5eee051daab3fab5c1151ea423a4960db9b339f7baab9846d0a53bea77372e56a68dbd33b2bc7b566f5489f09834140571a32020aa9c8444876836253e73c998a1583449fc3ed5ac4167b63662060eccff":"a3e6224e7cc986c44ba987f70dd90f08cc77e36ec717cb07f9c831c0770bba22b88e9d4e86e994751718ee0472b2ae7b1c1cc8c832f5118adc896b0f05fb3c14" + +SHA3_512 long #62 +depends_on:MBEDTLS_SHA3_C +mbedtls_sha3_multi:MBEDTLS_SHA3_512:"e78360a670b2c0080307cfee5a2d20eebf117dfc66e7d98eff6f86fe8c76a92f709fea73c96370ac00570cb29fadb4f562fe34649047208d8b310d05a695000a383f2767eff2c79866ad762ff92d8a76d8b3d1565a07837794bd74a92bb78e8366eb7f498766af135c91752c11b48ab948b8be9b6b31e996419c25b2c0e43ae1232c5ae33cc80f670a8c71738e4a9c05db9661fb6dcc3c30bb5586e80f25ec6e968820fbb31fceda9925d2ca19f7a8a4b8d4243d05e1638e2a700112c0818c70e889395a9773d6b531e500fa5ac496dc09fa6e2bdd7746f8b575fdfa7b01033040b70ec88ecd0e40f95364cbf8b84ef6f391a68b9d96cdb584ede266e7ac37f6c799050d40345ec21af764049cdcb939a0203626ed46e00fc060171fac8a110aa4b787f057b0ae85bc59696fed36bdef382f85c47390674c915406ed73a379b30099fd3a7849e6cf0502dcd294d1435ee246fb2dda7b4ab51e531697e400583a03c8cdb34d08efe9207923f638b234d0c7ee0028c810719290e4afe7a6a894e7d4cb61237ef4af1b3346a8a382e3768b0faefc7ee656c42b0e9039a362a317029c2a1f52b3150fac67f2d1a0196bf3d8e10f57f7db552cc7c1dd1c94bffac7d3826e71089374f7e6e30408b7a75291fe6598795b4f158fb0d155c18266b48ea2af1ebe0cc618500fd004b4aed1a03a47c5d1cb72ec9fd72c65808e35fed953b64bc26d27f50a0070557a3c4e415ed5f92642b30457faea84a5e5ec743072fe587de2e821c850f1519bef0a5f9f944a5db3749ad83b2eb200ba0c4408a48576d06d0796c2e6f409fac9eb85a9924881bb91eee9b73e4415e7cc7dfcba011da56644b8dfd1f8fd32b208f415f3c384615beb3806690843fd8302c17e50ef3f72622a7e2b18a57453c280942207da4fd484e7db5bb64233511a855f309218f5c50b46e0e25d96605472585214ab7eb2c27fad5e4e66941cf9f57ddf7c4a214686aac1666c6972c91c0ab9b654a857b3119566494940a507dc5c11cac93eb53b9d87c2983204e2b895d2ca4948c60e5daa0b3a25b30d1efbe49669a67e377adaf3ea72ff9af58e33a612b49259cc4bb5752c5078f495a601f8edaefe05fd182d6e1bf9220d061d4537119e1aef84b5c55a3fd1cd74a0e62000a70857c558383cf7617e89f4fd38f33118b16773b4f594428be4a99af68660e50d9e3b2610820d770629bdb5a386477a6f14034b25b32a1359b296d05e2dc98d67993190ec9dabd4502345bac0b048fb5ef076e19f9690b7f1631b7ea28364e1fd20c26bb6321bf88894a9691c5dfe9c2d6d469cea46cd149b1ec10a883238c9165c741f34e866c9f5a4722c7e36724623b2fde3cd6ce9149f0b0eddd9df4d2efc75d2142f689531e179276ab0e2abdf89e8222011b0ed9e44538c5f5c34acf6f59261b36e59b017923e508a780ab150a7363eba7eb9e099d41ec3f8dbd95c0b4adbab62bb64bd62511976f69f568d82c5c5d819dc30caef95933a111c7665534379378adc31c6fc66322015ed6d465c2bbd78a5f3bcb387d0db7910e9b2d0b827948d949a67d2cc19b2d64f29f8e4c52145a7c68b06a449cc1d085f0835a421405336e6bdaeeabab2c1200c1d9e70a7ee85ebe46bb5a41dd382706441a8e975d4dfb9ea0db015ae788687b48f08f1e9dba6cf675c72bceb2b3238895eb3a89e2c609e0752125b90b42a92af48de6f7330d0d8b726e5f39b1d54e83525fde88390fd6ea4537fc448afd4ca6610c7f32d352a903c91b55115f11108cf602fb10c47deb02bd99d59bfaeadb53fae6b83ff31dd7e5e658bde41ef9021c1d5f00b219b2cec03ac1421dbfcdddda3ec732ad16e102a86690ea3085ffaba724de9ffaad20faa94948d2485e08bcafb9087ed8b32ec1d1a66e7a75088765c4a8fc2948f35ae734659b06ba6a1e002ad634ed615c699de8424bdf203b32d8eb16522d3b80c32ce81c224fd2488030f232d71ec57723ef52a6b398d072846d80f95b1c20e9fc244ad9892e3e9dd1c79c3b69737397d04eb7603037f462feac2cce8186c7735875c32a3a123dbe855c6f7c569c0a4311247ceb3c2d0a61041d55026ffd6dc18a99e78abfac7e4f0d48026248f8e7ed491919c441e891112729804170d0a268e4f92e87844d6eb3fc12eb799b0a9b1afa852477fc1b16e7ea6944e82eb0f3be0a1c1e8d12859d71b455914ed741a230a801037295050a59c044f973141ed0556c8b2e1804e5792cd8888a4e885e8be2d4056d40d766f9db4b55348eab6ac6b37eced3c4b5dd8039cb143cf51881b685f11a986f2d914400ee028c776f25554cd34fb5ffbfee512d2e813fdf228bc0be91b93b59f214a75f2ae547e9d9ef0aa5ec963b458d884a7b6577e96910bd28e13859bc9ddf71624a74761d32662835433d3ada12994c0aa8f230e02f7d965d925784a2a7403823576d2d730dbe5183a9479629038d99e03a6774baaec3b7ed4671b26402cec9591a7773cfc82d0b644c8e309e84b50289b4379bcf437d823672197b974cd5a571e82601a9fe4ca665a193a2a112ba06558ad51e949a25a5f7a9a138b2c1ef7d1c54eb2f881c97c2f64cda64d73a0725d232e285a12f36637f51bb822d1e8680a6f55985f0af98d194a2d4efb76716e19e50c2698b5f3a7b5c0ecad08ccf3580a02dd38d6a23ba62cf4815bbb82683ba08490722a9c6ac2e0c3551bc583076dda682fbae5b1586f714a11f416ff4b82faea0235982d2062c0e79e2adf60ec4f81879347149f198fef3524429355e3ea30fdaa966bd2dc2d5e120e01e0ca69a707495007ecd443afae9b046dbaecf81c49a7cfbe2af268cbc12deec95029481d7594b021f4b8a176b766f79c132c52bf4dcebbd45df48ae5f12186a9b5e44f58d252f9bdb4b3fa8d117c46f7277eb87c455cb4018c420b23f7d41eca99654701266a7405b52e159bc4c739a77d48f3fb3838036d4043b22cda30fe548313f7bf7ac4691f7e8fbb49d92d17d49df3cce32e4af03f005f49a9a21c6e6efc56293bd54820339840b43f57982aa510e808dd2f7ac2a055fe9641587fb5408b96a31d3fdee06a89a7c82446efb8435d8e729044b0c3b7c688639d03431cf3b83b2e0cc06ef3ebdb2ebfa1af1a0ad60c4cd1a574d439addb657664ab4febaf0bad92b061e09fdf153c605d99006885a68cecc3c8ce6da91cfe973f588b6a9b0d5597b2291c2d6ec03874010c8b1978b2b58c934686a7d412b990d613dfe0e0459905ba210ae5bf638cc33410a267d8b82f79bcf8e52f5544ff28d0e33397a53be2a36f4f930efb869f159fae2d98cd40617be7e6d14c553a3926d6d16fd51378993a7abd9df149b2d932e9ed15f57ed3b55abc173347fc7dcd538fe47be3":"cd4af24388fcf4481291f864142b6cf011bb4dbda0c31668a055f8530c253b9bc14b8784e31a1b32870c9703314308d1a79fa557da734b31fcddd874728b1a48" + +SHA3-224 Streaming Test #1 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_224:"a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3" + +SHA3-224 Streaming Test #2 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_224:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06" + +SHA3-256 Streaming Test #1 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_256:"a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3" + +SHA3-256 Streaming Test #2 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_256:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06" + +SHA3-384 Streaming Test #1 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_384:"a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3" + +SHA3-384 Streaming Test #2 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06" + +SHA3-512 Streaming Test #1 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_512:"a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3" + +SHA3-512 Streaming Test #2 +depends_on:MBEDTLS_SHA3_C +sha3_streaming:MBEDTLS_SHA3_512:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06" + +SHA3-224 context reuse +sha3_reuse:"41":"97e2f98c0938943ab1a18a1721a04dff922ecc1ad14d4bbf905c02ca":"42":"b60bd459170afa28b3ef45a22ce41ede9ad62a9a0b250482a7e1beb6" + +SHA3-256 context reuse +sha3_reuse:"41":"1c9ebd6caf02840a5b2b7f0fc870ec1db154886ae9fe621b822b14fd0bf513d6":"42":"521ec18851e17bbba961bc46c70baf03ee67ebdea11a8306de39c15a90e9d2e5" + +SHA3-384 context reuse +sha3_reuse:"41":"15000d20f59aa483b5eac0a1f33abe8e09dea1054d173d3e7443c68035b99240b50f7abdb9553baf220320384c6b1cd6":"42":"8283d235852af9bbf7d81037b8b70aaba733a4433a4438f1b944c04c9e1d9d6d927e96d61b1fb7e7ecfcf2983ad816b5" + +SHA3-512 context reuse +sha3_reuse:"41":"f5f0eaa9ca3fd0c4e0d72a3471e4b71edaabe2d01c4b25e16715004ed91e663a1750707cc9f04430f19b995f4aba21b0ec878fc5c4eb838a18df5bf9fdc949df":"42":"7b637bc5543d96f49500aaad3b27d8bd37624db23d415c4d0f3dd231e9b9fb061f39b7d8561c540650de8bef02aca43a2069cc2512697bd34f2244ee732743a9" + +# Test a subset of the 12 possible cross-size context reuse, with both +# larger and smaller hashes. +SHA3-224 to SHA3-256 context reuse +sha3_reuse:"41":"97e2f98c0938943ab1a18a1721a04dff922ecc1ad14d4bbf905c02ca":"42":"521ec18851e17bbba961bc46c70baf03ee67ebdea11a8306de39c15a90e9d2e5" + +SHA3-256 to SHA3-512 context reuse +sha3_reuse:"41":"1c9ebd6caf02840a5b2b7f0fc870ec1db154886ae9fe621b822b14fd0bf513d6":"42":"7b637bc5543d96f49500aaad3b27d8bd37624db23d415c4d0f3dd231e9b9fb061f39b7d8561c540650de8bef02aca43a2069cc2512697bd34f2244ee732743a9" + +SHA3-512 to SHA3-384 context reuse +sha3_reuse:"41":"f5f0eaa9ca3fd0c4e0d72a3471e4b71edaabe2d01c4b25e16715004ed91e663a1750707cc9f04430f19b995f4aba21b0ec878fc5c4eb838a18df5bf9fdc949df":"42":"8283d235852af9bbf7d81037b8b70aaba733a4433a4438f1b944c04c9e1d9d6d927e96d61b1fb7e7ecfcf2983ad816b5" + +SHA3-384 to SHA3-224 context reuse +sha3_reuse:"41":"15000d20f59aa483b5eac0a1f33abe8e09dea1054d173d3e7443c68035b99240b50f7abdb9553baf220320384c6b1cd6":"42":"b60bd459170afa28b3ef45a22ce41ede9ad62a9a0b250482a7e1beb6" + +SHA-3 Selftest +depends_on:MBEDTLS_SELF_TEST:MBEDTLS_SHA3_C +sha3_selftest: + +SHA-3 invalid param +depends_on:MBEDTLS_SHA3_C +sha3_invalid_param diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index 60dd3c873..629e28100 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -2,6 +2,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" +#include "mbedtls/sha3.h" /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_SHA1_C */ @@ -148,3 +149,165 @@ void sha512_selftest() TEST_EQUAL(mbedtls_sha512_self_test(1), 0); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA3_C */ +void mbedtls_sha3(int family, data_t *in, data_t *hash) +{ + unsigned char *output = NULL; + + TEST_CALLOC(output, hash->len); + + TEST_ASSERT(mbedtls_sha3(family, in->x, in->len, output, hash->len) == 0); + + TEST_MEMORY_COMPARE(output, hash->len, hash->x, hash->len); + +exit: + mbedtls_free(output); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA3_C */ +void sha3_invalid_param() +{ + unsigned char output[32]; + mbedtls_sha3_context ctx; + + mbedtls_sha3_init(&ctx); + TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_NONE), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA); + + TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0); + TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 0), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA); + + TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0); + TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 31), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA); + + TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0); + TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 32), 0); + +exit: + return; +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA3_C */ +void mbedtls_sha3_multi(int family, data_t *in, data_t *hash) +{ + unsigned char *output = NULL; + mbedtls_sha3_context ctx; + const unsigned int block_size = 256; + + TEST_CALLOC(output, hash->len); + + mbedtls_sha3_init(&ctx); + mbedtls_sha3_starts(&ctx, family); + + for (size_t l = 0; l < in->len; l += block_size) { + TEST_ASSERT(mbedtls_sha3_update(&ctx, in->x + l, MIN(in->len - l, block_size)) == 0); + } + + TEST_ASSERT(mbedtls_sha3_finish(&ctx, output, hash->len) == 0); + + TEST_MEMORY_COMPARE(output, hash->len, hash->x, hash->len); + +exit: + mbedtls_free(output); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA3_C */ +void sha3_streaming(int type, data_t *input) +{ + mbedtls_sha3_context ctx; + unsigned char reference_hash[64]; + unsigned char hash[64]; + size_t chunk_size; + size_t hash_length = (type == MBEDTLS_SHA3_224 ? 28 : + type == MBEDTLS_SHA3_256 ? 32 : + type == MBEDTLS_SHA3_384 ? 48 : + type == MBEDTLS_SHA3_512 ? 64 : + 0); + + mbedtls_sha3_init(&ctx); + memset(reference_hash, 0, sizeof(reference_hash)); + memset(hash, 0, sizeof(hash)); + TEST_ASSERT(hash_length != 0); + + /* Generate a reference hash */ + mbedtls_sha3(type, input->x, input->len, reference_hash, hash_length); + + /* Repeat each test with increasingly-sized data chunks + * E.g. start by processing bytes individual bytes, then 2-byte chunks, + * then 3-byte chunks, and so on... + * At each test ensure that the same hash is generated. + */ + for (chunk_size = 1; chunk_size < input->len; chunk_size++) { + size_t i; + size_t remaining = input->len; + + mbedtls_sha3_init(&ctx); + TEST_ASSERT(mbedtls_sha3_starts(&ctx, type) == 0); + + for (i = 0; i < input->len; i += chunk_size) { + size_t len = remaining >= chunk_size ? chunk_size : remaining; + TEST_ASSERT(mbedtls_sha3_update(&ctx, input->x + i, len) == 0); + remaining -= len; + } + + mbedtls_sha3_finish(&ctx, hash, hash_length); + mbedtls_sha3_free(&ctx); + + TEST_MEMORY_COMPARE(hash, hash_length, reference_hash, hash_length); + } + +exit: + mbedtls_sha3_free(&ctx); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA3_C */ +void sha3_reuse(data_t *input1, data_t *hash1, + data_t *input2, data_t *hash2) +{ + unsigned char output[64]; + mbedtls_sha3_context ctx; + mbedtls_sha3_id type1, type2; + + mbedtls_sha3_init(&ctx); + switch (hash1->len) { + case 28: type1 = MBEDTLS_SHA3_224; break; + case 32: type1 = MBEDTLS_SHA3_256; break; + case 48: type1 = MBEDTLS_SHA3_384; break; + case 64: type1 = MBEDTLS_SHA3_512; break; + default: TEST_FAIL("hash1->len validity"); break; + } + switch (hash2->len) { + case 28: type2 = MBEDTLS_SHA3_224; break; + case 32: type2 = MBEDTLS_SHA3_256; break; + case 48: type2 = MBEDTLS_SHA3_384; break; + case 64: type2 = MBEDTLS_SHA3_512; break; + default: TEST_FAIL("hash2->len validity"); break; + } + + /* Round 1 */ + TEST_ASSERT(mbedtls_sha3_starts(&ctx, type1) == 0); + TEST_ASSERT(mbedtls_sha3_update(&ctx, input1->x, input1->len) == 0); + TEST_ASSERT(mbedtls_sha3_finish(&ctx, output, sizeof(output)) == 0); + TEST_MEMORY_COMPARE(output, hash1->len, hash1->x, hash1->len); + + /* Round 2 */ + TEST_ASSERT(mbedtls_sha3_starts(&ctx, type2) == 0); + TEST_ASSERT(mbedtls_sha3_update(&ctx, input2->x, input2->len) == 0); + TEST_ASSERT(mbedtls_sha3_finish(&ctx, output, sizeof(output)) == 0); + TEST_MEMORY_COMPARE(output, hash2->len, hash2->x, hash2->len); + +exit: + mbedtls_sha3_free(&ctx); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SHA3_C:MBEDTLS_SELF_TEST */ +void sha3_selftest() +{ + TEST_ASSERT(mbedtls_sha3_self_test(0) == 0); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 3059e7fca..faf44e4be 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -104,372 +104,476 @@ Test mbedtls_endpoint sanity for the server depends_on:MBEDTLS_SSL_PROTO_TLS1_2 mbedtls_endpoint_sanity:MBEDTLS_SSL_IS_SERVER -Test moving clients handshake to state: HELLO_REQUEST -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HELLO_REQUEST:1 - -Test moving clients handshake to state: CLIENT_HELLO -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_HELLO:1 - -Test moving clients handshake to state: SERVER_HELLO -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO:1 - -Test moving clients handshake to state: SERVER_CERTIFICATE -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_CERTIFICATE:1 - -Test moving clients handshake to state: SERVER_KEY_EXCHANGE +TLS 1.2:Move client handshake to HELLO_REQUEST depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1 +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_HELLO_REQUEST:1 -Test moving clients handshake to state: CERTIFICATE_REQUEST +TLS 1.2:Move client handshake to CLIENT_HELLO depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_HELLO:1 -Test moving clients handshake to state: SERVER_HELLO_DONE +TLS 1.2:Move client handshake to SERVER_HELLO depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO_DONE:1 +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_HELLO:1 -Test moving clients handshake to state: CLIENT_CERTIFICATE +TLS 1.2:Move client handshake to SERVER_CERTIFICATE +depends_on:MBEDTLS_SSP_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_CERTIFICATE:1 + +TLS 1.2:Move client handshake to SERVER_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1 + +TLS 1.2:Move client handshake to CERTIFICATE_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 + +TLS 1.2:Move client handshake to SERVER_HELLO_DONE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_HELLO_DONE:1 + +TLS 1.2:Move client handshake to CLIENT_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 + +TLS 1.2:Move client handshake to CLIENT_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1 + +TLS 1.2:Move client handshake to CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 + +TLS 1.2:Move client handshake to CLIENT_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1 + +TLS 1.2:Move client handshake to CLIENT_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_FINISHED:1 + +TLS 1.2:Move client handshake to SERVER_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1 + +TLS 1.2:Move client handshake to SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_FINISHED:1 + +TLS 1.2:Move client handshake to FLUSH_BUFFERS +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_FLUSH_BUFFERS:1 + +TLS 1.2:Move client handshake to HANDSHAKE_WRAPUP +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 + +TLS 1.2:Move client handshake to HANDSHAKE_OVER +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_HANDSHAKE_OVER:1 + +TLS 1.3:Move client handshake to HELLO_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_HELLO_REQUEST:1 + +TLS 1.3:Move client handshake to CLIENT_HELLO +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_HELLO:1 + +TLS 1.3:Move client handshake to SERVER_HELLO +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_HELLO:1 + +TLS 1.3:Move client handshake to ENCRYPTED_EXTENSIONS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:1 + +TLS 1.3:Move client handshake to CERTIFICATE_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 + +TLS 1.3:Move client handshake to SERVER_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_CERTIFICATE:1 + +TLS 1.3:Move client handshake to CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 + +TLS 1.3:Move client handshake to SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_FINISHED:1 + +TLS 1.3:Move client handshake to CLIENT_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 + +TLS 1.3:Move client handshake to CLIENT_CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:1 + +TLS 1.3:Move client handshake to CLIENT_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_FINISHED:1 + +TLS 1.3:Move client handshake to FLUSH_BUFFERS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_FLUSH_BUFFERS:1 + +TLS 1.3:Move client handshake to HANDSHAKE_WRAPUP +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 + +TLS 1.3:Move client handshake to CLIENT_CCS_AFTER_SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED:1 + +TLS 1.2:Move server handshake to HELLO_REQUEST depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_HELLO_REQUEST:1 -Test moving clients handshake to state: CLIENT_KEY_EXCHANGE +TLS 1.2:Move server handshake to CLIENT_HELLO depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1 +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_HELLO:1 -Test moving clients handshake to state: CERTIFICATE_VERIFY +TLS 1.2:Move server handshake to SERVER_HELLO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_HELLO:1 + +TLS 1.2:Move server handshake to SERVER_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_CERTIFICATE:1 + +TLS 1.2:Move server handshake to SERVER_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1 + +TLS 1.2:Move server handshake to CERTIFICATE_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 + +TLS 1.2:Move server handshake to SERVER_HELLO_DONE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_HELLO_DONE:1 + +TLS 1.2:Move server handshake to CLIENT_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 + +TLS 1.2:Move server handshake to CLIENT_KEY_EXCHANGE +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1 + +TLS 1.2:Move server handshake to CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 + +TLS 1.2:Move server handshake to CLIENT_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1 + +TLS 1.2:Move server handshake to CLIENT_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_CLIENT_FINISHED:1 + +TLS 1.2:Move server handshake to SERVER_CHANGE_CIPHER_SPEC +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1 + +TLS 1.2:Move server handshake to SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_FINISHED:1 + +TLS 1.2:Move server handshake to FLUSH_BUFFERS +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_FLUSH_BUFFERS:1 + +TLS 1.2:Move server handshake to HANDSHAKE_WRAPUP +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 + +TLS 1.2:Move server handshake to HANDSHAKE_OVER +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_HANDSHAKE_OVER:1 + +TLS 1.3:Move server handshake to HELLO_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_HELLO_REQUEST:1 + +TLS 1.3:Move server handshake to CLIENT_HELLO +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_HELLO:1 + +TLS 1.3:Move server handshake to SERVER_HELLO +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_HELLO:1 + +TLS 1.3:Move server handshake to ENCRYPTED_EXTENSIONS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:1 + +TLS 1.3:Move server handshake to CERTIFICATE_REQUEST +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 + +TLS 1.3:Move server handshake to SERVER_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_CERTIFICATE:1 + +TLS 1.3:Move server handshake to CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 + +TLS 1.3:Move server handshake to SERVER_CCS_AFTER_SERVER_HELLO +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO:1 + +TLS 1.3:Move server handshake to SERVER_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_SERVER_FINISHED:1 + +TLS 1.3:Move server handshake to CLIENT_FINISHED +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_FINISHED:1 + +TLS 1.3:Move server handshake to HANDSHAKE_WRAPUP +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 + +TLS 1.3:Move server handshake to CLIENT_CERTIFICATE +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 + +TLS 1.3:Move server handshake to CLIENT_CERTIFICATE_VERIFY +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:1 + +TLS 1.2:Negative test moving clients ssl to state: VERIFY_REQUEST_SENT depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 +move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:0 -Test moving clients handshake to state: CLIENT_CHANGE_CIPHER_SPEC +TLS 1.2:Negative test moving servers ssl to state: NEW_SESSION_TICKET depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1 - -Test moving clients handshake to state: CLIENT_FINISHED -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_FINISHED:1 - -Test moving clients handshake to state: SERVER_CHANGE_CIPHER_SPEC -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1 - -Test moving clients handshake to state: SERVER_FINISHED -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_FINISHED:1 - -Test moving clients handshake to state: FLUSH_BUFFERS -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_FLUSH_BUFFERS:1 - -Test moving clients handshake to state: HANDSHAKE_WRAPUP -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 - -Test moving clients handshake to state: HANDSHAKE_OVER -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_HANDSHAKE_OVER:1 - -Test moving servers handshake to state: HELLO_REQUEST -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HELLO_REQUEST:1 - -Test moving servers handshake to state: CLIENT_HELLO -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_HELLO:1 - -Test moving servers handshake to state: SERVER_HELLO -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_HELLO:1 - -Test moving servers handshake to state: SERVER_CERTIFICATE -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_CERTIFICATE:1 - -Test moving servers handshake to state: SERVER_KEY_EXCHANGE -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_KEY_EXCHANGE:1 - -Test moving servers handshake to state: CERTIFICATE_REQUEST -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CERTIFICATE_REQUEST:1 - -Test moving servers handshake to state: SERVER_HELLO_DONE -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_HELLO_DONE:1 - -Test moving servers handshake to state: CLIENT_CERTIFICATE -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CERTIFICATE:1 - -Test moving servers handshake to state: CLIENT_KEY_EXCHANGE -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:1 - -Test moving servers handshake to state: CERTIFICATE_VERIFY -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CERTIFICATE_VERIFY:1 - -Test moving servers handshake to state: CLIENT_CHANGE_CIPHER_SPEC -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:1 - -Test moving servers handshake to state: CLIENT_FINISHED -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_FINISHED:1 - -Test moving servers handshake to state: SERVER_CHANGE_CIPHER_SPEC -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:1 - -Test moving servers handshake to state: SERVER_FINISHED -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_FINISHED:1 - -Test moving servers handshake to state: FLUSH_BUFFERS -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_FLUSH_BUFFERS:1 - -Test moving servers handshake to state: HANDSHAKE_WRAPUP -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HANDSHAKE_WRAPUP:1 - -Test moving servers handshake to state: HANDSHAKE_OVER -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_HANDSHAKE_OVER:1 - -Negative test moving clients ssl to state: VERIFY_REQUEST_SENT -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:0 - -Negative test moving servers ssl to state: NEW_SESSION_TICKET -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_NEW_SESSION_TICKET:0 - -TLS 1.3:Test moving clients handshake to state: ENCRYPTED_EXTENSIONS -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:1 - -TLS 1.3:Test moving servers handshake to state: ENCRYPTED_EXTENSIONS -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:1 - -TLS 1.3:Test moving clients handshake to state: CLIENT_CERTIFICATE_VERIFY -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:1 - -TLS 1.3:Test moving servers handshake to state: CLIENT_CERTIFICATE_VERIFY -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2 -move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:1 +move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_NEW_SESSION_TICKET:0 Handshake, tls1_2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:0:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2 Handshake, tls1_3 -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT handshake_version:0:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3 Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 Handshake, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-ECDSA-WITH-AES-256-CCM -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 DTLS Handshake, tls1_2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:1:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2 DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 DTLS Handshake, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 -depends_on:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS handshake_serialization DTLS Handshake fragmentation, MFL=512 -depends_on:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_fragmentation:MBEDTLS_SSL_MAX_FRAG_LEN_512:1:1 DTLS Handshake fragmentation, MFL=1024 -depends_on:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_fragmentation:MBEDTLS_SSL_MAX_FRAG_LEN_1024:0:1 Handshake min/max version check, all -> 1.2 -depends_on:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_2 +Handshake min/max version check, all -> 1.3 +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT +handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3 + Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECDH_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Sending app data via TLS, MFL=512 without fragmentation @@ -606,147 +710,147 @@ DTLS legacy break handshake renegotiation with MFL=4096 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" SSL DTLS replay: initial state, seqnum 0 @@ -858,579 +962,579 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 Record crypt, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-GCM, 1.2 @@ -1450,35 +1554,35 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-192-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-192-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-192-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-192-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-256-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-GCM, 1.2 @@ -1546,59 +1650,59 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-192-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-192-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-192-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-192-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-192-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-192-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-192-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-256-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CCM, 1.2 @@ -1674,35 +1778,35 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_T ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, NULL cipher, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, NULL cipher, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ChachaPoly @@ -1730,579 +1834,579 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-GCM, 1.2 @@ -2322,35 +2426,35 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-192-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-192-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-192-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-192-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-256-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-GCM, 1.2 @@ -2418,59 +2522,59 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-192-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-192-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-192-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-192-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-192-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-192-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-192-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-256-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CCM, 1.2 @@ -2546,421 +2650,37 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_T ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, NULL cipher, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, NULL cipher, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 -Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15 - -Decrypt CBC !EtM, AES MD5 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15 - -Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15 - -Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 - -Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15 - -Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15 - -Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15 - -Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 - -Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15 - -Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15 - -Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15 - -Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 - -Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 - SSL TLS 1.3 Key schedule: Secret evolution #1 # Vector from TLS 1.3 Byte by Byte (https://tls13.ulfheim.net/) # Initial secret to Early Secret @@ -3130,7 +2850,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #1 # - App data payload: 70696e67 # - Complete record: 1703030015c74061535eb12f5f25a781957874742ab7fb305dd5 # - Padding used: No (== granularity 1) -depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"70696e67":"c74061535eb12f5f25a781957874742ab7fb305dd5" SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 @@ -3141,7 +2861,7 @@ SSL TLS 1.3 Record Encryption, tls13.ulfheim.net Example #2 # - App data payload: 706f6e67 # - Complete record: 1703030015370e5f168afa7fb16b663ecdfca3dbb81931a90ca7 # - Padding used: No (== granularity 1) -depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"0b6d22c8ff68097ea871c672073773bf":"1b13dd9f8d8f17091d34b349":"49134b95328f279f0183860589ac6707":"bc4dd5f7b98acff85466261d":"706f6e67":"370e5f168afa7fb16b663ecdfca3dbb81931a90ca7" SSL TLS 1.3 Record Encryption RFC 8448 Example #1 @@ -3160,7 +2880,7 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #1 # 62 97 4e 1f 5a 62 92 a2 97 70 14 bd 1e 3d ea e6 # 3a ee bb 21 69 49 15 e4 # - Padding used: No (== granularity 1) -depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_CLIENT:0:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"a23f7054b62c94d0affafe8228ba55cbefacea42f914aa66bcab3f2b9819a8a5b46b395bd54a9a20441e2b62974e1f5a6292a2977014bd1e3deae63aeebb21694915e4" SSL TLS 1.3 Record Encryption RFC 8448 Example #2 @@ -3179,12 +2899,12 @@ SSL TLS 1.3 Record Encryption RFC 8448 Example #2 # fc c4 9c 4b f2 e5 f0 a2 1c 00 47 c2 ab f3 32 54 # 0d d0 32 e1 67 c2 95 5d # - Padding used: No (== granularity 1) -depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ssl_tls13_record_protection:MBEDTLS_TLS1_3_AES_128_GCM_SHA256:MBEDTLS_SSL_IS_SERVER:1:1:"9f02283b6c9c07efc26bb9f2ac92e356":"cf782b88dd83549aadf1e984":"17422dda596ed5d9acd890e3c63f5051":"5b78923dee08579033e523d9":"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031":"2e937e11ef4ac740e538ad36005fc4a46932fc3225d05f82aa1b36e30efaf97d90e6dffc602dcb501a59a8fcc49c4bf2e5f0a21c0047c2abf332540dd032e167c2955d" SSL TLS 1.3 Key schedule: Application secrets derivation helper # Vector from RFC 8448 -depends_on:MBEDTLS_AES_C:MBEDTLS_ECDSA_C:PSA_WANT_ALG_SHA_256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED +depends_on:PSA_WANT_ALG_SHA_256 ssl_tls13_derive_application_secrets:PSA_ALG_SHA_256:"e2d32d4ed66dd37897a0e80c84107503ce58bf8aad4cb55a5002d77ecb890ece":"b0aeffc46a2cfe33114e6fd7d51f9f04b1ca3c497dab08934a774a9d9ad7dbf3":"2abbf2b8e381d23dbebe1dd2a7d16a8bf484cb4950d23fb7fb7fa8547062d9a1":"cc21f1bf8feb7dd5fa505bd9c4b468a9984d554a993dc49e6d285598fb672691":"3fd93d4ffddc98e64b14dd107aedf8ee4add23f4510f58a4592d0b201bee56b4" SSL TLS 1.3 Key schedule: Resumption secrets derivation helper @@ -3196,26 +2916,26 @@ SSL TLS 1.3 Key schedule: PSK binder # Vector from RFC 8448 # For the resumption PSK, see Section 3, 'generate resumption secret "tls13 resumption"' # For all other data, see Section 4, 'construct a ClientHello handshake message:' -depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_ECP_DP_CURVE25519_ENABLED +depends_on:PSA_WANT_ALG_SHA_256:MBEDTLS_ECP_HAVE_CURVE25519 ssl_tls13_create_psk_binder:PSA_ALG_SHA_256:"4ecd0eb6ec3b4d87f5d6028f922ca4c5851a277fd41311c9e62d2c9492e1c4f3":MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION:"63224b2e4573f2d3454ca84b9d009a04f6be9e05711a8396473aefa01e924a14":"3add4fb2d8fdf822a0ca3cf7678ef5e88dae990141c5924d57bb6fa31b9e5f9d" SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_PROTO_TLS1_2 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":0 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA256 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_PROTO_TLS1_2 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA256:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"7f9998393198a02c8d731ccc2ef90b2c":0 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 SHA-384 not enabled -depends_on:!MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:!MBEDTLS_MD_CAN_SHA384 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA256 SHA-256 not enabled -depends_on:!MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:!MBEDTLS_MD_CAN_SHA256 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA256:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"7f9998393198a02c8d731ccc2ef90b2c":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE Session serialization, save-load: no ticket, no cert @@ -3231,15 +2951,15 @@ depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_ ssl_serialize_session_save_load:1023:"":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, save-load: no ticket, cert -depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 ssl_serialize_session_save_load:0:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, save-load: small ticket, cert -depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 ssl_serialize_session_save_load:42:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, save-load: large ticket, cert -depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 ssl_serialize_session_save_load:1023:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: Session serialization, save-load: no ticket @@ -3271,15 +2991,15 @@ depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_ ssl_serialize_session_load_save:1023:"":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, load-save: no ticket, cert -depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 ssl_serialize_session_load_save:0:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, load-save: small ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_load_save:42:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, load-save: large ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_load_save:1023:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: Session serialization, load-save: no ticket @@ -3311,15 +3031,15 @@ depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_ ssl_serialize_session_save_buf_size:1023:"":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, save buffer size: no ticket, cert -depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2 ssl_serialize_session_save_buf_size:0:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, save buffer size: small ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_save_buf_size:42:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, save buffer size: large ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_save_buf_size:1023:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: Session serialization, save buffer size: no ticket @@ -3351,15 +3071,15 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_ ssl_serialize_session_load_buf_size:1023:"":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, load buffer size: no ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_load_buf_size:0:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, load buffer size: small ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_load_buf_size:42:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 Session serialization, load buffer size: large ticket, cert -depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_FS_IO +depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_FS_IO ssl_serialize_session_load_buf_size:1023:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: Session serialization, load buffer size: no ticket @@ -3456,9 +3176,9 @@ Version config: unsupported client hybrid DTLS 1.2/3 depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3 conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -Version config: unsupported server hybrid TLS 1.2/3 +Version config: valid server hybrid TLS 1.2/3 depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3 -conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE +conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:0 Version config: unsupported server hybrid DTLS 1.2/3 depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3 @@ -3472,7 +3192,7 @@ Version config: unsupported client hybrid DTLS 1.2/3, no TLS 1.2 depends_on:!MBEDTLS_SSL_PROTO_TLS1_2 conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG -Version config: unsupported server hybrid TLS 1.2/3, no TLS 1.2 +Version config: valid server hybrid TLS 1.2/3, no TLS 1.2 depends_on:!MBEDTLS_SSL_PROTO_TLS1_2 conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG @@ -3488,7 +3208,7 @@ Version config: unsupported client hybrid DTLS 1.2/3, no TLS 1.3 depends_on:!MBEDTLS_SSL_PROTO_TLS1_3 conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG -Version config: unsupported server hybrid TLS 1.2/3, no TLS 1.3 +Version config: valid server hybrid TLS 1.2/3, no TLS 1.3 depends_on:!MBEDTLS_SSL_PROTO_TLS1_3 conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG @@ -3509,11 +3229,11 @@ Sanity test cid functions cid_sanity: Raw key agreement: nominal -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED raw_key_agreement_fail:0 Raw key agreement: bad server key -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED raw_key_agreement_fail:1 Force a bad session id length diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 15ec5bea1..eb2407d2e 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1,2519 +1,16 @@ /* BEGIN_HEADER */ -#include #include #include #include +#include #include #include -#include "test/certs.h" - -#if defined(MBEDTLS_SSL_CACHE_C) -#include "mbedtls/ssl_cache.h" -#endif - -#include -#include "hash_info.h" +#include #include #include -enum { -#define MBEDTLS_SSL_TLS1_3_LABEL(name, string) \ - tls13_label_ ## name, - MBEDTLS_SSL_TLS1_3_LABEL_LIST -#undef MBEDTLS_SSL_TLS1_3_LABEL -}; - -typedef struct log_pattern { - const char *pattern; - size_t counter; -} log_pattern; - -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) -static int rng_seed = 0xBEEF; -static int rng_get(void *p_rng, unsigned char *output, size_t output_len) -{ - (void) p_rng; - for (size_t i = 0; i < output_len; i++) { - output[i] = rand(); - } - - return 0; -} -#endif - -/* - * This function can be passed to mbedtls to receive output logs from it. In - * this case, it will count the instances of a log_pattern in the received - * logged messages. - */ -void log_analyzer(void *ctx, int level, - const char *file, int line, - const char *str) -{ - log_pattern *p = (log_pattern *) ctx; - - (void) level; - (void) line; - (void) file; - - if (NULL != p && - NULL != p->pattern && - NULL != strstr(str, p->pattern)) { - p->counter++; - } -} - -typedef struct handshake_test_options { - const char *cipher; - mbedtls_ssl_protocol_version client_min_version; - mbedtls_ssl_protocol_version client_max_version; - mbedtls_ssl_protocol_version server_min_version; - mbedtls_ssl_protocol_version server_max_version; - mbedtls_ssl_protocol_version expected_negotiated_version; - int expected_handshake_result; - int expected_ciphersuite; - int pk_alg; - int opaque_alg; - int opaque_alg2; - int opaque_usage; - data_t *psk_str; - int dtls; - int srv_auth_mode; - int serialize; - int mfl; - int cli_msg_len; - int srv_msg_len; - int expected_cli_fragments; - int expected_srv_fragments; - int renegotiate; - int legacy_renegotiation; - void *srv_log_obj; - void *cli_log_obj; - void (*srv_log_fun)(void *, int, const char *, int, const char *); - void (*cli_log_fun)(void *, int, const char *, int, const char *); - int resize_buffers; -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_context *cache; -#endif -} handshake_test_options; - -void init_handshake_options(handshake_test_options *opts) -{ -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) - srand(rng_seed); - rng_seed += 0xD0; -#endif - opts->cipher = ""; - opts->client_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; - opts->client_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; - opts->server_min_version = MBEDTLS_SSL_VERSION_UNKNOWN; - opts->server_max_version = MBEDTLS_SSL_VERSION_UNKNOWN; - opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; - opts->expected_handshake_result = 0; - opts->expected_ciphersuite = 0; - opts->pk_alg = MBEDTLS_PK_RSA; - opts->opaque_alg = 0; - opts->opaque_alg2 = 0; - opts->opaque_usage = 0; - opts->psk_str = NULL; - opts->dtls = 0; - opts->srv_auth_mode = MBEDTLS_SSL_VERIFY_NONE; - opts->serialize = 0; - opts->mfl = MBEDTLS_SSL_MAX_FRAG_LEN_NONE; - opts->cli_msg_len = 100; - opts->srv_msg_len = 100; - opts->expected_cli_fragments = 1; - opts->expected_srv_fragments = 1; - opts->renegotiate = 0; - opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; - opts->srv_log_obj = NULL; - opts->srv_log_obj = NULL; - opts->srv_log_fun = NULL; - opts->cli_log_fun = NULL; - opts->resize_buffers = 1; -#if defined(MBEDTLS_SSL_CACHE_C) - opts->cache = NULL; - ASSERT_ALLOC(opts->cache, 1); - mbedtls_ssl_cache_init(opts->cache); -exit: - return; -#endif -} - -void free_handshake_options(handshake_test_options *opts) -{ -#if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free(opts->cache); - mbedtls_free(opts->cache); -#else - (void) opts; -#endif -} - -#if defined(MBEDTLS_TEST_HOOKS) -static void set_chk_buf_ptr_args( - mbedtls_ssl_chk_buf_ptr_args *args, - unsigned char *cur, unsigned char *end, size_t need) -{ - args->cur = cur; - args->end = end; - args->need = need; -} - -static void reset_chk_buf_ptr_args(mbedtls_ssl_chk_buf_ptr_args *args) -{ - memset(args, 0, sizeof(*args)); -} -#endif /* MBEDTLS_TEST_HOOKS */ - -/* - * Buffer structure for custom I/O callbacks. - */ - -typedef struct mbedtls_test_buffer { - size_t start; - size_t content_length; - size_t capacity; - unsigned char *buffer; -} mbedtls_test_buffer; - -/* - * Initialises \p buf. After calling this function it is safe to call - * `mbedtls_test_buffer_free()` on \p buf. - */ -void mbedtls_test_buffer_init(mbedtls_test_buffer *buf) -{ - memset(buf, 0, sizeof(*buf)); -} - -/* - * Sets up \p buf. After calling this function it is safe to call - * `mbedtls_test_buffer_put()` and `mbedtls_test_buffer_get()` on \p buf. - */ -int mbedtls_test_buffer_setup(mbedtls_test_buffer *buf, size_t capacity) -{ - buf->buffer = (unsigned char *) mbedtls_calloc(capacity, - sizeof(unsigned char)); - if (NULL == buf->buffer) { - return MBEDTLS_ERR_SSL_ALLOC_FAILED; - } - buf->capacity = capacity; - - return 0; -} - -void mbedtls_test_buffer_free(mbedtls_test_buffer *buf) -{ - if (buf->buffer != NULL) { - mbedtls_free(buf->buffer); - } - - memset(buf, 0, sizeof(*buf)); -} - -/* - * Puts \p input_len bytes from the \p input buffer into the ring buffer \p buf. - * - * \p buf must have been initialized and set up by calling - * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`. - * - * \retval \p input_len, if the data fits. - * \retval 0 <= value < \p input_len, if the data does not fit. - * \retval -1, if \p buf is NULL, it hasn't been set up or \p input_len is not - * zero and \p input is NULL. - */ -int mbedtls_test_buffer_put(mbedtls_test_buffer *buf, - const unsigned char *input, size_t input_len) -{ - size_t overflow = 0; - - if ((buf == NULL) || (buf->buffer == NULL)) { - return -1; - } - - /* Reduce input_len to a number that fits in the buffer. */ - if ((buf->content_length + input_len) > buf->capacity) { - input_len = buf->capacity - buf->content_length; - } - - if (input == NULL) { - return (input_len == 0) ? 0 : -1; - } - - /* Check if the buffer has not come full circle and free space is not in - * the middle */ - if (buf->start + buf->content_length < buf->capacity) { - - /* Calculate the number of bytes that need to be placed at lower memory - * address */ - if (buf->start + buf->content_length + input_len - > buf->capacity) { - overflow = (buf->start + buf->content_length + input_len) - % buf->capacity; - } - - memcpy(buf->buffer + buf->start + buf->content_length, input, - input_len - overflow); - memcpy(buf->buffer, input + input_len - overflow, overflow); - - } else { - /* The buffer has come full circle and free space is in the middle */ - memcpy(buf->buffer + buf->start + buf->content_length - buf->capacity, - input, input_len); - } - - buf->content_length += input_len; - return input_len; -} - -/* - * Gets \p output_len bytes from the ring buffer \p buf into the - * \p output buffer. The output buffer can be NULL, in this case a part of the - * ring buffer will be dropped, if the requested length is available. - * - * \p buf must have been initialized and set up by calling - * `mbedtls_test_buffer_init()` and `mbedtls_test_buffer_setup()`. - * - * \retval \p output_len, if the data is available. - * \retval 0 <= value < \p output_len, if the data is not available. - * \retval -1, if \buf is NULL or it hasn't been set up. - */ -int mbedtls_test_buffer_get(mbedtls_test_buffer *buf, - unsigned char *output, size_t output_len) -{ - size_t overflow = 0; - - if ((buf == NULL) || (buf->buffer == NULL)) { - return -1; - } - - if (output == NULL && output_len == 0) { - return 0; - } - - if (buf->content_length < output_len) { - output_len = buf->content_length; - } - - /* Calculate the number of bytes that need to be drawn from lower memory - * address */ - if (buf->start + output_len > buf->capacity) { - overflow = (buf->start + output_len) % buf->capacity; - } - - if (output != NULL) { - memcpy(output, buf->buffer + buf->start, output_len - overflow); - memcpy(output + output_len - overflow, buf->buffer, overflow); - } - - buf->content_length -= output_len; - buf->start = (buf->start + output_len) % buf->capacity; - - return output_len; -} - -/* - * Errors used in the message transport mock tests - */ - #define MBEDTLS_TEST_ERROR_ARG_NULL -11 - #define MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED -44 - -/* - * Context for a message metadata queue (fifo) that is on top of the ring buffer. - */ -typedef struct mbedtls_test_message_queue { - size_t *messages; - int pos; - int num; - int capacity; -} mbedtls_test_message_queue; - -/* - * Setup and free functions for the message metadata queue. - * - * \p capacity describes the number of message metadata chunks that can be held - * within the queue. - * - * \retval 0, if a metadata queue of a given length can be allocated. - * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation failed. - */ -int mbedtls_test_message_queue_setup(mbedtls_test_message_queue *queue, - size_t capacity) -{ - queue->messages = (size_t *) mbedtls_calloc(capacity, sizeof(size_t)); - if (NULL == queue->messages) { - return MBEDTLS_ERR_SSL_ALLOC_FAILED; - } - - queue->capacity = capacity; - queue->pos = 0; - queue->num = 0; - - return 0; -} - -void mbedtls_test_message_queue_free(mbedtls_test_message_queue *queue) -{ - if (queue == NULL) { - return; - } - - if (queue->messages != NULL) { - mbedtls_free(queue->messages); - } - - memset(queue, 0, sizeof(*queue)); -} - -/* - * Push message length information onto the message metadata queue. - * This will become the last element to leave it (fifo). - * - * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. - * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the queue is full. - * \retval \p len, if the push was successful. - */ -int mbedtls_test_message_queue_push_info(mbedtls_test_message_queue *queue, - size_t len) -{ - int place; - if (queue == NULL) { - return MBEDTLS_TEST_ERROR_ARG_NULL; - } - - if (queue->num >= queue->capacity) { - return MBEDTLS_ERR_SSL_WANT_WRITE; - } - - place = (queue->pos + queue->num) % queue->capacity; - queue->messages[place] = len; - queue->num++; - return len; -} - -/* - * Pop information about the next message length from the queue. This will be - * the oldest inserted message length(fifo). \p msg_len can be null, in which - * case the data will be popped from the queue but not copied anywhere. - * - * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. - * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. - * \retval message length, if the pop was successful, up to the given - \p buf_len. - */ -int mbedtls_test_message_queue_pop_info(mbedtls_test_message_queue *queue, - size_t buf_len) -{ - size_t message_length; - if (queue == NULL) { - return MBEDTLS_TEST_ERROR_ARG_NULL; - } - if (queue->num == 0) { - return MBEDTLS_ERR_SSL_WANT_READ; - } - - message_length = queue->messages[queue->pos]; - queue->messages[queue->pos] = 0; - queue->num--; - queue->pos++; - queue->pos %= queue->capacity; - if (queue->pos < 0) { - queue->pos += queue->capacity; - } - - return (message_length > buf_len) ? buf_len : message_length; -} - -/* - * Take a peek on the info about the next message length from the queue. - * This will be the oldest inserted message length(fifo). - * - * \retval MBEDTLS_TEST_ERROR_ARG_NULL, if the queue is null. - * \retval MBEDTLS_ERR_SSL_WANT_READ, if the queue is empty. - * \retval 0, if the peek was successful. - * \retval MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED, if the given buffer length is - * too small to fit the message. In this case the \p msg_len will be - * set to the full message length so that the - * caller knows what portion of the message can be dropped. - */ -int mbedtls_test_message_queue_peek_info(mbedtls_test_message_queue *queue, - size_t buf_len, size_t *msg_len) -{ - if (queue == NULL || msg_len == NULL) { - return MBEDTLS_TEST_ERROR_ARG_NULL; - } - if (queue->num == 0) { - return MBEDTLS_ERR_SSL_WANT_READ; - } - - *msg_len = queue->messages[queue->pos]; - return (*msg_len > buf_len) ? MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED : 0; -} -/* - * Context for the I/O callbacks simulating network connection. - */ - -#define MBEDTLS_MOCK_SOCKET_CONNECTED 1 - -typedef struct mbedtls_mock_socket { - int status; - mbedtls_test_buffer *input; - mbedtls_test_buffer *output; - struct mbedtls_mock_socket *peer; -} mbedtls_mock_socket; - -/* - * Setup and teardown functions for mock sockets. - */ -void mbedtls_mock_socket_init(mbedtls_mock_socket *socket) -{ - memset(socket, 0, sizeof(*socket)); -} - -/* - * Closes the socket \p socket. - * - * \p socket must have been previously initialized by calling - * mbedtls_mock_socket_init(). - * - * This function frees all allocated resources and both sockets are aware of the - * new connection state. - * - * That is, this function does not simulate half-open TCP connections and the - * phenomenon that when closing a UDP connection the peer is not aware of the - * connection having been closed. - */ -void mbedtls_mock_socket_close(mbedtls_mock_socket *socket) -{ - if (socket == NULL) { - return; - } - - if (socket->input != NULL) { - mbedtls_test_buffer_free(socket->input); - mbedtls_free(socket->input); - } - - if (socket->output != NULL) { - mbedtls_test_buffer_free(socket->output); - mbedtls_free(socket->output); - } - - if (socket->peer != NULL) { - memset(socket->peer, 0, sizeof(*socket->peer)); - } - - memset(socket, 0, sizeof(*socket)); -} - -/* - * Establishes a connection between \p peer1 and \p peer2. - * - * \p peer1 and \p peer2 must have been previously initialized by calling - * mbedtls_mock_socket_init(). - * - * The capacities of the internal buffers are set to \p bufsize. Setting this to - * the correct value allows for simulation of MTU, sanity testing the mock - * implementation and mocking TCP connections with lower memory cost. - */ -int mbedtls_mock_socket_connect(mbedtls_mock_socket *peer1, - mbedtls_mock_socket *peer2, - size_t bufsize) -{ - int ret = -1; - - peer1->output = - (mbedtls_test_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_buffer)); - if (peer1->output == NULL) { - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - mbedtls_test_buffer_init(peer1->output); - if (0 != (ret = mbedtls_test_buffer_setup(peer1->output, bufsize))) { - goto exit; - } - - peer2->output = - (mbedtls_test_buffer *) mbedtls_calloc(1, sizeof(mbedtls_test_buffer)); - if (peer2->output == NULL) { - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - mbedtls_test_buffer_init(peer2->output); - if (0 != (ret = mbedtls_test_buffer_setup(peer2->output, bufsize))) { - goto exit; - } - - peer1->peer = peer2; - peer2->peer = peer1; - peer1->input = peer2->output; - peer2->input = peer1->output; - - peer1->status = peer2->status = MBEDTLS_MOCK_SOCKET_CONNECTED; - ret = 0; - -exit: - - if (ret != 0) { - mbedtls_mock_socket_close(peer1); - mbedtls_mock_socket_close(peer2); - } - - return ret; -} - -/* - * Callbacks for simulating blocking I/O over connection-oriented transport. - */ - -int mbedtls_mock_tcp_send_b(void *ctx, const unsigned char *buf, size_t len) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - - if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { - return -1; - } - - return mbedtls_test_buffer_put(socket->output, buf, len); -} - -int mbedtls_mock_tcp_recv_b(void *ctx, unsigned char *buf, size_t len) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - - if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { - return -1; - } - - return mbedtls_test_buffer_get(socket->input, buf, len); -} - -/* - * Callbacks for simulating non-blocking I/O over connection-oriented transport. - */ - -int mbedtls_mock_tcp_send_nb(void *ctx, const unsigned char *buf, size_t len) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - - if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { - return -1; - } - - if (socket->output->capacity == socket->output->content_length) { - return MBEDTLS_ERR_SSL_WANT_WRITE; - } - - return mbedtls_test_buffer_put(socket->output, buf, len); -} - -int mbedtls_mock_tcp_recv_nb(void *ctx, unsigned char *buf, size_t len) -{ - mbedtls_mock_socket *socket = (mbedtls_mock_socket *) ctx; - - if (socket == NULL || socket->status != MBEDTLS_MOCK_SOCKET_CONNECTED) { - return -1; - } - - if (socket->input->content_length == 0) { - return MBEDTLS_ERR_SSL_WANT_READ; - } - - return mbedtls_test_buffer_get(socket->input, buf, len); -} - -/* Errors used in the message socket mocks */ - -#define MBEDTLS_TEST_ERROR_CONTEXT_ERROR -55 -#define MBEDTLS_TEST_ERROR_SEND_FAILED -66 -#define MBEDTLS_TEST_ERROR_RECV_FAILED -77 - -/* - * Structure used as an addon, or a wrapper, around the mocked sockets. - * Contains an input queue, to which the other socket pushes metadata, - * and an output queue, to which this one pushes metadata. This context is - * considered as an owner of the input queue only, which is initialized and - * freed in the respective setup and free calls. - */ -typedef struct mbedtls_test_message_socket_context { - mbedtls_test_message_queue *queue_input; - mbedtls_test_message_queue *queue_output; - mbedtls_mock_socket *socket; -} mbedtls_test_message_socket_context; - -void mbedtls_message_socket_init(mbedtls_test_message_socket_context *ctx) -{ - ctx->queue_input = NULL; - ctx->queue_output = NULL; - ctx->socket = NULL; -} - -/* - * Setup a given message socket context including initialization of - * input/output queues to a chosen capacity of messages. Also set the - * corresponding mock socket. - * - * \retval 0, if everything succeeds. - * \retval MBEDTLS_ERR_SSL_ALLOC_FAILED, if allocation of a message - * queue failed. - */ -int mbedtls_message_socket_setup(mbedtls_test_message_queue *queue_input, - mbedtls_test_message_queue *queue_output, - size_t queue_capacity, - mbedtls_mock_socket *socket, - mbedtls_test_message_socket_context *ctx) -{ - int ret = mbedtls_test_message_queue_setup(queue_input, queue_capacity); - if (ret != 0) { - return ret; - } - ctx->queue_input = queue_input; - ctx->queue_output = queue_output; - ctx->socket = socket; - mbedtls_mock_socket_init(socket); - - return 0; -} - -/* - * Close a given message socket context, along with the socket itself. Free the - * memory allocated by the input queue. - */ -void mbedtls_message_socket_close(mbedtls_test_message_socket_context *ctx) -{ - if (ctx == NULL) { - return; - } - - mbedtls_test_message_queue_free(ctx->queue_input); - mbedtls_mock_socket_close(ctx->socket); - memset(ctx, 0, sizeof(*ctx)); -} - -/* - * Send one message through a given message socket context. - * - * \retval \p len, if everything succeeds. - * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context - * elements or the context itself is null. - * \retval MBEDTLS_TEST_ERROR_SEND_FAILED if mbedtls_mock_tcp_send_b failed. - * \retval MBEDTLS_ERR_SSL_WANT_WRITE, if the output queue is full. - * - * This function will also return any error from - * mbedtls_test_message_queue_push_info. - */ -int mbedtls_mock_tcp_send_msg(void *ctx, const unsigned char *buf, size_t len) -{ - mbedtls_test_message_queue *queue; - mbedtls_mock_socket *socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; - - if (context == NULL || context->socket == NULL - || context->queue_output == NULL) { - return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; - } - - queue = context->queue_output; - socket = context->socket; - - if (queue->num >= queue->capacity) { - return MBEDTLS_ERR_SSL_WANT_WRITE; - } - - if (mbedtls_mock_tcp_send_b(socket, buf, len) != (int) len) { - return MBEDTLS_TEST_ERROR_SEND_FAILED; - } - - return mbedtls_test_message_queue_push_info(queue, len); -} - -/* - * Receive one message from a given message socket context and return message - * length or an error. - * - * \retval message length, if everything succeeds. - * \retval MBEDTLS_TEST_ERROR_CONTEXT_ERROR, if any of the needed context - * elements or the context itself is null. - * \retval MBEDTLS_TEST_ERROR_RECV_FAILED if mbedtls_mock_tcp_recv_b failed. - * - * This function will also return any error other than - * MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED from mbedtls_test_message_queue_peek_info. - */ -int mbedtls_mock_tcp_recv_msg(void *ctx, unsigned char *buf, size_t buf_len) -{ - mbedtls_test_message_queue *queue; - mbedtls_mock_socket *socket; - mbedtls_test_message_socket_context *context = (mbedtls_test_message_socket_context *) ctx; - size_t drop_len = 0; - size_t msg_len; - int ret; - - if (context == NULL || context->socket == NULL - || context->queue_input == NULL) { - return MBEDTLS_TEST_ERROR_CONTEXT_ERROR; - } - - queue = context->queue_input; - socket = context->socket; - - /* Peek first, so that in case of a socket error the data remains in - * the queue. */ - ret = mbedtls_test_message_queue_peek_info(queue, buf_len, &msg_len); - if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { - /* Calculate how much to drop */ - drop_len = msg_len - buf_len; - - /* Set the requested message len to be buffer length */ - msg_len = buf_len; - } else if (ret != 0) { - return ret; - } - - if (mbedtls_mock_tcp_recv_b(socket, buf, msg_len) != (int) msg_len) { - return MBEDTLS_TEST_ERROR_RECV_FAILED; - } - - if (ret == MBEDTLS_TEST_ERROR_MESSAGE_TRUNCATED) { - /* Drop the remaining part of the message */ - if (mbedtls_mock_tcp_recv_b(socket, NULL, drop_len) != (int) drop_len) { - /* Inconsistent state - part of the message was read, - * and a part couldn't. Not much we can do here, but it should not - * happen in test environment, unless forced manually. */ - } - } - mbedtls_test_message_queue_pop_info(queue, buf_len); - - return msg_len; -} - -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) - -/* - * Structure with endpoint's certificates for SSL communication tests. - */ -typedef struct mbedtls_endpoint_certificate { - mbedtls_x509_crt *ca_cert; - mbedtls_x509_crt *cert; - mbedtls_pk_context *pkey; -} mbedtls_endpoint_certificate; - -/* - * Endpoint structure for SSL communication tests. - */ -typedef struct mbedtls_endpoint { - const char *name; - mbedtls_ssl_context ssl; - mbedtls_ssl_config conf; - mbedtls_mock_socket socket; - mbedtls_endpoint_certificate cert; -} mbedtls_endpoint; - -/* - * Deinitializes certificates from endpoint represented by \p ep. - */ -void mbedtls_endpoint_certificate_free(mbedtls_endpoint *ep) -{ - mbedtls_endpoint_certificate *cert = &(ep->cert); - if (cert != NULL) { - if (cert->ca_cert != NULL) { - mbedtls_x509_crt_free(cert->ca_cert); - mbedtls_free(cert->ca_cert); - cert->ca_cert = NULL; - } - if (cert->cert != NULL) { - mbedtls_x509_crt_free(cert->cert); - mbedtls_free(cert->cert); - cert->cert = NULL; - } - if (cert->pkey != NULL) { -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { - mbedtls_svc_key_id_t *key_slot = cert->pkey->pk_ctx; - psa_destroy_key(*key_slot); - } -#endif - mbedtls_pk_free(cert->pkey); - mbedtls_free(cert->pkey); - cert->pkey = NULL; - } - } -} - -/* - * Initializes \p ep_cert structure and assigns it to endpoint - * represented by \p ep. - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_endpoint_certificate_init(mbedtls_endpoint *ep, int pk_alg, - int opaque_alg, int opaque_alg2, - int opaque_usage) -{ - int i = 0; - int ret = -1; - mbedtls_endpoint_certificate *cert = NULL; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - mbedtls_svc_key_id_t key_slot = MBEDTLS_SVC_KEY_ID_INIT; -#endif - - if (ep == NULL) { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } - - cert = &(ep->cert); - ASSERT_ALLOC(cert->ca_cert, 1); - ASSERT_ALLOC(cert->cert, 1); - ASSERT_ALLOC(cert->pkey, 1); - - mbedtls_x509_crt_init(cert->ca_cert); - mbedtls_x509_crt_init(cert->cert); - mbedtls_pk_init(cert->pkey); - - /* Load the trusted CA */ - - for (i = 0; mbedtls_test_cas_der[i] != NULL; i++) { - ret = mbedtls_x509_crt_parse_der(cert->ca_cert, - (const unsigned char *) mbedtls_test_cas_der[i], - mbedtls_test_cas_der_len[i]); - TEST_ASSERT(ret == 0); - } - - /* Load own certificate and private key */ - - if (ep->conf.endpoint == MBEDTLS_SSL_IS_SERVER) { - if (pk_alg == MBEDTLS_PK_RSA) { - ret = mbedtls_x509_crt_parse(cert->cert, - (const unsigned char *) mbedtls_test_srv_crt_rsa_sha256_der, - mbedtls_test_srv_crt_rsa_sha256_der_len); - TEST_ASSERT(ret == 0); - - ret = mbedtls_pk_parse_key(cert->pkey, - (const unsigned char *) mbedtls_test_srv_key_rsa_der, - mbedtls_test_srv_key_rsa_der_len, NULL, 0, - mbedtls_test_rnd_std_rand, NULL); - TEST_ASSERT(ret == 0); - } else { - ret = mbedtls_x509_crt_parse(cert->cert, - (const unsigned char *) mbedtls_test_srv_crt_ec_der, - mbedtls_test_srv_crt_ec_der_len); - TEST_ASSERT(ret == 0); - - ret = mbedtls_pk_parse_key(cert->pkey, - (const unsigned char *) mbedtls_test_srv_key_ec_der, - mbedtls_test_srv_key_ec_der_len, NULL, 0, - mbedtls_test_rnd_std_rand, NULL); - TEST_ASSERT(ret == 0); - } - } else { - if (pk_alg == MBEDTLS_PK_RSA) { - ret = mbedtls_x509_crt_parse(cert->cert, - (const unsigned char *) mbedtls_test_cli_crt_rsa_der, - mbedtls_test_cli_crt_rsa_der_len); - TEST_ASSERT(ret == 0); - - ret = mbedtls_pk_parse_key(cert->pkey, - (const unsigned char *) mbedtls_test_cli_key_rsa_der, - mbedtls_test_cli_key_rsa_der_len, NULL, 0, - mbedtls_test_rnd_std_rand, NULL); - TEST_ASSERT(ret == 0); - } else { - ret = mbedtls_x509_crt_parse(cert->cert, - (const unsigned char *) mbedtls_test_cli_crt_ec_der, - mbedtls_test_cli_crt_ec_len); - TEST_ASSERT(ret == 0); - - ret = mbedtls_pk_parse_key(cert->pkey, - (const unsigned char *) mbedtls_test_cli_key_ec_der, - mbedtls_test_cli_key_ec_der_len, NULL, 0, - mbedtls_test_rnd_std_rand, NULL); - TEST_ASSERT(ret == 0); - } - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if (opaque_alg != 0) { - TEST_EQUAL(mbedtls_pk_wrap_as_opaque(cert->pkey, &key_slot, - opaque_alg, opaque_usage, - opaque_alg2), 0); - } -#else - (void) opaque_alg; - (void) opaque_alg2; - (void) opaque_usage; -#endif - - mbedtls_ssl_conf_ca_chain(&(ep->conf), cert->ca_cert, NULL); - - ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, - cert->pkey); - TEST_ASSERT(ret == 0); - TEST_ASSERT(ep->conf.key_cert != NULL); - - ret = mbedtls_ssl_conf_own_cert(&(ep->conf), NULL, NULL); - TEST_ASSERT(ret == 0); - TEST_ASSERT(ep->conf.key_cert == NULL); - - ret = mbedtls_ssl_conf_own_cert(&(ep->conf), cert->cert, - cert->pkey); - TEST_ASSERT(ret == 0); - -exit: - if (ret != 0) { - mbedtls_endpoint_certificate_free(ep); - } - - return ret; -} - -/* - * Initializes \p ep structure. It is important to call `mbedtls_endpoint_free()` - * after calling this function even if it fails. - * - * \p endpoint_type must be set as MBEDTLS_SSL_IS_SERVER or - * MBEDTLS_SSL_IS_CLIENT. - * \p pk_alg the algorithm to use, currently only MBEDTLS_PK_RSA and - * MBEDTLS_PK_ECDSA are supported. - * \p dtls_context - in case of DTLS - this is the context handling metadata. - * \p input_queue - used only in case of DTLS. - * \p output_queue - used only in case of DTLS. - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_endpoint_init(mbedtls_endpoint *ep, int endpoint_type, - handshake_test_options *options, - mbedtls_test_message_socket_context *dtls_context, - mbedtls_test_message_queue *input_queue, - mbedtls_test_message_queue *output_queue, - uint16_t *group_list) -{ - int ret = -1; - uintptr_t user_data_n; - - if (dtls_context != NULL && (input_queue == NULL || output_queue == NULL)) { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } - - if (ep == NULL) { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } - - memset(ep, 0, sizeof(*ep)); - - ep->name = (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? "Server" : "Client"; - - mbedtls_ssl_init(&(ep->ssl)); - mbedtls_ssl_config_init(&(ep->conf)); - mbedtls_ssl_conf_rng(&(ep->conf), rng_get, NULL); - - TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&ep->conf) == NULL); - TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), 0); - TEST_ASSERT(mbedtls_ssl_get_user_data_p(&ep->ssl) == NULL); - TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), 0); - - (void) mbedtls_test_rnd_std_rand(NULL, - (void *) &user_data_n, - sizeof(user_data_n)); - mbedtls_ssl_conf_set_user_data_n(&ep->conf, user_data_n); - mbedtls_ssl_set_user_data_n(&ep->ssl, user_data_n); - - if (dtls_context != NULL) { - TEST_ASSERT(mbedtls_message_socket_setup(input_queue, output_queue, - 100, &(ep->socket), - dtls_context) == 0); - } else { - mbedtls_mock_socket_init(&(ep->socket)); - } - - /* Non-blocking callbacks without timeout */ - if (dtls_context != NULL) { - mbedtls_ssl_set_bio(&(ep->ssl), dtls_context, - mbedtls_mock_tcp_send_msg, - mbedtls_mock_tcp_recv_msg, - NULL); - } else { - mbedtls_ssl_set_bio(&(ep->ssl), &(ep->socket), - mbedtls_mock_tcp_send_nb, - mbedtls_mock_tcp_recv_nb, - NULL); - } - - ret = mbedtls_ssl_config_defaults(&(ep->conf), endpoint_type, - (dtls_context != NULL) ? - MBEDTLS_SSL_TRANSPORT_DATAGRAM : - MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_PRESET_DEFAULT); - TEST_ASSERT(ret == 0); - - if (group_list != NULL) { - mbedtls_ssl_conf_groups(&(ep->conf), group_list); - } - - mbedtls_ssl_conf_authmode(&(ep->conf), MBEDTLS_SSL_VERIFY_REQUIRED); - -#if defined(MBEDTLS_SSL_CACHE_C) && defined(MBEDTLS_SSL_SRV_C) - if (endpoint_type == MBEDTLS_SSL_IS_SERVER && options->cache != NULL) { - mbedtls_ssl_conf_session_cache(&(ep->conf), options->cache, - mbedtls_ssl_cache_get, - mbedtls_ssl_cache_set); - } -#endif - - ret = mbedtls_ssl_setup(&(ep->ssl), &(ep->conf)); - TEST_ASSERT(ret == 0); - -#if defined(MBEDTLS_SSL_PROTO_DTLS) && defined(MBEDTLS_SSL_SRV_C) - if (endpoint_type == MBEDTLS_SSL_IS_SERVER && dtls_context != NULL) { - mbedtls_ssl_conf_dtls_cookies(&(ep->conf), NULL, NULL, NULL); - } -#endif - - ret = mbedtls_endpoint_certificate_init(ep, options->pk_alg, - options->opaque_alg, - options->opaque_alg2, - options->opaque_usage); - TEST_ASSERT(ret == 0); - - TEST_EQUAL(mbedtls_ssl_conf_get_user_data_n(&ep->conf), user_data_n); - mbedtls_ssl_conf_set_user_data_p(&ep->conf, ep); - TEST_EQUAL(mbedtls_ssl_get_user_data_n(&ep->ssl), user_data_n); - mbedtls_ssl_set_user_data_p(&ep->ssl, ep); - -exit: - return ret; -} - -/* - * Deinitializes endpoint represented by \p ep. - */ -void mbedtls_endpoint_free(mbedtls_endpoint *ep, - mbedtls_test_message_socket_context *context) -{ - mbedtls_endpoint_certificate_free(ep); - - mbedtls_ssl_free(&(ep->ssl)); - mbedtls_ssl_config_free(&(ep->conf)); - - if (context != NULL) { - mbedtls_message_socket_close(context); - } else { - mbedtls_mock_socket_close(&(ep->socket)); - } -} - -/* - * This function moves ssl handshake from \p ssl to prescribed \p state. - * /p second_ssl is used as second endpoint and their sockets have to be - * connected before calling this function. - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_move_handshake_to_state(mbedtls_ssl_context *ssl, - mbedtls_ssl_context *second_ssl, - int state) -{ - enum { BUFFSIZE = 1024 }; - int max_steps = 1000; - int ret = 0; - - if (ssl == NULL || second_ssl == NULL) { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } - - /* Perform communication via connected sockets */ - while ((ssl->state != state) && (--max_steps >= 0)) { - /* If /p second_ssl ends the handshake procedure before /p ssl then - * there is no need to call the next step */ - if (!mbedtls_ssl_is_handshake_over(second_ssl)) { - ret = mbedtls_ssl_handshake_step(second_ssl); - if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE) { - return ret; - } - } - - /* We only care about the \p ssl state and returns, so we call it last, - * to leave the iteration as soon as the state is as expected. */ - ret = mbedtls_ssl_handshake_step(ssl); - if (ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && - ret != MBEDTLS_ERR_SSL_WANT_WRITE) { - return ret; - } - } - - return (max_steps >= 0) ? ret : -1; -} - -#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ - -/* - * Write application data. Increase write counter if necessary. - */ -int mbedtls_ssl_write_fragment(mbedtls_ssl_context *ssl, unsigned char *buf, - int buf_len, int *written, - const int expected_fragments) -{ - int ret = mbedtls_ssl_write(ssl, buf + *written, buf_len - *written); - if (ret > 0) { - *written += ret; - } - - if (expected_fragments == 0) { - /* Used for DTLS and the message size larger than MFL. In that case - * the message can not be fragmented and the library should return - * MBEDTLS_ERR_SSL_BAD_INPUT_DATA error. This error must be returned - * to prevent a dead loop inside mbedtls_exchange_data(). */ - return ret; - } else if (expected_fragments == 1) { - /* Used for TLS/DTLS and the message size lower than MFL */ - TEST_ASSERT(ret == buf_len || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE); - } else { - /* Used for TLS and the message size larger than MFL */ - TEST_ASSERT(expected_fragments > 1); - TEST_ASSERT((ret >= 0 && ret <= buf_len) || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE); - } - - return 0; - -exit: - /* Some of the tests failed */ - return -1; -} - -/* - * Read application data and increase read counter and fragments counter if necessary. - */ -int mbedtls_ssl_read_fragment(mbedtls_ssl_context *ssl, unsigned char *buf, - int buf_len, int *read, - int *fragments, const int expected_fragments) -{ - int ret = mbedtls_ssl_read(ssl, buf + *read, buf_len - *read); - if (ret > 0) { - (*fragments)++; - *read += ret; - } - - if (expected_fragments == 0) { - TEST_ASSERT(ret == 0); - } else if (expected_fragments == 1) { - TEST_ASSERT(ret == buf_len || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE); - } else { - TEST_ASSERT(expected_fragments > 1); - TEST_ASSERT((ret >= 0 && ret <= buf_len) || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE); - } - - return 0; - -exit: - /* Some of the tests failed */ - return -1; -} - -/* - * Helper function setting up inverse record transformations - * using given cipher, hash, EtM mode, authentication tag length, - * and version. - */ - -#define CHK(x) \ - do \ - { \ - if (!(x)) \ - { \ - ret = -1; \ - goto cleanup; \ - } \ - } while (0) - -void set_ciphersuite(mbedtls_ssl_config *conf, const char *cipher, - int *forced_ciphersuite) -{ - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - forced_ciphersuite[0] = mbedtls_ssl_get_ciphersuite_id(cipher); - forced_ciphersuite[1] = 0; - - ciphersuite_info = - mbedtls_ssl_ciphersuite_from_id(forced_ciphersuite[0]); - - TEST_ASSERT(ciphersuite_info != NULL); - TEST_ASSERT(ciphersuite_info->min_tls_version <= conf->max_tls_version); - TEST_ASSERT(ciphersuite_info->max_tls_version >= conf->min_tls_version); - - if (conf->max_tls_version > ciphersuite_info->max_tls_version) { - conf->max_tls_version = ciphersuite_info->max_tls_version; - } - if (conf->min_tls_version < ciphersuite_info->min_tls_version) { - conf->min_tls_version = ciphersuite_info->min_tls_version; - } - - mbedtls_ssl_conf_ciphersuites(conf, forced_ciphersuite); - -exit: - return; -} - -int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, - const unsigned char *name, size_t name_len) -{ - (void) p_info; - (void) ssl; - (void) name; - (void) name_len; - - return 0; -} - -#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX -#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_IN_LEN_MAX -#else -#define SSL_CID_LEN_MIN MBEDTLS_SSL_CID_OUT_LEN_MAX -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) -static int psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, - const unsigned char *iv, size_t iv_len, - const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen) -{ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_cipher_operation_t cipher_op = PSA_CIPHER_OPERATION_INIT; - size_t part_len; - - status = psa_cipher_encrypt_setup(&cipher_op, - transform->psa_key_enc, transform->psa_alg); - - if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); - } - - status = psa_cipher_set_iv(&cipher_op, iv, iv_len); - - if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); - } - - status = psa_cipher_update(&cipher_op, - input, ilen, output, ilen, olen); - - if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); - } - - status = psa_cipher_finish(&cipher_op, - output + *olen, ilen - *olen, &part_len); - - if (status != PSA_SUCCESS) { - return psa_ssl_status_to_mbedtls(status); - } - - *olen += part_len; - return 0; -#else - return mbedtls_cipher_crypt(&transform->cipher_ctx_enc, - iv, iv_len, input, ilen, output, olen); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -} -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_AES_C */ - -static int build_transforms(mbedtls_ssl_transform *t_in, - mbedtls_ssl_transform *t_out, - int cipher_type, int hash_id, - int etm, int tag_mode, - mbedtls_ssl_protocol_version tls_version, - size_t cid0_len, - size_t cid1_len) -{ - mbedtls_cipher_info_t const *cipher_info; - int ret = 0; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_type_t key_type; - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg; - size_t key_bits; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; -#endif - - size_t keylen, maclen, ivlen; - unsigned char *key0 = NULL, *key1 = NULL; - unsigned char *md0 = NULL, *md1 = NULL; - unsigned char iv_enc[16], iv_dec[16]; - -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - unsigned char cid0[SSL_CID_LEN_MIN]; - unsigned char cid1[SSL_CID_LEN_MIN]; - - mbedtls_test_rnd_std_rand(NULL, cid0, sizeof(cid0)); - mbedtls_test_rnd_std_rand(NULL, cid1, sizeof(cid1)); -#else - ((void) cid0_len); - ((void) cid1_len); -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - - maclen = 0; - - /* Pick cipher */ - cipher_info = mbedtls_cipher_info_from_type(cipher_type); - CHK(cipher_info != NULL); - CHK(cipher_info->iv_size <= 16); - CHK(cipher_info->key_bitlen % 8 == 0); - - /* Pick keys */ - keylen = cipher_info->key_bitlen / 8; - /* Allocate `keylen + 1` bytes to ensure that we get - * a non-NULL pointers from `mbedtls_calloc` even if - * `keylen == 0` in the case of the NULL cipher. */ - CHK((key0 = mbedtls_calloc(1, keylen + 1)) != NULL); - CHK((key1 = mbedtls_calloc(1, keylen + 1)) != NULL); - memset(key0, 0x1, keylen); - memset(key1, 0x2, keylen); - -#if !defined(MBEDTLS_USE_PSA_CRYPTO) - /* Setup cipher contexts */ - CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); - CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); - CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_enc, cipher_info) == 0); - CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - if (cipher_info->mode == MBEDTLS_MODE_CBC) { - CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, - MBEDTLS_PADDING_NONE) == 0); - CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, - MBEDTLS_PADDING_NONE) == 0); - CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_enc, - MBEDTLS_PADDING_NONE) == 0); - CHK(mbedtls_cipher_set_padding_mode(&t_out->cipher_ctx_dec, - MBEDTLS_PADDING_NONE) == 0); - } -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - - CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_enc, key0, - keylen << 3, MBEDTLS_ENCRYPT) == 0); - CHK(mbedtls_cipher_setkey(&t_in->cipher_ctx_dec, key1, - keylen << 3, MBEDTLS_DECRYPT) == 0); - CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_enc, key1, - keylen << 3, MBEDTLS_ENCRYPT) == 0); - CHK(mbedtls_cipher_setkey(&t_out->cipher_ctx_dec, key0, - keylen << 3, MBEDTLS_DECRYPT) == 0); -#endif - - /* Setup MAC contexts */ -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - if (cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_STREAM) { -#if !defined(MBEDTLS_USE_PSA_CRYPTO) - mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type(hash_id); - CHK(md_info != NULL); -#endif - maclen = mbedtls_hash_info_get_size(hash_id); - CHK(maclen != 0); - /* Pick hash keys */ - CHK((md0 = mbedtls_calloc(1, maclen)) != NULL); - CHK((md1 = mbedtls_calloc(1, maclen)) != NULL); - memset(md0, 0x5, maclen); - memset(md1, 0x6, maclen); - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - alg = mbedtls_hash_info_psa_from_md(hash_id); - - CHK(alg != 0); - - t_out->psa_mac_alg = PSA_ALG_HMAC(alg); - t_in->psa_mac_alg = PSA_ALG_HMAC(alg); - t_in->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; - t_out->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT; - t_in->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; - t_out->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT; - - psa_reset_key_attributes(&attributes); - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE); - psa_set_key_algorithm(&attributes, PSA_ALG_HMAC(alg)); - psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC); - - CHK(psa_import_key(&attributes, - md0, maclen, - &t_in->psa_mac_enc) == PSA_SUCCESS); - - CHK(psa_import_key(&attributes, - md1, maclen, - &t_out->psa_mac_enc) == PSA_SUCCESS); - - if (cipher_info->mode == MBEDTLS_MODE_STREAM || - etm == MBEDTLS_SSL_ETM_DISABLED) { - /* mbedtls_ct_hmac() requires the key to be exportable */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | - PSA_KEY_USAGE_VERIFY_HASH); - } else { - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_VERIFY_HASH); - } - - CHK(psa_import_key(&attributes, - md1, maclen, - &t_in->psa_mac_dec) == PSA_SUCCESS); - - CHK(psa_import_key(&attributes, - md0, maclen, - &t_out->psa_mac_dec) == PSA_SUCCESS); -#else - CHK(mbedtls_md_setup(&t_out->md_ctx_enc, md_info, 1) == 0); - CHK(mbedtls_md_setup(&t_out->md_ctx_dec, md_info, 1) == 0); - CHK(mbedtls_md_setup(&t_in->md_ctx_enc, md_info, 1) == 0); - CHK(mbedtls_md_setup(&t_in->md_ctx_dec, md_info, 1) == 0); - - CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_enc, - md0, maclen) == 0); - CHK(mbedtls_md_hmac_starts(&t_in->md_ctx_dec, - md1, maclen) == 0); - CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_enc, - md1, maclen) == 0); - CHK(mbedtls_md_hmac_starts(&t_out->md_ctx_dec, - md0, maclen) == 0); -#endif - } -#else - ((void) hash_id); -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ - - - /* Pick IV's (regardless of whether they - * are being used by the transform). */ - ivlen = cipher_info->iv_size; - memset(iv_enc, 0x3, sizeof(iv_enc)); - memset(iv_dec, 0x4, sizeof(iv_dec)); - - /* - * Setup transforms - */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - t_out->encrypt_then_mac = etm; - t_in->encrypt_then_mac = etm; -#else - ((void) etm); -#endif - - t_out->tls_version = tls_version; - t_in->tls_version = tls_version; - t_out->ivlen = ivlen; - t_in->ivlen = ivlen; - - switch (cipher_info->mode) { - case MBEDTLS_MODE_GCM: - case MBEDTLS_MODE_CCM: -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - t_out->fixed_ivlen = 12; - t_in->fixed_ivlen = 12; - } else -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - { - t_out->fixed_ivlen = 4; - t_in->fixed_ivlen = 4; - } - t_out->maclen = 0; - t_in->maclen = 0; - switch (tag_mode) { - case 0: /* Full tag */ - t_out->taglen = 16; - t_in->taglen = 16; - break; - case 1: /* Partial tag */ - t_out->taglen = 8; - t_in->taglen = 8; - break; - default: - ret = 1; - goto cleanup; - } - break; - - case MBEDTLS_MODE_CHACHAPOLY: - t_out->fixed_ivlen = 12; - t_in->fixed_ivlen = 12; - t_out->maclen = 0; - t_in->maclen = 0; - switch (tag_mode) { - case 0: /* Full tag */ - t_out->taglen = 16; - t_in->taglen = 16; - break; - case 1: /* Partial tag */ - t_out->taglen = 8; - t_in->taglen = 8; - break; - default: - ret = 1; - goto cleanup; - } - break; - - case MBEDTLS_MODE_STREAM: - case MBEDTLS_MODE_CBC: - t_out->fixed_ivlen = 0; /* redundant, must be 0 */ - t_in->fixed_ivlen = 0; /* redundant, must be 0 */ - t_out->taglen = 0; - t_in->taglen = 0; - switch (tag_mode) { - case 0: /* Full tag */ - t_out->maclen = maclen; - t_in->maclen = maclen; - break; - default: - ret = 1; - goto cleanup; - } - break; - default: - ret = 1; - goto cleanup; - break; - } - - /* Setup IV's */ - - memcpy(&t_in->iv_dec, iv_dec, sizeof(iv_dec)); - memcpy(&t_in->iv_enc, iv_enc, sizeof(iv_enc)); - memcpy(&t_out->iv_dec, iv_enc, sizeof(iv_enc)); - memcpy(&t_out->iv_enc, iv_dec, sizeof(iv_dec)); - -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - /* Add CID */ - memcpy(&t_in->in_cid, cid0, cid0_len); - memcpy(&t_in->out_cid, cid1, cid1_len); - t_in->in_cid_len = cid0_len; - t_in->out_cid_len = cid1_len; - memcpy(&t_out->in_cid, cid1, cid1_len); - memcpy(&t_out->out_cid, cid0, cid0_len); - t_out->in_cid_len = cid1_len; - t_out->out_cid_len = cid0_len; -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - status = mbedtls_ssl_cipher_to_psa(cipher_type, - t_in->taglen, - &alg, - &key_type, - &key_bits); - - if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); - goto cleanup; - } - - t_in->psa_alg = alg; - t_out->psa_alg = alg; - - if (alg != MBEDTLS_SSL_NULL_CIPHER) { - psa_reset_key_attributes(&attributes); - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT); - psa_set_key_algorithm(&attributes, alg); - psa_set_key_type(&attributes, key_type); - - status = psa_import_key(&attributes, - key0, - PSA_BITS_TO_BYTES(key_bits), - &t_in->psa_key_enc); - - if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); - goto cleanup; - } - - status = psa_import_key(&attributes, - key1, - PSA_BITS_TO_BYTES(key_bits), - &t_out->psa_key_enc); - - if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); - goto cleanup; - } - - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT); - - status = psa_import_key(&attributes, - key1, - PSA_BITS_TO_BYTES(key_bits), - &t_in->psa_key_dec); - - if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); - goto cleanup; - } - - status = psa_import_key(&attributes, - key0, - PSA_BITS_TO_BYTES(key_bits), - &t_out->psa_key_dec); - - if (status != PSA_SUCCESS) { - ret = psa_ssl_status_to_mbedtls(status); - goto cleanup; - } - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -cleanup: - - mbedtls_free(key0); - mbedtls_free(key1); - - mbedtls_free(md0); - mbedtls_free(md1); - - return ret; -} - -/* - * Populate a session structure for serialization tests. - * Choose dummy values, mostly non-0 to distinguish from the init default. - */ -static int ssl_tls12_populate_session(mbedtls_ssl_session *session, - int ticket_len, - const char *crt_file) -{ -#if defined(MBEDTLS_HAVE_TIME) - session->start = mbedtls_time(NULL) - 42; -#endif - session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; - session->ciphersuite = 0xabcd; - session->id_len = sizeof(session->id); - memset(session->id, 66, session->id_len); - memset(session->master, 17, sizeof(session->master)); - -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) && defined(MBEDTLS_FS_IO) - if (crt_file != NULL && strlen(crt_file) != 0) { - mbedtls_x509_crt tmp_crt; - int ret; - - mbedtls_x509_crt_init(&tmp_crt); - ret = mbedtls_x509_crt_parse_file(&tmp_crt, crt_file); - if (ret != 0) { - return ret; - } - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* Move temporary CRT. */ - session->peer_cert = mbedtls_calloc(1, sizeof(*session->peer_cert)); - if (session->peer_cert == NULL) { - return -1; - } - *session->peer_cert = tmp_crt; - memset(&tmp_crt, 0, sizeof(tmp_crt)); -#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - /* Calculate digest of temporary CRT. */ - session->peer_cert_digest = - mbedtls_calloc(1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN); - if (session->peer_cert_digest == NULL) { - return -1; - } - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_algorithm_t psa_alg = mbedtls_hash_info_psa_from_md( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE); - size_t hash_size = 0; - psa_status_t status = psa_hash_compute(psa_alg, tmp_crt.raw.p, - tmp_crt.raw.len, - session->peer_cert_digest, - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN, - &hash_size); - ret = psa_ssl_status_to_mbedtls(status); -#else - ret = mbedtls_md(mbedtls_md_info_from_type( - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE), - tmp_crt.raw.p, tmp_crt.raw.len, - session->peer_cert_digest); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - if (ret != 0) { - return ret; - } - session->peer_cert_digest_type = - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; - session->peer_cert_digest_len = - MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - - mbedtls_x509_crt_free(&tmp_crt); - } -#else /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ - (void) crt_file; -#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED && MBEDTLS_FS_IO */ - session->verify_result = 0xdeadbeef; - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) - if (ticket_len != 0) { - session->ticket = mbedtls_calloc(1, ticket_len); - if (session->ticket == NULL) { - return -1; - } - memset(session->ticket, 33, ticket_len); - } - session->ticket_len = ticket_len; - session->ticket_lifetime = 86401; -#else - (void) ticket_len; -#endif - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - session->mfl_code = 1; -#endif -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - session->encrypt_then_mac = 1; -#endif - - return 0; -} - -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -static int ssl_tls13_populate_session(mbedtls_ssl_session *session, - int ticket_len, - int endpoint_type) -{ - ((void) ticket_len); - session->tls_version = MBEDTLS_SSL_VERSION_TLS1_3; - session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ? - MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER; - session->ciphersuite = 0xabcd; - session->ticket_age_add = 0x87654321; - session->ticket_flags = 0x7; - - session->resumption_key_len = 32; - memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); - -#if defined(MBEDTLS_HAVE_TIME) - if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { - session->start = mbedtls_time(NULL) - 42; - } -#endif - -#if defined(MBEDTLS_SSL_CLI_C) - if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { -#if defined(MBEDTLS_HAVE_TIME) - session->ticket_received = mbedtls_time(NULL) - 40; -#endif - session->ticket_lifetime = 0xfedcba98; - - session->ticket_len = ticket_len; - if (ticket_len != 0) { - session->ticket = mbedtls_calloc(1, ticket_len); - if (session->ticket == NULL) { - return -1; - } - memset(session->ticket, 33, ticket_len); - } - } -#endif /* MBEDTLS_SSL_CLI_C */ - - return 0; -} -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - -/* - * Perform data exchanging between \p ssl_1 and \p ssl_2 and check if the - * message was sent in the correct number of fragments. - * - * /p ssl_1 and /p ssl_2 Endpoints represented by mbedtls_ssl_context. Both - * of them must be initialized and connected beforehand. - * /p msg_len_1 and /p msg_len_2 specify the size of the message to send. - * /p expected_fragments_1 and /p expected_fragments_2 determine in how many - * fragments the message should be sent. - * expected_fragments is 0: can be used for DTLS testing while the message - * size is larger than MFL. In that case the message - * cannot be fragmented and sent to the second endpoint. - * This value can be used for negative tests. - * expected_fragments is 1: can be used for TLS/DTLS testing while the - * message size is below MFL - * expected_fragments > 1: can be used for TLS testing while the message - * size is larger than MFL - * - * \retval 0 on success, otherwise error code. - */ -int mbedtls_exchange_data(mbedtls_ssl_context *ssl_1, - int msg_len_1, const int expected_fragments_1, - mbedtls_ssl_context *ssl_2, - int msg_len_2, const int expected_fragments_2) -{ - unsigned char *msg_buf_1 = malloc(msg_len_1); - unsigned char *msg_buf_2 = malloc(msg_len_2); - unsigned char *in_buf_1 = malloc(msg_len_2); - unsigned char *in_buf_2 = malloc(msg_len_1); - int msg_type, ret = -1; - - /* Perform this test with two message types. At first use a message - * consisting of only 0x00 for the client and only 0xFF for the server. - * At the second time use message with generated data */ - for (msg_type = 0; msg_type < 2; msg_type++) { - int written_1 = 0; - int written_2 = 0; - int read_1 = 0; - int read_2 = 0; - int fragments_1 = 0; - int fragments_2 = 0; - - if (msg_type == 0) { - memset(msg_buf_1, 0x00, msg_len_1); - memset(msg_buf_2, 0xff, msg_len_2); - } else { - int i, j = 0; - for (i = 0; i < msg_len_1; i++) { - msg_buf_1[i] = j++ & 0xFF; - } - for (i = 0; i < msg_len_2; i++) { - msg_buf_2[i] = (j -= 5) & 0xFF; - } - } - - while (read_1 < msg_len_2 || read_2 < msg_len_1) { - /* ssl_1 sending */ - if (msg_len_1 > written_1) { - ret = mbedtls_ssl_write_fragment(ssl_1, msg_buf_1, - msg_len_1, &written_1, - expected_fragments_1); - if (expected_fragments_1 == 0) { - /* This error is expected when the message is too large and - * cannot be fragmented */ - TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); - msg_len_1 = 0; - } else { - TEST_ASSERT(ret == 0); - } - } - - /* ssl_2 sending */ - if (msg_len_2 > written_2) { - ret = mbedtls_ssl_write_fragment(ssl_2, msg_buf_2, - msg_len_2, &written_2, - expected_fragments_2); - if (expected_fragments_2 == 0) { - /* This error is expected when the message is too large and - * cannot be fragmented */ - TEST_ASSERT(ret == MBEDTLS_ERR_SSL_BAD_INPUT_DATA); - msg_len_2 = 0; - } else { - TEST_ASSERT(ret == 0); - } - } - - /* ssl_1 reading */ - if (read_1 < msg_len_2) { - ret = mbedtls_ssl_read_fragment(ssl_1, in_buf_1, - msg_len_2, &read_1, - &fragments_2, - expected_fragments_2); - TEST_ASSERT(ret == 0); - } - - /* ssl_2 reading */ - if (read_2 < msg_len_1) { - ret = mbedtls_ssl_read_fragment(ssl_2, in_buf_2, - msg_len_1, &read_2, - &fragments_1, - expected_fragments_1); - TEST_ASSERT(ret == 0); - } - } - - ret = -1; - TEST_ASSERT(0 == memcmp(msg_buf_1, in_buf_2, msg_len_1)); - TEST_ASSERT(0 == memcmp(msg_buf_2, in_buf_1, msg_len_2)); - TEST_ASSERT(fragments_1 == expected_fragments_1); - TEST_ASSERT(fragments_2 == expected_fragments_2); - } - - ret = 0; - -exit: - free(msg_buf_1); - free(in_buf_1); - free(msg_buf_2); - free(in_buf_2); - - return ret; -} - -/* - * Perform data exchanging between \p ssl_1 and \p ssl_2. Both of endpoints - * must be initialized and connected beforehand. - * - * \retval 0 on success, otherwise error code. - */ -int exchange_data(mbedtls_ssl_context *ssl_1, - mbedtls_ssl_context *ssl_2) -{ - return mbedtls_exchange_data(ssl_1, 256, 1, - ssl_2, 256, 1); -} - -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) -static int check_ssl_version(mbedtls_ssl_protocol_version expected_negotiated_version, - const mbedtls_ssl_context *ssl) -{ - const char *version_string = mbedtls_ssl_get_version(ssl); - mbedtls_ssl_protocol_version version_number = - mbedtls_ssl_get_version_number(ssl); - - TEST_EQUAL(ssl->tls_version, expected_negotiated_version); - - if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { - TEST_EQUAL(version_string[0], 'D'); - ++version_string; - } - - switch (expected_negotiated_version) { - case MBEDTLS_SSL_VERSION_TLS1_2: - TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_2); - TEST_ASSERT(strcmp(version_string, "TLSv1.2") == 0); - break; - - case MBEDTLS_SSL_VERSION_TLS1_3: - TEST_EQUAL(version_number, MBEDTLS_SSL_VERSION_TLS1_3); - TEST_ASSERT(strcmp(version_string, "TLSv1.3") == 0); - break; - - default: - TEST_ASSERT(!"Version check not implemented for this protocol version"); - } - - return 1; - -exit: - return 0; -} -#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ - - -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) -void perform_handshake(handshake_test_options *options) -{ - /* forced_ciphersuite needs to last until the end of the handshake */ - int forced_ciphersuite[2]; - enum { BUFFSIZE = 17000 }; - mbedtls_endpoint client, server; -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) - const char *psk_identity = "foo"; -#endif -#if defined(MBEDTLS_TIMING_C) - mbedtls_timing_delay_context timer_client, timer_server; -#endif -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - unsigned char *context_buf = NULL; - size_t context_buf_len; -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - int ret = -1; -#endif - int expected_handshake_result = options->expected_handshake_result; - - USE_PSA_INIT(); - mbedtls_platform_zeroize(&client, sizeof(client)); - mbedtls_platform_zeroize(&server, sizeof(server)); - mbedtls_test_message_queue server_queue, client_queue; - mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - - /* Client side */ - if (options->dtls != 0) { - TEST_ASSERT(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, - options, &client_context, - &client_queue, - &server_queue, NULL) == 0); -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb(&client.ssl, &timer_client, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay); -#endif - } else { - TEST_ASSERT(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, - options, NULL, NULL, - NULL, NULL) == 0); - } - - if (options->client_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { - mbedtls_ssl_conf_min_tls_version(&client.conf, - options->client_min_version); - } - - if (options->client_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { - mbedtls_ssl_conf_max_tls_version(&client.conf, - options->client_max_version); - } - - if (strlen(options->cipher) > 0) { - set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); - } - -#if defined(MBEDTLS_DEBUG_C) - if (options->cli_log_fun) { - mbedtls_debug_set_threshold(4); - mbedtls_ssl_conf_dbg(&client.conf, options->cli_log_fun, - options->cli_log_obj); - } -#endif - - /* Server side */ - if (options->dtls != 0) { - TEST_ASSERT(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, - options, &server_context, - &server_queue, - &client_queue, NULL) == 0); -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay); -#endif - } else { - TEST_ASSERT(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, - options, NULL, NULL, NULL, - NULL) == 0); - } - - mbedtls_ssl_conf_authmode(&server.conf, options->srv_auth_mode); - - if (options->server_min_version != MBEDTLS_SSL_VERSION_UNKNOWN) { - mbedtls_ssl_conf_min_tls_version(&server.conf, - options->server_min_version); - } - - if (options->server_max_version != MBEDTLS_SSL_VERSION_UNKNOWN) { - mbedtls_ssl_conf_max_tls_version(&server.conf, - options->server_max_version); - } - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(server.conf), - (unsigned char) options->mfl) == 0); - TEST_ASSERT(mbedtls_ssl_conf_max_frag_len(&(client.conf), - (unsigned char) options->mfl) == 0); -#else - TEST_ASSERT(MBEDTLS_SSL_MAX_FRAG_LEN_NONE == options->mfl); -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED) - if (options->psk_str != NULL && options->psk_str->len > 0) { - TEST_ASSERT(mbedtls_ssl_conf_psk(&client.conf, options->psk_str->x, - options->psk_str->len, - (const unsigned char *) psk_identity, - strlen(psk_identity)) == 0); - - TEST_ASSERT(mbedtls_ssl_conf_psk(&server.conf, options->psk_str->x, - options->psk_str->len, - (const unsigned char *) psk_identity, - strlen(psk_identity)) == 0); -#if defined(MBEDTLS_SSL_SRV_C) - mbedtls_ssl_conf_psk_cb(&server.conf, psk_dummy_callback, NULL); -#endif - } -#endif -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if (options->renegotiate) { - mbedtls_ssl_conf_renegotiation(&(server.conf), - MBEDTLS_SSL_RENEGOTIATION_ENABLED); - mbedtls_ssl_conf_renegotiation(&(client.conf), - MBEDTLS_SSL_RENEGOTIATION_ENABLED); - - mbedtls_ssl_conf_legacy_renegotiation(&(server.conf), - options->legacy_renegotiation); - mbedtls_ssl_conf_legacy_renegotiation(&(client.conf), - options->legacy_renegotiation); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -#if defined(MBEDTLS_DEBUG_C) - if (options->srv_log_fun) { - mbedtls_debug_set_threshold(4); - mbedtls_ssl_conf_dbg(&server.conf, options->srv_log_fun, - options->srv_log_obj); - } -#endif - - TEST_ASSERT(mbedtls_mock_socket_connect(&(client.socket), - &(server.socket), - BUFFSIZE) == 0); - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if (options->resize_buffers != 0) { - /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); - TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); - TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); - TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); - } -#endif - - if (options->expected_negotiated_version == MBEDTLS_SSL_VERSION_UNKNOWN) { - expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; - } - - TEST_ASSERT(mbedtls_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER) - == expected_handshake_result); - - if (expected_handshake_result != 0) { - /* Connection will have failed by this point, skip to cleanup */ - goto exit; - } - - TEST_ASSERT(mbedtls_ssl_is_handshake_over(&client.ssl) == 1); - - /* Make sure server state is moved to HANDSHAKE_OVER also. */ - TEST_EQUAL(mbedtls_move_handshake_to_state(&(server.ssl), - &(client.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER), 0); - - TEST_ASSERT(mbedtls_ssl_is_handshake_over(&server.ssl) == 1); - /* Check that both sides have negotiated the expected version. */ - mbedtls_test_set_step(0); - if (!check_ssl_version(options->expected_negotiated_version, - &client.ssl)) { - goto exit; - } - - mbedtls_test_set_step(1); - if (!check_ssl_version(options->expected_negotiated_version, - &server.ssl)) { - goto exit; - } - - if (options->expected_ciphersuite != 0) { - TEST_EQUAL(server.ssl.session->ciphersuite, - options->expected_ciphersuite); - } - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if (options->resize_buffers != 0) { - /* A server, when using DTLS, might delay a buffer resize to happen - * after it receives a message, so we force it. */ - TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); - - TEST_ASSERT(client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen(&client.ssl)); - TEST_ASSERT(client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen(&client.ssl)); - TEST_ASSERT(server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen(&server.ssl)); - TEST_ASSERT(server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen(&server.ssl)); - } -#endif - - if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { - /* Start data exchanging test */ - TEST_ASSERT(mbedtls_exchange_data(&(client.ssl), options->cli_msg_len, - options->expected_cli_fragments, - &(server.ssl), options->srv_msg_len, - options->expected_srv_fragments) - == 0); - } -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if (options->serialize == 1) { - TEST_ASSERT(options->dtls == 1); - - TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), NULL, - 0, &context_buf_len) - == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); - - context_buf = mbedtls_calloc(1, context_buf_len); - TEST_ASSERT(context_buf != NULL); - - TEST_ASSERT(mbedtls_ssl_context_save(&(server.ssl), context_buf, - context_buf_len, - &context_buf_len) == 0); - - mbedtls_ssl_free(&(server.ssl)); - mbedtls_ssl_init(&(server.ssl)); - - TEST_ASSERT(mbedtls_ssl_setup(&(server.ssl), &(server.conf)) == 0); - - mbedtls_ssl_set_bio(&(server.ssl), &server_context, - mbedtls_mock_tcp_send_msg, - mbedtls_mock_tcp_recv_msg, - NULL); - - mbedtls_ssl_set_user_data_p(&server.ssl, &server); - -#if defined(MBEDTLS_TIMING_C) - mbedtls_ssl_set_timer_cb(&server.ssl, &timer_server, - mbedtls_timing_set_delay, - mbedtls_timing_get_delay); -#endif -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if (options->resize_buffers != 0) { - /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT(server.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); - TEST_ASSERT(server.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); - } -#endif - TEST_ASSERT(mbedtls_ssl_context_load(&(server.ssl), context_buf, - context_buf_len) == 0); - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - /* Validate buffer sizes after context deserialization */ - if (options->resize_buffers != 0) { - TEST_ASSERT(server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen(&server.ssl)); - TEST_ASSERT(server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen(&server.ssl)); - } -#endif - /* Retest writing/reading */ - if (options->cli_msg_len != 0 || options->srv_msg_len != 0) { - TEST_ASSERT(mbedtls_exchange_data(&(client.ssl), - options->cli_msg_len, - options->expected_cli_fragments, - &(server.ssl), - options->srv_msg_len, - options->expected_srv_fragments) - == 0); - } - } -#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if (options->renegotiate) { - /* Start test with renegotiation */ - TEST_ASSERT(server.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE); - TEST_ASSERT(client.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE); - - /* After calling this function for the server, it only sends a handshake - * request. All renegotiation should happen during data exchanging */ - TEST_ASSERT(mbedtls_ssl_renegotiate(&(server.ssl)) == 0); - TEST_ASSERT(server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_PENDING); - TEST_ASSERT(client.ssl.renego_status == - MBEDTLS_SSL_INITIAL_HANDSHAKE); - - TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); - TEST_ASSERT(server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE); - TEST_ASSERT(client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE); - - /* After calling mbedtls_ssl_renegotiate for the client all renegotiation - * should happen inside this function. However in this test, we cannot - * perform simultaneous communication between client and server so this - * function will return waiting error on the socket. All rest of - * renegotiation should happen during data exchanging */ - ret = mbedtls_ssl_renegotiate(&(client.ssl)); -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if (options->resize_buffers != 0) { - /* Ensure that the buffer sizes are appropriate before resizes */ - TEST_ASSERT(client.ssl.out_buf_len == MBEDTLS_SSL_OUT_BUFFER_LEN); - TEST_ASSERT(client.ssl.in_buf_len == MBEDTLS_SSL_IN_BUFFER_LEN); - } -#endif - TEST_ASSERT(ret == 0 || - ret == MBEDTLS_ERR_SSL_WANT_READ || - ret == MBEDTLS_ERR_SSL_WANT_WRITE); - TEST_ASSERT(server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE); - TEST_ASSERT(client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS); - - TEST_ASSERT(exchange_data(&(client.ssl), &(server.ssl)) == 0); - TEST_ASSERT(server.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE); - TEST_ASSERT(client.ssl.renego_status == - MBEDTLS_SSL_RENEGOTIATION_DONE); -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - /* Validate buffer sizes after renegotiation */ - if (options->resize_buffers != 0) { - TEST_ASSERT(client.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen(&client.ssl)); - TEST_ASSERT(client.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen(&client.ssl)); - TEST_ASSERT(server.ssl.out_buf_len == - mbedtls_ssl_get_output_buflen(&server.ssl)); - TEST_ASSERT(server.ssl.in_buf_len == - mbedtls_ssl_get_input_buflen(&server.ssl)); - } -#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - - TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&client.conf) == &client); - TEST_ASSERT(mbedtls_ssl_get_user_data_p(&client.ssl) == &client); - TEST_ASSERT(mbedtls_ssl_conf_get_user_data_p(&server.conf) == &server); - TEST_ASSERT(mbedtls_ssl_get_user_data_p(&server.ssl) == &server); - -exit: - mbedtls_endpoint_free(&client, options->dtls != 0 ? &client_context : NULL); - mbedtls_endpoint_free(&server, options->dtls != 0 ? &server_context : NULL); -#if defined(MBEDTLS_DEBUG_C) - if (options->cli_log_fun || options->srv_log_fun) { - mbedtls_debug_set_threshold(0); - } -#endif -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if (context_buf != NULL) { - mbedtls_free(context_buf); - } -#endif - USE_PSA_DONE(); -} -#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ - -#if defined(MBEDTLS_TEST_HOOKS) -/* - * Tweak vector lengths in a TLS 1.3 Certificate message - * - * \param[in] buf Buffer containing the Certificate message to tweak - * \param[in]]out] end End of the buffer to parse - * \param tweak Tweak identifier (from 1 to the number of tweaks). - * \param[out] expected_result Error code expected from the parsing function - * \param[out] args Arguments of the MBEDTLS_SSL_CHK_BUF_READ_PTR call that - * is expected to fail. All zeroes if no - * MBEDTLS_SSL_CHK_BUF_READ_PTR failure is expected. - */ -int tweak_tls13_certificate_msg_vector_len( - unsigned char *buf, unsigned char **end, int tweak, - int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args) -{ -/* - * The definition of the tweaks assume that the certificate list contains only - * one certificate. - */ - -/* - * struct { - * opaque cert_data<1..2^24-1>; - * Extension extensions<0..2^16-1>; - * } CertificateEntry; - * - * struct { - * opaque certificate_request_context<0..2^8-1>; - * CertificateEntry certificate_list<0..2^24-1>; - * } Certificate; - */ - unsigned char *p_certificate_request_context_len = buf; - size_t certificate_request_context_len = buf[0]; - - unsigned char *p_certificate_list_len = buf + 1 + certificate_request_context_len; - unsigned char *certificate_list = p_certificate_list_len + 3; - size_t certificate_list_len = MBEDTLS_GET_UINT24_BE(p_certificate_list_len, 0); - - unsigned char *p_cert_data_len = certificate_list; - unsigned char *cert_data = p_cert_data_len + 3; - size_t cert_data_len = MBEDTLS_GET_UINT24_BE(p_cert_data_len, 0); - - unsigned char *p_extensions_len = cert_data + cert_data_len; - unsigned char *extensions = p_extensions_len + 2; - size_t extensions_len = MBEDTLS_GET_UINT16_BE(p_extensions_len, 0); - - *expected_result = MBEDTLS_ERR_SSL_DECODE_ERROR; - - switch (tweak) { - case 1: - /* Failure when checking if the certificate request context length and - * certificate list length can be read - */ - *end = buf + 3; - set_chk_buf_ptr_args(args, buf, *end, 4); - break; - - case 2: - /* Invalid certificate request context length. - */ - *p_certificate_request_context_len = - certificate_request_context_len + 1; - reset_chk_buf_ptr_args(args); - break; - - case 3: - /* Failure when checking if certificate_list data can be read. */ - MBEDTLS_PUT_UINT24_BE(certificate_list_len + 1, - p_certificate_list_len, 0); - set_chk_buf_ptr_args(args, certificate_list, *end, - certificate_list_len + 1); - break; - - case 4: - /* Failure when checking if the cert_data length can be read. */ - MBEDTLS_PUT_UINT24_BE(2, p_certificate_list_len, 0); - set_chk_buf_ptr_args(args, p_cert_data_len, certificate_list + 2, 3); - break; - - case 5: - /* Failure when checking if cert_data data can be read. */ - MBEDTLS_PUT_UINT24_BE(certificate_list_len - 3 + 1, - p_cert_data_len, 0); - set_chk_buf_ptr_args(args, cert_data, - certificate_list + certificate_list_len, - certificate_list_len - 3 + 1); - break; - - case 6: - /* Failure when checking if the extensions length can be read. */ - MBEDTLS_PUT_UINT24_BE(certificate_list_len - extensions_len - 1, - p_certificate_list_len, 0); - set_chk_buf_ptr_args(args, p_extensions_len, - certificate_list + certificate_list_len - extensions_len - 1, 2); - break; - - case 7: - /* Failure when checking if extensions data can be read. */ - MBEDTLS_PUT_UINT16_BE(extensions_len + 1, p_extensions_len, 0); - - set_chk_buf_ptr_args(args, extensions, - certificate_list + certificate_list_len, extensions_len + 1); - break; - - default: - return -1; - } - - return 0; -} -#endif /* MBEDTLS_TEST_HOOKS */ - -#define ECJPAKE_TEST_PWD "bla" - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \ - ret = (use_opaque_arg) ? \ - mbedtls_ssl_set_hs_ecjpake_password_opaque(&ssl, pwd_slot) : \ - mbedtls_ssl_set_hs_ecjpake_password(&ssl, pwd_string, pwd_len); \ - TEST_EQUAL(ret, exp_ret_val) -#else -#define ECJPAKE_TEST_SET_PASSWORD(exp_ret_val) \ - ret = mbedtls_ssl_set_hs_ecjpake_password(&ssl, \ - pwd_string, pwd_len); \ - TEST_EQUAL(ret, exp_ret_val) -#endif - -#define TEST_AVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \ - TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \ - group_id_); \ - TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \ - tls_id_); \ - TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \ - &psa_family, &psa_bits), PSA_SUCCESS); \ - TEST_EQUAL(psa_family_, psa_family); \ - TEST_EQUAL(psa_bits_, psa_bits); - -#define TEST_UNAVAILABLE_ECC(tls_id_, group_id_, psa_family_, psa_bits_) \ - TEST_EQUAL(mbedtls_ssl_get_ecp_group_id_from_tls_id(tls_id_), \ - MBEDTLS_ECP_DP_NONE); \ - TEST_EQUAL(mbedtls_ssl_get_tls_id_from_ecp_group_id(group_id_), \ - 0); \ - TEST_EQUAL(mbedtls_ssl_get_psa_curve_info_from_tls_id(tls_id_, \ - &psa_family, &psa_bits), \ - PSA_ERROR_NOT_SUPPORTED); +#define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } /* END_HEADER */ @@ -2526,65 +23,70 @@ int tweak_tls13_certificate_msg_vector_len( void test_callback_buffer_sanity() { enum { MSGLEN = 10 }; - mbedtls_test_buffer buf; + mbedtls_test_ssl_buffer buf; unsigned char input[MSGLEN]; unsigned char output[MSGLEN]; + USE_PSA_INIT(); memset(input, 0, sizeof(input)); /* Make sure calling put and get on NULL buffer results in error. */ - TEST_ASSERT(mbedtls_test_buffer_put(NULL, input, sizeof(input)) + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, input, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_get(NULL, output, sizeof(output)) + TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, output, sizeof(output)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_put(NULL, NULL, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_put(NULL, NULL, 0) == -1); - TEST_ASSERT(mbedtls_test_buffer_get(NULL, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(NULL, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(NULL, NULL, 0) == -1); /* Make sure calling put and get on a buffer that hasn't been set up results * in error. */ - mbedtls_test_buffer_init(&buf); + mbedtls_test_ssl_buffer_init(&buf); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_get(&buf, output, sizeof(output)) + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, 0) == -1); - TEST_ASSERT(mbedtls_test_buffer_get(&buf, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == -1); /* Make sure calling put and get on NULL input only results in * error if the length is not zero, and that a NULL output is valid for data * dropping. */ - TEST_ASSERT(mbedtls_test_buffer_setup(&buf, sizeof(input)) == 0); + TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, sizeof(input)) == 0); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, sizeof(input)) == -1); - TEST_ASSERT(mbedtls_test_buffer_get(&buf, NULL, sizeof(output)) + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, sizeof(input)) + == -1); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, sizeof(output)) == 0); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, NULL, 0) == 0); - TEST_ASSERT(mbedtls_test_buffer_get(&buf, NULL, 0) == 0); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, NULL, 0) == 0); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, NULL, 0) == 0); /* Make sure calling put several times in the row is safe */ - TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, sizeof(input)) + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) == sizeof(input)); - TEST_ASSERT(mbedtls_test_buffer_get(&buf, output, 2) == 2); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, 1) == 1); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, 2) == 1); - TEST_ASSERT(mbedtls_test_buffer_put(&buf, input, 2) == 0); + TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 1); + TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, 2) == 0); exit: - - mbedtls_test_buffer_free(&buf); + mbedtls_test_ssl_buffer_free(&buf); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_test_buffer` related functions is + * Test if the implementation of `mbedtls_test_ssl_buffer` related functions is * correct and works as expected. * * That is @@ -2606,15 +108,16 @@ void test_callback_buffer(int size, int put1, int put1_ret, int put_ret[ROUNDS]; size_t get[ROUNDS]; int get_ret[ROUNDS]; - mbedtls_test_buffer buf; + mbedtls_test_ssl_buffer buf; unsigned char *input = NULL; size_t input_len; unsigned char *output = NULL; size_t output_len; size_t i, j, written, read; - mbedtls_test_buffer_init(&buf); - TEST_ASSERT(mbedtls_test_buffer_setup(&buf, size) == 0); + mbedtls_test_ssl_buffer_init(&buf); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_buffer_setup(&buf, size) == 0); /* Check the sanity of input parameters and initialise local variables. That * is, ensure that the amount of data is not negative and that we are not @@ -2649,7 +152,7 @@ void test_callback_buffer(int size, int put1, int put1_ret, if (input_len == 0) { input_len = 1; } - ASSERT_ALLOC(input, input_len); + TEST_CALLOC(input, input_len); output_len = 0; for (j = 0; j < ROUNDS; j++) { @@ -2663,7 +166,7 @@ void test_callback_buffer(int size, int put1, int put1_ret, if (output_len == 0) { output_len = 1; } - ASSERT_ALLOC(output, output_len); + TEST_CALLOC(output, output_len); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ @@ -2673,11 +176,11 @@ void test_callback_buffer(int size, int put1, int put1_ret, written = read = 0; for (j = 0; j < ROUNDS; j++) { - TEST_ASSERT(put_ret[j] == mbedtls_test_buffer_put(&buf, - input + written, put[j])); + TEST_ASSERT(put_ret[j] == mbedtls_test_ssl_buffer_put(&buf, + input + written, put[j])); written += put_ret[j]; - TEST_ASSERT(get_ret[j] == mbedtls_test_buffer_get(&buf, - output + read, get[j])); + TEST_ASSERT(get_ret[j] == mbedtls_test_ssl_buffer_get(&buf, + output + read, get[j])); read += get_ret[j]; TEST_ASSERT(read <= written); if (get_ret[j] > 0) { @@ -2688,16 +191,16 @@ void test_callback_buffer(int size, int put1, int put1_ret, } exit: - mbedtls_free(input); mbedtls_free(output); - mbedtls_test_buffer_free(&buf); + mbedtls_test_ssl_buffer_free(&buf); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_mock_socket` related I/O functions is - * correct and works as expected on unconnected sockets. + * Test if the implementation of `mbedtls_test_mock_socket` related + * I/O functions is correct and works as expected on unconnected sockets. */ /* BEGIN_CASE */ @@ -2706,31 +209,32 @@ void ssl_mock_sanity() enum { MSGLEN = 105 }; unsigned char message[MSGLEN] = { 0 }; unsigned char received[MSGLEN] = { 0 }; - mbedtls_mock_socket socket; + mbedtls_test_mock_socket socket; - mbedtls_mock_socket_init(&socket); - TEST_ASSERT(mbedtls_mock_tcp_send_b(&socket, message, MSGLEN) < 0); - mbedtls_mock_socket_close(&socket); - mbedtls_mock_socket_init(&socket); - TEST_ASSERT(mbedtls_mock_tcp_recv_b(&socket, received, MSGLEN) < 0); - mbedtls_mock_socket_close(&socket); + mbedtls_test_mock_socket_init(&socket); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_mock_tcp_send_b(&socket, message, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); + mbedtls_test_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_b(&socket, received, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); - mbedtls_mock_socket_init(&socket); - TEST_ASSERT(mbedtls_mock_tcp_send_nb(&socket, message, MSGLEN) < 0); - mbedtls_mock_socket_close(&socket); - mbedtls_mock_socket_init(&socket); - TEST_ASSERT(mbedtls_mock_tcp_recv_nb(&socket, received, MSGLEN) < 0); - mbedtls_mock_socket_close(&socket); + mbedtls_test_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_test_mock_tcp_send_nb(&socket, message, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); + mbedtls_test_mock_socket_init(&socket); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_nb(&socket, received, MSGLEN) < 0); + mbedtls_test_mock_socket_close(&socket); exit: - - mbedtls_mock_socket_close(&socket); + mbedtls_test_mock_socket_close(&socket); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_mock_socket` related functions can - * send a single message from the client to the server. + * Test if the implementation of `mbedtls_test_mock_socket` related functions + * can send a single message from the client to the server. */ /* BEGIN_CASE */ @@ -2740,8 +244,8 @@ void ssl_mock_tcp(int blocking) enum { BUFLEN = MSGLEN / 5 }; unsigned char message[MSGLEN]; unsigned char received[MSGLEN]; - mbedtls_mock_socket client; - mbedtls_mock_socket server; + mbedtls_test_mock_socket client; + mbedtls_test_mock_socket server; size_t written, read; int send_ret, recv_ret; mbedtls_ssl_send_t *send; @@ -2749,15 +253,16 @@ void ssl_mock_tcp(int blocking) unsigned i; if (blocking == 0) { - send = mbedtls_mock_tcp_send_nb; - recv = mbedtls_mock_tcp_recv_nb; + send = mbedtls_test_mock_tcp_send_nb; + recv = mbedtls_test_mock_tcp_recv_nb; } else { - send = mbedtls_mock_tcp_send_b; - recv = mbedtls_mock_tcp_recv_b; + send = mbedtls_test_mock_tcp_send_b; + recv = mbedtls_test_mock_tcp_recv_b; } - mbedtls_mock_socket_init(&client); - mbedtls_mock_socket_init(&server); + mbedtls_test_mock_socket_init(&client); + mbedtls_test_mock_socket_init(&server); + USE_PSA_INIT(); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ @@ -2766,7 +271,8 @@ void ssl_mock_tcp(int blocking) } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, BUFLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + BUFLEN)); /* Send the message to the server */ send_ret = recv_ret = 1; @@ -2815,15 +321,15 @@ void ssl_mock_tcp(int blocking) TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); exit: - - mbedtls_mock_socket_close(&client); - mbedtls_mock_socket_close(&server); + mbedtls_test_mock_socket_close(&client); + mbedtls_test_mock_socket_close(&server); + USE_PSA_DONE(); } /* END_CASE */ /* - * Test if the implementation of `mbedtls_mock_socket` related functions can - * send messages in both direction at the same time (with the I/O calls + * Test if the implementation of `mbedtls_test_mock_socket` related functions + * can send messages in both direction at the same time (with the I/O calls * interleaving). */ @@ -2835,8 +341,8 @@ void ssl_mock_tcp_interleaving(int blocking) enum { BUFLEN = MSGLEN / 5 }; unsigned char message[ROUNDS][MSGLEN]; unsigned char received[ROUNDS][MSGLEN]; - mbedtls_mock_socket client; - mbedtls_mock_socket server; + mbedtls_test_mock_socket client; + mbedtls_test_mock_socket server; size_t written[ROUNDS]; size_t read[ROUNDS]; int send_ret[ROUNDS]; @@ -2846,15 +352,16 @@ void ssl_mock_tcp_interleaving(int blocking) mbedtls_ssl_recv_t *recv; if (blocking == 0) { - send = mbedtls_mock_tcp_send_nb; - recv = mbedtls_mock_tcp_recv_nb; + send = mbedtls_test_mock_tcp_send_nb; + recv = mbedtls_test_mock_tcp_recv_nb; } else { - send = mbedtls_mock_tcp_send_b; - recv = mbedtls_mock_tcp_recv_b; + send = mbedtls_test_mock_tcp_send_b; + recv = mbedtls_test_mock_tcp_recv_b; } - mbedtls_mock_socket_init(&client); - mbedtls_mock_socket_init(&server); + mbedtls_test_mock_socket_init(&client); + mbedtls_test_mock_socket_init(&server); + USE_PSA_INIT(); /* Fill up the buffers with structured data so that unwanted changes * can be detected */ @@ -2865,7 +372,8 @@ void ssl_mock_tcp_interleaving(int blocking) } /* Make sure that sending a message takes a few iterations. */ - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, BUFLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + BUFLEN)); /* Send the message from both sides, interleaving. */ progress = 1; @@ -2876,7 +384,7 @@ void ssl_mock_tcp_interleaving(int blocking) /* This loop does not stop as long as there was a successful write or read * of at least one byte on either side. */ while (progress != 0) { - mbedtls_mock_socket *socket; + mbedtls_test_mock_socket *socket; for (i = 0; i < ROUNDS; i++) { /* First sending is from the client */ @@ -2942,135 +450,145 @@ void ssl_mock_tcp_interleaving(int blocking) } exit: - - mbedtls_mock_socket_close(&client); - mbedtls_mock_socket_close(&server); + mbedtls_test_mock_socket_close(&client); + mbedtls_test_mock_socket_close(&server); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ void ssl_message_queue_sanity() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; + USE_PSA_INIT(); /* Trying to push/pull to an empty queue */ - TEST_ASSERT(mbedtls_test_message_queue_push_info(NULL, 1) + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(NULL, 1) == MBEDTLS_TEST_ERROR_ARG_NULL); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(NULL, 1) + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(NULL, 1) == MBEDTLS_TEST_ERROR_ARG_NULL); - TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); TEST_ASSERT(queue.capacity == 3); TEST_ASSERT(queue.num == 0); exit: - mbedtls_test_message_queue_free(&queue); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ void ssl_message_queue_basic() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; - TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); /* Sanity test - 3 pushes and 3 pops with sufficient space */ - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); TEST_ASSERT(queue.capacity == 3); TEST_ASSERT(queue.num == 1); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); TEST_ASSERT(queue.capacity == 3); TEST_ASSERT(queue.num == 2); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2); TEST_ASSERT(queue.capacity == 3); TEST_ASSERT(queue.num == 3); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2); exit: - mbedtls_test_message_queue_free(&queue); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ void ssl_message_queue_overflow_underflow() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; - TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); /* 4 pushes (last one with an error), 4 pops (last one with an error) */ - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 2) == 2); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 3) + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3) == MBEDTLS_ERR_SSL_WANT_WRITE); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == MBEDTLS_ERR_SSL_WANT_READ); exit: - mbedtls_test_message_queue_free(&queue); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ void ssl_message_queue_interleaved() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; - TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 3) == 0); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 3) == 0); /* Interleaved test - [2 pushes, 1 pop] twice, and then two pops * (to wrap around the buffer) */ - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 2) == 2); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 3) == 3); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 3) == 3); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 1) == 1); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 2) == 2); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 1) == 1); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 2) == 2); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 5) == 5); - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, 8) == 8); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 5) == 5); + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, 8) == 8); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 3) == 3); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 3) == 3); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 5) == 5); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 5) == 5); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, 8) == 8); + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, 8) == 8); exit: - mbedtls_test_message_queue_free(&queue); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ void ssl_message_queue_insufficient_buffer() { - mbedtls_test_message_queue queue; + mbedtls_test_ssl_message_queue queue = SSL_MESSAGE_QUEUE_INIT; size_t message_len = 10; size_t buffer_len = 5; - TEST_ASSERT(mbedtls_test_message_queue_setup(&queue, 1) == 0); + USE_PSA_INIT(); + TEST_ASSERT(mbedtls_test_ssl_message_queue_setup(&queue, 1) == 0); /* Popping without a sufficient buffer */ - TEST_ASSERT(mbedtls_test_message_queue_push_info(&queue, message_len) + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&queue, message_len) == (int) message_len); - TEST_ASSERT(mbedtls_test_message_queue_pop_info(&queue, buffer_len) + TEST_ASSERT(mbedtls_test_ssl_message_queue_pop_info(&queue, buffer_len) == (int) buffer_len); exit: - mbedtls_test_message_queue_free(&queue); + mbedtls_test_ssl_message_queue_free(&queue); + USE_PSA_DONE(); } /* END_CASE */ @@ -3079,44 +597,52 @@ void ssl_message_mock_uninitialized() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN] = { 0 }, received[MSGLEN]; - mbedtls_mock_socket client, server; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_mock_socket client, server; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); /* Send with a NULL context */ - TEST_ASSERT(mbedtls_mock_tcp_send_msg(NULL, message, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(NULL, message, MSGLEN) == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(NULL, message, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(NULL, message, MSGLEN) == MBEDTLS_TEST_ERROR_CONTEXT_ERROR); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 1, - &server, - &server_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, + &server, + &server_context) == 0); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 1, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, + &client, + &client_context) == 0); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MBEDTLS_TEST_ERROR_SEND_FAILED); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); /* Push directly to a queue to later simulate a disconnected behavior */ - TEST_ASSERT(mbedtls_test_message_queue_push_info(&server_queue, MSGLEN) + TEST_ASSERT(mbedtls_test_ssl_message_queue_push_info(&server_queue, + MSGLEN) == MSGLEN); /* Test if there's an error when trying to read from a disconnected * socket */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_TEST_ERROR_RECV_FAILED); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3125,52 +651,60 @@ void ssl_message_mock_basic() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 1, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 1, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - MSGLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN)); /* Send the message to the server */ - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); /* Read from the server */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); memset(received, 0, MSGLEN); /* Send the message to the client */ - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&server_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, + MSGLEN) + == MSGLEN); /* Read from the client */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3179,55 +713,65 @@ void ssl_message_mock_queue_overflow_underflow() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 2, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 2, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - MSGLEN*2)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN*2)); /* Send three message to the server, last one with an error */ - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN - 1) == MSGLEN - 1); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN - 1) + == MSGLEN - 1); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_WRITE); /* Read three messages from the server, last one with an error */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, - MSGLEN - 1) == MSGLEN - 1); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN - 1) + == MSGLEN - 1); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3236,46 +780,53 @@ void ssl_message_mock_socket_overflow() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 2, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 2, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - MSGLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN)); /* Send two message to the server, second one with an error */ - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MBEDTLS_TEST_ERROR_SEND_FAILED); /* Read the only message from the server */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3284,20 +835,24 @@ void ssl_message_mock_truncated() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 2, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 2, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 2, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 2, + &client, + &client_context) == 0); memset(received, 0, MSGLEN); /* Fill up the buffer with structured data so that unwanted changes @@ -3305,17 +860,20 @@ void ssl_message_mock_truncated() for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - 2 * MSGLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + 2 * MSGLEN)); /* Send two messages to the server, the second one small enough to fit in the * receiver's buffer. */ - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN / 2) == MSGLEN / 2); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN / 2) + == MSGLEN / 2); /* Read a truncated message from the server */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN/2) == MSGLEN/2); /* Test that the first half of the message is valid, and second one isn't */ @@ -3325,15 +883,17 @@ void ssl_message_mock_truncated() memset(received, 0, MSGLEN); /* Read a full message from the server */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN/2) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN/2) == MSGLEN / 2); /* Test that the first half of the message is valid */ TEST_ASSERT(memcmp(message, received, MSGLEN/2) == 0); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3342,35 +902,41 @@ void ssl_message_mock_socket_read_error() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 1, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 1, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 1, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 1, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - MSGLEN)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN)); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) + == MSGLEN); /* Force a read error by disconnecting the socket by hand */ server.status = 0; - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_TEST_ERROR_RECV_FAILED); /* Return to a valid state */ server.status = MBEDTLS_MOCK_SOCKET_CONNECTED; @@ -3379,14 +945,16 @@ void ssl_message_mock_socket_read_error() /* Test that even though the server tried to read once disconnected, the * continuity is preserved */ - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3395,55 +963,61 @@ void ssl_message_mock_interleaved_one_way() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 3, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 3, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 3, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 3, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - MSGLEN*3)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN*3)); /* Interleaved test - [2 sends, 1 read] twice, and then two reads * (to wrap around the buffer) */ for (i = 0; i < 2; i++) { - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); memset(received, 0, sizeof(received)); } for (i = 0; i < 2; i++) { - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); } - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3452,53 +1026,57 @@ void ssl_message_mock_interleaved_two_ways() { enum { MSGLEN = 10 }; unsigned char message[MSGLEN], received[MSGLEN]; - mbedtls_mock_socket client, server; + mbedtls_test_mock_socket client, server; unsigned i; - mbedtls_test_message_queue server_queue, client_queue; + mbedtls_test_ssl_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); - TEST_ASSERT(mbedtls_message_socket_setup(&server_queue, &client_queue, 3, - &server, - &server_context) == 0); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_message_socket_setup(&client_queue, &server_queue, 3, - &client, - &client_context) == 0); + TEST_ASSERT(mbedtls_test_message_socket_setup(&server_queue, + &client_queue, 3, + &server, + &server_context) == 0); + + TEST_ASSERT(mbedtls_test_message_socket_setup(&client_queue, + &server_queue, 3, + &client, + &client_context) == 0); /* Fill up the buffer with structured data so that unwanted changes * can be detected */ for (i = 0; i < MSGLEN; i++) { message[i] = i & 0xFF; } - TEST_ASSERT(0 == mbedtls_mock_socket_connect(&client, &server, - MSGLEN*3)); + TEST_ASSERT(0 == mbedtls_test_mock_socket_connect(&client, &server, + MSGLEN*3)); /* Interleaved test - [2 sends, 1 read] twice, both ways, and then two reads * (to wrap around the buffer) both ways. */ for (i = 0; i < 2; i++) { - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&client_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&client_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&server_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_send_msg(&server_context, message, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_send_msg(&server_context, message, + MSGLEN) == MSGLEN); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); memset(received, 0, sizeof(received)); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); @@ -3506,27 +1084,30 @@ void ssl_message_mock_interleaved_two_ways() } for (i = 0; i < 2; i++) { - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); memset(received, 0, sizeof(received)); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, - MSGLEN) == MSGLEN); + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MSGLEN); TEST_ASSERT(memcmp(message, received, MSGLEN) == 0); memset(received, 0, sizeof(received)); } - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&server_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&server_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); - TEST_ASSERT(mbedtls_mock_tcp_recv_msg(&client_context, received, MSGLEN) + TEST_ASSERT(mbedtls_test_mock_tcp_recv_msg(&client_context, received, + MSGLEN) == MBEDTLS_ERR_SSL_WANT_READ); exit: - mbedtls_message_socket_close(&server_context); - mbedtls_message_socket_close(&client_context); + mbedtls_test_message_socket_close(&server_context); + mbedtls_test_message_socket_close(&client_context); + USE_PSA_DONE(); } /* END_CASE */ @@ -3539,6 +1120,7 @@ void ssl_dtls_replay(data_t *prevs, data_t *new, int ret) mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, @@ -3556,21 +1138,33 @@ void ssl_dtls_replay(data_t *prevs, data_t *new, int ret) memcpy(ssl.in_ctr + 2, new->x, 6); TEST_ASSERT(mbedtls_ssl_dtls_replay_check(&ssl) == ret); +exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ void ssl_set_hostname_twice(char *hostname0, char *hostname1) { + const char *hostname; mbedtls_ssl_context ssl; + mbedtls_ssl_init(&ssl); + USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname0) == 0); - TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0); + hostname = mbedtls_ssl_get_hostname(&ssl); + TEST_ASSERT(strcmp(hostname0, hostname) == 0); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0); + hostname = mbedtls_ssl_get_hostname(&ssl); + TEST_ASSERT(strcmp(hostname1, hostname) == 0); + +exit: mbedtls_ssl_free(&ssl); + USE_PSA_DONE(); } /* END_CASE */ @@ -3594,15 +1188,15 @@ void ssl_crypt_record(int cipher_type, int hash_id, size_t const buflen = 512; mbedtls_record rec, rec_backup; - USE_PSA_INIT(); - mbedtls_ssl_init(&ssl); mbedtls_ssl_transform_init(&t0); mbedtls_ssl_transform_init(&t1); - ret = build_transforms(&t0, &t1, cipher_type, hash_id, - etm, tag_mode, ver, - (size_t) cid0_len, - (size_t) cid1_len); + MD_OR_USE_PSA_INIT(); + + ret = mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id, + etm, tag_mode, ver, + (size_t) cid0_len, + (size_t) cid1_len); TEST_ASSERT(ret == 0); @@ -3701,7 +1295,7 @@ exit: mbedtls_ssl_transform_free(&t1); mbedtls_free(buf); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -3748,15 +1342,15 @@ void ssl_crypt_record_small(int cipher_type, int hash_id, int seen_success; /* Indicates if in the current mode we've * already seen a successful test. */ - USE_PSA_INIT(); - mbedtls_ssl_init(&ssl); mbedtls_ssl_transform_init(&t0); mbedtls_ssl_transform_init(&t1); - ret = build_transforms(&t0, &t1, cipher_type, hash_id, - etm, tag_mode, ver, - (size_t) cid0_len, - (size_t) cid1_len); + MD_OR_USE_PSA_INIT(); + + ret = mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id, + etm, tag_mode, ver, + (size_t) cid0_len, + (size_t) cid1_len); TEST_ASSERT(ret == 0); @@ -3809,19 +1403,16 @@ void ssl_crypt_record_small(int cipher_type, int hash_id, ret = mbedtls_ssl_encrypt_buf(&ssl, t_enc, &rec, mbedtls_test_rnd_std_rand, NULL); - if ((mode == 1 || mode == 2) && seen_success) { - TEST_ASSERT(ret == 0); - } else { - TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); - if (ret == 0) { - seen_success = 1; - } - } - - if (ret != 0) { + if (ret == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) { + /* It's ok if the output buffer is too small. We do insist + * on at least one mode succeeding; this is tracked by + * seen_success. */ continue; } + TEST_EQUAL(ret, 0); + seen_success = 1; + #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) if (rec.cid_len != 0) { /* DTLS 1.2 + CID hides the real content type and @@ -3866,237 +1457,7 @@ exit: mbedtls_ssl_transform_free(&t1); mbedtls_free(buf); - USE_PSA_DONE(); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ -void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, - int length_selector) -{ - /* - * Test record decryption for CBC without EtM, focused on the verification - * of padding and MAC. - * - * Actually depends on TLS 1.2 and either AES, ARIA or Camellia, but since - * the test framework doesn't support alternation in dependency statements, - * just depend on AES. - * - * The length_selector argument is interpreted as follows: - * - if it's -1, the plaintext length is 0 and minimal padding is applied - * - if it's -2, the plaintext length is 0 and maximal padding is applied - * - otherwise it must be in [0, 255] and is padding_length from RFC 5246: - * it's the length of the rest of the padding, that is, excluding the - * byte that encodes the length. The minimal non-zero plaintext length - * that gives this padding_length is automatically selected. - */ - mbedtls_ssl_context ssl; /* ONLY for debugging */ - mbedtls_ssl_transform t0, t1; - mbedtls_record rec, rec_save; - unsigned char *buf = NULL, *buf_save = NULL; - size_t buflen, olen = 0; - size_t plaintext_len, block_size, i; - unsigned char padlen; /* excluding the padding_length byte */ - unsigned char add_data[13]; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT; - size_t sign_mac_length = 0; - unsigned char mac[PSA_HASH_MAX_SIZE]; -#else - unsigned char mac[MBEDTLS_MD_MAX_SIZE]; -#endif - int exp_ret; - int ret; - const unsigned char pad_max_len = 255; /* Per the standard */ - - USE_PSA_INIT(); - - mbedtls_ssl_init(&ssl); - mbedtls_ssl_transform_init(&t0); - mbedtls_ssl_transform_init(&t1); - - /* Set up transforms with dummy keys */ - ret = build_transforms(&t0, &t1, cipher_type, hash_id, - 0, trunc_hmac, - MBEDTLS_SSL_VERSION_TLS1_2, - 0, 0); - - TEST_ASSERT(ret == 0); - - /* Determine padding/plaintext length */ - TEST_ASSERT(length_selector >= -2 && length_selector <= 255); - block_size = t0.ivlen; - if (length_selector < 0) { - plaintext_len = 0; - - /* Minimal padding - * The +1 is for the padding_length byte, not counted in padlen. */ - padlen = block_size - (t0.maclen + 1) % block_size; - - /* Maximal padding? */ - if (length_selector == -2) { - padlen += block_size * ((pad_max_len - padlen) / block_size); - } - } else { - padlen = length_selector; - - /* Minimal non-zero plaintext_length giving desired padding. - * The +1 is for the padding_length byte, not counted in padlen. */ - plaintext_len = block_size - (padlen + t0.maclen + 1) % block_size; - } - - /* Prepare a buffer for record data */ - buflen = block_size - + plaintext_len - + t0.maclen - + padlen + 1; - ASSERT_ALLOC(buf, buflen); - ASSERT_ALLOC(buf_save, buflen); - - /* Prepare a dummy record header */ - memset(rec.ctr, 0, sizeof(rec.ctr)); - rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; - mbedtls_ssl_write_version(rec.ver, MBEDTLS_SSL_TRANSPORT_STREAM, - MBEDTLS_SSL_VERSION_TLS1_2); -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - rec.cid_len = 0; -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - - /* Prepare dummy record content */ - rec.buf = buf; - rec.buf_len = buflen; - rec.data_offset = block_size; - rec.data_len = plaintext_len; - memset(rec.buf + rec.data_offset, 42, rec.data_len); - - /* Serialized version of record header for MAC purposes */ - memcpy(add_data, rec.ctr, 8); - add_data[8] = rec.type; - add_data[9] = rec.ver[0]; - add_data[10] = rec.ver[1]; - add_data[11] = (rec.data_len >> 8) & 0xff; - add_data[12] = (rec.data_len >> 0) & 0xff; - - /* Set dummy IV */ - memset(t0.iv_enc, 0x55, t0.ivlen); - memcpy(rec.buf, t0.iv_enc, t0.ivlen); - - /* - * Prepare a pre-encryption record (with MAC and padding), and save it. - */ - - /* MAC with additional data */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_setup(&operation, - t0.psa_mac_enc, - t0.psa_mac_alg)); - TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, add_data, 13)); - TEST_EQUAL(PSA_SUCCESS, psa_mac_update(&operation, - rec.buf + rec.data_offset, - rec.data_len)); - TEST_EQUAL(PSA_SUCCESS, psa_mac_sign_finish(&operation, - mac, sizeof(mac), - &sign_mac_length)); -#else - TEST_EQUAL(0, mbedtls_md_hmac_update(&t0.md_ctx_enc, add_data, 13)); - TEST_EQUAL(0, mbedtls_md_hmac_update(&t0.md_ctx_enc, - rec.buf + rec.data_offset, - rec.data_len)); - TEST_EQUAL(0, mbedtls_md_hmac_finish(&t0.md_ctx_enc, mac)); -#endif - - memcpy(rec.buf + rec.data_offset + rec.data_len, mac, t0.maclen); - rec.data_len += t0.maclen; - - /* Pad */ - memset(rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1); - rec.data_len += padlen + 1; - - /* Save correct pre-encryption record */ - rec_save = rec; - rec_save.buf = buf_save; - memcpy(buf_save, buf, buflen); - - /* - * Encrypt and decrypt the correct record, expecting success - */ - TEST_EQUAL(0, psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen)); - rec.data_offset -= t0.ivlen; - rec.data_len += t0.ivlen; - - TEST_EQUAL(0, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); - - /* - * Modify each byte of the pre-encryption record before encrypting and - * decrypting it, expecting failure every time. - */ - for (i = block_size; i < buflen; i++) { - mbedtls_test_set_step(i); - - /* Restore correct pre-encryption record */ - rec = rec_save; - rec.buf = buf; - memcpy(buf, buf_save, buflen); - - /* Corrupt one byte of the data (could be plaintext, MAC or padding) */ - rec.buf[i] ^= 0x01; - - /* Encrypt */ - TEST_EQUAL(0, psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen)); - rec.data_offset -= t0.ivlen; - rec.data_len += t0.ivlen; - - /* Decrypt and expect failure */ - TEST_EQUAL(MBEDTLS_ERR_SSL_INVALID_MAC, - mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); - } - - /* - * Use larger values of the padding bytes - with small buffers, this tests - * the case where the announced padlen would be larger than the buffer - * (and before that, than the buffer minus the size of the MAC), to make - * sure our padding checking code does not perform any out-of-bounds reads - * in this case. (With larger buffers, ie when the plaintext is long or - * maximal length padding is used, this is less relevant but still doesn't - * hurt to test.) - * - * (Start the loop with correct padding, just to double-check that record - * saving did work, and that we're overwriting the correct bytes.) - */ - for (i = padlen; i <= pad_max_len; i++) { - mbedtls_test_set_step(i); - - /* Restore correct pre-encryption record */ - rec = rec_save; - rec.buf = buf; - memcpy(buf, buf_save, buflen); - - /* Set padding bytes to new value */ - memset(buf + buflen - padlen - 1, i, padlen + 1); - - /* Encrypt */ - TEST_EQUAL(0, psa_cipher_encrypt_helper(&t0, t0.iv_enc, t0.ivlen, - rec.buf + rec.data_offset, rec.data_len, - rec.buf + rec.data_offset, &olen)); - rec.data_offset -= t0.ivlen; - rec.data_len += t0.ivlen; - - /* Decrypt and expect failure except the first time */ - exp_ret = (i == padlen) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; - TEST_EQUAL(exp_ret, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); - } - -exit: - mbedtls_ssl_free(&ssl); - mbedtls_ssl_transform_free(&t0); - mbedtls_ssl_transform_free(&t1); - mbedtls_free(buf); - mbedtls_free(buf_save); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -4135,9 +1496,10 @@ void ssl_tls13_hkdf_expand_label(int hash_alg, ctx->x, ctx->len, dst, desired_length) == 0); - ASSERT_COMPARE(dst, (size_t) desired_length, - expected->x, (size_t) expected->len); + TEST_MEMORY_COMPARE(dst, (size_t) desired_length, + expected->x, (size_t) expected->len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4157,10 +1519,12 @@ void ssl_tls13_traffic_key_generation(int hash_alg, /* Check sanity of test parameters. */ TEST_ASSERT(client_secret->len == server_secret->len); - TEST_ASSERT(expected_client_write_iv->len == expected_server_write_iv->len && - expected_client_write_iv->len == (size_t) desired_iv_len); - TEST_ASSERT(expected_client_write_key->len == expected_server_write_key->len && - expected_client_write_key->len == (size_t) desired_key_len); + TEST_ASSERT( + expected_client_write_iv->len == expected_server_write_iv->len && + expected_client_write_iv->len == (size_t) desired_iv_len); + TEST_ASSERT( + expected_client_write_key->len == expected_server_write_key->len && + expected_client_write_key->len == (size_t) desired_key_len); PSA_INIT(); @@ -4172,23 +1536,24 @@ void ssl_tls13_traffic_key_generation(int hash_alg, desired_key_len, desired_iv_len, &keys) == 0); - ASSERT_COMPARE(keys.client_write_key, - keys.key_len, - expected_client_write_key->x, - (size_t) desired_key_len); - ASSERT_COMPARE(keys.server_write_key, - keys.key_len, - expected_server_write_key->x, - (size_t) desired_key_len); - ASSERT_COMPARE(keys.client_write_iv, - keys.iv_len, - expected_client_write_iv->x, - (size_t) desired_iv_len); - ASSERT_COMPARE(keys.server_write_iv, - keys.iv_len, - expected_server_write_iv->x, - (size_t) desired_iv_len); + TEST_MEMORY_COMPARE(keys.client_write_key, + keys.key_len, + expected_client_write_key->x, + (size_t) desired_key_len); + TEST_MEMORY_COMPARE(keys.server_write_key, + keys.key_len, + expected_server_write_key->x, + (size_t) desired_key_len); + TEST_MEMORY_COMPARE(keys.client_write_iv, + keys.iv_len, + expected_client_write_iv->x, + (size_t) desired_iv_len); + TEST_MEMORY_COMPARE(keys.server_write_iv, + keys.iv_len, + expected_server_write_iv->x, + (size_t) desired_iv_len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4230,9 +1595,10 @@ void ssl_tls13_derive_secret(int hash_alg, already_hashed, dst, desired_length) == 0); - ASSERT_COMPARE(dst, desired_length, - expected->x, desired_length); + TEST_MEMORY_COMPARE(dst, desired_length, + expected->x, desired_length); +exit: PSA_DONE(); } /* END_CASE */ @@ -4261,11 +1627,12 @@ void ssl_tls13_derive_early_secrets(int hash_alg, alg, secret->x, transcript->x, transcript->len, &secrets) == 0); - ASSERT_COMPARE(secrets.client_early_traffic_secret, hash_len, - traffic_expected->x, traffic_expected->len); - ASSERT_COMPARE(secrets.early_exporter_master_secret, hash_len, - exporter_expected->x, exporter_expected->len); + TEST_MEMORY_COMPARE(secrets.client_early_traffic_secret, hash_len, + traffic_expected->x, traffic_expected->len); + TEST_MEMORY_COMPARE(secrets.early_exporter_master_secret, hash_len, + exporter_expected->x, exporter_expected->len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4294,11 +1661,12 @@ void ssl_tls13_derive_handshake_secrets(int hash_alg, alg, secret->x, transcript->x, transcript->len, &secrets) == 0); - ASSERT_COMPARE(secrets.client_handshake_traffic_secret, hash_len, - client_expected->x, client_expected->len); - ASSERT_COMPARE(secrets.server_handshake_traffic_secret, hash_len, - server_expected->x, server_expected->len); + TEST_MEMORY_COMPARE(secrets.client_handshake_traffic_secret, hash_len, + client_expected->x, client_expected->len); + TEST_MEMORY_COMPARE(secrets.server_handshake_traffic_secret, hash_len, + server_expected->x, server_expected->len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4329,13 +1697,14 @@ void ssl_tls13_derive_application_secrets(int hash_alg, alg, secret->x, transcript->x, transcript->len, &secrets) == 0); - ASSERT_COMPARE(secrets.client_application_traffic_secret_N, hash_len, - client_expected->x, client_expected->len); - ASSERT_COMPARE(secrets.server_application_traffic_secret_N, hash_len, - server_expected->x, server_expected->len); - ASSERT_COMPARE(secrets.exporter_master_secret, hash_len, - exporter_expected->x, exporter_expected->len); + TEST_MEMORY_COMPARE(secrets.client_application_traffic_secret_N, hash_len, + client_expected->x, client_expected->len); + TEST_MEMORY_COMPARE(secrets.server_application_traffic_secret_N, hash_len, + server_expected->x, server_expected->len); + TEST_MEMORY_COMPARE(secrets.exporter_master_secret, hash_len, + exporter_expected->x, exporter_expected->len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4362,9 +1731,10 @@ void ssl_tls13_derive_resumption_secrets(int hash_alg, alg, secret->x, transcript->x, transcript->len, &secrets) == 0); - ASSERT_COMPARE(secrets.resumption_master_secret, hash_len, - resumption_expected->x, resumption_expected->len); + TEST_MEMORY_COMPARE(secrets.resumption_master_secret, hash_len, + resumption_expected->x, resumption_expected->len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4376,7 +1746,7 @@ void ssl_tls13_create_psk_binder(int hash_alg, data_t *transcript, data_t *binder_expected) { - unsigned char binder[MBEDTLS_HASH_MAX_SIZE]; + unsigned char binder[MBEDTLS_MD_MAX_SIZE]; /* Double-check that we've passed sane parameters. */ psa_algorithm_t alg = (psa_algorithm_t) hash_alg; @@ -4395,14 +1765,15 @@ void ssl_tls13_create_psk_binder(int hash_alg, transcript->x, binder) == 0); - ASSERT_COMPARE(binder, hash_len, - binder_expected->x, binder_expected->len); + TEST_MEMORY_COMPARE(binder, hash_len, + binder_expected->x, binder_expected->len); +exit: PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3 */ void ssl_tls13_record_protection(int ciphersuite, int endpoint, int ctr, @@ -4422,8 +1793,6 @@ void ssl_tls13_record_protection(int ciphersuite, size_t buf_len; int other_endpoint; - USE_PSA_INIT(); - TEST_ASSERT(endpoint == MBEDTLS_SSL_IS_CLIENT || endpoint == MBEDTLS_SSL_IS_SERVER); @@ -4451,6 +1820,7 @@ void ssl_tls13_record_protection(int ciphersuite, mbedtls_ssl_transform_init(&transform_recv); mbedtls_ssl_transform_init(&transform_send); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_tls13_populate_transform( &transform_send, endpoint, @@ -4462,7 +1832,7 @@ void ssl_tls13_record_protection(int ciphersuite, /* Make sure we have enough space in the buffer even if * we use more padding than the KAT. */ buf_len = ciphertext->len + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY; - ASSERT_ALLOC(buf, buf_len); + TEST_CALLOC(buf, buf_len); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */ @@ -4488,18 +1858,19 @@ void ssl_tls13_record_protection(int ciphersuite, NULL, NULL) == 0); if (padding_used == MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) { - ASSERT_COMPARE(rec.buf + rec.data_offset, rec.data_len, - ciphertext->x, ciphertext->len); + TEST_MEMORY_COMPARE(rec.buf + rec.data_offset, rec.data_len, + ciphertext->x, ciphertext->len); } TEST_ASSERT(mbedtls_ssl_decrypt_buf(NULL, &transform_recv, &rec) == 0); - ASSERT_COMPARE(rec.buf + rec.data_offset, rec.data_len, - plaintext->x, plaintext->len); + TEST_MEMORY_COMPARE(rec.buf + rec.data_offset, rec.data_len, + plaintext->x, plaintext->len); +exit: mbedtls_free(buf); mbedtls_ssl_transform_free(&transform_send); mbedtls_ssl_transform_free(&transform_recv); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -4509,7 +1880,7 @@ void ssl_tls13_key_evolution(int hash_alg, data_t *input, data_t *expected) { - unsigned char secret_new[MBEDTLS_HASH_MAX_SIZE]; + unsigned char secret_new[MBEDTLS_MD_MAX_SIZE]; PSA_INIT(); @@ -4519,9 +1890,10 @@ void ssl_tls13_key_evolution(int hash_alg, input->len ? input->x : NULL, input->len, secret_new) == 0); - ASSERT_COMPARE(secret_new, (size_t) expected->len, - expected->x, (size_t) expected->len); + TEST_MEMORY_COMPARE(secret_new, (size_t) expected->len, + expected->x, (size_t) expected->len); +exit: PSA_DONE(); } /* END_CASE */ @@ -4537,7 +1909,7 @@ void ssl_tls_prf(int type, data_t *secret, data_t *random, goto exit; } - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_tls_prf(type, secret->x, secret->len, label, random->x, random->len, @@ -4550,7 +1922,7 @@ void ssl_tls_prf(int type, data_t *secret, data_t *random, exit: mbedtls_free(output); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -4565,21 +1937,21 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, /* * Test that a save-load pair is the identity */ - mbedtls_ssl_session_init(&original); mbedtls_ssl_session_init(&restored); + USE_PSA_INIT(); /* Prepare a dummy session to work on */ ((void) endpoint_type); ((void) tls_version); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(ssl_tls13_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &original, 0, endpoint_type) == 0); } else #endif { - TEST_ASSERT(ssl_tls12_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &original, ticket_len, crt_file) == 0); } @@ -4699,6 +2071,7 @@ exit: mbedtls_ssl_session_free(&original); mbedtls_ssl_session_free(&restored); mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ @@ -4713,20 +2086,20 @@ void ssl_serialize_session_load_save(int ticket_len, char *crt_file, /* * Test that a load-save pair is the identity */ - mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Prepare a dummy session to work on */ ((void) endpoint_type); ((void) tls_version); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(ssl_tls13_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); } else #endif { - TEST_ASSERT(ssl_tls12_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, ticket_len, crt_file) == 0); } @@ -4761,6 +2134,7 @@ exit: mbedtls_ssl_session_free(&session); mbedtls_free(buf1); mbedtls_free(buf2); + USE_PSA_DONE(); } /* END_CASE */ @@ -4775,20 +2149,20 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, /* * Test that session_save() fails cleanly on small buffers */ - mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Prepare dummy session and get serialized size */ ((void) endpoint_type); ((void) tls_version); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(ssl_tls13_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); } else #endif { - TEST_ASSERT(ssl_tls12_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, ticket_len, crt_file) == 0); } TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) @@ -4808,6 +2182,7 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, exit: mbedtls_ssl_session_free(&session); mbedtls_free(buf); + USE_PSA_DONE(); } /* END_CASE */ @@ -4822,20 +2197,20 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, /* * Test that session_load() fails cleanly on small buffers */ - mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); /* Prepare serialized session data */ ((void) endpoint_type); ((void) tls_version); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(ssl_tls13_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); } else #endif { - TEST_ASSERT(ssl_tls12_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, ticket_len, crt_file) == 0); } TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) @@ -4861,6 +2236,7 @@ exit: mbedtls_ssl_session_free(&session); mbedtls_free(good_buf); mbedtls_free(bad_buf); + USE_PSA_DONE(); } /* END_CASE */ @@ -4883,15 +2259,17 @@ void ssl_session_serialize_version_check(int corrupt_major, corrupt_config == 1 }; mbedtls_ssl_session_init(&session); + USE_PSA_INIT(); ((void) endpoint_type); ((void) tls_version); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(ssl_tls13_populate_session( + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); } else #endif - TEST_ASSERT(ssl_tls12_populate_session(&session, 0, NULL) == 0); + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, 0, NULL) == 0); /* Infer length of serialized session. */ @@ -4934,70 +2312,95 @@ void ssl_session_serialize_version_check(int corrupt_major, *byte ^= corrupted_bit; } } - +exit: + USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 */ void mbedtls_endpoint_sanity(int endpoint_type) { enum { BUFFSIZE = 1024 }; - mbedtls_endpoint ep; + mbedtls_test_ssl_endpoint ep; int ret = -1; - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.pk_alg = MBEDTLS_PK_RSA; - ret = mbedtls_endpoint_init(NULL, endpoint_type, &options, - NULL, NULL, NULL, NULL); + MD_OR_USE_PSA_INIT(); + + ret = mbedtls_test_ssl_endpoint_init(NULL, endpoint_type, &options, + NULL, NULL, NULL, NULL); TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_endpoint_certificate_init(NULL, options.pk_alg, 0, 0, 0); + ret = mbedtls_test_ssl_endpoint_certificate_init(NULL, options.pk_alg, + 0, 0, 0); TEST_ASSERT(MBEDTLS_ERR_SSL_BAD_INPUT_DATA == ret); - ret = mbedtls_endpoint_init(&ep, endpoint_type, &options, - NULL, NULL, NULL, NULL); + ret = mbedtls_test_ssl_endpoint_init(&ep, endpoint_type, &options, + NULL, NULL, NULL, NULL); TEST_ASSERT(ret == 0); exit: - mbedtls_endpoint_free(&ep, NULL); - free_handshake_options(&options); + mbedtls_test_ssl_endpoint_free(&ep, NULL); + mbedtls_test_free_handshake_options(&options); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */ -void move_handshake_to_state(int endpoint_type, int state, int need_pass) +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_HAVE_ECC_KEYS */ +void move_handshake_to_state(int endpoint_type, int tls_version, int state, int need_pass) { enum { BUFFSIZE = 1024 }; - mbedtls_endpoint base_ep, second_ep; + mbedtls_test_ssl_endpoint base_ep, second_ep; int ret = -1; - handshake_test_options options; - init_handshake_options(&options); + (void) tls_version; + + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); + options.pk_alg = MBEDTLS_PK_RSA; - USE_PSA_INIT(); + /* + * If both TLS 1.2 and 1.3 are enabled and we want to do a TLS 1.2 + * handshake, force the TLS 1.2 version on endpoint under test. + */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (MBEDTLS_SSL_VERSION_TLS1_2 == tls_version) { + if (MBEDTLS_SSL_IS_CLIENT == endpoint_type) { + options.client_min_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.client_max_version = MBEDTLS_SSL_VERSION_TLS1_2; + } else { + options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2; + } + } +#endif + + MD_OR_USE_PSA_INIT(); mbedtls_platform_zeroize(&base_ep, sizeof(base_ep)); mbedtls_platform_zeroize(&second_ep, sizeof(second_ep)); - ret = mbedtls_endpoint_init(&base_ep, endpoint_type, &options, - NULL, NULL, NULL, NULL); + ret = mbedtls_test_ssl_endpoint_init(&base_ep, endpoint_type, &options, + NULL, NULL, NULL, NULL); TEST_ASSERT(ret == 0); - ret = mbedtls_endpoint_init(&second_ep, - (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? - MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, - &options, NULL, NULL, NULL, NULL); + ret = mbedtls_test_ssl_endpoint_init( + &second_ep, + (endpoint_type == MBEDTLS_SSL_IS_SERVER) ? + MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER, + &options, NULL, NULL, NULL, NULL); TEST_ASSERT(ret == 0); - ret = mbedtls_mock_socket_connect(&(base_ep.socket), - &(second_ep.socket), - BUFFSIZE); + ret = mbedtls_test_mock_socket_connect(&(base_ep.socket), + &(second_ep.socket), + BUFFSIZE); TEST_ASSERT(ret == 0); - ret = mbedtls_move_handshake_to_state(&(base_ep.ssl), - &(second_ep.ssl), - state); + ret = mbedtls_test_move_handshake_to_state(&(base_ep.ssl), + &(second_ep.ssl), + state); if (need_pass) { TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_SSL_WANT_READ || @@ -5011,20 +2414,20 @@ void move_handshake_to_state(int endpoint_type, int state, int need_pass) } exit: - free_handshake_options(&options); - mbedtls_endpoint_free(&base_ep, NULL); - mbedtls_endpoint_free(&second_ep, NULL); - USE_PSA_DONE(); + mbedtls_test_free_handshake_options(&options); + mbedtls_test_ssl_endpoint_free(&base_ep, NULL); + mbedtls_test_ssl_endpoint_free(&second_ep, NULL); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void handshake_version(int dtls, int client_min_version, int client_max_version, int server_min_version, int server_max_version, int expected_negotiated_version) { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.client_min_version = client_min_version; options.client_max_version = client_max_version; @@ -5033,38 +2436,42 @@ void handshake_version(int dtls, int client_min_version, int client_max_version, options.expected_negotiated_version = expected_negotiated_version; options.dtls = dtls; - perform_handshake(&options); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 */ void handshake_psk_cipher(char *cipher, int pk_alg, data_t *psk_str, int dtls) { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.cipher = cipher; options.dtls = dtls; options.psk_str = psk_str; options.pk_alg = pk_alg; - perform_handshake(&options); + options.client_min_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.client_max_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; + + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 */ void handshake_cipher(char *cipher, int pk_alg, int dtls) { test_handshake_psk_cipher(cipher, pk_alg, NULL, dtls); @@ -5074,14 +2481,14 @@ void handshake_cipher(char *cipher, int pk_alg, int dtls) } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 */ void handshake_ciphersuite_select(char *cipher, int pk_alg, data_t *psk_str, int psa_alg, int psa_alg2, int psa_usage, int expected_handshake_result, int expected_ciphersuite) { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.cipher = cipher; options.psk_str = psk_str; @@ -5091,23 +2498,28 @@ void handshake_ciphersuite_select(char *cipher, int pk_alg, data_t *psk_str, options.opaque_usage = psa_usage; options.expected_handshake_result = expected_handshake_result; options.expected_ciphersuite = expected_ciphersuite; - perform_handshake(&options); + + options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; + + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 */ void app_data(int mfl, int cli_msg_len, int srv_msg_len, int expected_cli_fragments, int expected_srv_fragments, int dtls) { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.mfl = mfl; options.cli_msg_len = cli_msg_len; @@ -5115,21 +2527,22 @@ void app_data(int mfl, int cli_msg_len, int srv_msg_len, options.expected_cli_fragments = expected_cli_fragments; options.expected_srv_fragments = expected_srv_fragments; options.dtls = dtls; -#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) - options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_3; -#endif - perform_handshake(&options); + options.client_min_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.client_max_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; + + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len, int expected_cli_fragments, int expected_srv_fragments) @@ -5141,7 +2554,7 @@ void app_data_tls(int mfl, int cli_msg_len, int srv_msg_len, } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len, int expected_cli_fragments, int expected_srv_fragments) @@ -5153,46 +2566,48 @@ void app_data_dtls(int mfl, int cli_msg_len, int srv_msg_len, } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void handshake_serialization() { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.serialize = 1; options.dtls = 1; - perform_handshake(&options); + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_AES_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ void handshake_fragmentation(int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation) { - handshake_test_options options; - log_pattern srv_pattern, cli_pattern; + mbedtls_test_handshake_test_options options; + mbedtls_test_ssl_log_pattern srv_pattern, cli_pattern; srv_pattern.pattern = cli_pattern.pattern = "found fragmented DTLS handshake"; srv_pattern.counter = 0; cli_pattern.counter = 0; - init_handshake_options(&options); + mbedtls_test_init_handshake_options(&options); options.dtls = 1; + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; options.mfl = mfl; /* Set cipher to one using CBC so that record splitting can be tested */ options.cipher = "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256"; options.srv_auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; options.srv_log_obj = &srv_pattern; options.cli_log_obj = &cli_pattern; - options.srv_log_fun = log_analyzer; - options.cli_log_fun = log_analyzer; + options.srv_log_fun = mbedtls_test_ssl_log_analyzer; + options.cli_log_fun = mbedtls_test_ssl_log_analyzer; - perform_handshake(&options); + mbedtls_test_ssl_perform_handshake(&options); /* Test if the server received a fragmented handshake */ if (expected_srv_hs_fragmentation) { @@ -5204,35 +2619,36 @@ void handshake_fragmentation(int mfl, } exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void renegotiation(int legacy_renegotiation) { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.renegotiate = 1; options.legacy_renegotiation = legacy_renegotiation; options.dtls = 1; + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; - perform_handshake(&options); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 */ void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, int serialize, int dtls, char *cipher) { - handshake_test_options options; - init_handshake_options(&options); + mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); options.mfl = mfl; options.cipher = cipher; @@ -5240,34 +2656,35 @@ void resize_buffers(int mfl, int renegotiation, int legacy_renegotiation, options.legacy_renegotiation = legacy_renegotiation; options.serialize = serialize; options.dtls = dtls; + if (dtls) { + options.expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; + } options.resize_buffers = 1; - perform_handshake(&options); + mbedtls_test_ssl_perform_handshake(&options); /* The goto below is used to avoid an "unused label" warning.*/ goto exit; exit: - free_handshake_options(&options); + mbedtls_test_free_handshake_options(&options); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_CONTEXT_SERIALIZATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void resize_buffers_serialize_mfl(int mfl) { test_resize_buffers(mfl, 0, MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION, 1, 1, (char *) ""); - /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH:MBEDTLS_SSL_RENEGOTIATION:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY */ void resize_buffers_renegotiate_mfl(int mfl, int legacy_renegotiation, char *cipher) { test_resize_buffers(mfl, 1, legacy_renegotiation, 0, 1, cipher); - /* The goto below is used to avoid an "unused label" warning.*/ goto exit; } @@ -5284,8 +2701,8 @@ void test_multiple_psks() mbedtls_ssl_config conf; - USE_PSA_INIT(); mbedtls_ssl_config_init(&conf); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_conf_psk(&conf, psk0, sizeof(psk0), @@ -5296,10 +2713,8 @@ void test_multiple_psks() MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE); exit: - mbedtls_ssl_config_free(&conf); - - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -5328,8 +2743,8 @@ void test_multiple_psks_opaque(int mode) mbedtls_ssl_config conf; - USE_PSA_INIT(); mbedtls_ssl_config_init(&conf); + MD_OR_USE_PSA_INIT(); switch (mode) { case 0: @@ -5380,9 +2795,8 @@ void test_multiple_psks_opaque(int mode) } exit: - mbedtls_ssl_config_free(&conf); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -5397,6 +2811,7 @@ void conf_version(int endpoint, int transport, mbedtls_ssl_config_init(&conf); mbedtls_ssl_init(&ssl); + MD_OR_USE_PSA_INIT(); mbedtls_ssl_conf_endpoint(&conf, endpoint); mbedtls_ssl_conf_transport(&conf, transport); @@ -5404,13 +2819,18 @@ void conf_version(int endpoint, int transport, mbedtls_ssl_conf_max_tls_version(&conf, max_tls_version); TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == expected_ssl_setup_result); + TEST_EQUAL(mbedtls_ssl_conf_get_endpoint( + mbedtls_ssl_context_get_config(&ssl)), endpoint); mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + +exit: + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECP_C:!MBEDTLS_DEPRECATED_REMOVED:!MBEDTLS_DEPRECATED_WARNING:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C:!MBEDTLS_DEPRECATED_REMOVED:!MBEDTLS_DEPRECATED_WARNING:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_ECP_HAVE_SECP224R1:MBEDTLS_ECP_HAVE_SECP256R1 */ void conf_curve() { @@ -5436,20 +2856,25 @@ void conf_curve() mbedtls_ssl_context ssl; mbedtls_ssl_init(&ssl); + MD_OR_USE_PSA_INIT(); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); TEST_ASSERT(ssl.handshake != NULL && ssl.handshake->group_list != NULL); TEST_ASSERT(ssl.conf != NULL && ssl.conf->group_list == NULL); - TEST_EQUAL(ssl.handshake->group_list[ARRAY_LENGTH(iana_tls_group_list) - 1], + TEST_EQUAL(ssl.handshake-> + group_list[ARRAY_LENGTH(iana_tls_group_list) - 1], MBEDTLS_SSL_IANA_TLS_GROUP_NONE); for (size_t i = 0; i < ARRAY_LENGTH(iana_tls_group_list); i++) { TEST_EQUAL(iana_tls_group_list[i], ssl.handshake->group_list[i]); } +exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -5471,85 +2896,90 @@ void conf_group() mbedtls_ssl_context ssl; mbedtls_ssl_init(&ssl); + MD_OR_USE_PSA_INIT(); + TEST_ASSERT(mbedtls_ssl_setup(&ssl, &conf) == 0); TEST_ASSERT(ssl.conf != NULL && ssl.conf->group_list != NULL); - TEST_EQUAL(ssl.conf->group_list[ARRAY_LENGTH(iana_tls_group_list) - 1], + TEST_EQUAL(ssl.conf-> + group_list[ARRAY_LENGTH(iana_tls_group_list) - 1], MBEDTLS_SSL_IANA_TLS_GROUP_NONE); for (size_t i = 0; i < ARRAY_LENGTH(iana_tls_group_list); i++) { TEST_EQUAL(iana_tls_group_list[i], ssl.conf->group_list[i]); } +exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_CACHE_C:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_DEBUG_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 */ void force_bad_session_id_len() { enum { BUFFSIZE = 1024 }; - handshake_test_options options; - mbedtls_endpoint client, server; - log_pattern srv_pattern, cli_pattern; + mbedtls_test_handshake_test_options options; + mbedtls_test_ssl_endpoint client, server; + mbedtls_test_ssl_log_pattern srv_pattern, cli_pattern; mbedtls_test_message_socket_context server_context, client_context; srv_pattern.pattern = cli_pattern.pattern = "cache did not store session"; srv_pattern.counter = 0; - init_handshake_options(&options); + mbedtls_test_init_handshake_options(&options); options.srv_log_obj = &srv_pattern; - options.srv_log_fun = log_analyzer; + options.srv_log_fun = mbedtls_test_ssl_log_analyzer; - USE_PSA_INIT(); mbedtls_platform_zeroize(&client, sizeof(client)); mbedtls_platform_zeroize(&server, sizeof(server)); - mbedtls_message_socket_init(&server_context); - mbedtls_message_socket_init(&client_context); + mbedtls_test_message_socket_init(&server_context); + mbedtls_test_message_socket_init(&client_context); + MD_OR_USE_PSA_INIT(); - TEST_ASSERT(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, - &options, NULL, NULL, - NULL, NULL) == 0); + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + &options, NULL, NULL, + NULL, NULL) == 0); - TEST_ASSERT(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, - &options, NULL, NULL, NULL, - NULL) == 0); + TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + &options, NULL, NULL, NULL, + NULL) == 0); mbedtls_debug_set_threshold(1); mbedtls_ssl_conf_dbg(&server.conf, options.srv_log_fun, options.srv_log_obj); - TEST_ASSERT(mbedtls_mock_socket_connect(&(client.socket), - &(server.socket), - BUFFSIZE) == 0); + TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE) == 0); - TEST_ASSERT(mbedtls_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_WRAPUP) + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0); /* Force a bad session_id_len that will be read by the server in * mbedtls_ssl_cache_set. */ server.ssl.session_negotiate->id_len = 33; if (options.cli_msg_len != 0 || options.srv_msg_len != 0) { /* Start data exchanging test */ - TEST_ASSERT(mbedtls_exchange_data(&(client.ssl), options.cli_msg_len, - options.expected_cli_fragments, - &(server.ssl), options.srv_msg_len, - options.expected_srv_fragments) + TEST_ASSERT(mbedtls_test_ssl_exchange_data( + &(client.ssl), options.cli_msg_len, + options.expected_cli_fragments, + &(server.ssl), options.srv_msg_len, + options.expected_srv_fragments) == 0); } /* Make sure that the cache did not store the session */ TEST_EQUAL(srv_pattern.counter, 1); exit: - mbedtls_endpoint_free(&client, NULL); - mbedtls_endpoint_free(&server, NULL); - free_handshake_options(&options); + mbedtls_test_ssl_endpoint_free(&client, NULL); + mbedtls_test_ssl_endpoint_free(&server, NULL); + mbedtls_test_free_handshake_options(&options); mbedtls_debug_set_threshold(0); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -5562,6 +2992,8 @@ void cookie_parsing(data_t *cookie, int exp_ret) mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); + USE_PSA_INIT(); + TEST_EQUAL(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_PRESET_DEFAULT), @@ -5576,8 +3008,10 @@ void cookie_parsing(data_t *cookie, int exp_ret) &len), exp_ret); +exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + USE_PSA_DONE(); } /* END_CASE */ @@ -5586,9 +3020,13 @@ void timing_final_delay_accessor() { mbedtls_timing_delay_context delay_context; + USE_PSA_INIT(); mbedtls_timing_set_delay(&delay_context, 50, 100); TEST_ASSERT(mbedtls_timing_get_final_delay(&delay_context) == 100); + +exit: + USE_PSA_DONE(); } /* END_CASE */ @@ -5607,6 +3045,7 @@ void cid_sanity() mbedtls_ssl_init(&ssl); mbedtls_ssl_config_init(&conf); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_CLIENT, @@ -5655,7 +3094,7 @@ void cid_sanity() == 0); TEST_EQUAL(cid_enabled, MBEDTLS_SSL_CID_ENABLED); - ASSERT_COMPARE(own_cid, own_cid_len, test_cid, own_cid_len); + TEST_MEMORY_COMPARE(own_cid, own_cid_len, test_cid, own_cid_len); /* Test disabling works. */ TEST_ASSERT(mbedtls_ssl_set_cid(&ssl, MBEDTLS_SSL_CID_DISABLED, NULL, @@ -5668,49 +3107,52 @@ void cid_sanity() TEST_EQUAL(cid_enabled, MBEDTLS_SSL_CID_DISABLED); +exit: mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDSA_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SOME */ void raw_key_agreement_fail(int bad_server_ecdhe_key) { enum { BUFFSIZE = 17000 }; - mbedtls_endpoint client, server; + mbedtls_test_ssl_endpoint client, server; mbedtls_psa_stats_t stats; size_t free_slots_before = -1; - handshake_test_options options; + mbedtls_test_handshake_test_options options; uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, MBEDTLS_SSL_IANA_TLS_GROUP_NONE }; - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); mbedtls_platform_zeroize(&client, sizeof(client)); mbedtls_platform_zeroize(&server, sizeof(server)); - init_handshake_options(&options); + mbedtls_test_init_handshake_options(&options); options.pk_alg = MBEDTLS_PK_ECDSA; + options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2; + options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2; /* Client side, force SECP256R1 to make one key bitflip fail * the raw key agreement. Flipping the first byte makes the * required 0x04 identifier invalid. */ - TEST_EQUAL(mbedtls_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, - &options, NULL, NULL, - NULL, iana_tls_group_list), 0); + TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&client, MBEDTLS_SSL_IS_CLIENT, + &options, NULL, NULL, + NULL, iana_tls_group_list), 0); /* Server side */ - TEST_EQUAL(mbedtls_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, - &options, NULL, NULL, - NULL, NULL), 0); + TEST_EQUAL(mbedtls_test_ssl_endpoint_init(&server, MBEDTLS_SSL_IS_SERVER, + &options, NULL, NULL, + NULL, NULL), 0); - TEST_EQUAL(mbedtls_mock_socket_connect(&(client.socket), - &(server.socket), - BUFFSIZE), 0); + TEST_EQUAL(mbedtls_test_mock_socket_connect(&(client.socket), + &(server.socket), + BUFFSIZE), 0); - TEST_EQUAL(mbedtls_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_CLIENT_KEY_EXCHANGE) - , 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), + MBEDTLS_SSL_CLIENT_KEY_EXCHANGE), 0); mbedtls_psa_get_stats(&stats); /* Save the number of slots in use up to this point. @@ -5720,12 +3162,11 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key) if (bad_server_ecdhe_key) { /* Force a simulated bitflip in the server key. to make the * raw key agreement in ssl_write_client_key_exchange fail. */ - (client.ssl).handshake->ecdh_psa_peerkey[0] ^= 0x02; + (client.ssl).handshake->xxdh_psa_peerkey[0] ^= 0x02; } - TEST_EQUAL(mbedtls_move_handshake_to_state(&(client.ssl), - &(server.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER), + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client.ssl), &(server.ssl), MBEDTLS_SSL_HANDSHAKE_OVER), bad_server_ecdhe_key ? MBEDTLS_ERR_SSL_HW_ACCEL_FAILED : 0); mbedtls_psa_get_stats(&stats); @@ -5737,63 +3178,66 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key) } exit: - mbedtls_endpoint_free(&client, NULL); - mbedtls_endpoint_free(&server, NULL); - free_handshake_options(&options); + mbedtls_test_ssl_endpoint_free(&client, NULL); + mbedtls_test_ssl_endpoint_free(&server, NULL); + mbedtls_test_free_handshake_options(&options); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED */ +/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:MBEDTLS_ECP_HAVE_SECP384R1 */ void tls13_server_certificate_msg_invalid_vector_len() { int ret = -1; - mbedtls_endpoint client_ep, server_ep; + mbedtls_test_ssl_endpoint client_ep, server_ep; unsigned char *buf, *end; size_t buf_len; int step = 0; int expected_result; mbedtls_ssl_chk_buf_ptr_args expected_chk_buf_ptr_args; - handshake_test_options client_options; - handshake_test_options server_options; + mbedtls_test_handshake_test_options client_options; + mbedtls_test_handshake_test_options server_options; /* * Test set-up */ - USE_PSA_INIT(); mbedtls_platform_zeroize(&client_ep, sizeof(client_ep)); mbedtls_platform_zeroize(&server_ep, sizeof(server_ep)); - init_handshake_options(&client_options); + mbedtls_test_init_handshake_options(&client_options); + MD_OR_USE_PSA_INIT(); + client_options.pk_alg = MBEDTLS_PK_ECDSA; - ret = mbedtls_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, - &client_options, NULL, NULL, NULL, NULL); + ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, + &client_options, NULL, NULL, NULL, + NULL); TEST_EQUAL(ret, 0); - init_handshake_options(&server_options); + mbedtls_test_init_handshake_options(&server_options); server_options.pk_alg = MBEDTLS_PK_ECDSA; - ret = mbedtls_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, - &server_options, NULL, NULL, NULL, NULL); + ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, + &server_options, NULL, NULL, NULL, + NULL); TEST_EQUAL(ret, 0); - ret = mbedtls_mock_socket_connect(&(client_ep.socket), - &(server_ep.socket), 1024); + ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), + &(server_ep.socket), 1024); TEST_EQUAL(ret, 0); while (1) { mbedtls_test_set_step(++step); - ret = mbedtls_move_handshake_to_state(&(server_ep.ssl), - &(client_ep.ssl), - MBEDTLS_SSL_CERTIFICATE_VERIFY); + ret = mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_CERTIFICATE_VERIFY); TEST_EQUAL(ret, 0); ret = mbedtls_ssl_flush_output(&(server_ep.ssl)); TEST_EQUAL(ret, 0); - ret = mbedtls_move_handshake_to_state(&(client_ep.ssl), - &(server_ep.ssl), - MBEDTLS_SSL_SERVER_CERTIFICATE); + ret = mbedtls_test_move_handshake_to_state( + &(client_ep.ssl), &(server_ep.ssl), + MBEDTLS_SSL_SERVER_CERTIFICATE); TEST_EQUAL(ret, 0); ret = mbedtls_ssl_tls13_fetch_handshake_msg(&(client_ep.ssl), @@ -5807,7 +3251,7 @@ void tls13_server_certificate_msg_invalid_vector_len() * Tweak server Certificate message and parse it. */ - ret = tweak_tls13_certificate_msg_vector_len( + ret = mbedtls_test_tweak_tls13_certificate_msg_vector_len( buf, &end, step, &expected_result, &expected_chk_buf_ptr_args); if (ret != 0) { @@ -5831,11 +3275,11 @@ void tls13_server_certificate_msg_invalid_vector_len() exit: mbedtls_ssl_reset_chk_buf_ptr_fail_args(); - mbedtls_endpoint_free(&client_ep, NULL); - mbedtls_endpoint_free(&server_ep, NULL); - free_handshake_options(&client_options); - free_handshake_options(&server_options); - USE_PSA_DONE(); + mbedtls_test_ssl_endpoint_free(&client_ep, NULL); + mbedtls_test_ssl_endpoint_free(&server_ep, NULL); + mbedtls_test_free_handshake_options(&client_options); + mbedtls_test_free_handshake_options(&server_options); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -5853,9 +3297,8 @@ void ssl_ecjpake_set_password(int use_opaque_arg) size_t pwd_len = 0; int ret; - USE_PSA_INIT(); - mbedtls_ssl_init(&ssl); + MD_OR_USE_PSA_INIT(); /* test with uninitalized SSL context */ ECJPAKE_TEST_SET_PASSWORD(MBEDTLS_ERR_SSL_BAD_INPUT_DATA); @@ -5915,84 +3358,85 @@ void ssl_ecjpake_set_password(int use_opaque_arg) mbedtls_ssl_free(&ssl); mbedtls_ssl_config_free(&conf); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE */ void elliptic_curve_get_properties() { - psa_ecc_family_t psa_family; + psa_key_type_t psa_type = PSA_KEY_TYPE_NONE; size_t psa_bits; - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) +#if defined(MBEDTLS_ECP_HAVE_SECP521R1) || defined(PSA_WANT_ECC_SECP_R1_521) TEST_AVAILABLE_ECC(25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521); #else TEST_UNAVAILABLE_ECC(25, MBEDTLS_ECP_DP_SECP521R1, PSA_ECC_FAMILY_SECP_R1, 521); #endif -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#if defined(MBEDTLS_ECP_HAVE_BP512R1) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) TEST_AVAILABLE_ECC(28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512); #else TEST_UNAVAILABLE_ECC(28, MBEDTLS_ECP_DP_BP512R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 512); #endif -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384) +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) || defined(PSA_WANT_ECC_SECP_R1_384) TEST_AVAILABLE_ECC(24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384); #else TEST_UNAVAILABLE_ECC(24, MBEDTLS_ECP_DP_SECP384R1, PSA_ECC_FAMILY_SECP_R1, 384); #endif -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#if defined(MBEDTLS_ECP_HAVE_BP384R1) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) TEST_AVAILABLE_ECC(27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384); #else TEST_UNAVAILABLE_ECC(27, MBEDTLS_ECP_DP_BP384R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 384); #endif -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256) +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) || defined(PSA_WANT_ECC_SECP_R1_256) TEST_AVAILABLE_ECC(23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256); #else TEST_UNAVAILABLE_ECC(23, MBEDTLS_ECP_DP_SECP256R1, PSA_ECC_FAMILY_SECP_R1, 256); #endif -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256) +#if defined(MBEDTLS_ECP_HAVE_SECP256K1) || defined(PSA_WANT_ECC_SECP_K1_256) TEST_AVAILABLE_ECC(22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256); #else TEST_UNAVAILABLE_ECC(22, MBEDTLS_ECP_DP_SECP256K1, PSA_ECC_FAMILY_SECP_K1, 256); #endif -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#if defined(MBEDTLS_ECP_HAVE_BP256R1) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) TEST_AVAILABLE_ECC(26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256); #else TEST_UNAVAILABLE_ECC(26, MBEDTLS_ECP_DP_BP256R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1, 256); #endif -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_224) +#if defined(MBEDTLS_ECP_HAVE_SECP224R1) || defined(PSA_WANT_ECC_SECP_R1_224) TEST_AVAILABLE_ECC(21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224); #else TEST_UNAVAILABLE_ECC(21, MBEDTLS_ECP_DP_SECP224R1, PSA_ECC_FAMILY_SECP_R1, 224); #endif -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_224) +#if defined(MBEDTLS_ECP_HAVE_SECP224K1) || defined(PSA_WANT_ECC_SECP_K1_224) TEST_AVAILABLE_ECC(20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224); #else TEST_UNAVAILABLE_ECC(20, MBEDTLS_ECP_DP_SECP224K1, PSA_ECC_FAMILY_SECP_K1, 224); #endif -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_192) +#if defined(MBEDTLS_ECP_HAVE_SECP192R1) || defined(PSA_WANT_ECC_SECP_R1_192) TEST_AVAILABLE_ECC(19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192); #else TEST_UNAVAILABLE_ECC(19, MBEDTLS_ECP_DP_SECP192R1, PSA_ECC_FAMILY_SECP_R1, 192); #endif -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_192) +#if defined(MBEDTLS_ECP_HAVE_SECP192K1) || defined(PSA_WANT_ECC_SECP_K1_192) TEST_AVAILABLE_ECC(18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192); #else TEST_UNAVAILABLE_ECC(18, MBEDTLS_ECP_DP_SECP192K1, PSA_ECC_FAMILY_SECP_K1, 192); #endif -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255) +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) || defined(PSA_WANT_ECC_MONTGOMERY_255) TEST_AVAILABLE_ECC(29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255); #else TEST_UNAVAILABLE_ECC(29, MBEDTLS_ECP_DP_CURVE25519, PSA_ECC_FAMILY_MONTGOMERY, 255); #endif -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448) +#if defined(MBEDTLS_ECP_HAVE_CURVE448) || defined(PSA_WANT_ECC_MONTGOMERY_448) TEST_AVAILABLE_ECC(30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448); #else TEST_UNAVAILABLE_ECC(30, MBEDTLS_ECP_DP_CURVE448, PSA_ECC_FAMILY_MONTGOMERY, 448); #endif - - USE_PSA_DONE(); + goto exit; +exit: + MD_OR_USE_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_ssl_decrypt.function b/tests/suites/test_suite_ssl_decrypt.function new file mode 100644 index 000000000..ad94a5839 --- /dev/null +++ b/tests/suites/test_suite_ssl_decrypt.function @@ -0,0 +1,312 @@ +/* BEGIN_HEADER */ +/* Testing of mbedtls_ssl_decrypt_buf() specifically, focusing on negative + * testing (using malformed inputs). */ + +#include +#include +#include + +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_SSL_TLS_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CIPHER_NULL_CIPHER */ +void ssl_decrypt_null(int hash_id) +{ + mbedtls_ssl_transform transform_in, transform_out; + mbedtls_ssl_transform_init(&transform_in); + mbedtls_ssl_transform_init(&transform_out); + const mbedtls_ssl_protocol_version version = MBEDTLS_SSL_VERSION_TLS1_2; + const mbedtls_cipher_type_t cipher_type = MBEDTLS_CIPHER_NULL; + mbedtls_record rec_good = { + .ctr = { 0 }, + .type = MBEDTLS_SSL_MSG_APPLICATION_DATA, + .ver = { 0, 0 }, /* Will be set by a function call below */ + .buf = NULL, + .buf_len = 0, + .data_offset = 0, + .data_len = 0, +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + .cid_len = 0, + .cid = { 0 }, +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + }; + mbedtls_ssl_write_version(rec_good.ver, + MBEDTLS_SSL_TRANSPORT_STREAM, + version); + const char sample_plaintext[3] = "ABC"; + mbedtls_ssl_context ssl; + mbedtls_ssl_init(&ssl); + uint8_t *buf = NULL; + + MD_OR_USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_test_ssl_build_transforms(&transform_in, &transform_out, + cipher_type, hash_id, 0, 0, + version, + 0, 0), 0); + + const size_t plaintext_length = sizeof(sample_plaintext); + rec_good.buf_len = plaintext_length + transform_in.maclen; + rec_good.data_len = plaintext_length; + TEST_CALLOC(rec_good.buf, rec_good.buf_len); + memcpy(rec_good.buf, sample_plaintext, plaintext_length); + TEST_EQUAL(mbedtls_test_ssl_prepare_record_mac(&rec_good, + &transform_out), 0); + + /* Good case */ + mbedtls_record rec = rec_good; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), 0); + + /* Change any one byte of the plaintext or MAC. The MAC will be wrong. */ + TEST_CALLOC(buf, rec.buf_len); + for (size_t i = 0; i < rec.buf_len; i++) { + mbedtls_test_set_step(i); + rec = rec_good; + rec.buf = buf; + memcpy(buf, rec_good.buf, rec.buf_len); + buf[i] ^= 1; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INVALID_MAC); + } + mbedtls_free(buf); + buf = NULL; + + /* Shorter input buffer. Either the MAC will be wrong, or there isn't + * enough room for a MAC. */ + for (size_t n = 1; n < rec.buf_len; n++) { + mbedtls_test_set_step(n); + rec = rec_good; + TEST_CALLOC(buf, n); + rec.buf = buf; + rec.buf_len = n; + rec.data_len = n; + memcpy(buf, rec_good.buf, n); + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INVALID_MAC); + mbedtls_free(buf); + buf = NULL; + } + + /* For robustness, check a 0-length buffer (non-null, then null). + * This should not reach mbedtls_ssl_decrypt_buf() as used in the library, + * so the exact error doesn't matter, but we don't want a crash. */ + { + const uint8_t buf1[1] = { 'a' }; + rec = rec_good; + /* We won't write to buf1[0] since it's out of range, so we can cast + * the const away. */ + rec.buf = (uint8_t *) buf1; + rec.buf_len = 0; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INTERNAL_ERROR); + } + rec = rec_good; + rec.buf = NULL; + rec.buf_len = 0; + TEST_EQUAL(mbedtls_ssl_decrypt_buf(&ssl, &transform_in, &rec), + MBEDTLS_ERR_SSL_INTERNAL_ERROR); + +exit: + mbedtls_ssl_transform_free(&transform_in); + mbedtls_ssl_transform_free(&transform_out); + mbedtls_free(rec_good.buf); + mbedtls_ssl_free(&ssl); + mbedtls_free(buf); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ +void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, + int length_selector) +{ + /* + * Test record decryption for CBC without EtM, focused on the verification + * of padding and MAC. + * + * Actually depends on TLS 1.2 and either AES, ARIA or Camellia, but since + * the test framework doesn't support alternation in dependency statements, + * just depend on AES. + * + * The length_selector argument is interpreted as follows: + * - if it's -1, the plaintext length is 0 and minimal padding is applied + * - if it's -2, the plaintext length is 0 and maximal padding is applied + * - otherwise it must be in [0, 255] and is padding_length from RFC 5246: + * it's the length of the rest of the padding, that is, excluding the + * byte that encodes the length. The minimal non-zero plaintext length + * that gives this padding_length is automatically selected. + */ + mbedtls_ssl_context ssl; /* ONLY for debugging */ + mbedtls_ssl_transform t0, t1; + mbedtls_record rec, rec_save; + unsigned char *buf = NULL, *buf_save = NULL; + size_t buflen, olen = 0; + size_t plaintext_len, block_size, i; + unsigned char padlen; /* excluding the padding_length byte */ + int exp_ret; + int ret; + const unsigned char pad_max_len = 255; /* Per the standard */ + + mbedtls_ssl_init(&ssl); + mbedtls_ssl_transform_init(&t0); + mbedtls_ssl_transform_init(&t1); + MD_OR_USE_PSA_INIT(); + + /* Set up transforms with dummy keys */ + ret = mbedtls_test_ssl_build_transforms(&t0, &t1, cipher_type, hash_id, + 0, trunc_hmac, + MBEDTLS_SSL_VERSION_TLS1_2, + 0, 0); + + TEST_ASSERT(ret == 0); + + /* Determine padding/plaintext length */ + TEST_ASSERT(length_selector >= -2 && length_selector <= 255); + block_size = t0.ivlen; + if (length_selector < 0) { + plaintext_len = 0; + + /* Minimal padding + * The +1 is for the padding_length byte, not counted in padlen. */ + padlen = block_size - (t0.maclen + 1) % block_size; + + /* Maximal padding? */ + if (length_selector == -2) { + padlen += block_size * ((pad_max_len - padlen) / block_size); + } + } else { + padlen = length_selector; + + /* Minimal non-zero plaintext_length giving desired padding. + * The +1 is for the padding_length byte, not counted in padlen. */ + plaintext_len = block_size - (padlen + t0.maclen + 1) % block_size; + } + + /* Prepare a buffer for record data */ + buflen = block_size + + plaintext_len + + t0.maclen + + padlen + 1; + TEST_CALLOC(buf, buflen); + TEST_CALLOC(buf_save, buflen); + + /* Prepare a dummy record header */ + memset(rec.ctr, 0, sizeof(rec.ctr)); + rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; + mbedtls_ssl_write_version(rec.ver, MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_VERSION_TLS1_2); +#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) + rec.cid_len = 0; +#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + + /* Prepare dummy record content */ + rec.buf = buf; + rec.buf_len = buflen; + rec.data_offset = block_size; + rec.data_len = plaintext_len; + memset(rec.buf + rec.data_offset, 42, rec.data_len); + + /* Set dummy IV */ + memset(t0.iv_enc, 0x55, t0.ivlen); + memcpy(rec.buf, t0.iv_enc, t0.ivlen); + + /* + * Prepare a pre-encryption record (with MAC and padding), and save it. + */ + TEST_EQUAL(0, mbedtls_test_ssl_prepare_record_mac(&rec, &t0)); + + /* Pad */ + memset(rec.buf + rec.data_offset + rec.data_len, padlen, padlen + 1); + rec.data_len += padlen + 1; + + /* Save correct pre-encryption record */ + rec_save = rec; + rec_save.buf = buf_save; + memcpy(buf_save, buf, buflen); + + /* + * Encrypt and decrypt the correct record, expecting success + */ + TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper( + &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, + rec.data_len, rec.buf + rec.data_offset, &olen)); + rec.data_offset -= t0.ivlen; + rec.data_len += t0.ivlen; + + TEST_EQUAL(0, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); + + /* + * Modify each byte of the pre-encryption record before encrypting and + * decrypting it, expecting failure every time. + */ + for (i = block_size; i < buflen; i++) { + mbedtls_test_set_step(i); + + /* Restore correct pre-encryption record */ + rec = rec_save; + rec.buf = buf; + memcpy(buf, buf_save, buflen); + + /* Corrupt one byte of the data (could be plaintext, MAC or padding) */ + rec.buf[i] ^= 0x01; + + /* Encrypt */ + TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper( + &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, + rec.data_len, rec.buf + rec.data_offset, &olen)); + rec.data_offset -= t0.ivlen; + rec.data_len += t0.ivlen; + + /* Decrypt and expect failure */ + TEST_EQUAL(MBEDTLS_ERR_SSL_INVALID_MAC, + mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); + } + + /* + * Use larger values of the padding bytes - with small buffers, this tests + * the case where the announced padlen would be larger than the buffer + * (and before that, than the buffer minus the size of the MAC), to make + * sure our padding checking code does not perform any out-of-bounds reads + * in this case. (With larger buffers, ie when the plaintext is long or + * maximal length padding is used, this is less relevant but still doesn't + * hurt to test.) + * + * (Start the loop with correct padding, just to double-check that record + * saving did work, and that we're overwriting the correct bytes.) + */ + for (i = padlen; i <= pad_max_len; i++) { + mbedtls_test_set_step(i); + + /* Restore correct pre-encryption record */ + rec = rec_save; + rec.buf = buf; + memcpy(buf, buf_save, buflen); + + /* Set padding bytes to new value */ + memset(buf + buflen - padlen - 1, i, padlen + 1); + + /* Encrypt */ + TEST_EQUAL(0, mbedtls_test_psa_cipher_encrypt_helper( + &t0, t0.iv_enc, t0.ivlen, rec.buf + rec.data_offset, + rec.data_len, rec.buf + rec.data_offset, &olen)); + rec.data_offset -= t0.ivlen; + rec.data_len += t0.ivlen; + + /* Decrypt and expect failure except the first time */ + exp_ret = (i == padlen) ? 0 : MBEDTLS_ERR_SSL_INVALID_MAC; + TEST_EQUAL(exp_ret, mbedtls_ssl_decrypt_buf(&ssl, &t1, &rec)); + } + +exit: + mbedtls_ssl_free(&ssl); + mbedtls_ssl_transform_free(&t0); + mbedtls_ssl_transform_free(&t1); + mbedtls_free(buf); + mbedtls_free(buf_save); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_ssl_decrypt.misc.data b/tests/suites/test_suite_ssl_decrypt.misc.data new file mode 100644 index 000000000..f663b262d --- /dev/null +++ b/tests/suites/test_suite_ssl_decrypt.misc.data @@ -0,0 +1,399 @@ +Decrypt null cipher, MD5 +depends_on:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_null:MBEDTLS_MD_MD5 + +Decrypt null cipher, SHA-1 +depends_on:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_null:MBEDTLS_MD_SHA1 + +Decrypt null cipher, SHA-256 +depends_on:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_null:MBEDTLS_MD_SHA256 + +Decrypt null cipher, SHA-384 +depends_on:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_null:MBEDTLS_MD_SHA384 + +Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15 + +Decrypt CBC !EtM, AES MD5 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15 + +Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15 + +Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 + +Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 + +Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15 + +Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15 + +Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15 + +Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 + +Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15 + +Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15 + +Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15 + +Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 + +Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function index 821ebd678..4143a1c51 100644 --- a/tests/suites/test_suite_timing.function +++ b/tests/suites/test_suite_timing.function @@ -20,8 +20,20 @@ void timing_get_timer() { struct mbedtls_timing_hr_time time; + + memset(&time, 0, sizeof(time)); + (void) mbedtls_timing_get_timer(&time, 1); + + /* Check that a non-zero time was written back */ + int all_zero = 1; + for (size_t i = 0; i < sizeof(time); i++) { + all_zero &= ((unsigned char *) &time)[i] == 0; + } + TEST_ASSERT(!all_zero); + (void) mbedtls_timing_get_timer(&time, 0); + /* This goto is added to avoid warnings from the generated code. */ goto exit; } diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index ea6fc62f9..11c41b0d0 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compile time library version -check_compiletime_version:"3.3.0" +check_compiletime_version:"3.5.0" Check runtime library version -check_runtime_version:"3.3.0" +check_runtime_version:"3.5.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 diff --git a/tests/suites/test_suite_version.function b/tests/suites/test_suite_version.function index 981f8ab85..eeae51262 100644 --- a/tests/suites/test_suite_version.function +++ b/tests/suites/test_suite_version.function @@ -20,7 +20,7 @@ void check_compiletime_version(char *version_str) mbedtls_snprintf(build_str, 100, "%d.%d.%d", MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); - mbedtls_snprintf(build_str_full, 100, "mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, + mbedtls_snprintf(build_str_full, 100, "Mbed TLS %d.%d.%d", MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH); build_int = MBEDTLS_VERSION_MAJOR << 24 | @@ -56,7 +56,7 @@ void check_runtime_version(char *version_str) (get_int >> 24) & 0xFF, (get_int >> 16) & 0xFF, (get_int >> 8) & 0xFF); - mbedtls_snprintf(build_str_full, 100, "mbed TLS %s", version_str); + mbedtls_snprintf(build_str_full, 100, "Mbed TLS %s", version_str); TEST_ASSERT(strcmp(build_str, version_str) == 0); TEST_ASSERT(strcmp(build_str_full, get_str_full) == 0); diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 002f3dc41..4b75f1763 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -1,354 +1,410 @@ X509 CRT information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server1.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #1 (DER) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server1.crt.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server1.crt.der":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server2.crt":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #2 (DER) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server2.crt.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server2.crt.der":"cert. version \: 3\nserial number \: 02\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/test-ca.crt":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" X509 CRT information #3 (DER) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" X509 CRT information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_MD5 +x509_cert_info:"data_files/parse_input/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 +x509_cert_info:"data_files/parse_input/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA384 +x509_cert_info:"data_files/parse_input/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA512 +x509_cert_info:"data_files/parse_input/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA224 +x509_cert_info:"data_files/parse_input/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA384 +x509_cert_info:"data_files/parse_input/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA512 +x509_cert_info:"data_files/parse_input/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA224 +x509_cert_info:"data_files/parse_input/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA384 +x509_cert_info:"data_files/parse_input/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA512 +x509_cert_info:"data_files/parse_input/server5-sha512.crt":"cert. version \: 3\nserial number \: 15\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA256 Digest, hardware module name SAN -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued on \: 2019-03-24 09\:06\:02\nexpires on \: 2029-03-21 09\:06\:02\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 313233343536\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server5-othername.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS othername SAN\nissued on \: 2023-06-20 09\:04\:43\nexpires on \: 2033-06-17 09\:04\:43\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 313233343536\n" X509 CRT information EC, SHA256 Digest, binary hardware module name SAN -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-nonprintable_othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued on \: 2022-09-06 15\:56\:47\nexpires on \: 2032-09-03 15\:56\:47\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server5-nonprintable_othername.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued on \: 2023-06-20 09\:49\:20\nexpires on \: 2033-06-17 09\:49\:20\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\n" + +X509 CRT information EC, SHA256 Digest, directoryName SAN +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server5-directoryname.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-10 16\:59\:29\nexpires on \: 2033-01-07 16\:59\:29\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n" + +X509 CRT information EC, SHA256 Digest, two directoryName SANs +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server5-two-directorynames.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-12 10\:34\:11\nexpires on \: 2033-01-09 10\:34\:11\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n directoryName \: O=MALFORM_ME\n" X509 CRT information EC, SHA256 Digest, Wisun Fan device -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server5-fan.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued on \: 2019-03-25 09\:03\:46\nexpires on \: 2029-03-22 09\:03\:46\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\next key usage \: Wi-SUN Alliance Field Area Network (FAN)\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server5-fan.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued on \: 2023-06-20 09\:49\:35\nexpires on \: 2033-06-17 09\:49\:35\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\next key usage \: Wi-SUN Alliance Field Area Network (FAN)\n" X509 CRT information, NS Cert Type -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server1.cert_type.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\ncert. type \: SSL Server\n" X509 CRT information, Key Usage -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server1.key_usage.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/server1.key_usage.crt":"cert. version \: 3\nserial number \: 01\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, Key Usage with decipherOnly -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/keyUsage.decipherOnly.crt":"cert. version \: 3\nserial number \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name \: C=GB, L=Cambridge, O=Default Company Ltd\nissued on \: 2015-05-12 10\:36\:55\nexpires on \: 2018-05-11 10\:36\:55\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/keyUsage.decipherOnly.crt":"cert. version \: 3\nserial number \: 9B\:13\:CE\:4C\:A5\:6F\:DE\:52\nissuer name \: C=GB, L=Cambridge, O=Default Company Ltd\nsubject name \: C=GB, L=Cambridge, O=Default Company Ltd\nissued on \: 2015-05-12 10\:36\:55\nexpires on \: 2018-05-11 10\:36\:55\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment, Decipher Only\n" X509 CRT information, Subject Alt Name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2019-07-10 11\:27\:52\nexpires on \: 2029-07-10 11\:27\:52\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/cert_example_multi.crt":"cert. version \: 3\nserial number \: 11\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=www.example.com\nissued on \: 2019-07-10 11\:27\:52\nexpires on \: 2029-07-10 11\:27\:52\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n" X509 CRT information, Multiple different Subject Alt Name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/multiple_san.crt":"cert. version \: 3\nserial number \: 04\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued on \: 2019-04-22 16\:10\:48\nexpires on \: 2029-04-19 16\:10\:48\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n dNSName \: example.com\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 313233343536\n dNSName \: example.net\n dNSName \: *.example.org\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/multiple_san.crt":"cert. version \: 3\nserial number \: 04\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS multiple othername SAN\nissued on \: 2019-04-22 16\:10\:48\nexpires on \: 2029-04-19 16\:10\:48\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n dNSName \: example.com\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 313233343536\n dNSName \: example.net\n dNSName \: *.example.org\n" X509 CRT information, Subject Alt Name + Key Usage -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \:\n dNSName \: www.shotokan-braunschweig.de\n dNSName \: www.massimo-abate.eu\n \n \nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/cert_example_multi_nocn.crt":"cert. version \: 3\nserial number \: F7\:C6\:7F\:F8\:E9\:A9\:63\:F9\nissuer name \: C=NL\nsubject name \: C=NL\nissued on \: 2014-01-22 10\:04\:33\nexpires on \: 2024-01-22 10\:04\:33\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\nsubject alt name \:\n dNSName \: www.shotokan-braunschweig.de\n dNSName \: www.massimo-abate.eu\n iPAddress \: 192.168.1.1\n iPAddress \: 192.168.69.144\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" + +X509 CRT information, Subject Alt Name with uniformResourceIdentifier +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/rsa_single_san_uri.crt.der":"cert. version \: 3\nserial number \: 6F\:75\:EB\:E9\:6D\:25\:BC\:88\:82\:62\:A3\:E0\:68\:A7\:37\:3B\:EC\:75\:8F\:9C\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nissued on \: 2023-02-14 10\:38\:05\nexpires on \: 2043-02-09 10\:38\:05\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" + +X509 CRT information, Subject Alt Name with two uniformResourceIdentifiers +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/rsa_multiple_san_uri.crt.der":"cert. version \: 3\nserial number \: 08\:E2\:93\:18\:91\:26\:D8\:46\:88\:90\:10\:4F\:B5\:86\:CB\:C4\:78\:E6\:EA\:0D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS URI SAN\nissued on \: 2023-02-14 10\:37\:50\nexpires on \: 2043-02-09 10\:37\:50\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c\n uniformResourceIdentifier \: urn\:example.com\:5ff40f78-9210-494f-8206-abcde1234567\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CRT information, RSA Certificate Policy any -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-any_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-03-21 16\:40\:59\nexpires on \: 2029-03-21 16\:40\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-any_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-03-21 16\:40\:59\nexpires on \: 2029-03-21 16\:40\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, ECDSA Certificate Policy any -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-any_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-03-25 09\:02\:45\nexpires on \: 2029-03-25 09\:02\:45\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-any_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-03-25 09\:02\:45\nexpires on \: 2029-03-25 09\:02\:45\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, RSA Certificate Policy any with qualifier -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-any_policy_with_qualifier.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:14\:31\nexpires on \: 2029-04-28 13\:14\:31\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-any_policy_with_qualifier.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:14\:31\nexpires on \: 2029-04-28 13\:14\:31\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, ECDSA Certificate Policy any with qualifier -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-any_policy_with_qualifier_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 10\:16\:05\nexpires on \: 2029-04-28 10\:16\:05\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-any_policy_with_qualifier_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 10\:16\:05\nexpires on \: 2029-04-28 10\:16\:05\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: Any Policy\n" X509 CRT information, RSA Certificate multiple Policies -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-multi_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 12\:59\:19\nexpires on \: 2029-04-28 12\:59\:19\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-multi_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 12\:59\:19\nexpires on \: 2029-04-28 12\:59\:19\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" X509 CRT information, ECDSA Certificate multiple Policies -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-multi_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 12\:59\:51\nexpires on \: 2029-04-28 12\:59\:51\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-multi_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 12\:59\:51\nexpires on \: 2029-04-28 12\:59\:51\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???, Any Policy\n" X509 CRT information, RSA Certificate unsupported policy -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-unsupported_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:00\:13\nexpires on \: 2029-04-28 13\:00\:13\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-unsupported_policy.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-04-28 13\:00\:13\nexpires on \: 2029-04-28 13\:00\:13\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" X509 CRT information, ECDSA Certificate unsupported policy -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/test-ca-unsupported_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 13\:00\:19\nexpires on \: 2029-04-28 13\:00\:19\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/test-ca-unsupported_policy_ec.crt":"cert. version \: 3\nserial number \: 00\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nissued on \: 2019-04-28 13\:00\:19\nexpires on \: 2029-04-28 13\:00\:19\nsigned using \: ECDSA with SHA256\nEC key size \: 384 bits\nbasic constraints \: CA=true\ncertificate policies \: ???\n" X509 CRT information, Key Usage + Extended Key Usage -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/server1.ext_ku.crt":"cert. version \: 3\nserial number \: 21\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2014-04-01 14\:44\:43\nexpires on \: 2024-03-29 14\:44\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\next key usage \: TLS Web Server Authentication\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/server1.ext_ku.crt":"cert. version \: 3\nserial number \: 21\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on \: 2014-04-01 14\:44\:43\nexpires on \: 2024-03-29 14\:44\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\next key usage \: TLS Web Server Authentication\n" X509 CRT information RSA signed by EC -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C -x509_cert_info:"data_files/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME +x509_cert_info:"data_files/parse_input/server4.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information EC signed by RSA -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C -x509_cert_info:"data_files/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C +x509_cert_info:"data_files/parse_input/server3.crt":"cert. version \: 3\nserial number \: 0D\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-08-09 09\:17\:03\nexpires on \: 2023-08-07 09\:17\:03\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\nbasic constraints \: CA=false\n" X509 CRT information Bitstring in subject name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=?7101012255\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n \next key usage \: TLS Web Client Authentication\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509_cert_info:"data_files/parse_input/bitstring-in-dn.pem":"cert. version \: 3\nserial number \: 02\nissuer name \: CN=Test CA 01, ST=Ecnivorp, C=XX, emailAddress=tca@example.com, O=Test CA Authority\nsubject name \: C=XX, O=tca, ST=Ecnivorp, OU=TCA, CN=Client, emailAddress=client@example.com, serialNumber=7101012255, uniqueIdentifier=#030B0037313031303132323535\nissued on \: 2015-03-11 12\:06\:51\nexpires on \: 2025-03-08 12\:06\:51\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\nsubject alt name \:\n rfc822Name \: client@example.com\next key usage \: TLS Web Client Authentication\n" X509 CRT information Non-ASCII string in issuer name and subject name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_cert_info:"data_files/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nsubject name \: C=JP, ST=Tokyo, O=?????????????????? Ltd, CN=?????????????????? CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_cert_info:"data_files/parse_input/non-ascii-string-in-issuer.crt":"cert. version \: 3\nserial number \: 05\:E6\:53\:E7\:1B\:74\:F0\:B5\:D3\:84\:6D\:0C\:6D\:DC\:FA\:3F\:A4\:5A\:2B\:E0\nissuer name \: C=JP, ST=Tokyo, O=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 Ltd, CN=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 CA\nsubject name \: C=JP, ST=Tokyo, O=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 Ltd, CN=\\C3\\A3\\C2\\83\\C2\\86\\C3\\A3\\C2\\82\\C2\\B9\\C3\\A3\\C2\\83\\C2\\88 CA\nissued on \: 2020-05-20 16\:17\:23\nexpires on \: 2020-06-19 16\:17\:23\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n" + +X509 CRT information Parsing IPv4 and IPv6 IP names +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_cert_info:"data_files/server5-tricky-ip-san.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS Tricky IP SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS Tricky IP SAN\nissued on \: 2023-06-05 11\:30\:36\nexpires on \: 2033-06-02 11\:30\:36\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n iPAddress \: 97.98.99.100\n iPAddress \: 6162\:6364\:2E65\:7861\:6D70\:6C65\:2E63\:6F6D\n" X509 SAN parsing otherName -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/server5-othername.crt.der":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n":0 X509 SAN parsing binary otherName -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_parse_san:"data_files/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/server5-nonprintable_othername.crt.der":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n":0 + +X509 SAN parsing directoryName +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/server5-directoryname.crt.der":"type \: 4\ndirectoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n":0 + +X509 SAN parsing directoryName, seq malformed +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/server5-directoryname-seq-malformed.crt.der":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 SAN parsing two directoryNames, second DN OID malformed +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/server5-second-directoryname-oid-malformed.crt.der":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 SAN parsing dNSName -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_parse_san:"data_files/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n":0 X509 SAN parsing Multiple different types -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n":0 X509 SAN parsing, no subject alt name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C -x509_parse_san:"data_files/server4.crt":"" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME +x509_parse_san:"data_files/parse_input/server4.crt":"":0 X509 SAN parsing, unsupported otherName name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_parse_san:"data_files/server5-unsupported_othername.crt":"" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/server5-unsupported_othername.crt.der":"":0 + +X509 SAN parsing rfc822Name +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509_parse_san:"data_files/parse_input/test_cert_rfc822name.crt.der":"type \: 1\nrfc822Name \: my@other.address\ntype \: 1\nrfc822Name \: second@other.address\n":0 + +X509 CRT information Parsing IP (invalid data) +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_parse_san:"data_files/server5-tricky-ip-san-malformed-len.crt.der":"":MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRL information #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information MD5 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_MD5:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n" X509 CRL Information SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" X509 CRL Information SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" X509 CRL Information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" X509 CRL Information SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" X509 CRL information RSA-PSS, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA224:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA512:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PK_CAN_ECDSA_SOME:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" X509 CRL Information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PK_CAN_ECDSA_SOME:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" X509 CRL Information EC, SHA256 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" X509 CRL Information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PK_CAN_ECDSA_SOME:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" X509 CRL Information EC, SHA512 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PK_CAN_ECDSA_SOME:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_crl_info:"data_files/parse_input/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" X509 CRL Malformed Input (trailing spaces at end of file) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C -mbedtls_x509_crl_parse:"data_files/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PK_CAN_ECDSA_VERIFY +mbedtls_x509_crl_parse:"data_files/parse_input/crl-malformed-trailing-spaces.pem":MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT X509 CRL Unsupported critical extension (issuingDistributionPoint) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -mbedtls_x509_crl_parse:"data_files/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +mbedtls_x509_crl_parse:"data_files/parse_input/crl-idp.pem":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL Unsupported non-critical extension (issuingDistributionPoint) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA -mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +mbedtls_x509_crl_parse:"data_files/parse_input/crl-idpnc.pem":0 X509 CSR Information RSA with MD5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_MD5:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTS_X509_INFO -mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTS_X509_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256, containing commas -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTS_X509_INFO -mbedtls_x509_csr_info:"data_files/server1.req.commas.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL\, Commas, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTS_X509_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server1.req.commas.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information EC with SHA1 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information EC with SHA224 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA224:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information EC with SHA256 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information EC with SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information EC with SHA512 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA512:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information RSA-PSS with SHA1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA224:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information RSA-PSS with SHA256 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information RSA-PSS with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information RSA-PSS with SHA512 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA512:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n" X509 CSR Information RSA with SHA-256 - Microsoft header -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C -mbedtls_x509_csr_info:"data_files/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_info:"data_files/parse_input/server1-ms.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" + +X509 CSR Information v3 extensions #1 (all) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/test_csr_v3_all.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\ncert. type \: SSL Client\nkey usage \: CRL Sign\n" + +X509 CSR Information v3 extensions #2 (nsCertType only) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/test_csr_v3_nsCertType.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\ncert. type \: SSL Server\n" + +X509 CSR Information v3 extensions #3 (subjectAltName only) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/test_csr_v3_subjectAltName.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nsubject alt name \:\n dNSName \: example.com\n dNSName \: example.net\n dNSName \: *.example.org\n" + +X509 CSR Information v3 extensions #4 (keyUsage only) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_info:"data_files/parse_input/test_csr_v3_keyUsage.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\nkey usage \: Digital Signature, Key Encipherment\n" X509 Verify Information: empty x509_verify_info:0:"":"" @@ -372,43 +428,55 @@ X509 Verify Information: two issues, with prefix x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:" ! ":" ! The certificate validity has expired\n ! The CRL is expired\n" X509 Get Distinguished Name #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1" X509 Get Distinguished Name #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets:"data_files/server1.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" X509 Get Distinguished Name #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets:"data_files/server2.crt":"subject":"C=NL, O=PolarSSL, CN=localhost" X509 Get Distinguished Name #4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA" X509 Get Distinguished Name #5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -mbedtls_x509_dn_gets:"data_files/server1.commas.crt":"subject":"C=NL, O=PolarSSL\, Commas, CN=PolarSSL Server 1" +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.commas.crt":"subject":"C=NL, O=PolarSSL\\, Commas, CN=PolarSSL Server 1" + +X509 Get Distinguished Name #6 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.hashsymbol.crt":"subject":"C=NL, O=\\#PolarSSL, CN=PolarSSL Server 1" + +X509 Get Distinguished Name #7 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.spaces.crt":"subject":"C=NL, O=\\ PolarSSL\\ , CN=PolarSSL Server 1" + +X509 Get Distinguished Name #8 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_dn_gets:"data_files/server1.asciichars.crt":"subject":"C=NL, O=\\E6\\9E\\81\\E5\\9C\\B0SSL, CN=PolarSSL Server 1" X509 Get Modified DN #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"Modified":"C=NL, O=Modified, CN=PolarSSL Server 1":0 X509 Get Modified DN #2 Name exactly 255 bytes -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, CN=PolarSSL Server 1":0 X509 Get Modified DN #3 Name exceeds 255 bytes -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL X509 Get Modified DN #4 Name exactly 255 bytes, with comma requiring escaping -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"1234567890,1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL X509 Get Modified DN #5 Name exactly 255 bytes, ending with comma requiring escaping -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_dn_gets_subject_replace:"data_files/server1.crt":"12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234,":"":MBEDTLS_ERR_X509_BUFFER_TOO_SMALL X509 Get Next DN #1 No Multivalue RDNs @@ -464,603 +532,738 @@ X509 Get Name Corrupted DN Mem Leak mbedtls_x509_get_name:"310B3009060355040613024E4C3111300F060355040A0C08506F6C617253534C3019301706035504030C10506F6C617253534C2054657374204341":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 Time Expired #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_from":1 X509 Time Expired #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_time_is_past:"data_files/server1.crt":"valid_to":0 X509 Time Expired #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_time_is_past:"data_files/server2.crt":"valid_from":1 X509 Time Expired #4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_time_is_past:"data_files/server2.crt":"valid_to":0 X509 Time Expired #5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_time_is_past:"data_files/test-ca.crt":"valid_from":1 X509 Time Expired #6 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_time_is_past:"data_files/test-ca.crt":"valid_to":0 X509 Time Future #1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA256 mbedtls_x509_time_is_future:"data_files/server5.crt":"valid_from":0 X509 Time Future #2 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA256 mbedtls_x509_time_is_future:"data_files/server5.crt":"valid_to":1 X509 Time Future #3 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA256 mbedtls_x509_time_is_future:"data_files/server5-future.crt":"valid_from":1 X509 Time Future #4 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA256 mbedtls_x509_time_is_future:"data_files/server5-future.crt":"valid_to":1 X509 Time Future #5 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA256 mbedtls_x509_time_is_future:"data_files/test-ca2.crt":"valid_from":0 X509 Time Future #6 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_HAVE_TIME_DATE:MBEDTLS_MD_CAN_SHA256 mbedtls_x509_time_is_future:"data_files/test-ca2.crt":"valid_to":1 X509 CRT verification #1 (Revoked Cert, Expired CRL, no CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" X509 CRT verification #1a (Revoked Cert, Future CRL, no CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" X509 CRT verification #2 (Revoked Cert, Expired CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Server 1":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" X509 CRT verification #2a (Revoked Cert, Future CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"localhost":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" X509 CRT verification #3 (Revoked Cert, Future CRL, CN Mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"PolarSSL Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_EXPIRED | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #3a (Revoked Cert, Expired CRL, CN Mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCRL_FUTURE | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #4 (Valid Cert, Expired CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server2.crt":"data_files/test-ca.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_EXPIRED:"compat":"NULL" X509 CRT verification #4a (Revoked Cert, Future CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-future.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" X509 CRT verification #5 (Revoked Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #5' (Revoked Cert, differing DN string formats #1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca_utf8.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #5'' (Revoked Cert, differing DN string formats #2) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca_printable.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #5''' (Revoked Cert, differing upper and lower case) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca_uppercase.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #6 (Revoked Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Server 1":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #7 (Revoked Cert, CN Mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"PolarSSL Wrong CN":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED | MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #8 (Valid Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #8a (Expired Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5-expired.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" X509 CRT verification #8b (Future Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5-future.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" X509 CRT verification #8c (Expired Cert, longer chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server7-expired.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" X509 CRT verification #8d (Future Cert, longer chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server7-future.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" X509 CRT verification #9 (Not trusted Cert) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #10 (Not trusted Cert, Expired CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 forbidden) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL" X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 allowed) -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL" X509 CRT verification #14 (Valid Cert SHA1 Digest explicitly allowed in profile) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #14 (Valid Cert SHA1 Digest forbidden in default profile) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL" X509 CRT verification #15 (Valid Cert SHA224 Digest) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #16 (Valid Cert SHA256 Digest) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #17 (Valid Cert SHA384 Digest) -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #18 (Valid Cert SHA512 Digest) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #19 (Valid Cert, denying callback) -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_OTHER:"compat":"verify_none" X509 CRT verification #19 (Not trusted Cert, allowing callback) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":0:0:"compat":"verify_all" X509 CRT verification #21 (domain matching wildcard certificate, case insensitive) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.ExAmPlE.com":0:0:"compat":"NULL" X509 CRT verification #22 (domain not matching wildcard certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #23 (domain not matching wildcard certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_wildcard.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #24 (domain matching CN of multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #25 (domain matching multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.net":0:0:"compat":"NULL" X509 CRT verification #26 (domain not matching multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #27.1 (domain not matching multi certificate: suffix) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"xample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #27.2 (domain not matching multi certificate: head junk) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"bexample.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #28 (domain not matching wildcard in multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"example.org":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"compat":"NULL" X509 CRT verification #29 (domain matching wildcard in multi certificate) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi.crt":"data_files/test-ca.crt":"data_files/crl.pem":"mail.example.org":0:0:"compat":"NULL" X509 CRT verification #30 (domain matching multi certificate without CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.shotokan-braunschweig.de":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #31 (domain not matching multi certificate without CN) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH + MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #32 (Valid, EC cert, RSA CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #33 (Valid, RSA cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #34 (Valid, EC cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #35 (Revoked, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #36 (Valid, EC CA, SHA1 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #37 (Valid, EC CA, SHA224 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA224 x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #38 (Valid, EC CA, SHA384 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA384:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5-sha384.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #39 (Valid, EC CA, SHA512 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA512:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5-sha512.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #40 (Valid, depth 0, RSA, CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/test-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #41 (Valid, depth 0, EC, CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/test-ca2.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #42 (Depth 0, not CA, RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server2.crt":"data_files/server2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #43 (Depth 0, not CA, EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server5.crt":"data_files/server5.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #44 (Corrupted signature, EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #45 (Corrupted signature, RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server2-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #45b (Corrupted signature, intermediate CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #46 (Valid, depth 2, EC-RSA-EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #47 (Untrusted, depth 2, EC-RSA-EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server7_int-ca.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #48 (Missing intermediate CA, EC-RSA-EC) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server7.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #49 (Valid, depth 2, RSA-EC-RSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server8_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #50 (Valid, multiple CAs) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server2.crt":"data_files/test-ca_cat12.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #51 (Valid, multiple CAs, reverse order) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server2.crt":"data_files/test-ca_cat21.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #52 (CA keyUsage valid) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt_crl.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #53 (CA keyUsage missing cRLSign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #54 (CA keyUsage missing cRLSign, no CRL) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crt.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #55 (CA keyUsage missing keyCertSign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-crl.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #56 (CA keyUsage plain wrong) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #57 (Valid, RSASSA-PSS, SHA-1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-224) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA224:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-256) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #60 (Valid, RSASSA-PSS, SHA-384) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA384:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #61 (Valid, RSASSA-PSS, SHA-512) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA512:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #62 (Revoked, RSASSA-PSS, SHA-1) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #64 (Valid, RSASSA-PSS, SHA-1, not top) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #65 (RSASSA-PSS, SHA1, bad cert signature) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #66 (RSASSA-PSS, SHA1, no RSA CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #67 (Valid, RSASSA-PSS, all defaults) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #68 (RSASSA-PSS, wrong salt_len, !USE_PSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_USE_PSA_CRYPTO x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #68 (RSASSA-PSS, wrong salt_len, USE_PSA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1:MBEDTLS_USE_PSA_CRYPTO x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #69 (RSASSA-PSS, wrong mgf_hash) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA224:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #70 (v1 trusted CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server1-v1.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #71 (v1 trusted CA, other) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server2-v1.crt":"data_files/server1-v1.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #72 (v1 chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server2-v1-chain.crt":"data_files/test-ca-v1.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #73 (selfsigned trusted without CA bit) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C x509_verify:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #74 (signed by selfsigned trusted without CA bit) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C x509_verify:"data_files/server6-ss-child.crt":"data_files/server5-selfsigned.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL" X509 CRT verification #75 (encoding mismatch) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #76 (multiple CRLs, not revoked) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server5.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #77 (multiple CRLs, revoked) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ec-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #78 (multiple CRLs, revoked by second) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_rsa-ec.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #79 (multiple CRLs, revoked by future) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server6.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" X509 CRT verification #80 (multiple CRLs, first future, revoked by second) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"data_files/crl_cat_ecfut-rsa.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification #81 (multiple CRLs, none relevant) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #82 (Not yet valid CA and valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #83 (valid CA and Not yet valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-future.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #84 (valid CA and Not yet valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-present-past.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #85 (Not yet valid CA and valid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256 x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-present.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #86 (Not yet valid CA and invalid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-future-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_FUTURE:"compat":"NULL" X509 CRT verification #87 (Expired CA and invalid CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server5.crt":"data_files/test-ca2_cat-past-invalid.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_EXPIRED:"compat":"NULL" X509 CRT verification #88 (Spurious cert in the chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server7_spurious_int-ca.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #89 (Spurious cert later in the chain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/server10_int3_spurious_int-ca2.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha1.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #90 (EE with same name as trusted root) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server5-ss-forgeca.crt":"data_files/test-int-ca3.crt":"data_files/crl-ec-sha1.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"":"NULL" X509 CRT verification #91 (same CA with good then bad key) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY x509_verify:"data_files/server1.crt":"data_files/test-ca-good-alt.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #91 (same CA with bad then good key) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY x509_verify:"data_files/server1.crt":"data_files/test-ca-alt-good.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #92 (bad name, allowing callback) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"globalhost":0:0:"":"verify_all" X509 CRT verification #93 (Suite B invalid, EC cert, RSA CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/server3.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY|MBEDTLS_X509_BADCRL_BAD_MD|MBEDTLS_X509_BADCRL_BAD_PK:"suite_b":"NULL" X509 CRT verification #94 (Suite B invalid, RSA cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_PKCS1_V15:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server4.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_PK:"suite_b":"NULL" X509 CRT verification #95 (Suite B Valid, EC cert, EC CA) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL" X509 CRT verification #96 (next profile Invalid Cert SHA224 Digest) -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL" X509 CRT verification #97 (next profile Valid Cert SHA256 Digest) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA1 x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"next":"NULL" X509 CRT verification #98 (Revoked Cert, revocation date in the future, _with_ MBEDTLS_HAVE_TIME_DATE) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl-futureRevocationDate.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED|MBEDTLS_X509_BADCRL_FUTURE:"compat":"NULL" X509 CRT verification #99 (Revoked Cert, revocation date in the future, _without_ MBEDTLS_HAVE_TIME_DATE) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:!MBEDTLS_HAVE_TIME_DATE x509_verify:"data_files/server1.crt":"data_files/test-ca.crt":"data_files/crl-futureRevocationDate.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_REVOKED:"compat":"NULL" X509 CRT verification: domain identical to IPv4 in SubjectAltName -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C -x509_verify:"data_files/server5-tricky-ip-san.crt":"data_files/server5-tricky-ip-san.crt":"data_files/crl_sha256.pem":"abcd":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"abcd":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" X509 CRT verification: domain identical to IPv6 in SubjectAltName -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C -x509_verify:"data_files/server5-tricky-ip-san.crt":"data_files/server5-tricky-ip-san.crt":"data_files/crl_sha256.pem":"abcd.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"abcd.example.com":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT verification: matching IPv4 in SubjectAltName +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"97.98.99.100":0:0:"":"NULL" + +X509 CRT verification: mismatching IPv4 in SubjectAltName +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"7.8.9.10":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT verification: IPv4 with trailing data in SubjectAltName +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"97.98.99.100?":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT verification: matching IPv6 in SubjectAltName +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"6162\:6364\:2E65\:7861\:6D70\:6C65\:2E63\:6F6D":0:0:"":"NULL" + +X509 CRT verification: mismatching IPv6 in SubjectAltName +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/server5-tricky-ip-san.crt.der":"data_files/server5-tricky-ip-san.crt.der":"data_files/crl_sha256.pem":"6162\:6364\:\:6F6D":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT verification: matching URI in SubjectAltName +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/rsa_single_san_uri.crt.der":"data_files/rsa_single_san_uri.crt.der":"data_files/crl_sha256.pem":"urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c":0:0:"":"NULL" + +X509 CRT verification: URI with trailing data in SubjectAltName +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/rsa_single_san_uri.crt.der":"data_files/rsa_single_san_uri.crt.der":"data_files/crl_sha256.pem":"urn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609cz":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT verification: URI with preceding data in SubjectAltName +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/rsa_single_san_uri.crt.der":"data_files/rsa_single_san_uri.crt.der":"data_files/crl_sha256.pem":"zurn\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT verification: URI with bad data in SubjectAltName +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C +x509_verify:"data_files/rsa_single_san_uri.crt.der":"data_files/rsa_single_san_uri.crt.der":"data_files/crl_sha256.pem":"bad\:example.com\:5ff40f78-9210-494f-8206-c2c082f0609c":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_CN_MISMATCH:"":"NULL" + +X509 CRT parse CN: IPv4 valid address +x509_crt_parse_cn_inet_pton:"10.10.10.10":"0A0A0A0A":4 + +X509 CRT parse CN: IPv4 leading zeroes #1 +x509_crt_parse_cn_inet_pton:"010.10.10.10":"":0 + +X509 CRT parse CN: IPv4 leading zeroes #2 +x509_crt_parse_cn_inet_pton:"10.10.10.001":"":0 + +X509 CRT parse CN: IPv4 excess 0s +x509_crt_parse_cn_inet_pton:"10.0000.10.10":"":0 + +X509 CRT parse CN: IPv4 short address +x509_crt_parse_cn_inet_pton:"10.10.10":"":0 + +X509 CRT parse CN: IPv4 invalid ? char +x509_crt_parse_cn_inet_pton:"10.10?10.10":"":0 + +X509 CRT parse CN: IPv4 invalid - char +x509_crt_parse_cn_inet_pton:"10.-10.10.10":"":0 + +X509 CRT parse CN: IPv4 invalid + char +x509_crt_parse_cn_inet_pton:"10.+10.10.10":"":0 + +X509 CRT parse CN: IPv4 begin dot +x509_crt_parse_cn_inet_pton:".10.10.10.10":"":0 + +X509 CRT parse CN: IPv4 end dot +x509_crt_parse_cn_inet_pton:"10.10.10.10.":"":0 + +X509 CRT parse CN: IPv4 consecutive dots +x509_crt_parse_cn_inet_pton:"10.10..10.10.":"":0 + +X509 CRT parse CN: IPv4 overlarge octet 256 +x509_crt_parse_cn_inet_pton:"10.256.10.10":"":0 + +X509 CRT parse CN: IPv4 overlarge octet 999 +x509_crt_parse_cn_inet_pton:"10.10.10.999":"":0 + +X509 CRT parse CN: IPv4 overlarge octet 1000 +x509_crt_parse_cn_inet_pton:"10.1000.10.10":"":0 + +X509 CRT parse CN: IPv4 additional octet +x509_crt_parse_cn_inet_pton:"10.10.10.10.10":"":0 + +X509 CRT parse CN: IPv6 valid address +x509_crt_parse_cn_inet_pton:"1\:2\:3\:4\:5\:6\:7\:8":"00010002000300040005000600070008":16 + +X509 CRT parse CN: IPv6 valid address shorthand +x509_crt_parse_cn_inet_pton:"6263\:\:1":"62630000000000000000000000000001":16 + +X509 CRT parse CN: IPv6 valid address shorthand start +x509_crt_parse_cn_inet_pton:"\:\:1":"00000000000000000000000000000001":16 + +X509 CRT parse CN: IPv6 valid address extra 0s +x509_crt_parse_cn_inet_pton:"0001\:\:0001\:0001":"00010000000000000000000000010001":16 + +X509 CRT parse CN: IPv6 invalid address excess 0s +x509_crt_parse_cn_inet_pton:"1\:00000\:1\:0":"":0 + +X509 CRT parse CN: IPv6 invalid address - start single colon +x509_crt_parse_cn_inet_pton:"\:6263\:\:1":"":0 + +X509 CRT parse CN: IPv6 invalid address - end single colon +x509_crt_parse_cn_inet_pton:"6263\:\:1\:":"":0 + +X509 CRT parse CN: IPv6 short address +x509_crt_parse_cn_inet_pton:"1\:1\:1":"":0 + +X509 CRT parse CN: IPv6 wildcard address +x509_crt_parse_cn_inet_pton:"\:\:":"00000000000000000000000000000000":16 + +X509 CRT parse CN: IPv6 address too long +x509_crt_parse_cn_inet_pton:"1\:2\:3\:4\:5\:6\:7\:8\:9":"":0 + +X509 CRT parse CN: IPv6 long hextet +x509_crt_parse_cn_inet_pton:"12345\:\:1":"":0 + +X509 CRT parse CN: IPv6 invalid char +x509_crt_parse_cn_inet_pton:"\:\:\:1":"":0 + +X509 CRT parse CN: IPv6 invalid - char +x509_crt_parse_cn_inet_pton:"\:\:-1\:1":"":0 + +X509 CRT parse CN: IPv6 invalid + char +x509_crt_parse_cn_inet_pton:"\:\:+1\:1":"":0 + +X509 CRT parse CN: IPv6 valid address IPv4-mapped +x509_crt_parse_cn_inet_pton:"\:\:ffff\:1.2.3.4":"00000000000000000000ffff01020304":16 + +X509 CRT parse CN: IPv6 invalid address IPv4-mapped #1 +x509_crt_parse_cn_inet_pton:"\:\:ffff\:999.2.3.4":"":0 + +X509 CRT parse CN: IPv6 invalid address IPv4-mapped #2 +x509_crt_parse_cn_inet_pton:"\:\:ffff\:1111.2.3.4":"":0 + +X509 CRT parse CN: IPv6 invalid address IPv4-mapped #3 +x509_crt_parse_cn_inet_pton:"\:\:1.2.3.4\:ffff":"":0 X509 CRT verification with ca callback: failure -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK x509_verify_ca_cb_failure:"data_files/server1.crt":"data_files/test-ca.crt":"NULL":MBEDTLS_ERR_X509_FATAL_ERROR X509 CRT verification callback: bad name -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_callback:"data_files/server5.crt":"data_files/test-ca2.crt":"globalhost":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000004\n" X509 CRT verification callback: trusted EE cert -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1 x509_verify_callback:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":"NULL":0:"depth 0 - serial 53\:A2\:CB\:4B\:12\:4E\:AD\:83\:7D\:A8\:94\:B2 - subject CN=selfsigned, OU=testing, O=PolarSSL, C=NL - flags 0x00000000\n" X509 CRT verification callback: trusted EE cert, expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_HAVE_TIME_DATE x509_verify_callback:"data_files/server5-ss-expired.crt":"data_files/server5-ss-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 0 - serial D8\:64\:61\:05\:E3\:A3\:CD\:78 - subject C=UK, O=mbed TLS, OU=testsuite, CN=localhost - flags 0x00000001\n" X509 CRT verification callback: simple -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify_callback:"data_files/server1.crt":"data_files/test-ca.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" X509 CRT verification callback: simple, EE expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify_callback:"data_files/server5-expired.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 0 - serial 1E - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000001\n" X509 CRT verification callback: simple, root expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify_callback:"data_files/server5.crt":"data_files/test-ca2-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 1 - serial 01 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000001\ndepth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" X509 CRT verification callback: two trusted roots -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify_callback:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" X509 CRT verification callback: two trusted roots, reversed order -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify_callback:"data_files/server1.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" X509 CRT verification callback: root included -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify_callback:"data_files/server1_ca.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 1 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 0 - serial 01 - subject C=NL, O=PolarSSL, CN=PolarSSL Server 1 - flags 0x00000000\n" X509 CRT verification callback: intermediate ca -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify_callback:"data_files/server7_int-ca.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" X509 CRT verification callback: intermediate ca, root included -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify_callback:"data_files/server7_int-ca_ca2.crt":"data_files/test-ca_cat12.crt":"NULL":0:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" X509 CRT verification callback: intermediate ca trusted -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 x509_verify_callback:"data_files/server7_int-ca_ca2.crt":"data_files/test-int-ca.crt":"NULL":0:"depth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" X509 CRT verification callback: intermediate ca, EE expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify_callback:"data_files/server7-expired.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000001\n" X509 CRT verification callback: intermediate ca, int expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify_callback:"data_files/server7_int-ca-exp.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000001\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" X509 CRT verification callback: intermediate ca, root expired -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAVE_TIME_DATE +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1:MBEDTLS_HAVE_TIME_DATE x509_verify_callback:"data_files/server7_int-ca.crt":"data_files/test-ca2-expired.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial 01 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000001\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000000\n" X509 CRT verification callback: two intermediates -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify_callback:"data_files/server10_int3_int-ca2.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 3 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" X509 CRT verification callback: two intermediates, root included -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify_callback:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca_cat21.crt":"NULL":0:"depth 3 - serial 03 - subject C=NL, O=PolarSSL, CN=PolarSSL Test CA - flags 0x00000000\ndepth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" X509 CRT verification callback: two intermediates, top int trusted -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256 x509_verify_callback:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":"NULL":0:"depth 2 - serial 0F - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA - flags 0x00000000\ndepth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" X509 CRT verification callback: two intermediates, low int trusted -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 x509_verify_callback:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-int-ca3.crt":"NULL":0:"depth 1 - serial 4D - subject C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3 - flags 0x00000000\ndepth 0 - serial 4B - subject CN=localhost - flags 0x00000000\n" X509 CRT verification callback: no intermediate, bad signature -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_callback:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 0 - serial 09 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" X509 CRT verification callback: one intermediate, bad signature -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA256 x509_verify_callback:"data_files/server7-badsign.crt":"data_files/test-ca2.crt":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"depth 2 - serial C1\:43\:E2\:7E\:62\:43\:CC\:E8 - subject C=NL, O=PolarSSL, CN=Polarssl Test EC CA - flags 0x00000000\ndepth 1 - serial 0E - subject C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA - flags 0x00000000\ndepth 0 - serial 10 - subject C=NL, O=PolarSSL, CN=localhost - flags 0x00000008\n" X509 CRT ASN1 (Empty Certificate) @@ -1097,500 +1300,500 @@ X509 CRT ASN1 (inv TBS, length out of bounds) x509parse_crt:"30023003":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS empty) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30153000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, invalid version tag, serial missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301730020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, valid outer version tag, no outer length) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30163001a0300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv inner version tag) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30193004a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, valid inner version tag, no inner length) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30183003a00102300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, valid inner version tag, inv inner length encoding) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30193004a0020285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, valid inner version tag, inner length too large for int) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C # tbsCertificate.version = 0x01000000000000000000000000000000 rejected by mbedtls_asn1_get_int x509parse_crt:"30293014a012021001000000000000000000000000000000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, valid inner version tag, inner vs. outer length mismatch) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301b3006a00402010200300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid version tag, length exceeds TBS) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30293014a012021100000000000000000000000000000000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_VERSION + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, valid version tag + length, unknown version number 3) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"308196308180a0030201038204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION X509 CRT ASN1 (TBS, valid version tag + length, unknown version number 4) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"308196308180a0030201048204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION X509 CRT ASN1 (TBS, valid version tag + length, version number overflow) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"308199308183a00602047FFFFFFF8204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION X509 CRT ASN1 (TBS, serial missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301a3005a003020102300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv serial, tag wrong) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301c3007a0030201020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv serial, length missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301b3006a00302010282300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv serial, inv length encoding) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301c3007a0030201028285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv serial, length out of bounds) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"301c3007a0030201028201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, AlgID missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3020300ba0030201028204deadbeef300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv AlgID, tag wrong) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3022300da0030201028204deadbeef0500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv AlgID, OID missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"307b3073a0030201008204deadbeef3000300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff3000030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv AlgID, OID tag wrong) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"307f3075a0030201008204deadbeef30020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020500030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv AlgID, OID inv length encoding) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"307f3075a0030201008204deadbeef30020685300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020685030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv AlgID, OID length out of bounds) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"307f3075a0030201008204deadbeef30020601300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020601030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv AlgID, OID empty) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"307f3075a0030201008204deadbeef30020600300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30020600030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND X509 CRT ASN1 (TBS, inv AlgID, OID unknown) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3081873079a0030201008204deadbeef30060604deadbeef300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff30060604deadbeef030200ff":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND X509 CRT ASN1 (TBS, inv AlgID, param inv length encoding) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0685300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0685030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv AlgID, param length out of bounds) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0601300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0601030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv AlgID, param length mismatch) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"30819a308182a0030201008204deadbeef300f06092a864886f70d01010b06010000300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300f06092a864886f70d01010b06010000030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv AlgID, params present but empty) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0600300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0600030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG X509 CRT ASN1 (TBS, inv AlgID, bad RSASSA-PSS params) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_X509_RSASSA_PSS_SUPPORT +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_X509_RSASSA_PSS_SUPPORT x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010a3100300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010a3100030200ff":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, Issuer missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"302f301aa0030201008204deadbeef300d06092a864886f70d01010b0500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, RDNSequence inv tag) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3031301ca0030201008204deadbeef300d06092a864886f70d01010b05000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Issuer, RDNSequence length missing) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3030301ba0030201008204deadbeef300d06092a864886f70d01010b050030300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, RDNSequence inv length encoding) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3031301ca0030201008204deadbeef300d06092a864886f70d01010b05003085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Issuer, RDNSequence length out of bounds) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C x509parse_crt:"3031301ca0030201008204deadbeef300d06092a864886f70d01010b05003001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, RDNSequence empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201028204deadbeef300d06092a864886f70d01010b05003000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, RDN inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Issuer, RDN inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023185301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Issuer, RDN length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023101301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, RDN empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b050030023100301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023085301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023001301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300431023000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type inv no length data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818e3079a0030201028204deadbeef300d06092a864886f70d01010b050030053103300106301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020685301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue type length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020601301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b05003006310430020600301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000500301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308190307ba0030201028204deadbeef300d06092a864886f70d01010b050030073105300306000c301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000C85301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b050030083106300406000c01301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Issuer, AttrTypeAndValue value length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308193307ea0030201028204deadbeef300d06092a864886f70d01010b0500300a3108300606000c010000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv Issuer, 2nd AttributeTypeValue empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300e310c300806000c04546573743000301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, Validity missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"303d3028a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c0454657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"303f302aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573740500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Validity, length field missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"303e3029a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"303f302aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Validity, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"303f302aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notBefore missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30793064a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743000300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notBefore inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430020500300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Validity, notBefore no length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307a3065a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c0454657374300117300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notBefore inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c04546573743002178f300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Validity, notBefore length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307b3066a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a300806000c045465737430021701300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notBefore empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a3008060013045465737430101700170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE X509 CRT ASN1 (TBS, inv Validity, notBefore invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE X509 CRT ASN1 (TBS, inv Validity, notAfter missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374300e170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notAfter inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935390500300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Validity, notAfter length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081883073a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374300f170c30393132333132333539353917300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notAfter inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391785300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Validity, notAfter length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391701300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Validity, notAfter empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a300806001304546573743010170c3039313233313233353935391700300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE X509 CRT ASN1 (TBS, inv Validity, notAfter invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303931323331323335393539170c303930313031303000000000300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE X509 CRT ASN1 (TBS, inv Validity, data remaining after 'notAfter') -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e170c303930313031303030303030170c3039313233313233353935391700300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, Subject missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"305b3046a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, RDNSequence inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"305c3047a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353900300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Subject, RDNSequence length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"305c3047a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, RDNSequence inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"305d3048a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Subject, RDNSequence length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"305d3048a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, RDN inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930020500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Subject, RDN inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023185302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Subject, RDN length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023101302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, RDN empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818b3076a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930023100302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431020500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023085302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023001302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818d3078a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300431023000302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type inv no length data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818e3079a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930053103300106302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020685302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue type length out of bounds ) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020601302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30818f307aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c3039313233313233353935393006310430020600302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000500302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308190307ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930073105300306000c302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000C85302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308191307ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930083106300406000c01302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv Subject, AttrTypeAndValue value length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308193307ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300a3108300606000c010000302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv Subject, 2nd AttributeTypeValue empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300e310c300806000c04546573743000302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, SubPubKeyInfo missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30693054a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306b3056a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573740500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306a3055a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a3008060013045465737430300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306b3056a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306b3056a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306b3056a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv algorithm tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306d3058a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a3008060013045465737430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306c3057a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306d3058a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a3008060013045465737430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"306d3058a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a3008060013045465737430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081883073a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, algorithm unknown) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010100050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_UNKNOWN_PK_ALG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, bitstring missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307a3065a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, bitstring inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307c3067a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, bitstring length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307b3066a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743010300d06092A864886F70D010101050003300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, bitstring inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307c3067a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000385300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, bitstring length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307c3067a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000301300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, no bitstring data) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307c3067a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv bitstring start) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"307d3068a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv RSA modulus) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, total length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301e300d06092A864886F70D0101010500030b0030080202ffff0202ffff0500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, check failed) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY X509 CRT ASN1 (TBS, inv SubPubKeyInfo, check failed, expanded length notation) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY # We expect an extension parsing error here because the IssuerID is optional. @@ -1599,497 +1802,645 @@ x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b05003 # namely the v3 extensions. However, the tag the test exercises is a NULL tag, # and hence we obtain an INVALID_TAG error during extension parsing. X509 CRT ASN1 (TBS, inv IssuerID, inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff0500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv IssuerID, length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308197308181a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv IssuerID, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv IssuerID, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, no IssuerID, inv SubjectID, length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308197308181a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, no IssuerID, inv SubjectID, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, no IssuerID, inv SubjectID, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa1000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -X509 CRT ASN1 (TBSCertificate v3, ext SubjectAlternativeName malformed) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509parse_crt:"30820220308201ffa0030201020209202020202020202020300d06092a864886f70d01010505003045310b30090603202020130220203113301106032020200c0a202020202020202020203121301f06032020200c18202020202020202020202020202020202020202020202020301e170d3134303432333230353034305a170d3137303432323230353034305a3045310b30090603202020130220203113301106032020200c0a202020202020202020203121301f06032020200c1820202020202020202020202020202020202020202020202030819f300d06092a864886f70d010101050003818d003081890281812020202020202020ff20202020202020202020202020202020202020ff202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020ff020320ffffa350304e301d0603202020041620202020202020202020202020202020202020202020301f0603551d11041830169104202020208000be002020202020202020202020202020202020202020202020202020202020202020ff20202020202020202020202020202020202020ff2020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020ff2020ff202020202020202020202020202020ff2020202020202020202020202020202020202020202020202020":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA - X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, valid IssuerID, inv SubjectID, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819a308184a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, IssuerID unsupported in v1 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, SubjectID unsupported in v1 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819a308184a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa200a201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv v3Ext, inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a2000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv v3Ext, outer length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819b308185a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, outer length inv encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a385300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, outer length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a301300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, outer length 0) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819c308186a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a300300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, inner tag invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv v3Ext, inner length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819d308187a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, inner length inv encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, inner length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819e308188a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, inner/outer length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819f308189a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a303300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv v3Ext, first ext inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv v3Ext, first ext length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819f308189a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a303300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, inv first ext length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, first ext length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, first ext empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a030818aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30430023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a130818ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3053003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, first ext extnID length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, no extnValue) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a230818ca0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a306300430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, inv critical tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv v3Ext, critical length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a330818da0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30730053003060001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, critical inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000185300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, critical length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000101300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, critical length 0) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a430818ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3083006300406000100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, critical length 2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a6308190a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30a30083006060001020000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, extnValue inv tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b3009300706000101000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv v3Ext, extnValue length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a6308190a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30a30083006060001010004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, extnValue length inv encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b3009300706000101000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv v3Ext, extnValue length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b3009300706000101000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv v3Ext, data remaining after extnValue) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b3009060001010004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, data missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d200400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, invalid outer tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, outer length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30c300a30080603551d20040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, outer length inv encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, outer length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, no policies) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d2004023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d200403300130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length inv encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, empty policy) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d20040430023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy invalid OID tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy no OID length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a310300e300c0603551d2004053003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy OID length inv encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy OID length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d200406300430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, unknown critical policy) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier invalid tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d200409300730050601000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier no length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081af308199a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3133011300f0603551d2004083006300406010030300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d200409300730050601003085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBSCertificate v3, inv CertificatePolicies, policy qualifier length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d200409300730050601003001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv extBasicConstraint, no pathlen length) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b030819aa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a314301230100603551d130101010406300402010102300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv extBasicConstraint, pathlen is INT_MAX) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509parse_crt_file:"data_files/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max.crt":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH:0 X509 CRT ASN1 (pathlen is INT_MAX-1) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509parse_crt_file:"data_files/server1_pathlen_int_max-1.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_MD_CAN_SHA1 +mbedtls_x509_crt_parse_file:"data_files/parse_input/server1_pathlen_int_max-1.crt":0:1 X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d13010101040730050201010285300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d13010101040730050201010201300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen empty) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d13010101040730050201010200300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (TBS, inv extBasicConstraint, pathlen length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b430819ea0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a318301630140603551d13010101040a30080201010201010500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv v3Ext, ExtKeyUsage bad second tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d250416301406082b0601050507030107082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +X509 CRT ASN1 (TBS, inv SubjectAltName, empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081a7308191a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30b300930070603551d110400300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, inv tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081a8308192a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30c300a30080603551d11040130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081a9308193a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30d300b30090603551d1104023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, data remaining after name SEQUENCE) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081aa308194a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30e300c300a0603551d110403300180300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430028001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, name component unexpected tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d11040430024000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName component empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ab308195a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a30f300d300b0603551d1104043002a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName invalid OID tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ac308196a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a310300e300c0603551d1104053003a00106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, otherName OID length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ad308197a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a311300f300d0603551d1104063004a0020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName EXPLICIT tag missing +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b530819fa0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a319301730150603551d11040e300ca00a06082b06010505070804300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected EXPLICIT tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b060105050708040500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b63081a0a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31a301830160603551d11040f300da00b06082b06010505070804a0300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inv outer length) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName outer length 0) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b73081a1a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31b301930170603551d110410300ea00c06082b06010505070804a000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner tag invalid) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b83081a2a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31c301a30180603551d110411300fa00d06082b06010505070804a00130300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length inv encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023085300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName inner length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023001300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName empty) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31d301b30190603551d1104123010a00e06082b06010505070804a0023000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName unexpected OID tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID no length) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081ba3081a4a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31e301c301a0603551d1104133011a00f06082b06010505070804a003300106300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020685300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName OID length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020601300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bb3081a5a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a31f301d301b0603551d1104143012a01006082b06010505070804a00430020600300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data invalid tag) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length missing) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bc3081a6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a320301e301c0603551d1104153013a01106082b06010505070804a0053003060004300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data inv length encoding) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000485300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data length out of bounds) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d1104163014a01206082b06010505070804a006300406000401300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #1) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083006060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #2) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0083004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT ASN1 (TBS, inv SubjectAltName, HWModuleName data remaining #3) +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 +x509parse_crt:"3081bf3081a9a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a3233021301f0603551d1104183016a01406082b06010505070804a0063004060004000500300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a340303e301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS X509 CRT ASN1 (TBS, inv v3Ext, ExtKeyUsage repeated) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a340303e301d0603551d250416301406082b0601050507030106082b06010505070302301d0603551d250416301406082b0601050507030106082b06010505070302300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS X509 CRT ASN1 (TBS, inv v3Ext, SubjectAltName repeated outside Extensions) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081dc3081c6a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT (TBS, valid v3Ext in v3 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b93081a3a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 X509 CRT ASN1 (TBS, valid v3Ext in v1 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b93081a3a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid v3Ext in v2 CRT) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b93081a3a0030201018204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, valid SubjectID, valid IssuerID, inv v3Ext, SubjectAltName repeated outside Extensions, inv SubjectAltNames tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509parse_crt:"308203723082025aa003020102020111300d06092a864886f70d0101050500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341301e170d3132303531303133323334315a170d3232303531313133323334315a303a310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c311830160603550403130f7777772e6578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100b93c4ac5c8a38e9017a49e52aa7175266180e7c7b56d8cffaab64126b7be11ad5c73160c64114804ffd6e13b05db89bbb39709d51c14dd688739b03d71cbe276d01ad8182d801b54f6e5449af1cbaf612edf490d9d09b7edb1fd3cfd3cfa24cf5dbf7ce453e725b5ea4422e926d3ea20949ee66167ba2e07670b032fa209edf0338f0bce10ef67a4c608dac1edc23fd74add153df95e1c8160463eb5b33d2fa6de471cbc92aeebdf276b1656b7dcecd15557a56eec7525f5b77bdfabd23a5a91987d97170b130aa76b4a8bc14730fb3af84104d5c1dfb81dbf7b01a565a2e01e36b7a65ccc305af8cd6fcdf1196225ca01e3357ffa20f5dcfd69b26a007d17f70203010001a38181307f30090603551d1304023000301d0603551d0e041604147de49c6be6f9717d46d2123dad6b1dfdc2aa784c301f0603551d23041830168014b45ae4a5b3ded252f6b9d5a6950feb3ebcc7fdff30320603551d11042b3029c20b6578616d706c652e636f6d820b6578616d706c652e6e6574820d2a2e6578616d706c652e6f7267300d06092a864886f70d010105050003820101004f09cb7ad5eef5ef620ddc7ba285d68cca95b46bda115b92007513b9ca0bceeafbc31fe23f7f217479e2e6bcda06e52f6ff655c67339cf48bc0d2f0cd27a06c34a4cd9485da0d07389e4d4851d969a0e5799c66f1d21271f8d0529e840ae823968c39707cf3c934c1adf2fa6a455487f7c8c1ac922da24cd9239c68aecb08df5698267cb04eede534196c127dc2ffe33fad30eb8d432a9842853a5f0d189d5a298e71691bb9cc0418e8c58acffe3dd2e7aabb0b97176ad0f2733f7a929d3c076c0bf06407c0ed5a47c8ae2326e16aeda641fb0557cdbddf1a4ba447cb39958d2346e00ea976c143af2101e0aa249107601f4f2c818fdcc6346128b091bf194e6":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (SignatureAlgorithm missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081aa3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv SignatureAlgorithm, bad tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573740500":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (inv SignatureAlgorithm, length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ab3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e7465737430":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv SignatureAlgorithm, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573743085":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (inv SignatureAlgorithm, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ac3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e746573743001":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv SignatureAlgorithm, not the same as SignatureAlgorithm in TBS) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081bd3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010a0500030200ff":"":MBEDTLS_ERR_X509_SIG_MISMATCH X509 CRT ASN1 (Signature missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081b93081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv Signature, bad tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (inv Signature, length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081ba3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b050003":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv Signature, inv length encoding) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000385":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRT ASN1 (inv Signature, length out of bounds) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000301":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (inv Signature, inv data #1) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 # signature = bit string with invalid encoding (missing number of unused bits) x509parse_crt:"3081bb3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b05000300":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT ASN1 (inv Signature, inv data #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 # signature = bit string with invalid encoding (number of unused bits too large) x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030108":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT ASN1 (empty Signature) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 # signature = empty bit string in DER encoding x509parse_crt:"3081bc3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030100":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 X509 CRT ASN1 (dummy 24-bit Signature) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 # signature = bit string "011001100110111101101111" x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030400666f6f":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\nsubject alt name \:\n dNSName \: foo.test\n dNSName \: bar.test\n":0 # The ASN.1 module rejects non-octet-aligned bit strings. X509 CRT ASN1 (inv Signature: not octet-aligned) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 # signature = bit string "01100110011011110110111" x509parse_crt:"3081bf3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030401666f6e":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT ASN1 (inv Signature, length mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"3081be3081a7a0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374300d06092a864886f70d01010b0500030200ff00":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (well-formed) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (GeneralizedTime in notBefore, UTCTime in notAfter) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2010-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (UTCTime in notBefore, GeneralizedTime in notAfter) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301e170c303931323331323335393539180e3230313030313031303030303030300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-12-31 23\:59\:59\nexpires on \: 2010-01-01 00\:00\:00\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with X520 CN) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: CN=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with X520 C) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: C=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with X520 L) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: L=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with X520 ST) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ST=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with X520 O) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: O=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with X520 OU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: OU=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with unknown X520 part) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d01010b0500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with composite RDN) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509parse_crt:"3082029f30820208a00302010202044c20e3bd300d06092a864886f70d01010505003056310b3009060355040613025553310b300906035504080c0243413121301f060355040a0c18496e7465726e6574205769646769747320507479204c74643117301506035504030c0e4672616e6b656e63657274204341301e170d3133303830323135313433375a170d3135303831373035353433315a3081d1310b3009060355040613025553311330110603550408130a57617368696e67746f6e31133011060b2b0601040182373c0201031302555331193017060b2b0601040182373c020102130844656c6177617265311a3018060355040a1311417574686f72697a652e4e6574204c4c43311d301b060355040f131450726976617465204f7267616e697a6174696f6e312a300e06035504051307343336393139313018060355040313117777772e617574686f72697a652e6e6574311630140603550407130d53616e204672616e636973636f30819f300d06092a864886f70d010101050003818d0030818902818100d885c62e209b6ac005c64f0bcfdaac1f2b67a18802f75b08851ff933deed888b7b68a62fcabdb21d4a8914becfeaaa1b7e08a09ffaf9916563586dc95e2877262b0b5f5ec27eb4d754aa6facd1d39d25b38a2372891bacdd3e919f791ed25704e8920e380e5623a38e6a23935978a3aec7a8e761e211d42effa2713e44e7de0b0203010001300d06092a864886f70d010105050003818100092f7424d3f6da4b8553829d958ed1980b9270b42c0d3d5833509a28c66bb207df9f3c51d122065e00b87c08c2730d2745fe1c279d16fae4d53b4bf5bdfa3631fceeb2e772b6b08a3eca5a2e2c687aefd23b4b73bf77ac6099711342cf070b35c6f61333a7cbf613d8dd4bd73e9df34bcd4284b0b4df57c36c450613f11e5dac":"cert. version \: 3\nserial number \: 4C\:20\:E3\:BD\nissuer name \: C=US, ST=CA, O=Internet Widgits Pty Ltd, CN=Frankencert CA\nsubject name \: C=US, ST=Washington, ??=US, ??=Delaware, O=Authorize.Net LLC, ??=Private Organization, serialNumber=4369191 + CN=www.authorize.net, L=San Francisco\nissued on \: 2013-08-02 15\:14\:37\nexpires on \: 2015-08-17 05\:54\:31\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\n":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 +x509parse_crt:"3082029f30820208a00302010202044c20e3bd300d06092a864886f70d01010505003056310b3009060355040613025553310b300906035504080c0243413121301f060355040a0c18496e7465726e6574205769646769747320507479204c74643117301506035504030c0e4672616e6b656e63657274204341301e170d3133303830323135313433375a170d3135303831373035353433315a3081d1310b3009060355040613025553311330110603550408130a57617368696e67746f6e31133011060b2b0601040182373c0201031302555331193017060b2b0601040182373c020102130844656c6177617265311a3018060355040a1311417574686f72697a652e4e6574204c4c43311d301b060355040f131450726976617465204f7267616e697a6174696f6e312a300e06035504051307343336393139313018060355040313117777772e617574686f72697a652e6e6574311630140603550407130d53616e204672616e636973636f30819f300d06092a864886f70d010101050003818d0030818902818100d885c62e209b6ac005c64f0bcfdaac1f2b67a18802f75b08851ff933deed888b7b68a62fcabdb21d4a8914becfeaaa1b7e08a09ffaf9916563586dc95e2877262b0b5f5ec27eb4d754aa6facd1d39d25b38a2372891bacdd3e919f791ed25704e8920e380e5623a38e6a23935978a3aec7a8e761e211d42effa2713e44e7de0b0203010001300d06092a864886f70d010105050003818100092f7424d3f6da4b8553829d958ed1980b9270b42c0d3d5833509a28c66bb207df9f3c51d122065e00b87c08c2730d2745fe1c279d16fae4d53b4bf5bdfa3631fceeb2e772b6b08a3eca5a2e2c687aefd23b4b73bf77ac6099711342cf070b35c6f61333a7cbf613d8dd4bd73e9df34bcd4284b0b4df57c36c450613f11e5dac":"cert. version \: 3\nserial number \: 4C\:20\:E3\:BD\nissuer name \: C=US, ST=CA, O=Internet Widgits Pty Ltd, CN=Frankencert CA\nsubject name \: C=US, ST=Washington, 1.3.6.1.4.1.311.60.2.1.3=#13025553, 1.3.6.1.4.1.311.60.2.1.2=#130844656C6177617265, O=Authorize.Net LLC, 2.5.4.15=#131450726976617465204F7267616E697A6174696F6E, serialNumber=4369191 + CN=www.authorize.net, L=San Francisco\nissued on \: 2013-08-02 15\:14\:37\nexpires on \: 2015-08-17 05\:54\:31\nsigned using \: RSA with SHA1\nRSA key size \: 1024 bits\n":0 X509 CRT ASN1 (Name with PKCS9 email) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010b050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: emailAddress=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (Name with unknown PKCS9 part) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d01010b050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d01010b0500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\n":0 X509 CRT ASN1 (ECDSA signature, RSA key) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PK_CAN_ECDSA_SOME x509parse_crt:"3081e630819e020103300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3133303731303039343631385a170d3233303730383039343631385a300f310d300b0603550403130454657374304c300d06092a864886f70d0101010500033b003038023100e8f546061d3b49bc2f6b7524b7ea4d73a8d5293ee8c64d9407b70b5d16baebc32b8205591eab4e1eb57e9241883701250203010001300906072a8648ce3d0401033800303502186e18209afbed14a0d9a796efcad68891e3ccd5f75815c833021900e92b4fd460b1994693243b9ffad54729de865381bda41d25":"cert. version \: 1\nserial number \: 03\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:46\:18\nexpires on \: 2023-07-08 09\:46\:18\nsigned using \: ECDSA with SHA1\nRSA key size \: 384 bits\n":0 X509 CRT ASN1 (ECDSA signature, EC key) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_MD_CAN_SHA1 x509parse_crt:"3081eb3081a3020900f41534662ec7e912300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3133303731303039343031395a170d3233303730383039343031395a300f310d300b06035504031304546573743049301306072a8648ce3d020106082a8648ce3d030101033200042137969fabd4e370624a0e1a33e379cab950cce00ef8c3c3e2adaeb7271c8f07659d65d3d777dcf21614363ae4b6e617300906072a8648ce3d04010338003035021858cc0f957946fe6a303d92885a456aa74c743c7b708cbd37021900fe293cac21af352d16b82eb8ea54e9410b3abaadd9f05dd6":"cert. version \: 1\nserial number \: F4\:15\:34\:66\:2E\:C7\:E9\:12\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:40\:19\nexpires on \: 2023-07-08 09\:40\:19\nsigned using \: ECDSA with SHA1\nEC key size \: 192 bits\n":0 X509 CRT ASN1 (RSA signature, EC key) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C x509parse_crt:"3081e430819f020104300d06092a864886f70d0101050500300f310d300b0603550403130454657374301e170d3133303731303135303233375a170d3233303730383135303233375a300f310d300b06035504031304546573743049301306072a8648ce3d020106082a8648ce3d03010103320004e962551a325b21b50cf6b990e33d4318fd16677130726357a196e3efe7107bcb6bdc6d9db2a4df7c964acfe81798433d300d06092a864886f70d01010505000331001a6c18cd1e457474b2d3912743f44b571341a7859a0122774a8e19a671680878936949f904c9255bdd6fffdb33a7e6d8":"cert. version \: 1\nserial number \: 04\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 15\:02\:37\nexpires on \: 2023-07-08 15\:02\:37\nsigned using \: RSA with SHA1\nEC key size \: 192 bits\n":0 X509 CRT ASN1 (Unsupported critical extension) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt:"308203353082021da00302010202104d3ebbb8a870f9c78c55a8a7e12fd516300d06092a864886f70d01010b05003010310e300c06035504030c0564756d6d79301e170d3230303432383137343234335a170d3230303632373137343234335a3010310e300c06035504030c0564756d6d7930820122300d06092a864886f70d01010105000382010f003082010a0282010100a51b75b3f7da2d60ea1b0fc077f0dbb2bbb6fe1b474028368af8dc2664672896efff171033b0aede0b323a89d5c6db4d517404bc97b65264e41b9e9e86a6f40ace652498d4b3b859544d1bacfd7f86325503eed046f517406545c0ffb5560f83446dedce0fcafcc41ac8495488a6aa912ae45192ef7e3efa20d0f7403b0baa62c7e2e5404c620c5793623132aa20f624f08d88fbf0985af39433f5a24d0b908e5219d8ba6a404d3ee8418203b62a40c8eb18837354d50281a6a2bf5012e505c419482787b7a81e5935613ceea0c6d93e86f76282b6aa406fb3a1796c56b32e8a22afc3f7a3c9daa8f0e2846ff0d50abfc862a52f6cf0aaece6066c860376f3ed0203010001a3818a308187300c0603551d13040530030101ff30130603551d110101ff04093007820564756d6d79301206082b0601050507011f0101ff0403040100300e0603551d0f0101ff040403020184301d0603551d0e04160414e6e451ec8d19d9677b2d272a9d73b939fa2d915a301f0603551d23041830168014e6e451ec8d19d9677b2d272a9d73b939fa2d915a300d06092a864886f70d01010b0500038201010056d06047b7f48683e2347ca726997d9700b4f2cf1d8bc0ef17addac8445d38ffd7f8079055ead878b6a74c8384d0e30150c8990aa74f59cda6ebcb49465d8991ffa16a4c927a26e4639d1875a3ac396c7455c7eda40dbe66054a03d27f961c15e86bd5b06db6b26572977bcda93453b6b6a88ef96b31996a7bd17323525b33050d28deec9c33a3f9765a11fb99d0e222bd39a6db3a788474c9ca347377688f837d42f5841667bffcbe6b473e6f229f286a0829963e591a99aa7f67e9d20c36ccd2ac84cb85b7a8b3396a6cbe59a573ffff726f373197c230de5c92a52c5bc87e29c20bdf6e89609764a60c649022aabd768f3557661b083ae00e6afc8a5bf2ed":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (Unsupported critical extension recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"308203353082021da00302010202104d3ebbb8a870f9c78c55a8a7e12fd516300d06092a864886f70d01010b05003010310e300c06035504030c0564756d6d79301e170d3230303432383137343234335a170d3230303632373137343234335a3010310e300c06035504030c0564756d6d7930820122300d06092a864886f70d01010105000382010f003082010a0282010100a51b75b3f7da2d60ea1b0fc077f0dbb2bbb6fe1b474028368af8dc2664672896efff171033b0aede0b323a89d5c6db4d517404bc97b65264e41b9e9e86a6f40ace652498d4b3b859544d1bacfd7f86325503eed046f517406545c0ffb5560f83446dedce0fcafcc41ac8495488a6aa912ae45192ef7e3efa20d0f7403b0baa62c7e2e5404c620c5793623132aa20f624f08d88fbf0985af39433f5a24d0b908e5219d8ba6a404d3ee8418203b62a40c8eb18837354d50281a6a2bf5012e505c419482787b7a81e5935613ceea0c6d93e86f76282b6aa406fb3a1796c56b32e8a22afc3f7a3c9daa8f0e2846ff0d50abfc862a52f6cf0aaece6066c860376f3ed0203010001a3818a308187300c0603551d13040530030101ff30130603551d110101ff04093007820564756d6d79301206082b0601050507011f0101ff0403040100300e0603551d0f0101ff040403020184301d0603551d0e04160414e6e451ec8d19d9677b2d272a9d73b939fa2d915a301f0603551d23041830168014e6e451ec8d19d9677b2d272a9d73b939fa2d915a300d06092a864886f70d01010b0500038201010056d06047b7f48683e2347ca726997d9700b4f2cf1d8bc0ef17addac8445d38ffd7f8079055ead878b6a74c8384d0e30150c8990aa74f59cda6ebcb49465d8991ffa16a4c927a26e4639d1875a3ac396c7455c7eda40dbe66054a03d27f961c15e86bd5b06db6b26572977bcda93453b6b6a88ef96b31996a7bd17323525b33050d28deec9c33a3f9765a11fb99d0e222bd39a6db3a788474c9ca347377688f837d42f5841667bffcbe6b473e6f229f286a0829963e591a99aa7f67e9d20c36ccd2ac84cb85b7a8b3396a6cbe59a573ffff726f373197c230de5c92a52c5bc87e29c20bdf6e89609764a60c649022aabd768f3557661b083ae00e6afc8a5bf2ed":"cert. version \: 3\nserial number \: 4D\:3E\:BB\:B8\:A8\:70\:F9\:C7\:8C\:55\:A8\:A7\:E1\:2F\:D5\:16\nissuer name \: CN=dummy\nsubject name \: CN=dummy\nissued on \: 2020-04-28 17\:42\:43\nexpires on \: 2020-06-27 17\:42\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\nsubject alt name \:\n dNSName \: dummy\nkey usage \: Digital Signature, Key Cert Sign\n":0 X509 CRT ASN1 (Unsupported critical extension not recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"308203353082021da00302010202104d3ebbb8a870f9c78c55a8a7e12fd516300d06092a864886f70d01010b05003010310e300c06035504030c0564756d6d79301e170d3230303432383137343234335a170d3230303632373137343234335a3010310e300c06035504030c0564756d6d7930820122300d06092a864886f70d01010105000382010f003082010a0282010100a51b75b3f7da2d60ea1b0fc077f0dbb2bbb6fe1b474028368af8dc2664672896efff171033b0aede0b323a89d5c6db4d517404bc97b65264e41b9e9e86a6f40ace652498d4b3b859544d1bacfd7f86325503eed046f517406545c0ffb5560f83446dedce0fcafcc41ac8495488a6aa912ae45192ef7e3efa20d0f7403b0baa62c7e2e5404c620c5793623132aa20f624f08d88fbf0985af39433f5a24d0b908e5219d8ba6a404d3ee8418203b62a40c8eb18837354d50281a6a2bf5012e505c419482787b7a81e5935613ceea0c6d93e86f76282b6aa406fb3a1796c56b32e8a22afc3f7a3c9daa8f0e2846ff0d50abfc862a52f6cf0aaece6066c860376f3ed0203010001a3818a308187300c0603551d13040530030101ff30130603551d110101ff04093007820564756d6d79301206082b0601050507011e0101ff0403040100300e0603551d0f0101ff040403020184301d0603551d0e04160414e6e451ec8d19d9677b2d272a9d73b939fa2d915a301f0603551d23041830168014e6e451ec8d19d9677b2d272a9d73b939fa2d915a300d06092a864886f70d01010b0500038201010056d06047b7f48683e2347ca726997d9700b4f2cf1d8bc0ef17addac8445d38ffd7f8079055ead878b6a74c8384d0e30150c8990aa74f59cda6ebcb49465d8991ffa16a4c927a26e4639d1875a3ac396c7455c7eda40dbe66054a03d27f961c15e86bd5b06db6b26572977bcda93453b6b6a88ef96b31996a7bd17323525b33050d28deec9c33a3f9765a11fb99d0e222bd39a6db3a788474c9ca347377688f837d42f5841667bffcbe6b473e6f229f286a0829963e591a99aa7f67e9d20c36ccd2ac84cb85b7a8b3396a6cbe59a573ffff726f373197c230de5c92a52c5bc87e29c20bdf6e89609764a60c649022aabd768f3557661b083ae00e6afc8a5bf2ed":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (Unsupported non critical extension recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"308203353082021da00302010202104d3ebbb8a870f9c78c55a8a7e12fd516300d06092a864886f70d01010b05003010310e300c06035504030c0564756d6d79301e170d3230303432383137343234335a170d3230303632373137343234335a3010310e300c06035504030c0564756d6d7930820122300d06092a864886f70d01010105000382010f003082010a0282010100a51b75b3f7da2d60ea1b0fc077f0dbb2bbb6fe1b474028368af8dc2664672896efff171033b0aede0b323a89d5c6db4d517404bc97b65264e41b9e9e86a6f40ace652498d4b3b859544d1bacfd7f86325503eed046f517406545c0ffb5560f83446dedce0fcafcc41ac8495488a6aa912ae45192ef7e3efa20d0f7403b0baa62c7e2e5404c620c5793623132aa20f624f08d88fbf0985af39433f5a24d0b908e5219d8ba6a404d3ee8418203b62a40c8eb18837354d50281a6a2bf5012e505c419482787b7a81e5935613ceea0c6d93e86f76282b6aa406fb3a1796c56b32e8a22afc3f7a3c9daa8f0e2846ff0d50abfc862a52f6cf0aaece6066c860376f3ed0203010001a3818a308187300c0603551d13040530030101ff30130603551d110101ff04093007820564756d6d79301206082b0601050507011f0101000403040100300e0603551d0f0101ff040403020184301d0603551d0e04160414e6e451ec8d19d9677b2d272a9d73b939fa2d915a301f0603551d23041830168014e6e451ec8d19d9677b2d272a9d73b939fa2d915a300d06092a864886f70d01010b0500038201010056d06047b7f48683e2347ca726997d9700b4f2cf1d8bc0ef17addac8445d38ffd7f8079055ead878b6a74c8384d0e30150c8990aa74f59cda6ebcb49465d8991ffa16a4c927a26e4639d1875a3ac396c7455c7eda40dbe66054a03d27f961c15e86bd5b06db6b26572977bcda93453b6b6a88ef96b31996a7bd17323525b33050d28deec9c33a3f9765a11fb99d0e222bd39a6db3a788474c9ca347377688f837d42f5841667bffcbe6b473e6f229f286a0829963e591a99aa7f67e9d20c36ccd2ac84cb85b7a8b3396a6cbe59a573ffff726f373197c230de5c92a52c5bc87e29c20bdf6e89609764a60c649022aabd768f3557661b083ae00e6afc8a5bf2ed":"cert. version \: 3\nserial number \: 4D\:3E\:BB\:B8\:A8\:70\:F9\:C7\:8C\:55\:A8\:A7\:E1\:2F\:D5\:16\nissuer name \: CN=dummy\nsubject name \: CN=dummy\nissued on \: 2020-04-28 17\:42\:43\nexpires on \: 2020-06-27 17\:42\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\nsubject alt name \:\n dNSName \: dummy\nkey usage \: Digital Signature, Key Cert Sign\n":0 X509 CRT ASN1 (Unsupported non critical extension not recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"308203353082021da00302010202104d3ebbb8a870f9c78c55a8a7e12fd516300d06092a864886f70d01010b05003010310e300c06035504030c0564756d6d79301e170d3230303432383137343234335a170d3230303632373137343234335a3010310e300c06035504030c0564756d6d7930820122300d06092a864886f70d01010105000382010f003082010a0282010100a51b75b3f7da2d60ea1b0fc077f0dbb2bbb6fe1b474028368af8dc2664672896efff171033b0aede0b323a89d5c6db4d517404bc97b65264e41b9e9e86a6f40ace652498d4b3b859544d1bacfd7f86325503eed046f517406545c0ffb5560f83446dedce0fcafcc41ac8495488a6aa912ae45192ef7e3efa20d0f7403b0baa62c7e2e5404c620c5793623132aa20f624f08d88fbf0985af39433f5a24d0b908e5219d8ba6a404d3ee8418203b62a40c8eb18837354d50281a6a2bf5012e505c419482787b7a81e5935613ceea0c6d93e86f76282b6aa406fb3a1796c56b32e8a22afc3f7a3c9daa8f0e2846ff0d50abfc862a52f6cf0aaece6066c860376f3ed0203010001a3818a308187300c0603551d13040530030101ff30130603551d110101ff04093007820564756d6d79301206082b0601050507011e0101000403040100300e0603551d0f0101ff040403020184301d0603551d0e04160414e6e451ec8d19d9677b2d272a9d73b939fa2d915a301f0603551d23041830168014e6e451ec8d19d9677b2d272a9d73b939fa2d915a300d06092a864886f70d01010b0500038201010056d06047b7f48683e2347ca726997d9700b4f2cf1d8bc0ef17addac8445d38ffd7f8079055ead878b6a74c8384d0e30150c8990aa74f59cda6ebcb49465d8991ffa16a4c927a26e4639d1875a3ac396c7455c7eda40dbe66054a03d27f961c15e86bd5b06db6b26572977bcda93453b6b6a88ef96b31996a7bd17323525b33050d28deec9c33a3f9765a11fb99d0e222bd39a6db3a788474c9ca347377688f837d42f5841667bffcbe6b473e6f229f286a0829963e591a99aa7f67e9d20c36ccd2ac84cb85b7a8b3396a6cbe59a573ffff726f373197c230de5c92a52c5bc87e29c20bdf6e89609764a60c649022aabd768f3557661b083ae00e6afc8a5bf2ed":"cert. version \: 3\nserial number \: 4D\:3E\:BB\:B8\:A8\:70\:F9\:C7\:8C\:55\:A8\:A7\:E1\:2F\:D5\:16\nissuer name \: CN=dummy\nsubject name \: CN=dummy\nissued on \: 2020-04-28 17\:42\:43\nexpires on \: 2020-06-27 17\:42\:43\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\nsubject alt name \:\n dNSName \: dummy\nkey usage \: Digital Signature, Key Cert Sign\n":0 X509 CRT ASN1 (Unsupported critical policy recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060101300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0 X509 CRT ASN1 (Unsupported critical policy not recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010101040730053003060100300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE X509 CRT ASN1 (Unsupported non critical policy recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010100040730053003060101300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0 X509 CRT ASN1 (Unsupported non critical policy not recognized by callback) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crt_cb:"3081b130819ba0030201028204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092a864886f70d010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa100a200a315301330110603551d20010100040730053003060100300d06092a864886f70d01010b0500030200ff":"cert. version \: 3\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ??=Test\nsubject name \: ??=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with SHA-256\nRSA key size \: 128 bits\ncertificate policies \: ???\n":0 X509 CRL ASN1 (Incorrect first tag) @@ -2117,35 +2468,35 @@ X509 CRL ASN1 (TBSCertList, sig_oid1 id unknown) x509parse_crl:"30143012020100300d06092a864886f70d01010f0500":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG X509 CRL ASN1 (TBSCertList, sig_oid1 correct, issuer missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30143012020100300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, issuer set missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30163014020100300d06092a864886f70d01010e05003000":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, correct issuer, thisUpdate missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, correct thisUpdate, nextUpdate missing, entries length missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030":"":MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, entries present, invalid sig_alg) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, entries present, date in entry invalid) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, sig_alg present, sig_alg does not match) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500":"":MBEDTLS_ERR_X509_SIG_MISMATCH X509 CRL ASN1 (TBSCertList, sig present, len mismatch) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH # 305c @@ -2167,43 +2518,43 @@ x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b060355040 # 03020001 signatureValue BIT STRING # The subsequent TBSCertList negative tests remove or modify some elements. X509 CRL ASN1 (TBSCertList, sig present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (TBSCertList, signatureValue missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e0500":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, signatureAlgorithm missing) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30493047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, single empty entry at end) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"30373035020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030023000":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, good entry then empty entry at end) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"304b3049020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301630128202abcd170c3038313233313233353935393000":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, missing time in entry) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"304e3039020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300630048202abcd300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, missing time in entry at end) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"303b3039020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300630048202abcd":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (TBSCertList, invalid tag for time in entry) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_DATE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, invalid tag for serial) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224 x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, no entries) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA224:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (invalid version 2) @@ -2213,155 +2564,169 @@ X509 CRL ASN1 (invalid version overflow) x509parse_crl:"3049303102047fffffff300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION X509 CRL ASN1 (extension seq too long, crl-idp.pem byte 121) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30300603551d1c0101ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (extension oid too long, crl-idp.pem byte 123) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290628551d1c0101ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (extension critical invalid length, crl-idp.pem byte 128) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0102ff041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_INVALID_LENGTH X509 CRL ASN1 (extension data too long, crl-idp.pem byte 131) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff0420301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRL ASN1 (extension data too short, crl-idp.pem byte 131) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c0101ff041e301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRL ASN1 (extension not critical explicit, crl-idp.pem byte 129) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO x509parse_crl:"308201b330819c020101300d06092a864886f70d01010b0500303b310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c3119301706035504031310506f6c617253534c2054657374204341170d3138303331343037333134385a170d3238303331343037333134385aa02d302b30290603551d1c010100041f301da01ba0198617687474703a2f2f706b692e6578616d706c652e636f6d2f300d06092a864886f70d01010b05000382010100b3fbe9d586eaf4b8ff60cf8edae06a85135db78f78198498719725b5b403c0b803c2c150f52faae7306d6a7871885dc2e9dc83a164bac7263776474ef642b660040b35a1410ac291ac8f6f18ab85e7fd6e22bd1af1c41ca95cf2448f6e2b42a018493dfc03c6b6aa1b9e3fe7b76af2182fb2121db4166bf0167d6f379c5a58adee5082423434d97be2909f5e7488053f996646db10dd49782626da53ad8eada01813c031b2bacdb0203bc017aac1735951a11d013ee4d1d5f7143ccbebf2371e66a1bec6e1febe69148f50784eef8adbb66664c96196d7e0c0bcdc807f447b54e058f37642a3337995bfbcd332208bd6016936705c82263eabd7affdba92fae3":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2018-03-14 07\:31\:48\nnext update \: 2028-03-14 07\:31\:48\nRevoked certificates\:\nsigned using \: RSA with SHA-256\n":0 -X509 CRT parse path #2 (one cert) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +X509 CRT parse file dir3/Readme +mbedtls_x509_crt_parse_file:"data_files/dir3/Readme":MBEDTLS_ERR_X509_INVALID_FORMAT:0 + +X509 CRT parse file dir3/test-ca.crt +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca.crt":0:1 + +X509 CRT parse file dir3/test-ca2.crt +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1 +mbedtls_x509_crt_parse_file:"data_files/dir3/test-ca2.crt":0:1 + +# The parse_path tests are known to fail when compiled for a 32-bit architecture +# and run via qemu-user on Linux on a 64-bit host. This is due to a known +# bug in Qemu: https://gitlab.com/qemu-project/qemu/-/issues/263 +X509 CRT parse path #1 (one cert) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C mbedtls_x509_crt_parse_path:"data_files/dir1":0:1 -X509 CRT parse path #3 (two certs) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +X509 CRT parse path #2 (two certs) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_parse_path:"data_files/dir2":0:2 -X509 CRT parse path #4 (two certs, one non-cert) -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +X509 CRT parse path #3 (two certs, one non-cert) +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_parse_path:"data_files/dir3":1:2 X509 CRT verify long chain (max intermediate CA, trusted) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA:0:0 X509 CRT verify long chain (max intermediate CA, untrusted) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_max:"data_files/test-ca2.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA-1:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED X509 CRT verify long chain (max intermediate CA + 1) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_max:"data_files/dir-maxpath/00.crt":"data_files/dir-maxpath":MBEDTLS_X509_MAX_INTERMEDIATE_CA+1:MBEDTLS_ERR_X509_FATAL_ERROR:-1 X509 CRT verify chain #1 (zero pathlen intermediate) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C mbedtls_x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 X509 CRT verify chain #2 (zero pathlen root) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C mbedtls_x509_crt_verify_chain:"data_files/dir4/cert23.crt data_files/dir4/cert22.crt":"data_files/dir4/cert21.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 X509 CRT verify chain #3 (nonzero pathlen root) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C mbedtls_x509_crt_verify_chain:"data_files/dir4/cert34.crt data_files/dir4/cert33.crt data_files/dir4/cert32.crt":"data_files/dir4/cert31.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 X509 CRT verify chain #4 (nonzero pathlen intermediate) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C mbedtls_x509_crt_verify_chain:"data_files/dir4/cert45.crt data_files/dir4/cert44.crt data_files/dir4/cert43.crt data_files/dir4/cert42.crt":"data_files/dir4/cert41.crt":MBEDTLS_X509_BADCERT_NOT_TRUSTED:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"":0 X509 CRT verify chain #5 (nonzero maxpathlen intermediate) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert54.crt data_files/dir4/cert53.crt data_files/dir4/cert52.crt":"data_files/dir4/cert51.crt":0:0:"":0 X509 CRT verify chain #6 (nonzero maxpathlen root) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:"":0 X509 CRT verify chain #7 (maxpathlen root, self signed in path) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert74.crt data_files/dir4/cert73.crt data_files/dir4/cert72.crt":"data_files/dir4/cert71.crt":0:0:"":0 X509 CRT verify chain #8 (self signed maxpathlen root) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert61.crt data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0:0:"":0 X509 CRT verify chain #9 (zero pathlen first intermediate, valid) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert83.crt data_files/dir4/cert82.crt":"data_files/dir4/cert81.crt":0:0:"":0 X509 CRT verify chain #10 (zero pathlen root, valid) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":0:0:"":0 X509 CRT verify chain #11 (valid chain, missing profile) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_chain:"data_files/dir4/cert92.crt":"data_files/dir4/cert91.crt":-1:MBEDTLS_ERR_X509_BAD_INPUT_DATA:"nonesuch":0 X509 CRT verify chain #12 (suiteb profile, RSA root) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP192R1:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_crt_verify_chain:"data_files/server3.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"suiteb":0 X509 CRT verify chain #13 (RSA only profile, EC root) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server4.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 X509 CRT verify chain #13 (RSA only profile, EC trusted EE) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_chain:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 X509 CRT verify chain #14 (RSA-3072 profile, root key too small) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_crt_verify_chain:"data_files/server1.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 X509 CRT verify chain #15 (suiteb profile, rsa intermediate) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_crt_verify_chain:"data_files/server7.crt data_files/test-int-ca.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_PK:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"suiteb":0 X509 CRT verify chain #16 (RSA-only profile, EC intermediate) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_crt_verify_chain:"data_files/server8.crt data_files/test-int-ca2.crt":"data_files/test-ca.crt":MBEDTLS_X509_BADCERT_BAD_PK|MBEDTLS_X509_BADCERT_BAD_KEY:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"rsa3072":0 X509 CRT verify chain #17 (SHA-512 profile) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server7.crt data_files/test-int-ca.crt":"data_files/test-ca2.crt":MBEDTLS_X509_BADCERT_BAD_MD:MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:"sha512":0 X509 CRT verify chain #18 (len=1, vrfy fatal on depth 1) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA512 mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca2.crt":-1:-2:"":2 X509 CRT verify chain #19 (len=0, vrfy fatal on depth 0) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA512 mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca2.crt":-1:-1:"":1 X509 CRT verify chain #20 (len=1, vrfy fatal on depth 0) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA512:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C mbedtls_x509_crt_verify_chain:"data_files/server5.crt":"data_files/test-ca.crt":-1:-1:"":1 X509 CRT verify chain #21 (len=3, vrfy fatal on depth 3) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-4:"":8 X509 CRT verify chain #22 (len=3, vrfy fatal on depth 2) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-3:"":4 X509 CRT verify chain #23 (len=3, vrfy fatal on depth 1) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-2:"":2 X509 CRT verify chain #24 (len=3, vrfy fatal on depth 0) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca.crt":-1:-1:"":1 X509 CRT verify chain #25 (len=3, vrfy fatal on depth 3, untrusted) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_ECP_HAVE_SECP384R1 mbedtls_x509_crt_verify_chain:"data_files/server10_int3_int-ca2_ca.crt":"data_files/test-ca2.crt":-1:-4:"":8 X509 OID description #1 @@ -2386,78 +2751,78 @@ X509 OID numstring #4 (larger number) x509_oid_numstr:"2a864886f70d":"1.2.840.113549":15:14 X509 OID numstring #5 (arithmetic overflow) -x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_OID_BUF_TOO_SMALL +x509_oid_numstr:"2a8648f9f8f7f6f5f4f3f2f1f001":"":100:MBEDTLS_ERR_ASN1_INVALID_DATA X509 CRT keyUsage #1 (no extension, expected KU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 X509 CRT keyUsage #2 (no extension, surprising KU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN:0 X509 CRT keyUsage #3 (extension present, no KU) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":0:0 X509 CRT keyUsage #4 (extension present, single KU present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE:0 X509 CRT keyUsage #5 (extension present, single KU absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN:MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRT keyUsage #6 (extension present, combined KU present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:0 X509 CRT keyUsage #7 (extension present, combined KU both absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_CERT_SIGN|MBEDTLS_X509_KU_CRL_SIGN:MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRT keyUsage #8 (extension present, combined KU one absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_KEY_AGREEMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRT keyUsage #9 (extension present, decOnly allowed absent) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/server1.key_usage.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0 X509 CRT keyUsage #10 (extension present, decOnly non-allowed present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT:MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRT keyUsage #11 (extension present, decOnly allowed present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_check_key_usage:"data_files/keyUsage.decipherOnly.crt":MBEDTLS_X509_KU_DIGITAL_SIGNATURE|MBEDTLS_X509_KU_KEY_ENCIPHERMENT|MBEDTLS_X509_KU_DECIPHER_ONLY:0 X509 CRT extendedKeyUsage #1 (no extension, serverAuth) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.crt":"2b06010505070301":0 X509 CRT extendedKeyUsage #2 (single value, present) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.eku-srv.crt":"2b06010505070301":0 X509 CRT extendedKeyUsage #3 (single value, absent) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.eku-cli.crt":"2b06010505070301":MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRT extendedKeyUsage #4 (two values, first) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2b06010505070301":0 X509 CRT extendedKeyUsage #5 (two values, second) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2b06010505070302":0 X509 CRT extendedKeyUsage #6 (two values, other) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.eku-srv_cli.crt":"2b06010505070303":MBEDTLS_ERR_X509_BAD_INPUT_DATA X509 CRT extendedKeyUsage #7 (any, random) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 x509_check_extended_key_usage:"data_files/server5.eku-cs_any.crt":"2b060105050703ff":0 X509 RSASSA-PSS parameters ASN1 (good, all defaults) @@ -2470,18 +2835,18 @@ X509 RSASSA-PSS parameters ASN1 (unknown tag in top-level sequence) x509_parse_rsassa_pss_params:"a400":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 RSASSA-PSS parameters ASN1 (good, HashAlg SHA256) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509_parse_rsassa_pss_params:"a00d300b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:0 X509 RSASSA-PSS parameters ASN1 (good, explicit HashAlg = default) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_parse_rsassa_pss_params:"a009300706052b0e03021a":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #1) x509_parse_rsassa_pss_params:"a00a300706052b0e03021a":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_parse_rsassa_pss_params:"a00a300706052b0e03021a00":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 RSASSA-PSS parameters ASN1 (HashAlg with parameters) @@ -2491,18 +2856,18 @@ X509 RSASSA-PSS parameters ASN1 (HashAlg unknown OID) x509_parse_rsassa_pss_params:"a00d300b06096086480165030402ff":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_OID_NOT_FOUND X509 RSASSA-PSS parameters ASN1 (good, MGAlg = MGF1-SHA256) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010108300b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:0 X509 RSASSA-PSS parameters ASN1 (good, explicit MGAlg = default) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA1 x509_parse_rsassa_pss_params:"a116301406092a864886f70d010108300706052b0e03021a":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:0 X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #1) x509_parse_rsassa_pss_params:"a11b301806092a864886f70d010108300b0609608648016503040201":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509_parse_rsassa_pss_params:"a11b301806092a864886f70d010108300b060960864801650304020100":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 RSASSA-PSS parameters ASN1 (MGAlg AlgId wrong len #1) @@ -2527,18 +2892,18 @@ X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg unknown OID) x509_parse_rsassa_pss_params:"a11a301806092a864886f70d010108300b06096086480165030402ff":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_OID_NOT_FOUND X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params NULL) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509_parse_rsassa_pss_params:"a11c301a06092a864886f70d010108300d06096086480165030402010500":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:0 X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params wrong tag) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509_parse_rsassa_pss_params:"a11c301a06092a864886f70d010108300d06096086480165030402013000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1c) x509_parse_rsassa_pss_params:"a11d301b06092a864886f70d010108300e06096086480165030402010500":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #2) -depends_on:MBEDTLS_RSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 x509_parse_rsassa_pss_params:"a11d301b06092a864886f70d010108300e0609608648016503040201050000":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA256:20:MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 RSASSA-PSS parameters ASN1 (good, saltLen = 94) @@ -2572,8 +2937,8 @@ X509 RSASSA-PSS parameters ASN1 (trailerField not 1) x509_parse_rsassa_pss_params:"a303020102":MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE:MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:20:MBEDTLS_ERR_X509_INVALID_ALG X509 CSR ASN.1 (OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n":0 +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n":0 X509 CSR ASN.1 (bad first tag) mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT @@ -2618,71 +2983,157 @@ X509 CSR ASN.1 (bad SubjectPublicKeyInfo: overlong) mbedtls_x509_csr_parse:"30173014020100300d310b3009060355040613024e4c300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (bad attributes: missing) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"3081973081940201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (bad attributes: bad tag) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"3081993081960201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff0500":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CSR ASN.1 (bad attributes: overlong) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"30819a3081960201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa00100":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (bad sigAlg: missing) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"3081c23081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (bad sigAlg: not a sequence) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"3081c43081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e03100":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CSR ASN.1 (bad sigAlg: overlong) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"3081c43081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e03001":"":MBEDTLS_ERR_X509_INVALID_ALG + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (bad sigAlg: unknown) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1 mbedtls_x509_csr_parse:"3081cd3081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04ff":"":MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG X509 CSR ASN.1 (bad sig: missing) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_csr_parse:"3081cd3081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d0401":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (bad sig: not a bit string) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_csr_parse:"3081cf3081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010400":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CSR ASN.1 (bad sig: overlong) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_csr_parse:"3081cf3081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010301":"":MBEDTLS_ERR_X509_INVALID_SIGNATURE + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CSR ASN.1 (extra data after signature) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1 mbedtls_x509_csr_parse:"308201193081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf9724300":"":MBEDTLS_ERR_X509_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CSR ASN.1 (invalid version overflow) mbedtls_x509_csr_parse:"3008300602047fffffff":"":MBEDTLS_ERR_X509_UNKNOWN_VERSION +# Used test_csr_v3_all.csr.der as a base for malforming CSR extenstions/attributes +# Please see makefile for data_files to check malformation details (test_csr_v3_all_malformed_xxx.csr files) +X509 CSR ASN.1 (attributes: invalid sequence tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_sequence_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (attributes: invalid attribute id) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_id_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (attributes: not extension request) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n":0 + +X509 CSR ASN.1 (attributes: invalid extenstion request set tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_set_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (attributes: invalid extenstion request sequence tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (attributes: invalid len (len > data)) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_len1.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (attributes: invalid len (len < data)) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_len2.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CSR ASN.1 (attributes: extension request invalid len (len > data)) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len1.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (attributes: extension request invalid len (len < data)) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_attributes_extension_request_sequence_len2.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (extensions: invalid sequence tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extensions_sequence_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (extensions: invalid extension id tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_id_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (extensions: invalid extension data tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_data_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (extensions: invalid extension data len (len > data)) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_data_len1.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA + +X509 CSR ASN.1 (extensions: invalid extension data len (len < data)) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_data_len2.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CSR ASN.1 (extensions: invalid extension key usage bitstream tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_key_usage_bitstream_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (extensions: invalid extension subject alt name sequence tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_subject_alt_name_sequence_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (extensions: invalid extension ns cert bitstream tag) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_ns_cert_bitstream_tag.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (extensions: duplicated extension) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_duplicated_extension.csr.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_INVALID_DATA + +X509 CSR ASN.1 (extensions: invalid extension type data) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_csr_parse_file:"data_files/parse_input/test_csr_v3_all_malformed_extension_type_oid.csr.der":"CSR version \: 1\nsubject name \: CN=etcd\nsigned using \: RSA with SHA-256\nRSA key size \: 1024 bits\n\ncert. type \: SSL Client\nkey usage \: CRL Sign\n":0 + X509 File parse (no issues) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_int-ca.crt":0 +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_int-ca.crt":0:2 X509 File parse (extra space in one certificate) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_pem_space.crt":1 +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_pem_space.crt":1:1 X509 File parse (all certificates fail) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_all_space.crt":MBEDTLS_ERR_PEM_INVALID_DATA + MBEDTLS_ERR_BASE64_INVALID_CHARACTER:0 X509 File parse (trailing spaces, OK) -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/server7_trailing_space.crt":0 +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/parse_input/server7_trailing_space.crt":0:2 X509 File parse (Algorithm Params Tag mismatch) -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C -x509parse_crt_file:"data_files/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +mbedtls_x509_crt_parse_file:"data_files/parse_input/cli-rsa-sha256-badalg.crt.der":MBEDTLS_ERR_X509_SIG_MISMATCH:0 + +X509 File parse (does not conform to RFC 5480 / RFC 5758 - AlgorithmIdentifier's parameters field is present, mbedTLS generated before bugfix, OK) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509parse_crt_file:"data_files/parse_input/server5-non-compliant.crt":0 + +X509 File parse (conforms to RFC 5480 / RFC 5758 - AlgorithmIdentifier's parameters field must be absent for ECDSA) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 +x509parse_crt_file:"data_files/parse_input/server5.crt":0 X509 Get time (UTC no issues) depends_on:MBEDTLS_X509_USE_C @@ -2758,7 +3209,7 @@ x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0002291212+0300":MBEDTLS_ERR_X509_INVALID_D X509 Get time (UTC invalid character in year) depends_on:MBEDTLS_X509_USE_C -x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 +x509_get_time:MBEDTLS_ASN1_UTC_TIME:"0\\1130231212Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 X509 Get time (UTC invalid character in month) depends_on:MBEDTLS_X509_USE_C @@ -2797,91 +3248,91 @@ depends_on:MBEDTLS_X509_USE_C x509_get_time:MBEDTLS_ASN1_GENERALIZED_TIME:"19910229000000Z":MBEDTLS_ERR_X509_INVALID_DATE:0:0:0:0:0:0 X509 CRT verify restart: trusted EE, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1 x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:0:0:0 X509 CRT verify restart: trusted EE, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1 x509_verify_restart:"data_files/server5-selfsigned.crt":"data_files/server5-selfsigned.crt":0:0:1:0:0 X509 CRT verify restart: no intermediate, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:0:0:0 X509 CRT verify restart: no intermediate, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:1:100:10000 X509 CRT verify restart: no intermediate, max_ops=40000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:40000:0:0 X509 CRT verify restart: no intermediate, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5.crt":"data_files/test-ca2.crt":0:0:500:20:80 X509 CRT verify restart: no intermediate, badsign, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 X509 CRT verify restart: no intermediate, badsign, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 X509 CRT verify restart: no intermediate, badsign, max_ops=40000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:40000:0:0 X509 CRT verify restart: no intermediate, badsign, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1 x509_verify_restart:"data_files/server5-badsign.crt":"data_files/test-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:20:80 X509 CRT verify restart: one int, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:0:0:0 X509 CRT verify restart: one int, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:1:100:10000 X509 CRT verify restart: one int, max_ops=30000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:30000:0:0 X509 CRT verify restart: one int, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3_int-ca2.crt":"data_files/test-int-ca2.crt":0:0:500:25:100 X509 CRT verify restart: one int, EE badsign, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 X509 CRT verify restart: one int, EE badsign, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 X509 CRT verify restart: one int, EE badsign, max_ops=30000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0 X509 CRT verify restart: one int, EE badsign, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10-bs_int3.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100 X509 CRT verify restart: one int, int badsign, max_ops=0 (disabled) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:0:0:0 X509 CRT verify restart: one int, int badsign, max_ops=1 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:1:100:10000 X509 CRT verify restart: one int, int badsign, max_ops=30000 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:30000:0:0 X509 CRT verify restart: one int, int badsign, max_ops=500 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_RSA_C x509_verify_restart:"data_files/server10_int3-bs.pem":"data_files/test-int-ca2.crt":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:500:25:100 X509 ext types accessor: ext type present @@ -2891,3 +3342,68 @@ x509_accessor_ext_types:MBEDTLS_X509_EXT_KEY_USAGE:MBEDTLS_X509_EXT_KEY_USAGE X509 ext types accessor: ext type not present depends_on:MBEDTLS_X509_CRT_PARSE_C x509_accessor_ext_types:MBEDTLS_X509_EXT_KEY_USAGE:MBEDTLS_X509_EXT_SUBJECT_ALT_NAME + +X509 CRT parse Subject Key Id - Correct Subject Key ID +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_subjectkeyid:"data_files/authorityKeyId_subjectKeyId.crt.der":"A505E864B8DCDF600F50124D60A864AF4D8B4393":0 + +X509 CRT parse Subject Key Id - Wrong OCTET_STRING tag +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_subjectkeyid:"data_files/authorityKeyId_subjectKeyId_tag_malformed.crt.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT parse Subject Key Id - Wrong OCTET_STRING length +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_subjectkeyid:"data_files/authorityKeyId_subjectKeyId_tag_len_malformed.crt.der":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT parse Authority Key Id - Correct Authority Key ID +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId.crt.der":"A505E864B8DCDF600F50124D60A864AF4D8B4393":"C=NL, OU=PolarSSL, CN=PolarSSL Test CA":"680430CD074DE63FCDC051260FD042C2B512B6BA":0 + +X509 CRT parse Authority Key Id - Correct Authority Key ID (no keyid) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_no_keyid.crt.der":"":"C=NL, OU=PolarSSL, CN=PolarSSL Test CA":"680430CD074DE63FCDC051260FD042C2B512B6BA":0 + +X509 CRT parse Authority Key Id - Correct Authority Key ID (no issuer) +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_no_issuer.crt.der":"A505E864B8DCDF600F50124D60A864AF4D8B4393":"":"":0 + +X509 CRT parse Authority Key Id - no Authority Key ID +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_no_authorityKeyId.crt.der":"":"":"":0 + +X509 CRT parse Authority Key Id - Wrong Length +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_length_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +X509 CRT parse Authority Key Id - Wrong Sequence tag +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_sequence_tag_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT parse Authority Key Id - Wrong KeyId Tag +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_keyid_tag_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT parse Authority Key Id - Wrong KeyId Tag Length +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_keyid_tag_len_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_INVALID_LENGTH + +X509 CRT parse Authority Key Id - Wrong Issuer Tag +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_issuer_tag1_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT parse Authority Key Id - Wrong DirectoryName tag in issuer field +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_issuer_tag2_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT parse Authority Key Id - Wrong Serial Number Tag +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_sn_tag_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CRT parse Authority Key Id - Wrong Serial Number Tag length +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/authorityKeyId_subjectKeyId_sn_len_malformed.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +# clusterfuzz-testcase-minimized-fuzz_x509crt-6666050834661376: test for bad sequence of names in authorityCertIssuer (see issue #7576) +X509 CRT parse Authority Key Id - Wrong Issuer sequence +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_RSA_C +x509_crt_parse_authoritykeyid:"data_files/clusterfuzz-testcase-minimized-fuzz_x509crt-6666050834661376.crt.der":"":"":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_OUT_OF_DATA diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 5d896bf73..114bd5277 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -8,10 +8,9 @@ #include "mbedtls/oid.h" #include "mbedtls/base64.h" #include "mbedtls/error.h" +#include "mbedtls/pk.h" #include "string.h" -#include "mbedtls/legacy_or_psa.h" - #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 #error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ than the current threshold 19. To test larger values, please \ @@ -243,7 +242,7 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san, MBEDTLS_X509_SAFE_SNPRINTF; if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, - &san->san.other_name.value.hardware_module_name.oid) != 0) { + &san->san.other_name.type_id) == 0) { ret = mbedtls_snprintf(p, n, " hardware module name :"); MBEDTLS_X509_SAFE_SNPRINTF; ret = mbedtls_snprintf(p, n, " hardware type : "); @@ -278,7 +277,29 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san, *p++ = san->san.unstructured_name.p[i]; } break;/* MBEDTLS_X509_SAN_DNS_NAME */ + case (MBEDTLS_X509_SAN_RFC822_NAME): + ret = mbedtls_snprintf(p, n, "\nrfc822Name : "); + MBEDTLS_X509_SAFE_SNPRINTF; + if (san->san.unstructured_name.len >= n) { + *p = '\0'; + return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; + } + n -= san->san.unstructured_name.len; + for (i = 0; i < san->san.unstructured_name.len; i++) { + *p++ = san->san.unstructured_name.p[i]; + } + break;/* MBEDTLS_X509_SAN_RFC822_NAME */ + case (MBEDTLS_X509_SAN_DIRECTORY_NAME): + ret = mbedtls_snprintf(p, n, "\ndirectoryName : "); + MBEDTLS_X509_SAFE_SNPRINTF; + ret = mbedtls_x509_dn_gets(p, n, &san->san.directory_name); + if (ret < 0) { + return ret; + } + p += ret; + n -= ret; + break;/* MBEDTLS_X509_SAN_DIRECTORY_NAME */ default: /* * Should not happen. @@ -394,11 +415,6 @@ int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* END_HEADER */ -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C - * END_DEPENDENCIES - */ - /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ void x509_accessor_ext_types(int ext_type, int has_ext_type) { @@ -406,17 +422,33 @@ void x509_accessor_ext_types(int ext_type, int has_ext_type) int expected_result = ext_type & has_ext_type; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); crt.ext_types = ext_type; - TEST_ASSERT(mbedtls_x509_crt_has_ext_type(&crt, has_ext_type) == expected_result); + TEST_EQUAL(mbedtls_x509_crt_has_ext_type(&crt, has_ext_type), expected_result); +exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_TEST_HOOKS */ +void x509_crt_parse_cn_inet_pton(const char *cn, data_t *exp, int ref_ret) +{ + uint32_t addr[4]; + size_t addrlen = mbedtls_x509_crt_parse_cn_inet_pton(cn, addr); + TEST_EQUAL(addrlen, (size_t) ref_ret); + + if (addrlen) { + TEST_MEMORY_COMPARE(exp->x, exp->len, addr, addrlen); + } } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ -void x509_parse_san(char *crt_file, char *result_str) +void x509_parse_san(char *crt_file, char *result_str, int parse_result) { int ret; mbedtls_x509_crt crt; @@ -427,10 +459,14 @@ void x509_parse_san(char *crt_file, char *result_str) size_t n = sizeof(buf); mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), parse_result); + if (parse_result != 0) { + goto exit; + } if (crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { cur = &crt.subject_alt_names; while (cur != NULL) { @@ -440,17 +476,19 @@ void x509_parse_san(char *crt_file, char *result_str) * If san type not supported, ignore. */ if (ret == 0) { - TEST_ASSERT(verify_parse_san(&san, &p, &n) == 0); + ret = verify_parse_san(&san, &p, &n); + mbedtls_x509_free_subject_alt_name(&san); + TEST_EQUAL(ret, 0); } cur = cur->next; } } - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: - mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -462,18 +500,20 @@ void x509_cert_info(char *crt_file, char *result_str) int res; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); res = mbedtls_x509_crt_info(buf, 2000, "", &crt); TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -485,18 +525,20 @@ void mbedtls_x509_crl_info(char *crl_file, char *result_str) int res; mbedtls_x509_crl_init(&crl); + USE_PSA_INIT(); memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_crl_parse_file(&crl, crl_file) == 0); + TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0); res = mbedtls_x509_crl_info(buf, 2000, "", &crl); TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ @@ -507,12 +549,14 @@ void mbedtls_x509_crl_parse(char *crl_file, int result) char buf[2000]; mbedtls_x509_crl_init(&crl); + USE_PSA_INIT(); memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_crl_parse_file(&crl, crl_file) == result); + TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), result); exit: mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ @@ -524,18 +568,20 @@ void mbedtls_x509_csr_info(char *csr_file, char *result_str) int res; mbedtls_x509_csr_init(&csr); + USE_PSA_INIT(); memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_csr_parse_file(&csr, csr_file) == 0); + TEST_EQUAL(mbedtls_x509_csr_parse_file(&csr, csr_file), 0); res = mbedtls_x509_csr_info(buf, 2000, "", &csr); TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); } /* END_CASE */ @@ -545,13 +591,17 @@ void x509_verify_info(int flags, char *prefix, char *result_str) char buf[2000]; int res; + USE_PSA_INIT(); memset(buf, 0, sizeof(buf)); res = mbedtls_x509_crt_verify_info(buf, sizeof(buf), prefix, flags); TEST_ASSERT(res >= 0); - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); + +exit: + USE_PSA_DONE(); } /* END_CASE */ @@ -569,21 +619,19 @@ void x509_verify_restart(char *crt_file, char *ca_file, /* * See comments on ecp_test_vect_restart() for op count precision. * - * For reference, with mbed TLS 2.6 and default settings: + * For reference, with Mbed TLS 2.6 and default settings: * - ecdsa_verify() for P-256: ~ 6700 * - ecdsa_verify() for P-384: ~ 18800 * - x509_verify() for server5 -> test-ca2: ~ 18800 * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500 */ - mbedtls_x509_crt_restart_init(&rs_ctx); mbedtls_x509_crt_init(&crt); mbedtls_x509_crt_init(&ca); + MD_OR_USE_PSA_INIT(); - USE_PSA_INIT(); - - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); mbedtls_ecp_set_max_ops(max_ops); @@ -594,8 +642,8 @@ void x509_verify_restart(char *crt_file, char *ca_file, NULL, NULL, &rs_ctx); } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); - TEST_ASSERT(ret == result); - TEST_ASSERT(flags == (uint32_t) flags_result); + TEST_EQUAL(ret, result); + TEST_EQUAL(flags, (uint32_t) flags_result); TEST_ASSERT(cnt_restart >= min_restart); TEST_ASSERT(cnt_restart <= max_restart); @@ -610,7 +658,7 @@ exit: mbedtls_x509_crt_restart_free(&rs_ctx); mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_free(&ca); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -632,8 +680,7 @@ void x509_verify(char *crt_file, char *ca_file, char *crl_file, mbedtls_x509_crt_init(&crt); mbedtls_x509_crt_init(&ca); mbedtls_x509_crl_init(&crl); - - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); if (strcmp(cn_name_str, "NULL") != 0) { cn_name = cn_name_str; @@ -650,7 +697,7 @@ void x509_verify(char *crt_file, char *ca_file, char *crl_file, } else if (strcmp(profile_str, "all") == 0) { profile = &profile_all; } else { - TEST_ASSERT("Unknown algorithm profile" == 0); + TEST_FAIL("Unknown algorithm profile"); } if (strcmp(verify_callback, "NULL") == 0) { @@ -660,12 +707,12 @@ void x509_verify(char *crt_file, char *ca_file, char *crl_file, } else if (strcmp(verify_callback, "verify_all") == 0) { f_vrfy = verify_all; } else { - TEST_ASSERT("No known verify callback selected" == 0); + TEST_FAIL("No known verify callback selected"); } - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); - TEST_ASSERT(mbedtls_x509_crl_parse_file(&crl, crl_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); + TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0); res = mbedtls_x509_crt_verify_with_profile(&crt, &ca, @@ -694,15 +741,15 @@ void x509_verify(char *crt_file, char *ca_file, char *crl_file, f_vrfy, NULL); - TEST_ASSERT(res == (result)); - TEST_ASSERT(flags == (uint32_t) (flags_result)); + TEST_EQUAL(res, result); + TEST_EQUAL(flags, (uint32_t) (flags_result)); } #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ exit: mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_free(&ca); mbedtls_x509_crl_free(&crl); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -717,9 +764,10 @@ void x509_verify_ca_cb_failure(char *crt_file, char *ca_file, char *name, mbedtls_x509_crt_init(&crt); mbedtls_x509_crt_init(&ca); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); if (strcmp(name, "NULL") == 0) { name = NULL; @@ -729,11 +777,12 @@ void x509_verify_ca_cb_failure(char *crt_file, char *ca_file, char *name, &compat_profile, name, &flags, NULL, NULL); - TEST_ASSERT(ret == exp_ret); - TEST_ASSERT(flags == (uint32_t) (-1)); + TEST_EQUAL(ret, exp_ret); + TEST_EQUAL(flags, (uint32_t) (-1)); exit: mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_free(&ca); + USE_PSA_DONE(); } /* END_CASE */ @@ -749,12 +798,12 @@ void x509_verify_callback(char *crt_file, char *ca_file, char *name, mbedtls_x509_crt_init(&crt); mbedtls_x509_crt_init(&ca); + MD_OR_USE_PSA_INIT(); + verify_print_init(&vrfy_ctx); - USE_PSA_INIT(); - - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&ca, ca_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); if (strcmp(name, "NULL") == 0) { name = NULL; @@ -765,13 +814,13 @@ void x509_verify_callback(char *crt_file, char *ca_file, char *name, name, &flags, verify_print, &vrfy_ctx); - TEST_ASSERT(ret == exp_ret); - TEST_ASSERT(strcmp(vrfy_ctx.buf, exp_vrfy_out) == 0); + TEST_EQUAL(ret, exp_ret); + TEST_EQUAL(strcmp(vrfy_ctx.buf, exp_vrfy_out), 0); exit: mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_free(&ca); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -786,23 +835,26 @@ void mbedtls_x509_dn_gets_subject_replace(char *crt_file, int res = 0; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); + memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); crt.subject.next->val.p = (unsigned char *) new_subject_ou; crt.subject.next->val.len = strlen(new_subject_ou); res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); if (ret != 0) { - TEST_ASSERT(res == ret); + TEST_EQUAL(res, ret); } else { TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); } exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -814,36 +866,40 @@ void mbedtls_x509_dn_gets(char *crt_file, char *entity, char *result_str) int res = 0; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); + memset(buf, 0, 2000); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); if (strcmp(entity, "subject") == 0) { res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); } else if (strcmp(entity, "issuer") == 0) { res = mbedtls_x509_dn_gets(buf, 2000, &crt.issuer); } else { - TEST_ASSERT("Unknown entity" == 0); + TEST_FAIL("Unknown entity"); } TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp(buf, result_str) == 0); + TEST_EQUAL(strcmp(buf, result_str), 0); exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ void mbedtls_x509_get_name(char *rdn_sequence, int exp_ret) { - unsigned char *name; + unsigned char *name = NULL; unsigned char *p; size_t name_len; mbedtls_x509_name head; int ret; + USE_PSA_INIT(); memset(&head, 0, sizeof(head)); name = mbedtls_test_unhexify_alloc(rdn_sequence, &name_len); @@ -856,7 +912,9 @@ void mbedtls_x509_get_name(char *rdn_sequence, int exp_ret) TEST_EQUAL(ret, exp_ret); +exit: mbedtls_free(name); + USE_PSA_DONE(); } /* END_CASE */ @@ -875,12 +933,13 @@ void mbedtls_x509_dn_get_next(char *name_str, unsigned char buf[80], *out = NULL, *c; const char *short_name; + USE_PSA_INIT(); memset(&parsed, 0, sizeof(parsed)); memset(buf, 0, sizeof(buf)); c = buf + sizeof(buf); // Additional size required for trailing space out_size = strlen(expected_oids) + 2; - ASSERT_ALLOC(out, out_size); + TEST_CALLOC(out, out_size); TEST_EQUAL(mbedtls_x509_string_to_names(&names, name_str), 0); @@ -915,7 +974,7 @@ void mbedtls_x509_dn_get_next(char *name_str, out = NULL; out_size = strlen(exp_dn_gets) + 1; - ASSERT_ALLOC(out, out_size); + TEST_CALLOC(out, out_size); TEST_LE_S(0, mbedtls_x509_dn_gets((char *) out, out_size, &parsed)); TEST_EQUAL(strcmp((char *) out, exp_dn_gets), 0); @@ -923,6 +982,7 @@ exit: mbedtls_free(out); mbedtls_asn1_free_named_data_list(&names); mbedtls_asn1_free_named_data_list_shallow(parsed.next); + USE_PSA_DONE(); } /* END_CASE */ @@ -932,19 +992,21 @@ void mbedtls_x509_time_is_past(char *crt_file, char *entity, int result) mbedtls_x509_crt crt; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); if (strcmp(entity, "valid_from") == 0) { - TEST_ASSERT(mbedtls_x509_time_is_past(&crt.valid_from) == result); + TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_from), result); } else if (strcmp(entity, "valid_to") == 0) { - TEST_ASSERT(mbedtls_x509_time_is_past(&crt.valid_to) == result); + TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_to), result); } else { - TEST_ASSERT("Unknown entity" == 0); + TEST_FAIL("Unknown entity"); } exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -954,19 +1016,21 @@ void mbedtls_x509_time_is_future(char *crt_file, char *entity, int result) mbedtls_x509_crt crt; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); if (strcmp(entity, "valid_from") == 0) { - TEST_ASSERT(mbedtls_x509_time_is_future(&crt.valid_from) == result); + TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_from), result); } else if (strcmp(entity, "valid_to") == 0) { - TEST_ASSERT(mbedtls_x509_time_is_future(&crt.valid_to) == result); + TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_to), result); } else { - TEST_ASSERT("Unknown entity" == 0); + TEST_FAIL("Unknown entity"); } exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -976,11 +1040,13 @@ void x509parse_crt_file(char *crt_file, int result) mbedtls_x509_crt crt; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == result); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), result); exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -996,15 +1062,16 @@ void x509parse_crt(data_t *buf, char *result_str, int result) #endif mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len) == (result)); + TEST_EQUAL(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len), result); #if !defined(MBEDTLS_X509_REMOVE_INFO) if ((result) == 0) { res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } memset(output, 0, 2000); #endif @@ -1012,7 +1079,7 @@ void x509parse_crt(data_t *buf, char *result_str, int result) mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_init(&crt); - TEST_ASSERT(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len) == (result)); + TEST_EQUAL(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len), result); #if !defined(MBEDTLS_X509_REMOVE_INFO) if ((result) == 0) { memset(output, 0, 2000); @@ -1022,7 +1089,7 @@ void x509parse_crt(data_t *buf, char *result_str, int result) TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } memset(output, 0, 2000); #endif /* !MBEDTLS_X509_REMOVE_INFO */ @@ -1030,8 +1097,8 @@ void x509parse_crt(data_t *buf, char *result_str, int result) mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_init(&crt); - TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, - NULL) == (result)); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL), + result); #if !defined(MBEDTLS_X509_REMOVE_INFO) if ((result) == 0) { res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); @@ -1039,7 +1106,7 @@ void x509parse_crt(data_t *buf, char *result_str, int result) TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } memset(output, 0, 2000); #endif /* !MBEDTLS_X509_REMOVE_INFO */ @@ -1047,8 +1114,8 @@ void x509parse_crt(data_t *buf, char *result_str, int result) mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_init(&crt); - TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, - NULL) == (result)); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL), + result); #if !defined(MBEDTLS_X509_REMOVE_INFO) if ((result) == 0) { res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); @@ -1056,12 +1123,13 @@ void x509parse_crt(data_t *buf, char *result_str, int result) TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } #endif /* !MBEDTLS_X509_REMOVE_INFO */ exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1083,9 +1151,10 @@ void x509parse_crt_cb(data_t *buf, char *result_str, int result) oid.p = (unsigned char *) MBEDTLS_OID_PKIX "\x01\x1F"; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, parse_crt_ext_cb, - &oid) == (result)); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, parse_crt_ext_cb, + &oid), result); #if !defined(MBEDTLS_X509_REMOVE_INFO) if ((result) == 0) { res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); @@ -1093,7 +1162,7 @@ void x509parse_crt_cb(data_t *buf, char *result_str, int result) TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } memset(output, 0, 2000); #endif /* !MBEDTLS_X509_REMOVE_INFO */ @@ -1101,8 +1170,8 @@ void x509parse_crt_cb(data_t *buf, char *result_str, int result) mbedtls_x509_crt_free(&crt); mbedtls_x509_crt_init(&crt); - TEST_ASSERT(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, parse_crt_ext_cb, - &oid) == (result)); + TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, parse_crt_ext_cb, + &oid), (result)); #if !defined(MBEDTLS_X509_REMOVE_INFO) if ((result) == 0) { res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); @@ -1110,12 +1179,13 @@ void x509parse_crt_cb(data_t *buf, char *result_str, int result) TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } #endif /* !MBEDTLS_X509_REMOVE_INFO */ exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1127,21 +1197,24 @@ void x509parse_crl(data_t *buf, char *result_str, int result) int res; mbedtls_x509_crl_init(&crl); + USE_PSA_INIT(); + memset(output, 0, 2000); - TEST_ASSERT(mbedtls_x509_crl_parse(&crl, buf->x, buf->len) == (result)); + TEST_EQUAL(mbedtls_x509_crl_parse(&crl, buf->x, buf->len), (result)); if ((result) == 0) { res = mbedtls_x509_crl_info((char *) output, 2000, "", &crl); TEST_ASSERT(res != -1); TEST_ASSERT(res != -2); - TEST_ASSERT(strcmp((char *) output, result_str) == 0); + TEST_EQUAL(strcmp((char *) output, result_str), 0); } exit: mbedtls_x509_crl_free(&crl); + USE_PSA_DONE(); } /* END_CASE */ @@ -1153,19 +1226,75 @@ void mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret) int my_ret; mbedtls_x509_csr_init(&csr); + USE_PSA_INIT(); + memset(my_out, 0, sizeof(my_out)); my_ret = mbedtls_x509_csr_parse_der(&csr, csr_der->x, csr_der->len); - TEST_ASSERT(my_ret == ref_ret); + TEST_EQUAL(my_ret, ref_ret); if (ref_ret == 0) { size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); - TEST_ASSERT(my_out_len == strlen(ref_out)); - TEST_ASSERT(strcmp(my_out, ref_out) == 0); + TEST_EQUAL(my_out_len, strlen(ref_out)); + TEST_EQUAL(strcmp(my_out, ref_out), 0); } exit: mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ +void mbedtls_x509_csr_parse_file(char *csr_file, char *ref_out, int ref_ret) +{ + mbedtls_x509_csr csr; + char my_out[1000]; + int my_ret; + + mbedtls_x509_csr_init(&csr); + USE_PSA_INIT(); + + memset(my_out, 0, sizeof(my_out)); + + my_ret = mbedtls_x509_csr_parse_file(&csr, csr_file); + TEST_EQUAL(my_ret, ref_ret); + + if (ref_ret == 0) { + size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); + TEST_EQUAL(my_out_len, strlen(ref_out)); + TEST_EQUAL(strcmp(my_out, ref_out), 0); + } + +exit: + mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ +void mbedtls_x509_crt_parse_file(char *crt_path, int ret, int nb_crt) +{ + mbedtls_x509_crt chain, *cur; + int i; + + mbedtls_x509_crt_init(&chain); + USE_PSA_INIT(); + + TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, crt_path), ret); + + /* Check how many certs we got */ + for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { + if (cur->raw.p != NULL) { + i++; + } + } + + TEST_EQUAL(i, nb_crt); + +exit: + mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); } /* END_CASE */ @@ -1176,8 +1305,9 @@ void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) int i; mbedtls_x509_crt_init(&chain); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_path(&chain, crt_path) == ret); + TEST_EQUAL(mbedtls_x509_crt_parse_path(&chain, crt_path), ret); /* Check how many certs we got */ for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { @@ -1186,10 +1316,11 @@ void mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) } } - TEST_ASSERT(i == nb_crt); + TEST_EQUAL(i, nb_crt); exit: mbedtls_x509_crt_free(&chain); + USE_PSA_DONE(); } /* END_CASE */ @@ -1206,32 +1337,30 @@ void mbedtls_x509_crt_verify_max(char *ca_file, char *chain_dir, int nb_int, * We expect chain_dir to contain certificates 00.crt, 01.crt, etc. * with NN.crt signed by NN-1.crt */ - mbedtls_x509_crt_init(&trusted); mbedtls_x509_crt_init(&chain); - - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); /* Load trusted root */ - TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted, ca_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, ca_file), 0); /* Load a chain with nb_int intermediates (from 01 to nb_int), * plus one "end-entity" cert (nb_int + 1) */ - ret = mbedtls_snprintf(file_buf, sizeof file_buf, "%s/c%02d.pem", chain_dir, + ret = mbedtls_snprintf(file_buf, sizeof(file_buf), "%s/c%02d.pem", chain_dir, nb_int + 1); - TEST_ASSERT(ret > 0 && (size_t) ret < sizeof file_buf); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&chain, file_buf) == 0); + TEST_ASSERT(ret > 0 && (size_t) ret < sizeof(file_buf)); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, file_buf), 0); /* Try to verify that chain */ ret = mbedtls_x509_crt_verify(&chain, &trusted, NULL, NULL, &flags, NULL, NULL); - TEST_ASSERT(ret == ret_chk); - TEST_ASSERT(flags == (uint32_t) flags_chk); + TEST_EQUAL(ret, ret_chk); + TEST_EQUAL(flags, (uint32_t) flags_chk); exit: mbedtls_x509_crt_free(&chain); mbedtls_x509_crt_free(&trusted); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -1248,13 +1377,12 @@ void mbedtls_x509_crt_verify_chain(char *chain_paths, char *trusted_ca, mbedtls_x509_crt_init(&chain); mbedtls_x509_crt_init(&trusted); - - USE_PSA_INIT(); + MD_OR_USE_PSA_INIT(); while ((act = mystrsep(&chain_paths, " ")) != NULL) { - TEST_ASSERT(mbedtls_x509_crt_parse_file(&chain, act) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, act), 0); } - TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted, trusted_ca) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, trusted_ca), 0); if (strcmp(profile_name, "") == 0) { profile = &mbedtls_x509_crt_profile_default; @@ -1271,13 +1399,13 @@ void mbedtls_x509_crt_verify_chain(char *chain_paths, char *trusted_ca, res = mbedtls_x509_crt_verify_with_profile(&chain, &trusted, NULL, profile, NULL, &flags, verify_fatal, &vrfy_fatal_lvls); - TEST_ASSERT(res == (result)); - TEST_ASSERT(flags == (uint32_t) (flags_result)); + TEST_EQUAL(res, (result)); + TEST_EQUAL(flags, (uint32_t) (flags_result)); exit: mbedtls_x509_crt_free(&trusted); mbedtls_x509_crt_free(&chain); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -1288,6 +1416,7 @@ void x509_oid_desc(data_t *buf, char *ref_desc) const char *desc = NULL; int ret; + USE_PSA_INIT(); oid.tag = MBEDTLS_ASN1_OID; oid.p = buf->x; @@ -1299,10 +1428,13 @@ void x509_oid_desc(data_t *buf, char *ref_desc) TEST_ASSERT(ret != 0); TEST_ASSERT(desc == NULL); } else { - TEST_ASSERT(ret == 0); + TEST_EQUAL(ret, 0); TEST_ASSERT(desc != NULL); - TEST_ASSERT(strcmp(desc, ref_desc) == 0); + TEST_EQUAL(strcmp(desc, ref_desc), 0); } + +exit: + USE_PSA_DONE(); } /* END_CASE */ @@ -1312,20 +1444,25 @@ void x509_oid_numstr(data_t *oid_buf, char *numstr, int blen, int ret) mbedtls_x509_buf oid; char num_buf[100]; - memset(num_buf, 0x2a, sizeof num_buf); + USE_PSA_INIT(); + + memset(num_buf, 0x2a, sizeof(num_buf)); oid.tag = MBEDTLS_ASN1_OID; oid.p = oid_buf->x; oid.len = oid_buf->len; - TEST_ASSERT((size_t) blen <= sizeof num_buf); + TEST_ASSERT((size_t) blen <= sizeof(num_buf)); - TEST_ASSERT(mbedtls_oid_get_numeric_string(num_buf, blen, &oid) == ret); + TEST_EQUAL(mbedtls_oid_get_numeric_string(num_buf, blen, &oid), ret); if (ret >= 0) { - TEST_ASSERT(num_buf[ret] == 0); - TEST_ASSERT(strcmp(num_buf, numstr) == 0); + TEST_EQUAL(num_buf[ret], 0); + TEST_EQUAL(strcmp(num_buf, numstr), 0); } + +exit: + USE_PSA_DONE(); } /* END_CASE */ @@ -1335,13 +1472,15 @@ void x509_check_key_usage(char *crt_file, int usage, int ret) mbedtls_x509_crt crt; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - TEST_ASSERT(mbedtls_x509_crt_check_key_usage(&crt, usage) == ret); + TEST_EQUAL(mbedtls_x509_crt_check_key_usage(&crt, usage), ret); exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1352,15 +1491,16 @@ void x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret mbedtls_x509_crt crt; mbedtls_x509_crt_init(&crt); + USE_PSA_INIT(); + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); - TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0); - - TEST_ASSERT(mbedtls_x509_crt_check_extended_key_usage(&crt, (const char *) oid->x, - oid->len) == ret); + TEST_EQUAL(mbedtls_x509_crt_check_extended_key_usage(&crt, (const char *) oid->x, oid->len), + ret); exit: mbedtls_x509_crt_free(&crt); + USE_PSA_DONE(); } /* END_CASE */ @@ -1373,6 +1513,7 @@ void x509_get_time(int tag, char *time_str, int ret, int year, int mon, unsigned char *start = buf; unsigned char *end = buf; + USE_PSA_INIT(); memset(&time, 0x00, sizeof(time)); *end = (unsigned char) tag; end++; *end = strlen(time_str); @@ -1381,15 +1522,17 @@ void x509_get_time(int tag, char *time_str, int ret, int year, int mon, memcpy(end, time_str, (size_t) *(end - 1)); end += *(end - 1); - TEST_ASSERT(mbedtls_x509_get_time(&start, end, &time) == ret); + TEST_EQUAL(mbedtls_x509_get_time(&start, end, &time), ret); if (ret == 0) { - TEST_ASSERT(year == time.year); - TEST_ASSERT(mon == time.mon); - TEST_ASSERT(day == time.day); - TEST_ASSERT(hour == time.hour); - TEST_ASSERT(min == time.min); - TEST_ASSERT(sec == time.sec); + TEST_EQUAL(year, time.year); + TEST_EQUAL(mon, time.mon); + TEST_EQUAL(day, time.day); + TEST_EQUAL(hour, time.hour); + TEST_EQUAL(min, time.min); + TEST_EQUAL(sec, time.sec); } +exit: + USE_PSA_DONE(); } /* END_CASE */ @@ -1403,6 +1546,8 @@ void x509_parse_rsassa_pss_params(data_t *params, int params_tag, mbedtls_md_type_t my_msg_md, my_mgf_md; int my_salt_len; + USE_PSA_INIT(); + buf.p = params->x; buf.len = params->len; buf.tag = params_tag; @@ -1410,15 +1555,104 @@ void x509_parse_rsassa_pss_params(data_t *params, int params_tag, my_ret = mbedtls_x509_get_rsassa_pss_params(&buf, &my_msg_md, &my_mgf_md, &my_salt_len); - TEST_ASSERT(my_ret == ref_ret); + TEST_EQUAL(my_ret, ref_ret); if (ref_ret == 0) { - TEST_ASSERT(my_msg_md == (mbedtls_md_type_t) ref_msg_md); - TEST_ASSERT(my_mgf_md == (mbedtls_md_type_t) ref_mgf_md); - TEST_ASSERT(my_salt_len == ref_salt_len); + TEST_EQUAL(my_msg_md, (mbedtls_md_type_t) ref_msg_md); + TEST_EQUAL(my_mgf_md, (mbedtls_md_type_t) ref_mgf_md); + TEST_EQUAL(my_salt_len, ref_salt_len); } exit: - ;; + USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ +void x509_crt_parse_subjectkeyid(char *file, data_t *subjectKeyId, int ref_ret) +{ + mbedtls_x509_crt crt; + + mbedtls_x509_crt_init(&crt); + + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, file), ref_ret); + + if (ref_ret == 0) { + TEST_EQUAL(crt.subject_key_id.tag, MBEDTLS_ASN1_OCTET_STRING); + TEST_EQUAL(memcmp(crt.subject_key_id.p, subjectKeyId->x, subjectKeyId->len), 0); + TEST_EQUAL(crt.subject_key_id.len, subjectKeyId->len); + } else { + TEST_EQUAL(crt.subject_key_id.tag, 0); + TEST_EQUAL(crt.subject_key_id.len, 0); + } + +exit: + mbedtls_x509_crt_free(&crt); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ +void x509_crt_parse_authoritykeyid(char *file, + data_t *keyId, + char *authorityKeyId_issuer, + data_t *serial, + int ref_ret) +{ + mbedtls_x509_crt crt; + mbedtls_x509_subject_alternative_name san; + char name_buf[128]; + + mbedtls_x509_crt_init(&crt); + + TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, file), ref_ret); + + if (ref_ret == 0) { + /* KeyId test */ + if (keyId->len > 0) { + TEST_EQUAL(crt.authority_key_id.keyIdentifier.tag, MBEDTLS_ASN1_OCTET_STRING); + TEST_EQUAL(memcmp(crt.authority_key_id.keyIdentifier.p, keyId->x, keyId->len), 0); + TEST_EQUAL(crt.authority_key_id.keyIdentifier.len, keyId->len); + } else { + TEST_EQUAL(crt.authority_key_id.keyIdentifier.tag, 0); + TEST_EQUAL(crt.authority_key_id.keyIdentifier.len, 0); + } + + + /* Issuer test */ + if (strlen(authorityKeyId_issuer) > 0) { + mbedtls_x509_sequence *issuerPtr = &crt.authority_key_id.authorityCertIssuer; + + TEST_EQUAL(mbedtls_x509_parse_subject_alt_name(&issuerPtr->buf, &san), 0); + + TEST_ASSERT(mbedtls_x509_dn_gets(name_buf, sizeof(name_buf), + &san.san.directory_name) + > 0); + TEST_EQUAL(strcmp(name_buf, authorityKeyId_issuer), 0); + + mbedtls_x509_free_subject_alt_name(&san); + } + + /* Serial test */ + if (serial->len > 0) { + TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.tag, + MBEDTLS_ASN1_INTEGER); + TEST_EQUAL(memcmp(crt.authority_key_id.authorityCertSerialNumber.p, + serial->x, serial->len), 0); + TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.len, serial->len); + } else { + TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.tag, 0); + TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.len, 0); + } + + } else { + TEST_EQUAL(crt.authority_key_id.keyIdentifier.tag, 0); + TEST_EQUAL(crt.authority_key_id.keyIdentifier.len, 0); + + TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.tag, 0); + TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.len, 0); + } + +exit: + mbedtls_x509_crt_free(&crt); } /* END_CASE */ diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index c55c9d1ed..0f190286b 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -1,169 +1,267 @@ Certificate Request check Server1 SHA1 -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0:0 Certificate Request check Server1 SHA224 -depends_on:MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA224:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0:0 Certificate Request check Server1 SHA256 -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0:0 Certificate Request check Server1 SHA384 -depends_on:MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0:0 Certificate Request check Server1 SHA512 -depends_on:MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0:0 Certificate Request check Server1 MD5 -depends_on:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0:0 Certificate Request check Server1 key_usage -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:0:0:0 Certificate Request check opaque Server1 key_usage -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check_opaque:"data_files/server1.key":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 Certificate Request check Server1 key_usage empty -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.key_usage_empty":MBEDTLS_MD_SHA1:0:1:0:0:0 Certificate Request check Server1 ns_cert_type -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type":MBEDTLS_MD_SHA1:0:0:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0 Certificate Request check Server1 ns_cert_type empty -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.cert_type_empty":MBEDTLS_MD_SHA1:0:0:0:1:0 Certificate Request check Server1 key_usage + ns_cert_type -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.ku-ct":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0 Certificate Request check Server5 ECDSA, key_usage -depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_HAVE_SECP256R1 x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:1:0:0:0 Certificate Request check Server1, set_extension -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256.ext":MBEDTLS_MD_SHA256:0:0:0:0:1 Certificate Request check opaque Server5 ECDSA, key_usage -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1 x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 Certificate write check Server1 SHA1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not before 1970 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not after 2050 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not before 1970, not after 2050 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not before 2050, not after 2059 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, one ext_key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"serverAuth":0:0:1:-1:"data_files/server1.key_ext_usage.crt":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"serverAuth":0:0:1:-1:"data_files/server1.key_ext_usage.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, two ext_key_usages -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"codeSigning,timeStamping":0:0:1:-1:"data_files/server1.key_ext_usages.crt":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"codeSigning,timeStamping":0:0:1:-1:"data_files/server1.key_ext_usages.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, ns_cert_type -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, version 1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, CA -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, version 1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, CA -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, ns_cert_type -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, version 1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, CA -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt" +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt":0 + +Certificate write check Server1 SHA1, Full length serial +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"112233445566778899aabbccddeeff0011223344":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.long_serial.crt":0:0:"data_files/test-ca.crt":0 + +Certificate write check Server1 SHA1, Serial starting with 0x80 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"8011223344":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.80serial.crt":0:0:"data_files/test-ca.crt":0 + +Certificate write check Server1 SHA1, All 0xFF full length serial +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"ffffffffffffffffffffffffffffffff":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.long_serial_FF.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server5 ECDSA -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED -x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:"NULL":0:0:1:-1:"data_files/server5.crt":0:0:"data_files/test-ca2.crt" +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1 +x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:"NULL":0:0:1:-1:"data_files/server5.crt":0:0:"data_files/test-ca2.crt":0 Certificate write check Server5 ECDSA, Opaque -depends_on:MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"1":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:"NULL":0:0:1:-1:"":2:0:"data_files/test-ca2.crt" +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:"NULL":0:0:1:-1:"":2:0:"data_files/test-ca2.crt":0 + +Certificate write check Server1 SHA1, SubjectAltNames +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.allSubjectAltNames.crt":0:0:"data_files/test-ca.crt":1 X509 String to Names #1 -mbedtls_x509_string_to_names:"C=NL,O=Offspark\, Inc., OU=PolarSSL":"C=NL, O=Offspark\, Inc., OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0:0 X509 String to Names #2 -mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_UNKNOWN_OID +mbedtls_x509_string_to_names:"C=NL, O=Offspark, Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #3 (Name precisely 255 bytes) -mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0 +mbedtls_x509_string_to_names:"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345,OU=PolarSSL":"C=NL, O=123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345, OU=PolarSSL":0:0 X509 String to Names #4 (Name larger than 255 bytes) -mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #5 (Escape non-allowed characters) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\a Inc., OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 X509 String to Names #6 (Escape at end) -mbedtls_x509_string_to_names:"C=NL, O=Offspark\":"":MBEDTLS_ERR_X509_INVALID_NAME +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #7 (Invalid, no '=' or ',') +mbedtls_x509_string_to_names:"ABC123":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #8 (Escaped valid characters) +mbedtls_x509_string_to_names:"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":"C=NL, O=Offspark\\+ \\> \\=, OU=PolarSSL":0:0 + +X509 String to Names #9 (Escaped ascii hexpairs uppercase encoded) +mbedtls_x509_string_to_names:"C=NL, O=\\4F\\66\\66\\73\\70\\61\\72\\6B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 + +X509 String to Names #10 (Escaped ascii hexpairs lowercase encoded) +mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6b, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 + +X509 String to Names #11 (Invalid hexpair escape at end of string) +mbedtls_x509_string_to_names:"C=NL, O=\\4f\\66\\66\\73\\70\\61\\72\\6, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #12 (Reject escaped null hexpair) +mbedtls_x509_string_to_names:"C=NL, O=Of\\00spark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #13 (Invalid hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\flspark, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #14 (Accept numercoid/hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 + +# TODO: Should the trailing garbage be ignored? +X509 String to Names (hexstring: trailing garbage after DER is ignored) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726Baa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 + +X509 String to Names: long hexstring (payload=256 bytes) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C82010041414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141, OU=PolarSSL":"C=NL, O=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA, OU=PolarSSL":0:MAY_FAIL_DN_GETS + +X509 String to Names: long hexstring (payload=257 bytes) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C820101aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #15 (Odd length DER hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C084F6666737061726, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names (empty DER hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names (empty DER hexstring at end) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names (1-byte DER hexstring) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names (1-byte DER hexstring at end) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #16 (hexstring: DER length exceeds available data) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#0C0B4F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #17 (hexstring: Invalid OID) +mbedtls_x509_string_to_names:"C=NL, 10.5.4.10=#0C084F6666737061726B, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names #18 (short name and hexstring) +mbedtls_x509_string_to_names:"C=NL, O=#0C084F6666737061726B, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":0:0 + +X509 String to Names (null byte in hexstring with string type) +mbedtls_x509_string_to_names:"C=NL, O=#0C0100, OU=PolarSSL":"C=NL, O=Offspark, OU=PolarSSL":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 String to Names (null byte in hexstring with non-string type) +mbedtls_x509_string_to_names:"C=NL, O=#040100, OU=PolarSSL":"C=NL, O=\\x00, OU=PolarSSL":0:MAY_FAIL_GET_NAME + +X509 String to Names #19 (Accept non-ascii hexpairs) +mbedtls_x509_string_to_names:"C=NL, O=Of\\CCspark, OU=PolarSSL":"C=NL, O=Of\\CCspark, OU=PolarSSL":0:0 + +X509 String to Names #20 (Reject empty AttributeValue) +mbedtls_x509_string_to_names:"C=NL, O=, OU=PolarSSL":"":MBEDTLS_ERR_X509_INVALID_NAME:0 + +X509 Round trip test (Escaped characters) +mbedtls_x509_string_to_names:"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":"CN=Lu\\C4\\8Di\\C4\\87, O=Offspark, OU=PolarSSL":0:0 + +X509 Round trip test (hexstring output for non string input) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10=#03084F6666737061726B, OU=PolarSSL":"C=NL, O=#03084F6666737061726B, OU=PolarSSL":0:0 + +X509 Round trip test (numercoid hexstring output for unknown OID) +mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=PolarSSL":0:0 + +Check max serial length +x509_set_serial_check: diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index a21ad475a..a7ed26295 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -6,9 +6,8 @@ #include "mbedtls/oid.h" #include "mbedtls/rsa.h" #include "mbedtls/asn1write.h" - -#include "hash_info.h" -#include "mbedtls/legacy_or_psa.h" +#include "mbedtls/pk.h" +#include "md_psa.h" #if defined(MBEDTLS_RSA_C) int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen, @@ -47,7 +46,7 @@ static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) goto cleanup; } - psa_algorithm_t psa_alg = mbedtls_hash_info_psa_from_md(csr.sig_md); + psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type(csr.sig_md); size_t hash_size = 0; psa_status_t status = psa_hash_compute(psa_alg, csr.cri.p, csr.cri.len, hash, PSA_HASH_MAX_SIZE, &hash_size); @@ -59,7 +58,7 @@ static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) } if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk, - csr.sig_md, hash, mbedtls_hash_info_get_size(csr.sig_md), + csr.sig_md, hash, mbedtls_md_get_size_from_type(csr.sig_md), csr.sig.p, csr.sig.len) != 0) { ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; goto cleanup; @@ -126,10 +125,16 @@ static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, return ret; } #endif /* MBEDTLS_X509_CSR_WRITE_C */ + +/* Due to inconsistencies in the input size limits applied by different + * library functions, some write-parse tests may fail. */ +#define MAY_FAIL_GET_NAME 0x0001 +#define MAY_FAIL_DN_GETS 0x0002 + /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C + * depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C * END_DEPENDENCIES */ @@ -151,14 +156,54 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, int der_len = -1; const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; + mbedtls_x509_san_list san_ip; + mbedtls_x509_san_list san_dns; + mbedtls_x509_san_list san_uri; + mbedtls_x509_san_list san_mail; + mbedtls_x509_san_list san_dn; + mbedtls_x509_san_list *san_list = NULL; + mbedtls_asn1_named_data *ext_san_dirname = NULL; + + const char san_ip_name[] = { 0x7f, 0x00, 0x00, 0x01 }; // 127.0.0.1 + const char *san_dns_name = "example.com"; + const char *san_dn_name = "C=UK,O=Mbed TLS,CN=Mbed TLS directoryName SAN"; + const char *san_mail_name = "mail@example.com"; + const char *san_uri_name = "http://pki.example.com"; + + san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME; + san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name; + san_mail.node.san.unstructured_name.len = strlen(san_mail_name); + san_mail.next = NULL; + + san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME; + san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name; + san_dns.node.san.unstructured_name.len = strlen(san_dns_name); + san_dns.next = &san_mail; + + san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; + TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname, + san_dn_name) == 0); + san_dn.node.san.directory_name = *ext_san_dirname; + san_dn.next = &san_dns; + + san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS; + san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name; + san_ip.node.san.unstructured_name.len = sizeof(san_ip_name); + san_ip.next = &san_dn; + + san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; + san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name; + san_uri.node.san.unstructured_name.len = strlen(san_uri_name); + san_uri.next = &san_ip; + + san_list = &san_uri; memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); mbedtls_x509write_csr_init(&req); - - USE_PSA_INIT(); - mbedtls_pk_init(&key); + MD_OR_USE_PSA_INIT(); + TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, mbedtls_test_rnd_std_rand, NULL) == 0); @@ -174,6 +219,8 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, if (set_extension != 0) { TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH, MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0); + + TEST_ASSERT(mbedtls_x509write_csr_set_subject_alternative_name(&req, san_list) == 0); } ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf), @@ -223,9 +270,10 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); exit: + mbedtls_asn1_free_named_data_list(&ext_san_dirname); mbedtls_x509write_csr_free(&req); mbedtls_pk_free(&key); - USE_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -243,13 +291,12 @@ void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; mbedtls_test_rnd_pseudo_info rnd_info; + mbedtls_x509write_csr_init(&req); + MD_OR_USE_PSA_INIT(); + memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_x509write_csr_init(&req); - - USE_PSA_INIT(); - - md_alg_psa = mbedtls_hash_info_psa_from_md((mbedtls_md_type_t) md_type); + md_alg_psa = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) md_type); TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE); mbedtls_pk_init(&key); @@ -292,20 +339,20 @@ exit: mbedtls_x509write_csr_free(&req); mbedtls_pk_free(&key); psa_destroy_key(key_id); - PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */ +/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_MD_CAN_SHA1 */ void x509_crt_check(char *subject_key_file, char *subject_pwd, char *subject_name, char *issuer_key_file, char *issuer_pwd, char *issuer_name, - char *serial_str, char *not_before, char *not_after, + data_t *serial_arg, char *not_before, char *not_after, int md_type, int key_usage, int set_key_usage, char *ext_key_usage, int cert_type, int set_cert_type, int auth_ident, int ver, char *cert_check_file, int pk_wrap, int is_ca, - char *cert_verify_file) + char *cert_verify_file, int set_subjectAltNames) { mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; mbedtls_pk_context *key = &issuer_key; @@ -315,7 +362,9 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, unsigned char check_buf[5000]; unsigned char *p, *end; unsigned char tag, sz; - mbedtls_mpi serial; +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi serial_mpi; +#endif int ret, before_tag, after_tag; size_t olen = 0, pem_len = 0, buf_index = 0; int der_len = -1; @@ -325,17 +374,59 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; #endif mbedtls_pk_type_t issuer_key_type; + mbedtls_x509_san_list san_ip; + mbedtls_x509_san_list san_dns; + mbedtls_x509_san_list san_uri; + mbedtls_x509_san_list san_mail; + mbedtls_x509_san_list san_dn; + mbedtls_asn1_named_data *ext_san_dirname = NULL; + const char san_ip_name[] = { 0x01, 0x02, 0x03, 0x04 }; + const char *san_dns_name = "example.com"; + const char *san_dn_name = "C=UK,O=Mbed TLS,CN=SubjectAltName test"; + const char *san_mail_name = "mail@example.com"; + const char *san_uri_name = "http://pki.example.com"; + mbedtls_x509_san_list *san_list = NULL; + + if (set_subjectAltNames) { + san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME; + san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name; + san_mail.node.san.unstructured_name.len = strlen(san_mail_name); + san_mail.next = NULL; + + san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME; + san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name; + san_dns.node.san.unstructured_name.len = strlen(san_dns_name); + san_dns.next = &san_mail; + + san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; + TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname, + san_dn_name) == 0); + san_dn.node.san.directory_name = *ext_san_dirname; + san_dn.next = &san_dns; + + san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS; + san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name; + san_ip.node.san.unstructured_name.len = sizeof(san_ip_name); + san_ip.next = &san_dn; + + san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; + san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name; + san_uri.node.san.unstructured_name.len = strlen(san_uri_name); + san_uri.next = &san_ip; + + san_list = &san_uri; + } memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); - mbedtls_mpi_init(&serial); - - USE_PSA_INIT(); +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_init(&serial_mpi); +#endif mbedtls_pk_init(&subject_key); mbedtls_pk_init(&issuer_key); mbedtls_pk_init(&issuer_key_alt); - mbedtls_x509write_crt_init(&crt); + MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file, subject_pwd, mbedtls_test_rnd_std_rand, NULL) == 0); @@ -345,7 +436,7 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, issuer_key_type = mbedtls_pk_get_type(&issuer_key); -#if defined(MBEDTLS_RSA_C) +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) /* For RSA PK contexts, create a copy as an alternative RSA context. */ if (pk_wrap == 1 && issuer_key_type == MBEDTLS_PK_RSA) { TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt, @@ -363,7 +454,7 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, if (pk_wrap == 2) { psa_algorithm_t alg_psa, md_alg_psa; - md_alg_psa = mbedtls_hash_info_psa_from_md((mbedtls_md_type_t) md_type); + md_alg_psa = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) md_type); TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE); if (mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_ECKEY) { @@ -384,13 +475,18 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, TEST_ASSERT(mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_OPAQUE); } - TEST_ASSERT(mbedtls_test_read_mpi(&serial, serial_str) == 0); - if (ver != -1) { mbedtls_x509write_crt_set_version(&crt, ver); } - TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial) == 0); +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + TEST_ASSERT(mbedtls_mpi_read_binary(&serial_mpi, serial_arg->x, + serial_arg->len) == 0); + TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial_mpi) == 0); +#else + TEST_ASSERT(mbedtls_x509write_crt_set_serial_raw(&crt, serial_arg->x, + serial_arg->len) == 0); +#endif TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before, not_after) == 0); mbedtls_x509write_crt_set_md_alg(&crt, md_type); @@ -437,6 +533,9 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, } } + if (set_subjectAltNames) { + TEST_ASSERT(mbedtls_x509write_crt_set_subject_alternative_name(&crt, san_list) == 0); + } ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf), mbedtls_test_rnd_pseudo_rand, &rnd_info); TEST_ASSERT(ret == 0); @@ -545,21 +644,57 @@ void x509_crt_check(char *subject_key_file, char *subject_pwd, TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); exit: + mbedtls_asn1_free_named_data_list(&ext_san_dirname); mbedtls_x509write_crt_free(&crt); mbedtls_pk_free(&issuer_key_alt); mbedtls_pk_free(&subject_key); mbedtls_pk_free(&issuer_key); - mbedtls_mpi_free(&serial); +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_free(&serial_mpi); +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_destroy_key(key_id); +#endif + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */ +void x509_set_serial_check() +{ + mbedtls_x509write_cert ctx; + uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1]; + + USE_PSA_INIT(); + memset(invalid_serial, 0x01, sizeof(invalid_serial)); + +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi serial_mpi; + + mbedtls_mpi_init(&serial_mpi); + TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial, + sizeof(invalid_serial)), 0); + TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi), + MBEDTLS_ERR_X509_BAD_INPUT_DATA); +#endif + + TEST_EQUAL(mbedtls_x509write_crt_set_serial_raw(&ctx, invalid_serial, + sizeof(invalid_serial)), + MBEDTLS_ERR_X509_BAD_INPUT_DATA); + +exit: +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_free(&serial_mpi); +#else + ; #endif USE_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ -void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result - ) +void mbedtls_x509_string_to_names(char *name, char *parsed_name, + int result, int may_fail) { int ret; size_t len = 0; @@ -567,28 +702,40 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; unsigned char buf[1024], out[1024], *c; + USE_PSA_INIT(); + memset(&parsed, 0, sizeof(parsed)); memset(out, 0, sizeof(out)); memset(buf, 0, sizeof(buf)); c = buf + sizeof(buf); ret = mbedtls_x509_string_to_names(&names, name); - TEST_ASSERT(ret == result); + TEST_EQUAL(ret, result); if (ret != 0) { goto exit; } ret = mbedtls_x509_write_names(&c, buf, names); - TEST_ASSERT(ret > 0); + TEST_LE_S(1, ret); - TEST_ASSERT(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0); - TEST_ASSERT(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed) == 0); + TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); + ret = mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed); + if ((may_fail & MAY_FAIL_GET_NAME) && ret < 0) { + /* Validation inconsistency between mbedtls_x509_string_to_names() and + * mbedtls_x509_get_name(). Accept it for now. */ + goto exit; + } + TEST_EQUAL(ret, 0); ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); - TEST_ASSERT(ret > 0); - + if ((may_fail & MAY_FAIL_DN_GETS) && ret < 0) { + /* Validation inconsistency between mbedtls_x509_string_to_names() and + * mbedtls_x509_dn_gets(). Accept it for now. */ + goto exit; + } + TEST_LE_S(1, ret); TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); exit: @@ -600,5 +747,6 @@ exit: parsed_cur = parsed_cur->next; mbedtls_free(parsed_prv); } + USE_PSA_DONE(); } /* END_CASE */ diff --git a/visualc/VS2010/.gitignore b/visualc/VS2013/.gitignore similarity index 82% rename from visualc/VS2010/.gitignore rename to visualc/VS2013/.gitignore index d3da304f7..a9ded4aab 100644 --- a/visualc/VS2010/.gitignore +++ b/visualc/VS2013/.gitignore @@ -1,7 +1,3 @@ -# Files automatically generated by generate_visualc_files.pl -/mbedTLS.sln -/*.vcxproj - # Files that may be left over from check-generated-files.sh /*.bak @@ -12,3 +8,9 @@ /Release/ /*.vcxproj.filters /*.vcxproj.user + +###START_GENERATED_FILES### +# Files automatically generated by generate_visualc_files.pl +/mbedTLS.sln +/*.vcxproj +###END_GENERATED_FILES###